Overview

URLwww.betips.win/?utm_source=nigap40&utm_medium=month09&utm_campaign=start
IP 162.0.212.3 (United States)
ASN#22612 NAMECHEAP-NET
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-29 22:54:18 UTC
StatusLoading report..
IDS alerts0
Blocklist alert11
urlquery alerts No alerts detected
Tags None

Domain Summary (25)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
serve.popads.net (1) 135113 2012-05-26 08:10:30 UTC 2022-11-29 03:39:04 UTC 216.21.13.11
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-11-29 05:48:55 UTC 34.102.187.140
w7rbnctwumah.n4.adsco.re (1) 0 No data No data 38.132.109.186 Domain (adsco.re) ranked at: 8541
adsco.re (1) 8541 2017-04-03 03:11:30 UTC 2022-11-29 07:05:00 UTC 162.252.214.5
www.google.com (1) 7 2016-03-22 03:56:07 UTC 2022-11-29 09:16:29 UTC 142.250.74.132
www.google.no (1) 25607 2016-04-05 19:50:59 UTC 2022-11-29 08:15:17 UTC 142.250.74.67
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
ocsp.sectigo.com (4) 487 2019-11-29 11:50:24 UTC 2021-09-17 20:05:40 UTC 104.18.32.68
img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
cdn.kagwirawo.co.ug (1) 0 2022-03-16 10:39:06 UTC 2022-10-25 21:44:58 UTC 154.0.130.22 Unknown ranking
c.adsco.re (1) 16577 2018-01-06 16:30:22 UTC 2022-11-29 07:04:59 UTC 104.17.167.186
c1.popads.net (1) 168879 2013-05-23 15:07:44 UTC 2020-03-28 04:50:22 UTC 185.76.9.22
4.adsco.re (1) 19179 2021-01-04 16:47:52 UTC 2022-11-29 07:04:59 UTC 162.252.214.5
www.betips.win (25) 0 No data No data 162.0.212.3 Unknown ranking
ocsp.digicert.com (2) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 54.186.117.16
ocsp.pki.goog (8) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.131
www.googletagmanager.com (1) 75 2013-05-22 02:07:37 UTC 2022-11-29 06:48:06 UTC 142.250.74.168
stats.g.doubleclick.net (1) 96 2013-06-10 20:21:11 UTC 2022-11-29 09:50:49 UTC 74.125.131.154
w7rbnctwumah.s4.adsco.re (1) 0 No data No data 185.200.116.90 Domain (adsco.re) ranked at: 8541
r3.o.lencr.org (8) 344 No data No data 23.36.77.32
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-29 05:51:44 UTC 34.117.237.239
www.google-analytics.com (1) 40 2012-10-03 01:04:21 UTC 2022-11-29 08:33:49 UTC 142.250.74.110
6.adsco.re (1) 17812 2018-01-15 04:15:29 UTC 2022-11-29 07:04:59 UTC 104.17.166.186
region1.google-analytics.com (1) 0 2022-03-17 11:26:33 UTC 2022-11-29 06:11:22 UTC 216.239.34.36 Domain (google-analytics.com) ranked at: 8401

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-11-29 2 www.betips.win/wp-content/plugins/content-views-query-and-display-post-page (...) Malware
2022-11-29 2 www.betips.win/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 Malware
2022-11-29 2 www.betips.win/wp-content/themes/twentytwentyone/style.css?ver=6.1.1 Malware
2022-11-29 2 www.betips.win/wp-content/themes/twentytwentyone/style.css?ver=1.0.0 Malware
2022-11-29 2 www.betips.win/wp-content/plugins/tablepress/css/default.min.css?ver=1.14 Malware
2022-11-29 2 www.betips.win/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 Malware
2022-11-29 2 www.betips.win/wp-content/plugins/wpfront-notification-bar/js/wpfront-notif (...) Malware
2022-11-29 2 www.betips.win/wp-content/themes/twentytwentyone/assets/js/responsive-embed (...) Malware
2022-11-29 2 www.betips.win/wp-content/plugins/wp-smushit/app/assets/js/smush-lazy-load. (...) Malware
2022-11-29 2 www.betips.win/wp-content/themes/twentytwentyone/assets/css/print.css?ver=1.0.0 Malware
2022-11-29 2 www.betips.win/wp-content/uploads/2022/11/WhatsApp-Image-2022-11-29-at-01.0 (...) Malware

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 162.0.212.3
Date UQ / IDS / BL URL IP
2023-01-28 07:39:40 +0000 0 - 6 - 5 www.bemobile.store/m/ng/ppt5/ 162.0.212.3
2022-12-14 04:09:00 +0000 0 - 0 - 176 www.eos-croatia.com/ 162.0.212.3
2022-12-11 11:19:12 +0000 0 - 0 - 2 www.artisticlogodesigns.com/logo-design.php 162.0.212.3
2022-12-04 00:45:25 +0000 0 - 0 - 12 www.betips.win/ 162.0.212.3
2022-12-02 07:06:54 +0000 0 - 0 - 2 basestore.pk/ 162.0.212.3


Last 5 reports on ASN: NAMECHEAP-NET
Date UQ / IDS / BL URL IP
2023-01-29 22:10:53 +0000 0 - 1 - 1 tiktok.e09rg.cloud/AlByepoj.sbs 69.57.163.217
2023-01-29 22:08:34 +0000 0 - 1 - 1 h-kayn.click/lp/ddr.html 192.64.117.14
2023-01-29 21:23:12 +0000 0 - 1 - 0 ferooman.com/ 192.64.119.45
2023-01-29 21:23:01 +0000 0 - 1 - 0 joshcrossportfolio.com/ 192.64.119.106
2023-01-29 20:33:59 +0000 0 - 0 - 2 autodiscover.fishing/ 192.64.119.245


Last 5 reports on domain: betips.win
Date UQ / IDS / BL URL IP
2023-01-14 08:11:54 +0000 0 - 6 - 0 www.betips.win/ 63.250.38.217
2022-12-04 00:45:25 +0000 0 - 0 - 12 www.betips.win/ 162.0.212.3
2022-12-01 08:47:08 +0000 0 - 0 - 14 betips.win/ 162.0.212.3
2022-12-01 00:17:46 +0000 0 - 0 - 14 betips.win/ 162.0.212.3
2022-11-29 22:54:18 +0000 0 - 0 - 11 www.betips.win/?utm_source=nigap40&utm_medium (...) 162.0.212.3


Last 2 reports with similar screenshot
Date UQ / IDS / BL URL IP
2022-12-01 08:47:08 +0000 0 - 0 - 14 betips.win/ 162.0.212.3
2022-12-04 00:45:25 +0000 0 - 0 - 12 www.betips.win/ 162.0.212.3

JavaScript

Executed Scripts (33)

Executed Evals (140)
#1 JavaScript::Eval (size: 24) - SHA256: 15eb7e222abfc64660d0f94c04053839498df20ea9ac9a13a201701a56ce3bf6
typeof window.chrome.csi
#2 JavaScript::Eval (size: 17) - SHA256: 031688cb60b9631e34bc623cf81a9eeef73de67ca290d15cccfaa65399420932
screen.colorDepth
#3 JavaScript::Eval (size: 21) - SHA256: 023250096bcba5a18a624685884b3126896db722289f3281cea8ec5cc63476e7
navigator.appCodeName
#4 JavaScript::Eval (size: 23) - SHA256: 76fae4cd7853897c738cd23148b2ebab825379d6ba153e245965183cc3304082
navigator.battery.level
#5 JavaScript::Eval (size: 24) - SHA256: ebca0f427d949e5889ac01faf63de6370743bddd0169c9354c84bc47e3e8a0b1
window.opener.innerWidth
#6 JavaScript::Eval (size: 25) - SHA256: 11ae4500086472eb307c6d2459f0d1446b2cc02b1afda7925d800e2d49f1c9d1
window.opener.outerHeight
#7 JavaScript::Eval (size: 34) - SHA256: 3db042ba8dbf234b0ba7ed8b47e5c8cb58b267af983635a41652258f1e282c0c
window.ScriptEngineBuildVersion();
#8 JavaScript::Eval (size: 11) - SHA256: 2c6631ee0cabea9afb499cec860aab5fcf40ed956651a0b0ea7b3411e1a31cd9
window.open
#9 JavaScript::Eval (size: 29) - SHA256: 12c1e4b959357815447bdfe9fde3665a628e0cd4bbd622c9915820ea57fe01e3
window.InstallTrigger.install
#10 JavaScript::Eval (size: 48) - SHA256: e7678fa8be4ae3ca69e517858903bb107391f9de7ae346a75288b81b57630269
Intl.DateTimeFormat().resolvedOptions().timeZone
#11 JavaScript::Eval (size: 17) - SHA256: d204422e9d49293ab422bfabae9607635876cb30f77215f133603bac691f6f4b
document.location
#12 JavaScript::Eval (size: 59) - SHA256: f8aac102dc71390ed9b53b485b34d036f4c871e18d7015b307b95c8f1dcd9fa1
window.external.getHostEnvironmentValue("os-architecture");
#13 JavaScript::Eval (size: 20) - SHA256: 6b612f597a0ed972ce30182713c197e510528ac68ff1711b560641d5f47afefa
navigator.productSub
#14 JavaScript::Eval (size: 27) - SHA256: d411f352f2428265f0fc9f43b7429dafafad74f69cf4022cd51d9df23a67f157
performance.navigation.type
#15 JavaScript::Eval (size: 25) - SHA256: de1b699e93a44c66a069974d1603aee656a6e063b19b8bbf5b09946a3a1b9904
window.opener.innerHeight
#16 JavaScript::Eval (size: 27) - SHA256: e94a47b072c1a87127e88c17e992124bcf93c5d0d6b4e96c73a909444a7cd0d6
window.mozRTCPeerConnection
#17 JavaScript::Eval (size: 17) - SHA256: e0bc19473df9795cd42be5da545b5a6828d31527b4ffa3769564f735abec0deb
document.hasFocus
#18 JavaScript::Eval (size: 20) - SHA256: 1b0f9a28e673c21b9a668e2973157b075ac420eda7f39fd5727a77bb32b45ffe
navigator.appVersion
#19 JavaScript::Eval (size: 27) - SHA256: bc9c06f981e7daa0478c449324d4010cdbc3c83c9a95879b99a0b531f5cabb87
window.navigator.standalone
#20 JavaScript::Eval (size: 19) - SHA256: fc5a1ffc9513896711ec2c788490995715c8d32ccda8c4e2c68a9bd8cb214e77
document.innerWidth
#21 JavaScript::Eval (size: 16) - SHA256: cd74e6a3b779a514972758fa195725f40176261af18fbcd246e5f401a3ecf849
screen.availLeft
#22 JavaScript::Eval (size: 22) - SHA256: 4b14cf9e41e192a741c1cb8ec58f13b0495941f984f312bec01ab28807fe99ab
navigator.deviceMemory
#23 JavaScript::Eval (size: 22) - SHA256: 526c9d85cebcd21526a3b7ffdb87a9c2b6229e00b0bf210634abf6c84e0ad143
navigator.msDoNotTrack
#24 JavaScript::Eval (size: 31) - SHA256: 043b61c407c6f51e3a4ee18efee76fac227501d805df309988fc1494ae0a30dc
performance.timing.connectStart
#25 JavaScript::Eval (size: 29) - SHA256: 9c27754d9297bf8d4022ded2628940ae5a837c7d7d130b197c3dc80627a453e2
HTMLElement.prototype.animate
#26 JavaScript::Eval (size: 15) - SHA256: da82a56eb8524f5d12a2afcf2c5d0cb6184f26995167212a0ccb3bc2ba0def36
document.hidden
#27 JavaScript::Eval (size: 15) - SHA256: 4f61f9e962c8c1d90b453b461dd9431c1d3a6a706e61ab5c2a9faf6a71aea93f
screen.availTop
#28 JavaScript::Eval (size: 29) - SHA256: 876f3c9374f7069c7cabd0907ddad5466010a649a0f34984e5e2cc72f64878a5
navigator.hardwareConcurrency
#29 JavaScript::Eval (size: 28) - SHA256: ef184af14e9e4c14bc286dcbd2a00161c209ce5cf6f9e30c4e7de6d929e9aa4d
typeof document.ontouchstart
#30 JavaScript::Eval (size: 18) - SHA256: 17720ad70d18a072962c7509a9e8f79d6227be2728fb0e89dafb5a1edbc19f40
window.console.log
#31 JavaScript::Eval (size: 30) - SHA256: c2ea2223b59cfea384b15228f4cdc0f7337d4909e20e97e2fa42648ef8ecf610
window.webkitRTCPeerConnection
#32 JavaScript::Eval (size: 22) - SHA256: b19d05a8d492320ab4db4d74ea0e9e90374bed47a18e805f8018ebb00af0c23c
window.menubar.visible
#33 JavaScript::Eval (size: 22) - SHA256: 28be88d787b6e773eaf5d0818a6c62446ce628dd8ec0659c6f78410588838337
window.toolbar.visible
#34 JavaScript::Eval (size: 10) - SHA256: f73e4e03067983dd5196907f86c9020b174651f1bd0b5d291b217dc927ff068f
screen.top
#35 JavaScript::Eval (size: 19) - SHA256: b37d024d71bdbd575b951acfa9a59a5e84dc2f9d7c89748081ccb862ff3c9033
navigator.vendorSub
#36 JavaScript::Eval (size: 19) - SHA256: c26c62a09a687d08a3ef9d9a960c5ae2ad47fecc853b4fb0380d71586d260a1b
window.opener == null
#37 JavaScript::Eval (size: 24) - SHA256: 89e4c05e12e12f5bdf85a4fb89bad572dd85256091add09fdb9c6e42e703e2bb
document.visibilityState
#38 JavaScript::Eval (size: 25) - SHA256: cfab5312f1cfff1e8162225ab27453306ff627f512bcf18225c0a305ca093e1c
window.scrollbars.visible
#39 JavaScript::Eval (size: 17) - SHA256: e5ee82e31ec94cc385b3637227b4435f0547b3d0a4aa60cdda1d8fada4779df3
screen.availWidth
#40 JavaScript::Eval (size: 17) - SHA256: c66ced51cafdeb3a9e3544b0b2e7de4c955a4cd347c4d7b5d74f36923df5a7bd
navigator.product
#41 JavaScript::Eval (size: 17) - SHA256: 9094a3d888951e5671f4b6dce42ef291cd071cb196d8761fef42c010ecf5b142
navigator.plugins
#42 JavaScript::Eval (size: 37) - SHA256: 6530649612f535f1adde48ecf8b5de0677e9b5d77db12eb3dfd90b79b363559e
HTMLCanvasElement.prototype.toDataURL
#43 JavaScript::Eval (size: 14) - SHA256: 28d9693460ce57dd4e01742e50a1baa10cbed3fa6c20c2a69f02424f80fb9a2e
!(top == window)
#44 JavaScript::Eval (size: 16) - SHA256: d6b5ca1760fc8b29e007efc9c8d2cf7e8a2395825f6f77dada95483fc3171bdf
navigator.onLine
#45 JavaScript::Eval (size: 36) - SHA256: 4105e0401cf30138cd3ec66def6e14b091f0617777c14cd703ba3e8be17d5777
performance.navigation.redirectCount
#46 JavaScript::Eval (size: 33) - SHA256: 0b543b4a53bd5beb9a294e018ea9a8c704e5487af1227121d60699a5ec715c5d
navigator.connection.effectieType
#47 JavaScript::Eval (size: 12) - SHA256: 27f88609267c27a6f4e778dcb686f1f2fdf0f4f7cd29ad34826b916266ae45a8
window.close
#48 JavaScript::Eval (size: 24) - SHA256: 6b5c93eab3b74dadfbe0f6c5949ab9f1ec8f012df8f49495664b96b51881ed85
window.RTCPeerConnection
#49 JavaScript::Eval (size: 33) - SHA256: 511e9d231c9360fcb7670f7cbaffb35bf8180f124fc080ebbfa5962d4c8bb089
window.screenX || window.screenLeft
#50 JavaScript::Eval (size: 25) - SHA256: 0098b3fb5f82abbebff8c293e42863b93e210b01f0032c4147fe1457f5b48a93
window.offscreenBuffering
#51 JavaScript::Eval (size: 23) - SHA256: 2ef7ca07ed70c4ffbc59b1d3fa8df8cd2be1bfc66d1604246926066c9f44fd0c
screen.orientation.type
#52 JavaScript::Eval (size: 17) - SHA256: c03ab22471edc55763f012b82b8d32f981b31ca921a55cc4a663b8bd953b96e7
screen.deviceYDPI
#53 JavaScript::Eval (size: 18) - SHA256: addd231a2f2807fb0b4ebdadd2bc23ae2a1cb93a92b07fa6e20ee9af832a8b47
navigator.platform
#54 JavaScript::Eval (size: 15) - SHA256: de7f7b137340e1d218833d7afef73ea711325f139a4428eed317ca0374f67c91
navigator.oscpu
#55 JavaScript::Eval (size: 29) - SHA256: d01a385e50e8e57c5f15bc18b82e1304ed42dcbe38967d66a30a786e39ed847b
performance.timing.connectEnd
#56 JavaScript::Eval (size: 30) - SHA256: ca1a06e2314f272f03bc401a7ae0f4056692895b060fd13c00280536b6c56e85
performance.timing.responseEnd
#57 JavaScript::Eval (size: 108) - SHA256: 8eab171b0d256cf386d222b71fbf5380f2051b67452dbd83f41401a6216a789c
!!document.fullscreen || !!document.mozFullscreen || !!document.webkitIsFullScreen || !!document.fullScreenElement
#58 JavaScript::Eval (size: 36) - SHA256: 436179ef4964c80a03e62015696ba10c5ae70602c6538d07f50b75f35bd72a27
document.documentElement.clientWidth
#59 JavaScript::Eval (size: 32) - SHA256: 1138f8c1bb11f4a5f7d8354b8c8a642ef94c9c741d76a7f476bac6473b7de085
window.screenY || window.screenTop
#60 JavaScript::Eval (size: 11) - SHA256: c42b2a75055edd538c357b5923a7eca102ebf4e63f14d7d8b6fa2778d6b1cdd2
screen.left
#61 JavaScript::Eval (size: 34) - SHA256: 9e0e45f2f824eefaed5af40bcadf2c0ce7943df52cda4c3d67ddb03583418dab
window.ScriptEngineMinorVersion();
#62 JavaScript::Eval (size: 6) - SHA256: 44ff7b02c80d38b26dd6aa31d9470aed81b32e10331a3c994fb1a9945fd847ba
window
#63 JavaScript::Eval (size: 6) - SHA256: 4cd6c2914887dd4a68e4c9ffbed8b077f048cf795d6cfa0b801d43e0ea5a1560
screen
#64 JavaScript::Eval (size: 20) - SHA256: 3f3d3b81e8706983e30a63da7389e8cd3e70bd7778063d63f748984c42007425
IntersectionObserver
#65 JavaScript::Eval (size: 18) - SHA256: 318e5db431b7c9515f38ae97da21d7c4e75ec281aea96271c0d0f4e22b35df92
navigator.language
#66 JavaScript::Eval (size: 25) - SHA256: 329a9b85817fb7d3bb2492cbcb23f12b14cf9abd181473b838250e3b745fab50
navigator.connection.type
#67 JavaScript::Eval (size: 26) - SHA256: 7510742fba4d25113b6124987e97cba40776bc5030a6a3678974dc8ba075bf81
window.personalbar.visible
#68 JavaScript::Eval (size: 16) - SHA256: d17194a96291e963420dd3361221101c8fdb7d8d382fc8993563576d3fd29dd6
navigator.vendor
#69 JavaScript::Eval (size: 24) - SHA256: 4b653dda0da63fbe970902ed9a8dc33f1f0555edd3d9f2ae1ad8ed9284632d72
navigator.maxTouchPoints
#70 JavaScript::Eval (size: 27) - SHA256: c66fd00bf884bbcc3f43284fb1c86bcea447ce653124ca7b7202d0e5fd30ae08
window.opener.location.href
#71 JavaScript::Eval (size: 15) - SHA256: 2daa1a91b2430e9867296c9cb26d1483785954a9bdd66f79b2c754bab7092cae
typeof __gCrWeb
#72 JavaScript::Eval (size: 37) - SHA256: 0e27576eb1e9c067b58d47b8749be97d9e94c1e3d67cdf541784148cd80a04b1
MouseEvent.WEBKIT_FORCE_AT_MOUSE_DOWN
#73 JavaScript::Eval (size: 17) - SHA256: f8b516a2a0538b8599ab0452be3f3aa473cf3b0c510275d0a30565cefd564701
screen.pixelDepth
#74 JavaScript::Eval (size: 20) - SHA256: 6af0594857ab3b4e97420ca6bf7e098fc0901e86860d2e6a26cdf1d176c37dec
navigator.doNotTrack
#75 JavaScript::Eval (size: 21) - SHA256: 61e43d202b6cd0ebf29ac8014115fcb890eb5593c4160b9ae285206ca911bce6
window.history.length
#76 JavaScript::Eval (size: 17) - SHA256: b4a3a83fe09d48db0c0b4416fefb19af5f9e069c12d2af8793a18f159574bb79
window.outerWidth
#77 JavaScript::Eval (size: 41) - SHA256: af18ee7d06fe2ee2da28af260ea0c78923664ecbc220f3ce395c50b1822dab7a
window.performance.memory.jsHeapSizeLimit
#78 JavaScript::Eval (size: 13) - SHA256: 56e57af29d4af8b1fb7008dbfdf84a764970a6673f1f19165f1a8498ce903d93
screen.height
#79 JavaScript::Eval (size: 24) - SHA256: a097c9a52546fb53f0340afda7f34b4e47b836e551135e5ad0b5339ebb314a30
window.opener.outerWidth
#80 JavaScript::Eval (size: 29) - SHA256: cb6f5b3573826ffd9a881e026fd85eb842d31266833666399582737149c5fc14
navigator.connection.saveData
#81 JavaScript::Eval (size: 22) - SHA256: c49e342522959187d587f89ed7dde961d8df29cec6b02dce869f4aa1ac3ef254
window.mozInnerScreenX
#82 JavaScript::Eval (size: 46) - SHA256: 30f73e7f08c8e6a25fec00672f75fa725d3fa7a30bf847fb1dcb0115ec2f8607
Intl.DateTimeFormat().resolvedOptions().locale
#83 JavaScript::Eval (size: 50) - SHA256: 203d92af34680f7fe84b0047f738fae4e2d401f5d28af8d70f067dc77f5acb6a
window.external.getHostEnvironmentValue("os-sku");
#84 JavaScript::Eval (size: 24) - SHA256: 893fe12669f916947d99616b788aa245f8b45c5b8b34544df4114a6a789217ab
navigator.systemLanguage
#85 JavaScript::Eval (size: 51) - SHA256: 8c6276b2ab288fa398c4bc128bf765ffc10696c7adb7b2db18019870fa29cbdd
window.external.getHostEnvironmentValue("os-mode");
#86 JavaScript::Eval (size: 20) - SHA256: 3688d7e88d248ea850c456f0233738d10695a410a3dec97785ca7422c3f562c1
document.innerHeight
#87 JavaScript::Eval (size: 26) - SHA256: 2638f8c5d74932a6dfe72bc21a585ef3525f7e26bd3dbb1f480071141c325af1
navigator.msMaxTouchPoints
#88 JavaScript::Eval (size: 31) - SHA256: 7f96f13e41030d403da6d3c41ed3e161053572b43346d4e7c6ade69c0861d6ca
typeof document.visibilityState
#89 JavaScript::Eval (size: 25) - SHA256: 791b28f4c489619d78906b8af22fbc11b48c0576134d36470ef92468e47da29c
navigator.appMinorVersion
#90 JavaScript::Eval (size: 30) - SHA256: 44e10caa26e37d5f8678a008f0d667c1975fbaec0f613439eb60694249001780
navigator.languages.toString()
#91 JavaScript::Eval (size: 26) - SHA256: 92f68565a2781a0fbd595ff5c54717d6b87c6cf19d42c7f3d3d4c81193bb2cb4
navigator.battery.charging
#92 JavaScript::Eval (size: 24) - SHA256: ae3766b014bf6a5b6452d14a9f1de103d584e98933db2577122c136bfb9eb0c6
navigator.connection.rtt
#93 JavaScript::Eval (size: 34) - SHA256: de98f45cade0178e1fd1a8257ab99e8431b3d5b35a393217e74ad6caa4efed60
performance.timing.domainLookupEnd
#94 JavaScript::Eval (size: 20) - SHA256: a5e2bc908c3bd3196d273564d073484f9905d13817490eca5aa249e701139cdc
typeof window.chrome
#95 JavaScript::Eval (size: 26) - SHA256: e5a13721b456c9e090f80944728fc91767f5ae01b01f59160e73ff2c7cacc587
window.locationbar.visible
#96 JavaScript::Eval (size: 18) - SHA256: 793401a4baa2fb67b2049b633d5ebb8c25d2dc67d41071aabd7c180ddbdd2599
navigator.cpuClass
#97 JavaScript::Eval (size: 34) - SHA256: fa103a26e90f8e37ab2371d0dd320ca199c0ff194f4ded9cee3ccfa85c22f713
window.ScriptEngineMajorVersion();
#98 JavaScript::Eval (size: 27) - SHA256: 1c82db5b05628505080952437a7fd64f03942b6e8ec97f799f4f867eaf492134
typeof window.ondevicelight
#99 JavaScript::Eval (size: 21) - SHA256: 561f7f2574775993811ac7bc852a2054ede9fb58a62eb0804030e1ff877f4350
document.webkitHidden
#100 JavaScript::Eval (size: 22) - SHA256: 42c1dc825c7afb2edca4a8bca3f669784ae08b69226a5ec5044ee7600fccb397
window.mozInnerScreenY
#101 JavaScript::Eval (size: 18) - SHA256: c1fcce173bd0b08415367c934d5db7c4ed130c7f83a485c91682873bff2954ee
screen.availHeight
#102 JavaScript::Eval (size: 30) - SHA256: 55ef02d9591328210e59a68fcd1945791f4d0f70cdc7cd3999eb4ba175adbafb
performance.timing.redirectEnd
#103 JavaScript::Eval (size: 29) - SHA256: 95b2bbef556b3dc3b807638cb7b08274af9b8998def0c82d81e3a1517100d68f
performance.timing.fetchStart
#104 JavaScript::Eval (size: 9) - SHA256: ebf49dcd836f810084c14e0f2dab4dc1768bbdc5980481bf201fcf76771dff7a
navigator
#105 JavaScript::Eval (size: 26) - SHA256: e495f8780d35a18d80e09be6211760313cd30ac601a5c7478f9ddf4ebf8536ba
navigator.pdfViewerEnabled
#106 JavaScript::Eval (size: 18) - SHA256: 64e360e85164e7675724c7fe1ed681b25a138c51d437bac5ff97e8910ccf2aa7
window.innerHeight
#107 JavaScript::Eval (size: 30) - SHA256: b6a3c0492b8e7ae0ff680b4806058d22f740029707c1f7dda3cad6f985020ba3
(new Date).getTimezoneOffset()
#108 JavaScript::Eval (size: 32) - SHA256: 8d8003d5d1afbb2b7118b1f14afe89138588ed08982c3e8ff31dd4123e7cb076
performance.timing.responseStart
#109 JavaScript::Eval (size: 12) - SHA256: 20dbc48604a9afee27f0eaf4b84634fabbf1b2c09f78e795896b6fa1747b154a
window.alert
#110 JavaScript::Eval (size: 18) - SHA256: 0200f755a2c13b9335fe39b3a88f696c334e518e8407780c4731d8e6be966c4e
window.outerHeight
#111 JavaScript::Eval (size: 19) - SHA256: 9b078b8e24e4655c21a5876570daac97f2ddc241bfdb259644582b6a7a60930b
navigator.userAgent
#112 JavaScript::Eval (size: 17) - SHA256: 13e19bbb45d0bb1d1915240763b5bca4ddef99d01edd749954115168c7842c9c
navigator.buildID
#113 JavaScript::Eval (size: 31) - SHA256: df3486f2ca74e18e1c81ba55663a8dd4e668e36fed82949b9cca595051bd5064
performance.timing.requestStart
#114 JavaScript::Eval (size: 4) - SHA256: 1bbd174404efbce95f1af489ef93f4aa0f4d55718f24c3504682216afa7b7fb1
eval
#115 JavaScript::Eval (size: 23) - SHA256: c5d184acbefde172c402f1100cb756d11e8a1c83484977f1d5975bc65a79a7c5
navigator.cookieEnabled
#116 JavaScript::Eval (size: 29) - SHA256: a9dc93ae3dc52ac584bff8e382bf1db1f87b8e3a54243eae8d1e3badb180e834
navigator.connection.downlink
#117 JavaScript::Eval (size: 36) - SHA256: a7dc60bd6993c201941ea0bfc5218f7fea0bc015ee5dc88e658db78d98f8d98a
performance.timing.domainLookupStart
#118 JavaScript::Eval (size: 12) - SHA256: 5191a526bd66a118a4a51956503fdcf4555cc92b48b9a426d04a7af25d3980e1
window.brave
#119 JavaScript::Eval (size: 13) - SHA256: 32c6c6c6d07bb5224356b89b5de1adc4c02b1f7b2f464830005443afc6624e85
window.google
#120 JavaScript::Eval (size: 20) - SHA256: dfafe4f2e08c006ec277e8042267c6237512a1a93bfcf57657420d4becc0a97b
window.mozPaintCount
#121 JavaScript::Eval (size: 17) - SHA256: 51c1083130407a8772738aa2380eb5a583240a47d98f2204b124c06fd11aabd5
top.frames.length
#122 JavaScript::Eval (size: 37) - SHA256: 998158f6df4183edd82539e6dc971d32f50bc7ee075f64d4abc46d3011a9da27
document.documentElement.clientHeight
#123 JavaScript::Eval (size: 12) - SHA256: bc1a6bd7f4ddbcd78987ea609d4595bdf2422cb1be9e85af5d6c199f62000d6c
screen.width
#124 JavaScript::Eval (size: 22) - SHA256: e924fcaf65b8ea057cb30e32bbdf04fdafe2bde622539d6d1abc466b050917d5
navigator.userLanguage
#125 JavaScript::Eval (size: 47) - SHA256: 423946cdca01d4915fdc795bb03491ce4251b32ed1717a7c0146ce14c838d373
window.opener.screenX || window.opener.screenLeft
#126 JavaScript::Eval (size: 32) - SHA256: d0ea77c33d12565615b751dd5d753895e6287577bc0cfe0522961048b211daa6
navigator.connection.downlinkMax
#127 JavaScript::Eval (size: 22) - SHA256: 6e880572810251d722d33109fc0420864f46d69522d25a1df47338c553e38e07
window.isSecureContext
#128 JavaScript::Eval (size: 17) - SHA256: 5c5bb18e544cb67f765d8a6d2c774838d3ae95df9b62f25660c64554a7302d8e
document.referrer
#129 JavaScript::Eval (size: 25) - SHA256: 63d0de96ffe6e24d709e64517f883a6e6a72e3629aea379ee43b727541794c64
navigator.browserLanguage
#130 JavaScript::Eval (size: 17) - SHA256: 13871edf9ac7e58046d0f0d03811464e388c3f2323eebc6b61954c79dc883459
screen.deviceXDPI
#131 JavaScript::Eval (size: 24) - SHA256: 15dde2f8fcb5a8a423088da92307a50f6ba6c59577490e49e2ae24a15c75c2bd
window.clientInformation
#132 JavaScript::Eval (size: 17) - SHA256: b18f7c2e4dbfe2926b0413634f7cd6781be55e27b4b885dc68a8f740a80d72e1
window.innerWidth
#133 JavaScript::Eval (size: 19) - SHA256: 63fd63a33ca43f07ce872672d604657ec0fbfbe24bec43f4b322c0f7a1c2ce25
document.hasFocus()
#134 JavaScript::Eval (size: 24) - SHA256: 38be2b1c1c886666cd4ac85d71bb8b65e51d95c7c5f40b0c575f7d196a0442cd
window.statusbar.visible
#135 JavaScript::Eval (size: 23) - SHA256: fac21d8a86a99b88e4eb395a35aa2970ffb8ffdac1b12280959be2c117e3a09c
window.devicePixelRatio
#136 JavaScript::Eval (size: 32) - SHA256: 90190e51d410f9862884d5984262f9e1b8e46dd1010b50f1c22c9ef3fa1565fc
window.opener.offscreenBuffering
#137 JavaScript::Eval (size: 52) - SHA256: b218e02bbc9cda846447b2e8fff62bc41f7f5b0e12ad8adfc05380f8df3288a4
window.external.getHostEnvironmentValue("os-build");
#138 JavaScript::Eval (size: 25) - SHA256: 02665a4c106fc96e71ef5a17511cf353ec3f5cccb82ec9fce719b23967728897
typeof window.WebAssembly
#139 JavaScript::Eval (size: 46) - SHA256: b1101545a9bed4591a67166c932701b5ec44cb1976bb9df3d584fa2ab8ba8245
window.opener.screenY || window.opener.screenTop
#140 JavaScript::Eval (size: 40) - SHA256: ba8f16658b19940e1168ca8394756fb18272a9ef95d5fb11442ba56601568687
performance.timing.secureConnectionStart

Executed Writes (0)


HTTP Transactions (73)


Request Response
                                        
                                            GET /?utm_source=nigap40&utm_medium=month09&utm_campaign=start HTTP/1.1 
Host: www.betips.win
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         162.0.212.3
HTTP/1.1 308 Permanent Redirect
Content-Type: text/html
                                        
Date: Tue, 29 Nov 2022 22:54:04 GMT
Content-Length: 164
Connection: keep-alive
Location: https://www.betips.win/?utm_source=nigap40&utm_medium=month09&utm_campaign=start


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   164
Md5:    f23c4815ecaef1588f16ac735c0e15d6
Sha1:   026bf8cdd5076014b6fc822878e0086eb44da556
Sha256: 43a81fb3d47b34e7d42d6b8444f592ed9251b8e57db8f67d32419aa40b1480d0
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "94FB64C1C826ED7099283C0BEDB3CEA7AC7E1D9526794CB9FAD6E761F5989D32"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4962
Expires: Wed, 30 Nov 2022 00:16:46 GMT
Date: Tue, 29 Nov 2022 22:54:04 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4623
Cache-Control: max-age=132849
Date: Tue, 29 Nov 2022 22:54:05 GMT
Etag: "6385df6f-1d7"
Expires: Thu, 01 Dec 2022 11:48:14 GMT
Last-Modified: Tue, 29 Nov 2022 10:31:11 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F18AC558CB786126BB7EFB159E03353D268D5F5796BCFD2691A349DFC68D863C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7142
Expires: Wed, 30 Nov 2022 00:53:07 GMT
Date: Tue, 29 Nov 2022 22:54:05 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 29 Nov 2022 22:17:55 GMT
cache-control: public,max-age=3600
age: 2170
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    14cd9a0afb6ba9a763651d5112760d1e
Sha1:   75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: vsTt0x02XWc9gkY1WqwCazELy7tdmEqFJizJwT/J8RmTGgSZFkqvTaDM2HsOrVmeQ5BjNsf1xlc=
x-amz-request-id: X9SBPEJX66TQHYJ5
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 29 Nov 2022 22:44:59 GMT
age: 546
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 22:54:05 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 26 Nov 2022 12:21:21 GMT
Expires: Sat, 03 Dec 2022 12:21:20 GMT
Etag: "f08430eac029e68ec0bae132a998e06c08baf3f3"
Cache-Control: max-age=307034,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 771eec51fbd0b4f7-OSL

                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 29 Nov 2022 22:54:05 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 29 Nov 2022 22:08:56 GMT
cache-control: public,max-age=3600
age: 2709
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2935
Cache-Control: public, max-age=1209600
Date: Tue, 29 Nov 2022 22:54:05 GMT
Etag: "638651c0-37"
Last-Modified: Tue, 29 Nov 2022 18:38:56 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: e6zKxrhG+1zv+ItV9hG+8Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         54.186.117.16
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 7R80zscFm6N39HojWFISIFzlkFM=

                                        
                                            GET /?utm_source=nigap40&utm_medium=month09&utm_campaign=start HTTP/1.1 
Host: www.betips.win
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         162.0.212.3
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Tue, 29 Nov 2022 22:54:06 GMT
content-length: 14257
x-powered-by: PHP/7.2.34
link: <https://www.betips.win/wp-json/>; rel="https://api.w.org/", <https://www.betips.win/wp-json/wp/v2/pages/253>; rel="alternate"; type="application/json", <https://www.betips.win/>; rel=shortlink
etag: "111253-1669760223;br"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
strict-transport-security: max-age=15724800; includeSubDomains
x-cache-status: MISS
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (10595), with CRLF, LF line terminators
Size:   14257
Md5:    0cac88ff06345409858cb5a6b854ce7a
Sha1:   a4a51697eb72a531a5ff1029310d8dd645809df5
Sha256: 97142a69508a4b9adff7d2b90e66ee34be195af95720aecf4fa7e71d0b0cddce
                                        
                                            GET /wp-content/plugins/content-views-query-and-display-post-page/public/assets/css/cv.css?ver=2.5.0.1 HTTP/1.1 
Host: www.betips.win
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.betips.win/?utm_source=nigap40&utm_medium=month09&utm_campaign=start
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.212.3
HTTP/2 200 OK
content-type: text/css
                                        
date: Tue, 29 Nov 2022 22:54:06 GMT
content-length: 10587
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 21:43:08 GMT
last-modified: Wed, 23 Nov 2022 08:55:06 GMT
content-encoding: br
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
strict-transport-security: max-age=15724800; includeSubDomains
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65371)
Size:   10587
Md5:    1710b9c078cb7c59f5fe4d719720e1a9
Sha1:   70fa591ae9a1fd68ea9f196c8fb15001b62df479
Sha256: ff40746d1a9a15f91d1fd6f7c31da764d155939bb0e6ff5372ea6b837de68d3d

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1 
Host: www.betips.win
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.betips.win/?utm_source=nigap40&utm_medium=month09&utm_campaign=start
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.212.3
HTTP/2 200 OK
content-type: text/css
                                        
date: Tue, 29 Nov 2022 22:54:06 GMT
content-length: 11616
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 21:43:09 GMT
last-modified: Tue, 15 Nov 2022 20:55:07 GMT
content-encoding: br
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
strict-transport-security: max-age=15724800; includeSubDomains
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (47826)
Size:   11616
Md5:    c4d7cc056b49b00e05cc29cc59aa3d5a
Sha1:   48c426bec60099d2a8628df430ed682c72aab42a
Sha256: 8009c12f2674a8d38401f4b5faad1fef2cfcd18a8c927ed2561ae9d7de9b57b5

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/metronet-profile-picture/dist/blocks.style.build.css?ver=2.6.0 HTTP/1.1 
Host: www.betips.win
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.betips.win/?utm_source=nigap40&utm_medium=month09&utm_campaign=start
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.212.3
HTTP/2 200 OK
content-type: text/css
                                        
date: Tue, 29 Nov 2022 22:54:06 GMT
content-length: 2741
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 21:30:07 GMT
last-modified: Fri, 25 Jun 2021 20:55:05 GMT
content-encoding: br
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
strict-transport-security: max-age=15724800; includeSubDomains
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (27709)
Size:   2741
Md5:    5eb84d09b675a304532945be60f8e07a
Sha1:   647751e708ef62dc0c6afab8263e2d8b60a44d5a
Sha256: 571d3852d648e4d7b21f9a646d30260618fca8dcd6c7c152f6d75c22358e8f9e
                                        
                                            GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1 
Host: www.betips.win
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.betips.win/?utm_source=nigap40&utm_medium=month09&utm_campaign=start
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.212.3
HTTP/2 200 OK
content-type: text/css
                                        
date: Tue, 29 Nov 2022 22:54:06 GMT
content-length: 217
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 21:43:09 GMT
last-modified: Wed, 02 Nov 2022 20:55:25 GMT
x-turbo-charged-by: LiteSpeed
strict-transport-security: max-age=15724800; includeSubDomains
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   217
Md5:    95e891f28e44a9b314c09545d86be2b7
Sha1:   f9b13a8bd47273b086a0a07df15f314e0af0bc3e
Sha256: 5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
                                        
                                            GET /wp-content/plugins/wpfront-notification-bar/css/wpfront-notification-bar.min.css?ver=3.2.0.011614 HTTP/1.1 
Host: www.betips.win
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.betips.win/?utm_source=nigap40&utm_medium=month09&utm_campaign=start
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.212.3
HTTP/2 200 OK
content-type: text/css
                                        
date: Tue, 29 Nov 2022 22:54:06 GMT
content-length: 639
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 21:30:06 GMT
last-modified: Sun, 16 Jan 2022 09:04:49 GMT
content-encoding: br
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
strict-transport-security: max-age=15724800; includeSubDomains
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3068), with no line terminators
Size:   639
Md5:    faa03bf8a5d31d9c3fa24f69aabf3698
Sha1:   c64cba05a8ecc88db2390b1842811e05658d11ac
Sha256: a8fdd390c02ab6ecc4bcf405398a17d0ac1851ffdff8baf0e3dc4acca35d82d1
                                        
                                            GET /wp-content/themes/twentytwentyone/style.css?ver=6.1.1 HTTP/1.1 
Host: www.betips.win
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.betips.win/?utm_source=nigap40&utm_medium=month09&utm_campaign=start
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.212.3
HTTP/2 200 OK
content-type: text/css
                                        
date: Tue, 29 Nov 2022 22:54:06 GMT
content-length: 21900
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 21:43:10 GMT
last-modified: Wed, 02 Nov 2022 09:59:18 GMT
content-encoding: br
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
strict-transport-security: max-age=15724800; includeSubDomains
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (403)
Size:   21900
Md5:    e15bb956eb07734f77cf7cca1a90d212
Sha1:   f44269e96669eec1fc5fc4ac18df7553517b70e5
Sha256: 65aa7a7b3a8270df7649c104311ec56b194a20529c017131a22d85e23dc349f7

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/themes/twentytwentyone/style.css?ver=1.0.0 HTTP/1.1 
Host: www.betips.win
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.betips.win/?utm_source=nigap40&utm_medium=month09&utm_campaign=start
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.212.3
HTTP/2 200 OK
content-type: text/css
                                        
date: Tue, 29 Nov 2022 22:54:06 GMT
content-length: 21900
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 22:33:53 GMT
last-modified: Wed, 02 Nov 2022 09:59:18 GMT
content-encoding: br
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
strict-transport-security: max-age=15724800; includeSubDomains
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (403)
Size:   21900
Md5:    e15bb956eb07734f77cf7cca1a90d212
Sha1:   f44269e96669eec1fc5fc4ac18df7553517b70e5
Sha256: 65aa7a7b3a8270df7649c104311ec56b194a20529c017131a22d85e23dc349f7

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/tablepress/css/default.min.css?ver=1.14 HTTP/1.1 
Host: www.betips.win
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.betips.win/?utm_source=nigap40&utm_medium=month09&utm_campaign=start
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.212.3
HTTP/2 200 OK
content-type: text/css
                                        
date: Tue, 29 Nov 2022 22:54:06 GMT
content-length: 2016
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 21:43:12 GMT
last-modified: Tue, 20 Jul 2021 20:58:23 GMT
content-encoding: br
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
strict-transport-security: max-age=15724800; includeSubDomains
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (5092), with no line terminators
Size:   2016
Md5:    f13e1637411c99de7b2ffd9f9a0d4556
Sha1:   f7b837efa8147941b89a06978a3a918c1feb90a2
Sha256: 19891fc9eeecce9fef6583a72ccb9f3bc2d213a67b9bc4ae481b69d2e4206ec3

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/frontend-gtag.min.js?ver=7.10.0 HTTP/1.1 
Host: www.betips.win
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.betips.win/?utm_source=nigap40&utm_medium=month09&utm_campaign=start
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.212.3
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 29 Nov 2022 22:54:06 GMT
content-length: 3014
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 21:43:16 GMT
last-modified: Mon, 07 Nov 2022 20:55:40 GMT
content-encoding: br
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
strict-transport-security: max-age=15724800; includeSubDomains
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1571)
Size:   3014
Md5:    7cbb3118b2831c68e99806f3d070b909
Sha1:   c029131435de76e327321c35f6b0ad199171260e
Sha256: 543475d7371b7bb9e0426586994d7fe66f15ac95cf9254e7ec114657dc70e55a
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 22:54:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1 
Host: www.betips.win
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.betips.win/?utm_source=nigap40&utm_medium=month09&utm_campaign=start
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.212.3
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 29 Nov 2022 22:54:06 GMT
content-length: 30324
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 21:43:16 GMT
last-modified: Wed, 02 Nov 2022 20:55:26 GMT
content-encoding: br
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
strict-transport-security: max-age=15724800; includeSubDomains
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65447)
Size:   30324
Md5:    3a1740685bd5c0bbd5f2b812e1eb7fb4
Sha1:   488e07695da787fed18361c50292aef35abb5e81
Sha256: 4a07aed2d8cf88afdec0b56b365b951c76d387db3459166b5a0d25e2e6cc95ef
                                        
                                            GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1 
Host: www.betips.win
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.betips.win/?utm_source=nigap40&utm_medium=month09&utm_campaign=start
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.212.3
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 29 Nov 2022 22:54:06 GMT
content-length: 3995
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 21:43:18 GMT
last-modified: Wed, 18 Nov 2020 19:36:06 GMT
content-encoding: br
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
strict-transport-security: max-age=15724800; includeSubDomains
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (11126)
Size:   3995
Md5:    7e058b51f939eacfa31cdface14dded5
Sha1:   9d732e5afdeb42edef9e1b9631b7e95e054787cc
Sha256: 4ece5b00423755d8f4121ce382c8ea4dc44c241f28f150abe19caa85d0b0acc1

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/wpfront-notification-bar/js/wpfront-notification-bar.min.js?ver=3.2.0.011614 HTTP/1.1 
Host: www.betips.win
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.betips.win/?utm_source=nigap40&utm_medium=month09&utm_campaign=start
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.212.3
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 29 Nov 2022 22:54:06 GMT
content-length: 1466
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 21:43:18 GMT
last-modified: Sun, 16 Jan 2022 09:04:49 GMT
content-encoding: br
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
strict-transport-security: max-age=15724800; includeSubDomains
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (546)
Size:   1466
Md5:    a1ca7598b833dc03f692ab404ef37af2
Sha1:   e5561a44fd6f3719c50d113e561f2e7f20b2b256
Sha256: fafeb0b28bc1182610ea064a3c9622db759405d325445f51528e1f2f43d6d1a5

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1 
Host: www.betips.win
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.betips.win/?utm_source=nigap40&utm_medium=month09&utm_campaign=start
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.212.3
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 29 Nov 2022 22:54:06 GMT
content-length: 4619
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 21:43:21 GMT
last-modified: Tue, 12 Apr 2022 15:26:24 GMT
content-encoding: br
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
strict-transport-security: max-age=15724800; includeSubDomains
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (15660)
Size:   4619
Md5:    0232689bd203f330529b36a437f41a68
Sha1:   9046583f7469ad38297969f10a9513eb895d5316
Sha256: feea9f30a6e454579bbeabf236b7abdb0c7de84dd2852422555ad67348c5e886
                                        
                                            GET /wp-content/plugins/metronet-profile-picture/js/mpp-frontend.js?ver=2.6.0 HTTP/1.1 
Host: www.betips.win
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.betips.win/?utm_source=nigap40&utm_medium=month09&utm_campaign=start
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.212.3
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 29 Nov 2022 22:54:06 GMT
content-length: 159
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 21:43:19 GMT
last-modified: Fri, 25 Jun 2021 20:55:05 GMT
content-encoding: br
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
strict-transport-security: max-age=15724800; includeSubDomains
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   159
Md5:    212f9d380b0584a4437b56d1a7ce4cb5
Sha1:   862c0fdc84ff80b3d445e55c0d345acc4a5e3857
Sha256: 53ce8cfd11aacf965d916f6dd5996d56470606ca27754bf4af1b646a6c3f4f8f
                                        
                                            GET /gtag/js?id=UA-110059757-1 HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.betips.win/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.168
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 29 Nov 2022 22:54:06 GMT
expires: Tue, 29 Nov 2022 22:54:06 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44650
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1921)
Size:   44650
Md5:    df96116a6fc9cfc4d57f914062787cb5
Sha1:   1581f6a79f0bbdb424b854d01a7e89c1aa500635
Sha256: 8870139af0d70d75d086c226f6689450660eb02116efa159992ff7f742564791
                                        
                                            GET /wp-content/plugins/content-views-query-and-display-post-page/public/assets/js/cv.js?ver=2.5.0.1 HTTP/1.1 
Host: www.betips.win
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.betips.win/?utm_source=nigap40&utm_medium=month09&utm_campaign=start
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.212.3
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 29 Nov 2022 22:54:06 GMT
content-length: 6437
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 21:43:19 GMT
last-modified: Wed, 23 Nov 2022 08:55:06 GMT
content-encoding: br
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
strict-transport-security: max-age=15724800; includeSubDomains
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (12198), with CRLF line terminators
Size:   6437
Md5:    17ba3b5bde2d5c50f406bf7b695883e5
Sha1:   80c58755fb1be23a1608d7c8c59b94167661ce69
Sha256: d9d6d3ee5f6c1d1d94de42455932e2cdd3a338e16faa17254f31f1312e9f638c
                                        
                                            GET /wp-content/themes/twentytwentyone/assets/js/primary-navigation.js?ver=1.0.0 HTTP/1.1 
Host: www.betips.win
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.betips.win/?utm_source=nigap40&utm_medium=month09&utm_campaign=start
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.212.3
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 29 Nov 2022 22:54:06 GMT
content-length: 1734
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 21:43:20 GMT
last-modified: Wed, 02 Nov 2022 09:59:18 GMT
content-encoding: br
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
strict-transport-security: max-age=15724800; includeSubDomains
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   1734
Md5:    7c9d3d98911633cadcf296ba6b177ee3
Sha1:   1ac142f2f004745084c90afeb51585c51fd51d2b
Sha256: e2ac51eff7c24198ce018e45b2e1ad648c344e3fe4d55c26a08b5429b320a7e8
                                        
                                            GET /wp-content/themes/twentytwentyone/assets/js/responsive-embeds.js?ver=1.0.0 HTTP/1.1 
Host: www.betips.win
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.betips.win/?utm_source=nigap40&utm_medium=month09&utm_campaign=start
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.212.3
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 29 Nov 2022 22:54:06 GMT
content-length: 483
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 21:43:20 GMT
last-modified: Wed, 02 Nov 2022 09:59:18 GMT
content-encoding: br
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
strict-transport-security: max-age=15724800; includeSubDomains
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   483
Md5:    faf9832786a16e385ee3039997413a50
Sha1:   b0d6d6ef09501bd453ad82b6439c922662c7f443
Sha256: 948eba814bcd0a656a3f17428fee0fb8af234daddfab942b3943a805349e3049

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/wp-smushit/app/assets/js/smush-lazy-load.min.js?ver=3.12.4 HTTP/1.1 
Host: www.betips.win
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.betips.win/?utm_source=nigap40&utm_medium=month09&utm_campaign=start
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.212.3
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 29 Nov 2022 22:54:06 GMT
content-length: 3544
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 21:43:20 GMT
last-modified: Thu, 17 Nov 2022 20:55:16 GMT
content-encoding: br
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
strict-transport-security: max-age=15724800; includeSubDomains
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (7874)
Size:   3544
Md5:    cd61520ca6e47a72be415a7371cd27e2
Sha1:   d6f8ef266d0f5eb9f8ff24119926cca2975ec165
Sha256: a6d877f38d2e69a68cae07c058c660a6196c11cf3fa3ab68c3b00f02d9a19878

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/themes/twentytwentyone/assets/css/print.css?ver=1.0.0 HTTP/1.1 
Host: www.betips.win
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.betips.win/?utm_source=nigap40&utm_medium=month09&utm_campaign=start
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.212.3
HTTP/2 200 OK
content-type: text/css
                                        
date: Tue, 29 Nov 2022 22:54:06 GMT
content-length: 962
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 21:43:22 GMT
last-modified: Wed, 02 Nov 2022 09:59:18 GMT
content-encoding: br
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
strict-transport-security: max-age=15724800; includeSubDomains
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   962
Md5:    f995de76ac47fdf4f7d3f0fc15a60aa3
Sha1:   70114f62052bb22de910c9ba5877f1682d7f0f11
Sha256: 3a4a67744f54e54d45004b8e0e571d29f2e7168236f2d7ce44c9ff0208d60a88

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 22:54:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2645
Expires: Tue, 29 Nov 2022 23:38:12 GMT
Date: Tue, 29 Nov 2022 22:54:07 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2645
Expires: Tue, 29 Nov 2022 23:38:12 GMT
Date: Tue, 29 Nov 2022 22:54:07 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2645
Expires: Tue, 29 Nov 2022 23:38:12 GMT
Date: Tue, 29 Nov 2022 22:54:07 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2645
Expires: Tue, 29 Nov 2022 23:38:12 GMT
Date: Tue, 29 Nov 2022 22:54:07 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29e8368b-e5a8-4256-a456-b724e13819e4.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10068
x-amzn-requestid: 7f386e94-3c17-44a1-a36b-3d0eeff4623d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhGvEQQoAMFihA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867bc4-5069acfd038ffb2c124b7bd8;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:38:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Bh6VQ3BLEXcZKHFyJxHVGQWVQm-w2s0786t8SQOcHQUaNvSFc1rg-A==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:52:51 GMT
etag: "639165dc66d171b8266f22cd495181427112bc80"
age: 3676
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10068
Md5:    f621857774e4b4adda95f58081644859
Sha1:   639165dc66d171b8266f22cd495181427112bc80
Sha256: 341fd33d3d9486079c182d60e21c355244b6597e6e09ba51ecee2e331b38ca2e
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde294fb7-e851-4e57-83be-aa3374862dcb.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7971
x-amzn-requestid: e47d10e4-2b60-4998-b5fa-5b145e60aac2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhgWHgGoAMFcLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867c68-5b9710a07b0a59730e73dce4;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:40:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: OURSF_raDXrHV3-3ScaEdorNpW9ZKSIQjv6WUCQYHhruGz372BU_QA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:58:15 GMT
age: 3352
etag: "87447d20e9c0a6a6aeefe6ca107f93cd3598cd0d"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7971
Md5:    9e135c29a8769eb12ef8c26f99097400
Sha1:   87447d20e9c0a6a6aeefe6ca107f93cd3598cd0d
Sha256: ce41ff79c382efc54aa2fd3ab64293d2d2b706a7f21585f4bd8bbcd9a3566126
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87a30da8-85ab-41b8-bac9-b9c57f447d6a.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9670
x-amzn-requestid: d9a529ac-9dc6-4e12-80c5-3250dc97e7bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDcFiAoAMF0nA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-116ddf09265d51523c3638b3;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5BnByLndiK0korBr44MDgK6sgRBPooy2LE_2NjVIQhiTfmAdLupnZw==
via: 1.1 b23fb37cd7fff033ab21e3284f558a28.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:49:34 GMT
age: 3873
etag: "3d8c927b6945d880f92d4e7a686cad5a9985e8ad"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9670
Md5:    33ee67e62c49fc8d51f18df313002aac
Sha1:   3d8c927b6945d880f92d4e7a686cad5a9985e8ad
Sha256: ba6e66e07cd93219926927fd2b468a92b8d02cc9bf1da0b3b9a3c48da160bbdc
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7f230eb-6b67-4a80-b973-d8ea78fe73ae.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12853
x-amzn-requestid: 25e4402d-98d0-4c38-a927-397c37724bea
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhdpHAuIAMFweQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867c57-506672a36959d9ea09ef5155;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:40:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: gHL2sFE-o1u5kEIUiabbP6u5CXr3ihI4mKiAVkfReyuJuTF5k5ktSg==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:17:16 GMT
age: 2211
etag: "151b60134a66305bd72dbb3810f67a57720b2af1"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   12853
Md5:    e08af5b1d18986e112913c6e69cc8ce6
Sha1:   151b60134a66305bd72dbb3810f67a57720b2af1
Sha256: 555a62d98f4002ad187a6b480d534a1dbe3c64d1f4d17cffad2ab985c10ca462
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb1888-5971-4b4a-923b-dc9d4050182b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7298
x-amzn-requestid: 381e55bb-876b-46ad-84b6-1ddf9f876f56
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDcE3poAMFaAA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-7c12394600900afc7281e858;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 8heT2eN5oLbO14R9qLq78Vma_TkteufTyKM5i3K2XoJYXfWNwLMEwQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:56:25 GMT
age: 3462
etag: "e4ddf955e8ac1986045ed55880c43c69e588a021"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7298
Md5:    e00769bd1391b8f4f5b8ab128a825355
Sha1:   e4ddf955e8ac1986045ed55880c43c69e588a021
Sha256: 81ca4d20c28fed8fd3135515daadc1fdbfb4198535d7c46021b418b8b98e59a5
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8af12b89-c1a0-4a2a-aa29-cd6dea02f435.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8288
x-amzn-requestid: 8b48ce45-1c30-4ea3-8cef-bf3b2e7f106f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgEgFcUIAMFkSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a1c-20e896a62338c6dc45c1ca2a;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:08 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _lR7GBAOjVmu9IrBxMWa1Y6K_1wp56AqQaxI7xZlpwsF7XWz8RpbzQ==
via: 1.1 1570d93226c1bbca2ebaad510cff3e0c.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:43:56 GMT
age: 4211
etag: "268e6202466941e612ff503835de9091ef4d5b38"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8288
Md5:    2cd563ab005d968185c8d000e38b88c2
Sha1:   268e6202466941e612ff503835de9091ef4d5b38
Sha256: 272c867dcc37d97f8682e8f3aa11a567a401b4d4d78e890b0eb94a3c77ea5000
                                        
                                            GET /wp-content/uploads/2019/10/cropped-cats-192x192.png HTTP/1.1 
Host: www.betips.win
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.betips.win/?utm_source=nigap40&utm_medium=month09&utm_campaign=start
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.212.3
HTTP/2 200 OK
content-type: image/png
                                        
date: Tue, 29 Nov 2022 22:54:07 GMT
content-length: 37513
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 21:43:26 GMT
last-modified: Thu, 24 Oct 2019 04:44:36 GMT
x-turbo-charged-by: LiteSpeed
strict-transport-security: max-age=15724800; includeSubDomains
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size:   37513
Md5:    2de3d7ce7034112c3b550629771ecfe2
Sha1:   d71719df7d5ed825b5b0c9ea14660907aa49cc9b
Sha256: 606d7cc019ac458b76a552152a3c8f4f05c5e7422df28179da3fa78eeb35867e
                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.betips.win/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.110
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Tue, 29 Nov 2022 22:41:08 GMT
expires: Wed, 30 Nov 2022 00:41:08 GMT
cache-control: public, max-age=7200
age: 779
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   20039
Md5:    47e6f374ca946fddd5b59871b325736c
Sha1:   baa9282efc8785e84d247c3bff518eaa45f101c4
Sha256: 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 22:54:07 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 27 Nov 2022 12:04:33 GMT
Expires: Sun, 04 Dec 2022 12:04:32 GMT
Etag: "43e4fe49339a5fda98cc2189d8f7d1674b13acab"
Cache-Control: max-age=392424,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 771eec5f9eedb4f7-OSL

                                        
                                            GET /pop.js HTTP/1.1 
Host: c1.popads.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.betips.win
Connection: keep-alive
Referer: https://www.betips.win/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         185.76.9.22
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
date: Tue, 29 Nov 2022 22:54:07 GMT
alt-svc: quic="185.76.9.20:443"; ma=2592000; v="44,43,39"
last-modified: Sun, 03 Jul 2022 20:49:14 GMT
etag: W/"62c200ca-7b48"
access-control-allow-origin: *
x-accel-expires: @1670360536
server: CDN77-Turbo
x-77-nzt: AblMCRRfkwb/t7EGAA
x-77-nzt-ray: af585630068dd0dd8f8d86636ddf540a
x-cache: HIT
x-age: 438711
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (1568), with CRLF line terminators
Size:   9875
Md5:    71ab5d3fd771ded6b5a071e51547c6e0
Sha1:   64591a18d1699d51daf11bc7947199af6f7645e1
Sha256: ed869284f62fa7d03a89685849c192511642d62ef8e717ee0d6f02e2b2853134
                                        
                                            GET / HTTP/1.1 
Host: 6.adsco.re
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.betips.win
Connection: keep-alive
Referer: https://www.betips.win/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         104.17.166.186
HTTP/2 200 OK
content-type: text/plain;charset=UTF-8
                                        
date: Tue, 29 Nov 2022 22:54:07 GMT
content-length: 0
access-control-allow-origin: https://www.betips.win
cache-control: private, max-age=10
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-max-age: 2592000
vary: Accept-Encoding
server: cloudflare
cf-ray: 771eec60f9cbb500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            GET / HTTP/1.1 
Host: 4.adsco.re
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.betips.win
Connection: keep-alive
Referer: https://www.betips.win/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         162.252.214.5
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Tue, 29 Nov 2022 22:54:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: https://www.betips.win
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   62
Md5:    adde5febc7b5b6c2c759ec735cce83a0
Sha1:   77ec17be8a9970ff04663294d41c590d0d24fde4
Sha256: ce2b9f2e5005195de7add565505005be6f2ef0d37521771e15106d1e1b9260ff
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "D4C72521FE1B119A37D1CEBFEE005AE39101A01ECBD10D14AD6383958DD3C1B8"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13863
Expires: Wed, 30 Nov 2022 02:45:10 GMT
Date: Tue, 29 Nov 2022 22:54:07 GMT
Connection: keep-alive

                                        
                                            POST /g/collect?v=2&tid=G-7R4BTC3HXH&gtm=2oeb90&_p=1476760578&cid=733510095.1669762446&ul=en-us&sr=1280x1024&_s=1&sid=1669762446&sct=1&seg=0&dl=https%3A%2F%2Fwww.betips.win%2F%3Futm_source%3Dnigap40%26utm_medium%3Dmonth09%26utm_campaign%3Dstart&dt=DAILY%20FREE%20BETTING%20TIPS%20%E2%80%94%20GET%20SURE%20WIN%20FROM%20BETIPS.WIN&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1 
Host: region1.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.betips.win
Connection: keep-alive
Referer: https://www.betips.win/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

search
                                         216.239.34.36
HTTP/2 204 No Content
content-type: text/plain
                                        
access-control-allow-origin: https://www.betips.win
date: Tue, 29 Nov 2022 22:54:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            GET /wp-content/uploads/2019/10/cropped-cats-32x32.png HTTP/1.1 
Host: www.betips.win
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.betips.win/?utm_source=nigap40&utm_medium=month09&utm_campaign=start
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.212.3
HTTP/2 200 OK
content-type: image/png
                                        
date: Tue, 29 Nov 2022 22:54:07 GMT
content-length: 2716
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 22:54:07 GMT
last-modified: Thu, 24 Oct 2019 04:44:37 GMT
x-turbo-charged-by: LiteSpeed
strict-transport-security: max-age=15724800; includeSubDomains
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size:   2716
Md5:    8e8b08eacfd4f99cff96e587c25576be
Sha1:   9d7591bd6e070669593c306027a054bd7bbec978
Sha256: d46d25bd31b49c5f782f63d036d348e3ec0eda26216a8def28d25d5b3cb354a1
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 22:54:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-110059757-1&cid=733510095.1669762446&jid=979081368&gjid=93966568&_gid=531111828.1669762446&_u=YADAAUAAAAAAACAAI~&z=94221184 HTTP/1.1 
Host: stats.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.betips.win
Connection: keep-alive
Referer: https://www.betips.win/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         74.125.131.154
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin: https://www.betips.win
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 29 Nov 2022 22:54:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   4
Md5:    48c0473b7821185d937e685216e2168b
Sha1:   3743e47f8a429a5e87b86cb582d78940733d9d2e
Sha256: 570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 22:54:07 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 27 Nov 2022 05:03:54 GMT
Expires: Sun, 04 Dec 2022 05:03:53 GMT
Etag: "43de09bad113104e018e98b35682e9d67af8689e"
Cache-Control: max-age=367185,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 771eec634b08b4f7-OSL

                                        
                                            GET /wp-content/uploads/2022/11/WhatsApp-Image-2022-11-29-at-01.01.27-300x300.jpeg HTTP/1.1 
Host: www.betips.win
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.betips.win/?utm_source=nigap40&utm_medium=month09&utm_campaign=start
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.212.3
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Tue, 29 Nov 2022 22:54:07 GMT
content-length: 20987
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 22:54:07 GMT
last-modified: Mon, 28 Nov 2022 22:07:33 GMT
x-turbo-charged-by: LiteSpeed
strict-transport-security: max-age=15724800; includeSubDomains
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x300, components 3\012- data
Size:   20987
Md5:    7c573e4a45b91695b590fbbf796c7d58
Sha1:   294c6d47e1602e9cd2d1199f9b105ee9931578aa
Sha256: 41e11c64cfb3eca67131ed9ce407c84265f75a0134f955ec0c50fdd8eb1708ef

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 22:54:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: w7rbnctwumah.n4.adsco.re
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://www.betips.win
Connection: keep-alive
Referer: https://www.betips.win/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         38.132.109.186
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Date: Tue, 29 Nov 2022 22:54:07 GMT
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:32:42 GMT
Connection: close
ETag: "5b5f2f9a-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes

                                        
                                            POST /p HTTP/1.1 
Host: adsco.re
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 1971
Origin: https://www.betips.win
Connection: keep-alive
Referer: https://www.betips.win/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         162.252.214.5
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Tue, 29 Nov 2022 22:54:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
AS-P-1: OK lon123
AS-P-2: OK
AS-P-3: OK
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Access-Control-Allow-Origin: https://www.betips.win
Access-Control-Allow-Credentials: true
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   171
Md5:    71868d4e2bffae6be0b1cc69ef2e7205
Sha1:   8fb6e7b361392eaa31b228ad2455d4c1e1e33c72
Sha256: 0e4541fe49536eaf91ecb9836069a82dfd32d5661e110f0307988285615f9858
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "9D7E02CD4EFEABAB4225D9A9F52DDA11BBE5AD691DEE225306D99FC1912C4AAD"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10604
Expires: Wed, 30 Nov 2022 01:50:52 GMT
Date: Tue, 29 Nov 2022 22:54:08 GMT
Connection: keep-alive

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 22:54:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 22:54:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-110059757-1&cid=733510095.1669762446&jid=979081368&_u=YADAAUAAAAAAACAAI~&z=360375784 HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.betips.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.132
HTTP/2 200 OK
content-type: image/gif
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 29 Nov 2022 22:54:08 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-110059757-1&cid=733510095.1669762446&jid=979081368&_u=YADAAUAAAAAAACAAI~&z=360375784 HTTP/1.1 
Host: www.google.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.betips.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.67
HTTP/2 200 OK
content-type: image/gif
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 29 Nov 2022 22:54:08 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 22:54:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 22:54:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /assets/images/kagwirawo-728x90.gif HTTP/1.1 
Host: cdn.kagwirawo.co.ug
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.betips.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         154.0.130.22
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Tue, 29 Nov 2022 22:56:16 GMT
Server: Apache/2.4.23 (Linux/SUSE)
Last-Modified: Tue, 22 Nov 2022 13:29:35 GMT
ETag: "743e-5ee0f29b803d3"
Accept-Ranges: bytes
Content-Length: 29758
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 728 x 90\012- data
Size:   29758
Md5:    c4b9358d6ef02fefee8e966edd3beeeb
Sha1:   905e63c2e38de2fd0d1865955be01d10f9861f2f
Sha256: a4c0ccff4745fcf14c3a56afed55c4d4ca4b4f018b4506dc49f4e948b843bc4b
                                        
                                            POST / HTTP/1.1 
Host: w7rbnctwumah.s4.adsco.re
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://www.betips.win
Connection: keep-alive
Referer: https://www.betips.win/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         185.200.116.90
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Date: Tue, 29 Nov 2022 22:54:08 GMT
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:38:01 GMT
Connection: close
ETag: "5b5f30d9-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 22:54:08 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 27 Nov 2022 04:03:54 GMT
Expires: Sun, 04 Dec 2022 04:03:53 GMT
Etag: "838ba9c3b2200f37fea0a5d22c0df71bb73f16b5"
Cache-Control: max-age=363584,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 771eec670faab4f7-OSL

                                        
                                            GET /c?_=BAYAY4aNkAFjho2QgAGBAsAAIIDPGFv80qavdSupKy88H8yVx0jERBhNvLBoRV2dtZW1wQBIMEYCIQDj4P0dGhZzf_BVZSuxaPFbymd3m8dD2P__YBegxXSGzwIhAOVmrBHUg-uxHQm-vhHnNIyrMk2X4jRswBeh2zxLsap6&v=4&siteId=2807472&minBid=1&popundersPerIP=0,0&blockedCountries=&documentRef=&s=1280,1024,1,1280,1024,0 HTTP/1.1 
Host: serve.popads.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.betips.win/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         216.21.13.11
HTTP/1.1 200 OK
content-type: text/javascript;charset=UTF-8
                                        
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
access-control-allow-origin: *
asf: 9
popads-ec: ASB
content-length: 44
date: Tue, 29 Nov 2022 22:54:08 GMT


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   44
Md5:    d5f0a25e4d3522d56d48ce7bc3e518fb
Sha1:   86794caff58f7fee6e684c2ba7195f970a8d6f4c
Sha256: 9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5
                                        
                                            GET /wp-content/uploads/2022/11/betwinner.jpg HTTP/1.1 
Host: www.betips.win
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.betips.win/?utm_source=nigap40&utm_medium=month09&utm_campaign=start
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.0.212.3
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Tue, 29 Nov 2022 22:54:06 GMT
content-length: 47265
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 21:43:21 GMT
last-modified: Tue, 15 Nov 2022 17:38:15 GMT
x-turbo-charged-by: LiteSpeed
strict-transport-security: max-age=15724800; includeSubDomains
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET / HTTP/1.1 
Host: c.adsco.re
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.betips.win/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.17.167.186
HTTP/2 200 OK
content-type: text/html
                                        
date: Tue, 29 Nov 2022 22:54:07 GMT
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Fri, 30 Dec 2022 22:54:07 GMT
etag: W/"n/ARilLrRVDeZNVpaPOsXg=="
cf-cache-status: HIT
age: 887697
vary: Accept-Encoding
server: cloudflare
cf-ray: 771eec5feee6b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---