urlscan.io logo urlscan.io
SecurityTrails logo

www.betpop.lv Open in urlscan Pro
2606:4700:10::6816:ec5  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://betpop.eu/
Effective URL: https://www.betpop.lv/
Submission: On March 07 via manual from VN — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 40 HTTP transactions. The main IP is 2606:4700:10::6816:ec5, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.betpop.lv.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 29th 2022. Valid for: a year.
This is the only time www.betpop.lv was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:310... 13335 (CLOUDFLAR...)
1 1 2606:4700:310... 13335 (CLOUDFLAR...)
10 2606:4700:10:... 13335 (CLOUDFLAR...)
6 138.122.25.137 263785 (COLUMBUS ...)
16 2606:4700:310... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
2 146.82.71.144 3549 (LVLT-3549)
4 138.122.247.4 28317 (NAVEGALO ...)
40 6
1    2606:4700:3108::ac42:290f (United States)

ASN13335 (CLOUDFLARENET, US)
betpop.eu
1    2606:4700:3108::ac42:2af1 (United States)

ASN13335 (CLOUDFLARENET, US)
betpop.eu
10    2606:4700:10::6816:ec5 (United States)

ASN13335 (CLOUDFLARENET, US)
www.betpop.lv
6    138.122.25.137 (Costa Rica)

ASN263785 (COLUMBUS NETWORKS DE COSTA RICA SOCIEDAD DE RESPONSABILIDAD LIMITADA, CR)
livechat.ffsvrs.lv
16    2606:4700:3108::ac42:2b47 (United States)

ASN13335 (CLOUDFLARENET, US)
scripts.ffresx.xyz
filebox.ffresx.xyz
content.ffresx.xyz
sliders.ffresx.xyz
2    2607:f8b0:4006:824::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    146.82.71.144 (United States)

ASN3549 (LVLT-3549, US)
e.ffsvrs.lv
4    138.122.247.4 (Costa Rica)

ASN28317 (NAVEGALO S.A., CR)
bannermanager.ffsvrs.lv
Domain Requested by
10 www.betpop.lv www.betpop.lv
8 filebox.ffresx.xyz www.betpop.lv
6 livechat.ffsvrs.lv www.betpop.lv
livechat.ffsvrs.lv
5 scripts.ffresx.xyz www.betpop.lv
scripts.ffresx.xyz
4 bannermanager.ffsvrs.lv scripts.ffresx.xyz
2 sliders.ffresx.xyz
2 e.ffsvrs.lv www.betpop.lv
2 fonts.gstatic.com www.betpop.lv
2 betpop.eu 2 redirects
1 content.ffresx.xyz scripts.ffresx.xyz
40 10

This site contains links to these domains. Also see Links.

Domain
wagerpartner.com
www.wagerpartner.com
www.youwager.lv
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-29 -
2023-05-29		 a year crt.sh
*.ffsvrs.lv
Go Daddy Secure Certificate Authority - G2		 2022-07-19 -
2023-08-20		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.betpop.lv/
Frame ID: 131810D57236A44664BE130C919DAEBD
Requests: 34 HTTP requests in this frame

Frame: https://www.betpop.lv/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1678161600
Frame ID: 0015F3C6D2C292EB0A7A21A41D50E878
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Online Sports Betting, Racebook, Casino, Poker at BetPOP.lv

Page URL History Show full URLs

  1. http://betpop.eu/ HTTP 301
    https://betpop.eu/ HTTP 301
    https://www.betpop.lv/ Page URL

Page Statistics

40
Requests

100 %
HTTPS

63 %
IPv6

5
Domains

10
Subdomains

6
IPs

2
Countries

859 kB
Transfer

2124 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://betpop.eu/ HTTP 301
    https://betpop.eu/ HTTP 301
    https://www.betpop.lv/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

40 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.betpop.lv/
Redirect Chain
  • http://betpop.eu/
  • https://betpop.eu/
  • https://www.betpop.lv/
18 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.betpop.lv/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:ec5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44baf01411ee6cc5aaac558718ab444ebbe60a09cd7ec0dd54ce0030f026ac24

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
2017065
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, max-age=2678400
cf-cache-status
HIT
cf-ray
7a40de0dd91a32ee-EWR
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 07 Mar 2023 06:44:00 GMT
last-modified
Mon, 16 Sep 2019 00:00:00 GMT
server
cloudflare
sfarm
B
vary
Accept-Encoding
x-aspnet-version
x-aspnetmvc-version
x-powered-by

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=2073600
cf-cache-status
DYNAMIC
cf-ray
7a40de085828188d-EWR
content-type
text/html; charset=UTF-8
date
Tue, 07 Mar 2023 06:43:59 GMT
last-modified
Mon, 16 Sep 2019 00:00:00 GMT
location
https://www.betpop.lv/
server
cloudflare
sfarm
A
x-aspnet-version
x-aspnetmvc-version
x-powered-by
css-betpop
www.betpop.lv/static/ 		289 KB
52 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.betpop.lv/static/css-betpop?v=9edR-1mnNyZP48ljZGdCm2uPrn_IRpo9TbXZ7ZQZd6M1
Requested by
Host: www.betpop.lv
URL: https://www.betpop.lv/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:ec5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30d6ff2807d7516c736ff7021505e0af935600f591b4cefbe1981febc1d61fd3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.betpop.lv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 06:44:01 GMT
content-encoding
br
x-aspnetmvc-version
last-modified
Tue, 07 Mar 2023 06:44:00 GMT,Mon, 16 Sep 2019 00:00:00 GMT
server
cloudflare
x-aspnet-version
x-powered-by
vary
User-Agent,Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
public,max-age=2073600
cf-cache-status
DYNAMIC
cf-ray
7a40de0e093d32ee-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
sfarm
B
expires
Wed, 06 Mar 2024 06:44:00 GMT
script.php
livechat.ffsvrs.lv/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://livechat.ffsvrs.lv/script.php?id=fa79e57146d773a5d3a298abf8a22944
Requested by
Host: www.betpop.lv
URL: https://www.betpop.lv/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.122.25.137 , Costa Rica, ASN263785 (COLUMBUS NETWORKS DE COSTA RICA SOCIEDAD DE RESPONSABILIDAD LIMITADA, CR),
Reverse DNS
Software
FF5C4086932D5FB80A7603AB1AC684AD2CC810CF6F15936DCE1CFAAADAA2F02B / FF5C4086932D5FB80A7603AB1AC684AD2CC810CF6F15936DCE1CFAAADAA2F02B
Resource Hash
2af3abdeeb1793a08a12c1cb15a663de08c20ddaa46ed61e1f92127a5d98ee72

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.betpop.lv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 06:44:00 GMT
content-encoding
gzip
last-modified
Wed, 8 Agu 2022 00:00:00 GMT
server
FF5C4086932D5FB80A7603AB1AC684AD2CC810CF6F15936DCE1CFAAADAA2F02B
etag
E5EE517B60851DA870B03450AD66EB23
x-powered-by
FF5C4086932D5FB80A7603AB1AC684AD2CC810CF6F15936DCE1CFAAADAA2F02B
vary
Accept-Encoding
access-control-max-age
2592000
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
max-age=2592000
content-length
2071
sfarm
LIVEHELP-C1
scripts
www.betpop.lv/bundles/ 		178 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.betpop.lv/bundles/scripts?v=Se7MEyV3CK5mcZ2eefgUKxjfACncpeKQy-albxmq43E1
Requested by
Host: www.betpop.lv
URL: https://www.betpop.lv/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:ec5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd353a7e3a67bc28928c3fd6b38504803c21fd270619ac73913ff544687cb36c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.betpop.lv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 06:44:00 GMT
content-encoding
br
x-aspnetmvc-version
last-modified
Tue, 07 Mar 2023 06:44:00 GMT,Mon, 16 Sep 2019 00:00:00 GMT
server
cloudflare
x-aspnet-version
x-powered-by
vary
User-Agent,Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public,max-age=2073600
cf-cache-status
DYNAMIC
cf-ray
7a40de0e093f32ee-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
sfarm
B
expires
Wed, 06 Mar 2024 06:44:00 GMT
scripts-misc
www.betpop.lv/bundles/ 		495 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.betpop.lv/bundles/scripts-misc?v=dvZr7_rXm3Y8D9MYcrmhUWLRzJhMOp34amzI3qscaSo1
Requested by
Host: www.betpop.lv
URL: https://www.betpop.lv/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:ec5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da5a4d2570a587c2568f8cf9eb08ec5ebba6a9df5c8e8e1c5c702815da67311a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.betpop.lv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 06:44:00 GMT
content-encoding
br
x-aspnetmvc-version
last-modified
Tue, 07 Mar 2023 06:44:00 GMT,Mon, 16 Sep 2019 00:00:00 GMT
server
cloudflare
x-aspnet-version
x-powered-by
vary
User-Agent,Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public,max-age=2073600
cf-cache-status
DYNAMIC
cf-ray
7a40de0e094132ee-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
sfarm
B
expires
Wed, 06 Mar 2024 06:44:00 GMT
ff-helium.loader-2.1.0.js
scripts.ffresx.xyz/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.ffresx.xyz/ff-helium.loader-2.1.0.js
Requested by
Host: www.betpop.lv
URL: https://www.betpop.lv/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3cdc1c04647bf895a6c269cce381134c6f4a3d7568a77655bdd7c3a559620271

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.betpop.lv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 06:44:00 GMT
content-encoding
br
cf-cache-status
HIT
x-aspnet-version
age
940488
cf-polished
origSize=4698
x-powered-by
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
sfarm
B
x-aspnetmvc-version
cf-bgj
minify
last-modified
Sun, 28 Aug 2022 13:46:44 GMT
server
cloudflare
etag
W/"03a09ce4bad81:0",c6e63aa67f3cb2f743be6c1cddd8f095
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
7a40de0e3c6b2360-EWR
fa-solid-900.woff2
www.betpop.lv/Content/base/fonts/ 		73 KB
73 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.betpop.lv/Content/base/fonts/fa-solid-900.woff2
Requested by
Host: www.betpop.lv
URL: https://www.betpop.lv/static/css-betpop?v=9edR-1mnNyZP48ljZGdCm2uPrn_IRpo9TbXZ7ZQZd6M1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:ec5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f18c486a80175cf02fee0e05c2b4acd86c04cdbaecec61c1ef91f920509b5efe

Request headers

Referer
https://www.betpop.lv/static/css-betpop?v=9edR-1mnNyZP48ljZGdCm2uPrn_IRpo9TbXZ7ZQZd6M1
Origin
https://www.betpop.lv
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 06:44:01 GMT
cf-cache-status
HIT
x-aspnet-version
age
334118
x-powered-by
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
74256
sfarm
B
x-aspnetmvc-version
last-modified
Sat, 21 Sep 2019 19:18:29 GMT,Mon, 16 Sep 2019 00:00:00 GMT
server
cloudflare
etag
"0f2d059b170d51:0",c6e63aa67f3cb2f743be6c1cddd8f095
vary
Accept-Encoding
content-type
font/woff2
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
7a40de14ec161839-EWR
logo.png
filebox.ffresx.xyz/static/betpop/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://filebox.ffresx.xyz/static/betpop/images/logo.png
Requested by
Host: www.betpop.lv
URL: https://www.betpop.lv/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / 155F95CCFB9E36946B8D3A2290F110D21186FB1480A252E6097D0874AB5DA76C
Resource Hash
61b79fccb6009e8676e809ded923f1a1ee01baf12a75ddd35c8e0e4d628bc55e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.betpop.lv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 06:44:01 GMT
cf-cache-status
HIT
x-aspnet-version
155F95CCFB9E36946B8D3A2290F110D21186FB1480A252E6097D0874AB5DA76C
age
53343
cf-polished
origFmt=png, origSize=2025
x-powered-by
155F95CCFB9E36946B8D3A2290F110D21186FB1480A252E6097D0874AB5DA76C
content-disposition
inline; filename="logo.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1638
sfarm
FILEBOX
cf-bgj
imgq:100,h2pri
last-modified
Sat, 18 Apr 2020 19:44:44 GMT,Mon, 1 Jan 2019 00:00:00 GMT
server
cloudflare
etag
"6b468dcfb915d61:0",F9B173C96CC183777DAA8E73B3672FB045BC4A066E7B41A5297BE3D0ED8164E4
vary
Accept
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
7a40de153ffa2360-EWR
best-teaser-and-parley-payouts.svg
filebox.ffresx.xyz/static/betpop/images/ 		7 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://filebox.ffresx.xyz/static/betpop/images/best-teaser-and-parley-payouts.svg
Requested by
Host: www.betpop.lv
URL: https://www.betpop.lv/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / 155F95CCFB9E36946B8D3A2290F110D21186FB1480A252E6097D0874AB5DA76C
Resource Hash
b6522abdd6f0af60c6b16a89524928bce3967458376ff83ae9939e1d1b19ee8e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.betpop.lv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 06:44:01 GMT
content-encoding
br
cf-cache-status
HIT
x-aspnet-version
155F95CCFB9E36946B8D3A2290F110D21186FB1480A252E6097D0874AB5DA76C
age
52518
x-powered-by
155F95CCFB9E36946B8D3A2290F110D21186FB1480A252E6097D0874AB5DA76C
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
sfarm
FILEBOX
last-modified
Tue, 11 Jan 2022 22:18:02 GMT,Mon, 1 Jan 2019 00:00:00 GMT
server
cloudflare
etag
W/"0c9ea18397d81:0",F9B173C96CC183777DAA8E73B3672FB045BC4A066E7B41A5297BE3D0ED8164E4
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2678400
cf-ray
7a40de153ff82360-EWR
logos-sports.svg
filebox.ffresx.xyz/static/betpop/images/ 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://filebox.ffresx.xyz/static/betpop/images/logos-sports.svg
Requested by
Host: www.betpop.lv
URL: https://www.betpop.lv/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / 155F95CCFB9E36946B8D3A2290F110D21186FB1480A252E6097D0874AB5DA76C
Resource Hash
167a9695cb99d85cdf6563145aca2a252840df276bd14de52da31ea41d15144b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.betpop.lv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 06:44:01 GMT
content-encoding
br
cf-cache-status
HIT
x-aspnet-version
155F95CCFB9E36946B8D3A2290F110D21186FB1480A252E6097D0874AB5DA76C
age
52518
x-powered-by
155F95CCFB9E36946B8D3A2290F110D21186FB1480A252E6097D0874AB5DA76C
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
sfarm
FILEBOX
last-modified
Wed, 03 Aug 2022 15:45:43 GMT,Mon, 1 Jan 2019 00:00:00 GMT
server
cloudflare
etag
W/"806dd91650a7d81:0",F9B173C96CC183777DAA8E73B3672FB045BC4A066E7B41A5297BE3D0ED8164E4
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2678400
cf-ray
7a40de153ffd2360-EWR
deposit-methods-news-2.png
filebox.ffresx.xyz/static/youwager/images/home/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://filebox.ffresx.xyz/static/youwager/images/home/deposit-methods-news-2.png
Requested by
Host: www.betpop.lv
URL: https://www.betpop.lv/static/css-betpop?v=9edR-1mnNyZP48ljZGdCm2uPrn_IRpo9TbXZ7ZQZd6M1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / 155F95CCFB9E36946B8D3A2290F110D21186FB1480A252E6097D0874AB5DA76C
Resource Hash
d03963032066630539c311730be0ce09209eefc396a7f19b6f39c5a6e991cb83

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.betpop.lv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 06:44:01 GMT
cf-cache-status
HIT
x-aspnet-version
155F95CCFB9E36946B8D3A2290F110D21186FB1480A252E6097D0874AB5DA76C
age
2536701
cf-polished
origFmt=png, origSize=14848
x-powered-by
155F95CCFB9E36946B8D3A2290F110D21186FB1480A252E6097D0874AB5DA76C
content-disposition
inline; filename="deposit-methods-news-2.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7530
sfarm
FILEBOX
cf-bgj
imgq:100,h2pri
last-modified
Fri, 07 Jan 2022 23:36:19 GMT,Mon, 1 Jan 2019 00:00:00 GMT
server
cloudflare
etag
"801be55e1f4d81:0",F9B173C96CC183777DAA8E73B3672FB045BC4A066E7B41A5297BE3D0ED8164E4
vary
Accept
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
7a40de153ffe2360-EWR
IQHow_FEYlDC4Gzy_m8fcoWiMMZ7xLd792ULpGE4W_Y.woff2
fonts.gstatic.com/s/montserrat/v6/ 		9 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v6/IQHow_FEYlDC4Gzy_m8fcoWiMMZ7xLd792ULpGE4W_Y.woff2
Requested by
Host: www.betpop.lv
URL: https://www.betpop.lv/static/css-betpop?v=9edR-1mnNyZP48ljZGdCm2uPrn_IRpo9TbXZ7ZQZd6M1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d6be6d46dfeda5b5cace82853388f1f14c6f631b1e9ea0e6023bf3f9a52c2eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.betpop.lv/
Origin
https://www.betpop.lv
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 05:06:30 GMT
x-content-type-options
nosniff
age
437851
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9636
x-xss-protection
0
last-modified
Mon, 06 Oct 2014 20:36:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Mar 2024 05:06:30 GMT
path
e.ffsvrs.lv/webservices/timothy/query/on-site/ongoing/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://e.ffsvrs.lv/webservices/timothy/query/on-site/ongoing/path?path=/&type=FRONT
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
146.82.71.144 , United States, ASN3549 (LVLT-3549, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.betpop.lv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

AFarm
B
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Content-Type, Authorization
Access-Control-Allow-Methods
POST,GET,PUT,OPTIONS
Access-Control-Allow-Origin
https://www.betpop.lv
Allow
GET
Cache-Control
private
Connection
close
Content-Length
0
Content-Type
text/html
Date
Tue, 07 Mar 2023 06:44:01 GMT
SERVER
D0E0BD25EA07264F66B5147EBAC3D2918020076B9E432B6B85EC7EE9E9A78E60
X-ASPNETMVC-VERSION
D0E0BD25EA07264F66B5147EBAC3D2918020076B9E432B6B85EC7EE9E9A78E60
X-AspNet-Version
D0E0BD25EA07264F66B5147EBAC3D2918020076B9E432B6B85EC7EE9E9A78E60
X-POWERED-BY
D0E0BD25EA07264F66B5147EBAC3D2918020076B9E432B6B85EC7EE9E9A78E60
zhcz-_WihjSQC0oHJ9TCYPk_vArhqVIZ0nv9q090hN8.woff2
fonts.gstatic.com/s/montserrat/v6/ 		9 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v6/zhcz-_WihjSQC0oHJ9TCYPk_vArhqVIZ0nv9q090hN8.woff2
Requested by
Host: www.betpop.lv
URL: https://www.betpop.lv/static/css-betpop?v=9edR-1mnNyZP48ljZGdCm2uPrn_IRpo9TbXZ7ZQZd6M1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33eb82fb1c46cc3ecdfdf96db305f5b996d75f56ef238e2f25d5e3b040c75e25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.betpop.lv/
Origin
https://www.betpop.lv
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 20:16:10 GMT
x-content-type-options
nosniff
age
469671
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9688
x-xss-protection
0
last-modified
Mon, 06 Oct 2014 20:36:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 29 Feb 2024 20:16:10 GMT
path
e.ffsvrs.lv/webservices/timothy/query/on-site/ongoing/ 		2 B
700 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://e.ffsvrs.lv/webservices/timothy/query/on-site/ongoing/path?path=/&type=FRONT
Requested by
Host: www.betpop.lv
URL: https://www.betpop.lv/bundles/scripts-misc?v=dvZr7_rXm3Y8D9MYcrmhUWLRzJhMOp34amzI3qscaSo1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
146.82.71.144 , United States, ASN3549 (LVLT-3549, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://www.betpop.lv/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

AFarm
B
Date
Tue, 07 Mar 2023 06:44:01 GMT
X-ASPNETMVC-VERSION
D0E0BD25EA07264F66B5147EBAC3D2918020076B9E432B6B85EC7EE9E9A78E60
SERVER
D0E0BD25EA07264F66B5147EBAC3D2918020076B9E432B6B85EC7EE9E9A78E60
X-AspNet-Version
D0E0BD25EA07264F66B5147EBAC3D2918020076B9E432B6B85EC7EE9E9A78E60
X-POWERED-BY
D0E0BD25EA07264F66B5147EBAC3D2918020076B9E432B6B85EC7EE9E9A78E60
Vary
Accept
Access-Control-Allow-Methods
POST,GET,PUT,OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.betpop.lv
Cache-Control
private
Access-Control-Allow-Credentials
true
Connection
close
Access-Control-Allow-Headers
Content-Type, Authorization
ff-helium-2.1.0.css
content.ffresx.xyz/base/css/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://content.ffresx.xyz/base/css/ff-helium-2.1.0.css
Requested by
Host: scripts.ffresx.xyz
URL: https://scripts.ffresx.xyz/ff-helium.loader-2.1.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1fa9cef563b6e09b41138bbb95887ee99a8d3852f6c0c4db957e44758ed778c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.betpop.lv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 06:44:01 GMT
content-encoding
br
cf-cache-status
HIT
x-aspnet-version
age
401980
cf-polished
origSize=6055
x-powered-by
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
sfarm
B
x-aspnetmvc-version
cf-bgj
minify
last-modified
Sun, 28 Aug 2022 14:17:38 GMT
server
cloudflare
etag
W/"02d12ede8bad81:0",c6e63aa67f3cb2f743be6c1cddd8f095
access-control-max-age
43200
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2678400
vary
Accept-Encoding
cf-ray
7a40de15b83b2360-EWR
ff-helium.193.bundle-2.1.0.js
scripts.ffresx.xyz/helium/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.ffresx.xyz/helium/ff-helium.193.bundle-2.1.0.js
Requested by
Host: scripts.ffresx.xyz
URL: https://scripts.ffresx.xyz/ff-helium.loader-2.1.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12d78e8a91cb2734452d3006542c158e236ff0f812c9eb046ba68b94c993be5c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.betpop.lv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 06:44:01 GMT
content-encoding
br
cf-cache-status
HIT
x-aspnet-version
age
402146
x-powered-by
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
sfarm
B
x-aspnetmvc-version
cf-bgj
minify
last-modified
Sun, 28 Aug 2022 14:19:04 GMT
server
cloudflare
etag
W/"0bc5420e9bad81:0",c6e63aa67f3cb2f743be6c1cddd8f095
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
7a40de15b8332360-EWR
ff-helium.419.bundle-2.1.0.js
scripts.ffresx.xyz/helium/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.ffresx.xyz/helium/ff-helium.419.bundle-2.1.0.js
Requested by
Host: scripts.ffresx.xyz
URL: https://scripts.ffresx.xyz/ff-helium.loader-2.1.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2b51c0229f57616bdb1b5de144803cb19f339bc9e30856e3dacd595937f4d3d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.betpop.lv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 06:44:01 GMT
content-encoding
br
cf-cache-status
HIT
x-aspnet-version
age
396474
x-powered-by
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
sfarm
A
x-aspnetmvc-version
cf-bgj
minify
last-modified
Wed, 28 Sep 2022 15:47:56 GMT
server
cloudflare
etag
W/"09e41ad51d3d81:0",c6e63aa67f3cb2f743be6c1cddd8f095
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
7a40de15b8342360-EWR
ff-helium.856.bundle-2.1.0.js
scripts.ffresx.xyz/helium/ 		422 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.ffresx.xyz/helium/ff-helium.856.bundle-2.1.0.js
Requested by
Host: scripts.ffresx.xyz
URL: https://scripts.ffresx.xyz/ff-helium.loader-2.1.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a32344a84ab3273a9bfd11ccce6766b3c153c8e6e269bab5f2caa41c8dff912e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.betpop.lv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 06:44:01 GMT
content-encoding
br
cf-cache-status
HIT
x-aspnet-version
age
785841
cf-polished
origSize=432451
x-powered-by
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
sfarm
B
x-aspnetmvc-version
cf-bgj
minify
last-modified
Sun, 28 Aug 2022 14:19:13 GMT
server
cloudflare
etag
W/"806b225e9bad81:0",c6e63aa67f3cb2f743be6c1cddd8f095
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
7a40de15b8362360-EWR
ff-helium.main.bundle-2.1.0.js
scripts.ffresx.xyz/helium/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.ffresx.xyz/helium/ff-helium.main.bundle-2.1.0.js
Requested by
Host: scripts.ffresx.xyz
URL: https://scripts.ffresx.xyz/ff-helium.loader-2.1.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9265fc3f0552f359a02a2a9c991ef6796e803e6314408629aded485239c57e8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.betpop.lv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 06:44:01 GMT
content-encoding
br
cf-cache-status
HIT
x-aspnet-version
age
223036
x-powered-by
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
sfarm
A
x-aspnetmvc-version
cf-bgj
minify
last-modified
Tue, 30 Aug 2022 16:03:21 GMT
server
cloudflare
etag
W/"53ad368abcd81:0",c6e63aa67f3cb2f743be6c1cddd8f095
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
7a40de15b8372360-EWR
GetMainPhone
www.betpop.lv/Home/ 		49 B
371 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.betpop.lv/Home/GetMainPhone
Requested by
Host: www.betpop.lv
URL: https://www.betpop.lv/bundles/scripts?v=Se7MEyV3CK5mcZ2eefgUKxjfACncpeKQy-albxmq43E1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:ec5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b791b94021782fe80d5ae88d6183b0f18b7717ae438e020eb3188770555d42ca

Request headers

Accept
*/*
Referer
https://www.betpop.lv/
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 06:44:01 GMT
content-encoding
br
x-aspnetmvc-version
last-modified
Mon, 16 Sep 2019 00:00:00 GMT
server
cloudflare
x-aspnet-version
x-powered-by
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
private,max-age=2073600
cf-cache-status
DYNAMIC
cf-ray
7a40de15bcd11839-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
sfarm
A
security-logos.png
filebox.ffresx.xyz/static/youwager/images/home/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://filebox.ffresx.xyz/static/youwager/images/home/security-logos.png
Requested by
Host: www.betpop.lv
URL: https://www.betpop.lv/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2b47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / 155F95CCFB9E36946B8D3A2290F110D21186FB1480A252E6097D0874AB5DA76C
Resource Hash
79566898fe8f51f03c167c098f0f4337f83c3c6a54df6619b7fb7dceacc54c9d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.betpop.lv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 06:44:01 GMT
cf-cache-status
HIT
x-aspnet-version
155F95CCFB9E36946B8D3A2290F110D21186FB1480A252E6097D0874AB5DA76C
age
802420
cf-polished
origFmt=png, origSize=6534
x-powered-by
155F95CCFB9E36946B8D3A2290F110D21186FB1480A252E6097D0874AB5DA76C
content-disposition
inline; filename="security-logos.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3164
sfarm
FILEBOX
cf-bgj
imgq:100,h2pri
last-modified
Sat, 08 Jan 2022 01:36:39 GMT,Mon, 1 Jan 2019 00:00:00 GMT
server
cloudflare
etag
"80ad592e304d81:0",F9B173C96CC183777DAA8E73B3672FB045BC4A066E7B41A5297BE3D0ED8164E4
vary
Accept
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
7a40de15ed391906-EWR
invisible.js
www.betpop.lv/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame 0015 		28 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.betpop.lv/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1678161600
Requested by
Host: www.betpop.lv
URL: https://www.betpop.lv/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:ec5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36e599d9fe3deb5fe236219256de357f115d86f21aa3766226753ba2c7bfe315

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 06:44:01 GMT
content-encoding
br
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
7a40de161d241839-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
schedule-promotion
www.betpop.lv/promotion/ 		970 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.betpop.lv/promotion/schedule-promotion
Requested by
Host: www.betpop.lv
URL: https://www.betpop.lv/bundles/scripts?v=Se7MEyV3CK5mcZ2eefgUKxjfACncpeKQy-albxmq43E1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:ec5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
550661908c6838c60440e8a46ea0662829965cd9d53065ffe5dc17f3d515e879

Request headers

Accept
*/*
Referer
https://www.betpop.lv/
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 06:44:01 GMT
content-encoding
br
x-aspnetmvc-version
last-modified
Mon, 16 Sep 2019 00:00:00 GMT
server
cloudflare
x-aspnet-version
x-powered-by
vary
Accept-Encoding
content-type
text/html; charset=utf-8
cache-control
private,max-age=2073600
cf-cache-status
DYNAMIC
cf-ray
7a40de162d301839-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
sfarm
B
graphql
bannermanager.ffsvrs.lv/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://bannermanager.ffsvrs.lv/graphql
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
138.122.247.4 , Costa Rica, ASN28317 (NAVEGALO S.A., CR),
Reverse DNS
Software
/ FF5C4086932D5FB80A7603AB1AC684AD2CC810CF6F15936DCE1CFAAADAA2F02B FF5C4086932D5FB80A7603AB1AC684AD2CC810CF6F15936DCE1CFAAADAA2F02B
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.betpop.lv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

0
A
1
c
2
c
3
e
4
s
5
s
6
-
7
C
8
o
9
n
10
t
11
r
12
o
13
l
14
-
15
A
16
l
17
l
18
o
19
w
20
-
21
M
22
e
23
t
24
h
25
o
26
d
27
s
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin
*
Date
Tue, 07 Mar 2023 06:44:01 GMT
SERVER
FF5C4086932D5FB80A7603AB1AC684AD2CC810CF6F15936DCE1CFAAADAA2F02B
Vary
Access-Control-Request-Headers
X-ASPNET-VERSION
FF5C4086932D5FB80A7603AB1AC684AD2CC810CF6F15936DCE1CFAAADAA2F02B
X-ASPNETMVC-VERSION
FF5C4086932D5FB80A7603AB1AC684AD2CC810CF6F15936DCE1CFAAADAA2F02B
X-Powered-By
FF5C4086932D5FB80A7603AB1AC684AD2CC810CF6F15936DCE1CFAAADAA2F02B FF5C4086932D5FB80A7603AB1AC684AD2CC810CF6F15936DCE1CFAAADAA2F02B
graphql
bannermanager.ffsvrs.lv/ 		1 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bannermanager.ffsvrs.lv/graphql
Requested by
Host: scripts.ffresx.xyz
URL: https://scripts.ffresx.xyz/helium/ff-helium.856.bundle-2.1.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
138.122.247.4 , Costa Rica, ASN28317 (NAVEGALO S.A., CR),
Reverse DNS
Software
/ FF5C4086932D5FB80A7603AB1AC684AD2CC810CF6F15936DCE1CFAAADAA2F02B, FF5C4086932D5FB80A7603AB1AC684AD2CC810CF6F15936DCE1CFAAADAA2F02B
Resource Hash
f7bdeb373170ae1b1e79beb1b4d90bdcb9dd9512f1b696daad3ded600d980bf7

Request headers

accept
*/*
Referer
https://www.betpop.lv/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
content-type
application/json

Response headers

0
A
1
c
2
c
3
e
4
s
5
s
6
-
7
C
8
o
9
n
10
t
11
r
12
o
13
l
14
-
15
A
16
l
17
l
18
o
19
w
20
-
21
M
22
e
23
t
24
h
25
o
26
d
27
s
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method
Date
Tue, 07 Mar 2023 06:44:01 GMT
X-ASPNET-VERSION
FF5C4086932D5FB80A7603AB1AC684AD2CC810CF6F15936DCE1CFAAADAA2F02B
X-Powered-By
FF5C4086932D5FB80A7603AB1AC684AD2CC810CF6F15936DCE1CFAAADAA2F02B, FF5C4086932D5FB80A7603AB1AC684AD2CC810CF6F15936DCE1CFAAADAA2F02B
Content-Length
797
X-ASPNETMVC-VERSION
FF5C4086932D5FB80A7603AB1AC684AD2CC810CF6F15936DCE1CFAAADAA2F02B
SERVER
FF5C4086932D5FB80A7603AB1AC684AD2CC810CF6F15936DCE1CFAAADAA2F02B
server.php
livechat.ffsvrs.lv/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://livechat.ffsvrs.lv/server.php?rqst=track&output=jcrpt&group=PROMO&hg=Pw__&hcgs=MQ__&htgs=MQ__&hfk=MQ__&ovlv=djI_&ovlc=MQ__&esc=I0VGNTIwRA__&epc=I0VGNTIwRA__&ovlts=MA__&ovlmr=MA__&ovlmb=MTg_&hfk=MQ__&ovloo=MQ__&nse=0.4079071716071825
Requested by
Host: www.betpop.lv
URL: https://www.betpop.lv/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.122.25.137 , Costa Rica, ASN263785 (COLUMBUS NETWORKS DE COSTA RICA SOCIEDAD DE RESPONSABILIDAD LIMITADA, CR),
Reverse DNS
Software
FF5C4086932D5FB80A7603AB1AC684AD2CC810CF6F15936DCE1CFAAADAA2F02B / FF5C4086932D5FB80A7603AB1AC684AD2CC810CF6F15936DCE1CFAAADAA2F02B
Resource Hash
91f9d8e029fa8903eb18d369de67aa805a9d24777f7466db298c5a90fbd05d69

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.betpop.lv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 06:44:00 GMT
content-encoding
gzip
last-modified
Wed, 8 Agu 2022 00:00:00 GMT
server
FF5C4086932D5FB80A7603AB1AC684AD2CC810CF6F15936DCE1CFAAADAA2F02B
etag
E5EE517B60851DA870B03450AD66EB23
x-powered-by
FF5C4086932D5FB80A7603AB1AC684AD2CC810CF6F15936DCE1CFAAADAA2F02B
vary
Accept-Encoding
access-control-max-age
2592000
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*, *
cache-control
no-cache, must-revalidate,max-age=2592000
content-length
5219
sfarm
LIVEHELP-C1
pica.js
www.betpop.lv/cdn-cgi/challenge-platform/h/b/scripts/ Frame 0015 		7 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.betpop.lv/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:ec5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37db90f4e9d3a7c62499b88e2897d7685204fbdb88d55deb1e03b862c8491e9d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 06:44:01 GMT
content-encoding
br
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
7a40de16cdb11839-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
graphql
bannermanager.ffsvrs.lv/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://bannermanager.ffsvrs.lv/graphql
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
138.122.247.4 , Costa Rica, ASN28317 (NAVEGALO S.A., CR),
Reverse DNS
Software
/ FF5C4086932D5FB80A7603AB1AC684AD2CC810CF6F15936DCE1CFAAADAA2F02B FF5C4086932D5FB80A7603AB1AC684AD2CC810CF6F15936DCE1CFAAADAA2F02B
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.betpop.lv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

0
A
1
c
2
c
3
e
4
s
5
s
6
-
7
C
8
o
9
n
10
t
11
r
12
o
13
l
14
-
15
A
16
l
17
l
18
o
19
w
20
-
21
M
22
e
23
t
24
h
25
o
26
d
27
s
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin
*
Date
Tue, 07 Mar 2023 06:44:01 GMT
SERVER
FF5C4086932D5FB80A7603AB1AC684AD2CC810CF6F15936DCE1CFAAADAA2F02B
Vary
Access-Control-Request-Headers
X-ASPNET-VERSION
FF5C4086932D5FB80A7603AB1AC684AD2CC810CF6F15936DCE1CFAAADAA2F02B
X-ASPNETMVC-VERSION
FF5C4086932D5FB80A7603AB1AC684AD2CC810CF6F15936DCE1CFAAADAA2F02B
X-Powered-By
FF5C4086932D5FB80A7603AB1AC684AD2CC810CF6F15936DCE1CFAAADAA2F02B FF5C4086932D5FB80A7603AB1AC684AD2CC810CF6F15936DCE1CFAAADAA2F02B
graphql
bannermanager.ffsvrs.lv/ 		1 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bannermanager.ffsvrs.lv/graphql
Requested by
Host: scripts.ffresx.xyz
URL: https://scripts.ffresx.xyz/helium/ff-helium.856.bundle-2.1.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
138.122.247.4 , Costa Rica, ASN28317 (NAVEGALO S.A., CR),
Reverse DNS
Software
/ FF5C4086932D5FB80A7603AB1AC684AD2CC810CF6F15936DCE1CFAAADAA2F02B, FF5C4086932D5FB80A7603AB1AC684AD2CC810CF6F15936DCE1CFAAADAA2F02B
Resource Hash
1fac88d257ab4b84fdb987aa42be40c4524c6762bce3df868172d4564e39c8d6

Request headers

accept
*/*
Referer
https://www.betpop.lv/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
content-type
application/json

Response headers

0
A
1
c
2
c
3
e
4
s
5
s
6
-
7
C
8
o
9
n
10
t
11
r
12
o
13
l
14
-
15
A
16
l
17
l
18
o
19
w
20
-
21
M
22
e
23
t
24
h
25
o
26
d
27
s
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method
Date
Tue, 07 Mar 2023 06:44:01 GMT
X-ASPNET-VERSION
FF5C4086932D5FB80A7603AB1AC684AD2CC810CF6F15936DCE1CFAAADAA2F02B
X-Powered-By
FF5C4086932D5FB80A7603AB1AC684AD2CC810CF6F15936DCE1CFAAADAA2F02B, FF5C4086932D5FB80A7603AB1AC684AD2CC810CF6F15936DCE1CFAAADAA2F02B
Content-Length
791
X-ASPNETMVC-VERSION
FF5C4086932D5FB80A7603AB1AC684AD2CC810CF6F15936DCE1CFAAADAA2F02B
SERVER
FF5C4086932D5FB80A7603AB1AC684AD2CC810CF6F15936DCE1CFAAADAA2F02B
7a40de0dd91a32ee
www.betpop.lv/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 0015 		2 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.betpop.lv/cdn-cgi/challenge-platform/h/b/cv/result/7a40de0dd91a32ee
Requested by
Host: www.betpop.lv
URL: https://www.betpop.lv/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1678161600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:ec5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 07 Mar 2023 06:44:01 GMT
content-encoding
br
server
cloudflare
cf-ray
7a40de184ecf1839-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
text/plain; charset=UTF-8
casino-promo-white.svg
filebox.ffresx.xyz/static/youwager/images/home/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://filebox.ffresx.xyz/static/youwager/images/home/casino-promo-white.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2b47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / 155F95CCFB9E36946B8D3A2290F110D21186FB1480A252E6097D0874AB5DA76C
Resource Hash
a34fe3b7e8ea3ab2a02b29a1be15b12d6440a86261b6c9116cf865a34a7f40a3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.betpop.lv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 06:44:02 GMT
content-encoding
br
cf-cache-status
HIT
x-aspnet-version
155F95CCFB9E36946B8D3A2290F110D21186FB1480A252E6097D0874AB5DA76C
age
547224
x-powered-by
155F95CCFB9E36946B8D3A2290F110D21186FB1480A252E6097D0874AB5DA76C
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
sfarm
FILEBOX
last-modified
Wed, 14 Dec 2022 18:32:51 GMT,Mon, 1 Jan 2019 00:00:00 GMT
server
cloudflare
etag
W/"808bf178eafd91:0",F9B173C96CC183777DAA8E73B3672FB045BC4A066E7B41A5297BE3D0ED8164E4
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2678400
cf-ray
7a40de187f3a1906-EWR
crypto-black.svg
filebox.ffresx.xyz/static/youwager/images/home/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://filebox.ffresx.xyz/static/youwager/images/home/crypto-black.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2b47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / 155F95CCFB9E36946B8D3A2290F110D21186FB1480A252E6097D0874AB5DA76C
Resource Hash
13224e808454b7082e22e00b4888f6a2a949421b4115a894bcf492bc398348ce

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.betpop.lv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 06:44:02 GMT
content-encoding
br
cf-cache-status
HIT
x-aspnet-version
155F95CCFB9E36946B8D3A2290F110D21186FB1480A252E6097D0874AB5DA76C
age
547224
x-powered-by
155F95CCFB9E36946B8D3A2290F110D21186FB1480A252E6097D0874AB5DA76C
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
sfarm
FILEBOX
last-modified
Wed, 14 Dec 2022 15:17:41 GMT,Mon, 1 Jan 2019 00:00:00 GMT
server
cloudflare
etag
W/"c89a535cffd91:0",F9B173C96CC183777DAA8E73B3672FB045BC4A066E7B41A5297BE3D0ED8164E4
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2678400
cf-ray
7a40de187f3d1906-EWR
crypto-white.svg
filebox.ffresx.xyz/static/youwager/images/home/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://filebox.ffresx.xyz/static/youwager/images/home/crypto-white.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2b47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / 155F95CCFB9E36946B8D3A2290F110D21186FB1480A252E6097D0874AB5DA76C
Resource Hash
3124b8628bbdec28d78a02d472b6bdfd988139d82bd3498639aa66e0b9abe409

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.betpop.lv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 06:44:02 GMT
content-encoding
br
cf-cache-status
HIT
x-aspnet-version
155F95CCFB9E36946B8D3A2290F110D21186FB1480A252E6097D0874AB5DA76C
age
1767970
x-powered-by
155F95CCFB9E36946B8D3A2290F110D21186FB1480A252E6097D0874AB5DA76C
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
sfarm
FILEBOX
last-modified
Wed, 14 Dec 2022 18:33:50 GMT,Mon, 1 Jan 2019 00:00:00 GMT
server
cloudflare
etag
W/"da6f869ceafd91:0",F9B173C96CC183777DAA8E73B3672FB045BC4A066E7B41A5297BE3D0ED8164E4
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2678400
cf-ray
7a40de187f3e1906-EWR
resource.php
livechat.ffsvrs.lv/ 		188 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://livechat.ffsvrs.lv/resource.php?t=js&1=jsglobal.min.js&2=jsbox.min.js&3=jstrack.min.js&v=ahgzixd7&4=jsextern.min.js
Requested by
Host: livechat.ffsvrs.lv
URL: https://livechat.ffsvrs.lv/server.php?rqst=track&output=jcrpt&group=PROMO&hg=Pw__&hcgs=MQ__&htgs=MQ__&hfk=MQ__&ovlv=djI_&ovlc=MQ__&esc=I0VGNTIwRA__&epc=I0VGNTIwRA__&ovlts=MA__&ovlmr=MA__&ovlmb=MTg_&hfk=MQ__&ovloo=MQ__&nse=0.4079071716071825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.122.25.137 , Costa Rica, ASN263785 (COLUMBUS NETWORKS DE COSTA RICA SOCIEDAD DE RESPONSABILIDAD LIMITADA, CR),
Reverse DNS
Software
FF5C4086932D5FB80A7603AB1AC684AD2CC810CF6F15936DCE1CFAAADAA2F02B / FF5C4086932D5FB80A7603AB1AC684AD2CC810CF6F15936DCE1CFAAADAA2F02B
Resource Hash
fc0b3cb333bdd972728fbf047646beafac11b77df3c8b2f78fe2307cb5eca642

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.betpop.lv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
public
date
Tue, 07 Mar 2023 06:44:00 GMT
content-encoding
gzip
last-modified
Wed, 8 Agu 2022 00:00:00 GMT
server
FF5C4086932D5FB80A7603AB1AC684AD2CC810CF6F15936DCE1CFAAADAA2F02B
etag
E5EE517B60851DA870B03450AD66EB23
x-powered-by
FF5C4086932D5FB80A7603AB1AC684AD2CC810CF6F15936DCE1CFAAADAA2F02B
vary
Accept-Encoding
access-control-max-age
2592000
content-type
application/javascript
access-control-allow-origin
*
cache-control
maxage=31536000,max-age=2592000
content-length
58455
sfarm
LIVEHELP-C1
expires
Wed, 06 Mar 2024 06:44:01 GMT
resource.php
livechat.ffsvrs.lv/ 		27 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://livechat.ffsvrs.lv/resource.php?t=css&1=style.min.css&2=chat_ahgzixd7/style.min.css
Requested by
Host: livechat.ffsvrs.lv
URL: https://livechat.ffsvrs.lv/server.php?rqst=track&output=jcrpt&group=PROMO&hg=Pw__&hcgs=MQ__&htgs=MQ__&hfk=MQ__&ovlv=djI_&ovlc=MQ__&esc=I0VGNTIwRA__&epc=I0VGNTIwRA__&ovlts=MA__&ovlmr=MA__&ovlmb=MTg_&hfk=MQ__&ovloo=MQ__&nse=0.4079071716071825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.122.25.137 , Costa Rica, ASN263785 (COLUMBUS NETWORKS DE COSTA RICA SOCIEDAD DE RESPONSABILIDAD LIMITADA, CR),
Reverse DNS
Software
FF5C4086932D5FB80A7603AB1AC684AD2CC810CF6F15936DCE1CFAAADAA2F02B / FF5C4086932D5FB80A7603AB1AC684AD2CC810CF6F15936DCE1CFAAADAA2F02B
Resource Hash
88e1ec5a726d15b0801fe10be3fe54e1178066db262db9256eb7bf29d0b71ded

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.betpop.lv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
public
date
Tue, 07 Mar 2023 06:44:00 GMT
content-encoding
gzip
last-modified
Wed, 8 Agu 2022 00:00:00 GMT
server
FF5C4086932D5FB80A7603AB1AC684AD2CC810CF6F15936DCE1CFAAADAA2F02B
etag
E5EE517B60851DA870B03450AD66EB23
x-powered-by
FF5C4086932D5FB80A7603AB1AC684AD2CC810CF6F15936DCE1CFAAADAA2F02B
vary
Accept-Encoding
access-control-max-age
2592000
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
cache-control
maxage=31536000,max-age=2592000
content-length
7531
sfarm
LIVEHELP-C1
expires
Wed, 06 Mar 2024 06:44:01 GMT
geo.php
livechat.ffsvrs.lv/ 		97 B
267 B 		Script
General
Check archive.org
Download Go to
Full URL
https://livechat.ffsvrs.lv/geo.php?a=1&gv=1023&method=lz_tracking_geo_result&spanm=lz_tracking_set_geo_span&oak=
Requested by
Host: livechat.ffsvrs.lv
URL: https://livechat.ffsvrs.lv/resource.php?t=js&1=jsglobal.min.js&2=jsbox.min.js&3=jstrack.min.js&v=ahgzixd7&4=jsextern.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.122.25.137 , Costa Rica, ASN263785 (COLUMBUS NETWORKS DE COSTA RICA SOCIEDAD DE RESPONSABILIDAD LIMITADA, CR),
Reverse DNS
Software
FF5C4086932D5FB80A7603AB1AC684AD2CC810CF6F15936DCE1CFAAADAA2F02B / FF5C4086932D5FB80A7603AB1AC684AD2CC810CF6F15936DCE1CFAAADAA2F02B
Resource Hash
8a60df33167854fac9b2e72b950343ed896d3f655a41a58fc9c63bced4e126bb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.betpop.lv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 06:44:01 GMT
content-encoding
gzip
last-modified
Wed, 8 Agu 2022 00:00:00 GMT
server
FF5C4086932D5FB80A7603AB1AC684AD2CC810CF6F15936DCE1CFAAADAA2F02B
etag
E5EE517B60851DA870B03450AD66EB23
x-powered-by
FF5C4086932D5FB80A7603AB1AC684AD2CC810CF6F15936DCE1CFAAADAA2F02B
vary
Accept-Encoding
access-control-max-age
2592000
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
max-age=2592000
content-length
200
sfarm
LIVEHELP-C1
rk8qdMiAj-NCAA-conference-championship-L.jpg
sliders.ffresx.xyz/ 		123 KB
123 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sliders.ffresx.xyz/rk8qdMiAj-NCAA-conference-championship-L.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2b47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38ab6c67ac44334e627680bb75ffe287e0a02529c0404be59137cbf0a3473b21

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.betpop.lv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 06:44:02 GMT
cf-cache-status
HIT
x-aspnet-version
age
52517
cf-polished
origFmt=jpeg, origSize=296746
x-powered-by
content-disposition
inline; filename="rk8qdMiAj-NCAA-conference-championship-L.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
125486
sfarm
B
x-aspnetmvc-version
cf-bgj
imgq:100,h2pri
last-modified
Tue, 28 Feb 2023 06:00:46 GMT,Mon, 1 Jan 2018 00:00:00 GMT
server
cloudflare
etag
"0fbbdff394bd91:0",c6e63aa67f3cb2f743be6c1cddd8f095
access-control-max-age
2419200
vary
Accept
content-type
image/webp
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
7a40de1b5b3b2360-EWR
server.php
livechat.ffsvrs.lv/ 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://livechat.ffsvrs.lv/server.php?rqst=track&tv=2.3.1.3&b=MWYxZjk0OTE3ZA__&pc=MQ__&i=OGE4MzFlZjg2ZQ__&ptl=en&cd=MjQ_&rh=MTIwMA__&rw=MTYwMA__&tzo=MA__&geo_lat=NDAuNzE1Nw==&geo_long=LTc0&geo_region=TmV3IFlvcms=&geo_city=TmV3IFlvcms=&geo_tz=LTA3OjAw&geo_ctryiso=VVM=&geo_isp=&dc=T25saW5lIFNwb3J0cyBCZXR0aW5nLCBSYWNlYm9vaywgQ2FzaW5vLCBQb2tlciBhdCBCZXRQT1AubHY_&ue=YUhSMGNITTZMeTkzZDNjdVltVjBjRzl3TG14Mkx3X18_&group=PROMO&hg=Pw__&hcgs=MQ__&htgs=MQ__&ovlv=djI_&ovlc=MQ__&esc=I0VGNTIwRA__&epc=I0VGNTIwRA__&ovlts=MA__&ovlmr=MA__&ovlmb=MTg_&ovloo=MQ__&full=1&sc=1&ri=MQ_
Requested by
Host: livechat.ffsvrs.lv
URL: https://livechat.ffsvrs.lv/resource.php?t=js&1=jsglobal.min.js&2=jsbox.min.js&3=jstrack.min.js&v=ahgzixd7&4=jsextern.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.122.25.137 , Costa Rica, ASN263785 (COLUMBUS NETWORKS DE COSTA RICA SOCIEDAD DE RESPONSABILIDAD LIMITADA, CR),
Reverse DNS
Software
FF5C4086932D5FB80A7603AB1AC684AD2CC810CF6F15936DCE1CFAAADAA2F02B / FF5C4086932D5FB80A7603AB1AC684AD2CC810CF6F15936DCE1CFAAADAA2F02B
Resource Hash
7338d5d91d3fbf6c93c53493f616dd4ccb02ede79bf49d14b23eb33c220a7489

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.betpop.lv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 06:44:01 GMT
content-encoding
gzip
last-modified
Wed, 8 Agu 2022 00:00:00 GMT
server
FF5C4086932D5FB80A7603AB1AC684AD2CC810CF6F15936DCE1CFAAADAA2F02B
etag
E5EE517B60851DA870B03450AD66EB23
x-powered-by
FF5C4086932D5FB80A7603AB1AC684AD2CC810CF6F15936DCE1CFAAADAA2F02B
vary
Accept-Encoding
access-control-max-age
2592000
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*, *
cache-control
no-cache, must-revalidate,max-age=2592000
content-length
10110
sfarm
LIVEHELP-C1
BJJGAyZ1h-MLB-25-cash-L-2023-3.jpg
sliders.ffresx.xyz/ 		129 KB
130 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sliders.ffresx.xyz/BJJGAyZ1h-MLB-25-cash-L-2023-3.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2b47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbf1866897772131dc544de435144cf320077ab135bd961fb9200f5ff4c9b6b1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.betpop.lv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 06:44:05 GMT
cf-cache-status
HIT
x-aspnet-version
age
95665
cf-polished
origFmt=jpeg, origSize=148315
x-powered-by
content-disposition
inline; filename="BJJGAyZ1h-MLB-25-cash-L-2023-3.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
132572
sfarm
B
x-aspnetmvc-version
cf-bgj
imgq:100,h2pri
last-modified
Sat, 04 Mar 2023 16:12:54 GMT,Mon, 1 Jan 2018 00:00:00 GMT
server
cloudflare
etag
"07fd2cb44ed91:0",c6e63aa67f3cb2f743be6c1cddd8f095
access-control-max-age
2419200
vary
Accept
content-type
image/webp
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
7a40de2cde411906-EWR

Verdicts & Comments Add Verdict or Comment

340 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 boolean| credentialless object| lz_data function| handleModal function| handleError function| $ function| jQuery object| html5 object| Modernizr object| bootstrap function| Popper object| respond object| timothyNotifications object| dateService object| intlTelInputUtils object| webpackChunkClient object| helium function| scrb64d function| scrttze function| ssc object| $dynamic function| setImmediate function| clearImmediate object| regeneratorRuntime object| lz_ovlel boolean| lz_ovlel_api number| lz_ovlel_rat string| lz_code_id string| lz_poll_server string| lz_poll_url string| lz_poll_website number| lz_poll_frequency string| lz_poll_file_chat string| lz_window_width string| lz_window_height string| lz_alert_html boolean| lz_is_ie boolean| lz_overlay_chat_available boolean| lz_overlays_possible number| lz_geo_error_span number| lz_geo_data_count object| lz_geo_resolution boolean| lz_geo_resolution_needed string| lz_user_id string| lz_browser_id string| lz_server_id string| lz_geo_url string| lz_mip string| lz_oak boolean| lz_is_mobile number| lz_server_time function| LiveZillaData object| lz_resources string| getResJS string| getResCSS boolean| lz_hide_group_chat boolean| lz_hide_group_ticket string| lz_color_primary string| lz_color_primary_dark string| lz_color_secondary number| lz_border_radius boolean| lz_tickets_external boolean| lz_chats_external boolean| lz_kb_external boolean| lz_kb_embed string| lz_kb_embed_url string| lz_kb_root string| lz_post_html string| lz_add_html string| lz_tr_api_key string| lz_trans_into boolean| lz_ticket_when_online boolean| lz_shared_kb_auto_search number| lz_shared_kb_last_search_time boolean| lz_monitoring_active string| lz_ec_image string| lz_ec_o_image string| lz_comp_logo function| OverlayChatWidgetV2 object| style function| lz_chat_get_parameters function| lz_chat_open function| lz_chat_update_css object| LazyLoad function| lz_array_indexOf function| lz_format_time_span function| lz_jssess function| lz_chat_window function| lz_geo_resolver function| lz_global_get_window_zoom function| lz_global_get_window_height function| lz_global_get_window_width function| lz_global_replace_breaks function| lz_global_base64_url_encode function| lz_global_base64_url_decode function| lz_global_base64_decode function| lz_global_base64_encode function| lz_global_utf8_encode function| lz_global_utf8_decode function| lz_set_title_mode function| lz_switch_title_mode function| lz_global_timestamp function| lz_global_microstamp function| lz_chat_get_locale_date function| lz_global_handle_exception function| lz_global_trim function| lz_global_htmlentities function| lz_global_html_decode function| lz_global_get_page_offset_y function| lz_global_get_page_offset_x function| lz_global_is_scroll_bar function| lz_global_impose_max_length function| lz_chat_save_input_value function| lz_chat_get_input_value function| lz_chat_get_input function| lz_substr function| lz_group function| lz_group_list function| lz_chat_input function| lz_chat_execute function| lz_fade_in function| lz_fade_out function| lz_is_placeholder_support function| lz_has_class function| lz_add_class function| lz_remove_class function| lz_get_icon_path function| lz_get_icon_t function| lz_get_icon_v function| lz_get_icon_data function| lz_get_icon function| lz_stop_propagation function| lz_d function| lz_post function| lz_ie object| lz_icons boolean| lz_move_active undefined| lz_move_x undefined| lz_move_y undefined| lz_move_tx undefined| lz_move_ty undefined| lz_move_object undefined| lz_move_margins number| lz_zoom_factor object| lz_center_timeout function| lz_livebox function| lz_livebox_scale_boxes function| lz_livebox_scale_box function| lz_livebox_is_visible function| lz_livebox_init_center_boxes_hide function| lz_livebox_init_center_boxes function| lz_livebox_center_boxes function| lz_livebox_center_box function| lz_livebox_hide_box function| lz_livebox_show_box function| lz_livebox_save_pos function| lz_livebox_v2 string| lz_referrer boolean| lz_stopped object| lz_request_window object| lz_alert_window object| lz_overlay_box object| lz_overlay_chat number| lz_overlay_chat_height number| lz_overlay_chat_width object| lz_overlay_wm object| lz_floating_button object| lz_floating_button_selector object| lz_overlay_active object| lz_overlay_last object| lz_alert_active boolean| lz_chat_state_expanded object| lz_event_fire_id object| lz_session number| lz_poll_id number| lz_timer number| lz_timezone_offset object| lz_chat_windows object| lz_cb_url object| lz_document_head boolean| lz_poll_required number| lz_timer_connection_error object| lz_deactivate boolean| lz_force_monitoring object| lz_init_floating_selector boolean| lz_chat_fixed_mode string| lz_data_id number| lz_overlay_zindex object| lz_load_inputs number| lz_server_time_diff boolean| lz_ovlel_fsm object| lz_ovlec number| lz_ovlel_tm function| lz_is_geo_resolution_needed function| lz_get_session function| lz_tracking_server_request function| lz_tracking_remove_script function| lz_tracking_geo_result function| lz_tracking_set_geo_span function| lz_tracking_geo_resolute function| lz_tracking_add_floating_button function| lz_tracking_remove_floating_button function| lz_tracking_init_floating_button_selector function| lz_tracking_add_overlay_box function| lz_tracking_send_alert function| lz_tracking_remove_buttons function| lz_tracking_add_welcome_manager function| lz_tracking_cbubble function| lz_tracking_remove_overlay_chat function| lz_tracking_geo_failure function| lz_tracking_init_external_window function| lz_tracking_deactivate function| lz_tracking_set_widget_visibility function| lz_tracking_add_tag function| lz_event_fire function| lz_fixed_mode_possible boolean| lz_chat_full_load boolean| lz_chat_status_change number| lz_chat_status string| lz_chat_last_message_received string| lz_chat_last_poster object| lz_sound_player object| lz_ticket boolean| lz_flood object| lz_timer_typing object| lz_timer_connecting string| lz_header_text undefined| lz_chat_waiting_posts_timer object| lz_chat_invite_timer boolean| lz_chat_scrolled boolean| lz_leave_chat boolean| lz_chat_human_available boolean| lz_chat_declined boolean| lz_chat_init_feedback boolean| lz_mode_show_options string| lz_chat_kb_last_search_phrase string| lz_chat_kb_search_phrase boolean| lz_chat_kb_sound_played boolean| lz_chat_et_attempt object| lz_default_meta string| lz_default_overflow object| lz_chat_overlay_pointer boolean| lz_operator_typing boolean| lz_hide_widget_by_conf boolean| lz_first_call undefined| lz_chat_option_function boolean| lz_mode_phone_outbound boolean| lz_mode_phone_inbound boolean| lz_mode_chat_login object| lz_external function| lz_chat_unset_focus function| lz_chat_set_focus function| lz_chat_set_focus_ctrl function| lz_chat_switch_details function| lz_chat_update_name function| lz_global_get_time function| lz_chat_replace_icon function| lz_chat_switch_options_table function| lz_chat_set_translation function| lz_chat_update_translation_ui function| lz_chat_update_transcript_ui function| lz_chat_switch_translation function| lz_chat_switch_transcript function| lz_chat_switch_sound function| lz_chat_switch_icon_toggle function| lz_chat_fade_options function| lz_chat_print function| lz_chat_set_typing function| lz_chat_switch_extern_typing function| lz_kb_set_url function| lz_chat_set_members function| lz_chat_data_form_result function| lz_chat_update_kb_counter function| lz_chat_init_search_kb function| lz_chat_search_result function| lz_chat_post function| lz_chat_operator function| lz_chat_external_user function| lz_chat_mail_callback function| lz_chat_send_ticket function| lz_chat_loading function| lz_check_missing_inputs function| lz_validate_inputs function| lz_validate_input_result function| lz_chat_scroll function| lz_chat_pre_change_group function| lz_chat_change_group function| lz_chat_show_info_box function| lz_chat_switch_options function| lz_chat_remove_att function| lz_chat_load_input_values function| lz_chat_kb_deactivate function| lz_chat_show function| lz_chat_hide function| lz_chat_overlay_set_mode function| lz_chat_is_visible function| lz_chat_set_zoom function| lz_chat_set_slide function| lz_overlay_chat_impose_max_length function| lz_chat_set_meta function| lz_chat_restore_meta function| lz_chat_get_wm_element function| lz_chat_play_sound function| LiveZilla number| c2 number| c1 string| lz_default_info_text string| lz_text_not_available string| lz_text_connecting_info string| lz_text_save string| lz_text_back string| lz_text_send_message string| lz_text_start_chat string| lz_text_ticket_header string| lz_text_please_select string| lz_text_chat_information string| lz_text_chat_information_offline string| lz_text_leave_message string| lz_text_change_details string| lz_text_arrives string| lz_text_left string| lz_text_speaking_to string| lz_ec_header string| lz_ec_o_header string| lz_ec_sub_header string| lz_ec_o_sub_header string| lz_guest_name string| lz_req_callback string| lz_call_me string| lz_header_on string| lz_header_off string| lz_text_phone string| lz_text_callback_information string| lz_text_ticket_information object| lz_text_wm object| lz_text_wm_s

2 Cookies

Domain/Path Name / Value
www.betpop.lv/ Name: ASP.NET_SessionId
Value: ge5fopcu5zrbbsfljljgo4rb
.betpop.lv/ Name: __cf_bm
Value: IPZMHvXx86ZRrglIzxBn8cBM31dj_mhNwFXRQI83R_w-1678171441-0-AYkGULdiIPN+x+N7B7OAf2dIrpxzko8QQ6CK37ETbwghMehDFe2/VvVUcoMN234gFVHsGPn7YrNLBaKDvnVjDEiPjbuu5RbEUNN8fbSeHgB/Fq9gsz0JcHtwdyvLLvO2lQ==

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bannermanager.ffsvrs.lv
betpop.eu
content.ffresx.xyz
e.ffsvrs.lv
filebox.ffresx.xyz
fonts.gstatic.com
livechat.ffsvrs.lv
scripts.ffresx.xyz
sliders.ffresx.xyz
www.betpop.lv
138.122.247.4
138.122.25.137
146.82.71.144
2606:4700:10::6816:ec5
2606:4700:3108::ac42:290f
2606:4700:3108::ac42:2af1
2606:4700:3108::ac42:2b47
2607:f8b0:4006:824::2003
12d78e8a91cb2734452d3006542c158e236ff0f812c9eb046ba68b94c993be5c
13224e808454b7082e22e00b4888f6a2a949421b4115a894bcf492bc398348ce
167a9695cb99d85cdf6563145aca2a252840df276bd14de52da31ea41d15144b
1fac88d257ab4b84fdb987aa42be40c4524c6762bce3df868172d4564e39c8d6
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2af3abdeeb1793a08a12c1cb15a663de08c20ddaa46ed61e1f92127a5d98ee72
30d6ff2807d7516c736ff7021505e0af935600f591b4cefbe1981febc1d61fd3
3124b8628bbdec28d78a02d472b6bdfd988139d82bd3498639aa66e0b9abe409
33eb82fb1c46cc3ecdfdf96db305f5b996d75f56ef238e2f25d5e3b040c75e25
36e599d9fe3deb5fe236219256de357f115d86f21aa3766226753ba2c7bfe315
37db90f4e9d3a7c62499b88e2897d7685204fbdb88d55deb1e03b862c8491e9d
38ab6c67ac44334e627680bb75ffe287e0a02529c0404be59137cbf0a3473b21
3cdc1c04647bf895a6c269cce381134c6f4a3d7568a77655bdd7c3a559620271
44baf01411ee6cc5aaac558718ab444ebbe60a09cd7ec0dd54ce0030f026ac24
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
550661908c6838c60440e8a46ea0662829965cd9d53065ffe5dc17f3d515e879
61b79fccb6009e8676e809ded923f1a1ee01baf12a75ddd35c8e0e4d628bc55e
7338d5d91d3fbf6c93c53493f616dd4ccb02ede79bf49d14b23eb33c220a7489
79566898fe8f51f03c167c098f0f4337f83c3c6a54df6619b7fb7dceacc54c9d
7d6be6d46dfeda5b5cace82853388f1f14c6f631b1e9ea0e6023bf3f9a52c2eb
88e1ec5a726d15b0801fe10be3fe54e1178066db262db9256eb7bf29d0b71ded
8a60df33167854fac9b2e72b950343ed896d3f655a41a58fc9c63bced4e126bb
91f9d8e029fa8903eb18d369de67aa805a9d24777f7466db298c5a90fbd05d69
a32344a84ab3273a9bfd11ccce6766b3c153c8e6e269bab5f2caa41c8dff912e
a34fe3b7e8ea3ab2a02b29a1be15b12d6440a86261b6c9116cf865a34a7f40a3
b6522abdd6f0af60c6b16a89524928bce3967458376ff83ae9939e1d1b19ee8e
b791b94021782fe80d5ae88d6183b0f18b7717ae438e020eb3188770555d42ca
d03963032066630539c311730be0ce09209eefc396a7f19b6f39c5a6e991cb83
d9265fc3f0552f359a02a2a9c991ef6796e803e6314408629aded485239c57e8
da5a4d2570a587c2568f8cf9eb08ec5ebba6a9df5c8e8e1c5c702815da67311a
dbf1866897772131dc544de435144cf320077ab135bd961fb9200f5ff4c9b6b1
e1fa9cef563b6e09b41138bbb95887ee99a8d3852f6c0c4db957e44758ed778c
f18c486a80175cf02fee0e05c2b4acd86c04cdbaecec61c1ef91f920509b5efe
f2b51c0229f57616bdb1b5de144803cb19f339bc9e30856e3dacd595937f4d3d
f7bdeb373170ae1b1e79beb1b4d90bdcb9dd9512f1b696daad3ded600d980bf7
fc0b3cb333bdd972728fbf047646beafac11b77df3c8b2f78fe2307cb5eca642
fd353a7e3a67bc28928c3fd6b38504803c21fd270619ac73913ff544687cb36c