URL: http://bale-1x2.com/
Submission: On June 02 via manual from BG — Scanned from DE

Summary

This website contacted 32 IPs in 7 countries across 40 domains to perform 105 HTTP transactions. The main IP is 79.124.76.70, located in Bulgaria and belongs to TELEPOINT, BG. The main domain is bale-1x2.com.
This is the only time bale-1x2.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
21 79.124.76.70 31083 (TELEPOINT)
1 41 151.101.112.193 54113 (FASTLY)
1 2 151.106.100.24 47583 (AS-HOSTINGER)
1 199.232.194.2 54113 (FASTLY)
1 192.229.233.122 15133 (EDGECAST)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 12.203.219.57 7018 (ATT-INTER...)
1 108.157.4.11 16509 (AMAZON-02)
1 164.138.218.220 201200 (SUPERHOST...)
1 2 207.241.237.3 7941 (INTERNET-...)
3 141.136.33.224 47583 (AS-HOSTINGER)
1 68.66.248.41 55293 (A2HOSTING)
1 3 188.114.96.3 13335 (CLOUDFLAR...)
3 8 66.29.132.92 22612 (NAMECHEAP...)
2 217.174.149.198 31083 (TELEPOINT)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 172.93.51.85 29802 (HVC-AS)
1 51.68.36.8 16276 (OVH)
1 2a00:1450:400... 15169 (GOOGLE)
3 2620:0:862:ed... 14907 (WIKIMEDIA)
1 104.239.236.220 27357 (RACKSPACE)
1 2 199.16.172.227 2635 (AUTOMATTIC)
4 217.174.149.166 31083 (TELEPOINT)
1 192.151.158.243 33387 (NOCIX)
1 173.208.219.12 32097 (WII)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 208.110.80.75 32097 (WII)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 46.105.201.240 16276 (OVH)
1 198.27.80.143 16276 (OVH)
105 32
Apex Domain
Subdomains
Transfer
41 imgur.com
i.imgur.com — Cisco Umbrella Rank: 5562
6 MB
17 bale-1x2.com
bale-1x2.com
853 KB
4 beat-the-bookies1x2.com
beat-the-bookies1x2.com
120 KB
4 betmagic1x2.com
www.betmagic1x2.com
32 KB
3 histats.com
s10.histats.com — Cisco Umbrella Rank: 16195
s4.histats.com — Cisco Umbrella Rank: 13866
13 KB
3 wikimedia.org
upload.wikimedia.org — Cisco Umbrella Rank: 2136
70 KB
2 mypersuasivepresentations.com
mypersuasivepresentations.com
96 KB
2 smart-bet1x2.com
smart-bet1x2.com
277 KB
2 bet-12.com
bet-12.com
17 KB
2 topbet-fixed.com
www.topbet-fixed.com
3 KB
2 archive.org
web.archive.org — Cisco Umbrella Rank: 32956
22 KB
2 tenor.com
c.tenor.com — Cisco Umbrella Rank: 8723
media.tenor.com — Cisco Umbrella Rank: 9344
88 KB
2 tipico-bet.de
tipico-bet.de
24 KB
1 bestfixedsource.com
bestfixedsource.com
66 KB
1 iconarchive.com
icons.iconarchive.com — Cisco Umbrella Rank: 74580
156 KB
1 seekpng.com
www.seekpng.com — Cisco Umbrella Rank: 38562
103 KB
1 pngegg.com
e7.pngegg.com — Cisco Umbrella Rank: 49248
301 KB
1 pngitem.com
www.pngitem.com — Cisco Umbrella Rank: 31041
185 KB
1 kindpng.com
www.kindpng.com — Cisco Umbrella Rank: 28541
321 KB
1 mastercard.com
newsroom.mastercard.com — Cisco Umbrella Rank: 985256
29 KB
1 gifer.com
i.gifer.com — Cisco Umbrella Rank: 29633
961 KB
1 shareicon.net
www.shareicon.net — Cisco Umbrella Rank: 345068
24 KB
1 htft.info
htft.info
41 KB
1 picasion.com
i.picasion.com — Cisco Umbrella Rank: 513376
21 KB
1 tipssafety.com
tipssafety.com
44 KB
1 mega-match1x2.com
mega-match1x2.com
61 KB
1 betwin-365.com
betwin-365.com
8 KB
1 wolves-tip.com
wolves-tip.com
18 KB
1 paok-tip.com
paok-tip.com
8 KB
1 odd1x2.com
odd1x2.com
26 KB
1 europol-fixed.com
europol-fixed.com
25 KB
1 tips-free.com
tips-free.com
367 KB
1 luxury-bets.com
luxury-bets.com
73 KB
1 tipssingle.club
tipssingle.club
7 KB
1 123rf.com
previews.123rf.com — Cisco Umbrella Rank: 20106
102 KB
1 melissa.com
www.melissa.com — Cisco Umbrella Rank: 212066
16 KB
1 gstatic.com
encrypted-tbn0.gstatic.com
6 KB
1 dreamstime.com
thumbs.dreamstime.com — Cisco Umbrella Rank: 11261
68 KB
1 giphy.com
media0.giphy.com — Cisco Umbrella Rank: 2011
333 KB
0 vippng.com Failed
www.vippng.com Failed
105 40
Domain Requested by
41 i.imgur.com 1 redirects bale-1x2.com
17 bale-1x2.com bale-1x2.com
4 beat-the-bookies1x2.com bale-1x2.com
4 www.betmagic1x2.com 1 redirects bale-1x2.com
3 upload.wikimedia.org bale-1x2.com
2 s10.histats.com bale-1x2.com
s10.histats.com
2 mypersuasivepresentations.com 1 redirects bale-1x2.com
2 smart-bet1x2.com 1 redirects bale-1x2.com
2 bet-12.com 1 redirects bale-1x2.com
2 www.topbet-fixed.com 1 redirects bale-1x2.com
2 web.archive.org 1 redirects bale-1x2.com
2 tipico-bet.de 1 redirects bale-1x2.com
1 s4.histats.com s10.histats.com
1 bestfixedsource.com bale-1x2.com
1 icons.iconarchive.com bale-1x2.com
1 www.seekpng.com bale-1x2.com
1 e7.pngegg.com bale-1x2.com
1 www.pngitem.com bale-1x2.com
1 www.kindpng.com bale-1x2.com
1 newsroom.mastercard.com bale-1x2.com
1 media.tenor.com bale-1x2.com
1 i.gifer.com bale-1x2.com
1 www.shareicon.net bale-1x2.com
1 htft.info bale-1x2.com
1 i.picasion.com bale-1x2.com
1 tipssafety.com bale-1x2.com
1 mega-match1x2.com bale-1x2.com
1 betwin-365.com bale-1x2.com
1 wolves-tip.com bale-1x2.com
1 paok-tip.com bale-1x2.com
1 odd1x2.com bale-1x2.com
1 europol-fixed.com bale-1x2.com
1 tips-free.com bale-1x2.com
1 luxury-bets.com bale-1x2.com
1 tipssingle.club bale-1x2.com
1 previews.123rf.com bale-1x2.com
1 www.melissa.com bale-1x2.com
1 encrypted-tbn0.gstatic.com bale-1x2.com
1 c.tenor.com bale-1x2.com
1 thumbs.dreamstime.com bale-1x2.com
1 media0.giphy.com bale-1x2.com
0 www.vippng.com Failed bale-1x2.com
105 42
Subject Issuer Validity Valid
*.imgur.com
DigiCert TLS RSA SHA256 2020 CA1
2022-03-08 -
2023-03-16
a year crt.sh
*.giphy.com
GlobalSign Atlas R3 DV TLS CA 2022 Q1
2022-02-04 -
2023-03-08
a year crt.sh
*.dreamstime.com
DigiCert SHA2 Secure Server CA
2020-07-14 -
2022-07-19
2 years crt.sh
c.tenor.com
GTS CA 1C3
2022-05-04 -
2022-07-27
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-05-04 -
2022-07-27
3 months crt.sh
*.melissa.com
Starfield Secure Certificate Authority - G2
2021-09-15 -
2022-09-14
a year crt.sh
*.123rf.com
Amazon
2022-01-04 -
2023-02-01
a year crt.sh
*.luxury-bets.com
R3
2022-04-27 -
2022-07-26
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-07-18 -
2022-07-17
a year crt.sh
wolves-tip.com
cPanel, Inc. Certification Authority
2022-05-12 -
2022-08-10
3 months crt.sh
www.betmagic1x2.com
Sectigo RSA Domain Validation Secure Server CA
2021-11-27 -
2022-11-26
a year crt.sh
tipssafety.com
cPanel, Inc. Certification Authority
2022-05-03 -
2022-08-01
3 months crt.sh
www.htft.luxury-bets.com
R3
2022-04-21 -
2022-07-20
3 months crt.sh
shareicon.net
Sectigo RSA Domain Validation Secure Server CA
2021-06-08 -
2022-06-08
a year crt.sh
gifer.com
R3
2022-05-04 -
2022-08-02
3 months crt.sh
*.wikipedia.org
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2021-10-19 -
2022-11-17
a year crt.sh
newsroom.mastercard.com
Entrust Certification Authority - L1K
2022-02-22 -
2023-02-22
a year crt.sh
*.fixedpicks1x2.com
R3
2022-04-03 -
2022-07-02
3 months crt.sh
kindpng.com
R3
2022-04-05 -
2022-07-04
3 months crt.sh
pngitem.com
R3
2022-05-06 -
2022-08-04
3 months crt.sh
seekpng.com
R3
2022-05-26 -
2022-08-24
3 months crt.sh
www.bestfixedsource.luxury-bets.com
R3
2022-05-12 -
2022-08-10
3 months crt.sh
histats.com
R3
2022-04-19 -
2022-07-18
3 months crt.sh

This page contains 1 frames:

Primary Page: http://bale-1x2.com/
Frame ID: B10CD93766F3B94A323EFA83CBC88784
Requests: 107 HTTP requests in this frame

Screenshot

Page Title

Fixed Matches betting soccer predictions HT-FT Best Tip - Fixed tips fixed matches 100% sure correct score Fixed Source

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)

Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Overall confidence: 100%
Detected patterns
  • <link [^>]*href="[^"]+lightbox(?:\.min)?\.css
  • lightbox(?:-plus-jquery)?.{0,32}\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

105
Requests

66 %
HTTPS

23 %
IPv6

40
Domains

42
Subdomains

32
IPs

7
Countries

10730 kB
Transfer

10736 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://tipico-bet.de/tipico-bet-fixed-matches/ HTTP 301
  • https://tipico-bet.de/wp-content/uploads/2020/12/TIPICO-BET-FIXED-MATCHES.gif
Request Chain 14
  • http://i.imgur.com/VgsSKeh.gif HTTP 301
  • https://i.imgur.com/VgsSKeh.gif
Request Chain 26
  • http://i.imgur.com/A1hPfIa.gif HTTP 307
  • https://i.imgur.com/A1hPfIa.gif
Request Chain 27
  • http://i.imgur.com/3Wdv6CC.gif HTTP 307
  • https://i.imgur.com/3Wdv6CC.gif
Request Chain 31
  • https://web.archive.org/web/20160928123724im_/http://i.imgur.com/a6lbBfp.gif HTTP 302
  • https://web.archive.org/web/20161016030802im_/http://i.imgur.com/a6lbBfp.gif
Request Chain 35
  • http://i.imgur.com/EjYXovc.gif HTTP 307
  • https://i.imgur.com/EjYXovc.gif
Request Chain 37
  • http://www.topbet-fixed.com/wp-content/uploads/2016/04/senka-1.png HTTP 301
  • https://www.topbet-fixed.com/wp-content/uploads/2016/04/senka-1.png
Request Chain 48
  • http://bet-12.com/wp-content/uploads/2018/04/Q8NKoHW.gif HTTP 301
  • https://bet-12.com/wp-content/uploads/2018/04/Q8NKoHW.gif
Request Chain 55
  • http://smart-bet1x2.com/wp-content/uploads/2016/03/smart_bet1x2_baner.gif HTTP 301
  • https://smart-bet1x2.com/wp-content/uploads/2016/03/smart_bet1x2_baner.gif
Request Chain 57
  • http://www.betmagic1x2.com/wp-content/uploads/2021/08/betmagic-baner.gif HTTP 301
  • https://www.betmagic1x2.com/wp-content/uploads/2021/08/betmagic-baner.gif
Request Chain 80
  • http://mypersuasivepresentations.com/wp-content/uploads/2014/03/laptop_hand_shake_400_clr_5893.png HTTP 301
  • https://mypersuasivepresentations.com/wp-content/uploads/2014/03/laptop_hand_shake_400_clr_5893.png

105 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
bale-1x2.com/
195 KB
196 KB
Document
General
Full URL
http://bale-1x2.com/
Protocol
HTTP/1.1
Server
79.124.76.70 , Bulgaria, ASN31083 (TELEPOINT, BG),
Reverse DNS
qrypto.ns1.bg
Software
Apache /
Resource Hash
d83792ef2f2eebd75a7ee9766f0c92e628c1607ff0110c4bf4ed35d24ce856f7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Upgrade, Keep-Alive
Content-Length
200191
Content-Type
text/html; charset=UTF-8
Date
Thu, 02 Jun 2022 11:03:14 GMT
Keep-Alive
timeout=5
Link
<http://bale-1x2.com/wp-json/>; rel="https://api.w.org/"
Server
Apache
Upgrade
h2,h2c
style.css
bale-1x2.com/wp-content/themes/comicpress/
40 KB
40 KB
Stylesheet
General
Full URL
http://bale-1x2.com/wp-content/themes/comicpress/style.css
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
HTTP/1.1
Server
79.124.76.70 , Bulgaria, ASN31083 (TELEPOINT, BG),
Reverse DNS
qrypto.ns1.bg
Software
Apache /
Resource Hash
dd6efff99e6df285f037e4fde9f732373014f3bae661567e9617b554e631ea1a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Thu, 02 Jun 2022 11:03:14 GMT
Last-Modified
Tue, 31 Mar 2020 22:26:13 GMT
Server
Apache
Upgrade
h2,h2c
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
text/css
Keep-Alive
timeout=5
Content-Length
40867
lightbox.min.css
bale-1x2.com/wp-content/plugins/wp-lightbox-2/styles/
3 KB
3 KB
Stylesheet
General
Full URL
http://bale-1x2.com/wp-content/plugins/wp-lightbox-2/styles/lightbox.min.css?ver=1.3.4
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
HTTP/1.1
Server
79.124.76.70 , Bulgaria, ASN31083 (TELEPOINT, BG),
Reverse DNS
qrypto.ns1.bg
Software
Apache /
Resource Hash
9f306ee99cf71e58ec7a4d8b1c7a14ce792d0f1489d022ff69c40488d11fe648

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Thu, 02 Jun 2022 11:03:14 GMT
Last-Modified
Mon, 01 Feb 2021 22:14:39 GMT
Server
Apache
Upgrade
h2,h2c
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
text/css
Keep-Alive
timeout=5
Content-Length
3115
rpt_style.min.css
bale-1x2.com/wp-content/plugins/dk-pricr-responsive-pricing-table/inc/css/
8 KB
8 KB
Stylesheet
General
Full URL
http://bale-1x2.com/wp-content/plugins/dk-pricr-responsive-pricing-table/inc/css/rpt_style.min.css?ver=5.1.6
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
HTTP/1.1
Server
79.124.76.70 , Bulgaria, ASN31083 (TELEPOINT, BG),
Reverse DNS
qrypto.ns1.bg
Software
Apache /
Resource Hash
081091118e8bd10a591b771435766141d34d981577c5061ab4ea75fd4786796c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Thu, 02 Jun 2022 11:03:14 GMT
Last-Modified
Tue, 11 Jan 2022 20:56:07 GMT
Server
Apache
Upgrade
h2,h2c
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
text/css
Keep-Alive
timeout=5
Content-Length
7930
jquery.js
bale-1x2.com/wp-includes/js/jquery/
95 KB
95 KB
Script
General
Full URL
http://bale-1x2.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
HTTP/1.1
Server
79.124.76.70 , Bulgaria, ASN31083 (TELEPOINT, BG),
Reverse DNS
qrypto.ns1.bg
Software
Apache /
Resource Hash
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Thu, 02 Jun 2022 11:03:14 GMT
Last-Modified
Thu, 05 Sep 2019 09:29:49 GMT
Server
Apache
Upgrade
h2,h2c
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
application/javascript
Keep-Alive
timeout=5
Content-Length
96874
jquery-migrate.min.js
bale-1x2.com/wp-includes/js/jquery/
10 KB
10 KB
Script
General
Full URL
http://bale-1x2.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
HTTP/1.1
Server
79.124.76.70 , Bulgaria, ASN31083 (TELEPOINT, BG),
Reverse DNS
qrypto.ns1.bg
Software
Apache /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Thu, 02 Jun 2022 11:03:14 GMT
Last-Modified
Wed, 01 Jun 2016 18:25:32 GMT
Server
Apache
Upgrade
h2,h2c
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
application/javascript
Keep-Alive
timeout=5
Content-Length
10056
ddsmoothmenu.js
bale-1x2.com/wp-content/themes/comicpress/js/
8 KB
9 KB
Script
General
Full URL
http://bale-1x2.com/wp-content/themes/comicpress/js/ddsmoothmenu.js?ver=4.8.19
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
HTTP/1.1
Server
79.124.76.70 , Bulgaria, ASN31083 (TELEPOINT, BG),
Reverse DNS
qrypto.ns1.bg
Software
Apache /
Resource Hash
978adf488d3a5c980a07bb3674ea818a30b4a244abcbc39a161c47c1c93ff7fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Thu, 02 Jun 2022 11:03:15 GMT
Last-Modified
Tue, 24 Apr 2018 19:38:23 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
8544
menubar.js
bale-1x2.com/wp-content/themes/comicpress/js/
337 B
583 B
Script
General
Full URL
http://bale-1x2.com/wp-content/themes/comicpress/js/menubar.js?ver=4.8.19
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
HTTP/1.1
Server
79.124.76.70 , Bulgaria, ASN31083 (TELEPOINT, BG),
Reverse DNS
qrypto.ns1.bg
Software
Apache /
Resource Hash
c3befe366b3cdcc5e3f3296838fb8d4922cf5e879b751d94fa2ca43633e5b422

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Thu, 02 Jun 2022 11:03:15 GMT
Last-Modified
Tue, 24 Apr 2018 19:38:23 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
337
rpt.min.js
bale-1x2.com/wp-content/plugins/dk-pricr-responsive-pricing-table/inc/js/
317 B
563 B
Script
General
Full URL
http://bale-1x2.com/wp-content/plugins/dk-pricr-responsive-pricing-table/inc/js/rpt.min.js?ver=5.1.6
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
HTTP/1.1
Server
79.124.76.70 , Bulgaria, ASN31083 (TELEPOINT, BG),
Reverse DNS
qrypto.ns1.bg
Software
Apache /
Resource Hash
6a247cc4a7dfabf12ea2797a38fc01a2e762988d0ba7c8e6111a4f87f11733fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Thu, 02 Jun 2022 11:03:15 GMT
Last-Modified
Tue, 11 Jan 2022 20:56:07 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
317
h8DLmE4.gif
i.imgur.com/
1 MB
1 MB
Image
General
Full URL
https://i.imgur.com/h8DLmE4.gif
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
0c4e8572ece6010636559e41b4647def61eac263245949c1f773e6865c783058
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 11:03:15 GMT
x-content-type-options
nosniff
age
2191330
x-cache
HIT, HIT
x-amz-storage-class
STANDARD_IA
content-length
1491726
x-served-by
cache-iad-kcgs7200142-IAD, cache-hhn4073-HHN
last-modified
Mon, 15 Nov 2021 19:15:30 GMT
server
cat factory 1.0
x-timer
S1654167795.310021,VS0,VE5
etag
"ee843eb6b622d8ad231f3370fc6f1deb"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
RYZwqxx.gif
i.imgur.com/
211 KB
211 KB
Image
General
Full URL
https://i.imgur.com/RYZwqxx.gif
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
f0e61da538c1bb70cce72345e213662dc79c439a21dc9d605758df71cc6043e8
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 11:03:15 GMT
x-content-type-options
nosniff
age
1366119
x-cache
HIT, HIT
x-amz-storage-class
STANDARD_IA
content-length
215668
x-served-by
cache-iad-kcgs7200054-IAD, cache-hhn4073-HHN
last-modified
Fri, 26 Nov 2021 08:36:51 GMT
server
cat factory 1.0
x-timer
S1654167795.309681,VS0,VE2
etag
"1668c653d36c0f24d12bee841e1fb916"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
TIPICO-BET-FIXED-MATCHES.gif
tipico-bet.de/wp-content/uploads/2020/12/
Redirect Chain
  • https://tipico-bet.de/tipico-bet-fixed-matches/
  • https://tipico-bet.de/wp-content/uploads/2020/12/TIPICO-BET-FIXED-MATCHES.gif
24 KB
24 KB
Image
General
Full URL
https://tipico-bet.de/wp-content/uploads/2020/12/TIPICO-BET-FIXED-MATCHES.gif
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
H2
Server
151.106.100.24 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
cpl86.hosting24.com
Software
LiteSpeed /
Resource Hash
568c1ee244e86ae2156b9015866c76d0b5f2831e8f59c095beb957583d834a38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 11:03:15 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 29 Dec 2020 18:55:13 GMT
server
LiteSpeed
etag
"5eef-5feb7b91-0;;;"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block;
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
24303
x-content-type-options
nosniff
expires
Fri, 02 Jun 2023 11:03:15 GMT

Redirect headers

date
Thu, 02 Jun 2022 11:03:15 GMT
content-encoding
br
x-content-type-options
nosniff
x-powered-by
PHP/7.4.29
x-litespeed-cache
hit
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
16372
x-xss-protection
1; mode=block;
referrer-policy
no-referrer-when-downgrade
server
LiteSpeed
strict-transport-security
max-age=31536000
content-type
text/html; charset=UTF-8
location
https://tipico-bet.de/wp-content/uploads/2020/12/TIPICO-BET-FIXED-MATCHES.gif
vary
Accept-Encoding
link
<https://tipico-bet.de/wp-json/>; rel="https://api.w.org/", <https://tipico-bet.de/wp-json/wp/v2/media/104>; rel="alternate"; type="application/json", <https://tipico-bet.de/?p=104>; rel=shortlink
x-redirect-by
AIOSEO
Jzo0CPR.gif
i.imgur.com/
28 KB
28 KB
Image
General
Full URL
https://i.imgur.com/Jzo0CPR.gif
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
2b762fecb87e58f5844a903d1bebf600b8c5cfc27eaf41dc37d89fab09351c4f
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 11:03:15 GMT
x-content-type-options
nosniff
age
2057404
x-cache
HIT, HIT
content-length
29006
x-served-by
cache-iad-kiad7000085-IAD, cache-hhn4073-HHN
last-modified
Fri, 01 Sep 2017 11:49:16 GMT
server
cat factory 1.0
x-timer
S1654167795.309678,VS0,VE1
etag
"bcf9c20fb2715dc3fbd6dd8b60d0e02b"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
vmJrzzu.gif
i.imgur.com/
28 KB
28 KB
Image
General
Full URL
https://i.imgur.com/vmJrzzu.gif
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
ea63667040e04c8b26b15a0205e2e697630ae32f8f319d20710333449a8dcdca
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 11:03:15 GMT
x-content-type-options
nosniff
age
4484827
x-cache
HIT, HIT
content-length
28868
x-served-by
cache-iad-kcgs7200031-IAD, cache-hhn4073-HHN
last-modified
Wed, 27 Sep 2017 04:00:42 GMT
server
cat factory 1.0
x-timer
S1654167795.309639,VS0,VE1
etag
"261fb9c039dee39590d8c565483200de"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
2B4rT5b.gif
i.imgur.com/
39 KB
39 KB
Image
General
Full URL
https://i.imgur.com/2B4rT5b.gif
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
c5b72d3d785d5eecd7631ce5560686c23b5ce899697afaffdf90a1f83f4c95b9
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 11:03:15 GMT
x-content-type-options
nosniff
age
3802927
x-cache
HIT, HIT
content-length
39764
x-served-by
cache-iad-kjyo7100130-IAD, cache-hhn4073-HHN
last-modified
Sat, 14 Sep 2019 23:01:56 GMT
server
cat factory 1.0
x-timer
S1654167795.309637,VS0,VE1
etag
"995cfd3f3e908b5b8d2d79fe0924b3e5"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
VgsSKeh.gif
i.imgur.com/
Redirect Chain
  • http://i.imgur.com/VgsSKeh.gif
  • https://i.imgur.com/VgsSKeh.gif
18 KB
18 KB
Image
General
Full URL
https://i.imgur.com/VgsSKeh.gif
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
H2
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
12dea862c237e33430f7bc567e2dd1cbe5ef7a3c27b4b7db0581a7ad7d4efda8
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 11:03:15 GMT
x-content-type-options
nosniff
age
3732656
x-cache
HIT, HIT
content-length
18084
x-served-by
cache-iad-kjyo7100047-IAD, cache-hhn4073-HHN
last-modified
Thu, 14 Aug 2014 11:42:51 GMT
server
cat factory 1.0
x-timer
S1654167795.351167,VS0,VE1
etag
"c9e6b99d9e62eacef33a8533a1f109ce"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1

Redirect headers

Date
Thu, 02 Jun 2022 11:03:15 GMT
Server
cat factory 1.0
X-Timer
S1654167795.286394,VS0,VE0
X-Served-By
cache-hhn4055-HHN
Strict-Transport-Security
max-age=300
Access-Control-Allow-Methods
GET, OPTIONS
Location
https://i.imgur.com/VgsSKeh.gif
X-Cache
HIT
Connection
close
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
0
Retry-After
0
X-Cache-Hits
0
kfTulpR.gif
i.imgur.com/
147 KB
147 KB
Image
General
Full URL
https://i.imgur.com/kfTulpR.gif
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
5480788d03864e5a39ec0f9607bd3fa716ba63e9d4a963936a9e4660509b6b4e
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 11:03:15 GMT
x-content-type-options
nosniff
age
3790593
x-cache
HIT, HIT
x-amz-storage-class
STANDARD_IA
content-length
150477
x-served-by
cache-iad-kiad7000021-IAD, cache-hhn4073-HHN
last-modified
Mon, 22 Nov 2021 18:46:19 GMT
server
cat factory 1.0
x-timer
S1654167795.309601,VS0,VE2
etag
"217412ab46a3f6aeb5a35a4b40fbdb6b"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
giphy.gif
media0.giphy.com/media/3mJpUDBH8EmAlx6pnz/
332 KB
333 KB
Image
General
Full URL
https://media0.giphy.com/media/3mJpUDBH8EmAlx6pnz/giphy.gif
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.194.2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cdf88cdb5ed91b7de7902837a6c56f6b72842d4821c13a89f26456db6cf2d103
Security Headers
Name Value
Strict-Transport-Security max-age=15465600

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 11:03:15 GMT
via
1.1 varnish, 1.1 varnish
age
188087
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
340389
x-served-by
cache-iad-kcgs7200046-IAD, cache-hhn4024-HHN
last-modified
Thu, 14 Mar 2019 03:19:59 GMT
x-timer
S1654167795.358949,VS0,VE1
etag
"7ff68366c959fbee18bc780b16283b12"
strict-transport-security
max-age=15465600
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-cache-hits
1, 1
grunge-green-best-offer-square-rubber-seal-stamp-white-background-grunge-green-best-offer-square-rubber-seal-stamp-white-139591965.jpg
thumbs.dreamstime.com/b/
68 KB
68 KB
Image
General
Full URL
https://thumbs.dreamstime.com/b/grunge-green-best-offer-square-rubber-seal-stamp-white-background-grunge-green-best-offer-square-rubber-seal-stamp-white-139591965.jpg
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.122 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6752) /
Resource Hash
d386832606f5ba01eb981129df26c7c315ac659d86ffcb5cf79fdd8d88f91b41

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 11:03:15 GMT
last-modified
Thu, 18 Feb 2021 21:53:21 GMT
server
ECS (frb/6752)
age
16157274
etag
"1362845195"
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
69684
expires
Fri, 02 Jun 2023 11:03:15 GMT
Qwy5kam.gif
i.imgur.com/
96 KB
96 KB
Image
General
Full URL
https://i.imgur.com/Qwy5kam.gif
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
04f3121676187156cab6dcf830fe6bb18aecf0c9bf42bfb79abb69879c151064
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 11:03:15 GMT
x-content-type-options
nosniff
age
1306641
x-cache
HIT, HIT
content-length
97848
x-served-by
cache-iad-kcgs7200179-IAD, cache-hhn4073-HHN
last-modified
Mon, 22 Nov 2021 19:16:45 GMT
server
cat factory 1.0
x-timer
S1654167795.325244,VS0,VE1
etag
"337331c660cade1f2768bce8b06eb564"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
loading-buffering.gif
c.tenor.com/I6kN-6X7nhAAAAAj/
40 KB
41 KB
Image
General
Full URL
https://c.tenor.com/I6kN-6X7nhAAAAAj/loading-buffering.gif
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2eff2ae61047456178738bb7f10017cd66509ef3a547d5e3666267c7f4943b66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 18:51:55 GMT
x-content-type-options
nosniff
age
58280
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-tenor-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40957
x-xss-protection
0
last-modified
Mon, 25 May 2020 20:57:05 GMT
server
sffe
report-to
{"group":"media-tenor-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-tenor-team"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="media-tenor-team"
expires
Thu, 02 Jun 2022 18:51:55 GMT
6PbeLde.gif
i.imgur.com/
110 KB
110 KB
Image
General
Full URL
https://i.imgur.com/6PbeLde.gif
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
260635771fab6b5e5bcd8030002e4164904c54c321b11b228b149c9953ffa2eb
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 11:03:15 GMT
x-content-type-options
nosniff
age
2591123
x-cache
HIT, HIT
content-length
112829
x-served-by
cache-iad-kiad7000028-IAD, cache-hhn4073-HHN
last-modified
Mon, 22 Nov 2021 18:57:59 GMT
server
cat factory 1.0
x-timer
S1654167795.325226,VS0,VE2
etag
"cfee6f765e5638fc2bd1f4107a0a5b54"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
images
encrypted-tbn0.gstatic.com/
6 KB
6 KB
Image
General
Full URL
https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcRyKChQkdzR-2uCwSqlHcRPgJw8x1dpsv1ffw&usqp=CAU
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a646968cf52a12f798ced5cc88c63e488f9e19a81e915e54de78722fd55f984
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 11:03:15 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6002
x-xss-protection
0
last-modified
Fri, 31 Dec 2021 22:03:59 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Fri, 02 Jun 2023 11:03:15 GMT
idea-pc-256x256.png
www.melissa.com/images17/
16 KB
16 KB
Image
General
Full URL
https://www.melissa.com/images17/idea-pc-256x256.png
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
12.203.219.57 Lake Forest, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5b8b5f78c31ae03f307a17032438b6cbce106418b505f795274b5893a541c364
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Thu, 02 Jun 2022 11:03:14 GMT
Last-Modified
Tue, 31 Mar 2020 17:35:37 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"1fd970ca827d61:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
public,max-age=31536000
Accept-Ranges
bytes
Content-Length
16076
29430004-verified-stamp.jpg
previews.123rf.com/images/arcady31/arcady311406/arcady31140600029/
101 KB
102 KB
Image
General
Full URL
https://previews.123rf.com/images/arcady31/arcady311406/arcady31140600029/29430004-verified-stamp.jpg
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-11.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f3b8fe6416604885502028363c076eaf8bc9c603f72dfa9ccac1f99a4e88b617

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 16 May 2022 01:28:57 GMT
via
1.1 3b5a3bc53642845f1ba1a839609aac0e.cloudfront.net (CloudFront)
last-modified
Wed, 01 Dec 2021 08:26:41 GMT
server
AmazonS3
age
1503259
etag
"4426280bf93498f1aff725204a1645eb"
x-cache
Hit from cloudfront
content-type
image/webp
access-control-allow-origin
*
content-length
103528
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
x-amz-request-id
WPXYDFZ81Q2PH5EV
x-amz-id-2
2HaTriDwkenb7D7tSufb4E2fUUF8Ao4MGUfHHYn5v7GaS9nT9d6Q9hjP5aWQQsWfoCx+sTWRQMo=
x-amz-cf-id
GkTAFEBYNcwl9BrBaN2rlCWYUseLlu_La5fMR_mvOAkT18M6-9Poxw==
hcgITNF.gif
i.imgur.com/
27 KB
28 KB
Image
General
Full URL
https://i.imgur.com/hcgITNF.gif
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
e6d2ff6f6f57d1c3d4858561fa47f996a0e3c2df55c618bd4c18757627c38cae
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 11:03:15 GMT
x-content-type-options
nosniff
age
2052817
x-cache
HIT, HIT
content-length
27882
x-served-by
cache-iad-kiad7000122-IAD, cache-hhn4073-HHN
last-modified
Sun, 05 Jan 2020 15:51:12 GMT
server
cat factory 1.0
x-timer
S1654167795.351945,VS0,VE1
etag
"bb7e77cc3cce79a6f6a1e8648a1cfb2b"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
baner.gif
tipssingle.club/
7 KB
7 KB
Image
General
Full URL
http://tipssingle.club/baner.gif
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
HTTP/1.1
Server
164.138.218.220 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),
Reverse DNS
host-164-138-218-220.superhosting.bg
Software
Apache /
Resource Hash
43414839636281401dda82b3428eeec62f6c28b3d2f654ff11e90d9b3b00130e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Thu, 02 Jun 2022 11:03:14 GMT
Last-Modified
Tue, 19 Jan 2016 17:53:56 GMT
Server
Apache
ETag
"c6a0982-1ad2-529b38da77500"
Upgrade
h2,h2c
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
image/gif
Keep-Alive
timeout=5, max=100
Content-Length
6866
A1hPfIa.gif
i.imgur.com/
Redirect Chain
  • http://i.imgur.com/A1hPfIa.gif
  • https://i.imgur.com/A1hPfIa.gif
27 KB
28 KB
Image
General
Full URL
https://i.imgur.com/A1hPfIa.gif
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
H2
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
734c427ccfbe9fadc4649e89ba5eebe4bd96fbb6005bdfe3d01e8525c8a80ce1
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 11:03:15 GMT
x-content-type-options
nosniff
age
1969436
x-cache
HIT, HIT
content-length
28064
x-served-by
cache-iad-kiad7000023-IAD, cache-hhn4073-HHN
last-modified
Sun, 12 Jul 2015 15:03:16 GMT
server
cat factory 1.0
x-timer
S1654167795.391538,VS0,VE1
etag
"5f17ec9168a85dae29ef0e978c1b7cf2"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1

Redirect headers

Location
https://i.imgur.com/A1hPfIa.gif
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
3Wdv6CC.gif
i.imgur.com/
Redirect Chain
  • http://i.imgur.com/3Wdv6CC.gif
  • https://i.imgur.com/3Wdv6CC.gif
17 KB
17 KB
Image
General
Full URL
https://i.imgur.com/3Wdv6CC.gif
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
H2
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
fb65c83da3c49222590ec392de86009d1d30ed99167d64f55b84c623f830eb57
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 11:03:15 GMT
x-content-type-options
nosniff
age
1396528
x-cache
HIT, HIT
content-length
17285
x-served-by
cache-iad-kcgs7200056-IAD, cache-hhn4073-HHN
last-modified
Wed, 24 Feb 2016 00:24:30 GMT
server
cat factory 1.0
x-timer
S1654167795.392128,VS0,VE1
etag
"904659ce8c80722581fa1329e75183b9"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1

Redirect headers

Location
https://i.imgur.com/3Wdv6CC.gif
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
9kqESnr.gif
i.imgur.com/
49 KB
49 KB
Image
General
Full URL
https://i.imgur.com/9kqESnr.gif
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
0ac4d6bc9b8f6ffdbc874645697631ccaee283eac7e192af6e94ca3d58b127b1
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 11:03:15 GMT
x-content-type-options
nosniff
age
2053426
x-cache
HIT, HIT
content-length
49830
x-served-by
cache-iad-kcgs7200039-IAD, cache-hhn4073-HHN
last-modified
Mon, 14 Oct 2019 21:01:28 GMT
server
cat factory 1.0
x-timer
S1654167795.390991,VS0,VE1
etag
"a5c3f3a7e43d8240121129f45e08995b"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
9H7aJGk.gif
i.imgur.com/
22 KB
23 KB
Image
General
Full URL
https://i.imgur.com/9H7aJGk.gif
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
621a5be7b3117052266d7e5aa14610a38b9bf9927434959954745d593d692917
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 11:03:15 GMT
x-content-type-options
nosniff
age
1774378
x-cache
HIT, HIT
content-length
23004
x-served-by
cache-iad-kcgs7200077-IAD, cache-hhn4073-HHN
last-modified
Thu, 12 May 2022 22:10:18 GMT
server
cat factory 1.0
x-timer
S1654167795.390958,VS0,VE1
etag
"849c76c0283bc819f3d4b801bdd04dcf"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
UOgww4p.gif
i.imgur.com/
27 KB
28 KB
Image
General
Full URL
https://i.imgur.com/UOgww4p.gif
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
843a97bced5917607d0c29348b32cea2ef5fe4baa12004b686ca61eb4e6ddafe
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 11:03:15 GMT
x-content-type-options
nosniff
age
2523790
x-cache
HIT, HIT
content-length
28135
x-served-by
cache-iad-kjyo7100174-IAD, cache-hhn4073-HHN
last-modified
Wed, 02 Mar 2022 21:01:01 GMT
server
cat factory 1.0
x-timer
S1654167795.391065,VS0,VE0
etag
"a2a71e41a784234665410abd83bb5e08"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 12271
a6lbBfp.gif
web.archive.org/web/20161016030802im_/http://i.imgur.com/
Redirect Chain
  • https://web.archive.org/web/20160928123724im_/http://i.imgur.com/a6lbBfp.gif
  • https://web.archive.org/web/20161016030802im_/http://i.imgur.com/a6lbBfp.gif
19 KB
21 KB
Image
General
Full URL
https://web.archive.org/web/20161016030802im_/http://i.imgur.com/a6lbBfp.gif
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
H2
Server
207.241.237.3 San Francisco, United States, ASN7941 (INTERNET-ARCHIVE, US),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
d23064d5ed81b54e10b5b01daa6bf661b2a8f8037d26e3feae8cbbb86afa58af
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-inline' data: blob: archive.org web.archive.org analytics.archive.org pragma.archivelab.org

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
default-src 'self' 'unsafe-eval' 'unsafe-inline' data: blob: archive.org web.archive.org analytics.archive.org pragma.archivelab.org
x-rl
0
x-cache-key
httpsweb.archive.orgde-DE,de;q=0.9/web/20161016030802im_/http://i.imgur.com/a6lbBfp.gifDE
x-archive-orig-x-served-by
cache-iad2138-IAD, cache-sjc3644-SJC
x-archive-orig-fastly-debug-digest
1264472f8e8c3207448c1f903f2c33934306684e6dbc7a8c0c8674ab7601a8a3
server-timing
captures_list;dur=506.280562, exclusion.robots;dur=0.195227, exclusion.robots.policy;dur=0.187618, cdx.remote;dur=0.072557, esindex;dur=0.008918, LoadShardBlock;dur=69.659987, PetaboxLoader3.datanode;dur=245.129828, CDXLines.iter;dur=13.403377, load_resource;dur=1283.737706, PetaboxLoader3.resolve;dur=1089.598230
x-page-cache
MISS
x-archive-orig-access-control-allow-methods
GET, OPTIONS
referrer-policy
no-referrer-when-downgrade
x-archive-orig-access-control-allow-origin
*
x-archive-orig-accept-ranges
bytes
x-archive-orig-cache-control
public, max-age=31536000
content-type
image/gif
x-archive-orig-x-timer
S1476587282.962878,VS0,VE0
cache-control
max-age=1800
memento-datetime
Sun, 16 Oct 2016 03:08:02 GMT
link
<http://i.imgur.com/a6lbBfp.gif>; rel="original", <https://web.archive.org/web/timemap/link/http://i.imgur.com/a6lbBfp.gif>; rel="timemap"; type="application/link-format", <https://web.archive.org/web/http://i.imgur.com/a6lbBfp.gif>; rel="timegate", <https://web.archive.org/web/20130629123202/http://i.imgur.com/a6lbBfp.gif>; rel="first memento"; datetime="Sat, 29 Jun 2013 12:32:02 GMT", <https://web.archive.org/web/20160119015826/http://i.imgur.com/a6lbBfp.gif>; rel="prev memento"; datetime="Tue, 19 Jan 2016 01:58:26 GMT", <https://web.archive.org/web/20161016030802/http://i.imgur.com/a6lbBfp.gif>; rel="memento"; datetime="Sun, 16 Oct 2016 03:08:02 GMT", <https://web.archive.org/web/20161029125259/http://i.imgur.com/a6lbBfp.gif>; rel="next memento"; datetime="Sat, 29 Oct 2016 12:52:59 GMT", <https://web.archive.org/web/20220121171454/https://i.imgur.com/a6lbBfp.gif>; rel="last memento"; datetime="Fri, 21 Jan 2022 17:14:54 GMT"
x-archive-orig-x-cache-hits
10, 1
date
Thu, 02 Jun 2022 11:03:18 GMT
x-archive-orig-date
Sun, 16 Oct 2016 03:08:02 GMT
x-archive-orig-last-modified
Fri, 08 Feb 2013 13:20:49 GMT
x-app-server
wwwb-app219
x-location
All
x-nid
-
x-archive-orig-etag
"56a9edf7bbce8beef52d497783321aff"
x-archive-orig-age
4895556
x-archive-orig-x-cache
HIT, HIT
content-length
19493
x-archive-src
WIDE-20161016022538-crawl427/WIDE-20161016024633-00596.warc.gz
x-ts
200
x-archive-guessed-content-type
image/gif
x-archive-orig-server
cat factory 1.0
server
nginx/1.19.5
x-tr
1802
x-na
0
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-archive-orig-content-length
19493
x-archive-orig-connection
close

Redirect headers

date
Thu, 02 Jun 2022 11:03:16 GMT
x-rl
0
x-app-server
wwwb-app224
x-cache-key
httpsweb.archive.orgde-DE,de;q=0.9/web/20160928123724im_/http://i.imgur.com/a6lbBfp.gifDE
x-location
All
x-nid
-
server-timing
captures_list;dur=109.353636, exclusion.robots;dur=0.202494, exclusion.robots.policy;dur=0.195072, RedisCDXSource;dur=11.875757, esindex;dur=0.007485, LoadShardBlock;dur=81.822532, PetaboxLoader3.datanode;dur=64.746079, CDXLines.iter;dur=13.106894
content-length
0
x-archive-redirect-reason
found capture at 20161016030802
x-ts
302
referrer-policy
no-referrer-when-downgrade
server
nginx/1.19.5
x-page-cache
MISS
x-tr
112
x-na
0
content-type
text/plain; charset=utf-8
location
https://web.archive.org/web/20161016030802im_/http://i.imgur.com/a6lbBfp.gif
permissions-policy
interest-cohort=()
banner.gif
luxury-bets.com/wp-content/uploads/2021/02/
73 KB
73 KB
Image
General
Full URL
https://luxury-bets.com/wp-content/uploads/2021/02/banner.gif
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.136.33.224 , Lithuania, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
cpl82.hosting24.com
Software
LiteSpeed /
Resource Hash
b303c01d8ada1d6a3baaf071705b7ed2b88d482bd3d566d694afba8dd1a4bfbe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 11:03:15 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Feb 2021 22:11:24 GMT
server
LiteSpeed
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
74603
x-xss-protection
1; mode=block;
expires
Thu, 09 Jun 2022 11:03:15 GMT
max-tips_1.gif
tips-free.com/wp-content/uploads/2020/02/
366 KB
367 KB
Image
General
Full URL
http://tips-free.com/wp-content/uploads/2020/02/max-tips_1.gif
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
HTTP/1.1
Server
68.66.248.41 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS
nl1-ls13.a2hosting.com
Software
LiteSpeed /
Resource Hash
396513086f694eaea1441f4cea1838282449065d9407b9c0d600105c59bbef59
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 11:03:16 GMT
x-content-type-options
nosniff
last-modified
Tue, 25 Feb 2020 23:40:01 GMT
server
LiteSpeed
x-frame-options
SAMEORIGIN
Connection
Keep-Alive
content-type
image/gif
cache-control
max-age=604800, public
strict-transport-security
max-age=63072000; includeSubDomains
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
374969
expires
Thu, 09 Jun 2022 11:03:16 GMT
daretipovi.png
europol-fixed.com/wp-content/uploads/2017/10/
25 KB
25 KB
Image
General
Full URL
https://europol-fixed.com/wp-content/uploads/2017/10/daretipovi.png
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3a635fa5aef8ffe7d02ed57520a8c1bbc218153c82587e020f42076605673fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 11:03:15 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
552063
strict-transport-security
max-age=31536000
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
25369
x-xss-protection
1; mode=block;
last-modified
Sat, 27 Jun 2020 09:29:13 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NLsLkHvDp4E%2BPK2o%2FU21dsuOlnmhJJxVRfYm3JYhk9AI5Z5rgWSkC21nfNgfgMkE5q7TvfcFBf%2FQK6lHFbdKchk0mRZP2edklA7ysSIJiWUBmypjqv2ISc%2BHIHOkH0K6p7dFvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
714fb391fbeb9091-FRA
expires
Fri, 03 Jun 2022 01:42:12 GMT
EjYXovc.gif
i.imgur.com/
Redirect Chain
  • http://i.imgur.com/EjYXovc.gif
  • https://i.imgur.com/EjYXovc.gif
14 KB
15 KB
Image
General
Full URL
https://i.imgur.com/EjYXovc.gif
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
H2
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
9d0e0a4e07a3dbfb5d59ef4232641a4e96cc372553c670d214d3aa129929cd80
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 11:03:15 GMT
x-content-type-options
nosniff
age
3807349
x-cache
HIT, HIT
content-length
14843
x-served-by
cache-iad-kcgs7200088-IAD, cache-hhn4073-HHN
last-modified
Fri, 25 Mar 2016 00:39:29 GMT
server
cat factory 1.0
x-timer
S1654167796.513018,VS0,VE1
etag
"a3e2b802ad8ff0ee56f5643b68b4a767"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1

Redirect headers

Location
https://i.imgur.com/EjYXovc.gif
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
mmF1u2y.png
i.imgur.com/
12 KB
12 KB
Image
General
Full URL
https://i.imgur.com/mmF1u2y.png
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
b36ea879a9910704ecdbd62f9d60206dadab7a18096172b04aa9fc7ec042a97c
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 11:03:15 GMT
x-content-type-options
nosniff
age
3796940
x-cache
HIT, HIT
content-length
12137
x-served-by
cache-iad-kcgs7200131-IAD, cache-hhn4073-HHN
last-modified
Tue, 17 Nov 2020 21:40:19 GMT
server
cat factory 1.0
x-timer
S1654167796.512697,VS0,VE1
etag
"c7e91bc3f1a7518f3e5f3466753ab66b"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
senka-1.png
www.topbet-fixed.com/wp-content/uploads/2016/04/
Redirect Chain
  • http://www.topbet-fixed.com/wp-content/uploads/2016/04/senka-1.png
  • https://www.topbet-fixed.com/wp-content/uploads/2016/04/senka-1.png
2 KB
2 KB
Image
General
Full URL
https://www.topbet-fixed.com/wp-content/uploads/2016/04/senka-1.png
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
H2
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d92b75eb3940c32f61f6863129f36dfabf5028fd29fb2a9c502348d7ea5f1e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 11:03:15 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
187479
strict-transport-security
max-age=31536000
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1630
x-xss-protection
1; mode=block;
last-modified
Tue, 08 Oct 2019 19:42:45 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WC%2F%2Fjzzcv41IfCrt%2BHib8e%2BLNZ6sEeOK1GBWfe0%2FCD%2FqhaK7mgx9%2FgvAc4E1PoowRfsTDr4hEXLx5HS6wpgUwWKC%2FSpOijsO4LnPQDOs8kNMlHIMwH61tXMpC6YhN4%2FTXx8hQb5iWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
714fb392ece79101-FRA
expires
Tue, 07 Jun 2022 06:58:36 GMT

Redirect headers

Date
Thu, 02 Jun 2022 11:03:15 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rpoblFIbPs9YqzUVsgfaXpMMk%2FwQv3nf8KjMGqeLFmOpJCq%2Fq9ufStqiAIcOx8eGcI4aQyBzubHO7LC4I06ToCNuMh9gyP%2FR%2FIm0tjZAQpZVG%2BhA37DndzxbV9stPzI16wACOaE4lA%3D%3D"}],"group":"cf-nel","max_age":604800}
Location
https://www.topbet-fixed.com/wp-content/uploads/2016/04/senka-1.png
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
714fb3926db58ff4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Expires
Thu, 02 Jun 2022 12:03:15 GMT
baner.gif
odd1x2.com/wp-content/uploads/2015/11/
26 KB
26 KB
Image
General
Full URL
http://odd1x2.com/wp-content/uploads/2015/11/baner.gif
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
HTTP/1.1
Server
79.124.76.70 , Bulgaria, ASN31083 (TELEPOINT, BG),
Reverse DNS
qrypto.ns1.bg
Software
Apache /
Resource Hash
5fc16b3f7c42f4ad7bbb4455dfc43c02705feb9e1e77abb3c618455e619b314f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Thu, 02 Jun 2022 11:03:15 GMT
Last-Modified
Sun, 29 Apr 2018 06:20:57 GMT
Server
Apache
Upgrade
h2,h2c
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
image/gif
Keep-Alive
timeout=5
Content-Length
26182
3VgdRXm.gif
i.imgur.com/
344 KB
344 KB
Image
General
Full URL
https://i.imgur.com/3VgdRXm.gif
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
893a2b2f616526674cab59574854d371420c6f59bf9300eb7a191e58218a58a3
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 11:03:15 GMT
x-content-type-options
nosniff
age
3199643
x-cache
HIT, HIT
x-amz-storage-class
STANDARD_IA
content-length
352082
x-served-by
cache-iad-kcgs7200046-IAD, cache-hhn4073-HHN
last-modified
Tue, 10 Sep 2019 12:11:53 GMT
server
cat factory 1.0
x-timer
S1654167796.553546,VS0,VE2
etag
"7d268976a6ddcf93c189d80a02167801"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
oTa0Qd3.gif
i.imgur.com/
32 KB
32 KB
Image
General
Full URL
https://i.imgur.com/oTa0Qd3.gif
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
ef9880ae811ae7aec1e4c2d84ff89c7df2e7d0c17a6964d5005698bf8cf3c3b4
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 11:03:15 GMT
x-content-type-options
nosniff
age
2605818
x-cache
HIT, HIT
content-length
32362
x-served-by
cache-iad-kiad7000138-IAD, cache-hhn4073-HHN
last-modified
Tue, 10 Sep 2019 11:49:35 GMT
server
cat factory 1.0
x-timer
S1654167796.554027,VS0,VE1
etag
"ea1494bd4d754c8af670471ab62ace86"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
qF6KQsc.gif
i.imgur.com/
281 KB
282 KB
Image
General
Full URL
https://i.imgur.com/qF6KQsc.gif
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
a22035c79975bf3b9b13c0f63dc86573f47169eb0d24fb085da4ea25acfe6c6b
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 11:03:15 GMT
x-content-type-options
nosniff
age
2050806
x-cache
HIT, HIT
x-amz-storage-class
STANDARD_IA
content-length
288239
x-served-by
cache-iad-kiad7000150-IAD, cache-hhn4073-HHN
last-modified
Tue, 10 Sep 2019 11:08:35 GMT
server
cat factory 1.0
x-timer
S1654167796.554006,VS0,VE1
etag
"bb22cbd39c2134754c0e48a089c4c7bf"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
JJAHOMn.gif
i.imgur.com/
26 KB
26 KB
Image
General
Full URL
https://i.imgur.com/JJAHOMn.gif
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
d47f6848916d128c03d9651e9362cd9edffcad685c538c06b25d60e23a039f21
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 11:03:15 GMT
x-content-type-options
nosniff
age
175297
x-cache
HIT, HIT
content-length
26321
x-served-by
cache-iad-kcgs7200088-IAD, cache-hhn4073-HHN
last-modified
Tue, 10 Sep 2019 12:01:31 GMT
server
cat factory 1.0
x-timer
S1654167796.553991,VS0,VE1
etag
"3c1aa10562bbb2f625dc218734e87a96"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
ai9p1CJ.gif
i.imgur.com/
8 KB
8 KB
Image
General
Full URL
https://i.imgur.com/ai9p1CJ.gif
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
5f7c513bc3182404e8e6018e90fdc63727a3bb5fe756e4270acad0c58d81e80e
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 11:03:15 GMT
x-content-type-options
nosniff
age
2589481
x-cache
HIT, HIT
content-length
7745
x-served-by
cache-iad-kcgs7200110-IAD, cache-hhn4073-HHN
last-modified
Fri, 11 Mar 2022 09:19:23 GMT
server
cat factory 1.0
x-timer
S1654167796.553976,VS0,VE1
etag
"01726cd3f813cf4e2679f3d85e54a13b"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
70JCw6V.gif
i.imgur.com/
97 KB
97 KB
Image
General
Full URL
https://i.imgur.com/70JCw6V.gif
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
4d3b683aa8a64160a7cca3c82211dfc7e2752f430e76f5acb3b9a1a401ac37e1
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 11:03:15 GMT
x-content-type-options
nosniff
age
2585359
x-cache
HIT, HIT
content-length
99565
x-served-by
cache-iad-kjyo7100097-IAD, cache-hhn4073-HHN
last-modified
Tue, 10 Sep 2019 11:12:54 GMT
server
cat factory 1.0
x-timer
S1654167796.554004,VS0,VE1
etag
"9e5e66d1daa1328e42efb72201ccc76c"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
0kkismY.gif
i.imgur.com/
30 KB
30 KB
Image
General
Full URL
https://i.imgur.com/0kkismY.gif
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
f5b719f6445eaba36c7bd1fde6e44d3e46ad8e1bc1b0a037f4b74d6cf32c5ab3
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 11:03:15 GMT
x-content-type-options
nosniff
age
1379147
x-cache
HIT, HIT
content-length
30279
x-served-by
cache-iad-kjyo7100157-IAD, cache-hhn4073-HHN
last-modified
Tue, 10 Sep 2019 12:38:58 GMT
server
cat factory 1.0
x-timer
S1654167796.553949,VS0,VE1
etag
"5dfe9c4e6edf435254b6e646ff1b9e1c"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
hjIpX0c.gif
i.imgur.com/
25 KB
26 KB
Image
General
Full URL
https://i.imgur.com/hjIpX0c.gif
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
c5299d1a88e3a9c13cc906fee3a0600668b170e1ebbd8218d593f9f6f44cc598
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 11:03:15 GMT
x-content-type-options
nosniff
age
1316561
x-cache
HIT, HIT
content-length
25963
x-served-by
cache-iad-kcgs7200046-IAD, cache-hhn4073-HHN
last-modified
Tue, 16 Jul 2019 23:20:47 GMT
server
cat factory 1.0
x-timer
S1654167796.553927,VS0,VE1
etag
"8dd9b0ab489d58523f98c4cb967a3cb5"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
paok-tip-baner.gif
paok-tip.com/wp-content/uploads/2014/09/
7 KB
8 KB
Image
General
Full URL
http://paok-tip.com/wp-content/uploads/2014/09/paok-tip-baner.gif
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
HTTP/1.1
Server
79.124.76.70 , Bulgaria, ASN31083 (TELEPOINT, BG),
Reverse DNS
qrypto.ns1.bg
Software
Apache /
Resource Hash
6e455b9d541809b0afef8f519150c79b90d8d5b140b1c2c151e9066d132f9434

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Thu, 02 Jun 2022 11:03:15 GMT
Last-Modified
Tue, 16 Sep 2014 21:08:54 GMT
Server
Apache
Upgrade
h2,h2c
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
image/gif
Keep-Alive
timeout=5
Content-Length
7601
Q8NKoHW.gif
bet-12.com/wp-content/uploads/2018/04/
Redirect Chain
  • http://bet-12.com/wp-content/uploads/2018/04/Q8NKoHW.gif
  • https://bet-12.com/wp-content/uploads/2018/04/Q8NKoHW.gif
17 KB
17 KB
Image
General
Full URL
https://bet-12.com/wp-content/uploads/2018/04/Q8NKoHW.gif
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
H2
Server
66.29.132.92 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium201-2.web-hosting.com
Software
LiteSpeed /
Resource Hash
3d3c840728b1bfc52f51b3a101f46b9867e1a3feea4d191eea0b29ec83dc616a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 11:03:16 GMT
last-modified
Wed, 11 Aug 2021 11:58:50 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=10368000,public
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
17155
expires
Fri, 30 Sep 2022 11:03:16 GMT

Redirect headers

location
https://bet-12.com/wp-content/uploads/2018/04/Q8NKoHW.gif
date
Thu, 02 Jun 2022 11:03:15 GMT
x-turbo-charged-by
LiteSpeed
server
LiteSpeed
keep-alive
timeout=5, max=100
content-length
707
content-type
text/html
WYNoH7r.gif
i.imgur.com/
19 KB
19 KB
Image
General
Full URL
https://i.imgur.com/WYNoH7r.gif
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
df730591062fdb5330502f665810899910d2af295c63df6b51addf7409c7e1ad
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 11:03:15 GMT
x-content-type-options
nosniff
age
4129398
x-cache
HIT, HIT
content-length
19692
x-served-by
cache-iad-kjyo7100163-IAD, cache-hhn4073-HHN
last-modified
Mon, 30 Apr 2018 07:36:28 GMT
server
cat factory 1.0
x-timer
S1654167796.554206,VS0,VE1
etag
"0ab122dd8d54b536cd98297a19c283f4"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
FGpFC0R.gif
i.imgur.com/
16 KB
16 KB
Image
General
Full URL
https://i.imgur.com/FGpFC0R.gif
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
f835fdb96443a160a95f1267419115c41f1282e726c5b4d8bc47a2c4a4140735
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 11:03:15 GMT
x-content-type-options
nosniff
age
783311
x-cache
HIT, HIT
content-length
16637
x-served-by
cache-iad-kjyo7100109-IAD, cache-hhn4073-HHN
last-modified
Tue, 10 Sep 2019 12:57:11 GMT
server
cat factory 1.0
x-timer
S1654167796.554290,VS0,VE1
etag
"9fed4e010aabd401af4d033cec985f9d"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
anigif.gif
wolves-tip.com/wp-content/uploads/2021/02/
17 KB
18 KB
Image
General
Full URL
https://wolves-tip.com/wp-content/uploads/2021/02/anigif.gif
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
217.174.149.198 , Bulgaria, ASN31083 (TELEPOINT, BG),
Reverse DNS
pliska.ns1.bg
Software
Apache /
Resource Hash
de7099b604e8e1ad026aa176b5a7847deeeb880b19688efba0adbdbdae13c162

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 11:03:15 GMT
last-modified
Wed, 17 Feb 2021 19:08:02 GMT
server
Apache
accept-ranges
bytes
content-length
17893
content-type
image/gif
nKVrMku.gif
i.imgur.com/
11 KB
12 KB
Image
General
Full URL
https://i.imgur.com/nKVrMku.gif
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
73f638ec6f41babe70fe0669644c1f7739dda46f7abb73feb4c438915bb42b68
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 11:03:15 GMT
x-content-type-options
nosniff
age
4478257
x-cache
HIT, HIT
content-length
11663
x-served-by
cache-iad-kcgs7200080-IAD, cache-hhn4073-HHN
last-modified
Wed, 11 Aug 2021 11:07:21 GMT
server
cat factory 1.0
x-timer
S1654167796.682260,VS0,VE1
etag
"26fc4ae1575460a2d55a942fe376b214"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
betwin-baner11.gif
betwin-365.com/wp-content/uploads/2014/09/
8 KB
8 KB
Image
General
Full URL
http://betwin-365.com/wp-content/uploads/2014/09/betwin-baner11.gif
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
HTTP/1.1
Server
79.124.76.70 , Bulgaria, ASN31083 (TELEPOINT, BG),
Reverse DNS
qrypto.ns1.bg
Software
Apache /
Resource Hash
a9ac89439476a7bc1547f0b5b588483471d2e5ed91781606b1da38fd04753f09

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Thu, 02 Jun 2022 11:03:15 GMT
Last-Modified
Tue, 01 Sep 2015 13:00:24 GMT
Server
Apache
Upgrade
h2,h2c
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
image/gif
Keep-Alive
timeout=5
Content-Length
8005
mega.gif
mega-match1x2.com/wp-content/uploads/2017/06/
61 KB
61 KB
Image
General
Full URL
http://mega-match1x2.com/wp-content/uploads/2017/06/mega.gif
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
HTTP/1.1
Server
79.124.76.70 , Bulgaria, ASN31083 (TELEPOINT, BG),
Reverse DNS
qrypto.ns1.bg
Software
Apache /
Resource Hash
c74e9e5b18789c6c73d5cefc75c3d409250d3225d947c21f8f9713f960f9977d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Thu, 02 Jun 2022 11:03:15 GMT
Last-Modified
Wed, 07 Jun 2017 12:34:49 GMT
Server
Apache
Upgrade
h2,h2c
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
image/gif
Keep-Alive
timeout=5
Content-Length
62176
smart_bet1x2_baner.gif
smart-bet1x2.com/wp-content/uploads/2016/03/
Redirect Chain
  • http://smart-bet1x2.com/wp-content/uploads/2016/03/smart_bet1x2_baner.gif
  • https://smart-bet1x2.com/wp-content/uploads/2016/03/smart_bet1x2_baner.gif
276 KB
276 KB
Image
General
Full URL
https://smart-bet1x2.com/wp-content/uploads/2016/03/smart_bet1x2_baner.gif
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
H2
Server
66.29.132.92 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium201-2.web-hosting.com
Software
LiteSpeed /
Resource Hash
c6fa81ff3b951830b2edc8ade517c616ec2b9e5ee9471ec61305126b4236d974

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 11:03:16 GMT
last-modified
Sat, 07 Aug 2021 15:42:42 GMT
server
LiteSpeed
content-type
image/gif
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
282658
expires
Thu, 09 Jun 2022 11:03:16 GMT

Redirect headers

location
https://smart-bet1x2.com/wp-content/uploads/2016/03/smart_bet1x2_baner.gif
date
Thu, 02 Jun 2022 11:03:16 GMT
x-turbo-charged-by
LiteSpeed
server
LiteSpeed
keep-alive
timeout=5, max=100
content-length
707
content-type
text/html
5-fm-online.gif
www.betmagic1x2.com/wp-content/uploads/2021/02/
11 KB
12 KB
Image
General
Full URL
https://www.betmagic1x2.com/wp-content/uploads/2021/02/5-fm-online.gif
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.132.92 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium201-2.web-hosting.com
Software
LiteSpeed /
Resource Hash
b583b4147bb7a0f9840d773b5996d3ffcd39a61463dc25b8fc02975d2eaf1162
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 11:03:16 GMT
last-modified
Fri, 06 Aug 2021 16:51:08 GMT
server
LiteSpeed
content-type
image/gif
cache-control
public
x-turbo-charged-by
LiteSpeed
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
content-length
11642
expires
Thu, 30 Jun 2022 11:03:16 GMT
betmagic-baner.gif
www.betmagic1x2.com/wp-content/uploads/2021/08/
Redirect Chain
  • http://www.betmagic1x2.com/wp-content/uploads/2021/08/betmagic-baner.gif
  • https://www.betmagic1x2.com/wp-content/uploads/2021/08/betmagic-baner.gif
16 KB
16 KB
Image
General
Full URL
https://www.betmagic1x2.com/wp-content/uploads/2021/08/betmagic-baner.gif
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
H2
Server
66.29.132.92 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium201-2.web-hosting.com
Software
LiteSpeed /
Resource Hash
ae866c703d35d017ae3c870088f588a08595a95eb129f8d77e85b67749474187
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 11:03:16 GMT
last-modified
Fri, 13 Aug 2021 22:43:34 GMT
server
LiteSpeed
content-type
image/gif
cache-control
public
x-turbo-charged-by
LiteSpeed
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
content-length
16013
expires
Thu, 30 Jun 2022 11:03:16 GMT

Redirect headers

location
https://www.betmagic1x2.com/wp-content/uploads/2021/08/betmagic-baner.gif
date
Thu, 02 Jun 2022 11:03:16 GMT
x-turbo-charged-by
LiteSpeed
server
LiteSpeed
keep-alive
timeout=5, max=100
content-length
707
content-type
text/html
anigif.gif
tipssafety.com/wp-content/uploads/2019/10/
43 KB
44 KB
Image
General
Full URL
https://tipssafety.com/wp-content/uploads/2019/10/anigif.gif
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
217.174.149.198 , Bulgaria, ASN31083 (TELEPOINT, BG),
Reverse DNS
pliska.ns1.bg
Software
Apache /
Resource Hash
cae89a415f4da048d824b2b293b35b1bdb7f16f2d6fa23ba8e9c93aadf0e8549

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 11:03:15 GMT
last-modified
Tue, 01 Oct 2019 06:25:49 GMT
server
Apache
accept-ranges
bytes
content-length
44319
content-type
image/gif
2fm1x2.gif
www.betmagic1x2.com/wp-content/uploads/2021/02/
4 KB
4 KB
Image
General
Full URL
https://www.betmagic1x2.com/wp-content/uploads/2021/02/2fm1x2.gif
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.132.92 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium201-2.web-hosting.com
Software
LiteSpeed /
Resource Hash
fae12be06290058640c05d6e9183d01f6a9f24a316bfb01218f205133ab7f1f2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 11:03:16 GMT
last-modified
Fri, 06 Aug 2021 16:50:10 GMT
server
LiteSpeed
content-type
image/gif
cache-control
public
x-turbo-charged-by
LiteSpeed
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
content-length
4020
expires
Thu, 30 Jun 2022 11:03:16 GMT
7337c4b2af8e14fb4ef5236ae52e8e96.gif
i.picasion.com/pic90/
21 KB
21 KB
Image
General
Full URL
https://i.picasion.com/pic90/7337c4b2af8e14fb4ef5236ae52e8e96.gif
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14bcc76ec4b54eb5640ea347f1b25c99d2e774df2c2553daa6c108cf6c80de2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 11:03:16 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11072134
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21090
last-modified
Mon, 01 Feb 2021 19:52:24 GMT
server
cloudflare
etag
"60185bf8-5262"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DYX01dgI%2BWtu5Y44qzm8wmEkgmHPpOyj%2B5WKWa4RnN6z5UVuZBFpV1NQRtRQjvP96Boi5dSJA8T4F24Ryk9roaKTH2EwiTv0LA91%2FuQNkyGdS6CPIzMbFvsPUKTs78jxFqYYJOq%2FprdeufS5gg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
714fb3952be4901f-FRA
expires
Wed, 25 Jan 2023 07:27:42 GMT
banner.gif
htft.info/wp-content/uploads/2021/09/
40 KB
41 KB
Image
General
Full URL
https://htft.info/wp-content/uploads/2021/09/banner.gif
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.136.33.224 , Lithuania, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
cpl82.hosting24.com
Software
LiteSpeed /
Resource Hash
e9da9c57c86b62ad4a3161f6cd506881186e1102ef3d9666a67404f5b9680472
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 11:03:16 GMT
x-content-type-options
nosniff
last-modified
Thu, 16 Sep 2021 14:09:40 GMT
server
LiteSpeed
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
41413
x-xss-protection
1; mode=block;
expires
Thu, 09 Jun 2022 11:03:16 GMT
RBUkMtl.gif
i.imgur.com/
41 KB
41 KB
Image
General
Full URL
https://i.imgur.com/RBUkMtl.gif
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
84ad53791926cce5cfd88be36a00cc01e80c0451a2b11684c3719d81a22b0c34
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 11:03:16 GMT
x-content-type-options
nosniff
age
2610993
x-cache
HIT, HIT
content-length
42146
x-served-by
cache-iad-kjyo7100102-IAD, cache-hhn4073-HHN
last-modified
Sun, 16 May 2021 20:44:32 GMT
server
cat factory 1.0
x-timer
S1654167796.063088,VS0,VE1
etag
"76d47ebcd79fb7298a39eb763e085382"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
6wQomoB.gif
i.imgur.com/
36 KB
36 KB
Image
General
Full URL
https://i.imgur.com/6wQomoB.gif
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
d9e8fc75c407421e81e2975c21e8d1dfd42df56cc8735d1ee10fb9be30011cda
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 11:03:16 GMT
x-content-type-options
nosniff
age
3860563
x-cache
HIT, HIT
content-length
36612
x-served-by
cache-iad-kjyo7100060-IAD, cache-hhn4073-HHN
last-modified
Wed, 29 Jul 2020 19:28:41 GMT
server
cat factory 1.0
x-timer
S1654167796.063069,VS0,VE1
etag
"dd80a28d45dd934d54f4f4fe6acb288b"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
160532_green_256x256.png
www.shareicon.net/data/256x256/2015/11/10/
24 KB
24 KB
Image
General
Full URL
https://www.shareicon.net/data/256x256/2015/11/10/160532_green_256x256.png
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.93.51.85 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
4af11a31f34ef6878b301abc0156e39caf73973343e9fdc56d98f12701d8aa91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 11:05:21 GMT
x-content-type-options
nosniff
last-modified
Wed, 06 Apr 2022 11:30:04 GMT
server
nginx
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
content-type
image/png
x-xss-protection
1; mode=block
cache-control
public
accept-ranges
bytes
content-length
24381
etag
"86631ea9a949d81:0"
expires
Sun, 29 Mar 2050 00:00:00 GMT
RlXV3s9.png
i.imgur.com/
81 KB
82 KB
Image
General
Full URL
https://i.imgur.com/RlXV3s9.png
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
8b83abf3a0b196f7230873a50cf42ab3f634d82b68a3358d95272c1d3ab7678e
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 11:03:15 GMT
x-content-type-options
nosniff
age
3187892
x-cache
HIT, HIT
content-length
83431
x-served-by
cache-iad-kjyo7100052-IAD, cache-hhn4073-HHN
last-modified
Tue, 18 Aug 2020 14:50:00 GMT
server
cat factory 1.0
x-timer
S1654167795.345227,VS0,VE1
etag
"fbfd17886d62d64723c01a649b8471f8"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
QHTn.gif
i.gifer.com/
964 KB
961 KB
Image
General
Full URL
https://i.gifer.com/QHTn.gif
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.68.36.8 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3121917.ip-51-68-36.eu
Software
nginx /
Resource Hash
526d778a123fe611c669acefd44a99d21fd3bfb1d36eac89200a13dd5c71f29a
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 11:03:15 GMT
content-encoding
gzip
last-modified
Sat, 18 Sep 2021 04:49:39 GMT
server
nginx
etag
W/"61456fe3-f115a"
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
cache-control
max-age=315360000
strict-transport-security
max-age=604800
expires
Thu, 31 Dec 2037 23:55:55 GMT
tenor.gif
media.tenor.com/images/48700f3f8b8490f82f24b177b107b09d/
47 KB
48 KB
Image
General
Full URL
https://media.tenor.com/images/48700f3f8b8490f82f24b177b107b09d/tenor.gif
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f350797b6c6e8172a1d882437ac88ff71d1418ef40b52c5f3402d2d7d58dfa2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 11:03:15 GMT
x-content-type-options
nosniff
age
0
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-tenor-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48343
x-xss-protection
0
last-modified
Fri, 09 Oct 2020 12:19:21 GMT
server
sffe
report-to
{"group":"media-tenor-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-tenor-team"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="media-tenor-team"
expires
Fri, 03 Jun 2022 11:03:15 GMT
2jaUtH2.jpg
i.imgur.com/
6 KB
6 KB
Image
General
Full URL
https://i.imgur.com/2jaUtH2.jpg
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
0d6a7ca89c0a4ab2bac46c05c1a40d4d512412700cdd6c69a24c5ca4b7074a9b
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 11:03:16 GMT
x-content-type-options
nosniff
age
2522315
x-cache
HIT, HIT
content-length
6090
x-served-by
cache-iad-kjyo7100096-IAD, cache-hhn4073-HHN
last-modified
Mon, 15 Nov 2021 19:20:51 GMT
server
cat factory 1.0
x-timer
S1654167796.085756,VS0,VE1
etag
"88a28a9107607dde840332042f202dc3"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
oYXeyNc.jpg
i.imgur.com/
15 KB
15 KB
Image
General
Full URL
https://i.imgur.com/oYXeyNc.jpg
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
0e5eb6f73b7df0b6f50f5d713dfdcbb044229eb62881c865b10cfff576831fcf
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 11:03:16 GMT
x-content-type-options
nosniff
age
784719
x-cache
HIT, HIT
content-length
15021
x-served-by
cache-iad-kiad7000145-IAD, cache-hhn4073-HHN
last-modified
Mon, 15 Nov 2021 19:22:23 GMT
server
cat factory 1.0
x-timer
S1654167796.085869,VS0,VE2
etag
"5f93bc8c9f50ee5b315ed951a34e497f"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
bale-baner.gif
bale-1x2.com/baner/
37 KB
38 KB
Image
General
Full URL
http://bale-1x2.com/baner/bale-baner.gif
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
HTTP/1.1
Server
79.124.76.70 , Bulgaria, ASN31083 (TELEPOINT, BG),
Reverse DNS
qrypto.ns1.bg
Software
Apache /
Resource Hash
8d4404deb3149fa893780892e39ef6702183b593cebcb605c2e78e01e545dd6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Thu, 02 Jun 2022 11:03:16 GMT
Last-Modified
Wed, 14 Sep 2016 07:36:06 GMT
Server
Apache
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
38240
1280px-Neteller.svg.png
upload.wikimedia.org/wikipedia/en/thumb/b/b2/Neteller.svg/
22 KB
24 KB
Image
General
Full URL
https://upload.wikimedia.org/wikipedia/en/thumb/b/b2/Neteller.svg/1280px-Neteller.svg.png
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
Software
ATS/8.0.8 /
Resource Hash
fd9826e5a64e75114ec9c3e45d71e559c7bae26338dee5bd9d948e6a73014cc9
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 15:01:56 GMT
nel
{ "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age
72079
x-cache-status
hit-front
x-cache
cp3051 hit, cp3063 hit/39
server-timing
cache;desc="hit-front", host;desc="cp3063"
content-length
22898
x-client-ip
2001:1b60:1010:3:1012:4ee8:db2b:89ff
accept-ranges
bytes
last-modified
Thu, 10 Aug 2017 12:45:22 GMT
server
ATS/8.0.8
etag
b026af7686a43ea332ed57a0ba74dbb4
strict-transport-security
max-age=106384710; includeSubDomains; preload
report-to
{ "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
permissions-policy
interest-cohort=(),ch-ua-arch=(self "intake-analytics.wikimedia.org"),ch-ua-bitness=(self "intake-analytics.wikimedia.org"),ch-ua-full-version-list=(self "intake-analytics.wikimedia.org"),ch-ua-model=(self "intake-analytics.wikimedia.org"),ch-ua-platform-version=(self "intake-analytics.wikimedia.org")
accept-ch
Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
timing-allow-origin
*
1200px-Skrill_logo.svg.png
upload.wikimedia.org/wikipedia/commons/thumb/1/1b/Skrill_logo.svg/
33 KB
34 KB
Image
General
Full URL
https://upload.wikimedia.org/wikipedia/commons/thumb/1/1b/Skrill_logo.svg/1200px-Skrill_logo.svg.png
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
Software
ATS/8.0.8 /
Resource Hash
594a614f285cd16215a8ccaa870779d908f28c990f5bfa87a766eb718124d846
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 23:12:59 GMT
nel
{ "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age
42616
x-cache-status
hit-front
x-cache
cp3063 hit, cp3063 hit/40
server-timing
cache;desc="hit-front", host;desc="cp3063"
content-length
33541
x-client-ip
2001:1b60:1010:3:1012:4ee8:db2b:89ff
accept-ranges
bytes
last-modified
Tue, 07 Nov 2017 08:11:36 GMT
server
ATS/8.0.8
etag
44014b6e5b6b232531ea987ec229f3cb
strict-transport-security
max-age=106384710; includeSubDomains; preload
report-to
{ "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
permissions-policy
interest-cohort=(),ch-ua-arch=(self "intake-analytics.wikimedia.org"),ch-ua-bitness=(self "intake-analytics.wikimedia.org"),ch-ua-full-version-list=(self "intake-analytics.wikimedia.org"),ch-ua-model=(self "intake-analytics.wikimedia.org"),ch-ua-platform-version=(self "intake-analytics.wikimedia.org")
accept-ch
Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
timing-allow-origin
*
paypal-logo.png
newsroom.mastercard.com/wp-content/uploads/2016/09/
28 KB
29 KB
Image
General
Full URL
https://newsroom.mastercard.com/wp-content/uploads/2016/09/paypal-logo.png
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
104.239.236.220 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
/
Resource Hash
9323ca8ebe8954414906cdf50aba385bfd13656a5856ea085f4a19cb1ef824be
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=15768000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Thu, 02 Jun 2022 10:57:37 GMT
Referrer-Policy
origin-when-cross-origin
Last-Modified
Tue, 06 Jun 2017 17:41:08 GMT
ETag
"71b5-5514e1fef5532"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security
max-age=15768000; includeSubDomains; preload
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
29109
X-XSS-Protection
1; mode=block
120px-Icon-under_18.png
upload.wikimedia.org/wikipedia/commons/thumb/e/eb/Icon-under_18.png/
11 KB
12 KB
Image
General
Full URL
https://upload.wikimedia.org/wikipedia/commons/thumb/e/eb/Icon-under_18.png/120px-Icon-under_18.png
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
Software
ATS/8.0.8 /
Resource Hash
318fc157180c3dc68ede5badcffca0af88c17781a8ceed76e7497a95715e6bb5
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 06:29:07 GMT
nel
{ "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age
16448
x-cache-status
hit-front
x-cache
cp3065 miss, cp3063 hit/59
server-timing
cache;desc="hit-front", host;desc="cp3063"
content-length
11449
x-client-ip
2001:1b60:1010:3:1012:4ee8:db2b:89ff
accept-ranges
bytes
last-modified
Sun, 03 Nov 2013 19:10:42 GMT
server
ATS/8.0.8
etag
91ac02860435f22a85a133f4a3677a4e
strict-transport-security
max-age=106384710; includeSubDomains; preload
report-to
{ "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
permissions-policy
interest-cohort=(),ch-ua-arch=(self "intake-analytics.wikimedia.org"),ch-ua-bitness=(self "intake-analytics.wikimedia.org"),ch-ua-full-version-list=(self "intake-analytics.wikimedia.org"),ch-ua-model=(self "intake-analytics.wikimedia.org"),ch-ua-platform-version=(self "intake-analytics.wikimedia.org")
accept-ch
Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
timing-allow-origin
*
CGmO36j.gif
i.imgur.com/
71 KB
71 KB
Image
General
Full URL
https://i.imgur.com/CGmO36j.gif
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
f2bb35f684d751f8aa2101d23d172e8b84aed84a79f35e18f79f7efe8633b3c5
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 11:03:16 GMT
x-content-type-options
nosniff
age
845817
x-cache
HIT, HIT
content-length
72431
x-served-by
cache-iad-kjyo7100123-IAD, cache-hhn4073-HHN
last-modified
Wed, 25 Dec 2019 08:16:56 GMT
server
cat factory 1.0
x-timer
S1654167796.271187,VS0,VE1
etag
"73c8f243271c123078fd368d693f1261"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
FiKjm16.png
i.imgur.com/
18 KB
18 KB
Image
General
Full URL
https://i.imgur.com/FiKjm16.png
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
3ca51fe89c7d230b24ee76420051249b35bd7edca6caef3744db91955283e964
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 11:03:16 GMT
x-content-type-options
nosniff
age
2576700
x-cache
HIT, HIT
content-length
18231
x-served-by
cache-iad-kjyo7100064-IAD, cache-hhn4073-HHN
last-modified
Thu, 25 Jan 2018 18:07:34 GMT
server
cat factory 1.0
x-timer
S1654167796.271447,VS0,VE1
etag
"3183e9bf3dd91a208e4a17be504de044"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
EiM7pS8.png
i.imgur.com/
269 KB
269 KB
Image
General
Full URL
https://i.imgur.com/EiM7pS8.png
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
35c3b4195deb46d057ea90ed10231215278760daca07c5cd751550ad77648457
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 11:03:16 GMT
x-content-type-options
nosniff
age
119635
x-cache
MISS, HIT
x-amz-storage-class
STANDARD_IA
content-length
275548
x-served-by
cache-iad-kjyo7100167-IAD, cache-hhn4073-HHN
last-modified
Thu, 25 Jan 2018 18:08:49 GMT
server
cat factory 1.0
x-timer
S1654167796.271421,VS0,VE1
etag
"247ecde423a94e944781537e29cf3c2f"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
0, 1
1NC7e8w.png
i.imgur.com/
49 KB
49 KB
Image
General
Full URL
https://i.imgur.com/1NC7e8w.png
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
fcaac1655e708c9a25d93b64208dd9548d1e0d4a19bf6378e163a70ce6a10bd1
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 11:03:16 GMT
x-content-type-options
nosniff
age
3213123
x-cache
HIT, HIT
content-length
50216
x-served-by
cache-iad-kiad7000172-IAD, cache-hhn4073-HHN
last-modified
Thu, 25 Jan 2018 18:09:26 GMT
server
cat factory 1.0
x-timer
S1654167796.271406,VS0,VE1
etag
"dc7407dfb3ba462c0b16da68d9d42fa3"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
fsH78lh.png
i.imgur.com/
73 KB
73 KB
Image
General
Full URL
https://i.imgur.com/fsH78lh.png
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
40d1b65c2a1eda496d823c32c013b649df302d3467478a375645aac968b45301
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 11:03:16 GMT
x-content-type-options
nosniff
age
1451941
x-cache
HIT, HIT
content-length
74655
x-served-by
cache-iad-kcgs7200129-IAD, cache-hhn4073-HHN
last-modified
Thu, 25 Jan 2018 18:10:19 GMT
server
cat factory 1.0
x-timer
S1654167796.271398,VS0,VE1
etag
"820fc34cc7c1911b7ded06fa4b764d73"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
laptop_hand_shake_400_clr_5893.png
mypersuasivepresentations.com/wp-content/uploads/2014/03/
Redirect Chain
  • http://mypersuasivepresentations.com/wp-content/uploads/2014/03/laptop_hand_shake_400_clr_5893.png
  • https://mypersuasivepresentations.com/wp-content/uploads/2014/03/laptop_hand_shake_400_clr_5893.png
95 KB
95 KB
Image
General
Full URL
https://mypersuasivepresentations.com/wp-content/uploads/2014/03/laptop_hand_shake_400_clr_5893.png
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
H2
Server
199.16.172.227 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a5ec08b9787dd7c2da8612cdea017992e1cde70d43ba96b382c7248fac9b6875
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 11:03:16 GMT
x-ac
2.hhn _atomic_ams
last-modified
Fri, 02 Mar 2018 14:44:32 GMT
server
nginx
etag
"5a996350-17b9b"
strict-transport-security
max-age=31536000
access-control-allow-methods
GET, HEAD
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
97179
expires
Thu, 09 Jun 2022 11:03:16 GMT

Redirect headers

Location
https://mypersuasivepresentations.com/wp-content/uploads/2014/03/laptop_hand_shake_400_clr_5893.png
Date
Thu, 02 Jun 2022 11:03:16 GMT
X-ac
1.hhn _atomic_ams
Server
nginx
Connection
keep-alive
Content-Length
162
Content-Type
text/html
CQK8ZVO.gif
i.imgur.com/
1 MB
1 MB
Image
General
Full URL
https://i.imgur.com/CQK8ZVO.gif
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
7cb54a6328f09cfbbb87a87d2ff492e09e027eba2afceee71fdd51a59457aeb9
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 11:03:16 GMT
x-content-type-options
nosniff
age
3213122
x-cache
HIT, HIT
x-amz-storage-class
STANDARD_IA
content-length
1540045
x-served-by
cache-iad-kcgs7200064-IAD, cache-hhn4073-HHN
last-modified
Tue, 16 Apr 2019 01:34:15 GMT
server
cat factory 1.0
x-timer
S1654167796.283956,VS0,VE4
etag
"1a681a48ba535581a9bb65bbedfa471e"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
managedchatservices-icons-24hrs-150-300x300.png
beat-the-bookies1x2.com/wp-content/uploads/2019/07/
30 KB
31 KB
Image
General
Full URL
https://beat-the-bookies1x2.com/wp-content/uploads/2019/07/managedchatservices-icons-24hrs-150-300x300.png
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
217.174.149.166 , Bulgaria, ASN31083 (TELEPOINT, BG),
Reverse DNS
balkan.ns1.bg
Software
Apache /
Resource Hash
8304108c8ad2131f68e9b82ee3bfea983c7b5e3cf46930959078352e25d69134

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 11:03:17 GMT
last-modified
Mon, 08 Jul 2019 20:21:37 GMT
server
Apache
accept-ranges
bytes
content-length
30929
content-type
image/png
new_seo-41-512-300x300.png
beat-the-bookies1x2.com/wp-content/uploads/2019/07/
62 KB
63 KB
Image
General
Full URL
https://beat-the-bookies1x2.com/wp-content/uploads/2019/07/new_seo-41-512-300x300.png
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
217.174.149.166 , Bulgaria, ASN31083 (TELEPOINT, BG),
Reverse DNS
balkan.ns1.bg
Software
Apache /
Resource Hash
d7ec3158dd5f30e0d993881bd2564f1e37e824072ea2df802feb0c9ff82f615f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 11:03:17 GMT
last-modified
Mon, 08 Jul 2019 20:27:19 GMT
server
Apache
accept-ranges
bytes
content-length
63647
content-type
image/png
images.jpg
beat-the-bookies1x2.com/wp-content/uploads/2019/07/
6 KB
6 KB
Image
General
Full URL
https://beat-the-bookies1x2.com/wp-content/uploads/2019/07/images.jpg
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
217.174.149.166 , Bulgaria, ASN31083 (TELEPOINT, BG),
Reverse DNS
balkan.ns1.bg
Software
Apache /
Resource Hash
ffc3e50072356cad82299b2f146e9870248e880c8cef86775343f6840aa5a368

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 11:03:17 GMT
last-modified
Mon, 08 Jul 2019 20:27:57 GMT
server
Apache
accept-ranges
bytes
content-length
5980
content-type
image/jpeg
64-641641_larson-lawnscape-service-area-green-shake-hand-icon-300x300.png
beat-the-bookies1x2.com/wp-content/uploads/2019/07/
21 KB
21 KB
Image
General
Full URL
https://beat-the-bookies1x2.com/wp-content/uploads/2019/07/64-641641_larson-lawnscape-service-area-green-shake-hand-icon-300x300.png
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
217.174.149.166 , Bulgaria, ASN31083 (TELEPOINT, BG),
Reverse DNS
balkan.ns1.bg
Software
Apache /
Resource Hash
3a6dd343def25ebf38c0cf98666e50fef98f55ecbbd870b7db489bf21663ca7d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 11:03:17 GMT
last-modified
Mon, 08 Jul 2019 20:30:04 GMT
server
Apache
accept-ranges
bytes
content-length
21297
content-type
image/png
347-3473106_gareth-bale-real-madrid-png-transparent-png.png
www.kindpng.com/picc/m/
325 KB
321 KB
Image
General
Full URL
https://www.kindpng.com/picc/m/347-3473106_gareth-bale-real-madrid-png-transparent-png.png
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.151.158.243 , United States, ASN33387 (NOCIX, US),
Reverse DNS
Software
nginx/1.14.0 /
Resource Hash
3480484d5b7a5565b47b76c2c58688ac01199bf89d76156b9e31e81f733d5d19

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Thu, 02 Jun 2022 11:03:17 GMT
Content-Encoding
gzip
Last-Modified
Fri, 22 Nov 2019 00:55:09 GMT
Server
nginx/1.14.0
ETag
W/"5dd731ed-512a6"
Vary
Accept-Encoding
Content-Type
image/png
Transfer-Encoding
chunked
Connection
keep-alive
347-3473076_transparent-gareth-bale-png-bale-png-png-download.png
www.pngitem.com/pimgs/m/
185 KB
185 KB
Image
General
Full URL
https://www.pngitem.com/pimgs/m/347-3473076_transparent-gareth-bale-png-bale-png-png-download.png
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.208.219.12 , United States, ASN32097 (WII, US),
Reverse DNS
salty.sheparddietimportance.us
Software
nginx/1.14.0 /
Resource Hash
2dfd1c9bd90a3f2742a1f9b7b0a2cdc4c17b8ad150340773a06f2a214929b4ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Thu, 02 Jun 2022 11:03:17 GMT
Last-Modified
Fri, 22 Nov 2019 00:54:51 GMT
Server
nginx/1.14.0
ETag
"5dd731db-2e221"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
188961
png-clipart-gareth-bale-tottenham-hotspur-f-c-manchester-united-f-c-uefa-champions-league-madrid-gareth-bale-wales-tshirt-sport.png
e7.pngegg.com/pngimages/6/536/
300 KB
301 KB
Image
General
Full URL
https://e7.pngegg.com/pngimages/6/536/png-clipart-gareth-bale-tottenham-hotspur-f-c-manchester-united-f-c-uefa-champions-league-madrid-gareth-bale-wales-tshirt-sport.png
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45fa17019148635a60263d415a9e86191b7bf0b414a51f06fe508d9f9fd10e6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 11:03:16 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
719845
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
306982
last-modified
Sun, 17 May 2020 04:40:07 GMT
server
cloudflare
etag
"5ec0c027-4af26"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6FJ6%2FbcRhF0MkEvVkNQUntDmR5LMpEFjb6ymv%2FdJTuRxCK3bcWQ77d3I4BabLR5pvbRoDxCNmsxX0jipmZx1UtNT%2FFhoCMolgB260MYKe%2FCwRjQ0Cm9ellltVdpaErWfWgWJnlRg3d8D4KYD"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31104000
accept-ranges
bytes
cf-ray
714fb399c99a9c01-FRA
expires
Sat, 20 May 2023 03:05:51 GMT
181-1814818_www-footyrenders-com-gareth-bale-2014-png-png.png
www.vippng.com/png/detail/
0
0

301-3011624_1-gareth-bale-gareth-bale-png.png
www.seekpng.com/png/detail/
111 KB
103 KB
Image
General
Full URL
https://www.seekpng.com/png/detail/301-3011624_1-gareth-bale-gareth-bale-png.png
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.110.80.75 , United States, ASN32097 (WII, US),
Reverse DNS
Software
nginx/1.14.0 /
Resource Hash
08241d40b563254fc300dfd00f594a5707cd7141414d4f2db701c2b89fb416ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Thu, 02 Jun 2022 11:03:17 GMT
Content-Encoding
gzip
Last-Modified
Tue, 27 Nov 2018 21:26:38 GMT
Server
nginx/1.14.0
ETag
W/"5bfdb68e-1badc"
Vary
Accept-Encoding
Content-Type
image/png
Transfer-Encoding
chunked
Connection
keep-alive
soccer-icon.png
icons.iconarchive.com/icons/yingfengling-fl/i-love-sports/256/
155 KB
156 KB
Image
General
Full URL
https://icons.iconarchive.com/icons/yingfengling-fl/i-love-sports/256/soccer-icon.png
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:e9b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
631f7e69e48548a9c49d38503950658eb376c7fb87abd342f1a9037bd0317ae3

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 11:03:16 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6151
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
158628
last-modified
Thu, 09 Jul 2020 00:04:45 GMT
server
cloudflare
etag
"5f065f1d-26ba4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9RkYaFgTE2WoX%2BMIDU%2BSujOFpet5BVRrrgZCDGHqqXYFO4YgjF6Bz3PoPVIRyEbvq58YhAroHj%2FnXyM5kgb0k01hAWGqtF30SLX1CYavJ%2F0qi8bNfcuLENCWxRFcqXrD%2BANoQh6sUV2cInLBphGpuuI03%2Bw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
714fb39adf739b7c-FRA
HsjSMyt.gif
i.imgur.com/
358 KB
358 KB
Image
General
Full URL
https://i.imgur.com/HsjSMyt.gif
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
53ad4b55312ae6027ee8d0da5023e5d5b8d2e127f21dde79c3cbd8ba7b8ca26c
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 11:03:16 GMT
x-content-type-options
nosniff
age
1976810
x-cache
HIT, HIT
x-amz-storage-class
STANDARD_IA
content-length
366379
x-served-by
cache-iad-kjyo7100030-IAD, cache-hhn4073-HHN
last-modified
Sun, 21 Nov 2021 17:17:00 GMT
server
cat factory 1.0
x-timer
S1654167797.860562,VS0,VE2
etag
"7a270d82e5f4f95e6e8621ffdb9d18e1"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
wp-lightbox-2.min.js
bale-1x2.com/wp-content/plugins/wp-lightbox-2/js/dist/
17 KB
18 KB
Script
General
Full URL
http://bale-1x2.com/wp-content/plugins/wp-lightbox-2/js/dist/wp-lightbox-2.min.js?ver=1.3.4.1
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
HTTP/1.1
Server
79.124.76.70 , Bulgaria, ASN31083 (TELEPOINT, BG),
Reverse DNS
qrypto.ns1.bg
Software
Apache /
Resource Hash
7f75a55e6f2695d98f207f6634289242d8a1afe9d51b68cee2559cf16a6d96e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Thu, 02 Jun 2022 11:03:15 GMT
Last-Modified
Mon, 01 Feb 2021 22:14:39 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
17751
scroll.js
bale-1x2.com/wp-content/themes/comicpress/js/
804 B
1 KB
Script
General
Full URL
http://bale-1x2.com/wp-content/themes/comicpress/js/scroll.js
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
HTTP/1.1
Server
79.124.76.70 , Bulgaria, ASN31083 (TELEPOINT, BG),
Reverse DNS
qrypto.ns1.bg
Software
Apache /
Resource Hash
64cabe89a1a1123375022f7ba5530c8ca5cd2e5d056633b7a5e51302126bb9b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Thu, 02 Jun 2022 11:03:15 GMT
Last-Modified
Tue, 24 Apr 2018 19:38:23 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
804
q2w3-fixed-widget.min.js
bale-1x2.com/wp-content/plugins/q2w3-fixed-widget/js/
4 KB
4 KB
Script
General
Full URL
http://bale-1x2.com/wp-content/plugins/q2w3-fixed-widget/js/q2w3-fixed-widget.min.js?ver=5.3.0
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
HTTP/1.1
Server
79.124.76.70 , Bulgaria, ASN31083 (TELEPOINT, BG),
Reverse DNS
qrypto.ns1.bg
Software
Apache /
Resource Hash
9a7d00291b90b8045d042a9a713a9cceba928a35c18c99d1eeea2ca14c09614d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Thu, 02 Jun 2022 11:03:15 GMT
Last-Modified
Sun, 21 Nov 2021 17:20:16 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
4360
wp-embed.min.js
bale-1x2.com/wp-includes/js/
1 KB
2 KB
Script
General
Full URL
http://bale-1x2.com/wp-includes/js/wp-embed.min.js?ver=4.8.19
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
HTTP/1.1
Server
79.124.76.70 , Bulgaria, ASN31083 (TELEPOINT, BG),
Reverse DNS
qrypto.ns1.bg
Software
Apache /
Resource Hash
57dd85466749e869c5958a2652e548673557a2390ec68490a353916353ecc74e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Thu, 02 Jun 2022 11:03:15 GMT
Last-Modified
Thu, 15 Apr 2021 09:38:55 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
1386
football-ultra-hd-background_1_2560x1440.jpg
bale-1x2.com/wp-content/uploads/2018/04/
335 KB
336 KB
Image
General
Full URL
http://bale-1x2.com/wp-content/uploads/2018/04/football-ultra-hd-background_1_2560x1440.jpg
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
HTTP/1.1
Server
79.124.76.70 , Bulgaria, ASN31083 (TELEPOINT, BG),
Reverse DNS
qrypto.ns1.bg
Software
Apache /
Resource Hash
eddcb261890a30acb269172416571ee0c6136d4902e078a1cc0e9e5f51fa997a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Thu, 02 Jun 2022 11:03:15 GMT
Last-Modified
Wed, 25 Apr 2018 06:09:39 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
343551
cropped-BALE-NEW-HEADER.jpg
bale-1x2.com/wp-content/uploads/2021/09/
92 KB
92 KB
Image
General
Full URL
http://bale-1x2.com/wp-content/uploads/2021/09/cropped-BALE-NEW-HEADER.jpg
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
HTTP/1.1
Server
79.124.76.70 , Bulgaria, ASN31083 (TELEPOINT, BG),
Reverse DNS
qrypto.ns1.bg
Software
Apache /
Resource Hash
a14457ead69890f52c267c4bee25f0d0996b305634c24c39c3eb2f931ceaaad8

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Thu, 02 Jun 2022 11:03:15 GMT
Last-Modified
Tue, 21 Sep 2021 07:02:25 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
94160
post-bottom.jpg
bale-1x2.com/wp-content/themes/comicpress/images/
553 B
787 B
Image
General
Full URL
http://bale-1x2.com/wp-content/themes/comicpress/images/post-bottom.jpg
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/wp-content/themes/comicpress/style.css
Protocol
HTTP/1.1
Server
79.124.76.70 , Bulgaria, ASN31083 (TELEPOINT, BG),
Reverse DNS
qrypto.ns1.bg
Software
Apache /
Resource Hash
6911849e7f2487a33ec728467c42460728f7661c53e7285eada175a3d2d08a0f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/wp-content/themes/comicpress/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Thu, 02 Jun 2022 11:03:15 GMT
Last-Modified
Tue, 24 Apr 2018 19:38:23 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
553
best.gif
bestfixedsource.com/wp-content/uploads/2021/04/
65 KB
66 KB
Image
General
Full URL
https://bestfixedsource.com/wp-content/uploads/2021/04/best.gif
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.136.33.224 , Lithuania, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
cpl82.hosting24.com
Software
LiteSpeed /
Resource Hash
e53a8641b8deaa3a869f271e957c00d520f792edeabe5c9ceb0a69534bb38361
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 11:03:17 GMT
x-content-type-options
nosniff
last-modified
Tue, 06 Apr 2021 21:43:15 GMT
server
LiteSpeed
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
67001
x-xss-protection
1; mode=block;
expires
Thu, 09 Jun 2022 11:03:17 GMT
js15_as.js
s10.histats.com/
11 KB
5 KB
Script
General
Full URL
http://s10.histats.com/js15_as.js
Requested by
Host: bale-1x2.com
URL: http://bale-1x2.com/
Protocol
HTTP/1.1
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 10:57:27 GMT
content-encoding
gzip
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
W/"-375139978"
x-cacheable
Matched cache
vary
Accept-Encoding
x-iplb-instance
40745
content-type
application/javascript; charset=UTF-8
x-cdn-pop
sbg
accept-ranges
bytes
x-iplb-request-id
D972D785:B58A_2E69C9F0:0050_629898F5_2BD40:1D226
content-length
4547
x-request-id
124225939
truncated
/
7 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f9e633b9a8adb873e40bf75283e1332f04621b4a9b88fe7192b560337aa9c6dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/png
4361581.php
s4.histats.com/stats/
61 B
195 B
Script
General
Full URL
https://s4.histats.com/stats/4361581.php?4361581&@f16&@g1&@h1&@i1&@j1654167797094&@k0&@l1&@mFixed%20Matches%20betting%20soccer%20predictions%20HT-FT%20Best%20Tip%20-%20Fixed%20tips%20fixed%20matches%20100%25%20sure%20correct%20score%20Fixed%20Source&@n0&@o1000&@q0&@r0&@s230&@ten-US&@u1600&@b1:82585258&@b3:1654167797&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Fbale-1x2.com%2F&@w
Requested by
Host: s10.histats.com
URL: http://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.27.80.143 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns558056.ip-198-27-80.net
Software
/
Resource Hash
badbe39406d98d5314794468f41e3db57de0e21b50db1640eb13cd15a3c3939d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Thu, 02 Jun 2022 11:03:17 GMT
Connection
close
Content-Length
61
Content-Type
text/html;charset=UTF-8
cc_230.js
s10.histats.com/counters/
18 KB
8 KB
Script
General
Full URL
https://s10.histats.com/counters/cc_230.js
Requested by
Host: s10.histats.com
URL: http://s10.histats.com/js15_as.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
f4622087c178abd6900da13f7ee1f865bf25e4b1604d9799ef15aea6b96c97bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 10:57:46 GMT
content-encoding
br
last-modified
Thu, 16 Apr 2020 10:45:29 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
W/"-322835802"
x-cacheable
Matched cache
content-type
text/javascript
x-cdn-pop
sbg
accept-ranges
bytes
content-length
7818
x-request-id
159585766
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
88e5ce85e591603bfbd1efef057099134a9f44c3eda1d111d8a23047af16a65c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bale-1x2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/png

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.vippng.com
URL
https://www.vippng.com/png/detail/181-1814818_www-footyrenders-com-gareth-bale-2014-png-png.png

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation object| _wpemojiSettings undefined| $ function| jQuery object| ddsmoothmenu object| _Hasync object| JQLBSettings function| _readOnlyError function| _classCallCheck function| _defineProperties function| _createClass function| _typeof undefined| up_timer function| getPosition function| pageup object| q2w3_sidebar_options function| q2w3_sidebar_init function| q2w3_exclude_mutations_array function| q2w3_sidebar object| wp object| widget_obj object| jQuery112406798634589389749 boolean| q2w3Refresh function| chfh function| chfh2 string| _HST_cntval object| Histats object| _HistatsCounterGraphics_230_setValues boolean| _value_RETURN_BUILDER function| _HistatsCounterGraphics_230 function| histats_canvascounters_base.js

7 Cookies

Domain/Path Name / Value
bale-1x2.com/ Name: HstCfa4361581
Value: 1654167797094
bale-1x2.com/ Name: HstCla4361581
Value: 1654167797094
bale-1x2.com/ Name: HstCmu4361581
Value: 1654167797094
bale-1x2.com/ Name: HstPn4361581
Value: 1
bale-1x2.com/ Name: HstPt4361581
Value: 1
bale-1x2.com/ Name: HstCnv4361581
Value: 1
bale-1x2.com/ Name: HstCns4361581
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bale-1x2.com
beat-the-bookies1x2.com
bestfixedsource.com
bet-12.com
betwin-365.com
c.tenor.com
e7.pngegg.com
encrypted-tbn0.gstatic.com
europol-fixed.com
htft.info
i.gifer.com
i.imgur.com
i.picasion.com
icons.iconarchive.com
luxury-bets.com
media.tenor.com
media0.giphy.com
mega-match1x2.com
mypersuasivepresentations.com
newsroom.mastercard.com
odd1x2.com
paok-tip.com
previews.123rf.com
s10.histats.com
s4.histats.com
smart-bet1x2.com
thumbs.dreamstime.com
tipico-bet.de
tips-free.com
tipssafety.com
tipssingle.club
upload.wikimedia.org
web.archive.org
wolves-tip.com
www.betmagic1x2.com
www.kindpng.com
www.melissa.com
www.pngitem.com
www.seekpng.com
www.shareicon.net
www.topbet-fixed.com
www.vippng.com
www.vippng.com
104.239.236.220
108.157.4.11
12.203.219.57
141.136.33.224
151.101.112.193
151.106.100.24
164.138.218.220
172.93.51.85
173.208.219.12
188.114.96.3
192.151.158.243
192.229.233.122
198.27.80.143
199.16.172.227
199.232.194.2
207.241.237.3
208.110.80.75
217.174.149.166
217.174.149.198
2606:4700:3038::6815:e9b6
2606:4700:3038::6815:eb51
2620:0:862:ed1a::2:b
2a00:1450:4001:802::200e
2a00:1450:4001:811::200a
2a00:1450:4001:82b::2001
2a06:98c1:3121::3
46.105.201.240
51.68.36.8
66.29.132.92
68.66.248.41
79.124.76.70
04f3121676187156cab6dcf830fe6bb18aecf0c9bf42bfb79abb69879c151064
081091118e8bd10a591b771435766141d34d981577c5061ab4ea75fd4786796c
08241d40b563254fc300dfd00f594a5707cd7141414d4f2db701c2b89fb416ec
0ac4d6bc9b8f6ffdbc874645697631ccaee283eac7e192af6e94ca3d58b127b1
0c4e8572ece6010636559e41b4647def61eac263245949c1f773e6865c783058
0d6a7ca89c0a4ab2bac46c05c1a40d4d512412700cdd6c69a24c5ca4b7074a9b
0e5eb6f73b7df0b6f50f5d713dfdcbb044229eb62881c865b10cfff576831fcf
12dea862c237e33430f7bc567e2dd1cbe5ef7a3c27b4b7db0581a7ad7d4efda8
14bcc76ec4b54eb5640ea347f1b25c99d2e774df2c2553daa6c108cf6c80de2e
260635771fab6b5e5bcd8030002e4164904c54c321b11b228b149c9953ffa2eb
2b762fecb87e58f5844a903d1bebf600b8c5cfc27eaf41dc37d89fab09351c4f
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2dfd1c9bd90a3f2742a1f9b7b0a2cdc4c17b8ad150340773a06f2a214929b4ea
2eff2ae61047456178738bb7f10017cd66509ef3a547d5e3666267c7f4943b66
318fc157180c3dc68ede5badcffca0af88c17781a8ceed76e7497a95715e6bb5
3480484d5b7a5565b47b76c2c58688ac01199bf89d76156b9e31e81f733d5d19
35c3b4195deb46d057ea90ed10231215278760daca07c5cd751550ad77648457
396513086f694eaea1441f4cea1838282449065d9407b9c0d600105c59bbef59
3a6dd343def25ebf38c0cf98666e50fef98f55ecbbd870b7db489bf21663ca7d
3ca51fe89c7d230b24ee76420051249b35bd7edca6caef3744db91955283e964
3d3c840728b1bfc52f51b3a101f46b9867e1a3feea4d191eea0b29ec83dc616a
40d1b65c2a1eda496d823c32c013b649df302d3467478a375645aac968b45301
43414839636281401dda82b3428eeec62f6c28b3d2f654ff11e90d9b3b00130e
45fa17019148635a60263d415a9e86191b7bf0b414a51f06fe508d9f9fd10e6a
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4af11a31f34ef6878b301abc0156e39caf73973343e9fdc56d98f12701d8aa91
4d3b683aa8a64160a7cca3c82211dfc7e2752f430e76f5acb3b9a1a401ac37e1
526d778a123fe611c669acefd44a99d21fd3bfb1d36eac89200a13dd5c71f29a
53ad4b55312ae6027ee8d0da5023e5d5b8d2e127f21dde79c3cbd8ba7b8ca26c
5480788d03864e5a39ec0f9607bd3fa716ba63e9d4a963936a9e4660509b6b4e
568c1ee244e86ae2156b9015866c76d0b5f2831e8f59c095beb957583d834a38
57dd85466749e869c5958a2652e548673557a2390ec68490a353916353ecc74e
594a614f285cd16215a8ccaa870779d908f28c990f5bfa87a766eb718124d846
5b8b5f78c31ae03f307a17032438b6cbce106418b505f795274b5893a541c364
5f7c513bc3182404e8e6018e90fdc63727a3bb5fe756e4270acad0c58d81e80e
5fc16b3f7c42f4ad7bbb4455dfc43c02705feb9e1e77abb3c618455e619b314f
621a5be7b3117052266d7e5aa14610a38b9bf9927434959954745d593d692917
631f7e69e48548a9c49d38503950658eb376c7fb87abd342f1a9037bd0317ae3
64cabe89a1a1123375022f7ba5530c8ca5cd2e5d056633b7a5e51302126bb9b3
6911849e7f2487a33ec728467c42460728f7661c53e7285eada175a3d2d08a0f
6a247cc4a7dfabf12ea2797a38fc01a2e762988d0ba7c8e6111a4f87f11733fa
6d92b75eb3940c32f61f6863129f36dfabf5028fd29fb2a9c502348d7ea5f1e1
6e455b9d541809b0afef8f519150c79b90d8d5b140b1c2c151e9066d132f9434
6f350797b6c6e8172a1d882437ac88ff71d1418ef40b52c5f3402d2d7d58dfa2
734c427ccfbe9fadc4649e89ba5eebe4bd96fbb6005bdfe3d01e8525c8a80ce1
73f638ec6f41babe70fe0669644c1f7739dda46f7abb73feb4c438915bb42b68
7a646968cf52a12f798ced5cc88c63e488f9e19a81e915e54de78722fd55f984
7cb54a6328f09cfbbb87a87d2ff492e09e027eba2afceee71fdd51a59457aeb9
7f75a55e6f2695d98f207f6634289242d8a1afe9d51b68cee2559cf16a6d96e8
8304108c8ad2131f68e9b82ee3bfea983c7b5e3cf46930959078352e25d69134
843a97bced5917607d0c29348b32cea2ef5fe4baa12004b686ca61eb4e6ddafe
84ad53791926cce5cfd88be36a00cc01e80c0451a2b11684c3719d81a22b0c34
88e5ce85e591603bfbd1efef057099134a9f44c3eda1d111d8a23047af16a65c
893a2b2f616526674cab59574854d371420c6f59bf9300eb7a191e58218a58a3
8b83abf3a0b196f7230873a50cf42ab3f634d82b68a3358d95272c1d3ab7678e
8d4404deb3149fa893780892e39ef6702183b593cebcb605c2e78e01e545dd6a
9323ca8ebe8954414906cdf50aba385bfd13656a5856ea085f4a19cb1ef824be
978adf488d3a5c980a07bb3674ea818a30b4a244abcbc39a161c47c1c93ff7fd
9a7d00291b90b8045d042a9a713a9cceba928a35c18c99d1eeea2ca14c09614d
9d0e0a4e07a3dbfb5d59ef4232641a4e96cc372553c670d214d3aa129929cd80
9f306ee99cf71e58ec7a4d8b1c7a14ce792d0f1489d022ff69c40488d11fe648
a14457ead69890f52c267c4bee25f0d0996b305634c24c39c3eb2f931ceaaad8
a22035c79975bf3b9b13c0f63dc86573f47169eb0d24fb085da4ea25acfe6c6b
a5ec08b9787dd7c2da8612cdea017992e1cde70d43ba96b382c7248fac9b6875
a9ac89439476a7bc1547f0b5b588483471d2e5ed91781606b1da38fd04753f09
ae866c703d35d017ae3c870088f588a08595a95eb129f8d77e85b67749474187
b303c01d8ada1d6a3baaf071705b7ed2b88d482bd3d566d694afba8dd1a4bfbe
b36ea879a9910704ecdbd62f9d60206dadab7a18096172b04aa9fc7ec042a97c
b583b4147bb7a0f9840d773b5996d3ffcd39a61463dc25b8fc02975d2eaf1162
badbe39406d98d5314794468f41e3db57de0e21b50db1640eb13cd15a3c3939d
c3befe366b3cdcc5e3f3296838fb8d4922cf5e879b751d94fa2ca43633e5b422
c5299d1a88e3a9c13cc906fee3a0600668b170e1ebbd8218d593f9f6f44cc598
c5b72d3d785d5eecd7631ce5560686c23b5ce899697afaffdf90a1f83f4c95b9
c6fa81ff3b951830b2edc8ade517c616ec2b9e5ee9471ec61305126b4236d974
c74e9e5b18789c6c73d5cefc75c3d409250d3225d947c21f8f9713f960f9977d
cae89a415f4da048d824b2b293b35b1bdb7f16f2d6fa23ba8e9c93aadf0e8549
cdf88cdb5ed91b7de7902837a6c56f6b72842d4821c13a89f26456db6cf2d103
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3
d23064d5ed81b54e10b5b01daa6bf661b2a8f8037d26e3feae8cbbb86afa58af
d386832606f5ba01eb981129df26c7c315ac659d86ffcb5cf79fdd8d88f91b41
d47f6848916d128c03d9651e9362cd9edffcad685c538c06b25d60e23a039f21
d7ec3158dd5f30e0d993881bd2564f1e37e824072ea2df802feb0c9ff82f615f
d83792ef2f2eebd75a7ee9766f0c92e628c1607ff0110c4bf4ed35d24ce856f7
d9e8fc75c407421e81e2975c21e8d1dfd42df56cc8735d1ee10fb9be30011cda
dd6efff99e6df285f037e4fde9f732373014f3bae661567e9617b554e631ea1a
de7099b604e8e1ad026aa176b5a7847deeeb880b19688efba0adbdbdae13c162
df730591062fdb5330502f665810899910d2af295c63df6b51addf7409c7e1ad
e53a8641b8deaa3a869f271e957c00d520f792edeabe5c9ceb0a69534bb38361
e6d2ff6f6f57d1c3d4858561fa47f996a0e3c2df55c618bd4c18757627c38cae
e9da9c57c86b62ad4a3161f6cd506881186e1102ef3d9666a67404f5b9680472
ea63667040e04c8b26b15a0205e2e697630ae32f8f319d20710333449a8dcdca
eddcb261890a30acb269172416571ee0c6136d4902e078a1cc0e9e5f51fa997a
ef9880ae811ae7aec1e4c2d84ff89c7df2e7d0c17a6964d5005698bf8cf3c3b4
f0e61da538c1bb70cce72345e213662dc79c439a21dc9d605758df71cc6043e8
f2bb35f684d751f8aa2101d23d172e8b84aed84a79f35e18f79f7efe8633b3c5
f3a635fa5aef8ffe7d02ed57520a8c1bbc218153c82587e020f42076605673fc
f3b8fe6416604885502028363c076eaf8bc9c603f72dfa9ccac1f99a4e88b617
f4622087c178abd6900da13f7ee1f865bf25e4b1604d9799ef15aea6b96c97bf
f5b719f6445eaba36c7bd1fde6e44d3e46ad8e1bc1b0a037f4b74d6cf32c5ab3
f835fdb96443a160a95f1267419115c41f1282e726c5b4d8bc47a2c4a4140735
f9e633b9a8adb873e40bf75283e1332f04621b4a9b88fe7192b560337aa9c6dd
fae12be06290058640c05d6e9183d01f6a9f24a316bfb01218f205133ab7f1f2
fb65c83da3c49222590ec392de86009d1d30ed99167d64f55b84c623f830eb57
fcaac1655e708c9a25d93b64208dd9548d1e0d4a19bf6378e163a70ce6a10bd1
fd9826e5a64e75114ec9c3e45d71e559c7bae26338dee5bd9d948e6a73014cc9
ffc3e50072356cad82299b2f146e9870248e880c8cef86775343f6840aa5a368