r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash b7407cc102d62a5acd5e61f8a79bed36
c2f4890a62454e514962b55b7fc14228339c8e90
be282de92da261128a7c8471f3067466aa9930fd0ab2a2cdda8cd2d6ce2bbd74
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE282DE92DA261128A7C8471F3067466AA9930FD0AB2A2CDDA8CD2D6CE2BBD74"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5952
Expires: Wed, 08 Feb 2023 17:45:03 GMT
Date: Wed, 08 Feb 2023 16:05:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 565c1bbc5c1c40be1988b3bf6fd9dc1a
cfdba5bc597130461dd67bf6cda53183be592493
60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2797
Expires: Wed, 08 Feb 2023 16:52:28 GMT
Date: Wed, 08 Feb 2023 16:05:51 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 08 Feb 2023 15:34:13 GMT
content-type: application/json
age: 1898
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash cc14b0d2f7c451f6431dc87ba54d1d60
bab8bfda6fa3e2f17125353f5147211787dc25d0
b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16848
Expires: Wed, 08 Feb 2023 20:46:39 GMT
Date: Wed, 08 Feb 2023 16:05:51 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: mEtQY9KYksy5vDZgkXfZ03rlY+TcN350/GsKFo9//kkq5YjNfZBEH/TcBLu8NFF0BEp+T0jKLyM=
x-amz-request-id: CE2SCRS88AA744YT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 08 Feb 2023 15:35:59 GMT
age: 1792
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 16:05:51 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Retry-After, Content-Length, Content-Type, ETag, Cache-Control, Alert, Pragma, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 08 Feb 2023 15:14:52 GMT
age: 3060
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 9b88bae61bca33aba8aa99f6128db8d9
a07b61fb2458917699613fcae68710941b595416
54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA"
Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9453
Expires: Wed, 08 Feb 2023 18:43:25 GMT
Date: Wed, 08 Feb 2023 16:05:52 GMT
Connection: keep-alive
push.services.mozilla.com/
35.81.123.193101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.81.123.193:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: jXJGlwX7mkWvLNtGIqLBQQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Vzubnpmw82ZE6rjRG0XLu/zUPho=
www.2026bet365u.com/
103.188.120.97301 Moved Permanently 0 B IP 103.188.120.97:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bet365
fortinet Phishing
quad9 Sinkholed
GET / HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx/1.20.1
Date: Wed, 08 Feb 2023 16:05:52 GMT
Location: https://www.2026bet365u.com/
Content-Length: 0
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 388eaf803a6af78fa2c83dde869d0012
76fd05333aebc3ac9859cc9e88ad895cb6ca01ba
540bf08075914ac85152a3955ccb449475f017f002bd8412181745f8f5e11dce
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "540BF08075914AC85152A3955CCB449475F017F002BD8412181745F8F5E11DCE"
Last-Modified: Tue, 07 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Wed, 08 Feb 2023 22:05:53 GMT
Date: Wed, 08 Feb 2023 16:05:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2584
Expires: Wed, 08 Feb 2023 16:48:58 GMT
Date: Wed, 08 Feb 2023 16:05:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2584
Expires: Wed, 08 Feb 2023 16:48:58 GMT
Date: Wed, 08 Feb 2023 16:05:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2584
Expires: Wed, 08 Feb 2023 16:48:58 GMT
Date: Wed, 08 Feb 2023 16:05:54 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F363ca744-ffa5-4390-9968-412e24620e36.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F363ca744-ffa5-4390-9968-412e24620e36.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5129898de057eb92808f18d120eb7a70
eb0a900843beac5c4ee46686b89b3e8b8d77f80f
7ce3e4f7be652895e93cb8c1a9019b70d699c0a9da013d311395a6440b4e9f96
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F363ca744-ffa5-4390-9968-412e24620e36.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7847
x-amzn-requestid: 60759e32-ac58-4dda-8ea3-fd80413c0deb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_OkkEpMoAMFnGw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c483-61b8715a0da73f4526215649;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:37:07 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: TCX7ZFhV73kN0UBshXeb0qdSkY-8qdeNN6EgioqOUmSAnraEhAohMQ==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:42:11 GMT
age: 66223
etag: "eb0a900843beac5c4ee46686b89b3e8b8d77f80f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce53bc9b-2505-4efd-9151-fa75ed70138a.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce53bc9b-2505-4efd-9151-fa75ed70138a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash be9f475292d4b5b0502d4381ccdf455b
ecb943b48c822b086ea699d802f8f1bb5ee26651
ed22a5102709dc7a067107a6c0cde26931f7781065de9cee49e22de6b9086e31
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce53bc9b-2505-4efd-9151-fa75ed70138a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8703
x-amzn-requestid: 6456aa7d-11f7-4066-a833-9ac5312c0c24
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_O7JGLTIAMFqdQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c513-0679a75676cdc19251c81bdd;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:39:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: DLVp9hiUjE2w5BiukFfUMALWxvcobbJcJRO-7CdXj3cy6rAdFhPRFQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:44:01 GMT
age: 66113
etag: "ecb943b48c822b086ea699d802f8f1bb5ee26651"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f728fd1-646b-418a-ab1a-194a7bf42969.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f728fd1-646b-418a-ab1a-194a7bf42969.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c8f31c82179856e39ee5fc43d7f0b685
5b37f807a19ffc80c0b9334e6d24d5bb717496ce
c099c91c6f2125a8a89ee6e9dc0e37e2c2c9914adadb2c8b77795063baa62037
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f728fd1-646b-418a-ab1a-194a7bf42969.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6805
x-amzn-requestid: 9f067f0c-2991-41ae-8dd0-5719a5438abc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_PHwEn4IAMFvFg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c564-730d01807c13643373d64897;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:40:52 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: eSU1CSydRTodwnN5DNTXbYD3d3kYFCHiCvPRq5DZTTDSTH2L-GV_1g==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 22:19:17 GMT
age: 63997
etag: "5b37f807a19ffc80c0b9334e6d24d5bb717496ce"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8532aa1-7280-445c-9c4c-b562d09929d0.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8532aa1-7280-445c-9c4c-b562d09929d0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1d2eccb9280b851aa1725df5681f6bbd
b4e2b14ee5bc9ee6c9c05666c34b2d1b6ec425b5
c64ece16f4c550feb05db1bccbf74b49d839e77fea31893d48a3f0c267939c92
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8532aa1-7280-445c-9c4c-b562d09929d0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10328
x-amzn-requestid: 0b0b3fcd-416c-47ac-afa0-51be0ab85665
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_PPlGGqoAMFxYg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c596-219ee5023d71e4ce17d49233;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:41:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 1uPNh-FvA8oI5ZuruNle0ATMPSsyl-_ZjLrUnPQJrogPVREc8wrHMQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 22:12:09 GMT
etag: "b4e2b14ee5bc9ee6c9c05666c34b2d1b6ec425b5"
content-type: image/jpeg
age: 64425
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92b2ed55-154e-4ed7-a7ab-1418742cdf6e.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92b2ed55-154e-4ed7-a7ab-1418742cdf6e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7543be9bef0afb8f61344286b7136dd7
e1537aa408cde39d2a314cc2a14f7f7a04a84eb1
162f0898f88d84c8d06542e48e8ff6a903e638f2a837f32681ae1f5e28ae40d7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92b2ed55-154e-4ed7-a7ab-1418742cdf6e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7303
x-amzn-requestid: 081c79e9-2b23-47ad-8b7d-7197c5515c0c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f58kdHMvIAMFdzg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e0a7b5-66fca524070e374310920915;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 07:09:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CV8Q0EwlleoBURF3IvwUGDm_ANrg_SINlUR3cl6OhqySJPejP6T0hg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 08:10:04 GMT
age: 28550
etag: "e1537aa408cde39d2a314cc2a14f7f7a04a84eb1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99e021e8-f66e-44fd-94ca-b30d25a8f5b4.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99e021e8-f66e-44fd-94ca-b30d25a8f5b4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 544181f4aba24fc687a14522dd20f720
2b117270563b8c466ec774acce55271c38f6135b
607c45cc5b4726b92c8507988bbb90ac6a44a3cf22b290030d440266350099a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99e021e8-f66e-44fd-94ca-b30d25a8f5b4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4961
x-amzn-requestid: c3b9db99-726f-4473-a6b6-9cff0dceb949
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fswe1GeRoAMFiAA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63db612b-17b52fcd74e374f1104af709;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 07:07:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dSxTM3mmYK8cLOy5_x4o-lew1goEgwT4fBHi0pM-HSK_qBC6rDAlzg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 15:13:11 GMT
age: 3163
etag: "2b117270563b8c466ec774acce55271c38f6135b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.2026bet365u.com/
103.183.199.71200 OK 2.1 kB IP 103.183.199.71:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (445)
Hash 21a94e9a1974a6ecd661a3c219f51e9b
460f0ff078f49f070d73a99a860650bbd36e2e28
b669cd31ba000348c87624784bfc5df7cbfbe7f9257615cc84517d86b5b960f1
Analyzer Verdict Alert openphish Bet365
fortinet Phishing
quad9 Sinkholed
GET / HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 08 Feb 2023 16:05:54 GMT
Content-Type: text/html
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
X-Cache: MISS from ty8-cdn199-061
Transfer-Encoding: chunked
www.2026bet365u.com/theme.config.44d1ee51.js
103.183.199.71200 OK 17 kB URL HTTP/1.1 www.2026bet365u.com/theme.config.44d1ee51.js
IP 103.183.199.71:0
File type HTML document, Unicode text, UTF-8 text, with very long lines (42210)
Hash 77a23cbfbff00b75223a9bebc77cbe63
3db08b2ec071d41a46e6030ff7de948047e967f3
2ca8bfe4b25ab828c04f525cfc405e28df7c71fd225d1494c2cd223f4081e714
Analyzer Verdict Alert openphish Bet365
fortinet Phishing
quad9 Sinkholed
GET /theme.config.44d1ee51.js HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: W/"63c6110c-18e10"
Server: openresty
Date: Wed, 08 Feb 2023 04:52:21 GMT
Content-Type: application/javascript
Last-Modified: Tue, 17 Jan 2023 03:07:56 GMT
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
X-Cache: HIT from ty8-cdn199-061
Content-Length: 17167
www.2026bet365u.com/js/chunk-common.81d7a84a.js
103.183.199.71200 OK 77 kB URL HTTP/1.1 www.2026bet365u.com/js/chunk-common.81d7a84a.js
IP 103.183.199.71:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 20666e6cf458952a35a076eef054b152
a56587d41d245182d13d50e6d08b62fb0408235b
cb326f557ac49607d93826fe500d76c67e91b78213937a82f7d18ccd60e96cd7
Analyzer Verdict Alert openphish Bet365
fortinet Phishing
quad9 Sinkholed
GET /js/chunk-common.81d7a84a.js HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: W/"63c61106-3cc13"
Server: openresty
Date: Wed, 08 Feb 2023 04:52:23 GMT
Content-Type: application/javascript
Last-Modified: Tue, 17 Jan 2023 03:07:50 GMT
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
X-Cache: HIT from ty8-cdn199-061
Content-Length: 76620
www.2026bet365u.com/css/index.6d2fe930.css
103.183.199.71200 OK 37 kB URL HTTP/1.1 www.2026bet365u.com/css/index.6d2fe930.css
IP 103.183.199.71:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash cb4cdc81f02cf952d0ff9ac47249264e
98898ef6d16605357ac86393cc3e4f9db54d2287
fa535d617e8aba3ff1fe173d6ac873b54aed8e00e732a0f0976f2812ea3cc5c5
Analyzer Verdict Alert openphish Bet365
quad9 Sinkholed
GET /css/index.6d2fe930.css HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: W/"63c610fe-15c75"
Server: openresty
Date: Wed, 08 Feb 2023 04:52:37 GMT
Content-Type: text/css
Last-Modified: Tue, 17 Jan 2023 03:07:42 GMT
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
X-Cache: HIT from ty8-cdn199-061
Content-Length: 36912
www.2026bet365u.com/css/chunk-vendors.090d1983.css
103.183.199.71200 OK 22 kB URL HTTP/1.1 www.2026bet365u.com/css/chunk-vendors.090d1983.css
IP 103.183.199.71:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 7c0e83d7b77325e4d435540742bfeef0
785b23a595d0075f5238e33caa7439553a70dd6c
4d9de2e1bdb70a6667e5666d217fd1acd76b9d6e88f4f117ac5f9992b57e890b
Analyzer Verdict Alert openphish Bet365
quad9 Sinkholed
GET /css/chunk-vendors.090d1983.css HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: W/"63c610fe-28f34"
Server: openresty
Date: Wed, 08 Feb 2023 04:52:22 GMT
Content-Type: text/css
Last-Modified: Tue, 17 Jan 2023 03:07:42 GMT
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
X-Cache: HIT from ty8-cdn199-061
Content-Length: 21757
www.2026bet365u.com/css/chunk-common.1c9260d6.css
103.183.199.71200 OK 41 kB URL HTTP/1.1 www.2026bet365u.com/css/chunk-common.1c9260d6.css
IP 103.183.199.71:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash a30241620b2b3c61c6b465dce2d70b9f
644c16d011068ea02f8c4cb909cb79aa5ca02e0e
240ce0aeac0703e81f5505194f72d6a3cc74821060b3c6593dfc52e92215fefa
Analyzer Verdict Alert openphish Bet365
quad9 Sinkholed
GET /css/chunk-common.1c9260d6.css HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: W/"63c610fe-22b8f"
Server: openresty
Date: Wed, 08 Feb 2023 04:52:22 GMT
Content-Type: text/css
Last-Modified: Tue, 17 Jan 2023 03:07:42 GMT
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
X-Cache: HIT from ty8-cdn199-061
Content-Length: 41127
www.2026bet365u.com/js/index.e38ee93e.js
103.183.199.71200 OK 126 kB URL HTTP/1.1 www.2026bet365u.com/js/index.e38ee93e.js
IP 103.183.199.71:0
File type Unicode text, UTF-8 text, with very long lines (64984), with no line terminators
Size 126 kB (126295 bytes)
Hash d6852c6630d7a5ac18e233c3d039260c
d86b60fe0e050e36d1109071f11a049c031df9c9
ebfa60482ba02b450cd3343bfbabae5e302c9ce3626d96411ada628e2228b15b
Analyzer Verdict Alert openphish Bet365
fortinet Phishing
quad9 Sinkholed
GET /js/index.e38ee93e.js HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: W/"63c61108-5166a"
Server: openresty
Date: Wed, 08 Feb 2023 04:52:21 GMT
Content-Type: application/javascript
Last-Modified: Tue, 17 Jan 2023 03:07:52 GMT
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
X-Cache: HIT from ty8-cdn199-061
Content-Length: 126295
www.2026bet365u.com/js/chunk-vendors.1f6ff71b.js
103.183.199.71200 OK 206 kB URL HTTP/1.1 www.2026bet365u.com/js/chunk-vendors.1f6ff71b.js
IP 103.183.199.71:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size 206 kB (205802 bytes)
Hash d100cb41a0e003c4514faf46eac186ab
c01a603d033de5e813c4793fe80c9fd1adf3deed
dad7b8968b8c809b708f45dd4db39d08812ed7a53145964e685a11d616a26bff
Analyzer Verdict Alert openphish Bet365
fortinet Phishing
quad9 Sinkholed
GET /js/chunk-vendors.1f6ff71b.js HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: W/"63c61106-992f5"
Server: openresty
Date: Wed, 08 Feb 2023 04:52:23 GMT
Content-Type: application/javascript
Last-Modified: Tue, 17 Jan 2023 03:07:50 GMT
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
X-Cache: HIT from ty8-cdn199-061
Content-Length: 205802
www.2026bet365u.com/js/home.0b9907d2.js
103.183.199.71200 OK 621 B URL HTTP/1.1 www.2026bet365u.com/js/home.0b9907d2.js
IP 103.183.199.71:0
File type Unicode text, UTF-8 text, with very long lines (1379), with no line terminators
Hash dd8dcfe5309e36e7b771085c77fbf015
17fb702f6222ce7140a9a1d041b4292bb818e06d
0313163b12965e85c83c8e6605934fea1f776a3fca22ab40a187dadcca0ab3d7
Analyzer Verdict Alert openphish Bet365
fortinet Phishing
quad9 Sinkholed
GET /js/home.0b9907d2.js HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: W/"63c61108-579"
Server: openresty
Date: Wed, 08 Feb 2023 04:52:28 GMT
Content-Type: application/javascript
Last-Modified: Tue, 17 Jan 2023 03:07:52 GMT
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
X-Cache: HIT from ty8-cdn199-061
Content-Length: 621
www.2026bet365u.com/assets/logo/favicon.ico
103.183.199.71200 OK 4.0 kB URL HTTP/1.1 www.2026bet365u.com/assets/logo/favicon.ico
IP 103.183.199.71:0
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash af1c6b36199a0a47854ada4dcb7b9ed2
c425159283c364f476c54b28554f7aa0d8e2c482
1ae95e4da7db716a7f5300b07faee34ce7e92e798fe5f11775de36f9d1007afd
Analyzer Verdict Alert openphish Bet365
quad9 Sinkholed
GET /assets/logo/favicon.ico HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
ETag: "63c610fc-fc7"
Server: openresty
Date: Wed, 08 Feb 2023 15:16:13 GMT
Content-Type: image/x-icon
Last-Modified: Tue, 17 Jan 2023 03:07:40 GMT
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
X-Cache: HIT from ty8-cdn199-061
Content-Length: 4039
www.2026bet365u.com/css/66473.4f034e44.css
103.183.199.71200 OK 0 B URL HTTP/1.1 www.2026bet365u.com/css/66473.4f034e44.css
IP 103.183.199.71:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Bet365
quad9 Sinkholed
GET /css/66473.4f034e44.css HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63c610fe-0"
Server: openresty
Date: Wed, 08 Feb 2023 04:52:38 GMT
Content-Type: text/css
Last-Modified: Tue, 17 Jan 2023 03:07:42 GMT
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
X-Cache: HIT from ty8-cdn199-061
Content-Length: 0
www.2026bet365u.com/css/pc.scene171header.8c5d05d3.css
103.183.199.71200 OK 4.5 kB URL HTTP/1.1 www.2026bet365u.com/css/pc.scene171header.8c5d05d3.css
IP 103.183.199.71:0
File type ASCII text, with very long lines (16130), with no line terminators
Hash 56e716b4db6516c10252425b5b4097dd
5020e971543456f93f8eaba15cc3c4855a5b83ec
b2208ffa7926a4f1cdb7f13bd48274e32b7adf75dac5207519886ad120057ae4
Analyzer Verdict Alert openphish Bet365
quad9 Sinkholed
GET /css/pc.scene171header.8c5d05d3.css HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: W/"63c61100-3f02"
Server: openresty
Date: Wed, 08 Feb 2023 04:52:41 GMT
Content-Type: text/css
Last-Modified: Tue, 17 Jan 2023 03:07:44 GMT
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
X-Cache: HIT from ty8-cdn199-061
Content-Length: 4501
www.2026bet365u.com/css/pc.floatpopup.b2f05007.css
103.183.199.71200 OK 203 B URL HTTP/1.1 www.2026bet365u.com/css/pc.floatpopup.b2f05007.css
IP 103.183.199.71:0
File type ASCII text, with very long lines (468), with no line terminators
Hash 4fd364fa6550f6357f1b043cf5b4aa0c
0bf19fe5090e10fd8056de5c33ef2129671d9a59
da7af5ca6cc2f7ad3b5a7f1f13981c8436aeab9cc51ae5897a62c3610770d888
Analyzer Verdict Alert openphish Bet365
quad9 Sinkholed
GET /css/pc.floatpopup.b2f05007.css HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Encoding: br
Cache-Control: max-age=604800
ETag: "63c610ff-1d4"
Server: openresty
Date: Wed, 08 Feb 2023 04:52:41 GMT
Content-Type: text/css
Last-Modified: Tue, 17 Jan 2023 03:07:43 GMT
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
X-Cache: HIT from ty8-cdn199-061
Content-Length: 203
www.2026bet365u.com/js/pc.floatpopup.57aec2f4.js
103.183.199.71200 OK 1.8 kB URL HTTP/1.1 www.2026bet365u.com/js/pc.floatpopup.57aec2f4.js
IP 103.183.199.71:0
File type ASCII text, with very long lines (4213), with no line terminators
Hash 71cc8d8a0813d49d18645f5b53bbed04
562354b0adb327f6e124b4ce305910d1e43ce20b
4fff3bf20448095f0ea815950fd8da83bb5344eba38b4b322d8abcd7ec5219a4
Analyzer Verdict Alert openphish Bet365
fortinet Phishing
quad9 Sinkholed
GET /js/pc.floatpopup.57aec2f4.js HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: W/"63c61108-1075"
Server: openresty
Date: Wed, 08 Feb 2023 04:52:39 GMT
Content-Type: application/javascript
Last-Modified: Tue, 17 Jan 2023 03:07:52 GMT
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
X-Cache: HIT from ty8-cdn199-061
Content-Length: 1796
www.2026bet365u.com/css/pc.scene171home.a495d762.css
103.183.199.71200 OK 3.7 kB URL HTTP/1.1 www.2026bet365u.com/css/pc.scene171home.a495d762.css
IP 103.183.199.71:0
File type ASCII text, with very long lines (9440), with no line terminators
Hash b13ac8fa066f5d950ed9fb9f489c1aa9
57a121772282aa630f970814b53adc96e062c884
c4dca363b6c75b459689b663188f2aece9e8f9b2ff31ffdf2cc340007d9da572
Analyzer Verdict Alert openphish Bet365
quad9 Sinkholed
GET /css/pc.scene171home.a495d762.css HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: W/"63c61100-24e0"
Server: openresty
Date: Wed, 08 Feb 2023 04:52:37 GMT
Content-Type: text/css
Last-Modified: Tue, 17 Jan 2023 03:07:44 GMT
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
X-Cache: HIT from ty8-cdn199-061
Content-Length: 3707
www.2026bet365u.com/css/pc.scene171floatslider.dce25eab.css
103.183.199.71200 OK 292 B URL HTTP/1.1 www.2026bet365u.com/css/pc.scene171floatslider.dce25eab.css
IP 103.183.199.71:0
File type ASCII text, with very long lines (709), with no line terminators
Hash dc9a6589cac2fe8d2c302a982243697f
66ebe2fdf8b74d3aa63be15cb81437bd9ccd94fa
60c53cc43e5849cf0954a6efa416e25500b0f0e54cddc05940021e3c2cbea6fd
Analyzer Verdict Alert openphish Bet365
quad9 Sinkholed
GET /css/pc.scene171floatslider.dce25eab.css HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Encoding: br
Cache-Control: max-age=604800
ETag: "63c61100-2c5"
Server: openresty
Date: Wed, 08 Feb 2023 04:52:42 GMT
Content-Type: text/css
Last-Modified: Tue, 17 Jan 2023 03:07:44 GMT
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
X-Cache: HIT from ty8-cdn199-061
Content-Length: 292
www.2026bet365u.com/js/pc.scene171floatslider.283a6188.js
103.183.199.71200 OK 1.5 kB URL HTTP/1.1 www.2026bet365u.com/js/pc.scene171floatslider.283a6188.js
IP 103.183.199.71:0
File type Unicode text, UTF-8 text, with very long lines (3779), with no line terminators
Hash 4e74caff418f17255c9efd55840281bc
590a75b5ddb9686538c631da480d80259bbd95e0
d1f7ed884d3c79af7fe1061c4fd3c375c166b758cc1887c8acaa184edb12822a
Analyzer Verdict Alert openphish Bet365
fortinet Phishing
quad9 Sinkholed
GET /js/pc.scene171floatslider.283a6188.js HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: W/"63c6110a-ee5"
Server: openresty
Date: Wed, 08 Feb 2023 04:52:42 GMT
Content-Type: application/javascript
Last-Modified: Tue, 17 Jan 2023 03:07:54 GMT
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
X-Cache: HIT from ty8-cdn199-061
Content-Length: 1519
www.2026bet365u.com/js/pc.scene171home.d66f5cac.js
103.183.199.71200 OK 4.3 kB URL HTTP/1.1 www.2026bet365u.com/js/pc.scene171home.d66f5cac.js
IP 103.183.199.71:0
File type Unicode text, UTF-8 text, with very long lines (9124), with no line terminators
Hash 1d7b7c68b8ce7c8ae8c6ec439623495d
72799aaf950d08126c637200a32d584143d3c370
3b780d0b5c85f11a36ced0c9c5e7cadcd24508236ed123f1a08284e38604a030
Analyzer Verdict Alert openphish Bet365
fortinet Phishing
quad9 Sinkholed
GET /js/pc.scene171home.d66f5cac.js HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: W/"63c6110a-2562"
Server: openresty
Date: Wed, 08 Feb 2023 04:52:38 GMT
Content-Type: application/javascript
Last-Modified: Tue, 17 Jan 2023 03:07:54 GMT
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
X-Cache: HIT from ty8-cdn199-061
Content-Length: 4347
www.2026bet365u.com/js/pc.scene171header.1feb6eee.js
103.183.199.71200 OK 22 kB URL HTTP/1.1 www.2026bet365u.com/js/pc.scene171header.1feb6eee.js
IP 103.183.199.71:0
File type Unicode text, UTF-8 text, with very long lines (39124), with no line terminators
Hash db1dd5a17b483f910cae16eec443f99b
da88e7f0668dabbe3efbe40ed4d93012360881e7
babeedcf59169e49cc79f02a5a48dc1e75385643b4cd88067af969beb2ab46d2
Analyzer Verdict Alert openphish Bet365
fortinet Phishing
quad9 Sinkholed
GET /js/pc.scene171header.1feb6eee.js HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: W/"63c6110a-99c2"
Server: openresty
Date: Wed, 08 Feb 2023 04:52:39 GMT
Content-Type: application/javascript
Last-Modified: Tue, 17 Jan 2023 03:07:54 GMT
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
X-Cache: HIT from ty8-cdn199-061
Content-Length: 22528
www.2026bet365u.com/css/pc.scence171homefooter.85c98a43.css
103.183.199.71200 OK 438 B URL HTTP/1.1 www.2026bet365u.com/css/pc.scence171homefooter.85c98a43.css
IP 103.183.199.71:0
File type ASCII text, with very long lines (1058), with no line terminators
Hash 407022ef9dcbff33ac83d16416e35d07
56e20964b12d54dad31eaf788a135738fb1a884a
086cf321c1a3dafcc30621515c45fcefa54f77a8972e072303c622127175249e
Analyzer Verdict Alert openphish Bet365
quad9 Sinkholed
GET /css/pc.scence171homefooter.85c98a43.css HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: W/"63c610ff-422"
Server: openresty
Date: Wed, 08 Feb 2023 04:52:40 GMT
Content-Type: text/css
Last-Modified: Tue, 17 Jan 2023 03:07:43 GMT
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
X-Cache: HIT from ty8-cdn199-061
Content-Length: 438
www.2026bet365u.com/js/pc.scence171homefooter.666b663f.js
103.183.199.71200 OK 2.3 kB URL HTTP/1.1 www.2026bet365u.com/js/pc.scence171homefooter.666b663f.js
IP 103.183.199.71:0
File type Unicode text, UTF-8 text, with very long lines (2432), with no line terminators
Hash 7949e8953576f0ff0a88861d0de0b1b9
8200cd5b9aab1d4d4fd5209f1447608edf20833b
c58c1368a62fee33367318c2d73801cf558bd5ce61ab9e4cea9bac8a2d80baee
Analyzer Verdict Alert openphish Bet365
fortinet Phishing
quad9 Sinkholed
GET /js/pc.scence171homefooter.666b663f.js HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: W/"63c6110a-fbf"
Server: openresty
Date: Wed, 08 Feb 2023 04:52:40 GMT
Content-Type: application/javascript
Last-Modified: Tue, 17 Jan 2023 03:07:54 GMT
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
X-Cache: HIT from ty8-cdn199-061
Content-Length: 2262
www.2026bet365u.com/api/activity/list?type=0&isPopup=1
103.183.199.71200 OK 1.5 kB URL HTTP/1.1 www.2026bet365u.com/api/activity/list?type=0&isPopup=1
IP 103.183.199.71:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (5786), with no line terminators
Hash 18d9f54684eec8aee5bb3d09defee5ef
5aad15159e457dd9ac515459d00c7a3bceab70f4
7df0b701048eee0094aa3ca532bd38cc62b9e54aac988ced86be8608c08b4bbf
Analyzer Verdict Alert openphish Bet365
quad9 Sinkholed
GET /api/activity/list?type=0&isPopup=1 HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
timestamp: 1675872412094
sign: 1c2d7d191t6e161r
version: 4.0.5.0
client_type: web
device_id: cd6de883aa0b83fe2df5faa278d53109
lang: zh-CN
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 08 Feb 2023 16:05:57 GMT
Content-Type: application/json
Expires: 0
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Vary: Accept-Encoding, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: *
Content-Encoding: gzip
X-Cache: MISS from ty8-cdn199-061
Transfer-Encoding: chunked
www.2026bet365u.com/api/config/system
103.183.199.71200 OK 886 B URL HTTP/1.1 www.2026bet365u.com/api/config/system
IP 103.183.199.71:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (1709), with no line terminators
Hash a092268cc58dca7b8626e71ec301e1b0
8bcff86c22453277b2322b6735c1e662d24ff2f1
3953a3cf28a6cc12064bbcd4fac02dadf8fa4e269be4715b78c73d3741ab9a83
Analyzer Verdict Alert openphish Bet365
fortinet Phishing
quad9 Sinkholed
GET /api/config/system HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
timestamp: 1675872412094
sign: 3s6u157075453s6c
version: 4.0.5.0
client_type: web
device_id: cd6de883aa0b83fe2df5faa278d53109
lang: zh-CN
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 08 Feb 2023 16:05:57 GMT
Content-Type: application/json
Expires: 0
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Vary: Accept-Encoding, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: *
Content-Encoding: gzip
X-Cache: MISS from ty8-cdn199-061
Transfer-Encoding: chunked
www.2026bet365u.com/api/tenant/float/list
103.183.199.71200 OK 516 B URL HTTP/1.1 www.2026bet365u.com/api/tenant/float/list
IP 103.183.199.71:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (1283), with no line terminators
Hash e95cf34fb87ea20f7a41ca3599d1f4c7
bcb1d7be551a961fe1f6d9c13396e40b742d525b
3b00e44f41495eb5dd136b3e1f7ec99d65645fa7650aa6a1641efbe9522d010f
Analyzer Verdict Alert openphish Bet365
fortinet Phishing
quad9 Sinkholed
GET /api/tenant/float/list HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
timestamp: 1675872412375
sign: 2o513k295s42736i
version: 4.0.5.0
client_type: web
device_id: cd6de883aa0b83fe2df5faa278d53109
lang: zh-CN
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 08 Feb 2023 16:05:57 GMT
Content-Type: application/json
Expires: 0
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Vary: Accept-Encoding, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: *
Content-Encoding: gzip
X-Cache: MISS from ty8-cdn199-061
Transfer-Encoding: chunked
www.2026bet365u.com/api/banner/list
103.183.199.71200 OK 301 B URL HTTP/1.1 www.2026bet365u.com/api/banner/list
IP 103.183.199.71:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (387), with no line terminators
Hash 115aceb921017370f7d6f326d1735093
1c7496664e985054bfc1ed4895cc4b2179d011ae
d862f97381e66975f4c3243f5bd5773ce3b235aa417891d2ca755d1979beb020
Analyzer Verdict Alert openphish Bet365
fortinet Phishing
quad9 Sinkholed
GET /api/banner/list HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
timestamp: 1675872412459
sign: 2286n7r7lg627j1c
version: 4.0.5.0
client_type: web
device_id: cd6de883aa0b83fe2df5faa278d53109
lang: zh-CN
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 08 Feb 2023 16:05:57 GMT
Content-Type: application/json
Expires: 0
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Vary: Accept-Encoding, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: *
Content-Encoding: gzip
X-Cache: MISS from ty8-cdn199-061
Transfer-Encoding: chunked
www.2026bet365u.com/api/notice/page?current=1&size=1000
103.183.199.71200 OK 508 B URL HTTP/1.1 www.2026bet365u.com/api/notice/page?current=1&size=1000
IP 103.183.199.71:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (692), with no line terminators
Hash bc68b58634d4b712507c043fa38d55b9
7bb73ec5485d77a086e228eb60d91cee58fd0ec5
fa17b03e0b59a8ee635645b08d40b2e488e376bae3b6b5d2e50fb9c466b65e41
Analyzer Verdict Alert quad9 Sinkholed
GET /api/notice/page?current=1&size=1000 HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
timestamp: 1675872412458
sign: 46g1b48262p5if30
version: 4.0.5.0
client_type: web
device_id: cd6de883aa0b83fe2df5faa278d53109
lang: zh-CN
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 08 Feb 2023 16:05:57 GMT
Content-Type: application/json
Expires: 0
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Vary: Accept-Encoding, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: *
Content-Encoding: gzip
X-Cache: MISS from ty8-cdn199-061
Transfer-Encoding: chunked
www.2026bet365u.com/api/game/gameBarNew
103.183.199.71200 OK 8.7 kB URL HTTP/1.1 www.2026bet365u.com/api/game/gameBarNew
IP 103.183.199.71:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (62740), with no line terminators
Hash 8802f4530c566608c8f729c90bcfc0ae
a9b66c0a260d2e98963d40f5b8e76324d2e1e927
15e428436a340cb05ddbf1291660d1ae42f1c09b8c8946cf54b0819e55787576
Analyzer Verdict Alert openphish Bet365
fortinet Phishing
quad9 Sinkholed
GET /api/game/gameBarNew HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
timestamp: 1675872412547
sign: 3n6i5b1r794i5v55
version: 4.0.5.0
client_type: web
device_id: cd6de883aa0b83fe2df5faa278d53109
lang: zh-CN
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 08 Feb 2023 16:05:57 GMT
Content-Type: application/json
Expires: 0
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Vary: Accept-Encoding, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: *
Content-Encoding: gzip
X-Cache: MISS from ty8-cdn199-061
Transfer-Encoding: chunked
www.2026bet365u.com/img/rdaobg.93df9aaf.png
103.183.199.71200 OK 22 kB URL HTTP/1.1 www.2026bet365u.com/img/rdaobg.93df9aaf.png
IP 103.183.199.71:0
File type PNG image data, 175 x 369, 8-bit/color RGBA, interlaced\012- data
Hash 20585d561a197431aed191a50e110676
28e8a77746a5afe79421fcffe480735d4d8691ad
e337bde0842262d98106036d88902d2e65642b46d42a3f5871b9e307295beec6
Analyzer Verdict Alert openphish Bet365
quad9 Sinkholed
GET /img/rdaobg.93df9aaf.png HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.2026bet365u.com/css/pc.scene171floatslider.dce25eab.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: W/"63c61104-5a0c"
Server: openresty
Date: Wed, 08 Feb 2023 05:57:25 GMT
Content-Type: image/png
Last-Modified: Tue, 17 Jan 2023 03:07:48 GMT
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
X-Cache: HIT from ty8-cdn199-061
Content-Length: 22261
www.2026bet365u.com/img/bg-products.e4ddcae4.png
103.183.199.71200 OK 27 kB URL HTTP/1.1 www.2026bet365u.com/img/bg-products.e4ddcae4.png
IP 103.183.199.71:0
File type PNG image data, 307 x 342, 8-bit/color RGBA, non-interlaced\012- data
Hash 746f23ebabd053a2f6e45c56f5c2156c
b96fc46914ba15036c42626b24b936bf2996c22e
c404cd576a1ca7d71727afb4ea2706bb31f213d24a02934e4ef27eae80ff8359
Analyzer Verdict Alert openphish Bet365
quad9 Sinkholed
GET /img/bg-products.e4ddcae4.png HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.2026bet365u.com/css/pc.scene171home.a495d762.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: W/"63c61101-6bcb"
Server: openresty
Date: Wed, 08 Feb 2023 05:57:24 GMT
Content-Type: image/png
Last-Modified: Tue, 17 Jan 2023 03:07:45 GMT
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
X-Cache: HIT from ty8-cdn199-061
Content-Length: 27443
www.2026bet365u.com/kc215/noData/cms_noimg.png?1673924680626
103.183.199.71200 OK 3.9 kB URL HTTP/1.1 www.2026bet365u.com/kc215/noData/cms_noimg.png?1673924680626
IP 103.183.199.71:0
File type PNG image data, 1920 x 700, 8-bit/color RGBA, non-interlaced\012- data
Hash 99a0bd21dac2b7ad570585f31e71e4c6
7701c1d9c7f7f426126edd3589164ef54ffbf4e5
8dc553e957d055edfa0eb9c59df58cd2f69596b0faab2ed3905f2fcb93907426
Analyzer Verdict Alert openphish Bet365
fortinet Phishing
quad9 Sinkholed
GET /kc215/noData/cms_noimg.png?1673924680626 HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: W/"63c6110b-269a"
Server: openresty
Date: Wed, 08 Feb 2023 05:57:26 GMT
Content-Type: image/png
Last-Modified: Tue, 17 Jan 2023 03:07:55 GMT
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
X-Cache: HIT from ty8-cdn199-061
Content-Length: 3910
www.2026bet365u.com/img/game01.85b388dd.png
103.183.199.71200 OK 30 kB URL HTTP/1.1 www.2026bet365u.com/img/game01.85b388dd.png
IP 103.183.199.71:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=81, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=271], baseline, precision 8, 270x81, components 3\012- data
Hash ee243090e384414e96c816776c7c49e3
e41d0270c5d9f6dfce9a55aed4eaf56e67c945cb
fc3cfafd54694005280197eda49a46f3339d4b15e514fd1383f61df4db74545a
Analyzer Verdict Alert openphish Bet365
quad9 Sinkholed
GET /img/game01.85b388dd.png HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: W/"63c61103-9967"
Server: openresty
Date: Wed, 08 Feb 2023 05:57:25 GMT
Content-Type: image/png
Last-Modified: Tue, 17 Jan 2023 03:07:47 GMT
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
X-Cache: HIT from ty8-cdn199-061
Content-Length: 30191
www.2026bet365u.com/img/game02.4289a415.png
103.183.199.71200 OK 24 kB URL HTTP/1.1 www.2026bet365u.com/img/game02.4289a415.png
IP 103.183.199.71:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=81, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=271], progressive, precision 8, 270x81, components 3\012- data
Hash c1dc5b4279579df574dee565ed2bbab0
b5fbbc6bec0dd1b449a49ab2a8343bf750af4ace
e56cfbdc74ed927f41bf9109d925bfd4039179094728a8099a48bbd22e579745
Analyzer Verdict Alert openphish Bet365
quad9 Sinkholed
GET /img/game02.4289a415.png HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: W/"63c61103-7d87"
Server: openresty
Date: Wed, 08 Feb 2023 05:57:25 GMT
Content-Type: image/png
Last-Modified: Tue, 17 Jan 2023 03:07:47 GMT
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
X-Cache: HIT from ty8-cdn199-061
Content-Length: 24468
www.2026bet365u.com/img/rdao-l-1.d6e3a425.png
103.183.199.71200 OK 9.2 kB URL HTTP/1.1 www.2026bet365u.com/img/rdao-l-1.d6e3a425.png
IP 103.183.199.71:0
File type PNG image data, 147 x 51, 8-bit/color RGB, non-interlaced\012- data
Hash 51bda0bdf153e95fc0ecd6a87ffa5a10
8f5929673995061d35f9d504bb0d26c1a554238c
f8ee66b76e6f91322c5df9bd283381fdcf9a7c062f4c335c0db862eda4d36737
Analyzer Verdict Alert openphish Bet365
quad9 Sinkholed
GET /img/rdao-l-1.d6e3a425.png HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: W/"63c61104-24d3"
Server: openresty
Date: Wed, 08 Feb 2023 05:57:25 GMT
Content-Type: image/png
Last-Modified: Tue, 17 Jan 2023 03:07:48 GMT
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
X-Cache: HIT from ty8-cdn199-061
Content-Length: 9204
www.2026bet365u.com/img/rdao-l-2.f6c6cbaf.png
103.183.199.71200 OK 13 kB URL HTTP/1.1 www.2026bet365u.com/img/rdao-l-2.f6c6cbaf.png
IP 103.183.199.71:0
File type PNG image data, 147 x 57, 8-bit/color RGB, non-interlaced\012- data
Hash dafcc34e864ac4f254ed8062308b2ff4
2294a84544dcf3e2f989d703e73c3152e5a4d32e
7c1782c703a4e61018cd106763b5620a2193b2862072bea2089093b389557220
Analyzer Verdict Alert openphish Bet365
quad9 Sinkholed
GET /img/rdao-l-2.f6c6cbaf.png HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: W/"63c61104-3323"
Server: openresty
Date: Wed, 08 Feb 2023 05:57:25 GMT
Content-Type: image/png
Last-Modified: Tue, 17 Jan 2023 03:07:48 GMT
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
X-Cache: HIT from ty8-cdn199-061
Content-Length: 12864
www.2026bet365u.com/img/game03.212a12ef.png
103.183.199.71200 OK 12 kB URL HTTP/1.1 www.2026bet365u.com/img/game03.212a12ef.png
IP 103.183.199.71:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 270x81, components 3\012- data
Hash 1cf16c13e93928bbe405f3c2ac01ba23
1cd0054bab5dc5d20064867c0e1a8f4a99ec1af0
9a0fee900f0f9422e3406e1e660a0c61bac9097540ca0618b2e8cfd87adfd227
Analyzer Verdict Alert openphish Bet365
quad9 Sinkholed
GET /img/game03.212a12ef.png HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: W/"63c61103-2e92"
Server: openresty
Date: Wed, 08 Feb 2023 05:57:25 GMT
Content-Type: image/png
Last-Modified: Tue, 17 Jan 2023 03:07:47 GMT
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
X-Cache: HIT from ty8-cdn199-061
Content-Length: 11854
www.2026bet365u.com/img/rdao-l-3.5d2e2162.png
103.183.199.71200 OK 12 kB URL HTTP/1.1 www.2026bet365u.com/img/rdao-l-3.5d2e2162.png
IP 103.183.199.71:0
File type PNG image data, 147 x 57, 8-bit/color RGB, non-interlaced\012- data
Hash a4804c201ac8e7522bc2af5b94c2a4b2
d6203db31f8d3949290dde6068124d6a65a26210
ec4eb5a89a14fbd4f321e717215fe7c6a5f93d9effcc666641b654f21ef29943
Analyzer Verdict Alert openphish Bet365
quad9 Sinkholed
GET /img/rdao-l-3.5d2e2162.png HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: W/"63c61104-3120"
Server: openresty
Date: Wed, 08 Feb 2023 05:57:25 GMT
Content-Type: image/png
Last-Modified: Tue, 17 Jan 2023 03:07:48 GMT
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
X-Cache: HIT from ty8-cdn199-061
Content-Length: 12348
www.2026bet365u.com/img/float_left_contact.5e628ff1.png
103.183.199.71200 OK 14 kB URL HTTP/1.1 www.2026bet365u.com/img/float_left_contact.5e628ff1.png
IP 103.183.199.71:0
File type PNG image data, 50 x 247, 8-bit/color RGBA, non-interlaced\012- data
Hash 6903adf12205ae84cc59148fd61dc716
6c72770913e4e3844f3e60ac9cc6be442b11ea16
e2dfab77b1ad4f08774fa59b4e57268b1c609c4b226d418219cec33faf5ac2f2
Analyzer Verdict Alert openphish Bet365
quad9 Sinkholed
GET /img/float_left_contact.5e628ff1.png HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: W/"63c61102-36c1"
Server: openresty
Date: Wed, 08 Feb 2023 05:57:25 GMT
Content-Type: image/png
Last-Modified: Tue, 17 Jan 2023 03:07:46 GMT
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
X-Cache: HIT from ty8-cdn199-061
Content-Length: 13812
www.2026bet365u.com/kc215/noData/cms_game_noimg.png?1673924680626
103.183.199.71200 OK 3.6 kB URL HTTP/1.1 www.2026bet365u.com/kc215/noData/cms_game_noimg.png?1673924680626
IP 103.183.199.71:0
File type PNG image data, 750 x 590, 8-bit/color RGBA, non-interlaced\012- data
Hash 87d5dd35fd5647c214e4b16641984af3
905d5cbbd97eeeb60a861de6a75203d7013585f8
a5cae14ce6a36f6ef968ee27eda637b2ab5c9b9d74b4c278826f0e7bcbd60abe
Analyzer Verdict Alert openphish Bet365
fortinet Phishing
quad9 Sinkholed
GET /kc215/noData/cms_game_noimg.png?1673924680626 HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: W/"63c6110b-1371"
Server: openresty
Date: Wed, 08 Feb 2023 05:57:29 GMT
Content-Type: image/png
Last-Modified: Tue, 17 Jan 2023 03:07:55 GMT
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
X-Cache: HIT from ty8-cdn199-061
Content-Length: 3576
www.2026bet365u.com/img/float_right_contact.d1892e60.png
103.183.199.71200 OK 11 kB URL HTTP/1.1 www.2026bet365u.com/img/float_right_contact.d1892e60.png
IP 103.183.199.71:0
File type PNG image data, 50 x 247, 8-bit/color RGBA, non-interlaced\012- data
Hash 19bc89fb608067f692a91b9746bbc5f8
e8bb2c041091e124057fe897175f02c8cca45ee8
77267f5a35f202a15852c1909f9ef9f6cbba00ad77f2a05cd3d0c5aef4ad9899
Analyzer Verdict Alert openphish Bet365
quad9 Sinkholed
GET /img/float_right_contact.d1892e60.png HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: W/"63c61102-2eb9"
Server: openresty
Date: Wed, 08 Feb 2023 05:57:25 GMT
Content-Type: image/png
Last-Modified: Tue, 17 Jan 2023 03:07:46 GMT
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
X-Cache: HIT from ty8-cdn199-061
Content-Length: 11403
www.2026bet365u.com/img/rdao-r-1.c2e7696b.png
103.183.199.71200 OK 12 kB URL HTTP/1.1 www.2026bet365u.com/img/rdao-r-1.c2e7696b.png
IP 103.183.199.71:0
File type PNG image data, 147 x 57, 8-bit/color RGB, non-interlaced\012- data
Hash 807f2485daa592ff5543f1ff44016db1
4811b66bc4cd958014fc0d70aac46d47c010b4b6
d69a56fcf3b19050f7f7ea4daae12d36b7749f04695a8c2ed76c318ac8495a8d
Analyzer Verdict Alert openphish Bet365
quad9 Sinkholed
GET /img/rdao-r-1.c2e7696b.png HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: W/"63c61104-3002"
Server: openresty
Date: Wed, 08 Feb 2023 05:57:25 GMT
Content-Type: image/png
Last-Modified: Tue, 17 Jan 2023 03:07:48 GMT
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
X-Cache: HIT from ty8-cdn199-061
Content-Length: 12068
www.2026bet365u.com/api/tenant/domain/list
103.183.199.71200 OK 1.3 kB URL HTTP/1.1 www.2026bet365u.com/api/tenant/domain/list
IP 103.183.199.71:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (1652), with no line terminators
Hash b2b65d79f2cc79068c0f651a029598d3
4cfcda1212bfc4f86637d1ad1f134062bb9d8bcc
275f241dfb816de50ca811b33a18cd64f0993b1c9f5cb286e97233368a1fc32b
Analyzer Verdict Alert openphish Bet365
fortinet Phishing
quad9 Sinkholed
GET /api/tenant/domain/list HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
timestamp: 1675872413232
sign: 25t17796pk2u5q19
version: 4.0.5.0
client_type: web
device_id: cd6de883aa0b83fe2df5faa278d53109
lang: zh-CN
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 08 Feb 2023 16:05:58 GMT
Content-Type: application/json
Expires: 0
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Vary: Accept-Encoding, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: *
Content-Encoding: gzip
X-Cache: MISS from ty8-cdn199-061
Transfer-Encoding: chunked
www.2026bet365u.com/kc215/logo/logo.png?1673924680626
103.183.199.71200 OK 15 kB URL HTTP/1.1 www.2026bet365u.com/kc215/logo/logo.png?1673924680626
IP 103.183.199.71:0
File type PNG image data, 472 x 90, 8-bit/color RGBA, non-interlaced\012- data
Hash 58fb745e09d69a77adc66ec678fda8cb
5d12212442c84a200bdd2a67741f744dd8e0d176
577b5de5ee70d7ea4270b27f59b6a8e777a15e0ef1859ccf16a2132f891979fb
Analyzer Verdict Alert openphish Bet365
fortinet Phishing
quad9 Sinkholed
GET /kc215/logo/logo.png?1673924680626 HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: W/"63c6110b-2997c"
Server: openresty
Date: Wed, 08 Feb 2023 05:57:25 GMT
Content-Type: image/png
Last-Modified: Tue, 17 Jan 2023 03:07:55 GMT
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
X-Cache: HIT from ty8-cdn199-061
Content-Length: 14704
www.2026bet365u.com/img/rdao-r-4.5d6173a4.png
103.183.199.71200 OK 14 kB URL HTTP/1.1 www.2026bet365u.com/img/rdao-r-4.5d6173a4.png
IP 103.183.199.71:0
File type PNG image data, 147 x 53, 8-bit/color RGB, non-interlaced\012- data
Hash dd5fb591cbb9b0f8a1610dedf9ea66b8
7f043e7b4028472d249bcdd4c297eb18c188734f
477f6b1e4186260c752a943b0f45c2b4009c046ca3fd12045e8ed8b87d47b6ff
Analyzer Verdict Alert openphish Bet365
quad9 Sinkholed
GET /img/rdao-r-4.5d6173a4.png HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: W/"63c61104-3922"
Server: openresty
Date: Wed, 08 Feb 2023 05:57:25 GMT
Content-Type: image/png
Last-Modified: Tue, 17 Jan 2023 03:07:48 GMT
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
X-Cache: HIT from ty8-cdn199-061
Content-Length: 14427
www.2026bet365u.com/js/42480.6271432b.js
103.183.199.71200 OK 75 B URL HTTP/1.1 www.2026bet365u.com/js/42480.6271432b.js
IP 103.183.199.71:0
File type ASCII text, with no line terminators
Hash 6c6f95c1c4a9b0768a7c8122a384e603
26e3ed3483802652f86fb66d1ee431afbdcc42fe
1ea142e3274580463ead5ef373b4e9b815bff5d1165b6a9737827deb5c70dcd6
Analyzer Verdict Alert openphish Bet365
fortinet Phishing
quad9 Sinkholed
GET /js/42480.6271432b.js HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "63c61105-4b"
Server: openresty
Date: Wed, 08 Feb 2023 04:52:51 GMT
Content-Type: application/javascript
Last-Modified: Tue, 17 Jan 2023 03:07:49 GMT
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
X-Cache: HIT from ty8-cdn199-061
Content-Length: 75
www.2026bet365u.com/js/81354.ac91c7ab.js
103.183.199.71200 OK 18 kB URL HTTP/1.1 www.2026bet365u.com/js/81354.ac91c7ab.js
IP 103.183.199.71:0
File type Unicode text, UTF-8 text, with very long lines (24163)
Hash f6c1af2356d6d14761bc0183fd38446e
0d22164da4a83fd81b5fd19c1fed8b13f05cb019
7fca02aca9fde9e3bf27103becaaa5b3de0aebe62c4f79623075feee0dc9b5ec
Analyzer Verdict Alert openphish Bet365
fortinet Phishing
quad9 Sinkholed
GET /js/81354.ac91c7ab.js HTTP/1.1
Host: www.2026bet365u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: W/"63c61106-d5f4"
Server: openresty
Date: Wed, 08 Feb 2023 04:52:50 GMT
Content-Type: application/javascript
Last-Modified: Tue, 17 Jan 2023 03:07:50 GMT
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
X-Cache: HIT from ty8-cdn199-061
Content-Length: 18016
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1520d306f775d1da6bce241f7e7c0447
15531c2e8f94245df191497b43024f37af9dea6d
88eab071b245d7925deeadd47a6a20bd54fa93b24fa5b41d5da74bc1e4670186
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "88EAB071B245D7925DEEADD47A6A20BD54FA93B24FA5B41D5DA74BC1E4670186"
Last-Modified: Mon, 06 Feb 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21568
Expires: Wed, 08 Feb 2023 22:05:27 GMT
Date: Wed, 08 Feb 2023 16:05:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1520d306f775d1da6bce241f7e7c0447
15531c2e8f94245df191497b43024f37af9dea6d
88eab071b245d7925deeadd47a6a20bd54fa93b24fa5b41d5da74bc1e4670186
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "88EAB071B245D7925DEEADD47A6A20BD54FA93B24FA5B41D5DA74BC1E4670186"
Last-Modified: Mon, 06 Feb 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21561
Expires: Wed, 08 Feb 2023 22:05:20 GMT
Date: Wed, 08 Feb 2023 16:05:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1520d306f775d1da6bce241f7e7c0447
15531c2e8f94245df191497b43024f37af9dea6d
88eab071b245d7925deeadd47a6a20bd54fa93b24fa5b41d5da74bc1e4670186
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "88EAB071B245D7925DEEADD47A6A20BD54FA93B24FA5B41D5DA74BC1E4670186"
Last-Modified: Mon, 06 Feb 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21583
Expires: Wed, 08 Feb 2023 22:05:42 GMT
Date: Wed, 08 Feb 2023 16:05:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash e4b2ff50079cb61885a56749ba60c18e
f929310e8f3d78c080f275dde3a67a8bdf9e7bb2
a082d9e964aecba8ced06b02065be998dc3517c5c6ba2e260f6ed84c8c34ae8f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A082D9E964AECBA8CED06B02065BE998DC3517C5C6BA2E260F6ED84C8C34AE8F"
Last-Modified: Wed, 08 Feb 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Wed, 08 Feb 2023 22:05:59 GMT
Date: Wed, 08 Feb 2023 16:05:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1520d306f775d1da6bce241f7e7c0447
15531c2e8f94245df191497b43024f37af9dea6d
88eab071b245d7925deeadd47a6a20bd54fa93b24fa5b41d5da74bc1e4670186
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "88EAB071B245D7925DEEADD47A6A20BD54FA93B24FA5B41D5DA74BC1E4670186"
Last-Modified: Mon, 06 Feb 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21577
Expires: Wed, 08 Feb 2023 22:05:36 GMT
Date: Wed, 08 Feb 2023 16:05:59 GMT
Connection: keep-alive
asfgasg1619asfqsgf.luckyeasypla.com/bucketimg/7c5efa2a-4669-4be1-a940-674e32272039.jpg
103.183.199.103200 OK 150 kB URL HTTP/1.1 asfgasg1619asfqsgf.luckyeasypla.com/bucketimg/7c5efa2a-4669-4be1-a940-674e32272039.jpg
IP 103.183.199.103:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 640x500, components 3\012- data
Size 150 kB (149543 bytes)
Hash 1dfe60355d0e86716b6c1d9020cbf426
25fe4f329ad986858d801e3f8f6b416d9046569d
5b5e0475577a95b5270aa06ff314c2746e9e78c3665ae175ea3e01c2193deccc
GET /bucketimg/7c5efa2a-4669-4be1-a940-674e32272039.jpg HTTP/1.1
Host: asfgasg1619asfqsgf.luckyeasypla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: W/"e0290bd10901b507c3be310f05e2c3a8"
Server: nginx
Date: Tue, 07 Feb 2023 17:36:35 GMT
Content-Type: image/jpeg
Content-Security-Policy: block-all-mixed-content
Last-Modified: Wed, 11 Jan 2023 23:24:39 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding, Accept-Encoding, Origin
X-Amz-Request-Id: 17419B65448DC8AA
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Content-Encoding: gzip
X-Cache: HIT from ty8-cdn199-093
Content-Length: 149543
asfgasg1619asfqsgf.luckyeasypla.com/bucketimg/c4ad4793-5d23-4449-9432-d58529036d97.jpg
103.183.199.103200 OK 156 kB URL HTTP/1.1 asfgasg1619asfqsgf.luckyeasypla.com/bucketimg/c4ad4793-5d23-4449-9432-d58529036d97.jpg
IP 103.183.199.103:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 640x500, components 3\012- data
Size 156 kB (156162 bytes)
Hash 9119eee007fa5f67851933bc6090fb6b
86719f7c184f476072bc7024de0ef380d7ee766d
dd15cb251d7d5ba966f7a6e734271963a02a6893a2a7f647b1da5f78bb57633f
GET /bucketimg/c4ad4793-5d23-4449-9432-d58529036d97.jpg HTTP/1.1
Host: asfgasg1619asfqsgf.luckyeasypla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: W/"cea8e7525de4ae63973d3bd37da19150"
Server: nginx
Date: Thu, 12 Jan 2023 00:04:12 GMT
Content-Type: image/jpeg
Content-Security-Policy: block-all-mixed-content
Last-Modified: Wed, 11 Jan 2023 23:28:41 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding, Accept-Encoding, Origin
X-Amz-Request-Id: 173966E0DC69421A
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Content-Encoding: gzip
X-Cache: HIT from ty8-cdn199-093
Content-Length: 156162
asfgasg1619asfqsgf.luckyeasypla.com/bucketimg/f26bb56f-da4a-41d6-9ce3-f7b280d8189f.jpg
103.183.199.103200 OK 144 kB URL HTTP/1.1 asfgasg1619asfqsgf.luckyeasypla.com/bucketimg/f26bb56f-da4a-41d6-9ce3-f7b280d8189f.jpg
IP 103.183.199.103:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=211, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=850], progressive, precision 8, 850x211, components 3\012- data
Size 144 kB (143561 bytes)
Hash b5487e64dc357ddc2f4aff8c28a8edfe
43564c4cce06e94bbd820d3419d29a2113195ba4
81498be45326e56ce557fc4520afc69fe566b7d5f604c5dc15a0fd0a98c28b83
GET /bucketimg/f26bb56f-da4a-41d6-9ce3-f7b280d8189f.jpg HTTP/1.1
Host: asfgasg1619asfqsgf.luckyeasypla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: W/"6d779f6ac04bd433abf4cb38ddf82e19"
Server: nginx
Date: Tue, 07 Feb 2023 17:36:35 GMT
Content-Type: image/png
Content-Security-Policy: block-all-mixed-content
Last-Modified: Thu, 01 Sep 2022 18:30:40 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding, Accept-Encoding, Origin
X-Amz-Request-Id: 17419B654365DE3C
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Content-Encoding: gzip
X-Cache: HIT from ty8-cdn199-093
Content-Length: 143561
asfgasg1619asfqsgf.luckyeasypla.com/bucketimg/fb5c700e-ae19-4434-8add-c4cb7c7b2d83.jpg
103.183.199.103200 OK 231 kB URL HTTP/1.1 asfgasg1619asfqsgf.luckyeasypla.com/bucketimg/fb5c700e-ae19-4434-8add-c4cb7c7b2d83.jpg
IP 103.183.199.103:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 21.1 (Windows), datetime=2023:01:05 22:51:23], progressive, precision 8, 640x500, components 3\012- data
Size 231 kB (230737 bytes)
Hash 12e6dff9a3092e5c0ae6ac019f6c08bd
f358d05c128ca63ced01a27ac68890b3b0dfa32f
f7f76689c2372fd8fb68fd52674cc215eb25fc1e960d678caaa9d16acc689959
GET /bucketimg/fb5c700e-ae19-4434-8add-c4cb7c7b2d83.jpg HTTP/1.1
Host: asfgasg1619asfqsgf.luckyeasypla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: W/"54df14901fcb67e45f4a2e4f2b3fd58b"
Server: nginx
Date: Thu, 12 Jan 2023 08:45:41 GMT
Content-Type: image/jpeg
Content-Security-Policy: block-all-mixed-content
Last-Modified: Thu, 12 Jan 2023 06:27:00 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding, Accept-Encoding, Origin
X-Amz-Request-Id: 17398355E4017832
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Content-Encoding: gzip
X-Cache: HIT from ty8-cdn199-093
Content-Length: 230737
asfgasg1619asfqsgf.luckyeasypla.com/bucketimg/9a48fa23-f038-4b77-a3d3-e69513fdde7c.jpg
103.183.199.103200 OK 446 kB URL HTTP/1.1 asfgasg1619asfqsgf.luckyeasypla.com/bucketimg/9a48fa23-f038-4b77-a3d3-e69513fdde7c.jpg
IP 103.183.199.103:0
File type GIF image data, version 89a, 400 x 400\012- data
Size 446 kB (446072 bytes)
Hash ff8ebcb87f4411be283e9c193d1c8799
e65f30b4b2bacd5d906f2c0427f8b0341c8720ce
84b9f53ff57b97f6d591a9ef1cc5c47ad09a9b9a0e87873efad8055e3e8f089a
GET /bucketimg/9a48fa23-f038-4b77-a3d3-e69513fdde7c.jpg HTTP/1.1
Host: asfgasg1619asfqsgf.luckyeasypla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.2026bet365u.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: W/"314436106c20ea008befc1efced11f6d"
Server: nginx
Date: Tue, 07 Feb 2023 17:36:35 GMT
Content-Type: image/jpeg
Content-Security-Policy: block-all-mixed-content
Last-Modified: Fri, 13 Jan 2023 13:35:47 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding, Accept-Encoding, Origin
X-Amz-Request-Id: 17419B6548D88AE7
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Content-Encoding: gzip
X-Cache: HIT from ty8-cdn199-093
Content-Length: 446072