Report - thebettarinc.icu/

Report Overview

Submitted URL
thebettarinc.icu/
IP
172.67.204.93
ASN
#13335 CLOUDFLARENET
Submitted
2023-02-07 11:52:48
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
2
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	35.155.77.83
2ndsystem.sa.com	unknown	2023-02-03T07:17:50Z	2023-03-01T13:23:23Z	8.0 kB	75 kB	172.67.189.221
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-13T08:14:31Z	432 B	1.8 kB	142.250.74.106
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.8 kB	76 kB	34.120.237.76
thebettarinc.icu	unknown	2023-02-06T10:26:09Z	2023-02-06T10:26:09Z	794 B	2.5 kB	104.21.52.220
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	3.0 kB	8.0 kB	23.36.76.226
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	2.4 kB	4.9 kB	142.250.74.131
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-13T08:44:36Z	968 B	33 kB	142.250.74.35

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-02-07 11:53:25	medium	Client IP	Internal IP	ET INFO DNS Query for Suspicious .icu Domain
2023-02-07 11:53:26	medium	Client IP	104.21.52.220	ET INFO Suspicious Domain (*.icu) in TLS SNI

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (5)

	URL	Size	First Seen	Last Seen
	2ndsystem.sa.com/wcontent/js/jquery-1.10.2.min.js?v=1	93 kB	2023-03-07	2024-04-18
Pretty URL 2ndsystem.sa.com/wcontent/js/jquery-1.10.2.min.js?v=1 IP 172.67.189.221 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:27:49 Last Seen2024-04-18 15:35:39 Times Seen1814 Hash bdce12c949e78d570c8d44e9c2b23508 9afdc4fec954646bd6270caf82f107fdef605bc5 c73b004ebf31b395cf237c3d2b13c1e576f385e04660ceb5f7be163ff3c201dc Loading...

	2ndsystem.sa.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js	1.2 kB	2023-03-07	2024-04-19
Pretty URL 2ndsystem.sa.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js IP 172.67.189.221 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-19 23:48:04 Times Seen54572 Hash 9e8f56e8e1806253ba01a95cfc3d392c a8af90d7482e1e99d03de6bf88fed2315c5dd728 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Loading...

	2ndsystem.sa.com/?utm_source=&utm_medium=&campaign_id=&adset_id=&ad_id=&adset_name=&px={px}&get=&keyt=1675770757&d=https%3A%2F%2Fthebettarinc.icu&pid=29&cid=1950&fbclid=&subid=s8hnpa15b04	661 B	2023-03-13	2023-07-30
Pretty URL 2ndsystem.sa.com/?utm_source=&utm_medium=&campaign_id=&adset_id=&ad_id=&adset_name=&px={px}&get=&keyt=1675770757&d=https%3A%2F%2Fthebettarinc.icu&pid=29&cid=1950&fbclid=&subid=s8hnpa15b04 IP 172.67.189.221 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:00:36 Last Seen2023-07-30 22:34:58 Times Seen6 Hash ead5b3e435e329399b402cae1ecef9a0 88a50aa9f6136245bae1a20ce83889e1771809f2 c4aaec3005a7062e954c1282d791c20df552573a9ce088597537949b47eb0ea7 Loading...

	2ndsystem.sa.com/?utm_source=&utm_medium=&campaign_id=&adset_id=&ad_id=&adset_name=&px={px}&get=&keyt=1675770757&d=https%3A%2F%2Fthebettarinc.icu&pid=29&cid=1950&fbclid=&subid=s8hnpa15b04	2.3 kB	2023-03-13	2023-07-30
Pretty URL 2ndsystem.sa.com/?utm_source=&utm_medium=&campaign_id=&adset_id=&ad_id=&adset_name=&px={px}&get=&keyt=1675770757&d=https%3A%2F%2Fthebettarinc.icu&pid=29&cid=1950&fbclid=&subid=s8hnpa15b04 IP 172.67.189.221 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:00:36 Last Seen2023-07-30 22:34:58 Times Seen6 Hash 879ccebbcac4c8b6a2a6422d044ce1e4 50cced59537043c237527e802de08ac2a232c552 5828b9827cc77f32a7d6bc760dcc9a01e21e90b03835d02a18acbaf2decbfa36 Loading...

	2ndsystem.sa.com/wcontent/js/lazyload-1.3.min.js?v=1	6.7 kB	2023-03-10	2024-02-14
Pretty URL 2ndsystem.sa.com/wcontent/js/lazyload-1.3.min.js?v=1 IP 172.67.189.221 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 01:56:39 Last Seen2024-02-14 13:42:19 Times Seen47 Hash 95dd0dc7dbf928d3244e74902d668dd2 1220ea5dbc8833f95cbde645d1b758f2a9561c6f 049b4bb2f56f352914971b1cef4bcf9cb4540d6191b5f94de3baac236d31472f Loading...

HTTP Transactions (45)

	URL	IP	Response	Size
	thebettarinc.icu/	104.21.52.220	301 Moved Permanently	0 B
URL HTTP/1.1 thebettarinc.icu/ IP 104.21.52.220:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET / HTTP/1.1 Host: thebettarinc.icu User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1` HTTP/1.1 301 Moved Permanently Date: Tue, 07 Feb 2023 11:52:36 GMT Transfer-Encoding: chunked Connection: keep-alive Cache-Control: max-age=3600 Expires: Tue, 07 Feb 2023 12:52:36 GMT Location: https://thebettarinc.icu/ Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FcMLUzL1hTsrhbLrpte8FKsq5XPoyZGxU%2FdmA%2BrKqvZw9yh4LtgkbMsuhojb%2FQpqKE93WG5Nk3NhF87JFLPrP8sjO3YC3g5Petwxp0rh9%2FQ46Pi7Ka0Ddp49MsdX8qTzTqvg"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 795beb9c683bb4fd-OSL alt-svc: h2=":443"; ma=60

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash dca68db7aea32f6683ce8d542c078f04 19c495238df74fca680e21f18627ff94de5dd2e5 35cab3987fc0e4a41b305cb208c1e33fa38ce8bdfd9f386c3dc0411dd4d5ac61 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "35CAB3987FC0E4A41B305CB208C1E33FA38CE8BDFD9F386C3DC0411DD4D5AC61" Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5939 Expires: Tue, 07 Feb 2023 13:31:35 GMT Date: Tue, 07 Feb 2023 11:52:36 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 565c1bbc5c1c40be1988b3bf6fd9dc1a cfdba5bc597130461dd67bf6cda53183be592493 60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D" Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=13362 Expires: Tue, 07 Feb 2023 15:35:18 GMT Date: Tue, 07 Feb 2023 11:52:36 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/	35.241.9.150	200 OK	939 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/ IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size 939 B (939 bytes) Hash ff250d3ef3fa45322bf05039a0122a9f b3e7a2c383bce1bab807dbe1a03c375258b51f1d d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba HTTP Headers `GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Retry-After, Content-Length, Content-Type, Alert, Backoff content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Tue, 07 Feb 2023 11:34:08 GMT content-type: application/json age: 1108 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash cc14b0d2f7c451f6431dc87ba54d1d60 bab8bfda6fa3e2f17125353f5147211787dc25d0 b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD" Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=21083 Expires: Tue, 07 Feb 2023 17:43:59 GMT Date: Tue, 07 Feb 2023 11:52:36 GMT Connection: keep-alive`

	content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain	34.160.144.191	200 OK	5.3 kB
URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain IP 34.160.144.191:0 ASN #15169 GOOGLE File type PEM certificate\012- , ASCII text Size 5.3 kB (5348 bytes) Hash e76071a28ee566dababb3834f46d68ed aebb4e68c1ba2de0f90025283e8ed8470944fde0 78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6 HTTP Headers `GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK x-amz-id-2: AEX4PqUMnwE1PJNo68FWFtv4uYH2dat0lst7OFDbgFgjqzgixyXVUs2YMxkFAOu+8A7/WLG6A1o= x-amz-request-id: TMBMPPYZPR00Z2X3 content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Tue, 07 Feb 2023 11:45:33 GMT age: 423 last-modified: Sun, 29 Jan 2023 18:44:47 GMT etag: "e76071a28ee566dababb3834f46d68ed" content-type: binary/octet-stream cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2`

	contile.services.mozilla.com/v1/tiles	34.117.237.239	200 OK	12 B
URL HTTP/2 contile.services.mozilla.com/v1/tiles IP 34.117.237.239:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with no line terminators Size 12 B (12 bytes) Hash 23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 HTTP Headers `GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Tue, 07 Feb 2023 11:52:36 GMT content-type: application/json content-length: 12 vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-credentials: true access-control-expose-headers: content-type strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2`

	ocsp.pki.goog/s/gts1p5/NsB--brq3uw	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/NsB--brq3uw IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 8c5bc8d4398c9321d6d6c0f842dfaaf5 03fece171c5da007b551feb25c605a30f03ca533 362f58e9e1b66171880f6cdf425ca26387bf01a98615205ae5893c9c3d569137 HTTP Headers `POST /s/gts1p5/NsB--brq3uw HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 07 Feb 2023 11:52:36 GMT Cache-Control: public, max-age=14400 Server: scaffolding on HTTPServer2 Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US	35.241.9.150	200 OK	329 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size 329 B (329 bytes) Hash 0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 HTTP Headers `GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Length, Alert, Content-Type, Expires, Pragma, Retry-After, Last-Modified, ETag, Cache-Control, Backoff content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Tue, 07 Feb 2023 11:51:19 GMT age: 78 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	ocsp.pki.goog/s/gts1p5/NsB--brq3uw	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/NsB--brq3uw IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 8c5bc8d4398c9321d6d6c0f842dfaaf5 03fece171c5da007b551feb25c605a30f03ca533 362f58e9e1b66171880f6cdf425ca26387bf01a98615205ae5893c9c3d569137 HTTP Headers `POST /s/gts1p5/NsB--brq3uw HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 07 Feb 2023 11:52:37 GMT Cache-Control: public, max-age=14400 Server: scaffolding on HTTPServer2 Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 9b88bae61bca33aba8aa99f6128db8d9 a07b61fb2458917699613fcae68710941b595416 54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA" Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4128 Expires: Tue, 07 Feb 2023 13:01:25 GMT Date: Tue, 07 Feb 2023 11:52:37 GMT Connection: keep-alive`

	thebettarinc.icu/	104.21.52.220	302 Found	471 B
URL HTTP/2 thebettarinc.icu/ IP 104.21.52.220:0 ASN #13335 CLOUDFLARENET File type data Size 471 B (471 bytes) Hash 66bd5188697d7474644dbdc12e14d3d5 fa18f20ccc72b35c77950087e23016638237047f 3fc24d46dac68628888739a045dfb3a7b62b27a9caaec49588f8701ec0fd50e1 HTTP Headers `GET / HTTP/1.1 Host: thebettarinc.icu User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1` HTTP/2 302 Found date: Tue, 07 Feb 2023 11:52:37 GMT content-type: text/html; charset=UTF-8 location: https://2ndsystem.sa.com/?utm_source=&utm_medium=&campaign_id=&adset_id=&ad_id=&adset_name=&px={px}&get=&keyt=1675770757&d=https%3A%2F%2Fthebettarinc.icu&pid=29&cid=1950&fbclid=&subid=s8hnpa15b04 cache-control: no-cache, no-store, must-revalidate expires: 0 pragma: no-cache set-cookie: _subid=s8hnpa15b04;Expires=Friday, 10-Mar-2023 11:52:37 GMT;Max-Age=2678400;Path=/ 23f38=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE2M1wiOjE2NzU3NzA3NTd9LFwiY2FtcGFpZ25zXCI6e1wiNDZcIjoxNjc1NzcwNzU3fSxcInRpbWVcIjoxNjc1NzcwNzU3fSJ9.u8cT087xpe7nj5BXbGdlPSzbdHC-peWrYwLx2ECFC6Q;Expires=Monday, 16-Mar-2076 23:45:14 GMT;Max-Age=1675857157;Path=/ _token=uuid_s8hnpa15b04_s8hnpa15b0463e23b8518b540.07579536;Expires=Friday, 10-Mar-2023 11:52:37 GMT;Max-Age=2678400;Path=/ vary: Accept-Encoding access-control-allow-origin: * cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I4PkMHFBe5RpSi%2BLZVpjVjpRzR1n8UkV986HYC%2Bgyht4ILAibnbiU1lWDfUMXmIvJWsqmV9GpuzNuxXaVFmEGcvFT1mG4g%2BN8rt3%2F0NBrZyXv4HY0o2d%2BgspKk6Zk7%2FSiGxj"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 795beb9f1ccab50c-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	push.services.mozilla.com/	35.155.77.83	101 Switching Protocols	0 B
URL HTTP/1.1 push.services.mozilla.com/ IP 35.155.77.83:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: 1uJ58rmECpk+uthetzg3ug== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: kg/cdGl/YFJatXMJxXK4eIEOR8M=`

	2ndsystem.sa.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js	172.67.189.221	200 OK	1.1 kB
URL HTTP/2 2ndsystem.sa.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js IP 172.67.189.221:0 ASN #13335 CLOUDFLARENET File type data Size 1.1 kB (1126 bytes) Hash 735b452398e55fecee93080de33af91b 15cb2d9830bef732dbfda3fcc515318938095998 348cf728b610616cd0359c0b4c4ba7706e9d269f2e609f5640a6268aa1451f38 HTTP Headers GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1 Host: 2ndsystem.sa.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://2ndsystem.sa.com/?utm_source=&utm_medium=&campaign_id=&adset_id=&ad_id=&adset_name=&px={px}&get=&keyt=1675770757&d=https%3A%2F%2Fthebettarinc.icu&pid=29&cid=1950&fbclid=&subid=s8hnpa15b04 Cookie: __ddg1_=OJweCn2peSGyogm186k7; PHPSESSID=67f6a6292fa60aaa8bd2b4fb6695c29f Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers HTTP/2 200 OK date: Tue, 07 Feb 2023 11:52:37 GMT content-type: application/javascript last-modified: Fri, 03 Feb 2023 16:56:26 GMT etag: W/"63dd3cba-4d7" report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pLzKjtTkAMZ5Van%2F4mWNyghLHQvQs0BgXVEQu5jrNBWbcG5aR7PWn39%2Fh46xzeFZq5kQU7vvCEfbhNwNB9ikf%2FNQgm0ZZmp5rEH72OmGoCbeLzFmrZK1g3bNzUtdyszqaSoG"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 795beba39c280b51-OSL x-frame-options: DENY x-content-type-options: nosniff expires: Thu, 09 Feb 2023 11:52:37 GMT cache-control: max-age=172800, public content-encoding: gzip X-Firefox-Spdy: h2

	ocsp.pki.goog/s/gts1p5/lvtPEHKMMuE	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/lvtPEHKMMuE IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 66bd5188697d7474644dbdc12e14d3d5 fa18f20ccc72b35c77950087e23016638237047f 3fc24d46dac68628888739a045dfb3a7b62b27a9caaec49588f8701ec0fd50e1 HTTP Headers `POST /s/gts1p5/lvtPEHKMMuE HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 07 Feb 2023 11:52:37 GMT Cache-Control: public, max-age=14400 Server: scaffolding on HTTPServer2 Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&subset=latin,cyrillic	142.250.74.106	200 OK	1.2 kB
URL HTTP/2 fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&subset=latin,cyrillic IP 142.250.74.106:0 ASN #15169 GOOGLE File type data Size 1.2 kB (1159 bytes) Hash 5e28d0c5edb699a63c0c24518264576c 96cee64b90259bac91b161e322c716de52672733 22f75e61cb0a3e103bccd8e5112ec5887ee848a6cddd2ad7b8269ac6e48527f8 HTTP Headers `GET /css2?family=Roboto:wght@300;400;500;700&subset=latin,cyrillic HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://2ndsystem.sa.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Tue, 07 Feb 2023 11:52:37 GMT date: Tue, 07 Feb 2023 11:52:37 GMT cache-control: private, max-age=86400 cross-origin-opener-policy: same-origin-allow-popups cross-origin-resource-policy: cross-origin content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	2ndsystem.sa.com/wcontent/css/tilda-slds-1.4.min.css?v=1	172.67.189.221	200 OK	2.3 kB
URL HTTP/2 2ndsystem.sa.com/wcontent/css/tilda-slds-1.4.min.css?v=1 IP 172.67.189.221:0 ASN #13335 CLOUDFLARENET File type ASCII text, with very long lines (11204), with no line terminators Size 2.3 kB (2330 bytes) Hash 908a535129961bb14ed166d678fab4d9 5a3cfb91403bf2d567c28525fae5b19043bbb81d 86fde06d7799a02115b8022280a3288c7c4879f8a8c2f664e9cd45e01f86b891 HTTP Headers GET /wcontent/css/tilda-slds-1.4.min.css?v=1 HTTP/1.1 Host: 2ndsystem.sa.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://2ndsystem.sa.com/?utm_source=&utm_medium=&campaign_id=&adset_id=&ad_id=&adset_name=&px={px}&get=&keyt=1675770757&d=https%3A%2F%2Fthebettarinc.icu&pid=29&cid=1950&fbclid=&subid=s8hnpa15b04 Cookie: __ddg1_=OJweCn2peSGyogm186k7; PHPSESSID=67f6a6292fa60aaa8bd2b4fb6695c29f Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers HTTP/2 200 OK date: Tue, 07 Feb 2023 11:52:37 GMT content-type: text/css last-modified: Wed, 10 Aug 2022 14:31:58 GMT vary: Accept-Encoding ddg-cache-status: HIT cache-control: max-age=14400 cf-cache-status: MISS report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QsEf8LPnxNVeaMF1W53e8Jcfca0FrxZv8uV0AdTA4vsuyn%2BnSaoPmbm%2FcMW%2BdGKlf3GuBG4VFNNmY%2FxzNvAES%2B7u%2F3bxxk%2B%2BHTVTU4Sb8WbZeDnuxKiniGuZkmw6yoWNGuMP"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 795beba37c120b51-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	2ndsystem.sa.com/wcontent/css/tilda-forms-1.0.min.css?v=1	172.67.189.221	200 OK	2.1 kB
URL HTTP/2 2ndsystem.sa.com/wcontent/css/tilda-forms-1.0.min.css?v=1 IP 172.67.189.221:0 ASN #13335 CLOUDFLARENET File type ASCII text, with very long lines (6619), with no line terminators Size 2.1 kB (2051 bytes) Hash c550d4290bbef61b0af38a695d47eae4 bd81c6ef42712f6d4d3fda4ae9ca9ec6b9e9b203 a0e6758e3463c407ee59c42d998a1958041fe526501d455a277b2238e6770261 HTTP Headers GET /wcontent/css/tilda-forms-1.0.min.css?v=1 HTTP/1.1 Host: 2ndsystem.sa.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://2ndsystem.sa.com/?utm_source=&utm_medium=&campaign_id=&adset_id=&ad_id=&adset_name=&px={px}&get=&keyt=1675770757&d=https%3A%2F%2Fthebettarinc.icu&pid=29&cid=1950&fbclid=&subid=s8hnpa15b04 Cookie: __ddg1_=OJweCn2peSGyogm186k7; PHPSESSID=67f6a6292fa60aaa8bd2b4fb6695c29f Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers HTTP/2 200 OK date: Tue, 07 Feb 2023 11:52:37 GMT content-type: text/css last-modified: Wed, 10 Aug 2022 14:31:58 GMT vary: Accept-Encoding ddg-cache-status: HIT,MISS cache-control: max-age=14400 cf-cache-status: MISS report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2EumemKg5%2B9YYqMmUrob5%2F1nO3ifYn7bA%2F1i7B%2FcpoLO4ZTLKrkZ%2By%2BbMOQi3Uj9daI%2BZ5B%2FW5w62eKZhBaCIHIWUGveePw%2Brxv4hetMvYPOJxZx9VUKZ665Hxvfozt7jI5V"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 795beba38c1d0b51-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 0a8ea253ef61b5c330b3285f9a94e6ae 0cf9a1c66c83f505c7195774996b107c145f5884 8b6bca0cd9c9adcb16bba03349e8fcbfcd645719c82c95f0111095b731842402 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 07 Feb 2023 11:52:37 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 0a8ea253ef61b5c330b3285f9a94e6ae 0cf9a1c66c83f505c7195774996b107c145f5884 8b6bca0cd9c9adcb16bba03349e8fcbfcd645719c82c95f0111095b731842402 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 07 Feb 2023 11:52:37 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	2ndsystem.sa.com/wcontent/js/jquery-1.10.2.min.js?v=1	172.67.189.221	200 OK	34 kB
URL HTTP/2 2ndsystem.sa.com/wcontent/js/jquery-1.10.2.min.js?v=1 IP 172.67.189.221:0 ASN #13335 CLOUDFLARENET File type ASCII text, with very long lines (32072) Size 34 kB (34151 bytes) Hash f19df81c2c62cb48e3565442b41ef040 95b7969e9f92bcaa24e3e02c1ed5dc9ed99a1f3e 5afa322289552c132211ba720ae068798136d6638045b1cd4696a05dd70dbc4e HTTP Headers GET /wcontent/js/jquery-1.10.2.min.js?v=1 HTTP/1.1 Host: 2ndsystem.sa.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://2ndsystem.sa.com/?utm_source=&utm_medium=&campaign_id=&adset_id=&ad_id=&adset_name=&px={px}&get=&keyt=1675770757&d=https%3A%2F%2Fthebettarinc.icu&pid=29&cid=1950&fbclid=&subid=s8hnpa15b04 Cookie: __ddg1_=OJweCn2peSGyogm186k7; PHPSESSID=67f6a6292fa60aaa8bd2b4fb6695c29f Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers HTTP/2 200 OK date: Tue, 07 Feb 2023 11:52:37 GMT content-type: application/javascript last-modified: Wed, 10 Aug 2022 14:32:04 GMT vary: Accept-Encoding ddg-cache-status: HIT cache-control: max-age=14400 cf-cache-status: MISS report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AcPR%2BYofrQ3UsvsIhGozNv%2FvwrKHmDNe%2BLvr67TnRQ9h50JXTHRvDGgSNaZchOPrit7EXMVUF18f8FJG%2BHcd8XDb4l2LV6IuX15rjtAcR5IRKcpeYpHfvKcSudHy3d%2BvIVyl"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 795beba38c1e0b51-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	2ndsystem.sa.com/wcontent/css/tilda-blocks-2.14.css?v=1	172.67.189.221	200 OK	5.0 kB
URL HTTP/2 2ndsystem.sa.com/wcontent/css/tilda-blocks-2.14.css?v=1 IP 172.67.189.221:0 ASN #13335 CLOUDFLARENET File type Unicode text, UTF-8 text, with very long lines (24515), with no line terminators Size 5.0 kB (4985 bytes) Hash 786fe648d1fe6a019860826b49f38501 66725e9287b1c4fc85eb8a66b6b2908fe825c5bf 021d3bd1b0b658dac931070610ce833ee1c196ab0d045582c40a1f7d5407bd8c HTTP Headers GET /wcontent/css/tilda-blocks-2.14.css?v=1 HTTP/1.1 Host: 2ndsystem.sa.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://2ndsystem.sa.com/?utm_source=&utm_medium=&campaign_id=&adset_id=&ad_id=&adset_name=&px={px}&get=&keyt=1675770757&d=https%3A%2F%2Fthebettarinc.icu&pid=29&cid=1950&fbclid=&subid=s8hnpa15b04 Cookie: __ddg1_=OJweCn2peSGyogm186k7; PHPSESSID=67f6a6292fa60aaa8bd2b4fb6695c29f Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers HTTP/2 200 OK date: Tue, 07 Feb 2023 11:52:37 GMT content-type: text/css last-modified: Wed, 10 Aug 2022 14:31:58 GMT vary: Accept-Encoding ddg-cache-status: HIT,HIT cache-control: max-age=14400 cf-cache-status: MISS report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tBEPZqvrjkhv8dANnaUzAi%2Bl6Jmb5uJ98lqRPX90rtdUpjOON9PlVJa%2BRG9fJNcDKtvv3itfo3rNZtvBJYBGwWWFXoIajcznBDo0TwTwzZuJjAvfR1jsi5YhyzpnMGtiKp4f"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 795beba37bfb0b51-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	2ndsystem.sa.com/wcontent/js/lazyload-1.3.min.js?v=1	172.67.189.221	200 OK	2.6 kB
URL HTTP/2 2ndsystem.sa.com/wcontent/js/lazyload-1.3.min.js?v=1 IP 172.67.189.221:0 ASN #13335 CLOUDFLARENET File type ASCII text, with very long lines (6745), with no line terminators Size 2.6 kB (2620 bytes) Hash 6a458e1352b6ec89ff8b395c886c0fc1 b2c08408cbe27fc6bf1024f42c9f7d61f58002b8 3c00fa66bbb05045dc40071cc4c2842fc8f6bd74ae6756959ea460b02a1cab20 HTTP Headers GET /wcontent/js/lazyload-1.3.min.js?v=1 HTTP/1.1 Host: 2ndsystem.sa.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://2ndsystem.sa.com/?utm_source=&utm_medium=&campaign_id=&adset_id=&ad_id=&adset_name=&px={px}&get=&keyt=1675770757&d=https%3A%2F%2Fthebettarinc.icu&pid=29&cid=1950&fbclid=&subid=s8hnpa15b04 Cookie: __ddg1_=OJweCn2peSGyogm186k7; PHPSESSID=67f6a6292fa60aaa8bd2b4fb6695c29f Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers HTTP/2 200 OK date: Tue, 07 Feb 2023 11:52:37 GMT content-type: application/javascript last-modified: Wed, 10 Aug 2022 14:32:04 GMT vary: Accept-Encoding ddg-cache-status: HIT cache-control: max-age=14400 cf-cache-status: MISS report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0O%2FwGCi5lE8cib8fmMkXnB54rOMyRtPyvGvtYdgjn%2BlnyPXxdjWRPWKiOuXniQPPHX%2BuGEJNSxKCaxX70hQt43d2uOSCRzR5U7L%2FNeZuW4xwFOkBtQXPMfilGs95q%2FvQBlmg"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 795beba38c200b51-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 0a8ea253ef61b5c330b3285f9a94e6ae 0cf9a1c66c83f505c7195774996b107c145f5884 8b6bca0cd9c9adcb16bba03349e8fcbfcd645719c82c95f0111095b731842402 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 07 Feb 2023 11:52:37 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2	142.250.74.35	200 OK	16 kB
URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 IP 142.250.74.35:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data Size 16 kB (15740 bytes) Hash b9c29351c46f3e8c8631c4002457f48a e57e59c5780995ff2937ab2b511a769212974a87 f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef HTTP Headers `GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://2ndsystem.sa.com Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 15740 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Sat, 04 Feb 2023 10:26:49 GMT expires: Sun, 04 Feb 2024 10:26:49 GMT cache-control: public, max-age=31536000 age: 264348 last-modified: Wed, 11 May 2022 19:24:56 GMT content-type: font/woff2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	2ndsystem.sa.com/wcontent/css/tilda-cover-1.0.min.css?v=1	172.67.189.221	200 OK	16 kB
URL HTTP/2 2ndsystem.sa.com/wcontent/css/tilda-cover-1.0.min.css?v=1 IP 172.67.189.221:0 ASN #13335 CLOUDFLARENET File type ASCII text, with very long lines (3697), with no line terminators Size 16 kB (16428 bytes) Hash a545cd6be79831cedd43138649551f30 1fe5bbdc57e7c68fb287a0b8622ca2e2680dcb69 85d11629dec9f827cee26fae0fbaca8d397c24711571a5e5e49f21b213062432 HTTP Headers GET /wcontent/css/tilda-cover-1.0.min.css?v=1 HTTP/1.1 Host: 2ndsystem.sa.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://2ndsystem.sa.com/?utm_source=&utm_medium=&campaign_id=&adset_id=&ad_id=&adset_name=&px={px}&get=&keyt=1675770757&d=https%3A%2F%2Fthebettarinc.icu&pid=29&cid=1950&fbclid=&subid=s8hnpa15b04 Cookie: __ddg1_=OJweCn2peSGyogm186k7; PHPSESSID=67f6a6292fa60aaa8bd2b4fb6695c29f Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers HTTP/2 200 OK date: Tue, 07 Feb 2023 11:52:37 GMT content-type: text/css last-modified: Wed, 10 Aug 2022 14:31:58 GMT vary: Accept-Encoding ddg-cache-status: HIT,HIT cache-control: max-age=14400 cf-cache-status: MISS report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NrUtvMQ%2BpA%2FR7SRDZE%2FoQfUsx4Pds9etabtHHCNhgLmihiZWid21H%2Bl6I11SHe5%2FQVehm0qaNldYcnelSesV4Sf8am7Jw4xeYg7fqTFQoD3ZTM00foFlXdDZvcGOkTiWUom5"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 795beba37c100b51-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2	142.250.74.35	200 OK	16 kB
URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP 142.250.74.35:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data Size 16 kB (15860 bytes) Hash e9f5aaf547f165386cd313b995dddd8e acdef5603c2387b0e5bffd744b679a24a8bc1968 f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860 HTTP Headers `GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://2ndsystem.sa.com Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 15860 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Tue, 31 Jan 2023 13:09:06 GMT expires: Wed, 31 Jan 2024 13:09:06 GMT cache-control: public, max-age=31536000 age: 600211 last-modified: Wed, 11 May 2022 19:24:42 GMT content-type: font/woff2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 0a8ea253ef61b5c330b3285f9a94e6ae 0cf9a1c66c83f505c7195774996b107c145f5884 8b6bca0cd9c9adcb16bba03349e8fcbfcd645719c82c95f0111095b731842402 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 07 Feb 2023 11:52:37 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	2ndsystem.sa.com/wcontent/css/tilda-zoom-2.0.min.css?v=1	172.67.189.221	200 OK	1.7 kB
URL HTTP/2 2ndsystem.sa.com/wcontent/css/tilda-zoom-2.0.min.css?v=1 IP 172.67.189.221:0 ASN #13335 CLOUDFLARENET File type ASCII text, with very long lines (6077), with no line terminators Size 1.7 kB (1703 bytes) Hash 91cf0aba8cff5740dce7392c5518d36a e948c772b25e6e7fa9dac4634f96e77e648bc63d 12f17c03c23ad77b44f101d561409f12510f054aba04a7ca8c1dad1e0e59e122 HTTP Headers GET /wcontent/css/tilda-zoom-2.0.min.css?v=1 HTTP/1.1 Host: 2ndsystem.sa.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://2ndsystem.sa.com/?utm_source=&utm_medium=&campaign_id=&adset_id=&ad_id=&adset_name=&px={px}&get=&keyt=1675770757&d=https%3A%2F%2Fthebettarinc.icu&pid=29&cid=1950&fbclid=&subid=s8hnpa15b04 Cookie: __ddg1_=OJweCn2peSGyogm186k7; PHPSESSID=67f6a6292fa60aaa8bd2b4fb6695c29f Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers HTTP/2 200 OK date: Tue, 07 Feb 2023 11:52:37 GMT content-type: text/css last-modified: Wed, 10 Aug 2022 14:31:58 GMT vary: Accept-Encoding ddg-cache-status: HIT cache-control: max-age=14400 cf-cache-status: MISS report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wGj3S5L3xFBjh6N6yOMJcwoHnYxxFX8dCVmsL%2FrAXgFg6vi8JtPvauNyXoVV0JsKFg3kHKtlUTLTJMug6N8v585FkCG7P%2BgfOj0ciWHWdaArwgQoc3BOoy1jGQ1i9xryrz9P"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 795beba38c150b51-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	2ndsystem.sa.com/wcontent/css/tilda-grid-3.0.min.css?v=1	172.67.189.221	200 OK	1.3 kB
URL HTTP/2 2ndsystem.sa.com/wcontent/css/tilda-grid-3.0.min.css?v=1 IP 172.67.189.221:0 ASN #13335 CLOUDFLARENET File type ASCII text, with very long lines (4112), with no line terminators Size 1.3 kB (1256 bytes) Hash 90b923c7bae920b2caf2ec8fbe780213 c7014f434111f17a2b522437bdba4aea7fef9e85 ee62ab2a988f46c56c5a846e658e0e141fa4d94f7a8042b2613f10e3d2195834 HTTP Headers GET /wcontent/css/tilda-grid-3.0.min.css?v=1 HTTP/1.1 Host: 2ndsystem.sa.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://2ndsystem.sa.com/?utm_source=&utm_medium=&campaign_id=&adset_id=&ad_id=&adset_name=&px={px}&get=&keyt=1675770757&d=https%3A%2F%2Fthebettarinc.icu&pid=29&cid=1950&fbclid=&subid=s8hnpa15b04 Cookie: __ddg1_=OJweCn2peSGyogm186k7; PHPSESSID=67f6a6292fa60aaa8bd2b4fb6695c29f Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers HTTP/2 200 OK date: Tue, 07 Feb 2023 11:52:37 GMT content-type: text/css last-modified: Wed, 10 Aug 2022 14:31:58 GMT vary: Accept-Encoding ddg-cache-status: HIT cache-control: max-age=14400 cf-cache-status: MISS report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KFQ3VIX%2FUYepwz4vfj4r4K87SIHKs1rBzkPRktbBhwNHYYIJ4WdXDrw2qHIFvjLyRabk%2BLTvqD0E7nhavedFcb2gnOJ0zdRgFqfEIle%2BYN74Zyve5DEblmb9PyTZRF4fAKVi"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 795beba36bf70b51-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 68273225f74fbf7493f395610d7a73fc 5a8779ef5656aeeba23b365aad60b7901c5dd7fc c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19" Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5273 Expires: Tue, 07 Feb 2023 13:20:31 GMT Date: Tue, 07 Feb 2023 11:52:38 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 68273225f74fbf7493f395610d7a73fc 5a8779ef5656aeeba23b365aad60b7901c5dd7fc c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19" Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5273 Expires: Tue, 07 Feb 2023 13:20:31 GMT Date: Tue, 07 Feb 2023 11:52:38 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 68273225f74fbf7493f395610d7a73fc 5a8779ef5656aeeba23b365aad60b7901c5dd7fc c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19" Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5273 Expires: Tue, 07 Feb 2023 13:20:31 GMT Date: Tue, 07 Feb 2023 11:52:38 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 68273225f74fbf7493f395610d7a73fc 5a8779ef5656aeeba23b365aad60b7901c5dd7fc c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19" Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5273 Expires: Tue, 07 Feb 2023 13:20:31 GMT Date: Tue, 07 Feb 2023 11:52:38 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 68273225f74fbf7493f395610d7a73fc 5a8779ef5656aeeba23b365aad60b7901c5dd7fc c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19" Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5273 Expires: Tue, 07 Feb 2023 13:20:31 GMT Date: Tue, 07 Feb 2023 11:52:38 GMT Connection: keep-alive`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6154ab9-bb20-4d77-a86e-15f604bb237a.webp	34.120.237.76	200 OK	8.1 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6154ab9-bb20-4d77-a86e-15f604bb237a.webp IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 8.1 kB (8110 bytes) Hash 4dd67c975f1c1f91ca92f37c9e098231 b9096efb56b6e196b13722e767a9d2762737cbb9 39f21e5db4089d6cf94646b76cd9032e9831ed03f7c2f0d980fac09c893a52db HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6154ab9-bb20-4d77-a86e-15f604bb237a.webp HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 8110 x-amzn-requestid: fdfa4af0-a6e4-4664-a86b-48fd6f374d96 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: f77JCFyzoAMFtyQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63e17239-205cdd9d70f23cb358c65222;Sampled=0 x-amzn-remapped-date: Mon, 06 Feb 2023 21:33:45 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: haWel3aE2NwfrpYKJbsqnbYuIjdvneK8WP_2_wbjRcV0ZQ4qYJLGzg== via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google date: Mon, 06 Feb 2023 22:15:10 GMT age: 49048 etag: "b9096efb56b6e196b13722e767a9d2762737cbb9" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ada2635-3335-4f49-9e7f-22d2ae016030.jpeg	34.120.237.76	200 OK	4.2 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ada2635-3335-4f49-9e7f-22d2ae016030.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 4.2 kB (4227 bytes) Hash eedb4de12585c70ddb5b8f94fe6a59e2 83c9437e71a0a03b3e8ff652155a85eafa76cdda d4493a30f62e9ad224b3595ba3af8a322e2d4a3d9238a1847973f962bdcc0c82 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ada2635-3335-4f49-9e7f-22d2ae016030.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 4227 x-amzn-requestid: b45f2ab7-0102-4542-9514-54fb93a0e27f x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: f77sTH4jIAMFnsQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63e1731b-4a24bcb1102e58543cd81343;Sampled=0 x-amzn-remapped-date: Mon, 06 Feb 2023 21:37:31 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: ovhdLaEGaDSC8X0F9VamLw0KyBPWkxfYg5pssOT8NOZP4IBtNk6Gfw== via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google date: Mon, 06 Feb 2023 21:55:19 GMT etag: "83c9437e71a0a03b3e8ff652155a85eafa76cdda" content-type: image/jpeg age: 50239 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a62e65-5d07-4259-aa47-d2491847eee9.jpeg	34.120.237.76	200 OK	11 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a62e65-5d07-4259-aa47-d2491847eee9.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type data Size 11 kB (11006 bytes) Hash e5b262d9f30b8a5cde9e5ac6f37af8c5 0d63b1fdc634574af2e51f6d1363b706de679f17 a1adbd34ce622909ef43b162ea8dbe9afa2c7408a304be08848e11d95a7f0953 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a62e65-5d07-4259-aa47-d2491847eee9.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 10788 x-amzn-requestid: 8e1c8026-1eea-4eb0-810e-7ea43ed11f87 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fyymWEsSoAMFykg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63ddcaf5-20fc23b535fa86f56a34fbae;Sampled=0 x-amzn-remapped-date: Sat, 04 Feb 2023 03:03:17 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: Nb86Kj6pqD3DFzCeTNtTGNXsNfHLvu4kgYq6qmhu2Ygya462lBl0lg== via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google date: Tue, 07 Feb 2023 05:13:55 GMT age: 23923 etag: "1958f83edeb8c6b68f17cead3fb5714f44e619eb" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9bbda930-ccb5-4a8a-b679-2389a710fc6f.jpeg	34.120.237.76	200 OK	6.8 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9bbda930-ccb5-4a8a-b679-2389a710fc6f.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 6.8 kB (6787 bytes) Hash d057038cd3164c40413a88f9b5c2af92 afbcb6617c7277ea42068c2aa1c8dcba02549873 ae03b42f1a5c3774e3ea569a886707a8a31da05a45bd971b829cf579be0ea6c7 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9bbda930-ccb5-4a8a-b679-2389a710fc6f.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 6787 x-amzn-requestid: 15924d6a-68a3-414b-9e23-68d37291d4a8 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fvyxSEjXIAMFT3Q= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63dc9808-22daff920f5fe1201328ccee;Sampled=0 x-amzn-remapped-date: Fri, 03 Feb 2023 05:13:44 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: AOnXbzTBcVZ3quJx3NoNQC08Gk5_phyp8UiWCm6Dk4GPxl8FCaIC4w== via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google date: Mon, 06 Feb 2023 16:55:00 GMT age: 68258 etag: "afbcb6617c7277ea42068c2aa1c8dcba02549873" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6de3153-62d2-494b-8acf-6d3ac8adba7d.jpeg	34.120.237.76	200 OK	13 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6de3153-62d2-494b-8acf-6d3ac8adba7d.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 13 kB (13160 bytes) Hash 003fc35e140a75a12b7795c3986426ec da002b22e2a01f48a545b369d4403eabb17a10d5 bb0754411aa7d0a5036b86b282d0e93d13227765ca9ccaf3a34e8e486cb413d1 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6de3153-62d2-494b-8acf-6d3ac8adba7d.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 13160 x-amzn-requestid: 34aa6dfe-7f14-48d0-89b2-90548621be79 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fzVxSHh7IAMFjAg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63de033b-49587fff75aebe96136137be;Sampled=0 x-amzn-remapped-date: Sat, 04 Feb 2023 07:03:23 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: 81DTnHIh40lNEi6l5hC87Vo9R8k4w79Fr71zibyvGP0iJm4kmhWITA== via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google date: Tue, 07 Feb 2023 07:45:27 GMT age: 14831 etag: "da002b22e2a01f48a545b369d4403eabb17a10d5" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3c48c35-4645-41c0-a6fa-b700208324c7.jpeg	34.120.237.76	200 OK	13 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3c48c35-4645-41c0-a6fa-b700208324c7.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 13 kB (13390 bytes) Hash 75b0935816ca54d5d20a9fffa5531e0d bd8374980c16b7d5a28e55b8bef2215713b1ebb2 4ab6f49d22d029681754b617001f93467d63035acdaf12905c2314cab77991af HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3c48c35-4645-41c0-a6fa-b700208324c7.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 13390 x-amzn-requestid: e7653b49-3160-42e3-8292-8ae32604f775 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fpc8KEoPoAMFrUg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63da0eb4-68fd76a95ffa656318bedff6;Sampled=0 x-amzn-remapped-date: Wed, 01 Feb 2023 07:03:16 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: KaitXsesZ9mJducJ54ChzQGfb-2-hEN4W_QojGMKXYEji4xsjNdWCA== via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google date: Tue, 07 Feb 2023 09:07:41 GMT age: 9897 etag: "bd8374980c16b7d5a28e55b8bef2215713b1ebb2" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F028c7ce9-e4c6-4453-bc20-0c0fefbadfec.jpeg	34.120.237.76	200 OK	12 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F028c7ce9-e4c6-4453-bc20-0c0fefbadfec.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 12 kB (11630 bytes) Hash b08a4dc42d2e08b2b18c9545ce9a2fdb b688557ebba4b3c987275761e9a1f5993ad3d8a5 641402fb9282208b33877e4812cb9392b035dba85fcb3a344a2a1072d5a69f28 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F028c7ce9-e4c6-4453-bc20-0c0fefbadfec.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers HTTP/2 200 OK server: nginx content-length: 11630 x-amzn-requestid: 3912e3f9-44a5-405c-9edb-d8409faa0b04 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: f4pkUHUoIAMFzcg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63e022e8-03e547e96b085d9e29a1852b;Sampled=0 x-amzn-remapped-date: Sun, 05 Feb 2023 21:43:04 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: Vrf1axqufJTrf057F6nY_97NtiM_Wt0tZXpTGN42rvAOV7a4CPe1ig== via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google date: Tue, 07 Feb 2023 05:04:30 GMT age: 24495 etag: "b688557ebba4b3c987275761e9a1f5993ad3d8a5" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	2ndsystem.sa.com/wcontent/css/tilda-animation-1.0.min.css?v=1	172.67.189.221	200 OK	0 B
URL HTTP/2 2ndsystem.sa.com/wcontent/css/tilda-animation-1.0.min.css?v=1 IP 172.67.189.221:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers GET /wcontent/css/tilda-animation-1.0.min.css?v=1 HTTP/1.1 Host: 2ndsystem.sa.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://2ndsystem.sa.com/?utm_source=&utm_medium=&campaign_id=&adset_id=&ad_id=&adset_name=&px={px}&get=&keyt=1675770757&d=https%3A%2F%2Fthebettarinc.icu&pid=29&cid=1950&fbclid=&subid=s8hnpa15b04 Cookie: __ddg1_=OJweCn2peSGyogm186k7; PHPSESSID=67f6a6292fa60aaa8bd2b4fb6695c29f Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers HTTP/2 200 OK date: Tue, 07 Feb 2023 11:52:37 GMT content-type: text/css last-modified: Wed, 10 Aug 2022 14:31:58 GMT vary: Accept-Encoding ddg-cache-status: HIT,HIT cache-control: max-age=14400 cf-cache-status: MISS report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2YKc10D24NOimCPex34OWoW0sVgORraAkb9mfgWCvPT9Ui5RgaMC1jqi5dzBbSGxQtANGrDOGtuYJrNg2Y6FRhvwdBVHchf0LVyl64EQqqyzwcGpgvtixYALHHK1uSm1bN6%2B"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 795beba37c030b51-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	2ndsystem.sa.com/?utm_source=&utm_medium=&campaign_id=&adset_id=&ad_id=&adset_name=&px={px}&get=&keyt=1675770757&d=https%3A%2F%2Fthebettarinc.icu&pid=29&cid=1950&fbclid=&subid=s8hnpa15b04	172.67.189.221	200 OK	0 B
URL HTTP/2 2ndsystem.sa.com/?utm_source=&utm_medium=&campaign_id=&adset_id=&ad_id=&adset_name=&px={px}&get=&keyt=1675770757&d=https%3A%2F%2Fthebettarinc.icu&pid=29&cid=1950&fbclid=&subid=s8hnpa15b04 IP 172.67.189.221:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers GET /?utm_source=&utm_medium=&campaign_id=&adset_id=&ad_id=&adset_name=&px={px}&get=&keyt=1675770757&d=https%3A%2F%2Fthebettarinc.icu&pid=29&cid=1950&fbclid=&subid=s8hnpa15b04 HTTP/1.1 Host: 2ndsystem.sa.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 HTTP/2 200 OK date: Tue, 07 Feb 2023 11:52:37 GMT content-type: text/html; charset=UTF-8 set-cookie: __ddg1_=OJweCn2peSGyogm186k7; Domain=.2ndsystem.sa.com; HttpOnly; Path=/; Expires=Wed, 07-Feb-2024 11:52:37 GMT PHPSESSID=67f6a6292fa60aaa8bd2b4fb6695c29f; path=/ x-powered-by: PHP/7.4.33 expires: Thu, 19 Nov 1981 08:52:00 GMT cache-control: no-store, no-cache, must-revalidate pragma: no-cache vary: Accept-Encoding cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LwvDLN%2Bf1%2BjbDEj7Q%2ByonG6I71KQ0aunC1TSa%2BZ680%2BEYcXXCNT%2FEaKky15AhrzvX6xGHZA7eoGAJebHawNZoBO%2BKQaL4jyrskeck5qgtL6rrCYVofS1nLGd9%2BYddetNkQmD"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 795beba24acb0b51-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	2ndsystem.sa.com/wcontent/css/tilda-menusub-1.0.min.css?v=1	172.67.189.221	200 OK	0 B
URL HTTP/2 2ndsystem.sa.com/wcontent/css/tilda-menusub-1.0.min.css?v=1 IP 172.67.189.221:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers GET /wcontent/css/tilda-menusub-1.0.min.css?v=1 HTTP/1.1 Host: 2ndsystem.sa.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://2ndsystem.sa.com/?utm_source=&utm_medium=&campaign_id=&adset_id=&ad_id=&adset_name=&px={px}&get=&keyt=1675770757&d=https%3A%2F%2Fthebettarinc.icu&pid=29&cid=1950&fbclid=&subid=s8hnpa15b04 Cookie: __ddg1_=OJweCn2peSGyogm186k7; PHPSESSID=67f6a6292fa60aaa8bd2b4fb6695c29f Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers HTTP/2 200 OK date: Tue, 07 Feb 2023 11:52:37 GMT content-type: text/css last-modified: Wed, 10 Aug 2022 14:31:58 GMT vary: Accept-Encoding ddg-cache-status: HIT cache-control: max-age=14400 cf-cache-status: MISS report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iY%2FDf8Ea%2FSvAT1qfFjgHu5PnWjeCFOmluiPmhjdGQsjYESbfQEoZnylmNPeY0gkaNBhVgjJUJ7%2FDxWzhT7qKGZhdWDJfNosgitFF7%2F5RuAYc4%2B7ZoQD9tJwMnIJOeRO8rkGo"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 795beba37c070b51-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (5)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (45)

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type