Report - www.2026bet365u.com/

Report Overview

Submitted URL
www.2026bet365u.com/
IP
103.188.120.97
ASN
#0
Submitted
2023-02-08 16:06:03
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
226

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	35.81.123.193
www.2026bet365u.com	unknown	2023-01-08T16:06:35Z	2023-02-08T16:34:23Z	20 kB	847 kB	103.188.120.97
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	52 kB	34.120.237.76
asfgasg1619asfqsgf.luckyeasypla.com	unknown	2022-09-03T11:44:20Z	2023-03-13T06:44:28Z	2.2 kB	1.1 MB	103.183.199.103
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	4.4 kB	12 kB	23.33.119.27
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-02-08	medium	www.2026bet365u.com/	Bet365
2023-02-08	medium	www.2026bet365u.com/	Bet365
2023-02-08	medium	www.2026bet365u.com/	Bet365
2023-02-08	medium	www.2026bet365u.com/	Bet365
2023-02-08	medium	www.2026bet365u.com/	Bet365
2023-02-08	medium	www.2026bet365u.com/	Bet365
2023-02-08	medium	www.2026bet365u.com/	Bet365
2023-02-08	medium	www.2026bet365u.com/	Bet365
2023-02-08	medium	www.2026bet365u.com/	Bet365
2023-02-08	medium	www.2026bet365u.com/	Bet365
2023-02-08	medium	www.2026bet365u.com/	Bet365
2023-02-08	medium	www.2026bet365u.com/	Bet365
2023-02-08	medium	www.2026bet365u.com/	Bet365
2023-02-08	medium	www.2026bet365u.com/	Bet365
2023-02-08	medium	www.2026bet365u.com/	Bet365
2023-02-08	medium	www.2026bet365u.com/	Bet365
2023-02-08	medium	www.2026bet365u.com/	Bet365
2023-02-08	medium	www.2026bet365u.com/	Bet365
2023-02-08	medium	www.2026bet365u.com/	Bet365
2023-02-08	medium	www.2026bet365u.com/	Bet365
2023-02-08	medium	www.2026bet365u.com/	Bet365
2023-02-08	medium	www.2026bet365u.com/	Bet365
2023-02-08	medium	www.2026bet365u.com/	Bet365
2023-02-08	medium	www.2026bet365u.com/	Bet365
2023-02-08	medium	www.2026bet365u.com/	Bet365
2023-02-08	medium	www.2026bet365u.com/	Bet365
2023-02-08	medium	www.2026bet365u.com/	Bet365
2023-02-08	medium	www.2026bet365u.com/	Bet365
2023-02-08	medium	www.2026bet365u.com/	Bet365
2023-02-08	medium	www.2026bet365u.com/	Bet365
2023-02-08	medium	www.2026bet365u.com/	Bet365
2023-02-08	medium	www.2026bet365u.com/	Bet365
2023-02-08	medium	www.2026bet365u.com/	Bet365
2023-02-08	medium	www.2026bet365u.com/	Bet365
2023-02-08	medium	www.2026bet365u.com/	Bet365
2023-02-08	medium	www.2026bet365u.com/	Bet365
2023-02-08	medium	www.2026bet365u.com/	Bet365
2023-02-08	medium	www.2026bet365u.com/	Bet365
2023-02-08	medium	www.2026bet365u.com/	Bet365
2023-02-08	medium	www.2026bet365u.com/	Bet365
2023-02-08	medium	www.2026bet365u.com/	Bet365
2023-02-08	medium	www.2026bet365u.com/	Bet365
2023-02-08	medium	www.2026bet365u.com/	Bet365
2023-02-08	medium	www.2026bet365u.com/	Bet365
2023-02-08	medium	www.2026bet365u.com/	Bet365

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-02-08	medium	www.2026bet365u.com/	Phishing
2023-02-08	medium	www.2026bet365u.com/	Phishing
2023-02-08	medium	www.2026bet365u.com/theme.config.44d1ee51.js	Phishing
2023-02-08	medium	www.2026bet365u.com/js/chunk-common.81d7a84a.js	Phishing
2023-02-08	medium	www.2026bet365u.com/js/index.e38ee93e.js	Phishing
2023-02-08	medium	www.2026bet365u.com/js/chunk-vendors.1f6ff71b.js	Phishing
2023-02-08	medium	www.2026bet365u.com/js/home.0b9907d2.js	Phishing
2023-02-08	medium	www.2026bet365u.com/js/pc.floatpopup.57aec2f4.js	Phishing
2023-02-08	medium	www.2026bet365u.com/js/pc.scene171floatslider.283a6188.js	Phishing
2023-02-08	medium	www.2026bet365u.com/js/pc.scene171home.d66f5cac.js	Phishing
2023-02-08	medium	www.2026bet365u.com/js/pc.scene171header.1feb6eee.js	Phishing
2023-02-08	medium	www.2026bet365u.com/js/pc.scence171homefooter.666b663f.js	Phishing
2023-02-08	medium	www.2026bet365u.com/api/config/system	Phishing
2023-02-08	medium	www.2026bet365u.com/api/tenant/float/list	Phishing
2023-02-08	medium	www.2026bet365u.com/api/banner/list	Phishing
2023-02-08	medium	www.2026bet365u.com/api/game/gameBarNew	Phishing
2023-02-08	medium	www.2026bet365u.com/kc215/noData/cms_noimg.png?1673924680626	Phishing
2023-02-08	medium	www.2026bet365u.com/kc215/noData/cms_game_noimg.png?1673924680626	Phishing
2023-02-08	medium	www.2026bet365u.com/api/tenant/domain/list	Phishing
2023-02-08	medium	www.2026bet365u.com/kc215/logo/logo.png?1673924680626	Phishing
2023-02-08	medium	www.2026bet365u.com/js/42480.6271432b.js	Phishing
2023-02-08	medium	www.2026bet365u.com/js/81354.ac91c7ab.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-02-08	medium	2026bet365u.com	Sinkholed
2023-02-08	medium	2026bet365u.com	Sinkholed
2023-02-08	medium	2026bet365u.com	Sinkholed
2023-02-08	medium	2026bet365u.com	Sinkholed
2023-02-08	medium	2026bet365u.com	Sinkholed
2023-02-08	medium	2026bet365u.com	Sinkholed
2023-02-08	medium	2026bet365u.com	Sinkholed
2023-02-08	medium	2026bet365u.com	Sinkholed
2023-02-08	medium	2026bet365u.com	Sinkholed
2023-02-08	medium	2026bet365u.com	Sinkholed
2023-02-08	medium	2026bet365u.com	Sinkholed
2023-02-08	medium	2026bet365u.com	Sinkholed
2023-02-08	medium	2026bet365u.com	Sinkholed
2023-02-08	medium	2026bet365u.com	Sinkholed
2023-02-08	medium	2026bet365u.com	Sinkholed
2023-02-08	medium	2026bet365u.com	Sinkholed
2023-02-08	medium	2026bet365u.com	Sinkholed
2023-02-08	medium	2026bet365u.com	Sinkholed
2023-02-08	medium	2026bet365u.com	Sinkholed
2023-02-08	medium	2026bet365u.com	Sinkholed
2023-02-08	medium	2026bet365u.com	Sinkholed
2023-02-08	medium	2026bet365u.com	Sinkholed
2023-02-08	medium	2026bet365u.com	Sinkholed
2023-02-08	medium	2026bet365u.com	Sinkholed
2023-02-08	medium	2026bet365u.com	Sinkholed
2023-02-08	medium	2026bet365u.com	Sinkholed
2023-02-08	medium	2026bet365u.com	Sinkholed
2023-02-08	medium	2026bet365u.com	Sinkholed
2023-02-08	medium	2026bet365u.com	Sinkholed
2023-02-08	medium	2026bet365u.com	Sinkholed
2023-02-08	medium	2026bet365u.com	Sinkholed
2023-02-08	medium	2026bet365u.com	Sinkholed
2023-02-08	medium	2026bet365u.com	Sinkholed
2023-02-08	medium	2026bet365u.com	Sinkholed
2023-02-08	medium	2026bet365u.com	Sinkholed
2023-02-08	medium	2026bet365u.com	Sinkholed
2023-02-08	medium	2026bet365u.com	Sinkholed
2023-02-08	medium	2026bet365u.com	Sinkholed
2023-02-08	medium	2026bet365u.com	Sinkholed
2023-02-08	medium	2026bet365u.com	Sinkholed
2023-02-08	medium	2026bet365u.com	Sinkholed
2023-02-08	medium	2026bet365u.com	Sinkholed
2023-02-08	medium	2026bet365u.com	Sinkholed
2023-02-08	medium	2026bet365u.com	Sinkholed
2023-02-08	medium	2026bet365u.com	Sinkholed
2023-02-08	medium	2026bet365u.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (16)

	URL	Size	First Seen	Last Seen
	www.2026bet365u.com/js/pc.scene171floatslider.283a6188.js	3.8 kB	2023-03-13	2023-07-19
Pretty URL www.2026bet365u.com/js/pc.scene171floatslider.283a6188.js IP 103.183.199.71 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 01:58:05 Last Seen2023-07-19 02:03:23 Times Seen295 Hash e081cc48065f573cabc709efa010129a 908c95ff575750685705bc531956268de9386721 0a927036fbdd98f0caba60d4a5eae2375973b00dcf7f4a86811849313b7ca3d2 Loading...

	www.2026bet365u.com/	459 B	2023-03-12	2023-03-13
Pretty URL www.2026bet365u.com/ IP 103.188.120.97 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 20:41:22 Last Seen2023-03-13 22:37:21 Times Seen1 Hash e9fefb93a63617d60c3210c2b9ae6470 e0362e032b97390fb8c86cc7a255f21d13056bd7 92df41397d3ca098db56479e2db6849ba355aeb941e5eaba167bd37c99165bdf Loading...

	www.2026bet365u.com/js/index.e38ee93e.js	333 kB	2023-03-13	2023-03-13
Pretty URL www.2026bet365u.com/js/index.e38ee93e.js IP 103.183.199.71 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:20:39 Last Seen2023-03-13 22:37:21 Times Seen1 Hash 2d37c5d66cb049b9dae22e2aa083cfc0 7ec11d148193e0d0abe1bee9217a673ab3a681e2 73c341b6ce8f72653c445773f97cb469e1616ead760b3ac25afa413a3c8525fc Loading...

	www.2026bet365u.com/js/home.0b9907d2.js	1.4 kB	2023-03-13	2023-04-12
Pretty URL www.2026bet365u.com/js/home.0b9907d2.js IP 103.183.199.71 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:20:39 Last Seen2023-04-12 21:19:58 Times Seen9 Hash 64d3ebcf27b28fac82d4544dbd97d843 c7e339688b4d1272af9b1fffbe33daf37d1cf3c4 e5634d99f73596a4c0bbf7abc6af010204158be04ad281b9ab27cce7b36d35c5 Loading...

	www.2026bet365u.com/js/pc.scene171home.d66f5cac.js	9.6 kB	2023-03-13	2023-04-13
Pretty URL www.2026bet365u.com/js/pc.scene171home.d66f5cac.js IP 103.183.199.71 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:20:39 Last Seen2023-04-13 07:01:15 Times Seen4 Hash 3566cadcbe0f2840706fc2da72358624 8892e25221e3c15b53445ea5b3acb6835e9cce61 8c42416e56ed8c143d6dfc69a3917647b9471a6012854d2d8ee11ad38a2dcfdb Loading...

	www.2026bet365u.com/js/81354.ac91c7ab.js	55 kB	2023-03-08	2023-12-12
Pretty URL www.2026bet365u.com/js/81354.ac91c7ab.js IP 103.183.199.71 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:23:49 Last Seen2023-12-12 15:18:07 Times Seen941 Hash 58758475c20f3eaabe726a5d412a3d53 d8c55eb2e3545b9ca4a8be736b7d1b7d1c7cae49 e913a3f7434cc135875794d8d3298f2c638463e46de474dd584b1509972c67b8 Loading...

	www.2026bet365u.com/	434 B	2023-03-08	2023-04-05
Pretty URL www.2026bet365u.com/ IP 103.188.120.97 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:23:49 Last Seen2023-04-05 01:38:38 Times Seen119 Hash ebfb91a8f8326fcfbc6199f15d402633 32f9e421a5968f9887ba7f8f1d99526c60906499 baff60f828dd9707265d163a4d1c6c0fe1ddcf76039f1780935ed492314779ba Loading...

	www.2026bet365u.com/js/pc.floatpopup.57aec2f4.js	4.2 kB	2023-03-12	2023-08-04
Pretty URL www.2026bet365u.com/js/pc.floatpopup.57aec2f4.js IP 103.183.199.71 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 17:09:35 Last Seen2023-08-04 01:37:29 Times Seen153 Hash 3532ec69a215982502ff99ec4efe69d2 142b08a5269b68995b4a49cc8bece306c2f068e0 eb60fa8eb3ef1d68416f743f6edcd1f746c6d884f10109b7dd4b4276b5451074 Loading...

	www.2026bet365u.com/js/42480.6271432b.js	75 B	2023-03-08	2023-12-12
Pretty URL www.2026bet365u.com/js/42480.6271432b.js IP 103.183.199.71 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:23:49 Last Seen2023-12-12 15:18:07 Times Seen1004 Hash 6c6f95c1c4a9b0768a7c8122a384e603 26e3ed3483802652f86fb66d1ee431afbdcc42fe 1ea142e3274580463ead5ef373b4e9b815bff5d1165b6a9737827deb5c70dcd6 Loading...

	www.2026bet365u.com/	1.1 kB	2023-03-08	2023-04-05
Pretty URL www.2026bet365u.com/ IP 103.188.120.97 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:44:44 Last Seen2023-04-05 01:38:38 Times Seen126 Hash 0cf7a3fd268792d144e0aa8bd34c3482 554df030be25327053666070b717f3c40d83a8e3 6ae42a98f031edf6ecc71cda26b09e2ed388a3095acd86d7ef23c5750eea38de Loading...

	www.2026bet365u.com/	536 B	2023-03-08	2023-04-05
Pretty URL www.2026bet365u.com/ IP 103.188.120.97 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:23:49 Last Seen2023-04-05 01:38:38 Times Seen126 Hash bcc2efec6ca86fca4f05f277c2126811 8bcd60e121821969ab1b0606ab8668c31296b838 58f68883d9cb5628d610a138125da60f0f96a5182fd7228eb9bcb4620adec24c Loading...

	www.2026bet365u.com/theme.config.44d1ee51.js	102 kB	2023-03-13	2023-03-13
Pretty URL www.2026bet365u.com/theme.config.44d1ee51.js IP 103.183.199.71 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:20:39 Last Seen2023-03-13 22:37:21 Times Seen1 Hash 80865fb70e16e3ed2cd6a3b9129bb9dd e1b5885b607ffe9b1e63236707665ebdefd3f12a 8aff119257459ae013778ae9e04eab98cd980a495c7731d6a0f7c0f37dd681c8 Loading...

	www.2026bet365u.com/js/chunk-common.81d7a84a.js	249 kB	2023-03-13	2023-03-13
Pretty URL www.2026bet365u.com/js/chunk-common.81d7a84a.js IP 103.183.199.71 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:20:39 Last Seen2023-03-13 22:37:21 Times Seen1 Hash 70694f43da490a46fd29482264fc12f9 7ab5561baca965c505329d3654ee3433a66b756d a79ee5e9fed46c9a27a7b9b5bb2992580b7b27ace91ab4265f3efeb98a8168bc Loading...

	www.2026bet365u.com/js/pc.scene171header.1feb6eee.js	39 kB	2023-03-13	2023-04-13
Pretty URL www.2026bet365u.com/js/pc.scene171header.1feb6eee.js IP 103.183.199.71 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:20:39 Last Seen2023-04-13 07:01:15 Times Seen4 Hash b699ba34554e5427abba1a8f4280281c bf447f8290f90c73b30243f2f8c9a7bedf1113d5 d31fe9765a02800a935f2187f6f9db0313165fd76ef819a8a6609375d8630c69 Loading...

	www.2026bet365u.com/js/pc.scence171homefooter.666b663f.js	4.0 kB	2023-03-12	2023-07-19
Pretty URL www.2026bet365u.com/js/pc.scence171homefooter.666b663f.js IP 103.183.199.71 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 19:54:44 Last Seen2023-07-19 02:03:23 Times Seen122 Hash 5243edbda158a4b4ba6f30f762359a38 daad52b09cb25d1cef58db501c32c2c8a7e30edc e2536be364d3988180db71b07171cc45177ffd27c04baa95cfd51044da43c58e Loading...

	www.2026bet365u.com/	36 B	2023-03-08	2023-11-03
Pretty URL www.2026bet365u.com/ IP 103.188.120.97 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:23:49 Last Seen2023-11-03 04:35:43 Times Seen128 Hash 49bea4e1330b9d3f17c1c143ce23cb3e 3a8874032b5979ba1fadfe141c0ebf28baa32fc7 07f2a8f457d336c5a0cb2267f53a4be2676d30140da225305675f4b3957eb68c Loading...

HTTP Transactions (75)

URL IP Response Size

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b7407cc102d62a5acd5e61f8a79bed36
c2f4890a62454e514962b55b7fc14228339c8e90
be282de92da261128a7c8471f3067466aa9930fd0ab2a2cdda8cd2d6ce2bbd74

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE282DE92DA261128A7C8471F3067466AA9930FD0AB2A2CDDA8CD2D6CE2BBD74"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5952
Expires: Wed, 08 Feb 2023 17:45:03 GMT
Date: Wed, 08 Feb 2023 16:05:51 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
565c1bbc5c1c40be1988b3bf6fd9dc1a
cfdba5bc597130461dd67bf6cda53183be592493
60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2797
Expires: Wed, 08 Feb 2023 16:52:28 GMT
Date: Wed, 08 Feb 2023 16:05:51 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 08 Feb 2023 15:34:13 GMT
content-type: application/json
age: 1898
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cc14b0d2f7c451f6431dc87ba54d1d60
bab8bfda6fa3e2f17125353f5147211787dc25d0
b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16848
Expires: Wed, 08 Feb 2023 20:46:39 GMT
Date: Wed, 08 Feb 2023 16:05:51 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: mEtQY9KYksy5vDZgkXfZ03rlY+TcN350/GsKFo9//kkq5YjNfZBEH/TcBLu8NFF0BEp+T0jKLyM=
x-amz-request-id: CE2SCRS88AA744YT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 08 Feb 2023 15:35:59 GMT
age: 1792
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 16:05:51 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Retry-After, Content-Length, Content-Type, ETag, Cache-Control, Alert, Pragma, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 08 Feb 2023 15:14:52 GMT
age: 3060
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9b88bae61bca33aba8aa99f6128db8d9
a07b61fb2458917699613fcae68710941b595416
54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA"
Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9453
Expires: Wed, 08 Feb 2023 18:43:25 GMT
Date: Wed, 08 Feb 2023 16:05:52 GMT
Connection: keep-alive

push.services.mozilla.com/

35.81.123.193

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.81.123.193:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: jXJGlwX7mkWvLNtGIqLBQQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Vzubnpmw82ZE6rjRG0XLu/zUPho=

www.2026bet365u.com/

103.188.120.97

301 Moved Permanently

0 B

URL HTTP/1.1
www.2026bet365u.com/
IP
103.188.120.97:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bet365
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx/1.20.1
Date: Wed, 08 Feb 2023 16:05:52 GMT
Location: https://www.2026bet365u.com/
Content-Length: 0

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
388eaf803a6af78fa2c83dde869d0012
76fd05333aebc3ac9859cc9e88ad895cb6ca01ba
540bf08075914ac85152a3955ccb449475f017f002bd8412181745f8f5e11dce

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "540BF08075914AC85152A3955CCB449475F017F002BD8412181745F8F5E11DCE"
Last-Modified: Tue, 07 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Wed, 08 Feb 2023 22:05:53 GMT
Date: Wed, 08 Feb 2023 16:05:53 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2584
Expires: Wed, 08 Feb 2023 16:48:58 GMT
Date: Wed, 08 Feb 2023 16:05:54 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2584
Expires: Wed, 08 Feb 2023 16:48:58 GMT
Date: Wed, 08 Feb 2023 16:05:54 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2584
Expires: Wed, 08 Feb 2023 16:48:58 GMT
Date: Wed, 08 Feb 2023 16:05:54 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F363ca744-ffa5-4390-9968-412e24620e36.jpeg

34.120.237.76

200 OK

7.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F363ca744-ffa5-4390-9968-412e24620e36.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.8 kB (7847 bytes)
Hash
5129898de057eb92808f18d120eb7a70
eb0a900843beac5c4ee46686b89b3e8b8d77f80f
7ce3e4f7be652895e93cb8c1a9019b70d699c0a9da013d311395a6440b4e9f96

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F363ca744-ffa5-4390-9968-412e24620e36.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7847
x-amzn-requestid: 60759e32-ac58-4dda-8ea3-fd80413c0deb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_OkkEpMoAMFnGw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c483-61b8715a0da73f4526215649;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:37:07 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: TCX7ZFhV73kN0UBshXeb0qdSkY-8qdeNN6EgioqOUmSAnraEhAohMQ==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:42:11 GMT
age: 66223
etag: "eb0a900843beac5c4ee46686b89b3e8b8d77f80f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce53bc9b-2505-4efd-9151-fa75ed70138a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8703 bytes)
Hash
be9f475292d4b5b0502d4381ccdf455b
ecb943b48c822b086ea699d802f8f1bb5ee26651
ed22a5102709dc7a067107a6c0cde26931f7781065de9cee49e22de6b9086e31

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce53bc9b-2505-4efd-9151-fa75ed70138a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8703
x-amzn-requestid: 6456aa7d-11f7-4066-a833-9ac5312c0c24
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_O7JGLTIAMFqdQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c513-0679a75676cdc19251c81bdd;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:39:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: DLVp9hiUjE2w5BiukFfUMALWxvcobbJcJRO-7CdXj3cy6rAdFhPRFQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:44:01 GMT
age: 66113
etag: "ecb943b48c822b086ea699d802f8f1bb5ee26651"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f728fd1-646b-418a-ab1a-194a7bf42969.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.8 kB (6805 bytes)
Hash
c8f31c82179856e39ee5fc43d7f0b685
5b37f807a19ffc80c0b9334e6d24d5bb717496ce
c099c91c6f2125a8a89ee6e9dc0e37e2c2c9914adadb2c8b77795063baa62037

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f728fd1-646b-418a-ab1a-194a7bf42969.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6805
x-amzn-requestid: 9f067f0c-2991-41ae-8dd0-5719a5438abc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_PHwEn4IAMFvFg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c564-730d01807c13643373d64897;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:40:52 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: eSU1CSydRTodwnN5DNTXbYD3d3kYFCHiCvPRq5DZTTDSTH2L-GV_1g==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 22:19:17 GMT
age: 63997
etag: "5b37f807a19ffc80c0b9334e6d24d5bb717496ce"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8532aa1-7280-445c-9c4c-b562d09929d0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10328 bytes)
Hash
1d2eccb9280b851aa1725df5681f6bbd
b4e2b14ee5bc9ee6c9c05666c34b2d1b6ec425b5
c64ece16f4c550feb05db1bccbf74b49d839e77fea31893d48a3f0c267939c92

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8532aa1-7280-445c-9c4c-b562d09929d0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10328
x-amzn-requestid: 0b0b3fcd-416c-47ac-afa0-51be0ab85665
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_PPlGGqoAMFxYg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c596-219ee5023d71e4ce17d49233;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:41:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 1uPNh-FvA8oI5ZuruNle0ATMPSsyl-_ZjLrUnPQJrogPVREc8wrHMQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 22:12:09 GMT
etag: "b4e2b14ee5bc9ee6c9c05666c34b2d1b6ec425b5"
content-type: image/jpeg
age: 64425
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92b2ed55-154e-4ed7-a7ab-1418742cdf6e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.3 kB (7303 bytes)
Hash
7543be9bef0afb8f61344286b7136dd7
e1537aa408cde39d2a314cc2a14f7f7a04a84eb1
162f0898f88d84c8d06542e48e8ff6a903e638f2a837f32681ae1f5e28ae40d7

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92b2ed55-154e-4ed7-a7ab-1418742cdf6e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7303
x-amzn-requestid: 081c79e9-2b23-47ad-8b7d-7197c5515c0c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f58kdHMvIAMFdzg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e0a7b5-66fca524070e374310920915;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 07:09:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CV8Q0EwlleoBURF3IvwUGDm_ANrg_SINlUR3cl6OhqySJPejP6T0hg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 08:10:04 GMT
age: 28550
etag: "e1537aa408cde39d2a314cc2a14f7f7a04a84eb1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99e021e8-f66e-44fd-94ca-b30d25a8f5b4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.0 kB (4961 bytes)
Hash
544181f4aba24fc687a14522dd20f720
2b117270563b8c466ec774acce55271c38f6135b
607c45cc5b4726b92c8507988bbb90ac6a44a3cf22b290030d440266350099a1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99e021e8-f66e-44fd-94ca-b30d25a8f5b4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4961
x-amzn-requestid: c3b9db99-726f-4473-a6b6-9cff0dceb949
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fswe1GeRoAMFiAA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63db612b-17b52fcd74e374f1104af709;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 07:07:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dSxTM3mmYK8cLOy5_x4o-lew1goEgwT4fBHi0pM-HSK_qBC6rDAlzg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 15:13:11 GMT
age: 3163
etag: "2b117270563b8c466ec774acce55271c38f6135b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.2026bet365u.com/

103.183.199.71

200 OK

2.1 kB

URL HTTP/1.1
www.2026bet365u.com/
IP
103.183.199.71:0
ASN
#0

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (445)
Size
2.1 kB (2127 bytes)
Hash
21a94e9a1974a6ecd661a3c219f51e9b
460f0ff078f49f070d73a99a860650bbd36e2e28
b669cd31ba000348c87624784bfc5df7cbfbe7f9257615cc84517d86b5b960f1

Detections

Analyzer	Verdict	Alert
openphish	Bet365
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Server: openresty
Date: Wed, 08 Feb 2023 16:05:54 GMT
Content-Type: text/html
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
X-Cache: MISS from ty8-cdn199-061
Transfer-Encoding: chunked

www.2026bet365u.com/theme.config.44d1ee51.js

103.183.199.71

200 OK

17 kB

URL HTTP/1.1
www.2026bet365u.com/theme.config.44d1ee51.js
IP
103.183.199.71:0
ASN
#0

File type
HTML document, Unicode text, UTF-8 text, with very long lines (42210)
Size
17 kB (17167 bytes)
Hash
77a23cbfbff00b75223a9bebc77cbe63
3db08b2ec071d41a46e6030ff7de948047e967f3
2ca8bfe4b25ab828c04f525cfc405e28df7c71fd225d1494c2cd223f4081e714

Detections

Analyzer	Verdict	Alert
openphish	Bet365
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /theme.config.44d1ee51.js HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: W/"63c6110c-18e10"
Server: openresty
Date: Wed, 08 Feb 2023 04:52:21 GMT
Content-Type: application/javascript
Last-Modified: Tue, 17 Jan 2023 03:07:56 GMT
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
X-Cache: HIT from ty8-cdn199-061
Content-Length: 17167

www.2026bet365u.com/js/chunk-common.81d7a84a.js

103.183.199.71

200 OK

77 kB

URL HTTP/1.1
www.2026bet365u.com/js/chunk-common.81d7a84a.js
IP
103.183.199.71:0
ASN
#0

File type
ASCII text, with very long lines (65536), with no line terminators
Size
77 kB (76620 bytes)
Hash
20666e6cf458952a35a076eef054b152
a56587d41d245182d13d50e6d08b62fb0408235b
cb326f557ac49607d93826fe500d76c67e91b78213937a82f7d18ccd60e96cd7

Detections

Analyzer	Verdict	Alert
openphish	Bet365
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /js/chunk-common.81d7a84a.js HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: W/"63c61106-3cc13"
Server: openresty
Date: Wed, 08 Feb 2023 04:52:23 GMT
Content-Type: application/javascript
Last-Modified: Tue, 17 Jan 2023 03:07:50 GMT
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
X-Cache: HIT from ty8-cdn199-061
Content-Length: 76620

www.2026bet365u.com/css/index.6d2fe930.css

103.183.199.71

200 OK

37 kB

URL HTTP/1.1
www.2026bet365u.com/css/index.6d2fe930.css
IP
103.183.199.71:0
ASN
#0

File type
ASCII text, with very long lines (65536), with no line terminators
Size
37 kB (36912 bytes)
Hash
cb4cdc81f02cf952d0ff9ac47249264e
98898ef6d16605357ac86393cc3e4f9db54d2287
fa535d617e8aba3ff1fe173d6ac873b54aed8e00e732a0f0976f2812ea3cc5c5

Detections

Analyzer	Verdict	Alert
openphish	Bet365
quad9	Sinkholed

HTTP Headers

GET /css/index.6d2fe930.css HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: W/"63c610fe-15c75"
Server: openresty
Date: Wed, 08 Feb 2023 04:52:37 GMT
Content-Type: text/css
Last-Modified: Tue, 17 Jan 2023 03:07:42 GMT
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
X-Cache: HIT from ty8-cdn199-061
Content-Length: 36912

www.2026bet365u.com/css/chunk-vendors.090d1983.css

103.183.199.71

200 OK

22 kB

URL HTTP/1.1
www.2026bet365u.com/css/chunk-vendors.090d1983.css
IP
103.183.199.71:0
ASN
#0

File type
ASCII text, with very long lines (65536), with no line terminators
Size
22 kB (21757 bytes)
Hash
7c0e83d7b77325e4d435540742bfeef0
785b23a595d0075f5238e33caa7439553a70dd6c
4d9de2e1bdb70a6667e5666d217fd1acd76b9d6e88f4f117ac5f9992b57e890b

Detections

Analyzer	Verdict	Alert
openphish	Bet365
quad9	Sinkholed

HTTP Headers

GET /css/chunk-vendors.090d1983.css HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: W/"63c610fe-28f34"
Server: openresty
Date: Wed, 08 Feb 2023 04:52:22 GMT
Content-Type: text/css
Last-Modified: Tue, 17 Jan 2023 03:07:42 GMT
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
X-Cache: HIT from ty8-cdn199-061
Content-Length: 21757

www.2026bet365u.com/css/chunk-common.1c9260d6.css

103.183.199.71

200 OK

41 kB

URL HTTP/1.1
www.2026bet365u.com/css/chunk-common.1c9260d6.css
IP
103.183.199.71:0
ASN
#0

File type
ASCII text, with very long lines (65536), with no line terminators
Size
41 kB (41127 bytes)
Hash
a30241620b2b3c61c6b465dce2d70b9f
644c16d011068ea02f8c4cb909cb79aa5ca02e0e
240ce0aeac0703e81f5505194f72d6a3cc74821060b3c6593dfc52e92215fefa

Detections

Analyzer	Verdict	Alert
openphish	Bet365
quad9	Sinkholed

HTTP Headers

GET /css/chunk-common.1c9260d6.css HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: W/"63c610fe-22b8f"
Server: openresty
Date: Wed, 08 Feb 2023 04:52:22 GMT
Content-Type: text/css
Last-Modified: Tue, 17 Jan 2023 03:07:42 GMT
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
X-Cache: HIT from ty8-cdn199-061
Content-Length: 41127

www.2026bet365u.com/js/index.e38ee93e.js

103.183.199.71

200 OK

126 kB

URL HTTP/1.1
www.2026bet365u.com/js/index.e38ee93e.js
IP
103.183.199.71:0
ASN
#0

File type
Unicode text, UTF-8 text, with very long lines (64984), with no line terminators
Size
126 kB (126295 bytes)
Hash
d6852c6630d7a5ac18e233c3d039260c
d86b60fe0e050e36d1109071f11a049c031df9c9
ebfa60482ba02b450cd3343bfbabae5e302c9ce3626d96411ada628e2228b15b

Detections

Analyzer	Verdict	Alert
openphish	Bet365
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /js/index.e38ee93e.js HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: W/"63c61108-5166a"
Server: openresty
Date: Wed, 08 Feb 2023 04:52:21 GMT
Content-Type: application/javascript
Last-Modified: Tue, 17 Jan 2023 03:07:52 GMT
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
X-Cache: HIT from ty8-cdn199-061
Content-Length: 126295

www.2026bet365u.com/js/chunk-vendors.1f6ff71b.js

103.183.199.71

200 OK

206 kB

URL HTTP/1.1
www.2026bet365u.com/js/chunk-vendors.1f6ff71b.js
IP
103.183.199.71:0
ASN
#0

File type
Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size
206 kB (205802 bytes)
Hash
d100cb41a0e003c4514faf46eac186ab
c01a603d033de5e813c4793fe80c9fd1adf3deed
dad7b8968b8c809b708f45dd4db39d08812ed7a53145964e685a11d616a26bff

Detections

Analyzer	Verdict	Alert
openphish	Bet365
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /js/chunk-vendors.1f6ff71b.js HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: W/"63c61106-992f5"
Server: openresty
Date: Wed, 08 Feb 2023 04:52:23 GMT
Content-Type: application/javascript
Last-Modified: Tue, 17 Jan 2023 03:07:50 GMT
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
X-Cache: HIT from ty8-cdn199-061
Content-Length: 205802

www.2026bet365u.com/js/home.0b9907d2.js

103.183.199.71

200 OK

621 B

URL HTTP/1.1
www.2026bet365u.com/js/home.0b9907d2.js
IP
103.183.199.71:0
ASN
#0

File type
Unicode text, UTF-8 text, with very long lines (1379), with no line terminators
Size
621 B (621 bytes)
Hash
dd8dcfe5309e36e7b771085c77fbf015
17fb702f6222ce7140a9a1d041b4292bb818e06d
0313163b12965e85c83c8e6605934fea1f776a3fca22ab40a187dadcca0ab3d7

Detections

Analyzer	Verdict	Alert
openphish	Bet365
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /js/home.0b9907d2.js HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: W/"63c61108-579"
Server: openresty
Date: Wed, 08 Feb 2023 04:52:28 GMT
Content-Type: application/javascript
Last-Modified: Tue, 17 Jan 2023 03:07:52 GMT
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
X-Cache: HIT from ty8-cdn199-061
Content-Length: 621

www.2026bet365u.com/assets/logo/favicon.ico

103.183.199.71

200 OK

4.0 kB

URL HTTP/1.1
www.2026bet365u.com/assets/logo/favicon.ico
IP
103.183.199.71:0
ASN
#0

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
4.0 kB (4039 bytes)
Hash
af1c6b36199a0a47854ada4dcb7b9ed2
c425159283c364f476c54b28554f7aa0d8e2c482
1ae95e4da7db716a7f5300b07faee34ce7e92e798fe5f11775de36f9d1007afd

Detections

Analyzer	Verdict	Alert
openphish	Bet365
quad9	Sinkholed

HTTP Headers

GET /assets/logo/favicon.ico HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
ETag: "63c610fc-fc7"
Server: openresty
Date: Wed, 08 Feb 2023 15:16:13 GMT
Content-Type: image/x-icon
Last-Modified: Tue, 17 Jan 2023 03:07:40 GMT
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
X-Cache: HIT from ty8-cdn199-061
Content-Length: 4039

www.2026bet365u.com/css/66473.4f034e44.css

103.183.199.71

200 OK

0 B

URL HTTP/1.1
www.2026bet365u.com/css/66473.4f034e44.css
IP
103.183.199.71:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Bet365
quad9	Sinkholed

HTTP Headers

GET /css/66473.4f034e44.css HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63c610fe-0"
Server: openresty
Date: Wed, 08 Feb 2023 04:52:38 GMT
Content-Type: text/css
Last-Modified: Tue, 17 Jan 2023 03:07:42 GMT
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
X-Cache: HIT from ty8-cdn199-061
Content-Length: 0

www.2026bet365u.com/css/pc.scene171header.8c5d05d3.css

103.183.199.71

200 OK

4.5 kB

URL HTTP/1.1
www.2026bet365u.com/css/pc.scene171header.8c5d05d3.css
IP
103.183.199.71:0
ASN
#0

File type
ASCII text, with very long lines (16130), with no line terminators
Size
4.5 kB (4501 bytes)
Hash
56e716b4db6516c10252425b5b4097dd
5020e971543456f93f8eaba15cc3c4855a5b83ec
b2208ffa7926a4f1cdb7f13bd48274e32b7adf75dac5207519886ad120057ae4

Detections

Analyzer	Verdict	Alert
openphish	Bet365
quad9	Sinkholed

HTTP Headers

GET /css/pc.scene171header.8c5d05d3.css HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: W/"63c61100-3f02"
Server: openresty
Date: Wed, 08 Feb 2023 04:52:41 GMT
Content-Type: text/css
Last-Modified: Tue, 17 Jan 2023 03:07:44 GMT
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
X-Cache: HIT from ty8-cdn199-061
Content-Length: 4501

www.2026bet365u.com/css/pc.floatpopup.b2f05007.css

103.183.199.71

200 OK

203 B

URL HTTP/1.1
www.2026bet365u.com/css/pc.floatpopup.b2f05007.css
IP
103.183.199.71:0
ASN
#0

File type
ASCII text, with very long lines (468), with no line terminators
Size
203 B (203 bytes)
Hash
4fd364fa6550f6357f1b043cf5b4aa0c
0bf19fe5090e10fd8056de5c33ef2129671d9a59
da7af5ca6cc2f7ad3b5a7f1f13981c8436aeab9cc51ae5897a62c3610770d888

Detections

Analyzer	Verdict	Alert
openphish	Bet365
quad9	Sinkholed

HTTP Headers

GET /css/pc.floatpopup.b2f05007.css HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Encoding: br
Cache-Control: max-age=604800
ETag: "63c610ff-1d4"
Server: openresty
Date: Wed, 08 Feb 2023 04:52:41 GMT
Content-Type: text/css
Last-Modified: Tue, 17 Jan 2023 03:07:43 GMT
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
X-Cache: HIT from ty8-cdn199-061
Content-Length: 203

www.2026bet365u.com/js/pc.floatpopup.57aec2f4.js

103.183.199.71

200 OK

1.8 kB

URL HTTP/1.1
www.2026bet365u.com/js/pc.floatpopup.57aec2f4.js
IP
103.183.199.71:0
ASN
#0

File type
ASCII text, with very long lines (4213), with no line terminators
Size
1.8 kB (1796 bytes)
Hash
71cc8d8a0813d49d18645f5b53bbed04
562354b0adb327f6e124b4ce305910d1e43ce20b
4fff3bf20448095f0ea815950fd8da83bb5344eba38b4b322d8abcd7ec5219a4

Detections

Analyzer	Verdict	Alert
openphish	Bet365
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /js/pc.floatpopup.57aec2f4.js HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: W/"63c61108-1075"
Server: openresty
Date: Wed, 08 Feb 2023 04:52:39 GMT
Content-Type: application/javascript
Last-Modified: Tue, 17 Jan 2023 03:07:52 GMT
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
X-Cache: HIT from ty8-cdn199-061
Content-Length: 1796

www.2026bet365u.com/css/pc.scene171home.a495d762.css

103.183.199.71

200 OK

3.7 kB

URL HTTP/1.1
www.2026bet365u.com/css/pc.scene171home.a495d762.css
IP
103.183.199.71:0
ASN
#0

File type
ASCII text, with very long lines (9440), with no line terminators
Size
3.7 kB (3707 bytes)
Hash
b13ac8fa066f5d950ed9fb9f489c1aa9
57a121772282aa630f970814b53adc96e062c884
c4dca363b6c75b459689b663188f2aece9e8f9b2ff31ffdf2cc340007d9da572

Detections

Analyzer	Verdict	Alert
openphish	Bet365
quad9	Sinkholed

HTTP Headers

GET /css/pc.scene171home.a495d762.css HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: W/"63c61100-24e0"
Server: openresty
Date: Wed, 08 Feb 2023 04:52:37 GMT
Content-Type: text/css
Last-Modified: Tue, 17 Jan 2023 03:07:44 GMT
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
X-Cache: HIT from ty8-cdn199-061
Content-Length: 3707

www.2026bet365u.com/css/pc.scene171floatslider.dce25eab.css

103.183.199.71

200 OK

292 B

URL HTTP/1.1
www.2026bet365u.com/css/pc.scene171floatslider.dce25eab.css
IP
103.183.199.71:0
ASN
#0

File type
ASCII text, with very long lines (709), with no line terminators
Size
292 B (292 bytes)
Hash
dc9a6589cac2fe8d2c302a982243697f
66ebe2fdf8b74d3aa63be15cb81437bd9ccd94fa
60c53cc43e5849cf0954a6efa416e25500b0f0e54cddc05940021e3c2cbea6fd

Detections

Analyzer	Verdict	Alert
openphish	Bet365
quad9	Sinkholed

HTTP Headers

GET /css/pc.scene171floatslider.dce25eab.css HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Encoding: br
Cache-Control: max-age=604800
ETag: "63c61100-2c5"
Server: openresty
Date: Wed, 08 Feb 2023 04:52:42 GMT
Content-Type: text/css
Last-Modified: Tue, 17 Jan 2023 03:07:44 GMT
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
X-Cache: HIT from ty8-cdn199-061
Content-Length: 292

www.2026bet365u.com/js/pc.scene171floatslider.283a6188.js

103.183.199.71

200 OK

1.5 kB

URL HTTP/1.1
www.2026bet365u.com/js/pc.scene171floatslider.283a6188.js
IP
103.183.199.71:0
ASN
#0

File type
Unicode text, UTF-8 text, with very long lines (3779), with no line terminators
Size
1.5 kB (1519 bytes)
Hash
4e74caff418f17255c9efd55840281bc
590a75b5ddb9686538c631da480d80259bbd95e0
d1f7ed884d3c79af7fe1061c4fd3c375c166b758cc1887c8acaa184edb12822a

Detections

Analyzer	Verdict	Alert
openphish	Bet365
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /js/pc.scene171floatslider.283a6188.js HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: W/"63c6110a-ee5"
Server: openresty
Date: Wed, 08 Feb 2023 04:52:42 GMT
Content-Type: application/javascript
Last-Modified: Tue, 17 Jan 2023 03:07:54 GMT
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
X-Cache: HIT from ty8-cdn199-061
Content-Length: 1519

www.2026bet365u.com/js/pc.scene171home.d66f5cac.js

103.183.199.71

200 OK

4.3 kB

URL HTTP/1.1
www.2026bet365u.com/js/pc.scene171home.d66f5cac.js
IP
103.183.199.71:0
ASN
#0

File type
Unicode text, UTF-8 text, with very long lines (9124), with no line terminators
Size
4.3 kB (4347 bytes)
Hash
1d7b7c68b8ce7c8ae8c6ec439623495d
72799aaf950d08126c637200a32d584143d3c370
3b780d0b5c85f11a36ced0c9c5e7cadcd24508236ed123f1a08284e38604a030

Detections

Analyzer	Verdict	Alert
openphish	Bet365
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /js/pc.scene171home.d66f5cac.js HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: W/"63c6110a-2562"
Server: openresty
Date: Wed, 08 Feb 2023 04:52:38 GMT
Content-Type: application/javascript
Last-Modified: Tue, 17 Jan 2023 03:07:54 GMT
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
X-Cache: HIT from ty8-cdn199-061
Content-Length: 4347

www.2026bet365u.com/js/pc.scene171header.1feb6eee.js

103.183.199.71

200 OK

22 kB

URL HTTP/1.1
www.2026bet365u.com/js/pc.scene171header.1feb6eee.js
IP
103.183.199.71:0
ASN
#0

File type
Unicode text, UTF-8 text, with very long lines (39124), with no line terminators
Size
22 kB (22528 bytes)
Hash
db1dd5a17b483f910cae16eec443f99b
da88e7f0668dabbe3efbe40ed4d93012360881e7
babeedcf59169e49cc79f02a5a48dc1e75385643b4cd88067af969beb2ab46d2

Detections

Analyzer	Verdict	Alert
openphish	Bet365
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /js/pc.scene171header.1feb6eee.js HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: W/"63c6110a-99c2"
Server: openresty
Date: Wed, 08 Feb 2023 04:52:39 GMT
Content-Type: application/javascript
Last-Modified: Tue, 17 Jan 2023 03:07:54 GMT
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
X-Cache: HIT from ty8-cdn199-061
Content-Length: 22528

www.2026bet365u.com/css/pc.scence171homefooter.85c98a43.css

103.183.199.71

200 OK

438 B

URL HTTP/1.1
www.2026bet365u.com/css/pc.scence171homefooter.85c98a43.css
IP
103.183.199.71:0
ASN
#0

File type
ASCII text, with very long lines (1058), with no line terminators
Size
438 B (438 bytes)
Hash
407022ef9dcbff33ac83d16416e35d07
56e20964b12d54dad31eaf788a135738fb1a884a
086cf321c1a3dafcc30621515c45fcefa54f77a8972e072303c622127175249e

Detections

Analyzer	Verdict	Alert
openphish	Bet365
quad9	Sinkholed

HTTP Headers

GET /css/pc.scence171homefooter.85c98a43.css HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: W/"63c610ff-422"
Server: openresty
Date: Wed, 08 Feb 2023 04:52:40 GMT
Content-Type: text/css
Last-Modified: Tue, 17 Jan 2023 03:07:43 GMT
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
X-Cache: HIT from ty8-cdn199-061
Content-Length: 438

www.2026bet365u.com/js/pc.scence171homefooter.666b663f.js

103.183.199.71

200 OK

2.3 kB

URL HTTP/1.1
www.2026bet365u.com/js/pc.scence171homefooter.666b663f.js
IP
103.183.199.71:0
ASN
#0

File type
Unicode text, UTF-8 text, with very long lines (2432), with no line terminators
Size
2.3 kB (2262 bytes)
Hash
7949e8953576f0ff0a88861d0de0b1b9
8200cd5b9aab1d4d4fd5209f1447608edf20833b
c58c1368a62fee33367318c2d73801cf558bd5ce61ab9e4cea9bac8a2d80baee

Detections

Analyzer	Verdict	Alert
openphish	Bet365
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /js/pc.scence171homefooter.666b663f.js HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: W/"63c6110a-fbf"
Server: openresty
Date: Wed, 08 Feb 2023 04:52:40 GMT
Content-Type: application/javascript
Last-Modified: Tue, 17 Jan 2023 03:07:54 GMT
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
X-Cache: HIT from ty8-cdn199-061
Content-Length: 2262

www.2026bet365u.com/api/activity/list?type=0&isPopup=1

103.183.199.71

200 OK

1.5 kB

URL HTTP/1.1
www.2026bet365u.com/api/activity/list?type=0&isPopup=1
IP
103.183.199.71:0
ASN
#0

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (5786), with no line terminators
Size
1.5 kB (1529 bytes)
Hash
18d9f54684eec8aee5bb3d09defee5ef
5aad15159e457dd9ac515459d00c7a3bceab70f4
7df0b701048eee0094aa3ca532bd38cc62b9e54aac988ced86be8608c08b4bbf

Detections

Analyzer	Verdict	Alert
openphish	Bet365
quad9	Sinkholed

HTTP Headers

GET /api/activity/list?type=0&isPopup=1 HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
timestamp: 1675872412094
sign: 1c2d7d191t6e161r
version: 4.0.5.0
client_type: web
device_id: cd6de883aa0b83fe2df5faa278d53109
lang: zh-CN
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: openresty
Date: Wed, 08 Feb 2023 16:05:57 GMT
Content-Type: application/json
Expires: 0
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Vary: Accept-Encoding, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: *
Content-Encoding: gzip
X-Cache: MISS from ty8-cdn199-061
Transfer-Encoding: chunked

www.2026bet365u.com/api/config/system

103.183.199.71

200 OK

886 B

URL HTTP/1.1
www.2026bet365u.com/api/config/system
IP
103.183.199.71:0
ASN
#0

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (1709), with no line terminators
Size
886 B (886 bytes)
Hash
a092268cc58dca7b8626e71ec301e1b0
8bcff86c22453277b2322b6735c1e662d24ff2f1
3953a3cf28a6cc12064bbcd4fac02dadf8fa4e269be4715b78c73d3741ab9a83

Detections

Analyzer	Verdict	Alert
openphish	Bet365
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /api/config/system HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
timestamp: 1675872412094
sign: 3s6u157075453s6c
version: 4.0.5.0
client_type: web
device_id: cd6de883aa0b83fe2df5faa278d53109
lang: zh-CN
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: openresty
Date: Wed, 08 Feb 2023 16:05:57 GMT
Content-Type: application/json
Expires: 0
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Vary: Accept-Encoding, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: *
Content-Encoding: gzip
X-Cache: MISS from ty8-cdn199-061
Transfer-Encoding: chunked

www.2026bet365u.com/api/tenant/float/list

103.183.199.71

200 OK

516 B

URL HTTP/1.1
www.2026bet365u.com/api/tenant/float/list
IP
103.183.199.71:0
ASN
#0

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (1283), with no line terminators
Size
516 B (516 bytes)
Hash
e95cf34fb87ea20f7a41ca3599d1f4c7
bcb1d7be551a961fe1f6d9c13396e40b742d525b
3b00e44f41495eb5dd136b3e1f7ec99d65645fa7650aa6a1641efbe9522d010f

Detections

Analyzer	Verdict	Alert
openphish	Bet365
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /api/tenant/float/list HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
timestamp: 1675872412375
sign: 2o513k295s42736i
version: 4.0.5.0
client_type: web
device_id: cd6de883aa0b83fe2df5faa278d53109
lang: zh-CN
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: openresty
Date: Wed, 08 Feb 2023 16:05:57 GMT
Content-Type: application/json
Expires: 0
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Vary: Accept-Encoding, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: *
Content-Encoding: gzip
X-Cache: MISS from ty8-cdn199-061
Transfer-Encoding: chunked

www.2026bet365u.com/api/banner/list

103.183.199.71

200 OK

301 B

URL HTTP/1.1
www.2026bet365u.com/api/banner/list
IP
103.183.199.71:0
ASN
#0

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (387), with no line terminators
Size
301 B (301 bytes)
Hash
115aceb921017370f7d6f326d1735093
1c7496664e985054bfc1ed4895cc4b2179d011ae
d862f97381e66975f4c3243f5bd5773ce3b235aa417891d2ca755d1979beb020

Detections

Analyzer	Verdict	Alert
openphish	Bet365
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /api/banner/list HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
timestamp: 1675872412459
sign: 2286n7r7lg627j1c
version: 4.0.5.0
client_type: web
device_id: cd6de883aa0b83fe2df5faa278d53109
lang: zh-CN
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: openresty
Date: Wed, 08 Feb 2023 16:05:57 GMT
Content-Type: application/json
Expires: 0
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Vary: Accept-Encoding, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: *
Content-Encoding: gzip
X-Cache: MISS from ty8-cdn199-061
Transfer-Encoding: chunked

www.2026bet365u.com/api/notice/page?current=1&size=1000

103.183.199.71

200 OK

508 B

URL HTTP/1.1
www.2026bet365u.com/api/notice/page?current=1&size=1000
IP
103.183.199.71:0
ASN
#0

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (692), with no line terminators
Size
508 B (508 bytes)
Hash
bc68b58634d4b712507c043fa38d55b9
7bb73ec5485d77a086e228eb60d91cee58fd0ec5
fa17b03e0b59a8ee635645b08d40b2e488e376bae3b6b5d2e50fb9c466b65e41

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /api/notice/page?current=1&size=1000 HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
timestamp: 1675872412458
sign: 46g1b48262p5if30
version: 4.0.5.0
client_type: web
device_id: cd6de883aa0b83fe2df5faa278d53109
lang: zh-CN
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: openresty
Date: Wed, 08 Feb 2023 16:05:57 GMT
Content-Type: application/json
Expires: 0
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Vary: Accept-Encoding, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: *
Content-Encoding: gzip
X-Cache: MISS from ty8-cdn199-061
Transfer-Encoding: chunked

www.2026bet365u.com/api/game/gameBarNew

103.183.199.71

200 OK

8.7 kB

URL HTTP/1.1
www.2026bet365u.com/api/game/gameBarNew
IP
103.183.199.71:0
ASN
#0

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (62740), with no line terminators
Size
8.7 kB (8722 bytes)
Hash
8802f4530c566608c8f729c90bcfc0ae
a9b66c0a260d2e98963d40f5b8e76324d2e1e927
15e428436a340cb05ddbf1291660d1ae42f1c09b8c8946cf54b0819e55787576

Detections

Analyzer	Verdict	Alert
openphish	Bet365
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /api/game/gameBarNew HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
timestamp: 1675872412547
sign: 3n6i5b1r794i5v55
version: 4.0.5.0
client_type: web
device_id: cd6de883aa0b83fe2df5faa278d53109
lang: zh-CN
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: openresty
Date: Wed, 08 Feb 2023 16:05:57 GMT
Content-Type: application/json
Expires: 0
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Vary: Accept-Encoding, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: *
Content-Encoding: gzip
X-Cache: MISS from ty8-cdn199-061
Transfer-Encoding: chunked

www.2026bet365u.com/img/rdaobg.93df9aaf.png

103.183.199.71

200 OK

22 kB

URL HTTP/1.1
www.2026bet365u.com/img/rdaobg.93df9aaf.png
IP
103.183.199.71:0
ASN
#0

File type
PNG image data, 175 x 369, 8-bit/color RGBA, interlaced\012- data
Size
22 kB (22261 bytes)
Hash
20585d561a197431aed191a50e110676
28e8a77746a5afe79421fcffe480735d4d8691ad
e337bde0842262d98106036d88902d2e65642b46d42a3f5871b9e307295beec6

Detections

Analyzer	Verdict	Alert
openphish	Bet365
quad9	Sinkholed

HTTP Headers

GET /img/rdaobg.93df9aaf.png HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.2026bet365u.com/css/pc.scene171floatslider.dce25eab.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: W/"63c61104-5a0c"
Server: openresty
Date: Wed, 08 Feb 2023 05:57:25 GMT
Content-Type: image/png
Last-Modified: Tue, 17 Jan 2023 03:07:48 GMT
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
X-Cache: HIT from ty8-cdn199-061
Content-Length: 22261

www.2026bet365u.com/img/bg-products.e4ddcae4.png

103.183.199.71

200 OK

27 kB

URL HTTP/1.1
www.2026bet365u.com/img/bg-products.e4ddcae4.png
IP
103.183.199.71:0
ASN
#0

File type
PNG image data, 307 x 342, 8-bit/color RGBA, non-interlaced\012- data
Size
27 kB (27443 bytes)
Hash
746f23ebabd053a2f6e45c56f5c2156c
b96fc46914ba15036c42626b24b936bf2996c22e
c404cd576a1ca7d71727afb4ea2706bb31f213d24a02934e4ef27eae80ff8359

Detections

Analyzer	Verdict	Alert
openphish	Bet365
quad9	Sinkholed

HTTP Headers

GET /img/bg-products.e4ddcae4.png HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.2026bet365u.com/css/pc.scene171home.a495d762.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: W/"63c61101-6bcb"
Server: openresty
Date: Wed, 08 Feb 2023 05:57:24 GMT
Content-Type: image/png
Last-Modified: Tue, 17 Jan 2023 03:07:45 GMT
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
X-Cache: HIT from ty8-cdn199-061
Content-Length: 27443

www.2026bet365u.com/kc215/noData/cms_noimg.png?1673924680626

103.183.199.71

200 OK

3.9 kB

URL HTTP/1.1
www.2026bet365u.com/kc215/noData/cms_noimg.png?1673924680626
IP
103.183.199.71:0
ASN
#0

File type
PNG image data, 1920 x 700, 8-bit/color RGBA, non-interlaced\012- data
Size
3.9 kB (3910 bytes)
Hash
99a0bd21dac2b7ad570585f31e71e4c6
7701c1d9c7f7f426126edd3589164ef54ffbf4e5
8dc553e957d055edfa0eb9c59df58cd2f69596b0faab2ed3905f2fcb93907426

Detections

Analyzer	Verdict	Alert
openphish	Bet365
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /kc215/noData/cms_noimg.png?1673924680626 HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: W/"63c6110b-269a"
Server: openresty
Date: Wed, 08 Feb 2023 05:57:26 GMT
Content-Type: image/png
Last-Modified: Tue, 17 Jan 2023 03:07:55 GMT
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
X-Cache: HIT from ty8-cdn199-061
Content-Length: 3910

www.2026bet365u.com/img/game01.85b388dd.png

103.183.199.71

200 OK

30 kB

URL HTTP/1.1
www.2026bet365u.com/img/game01.85b388dd.png
IP
103.183.199.71:0
ASN
#0

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=81, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=271], baseline, precision 8, 270x81, components 3\012- data
Size
30 kB (30191 bytes)
Hash
ee243090e384414e96c816776c7c49e3
e41d0270c5d9f6dfce9a55aed4eaf56e67c945cb
fc3cfafd54694005280197eda49a46f3339d4b15e514fd1383f61df4db74545a

Detections

Analyzer	Verdict	Alert
openphish	Bet365
quad9	Sinkholed

HTTP Headers

GET /img/game01.85b388dd.png HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: W/"63c61103-9967"
Server: openresty
Date: Wed, 08 Feb 2023 05:57:25 GMT
Content-Type: image/png
Last-Modified: Tue, 17 Jan 2023 03:07:47 GMT
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
X-Cache: HIT from ty8-cdn199-061
Content-Length: 30191

www.2026bet365u.com/img/game02.4289a415.png

103.183.199.71

200 OK

24 kB

URL HTTP/1.1
www.2026bet365u.com/img/game02.4289a415.png
IP
103.183.199.71:0
ASN
#0

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=81, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=271], progressive, precision 8, 270x81, components 3\012- data
Size
24 kB (24468 bytes)
Hash
c1dc5b4279579df574dee565ed2bbab0
b5fbbc6bec0dd1b449a49ab2a8343bf750af4ace
e56cfbdc74ed927f41bf9109d925bfd4039179094728a8099a48bbd22e579745

Detections

Analyzer	Verdict	Alert
openphish	Bet365
quad9	Sinkholed

HTTP Headers

GET /img/game02.4289a415.png HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: W/"63c61103-7d87"
Server: openresty
Date: Wed, 08 Feb 2023 05:57:25 GMT
Content-Type: image/png
Last-Modified: Tue, 17 Jan 2023 03:07:47 GMT
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
X-Cache: HIT from ty8-cdn199-061
Content-Length: 24468

www.2026bet365u.com/img/rdao-l-1.d6e3a425.png

103.183.199.71

200 OK

9.2 kB

URL HTTP/1.1
www.2026bet365u.com/img/rdao-l-1.d6e3a425.png
IP
103.183.199.71:0
ASN
#0

File type
PNG image data, 147 x 51, 8-bit/color RGB, non-interlaced\012- data
Size
9.2 kB (9204 bytes)
Hash
51bda0bdf153e95fc0ecd6a87ffa5a10
8f5929673995061d35f9d504bb0d26c1a554238c
f8ee66b76e6f91322c5df9bd283381fdcf9a7c062f4c335c0db862eda4d36737

Detections

Analyzer	Verdict	Alert
openphish	Bet365
quad9	Sinkholed

HTTP Headers

GET /img/rdao-l-1.d6e3a425.png HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: W/"63c61104-24d3"
Server: openresty
Date: Wed, 08 Feb 2023 05:57:25 GMT
Content-Type: image/png
Last-Modified: Tue, 17 Jan 2023 03:07:48 GMT
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
X-Cache: HIT from ty8-cdn199-061
Content-Length: 9204

www.2026bet365u.com/img/rdao-l-2.f6c6cbaf.png

103.183.199.71

200 OK

13 kB

URL HTTP/1.1
www.2026bet365u.com/img/rdao-l-2.f6c6cbaf.png
IP
103.183.199.71:0
ASN
#0

File type
PNG image data, 147 x 57, 8-bit/color RGB, non-interlaced\012- data
Size
13 kB (12864 bytes)
Hash
dafcc34e864ac4f254ed8062308b2ff4
2294a84544dcf3e2f989d703e73c3152e5a4d32e
7c1782c703a4e61018cd106763b5620a2193b2862072bea2089093b389557220

Detections

Analyzer	Verdict	Alert
openphish	Bet365
quad9	Sinkholed

HTTP Headers

GET /img/rdao-l-2.f6c6cbaf.png HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: W/"63c61104-3323"
Server: openresty
Date: Wed, 08 Feb 2023 05:57:25 GMT
Content-Type: image/png
Last-Modified: Tue, 17 Jan 2023 03:07:48 GMT
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
X-Cache: HIT from ty8-cdn199-061
Content-Length: 12864

www.2026bet365u.com/img/game03.212a12ef.png

103.183.199.71

200 OK

12 kB

URL HTTP/1.1
www.2026bet365u.com/img/game03.212a12ef.png
IP
103.183.199.71:0
ASN
#0

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 270x81, components 3\012- data
Size
12 kB (11854 bytes)
Hash
1cf16c13e93928bbe405f3c2ac01ba23
1cd0054bab5dc5d20064867c0e1a8f4a99ec1af0
9a0fee900f0f9422e3406e1e660a0c61bac9097540ca0618b2e8cfd87adfd227

Detections

Analyzer	Verdict	Alert
openphish	Bet365
quad9	Sinkholed

HTTP Headers

GET /img/game03.212a12ef.png HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: W/"63c61103-2e92"
Server: openresty
Date: Wed, 08 Feb 2023 05:57:25 GMT
Content-Type: image/png
Last-Modified: Tue, 17 Jan 2023 03:07:47 GMT
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
X-Cache: HIT from ty8-cdn199-061
Content-Length: 11854

www.2026bet365u.com/img/rdao-l-3.5d2e2162.png

103.183.199.71

200 OK

12 kB

URL HTTP/1.1
www.2026bet365u.com/img/rdao-l-3.5d2e2162.png
IP
103.183.199.71:0
ASN
#0

File type
PNG image data, 147 x 57, 8-bit/color RGB, non-interlaced\012- data
Size
12 kB (12348 bytes)
Hash
a4804c201ac8e7522bc2af5b94c2a4b2
d6203db31f8d3949290dde6068124d6a65a26210
ec4eb5a89a14fbd4f321e717215fe7c6a5f93d9effcc666641b654f21ef29943

Detections

Analyzer	Verdict	Alert
openphish	Bet365
quad9	Sinkholed

HTTP Headers

GET /img/rdao-l-3.5d2e2162.png HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: W/"63c61104-3120"
Server: openresty
Date: Wed, 08 Feb 2023 05:57:25 GMT
Content-Type: image/png
Last-Modified: Tue, 17 Jan 2023 03:07:48 GMT
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
X-Cache: HIT from ty8-cdn199-061
Content-Length: 12348

www.2026bet365u.com/img/float_left_contact.5e628ff1.png

103.183.199.71

200 OK

14 kB

URL HTTP/1.1
www.2026bet365u.com/img/float_left_contact.5e628ff1.png
IP
103.183.199.71:0
ASN
#0

File type
PNG image data, 50 x 247, 8-bit/color RGBA, non-interlaced\012- data
Size
14 kB (13812 bytes)
Hash
6903adf12205ae84cc59148fd61dc716
6c72770913e4e3844f3e60ac9cc6be442b11ea16
e2dfab77b1ad4f08774fa59b4e57268b1c609c4b226d418219cec33faf5ac2f2

Detections

Analyzer	Verdict	Alert
openphish	Bet365
quad9	Sinkholed

HTTP Headers

GET /img/float_left_contact.5e628ff1.png HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: W/"63c61102-36c1"
Server: openresty
Date: Wed, 08 Feb 2023 05:57:25 GMT
Content-Type: image/png
Last-Modified: Tue, 17 Jan 2023 03:07:46 GMT
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
X-Cache: HIT from ty8-cdn199-061
Content-Length: 13812

www.2026bet365u.com/kc215/noData/cms_game_noimg.png?1673924680626

103.183.199.71

200 OK

3.6 kB

URL HTTP/1.1
www.2026bet365u.com/kc215/noData/cms_game_noimg.png?1673924680626
IP
103.183.199.71:0
ASN
#0

File type
PNG image data, 750 x 590, 8-bit/color RGBA, non-interlaced\012- data
Size
3.6 kB (3576 bytes)
Hash
87d5dd35fd5647c214e4b16641984af3
905d5cbbd97eeeb60a861de6a75203d7013585f8
a5cae14ce6a36f6ef968ee27eda637b2ab5c9b9d74b4c278826f0e7bcbd60abe

Detections

Analyzer	Verdict	Alert
openphish	Bet365
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /kc215/noData/cms_game_noimg.png?1673924680626 HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: W/"63c6110b-1371"
Server: openresty
Date: Wed, 08 Feb 2023 05:57:29 GMT
Content-Type: image/png
Last-Modified: Tue, 17 Jan 2023 03:07:55 GMT
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
X-Cache: HIT from ty8-cdn199-061
Content-Length: 3576

www.2026bet365u.com/img/float_right_contact.d1892e60.png

103.183.199.71

200 OK

11 kB

URL HTTP/1.1
www.2026bet365u.com/img/float_right_contact.d1892e60.png
IP
103.183.199.71:0
ASN
#0

File type
PNG image data, 50 x 247, 8-bit/color RGBA, non-interlaced\012- data
Size
11 kB (11403 bytes)
Hash
19bc89fb608067f692a91b9746bbc5f8
e8bb2c041091e124057fe897175f02c8cca45ee8
77267f5a35f202a15852c1909f9ef9f6cbba00ad77f2a05cd3d0c5aef4ad9899

Detections

Analyzer	Verdict	Alert
openphish	Bet365
quad9	Sinkholed

HTTP Headers

GET /img/float_right_contact.d1892e60.png HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: W/"63c61102-2eb9"
Server: openresty
Date: Wed, 08 Feb 2023 05:57:25 GMT
Content-Type: image/png
Last-Modified: Tue, 17 Jan 2023 03:07:46 GMT
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
X-Cache: HIT from ty8-cdn199-061
Content-Length: 11403

www.2026bet365u.com/img/rdao-r-1.c2e7696b.png

103.183.199.71

200 OK

12 kB

URL HTTP/1.1
www.2026bet365u.com/img/rdao-r-1.c2e7696b.png
IP
103.183.199.71:0
ASN
#0

File type
PNG image data, 147 x 57, 8-bit/color RGB, non-interlaced\012- data
Size
12 kB (12068 bytes)
Hash
807f2485daa592ff5543f1ff44016db1
4811b66bc4cd958014fc0d70aac46d47c010b4b6
d69a56fcf3b19050f7f7ea4daae12d36b7749f04695a8c2ed76c318ac8495a8d

Detections

Analyzer	Verdict	Alert
openphish	Bet365
quad9	Sinkholed

HTTP Headers

GET /img/rdao-r-1.c2e7696b.png HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: W/"63c61104-3002"
Server: openresty
Date: Wed, 08 Feb 2023 05:57:25 GMT
Content-Type: image/png
Last-Modified: Tue, 17 Jan 2023 03:07:48 GMT
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
X-Cache: HIT from ty8-cdn199-061
Content-Length: 12068

www.2026bet365u.com/api/tenant/domain/list

103.183.199.71

200 OK

1.3 kB

URL HTTP/1.1
www.2026bet365u.com/api/tenant/domain/list
IP
103.183.199.71:0
ASN
#0

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (1652), with no line terminators
Size
1.3 kB (1325 bytes)
Hash
b2b65d79f2cc79068c0f651a029598d3
4cfcda1212bfc4f86637d1ad1f134062bb9d8bcc
275f241dfb816de50ca811b33a18cd64f0993b1c9f5cb286e97233368a1fc32b

Detections

Analyzer	Verdict	Alert
openphish	Bet365
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /api/tenant/domain/list HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
timestamp: 1675872413232
sign: 25t17796pk2u5q19
version: 4.0.5.0
client_type: web
device_id: cd6de883aa0b83fe2df5faa278d53109
lang: zh-CN
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: openresty
Date: Wed, 08 Feb 2023 16:05:58 GMT
Content-Type: application/json
Expires: 0
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Vary: Accept-Encoding, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: *
Content-Encoding: gzip
X-Cache: MISS from ty8-cdn199-061
Transfer-Encoding: chunked

www.2026bet365u.com/kc215/logo/logo.png?1673924680626

103.183.199.71

200 OK

15 kB

URL HTTP/1.1
www.2026bet365u.com/kc215/logo/logo.png?1673924680626
IP
103.183.199.71:0
ASN
#0

File type
PNG image data, 472 x 90, 8-bit/color RGBA, non-interlaced\012- data
Size
15 kB (14704 bytes)
Hash
58fb745e09d69a77adc66ec678fda8cb
5d12212442c84a200bdd2a67741f744dd8e0d176
577b5de5ee70d7ea4270b27f59b6a8e777a15e0ef1859ccf16a2132f891979fb

Detections

Analyzer	Verdict	Alert
openphish	Bet365
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /kc215/logo/logo.png?1673924680626 HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: W/"63c6110b-2997c"
Server: openresty
Date: Wed, 08 Feb 2023 05:57:25 GMT
Content-Type: image/png
Last-Modified: Tue, 17 Jan 2023 03:07:55 GMT
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
X-Cache: HIT from ty8-cdn199-061
Content-Length: 14704

www.2026bet365u.com/img/rdao-r-4.5d6173a4.png

103.183.199.71

200 OK

14 kB

URL HTTP/1.1
www.2026bet365u.com/img/rdao-r-4.5d6173a4.png
IP
103.183.199.71:0
ASN
#0

File type
PNG image data, 147 x 53, 8-bit/color RGB, non-interlaced\012- data
Size
14 kB (14427 bytes)
Hash
dd5fb591cbb9b0f8a1610dedf9ea66b8
7f043e7b4028472d249bcdd4c297eb18c188734f
477f6b1e4186260c752a943b0f45c2b4009c046ca3fd12045e8ed8b87d47b6ff

Detections

Analyzer	Verdict	Alert
openphish	Bet365
quad9	Sinkholed

HTTP Headers

GET /img/rdao-r-4.5d6173a4.png HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: W/"63c61104-3922"
Server: openresty
Date: Wed, 08 Feb 2023 05:57:25 GMT
Content-Type: image/png
Last-Modified: Tue, 17 Jan 2023 03:07:48 GMT
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
X-Cache: HIT from ty8-cdn199-061
Content-Length: 14427

www.2026bet365u.com/js/42480.6271432b.js

103.183.199.71

200 OK

75 B

URL HTTP/1.1
www.2026bet365u.com/js/42480.6271432b.js
IP
103.183.199.71:0
ASN
#0

File type
ASCII text, with no line terminators
Size
75 B (75 bytes)
Hash
6c6f95c1c4a9b0768a7c8122a384e603
26e3ed3483802652f86fb66d1ee431afbdcc42fe
1ea142e3274580463ead5ef373b4e9b815bff5d1165b6a9737827deb5c70dcd6

Detections

Analyzer	Verdict	Alert
openphish	Bet365
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /js/42480.6271432b.js HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63c61105-4b"
Server: openresty
Date: Wed, 08 Feb 2023 04:52:51 GMT
Content-Type: application/javascript
Last-Modified: Tue, 17 Jan 2023 03:07:49 GMT
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
X-Cache: HIT from ty8-cdn199-061
Content-Length: 75

www.2026bet365u.com/js/81354.ac91c7ab.js

103.183.199.71

200 OK

18 kB

URL HTTP/1.1
www.2026bet365u.com/js/81354.ac91c7ab.js
IP
103.183.199.71:0
ASN
#0

File type
Unicode text, UTF-8 text, with very long lines (24163)
Size
18 kB (18016 bytes)
Hash
f6c1af2356d6d14761bc0183fd38446e
0d22164da4a83fd81b5fd19c1fed8b13f05cb019
7fca02aca9fde9e3bf27103becaaa5b3de0aebe62c4f79623075feee0dc9b5ec

Detections

Analyzer	Verdict	Alert
openphish	Bet365
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /js/81354.ac91c7ab.js HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: W/"63c61106-d5f4"
Server: openresty
Date: Wed, 08 Feb 2023 04:52:50 GMT
Content-Type: application/javascript
Last-Modified: Tue, 17 Jan 2023 03:07:50 GMT
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
X-Cache: HIT from ty8-cdn199-061
Content-Length: 18016

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1520d306f775d1da6bce241f7e7c0447
15531c2e8f94245df191497b43024f37af9dea6d
88eab071b245d7925deeadd47a6a20bd54fa93b24fa5b41d5da74bc1e4670186

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "88EAB071B245D7925DEEADD47A6A20BD54FA93B24FA5B41D5DA74BC1E4670186"
Last-Modified: Mon, 06 Feb 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21568
Expires: Wed, 08 Feb 2023 22:05:27 GMT
Date: Wed, 08 Feb 2023 16:05:59 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1520d306f775d1da6bce241f7e7c0447
15531c2e8f94245df191497b43024f37af9dea6d
88eab071b245d7925deeadd47a6a20bd54fa93b24fa5b41d5da74bc1e4670186

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "88EAB071B245D7925DEEADD47A6A20BD54FA93B24FA5B41D5DA74BC1E4670186"
Last-Modified: Mon, 06 Feb 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21561
Expires: Wed, 08 Feb 2023 22:05:20 GMT
Date: Wed, 08 Feb 2023 16:05:59 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1520d306f775d1da6bce241f7e7c0447
15531c2e8f94245df191497b43024f37af9dea6d
88eab071b245d7925deeadd47a6a20bd54fa93b24fa5b41d5da74bc1e4670186

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "88EAB071B245D7925DEEADD47A6A20BD54FA93B24FA5B41D5DA74BC1E4670186"
Last-Modified: Mon, 06 Feb 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21583
Expires: Wed, 08 Feb 2023 22:05:42 GMT
Date: Wed, 08 Feb 2023 16:05:59 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e4b2ff50079cb61885a56749ba60c18e
f929310e8f3d78c080f275dde3a67a8bdf9e7bb2
a082d9e964aecba8ced06b02065be998dc3517c5c6ba2e260f6ed84c8c34ae8f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A082D9E964AECBA8CED06B02065BE998DC3517C5C6BA2E260F6ED84C8C34AE8F"
Last-Modified: Wed, 08 Feb 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Wed, 08 Feb 2023 22:05:59 GMT
Date: Wed, 08 Feb 2023 16:05:59 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1520d306f775d1da6bce241f7e7c0447
15531c2e8f94245df191497b43024f37af9dea6d
88eab071b245d7925deeadd47a6a20bd54fa93b24fa5b41d5da74bc1e4670186

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "88EAB071B245D7925DEEADD47A6A20BD54FA93B24FA5B41D5DA74BC1E4670186"
Last-Modified: Mon, 06 Feb 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21577
Expires: Wed, 08 Feb 2023 22:05:36 GMT
Date: Wed, 08 Feb 2023 16:05:59 GMT
Connection: keep-alive

asfgasg1619asfqsgf.luckyeasypla.com/bucketimg/7c5efa2a-4669-4be1-a940-674e32272039.jpg

103.183.199.103

200 OK

150 kB

URL HTTP/1.1
asfgasg1619asfqsgf.luckyeasypla.com/bucketimg/7c5efa2a-4669-4be1-a940-674e32272039.jpg
IP
103.183.199.103:0
ASN
#0

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 640x500, components 3\012- data
Size
150 kB (149543 bytes)
Hash
1dfe60355d0e86716b6c1d9020cbf426
25fe4f329ad986858d801e3f8f6b416d9046569d
5b5e0475577a95b5270aa06ff314c2746e9e78c3665ae175ea3e01c2193deccc

HTTP Headers

GET /bucketimg/7c5efa2a-4669-4be1-a940-674e32272039.jpg HTTP/1.1
Host: asfgasg1619asfqsgf.luckyeasypla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: W/"e0290bd10901b507c3be310f05e2c3a8"
Server: nginx
Date: Tue, 07 Feb 2023 17:36:35 GMT
Content-Type: image/jpeg
Content-Security-Policy: block-all-mixed-content
Last-Modified: Wed, 11 Jan 2023 23:24:39 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding, Accept-Encoding, Origin
X-Amz-Request-Id: 17419B65448DC8AA
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Content-Encoding: gzip
X-Cache: HIT from ty8-cdn199-093
Content-Length: 149543

asfgasg1619asfqsgf.luckyeasypla.com/bucketimg/c4ad4793-5d23-4449-9432-d58529036d97.jpg

103.183.199.103

200 OK

156 kB

URL HTTP/1.1
asfgasg1619asfqsgf.luckyeasypla.com/bucketimg/c4ad4793-5d23-4449-9432-d58529036d97.jpg
IP
103.183.199.103:0
ASN
#0

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 640x500, components 3\012- data
Size
156 kB (156162 bytes)
Hash
9119eee007fa5f67851933bc6090fb6b
86719f7c184f476072bc7024de0ef380d7ee766d
dd15cb251d7d5ba966f7a6e734271963a02a6893a2a7f647b1da5f78bb57633f

HTTP Headers

GET /bucketimg/c4ad4793-5d23-4449-9432-d58529036d97.jpg HTTP/1.1
Host: asfgasg1619asfqsgf.luckyeasypla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: W/"cea8e7525de4ae63973d3bd37da19150"
Server: nginx
Date: Thu, 12 Jan 2023 00:04:12 GMT
Content-Type: image/jpeg
Content-Security-Policy: block-all-mixed-content
Last-Modified: Wed, 11 Jan 2023 23:28:41 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding, Accept-Encoding, Origin
X-Amz-Request-Id: 173966E0DC69421A
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Content-Encoding: gzip
X-Cache: HIT from ty8-cdn199-093
Content-Length: 156162

asfgasg1619asfqsgf.luckyeasypla.com/bucketimg/f26bb56f-da4a-41d6-9ce3-f7b280d8189f.jpg

103.183.199.103

200 OK

144 kB

URL HTTP/1.1
asfgasg1619asfqsgf.luckyeasypla.com/bucketimg/f26bb56f-da4a-41d6-9ce3-f7b280d8189f.jpg
IP
103.183.199.103:0
ASN
#0

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=211, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=850], progressive, precision 8, 850x211, components 3\012- data
Size
144 kB (143561 bytes)
Hash
b5487e64dc357ddc2f4aff8c28a8edfe
43564c4cce06e94bbd820d3419d29a2113195ba4
81498be45326e56ce557fc4520afc69fe566b7d5f604c5dc15a0fd0a98c28b83

HTTP Headers

GET /bucketimg/f26bb56f-da4a-41d6-9ce3-f7b280d8189f.jpg HTTP/1.1
Host: asfgasg1619asfqsgf.luckyeasypla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: W/"6d779f6ac04bd433abf4cb38ddf82e19"
Server: nginx
Date: Tue, 07 Feb 2023 17:36:35 GMT
Content-Type: image/png
Content-Security-Policy: block-all-mixed-content
Last-Modified: Thu, 01 Sep 2022 18:30:40 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding, Accept-Encoding, Origin
X-Amz-Request-Id: 17419B654365DE3C
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Content-Encoding: gzip
X-Cache: HIT from ty8-cdn199-093
Content-Length: 143561

asfgasg1619asfqsgf.luckyeasypla.com/bucketimg/fb5c700e-ae19-4434-8add-c4cb7c7b2d83.jpg

103.183.199.103

200 OK

231 kB

URL HTTP/1.1
asfgasg1619asfqsgf.luckyeasypla.com/bucketimg/fb5c700e-ae19-4434-8add-c4cb7c7b2d83.jpg
IP
103.183.199.103:0
ASN
#0

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 21.1 (Windows), datetime=2023:01:05 22:51:23], progressive, precision 8, 640x500, components 3\012- data
Size
231 kB (230737 bytes)
Hash
12e6dff9a3092e5c0ae6ac019f6c08bd
f358d05c128ca63ced01a27ac68890b3b0dfa32f
f7f76689c2372fd8fb68fd52674cc215eb25fc1e960d678caaa9d16acc689959

HTTP Headers

GET /bucketimg/fb5c700e-ae19-4434-8add-c4cb7c7b2d83.jpg HTTP/1.1
Host: asfgasg1619asfqsgf.luckyeasypla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: W/"54df14901fcb67e45f4a2e4f2b3fd58b"
Server: nginx
Date: Thu, 12 Jan 2023 08:45:41 GMT
Content-Type: image/jpeg
Content-Security-Policy: block-all-mixed-content
Last-Modified: Thu, 12 Jan 2023 06:27:00 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding, Accept-Encoding, Origin
X-Amz-Request-Id: 17398355E4017832
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Content-Encoding: gzip
X-Cache: HIT from ty8-cdn199-093
Content-Length: 230737

asfgasg1619asfqsgf.luckyeasypla.com/bucketimg/9a48fa23-f038-4b77-a3d3-e69513fdde7c.jpg

103.183.199.103

200 OK

446 kB

URL HTTP/1.1
asfgasg1619asfqsgf.luckyeasypla.com/bucketimg/9a48fa23-f038-4b77-a3d3-e69513fdde7c.jpg
IP
103.183.199.103:0
ASN
#0

File type
GIF image data, version 89a, 400 x 400\012- data
Size
446 kB (446072 bytes)
Hash
ff8ebcb87f4411be283e9c193d1c8799
e65f30b4b2bacd5d906f2c0427f8b0341c8720ce
84b9f53ff57b97f6d591a9ef1cc5c47ad09a9b9a0e87873efad8055e3e8f089a

HTTP Headers

GET /bucketimg/9a48fa23-f038-4b77-a3d3-e69513fdde7c.jpg HTTP/1.1
Host: asfgasg1619asfqsgf.luckyeasypla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: W/"314436106c20ea008befc1efced11f6d"
Server: nginx
Date: Tue, 07 Feb 2023 17:36:35 GMT
Content-Type: image/jpeg
Content-Security-Policy: block-all-mixed-content
Last-Modified: Fri, 13 Jan 2023 13:35:47 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding, Accept-Encoding, Origin
X-Amz-Request-Id: 17419B6548D88AE7
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Content-Encoding: gzip
X-Cache: HIT from ty8-cdn199-093
Content-Length: 446072

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (16)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML