urlscan.io logo urlscan.io
SecurityTrails logo

betwingg.com Open in urlscan Pro
188.114.97.3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://news-bcetudi.live/tds?id=1276392189&p1=sub1&p2=sub2&p3=sub3&p4=sub4
Effective URL: https://betwingg.com/?s=60&ref=gg_w227438c257000l8366p179_1276392189&encoded_url=Y2FzaW5vIyEvYXV0aC9yZWdpc3Rlcj9wb3B1...
Submission: On December 07 via api from US — Scanned from NO
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 6 countries across 16 domains to perform 36 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is betwingg.com.
TLS certificate: Issued by WE1 on October 10th 2024. Valid for: 3 months.
This is the only time betwingg.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 65.109.24.247 24940 (HETZNER-A...)
1 14 136.243.42.50 24940 (HETZNER-A...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a01:4f8:1c1e... 24940 (HETZNER-A...)
1 178.63.48.167 24940 (HETZNER-A...)
1 1 2a01:4f8:151:... 24940 (HETZNER-A...)
1 1 172.67.168.186 13335 (CLOUDFLAR...)
3 188.114.97.3 13335 (CLOUDFLAR...)
2 2a05:7880:5a8... 209242 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a07:180::261 209242 (CLOUDFLAR...)
2 2a07:180::231 209242 (CLOUDFLAR...)
2 2a07:180::588 209242 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a02:6ea0:c70... 60068 (CDN77 Dat...)
1 23.109.27.100 7979 (SERVERS-COM)
1 2a05:7880:328... 209242 (CLOUDFLAR...)
1 2001:4860:480... 15169 (GOOGLE)
36 16
1    65.109.24.247 (Helsinki, Finland)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.247.24.109.65.clients.your-server.de
news-bcetudi.live
14    136.243.42.50 (Berlin, Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.50.42.243.136.clients.your-server.de
3ca505141e.news-bboyota.xyz
1    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a01:4f8:1c1e:e2b3::1 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
show.partners-show.com
1    178.63.48.167 (Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: push-house-cdn-182.t.push.house
img.cdn.house
1    2a01:4f8:151:90ea::2 (Ehingen, Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
phgop1.com
1    172.67.168.186 (United States)

ASN13335 (CLOUDFLARENET, US)
ggbetpro.com
3    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
betwingg.com
2    2a05:7880:5a8:3b5b:fbb4:6b67:f368:4cae (Cyprus)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US)
sat.tureblechu.net
2    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a07:180::261 (Belize)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US)
gg254.bet
2    2a07:180::231 (Belize)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US)
gg253.bet
2    2a07:180::588 (Belize)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US)
gg265.bet
2    2a00:1450:4001:81d::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a02:6ea0:c700::21 (Frankfurt am Main, Germany)

ASN60068 (CDN77 Datacamp Limited, GB)
a.exoclick.com
1    23.109.27.100 (Netherlands)

ASN7979 (SERVERS-COM, US)
p.tureblechu.net
1    2a05:7880:328:c667:efff:fa09:4c24:22f (Cyprus)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US)
sat.crwds.net
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
Apex Domain
Subdomains		 Transfer
14 news-bboyota.xyz
3ca505141e.news-bboyota.xyz
273 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
region1.google-analytics.com — Cisco Umbrella Rank: 3353
22 KB
3 tureblechu.net
sat.tureblechu.net
p.tureblechu.net
43 KB
3 betwingg.com
betwingg.com
69 KB
2 gg265.bet
gg265.bet
813 B
2 gg253.bet
gg253.bet
810 B
2 gg254.bet
gg254.bet
809 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
179 KB
1 crwds.net
sat.crwds.net
676 B
1 exoclick.com
a.exoclick.com — Cisco Umbrella Rank: 107472
904 B
1 ggbetpro.com
ggbetpro.com
844 B
1 phgop1.com
phgop1.com — Cisco Umbrella Rank: 339289
273 B
1 cdn.house
img.cdn.house — Cisco Umbrella Rank: 11156
3 KB
1 partners-show.com
show.partners-show.com — Cisco Umbrella Rank: 26775
922 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
1 KB
1 news-bcetudi.live
news-bcetudi.live
180 B
36 16
Domain Requested by
14 3ca505141e.news-bboyota.xyz 1 redirects 3ca505141e.news-bboyota.xyz
3 betwingg.com 3ca505141e.news-bboyota.xyz
betwingg.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 gg265.bet betwingg.com
2 gg253.bet betwingg.com
2 gg254.bet betwingg.com
2 www.googletagmanager.com betwingg.com
www.google-analytics.com
2 sat.tureblechu.net betwingg.com
sat.tureblechu.net
1 region1.google-analytics.com www.googletagmanager.com
1 sat.crwds.net betwingg.com
1 p.tureblechu.net betwingg.com
1 a.exoclick.com www.googletagmanager.com
1 ggbetpro.com 1 redirects
1 phgop1.com 1 redirects
1 img.cdn.house
1 show.partners-show.com 3ca505141e.news-bboyota.xyz
1 fonts.googleapis.com client
1 news-bcetudi.live 1 redirects
36 18

This site contains no links.

Subject Issuer Validity Valid
*.news-bboyota.xyz
E6		 2024-12-05 -
2025-03-05		 3 months crt.sh
upload.video.google.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
show.partners-show.com
E6		 2024-09-13 -
2024-12-12		 3 months crt.sh
img.cdn.house
E6		 2024-09-13 -
2024-12-12		 3 months crt.sh
betwingg.com
WE1		 2024-10-10 -
2025-01-08		 3 months crt.sh
sat.tureblechu.net
WE1		 2024-10-21 -
2025-01-19		 3 months crt.sh
*.google-analytics.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
gg254.bet
E5		 2024-11-02 -
2025-01-31		 3 months crt.sh
gg253.bet
E6		 2024-11-01 -
2025-01-30		 3 months crt.sh
gg265.bet
E6		 2024-11-01 -
2025-01-30		 3 months crt.sh
exoclick.com
E6		 2024-10-06 -
2025-01-04		 3 months crt.sh
p.rokeente.net
R10		 2024-11-26 -
2025-02-24		 3 months crt.sh
sat.crwds.net
WE1		 2024-11-28 -
2025-02-26		 3 months crt.sh

This page contains 1 frames:

Frame: https://gg254.bet/en/casino?sub_id=1276392189&ref=gg_w227438c257000l8366p179_1276392189&affdata%5Bsubdata%5D=9ec51efe485e30c07115d593e6cbba0b&affdata%5Bclick_id%5D=cf176116-b027-4d15-a34f-328aef2f7aa5&affdata%5Bsub_id_2%5D=0.0006&affdata%5Bsub_id_3%5D=Unknown&affdata%5Brotator%5D=257000&affdata%5Blanding%5D=8366&affdata%5Bsub_id%5D=1276392189&affdata%5Bsrc%5D=M2NhNTA1MTQxZS5uZXdzLWJib3lvdGEueHl6
Frame ID: F9D07E2D81BD83F1FEA553C265A93F5F
Requests: 37 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

GG.BET Loading...

Page URL History Show full URLs

  1. https://news-bcetudi.live/tds?id=1276392189&p1=sub1&p2=sub2&p3=sub3&p4=sub4 HTTP 302
    https://3ca505141e.news-bboyota.xyz/?id=1276392189&p1=sub1&p2=sub2&p3=sub3&p4=sub4&traceId=584d1acd-10b9-41fe-a0... Page URL
  2. https://3ca505141e.news-bboyota.xyz/tb?i=0&id=1276392189&land=69&monetization=partners&p1=&p2=&p3=&p4=&traceId=5... HTTP 302
    https://phgop1.com/t/l8nIOJOjh0V30EXRyhgZAIRD-uszBAyY8FZYjjMNYmiPr5JnIAGhTK4Yi3py1mc5Er1gSFdEs_... HTTP 302
    https://ggbetpro.com/l/6750295d89447e069d078e79?sub_id=1276392189&sub_id_2=0.0006&sub_id_3=Unknow... HTTP 302
    https://betwingg.com/?s=60&ref=gg_w227438c257000l8366p179_1276392189&encoded_url=Y2FzaW5vIyEvYXV0... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

36
Requests

97 %
HTTPS

67 %
IPv6

16
Domains

18
Subdomains

16
IPs

6
Countries

594 kB
Transfer

1179 kB
Size

19
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://news-bcetudi.live/tds?id=1276392189&p1=sub1&p2=sub2&p3=sub3&p4=sub4 HTTP 302
    https://3ca505141e.news-bboyota.xyz/?id=1276392189&p1=sub1&p2=sub2&p3=sub3&p4=sub4&traceId=584d1acd-10b9-41fe-a0d4-6ac99f9385ce Page URL
  2. https://3ca505141e.news-bboyota.xyz/tb?i=0&id=1276392189&land=69&monetization=partners&p1=&p2=&p3=&p4=&traceId=584d1acd-10b9-41fe-a0d4-6ac99f9385ce&type=reject&fingerprint=9d8144257dfbc1a3c872da58f1642df8 HTTP 302
    https://phgop1.com/t/l8nIOJOjh0V30EXRyhgZAIRD-uszBAyY8FZYjjMNYmiPr5JnIAGhTK4Yi3py1mc5Er1gSFdEs_SHBi2235Mwh-Lcr3hIWDnFarsRlH6j0MsrdaBU131VUzCXOEWDUP48NWQc955ICO8X5P1h-d53msdBOg3aAzPyLdo4BKS8IGMAPk1qEYUcPGIS1z_a6-FQXPqDO-Qp4lkMlzkm7E5V29ZqCY-Eyp6y2p2Jbh9jmlHFAKswgYfC-oIGEL8VrFa5DbUUwY0B6SAW35dLcjHbbFvQLoLoE_oYrq5SOcFkVP9jnqpiCg6H0oRlr4L_orUwxjmHio5ttIj6BQzNW-0Up7zW_iYCPIv7dWdh1VCQPQUx4r_G-ek9Kol9bPCO21Wp4QzFXGzGV_HWp_R8MYo33K-K HTTP 302
    https://ggbetpro.com/l/6750295d89447e069d078e79?sub_id=1276392189&sub_id_2=0.0006&sub_id_3=Unknown&click_id=cf176116-b027-4d15-a34f-328aef2f7aa5 HTTP 302
    https://betwingg.com/?s=60&ref=gg_w227438c257000l8366p179_1276392189&encoded_url=Y2FzaW5vIyEvYXV0aC9yZWdpc3Rlcj9wb3B1cA==&click_id=cf176116-b027-4d15-a34f-328aef2f7aa5&sub_id=1276392189&sub_id_2=0.0006&sub_id_3=Unknown Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://news-bcetudi.live/tds?id=1276392189&p1=sub1&p2=sub2&p3=sub3&p4=sub4 HTTP 302
  • https://3ca505141e.news-bboyota.xyz/?id=1276392189&p1=sub1&p2=sub2&p3=sub3&p4=sub4&traceId=584d1acd-10b9-41fe-a0d4-6ac99f9385ce
Request Chain 35
  • https://betwingg.com/away.php?visitorId=67545b55135c6cbd5e06cd46&duration=1&reason=success_ping&to=aHR0cHM6Ly9nZzI1NC5iZXQvY2FzaW5vP3N1Yl9pZD0xMjc2MzkyMTg5JnJlZj1nZ193MjI3NDM4YzI1NzAwMGw4MzY2cDE3OV8xMjc2MzkyMTg5JmFmZmRhdGElNUJzdWJkYXRhJTVEPTllYzUxZWZlNDg1ZTMwYzA3MTE1ZDU5M2U2Y2JiYTBiJmFmZmRhdGElNUJjbGlja19pZCU1RD1jZjE3NjExNi1iMDI3LTRkMTUtYTM0Zi0zMjhhZWYyZjdhYTUmYWZmZGF0YSU1QnN1Yl9pZF8yJTVEPTAuMDAwNiZhZmZkYXRhJTVCc3ViX2lkXzMlNUQ9VW5rbm93biZhZmZkYXRhJTVCcm90YXRvciU1RD0yNTcwMDAmYWZmZGF0YSU1QmxhbmRpbmclNUQ9ODM2NiZhZmZkYXRhJTVCc3ViX2lkJTVEPTEyNzYzOTIxODkmYWZmZGF0YSU1QnNyYyU1RD1NMk5oTlRBMU1UUXhaUzV1WlhkekxXSmliM2x2ZEdFdWVIbDYjIS9hdXRoL3JlZ2lzdGVyP3BvcHVw HTTP 302
  • https://gg254.bet/casino?sub_id=1276392189&ref=gg_w227438c257000l8366p179_1276392189&affdata%5Bsubdata%5D=9ec51efe485e30c07115d593e6cbba0b&affdata%5Bclick_id%5D=cf176116-b027-4d15-a34f-328aef2f7aa5&affdata%5Bsub_id_2%5D=0.0006&affdata%5Bsub_id_3%5D=Unknown&affdata%5Brotator%5D=257000&affdata%5Blanding%5D=8366&affdata%5Bsub_id%5D=1276392189&affdata%5Bsrc%5D=M2NhNTA1MTQxZS5uZXdzLWJib3lvdGEueHl6 HTTP 302
  • https://gg254.bet/en/casino?sub_id=1276392189&ref=gg_w227438c257000l8366p179_1276392189&affdata%5Bsubdata%5D=9ec51efe485e30c07115d593e6cbba0b&affdata%5Bclick_id%5D=cf176116-b027-4d15-a34f-328aef2f7aa5&affdata%5Bsub_id_2%5D=0.0006&affdata%5Bsub_id_3%5D=Unknown&affdata%5Brotator%5D=257000&affdata%5Blanding%5D=8366&affdata%5Bsub_id%5D=1276392189&affdata%5Bsrc%5D=M2NhNTA1MTQxZS5uZXdzLWJib3lvdGEueHl6

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
3ca505141e.news-bboyota.xyz/
Redirect Chain
  • https://news-bcetudi.live/tds?id=1276392189&p1=sub1&p2=sub2&p3=sub3&p4=sub4
  • https://3ca505141e.news-bboyota.xyz/?id=1276392189&p1=sub1&p2=sub2&p3=sub3&p4=sub4&traceId=584d1acd-10b9-41fe-a0d4-6ac99f9385ce
18 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3ca505141e.news-bboyota.xyz/?id=1276392189&p1=sub1&p2=sub2&p3=sub3&p4=sub4&traceId=584d1acd-10b9-41fe-a0d4-6ac99f9385ce
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
136.243.42.50 Berlin, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.50.42.243.136.clients.your-server.de
Software
nginx /
Resource Hash
f195b06221f98d29d7a2709af78e73f6304dfd4fe98517c5c1fc7e29c8e86834
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 14; Pixel 7 Pro) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Mobile Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Wow64, Sec-CH-UA-Bitness, Sec-CH-UA-Model
content-type
text/html; charset=UTF-8
date
Sat, 07 Dec 2024 14:27:32 GMT
server
nginx
vary
Origin
x-frame-options
DENY

Redirect headers

content-length
0
date
Sat, 07 Dec 2024 14:27:31 GMT
location
https://3ca505141e.news-bboyota.xyz/?id=1276392189&p1=sub1&p2=sub2&p3=sub3&p4=sub4&traceId=584d1acd-10b9-41fe-a0d4-6ac99f9385ce
server
nginx
vary
Origin
x-frame-options
DENY
revopush_v2.js
3ca505141e.news-bboyota.xyz/ 		50 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://3ca505141e.news-bboyota.xyz/revopush_v2.js
Requested by
Host: 3ca505141e.news-bboyota.xyz
URL: https://3ca505141e.news-bboyota.xyz/?id=1276392189&p1=sub1&p2=sub2&p3=sub3&p4=sub4&traceId=584d1acd-10b9-41fe-a0d4-6ac99f9385ce
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
136.243.42.50 Berlin, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.50.42.243.136.clients.your-server.de
Software
nginx /
Resource Hash
31ca1eb6d5eb8ea01651c7bba788a5bcf7e8962298b19ad2f0cfa859cea17ef0

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 14; Pixel 7 Pro) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Mobile Safari/537.36
Referer
https://3ca505141e.news-bboyota.xyz/?id=1276392189&p1=sub1&p2=sub2&p3=sub3&p4=sub4&traceId=584d1acd-10b9-41fe-a0d4-6ac99f9385ce

Response headers

content-encoding
gzip
etag
"6731f76d-50db"
accept-ranges
bytes
content-length
20699
date
Sat, 07 Dec 2024 14:27:32 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 11 Nov 2024 12:24:13 GMT
server
nginx
process.js
3ca505141e.news-bboyota.xyz/ 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://3ca505141e.news-bboyota.xyz/process.js?id=1276392189&p1=&p2=&p3=&p4=&traceId=584d1acd-10b9-41fe-a0d4-6ac99f9385ce
Requested by
Host: 3ca505141e.news-bboyota.xyz
URL: https://3ca505141e.news-bboyota.xyz/?id=1276392189&p1=sub1&p2=sub2&p3=sub3&p4=sub4&traceId=584d1acd-10b9-41fe-a0d4-6ac99f9385ce
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
136.243.42.50 Berlin, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.50.42.243.136.clients.your-server.de
Software
nginx /
Resource Hash
0b19ed59798eb27f7d790425f7c964d6c927887892cf296597e5ac8aa472d984

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 14; Pixel 7 Pro) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Mobile Safari/537.36
Referer
https://3ca505141e.news-bboyota.xyz/?id=1276392189&p1=sub1&p2=sub2&p3=sub3&p4=sub4&traceId=584d1acd-10b9-41fe-a0d4-6ac99f9385ce

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Wow64, Sec-CH-UA-Bitness, Sec-CH-UA-Model
pragma
no-cache
expires
0
date
Sat, 07 Dec 2024 14:27:32 GMT
content-type
application/javascript; charset=utf-8
vary
Origin, Accept-Encoding
server
nginx
player-thumb.jpg
3ca505141e.news-bboyota.xyz/lands/69/images/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://3ca505141e.news-bboyota.xyz/lands/69/images/player-thumb.jpg
Requested by
Host: 3ca505141e.news-bboyota.xyz
URL: https://3ca505141e.news-bboyota.xyz/?id=1276392189&p1=sub1&p2=sub2&p3=sub3&p4=sub4&traceId=584d1acd-10b9-41fe-a0d4-6ac99f9385ce
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
136.243.42.50 Berlin, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.50.42.243.136.clients.your-server.de
Software
nginx /
Resource Hash
daf727b1620ccf22720e3d7bf38a695b265aabeb72bc34958f816ea5e3b70b72

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 14; Pixel 7 Pro) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Mobile Safari/537.36
Referer
https://3ca505141e.news-bboyota.xyz/?id=1276392189&p1=sub1&p2=sub2&p3=sub3&p4=sub4&traceId=584d1acd-10b9-41fe-a0d4-6ac99f9385ce

Response headers

accept-ranges
bytes
content-length
39152
date
Sat, 07 Dec 2024 14:27:32 GMT
etag
"6731f76d-98f0"
content-type
image/jpeg
last-modified
Mon, 11 Nov 2024 12:24:13 GMT
server
nginx
thumb-1.jpg
3ca505141e.news-bboyota.xyz/lands/69/images/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://3ca505141e.news-bboyota.xyz/lands/69/images/thumb-1.jpg
Requested by
Host: 3ca505141e.news-bboyota.xyz
URL: https://3ca505141e.news-bboyota.xyz/?id=1276392189&p1=sub1&p2=sub2&p3=sub3&p4=sub4&traceId=584d1acd-10b9-41fe-a0d4-6ac99f9385ce
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
136.243.42.50 Berlin, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.50.42.243.136.clients.your-server.de
Software
nginx /
Resource Hash
41907d209f53001bd32b64d0aabca1cb636949e7c60cdb5cf82aa07088ab31c9

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 14; Pixel 7 Pro) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Mobile Safari/537.36
Referer
https://3ca505141e.news-bboyota.xyz/?id=1276392189&p1=sub1&p2=sub2&p3=sub3&p4=sub4&traceId=584d1acd-10b9-41fe-a0d4-6ac99f9385ce

Response headers

accept-ranges
bytes
content-length
32976
date
Sat, 07 Dec 2024 14:27:32 GMT
etag
"6731f76d-80d0"
content-type
image/jpeg
last-modified
Mon, 11 Nov 2024 12:24:13 GMT
server
nginx
thumb-2.jpg
3ca505141e.news-bboyota.xyz/lands/69/images/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://3ca505141e.news-bboyota.xyz/lands/69/images/thumb-2.jpg
Requested by
Host: 3ca505141e.news-bboyota.xyz
URL: https://3ca505141e.news-bboyota.xyz/?id=1276392189&p1=sub1&p2=sub2&p3=sub3&p4=sub4&traceId=584d1acd-10b9-41fe-a0d4-6ac99f9385ce
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
136.243.42.50 Berlin, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.50.42.243.136.clients.your-server.de
Software
nginx /
Resource Hash
84eb7ffdba157052641b94395f1479fdd50633d9e4d70e4a5615b73d5664abfc

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 14; Pixel 7 Pro) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Mobile Safari/537.36
Referer
https://3ca505141e.news-bboyota.xyz/?id=1276392189&p1=sub1&p2=sub2&p3=sub3&p4=sub4&traceId=584d1acd-10b9-41fe-a0d4-6ac99f9385ce

Response headers

accept-ranges
bytes
content-length
33216
date
Sat, 07 Dec 2024 14:27:32 GMT
etag
"6731f76d-81c0"
content-type
image/jpeg
last-modified
Mon, 11 Nov 2024 12:24:13 GMT
server
nginx
thumb-3.jpg
3ca505141e.news-bboyota.xyz/lands/69/images/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://3ca505141e.news-bboyota.xyz/lands/69/images/thumb-3.jpg
Requested by
Host: 3ca505141e.news-bboyota.xyz
URL: https://3ca505141e.news-bboyota.xyz/?id=1276392189&p1=sub1&p2=sub2&p3=sub3&p4=sub4&traceId=584d1acd-10b9-41fe-a0d4-6ac99f9385ce
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
136.243.42.50 Berlin, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.50.42.243.136.clients.your-server.de
Software
nginx /
Resource Hash
38d5a64a97cd328cd4da4a0fd764f6c749e7420f891c394d82c4178465125666

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 14; Pixel 7 Pro) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Mobile Safari/537.36
Referer
https://3ca505141e.news-bboyota.xyz/?id=1276392189&p1=sub1&p2=sub2&p3=sub3&p4=sub4&traceId=584d1acd-10b9-41fe-a0d4-6ac99f9385ce

Response headers

accept-ranges
bytes
content-length
23832
date
Sat, 07 Dec 2024 14:27:32 GMT
etag
"6731f76d-5d18"
content-type
image/jpeg
last-modified
Mon, 11 Nov 2024 12:24:13 GMT
server
nginx
thumb-4.jpg
3ca505141e.news-bboyota.xyz/lands/69/images/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://3ca505141e.news-bboyota.xyz/lands/69/images/thumb-4.jpg
Requested by
Host: 3ca505141e.news-bboyota.xyz
URL: https://3ca505141e.news-bboyota.xyz/?id=1276392189&p1=sub1&p2=sub2&p3=sub3&p4=sub4&traceId=584d1acd-10b9-41fe-a0d4-6ac99f9385ce
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
136.243.42.50 Berlin, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.50.42.243.136.clients.your-server.de
Software
nginx /
Resource Hash
bb0626ab5f6d196263be8ec8561f0f0daede3da576d3786d87bdac90843361e9

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 14; Pixel 7 Pro) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Mobile Safari/537.36
Referer
https://3ca505141e.news-bboyota.xyz/?id=1276392189&p1=sub1&p2=sub2&p3=sub3&p4=sub4&traceId=584d1acd-10b9-41fe-a0d4-6ac99f9385ce

Response headers

accept-ranges
bytes
content-length
27442
date
Sat, 07 Dec 2024 14:27:32 GMT
etag
"6731f76d-6b32"
content-type
image/jpeg
last-modified
Mon, 11 Nov 2024 12:24:13 GMT
server
nginx
thumb-5.jpg
3ca505141e.news-bboyota.xyz/lands/69/images/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://3ca505141e.news-bboyota.xyz/lands/69/images/thumb-5.jpg
Requested by
Host: 3ca505141e.news-bboyota.xyz
URL: https://3ca505141e.news-bboyota.xyz/?id=1276392189&p1=sub1&p2=sub2&p3=sub3&p4=sub4&traceId=584d1acd-10b9-41fe-a0d4-6ac99f9385ce
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
136.243.42.50 Berlin, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.50.42.243.136.clients.your-server.de
Software
nginx /
Resource Hash
4da6be00ec27e3c55c7958009712d25d87b46b308a1a8386b9abd336ec6f6132

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 14; Pixel 7 Pro) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Mobile Safari/537.36
Referer
https://3ca505141e.news-bboyota.xyz/?id=1276392189&p1=sub1&p2=sub2&p3=sub3&p4=sub4&traceId=584d1acd-10b9-41fe-a0d4-6ac99f9385ce

Response headers

accept-ranges
bytes
content-length
28706
date
Sat, 07 Dec 2024 14:27:32 GMT
etag
"6731f76d-7022"
content-type
image/jpeg
last-modified
Mon, 11 Nov 2024 12:24:13 GMT
server
nginx
thumb-6.jpg
3ca505141e.news-bboyota.xyz/lands/69/images/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://3ca505141e.news-bboyota.xyz/lands/69/images/thumb-6.jpg
Requested by
Host: 3ca505141e.news-bboyota.xyz
URL: https://3ca505141e.news-bboyota.xyz/?id=1276392189&p1=sub1&p2=sub2&p3=sub3&p4=sub4&traceId=584d1acd-10b9-41fe-a0d4-6ac99f9385ce
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
136.243.42.50 Berlin, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.50.42.243.136.clients.your-server.de
Software
nginx /
Resource Hash
61c0c9f12b55edb2db34e18d3eeb0acc658a58686a8f8fc7836d76bdfd52b645

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 14; Pixel 7 Pro) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Mobile Safari/537.36
Referer
https://3ca505141e.news-bboyota.xyz/?id=1276392189&p1=sub1&p2=sub2&p3=sub3&p4=sub4&traceId=584d1acd-10b9-41fe-a0d4-6ac99f9385ce

Response headers

accept-ranges
bytes
content-length
29149
date
Sat, 07 Dec 2024 14:27:32 GMT
etag
"6731f76d-71dd"
content-type
image/jpeg
last-modified
Mon, 11 Nov 2024 12:24:13 GMT
server
nginx
landsw_v2.js
3ca505141e.news-bboyota.xyz/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://3ca505141e.news-bboyota.xyz/landsw_v2.js
Requested by
Host: 3ca505141e.news-bboyota.xyz
URL: https://3ca505141e.news-bboyota.xyz/?id=1276392189&p1=sub1&p2=sub2&p3=sub3&p4=sub4&traceId=584d1acd-10b9-41fe-a0d4-6ac99f9385ce
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
136.243.42.50 Berlin, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.50.42.243.136.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 14; Pixel 7 Pro) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Mobile Safari/537.36
Referer
https://3ca505141e.news-bboyota.xyz/?id=1276392189&p1=sub1&p2=sub2&p3=sub3&p4=sub4&traceId=584d1acd-10b9-41fe-a0d4-6ac99f9385ce

Response headers

content-encoding
gzip
etag
"6731f76d-1611"
accept-ranges
bytes
content-length
5649
date
Sat, 07 Dec 2024 14:27:32 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 11 Nov 2024 12:24:13 GMT
server
nginx
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7482cf4d44518772564144cead954c6bce6aeb83c6339205100bc718145228c6

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 14; Pixel 7 Pro) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Mobile Safari/537.36
Referer

Response headers

Content-Type
image/png
314.js
3ca505141e.news-bboyota.xyz/ 		96 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://3ca505141e.news-bboyota.xyz/314.js
Requested by
Host: 3ca505141e.news-bboyota.xyz
URL: https://3ca505141e.news-bboyota.xyz/process.js?id=1276392189&p1=&p2=&p3=&p4=&traceId=584d1acd-10b9-41fe-a0d4-6ac99f9385ce
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
136.243.42.50 Berlin, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.50.42.243.136.clients.your-server.de
Software
nginx /
Resource Hash
d762aa1611d13a88f8bc48a0910674afcffec4cab08121611ab6aa19a9771d59

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 14; Pixel 7 Pro) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Mobile Safari/537.36
Referer
https://3ca505141e.news-bboyota.xyz/?id=1276392189&p1=sub1&p2=sub2&p3=sub3&p4=sub4&traceId=584d1acd-10b9-41fe-a0d4-6ac99f9385ce

Response headers

content-encoding
gzip
etag
"6731f76d-2e5f"
accept-ranges
bytes
content-length
11871
date
Sat, 07 Dec 2024 14:27:32 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 11 Nov 2024 12:24:13 GMT
server
nginx
css2
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;600;700&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5734292a05c1b34d3146edc37159c4e3ae22a28884052b5d70a53c9c0acdfd11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 14; Pixel 7 Pro) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Mobile Safari/537.36
Referer
https://3ca505141e.news-bboyota.xyz/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sat, 07 Dec 2024 14:27:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 07 Dec 2024 14:27:31 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sat, 07 Dec 2024 13:19:06 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
/
show.partners-show.com/api/v1/inpage/show/ 		770 B
922 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://show.partners-show.com/api/v1/inpage/show/?uid=186097&subacc=1276392189&adult=true&traffic=2&traceId=584d1acd-10b9-41fe-a0d4-6ac99f9385ce&limit=1
Requested by
Host: 3ca505141e.news-bboyota.xyz
URL: https://3ca505141e.news-bboyota.xyz/process.js?id=1276392189&p1=&p2=&p3=&p4=&traceId=584d1acd-10b9-41fe-a0d4-6ac99f9385ce
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a01:4f8:1c1e:e2b3::1 Gunzenhausen, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
f00c28176ae9dcc8111ff1caf3057fb656f4bdb36f2221d52636a0ca8d86c9c9

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 14; Pixel 7 Pro) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Mobile Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://3ca505141e.news-bboyota.xyz/

Response headers

Transfer-Encoding
chunked
Content-Encoding
gzip
Connection
close
Access-Control-Allow-Origin
https://3ca505141e.news-bboyota.xyz
Date
Sat, 07 Dec 2024 14:27:31 GMT
Content-Type
application/json
Vary
Origin
Server
nginx
favicon.ico
3ca505141e.news-bboyota.xyz/ 		548 B
622 B 		Other
General
Check archive.org
Download Go to
Full URL
https://3ca505141e.news-bboyota.xyz/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
136.243.42.50 Berlin, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.50.42.243.136.clients.your-server.de
Software
nginx /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 14; Pixel 7 Pro) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Mobile Safari/537.36
Referer
https://3ca505141e.news-bboyota.xyz/?id=1276392189&p1=sub1&p2=sub2&p3=sub3&p4=sub4&traceId=584d1acd-10b9-41fe-a0d4-6ac99f9385ce

Response headers

content-length
548
date
Sat, 07 Dec 2024 14:27:33 GMT
content-type
text/html; charset=utf-8
server
nginx
_xSmEHy9Koavd2a5rS3UDCkbtyjzFuO8TsVfCrGEw-RCVefgBlkfYH1TIlfv2ho5S7e7hCgAooMqplDhnHthnz6jMoz7mZqmxxOWU5N7NK7MQzlWX4-20XoDCAlQYevFfc6PbwnYmyUx4aFAQn2nYawoU3JycPKM9SkEpTzWD3dMlHmJl0q73HPDUSOTi-UfwiuSH...
img.cdn.house/i/1/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.cdn.house/i/1/_xSmEHy9Koavd2a5rS3UDCkbtyjzFuO8TsVfCrGEw-RCVefgBlkfYH1TIlfv2ho5S7e7hCgAooMqplDhnHthnz6jMoz7mZqmxxOWU5N7NK7MQzlWX4-20XoDCAlQYevFfc6PbwnYmyUx4aFAQn2nYawoU3JycPKM9SkEpTzWD3dMlHmJl0q73HPDUSOTi-UfwiuSHYSGQKJA7nOlNJzYE0sYcQzCWGvIiEfTVNU=?inpage.template=retro_main
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.63.48.167 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
push-house-cdn-182.t.push.house
Software
nginx /
Resource Hash
3164a3b34bdffdb6bca91cda051b4368a6ac9f7e8ba418b5278997e8d956604b

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 14; Pixel 7 Pro) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Mobile Safari/537.36
Referer
https://3ca505141e.news-bboyota.xyz/

Response headers

accept-ranges
bytes
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
3350
date
Sat, 07 Dec 2024 14:27:31 GMT
content-type
image/webp
last-modified
Tue, 23 Jan 2024 05:19:03 GMT
server
nginx
Primary Request /
betwingg.com/
Redirect Chain
  • https://3ca505141e.news-bboyota.xyz/tb?i=0&id=1276392189&land=69&monetization=partners&p1=&p2=&p3=&p4=&traceId=584d1acd-10b9-41fe-a0d4-6ac99f9385ce&type=reject&fingerprint=9d8144257dfbc1a3c872da58f...
  • https://phgop1.com/t/l8nIOJOjh0V30EXRyhgZAIRD-uszBAyY8FZYjjMNYmiPr5JnIAGhTK4Yi3py1mc5Er1gSFdEs_SHBi2235Mwh-Lcr3hIWDnFarsRlH6j0MsrdaBU131VUzCXOEWDUP48NWQc955ICO8X5P1h-d53msdBOg3aAzPyLdo4BKS8IGMAPk1q...
  • https://ggbetpro.com/l/6750295d89447e069d078e79?sub_id=1276392189&sub_id_2=0.0006&sub_id_3=Unknown&click_id=cf176116-b027-4d15-a34f-328aef2f7aa5
  • https://betwingg.com/?s=60&ref=gg_w227438c257000l8366p179_1276392189&encoded_url=Y2FzaW5vIyEvYXV0aC9yZWdpc3Rlcj9wb3B1cA==&click_id=cf176116-b027-4d15-a34f-328aef2f7aa5&sub_id=1276392189&sub_id_2=0....
15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://betwingg.com/?s=60&ref=gg_w227438c257000l8366p179_1276392189&encoded_url=Y2FzaW5vIyEvYXV0aC9yZWdpc3Rlcj9wb3B1cA==&click_id=cf176116-b027-4d15-a34f-328aef2f7aa5&sub_id=1276392189&sub_id_2=0.0006&sub_id_3=Unknown
Requested by
Host: 3ca505141e.news-bboyota.xyz
URL: https://3ca505141e.news-bboyota.xyz/revopush_v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fd8c172d575c5d30f0525f905b2ffe26d7eda0c295cdd10db9c84ce0ce85dab
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains;
X-Xss-Protection 1; mode=block

Request headers

Referer
https://3ca505141e.news-bboyota.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 14; Pixel 7 Pro) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Mobile Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8ee532749a1856ae-OSL
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Sat, 07 Dec 2024 14:27:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZtiNYV8wFWiSYSPVzH3ncDOpJrNoy3C%2BUAmWgK%2BzeDOfsFUtGVtslIR93ouBhj4hSJey9O5OIvxofh8p1WFZ%2B%2BZHD89xLtVyz9mnEKHZy%2FUNeRP4az3DvNa8BstCfRs%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=29429&min_rtt=28604&rtt_var=5769&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4245&recv_bytes=4663&delivery_rate=517&cwnd=12000&unsent_bytes=0&cid=688e920d8ad55bb0&ts=135&x=1" cfExtPri cfHdrFlush;dur=0
strict-transport-security
max-age=300; includeSubDomains;
vary
accept-encoding
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8ee532736aa4b4eb-OSL
content-type
text/html; charset=UTF-8
date
Sat, 07 Dec 2024 14:27:33 GMT
location
https://betwingg.com/?s=60&ref=gg_w227438c257000l8366p179_1276392189&encoded_url=Y2FzaW5vIyEvYXV0aC9yZWdpc3Rlcj9wb3B1cA==&click_id=cf176116-b027-4d15-a34f-328aef2f7aa5&sub_id=1276392189&sub_id_2=0.0006&sub_id_3=Unknown
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H%2F%2Bfd%2B5AyVDQvtwXR63bYFBchsZRG6sStlZ0qE%2Br2QtPOt6AxTrL8Up3H4ToIPpCrrnSlcMgkgCO9IiK08kFnn21UYDsivfN6hMSVL0m2sa%2FNpf4cUnkYnux%2FhSX%2FNs%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=28805&min_rtt=27978&rtt_var=5053&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4216&recv_bytes=4605&delivery_rate=527&cwnd=12000&unsent_bytes=0&cid=c3a723c47e052559&ts=157&x=1" cfExtPri cfHdrFlush;dur=0
strict-transport-security
max-age=300; includeSubDomains;
x-xss-protection
1; mode=block
script.min.js
sat.tureblechu.net/gnt908wk0bl6xyll5bj94zafs74gwo53/ 		125 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sat.tureblechu.net/gnt908wk0bl6xyll5bj94zafs74gwo53/script.min.js?sub_1=gg_w227438c257000l8366p179_1276392189&visitorId=67545b55135c6cbd5e06cd46
Requested by
Host: betwingg.com
URL: https://betwingg.com/?s=60&ref=gg_w227438c257000l8366p179_1276392189&encoded_url=Y2FzaW5vIyEvYXV0aC9yZWdpc3Rlcj9wb3B1cA==&click_id=cf176116-b027-4d15-a34f-328aef2f7aa5&sub_id=1276392189&sub_id_2=0.0006&sub_id_3=Unknown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:7880:5a8:3b5b:fbb4:6b67:f368:4cae , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab5311e210de82b25d24bb7e5e075af968b4acde9fc106a25414cf98eecab32d

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 14; Pixel 7 Pro) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Mobile Safari/537.36
Referer
https://betwingg.com/

Response headers

cache-control
must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
content-encoding
gzip
cf-cache-status
MISS
cf-ray
8ee53276082f5f07-ARN
date
Sat, 07 Dec 2024 14:27:33 GMT
content-type
application/javascript
last-modified
Sat, 07 Dec 2024 14:27:33 GMT
vary
Accept-Encoding
server
cloudflare
001.gif
betwingg.com/static/template/60/img/ 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://betwingg.com/static/template/60/img/001.gif
Requested by
Host: betwingg.com
URL: https://betwingg.com/?s=60&ref=gg_w227438c257000l8366p179_1276392189&encoded_url=Y2FzaW5vIyEvYXV0aC9yZWdpc3Rlcj9wb3B1cA==&click_id=cf176116-b027-4d15-a34f-328aef2f7aa5&sub_id=1276392189&sub_id_2=0.0006&sub_id_3=Unknown
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd21f8b1e1c7e57310678f7a68da26bc8a8989774ffe9ae9bbc82e64d6532766
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains;
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 14; Pixel 7 Pro) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Mobile Safari/537.36
Referer
https://betwingg.com/?s=60&ref=gg_w227438c257000l8366p179_1276392189&encoded_url=Y2FzaW5vIyEvYXV0aC9yZWdpc3Rlcj9wb3B1cA==&click_id=cf176116-b027-4d15-a34f-328aef2f7aa5&sub_id=1276392189&sub_id_2=0.0006&sub_id_3=Unknown

Response headers

cf-cache-status
REVALIDATED
etag
"674f1b67-f2fe"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZFptWAfkXHvzPZGQei4vYaN4LW79TQ1dgGoCzswD2cBz43GlxiuOc4m%2B2K0tIdnrG75WElQTxfirCwYiniJz4NvT4JSZz6ptPHr1ZlL6p7cRtwG5GduJWEi84FlJNk8%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=28916&min_rtt=27846&rtt_var=3202&sent=18&recv=14&lost=0&retrans=0&sent_bytes=10296&recv_bytes=5377&delivery_rate=216435&cwnd=12000&unsent_bytes=0&cid=688e920d8ad55bb0&ts=240&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 07 Dec 2024 14:27:33 GMT
content-type
image/gif
last-modified
Tue, 03 Dec 2024 14:53:27 GMT
vary
Accept-Encoding
priority
u=2,i
strict-transport-security
max-age=300; includeSubDomains;
cache-control
public, max-age=1, stale-while-revalidate=60, stale-if-error=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ee532756bc256ae-OSL
accept-ranges
bytes
content-length
62206
x-xss-protection
1; mode=block
server
cloudflare
gtm.js
www.googletagmanager.com/ 		218 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5RMQ4SV
Requested by
Host: betwingg.com
URL: https://betwingg.com/?s=60&ref=gg_w227438c257000l8366p179_1276392189&encoded_url=Y2FzaW5vIyEvYXV0aC9yZWdpc3Rlcj9wb3B1cA==&click_id=cf176116-b027-4d15-a34f-328aef2f7aa5&sub_id=1276392189&sub_id_2=0.0006&sub_id_3=Unknown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f6c27d2e9bc74f24a1e997c180a925094eac52c9dc9346fcaaa93055b38ff6bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 14; Pixel 7 Pro) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Mobile Safari/537.36
Referer
https://betwingg.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Sat, 07 Dec 2024 14:27:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 07 Dec 2024 14:27:33 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Sat, 07 Dec 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
80034
x-xss-protection
0
server
Google Tag Manager
blank_c.gif
gg254.bet/ 		43 B
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gg254.bet/blank_c.gif?173358165
Requested by
Host: betwingg.com
URL: https://betwingg.com/?s=60&ref=gg_w227438c257000l8366p179_1276392189&encoded_url=Y2FzaW5vIyEvYXV0aC9yZWdpc3Rlcj9wb3B1cA==&click_id=cf176116-b027-4d15-a34f-328aef2f7aa5&sub_id=1276392189&sub_id_2=0.0006&sub_id_3=Unknown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:180::261 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 14; Pixel 7 Pro) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Mobile Safari/537.36
Referer
https://betwingg.com/

Response headers

x-request-id
7f24f26d-43e4-4b3f-a92d-837e721e0233
cf-cache-status
HIT
cf-ray
8ee532760adb0a33-ARN
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
43
date
Sat, 07 Dec 2024 14:27:33 GMT
content-type
image/gif
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
DENY
blank_c.gif
gg253.bet/ 		43 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gg253.bet/blank_c.gif?173358165
Requested by
Host: betwingg.com
URL: https://betwingg.com/?s=60&ref=gg_w227438c257000l8366p179_1276392189&encoded_url=Y2FzaW5vIyEvYXV0aC9yZWdpc3Rlcj9wb3B1cA==&click_id=cf176116-b027-4d15-a34f-328aef2f7aa5&sub_id=1276392189&sub_id_2=0.0006&sub_id_3=Unknown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:180::231 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 14; Pixel 7 Pro) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Mobile Safari/537.36
Referer
https://betwingg.com/

Response headers

x-request-id
f6ff9fd0-0be4-4759-861d-b7b50477303a
cf-cache-status
HIT
cf-ray
8ee53276082f5f10-ARN
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
43
date
Sat, 07 Dec 2024 14:27:33 GMT
content-type
image/gif
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
DENY
blank_c.gif
gg265.bet/ 		43 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gg265.bet/blank_c.gif?173358165
Requested by
Host: betwingg.com
URL: https://betwingg.com/?s=60&ref=gg_w227438c257000l8366p179_1276392189&encoded_url=Y2FzaW5vIyEvYXV0aC9yZWdpc3Rlcj9wb3B1cA==&click_id=cf176116-b027-4d15-a34f-328aef2f7aa5&sub_id=1276392189&sub_id_2=0.0006&sub_id_3=Unknown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:180::588 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 14; Pixel 7 Pro) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Mobile Safari/537.36
Referer
https://betwingg.com/

Response headers

x-request-id
4aeb7140-2619-44b1-9717-4936cda87cdc
cf-cache-status
HIT
cf-ray
8ee532760e64f8a4-ARN
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
43
date
Sat, 07 Dec 2024 14:27:33 GMT
content-type
image/gif
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
DENY
blank.gif
gg254.bet/ 		43 B
483 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gg254.bet/blank.gif?173358165
Requested by
Host: betwingg.com
URL: https://betwingg.com/?s=60&ref=gg_w227438c257000l8366p179_1276392189&encoded_url=Y2FzaW5vIyEvYXV0aC9yZWdpc3Rlcj9wb3B1cA==&click_id=cf176116-b027-4d15-a34f-328aef2f7aa5&sub_id=1276392189&sub_id_2=0.0006&sub_id_3=Unknown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:180::261 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 14; Pixel 7 Pro) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Mobile Safari/537.36
Referer
https://betwingg.com/

Response headers

x-request-id
4f087d32-9ec9-4aab-b500-bbbcd94ddf3b
cf-cache-status
HIT
cf-ray
8ee532760ad90a33-ARN
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
43
date
Sat, 07 Dec 2024 14:27:33 GMT
content-type
image/gif
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
DENY
blank.gif
gg253.bet/ 		43 B
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gg253.bet/blank.gif?173358165
Requested by
Host: betwingg.com
URL: https://betwingg.com/?s=60&ref=gg_w227438c257000l8366p179_1276392189&encoded_url=Y2FzaW5vIyEvYXV0aC9yZWdpc3Rlcj9wb3B1cA==&click_id=cf176116-b027-4d15-a34f-328aef2f7aa5&sub_id=1276392189&sub_id_2=0.0006&sub_id_3=Unknown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:180::231 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 14; Pixel 7 Pro) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Mobile Safari/537.36
Referer
https://betwingg.com/

Response headers

x-request-id
ae3ed4f6-2dce-4bfa-abcd-856dbed2c57b
cf-cache-status
HIT
cf-ray
8ee53276082c5f10-ARN
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
43
date
Sat, 07 Dec 2024 14:27:33 GMT
content-type
image/gif
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
DENY
blank.gif
gg265.bet/ 		43 B
483 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gg265.bet/blank.gif?173358165
Requested by
Host: betwingg.com
URL: https://betwingg.com/?s=60&ref=gg_w227438c257000l8366p179_1276392189&encoded_url=Y2FzaW5vIyEvYXV0aC9yZWdpc3Rlcj9wb3B1cA==&click_id=cf176116-b027-4d15-a34f-328aef2f7aa5&sub_id=1276392189&sub_id_2=0.0006&sub_id_3=Unknown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:180::588 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 14; Pixel 7 Pro) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Mobile Safari/537.36
Referer
https://betwingg.com/

Response headers

x-request-id
d5fa3afe-fa4a-4a90-af93-940f35b00caf
cf-cache-status
MISS
cf-ray
8ee532760e62f8a4-ARN
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
43
date
Sat, 07 Dec 2024 14:27:33 GMT
content-type
image/gif
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
DENY
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5RMQ4SV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 14; Pixel 7 Pro) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Mobile Safari/537.36
Referer
https://betwingg.com/

Response headers

content-encoding
gzip
age
6368
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Sat, 07 Dec 2024 14:41:25 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 07 Dec 2024 12:41:25 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
tag_gen.js
a.exoclick.com/ 		948 B
904 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a.exoclick.com/tag_gen.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5RMQ4SV
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::21 Frankfurt am Main, Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
894b4ff8262262fb45c1ab0643a20c4626f5c113dc51c7f603bbdec7432ee978

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 14; Pixel 7 Pro) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Mobile Safari/537.36
Referer
https://betwingg.com/

Response headers

x-robots-tag
noindex, follow
x-77-nzt
EgwB1GY4sQH3Fx0AAAwBw7WvBgG3lwEAAA
cache-control
max-age=10800
content-encoding
gzip
etag
W/"c9cd2e86ce948904c22a6490773"
x-77-cache
HIT
expires
Wed, 04 Dec 2024 21:23:04 GMT
access-control-allow-origin
*
x-77-pop
frankfurtDE
date
Sat, 07 Dec 2024 14:27:33 GMT
x-77-age
7447
content-type
application/javascript
x-77-nzt-ray
1cb09c0e7e47b885555b5467b682c030
vary
Accept-Encoding
server
CDN77-Turbo
ping.php
p.tureblechu.net/ 		0
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.tureblechu.net:9999/ping.php?s=9ec51efe485e30c07115d593e6cbba0b
Requested by
Host: betwingg.com
URL: https://betwingg.com/?s=60&ref=gg_w227438c257000l8366p179_1276392189&encoded_url=Y2FzaW5vIyEvYXV0aC9yZWdpc3Rlcj9wb3B1cA==&click_id=cf176116-b027-4d15-a34f-328aef2f7aa5&sub_id=1276392189&sub_id_2=0.0006&sub_id_3=Unknown
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.109.27.100 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 14; Pixel 7 Pro) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Mobile Safari/537.36
Referer
https://betwingg.com/

Response headers

Transfer-Encoding
chunked
Access-Control-Allow-Origin
*
Date
Sat, 07 Dec 2024 14:27:33 GMT
Content-Type
text/html; charset=UTF-8
Server
nginx
Connection
keep-alive
9ec51efe485e30c07115d593e6cbba0b.jpg
sat.crwds.net/p/gnt908wk0bl6xyll5bj94zafs74gwo53/ 		0
676 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sat.crwds.net/p/gnt908wk0bl6xyll5bj94zafs74gwo53/9ec51efe485e30c07115d593e6cbba0b.jpg
Requested by
Host: betwingg.com
URL: https://betwingg.com/?s=60&ref=gg_w227438c257000l8366p179_1276392189&encoded_url=Y2FzaW5vIyEvYXV0aC9yZWdpc3Rlcj9wb3B1cA==&click_id=cf176116-b027-4d15-a34f-328aef2f7aa5&sub_id=1276392189&sub_id_2=0.0006&sub_id_3=Unknown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:7880:328:c667:efff:fa09:4c24:22f , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 14; Pixel 7 Pro) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Mobile Safari/537.36
Referer
https://betwingg.com/

Response headers

cf-ray
8ee532790cf998f6-ARN
cache-control
no-cache, private
cf-cache-status
DYNAMIC
date
Sat, 07 Dec 2024 14:27:33 GMT
content-type
image/jpeg
server
cloudflare
collect
www.google-analytics.com/j/ 		15 B
432 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=848137955&t=pageview&_s=1&dl=https%3A%2F%2Fbetwingg.com%2F%3Fs%3D60%26ref%3Dgg_w227438c257000l8366p179_1276392189%26encoded_url%3DY2FzaW5vIyEvYXV0aC9yZWdpc3Rlcj9wb3B1cA%3D%3D%26click_id%3Dcf176116-b027-4d15-a34f-328aef2f7aa5%26sub_id%3D1276392189%26sub_id_2%3D0.0006%26sub_id_3%3DUnknown&dr=https%3A%2F%2F3ca505141e.news-bboyota.xyz%2F&ul=no-no&de=UTF-8&dt=GG.BET%20Loading...&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=518210359&gjid=1378643964&cid=2056459380.1733581654&tid=UA-156256613-1&_gid=964910413.1733581654&_r=1&_slc=1&gtm=45He4c40n815RMQ4SVza200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485&npa=1&z=1612947101
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
c7dc49f087a2d460019b7224a7ef450fb3f92caada953a7f744570baa2ae1a62
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 14; Pixel 7 Pro) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Mobile Safari/537.36
Content-Type
text/plain
Referer
https://betwingg.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 07 Dec 2024 14:27:33 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://betwingg.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
15
server
Golfe2
favicon.ico
betwingg.com/static/template/60/img/ 		4 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://betwingg.com/static/template/60/img/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03035ed98ce83bc8aa217997aabfb598d4847b305f7228618e45be8a068e028b
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains;
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 14; Pixel 7 Pro) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Mobile Safari/537.36
Referer
https://betwingg.com/?s=60&ref=gg_w227438c257000l8366p179_1276392189&encoded_url=Y2FzaW5vIyEvYXV0aC9yZWdpc3Rlcj9wb3B1cA==&click_id=cf176116-b027-4d15-a34f-328aef2f7aa5&sub_id=1276392189&sub_id_2=0.0006&sub_id_3=Unknown

Response headers

content-encoding
zstd
cf-cache-status
REVALIDATED
etag
W/"674f1b67-10be"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IZvqfalwEj2HNJz%2BQz2yyIL9r5tbzB7ZCmxB4hPKJHfo0p%2FKJ7G3FAwxdtnfFTfB2oQLJSHMpDDtycl4CUM1SMAytqb%2F8TUcVd6UI0GpbRdmSqwFTJvITjgWNrKGODk%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=28001&min_rtt=27724&rtt_var=51&sent=74&recv=42&lost=0&retrans=0&sent_bytes=74678&recv_bytes=7236&delivery_rate=1186906&cwnd=43200&unsent_bytes=0&cid=688e920d8ad55bb0&ts=899&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 07 Dec 2024 14:27:34 GMT
content-type
image/x-icon
last-modified
Tue, 03 Dec 2024 14:53:27 GMT
vary
Accept-Encoding
priority
u=1,i
strict-transport-security
max-age=300; includeSubDomains;
cache-control
public, max-age=1, stale-while-revalidate=60, stale-if-error=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ee53279796556ae-OSL
x-xss-protection
1; mode=block
server
cloudflare
js
www.googletagmanager.com/gtag/ 		289 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-C20DZ2NS21&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b094e97e382750326bb858c896d19c16cfe12237f01c34a06c85a8d471870829
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 14; Pixel 7 Pro) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Mobile Safari/537.36
Referer
https://betwingg.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sat, 07 Dec 2024 14:27:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 07 Dec 2024 14:27:34 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
102596
x-xss-protection
0
server
Google Tag Manager
9ec51efe485e30c07115d593e6cbba0b
sat.tureblechu.net/ie/js/ 		12 B
248 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sat.tureblechu.net/ie/js/9ec51efe485e30c07115d593e6cbba0b
Requested by
Host: sat.tureblechu.net
URL: https://sat.tureblechu.net/gnt908wk0bl6xyll5bj94zafs74gwo53/script.min.js?sub_1=gg_w227438c257000l8366p179_1276392189&visitorId=67545b55135c6cbd5e06cd46
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:7880:5a8:3b5b:fbb4:6b67:f368:4cae , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
587fa9763e3d74ded3b64a843905f5541690582aad4976207e03743a7fb5f70e

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 14; Pixel 7 Pro) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Mobile Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://betwingg.com/

Response headers

cache-control
no-cache, private
content-encoding
gzip
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT, PATCH
cf-ray
8ee53279cc405f07-ARN
access-control-allow-origin
https://betwingg.com
date
Sat, 07 Dec 2024 14:27:34 GMT
content-type
application/json
server
cloudflare
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-C20DZ2NS21&gtm=45je4c40v9123232044za200&_p=1733581653344&gcd=13l3l3l2l3l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485&ul=no-no&sr=1600x1200&cid=2056459380.1733581654&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fbetwingg.com%2F%3Fs%3D60%26ref%3Dgg_w227438c257000l8366p179_1276392189%26encoded_url%3DY2FzaW5vIyEvYXV0aC9yZWdpc3Rlcj9wb3B1cA%3D%3D%26click_id%3Dcf176116-b027-4d15-a34f-328aef2f7aa5%26sub_id%3D1276392189%26sub_id_2%3D0.0006%26sub_id_3%3DUnknown&dr=https%3A%2F%2F3ca505141e.news-bboyota.xyz%2F&dt=GG.BET%20Loading...&sid=1733581654&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1632
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C20DZ2NS21&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 14; Pixel 7 Pro) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Mobile Safari/537.36
Referer
https://betwingg.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://betwingg.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 07 Dec 2024 14:27:34 GMT
content-type
text/plain
server
Golfe2
casino
gg254.bet/en/
Redirect Chain
  • https://betwingg.com/away.php?visitorId=67545b55135c6cbd5e06cd46&duration=1&reason=success_ping&to=aHR0cHM6Ly9nZzI1NC5iZXQvY2FzaW5vP3N1Yl9pZD0xMjc2MzkyMTg5JnJlZj1nZ193MjI3NDM4YzI1NzAwMGw4MzY2cDE3OV...
  • https://gg254.bet/casino?sub_id=1276392189&ref=gg_w227438c257000l8366p179_1276392189&affdata%5Bsubdata%5D=9ec51efe485e30c07115d593e6cbba0b&affdata%5Bclick_id%5D=cf176116-b027-4d15-a34f-328aef2f7aa5...
  • https://gg254.bet/en/casino?sub_id=1276392189&ref=gg_w227438c257000l8366p179_1276392189&affdata%5Bsubdata%5D=9ec51efe485e30c07115d593e6cbba0b&affdata%5Bclick_id%5D=cf176116-b027-4d15-a34f-328aef2f7...
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
gg254.bet
URL
https://gg254.bet/en/casino?sub_id=1276392189&ref=gg_w227438c257000l8366p179_1276392189&affdata%5Bsubdata%5D=9ec51efe485e30c07115d593e6cbba0b&affdata%5Bclick_id%5D=cf176116-b027-4d15-a34f-328aef2f7aa5&affdata%5Bsub_id_2%5D=0.0006&affdata%5Bsub_id_3%5D=Unknown&affdata%5Brotator%5D=257000&affdata%5Blanding%5D=8366&affdata%5Bsub_id%5D=1276392189&affdata%5Bsrc%5D=M2NhNTA1MTQxZS5uZXdzLWJib3lvdGEueHl6

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| rza object| utils object| redirector object| site object| statsData boolean| isStatsCollectable number| pingTimeoutStartTimestamp function| mirrorCookieName function| checkAvailability function| checkStatAvailability function| afterPingAction function| pingDomains function| prepareStats function| generateRedirectUrl function| tenSecondsCache function| awayTo object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| gaplugins object| gaGlobal object| gaData

19 Cookies

Domain/Path Name / Value
betwingg.com/ Name: http_referer
Value: https%3A%2F%2F3ca505141e.news-bboyota.xyz%2F
betwingg.com/ Name: visit2aa781c93e8489c6e068e1cc0a8c3d44
Value: 1
.gg254.bet/ Name: __cf_bm
Value: uxqY7oDNE5YqrQlZr.goCDVdD.YrMLOtKq1ZaMODJzA-1733581653-1.0.1.1-EMQrC_KH6aMD.1fe4sDctLdACr46QEQnCcFaAJqk8.BcW.v7iKcKvUo4gAs3Na.oAr85GK00GuVXa8Y5dAqVDA
betwingg.com/ Name: ping.60.8994
Value: 1
.gg253.bet/ Name: __cf_bm
Value: htWeB.q.9G6RPyh6f28h.Ud_u46HRyQvTt2.VyMSV7Y-1733581653-1.0.1.1-M7llbi9JdD5zMOwVQC0EtF3BnJYdE3pRxOmNml3YpdcwiyjRBejZn.RUNXDr7T.HjBKjlTUiVJp95KFoM6FAxw
betwingg.com/ Name: ping.60.9112
Value: 1
.gg265.bet/ Name: __cf_bm
Value: FHIAnnyPTeklWVmKmLUa0laq079L10fS2DYJbI.K_EA-1733581653-1.0.1.1-0ZngodEi_peZ.b0yo5S5KN0PiJF458wSAMpsTVi_U33fq_sTCVzo90gTUur7oAUozWyMSTj.VVaPNy_Q4VFogA
betwingg.com/ Name: ping.60.9128
Value: 1
.sat.tureblechu.net/ Name: __cf_bm
Value: vJaE00YJFSqo1IVMHAIPgg6nFtsZqP9MjfCYMa0ztHs-1733581653-1.0.1.1-UAbQhVVz.0yRbr_tP5llKcS1rKaXIhHQMWPp_WJCXJ7EQUjogfb4ZiGzCrxjMdTD._HFEp2GNKxSu8nqE9dyZQ
.betwingg.com/ Name: _ga
Value: GA1.2.2056459380.1733581654
.betwingg.com/ Name: _gid
Value: GA1.2.964910413.1733581654
.betwingg.com/ Name: _gat_UA-156256613-1
Value: 1
.crwds.net/ Name: _7jt1oxhp4z
Value: eyJpdiI6IjhpVWthOEphN1krR2lpazN3bWZQTmc9PSIsInZhbHVlIjoielI2RGh1M0pjQVFLa2c3aHh3bnBtbS9vM3VJMHpDSXhCYjZMb3BMWFVJL1ZmcHRWQSs3Q3lScnBXMXNON3JVRjNrVEQvOHZUWFVPeFhJM2l1ZjI1eThGYUdxdW96TDN1Q3hqYzg1aVdGdm89IiwibWFjIjoiNmJmMmNiNGNmYmJiMDBjNDc1ZGJlMTE4NWMyNzRiMzNkNzkzZmRmYWNlYjE1NDA2ZWM5ODBjNTQwNmY3ODY2MyIsInRhZyI6IiJ9
.sat.crwds.net/ Name: __cf_bm
Value: Bg8Imj5JrjLo42skMEMRr.RkKt5OyYK_x5pgwou53gY-1733581653-1.0.1.1-DjG2Sid1wakJrS2UMgv1fc8.5OAxoiJgB6ZuJyTP0eZTrBxG.MLI9qmfqYXBssLD5UJtPIkye86S9f9yheCC_Q
.betwingg.com/ Name: _ga_C20DZ2NS21
Value: GS1.2.1733581654.1.0.1733581654.0.0.0
gg254.bet/ Name: refCode
Value: gg_w227438c257000l8366p179_1276392189
gg254.bet/ Name: affdata
Value: subdata%3D9ec51efe485e30c07115d593e6cbba0b%26click_id%3Dcf176116-b027-4d15-a34f-328aef2f7aa5%26sub_id_2%3D0.0006%26sub_id_3%3DUnknown%26rotator%3D257000%26landing%3D8366%26sub_id%3D1276392189%26src%3DM2NhNTA1MTQxZS5uZXdzLWJib3lvdGEueHl6
gg254.bet/ Name: landingId
Value: 8366
gg254.bet/ Name: uuid
Value: fd69384f-a004-487d-a3d2-aa7ef9b42bee

4 Console Messages

Source Level URL
Text
rendering warning URL: https://3ca505141e.news-bboyota.xyz/?id=1276392189&p1=sub1&p2=sub2&p3=sub3&p4=sub4&traceId=584d1acd-10b9-41fe-a0d4-6ac99f9385ce
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0C01307DC2F0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
network error URL: https://3ca505141e.news-bboyota.xyz/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
rendering warning URL: https://betwingg.com/?s=60&ref=gg_w227438c257000l8366p179_1276392189&encoded_url=Y2FzaW5vIyEvYXV0aC9yZWdpc3Rlcj9wb3B1cA==&click_id=cf176116-b027-4d15-a34f-328aef2f7aa5&sub_id=1276392189&sub_id_2=0.0006&sub_id_3=Unknown
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0501407DC2F0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://betwingg.com/?s=60&ref=gg_w227438c257000l8366p179_1276392189&encoded_url=Y2FzaW5vIyEvYXV0aC9yZWdpc3Rlcj9wb3B1cA==&click_id=cf176116-b027-4d15-a34f-328aef2f7aa5&sub_id=1276392189&sub_id_2=0.0006&sub_id_3=Unknown
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0F01C00DC2F0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3ca505141e.news-bboyota.xyz
a.exoclick.com
betwingg.com
fonts.googleapis.com
gg253.bet
gg254.bet
gg265.bet
ggbetpro.com
img.cdn.house
news-bcetudi.live
p.tureblechu.net
phgop1.com
region1.google-analytics.com
sat.crwds.net
sat.tureblechu.net
show.partners-show.com
www.google-analytics.com
www.googletagmanager.com
gg254.bet
136.243.42.50
172.67.168.186
178.63.48.167
188.114.97.3
2001:4860:4802:32::36
23.109.27.100
2a00:1450:4001:80f::2008
2a00:1450:4001:81d::200e
2a00:1450:4001:827::200a
2a01:4f8:151:90ea::2
2a01:4f8:1c1e:e2b3::1
2a02:6ea0:c700::21
2a05:7880:328:c667:efff:fa09:4c24:22f
2a05:7880:5a8:3b5b:fbb4:6b67:f368:4cae
2a07:180::231
2a07:180::261
2a07:180::588
65.109.24.247
03035ed98ce83bc8aa217997aabfb598d4847b305f7228618e45be8a068e028b
0b19ed59798eb27f7d790425f7c964d6c927887892cf296597e5ac8aa472d984
2fd8c172d575c5d30f0525f905b2ffe26d7eda0c295cdd10db9c84ce0ce85dab
3164a3b34bdffdb6bca91cda051b4368a6ac9f7e8ba418b5278997e8d956604b
31ca1eb6d5eb8ea01651c7bba788a5bcf7e8962298b19ad2f0cfa859cea17ef0
38d5a64a97cd328cd4da4a0fd764f6c749e7420f891c394d82c4178465125666
41907d209f53001bd32b64d0aabca1cb636949e7c60cdb5cf82aa07088ab31c9
4da6be00ec27e3c55c7958009712d25d87b46b308a1a8386b9abd336ec6f6132
5734292a05c1b34d3146edc37159c4e3ae22a28884052b5d70a53c9c0acdfd11
587fa9763e3d74ded3b64a843905f5541690582aad4976207e03743a7fb5f70e
61c0c9f12b55edb2db34e18d3eeb0acc658a58686a8f8fc7836d76bdfd52b645
7482cf4d44518772564144cead954c6bce6aeb83c6339205100bc718145228c6
84eb7ffdba157052641b94395f1479fdd50633d9e4d70e4a5615b73d5664abfc
894b4ff8262262fb45c1ab0643a20c4626f5c113dc51c7f603bbdec7432ee978
ab5311e210de82b25d24bb7e5e075af968b4acde9fc106a25414cf98eecab32d
b094e97e382750326bb858c896d19c16cfe12237f01c34a06c85a8d471870829
bb0626ab5f6d196263be8ec8561f0f0daede3da576d3786d87bdac90843361e9
c7dc49f087a2d460019b7224a7ef450fb3f92caada953a7f744570baa2ae1a62
cd21f8b1e1c7e57310678f7a68da26bc8a8989774ffe9ae9bbc82e64d6532766
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
d762aa1611d13a88f8bc48a0910674afcffec4cab08121611ab6aa19a9771d59
daf727b1620ccf22720e3d7bf38a695b265aabeb72bc34958f816ea5e3b70b72
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f00c28176ae9dcc8111ff1caf3057fb656f4bdb36f2221d52636a0ca8d86c9c9
f195b06221f98d29d7a2709af78e73f6304dfd4fe98517c5c1fc7e29c8e86834
f6c27d2e9bc74f24a1e997c180a925094eac52c9dc9346fcaaa93055b38ff6bf