urlscan.io logo urlscan.io
SecurityTrails logo

heavytunas.com Open in urlscan Pro
116.203.124.201  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://heavytunas.com/
Effective URL: https://heavytunas.com/
Submission: On December 02 via manual from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 4 countries across 10 domains to perform 49 HTTP transactions. The main IP is 116.203.124.201, located in Germany and belongs to HETZNER-AS, DE. The main domain is heavytunas.com. The Cisco Umbrella rank of the primary domain is 389847.
TLS certificate: Issued by R3 on October 18th 2022. Valid for: 3 months.
This is the only time heavytunas.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 15 116.203.124.201 24940 (HETZNER-AS)
1 2a00:1450:400... 15169 (GOOGLE)
2 161.35.78.172 14061 (DIGITALOC...)
1 1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
1 2 107.154.248.168 19551 (INCAPSULA)
1 1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
1 104.17.38.60 13335 (CLOUDFLAR...)
25 5.226.179.15 209242 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
49 9
15    116.203.124.201 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.201.124.203.116.clients.your-server.de
heavytunas.com
1    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    161.35.78.172 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: securely-send.com-fra1
www.securely-send.com
1    2a02:26f0:480:c::210:f19c (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
ads.leovegas.com
2    107.154.248.168 (United States)

ASN19551 (INCAPSULA, US)
PTR: 107.154.248.168.ip.incapdns.net
www.leovegas.com
1    2a02:26f0:480:c::210:f19d (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
media.luckydaysaffiliates.com
1    104.17.38.60 (None, )

ASN13335 (CLOUDFLARENET, US)
luckydays.com
25    5.226.179.15 (United Kingdom)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
www.bet365.dk
members.bet365.dk
content001.bet365.dk
1    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
Apex Domain
Subdomains		 Transfer
25 bet365.dk
www.bet365.dk
members.bet365.dk
content001.bet365.dk
405 KB
15 heavytunas.com
heavytunas.com — Cisco Umbrella Rank: 389847
809 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 48
190 KB
3 leovegas.com
ads.leovegas.com
www.leovegas.com — Cisco Umbrella Rank: 482331
2 KB
2 securely-send.com
www.securely-send.com — Cisco Umbrella Rank: 448758
24 KB
1 gstatic.com
fonts.gstatic.com
31 KB
1 luckydays.com
luckydays.com
1 luckydaysaffiliates.com
media.luckydaysaffiliates.com
806 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37
1 KB
0 aff-online.com Failed
mmwebhandler.aff-online.com Failed
49 10
Domain Requested by
15 heavytunas.com 1 redirects heavytunas.com
14 content001.bet365.dk www.bet365.dk
10 www.bet365.dk heavytunas.com
www.bet365.dk
3 www.googletagmanager.com www.bet365.dk
www.googletagmanager.com
2 www.leovegas.com 1 redirects heavytunas.com
2 www.securely-send.com heavytunas.com
1 members.bet365.dk www.bet365.dk
1 fonts.gstatic.com fonts.googleapis.com
1 luckydays.com heavytunas.com
1 media.luckydaysaffiliates.com 1 redirects
1 ads.leovegas.com 1 redirects
1 fonts.googleapis.com heavytunas.com
0 mmwebhandler.aff-online.com Failed heavytunas.com
49 13
Subject Issuer Validity Valid
heavytunas.com
R3		 2022-10-18 -
2023-01-16		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
securely-send.com
R3		 2022-12-01 -
2023-03-01		 3 months crt.sh
www.leovegas.com
DigiCert SHA2 Extended Validation Server CA		 2022-05-03 -
2023-06-02		 a year crt.sh
luckydays.com
E1		 2022-11-12 -
2023-02-10		 3 months crt.sh
bet365.dk
Cloudflare Inc ECC CA-3		 2022-11-13 -
2023-11-13		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh

This page contains 7 frames:

Primary Page: https://heavytunas.com/
Frame ID: B0C0CDE4C5E5DBB42FDC0E1342F9C92C
Requests: 18 HTTP requests in this frame

Frame: https://mmwebhandler.aff-online.com/C/39300?sr=1868426
Frame ID: 76B1A17B67856A51AF908487255C88EA
Requests: 1 HTTP requests in this frame

Frame: https://www.leovegas.com/en-gb/signup?lobby=casino&btag=100662650_81428CA68E904D5A9306E19FA1002F41&pid=3710549&bid=1466
Frame ID: DD069781D5F0E6D2D068AFA65349DCB1
Requests: 1 HTTP requests in this frame

Frame: https://luckydays.com/?btag=655489_CEAB64C9E08247DFB3BE8C462A1B0014
Frame ID: 1500155602E34E8EEDEE3BEF2A67EBDF
Requests: 1 HTTP requests in this frame

Frame: https://www.bet365.dk/olp/open-account?affiliate=365_01028683
Frame ID: DDD5E471DC28B2E3F01E93700E051BD7
Requests: 1 HTTP requests in this frame

Frame: https://www.bet365.dk/olpc/da/54/0/1/open-account
Frame ID: B312C275DCE05F52B5D580B062E48FA2
Requests: 27 HTTP requests in this frame

Frame: https://members.bet365.dk/Members/Helpers/DefaultAff.aspx?affiliate=365_01028683
Frame ID: 305D73C10A3E54F4CEE3CE275493D6CB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Fodbold Udstyr

Page URL History Show full URLs

  1. http://heavytunas.com/ HTTP 301
    https://heavytunas.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

49
Requests

98 %
HTTPS

50 %
IPv6

10
Domains

13
Subdomains

9
IPs

4
Countries

1460 kB
Transfer

2271 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://heavytunas.com/ HTTP 301
    https://heavytunas.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://ads.leovegas.com/redirect.aspx?pid=3710549&bid=1466 HTTP 307
  • https://www.leovegas.com/signup?lobby=casino&btag=100662650_81428CA68E904D5A9306E19FA1002F41&pid=3710549&bid=1466 HTTP 302
  • https://www.leovegas.com/en-gb/signup?lobby=casino&btag=100662650_81428CA68E904D5A9306E19FA1002F41&pid=3710549&bid=1466
Request Chain 17
  • https://media.luckydaysaffiliates.com/redirect.aspx?pid=6575&bid=1476 HTTP 307
  • https://luckydays.com/?btag=655489_CEAB64C9E08247DFB3BE8C462A1B0014

49 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
heavytunas.com/
Redirect Chain
  • http://heavytunas.com/
  • https://heavytunas.com/
7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://heavytunas.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.203.124.201 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.201.124.203.116.clients.your-server.de
Software
nginx /
Resource Hash
6ee580fb3eaf798098b43c08e23941f3ed2c6eb920a26151481ac789d866536f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Fri, 02 Dec 2022 13:47:40 GMT
etag
W/"6166b815-1add"
last-modified
Wed, 13 Oct 2021 10:42:29 GMT
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
162
Content-Type
text/html
Date
Fri, 02 Dec 2022 13:47:40 GMT
Location
https://heavytunas.com/
Server
nginx
css2
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;600&display=swap
Requested by
Host: heavytunas.com
URL: https://heavytunas.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0b3f1125c7f29b3164a22aa98fcb3ef9a08e992d40f38d06c3f1b585b6f6ef19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://heavytunas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 02 Dec 2022 13:47:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 02 Dec 2022 13:09:46 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 02 Dec 2022 13:47:41 GMT
style.css
heavytunas.com/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://heavytunas.com/style.css
Requested by
Host: heavytunas.com
URL: https://heavytunas.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.203.124.201 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.201.124.203.116.clients.your-server.de
Software
nginx /
Resource Hash
79e220d0cc09b63de81927cf8f76ac3f29b928a61f7dbd022e9124993e600d4f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://heavytunas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 13:47:40 GMT
last-modified
Wed, 13 Oct 2021 10:42:29 GMT
server
nginx
etag
"6166b815-91c"
content-type
text/css
cache-control
max-age=604800
accept-ranges
bytes
content-length
2332
expires
Fri, 09 Dec 2022 13:47:40 GMT
pu_cd_dk_volde_real.js
www.securely-send.com/storage/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.securely-send.com/storage/pu_cd_dk_volde_real.js
Requested by
Host: heavytunas.com
URL: https://heavytunas.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
161.35.78.172 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
securely-send.com-fra1
Software
/
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://heavytunas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers
pu_cd_dk_voldemort.js
www.securely-send.com/storage/ 		24 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.securely-send.com/storage/pu_cd_dk_voldemort.js
Requested by
Host: heavytunas.com
URL: https://heavytunas.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
161.35.78.172 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
securely-send.com-fra1
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
9f34a7a3e44fca3bdc174a17341aecdd8827ed50fd0d222fd68258651f99e899
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://heavytunas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 13:47:41 GMT
x-content-type-options
nosniff
last-modified
Thu, 18 Nov 2021 13:14:30 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"619651b6-5e40"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
accept-ranges
bytes
content-length
24128
x-xss-protection
1; mode=block
logo.png
heavytunas.com/ 		947 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heavytunas.com/logo.png
Requested by
Host: heavytunas.com
URL: https://heavytunas.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.203.124.201 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.201.124.203.116.clients.your-server.de
Software
nginx /
Resource Hash
b7abb33953367ca8cbd7992cfac8d74385407227e3de75105ee9cfbf38070a41

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://heavytunas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 13:47:41 GMT
last-modified
Wed, 13 Oct 2021 10:42:29 GMT
server
nginx
etag
"6166b815-3b3"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
947
expires
Sun, 01 Jan 2023 13:47:41 GMT
bet365.jpg
heavytunas.com/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heavytunas.com/bet365.jpg
Requested by
Host: heavytunas.com
URL: https://heavytunas.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.203.124.201 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.201.124.203.116.clients.your-server.de
Software
nginx /
Resource Hash
63aad7331d7e736a0c7d78bf605358194aed3befe6702c8606b6c5e43f34a469

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://heavytunas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 13:47:41 GMT
last-modified
Wed, 13 Oct 2021 10:42:29 GMT
server
nginx
etag
"6166b815-10ae"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
4270
expires
Sun, 01 Jan 2023 13:47:41 GMT
arrow.png
heavytunas.com/ 		343 B
517 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heavytunas.com/arrow.png
Requested by
Host: heavytunas.com
URL: https://heavytunas.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.203.124.201 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.201.124.203.116.clients.your-server.de
Software
nginx /
Resource Hash
5f43899197d72dd57f227ae6741b80791fd187b8f11bad546dffbaf2e3743523

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://heavytunas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 13:47:41 GMT
last-modified
Wed, 13 Oct 2021 10:42:29 GMT
server
nginx
etag
"6166b815-157"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
343
expires
Sun, 01 Jan 2023 13:47:41 GMT
888.jpg
heavytunas.com/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heavytunas.com/888.jpg
Requested by
Host: heavytunas.com
URL: https://heavytunas.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.203.124.201 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.201.124.203.116.clients.your-server.de
Software
nginx /
Resource Hash
a8e15586ce9e1f0e25da37516d4aa232bc0b14eaca4edc1c2bd2f03dbc8026f6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://heavytunas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 13:47:41 GMT
last-modified
Wed, 13 Oct 2021 10:42:29 GMT
server
nginx
etag
"6166b815-a57"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
2647
expires
Sun, 01 Jan 2023 13:47:41 GMT
bwin.jpg
heavytunas.com/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heavytunas.com/bwin.jpg
Requested by
Host: heavytunas.com
URL: https://heavytunas.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.203.124.201 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.201.124.203.116.clients.your-server.de
Software
nginx /
Resource Hash
85c00feeb64af463ebfa744b8984cb33499c8dadd31f9bf5eaefe3a418fddb7e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://heavytunas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 13:47:41 GMT
last-modified
Wed, 13 Oct 2021 10:42:29 GMT
server
nginx
etag
"6166b815-95c"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
2396
expires
Sun, 01 Jan 2023 13:47:41 GMT
spillemyndigheden.png
heavytunas.com/ 		548 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heavytunas.com/spillemyndigheden.png
Requested by
Host: heavytunas.com
URL: https://heavytunas.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.203.124.201 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.201.124.203.116.clients.your-server.de
Software
nginx /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://heavytunas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 13:47:41 GMT
content-encoding
gzip
server
nginx
content-type
text/html
rofus.png
heavytunas.com/ 		548 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heavytunas.com/rofus.png
Requested by
Host: heavytunas.com
URL: https://heavytunas.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.203.124.201 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.201.124.203.116.clients.your-server.de
Software
nginx /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://heavytunas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 13:47:41 GMT
content-encoding
gzip
server
nginx
content-type
text/html
stopspillet.png
heavytunas.com/ 		548 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heavytunas.com/stopspillet.png
Requested by
Host: heavytunas.com
URL: https://heavytunas.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.203.124.201 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.201.124.203.116.clients.your-server.de
Software
nginx /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://heavytunas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 13:47:41 GMT
content-encoding
gzip
server
nginx
content-type
text/html
ludomani.png
heavytunas.com/ 		548 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heavytunas.com/ludomani.png
Requested by
Host: heavytunas.com
URL: https://heavytunas.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.203.124.201 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.201.124.203.116.clients.your-server.de
Software
nginx /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://heavytunas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 13:47:41 GMT
content-encoding
gzip
server
nginx
content-type
text/html
18.png
heavytunas.com/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heavytunas.com/18.png
Requested by
Host: heavytunas.com
URL: https://heavytunas.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.203.124.201 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.201.124.203.116.clients.your-server.de
Software
nginx /
Resource Hash
c2df13c5fde252964991099d203d6f5f12e0db23d9cf8971e89475fccc8776c1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://heavytunas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 13:47:41 GMT
last-modified
Wed, 13 Oct 2021 10:42:29 GMT
server
nginx
etag
"6166b815-5bc"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1468
expires
Sun, 01 Jan 2023 13:47:41 GMT
bg.jpg
heavytunas.com/ 		290 KB
290 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heavytunas.com/bg.jpg
Requested by
Host: heavytunas.com
URL: https://heavytunas.com/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.203.124.201 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.201.124.203.116.clients.your-server.de
Software
nginx /
Resource Hash
ed70b3ba07ee5c16f7c87e3bb38f59d60574218f2f993e0eb5262f5829dda59b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://heavytunas.com/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 13:47:41 GMT
last-modified
Wed, 13 Oct 2021 10:42:29 GMT
server
nginx
etag
"6166b815-486ce"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
296654
expires
Sun, 01 Jan 2023 13:47:41 GMT
39300
mmwebhandler.aff-online.com/C/ Frame 76B1 		0
0
signup
www.leovegas.com/en-gb/ Frame DD06
Redirect Chain
  • https://ads.leovegas.com/redirect.aspx?pid=3710549&bid=1466
  • https://www.leovegas.com/signup?lobby=casino&btag=100662650_81428CA68E904D5A9306E19FA1002F41&pid=3710549&bid=1466
  • https://www.leovegas.com/en-gb/signup?lobby=casino&btag=100662650_81428CA68E904D5A9306E19FA1002F41&pid=3710549&bid=1466
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.leovegas.com/en-gb/signup?lobby=casino&btag=100662650_81428CA68E904D5A9306E19FA1002F41&pid=3710549&bid=1466
Requested by
Host: heavytunas.com
URL: https://heavytunas.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.248.168 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.248.168.ip.incapdns.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.leovegas.com *.casinomodule.com *.yggdrasilgaming.com *.evolutiongaming.com *.gameassists.co.uk *.gameassists.dk *.rgsgames.com *.wagerworks.com *.adform.com *.livetables.io *.regily.com *.casinoalternativen.com *.onlinecasinobonus24.xyz *.livetableshu.com
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-security-policy
frame-ancestors 'self' *.leovegas.com *.casinomodule.com *.yggdrasilgaming.com *.evolutiongaming.com *.gameassists.co.uk *.gameassists.dk *.rgsgames.com *.wagerworks.com *.adform.com *.livetables.io *.regily.com *.casinoalternativen.com *.onlinecasinobonus24.xyz *.livetableshu.com
content-type
text/html; charset=utf-8
date
Fri, 02 Dec 2022 13:47:42 GMT
server
nginx
strict-transport-security
max-age=63072000;
via
1.1 google
x-cache-key
disabled-0.2497295162258386
x-cdn
Imperva
x-content-type-options
nosniff
x-iinfo
13-334191602-334191613 PNNy RT(1669988861753 147) q(0 0 0 -1) r(1 1) U12
x-render-cache
0
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-security-policy
frame-ancestors 'self' *.leovegas.com *.casinomodule.com *.yggdrasilgaming.com *.evolutiongaming.com *.gameassists.co.uk *.gameassists.dk *.rgsgames.com *.wagerworks.com *.adform.com *.livetables.io *.regily.com *.casinoalternativen.com *.onlinecasinobonus24.xyz *.livetableshu.com
content-type
application/json; charset=utf8
date
Fri, 02 Dec 2022 13:47:42 GMT
location
/en-gb/signup?lobby=casino&btag=100662650_81428CA68E904D5A9306E19FA1002F41&pid=3710549&bid=1466
server
nginx
strict-transport-security
max-age=63072000;
via
1.1 google
x-cdn
Imperva
x-content-type-options
nosniff
x-iinfo
13-334191602-334191613 NNNY CT(7 10 0) RT(1669988861753 52) q(0 0 0 3) r(0 0) U11
x-xss-protection
1; mode=block
/
luckydays.com/ Frame 1500
Redirect Chain
  • https://media.luckydaysaffiliates.com/redirect.aspx?pid=6575&bid=1476
  • https://luckydays.com/?btag=655489_CEAB64C9E08247DFB3BE8C462A1B0014
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://luckydays.com/?btag=655489_CEAB64C9E08247DFB3BE8C462A1B0014
Requested by
Host: heavytunas.com
URL: https://heavytunas.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.38.60 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.regily.com https://freeluckydays.com https://freeluckydays.net https://luckydaysfree.com https://www.luckydaysfun.com; frame-src * nordeamta: danskeid: bankid: data https://client.britepaymentgroup.com;
Strict-Transport-Security max-age=604800; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=0
cf-cache-status
MISS
cf-ray
77348413ced6d214-MAN
content-encoding
br
content-security-policy
frame-ancestors *.regily.com https://freeluckydays.com https://freeluckydays.net https://luckydaysfree.com https://www.luckydaysfun.com; frame-src * nordeamta: danskeid: bankid: data https://client.britepaymentgroup.com;
content-type
text/html; charset=UTF-8
date
Fri, 02 Dec 2022 13:47:42 GMT
last-modified
Wed, 30 Nov 2022 11:56:46 GMT
server
cloudflare
strict-transport-security
max-age=604800; includeSubDomains
vary
Accept-Encoding
x-powered-by
Express

Redirect headers

access-control-expose-headers
Request-Context
cache-control
max-age=0, no-cache, no-store
content-length
0
content-type
text/html
date
Fri, 02 Dec 2022 13:47:41 GMT
expires
Fri, 02 Dec 2022 13:47:41 GMT
location
https://luckydays.com?btag=655489_CEAB64C9E08247DFB3BE8C462A1B0014
p3p
CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
pragma
no-cache
request-context
appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
server-timing
cdn-cache; desc=MISS edge; dur=9 origin; dur=53
x-aspnet-version
4.0.30319
open-account
www.bet365.dk/olp/ Frame DDD5 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bet365.dk/olp/open-account?affiliate=365_01028683
Requested by
Host: heavytunas.com
URL: https://heavytunas.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.226.179.15 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7306ea9314c478b4f08cca7246b082c81e11b20a034e474159b85a693cbe492b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
7734840f8b8254e1-MAN
Connection
keep-alive
Date
Fri, 02 Dec 2022 13:47:41 GMT
Server
cloudflare
ServerDetails
<!--2P1 - 11-->
Transfer-Encoding
chunked
hero-bg.jpg
heavytunas.com/ 		498 KB
499 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heavytunas.com/hero-bg.jpg
Requested by
Host: heavytunas.com
URL: https://heavytunas.com/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.203.124.201 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.201.124.203.116.clients.your-server.de
Software
nginx /
Resource Hash
b16b98ab9ed64f409952bb93319ef1a65144f4e37eb601a10937586969c0de86

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://heavytunas.com/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 13:47:41 GMT
last-modified
Wed, 13 Oct 2021 10:42:29 GMT
server
nginx
etag
"6166b815-7c9f6"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
510454
expires
Sun, 01 Jan 2023 13:47:41 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://heavytunas.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 01:41:22 GMT
x-content-type-options
nosniff
age
43579
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30928
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:57:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Dec 2023 01:41:22 GMT
open-account
www.bet365.dk/olpc/da/54/0/1/ Frame B312 		51 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bet365.dk/olpc/da/54/0/1/open-account
Requested by
Host: www.bet365.dk
URL: https://www.bet365.dk/olp/open-account?affiliate=365_01028683
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.226.179.15 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fee72372e2db4d8ccb7d507f4e254574d51f72e9136bcda6ef5ba7bb86b849e
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self' 'unsafe-inline' https://www.googletagmanager.com;frame-src 'self' http://members.bet365.dk 'nonce-HvOe2utN30Iw0hgUVsVrEal+cp7ADwIQDY7acD78iqc=';style-src 'self' 'unsafe-inline';img-src 'self' data: https://content001.bet365.dk/ https://content001.bet365.dk/SportsContent/ 'nonce-HvOe2utN30Iw0hgUVsVrEal+cp7ADwIQDY7acD78iqc=';connect-src 'self' https://www.google-analytics.com http://members.bet365.dk https://extra.bet365.dk 'nonce-HvOe2utN30Iw0hgUVsVrEal+cp7ADwIQDY7acD78iqc=';font-src 'self' data: 'nonce-HvOe2utN30Iw0hgUVsVrEal+cp7ADwIQDY7acD78iqc=';

Request headers

Referer
https://www.bet365.dk/olp/open-account?affiliate=365_01028683
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Age
9399
CF-Cache-Status
HIT
CF-RAY
773484102cbf54e1-MAN
Cache-Control
private
Connection
keep-alive
Content-Encoding
gzip
Content-Length
14145
Content-Security-Policy
default-src 'self';script-src 'self' 'unsafe-inline' https://www.googletagmanager.com;frame-src 'self' http://members.bet365.dk 'nonce-HvOe2utN30Iw0hgUVsVrEal+cp7ADwIQDY7acD78iqc=';style-src 'self' 'unsafe-inline';img-src 'self' data: https://content001.bet365.dk/ https://content001.bet365.dk/SportsContent/ 'nonce-HvOe2utN30Iw0hgUVsVrEal+cp7ADwIQDY7acD78iqc=';connect-src 'self' https://www.google-analytics.com http://members.bet365.dk https://extra.bet365.dk 'nonce-HvOe2utN30Iw0hgUVsVrEal+cp7ADwIQDY7acD78iqc=';font-src 'self' data: 'nonce-HvOe2utN30Iw0hgUVsVrEal+cp7ADwIQDY7acD78iqc=';
Content-Type
text/html; charset=utf-8
Date
Fri, 02 Dec 2022 13:47:41 GMT
Last-Modified
Fri, 02 Dec 2022 10:56:01 GMT
Server
cloudflare
Vary
Accept-Encoding
DefaultAff.aspx
members.bet365.dk/Members/Helpers/ Frame 305D 		84 B
801 B 		Document
General
Check archive.org
Download Go to
Full URL
https://members.bet365.dk/Members/Helpers/DefaultAff.aspx?affiliate=365_01028683
Requested by
Host: www.bet365.dk
URL: https://www.bet365.dk/olp/open-account?affiliate=365_01028683
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.226.179.15 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
662c2c97092391ae013657013ee4e9e1ae67db8d008735ea5e03ae20fecd07ba

Request headers

Referer
https://www.bet365.dk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
77348410af623607-MAN
Cache-Control
private
Connection
keep-alive
Content-Encoding
gzip
Content-Length
177
Content-Type
text/html; charset=utf-8
Date
Fri, 02 Dec 2022 13:47:41 GMT
ME-Redirect
PQB
Server
cloudflare
Vary
Accept-Encoding
FTN45__W.woff2
www.bet365.dk/olpc/Content/Fonts/ Frame B312 		45 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.bet365.dk/olpc/Content/Fonts/FTN45__W.woff2
Requested by
Host: www.bet365.dk
URL: https://www.bet365.dk/olpc/da/54/0/1/open-account
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.226.179.15 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e28311fc68644a88a32df782c7371991894bc6a6a81f8ff70f971b4470c3751

Request headers

Referer
https://www.bet365.dk/olpc/da/54/0/1/open-account
Origin
https://www.bet365.dk
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Fri, 02 Dec 2022 13:47:41 GMT
CF-Cache-Status
HIT
Last-Modified
Fri, 02 Dec 2022 10:55:59 GMT
Server
cloudflare
Age
10285
Vary
Accept-Encoding
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
773484109d8254e1-MAN
Content-Length
45892
olpc-styles.css
www.bet365.dk/olpc/ Frame B312 		355 KB
111 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bet365.dk/olpc/olpc-styles.css?v=w2VphkKL-8Ytlc8NDwvld4GlhVFzxhf9W91UQcprjJM1
Requested by
Host: www.bet365.dk
URL: https://www.bet365.dk/olpc/da/54/0/1/open-account
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.226.179.15 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
734998ba3a924b5f0f43c791dc2de2a7f335d3da719546c51a39d094f5ba747b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.bet365.dk/olpc/da/54/0/1/open-account
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Fri, 02 Dec 2022 13:47:41 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Fri, 02 Dec 2022 10:55:59 GMT
Server
cloudflare
Age
10012
Transfer-Encoding
chunked
Vary
User-Agent,Accept-Encoding
Content-Type
text/css; charset=utf-8
Cache-Control
public
Connection
keep-alive
CF-RAY
77348410fc6a54ac-MAN
Expires
Sat, 02 Dec 2023 10:55:59 GMT
ProductCommon_v1.js
www.bet365.dk/members/services/host/Scripts/js/ Frame B312 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bet365.dk/members/services/host/Scripts/js/ProductCommon_v1.js
Requested by
Host: www.bet365.dk
URL: https://www.bet365.dk/olpc/da/54/0/1/open-account
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.226.179.15 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
028621d03af7ffb621f60b7434e86af7e8df70a321f83f115c556a4164dd82b5

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.bet365.dk/olpc/da/54/0/1/open-account
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 02 Dec 2022 13:47:41 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Fri, 02 Dec 2022 13:47:41 GMT
Server
cloudflare
x-bet-hop
1
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
CF-RAY
77348410f9c30761-MAN
Expires
0
olpc-scripts.js
www.bet365.dk/olpc/ Frame B312 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bet365.dk/olpc/olpc-scripts.js?v=nTMVpZ6vrGQ372b3nAOEz_c6JCE8U54YvTnlKeHL6Sg1
Requested by
Host: www.bet365.dk
URL: https://www.bet365.dk/olpc/da/54/0/1/open-account
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.226.179.15 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c74563ea394bdffbb99b9dccf8ae5bc071b74d4e587f25e5920e7fac5c660a95

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.bet365.dk/olpc/da/54/0/1/open-account
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Fri, 02 Dec 2022 13:47:41 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Fri, 02 Dec 2022 10:55:59 GMT
Server
cloudflare
Age
8552
Vary
User-Agent,Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
public
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
77348410fc7054ac-MAN
Content-Length
7127
Expires
Sat, 02 Dec 2023 10:55:59 GMT
js
www.googletagmanager.com/gtag/ Frame B312 		213 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z57QP9ZEE5
Requested by
Host: www.bet365.dk
URL: https://www.bet365.dk/olpc/da/54/0/1/open-account
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5495b72e4ac2ec613e68ec5de10ecd5209a4126a1f0d1c343bb46ffd2d1d9222
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.bet365.dk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 13:47:41 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
76227
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 02 Dec 2022 13:47:41 GMT
Spillemyndigheden1x.svg
content001.bet365.dk/SportsContent/Global/Header/ResponsibleGambling/ Frame B312 		58 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content001.bet365.dk/SportsContent/Global/Header/ResponsibleGambling/Spillemyndigheden1x.svg
Requested by
Host: www.bet365.dk
URL: https://www.bet365.dk/olpc/da/54/0/1/open-account
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.226.179.15 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
00421084d72d9f984e8e26bcb55b4849a1f836736d05a5b87e2196335efccabd

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.bet365.dk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Fri, 02 Dec 2022 13:47:41 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
Last-Modified
Mon, 25 Nov 2019 11:26:24 GMT
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
public, max-age=432000
Connection
keep-alive
Timing-Allow-Origin
*
CF-RAY
773484126b150753-MAN
Expires
Wed, 07 Dec 2022 13:47:41 GMT
Maestro%20VisaDebit%20Mastercard.svg
content001.bet365.dk/SportsContent/FeaturesTemplate/SVG/Payment/ Frame B312 		15 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content001.bet365.dk/SportsContent/FeaturesTemplate/SVG/Payment/Maestro%20VisaDebit%20Mastercard.svg
Requested by
Host: www.bet365.dk
URL: https://www.bet365.dk/olpc/da/54/0/1/open-account
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.226.179.15 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e31422fea6c9d5e306946339a38d966031437570a19e2f01e904ed45eea208ce

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.bet365.dk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Fri, 02 Dec 2022 13:47:41 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Thu, 09 Sep 2021 09:13:23 GMT
Server
cloudflare
Age
166520
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
public, max-age=432000
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
CF-RAY
773484126e630742-MAN
Content-Length
6232
Expires
Wed, 07 Dec 2022 13:47:41 GMT
Apple%20Pay.svg
content001.bet365.dk/SportsContent/FeaturesTemplate/SVG/Payment/ Frame B312 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content001.bet365.dk/SportsContent/FeaturesTemplate/SVG/Payment/Apple%20Pay.svg
Requested by
Host: www.bet365.dk
URL: https://www.bet365.dk/olpc/da/54/0/1/open-account
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.226.179.15 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2249be049c0895bcc45c17a703fb13b28c771be8d95cd0b7d7f9aba0398bbe5f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.bet365.dk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Fri, 02 Dec 2022 13:47:41 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Thu, 09 Sep 2021 09:12:08 GMT
Server
cloudflare
Age
266537
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
public, max-age=432000
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
CF-RAY
773484126a8c0757-MAN
Content-Length
2468
Expires
Wed, 07 Dec 2022 13:47:41 GMT
Paysafe%20Card.svg
content001.bet365.dk/SportsContent/FeaturesTemplate/SVG/Payment/ Frame B312 		9 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content001.bet365.dk/SportsContent/FeaturesTemplate/SVG/Payment/Paysafe%20Card.svg
Requested by
Host: www.bet365.dk
URL: https://www.bet365.dk/olpc/da/54/0/1/open-account
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.226.179.15 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
367b375d52b88b06883869ddb1dca46bd1b5ca3656fd6be348c75d9afb7b4b51

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.bet365.dk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Fri, 02 Dec 2022 13:47:41 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Thu, 09 Sep 2021 09:14:02 GMT
Server
cloudflare
Age
269328
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
public, max-age=432000
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
CF-RAY
773484126cb954ab-MAN
Content-Length
3828
Expires
Wed, 07 Dec 2022 13:47:41 GMT
Paypal.svg
content001.bet365.dk/SportsContent/FeaturesTemplate/SVG/Payment/ Frame B312 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content001.bet365.dk/SportsContent/FeaturesTemplate/SVG/Payment/Paypal.svg
Requested by
Host: www.bet365.dk
URL: https://www.bet365.dk/olpc/da/54/0/1/open-account
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.226.179.15 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5923b5d3167186e22377d01f2002120106ed40e936e0341426c681d5a61e2184

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.bet365.dk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Fri, 02 Dec 2022 13:47:41 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
Last-Modified
Thu, 09 Sep 2021 09:13:53 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
public, max-age=432000
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
CF-RAY
773484126cb0b2ed-MAN
Content-Length
2832
Expires
Wed, 07 Dec 2022 13:47:41 GMT
Trustly.svg
content001.bet365.dk/SportsContent/FeaturesTemplate/SVG/Payment/ Frame B312 		7 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content001.bet365.dk/SportsContent/FeaturesTemplate/SVG/Payment/Trustly.svg
Requested by
Host: www.bet365.dk
URL: https://www.bet365.dk/olpc/da/54/0/1/open-account
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.226.179.15 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2f44789b9ee80b5f559a24ccf3c09f1361667fdb585ac3a3cefd6d1e06c68a8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.bet365.dk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Fri, 02 Dec 2022 13:47:41 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
Last-Modified
Thu, 09 Sep 2021 09:14:52 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
public, max-age=432000
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
CF-RAY
773484126dfc074a-MAN
Content-Length
3914
Expires
Wed, 07 Dec 2022 13:47:41 GMT
CenterForLudomani.png
content001.bet365.dk/SportsContent/Global/Footer/ Frame B312 		950 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content001.bet365.dk/SportsContent/Global/Footer/CenterForLudomani.png
Requested by
Host: www.bet365.dk
URL: https://www.bet365.dk/olpc/da/54/0/1/open-account
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.226.179.15 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
04ca630fcb923d9266f9156dcb64df7aed684d2e0261776d05e23bf4da12b3d1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.bet365.dk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Fri, 02 Dec 2022 13:47:41 GMT
CF-Cache-Status
REVALIDATED
Last-Modified
Thu, 23 May 2019 13:32:20 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
public, max-age=432000
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
CF-RAY
77348412cf380742-MAN
Content-Length
950
Expires
Wed, 07 Dec 2022 13:47:41 GMT
GordonMoody-GT-x2_Grey99.png
content001.bet365.dk/SportsContent/Global/Footer/GordonMoody/ Frame B312 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content001.bet365.dk/SportsContent/Global/Footer/GordonMoody/GordonMoody-GT-x2_Grey99.png
Requested by
Host: www.bet365.dk
URL: https://www.bet365.dk/olpc/da/54/0/1/open-account
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.226.179.15 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b163877ec48382be73ffdf62c6a5dc5ded37443856dde414e591dfe85b61f070

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.bet365.dk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Fri, 02 Dec 2022 13:47:41 GMT
CF-Cache-Status
REVALIDATED
Last-Modified
Mon, 11 Oct 2021 13:13:24 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
public, max-age=432000
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
CF-RAY
77348412cb4a0757-MAN
Content-Length
5324
Expires
Wed, 07 Dec 2022 13:47:41 GMT
SPORTSX1-ESSA_2.png
content001.bet365.dk/SportsContent/Global/Footer/ Frame B312 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content001.bet365.dk/SportsContent/Global/Footer/SPORTSX1-ESSA_2.png
Requested by
Host: www.bet365.dk
URL: https://www.bet365.dk/olpc/da/54/0/1/open-account
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.226.179.15 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
101ca051649af6826119108f51311f70b4d58e94242c8877a2b8a9247b90f54f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.bet365.dk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Fri, 02 Dec 2022 13:47:41 GMT
CF-Cache-Status
REVALIDATED
Last-Modified
Tue, 04 Jun 2019 13:21:41 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
public, max-age=432000
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
CF-RAY
77348412cd5054ab-MAN
Content-Length
6386
Expires
Wed, 07 Dec 2022 13:47:41 GMT
BlueText@2x.png
content001.bet365.dk/SportsContent/Global/Footer/ROFUSBlue/ Frame B312 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content001.bet365.dk/SportsContent/Global/Footer/ROFUSBlue/BlueText@2x.png
Requested by
Host: www.bet365.dk
URL: https://www.bet365.dk/olpc/da/54/0/1/open-account
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.226.179.15 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d48c75b22fb1b7811c6b1f979b531c0ddd84cfa6165ef4681ec853633dd24d63

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.bet365.dk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Fri, 02 Dec 2022 13:47:41 GMT
CF-Cache-Status
REVALIDATED
Last-Modified
Wed, 09 Dec 2020 09:46:35 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
public, max-age=432000
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
CF-RAY
77348412fefd074a-MAN
Content-Length
1471
Expires
Wed, 07 Dec 2022 13:47:41 GMT
StopSpilletApproved.svg
content001.bet365.dk/SportsContent/Global/Footer/ Frame B312 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content001.bet365.dk/SportsContent/Global/Footer/StopSpilletApproved.svg
Requested by
Host: www.bet365.dk
URL: https://www.bet365.dk/olpc/da/54/0/1/open-account
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.226.179.15 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fed6da3873a144ff5a83e8407b3a1cc8229ecf2d790ea965bd334c62b83e0d9c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.bet365.dk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Fri, 02 Dec 2022 13:47:41 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
Last-Modified
Thu, 12 Mar 2020 12:07:42 GMT
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
public, max-age=432000
Connection
keep-alive
Timing-Allow-Origin
*
CF-RAY
773484130c8c0753-MAN
Expires
Wed, 07 Dec 2022 13:47:41 GMT
eCogra-Horizontal2x.png
content001.bet365.dk/SportsContent/Global/Footer/ Frame B312 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content001.bet365.dk/SportsContent/Global/Footer/eCogra-Horizontal2x.png
Requested by
Host: www.bet365.dk
URL: https://www.bet365.dk/olpc/da/54/0/1/open-account
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.226.179.15 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0438c85b7b5f9c21ac9a1975ccd12464f5f8cbf15d3353ee700e2617f913349

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.bet365.dk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Fri, 02 Dec 2022 13:47:42 GMT
CF-Cache-Status
REVALIDATED
Last-Modified
Wed, 11 Aug 2021 10:23:12 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
public, max-age=432000
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
CF-RAY
773484131e08b2ed-MAN
Content-Length
1671
Expires
Wed, 07 Dec 2022 13:47:42 GMT
SPORTSX2-18.png
content001.bet365.dk/SportsContent/Global/Footer/ Frame B312 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content001.bet365.dk/SportsContent/Global/Footer/SPORTSX2-18.png
Requested by
Host: www.bet365.dk
URL: https://www.bet365.dk/olpc/da/54/0/1/open-account
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.226.179.15 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5af616c5e6ad0d97aa233ed4644776ca94de0cfb1a653844d8a5d9ee46e756af

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.bet365.dk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Fri, 02 Dec 2022 13:47:42 GMT
CF-Cache-Status
REVALIDATED
Last-Modified
Fri, 20 Mar 2015 09:13:01 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
public, max-age=432000
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
CF-RAY
77348413488c0742-MAN
Content-Length
4400
Expires
Wed, 07 Dec 2022 13:47:42 GMT
bet365%20grey%20footer%20logo.png
content001.bet365.dk/SportsContent/Global/Footer/ Frame B312 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content001.bet365.dk/SportsContent/Global/Footer/bet365%20grey%20footer%20logo.png
Requested by
Host: www.bet365.dk
URL: https://www.bet365.dk/olpc/da/54/0/1/open-account
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.226.179.15 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ad4d67eed235fafc8ddfab188fa2e968ba4345718c8338bd7f4fbfafa6f8a2b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.bet365.dk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Fri, 02 Dec 2022 13:47:42 GMT
CF-Cache-Status
REVALIDATED
Last-Modified
Thu, 11 Jun 2015 14:13:32 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
public, max-age=432000
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
CF-RAY
773484135c650757-MAN
Content-Length
7868
Expires
Wed, 07 Dec 2022 13:47:42 GMT
ProductCommon_v1.js
www.bet365.dk/members/services/host/Scripts/js/ Frame B312 		990 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bet365.dk/members/services/host/Scripts/js/ProductCommon_v1.js?async
Requested by
Host: www.bet365.dk
URL: https://www.bet365.dk/olpc/da/54/0/1/open-account
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.226.179.15 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3caf97f5652ef903f73bed69dbd65614ef2b03291c20d89e90d27bc884aac216

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.bet365.dk/olpc/da/54/0/1/open-account
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 02 Dec 2022 13:47:41 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Fri, 02 Dec 2022 13:47:41 GMT
Server
cloudflare
x-bet-hop
1
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
CF-RAY
77348411ee3f54ac-MAN
Expires
0
GetLanguageByCountryIdAndStateId
www.bet365.dk/LandingPageCountry/ Frame B312 		1 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.bet365.dk/LandingPageCountry/GetLanguageByCountryIdAndStateId?countryId=54&stateId=0
Requested by
Host: www.bet365.dk
URL: https://www.bet365.dk/members/services/host/Scripts/js/ProductCommon_v1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.226.179.15 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.bet365.dk/olpc/da/54/0/1/open-account
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Fri, 02 Dec 2022 13:47:41 GMT
CF-Cache-Status
HIT
Last-Modified
Thu, 01 Dec 2022 10:25:01 GMT
Server
cloudflare
Age
97779
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Cache-Control
public, no-cache="Set-Cookie", max-age=432000
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
77348411dc140761-MAN
Content-Length
1
gtm.js
www.googletagmanager.com/ Frame B312 		96 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5DJNXMC
Requested by
Host: www.bet365.dk
URL: https://www.bet365.dk/olpc/da/54/0/1/open-account
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a2f5f496f7cd450b310fdf80136844191836f1d6074e960a34023d302cecefb5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.bet365.dk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 13:47:41 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38529
x-xss-protection
0
last-modified
Fri, 02 Dec 2022 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 02 Dec 2022 13:47:41 GMT
ProductCommon_v1.js
www.bet365.dk/members/services/host/Scripts/js/ Frame B312 		248 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bet365.dk/members/services/host/Scripts/js/ProductCommon_v1.js?seed=AMCTB9OEAQAAWLggAvW-PaP9df_jXbew7C2j0LplvbG1EvqC7eh-DUjak2is&PIRXTcSdwp--z=q
Requested by
Host: www.bet365.dk
URL: https://www.bet365.dk/members/services/host/Scripts/js/ProductCommon_v1.js?async
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.226.179.15 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7c742eeadc03be1493c16e4f444fc106dcb1661c013c2c725b314aa543ee1fc

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.bet365.dk/olpc/da/54/0/1/open-account
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Fri, 02 Dec 2022 13:47:41 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Fri, 02 Dec 2022 13:30:00 GMT
Server
cloudflare
x-bet-hop
1
Age
828
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=3600, immutable
Connection
keep-alive
CF-RAY
773484127f8354ac-MAN
js
www.googletagmanager.com/gtag/ Frame B312 		223 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-45M1DQFW2B&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5DJNXMC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c138ae95d6c8ccf61ff6d788ceb3786604755d70e64dd3b1dc2d1a1460e8640c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.bet365.dk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 13:47:42 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
78624
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 02 Dec 2022 13:47:42 GMT
cookieconsentajax
www.bet365.dk/olpc/da/54/0/1/ Frame B312 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.bet365.dk/olpc/da/54/0/1/cookieconsentajax?
Requested by
Host: www.bet365.dk
URL: https://www.bet365.dk/members/services/host/Scripts/js/ProductCommon_v1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.226.179.15 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb12d4bc22a11189e3ffaba0ddc9cba8f7f47d2aeeed916fdab061a341eece8e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.bet365.dk/olpc/da/54/0/1/open-account
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Fri, 02 Dec 2022 13:47:42 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
Cache-Control
private
Connection
keep-alive
CF-RAY
773484164ee954ac-MAN
Content-Length
1368
truncated
/ Frame B312 		89 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Type
image/png

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
mmwebhandler.aff-online.com
URL
https://mmwebhandler.aff-online.com/C/39300?sr=1868426

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| oncontentvisibilityautostatechange object| _0xc87e function| _0xe12c

11 Cookies

Domain/Path Name / Value
.bet365.dk/ Name: __cf_bm
Value: 7WDhnupEt_rp4ZhgzM5WRJIxxYGGJeD04ubQrQfTmvA-1669988861-0-AXh6098Wui12SW2WjRhRFsdllmR9sK24AWXF1XYLjTnX7bNHv5eWt8byx0k//563xJ2j1TirtA/CfO5TOfkr+5o=
mmwebhandler.aff-online.com/ Name: uffiliate_click_39300_1868426_
Value: uffiliate_click_39300_1868426_
.bet365.dk/ Name: Affiliates
Value: Code=365_01028683&prd=Sports
members.bet365.dk/ Name: session
Value: processform=0
.bet365.dk/ Name: pstk
Value: 26172CC12F34C304B177F0CB78055D42000003
.leovegas.com/ Name: NetRefer_CookieUniTrack_C
Value: %5b%7b%22PID%22%3a3710549%2c%22BID%22%3a1466%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1669988861868)%5c%2f%22%2c%22CookieTag%22%3a%221466371054921%3a%3ae%3a12%3a8ca%3a1002C20221221347%22%7d%5d
.luckydaysaffiliates.com/ Name: NetRefer_CookieUniTrack_C
Value: %5b%7b%22PID%22%3a6575%2c%22BID%22%3a1476%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1669988861898)%5c%2f%22%2c%22CookieTag%22%3a%221476657521%3a%3ae%3a12%3a8ca%3a1002C20221221347%22%7d%5d
.luckydays.com/ Name: __cf_bm
Value: FyShzRmOjA11saZE2WjJezEMvjs15Z9T.n.exUQ1HKU-1669988862-0-AQsfJUwT4kwofP4BahfiMb8Fdof9+zeFz69YZFRUax0L8f/6G7GII1PuaOmB12GOfBhSEHDr8UBoe7LTfMVikr2GfrgCcb3rZoI8B1cQIrM6
.leovegas.com/ Name: visid_incap_846569
Value: RkDIkArGSfCYXg95t9MxOv0BimMAAAAAQUIPAAAAAADnyUsmZWiLJmzvXrUlep+z
.leovegas.com/ Name: nlbi_846569
Value: VdtSHt9h+C/KcGX8TJV9qQAAAABBX4jUamA220f/ZZXVdX/7
.leovegas.com/ Name: incap_ses_8219_846569
Value: pHhTNfGTD0Wd8H4CgMEPcv0BimMAAAAA8lnuS0oRmDLs/n2PoX89dQ==

14 Console Messages

Source Level URL
Text
network error URL: https://heavytunas.com/spillemyndigheden.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://heavytunas.com/rofus.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://heavytunas.com/stopspillet.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://heavytunas.com/ludomani.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.securely-send.com/storage/pu_cd_dk_volde_real.js
Message:
Failed to load resource: the server responded with a status of 404 ()
security error (Line 2)
Message:
Mixed Content: The page at 'https://heavytunas.com/' was loaded over HTTPS, but requested an insecure frame 'http://www.888casino.dk/sem/online-casino/generic/50-3000-rf.htm?sr=1868426&mm_id=39300&utm_source=aff&utm_medium=casap&utm_content=100136647&utm_campaign=100136647_1868426_nodescription'. This request has been blocked; the content must be served over HTTPS.
javascript warning URL: https://www.bet365.dk/members/services/host/Scripts/js/ProductCommon_v1.js?seed=AMCTB9OEAQAAWLggAvW-PaP9df_jXbew7C2j0LplvbG1EvqC7eh-DUjak2is&PIRXTcSdwp--z=q
Message:
The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
security error
Message:
Refused to frame 'https://luckydays.com/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors *.regily.com https://freeluckydays.com https://freeluckydays.net https://luckydaysfree.com https://www.luckydaysfun.com".
security error URL: https://www.googletagmanager.com/gtag/js?id=G-Z57QP9ZEE5(Line 50)
Message:
Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-Z57QP9ZEE5&gtm=2oebu0&_p=13267046&gcs=G1-0&cid=609655967.1669988862&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1669988862&sct=1&seg=0&dl=https%3A%2F%2Fwww.bet365.dk%2Folpc%2Fda%2F54%2F0%2F1%2Fopen-account&dr=https%3A%2F%2Fwww.bet365.dk%2Folp%2Fopen-account%3Faffiliate%3D365_01028683&dt=Offer%20Landing%20Page&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.anonymize_ip=true' because it violates the following Content Security Policy directive: "connect-src 'self' https://www.google-analytics.com http://members.bet365.dk https://extra.bet365.dk 'nonce-HvOe2utN30Iw0hgUVsVrEal+cp7ADwIQDY7acD78iqc='".
rendering warning URL: https://www.bet365.dk/members/services/host/Scripts/js/ProductCommon_v1.js?seed=AMCTB9OEAQAAWLggAvW-PaP9df_jXbew7C2j0LplvbG1EvqC7eh-DUjak2is&PIRXTcSdwp--z=q
Message:
Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
security error
Message:
Refused to frame 'https://www.leovegas.com/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self' *.leovegas.com *.casinomodule.com *.yggdrasilgaming.com *.evolutiongaming.com *.gameassists.co.uk *.gameassists.dk *.rgsgames.com *.wagerworks.com *.adform.com *.livetables.io *.regily.com *.casinoalternativen.com *.onlinecasinobonus24.xyz *.livetableshu.com".
security error URL: https://www.googletagmanager.com/gtag/js?id=G-45M1DQFW2B&l=dataLayer&cx=c(Line 50)
Message:
Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-45M1DQFW2B&gtm=2oebu0&_p=13267046&gcs=G1-0&cid=609655967.1669988862&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1669988862&sct=1&seg=0&dl=https%3A%2F%2Fwww.bet365.dk%2Folpc%2Fda%2F54%2F0%2F1%2Fopen-account&dr=https%3A%2F%2Fwww.bet365.dk%2Folp%2Fopen-account%3Faffiliate%3D365_01028683&dt=Offer%20Landing%20Page&en=page_view&_fv=1&_ss=1' because it violates the following Content Security Policy directive: "connect-src 'self' https://www.google-analytics.com http://members.bet365.dk https://extra.bet365.dk 'nonce-HvOe2utN30Iw0hgUVsVrEal+cp7ADwIQDY7acD78iqc='".
rendering warning URL: https://www.bet365.dk/members/services/host/Scripts/js/ProductCommon_v1.js?seed=AMCTB9OEAQAAWLggAvW-PaP9df_jXbew7C2j0LplvbG1EvqC7eh-DUjak2is&PIRXTcSdwp--z=q
Message:
Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
rendering warning URL: https://www.bet365.dk/members/services/host/Scripts/js/ProductCommon_v1.js?seed=AMCTB9OEAQAAWLggAvW-PaP9df_jXbew7C2j0LplvbG1EvqC7eh-DUjak2is&PIRXTcSdwp--z=q
Message:
Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.leovegas.com
content001.bet365.dk
fonts.googleapis.com
fonts.gstatic.com
heavytunas.com
luckydays.com
media.luckydaysaffiliates.com
members.bet365.dk
mmwebhandler.aff-online.com
www.bet365.dk
www.googletagmanager.com
www.leovegas.com
www.securely-send.com
mmwebhandler.aff-online.com
104.17.38.60
107.154.248.168
116.203.124.201
161.35.78.172
2a00:1450:4001:806::2003
2a00:1450:4001:813::2008
2a00:1450:4001:82f::200a
2a02:26f0:480:c::210:f19c
2a02:26f0:480:c::210:f19d
5.226.179.15
00421084d72d9f984e8e26bcb55b4849a1f836736d05a5b87e2196335efccabd
028621d03af7ffb621f60b7434e86af7e8df70a321f83f115c556a4164dd82b5
04ca630fcb923d9266f9156dcb64df7aed684d2e0261776d05e23bf4da12b3d1
0b3f1125c7f29b3164a22aa98fcb3ef9a08e992d40f38d06c3f1b585b6f6ef19
101ca051649af6826119108f51311f70b4d58e94242c8877a2b8a9247b90f54f
2249be049c0895bcc45c17a703fb13b28c771be8d95cd0b7d7f9aba0398bbe5f
367b375d52b88b06883869ddb1dca46bd1b5ca3656fd6be348c75d9afb7b4b51
3caf97f5652ef903f73bed69dbd65614ef2b03291c20d89e90d27bc884aac216
3fee72372e2db4d8ccb7d507f4e254574d51f72e9136bcda6ef5ba7bb86b849e
50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23
5495b72e4ac2ec613e68ec5de10ecd5209a4126a1f0d1c343bb46ffd2d1d9222
5923b5d3167186e22377d01f2002120106ed40e936e0341426c681d5a61e2184
5af616c5e6ad0d97aa233ed4644776ca94de0cfb1a653844d8a5d9ee46e756af
5f43899197d72dd57f227ae6741b80791fd187b8f11bad546dffbaf2e3743523
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
63aad7331d7e736a0c7d78bf605358194aed3befe6702c8606b6c5e43f34a469
662c2c97092391ae013657013ee4e9e1ae67db8d008735ea5e03ae20fecd07ba
6ad4d67eed235fafc8ddfab188fa2e968ba4345718c8338bd7f4fbfafa6f8a2b
6e28311fc68644a88a32df782c7371991894bc6a6a81f8ff70f971b4470c3751
6ee580fb3eaf798098b43c08e23941f3ed2c6eb920a26151481ac789d866536f
7306ea9314c478b4f08cca7246b082c81e11b20a034e474159b85a693cbe492b
734998ba3a924b5f0f43c791dc2de2a7f335d3da719546c51a39d094f5ba747b
79e220d0cc09b63de81927cf8f76ac3f29b928a61f7dbd022e9124993e600d4f
85c00feeb64af463ebfa744b8984cb33499c8dadd31f9bf5eaefe3a418fddb7e
9f34a7a3e44fca3bdc174a17341aecdd8827ed50fd0d222fd68258651f99e899
a2f5f496f7cd450b310fdf80136844191836f1d6074e960a34023d302cecefb5
a8e15586ce9e1f0e25da37516d4aa232bc0b14eaca4edc1c2bd2f03dbc8026f6
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b163877ec48382be73ffdf62c6a5dc5ded37443856dde414e591dfe85b61f070
b16b98ab9ed64f409952bb93319ef1a65144f4e37eb601a10937586969c0de86
b7abb33953367ca8cbd7992cfac8d74385407227e3de75105ee9cfbf38070a41
c138ae95d6c8ccf61ff6d788ceb3786604755d70e64dd3b1dc2d1a1460e8640c
c2df13c5fde252964991099d203d6f5f12e0db23d9cf8971e89475fccc8776c1
c2f44789b9ee80b5f559a24ccf3c09f1361667fdb585ac3a3cefd6d1e06c68a8
c74563ea394bdffbb99b9dccf8ae5bc071b74d4e587f25e5920e7fac5c660a95
cb12d4bc22a11189e3ffaba0ddc9cba8f7f47d2aeeed916fdab061a341eece8e
d0438c85b7b5f9c21ac9a1975ccd12464f5f8cbf15d3353ee700e2617f913349
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
d48c75b22fb1b7811c6b1f979b531c0ddd84cfa6165ef4681ec853633dd24d63
e31422fea6c9d5e306946339a38d966031437570a19e2f01e904ed45eea208ce
e7c742eeadc03be1493c16e4f444fc106dcb1661c013c2c725b314aa543ee1fc
ed70b3ba07ee5c16f7c87e3bb38f59d60574218f2f993e0eb5262f5829dda59b
fed6da3873a144ff5a83e8407b3a1cc8229ecf2d790ea965bd334c62b83e0d9c