lopaset.com/camp5?bundle=3003504&cost=0.121&source_id=98&stage=2&country=IN&difficulty=0.5&campaignid=862847&site_id=gettranny.com
172.67.152.234301 Moved Permanently 0 B URL HTTP/1.1 lopaset.com/camp5?bundle=3003504&cost=0.121&source_id=98&stage=2&country=IN&difficulty=0.5&campaignid=862847&site_id=gettranny.com
IP 172.67.152.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /camp5?bundle=3003504&cost=0.121&source_id=98&stage=2&country=IN&difficulty=0.5&campaignid=862847&site_id=gettranny.com HTTP/1.1
Host: lopaset.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 27 Dec 2022 07:40:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 27 Dec 2022 08:40:20 GMT
Location: https://lopaset.com/camp5?bundle=3003504&cost=0.121&source_id=98&stage=2&country=IN&difficulty=0.5&campaignid=862847&site_id=gettranny.com
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8amBbKezAUggz248FZ9Mx1cqMl51cWPbVfkoaveDu%2BYpVZQfWuzB9nLZTR0dWJufntbtMvIyedjL3xKWFOWY11jEYRGvOrSweVjyCNsdv%2BqRt6MCFknl6X5ixsT2JQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78006854decfb4ff-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 96defe1601ba891731eee83f0830649d
ba500679fd337488c3f60543561740ff0dfc1898
d2a320a9feb1a874af3da921db2a8619513968724ef8eb0715c010291c4cf8d9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D2A320A9FEB1A874AF3DA921DB2A8619513968724EF8EB0715C010291C4CF8D9"
Last-Modified: Sun, 25 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11460
Expires: Tue, 27 Dec 2022 10:51:20 GMT
Date: Tue, 27 Dec 2022 07:40:20 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 67f508aae634a023b587a7129a5b8039
2ff7e1d29b497147941d0abf581411cbd2722d7b
eee5fda5214bd4f75b0934bb1f14429fe01251628026fd0f18f117b38848601c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EEE5FDA5214BD4F75B0934BB1F14429FE01251628026FD0F18F117B38848601C"
Last-Modified: Sun, 25 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18019
Expires: Tue, 27 Dec 2022 12:40:39 GMT
Date: Tue, 27 Dec 2022 07:40:20 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash c298d0b2a05562a7ece94adf3589dacd
266befe104baa47e94fe0b9d00d10f96518b6525
a00a7433c6ee020d40e43fb5c821b8f2b835107852be361317fd2dfdcc4f0a15
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A00A7433C6EE020D40E43FB5C821B8F2B835107852BE361317FD2DFDCC4F0A15"
Last-Modified: Sun, 25 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2569
Expires: Tue, 27 Dec 2022 08:23:09 GMT
Date: Tue, 27 Dec 2022 07:40:20 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Type, Content-Length, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 27 Dec 2022 07:35:06 GMT
content-type: application/json
age: 314
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: h37dTECv7LyZhwi6KKlWzCEx/1EIw92yWQlhk8SWm8QrUE3+gzOBA7nqWQIMp5A5z+YPC9DL3h8=
x-amz-request-id: 7WCR94AY2V5C75RT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 27 Dec 2022 06:57:45 GMT
age: 2555
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 27 Dec 2022 07:40:20 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 68ee4e2891b5a52719997e4ef8cb7aab
ae2e49eff010551d7f3dcf005a51530ee2910480
2bae50a834a34f248f6a79cf6f191dcf709c24b884f2d3da7fa43985c6b2d48b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1624
Cache-Control: max-age=93211
Content-Type: application/ocsp-response
Date: Tue, 27 Dec 2022 07:40:21 GMT
Etag: "63a96428-1d7"
Expires: Wed, 28 Dec 2022 09:33:52 GMT
Last-Modified: Mon, 26 Dec 2022 09:06:48 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Last-Modified, Retry-After, Content-Type, Alert, Pragma, ETag, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 27 Dec 2022 07:08:07 GMT
age: 1934
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ak.onpluslean.com/afu.php?zoneid=5178792&ymid=1672126820828qzcf0vxwz&var=98
23.36.77.33200 OK 2.3 kB URL HTTP/2 ak.onpluslean.com/afu.php?zoneid=5178792&ymid=1672126820828qzcf0vxwz&var=98
IP 23.36.77.33:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3060)
Hash 1fa686e1d256294d1e78ebd423a56067
512ba7089268bba99bf7b34e9a053cfe7ece0262
2cf87133aa1f9d306bde32628986cfb9c420238683d6cfcf1e9f2b22ef8326dc
Analyzer Verdict Alert quad9 Sinkholed
GET /afu.php?zoneid=5178792&ymid=1672126820828qzcf0vxwz&var=98 HTTP/1.1
Host: ak.onpluslean.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lopaset.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf8
x-trace-id: 4b86bc2b59d3ceb0952027198be22e24
link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch", <https://www.bet365.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
vary: Accept-Encoding
x-akamai-transformed: 9 618 0 pmb=mRUM,1
content-encoding: gzip
expires: Tue, 27 Dec 2022 07:40:21 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 27 Dec 2022 07:40:21 GMT
content-length: 2259
set-cookie: OAID=2576ef3d0e9e427c9e9ef237c5de3974; expires=Wed, 27 Dec 2023 07:40:21 GMT; path=/; secure; SameSite=None
oaidts=1672126821; expires=Wed, 27 Dec 2023 07:40:21 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=123, origin; dur=37
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1073fdff7b00d96b5a3d013cee3ec37c
2a28b46cdcfff711b308168a12b79a7dc126bc8e
1c6f46dad6333d16cb0b9c859a405825f877d822e9072d4ef2299f7b62a70c06
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1C6F46DAD6333D16CB0B9C859A405825F877D822E9072D4EF2299F7B62A70C06"
Last-Modified: Sun, 25 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3726
Expires: Tue, 27 Dec 2022 08:42:27 GMT
Date: Tue, 27 Dec 2022 07:40:21 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash e79a159e8e4bb036c594cae2e3044257
70426a46ca4508235c9ff538a1687bb5a78673e7
a680ed46f4d7426ae2f5a463124e196fee911d3c34418a88cc3ddf19feaf2f40
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3131
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Dec 2022 07:40:21 GMT
Last-Modified: Tue, 27 Dec 2022 06:48:11 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 280
push.services.mozilla.com/
52.37.79.227101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.37.79.227:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: yxK44goa4cr3RVypwmAZ5Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: GzNKIbMp3XaIvY5uJb6IviAia0g=
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash e9d63ec25bafe6673c04220090be3872
5fcfc0f791668ec107d1f78bcff82fef82a92746
4a37e479101e6f5e3b3271c67cb9eb2048aaa4a5e2fbfb6311c0571e2f7bea5d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A37E479101E6F5E3B3271C67CB9EB2048AAA4A5E2FBFB6311C0571E2F7BEA5D"
Last-Modified: Sun, 25 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8804
Expires: Tue, 27 Dec 2022 10:07:05 GMT
Date: Tue, 27 Dec 2022 07:40:21 GMT
Connection: keep-alive
www.bet365.com/olp/open-account/?affiliate=365_00976072&rdk=rk1
5.226.179.10200 OK 1.9 kB URL HTTP/1.1 www.bet365.com/olp/open-account/?affiliate=365_00976072&rdk=rk1
IP 5.226.179.10:0
ASN #209242 Cloudflare London, LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash ac5fffe14de76f18083dbf78888dc19d
77a7f784eabd9a2203869587423924eb5aa2eb51
85a5ffef1fab7383c03d93891a7ac99ffb4da3c8a1d8cd90bd664878d69674b7
GET /olp/open-account/?affiliate=365_00976072&rdk=rk1 HTTP/1.1
Host: www.bet365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 27 Dec 2022 07:40:21 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ServerDetails: <!--1P1 - 78-->
CF-Cache-Status: DYNAMIC
Set-Cookie: __cf_bm=.KwxsoZRVdR3ga9asQAwgR3vtgZK.UwVOXsTA8wUals-1672126821-0-ASptfbDs1XaRSVBSWPE9eOehM31DARwOwMChrTi+rFKEMs3kBWKx4Dy3yhVtvuIcz1xH1JE53UMvvexD/eefglk=; path=/; expires=Tue, 27-Dec-22 08:10:21 GMT; domain=.bet365.com; HttpOnly; Secure; SameSite=None
Server: cloudflare
CF-RAY: 7800685c18ccb51d-OSL
ak.onpluslean.com/favicon.ico
23.36.77.33204 No Content 0 B URL HTTP/2 ak.onpluslean.com/favicon.ico
IP 23.36.77.33:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: ak.onpluslean.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: OAID=2576ef3d0e9e427c9e9ef237c5de3974; oaidts=1672126821
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
expires: Tue, 27 Dec 2022 07:40:21 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 27 Dec 2022 07:40:21 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=19, origin; dur=24
X-Firefox-Spdy: h2
my.rtmark.net/img.gif?f=merge&userId=2576ef3d0e9e427c9e9ef237c5de3974
139.45.195.8200 OK 43 B URL HTTP/2 my.rtmark.net/img.gif?f=merge&userId=2576ef3d0e9e427c9e9ef237c5de3974
IP 139.45.195.8:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
POST /img.gif?f=merge&userId=2576ef3d0e9e427c9e9ef237c5de3974 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
server: nginx
date: Tue, 27 Dec 2022 07:40:21 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: null
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=2576ef3d0e9e427c9e9ef237c5de3974; expires=Wed, 27 Dec 2023 07:40:21 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
www.bet365.com/olpc/nn/143/0/1/open-account
5.226.179.10200 OK 13 kB URL HTTP/1.1 www.bet365.com/olpc/nn/143/0/1/open-account
IP 5.226.179.10:0
ASN #209242 Cloudflare London, LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2285), with CRLF line terminators
Hash 9fb91de487a14dd1d176d706621f913a
c93b72303c030e2a0ef576f9db6bd8032b578ec5
80a13febb09ca60572e73a93dd5167ec12b402e6ffde9bc8c818acf515b8b43c
GET /olpc/nn/143/0/1/open-account HTTP/1.1
Host: www.bet365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bet365.com/olp/open-account/?affiliate=365_00976072&rdk=rk1
Cookie: __cf_bm=.KwxsoZRVdR3ga9asQAwgR3vtgZK.UwVOXsTA8wUals-1672126821-0-ASptfbDs1XaRSVBSWPE9eOehM31DARwOwMChrTi+rFKEMs3kBWKx4Dy3yhVtvuIcz1xH1JE53UMvvexD/eefglk=
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 27 Dec 2022 07:40:21 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 13336
Connection: keep-alive
Cache-Control: private
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Security-Policy: default-src 'self';script-src 'self' 'unsafe-inline' https://www.googletagmanager.com;frame-src 'self' http://members.bet365.com 'nonce-zjcf81RONZsJqeEYxJbUBCtnzwivFMNpgaVeS/c2PpY=';style-src 'self' 'unsafe-inline';img-src 'self' data: https://content001.bet365.com/ https://content001.bet365.com/SportsContent/ 'nonce-zjcf81RONZsJqeEYxJbUBCtnzwivFMNpgaVeS/c2PpY=';connect-src 'self' https://www.google-analytics.com http://members.bet365.com https://extra.bet365.com 'nonce-zjcf81RONZsJqeEYxJbUBCtnzwivFMNpgaVeS/c2PpY=';font-src 'self' data: 'nonce-zjcf81RONZsJqeEYxJbUBCtnzwivFMNpgaVeS/c2PpY=';
Last-Modified: Tue, 27 Dec 2022 00:02:38 GMT
CF-Cache-Status: HIT
Age: 13005
Accept-Ranges: bytes
Server: cloudflare
CF-RAY: 7800685d4996b51d-OSL
www.bet365.com/favicon.ico
5.226.179.10200 OK 2.2 kB URL HTTP/1.1 www.bet365.com/favicon.ico
IP 5.226.179.10:0
ASN #209242 Cloudflare London, LLC
File type MS Windows icon resource - 2 icons, 16x16, 32x32\012- data
Hash b066420b9f56610b2b3dfbe85ff7193d
fff8a03249f2ca6e0b015d17f59dfb024be46555
24d23c47ffaa0cb739d8589cbf65eefa45d22ee155af5739d0dc318fc425ca77
GET /favicon.ico HTTP/1.1
Host: www.bet365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bet365.com/olp/open-account/?affiliate=365_00976072&rdk=rk1
Cookie: __cf_bm=.KwxsoZRVdR3ga9asQAwgR3vtgZK.UwVOXsTA8wUals-1672126821-0-ASptfbDs1XaRSVBSWPE9eOehM31DARwOwMChrTi+rFKEMs3kBWKx4Dy3yhVtvuIcz1xH1JE53UMvvexD/eefglk=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 27 Dec 2022 07:40:21 GMT
Content-Type: image/x-icon
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=172800, s-maxage=86400, stale-while-revalidate=1
Last-Modified: Mon, 26 Dec 2022 11:14:03 GMT
CF-Cache-Status: HIT
Age: 73559
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7800685d59a4b51d-OSL
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 085351f224895b1479ccbf458e32a62c
75320972d949c84acee02dabff60442af664e75c
457fe21a6f081927de9ed57520fe3379386d2d25aee9fecf10269d73f9543659
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1869
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Dec 2022 07:40:22 GMT
Last-Modified: Tue, 27 Dec 2022 07:09:13 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 280
www.bet365.com/olpc/olpc-styles.css?v=wc4NFuwOWHe7oCJgoJ3H30JGFbhxkK1_A_el5M1umTw1
5.226.179.10200 OK 114 kB URL HTTP/1.1 www.bet365.com/olpc/olpc-styles.css?v=wc4NFuwOWHe7oCJgoJ3H30JGFbhxkK1_A_el5M1umTw1
IP 5.226.179.10:0
ASN #209242 Cloudflare London, LLC
File type Unicode text, UTF-8 text, with very long lines (335), with CRLF, CR line terminators
Size 114 kB (114207 bytes)
Hash ab97b2e2cab4f64fd94ccf05b06b91f3
a74a39f7b99fcd1bfa107bf4ca3e3aed0ac0dd21
79a1f3da72ccd0a29b4f36d513d63738bd3f13af20fa3b9bf032a261ecf0f49c
GET /olpc/olpc-styles.css?v=wc4NFuwOWHe7oCJgoJ3H30JGFbhxkK1_A_el5M1umTw1 HTTP/1.1
Host: www.bet365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bet365.com/olpc/nn/143/0/1/open-account
Cookie: __cf_bm=.KwxsoZRVdR3ga9asQAwgR3vtgZK.UwVOXsTA8wUals-1672126821-0-ASptfbDs1XaRSVBSWPE9eOehM31DARwOwMChrTi+rFKEMs3kBWKx4Dy3yhVtvuIcz1xH1JE53UMvvexD/eefglk=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 27 Dec 2022 07:40:22 GMT
Content-Type: text/css; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public
Content-Encoding: gzip
Expires: Tue, 26 Dec 2023 11:27:06 GMT
Last-Modified: Mon, 26 Dec 2022 11:27:06 GMT
Vary: User-Agent,Accept-Encoding
CF-Cache-Status: HIT
Age: 329
Server: cloudflare
CF-RAY: 7800685d8a40b50c-OSL
www.bet365.com/olpc/olpc-scripts.js?v=BFtd68YDGI6lY8QUkR1DLpIOYMWVIvfYh65N5W34ZPY1
5.226.179.10200 OK 7.5 kB URL HTTP/1.1 www.bet365.com/olpc/olpc-scripts.js?v=BFtd68YDGI6lY8QUkR1DLpIOYMWVIvfYh65N5W34ZPY1
IP 5.226.179.10:0
ASN #209242 Cloudflare London, LLC
File type ASCII text, with very long lines (21599), with no line terminators
Hash 246f2da5a7ba788a88a0b316ca4be15e
293d82755e0e84fd347071764f02eb2267b3a8d6
82caddb3e7f7315cc3dc20d50330f451d237d87c80570933619e774b2619b186
GET /olpc/olpc-scripts.js?v=BFtd68YDGI6lY8QUkR1DLpIOYMWVIvfYh65N5W34ZPY1 HTTP/1.1
Host: www.bet365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bet365.com/olpc/nn/143/0/1/open-account
Cookie: __cf_bm=.KwxsoZRVdR3ga9asQAwgR3vtgZK.UwVOXsTA8wUals-1672126821-0-ASptfbDs1XaRSVBSWPE9eOehM31DARwOwMChrTi+rFKEMs3kBWKx4Dy3yhVtvuIcz1xH1JE53UMvvexD/eefglk=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 27 Dec 2022 07:40:22 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 7484
Connection: keep-alive
Cache-Control: public
Content-Encoding: gzip
Expires: Tue, 26 Dec 2023 11:27:06 GMT
Last-Modified: Mon, 26 Dec 2022 11:27:06 GMT
Vary: User-Agent,Accept-Encoding
CF-Cache-Status: HIT
Age: 328
Accept-Ranges: bytes
Server: cloudflare
CF-RAY: 7800685dc8ae1bfa-OSL
www.bet365.com/olpc/Content/Fonts/FTN45__W.woff2
5.226.179.10200 OK 46 kB URL HTTP/1.1 www.bet365.com/olpc/Content/Fonts/FTN45__W.woff2
IP 5.226.179.10:0
ASN #209242 Cloudflare London, LLC
File type Web Open Font Format (Version 2), TrueType, length 45892, version 1.590\012- data
Hash e3596a29429736364ebfef73786a55ab
7bd9b6b18b0985c080d520610c0ab74a128d71bd
6e28311fc68644a88a32df782c7371991894bc6a6a81f8ff70f971b4470c3751
GET /olpc/Content/Fonts/FTN45__W.woff2 HTTP/1.1
Host: www.bet365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bet365.com/olpc/nn/143/0/1/open-account
Cookie: __cf_bm=.KwxsoZRVdR3ga9asQAwgR3vtgZK.UwVOXsTA8wUals-1672126821-0-ASptfbDs1XaRSVBSWPE9eOehM31DARwOwMChrTi+rFKEMs3kBWKx4Dy3yhVtvuIcz1xH1JE53UMvvexD/eefglk=
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 27 Dec 2022 07:40:22 GMT
Content-Length: 45892
Connection: keep-alive
Last-Modified: Tue, 27 Dec 2022 07:28:41 GMT
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7800685d89c3b51d-OSL
www.bet365.com/members/services/host/Scripts/js/ProductCommon_v1.js?async
5.226.179.10200 OK 696 B URL HTTP/1.1 www.bet365.com/members/services/host/Scripts/js/ProductCommon_v1.js?async
IP 5.226.179.10:0
ASN #209242 Cloudflare London, LLC
File type ASCII text, with very long lines (992), with no line terminators
Hash 24a16531d141493d21e2a418882aa1ff
d1b2b95fd16c677e7eb48faf77e694f6483ca4ce
bd5216182bd0732efe6ef44b2865c6edd3d3d2bdc72d454e15497bb7426a4465
GET /members/services/host/Scripts/js/ProductCommon_v1.js?async HTTP/1.1
Host: www.bet365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bet365.com/olpc/nn/143/0/1/open-account
Cookie: __cf_bm=.KwxsoZRVdR3ga9asQAwgR3vtgZK.UwVOXsTA8wUals-1672126821-0-ASptfbDs1XaRSVBSWPE9eOehM31DARwOwMChrTi+rFKEMs3kBWKx4Dy3yhVtvuIcz1xH1JE53UMvvexD/eefglk=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 27 Dec 2022 07:40:22 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
x-bet-hop: 1
Content-Encoding: gzip
Last-Modified: Tue, 27 Dec 2022 07:40:22 GMT
CF-Cache-Status: MISS
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7800685dba60b50c-OSL
www.bet365.com/members/services/host/Scripts/js/ProductCommon_v1.js
5.226.179.10200 OK 3.6 kB URL HTTP/1.1 www.bet365.com/members/services/host/Scripts/js/ProductCommon_v1.js
IP 5.226.179.10:0
ASN #209242 Cloudflare London, LLC
File type ASCII text, with very long lines (9857), with no line terminators
Hash 8526418443f6bcfead67615247d3e38a
6935cb6ce3e37192afcd3d08ec3b2d9c18035d20
49fa8353e8973f41c38723a669bd3200fd658ba87d6c121eb45da4af631825aa
GET /members/services/host/Scripts/js/ProductCommon_v1.js HTTP/1.1
Host: www.bet365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bet365.com/olpc/nn/143/0/1/open-account
Cookie: __cf_bm=.KwxsoZRVdR3ga9asQAwgR3vtgZK.UwVOXsTA8wUals-1672126821-0-ASptfbDs1XaRSVBSWPE9eOehM31DARwOwMChrTi+rFKEMs3kBWKx4Dy3yhVtvuIcz1xH1JE53UMvvexD/eefglk=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 27 Dec 2022 07:40:22 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
x-bet-hop: 1
Content-Encoding: gzip
Last-Modified: Tue, 27 Dec 2022 07:40:22 GMT
CF-Cache-Status: MISS
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7800685db931fac8-OSL
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash e9d63ec25bafe6673c04220090be3872
5fcfc0f791668ec107d1f78bcff82fef82a92746
4a37e479101e6f5e3b3271c67cb9eb2048aaa4a5e2fbfb6311c0571e2f7bea5d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A37E479101E6F5E3B3271C67CB9EB2048AAA4A5E2FBFB6311C0571E2F7BEA5D"
Last-Modified: Sun, 25 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8803
Expires: Tue, 27 Dec 2022 10:07:05 GMT
Date: Tue, 27 Dec 2022 07:40:22 GMT
Connection: keep-alive
content001.bet365.com/SportsContent/Global/Footer/MGALICENSED.png
5.226.179.10200 OK 2.0 kB URL HTTP/1.1 content001.bet365.com/SportsContent/Global/Footer/MGALICENSED.png
IP 5.226.179.10:0
ASN #209242 Cloudflare London, LLC
File type PNG image data, 88 x 44, 8-bit/color RGBA, non-interlaced\012- data
Hash d8cb8a91c78942815c69aaeea7c79162
0a36fd477b2c7d88bb67d95e806bf5838d1b39cd
057c251de5bc8825df293db443b8c9a99e01f856abe658c741a89c86b6bfa2e1
GET /SportsContent/Global/Footer/MGALICENSED.png HTTP/1.1
Host: content001.bet365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bet365.com/
Cookie: __cf_bm=.KwxsoZRVdR3ga9asQAwgR3vtgZK.UwVOXsTA8wUals-1672126821-0-ASptfbDs1XaRSVBSWPE9eOehM31DARwOwMChrTi+rFKEMs3kBWKx4Dy3yhVtvuIcz1xH1JE53UMvvexD/eefglk=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Tue, 27 Dec 2022 07:40:22 GMT
Content-Type: image/png
Content-Length: 1979
Connection: keep-alive
Last-Modified: Wed, 10 Jul 2019 13:20:52 GMT
Timing-Allow-Origin: *
CF-Cache-Status: HIT
Expires: Sun, 01 Jan 2023 07:40:22 GMT
Cache-Control: public, max-age=432000
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7800685e29461c02-OSL
www.bet365.com/olpc/Content/images/LandingPages/Chevron_Down.svg
5.226.179.10200 OK 174 B URL HTTP/1.1 www.bet365.com/olpc/Content/images/LandingPages/Chevron_Down.svg
IP 5.226.179.10:0
ASN #209242 Cloudflare London, LLC
File type SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Hash 74198e20fe38ec5ad36427013e4fde04
0f61bde066d7e435afc62c2473473eb9b880794e
75b2538509fbd6d7c328e7ed7f58144e41f5db7255372727d2bf790917869a9b
GET /olpc/Content/images/LandingPages/Chevron_Down.svg HTTP/1.1
Host: www.bet365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bet365.com/olpc/olpc-styles.css?v=wc4NFuwOWHe7oCJgoJ3H30JGFbhxkK1_A_el5M1umTw1
Cookie: __cf_bm=.KwxsoZRVdR3ga9asQAwgR3vtgZK.UwVOXsTA8wUals-1672126821-0-ASptfbDs1XaRSVBSWPE9eOehM31DARwOwMChrTi+rFKEMs3kBWKx4Dy3yhVtvuIcz1xH1JE53UMvvexD/eefglk=; aps03=lng=9&ct=143&cst=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 27 Dec 2022 07:40:22 GMT
Content-Type: image/svg+xml
Content-Length: 174
Connection: keep-alive
ntCoent-Length: 199
Cache-Control: private
Content-Encoding: gzip
Last-Modified: Tue, 27 Dec 2022 07:27:11 GMT
CF-Cache-Status: HIT
Age: 574
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7800685e5a46b51d-OSL
www.bet365.com/members/services/host/Scripts/js/ProductCommon_v1.js?seed=AMD4fFKFAQAAIYtw0aD4vJcTDVzd5qe6VcHOe4mRbP1GAjpd-ZcivApH74pW&PIRXTcSdwp--z=q
5.226.179.10200 OK 176 kB URL HTTP/1.1 www.bet365.com/members/services/host/Scripts/js/ProductCommon_v1.js?seed=AMD4fFKFAQAAIYtw0aD4vJcTDVzd5qe6VcHOe4mRbP1GAjpd-ZcivApH74pW&PIRXTcSdwp--z=q
IP 5.226.179.10:0
ASN #209242 Cloudflare London, LLC
File type ASCII text, with very long lines (65536), with no line terminators
Size 176 kB (175638 bytes)
Hash 57b2114051e8974e120db1bffc881a3c
d3c463ec9b943e7eeda99c365b5933f8e5ec68b0
06b862a98f951e1cc3fd7163f7231b765a1545db9aacf1d91b7a98dd3a4cf9a5
GET /members/services/host/Scripts/js/ProductCommon_v1.js?seed=AMD4fFKFAQAAIYtw0aD4vJcTDVzd5qe6VcHOe4mRbP1GAjpd-ZcivApH74pW&PIRXTcSdwp--z=q HTTP/1.1
Host: www.bet365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bet365.com/olpc/nn/143/0/1/open-account
Cookie: __cf_bm=.KwxsoZRVdR3ga9asQAwgR3vtgZK.UwVOXsTA8wUals-1672126821-0-ASptfbDs1XaRSVBSWPE9eOehM31DARwOwMChrTi+rFKEMs3kBWKx4Dy3yhVtvuIcz1xH1JE53UMvvexD/eefglk=; aps03=lng=9&ct=143&cst=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 27 Dec 2022 07:40:22 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=3600, immutable
x-bet-hop: 1
Content-Encoding: gzip
Last-Modified: Tue, 27 Dec 2022 07:30:00 GMT
CF-Cache-Status: HIT
Age: 622
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7800685e5b48b50c-OSL
www.bet365.com/olpc/Content/images/landingpage-bet365logo.svg
5.226.179.10200 OK 958 B URL HTTP/1.1 www.bet365.com/olpc/Content/images/landingpage-bet365logo.svg
IP 5.226.179.10:0
ASN #209242 Cloudflare London, LLC
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1799), with no line terminators
Hash cb93cff01bc8b853c484ce95045f317e
be9ebc41b05015b629fd37b5b5c141fb86d95cde
6091a2292e480291d51a72396700406306b6a82fcc271ad141a52897be8627c6
GET /olpc/Content/images/landingpage-bet365logo.svg HTTP/1.1
Host: www.bet365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bet365.com/olpc/olpc-styles.css?v=wc4NFuwOWHe7oCJgoJ3H30JGFbhxkK1_A_el5M1umTw1
Cookie: __cf_bm=.KwxsoZRVdR3ga9asQAwgR3vtgZK.UwVOXsTA8wUals-1672126821-0-ASptfbDs1XaRSVBSWPE9eOehM31DARwOwMChrTi+rFKEMs3kBWKx4Dy3yhVtvuIcz1xH1JE53UMvvexD/eefglk=; aps03=lng=9&ct=143&cst=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 27 Dec 2022 07:40:22 GMT
Content-Type: image/svg+xml
Content-Length: 958
Connection: keep-alive
ntCoent-Length: 1799
Cache-Control: private
Content-Encoding: gzip
Last-Modified: Tue, 27 Dec 2022 03:27:11 GMT
CF-Cache-Status: HIT
Age: 14322
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7800685e68ee1bfa-OSL
content001.bet365.com/SportsContent/Global/Footer/SPORTSX2-18.png
5.226.179.10200 OK 4.4 kB URL HTTP/1.1 content001.bet365.com/SportsContent/Global/Footer/SPORTSX2-18.png
IP 5.226.179.10:0
ASN #209242 Cloudflare London, LLC
File type PNG image data, 65 x 65, 8-bit/color RGBA, non-interlaced\012- data
Hash 097b1799e6f2ab026f137f91b4627384
fd6a5222f5743cccc954a311b6d30b4125179244
5af616c5e6ad0d97aa233ed4644776ca94de0cfb1a653844d8a5d9ee46e756af
GET /SportsContent/Global/Footer/SPORTSX2-18.png HTTP/1.1
Host: content001.bet365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bet365.com/
Cookie: __cf_bm=.KwxsoZRVdR3ga9asQAwgR3vtgZK.UwVOXsTA8wUals-1672126821-0-ASptfbDs1XaRSVBSWPE9eOehM31DARwOwMChrTi+rFKEMs3kBWKx4Dy3yhVtvuIcz1xH1JE53UMvvexD/eefglk=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Tue, 27 Dec 2022 07:40:22 GMT
Content-Type: image/png
Content-Length: 4400
Connection: keep-alive
Last-Modified: Fri, 20 Mar 2015 09:13:01 GMT
Timing-Allow-Origin: *
CF-Cache-Status: HIT
Expires: Sun, 01 Jan 2023 07:40:22 GMT
Cache-Control: public, max-age=432000
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7800685e2ea1b512-OSL
content001.bet365.com/SportsContent/Global/Footer/eCogra-Horizontal2x.png
5.226.179.10200 OK 1.7 kB URL HTTP/1.1 content001.bet365.com/SportsContent/Global/Footer/eCogra-Horizontal2x.png
IP 5.226.179.10:0
ASN #209242 Cloudflare London, LLC
File type PNG image data, 206 x 48, 8-bit colormap, non-interlaced\012- data
Hash 9c970e4a7854f871873d7b1401701536
2236689845834104a586507057840c7229c7353c
d0438c85b7b5f9c21ac9a1975ccd12464f5f8cbf15d3353ee700e2617f913349
GET /SportsContent/Global/Footer/eCogra-Horizontal2x.png HTTP/1.1
Host: content001.bet365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bet365.com/
Cookie: __cf_bm=.KwxsoZRVdR3ga9asQAwgR3vtgZK.UwVOXsTA8wUals-1672126821-0-ASptfbDs1XaRSVBSWPE9eOehM31DARwOwMChrTi+rFKEMs3kBWKx4Dy3yhVtvuIcz1xH1JE53UMvvexD/eefglk=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Tue, 27 Dec 2022 07:40:22 GMT
Content-Type: image/png
Content-Length: 1671
Connection: keep-alive
Last-Modified: Wed, 11 Aug 2021 10:23:12 GMT
Timing-Allow-Origin: *
CF-Cache-Status: HIT
Expires: Sun, 01 Jan 2023 07:40:22 GMT
Cache-Control: public, max-age=432000
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7800685e2aacb517-OSL
content001.bet365.com/SportsContent/Global/Footer/SPORTSX1-ESSA_2.png
5.226.179.10200 OK 6.4 kB URL HTTP/1.1 content001.bet365.com/SportsContent/Global/Footer/SPORTSX1-ESSA_2.png
IP 5.226.179.10:0
ASN #209242 Cloudflare London, LLC
File type PNG image data, 162 x 35, 8-bit/color RGBA, non-interlaced\012- data
Hash 1b8c19b189cccdda7105465a474c9b4d
6ef1cecd283f484606c987259e06a22ff3aff7ae
101ca051649af6826119108f51311f70b4d58e94242c8877a2b8a9247b90f54f
GET /SportsContent/Global/Footer/SPORTSX1-ESSA_2.png HTTP/1.1
Host: content001.bet365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bet365.com/
Cookie: __cf_bm=.KwxsoZRVdR3ga9asQAwgR3vtgZK.UwVOXsTA8wUals-1672126821-0-ASptfbDs1XaRSVBSWPE9eOehM31DARwOwMChrTi+rFKEMs3kBWKx4Dy3yhVtvuIcz1xH1JE53UMvvexD/eefglk=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Tue, 27 Dec 2022 07:40:22 GMT
Content-Type: image/png
Content-Length: 6386
Connection: keep-alive
Last-Modified: Tue, 04 Jun 2019 13:21:41 GMT
Timing-Allow-Origin: *
CF-Cache-Status: HIT
Expires: Sun, 01 Jan 2023 07:40:22 GMT
Cache-Control: public, max-age=432000
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7800685e2d7eb503-OSL
www.bet365.com/olpc/Content/images/LandingPages/1.svg
5.226.179.10200 OK 369 B URL HTTP/1.1 www.bet365.com/olpc/Content/images/LandingPages/1.svg
IP 5.226.179.10:0
ASN #209242 Cloudflare London, LLC
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (608), with no line terminators
Hash 4e4e58b2d258479fbf7ab122f4cea16d
00ab199f76f33aec85bb554e77e9e59babd9eace
75665ca8f5ea92a78293e4f00b0c5a925546f350479f7f20c831a578bd16d6f5
GET /olpc/Content/images/LandingPages/1.svg HTTP/1.1
Host: www.bet365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bet365.com/olpc/olpc-styles.css?v=wc4NFuwOWHe7oCJgoJ3H30JGFbhxkK1_A_el5M1umTw1
Cookie: __cf_bm=.KwxsoZRVdR3ga9asQAwgR3vtgZK.UwVOXsTA8wUals-1672126821-0-ASptfbDs1XaRSVBSWPE9eOehM31DARwOwMChrTi+rFKEMs3kBWKx4Dy3yhVtvuIcz1xH1JE53UMvvexD/eefglk=; aps03=lng=9&ct=143&cst=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 27 Dec 2022 07:40:22 GMT
Content-Type: image/svg+xml
Content-Length: 369
Connection: keep-alive
ntCoent-Length: 608
Cache-Control: private
Content-Encoding: gzip
Last-Modified: Tue, 27 Dec 2022 03:27:13 GMT
CF-Cache-Status: HIT
Age: 14322
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7800685e797ffac8-OSL
content001.bet365.com/SportsContent/Global/Footer/bet365%20grey%20footer%20logo.png
5.226.179.10200 OK 7.9 kB URL HTTP/1.1 content001.bet365.com/SportsContent/Global/Footer/bet365%20grey%20footer%20logo.png
IP 5.226.179.10:0
ASN #209242 Cloudflare London, LLC
File type PNG image data, 255 x 53, 8-bit/color RGBA, non-interlaced\012- data
Hash 51325bd6f5ada6b0eba71b19dda89dd7
4c67ca4f77680cd5acdcf04cac6b9a673e5ccc70
6ad4d67eed235fafc8ddfab188fa2e968ba4345718c8338bd7f4fbfafa6f8a2b
GET /SportsContent/Global/Footer/bet365%20grey%20footer%20logo.png HTTP/1.1
Host: content001.bet365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bet365.com/
Cookie: __cf_bm=.KwxsoZRVdR3ga9asQAwgR3vtgZK.UwVOXsTA8wUals-1672126821-0-ASptfbDs1XaRSVBSWPE9eOehM31DARwOwMChrTi+rFKEMs3kBWKx4Dy3yhVtvuIcz1xH1JE53UMvvexD/eefglk=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Tue, 27 Dec 2022 07:40:22 GMT
Content-Type: image/png
Content-Length: 7868
Connection: keep-alive
Last-Modified: Thu, 11 Jun 2015 14:13:32 GMT
Timing-Allow-Origin: *
CF-Cache-Status: HIT
Expires: Sun, 01 Jan 2023 07:40:22 GMT
Cache-Control: public, max-age=432000
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7800685e2c4bb4ed-OSL
content001.bet365.com/SportsContent/Global/Footer/GordonMoody/GordonMoody-GT-x2_Grey99.png
5.226.179.10200 OK 5.3 kB URL HTTP/1.1 content001.bet365.com/SportsContent/Global/Footer/GordonMoody/GordonMoody-GT-x2_Grey99.png
IP 5.226.179.10:0
ASN #209242 Cloudflare London, LLC
File type PNG image data, 188 x 60, 8-bit gray+alpha, non-interlaced\012- data
Hash 40ed9c8ae714b944f87008ab90bb071d
32bbf71529809e6ea3521c5636838a76c7488fae
b163877ec48382be73ffdf62c6a5dc5ded37443856dde414e591dfe85b61f070
GET /SportsContent/Global/Footer/GordonMoody/GordonMoody-GT-x2_Grey99.png HTTP/1.1
Host: content001.bet365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bet365.com/
Cookie: __cf_bm=.KwxsoZRVdR3ga9asQAwgR3vtgZK.UwVOXsTA8wUals-1672126821-0-ASptfbDs1XaRSVBSWPE9eOehM31DARwOwMChrTi+rFKEMs3kBWKx4Dy3yhVtvuIcz1xH1JE53UMvvexD/eefglk=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Tue, 27 Dec 2022 07:40:22 GMT
Content-Type: image/png
Content-Length: 5324
Connection: keep-alive
Last-Modified: Mon, 11 Oct 2021 13:13:24 GMT
Timing-Allow-Origin: *
CF-Cache-Status: HIT
Expires: Sun, 01 Jan 2023 07:40:22 GMT
Cache-Control: public, max-age=432000
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7800685e3c67b4ed-OSL
www.bet365.com/olpc/Content/images/LandingPages/Steps-chevron.svg
5.226.179.10200 OK 151 B URL HTTP/1.1 www.bet365.com/olpc/Content/images/LandingPages/Steps-chevron.svg
IP 5.226.179.10:0
ASN #209242 Cloudflare London, LLC
File type SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Hash a072ce4b0ba97bae3e79f9cd7d6c493a
6364577f392258f4244dae7723e1fc0a3c8a1b07
097b28d8fbed17e741ae4b48ee372a5b471f8816d0397690f6d8429122c5626b
GET /olpc/Content/images/LandingPages/Steps-chevron.svg HTTP/1.1
Host: www.bet365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bet365.com/olpc/nn/143/0/1/open-account
Cookie: __cf_bm=.KwxsoZRVdR3ga9asQAwgR3vtgZK.UwVOXsTA8wUals-1672126821-0-ASptfbDs1XaRSVBSWPE9eOehM31DARwOwMChrTi+rFKEMs3kBWKx4Dy3yhVtvuIcz1xH1JE53UMvvexD/eefglk=; aps03=lng=9&ct=143&cst=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 27 Dec 2022 07:40:22 GMT
Content-Type: image/svg+xml
Content-Length: 151
Connection: keep-alive
ntCoent-Length: 162
Cache-Control: private
Content-Encoding: gzip
Last-Modified: Tue, 27 Dec 2022 03:27:11 GMT
CF-Cache-Status: HIT
Age: 14322
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7800685e7c5a0afe-OSL
www.bet365.com/olpc/Content/images/LandingPages/2.svg
5.226.179.10200 OK 519 B URL HTTP/1.1 www.bet365.com/olpc/Content/images/LandingPages/2.svg
IP 5.226.179.10:0
ASN #209242 Cloudflare London, LLC
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (895), with no line terminators
Hash 36822f1e5d89c47cd4b7b1adb06eb139
4da21fd185f48276afa1529eb3f51d664ccb208a
d82ea891016ef2d517c7638e7c19dbe09672de5239f0257a4f5f06bc09cdf65c
GET /olpc/Content/images/LandingPages/2.svg HTTP/1.1
Host: www.bet365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bet365.com/olpc/olpc-styles.css?v=wc4NFuwOWHe7oCJgoJ3H30JGFbhxkK1_A_el5M1umTw1
Cookie: __cf_bm=.KwxsoZRVdR3ga9asQAwgR3vtgZK.UwVOXsTA8wUals-1672126821-0-ASptfbDs1XaRSVBSWPE9eOehM31DARwOwMChrTi+rFKEMs3kBWKx4Dy3yhVtvuIcz1xH1JE53UMvvexD/eefglk=; aps03=lng=9&ct=143&cst=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 27 Dec 2022 07:40:22 GMT
Content-Type: image/svg+xml
Content-Length: 519
Connection: keep-alive
ntCoent-Length: 895
Cache-Control: private
Content-Encoding: gzip
Last-Modified: Tue, 27 Dec 2022 03:27:12 GMT
CF-Cache-Status: HIT
Age: 14018
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7800685e8b76b50c-OSL
www.bet365.com/olpc/Content/Fonts/FTN65__W.woff2
5.226.179.10200 OK 48 kB URL HTTP/1.1 www.bet365.com/olpc/Content/Fonts/FTN65__W.woff2
IP 5.226.179.10:0
ASN #209242 Cloudflare London, LLC
File type Web Open Font Format (Version 2), TrueType, length 47732, version 1.590\012- data
Hash 413ebfe90e21457bd6794c69a3333486
ce7c84f4852d4c360b223b73a07fd2ac1e7b01ee
972d79302a870930285d018117ee9631df364aa903e7a9606592532389f7f82a
GET /olpc/Content/Fonts/FTN65__W.woff2 HTTP/1.1
Host: www.bet365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.bet365.com/olpc/olpc-styles.css?v=wc4NFuwOWHe7oCJgoJ3H30JGFbhxkK1_A_el5M1umTw1
Cookie: __cf_bm=.KwxsoZRVdR3ga9asQAwgR3vtgZK.UwVOXsTA8wUals-1672126821-0-ASptfbDs1XaRSVBSWPE9eOehM31DARwOwMChrTi+rFKEMs3kBWKx4Dy3yhVtvuIcz1xH1JE53UMvvexD/eefglk=; aps03=lng=9&ct=143&cst=0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 27 Dec 2022 07:40:22 GMT
Content-Length: 47732
Connection: keep-alive
Last-Modified: Tue, 27 Dec 2022 07:27:18 GMT
CF-Cache-Status: HIT
Age: 73
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7800685e8a58b51d-OSL
members.bet365.com/Members/Helpers/DefaultAff.aspx?affiliate=365_00976072&rdk=rk1
5.226.179.10200 OK 177 B URL HTTP/1.1 members.bet365.com/Members/Helpers/DefaultAff.aspx?affiliate=365_00976072&rdk=rk1
IP 5.226.179.10:0
ASN #209242 Cloudflare London, LLC
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 475774a26d4f30240a3534bcbd2fd161
9fd7b986673786b4fc80943b330bd1c03256049e
f7541d6ca43b4da74a89ec05885dceabf1a4af132d36326cf7974a47c904c811
GET /Members/Helpers/DefaultAff.aspx?affiliate=365_00976072&rdk=rk1 HTTP/1.1
Host: members.bet365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bet365.com/
Cookie: __cf_bm=.KwxsoZRVdR3ga9asQAwgR3vtgZK.UwVOXsTA8wUals-1672126821-0-ASptfbDs1XaRSVBSWPE9eOehM31DARwOwMChrTi+rFKEMs3kBWKx4Dy3yhVtvuIcz1xH1JE53UMvvexD/eefglk=
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Tue, 27 Dec 2022 07:40:22 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 177
Connection: keep-alive
Cache-Control: private
Content-Encoding: gzip
Vary: Accept-Encoding
ME-Redirect: PQB
Set-Cookie: Affiliates=Code=365_00976072%2f160768490952&prd=Sports; domain=.bet365.com; expires=Fri, 10-Feb-2023 07:40:22 GMT; path=/; secure
session=processform=0; path=/; secure
pstk=D3601BA8320750CF8D158395FAACFE0E000003; domain=.bet365.com; path=/; secure
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7800685dbc8c1c06-OSL
content001.bet365.com/SportsContent/Promotions/LandingPages/BasketballSoccerTennis_1440-2x.jpg
5.226.179.10200 OK 304 kB URL HTTP/1.1 content001.bet365.com/SportsContent/Promotions/LandingPages/BasketballSoccerTennis_1440-2x.jpg
IP 5.226.179.10:0
ASN #209242 Cloudflare London, LLC
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2880x1314, components 3\012- data
Size 304 kB (303798 bytes)
Hash 10e37714be927db4fee91e674de5a5f0
50c99fe980b5833adb20c5521890b9a7a1ef8b09
55ab9fd43c4c6fd8ec8b2b36520496733092c67b53df27438698e5fbdf505500
GET /SportsContent/Promotions/LandingPages/BasketballSoccerTennis_1440-2x.jpg HTTP/1.1
Host: content001.bet365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bet365.com/
Cookie: __cf_bm=.KwxsoZRVdR3ga9asQAwgR3vtgZK.UwVOXsTA8wUals-1672126821-0-ASptfbDs1XaRSVBSWPE9eOehM31DARwOwMChrTi+rFKEMs3kBWKx4Dy3yhVtvuIcz1xH1JE53UMvvexD/eefglk=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Tue, 27 Dec 2022 07:40:22 GMT
Content-Type: image/jpeg
Content-Length: 303798
Connection: keep-alive
Cf-Bgj: h2pri
Last-Modified: Tue, 11 Aug 2020 07:55:11 GMT
Timing-Allow-Origin: *
CF-Cache-Status: HIT
Expires: Sun, 01 Jan 2023 07:40:22 GMT
Cache-Control: public, max-age=432000
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7800685e696d1c02-OSL
my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789755&checkDuplicate=false&ymid=&var=
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789755&checkDuplicate=false&ymid=&var=
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 4cf1556a147fd9fda900c281c2cea929
5f365b6629d80dc99bb5570b0938c8fe35d2d026
f9dece30282b23798414f8d3ce1fe83a0b8fcae845bc1361d795705ad54b5e8b
GET /gid.js?pub=0&userId=&zoneId=4789755&checkDuplicate=false&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lopaset.com/
Origin: https://lopaset.com
Connection: keep-alive
Cookie: ID=ef8f77e15d6f4fdca0b1b9666eff2973
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 27 Dec 2022 07:40:22 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://lopaset.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=ef8f77e15d6f4fdca0b1b9666eff2973; expires=Wed, 27 Dec 2023 07:40:22 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 5d3978967108a479b633f820f75e3371
e8dba45f8d70fac26a8d3f4c05afce32231ca23d
29c90351aec95c22fbddc08ce6a1b8223186fc4215e2d522238bf4bff36f2d8a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Dec 2022 07:40:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-T2BKDHM
142.250.74.168200 OK 38 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-T2BKDHM
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 832acc62339e59dfc451ee9fce009cb6
3ce4655f2d9b83185c25b06b1564507de0840da9
d0889fd1aa5056243caa1866a1c4cb6df22172e611cba4e3a470bc327d686147
GET /gtm.js?id=GTM-T2BKDHM HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bet365.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 27 Dec 2022 07:40:22 GMT
expires: Tue, 27 Dec 2022 07:40:22 GMT
cache-control: private, max-age=900
last-modified: Tue, 27 Dec 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 37695
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 5d3978967108a479b633f820f75e3371
e8dba45f8d70fac26a8d3f4c05afce32231ca23d
29c90351aec95c22fbddc08ce6a1b8223186fc4215e2d522238bf4bff36f2d8a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Dec 2022 07:40:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.bet365.com/olpc/nn/143/0/1/cookieconsentajax?
5.226.179.10200 OK 1.4 kB URL HTTP/1.1 www.bet365.com/olpc/nn/143/0/1/cookieconsentajax?
IP 5.226.179.10:0
ASN #209242 Cloudflare London, LLC
File type Unicode text, UTF-8 text, with very long lines (489), with CRLF, LF line terminators
Hash 41bc7a3cb016ed2e39c03d0cc8be6b42
b18485bc2f7d8bb65434447040e3b6a7125a0509
6b68a474dc9ab3d547c5584d6a1de4360570147384669553d528ee80495e9f57
POST /olpc/nn/143/0/1/cookieconsentajax? HTTP/1.1
Host: www.bet365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.bet365.com
Connection: keep-alive
Referer: https://www.bet365.com/olpc/nn/143/0/1/open-account
Cookie: __cf_bm=.KwxsoZRVdR3ga9asQAwgR3vtgZK.UwVOXsTA8wUals-1672126821-0-ASptfbDs1XaRSVBSWPE9eOehM31DARwOwMChrTi+rFKEMs3kBWKx4Dy3yhVtvuIcz1xH1JE53UMvvexD/eefglk=; aps03=lng=9&ct=143&cst=0; Affiliates=Code=365_00976072%2f160768490952&prd=Sports; pstk=D3601BA8320750CF8D158395FAACFE0E000003
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
HTTP/1.1 200 OK
Date: Tue, 27 Dec 2022 07:40:22 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 1362
Connection: keep-alive
Cache-Control: private
Content-Encoding: gzip
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78006860ed66b50c-OSL
foapsovi.net/event
139.45.197.251200 OK 0 B IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://lopaset.com/
Origin: https://lopaset.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 27 Dec 2022 07:40:22 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://lopaset.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 94 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash 910f1e98e7b91683d9bb2e1599524e70
ce9dc4cb12ddab626a96c07057dd091eb86d4dfb
f3a17516b8c79e90ea88d5b2840a65e4c602e363e742e58f9ab3bb9c788ed91d
POST /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lopaset.com/
Content-Type: application/json
Origin: https://lopaset.com
Content-Length: 385
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Dec 2022 07:40:22 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: 4bbb82d3ce7ba046706d9df231f34629
access-control-allow-origin: https://lopaset.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 5b2790419bb1f19fd29300d548278b98
64671f1c88a1271e9bcda28ac13a01e330a2a07e
1ce1ca2a9d6783fa668b57c8764e8c3a17fde26812161af8ce8096b3691b9279
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1CE1CA2A9D6783FA668B57C8764E8C3A17FDE26812161AF8CE8096B3691B9279"
Last-Modified: Sun, 25 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13760
Expires: Tue, 27 Dec 2022 11:29:43 GMT
Date: Tue, 27 Dec 2022 07:40:23 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 5b2790419bb1f19fd29300d548278b98
64671f1c88a1271e9bcda28ac13a01e330a2a07e
1ce1ca2a9d6783fa668b57c8764e8c3a17fde26812161af8ce8096b3691b9279
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1CE1CA2A9D6783FA668B57C8764E8C3A17FDE26812161AF8CE8096B3691B9279"
Last-Modified: Sun, 25 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13760
Expires: Tue, 27 Dec 2022 11:29:43 GMT
Date: Tue, 27 Dec 2022 07:40:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5b2790419bb1f19fd29300d548278b98
64671f1c88a1271e9bcda28ac13a01e330a2a07e
1ce1ca2a9d6783fa668b57c8764e8c3a17fde26812161af8ce8096b3691b9279
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1CE1CA2A9D6783FA668B57C8764E8C3A17FDE26812161AF8CE8096B3691B9279"
Last-Modified: Sun, 25 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14725
Expires: Tue, 27 Dec 2022 11:45:48 GMT
Date: Tue, 27 Dec 2022 07:40:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5b2790419bb1f19fd29300d548278b98
64671f1c88a1271e9bcda28ac13a01e330a2a07e
1ce1ca2a9d6783fa668b57c8764e8c3a17fde26812161af8ce8096b3691b9279
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1CE1CA2A9D6783FA668B57C8764E8C3A17FDE26812161AF8CE8096B3691B9279"
Last-Modified: Sun, 25 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14725
Expires: Tue, 27 Dec 2022 11:45:48 GMT
Date: Tue, 27 Dec 2022 07:40:23 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 5b2790419bb1f19fd29300d548278b98
64671f1c88a1271e9bcda28ac13a01e330a2a07e
1ce1ca2a9d6783fa668b57c8764e8c3a17fde26812161af8ce8096b3691b9279
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1CE1CA2A9D6783FA668B57C8764E8C3A17FDE26812161AF8CE8096B3691B9279"
Last-Modified: Sun, 25 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13760
Expires: Tue, 27 Dec 2022 11:29:43 GMT
Date: Tue, 27 Dec 2022 07:40:23 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9fad15f-1e28-43a3-83d8-06aeab608d9f.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9fad15f-1e28-43a3-83d8-06aeab608d9f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a4b903e264b412e69e5f22091bf423ea
92d157f8b56dd0af2ce0f1f5c11b5c90969cf36f
8d5d90968489731604a2286d9e2b9a307147a3cc0b1ffd32f1186ceea9b8fcff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9fad15f-1e28-43a3-83d8-06aeab608d9f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15371
x-amzn-requestid: 63d10011-ae3d-48fb-b892-26d94dc6ef83
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: diVs8EVDIAMFTOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a4031f-3da712a621773d56567c014f;Sampled=0
x-amzn-remapped-date: Thu, 22 Dec 2022 07:11:27 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: UeMu2JuyiBhp1D-T8We8YZFCLFeqnJ0EeAVrLZN047WMREZyCzOOVg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Dec 2022 07:27:11 GMT
age: 792
etag: "92d157f8b56dd0af2ce0f1f5c11b5c90969cf36f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d43b473-21c7-4775-9398-1bdecb4d7d28.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d43b473-21c7-4775-9398-1bdecb4d7d28.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b373925ce249ca67e6984c436f5cd2b8
ddbc25025b933587990f8e9c32e91c9773256840
7d3c992b715283efeba9bee2e5c08042267017e76074ca6aad870e1dd45b4564
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d43b473-21c7-4775-9398-1bdecb4d7d28.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9007
x-amzn-requestid: 15b3b2e5-d493-4b54-aab4-7374bf892e83
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: drrFbESxIAMFikw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a7beef-37f4ab8e7738b186705bb1db;Sampled=0
x-amzn-remapped-date: Sun, 25 Dec 2022 03:09:35 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: SgjNBdI4lkk3DIdROxkZ8sdadoe-pewXA9Q5M55pGe-LNk012lLFmQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Dec 2022 03:23:05 GMT
age: 15438
etag: "ddbc25025b933587990f8e9c32e91c9773256840"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69c55865-95c6-4d05-a856-6d61c10bd012.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69c55865-95c6-4d05-a856-6d61c10bd012.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a4a7ec0fdc177ed09c8949dcd68efb35
8ad28905291f4a184c0f32292415d1af0db3cead
7862e695c7eea224263bccaabcc54fc337ea533d6f1fafe0426b8699f3880922
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69c55865-95c6-4d05-a856-6d61c10bd012.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7924
x-amzn-requestid: 30d67a34-fa95-4aa8-84d7-7c769a9e7fc6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dxfYgEnNoAMF7ng=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63aa129c-743b9f4845f2c6f312463662;Sampled=0
x-amzn-remapped-date: Mon, 26 Dec 2022 21:31:08 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: --tvJ59lJcMFjW2SkTNbxSZTHTdd45Iz5yqGRY9LpOC8Oy0TAhUmqQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Dec 2022 22:02:23 GMT
age: 34680
etag: "8ad28905291f4a184c0f32292415d1af0db3cead"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd11b2a1-5fcd-4814-ab49-29cd5bc6d436.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd11b2a1-5fcd-4814-ab49-29cd5bc6d436.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8dfaac9e14198dfaa9db2d01c9ef304e
2f6bbbabb48431a27150219ef872d1ca10c73399
2c4fad9cc8a8c0ee6f54cc4eeb905eee1d8f028a528e3c8deb01f2c0cef250cd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd11b2a1-5fcd-4814-ab49-29cd5bc6d436.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12451
x-amzn-requestid: 1fd618ca-f052-4a46-9b71-04a5df1f858c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dxfYVFHqIAMFWPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63aa129b-658fe5884efdcebb567d3747;Sampled=0
x-amzn-remapped-date: Mon, 26 Dec 2022 21:31:07 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rP7UvSlN0uYvoMo5af_T1_A-41sONiTOxS7noQ7RMo9atlXmwPdhAQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Dec 2022 21:41:10 GMT
age: 35953
etag: "2f6bbbabb48431a27150219ef872d1ca10c73399"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5a31e2c-cb31-40bd-b9b8-cb71f5df8e78.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5a31e2c-cb31-40bd-b9b8-cb71f5df8e78.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1e5739dd2efa4395ff34d0f583eb9b63
3cd47e707d1fdf0e4c7a9d2a1fde0863f8c22563
d65a006dd8dac4ca209162fe70985aaad49435d2e74047c3b3c73053d7e1f5a3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5a31e2c-cb31-40bd-b9b8-cb71f5df8e78.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11470
x-amzn-requestid: 2fa32c30-fdea-409d-aafa-dda3daeff901
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dx7BmH2jIAMFwvA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63aa3ed6-1c4909815b6c35250e610aa3;Sampled=0
x-amzn-remapped-date: Tue, 27 Dec 2022 00:39:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: SLLyPNFqJO_URTomvhCiQJAKuglWAKyLwM3l39jSb0NKhIQw5ZCZkw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Dec 2022 01:31:13 GMT
age: 22150
etag: "3cd47e707d1fdf0e4c7a9d2a1fde0863f8c22563"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa82486e0-c76d-434a-8a96-425b9a1a59ba.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa82486e0-c76d-434a-8a96-425b9a1a59ba.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ea5eddeb14380ea8cac42aa38148db64
7c114dabd868011f04129602f8b1453cdf319afc
de8361a33abff7d78e8c87eb563f66f0aff9b23069b3136cfb132a5b9a17f377
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa82486e0-c76d-434a-8a96-425b9a1a59ba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9262
x-amzn-requestid: 35b8f5ad-65a3-42c8-92b9-b5fdf1b54163
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: diVs6HH1oAMFRhQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a4031f-0588e63179f4cb152d048f03;Sampled=0
x-amzn-remapped-date: Thu, 22 Dec 2022 07:11:27 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: eb-FvrQ0mNDlvCFDWNUWeK_g0i3k62Jtoh0I5nnLysyI27dmB2OqrA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Dec 2022 18:21:50 GMT
age: 47913
etag: "7c114dabd868011f04129602f8b1453cdf319afc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
foapsovi.net/pfe/current/service-worker.min.js?r=sw
139.45.197.251200 OK 0 B URL HTTP/2 foapsovi.net/pfe/current/service-worker.min.js?r=sw
IP 139.45.197.251:0
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lopaset.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 27 Dec 2022 07:40:21 GMT
content-type: application/javascript
last-modified: Wed, 21 Dec 2022 12:58:18 GMT
etag: W/"63a302ea-1c7e8"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
lopaset.com/camp5?bundle=3003504&cost=0.121&source_id=98&stage=2&country=IN&difficulty=0.5&campaignid=862847&site_id=gettranny.com
104.21.2.209200 OK 0 B URL HTTP/2 lopaset.com/camp5?bundle=3003504&cost=0.121&source_id=98&stage=2&country=IN&difficulty=0.5&campaignid=862847&site_id=gettranny.com
IP 104.21.2.209:0
GET /camp5?bundle=3003504&cost=0.121&source_id=98&stage=2&country=IN&difficulty=0.5&campaignid=862847&site_id=gettranny.com HTTP/1.1
Host: lopaset.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Tue, 27 Dec 2022 07:40:20 GMT
content-type: text/html;charset=UTF-8
content-language: en-US
set-cookie: visit=1672126820828qzcf0vxwz;Max-age=86400; path=/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MDBDjFV%2BnYIBhmv6k64i%2B9b8ScSD1w4GbDz3%2FaHR2XhSugZcmx3V9SRBI0TvWyji18a53ynmAjV1tGoYtkV9QDbQLh6hF9LyloO7642BBmg6LGMzwYT5hl0N8Gxrag%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 780068562c781bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2