Report - placingharassment.com/zv5x4wvh?adb=n&adb=n&adb=n&adb=n&adb=n&dev=r&elzq=7&key=5caf99574cf45b9dcbdbba6ed2cd1ccf&kw=[]&psid=nxbrew.com,nxbrew.com&refer=https://nxbrew.com/top-50-nintendo-switch-games-by-nxbrew/&res=14.31&scrHeight=864&scrWidth=1536&ship=&sub3=invoke_layer&tz=10&uuid=58975686-4d95-4a24-8994-c5ba9f893fcb:1:1&v=24.5.6485

Report Overview

Submitted URL
placingharassment.com/zv5x4wvh?adb=n&adb=n&adb=n&adb=n&adb=n&dev=r&elzq=7&key=5caf99574cf45b9dcbdbba6ed2cd1ccf&kw=[]&psid=nxbrew.com,nxbrew.com&refer=https://nxbrew.com/top-50-nintendo-switch-games-by-nxbrew/&res=14.31&scrHeight=864&scrWidth=1536&ship=&sub3=invoke_layer&tz=10&uuid=58975686-4d95-4a24-8994-c5ba9f893fcb:1:1&v=24.5.6485
IP
172.240.108.84
ASN
#7979 SERVERS-COM
Submitted
2024-05-11 02:13:38
Access
public
Website Title
All games at Alphabook - play online
Final URL
alphabookbet.com/en/games
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
2
Threat Detection Systems
18

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
millinschioner.com	unknown	unknown	No data	No data	801 B	991 B	54.230.111.91
www.googletagmanager.com	75	unknown	No data	No data	423 B	103 kB	142.250.74.168
licensing.gaming-curacao.com	271716	unknown	No data	No data	2.7 kB	48 kB	104.22.74.254
engine-consumer-api.cloud.gist.build	unknown	unknown	No data	No data	3.0 kB	213 kB	34.120.32.134
nylonnickel.xyz	unknown	unknown	No data	No data	875 B	597 B	192.64.81.118
rqqlj.canopusacrux.com	unknown	unknown	No data	No data	588 B	1.1 kB	188.114.97.1
wifescamara.click	unknown	unknown	No data	No data	875 B	597 B	192.64.81.118
gzeao.check-tl-ver-54-1.com	unknown	unknown	No data	No data	2.6 kB	59 kB	188.114.97.1
assets.gist.build	unknown	unknown	No data	No data	944 B	196 kB	104.26.10.146
fonts.gstatic.com	unknown	unknown	No data	No data	3.8 kB	114 kB	142.250.74.163
code.gist.build	unknown	unknown	No data	No data	4.5 kB	622 kB	104.26.10.146
www.google.com	7	unknown	No data	No data	2.4 kB	69 kB	142.250.74.132
cdnstatic.check-tl-ver-54-3.com	unknown	unknown	No data	No data	521 B	10 kB	188.114.97.1
cdnstatic.check-tl-ver-54-1.com	unknown	unknown	No data	No data	749 B	1.3 kB	188.114.97.1
www.highcpmgate.com	unknown	unknown	No data	No data	2.4 kB	4.3 kB	192.243.61.227
alphabookbet.com	unknown	unknown	No data	No data	19 kB	5.9 MB	104.21.11.147
www.gstatic.com	unknown	unknown	No data	No data	4.2 kB	524 kB	142.250.74.67
ka.check-tl-ver-54-3.com	unknown	unknown	No data	No data	1.3 kB	17 kB	104.21.58.39
ua.check-tl-ver-54-1.com	unknown	unknown	No data	No data	2.0 kB	14 kB	188.114.97.1
glugherg.net	unknown	unknown	No data	No data	2.6 kB	12 MB	139.45.197.237
placingharassment.com	unknown	unknown	No data	No data	4.9 kB	5.2 kB	172.240.108.68
static.zdassets.com	2154	unknown	No data	No data	1.3 kB	502 kB	104.18.72.113
ekr.zdassets.com	2396	unknown	No data	No data	468 B	2.4 kB	104.18.70.113
cdn.onesignal.com	3015	unknown	No data	No data	428 B	2.5 kB	104.16.160.145
rqqlj.check-tl-ver-54-3.com	unknown	unknown	No data	No data	2.0 kB	245 kB	188.114.97.1
kb.check-tl-ver-54-3.com	unknown	unknown	No data	No data	1.3 kB	10 kB	104.21.58.39
assets.customer.io	19446	unknown	No data	No data	424 B	26 kB	54.230.111.127
alphabook-static.ams3.cdn.digitaloceanspaces.com	unknown	unknown	No data	No data	2.0 kB	351 kB	172.64.145.29
gzeao.canopusacrux.com	unknown	unknown	No data	No data	600 B	1.1 kB	188.114.97.1
affiliate-api.income.partners	unknown	unknown	No data	No data	515 B	715 B	172.67.219.99
alphabook-static.ams3.digitaloceanspaces.com	unknown	unknown	No data	No data	3.5 kB	255 kB	5.101.110.225
renderer.gist.build	unknown	unknown	No data	No data	1.6 kB	2.3 kB	104.26.10.146

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2024-05-11 01:14:34	medium	192.64.81.118	Client IP	ET HUNTING Observed Let's Encrypt Certificate for Suspicious TLD (.xyz)
2024-05-11 01:14:34	medium	192.64.81.118	Client IP	ET HUNTING Observed Let's Encrypt Certificate for Suspicious TLD (.xyz)

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-11	medium	placingharassment.com	Sinkholed
2024-05-11	medium	placingharassment.com	Sinkholed
2024-05-11	medium	placingharassment.com	Sinkholed
2024-05-10	medium	highcpmgate.com	Sinkholed
2024-05-10	medium	highcpmgate.com	Sinkholed
2024-05-10	medium	glugherg.net	Sinkholed
2024-05-10	medium	glugherg.net	Sinkholed
2024-05-10	medium	glugherg.net	Sinkholed
2024-05-10	medium	glugherg.net	Sinkholed

ThreatFox

No alerts detected

JavaScript (43)

	URL	Size	First Seen	Last Seen
	static.zdassets.com/web_widget/messenger/latest/web-widget-2306-1220b2e.js	14 kB	2024-05-09	2024-05-23
Pretty URL static.zdassets.com/web_widget/messenger/latest/web-widget-2306-1220b2e.js IP 104.18.72.113 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-09 16:36:39 Last Seen2024-05-23 01:57:21 Times Seen182 Hash 941e56141b15f77aa166569e274867c7 6f25fa272defb4836af7df8ba063ffef738d1f12 0ee197b187206e2067b38f9d0661715bc3aa6dce8cee088a88a5212e0b31b6b9 Loading...

	static.zdassets.com/ekr/snippet.js?key=78a84f04-0f2c-44f9-9c19-d4e3dd5a5974	10 kB	2024-01-15	2024-05-23
Pretty URL static.zdassets.com/ekr/snippet.js?key=78a84f04-0f2c-44f9-9c19-d4e3dd5a5974 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-15 08:52:01 Last Seen2024-05-23 01:57:21 Times Seen4006 Hash c0053b411b753138af468db1bd3b19f3 7c3a187aa58f2b9e5446edb761b3d4d2ba506fe7 ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f Loading...

	cdn.onesignal.com/sdks/web/v16/OneSignalSDK.page.js	1.7 kB	2024-05-03	2024-05-23
Pretty URL cdn.onesignal.com/sdks/web/v16/OneSignalSDK.page.js IP 104.16.160.145 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-03 21:47:14 Last Seen2024-05-23 01:57:20 Times Seen130 Hash e97acd0bc7104d45af67c0c1d883418e 0deae2a69922785d45b51d53c4e6fce053631742 d1cc8e2214a41a9230081c383912319694ad158fac9483a22ec3f6230af88826 Loading...

	alphabookbet.com/assets/main.5c02046c6706569f0122.js	3.5 MB	2024-05-04	2024-05-15
Pretty URL alphabookbet.com/assets/main.5c02046c6706569f0122.js IP 104.21.11.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-04 20:25:43 Last Seen2024-05-15 00:59:36 Times Seen65 Hash 48e62c7adb2976cc443f3f94b8801024 1146643c5ccaf014c5647fa6092780c6edd87440 258743be27849af2192088a429834b7e7d06ded3d42c1726c59101cfea8b2368 Loading...

	code.gist.build/web/latest/gist.min.js	43 kB	2024-05-09	2024-05-23
Pretty URL code.gist.build/web/latest/gist.min.js IP 104.26.10.146 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-09 01:51:11 Last Seen2024-05-23 01:57:21 Times Seen102 Hash ff7b540040c15a491538b382d0df7309 84d75dea5528bd3041d63588137e8c7c076d9bde 9339332eb85f421ff0b2166e4935ebbcfe0da932aff4685ee85735dddc192cb6 Loading...

	alphabookbet.com/assets/0.3f3ebced562425f1977c.js	19 kB	2024-05-04	2024-05-15
Pretty URL alphabookbet.com/assets/0.3f3ebced562425f1977c.js IP 104.21.11.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-04 20:25:44 Last Seen2024-05-15 00:59:38 Times Seen102 Hash 8dd0657d7d425f8efa3b46796b1b09d7 ee860bba69dd136151586c63b40d2492afad209f a3985feaa01429322ae889b54857d48f4a7ba2abc7675b86c3918a7b64371e07 Loading...

	unknown	82 B	2023-04-13	2024-05-23
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-13 16:08:45 Last Seen2024-05-23 01:57:19 Times Seen1787 Hash 67a24a8bdca5577b37d605ce6e8adfb2 82fa2a206316f4cb674e1f790bf21adc3eea8e88 b6ef6fee73d4f31312a27bc9609dddb02b4511d4f1c5e80ea8a1a896cae11f53 Loading...

	static.zdassets.com/web_widget/messenger/latest/web-widget-9527-1220b2e.js	30 kB	2024-04-09	2024-05-23
Pretty URL static.zdassets.com/web_widget/messenger/latest/web-widget-9527-1220b2e.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-09 17:05:01 Last Seen2024-05-23 01:57:21 Times Seen362 Hash 083d4fe56f4013855997ad6d21392f69 09911e3ab09d861f133c686c5e1767e6b50a628c 9ad71bb2996ac89c0922d74c03405115600a0e9108c738f101c8b06e4dd59f62 Loading...

	www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__en.js	514 kB	2024-05-08	2024-05-21
Pretty URL www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__en.js IP 142.250.74.67 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 00:24:03 Last Seen2024-05-21 18:55:57 Times Seen7138 Hash add520996e437bff5d081315da187fbf 2e489fe16f3712bf36df00b03a8a5af8fa8d4b42 922b951591d52d44aa7015ebc95cab08192aa435b64f9016673ac5da1124a8b4 Loading...

	assets.customer.io/assets/in-app.js	3.1 kB	2024-04-27	2024-05-23
Pretty URL assets.customer.io/assets/in-app.js IP 54.230.111.127 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-27 01:42:20 Last Seen2024-05-23 01:57:19 Times Seen77 Hash 2419fbd26ba76588bf89bc14c5a941d0 f6c20fc637837617692db91734bd2c7f13fadfe6 cb8289d5afe2b48cd35494562ea25ab868a517da5a05e7f272e4a59bca56c6eb Loading...

	alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w3i5qriae740o17137h6l166	403 B	2023-11-05	2024-05-23
Pretty URL alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w3i5qriae740o17137h6l166 IP 104.21.11.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-05 06:49:18 Last Seen2024-05-23 01:57:19 Times Seen89 Hash 78a0aefd96b96192d8f765d953264296 cb6b05a51b5dd5f2829bdd1df67ada9bcc56f89b 18e58bb869a6d7f97b962ff3b1f3da88f666f6138bf742a382277923bc025253 Loading...

	static.zdassets.com/web_widget/messenger/latest/web-widget-main-1220b2e.js	465 kB	2024-05-09	2024-05-16
Pretty URL static.zdassets.com/web_widget/messenger/latest/web-widget-main-1220b2e.js IP 104.18.72.113 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-09 16:36:39 Last Seen2024-05-16 10:20:59 Times Seen77 Hash 565a0c5144b0794d1d5a1063fd60378e b3bbbfa2c0db22694ea9407d446b5264a7a64ee5 4f213966f71c5188ab515c69ad508977969d655bdc1308be355a13cd19c2c846 Loading...

	code.gist.build/renderer/0.2.17/main.dart.js	1.9 MB	2024-04-27	2024-05-23
Pretty URL code.gist.build/renderer/0.2.17/main.dart.js IP 104.26.10.146 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-27 01:42:18 Last Seen2024-05-23 01:57:19 Times Seen113 Hash ba2cc37615483d76cfbb34478b5061f3 7bf30746672b9f659e65d34619490bfa78c92141 1446b90a921e2fe51d0d45cbe9a35424fc490e7dc3b935893e5b8a455ad78965 Loading...

	alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w3i5qriae740o17137h6l166	419 B	2023-06-19	2024-05-20
Pretty URL alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w3i5qriae740o17137h6l166 IP 104.21.11.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-19 14:16:29 Last Seen2024-05-20 01:22:32 Times Seen79 Hash e397961bbbfc71ca4a770e16a5070888 185e345e1c8d0d957e0a2d492f26da513bc668ad ceaee6c061f709c1942da5ad01d95b70739f65c8106ebcb161f1d89edec5b271 Loading...

	www.googletagmanager.com/gtag/js?id=G-LWDH4XKP02	308 kB	2024-05-11	2024-05-11
Pretty URL www.googletagmanager.com/gtag/js?id=G-LWDH4XKP02 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-11 04:14:08 Last Seen2024-05-11 04:14:09 Times Seen2 Hash ed1144495aa68e21561a917e02f9b2bc 2d861ca1ecc9dd74646eb907eb90206df79fe020 ace37ef9c1e8c6b9e46912354cd3410888b04bb7a52ec4eef431034fcb802c65 Loading...

	static.zdassets.com/web_widget/messenger/latest/web-widget-4852-1220b2e.js	142 kB	2024-05-09	2024-05-23
Pretty URL static.zdassets.com/web_widget/messenger/latest/web-widget-4852-1220b2e.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-09 16:36:40 Last Seen2024-05-23 01:57:20 Times Seen181 Hash 40fb729956c4a956df4256614af4b393 4d42f2785f7ac8d2c850c39cd92414b47c5f8c99 356c4544c456b989861d78d9cb42a8e8625171a6eec736fa2f5424601d985a42 Loading...

	www.google.com/js/bg/EghGp72f3L_y9HVk4Nn8Vk_BAMWB9fGIEzP3DzvQDW8.js	18 kB	2024-05-03	2024-05-11
Pretty URL www.google.com/js/bg/EghGp72f3L_y9HVk4Nn8Vk_BAMWB9fGIEzP3DzvQDW8.js IP 142.250.74.132 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-03 12:06:34 Last Seen2024-05-11 10:37:36 Times Seen438 Hash 7c111ad0cbb18935696bc8bb0846ec26 a9c77f0678ff71a4032e787999ada733e7da10cf 120846a7bd9fdcbff2f47564e0d9fc564fc100c581f5f1881333f70f3bd00d6f Loading...

	assets.customer.io/assets/track.js	6.8 kB	2024-04-21	2024-05-23
Pretty URL assets.customer.io/assets/track.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-21 15:22:36 Last Seen2024-05-23 01:57:19 Times Seen130 Hash 32a8226512dd2cca5956cdb283e5bdfe aaa18b3fa994dc6aee2d284e75855d52dd03cc7d 2fcfdae5440da627328eae9b05b0a54eb0e545892167f7e3c88636037a5c4c79 Loading...

	unknown	77 B	2023-04-13	2024-05-23
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-13 16:08:45 Last Seen2024-05-23 01:57:19 Times Seen1784 Hash 5ada4f545e5b41cc9774b9c537654481 7aeac43d786855f9d50588ebf2ad0428aa7a08dd c95b3fc54062c581e2d235f25aa9074b000bd2c718804455238fc5ea286fb0c0 Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldhc0AlAAAAAJUY_BS5coGTzfWcigG8Ffq24P4i&co=aHR0cHM6Ly9hbHBoYWJvb2tiZXQuY29tOjQ0Mw..&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=invisible&cb=rtev3f3rymsw	69 B	2023-03-07	2024-05-23
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldhc0AlAAAAAJUY_BS5coGTzfWcigG8Ffq24P4i&co=aHR0cHM6Ly9hbHBoYWJvb2tiZXQuY29tOjQ0Mw..&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=invisible&cb=rtev3f3rymsw IP 142.250.74.132 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02:05 Last Seen2024-05-23 03:42:45 Times Seen102937 Hash 45ecf7458f42da80ac248ad42d610372 a5b3edf8328769bc754e6e616a957ceed4fdadd7 75867e75b209895995014b43c3d711476e3437481e5fbec91a4da674302558bf Loading...

	alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w3i5qriae740o17137h6l166	155 B	2024-04-27	2024-05-23
Pretty URL alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w3i5qriae740o17137h6l166 IP 104.21.11.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-27 01:42:18 Last Seen2024-05-23 01:57:19 Times Seen85 Hash 975da131dd900fb50a5325515f3f2607 b6061cd93bcf4c590f72283ab516cdb8364232fa 7a4baaad411d3efd78dff61fc37a3de8d779dbf84ae2b7bf7f736ff49df0f41a Loading...

	alphabookbet.com/assets/theme.fa2a734444e6a414eca0.js	1.4 kB	2024-05-04	2024-05-15
Pretty URL alphabookbet.com/assets/theme.fa2a734444e6a414eca0.js IP 104.21.11.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-04 20:25:43 Last Seen2024-05-15 00:59:36 Times Seen62 Hash 4f066527aa36fbf7b7781938318be59d d0f8a6d6fcb1ae230b5daa6e164184617148f6a7 d9ecff2c2e517eb4d4abc36716ac893c5655fb7a2dc264b17632296b2e6ce68f Loading...

	alphabookbet.com/assets/2.c220646e8bf82104c6e3.js	26 kB	2024-05-04	2024-05-15
Pretty URL alphabookbet.com/assets/2.c220646e8bf82104c6e3.js IP 104.21.11.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-04 20:25:43 Last Seen2024-05-15 00:59:36 Times Seen62 Hash aae25d15ba5b452b78bae6e36c2e4c5d 5b5a341f4f3742f162f49a56cc520e553fb4ed54 b651b0a2ca9fa0df80eb51d619bff106e8b63af5d3e81f37fe4c16cabeb944bd Loading...

	static.zdassets.com/web_widget/messenger/latest/web-widget-5178-1220b2e.js	12 kB	2024-05-09	2024-05-23
Pretty URL static.zdassets.com/web_widget/messenger/latest/web-widget-5178-1220b2e.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-09 16:36:39 Last Seen2024-05-23 01:57:21 Times Seen183 Hash 7ea6a03ae546d28215fb61ff43d384ab 396fd003ec081a6ed61f538bb0e3457f4ec3080e b8ff59d329d21518b345f0932febb24febe12b0143d9f56c31676c9bc5db2459 Loading...

	alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w3i5qriae740o17137h6l166	439 B	2024-04-27	2024-05-23
Pretty URL alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w3i5qriae740o17137h6l166 IP 104.21.11.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-27 01:42:18 Last Seen2024-05-23 01:57:19 Times Seen85 Hash da79333e602753cdaeb2a90f76a64aca fb268c4a2abafba5fe3b32ee4f5251c0a886b0ab d39e85da377182393e3186f1b1697375684c11341295828b96410662e4519f75 Loading...

	alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w3i5qriae740o17137h6l166	486 B	2024-04-27	2024-05-23
Pretty URL alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w3i5qriae740o17137h6l166 IP 104.21.11.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-27 01:42:18 Last Seen2024-05-23 01:57:19 Times Seen85 Hash e8241f3eb5ed8689e73c2dd01aa04cb0 50803fe208ad74aaffebd51d8c77258723ef0347 4a9b8d9c46691274b5d4f0e00a840bb568832e4816e52f748daaa8d185249ac4 Loading...

	code.gist.build/renderer/0.2.17/main.min.js	2.6 kB	2024-05-10	2024-05-23
Pretty URL code.gist.build/renderer/0.2.17/main.min.js IP 104.26.10.146 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 01:26:17 Last Seen2024-05-23 01:57:20 Times Seen85 Hash 5074b3b3f2bd4520ed4a76c3c5d22f15 7cfc68a8768718db168b2d4e7babbfc07563c696 f8a425cc9c486070ec47b0300f7e0a58179b396d1deb49b1182d3e36274d111e Loading...

	alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w3i5qriae740o17137h6l166	73 kB	2024-05-10	2024-05-15
Pretty URL alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w3i5qriae740o17137h6l166 IP 104.21.11.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-10 20:03:26 Last Seen2024-05-15 00:59:35 Times Seen26 Hash 230282af3e44b375408cd5062141431f 96c184542c98b98b553cc37dd141b55394ab41fe f65aad5e139865d9386bad997aa19b04f543b39fe82e182f9c1a05ba403b481d Loading...

	alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w3i5qriae740o17137h6l166	10 MB	2024-05-11	2024-05-11
Pretty URL alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w3i5qriae740o17137h6l166 IP 104.21.11.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-11 04:14:08 Last Seen2024-05-11 04:14:08 Times Seen1 Hash eaf4f4248839b2379fa1449b8a3cf0ea 5e590c9134dbfc713700211e5b58f000bc33ada8 04d30e87176f0e0290dd16629628c43d5f908ce6613d6eb63bacd6ff055b21f3 Loading...

	alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w3i5qriae740o17137h6l166	500 B	2024-04-27	2024-05-23
Pretty URL alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w3i5qriae740o17137h6l166 IP 104.21.11.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-27 01:42:20 Last Seen2024-05-23 01:57:19 Times Seen84 Hash 0000a8ff33122d1398f01c8c72387a1e 37d829a067695bb457ee78b6a9f45d5eac83714a 8dbb938c7ba78469bd78fb587666755f6308414e19959b01fa37d1c126fc73ed Loading...

	alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w3i5qriae740o17137h6l166	882 B	2024-04-27	2024-05-23
Pretty URL alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w3i5qriae740o17137h6l166 IP 104.21.11.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-27 01:42:20 Last Seen2024-05-23 01:57:19 Times Seen83 Hash 962fa111ebf6686c8642650efd22dd44 4cf6a79e45320f0b0a2661dda449ae9193b959f9 df5addaeef9e53e0529ad0e97eccfe2f6b62da7b071aee2316c0cfa8bb8478fc Loading...

	alphabookbet.com/assets/1.cb6e26504a5645960548.js	15 kB	2024-05-04	2024-05-15
Pretty URL alphabookbet.com/assets/1.cb6e26504a5645960548.js IP 104.21.11.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-04 20:25:43 Last Seen2024-05-15 00:59:38 Times Seen102 Hash ddda628fadd504b0c496525b9f47d9aa 8f2b539179bcdff777b11f7c3e64944814332886 05cc1faa72690b5f99e62e883e390562bee5d2a22a7a5b27a12af26f071688cb Loading...

	alphabookbet.com/assets/14.ba5be7efef44763ec7f6.js	123 kB	2024-05-04	2024-05-15
Pretty URL alphabookbet.com/assets/14.ba5be7efef44763ec7f6.js IP 104.21.11.147 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-04 20:25:44 Last Seen2024-05-15 00:59:35 Times Seen59 Hash caba1ba952b11883874ac2389e384bbe fb7984e17ec45ffbf3f6a944a6bb5057ebb30aa1 6d10a11723baf4c37585c223151b9a154bda3aa8a9ef6537587c989b4bf46c24 Loading...

	www.google.com/recaptcha/api.js?render=6Ldhc0AlAAAAAJUY_BS5coGTzfWcigG8Ffq24P4i	884 B	2024-05-08	2024-05-15
Pretty URL www.google.com/recaptcha/api.js?render=6Ldhc0AlAAAAAJUY_BS5coGTzfWcigG8Ffq24P4i IP 142.250.74.132 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 19:25:35 Last Seen2024-05-15 23:36:26 Times Seen60 Hash 4729288ad0b21449eec12bad609135ba bdc097fa6b6e3868617cb1f8648086b601bb5db5 5e206fed0c011faac27e155a20cbed416eaf7ff327e3ec3a6c124b8d336d892c Loading...

	static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/en-us-json-1220b2e.js	19 kB	2024-05-09	2024-05-23
Pretty URL static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/en-us-json-1220b2e.js IP 104.18.72.113 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-09 16:36:40 Last Seen2024-05-23 01:57:19 Times Seen128 Hash 0950a1ea6ac93c32e32c9163c222d3b1 b3603e279f7d8b5cabfb9ddf4539ba6733a9bc68 7c11046f5cf371469a6ee77a3142f700e44c7b98d5df55165b5fdfb9d064777c Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldhc0AlAAAAAJUY_BS5coGTzfWcigG8Ffq24P4i&co=aHR0cHM6Ly9hbHBoYWJvb2tiZXQuY29tOjQ0Mw..&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=invisible&cb=rtev3f3rymsw	38 kB	2024-05-11	2024-05-11
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldhc0AlAAAAAJUY_BS5coGTzfWcigG8Ffq24P4i&co=aHR0cHM6Ly9hbHBoYWJvb2tiZXQuY29tOjQ0Mw..&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=invisible&cb=rtev3f3rymsw IP 142.250.74.132 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-11 04:14:08 Last Seen2024-05-11 04:14:09 Times Seen1 Hash e15977057889ea00bde4ae5eaf181ac3 809e26e8c24f8dbf919594b594ba1349d0622c27 ecb483ede4d8903f1a897c312209707e5919f9786eb4d5c806b32f4e85ee1840 Loading...

	game2.betgames.tv/design/client/js/betgames.js	23 kB	2024-04-27	2024-05-23
Pretty URL game2.betgames.tv/design/client/js/betgames.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-27 01:42:18 Last Seen2024-05-23 01:57:20 Times Seen143 Hash 8182cf2fbe5d5b58e14579040d91eb2d 5b95855cce7900400f07b5063f56d78b04db4500 72fef9f42edc4827834657d137e2a979817b7bfdbcdf097d3b4dcb24a22c0e4e Loading...

	static.zdassets.com/web_widget/messenger/latest/web-widget-9535-1220b2e.js	16 kB	2024-05-09	2024-05-23
Pretty URL static.zdassets.com/web_widget/messenger/latest/web-widget-9535-1220b2e.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-09 16:36:39 Last Seen2024-05-23 01:57:20 Times Seen181 Hash 49e0c7e2a647623949726517bb39175a a408186bb7ad54f4eadfe0ff1b58d670fc676f2e d52b4f234c5594531fe5d7b44dc0152721c4c1d8fa24fc1363e62d83dcf9b090 Loading...

	unknown	83 B	2023-04-13	2024-05-23
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-13 16:08:45 Last Seen2024-05-23 01:57:19 Times Seen1785 Hash 62cd50374f9e402baf5a7de635f1b832 8f48044d7fa09ae8d666ab4056e9f7a570dc1774 18de782ff83190db91cd321421564b77ca13c7953ab5831901095354b093c0ac Loading...

		Size	First Seen	Last Seen
	#1 Eval - 6f63119d268511a556618263c2c35373	22 B	2024-05-03	2024-05-11
Pretty Observations First Seen2024-05-03 12:06:35 Last Seen2024-05-11 10:37:35 Times Seen203 Hash 6f63119d268511a556618263c2c35373 4e94ac8bf69852bfb641a12fb940fc44839f30ae d8054d27815731c90f7ae63757d8aa7e03189d17b96a9fd91c856794e7b91860 Loading...

	#2 Eval - 4e9af40e2f8df8d4d4828c599caa9c96	62 B	2024-05-03	2024-05-11
Pretty Observations First Seen2024-05-03 12:06:35 Last Seen2024-05-11 10:37:35 Times Seen205 Hash 4e9af40e2f8df8d4d4828c599caa9c96 f69ebc87b40abe1534def20d722200e6d99ed2a1 9f5c1cd413be6958f9b36a82b2e4305ac91e9e980204238a75a9b913a4b61ab9 Loading...

	#3 Eval - c3b5e0896dca752360bb6b0f2559d581	22 B	2024-05-03	2024-05-11
Pretty Observations First Seen2024-05-03 12:06:35 Last Seen2024-05-11 10:37:35 Times Seen207 Hash c3b5e0896dca752360bb6b0f2559d581 851b13b8ed491f87e4b571cac88d53b28a868c31 12ca563dc417d554ed3c5b26e4409d5fb22e88a47fb6fa041e60e3746e3e1a20 Loading...

	#4 Eval - f544be7eec02be79abe982af34628dd0	23 kB	2024-05-11	2024-05-11
Pretty Observations First Seen2024-05-11 04:14:09 Last Seen2024-05-11 04:14:09 Times Seen1 Hash f544be7eec02be79abe982af34628dd0 bfd21cada47a19f619c6f46993919c6b9f58bc6f ce85cc2426de5ed69ff2395f08aed9052da0dc1d873f2bde2d556b1a4d707e3a Loading...

HTTP Transactions (115)

URL IP Response Size

placingharassment.com/zv5x4wvh?adb=n&adb=n&adb=n&adb=n&adb=n&dev=r&elzq=7&key=5caf99574cf45b9dcbdbba6ed2cd1ccf&kw=[]&psid=nxbrew.com,nxbrew.com&refer=https://nxbrew.com/top-50-nintendo-switch-games-by-nxbrew/&res=14.31&scrHeight=864&scrWidth=1536&ship=&sub3=invoke_layer&tz=10&uuid=58975686-4d95-4a24-8994-c5ba9f893fcb:1:1&v=24.5.6485

172.240.108.68

1.7 kB

URL
placingharassment.com/zv5x4wvh?adb=n&adb=n&adb=n&adb=n&adb=n&dev=r&elzq=7&key=5caf99574cf45b9dcbdbba6ed2cd1ccf&kw=[]&psid=nxbrew.com,nxbrew.com&refer=https://nxbrew.com/top-50-nintendo-switch-games-by-nxbrew/&res=14.31&scrHeight=864&scrWidth=1536&ship=&sub3=invoke_layer&tz=10&uuid=58975686-4d95-4a24-8994-c5ba9f893fcb:1:1&v=24.5.6485
IP
172.240.108.68:0
ASN
#7979 SERVERS-COM

File type
HTML document, ASCII text, with very long lines (763)
Size
1.7 kB (1651 bytes)
Hash
7d876b9549899db7f70be9382f68ff44
a679ca496d63f1eba3d11dc47f5a1d463e55dd13
6f7e8a74d91c76e193bf4d23fd80cee5a487e256fe474c0985755a26d30323f0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /zv5x4wvh?adb=n&adb=n&adb=n&adb=n&adb=n&dev=r&elzq=7&key=5caf99574cf45b9dcbdbba6ed2cd1ccf&kw=[]&psid=nxbrew.com,nxbrew.com&refer=https://nxbrew.com/top-50-nintendo-switch-games-by-nxbrew/&res=14.31&scrHeight=864&scrWidth=1536&ship=&sub3=invoke_layer&tz=10&uuid=58975686-4d95-4a24-8994-c5ba9f893fcb:1:1&v=24.5.6485 HTTP/1.1
Host: placingharassment.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 11 May 2024 01:14:33 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=15123025; expires=Sun, 12 May 2024 01:14:33 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTEyMzAyNSwiayI6IjVjYWY5OTU3NGNmNDViOWRjYmRiYmE2ZWQyY2QxY2NmIiwic2lkIjoibnhicmV3LmNvbSxueGJyZXcuY29tIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMjc5NzIsInBpZCI6MTA4Njk1LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjM0LCJhaWQiOjI4LCJwdCI6NCwicGsiOiJ6djV4NHd2aCIsImNwa3MiOnsiMjkiOiJmNjEyNjc5MjQ3MzlmMzlmYjQ4ODhhMmRiZmU2NjViZiJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vbnhicmV3LmNvbS90b3AtNTAtbmludGVuZG8tc3dpdGNoLWdhbWVzLWJ5LW54YnJldy8iLCJhciI6W119fQ.zDjKFG6CRUctLxf_VRsGXiEXPyvd4chMzBe4R81B9o0; expires=Sat, 11 May 2024 01:15:33 GMT
uid_id2=58975686-4d95-4a24-8994-c5ba9f893fcb:1:1; expires=Sat, 18 May 2024 01:14:33 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f4969cac2213ca6eb2cfb250136e979c
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

placingharassment.com/api/users?token=L3p2NXg0d3ZoP2FkYj1uJmRldj1yJmVsenE9NyZrZXk9NWNhZjk5NTc0Y2Y0NWI5ZGNiZGJiYTZlZDJjZDFjY2Yma3c9JTVCJTVEJnBzaWQ9bnhicmV3LmNvbSUyQ254YnJldy5jb20mcHN0PTE3MTUzOTAxMzMmcmVmZXI9aHR0cHMlM0ElMkYlMkZueGJyZXcuY29tJTJGdG9wLTUwLW5pbnRlbmRvLXN3aXRjaC1nYW1lcy1ieS1ueGJyZXclMkYmcmVzPTE0LjMxJnJtdGM9dCZzY3JIZWlnaHQ9ODY0JnNjcldpZHRoPTE1MzYmc2hpcD0mc2h1PTczYTA4M2QxYTljNTk1NTU3ZWU2ODQ4YmJjN2VmZmUyNTcxNjU0Yzc2NDlmNTdlZDRmNWE4ODEwYzQzOWE5ODdiYTIzNzFhMGY3NjExOGRmNGIzM2VkZWM4NzNkNDBiZGJhNDI1ZmQwOTg2MjFhNzAxNmFhNjgyMzdhOWI2NTk0YjA1NDdkMzg3NWM5NTYxZjAzNGM5MjM1ODQ5OGU2OWVkMjIzNjJhZTZjY2NlMDJmMWViODY3YmFiNDU2ZTU3NGVlJnN1YjM9aW52b2tlX2xheWVyJnR6PTEwJnV1aWQ9NTg5NzU2ODYtNGQ5NS00YTI0LTg5OTQtYzViYTlmODkzZmNiJTNBMSUzQTEmdj0yNC41LjY0ODU&uuid=58975686-4d95-4a24-8994-c5ba9f893fcb%3A1%3A1&pii=&in=false

172.240.108.68

0 B

URL
placingharassment.com/api/users?token=L3p2NXg0d3ZoP2FkYj1uJmRldj1yJmVsenE9NyZrZXk9NWNhZjk5NTc0Y2Y0NWI5ZGNiZGJiYTZlZDJjZDFjY2Yma3c9JTVCJTVEJnBzaWQ9bnhicmV3LmNvbSUyQ254YnJldy5jb20mcHN0PTE3MTUzOTAxMzMmcmVmZXI9aHR0cHMlM0ElMkYlMkZueGJyZXcuY29tJTJGdG9wLTUwLW5pbnRlbmRvLXN3aXRjaC1nYW1lcy1ieS1ueGJyZXclMkYmcmVzPTE0LjMxJnJtdGM9dCZzY3JIZWlnaHQ9ODY0JnNjcldpZHRoPTE1MzYmc2hpcD0mc2h1PTczYTA4M2QxYTljNTk1NTU3ZWU2ODQ4YmJjN2VmZmUyNTcxNjU0Yzc2NDlmNTdlZDRmNWE4ODEwYzQzOWE5ODdiYTIzNzFhMGY3NjExOGRmNGIzM2VkZWM4NzNkNDBiZGJhNDI1ZmQwOTg2MjFhNzAxNmFhNjgyMzdhOWI2NTk0YjA1NDdkMzg3NWM5NTYxZjAzNGM5MjM1ODQ5OGU2OWVkMjIzNjJhZTZjY2NlMDJmMWViODY3YmFiNDU2ZTU3NGVlJnN1YjM9aW52b2tlX2xheWVyJnR6PTEwJnV1aWQ9NTg5NzU2ODYtNGQ5NS00YTI0LTg5OTQtYzViYTlmODkzZmNiJTNBMSUzQTEmdj0yNC41LjY0ODU&uuid=58975686-4d95-4a24-8994-c5ba9f893fcb%3A1%3A1&pii=&in=false
IP
172.240.108.68:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /api/users?token=L3p2NXg0d3ZoP2FkYj1uJmRldj1yJmVsenE9NyZrZXk9NWNhZjk5NTc0Y2Y0NWI5ZGNiZGJiYTZlZDJjZDFjY2Yma3c9JTVCJTVEJnBzaWQ9bnhicmV3LmNvbSUyQ254YnJldy5jb20mcHN0PTE3MTUzOTAxMzMmcmVmZXI9aHR0cHMlM0ElMkYlMkZueGJyZXcuY29tJTJGdG9wLTUwLW5pbnRlbmRvLXN3aXRjaC1nYW1lcy1ieS1ueGJyZXclMkYmcmVzPTE0LjMxJnJtdGM9dCZzY3JIZWlnaHQ9ODY0JnNjcldpZHRoPTE1MzYmc2hpcD0mc2h1PTczYTA4M2QxYTljNTk1NTU3ZWU2ODQ4YmJjN2VmZmUyNTcxNjU0Yzc2NDlmNTdlZDRmNWE4ODEwYzQzOWE5ODdiYTIzNzFhMGY3NjExOGRmNGIzM2VkZWM4NzNkNDBiZGJhNDI1ZmQwOTg2MjFhNzAxNmFhNjgyMzdhOWI2NTk0YjA1NDdkMzg3NWM5NTYxZjAzNGM5MjM1ODQ5OGU2OWVkMjIzNjJhZTZjY2NlMDJmMWViODY3YmFiNDU2ZTU3NGVlJnN1YjM9aW52b2tlX2xheWVyJnR6PTEwJnV1aWQ9NTg5NzU2ODYtNGQ5NS00YTI0LTg5OTQtYzViYTlmODkzZmNiJTNBMSUzQTEmdj0yNC41LjY0ODU&uuid=58975686-4d95-4a24-8994-c5ba9f893fcb%3A1%3A1&pii=&in=false HTTP/1.1
Host: placingharassment.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://placingharassment.com/api/users?token=L3p2NXg0d3ZoP2tleT0wZjIyYzFmZDYwOWYxM2NiNzk0N2M4Y2FiZmUxYTkwZCZzdWJtZXRyaWM9MTUxMjMwMjU
Cookie: u_pl=15123025; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTEyMzAyNSwiayI6IjVjYWY5OTU3NGNmNDViOWRjYmRiYmE2ZWQyY2QxY2NmIiwic2lkIjoibnhicmV3LmNvbSxueGJyZXcuY29tIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMjc5NzIsInBpZCI6MTA4Njk1LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjM0LCJhaWQiOjI4LCJwdCI6NCwicGsiOiJ6djV4NHd2aCIsImNwa3MiOnsiMjkiOiJmNjEyNjc5MjQ3MzlmMzlmYjQ4ODhhMmRiZmU2NjViZiJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vbnhicmV3LmNvbS90b3AtNTAtbmludGVuZG8tc3dpdGNoLWdhbWVzLWJ5LW54YnJldy8iLCJhciI6W119fQ.zDjKFG6CRUctLxf_VRsGXiEXPyvd4chMzBe4R81B9o0; uid_id2=58975686-4d95-4a24-8994-c5ba9f893fcb:1:1; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx/1.21.6
Date: Sat, 11 May 2024 01:14:34 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://nylonnickel.xyz/c9b2l0k.php?key=725l9nmctij07aovqopa&SUB_ID_SHORT=3a06f7af57011c1d6021e110d8998689&COST_CPC=&PLACEMENT_ID=15123025&CAMPAIGN_ID=1036794&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Linux&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&REMOTE_LANGUAGE=11&BANNER_ID=2918465
Set-Cookie: uid_id2=58975686-4d95-4a24-8994-c5ba9f893fcb:1:1; expires=Sat, 18 May 2024 01:14:33 GMT
pdhtkv=true; expires=Sun, 12 May 2024 01:14:34 GMT
uncs=1; expires=Sun, 12 May 2024 01:14:34 GMT
pdhtkv28=true; expires=Sun, 12 May 2024 01:14:34 GMT
uncs28=1; expires=Sun, 12 May 2024 01:14:34 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: edbf8977c32c9339ced179dca60a6e86
Strict-Transport-Security: max-age=0; includeSubdomains

placingharassment.com/favicon.ico

192.243.59.12

0 B

URL
placingharassment.com/favicon.ico
IP
192.243.59.12:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: placingharassment.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://placingharassment.com/api/users?token=L3p2NXg0d3ZoP2tleT0wZjIyYzFmZDYwOWYxM2NiNzk0N2M4Y2FiZmUxYTkwZCZzdWJtZXRyaWM9MTUxMjMwMjU
Cookie: u_pl=15123025; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTEyMzAyNSwiayI6IjVjYWY5OTU3NGNmNDViOWRjYmRiYmE2ZWQyY2QxY2NmIiwic2lkIjoibnhicmV3LmNvbSxueGJyZXcuY29tIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMjc5NzIsInBpZCI6MTA4Njk1LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjM0LCJhaWQiOjI4LCJwdCI6NCwicGsiOiJ6djV4NHd2aCIsImNwa3MiOnsiMjkiOiJmNjEyNjc5MjQ3MzlmMzlmYjQ4ODhhMmRiZmU2NjViZiJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vbnhicmV3LmNvbS90b3AtNTAtbmludGVuZG8tc3dpdGNoLWdhbWVzLWJ5LW54YnJldy8iLCJhciI6W119fQ.zDjKFG6CRUctLxf_VRsGXiEXPyvd4chMzBe4R81B9o0; uid_id2=58975686-4d95-4a24-8994-c5ba9f893fcb:1:1; cjs=t
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 11 May 2024 01:14:34 GMT
Content-Type: image/x-icon
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: af26a8d591cca32b7476266a4708992f
Strict-Transport-Security: max-age=0; includeSubdomains

nylonnickel.xyz/c9b2l0k.php?key=725l9nmctij07aovqopa&SUB_ID_SHORT=3a06f7af57011c1d6021e110d8998689&COST_CPC=&PLACEMENT_ID=15123025&CAMPAIGN_ID=1036794&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Linux&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&REMOTE_LANGUAGE=11&BANNER_ID=2918465

192.64.81.118

0 B

URL
nylonnickel.xyz/c9b2l0k.php?key=725l9nmctij07aovqopa&SUB_ID_SHORT=3a06f7af57011c1d6021e110d8998689&COST_CPC=&PLACEMENT_ID=15123025&CAMPAIGN_ID=1036794&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Linux&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&REMOTE_LANGUAGE=11&BANNER_ID=2918465
IP
192.64.81.118:0
ASN
#19318 IS-AS-1

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /c9b2l0k.php?key=725l9nmctij07aovqopa&SUB_ID_SHORT=3a06f7af57011c1d6021e110d8998689&COST_CPC=&PLACEMENT_ID=15123025&CAMPAIGN_ID=1036794&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Linux&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&REMOTE_LANGUAGE=11&BANNER_ID=2918465 HTTP/1.1
Host: nylonnickel.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://placingharassment.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx/1.22.0
Date: Sat, 11 May 2024 01:14:34 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: uclick=us168wxi46; expires=Sun, 12-May-2024 01:14:34 GMT; Max-Age=86400; path=/; secure; SameSite=none
uclickhash=us168wxi46-us168wxi46-fyyd-0-us8pwj-g5us0-g5pm3y-5fda94; expires=Sun, 12-May-2024 01:14:34 GMT; Max-Age=86400; path=/; secure; SameSite=none
Location: https://rqqlj.canopusacrux.com/?pl=4l9EZwXc2kSH_LKKjogwWA&click_id=f2dd7us168wxi46796&sub_id=15123025
Strict-Transport-Security: max-age=31536000

rqqlj.canopusacrux.com/?pl=4l9EZwXc2kSH_LKKjogwWA&click_id=f2dd7us168wxi46796&sub_id=15123025

188.114.97.1

0 B

URL
rqqlj.canopusacrux.com/?pl=4l9EZwXc2kSH_LKKjogwWA&click_id=f2dd7us168wxi46796&sub_id=15123025
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?pl=4l9EZwXc2kSH_LKKjogwWA&click_id=f2dd7us168wxi46796&sub_id=15123025 HTTP/1.1
Host: rqqlj.canopusacrux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://placingharassment.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Sat, 11 May 2024 01:14:34 GMT
content-length: 0
location: https://rqqlj.check-tl-ver-54-3.com/blue-robot/?pl=4l9EZwXc2kSH_LKKjogwWA&sm=blue-robot&click_id=f2dd7us168wxi46796&sub_id=15123025&nrid=d83a48da84474378a2c68de29a4139ed&hash=-q8aJ8dqSXmMcJRXJgfJ9g&exp=1715390374
set-cookie: 4l9EZwXc2kSH_LKKjogwWA=3; max-age=345600; path=/; samesite=lax
__pl=f749197b-7d16-48d1-9816-75170294b8b9; expires=Mon, 11 May 2026 01:14:34 GMT; path=/; samesite=lax
__cap=1; max-age=3600; path=/; samesite=lax
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oY4XaWiQJgk1rsjCYTVEOfbRCg%2Flaxgy35CKvcG2iphkeoerScbtq9u3dfV1HdZsVayN9GtTXY6jQaMBDc81deeoPKt2GbBPFQ62Vq91yO2dQAuSXusK6BMuTx7obumv5z4FjLlVS0gG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881e501e4c0e7129-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

rqqlj.check-tl-ver-54-3.com/blue-robot/?pl=4l9EZwXc2kSH_LKKjogwWA&sm=blue-robot&click_id=f2dd7us168wxi46796&sub_id=15123025&nrid=d83a48da84474378a2c68de29a4139ed&hash=-q8aJ8dqSXmMcJRXJgfJ9g&exp=1715390374

188.114.97.1

23 kB

URL
rqqlj.check-tl-ver-54-3.com/blue-robot/?pl=4l9EZwXc2kSH_LKKjogwWA&sm=blue-robot&click_id=f2dd7us168wxi46796&sub_id=15123025&nrid=d83a48da84474378a2c68de29a4139ed&hash=-q8aJ8dqSXmMcJRXJgfJ9g&exp=1715390374
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with very long lines (1380), with CRLF line terminators
Size
23 kB (22655 bytes)
Hash
9a97caf42661ea48c9a8d347229b398a
5ee1404818c517813439e1a056b4016531fa11c7
8ac0a629dba5a9c8e52055295882680ede84c8d0a9f9e1c1af3636d1f47fa3bd

HTTP Headers

GET /blue-robot/?pl=4l9EZwXc2kSH_LKKjogwWA&sm=blue-robot&click_id=f2dd7us168wxi46796&sub_id=15123025&nrid=d83a48da84474378a2c68de29a4139ed&hash=-q8aJ8dqSXmMcJRXJgfJ9g&exp=1715390374 HTTP/1.1
Host: rqqlj.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://placingharassment.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 11 May 2024 01:14:34 GMT
content-type: text/html
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kPO9xLqj7JITYUrBt8nsn74PW%2FiUm5Pnxbg2gbXJ29%2BJctr%2FjVkvyrhdd3rOCFyFO%2FuamfhXdBTWok%2Fy8kCUTbIGmNg4eDxiLW8CsZ8nuS9rak%2Fop3ZlQvqv1%2BJUYb4dkAyTgArCkQdrEDFZbyM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881e501f2ee95689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

142.250.74.163

16 kB

URL
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15552, version 1.0
Size
16 kB (15552 bytes)
Hash
285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rqqlj.check-tl-ver-54-3.com
DNT: 1
Connection: keep-alive
Referer: https://rqqlj.check-tl-ver-54-3.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 10 May 2024 03:22:23 GMT
expires: Sat, 10 May 2025 03:22:23 GMT
cache-control: public, max-age=31536000
age: 78732
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

rqqlj.check-tl-ver-54-3.com/favicon.ico

188.114.97.1

0 B

URL
rqqlj.check-tl-ver-54-3.com/favicon.ico
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: rqqlj.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rqqlj.check-tl-ver-54-3.com/blue-robot/?pl=4l9EZwXc2kSH_LKKjogwWA&sm=blue-robot&click_id=f2dd7us168wxi46796&sub_id=15123025&nrid=d83a48da84474378a2c68de29a4139ed&hash=-q8aJ8dqSXmMcJRXJgfJ9g&exp=1715390374
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
date: Sat, 11 May 2024 01:14:35 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 5808
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c80ryBhG8ebVJvPRjra4xtp98lYXMunAmVa7uSBXN4qo3kXzXUx%2FEQfUxTNh9ypy%2BzB4MskqVzqyX2EKlS52gInxj0sQPHs7Fa0lV0%2FOaqahZXIxCv9FPCJ5jmC04VInH%2F3GNyZAURG3JKp7hwM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881e5021fa4a712e-OSL
alt-svc: h3=":443"; ma=86400

cdnstatic.check-tl-ver-54-3.com/ps/config.js?id=4l9EZwXc2kSH_LKKjogwWA

188.114.97.1

9.6 kB

URL
cdnstatic.check-tl-ver-54-3.com/ps/config.js?id=4l9EZwXc2kSH_LKKjogwWA
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
JavaScript source, ASCII text, with very long lines (28370), with CRLF, LF line terminators
Size
9.6 kB (9560 bytes)
Hash
dd2ee4bb74245ebe50e3c8c00f257fe4
1d21907a65f443cd44ec09da7924488ba491c8df
b45a2bdd8dc35968239a48b988dd676ff64550c5c060b40af7bcaa1024492b4e

HTTP Headers

GET /ps/config.js?id=4l9EZwXc2kSH_LKKjogwWA HTTP/1.1
Host: cdnstatic.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rqqlj.check-tl-ver-54-3.com/
Cookie: __psu=7d4c5224-d337-4984-9b15-1e97bd9bc74e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 11 May 2024 01:14:35 GMT
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-encoding: gzip
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MQk37WzhLBzh8IjFOiu0Ar7YSKWylOoytoxwt7a4zNDNZx%2FiXMzFtn3fisMcuLPhpjIRRVyNsO%2F8SrBclrQrOV0suR4zTOMyGqhuN0GIZ9C1wKFamhc5tAl%2B0pBTUZDzYEV8B8GRgJ7kAFdUwWzEdCxo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881e50220a50712e-OSL
alt-svc: h3=":443"; ma=86400

www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js

142.250.74.67

9.9 kB

URL
www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js
IP
142.250.74.67:0
ASN
#15169 GOOGLE

File type
JavaScript source, ASCII text, with very long lines (38231)
Size
9.9 kB (9934 bytes)
Hash
0541b823dfaf39162ef84cf075c9951b
e0934726455558cc1a59823efada9651e33aafaa
21f1d62f222007068c793f0947d98f4ccb7c1595adb68efeb783390fdd8b5522

HTTP Headers

GET /firebasejs/10.3.1/firebase-messaging-compat.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rqqlj.check-tl-ver-54-3.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 9934
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 02:47:38 GMT
expires: Fri, 09 May 2025 02:47:38 GMT
cache-control: public, max-age=31536000
age: 167217
last-modified: Thu, 31 Aug 2023 15:20:50 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

142.250.74.163

15 kB

URL
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15440, version 1.0
Size
15 kB (15440 bytes)
Hash
55536c8e9e9a532651e3cf374f290ea3
ff3a9b8ae317896cbbcbadfbe615d671bd1d32a2
eca8ffa764a66cd084800e2e71c4176ef089ebd805515664a6cb8d4fb3b598bf

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ka.check-tl-ver-54-3.com
DNT: 1
Connection: keep-alive
Referer: https://ka.check-tl-ver-54-3.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15440
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 23:15:37 GMT
expires: Fri, 09 May 2025 23:15:37 GMT
cache-control: public, max-age=31536000
age: 93538
last-modified: Mon, 16 Oct 2017 17:32:43 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

142.250.74.163

16 kB

URL
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15552, version 1.0
Size
16 kB (15552 bytes)
Hash
285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ka.check-tl-ver-54-3.com
DNT: 1
Connection: keep-alive
Referer: https://ka.check-tl-ver-54-3.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 10 May 2024 03:22:23 GMT
expires: Sat, 10 May 2025 03:22:23 GMT
cache-control: public, max-age=31536000
age: 78732
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ka.check-tl-ver-54-3.com/favicon.ico

104.21.58.39

0 B

URL
ka.check-tl-ver-54-3.com/favicon.ico
IP
104.21.58.39:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: ka.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ka.check-tl-ver-54-3.com/blue-robot/?pl=4l9EZwXc2kSH_LKKjogwWA&sm=blue-robot&click_id=f2dd7us168wxi46796&sub_id=15123025&nrid=d83a48da84474378a2c68de29a4139ed&hash=-q8aJ8dqSXmMcJRXJgfJ9g&exp=1715390374
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
date: Sat, 11 May 2024 01:14:35 GMT
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=73t9aaMKTpU3eGFMyixTUH8asGCDL9k%2Bn686WU51O%2F169CLrxJcwuaWFcFUgcMmSYC2FOzNo2l0rdHZ44iFEB1TnRR1OLSUS9g7nGVWIUAF7bHubRmwOnpixfNRQJNiZXAeD3XnVYaGf%2Fug%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881e5024fdc656c7-OSL
alt-svc: h3=":443"; ma=86400

www.gstatic.com/firebasejs/10.3.1/firebase-app-compat.js

142.250.74.67

9.3 kB

URL
www.gstatic.com/firebasejs/10.3.1/firebase-app-compat.js
IP
142.250.74.67:0
ASN
#15169 GOOGLE

File type
JavaScript source, ASCII text, with very long lines (28368)
Size
9.3 kB (9308 bytes)
Hash
9900403b65514fad7df39a4e788a6e45
75f9ba061ef4e72bb23528c700f2a11c56d637e9
a202b2051ea9810cd9ba592b3f9418a89e2062f5c185e29e288080b28eb64fe5

HTTP Headers

GET /firebasejs/10.3.1/firebase-app-compat.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ka.check-tl-ver-54-3.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 9308
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 10 May 2024 06:28:12 GMT
expires: Sat, 10 May 2025 06:28:12 GMT
cache-control: public, max-age=31536000
age: 67583
last-modified: Thu, 31 Aug 2023 15:20:38 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

ka.check-tl-ver-54-3.com/blue-robot/?pl=4l9EZwXc2kSH_LKKjogwWA&sm=blue-robot&click_id=f2dd7us168wxi46796&sub_id=15123025&nrid=d83a48da84474378a2c68de29a4139ed&hash=-q8aJ8dqSXmMcJRXJgfJ9g&exp=1715390374

104.21.58.39

16 kB

URL
ka.check-tl-ver-54-3.com/blue-robot/?pl=4l9EZwXc2kSH_LKKjogwWA&sm=blue-robot&click_id=f2dd7us168wxi46796&sub_id=15123025&nrid=d83a48da84474378a2c68de29a4139ed&hash=-q8aJ8dqSXmMcJRXJgfJ9g&exp=1715390374
IP
104.21.58.39:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with very long lines (1380), with CRLF line terminators
Size
16 kB (15556 bytes)
Hash
9a97caf42661ea48c9a8d347229b398a
5ee1404818c517813439e1a056b4016531fa11c7
8ac0a629dba5a9c8e52055295882680ede84c8d0a9f9e1c1af3636d1f47fa3bd

HTTP Headers

GET /blue-robot/?pl=4l9EZwXc2kSH_LKKjogwWA&sm=blue-robot&click_id=f2dd7us168wxi46796&sub_id=15123025&nrid=d83a48da84474378a2c68de29a4139ed&hash=-q8aJ8dqSXmMcJRXJgfJ9g&exp=1715390374 HTTP/1.1
Host: ka.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rqqlj.check-tl-ver-54-3.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 11 May 2024 01:14:35 GMT
content-type: text/html
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4VcAMCOVQGyrjOWuP8te%2BcaaMvKQu1tmLiGdwJrPr3RS%2BkQfP9VQeBkfkVCADjxE6OJi0xsdrZCH4XbfPbY1lcRzdMry%2FhaUgPGqjHkkAtqU6S5FLqAgtqeY7JgOVg%2BCYB1tlVwI6Sy1RpQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881e50232fe956b4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

142.250.74.163

15 kB

URL
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15440, version 1.0
Size
15 kB (15440 bytes)
Hash
55536c8e9e9a532651e3cf374f290ea3
ff3a9b8ae317896cbbcbadfbe615d671bd1d32a2
eca8ffa764a66cd084800e2e71c4176ef089ebd805515664a6cb8d4fb3b598bf

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://kb.check-tl-ver-54-3.com
DNT: 1
Connection: keep-alive
Referer: https://kb.check-tl-ver-54-3.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15440
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 23:15:37 GMT
expires: Fri, 09 May 2025 23:15:37 GMT
cache-control: public, max-age=31536000
age: 93539
last-modified: Mon, 16 Oct 2017 17:32:43 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

142.250.74.163

16 kB

URL
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15552, version 1.0
Size
16 kB (15552 bytes)
Hash
285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://kb.check-tl-ver-54-3.com
DNT: 1
Connection: keep-alive
Referer: https://kb.check-tl-ver-54-3.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 10 May 2024 03:22:23 GMT
expires: Sat, 10 May 2025 03:22:23 GMT
cache-control: public, max-age=31536000
age: 78733
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

kb.check-tl-ver-54-3.com/blue-robot/?pl=4l9EZwXc2kSH_LKKjogwWA&sm=blue-robot&click_id=f2dd7us168wxi46796&sub_id=15123025&nrid=d83a48da84474378a2c68de29a4139ed&hash=-q8aJ8dqSXmMcJRXJgfJ9g&exp=1715390374

104.21.58.39

7.1 kB

URL
kb.check-tl-ver-54-3.com/blue-robot/?pl=4l9EZwXc2kSH_LKKjogwWA&sm=blue-robot&click_id=f2dd7us168wxi46796&sub_id=15123025&nrid=d83a48da84474378a2c68de29a4139ed&hash=-q8aJ8dqSXmMcJRXJgfJ9g&exp=1715390374
IP
104.21.58.39:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with very long lines (1380), with CRLF line terminators
Size
7.1 kB (7063 bytes)
Hash
9a97caf42661ea48c9a8d347229b398a
5ee1404818c517813439e1a056b4016531fa11c7
8ac0a629dba5a9c8e52055295882680ede84c8d0a9f9e1c1af3636d1f47fa3bd

HTTP Headers

GET /blue-robot/?pl=4l9EZwXc2kSH_LKKjogwWA&sm=blue-robot&click_id=f2dd7us168wxi46796&sub_id=15123025&nrid=d83a48da84474378a2c68de29a4139ed&hash=-q8aJ8dqSXmMcJRXJgfJ9g&exp=1715390374 HTTP/1.1
Host: kb.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ka.check-tl-ver-54-3.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 11 May 2024 01:14:35 GMT
content-type: text/html
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A56qlauHj1oy5aG4htYQQJ9eC11Sq5qy4T%2F1cvA7anvze3mwJPynFd%2FT8B6h8%2BwlLQCdoGOO728%2BAhfTKXwkfZ5SYQJ9ucirUyRT4EHr1DMYMnnF6WmQs%2F47k6GgjzeGclR4fTWvm%2BAqaac%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881e50260e1c56c7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js

142.250.74.67

9.9 kB

URL
www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js
IP
142.250.74.67:0
ASN
#15169 GOOGLE

File type
JavaScript source, ASCII text, with very long lines (38231)
Size
9.9 kB (9934 bytes)
Hash
0541b823dfaf39162ef84cf075c9951b
e0934726455558cc1a59823efada9651e33aafaa
21f1d62f222007068c793f0947d98f4ccb7c1595adb68efeb783390fdd8b5522

HTTP Headers

GET /firebasejs/10.3.1/firebase-messaging-compat.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kb.check-tl-ver-54-3.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 9934
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 02:47:38 GMT
expires: Fri, 09 May 2025 02:47:38 GMT
cache-control: public, max-age=31536000
age: 167218
last-modified: Thu, 31 Aug 2023 15:20:50 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.highcpmgate.com/g0rcyaaab7?key=95e6f21cd393f59a1833b1034d8951ec

192.243.61.227

1.3 kB

URL
www.highcpmgate.com/g0rcyaaab7?key=95e6f21cd393f59a1833b1034d8951ec
IP
192.243.61.227:0
ASN
#39572 DataWeb Global Group B.V.

File type
HTML document, ASCII text, with very long lines (404)
Size
1.3 kB (1344 bytes)
Hash
747f290cebea2e26c26476d42b518a72
2854d862eb1d531c07fbaccd63d5afc4dfaf2819
27af4b1e7ab1f4b0b14810aaa74a4b80b8368dbdf47f4ab439756b61774389d9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /g0rcyaaab7?key=95e6f21cd393f59a1833b1034d8951ec HTTP/1.1
Host: www.highcpmgate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 11 May 2024 01:14:36 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=23070551; expires=Sun, 12 May 2024 01:14:36 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMzA3MDU1MSwiayI6Ijk1ZTZmMjFjZDM5M2Y1OWExODMzYjEwMzRkODk1MWVjIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozNzk1OTI5LCJwaWQiOjE4MjM3NzAsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MzEsImFpZCI6MjgsInB0Ijo0LCJwayI6ImcwcmN5YWFhYjciLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6IiIsImFyIjpbXX19.U2ebwFjEv1emnUSOTmNQTe-4rPP39OWIepgfVbZEwNQ; expires=Sat, 11 May 2024 01:15:36 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 73e396e81fda20ab81a6ae3e0f77ab7e
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

www.highcpmgate.com/api/users?token=L2cwcmN5YWFhYjc_a2V5PTk1ZTZmMjFjZDM5M2Y1OWExODMzYjEwMzRkODk1MWVjJnBzdD0xNzE1MzkwMTM2JnJtdGM9dCZzaHU9YTVmMTgwYmI5Mzc2NDg3MWY4NjNmODUxMTBhMTE4OGUxZTU5MGM0MzVkNTdjMTJhNTg3MjYyZTJkYmFlMjRmMjczNjVkNTAyOTFhMjI0ZmI2MWUyMjEwNjJiNDBkOTJjYTI5NDY3YjdlYTQzYTBhZWYwMTVmZWRlMDNiMmZlMDI2MGVhM2VmMGRlMzE4Yzg3YjBhNzg4NThiMGI0MDlhNDU5N2MyYmQxNjYwNDlkMDZiZjc2ZTA2ZGFk&uuid=&pii=&in=false

172.240.108.76

0 B

URL
www.highcpmgate.com/api/users?token=L2cwcmN5YWFhYjc_a2V5PTk1ZTZmMjFjZDM5M2Y1OWExODMzYjEwMzRkODk1MWVjJnBzdD0xNzE1MzkwMTM2JnJtdGM9dCZzaHU9YTVmMTgwYmI5Mzc2NDg3MWY4NjNmODUxMTBhMTE4OGUxZTU5MGM0MzVkNTdjMTJhNTg3MjYyZTJkYmFlMjRmMjczNjVkNTAyOTFhMjI0ZmI2MWUyMjEwNjJiNDBkOTJjYTI5NDY3YjdlYTQzYTBhZWYwMTVmZWRlMDNiMmZlMDI2MGVhM2VmMGRlMzE4Yzg3YjBhNzg4NThiMGI0MDlhNDU5N2MyYmQxNjYwNDlkMDZiZjc2ZTA2ZGFk&uuid=&pii=&in=false
IP
172.240.108.76:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /api/users?token=L2cwcmN5YWFhYjc_a2V5PTk1ZTZmMjFjZDM5M2Y1OWExODMzYjEwMzRkODk1MWVjJnBzdD0xNzE1MzkwMTM2JnJtdGM9dCZzaHU9YTVmMTgwYmI5Mzc2NDg3MWY4NjNmODUxMTBhMTE4OGUxZTU5MGM0MzVkNTdjMTJhNTg3MjYyZTJkYmFlMjRmMjczNjVkNTAyOTFhMjI0ZmI2MWUyMjEwNjJiNDBkOTJjYTI5NDY3YjdlYTQzYTBhZWYwMTVmZWRlMDNiMmZlMDI2MGVhM2VmMGRlMzE4Yzg3YjBhNzg4NThiMGI0MDlhNDU5N2MyYmQxNjYwNDlkMDZiZjc2ZTA2ZGFk&uuid=&pii=&in=false HTTP/1.1
Host: www.highcpmgate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.highcpmgate.com/api/users?token=L2cwcmN5YWFhYjc_a2V5PWE5NjljYTVjOWFkMjYxMTc2MmYxMWI3OWE1MjZlMmQyJnN1Ym1ldHJpYz0yMzA3MDU1MQ
Cookie: u_pl=23070551; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMzA3MDU1MSwiayI6Ijk1ZTZmMjFjZDM5M2Y1OWExODMzYjEwMzRkODk1MWVjIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozNzk1OTI5LCJwaWQiOjE4MjM3NzAsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MzEsImFpZCI6MjgsInB0Ijo0LCJwayI6ImcwcmN5YWFhYjciLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6IiIsImFyIjpbXX19.U2ebwFjEv1emnUSOTmNQTe-4rPP39OWIepgfVbZEwNQ; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx/1.21.6
Date: Sat, 11 May 2024 01:14:37 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://wifescamara.click/c9b2l0k.php?key=j9bvotykda242i8ilk8f&SUB_ID_SHORT=3a0907ecdfb7097150cbb01b991886a5&COST_CPC=&PLACEMENT_ID=23070551&CAMPAIGN_ID=1030445&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Linux&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&REMOTE_LANGUAGE=11&BANNER_ID=2904296
Set-Cookie: iprca9482de68722eaa5fa8fcaf5e45c5ba9=5206192; expires=Sun, 12 May 2024 01:14:37 GMT
pdhtkv=true; expires=Sun, 12 May 2024 01:14:37 GMT
uncs=1; expires=Sun, 12 May 2024 01:14:37 GMT
pdhtkv28=true; expires=Sun, 12 May 2024 01:14:37 GMT
uncs28=1; expires=Sun, 12 May 2024 01:14:37 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 18c998b66bdc878b5afcc200148bda02
Strict-Transport-Security: max-age=0; includeSubdomains

wifescamara.click/c9b2l0k.php?key=j9bvotykda242i8ilk8f&SUB_ID_SHORT=3a0907ecdfb7097150cbb01b991886a5&COST_CPC=&PLACEMENT_ID=23070551&CAMPAIGN_ID=1030445&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Linux&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&REMOTE_LANGUAGE=11&BANNER_ID=2904296

192.64.81.118

0 B

URL
wifescamara.click/c9b2l0k.php?key=j9bvotykda242i8ilk8f&SUB_ID_SHORT=3a0907ecdfb7097150cbb01b991886a5&COST_CPC=&PLACEMENT_ID=23070551&CAMPAIGN_ID=1030445&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Linux&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&REMOTE_LANGUAGE=11&BANNER_ID=2904296
IP
192.64.81.118:0
ASN
#19318 IS-AS-1

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /c9b2l0k.php?key=j9bvotykda242i8ilk8f&SUB_ID_SHORT=3a0907ecdfb7097150cbb01b991886a5&COST_CPC=&PLACEMENT_ID=23070551&CAMPAIGN_ID=1030445&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Linux&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&REMOTE_LANGUAGE=11&BANNER_ID=2904296 HTTP/1.1
Host: wifescamara.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.highcpmgate.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx/1.22.0
Date: Sat, 11 May 2024 01:14:37 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: uclick=us168wdv1n; expires=Sun, 12-May-2024 01:14:37 GMT; Max-Age=86400; path=/; secure; SameSite=none
uclickhash=us168wdv1n-us168wdv1n-uoxs-0-usa30-9rq5dz-9rq5bl-495a07; expires=Sun, 12-May-2024 01:14:37 GMT; Max-Age=86400; path=/; secure; SameSite=none
Location: https://gzeao.canopusacrux.com/?pl=dR1J35fCDkibR45g1XXjgg&click_id=4628bus168wdv1n76b&sub_id=23070551
Strict-Transport-Security: max-age=31536000

gzeao.canopusacrux.com/?pl=dR1J35fCDkibR45g1XXjgg&click_id=4628bus168wdv1n76b&sub_id=23070551

188.114.97.1

0 B

URL
gzeao.canopusacrux.com/?pl=dR1J35fCDkibR45g1XXjgg&click_id=4628bus168wdv1n76b&sub_id=23070551
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?pl=dR1J35fCDkibR45g1XXjgg&click_id=4628bus168wdv1n76b&sub_id=23070551 HTTP/1.1
Host: gzeao.canopusacrux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.highcpmgate.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Sat, 11 May 2024 01:14:38 GMT
content-length: 0
location: https://gzeao.check-tl-ver-54-1.com/allow-button/?pl=dR1J35fCDkibR45g1XXjgg&sm=allow-button&click_id=4628bus168wdv1n76b&sub_id=23070551&nrid=093ba76a52e04a5b8d29dd852aa3fa2d&hash=-igp6L7GvtRs24uXaUI4ww&exp=1715390378
set-cookie: dR1J35fCDkibR45g1XXjgg=2; max-age=345600; path=/; samesite=lax
__pl=7d5fa332-3d54-448e-b0d3-fd0e5a87fdac; expires=Mon, 11 May 2026 01:14:38 GMT; path=/; samesite=lax
__cap=1; max-age=3600; path=/; samesite=lax
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t0Sn%2Bl8B4%2BMXtIEf4fNYXqkrt%2FSUWFcrbbNgCYofw1WDb583OZkdUWcL8%2BmhTK1CQ1QhrJhJWXli1QMbnwnhul2%2BgAOttkJikKHqqvsSlfrb2oiBrEb69KshnM8Sdc62qANox097Iy0g"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881e50334bc556c9-OSL
alt-svc: h3=":443"; ma=86400

gzeao.check-tl-ver-54-1.com/favicon.ico

188.114.97.1

0 B

URL
gzeao.check-tl-ver-54-1.com/favicon.ico
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: gzeao.check-tl-ver-54-1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gzeao.check-tl-ver-54-1.com/allow-button/?pl=dR1J35fCDkibR45g1XXjgg&sm=allow-button&click_id=4628bus168wdv1n76b&sub_id=23070551&nrid=093ba76a52e04a5b8d29dd852aa3fa2d&hash=-igp6L7GvtRs24uXaUI4ww&exp=1715390378
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
date: Sat, 11 May 2024 01:14:38 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 443
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Giaxi3m41Weq%2FYdbs39LXPzUdTYGfS6BPUy%2B6UDkcW9eorZi4cN4yxF61HZg9UCia01VpTYV2H6Wl2EuMh3CiCogYcIHKZnfD4%2B5hX7lAADKwhHtdqPBjQ2JbK4oLNAEhnR12E8TNGPByzyedgI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881e50369f0956a5-OSL
alt-svc: h3=":443"; ma=86400

gzeao.check-tl-ver-54-1.com/allow-button/?pl=dR1J35fCDkibR45g1XXjgg&sm=allow-button&click_id=4628bus168wdv1n76b&sub_id=23070551&nrid=093ba76a52e04a5b8d29dd852aa3fa2d&hash=-igp6L7GvtRs24uXaUI4ww&exp=1715390378

188.114.97.1

17 kB

URL
gzeao.check-tl-ver-54-1.com/allow-button/?pl=dR1J35fCDkibR45g1XXjgg&sm=allow-button&click_id=4628bus168wdv1n76b&sub_id=23070551&nrid=093ba76a52e04a5b8d29dd852aa3fa2d&hash=-igp6L7GvtRs24uXaUI4ww&exp=1715390378
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with very long lines (10169)
Size
17 kB (17449 bytes)
Hash
80f93dbb557a8864dc665d0ce557af58
963f36ccd9c2e63967ea3a66d051a8b4b7e08ab6
ee4d53ba73ffa074d944eae12df6386888e842ce4ca82d0ca6d6779256257f3b

HTTP Headers

GET /allow-button/?pl=dR1J35fCDkibR45g1XXjgg&sm=allow-button&click_id=4628bus168wdv1n76b&sub_id=23070551&nrid=093ba76a52e04a5b8d29dd852aa3fa2d&hash=-igp6L7GvtRs24uXaUI4ww&exp=1715390378 HTTP/1.1
Host: gzeao.check-tl-ver-54-1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.highcpmgate.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 11 May 2024 01:14:38 GMT
content-type: text/html
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZT0bSJRwX4Ak8qmVF3EU8MPbWugdlLt3ER19fa8PJzXHpzlVLHxssf1LqhHb%2Bqyj9Qlhiw8ZF51wdzwVaWVd8aurlxBnwD9vej%2FUSFBBBgWl2hjLsRB7l%2BYNzaCEwCveV9al2ZyZ0LhpvmLPLVU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881e50341fff5689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js

142.250.74.67

9.9 kB

URL
www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js
IP
142.250.74.67:0
ASN
#15169 GOOGLE

File type
JavaScript source, ASCII text, with very long lines (38231)
Size
9.9 kB (9934 bytes)
Hash
0541b823dfaf39162ef84cf075c9951b
e0934726455558cc1a59823efada9651e33aafaa
21f1d62f222007068c793f0947d98f4ccb7c1595adb68efeb783390fdd8b5522

HTTP Headers

GET /firebasejs/10.3.1/firebase-messaging-compat.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gzeao.check-tl-ver-54-1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 9934
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 02:47:38 GMT
expires: Fri, 09 May 2025 02:47:38 GMT
cache-control: public, max-age=31536000
age: 167220
last-modified: Thu, 31 Aug 2023 15:20:50 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Early-Data: accepted

ua.check-tl-ver-54-1.com/allow-button/?pl=dR1J35fCDkibR45g1XXjgg&sm=allow-button&click_id=4628bus168wdv1n76b&sub_id=23070551&nrid=093ba76a52e04a5b8d29dd852aa3fa2d&hash=-igp6L7GvtRs24uXaUI4ww&exp=1715390378

188.114.97.1

7.9 kB

URL
ua.check-tl-ver-54-1.com/allow-button/?pl=dR1J35fCDkibR45g1XXjgg&sm=allow-button&click_id=4628bus168wdv1n76b&sub_id=23070551&nrid=093ba76a52e04a5b8d29dd852aa3fa2d&hash=-igp6L7GvtRs24uXaUI4ww&exp=1715390378
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with very long lines (10169)
Size
7.9 kB (7889 bytes)
Hash
80f93dbb557a8864dc665d0ce557af58
963f36ccd9c2e63967ea3a66d051a8b4b7e08ab6
ee4d53ba73ffa074d944eae12df6386888e842ce4ca82d0ca6d6779256257f3b

HTTP Headers

GET /allow-button/?pl=dR1J35fCDkibR45g1XXjgg&sm=allow-button&click_id=4628bus168wdv1n76b&sub_id=23070551&nrid=093ba76a52e04a5b8d29dd852aa3fa2d&hash=-igp6L7GvtRs24uXaUI4ww&exp=1715390378 HTTP/1.1
Host: ua.check-tl-ver-54-1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gzeao.check-tl-ver-54-1.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 11 May 2024 01:14:38 GMT
content-type: text/html
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l5dqIZV4deLfLsRTHuYTrVvV%2FD7W0YDF6OrHQyFTxgMiYH%2F7XikwR9NCePr7Y33AR2f6jcCVDPwCHy3bF59p8lD4Yh8j2OauOWs1ds4B3yGLcJuIYoVZ3gFrCnHect6snLQjZJ9obyEe1co%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881e50384fd256a5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

gzeao.check-tl-ver-54-1.com/allow-button/assets/trls.js

188.114.97.1

39 kB

URL
gzeao.check-tl-ver-54-1.com/allow-button/assets/trls.js
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (362), with CRLF line terminators
Size
39 kB (38766 bytes)
Hash
d4a23c4124d49f909abaef62a8bf47a5
e7b26553db1400d07f1b12137053ebe7b066972f
3efcd61ce47244f47b15c9f5d5749f79b2ddd57e51ebf995267ab02d4dcf2180

HTTP Headers

GET /allow-button/assets/trls.js HTTP/1.1
Host: gzeao.check-tl-ver-54-1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gzeao.check-tl-ver-54-1.com/allow-button/?pl=dR1J35fCDkibR45g1XXjgg&sm=allow-button&click_id=4628bus168wdv1n76b&sub_id=23070551&nrid=093ba76a52e04a5b8d29dd852aa3fa2d&hash=-igp6L7GvtRs24uXaUI4ww&exp=1715390378
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 11 May 2024 01:14:38 GMT
content-type: application/javascript
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: W/"6627c958-1e6a"
cache-control: max-age=14400
cf-cache-status: HIT
age: 444
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EuBfnvwonfnQUJHuPWiNEGXTrtlsXPRnsNjASBTcQ%2FGAz%2F5DuW8dDKa5NN6%2FqRXfp8YqAiyQz5TLZ0WAuPOakkqp7m3fHsTeLB9z1skqFJdfGznGQmyvG%2FqD3w0cbSK91bOGR891PYpSmDy3Mpk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881e5035ae9556a5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js

142.250.74.67

9.9 kB

URL
www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js
IP
142.250.74.67:0
ASN
#15169 GOOGLE

File type
JavaScript source, ASCII text, with very long lines (38231)
Size
9.9 kB (9934 bytes)
Hash
0541b823dfaf39162ef84cf075c9951b
e0934726455558cc1a59823efada9651e33aafaa
21f1d62f222007068c793f0947d98f4ccb7c1595adb68efeb783390fdd8b5522

HTTP Headers

GET /firebasejs/10.3.1/firebase-messaging-compat.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ua.check-tl-ver-54-1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 9934
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 02:47:38 GMT
expires: Fri, 09 May 2025 02:47:38 GMT
cache-control: public, max-age=31536000
age: 167221
last-modified: Thu, 31 Aug 2023 15:20:50 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

glugherg.net/sftouch?userId=008059ef5b94410ce73f53e29e63de0d&z=6662145&p_rid=7ae4ce3c-d055-45c8-a4f7-af0884490417&p_src=sf&branchId=0&rb=uPQ1PDc7wsjoht3iXx2VSw-Hy98brlrH-Ww8qKlr6N2nQWLZyc-3vwo5EWDdWA9GPI1yJJ4ivftvLc8cTcRzfByexi6p8x0BDmyPlgSmmnYQKPR4zEYRuBWULgru3Tq87iajO2akUj5WCu0wCrxH2xuZTKnr5RFO3ToClWGJq2iWzay51NnxBFWVLMJ4Fzm55qeWG2ZIK4u5UBcbG1eK2WetS_ad9dxhD2VYq1mph7s=

139.45.197.237

2 B

URL
glugherg.net/sftouch?userId=008059ef5b94410ce73f53e29e63de0d&z=6662145&p_rid=7ae4ce3c-d055-45c8-a4f7-af0884490417&p_src=sf&branchId=0&rb=uPQ1PDc7wsjoht3iXx2VSw-Hy98brlrH-Ww8qKlr6N2nQWLZyc-3vwo5EWDdWA9GPI1yJJ4ivftvLc8cTcRzfByexi6p8x0BDmyPlgSmmnYQKPR4zEYRuBWULgru3Tq87iajO2akUj5WCu0wCrxH2xuZTKnr5RFO3ToClWGJq2iWzay51NnxBFWVLMJ4Fzm55qeWG2ZIK4u5UBcbG1eK2WetS_ad9dxhD2VYq1mph7s=
IP
139.45.197.237:0
ASN
#9002 RETN Limited

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /sftouch?userId=008059ef5b94410ce73f53e29e63de0d&z=6662145&p_rid=7ae4ce3c-d055-45c8-a4f7-af0884490417&p_src=sf&branchId=0&rb=uPQ1PDc7wsjoht3iXx2VSw-Hy98brlrH-Ww8qKlr6N2nQWLZyc-3vwo5EWDdWA9GPI1yJJ4ivftvLc8cTcRzfByexi6p8x0BDmyPlgSmmnYQKPR4zEYRuBWULgru3Tq87iajO2akUj5WCu0wCrxH2xuZTKnr5RFO3ToClWGJq2iWzay51NnxBFWVLMJ4Fzm55qeWG2ZIK4u5UBcbG1eK2WetS_ad9dxhD2VYq1mph7s= HTTP/1.1
Host: glugherg.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://glugherg.net
DNT: 1
Connection: keep-alive
Referer: https://glugherg.net/4/6662145
Cookie: OAID=008059ef5b94410ce73f53e29e63de0d; oaidts=1715390079
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:14:39 GMT
content-type: text/plain
content-length: 2
x-trace-id: 2e18817498a4c74aa50da27ef35ce5b1
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://glugherg.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

ua.check-tl-ver-54-1.com/allow-button/assets/style.css

188.114.97.1

367 B

URL
ua.check-tl-ver-54-1.com/allow-button/assets/style.css
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
gzip compressed data, from Unix
Size
367 B (367 bytes)
Hash
91884187b0396f670287b1534dd11a9a
3b72842347fd187a3c3ea0b0507737641d7d5a66
05a0f0fae38d873a67f0d50c0181acee8c3ee02bb1afbd3242d9cc609292aee2

HTTP Headers

GET /allow-button/assets/style.css HTTP/1.1
Host: ua.check-tl-ver-54-1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ua.check-tl-ver-54-1.com/allow-button/?pl=dR1J35fCDkibR45g1XXjgg&sm=allow-button&click_id=4628bus168wdv1n76b&sub_id=23070551&nrid=093ba76a52e04a5b8d29dd852aa3fa2d&hash=-igp6L7GvtRs24uXaUI4ww&exp=1715390378
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 11 May 2024 01:14:38 GMT
content-type: text/css
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: W/"6627c958-253"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XjVFEAyDQB0cAI546VlUW%2BeKpToOCp%2BCIUrtFgxjEWFeCi22WIvtMwYIpfnL50zLvtbF8bouL%2BTQJl26B5gd%2F%2FC2%2BH%2B6Vlute6d0uaa5Gv7%2BmI28IqL%2BwgbciZDVup0T1mMsSysBkJSm1zc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881e5038c80d56a5-OSL
alt-svc: h3=":443"; ma=86400

glugherg.net/favicon.ico

139.45.197.237

0 B

URL
glugherg.net/favicon.ico
IP
139.45.197.237:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: glugherg.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://glugherg.net/4/6662145
Cookie: OAID=008059ef5b94410ce73f53e29e63de0d; oaidts=1715390079
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Sat, 11 May 2024 01:14:39 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
pragma: public
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
X-Firefox-Spdy: h2

gzeao.check-tl-ver-54-1.com/allow-button/assets/style.css

188.114.97.1

324 B

URL
gzeao.check-tl-ver-54-1.com/allow-button/assets/style.css
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with CRLF line terminators
Size
324 B (324 bytes)
Hash
30d80b4eb5d929d058548bf104eadf4a
a73cd37a03442a044821fd15d89f70e565f43c9d
e992932bc74e41cb59108c3700c7bd98f941c475ac2a19d2c0b48964551901f2

HTTP Headers

GET /allow-button/assets/style.css HTTP/1.1
Host: gzeao.check-tl-ver-54-1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gzeao.check-tl-ver-54-1.com/allow-button/?pl=dR1J35fCDkibR45g1XXjgg&sm=allow-button&click_id=4628bus168wdv1n76b&sub_id=23070551&nrid=093ba76a52e04a5b8d29dd852aa3fa2d&hash=-igp6L7GvtRs24uXaUI4ww&exp=1715390378
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 11 May 2024 01:14:38 GMT
content-type: text/css
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: W/"6627c958-253"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 444
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2xYtMIKRcLN2TPvSrS8LIR9Aj3hLNGp0SiJac9HI8LCBNcHhNFJ7fBEMTraxsEEDhExuKCVSKOYPiyClZH6TE9XwRP4FOPshBerhUZ6y21o1MD9S10yh1dvb3BaDl%2BjehM0KX2Cedv1O%2FrndUVQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881e5035ae9656a5-OSL
alt-svc: h3=":443"; ma=86400

millinschioner.com/cac6f840-a47c-4cc3-bd0f-02a6f8972f0d?zoneid=6662145&bannerid=20854761&zonetype={zone_type}&campaignid=8131625&device=desktop&region=03&isp=blix%20group%20as&useragent=Mozilla/5.0%20(X11;%20Linux%20x86_64;%20rv:96.0)%20Gecko/20100101%20Firefox/96.0&language=en&connectiontype=broadband&cost=0.001050&visitor_id=812967518997327875

54.230.111.91

302 Found

0 B

URL User Request GET HTTP/2
millinschioner.com/cac6f840-a47c-4cc3-bd0f-02a6f8972f0d?zoneid=6662145&bannerid=20854761&zonetype={zone_type}&campaignid=8131625&device=desktop&region=03&isp=blix%20group%20as&useragent=Mozilla/5.0%20(X11;%20Linux%20x86_64;%20rv:96.0)%20Gecko/20100101%20Firefox/96.0&language=en&connectiontype=broadband&cost=0.001050&visitor_id=812967518997327875
IP
54.230.111.91:443
ASN
#16509 AMAZON-02

Certificate
IssuerAmazon
Subjectmillinschioner.com
FingerprintB8:2B:38:47:5B:8E:09:D0:A4:F1:B7:52:6D:0A:E4:03:79:CA:13:40
ValidityMon, 12 Feb 2024 00:00:00 GMT - Wed, 12 Mar 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cac6f840-a47c-4cc3-bd0f-02a6f8972f0d?zoneid=6662145&bannerid=20854761&zonetype={zone_type}&campaignid=8131625&device=desktop&region=03&isp=blix%20group%20as&useragent=Mozilla/5.0%20(X11;%20Linux%20x86_64;%20rv:96.0)%20Gecko/20100101%20Firefox/96.0&language=en&connectiontype=broadband&cost=0.001050&visitor_id=812967518997327875 HTTP/1.1
Host: millinschioner.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-length: 0
location: https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w3i5qriae740o17137h6l166
date: Sat, 11 May 2024 01:14:39 GMT
cache-control: no-store, no-cache, pre-check=0, post-check=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: cac6f840-a47c-4cc3-bd0f-02a6f8972f0d-v4=A9CF2IQiq-zfHsFWAa1WXR9wkEb8m14yRZT0qWC7Q1w; Max-Age=86400; Expires=Sun, 12-May-2024 01:14:39 GMT; Domain=millinschioner.com; Path=/; Secure; HttpOnly;SameSite=None
voluum-cid-v4=%7B%22cid%22%3A%22w3i5qriae740o17137h6l166%22%2C%22caid%22%3A%22cac6f840-a47c-4cc3-bd0f-02a6f8972f0d%22%7D; Max-Age=31536000; Expires=Sun, 11-May-2025 01:14:39 GMT; Domain=millinschioner.com; Path=/; Secure; HttpOnly;SameSite=None
server: nginx
x-cache: Miss from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: qvKNqUkEXsmQbuIj9gKuQ4NuGD_gqKIKe-bzB68kcFZooczg4mfpbA==
X-Firefox-Spdy: h2

alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w3i5qriae740o17137h6l166

104.21.11.147

1.2 MB

URL
alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w3i5qriae740o17137h6l166
IP
104.21.11.147:0
ASN
#13335 CLOUDFLARENET

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (28031)
Size
1.2 MB (1238448 bytes)
Hash
0a9e25289f5d97c067c51a2375b98495
b3617186d9dd96b624bd2d560c6d81773cc63f05
218f14d2dbe6591da2e5680d5782fea0762081ec1099e5b29adf22e32b4ac111

HTTP Headers

GET /en/games?partner=p55317p55622p2ac1&subid=w3i5qriae740o17137h6l166 HTTP/1.1
Host: alphabookbet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 11 May 2024 01:14:41 GMT
content-type: text/html
content-security-policy: frame-ancestors 'self' alphabookbet101.com alphabookbet.com
set-cookie: locale=en; Max-Age=31536000; Domain=.alphabookbet.com; Path=/; Expires=Sun, 11 May 2025 01:14:40 GMT
deviceType=desktop; Max-Age=2592000; Domain=.alphabookbet.com; Path=/; Expires=Mon, 10 Jun 2024 01:14:40 GMT
isPwa=false; Max-Age=2592000; Domain=.alphabookbet.com; Path=/; Expires=Mon, 10 Jun 2024 01:14:40 GMT
userTrackingCodes=%7B%22btag%22%3A%22p55317p55622p2ac1%26subid%3Dw3i5qriae740o17137h6l166%22%7D; Max-Age=2592000; Domain=.alphabookbet.com; Path=/; Expires=Mon, 10 Jun 2024 01:14:40 GMT
connect.sid=s%3AkNRFc_GlSIPfkqq_Mt1ZrbIXwjemrm5_.VDm0L0L1v0Ia06SCMHOkibdxV8H8x44nEUOthr2krhE; Path=/; Expires=Sat, 11 May 2024 01:15:41 GMT; HttpOnly
x-pool-number: 1
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LOxRbYpkg9gzBjF1m7b%2BZ88ejrTBymjqkjFAY8LLmuprzTQCU3uQidbuX%2B5OTYTQ6q4cwmaUsvQ260yP88ty7qo6KarSekr4D9lN5KPLh3b1qw06TkOUa5k4QgmvNMxiWO6P"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881e50400fbdb521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

alphabookbet.com/assets/public/fonts/mori/PPMori-Regular.woff2

104.21.11.147

200 OK

37 kB

URL GET HTTP/3
alphabookbet.com/assets/public/fonts/mori/PPMori-Regular.woff2
IP
104.21.11.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w3i5qriae740o17137h6l166
Certificate
IssuerGoogle Trust Services LLC
Subjectalphabookbet.com
Fingerprint24:32:C4:83:7D:C1:33:4D:0D:18:31:71:12:62:C6:5F:4E:76:A2:88
ValidityTue, 16 Apr 2024 09:14:41 GMT - Mon, 15 Jul 2024 09:14:40 GMT

File type
Web Open Font Format (Version 2), TrueType, length 36944, version 1.0
Size
37 kB (36944 bytes)
Hash
167e1cf5fed6b58439cac0f8cbc8b112
6257b8db5be9b64ac8df883bd15f93549bc5fd3a
87a8c06a966031596415b7d116bcdad5fc51e32b613b386491094a87a0e36714

HTTP Headers

GET /assets/public/fonts/mori/PPMori-Regular.woff2 HTTP/1.1
Host: alphabookbet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/assets/theme.31e3a9f5096fcfb21796.css
Cookie: locale=en; deviceType=desktop; isPwa=false; userTrackingCodes=%7B%22btag%22%3A%22p55317p55622p2ac1%26subid%3Dw3i5qriae740o17137h6l166%22%7D; connect.sid=s%3AkNRFc_GlSIPfkqq_Mt1ZrbIXwjemrm5_.VDm0L0L1v0Ia06SCMHOkibdxV8H8x44nEUOthr2krhE
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 11 May 2024 01:14:44 GMT
content-type: application/octet-stream
content-length: 36944
last-modified: Thu, 02 May 2024 08:08:51 GMT
etag: "66334a13-9050"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1951
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GotcsR0GchlHI0F%2Fkh0w4bH%2BeaqMZ5do8paU%2BatQz7qfMqAq3A8WMNczeX6FQQuN2FmktQqzIiDNJERVtxlbuHyZ2u4m5USmwAuyHEdhuouPJl0xJk5tABNGMpm%2FEjR0i44T"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881e505a086a568d-OSL
alt-svc: h3=":443"; ma=86400

alphabookbet.com/assets/public/fonts/mori/PPMori-SemiBold.woff2

104.21.11.147

200 OK

39 kB

URL GET HTTP/3
alphabookbet.com/assets/public/fonts/mori/PPMori-SemiBold.woff2
IP
104.21.11.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w3i5qriae740o17137h6l166
Certificate
IssuerGoogle Trust Services LLC
Subjectalphabookbet.com
Fingerprint24:32:C4:83:7D:C1:33:4D:0D:18:31:71:12:62:C6:5F:4E:76:A2:88
ValidityTue, 16 Apr 2024 09:14:41 GMT - Mon, 15 Jul 2024 09:14:40 GMT

File type
Web Open Font Format (Version 2), TrueType, length 39232, version 1.0
Size
39 kB (39232 bytes)
Hash
aeaeff9cb640c265ebcf5beeb9a597f0
72b5f06ea439ef489343d58f31c1d1a27820c441
ae7907fb3dd3338d731906393f793e9d14e6a74c3e557866ce77a1ef99cd7d15

HTTP Headers

GET /assets/public/fonts/mori/PPMori-SemiBold.woff2 HTTP/1.1
Host: alphabookbet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/assets/theme.31e3a9f5096fcfb21796.css
Cookie: locale=en; deviceType=desktop; isPwa=false; userTrackingCodes=%7B%22btag%22%3A%22p55317p55622p2ac1%26subid%3Dw3i5qriae740o17137h6l166%22%7D; connect.sid=s%3AkNRFc_GlSIPfkqq_Mt1ZrbIXwjemrm5_.VDm0L0L1v0Ia06SCMHOkibdxV8H8x44nEUOthr2krhE
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 11 May 2024 01:14:44 GMT
content-type: application/octet-stream
content-length: 39232
last-modified: Thu, 02 May 2024 08:08:51 GMT
etag: "66334a13-9940"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1951
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EsaJNz1VEWxHBvP%2BRA%2BWOe%2B1C75EuXhyDEW57maKMIQQTEZSmSX9I56M6MdUJdXIgyHwEiVq1%2BlWqfyB54vEKaRqq8ASb06s9iSS5O1xb0sKBlObNqIuUmKht%2BLBUXqsWEhZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881e505a086c568d-OSL
alt-svc: h3=":443"; ma=86400

alphabookbet.com/assets/0.3f3ebced562425f1977c.js

104.21.11.147

200 OK

47 kB

URL GET HTTP/3
alphabookbet.com/assets/0.3f3ebced562425f1977c.js
IP
104.21.11.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w3i5qriae740o17137h6l166
Certificate
IssuerGoogle Trust Services LLC
Subjectalphabookbet.com
Fingerprint24:32:C4:83:7D:C1:33:4D:0D:18:31:71:12:62:C6:5F:4E:76:A2:88
ValidityTue, 16 Apr 2024 09:14:41 GMT - Mon, 15 Jul 2024 09:14:40 GMT

File type
gzip compressed data, from Unix
Size
47 kB (47380 bytes)
Hash
e0f26840843967cdd4dc4643659d957c
e7057345bbc8f6e4e8dd20aa4874515aea987c17
8fb622029e2845ddd60b1a020bfb415f44b6ce083bd00dedc7abb8c1868e6f04

HTTP Headers

GET /assets/0.3f3ebced562425f1977c.js HTTP/1.1
Host: alphabookbet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w3i5qriae740o17137h6l166
Cookie: locale=en; deviceType=desktop; isPwa=false; userTrackingCodes=%7B%22btag%22%3A%22p55317p55622p2ac1%26subid%3Dw3i5qriae740o17137h6l166%22%7D; connect.sid=s%3AkNRFc_GlSIPfkqq_Mt1ZrbIXwjemrm5_.VDm0L0L1v0Ia06SCMHOkibdxV8H8x44nEUOthr2krhE
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 11 May 2024 01:14:42 GMT
content-type: application/javascript
last-modified: Thu, 02 May 2024 08:08:51 GMT
etag: W/"66334a13-4a13"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 6805
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4%2FY3N42Ybn%2FlXJuXKvSydMvVzImXhFvj91DRkzrSpuLk9Mn3pFJ0j6EHTecOQeJt3%2FpPy5IlfQZw4kmskjVX5XPAfxjaIgrFNARybQjrbG9Y8QRaUVHZlgBLdTXn5uS%2BYrCJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881e504e0b77568d-OSL
alt-svc: h3=":443"; ma=86400

www.googletagmanager.com/gtag/js?id=G-LWDH4XKP02

142.250.74.168

200 OK

102 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-LWDH4XKP02
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w3i5qriae740o17137h6l166
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type
JavaScript source, ASCII text, with very long lines (5955)
Size
102 kB (102183 bytes)
Hash
ed1144495aa68e21561a917e02f9b2bc
2d861ca1ecc9dd74646eb907eb90206df79fe020
ace37ef9c1e8c6b9e46912354cd3410888b04bb7a52ec4eef431034fcb802c65

HTTP Headers

GET /gtag/js?id=G-LWDH4XKP02 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 11 May 2024 01:14:42 GMT
expires: Sat, 11 May 2024 01:14:42 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 102183
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

alphabookbet.com/assets/2.c220646e8bf82104c6e3.js

104.21.11.147

10 kB

URL
alphabookbet.com/assets/2.c220646e8bf82104c6e3.js
IP
104.21.11.147:0
ASN
#13335 CLOUDFLARENET

File type
gzip compressed data, from Unix
Size
10 kB (10129 bytes)
Hash
7cd87c4d2f7af8fdb1f76c4ffc2567d8
3bdd73a1d1313309b7bbe37c544ba37523c52a43
23065705d21b5a739aa36c78b23ce2829cf91e112da1ec527c3449eaffe07e51

HTTP Headers

GET /assets/2.c220646e8bf82104c6e3.js HTTP/1.1
Host: alphabookbet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w3i5qriae740o17137h6l166
Cookie: locale=en; deviceType=desktop; isPwa=false; userTrackingCodes=%7B%22btag%22%3A%22p55317p55622p2ac1%26subid%3Dw3i5qriae740o17137h6l166%22%7D; connect.sid=s%3AkNRFc_GlSIPfkqq_Mt1ZrbIXwjemrm5_.VDm0L0L1v0Ia06SCMHOkibdxV8H8x44nEUOthr2krhE
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 11 May 2024 01:14:42 GMT
content-type: application/javascript
last-modified: Thu, 02 May 2024 08:08:51 GMT
etag: W/"66334a13-6758"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 6805
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LvNYRJ8QVrCcwueoysawUe%2FsIyi%2BBgnidwP5Fzb%2FE9lOAghqYKQWXTjMwKJo8cdapHr9G4%2FuYkUdQS6cIE4ZBhm2DSjmWey42nMR2PcNSUufTs3PnHHzVNBpWXAHrlZDOpbm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881e504e0b76568d-OSL
alt-svc: h3=":443"; ma=86400

alphabookbet.com/assets/public/fonts/mori/PPMori-SemiBold.woff2

104.21.11.147

200 OK

39 kB

URL GET HTTP/3
alphabookbet.com/assets/public/fonts/mori/PPMori-SemiBold.woff2
IP
104.21.11.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w3i5qriae740o17137h6l166
Certificate
IssuerGoogle Trust Services LLC
Subjectalphabookbet.com
Fingerprint24:32:C4:83:7D:C1:33:4D:0D:18:31:71:12:62:C6:5F:4E:76:A2:88
ValidityTue, 16 Apr 2024 09:14:41 GMT - Mon, 15 Jul 2024 09:14:40 GMT

File type
Web Open Font Format (Version 2), TrueType, length 39232, version 1.0
Size
39 kB (39232 bytes)
Hash
aeaeff9cb640c265ebcf5beeb9a597f0
72b5f06ea439ef489343d58f31c1d1a27820c441
ae7907fb3dd3338d731906393f793e9d14e6a74c3e557866ce77a1ef99cd7d15

HTTP Headers

GET /assets/public/fonts/mori/PPMori-SemiBold.woff2 HTTP/1.1
Host: alphabookbet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/assets/theme.31e3a9f5096fcfb21796.css
Cookie: locale=en; deviceType=desktop; isPwa=false; userTrackingCodes=%7B%22btag%22%3A%22p55317p55622p2ac1%26subid%3Dw3i5qriae740o17137h6l166%22%7D; connect.sid=s%3AkNRFc_GlSIPfkqq_Mt1ZrbIXwjemrm5_.VDm0L0L1v0Ia06SCMHOkibdxV8H8x44nEUOthr2krhE
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 11 May 2024 01:14:44 GMT
content-type: application/octet-stream
content-length: 39232
last-modified: Thu, 02 May 2024 08:08:51 GMT
etag: "66334a13-9940"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1951
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FN4d7DGu%2FiHaV68Y0CytRHFQ8hTvV1sQM1GZ954u10n8bWRVuDzyMNW1T6Ah3icp3xAnUUeDtdykm%2FLrUBYVs7LgcQFoBygSXkmGKcA%2F4O6%2BuP6r9DVWDDqs7bjjMzdZNRd2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881e505b791f568d-OSL
alt-svc: h3=":443"; ma=86400

alphabookbet.com/assets/public/fonts/mori/PPMori-Bold.woff2

104.21.11.147

41 kB

URL
alphabookbet.com/assets/public/fonts/mori/PPMori-Bold.woff2
IP
104.21.11.147:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 41268, version 1.0
Size
41 kB (41268 bytes)
Hash
b9eb4972777f0182fe841bbc280e5cde
edc69b1aa4b56048ea6b5c0217dabe8144036e25
d37ab938d33fe41fec69cc38c301a5ab7cb5ab928dba29d9e9407582e08d3d24

HTTP Headers

GET /assets/public/fonts/mori/PPMori-Bold.woff2 HTTP/1.1
Host: alphabookbet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/assets/theme.31e3a9f5096fcfb21796.css
Cookie: locale=en; deviceType=desktop; isPwa=false; userTrackingCodes=%7B%22btag%22%3A%22p55317p55622p2ac1%26subid%3Dw3i5qriae740o17137h6l166%22%7D; connect.sid=s%3AkNRFc_GlSIPfkqq_Mt1ZrbIXwjemrm5_.VDm0L0L1v0Ia06SCMHOkibdxV8H8x44nEUOthr2krhE
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 11 May 2024 01:14:44 GMT
content-type: application/octet-stream
content-length: 41268
last-modified: Thu, 02 May 2024 08:08:51 GMT
etag: "66334a13-a134"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6792
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZRad0g%2BaDB0eK34E%2FXRczLXc6TdBoPeIbU6trYHynngV9yqd%2BDKn2DtLaBqn3tx4fC0pcsLfKN17%2B%2BeE6apIkfD2WZ4fD1XzwNSvinqoKlz%2BBqGv%2FohjEF0nj3KlUoaBsGiz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881e505b8939568d-OSL
alt-svc: h3=":443"; ma=86400

alphabookbet.com/assets/public/fonts/mori/PPMori-Regular.woff2

104.21.11.147

200 OK

37 kB

URL GET HTTP/3
alphabookbet.com/assets/public/fonts/mori/PPMori-Regular.woff2
IP
104.21.11.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w3i5qriae740o17137h6l166
Certificate
IssuerGoogle Trust Services LLC
Subjectalphabookbet.com
Fingerprint24:32:C4:83:7D:C1:33:4D:0D:18:31:71:12:62:C6:5F:4E:76:A2:88
ValidityTue, 16 Apr 2024 09:14:41 GMT - Mon, 15 Jul 2024 09:14:40 GMT

File type
Web Open Font Format (Version 2), TrueType, length 36944, version 1.0
Size
37 kB (36944 bytes)
Hash
167e1cf5fed6b58439cac0f8cbc8b112
6257b8db5be9b64ac8df883bd15f93549bc5fd3a
87a8c06a966031596415b7d116bcdad5fc51e32b613b386491094a87a0e36714

HTTP Headers

GET /assets/public/fonts/mori/PPMori-Regular.woff2 HTTP/1.1
Host: alphabookbet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/assets/theme.31e3a9f5096fcfb21796.css
Cookie: locale=en; deviceType=desktop; isPwa=false; userTrackingCodes=%7B%22btag%22%3A%22p55317p55622p2ac1%26subid%3Dw3i5qriae740o17137h6l166%22%7D; connect.sid=s%3AkNRFc_GlSIPfkqq_Mt1ZrbIXwjemrm5_.VDm0L0L1v0Ia06SCMHOkibdxV8H8x44nEUOthr2krhE
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 11 May 2024 01:14:44 GMT
content-type: application/octet-stream
content-length: 36944
last-modified: Thu, 02 May 2024 08:08:51 GMT
etag: "66334a13-9050"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1951
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pVMf9TF5g4kUv1Xage%2Bno%2BtQJo%2Ffr6Phz7DqqULiNS3D5v7J%2BmN6mGNfuF6jYuv3mIN%2BEaKdU7oe7QFUqkCHgfxLnU056raAx72BFyHUph4hsHzapnXencoftOMlrp4Kv2%2B1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881e505b893a568d-OSL
alt-svc: h3=":443"; ma=86400

affiliate-api.income.partners/?project=alphabook&refcode=partner%3Dp55317p55622p2ac1%26subid%3Dw3i5qriae740o17137h6l166

172.67.219.99

200 OK

2 B

URL GET HTTP/2
affiliate-api.income.partners/?project=alphabook&refcode=partner%3Dp55317p55622p2ac1%26subid%3Dw3i5qriae740o17137h6l166
IP
172.67.219.99:443
ASN
#13335 CLOUDFLARENET

Requested by
https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w3i5qriae740o17137h6l166
Certificate
IssuerLet's Encrypt
Subjectincome.partners
FingerprintF7:18:89:76:D3:6A:86:9E:CE:8E:8F:C0:F4:51:54:C8:A4:EA:33:FA
ValidityThu, 14 Mar 2024 07:53:32 GMT - Wed, 12 Jun 2024 07:53:31 GMT

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

HTTP Headers

GET /?project=alphabook&refcode=partner%3Dp55317p55622p2ac1%26subid%3Dw3i5qriae740o17137h6l166 HTTP/1.1
Host: affiliate-api.income.partners
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 11 May 2024 01:14:44 GMT
content-type: text/plain; charset=utf-8
content-length: 2
x-powered-by: Express
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EeTQno9GGR2G3KHUwVwtNmIYorSk7h7By8SGYPm9CRKm7KH7qHSGlweA%2FCjL9fMdIhvRkDAo36vz207bgHnYVb96lGo%2FmyZYnSBgyS0TGfKDECGb8CZ%2BT709mu28wevo6quUU87ZWllyz0lz4VD0aQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881e505b6e440b41-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

alphabookbet.com/assets/public/producers-icon/playn-go-small.png

104.21.11.147

6.9 kB

URL
alphabookbet.com/assets/public/producers-icon/playn-go-small.png
IP
104.21.11.147:0
ASN
#13335 CLOUDFLARENET

File type
gzip compressed data, from Unix
Size
6.9 kB (6862 bytes)
Hash
cfbfe79044a9d2313e4af795d98648af
5654ce1106757670c78c5a6e12cdce17839c1769
e57e08a316ba73111f74b9589fda8e86d41d019d9151c5807783930a7e687126

HTTP Headers

GET /assets/public/producers-icon/playn-go-small.png HTTP/1.1
Host: alphabookbet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/assets/14.eaec9aaa818168eb55ed.css
Cookie: locale=en; deviceType=desktop; isPwa=false; userTrackingCodes=%7B%22btag%22%3A%22p55317p55622p2ac1%26subid%3Dw3i5qriae740o17137h6l166%22%7D; connect.sid=s%3AkNRFc_GlSIPfkqq_Mt1ZrbIXwjemrm5_.VDm0L0L1v0Ia06SCMHOkibdxV8H8x44nEUOthr2krhE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 11 May 2024 01:14:44 GMT
content-type: image/png
last-modified: Thu, 02 May 2024 08:08:51 GMT
etag: W/"66334a13-ea8"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 2003
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qIBIIPm6CvbGt8HlBfrC6nuYTkge2MQ7EskAsBixl%2BjGQe7HLPUYY5wjqaNVsJc7Top%2B0Tgh%2FRGEb4Ik6Fs2zT%2BGYSJ5DHdFc%2BAVsIy0mcuXfoQVQiP4fJyO5sxujmmCbbz1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881e505a086d568d-OSL
alt-svc: h3=":443"; ma=86400

licensing.gaming-curacao.com/images/gc-logo.png

104.22.74.254

200 OK

23 kB

URL GET HTTP/2
licensing.gaming-curacao.com/images/gc-logo.png
IP
104.22.74.254:443
ASN
#13335 CLOUDFLARENET

Requested by
https://licensing.gaming-curacao.com/validator/?lh=ef5d00f94b7d7146760f228013c4867a&template=tseal
Certificate
IssuerLet's Encrypt
Subjectgaming-curacao.com
Fingerprint44:CF:7C:81:A0:6F:EE:C8:08:34:16:FE:D7:77:43:F2:08:68:DC:44
ValidityMon, 08 Apr 2024 03:14:27 GMT - Sun, 07 Jul 2024 03:14:26 GMT

File type
PNG image data, 467 x 153, 8-bit/color RGBA, non-interlaced
Size
23 kB (23156 bytes)
Hash
345b8202717ca046a3a42458c4195889
8191ac7afafd013f5c6202cd8fc0cb9bfe47ae19
1fe41354b33c5e3476dd644b879cb89bf596193b46b036ce3a3b6c097a21ca53

HTTP Headers

GET /images/gc-logo.png HTTP/1.1
Host: licensing.gaming-curacao.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://licensing.gaming-curacao.com/validator/?lh=ef5d00f94b7d7146760f228013c4867a&template=tseal
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 11 May 2024 01:14:44 GMT
content-type: image/png
content-length: 23156
last-modified: Fri, 12 Oct 2018 11:28:23 GMT
etag: "5a74-57806629ac3c0"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4208
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 881e505d0a51be5b-CPH
X-Firefox-Spdy: h2

alphabookbet.com/assets/1.cb6e26504a5645960548.js

104.21.11.147

200 OK

7.8 kB

URL GET HTTP/3
alphabookbet.com/assets/1.cb6e26504a5645960548.js
IP
104.21.11.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w3i5qriae740o17137h6l166
Certificate
IssuerGoogle Trust Services LLC
Subjectalphabookbet.com
Fingerprint24:32:C4:83:7D:C1:33:4D:0D:18:31:71:12:62:C6:5F:4E:76:A2:88
ValidityTue, 16 Apr 2024 09:14:41 GMT - Mon, 15 Jul 2024 09:14:40 GMT

File type
gzip compressed data, from Unix
Size
7.8 kB (7767 bytes)
Hash
b3a4f5b01647b036d71d756b1077917f
b1ca53d072fade0fb55d7d8a42d7569088c3032d
3109f931f1bbcb6e63f3ef207a1b2be06b0517d491b31b3d1a128d3eb0f54179

HTTP Headers

GET /assets/1.cb6e26504a5645960548.js HTTP/1.1
Host: alphabookbet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w3i5qriae740o17137h6l166
Cookie: locale=en; deviceType=desktop; isPwa=false; userTrackingCodes=%7B%22btag%22%3A%22p55317p55622p2ac1%26subid%3Dw3i5qriae740o17137h6l166%22%7D; connect.sid=s%3AkNRFc_GlSIPfkqq_Mt1ZrbIXwjemrm5_.VDm0L0L1v0Ia06SCMHOkibdxV8H8x44nEUOthr2krhE
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 11 May 2024 01:14:42 GMT
content-type: application/javascript
last-modified: Thu, 02 May 2024 08:08:51 GMT
etag: W/"66334a13-3bc0"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 2006
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G0g7hSS5z%2B%2F60862iNlnWQiOHdcGrjRU%2BO1xp3K8IzJ3C0xrmW4B2rr249l4sTEnVGOizSmXxus8EzIwwrM7mOH6vZrKavkS3%2F%2Frqi1pB3GrL8TDuYpPsC9tH9A19VaMmA26"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881e504e0b79568d-OSL
alt-svc: h3=":443"; ma=86400

licensing.gaming-curacao.com/validator/images/gotham-book.woff

104.22.74.254

200 OK

21 kB

URL GET HTTP/2
licensing.gaming-curacao.com/validator/images/gotham-book.woff
IP
104.22.74.254:443
ASN
#13335 CLOUDFLARENET

Requested by
https://licensing.gaming-curacao.com/validator/?lh=ef5d00f94b7d7146760f228013c4867a&template=tseal
Certificate
IssuerLet's Encrypt
Subjectgaming-curacao.com
Fingerprint44:CF:7C:81:A0:6F:EE:C8:08:34:16:FE:D7:77:43:F2:08:68:DC:44
ValidityMon, 08 Apr 2024 03:14:27 GMT - Sun, 07 Jul 2024 03:14:26 GMT

File type
Web Open Font Format, TrueType, length 21040, version 1.200
Size
21 kB (21040 bytes)
Hash
ef0c0d54bf76955e1c3687490d73a0ad
8c314ebc4c3d8a7ca1ef84f8dfb1935b33e46888
c6fad3d6fb62f82aebd05c60800e16b3f7e878d468bbbe7ae4af0c35a9579aff

HTTP Headers

GET /validator/images/gotham-book.woff HTTP/1.1
Host: licensing.gaming-curacao.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://licensing.gaming-curacao.com/validator/images/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 11 May 2024 01:14:44 GMT
content-type: application/font-woff
content-length: 21040
last-modified: Fri, 12 Oct 2018 14:49:29 GMT
etag: "5230-5780931cb5040"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6793
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 881e505d5a6abe5b-CPH
X-Firefox-Spdy: h2

alphabookbet.com/assets/theme.fa2a734444e6a414eca0.js

104.21.11.147

11 kB

URL
alphabookbet.com/assets/theme.fa2a734444e6a414eca0.js
IP
104.21.11.147:0
ASN
#13335 CLOUDFLARENET

File type
gzip compressed data, from Unix
Size
11 kB (11249 bytes)
Hash
4eec15c86a2c833a17082da124762ef6
675d11f72af3ab5645f131425e2e1ac5e06bd39f
fbbacc4b7887dd9c9189233f60641a0773a64848c0d34c9149b7c6f774a27da6

HTTP Headers

GET /assets/theme.fa2a734444e6a414eca0.js HTTP/1.1
Host: alphabookbet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w3i5qriae740o17137h6l166
Cookie: locale=en; deviceType=desktop; isPwa=false; userTrackingCodes=%7B%22btag%22%3A%22p55317p55622p2ac1%26subid%3Dw3i5qriae740o17137h6l166%22%7D; connect.sid=s%3AkNRFc_GlSIPfkqq_Mt1ZrbIXwjemrm5_.VDm0L0L1v0Ia06SCMHOkibdxV8H8x44nEUOthr2krhE
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 11 May 2024 01:14:42 GMT
content-type: application/javascript
last-modified: Thu, 02 May 2024 08:08:51 GMT
etag: W/"66334a13-570"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 6805
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3LpQ867nrduwgN0ZdhX7y2WjmaCd83C9z1%2F238TB2N03cn158qiSG3tqwvIaxbD7i%2Fuzdg7LcPx8XyfLJeI%2FWJEt8QwJhFuTwMAgxrAhznsyK%2Bag9BYeqP8D2QauFgNQV1fs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881e504e0b75568d-OSL
alt-svc: h3=":443"; ma=86400

assets.customer.io/assets/in-app.js

54.230.111.127

200 OK

26 kB

URL GET HTTP/2
assets.customer.io/assets/in-app.js
IP
54.230.111.127:443
ASN
#16509 AMAZON-02

Requested by
https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w3i5qriae740o17137h6l166
Certificate
IssuerAmazon
Subject*.customer.io
Fingerprint14:0F:58:A3:B8:6F:7D:56:35:72:0F:D3:A7:0E:62:05:C5:9A:09:FC
ValidityThu, 19 Oct 2023 00:00:00 GMT - Fri, 15 Nov 2024 23:59:59 GMT

File type
gzip compressed data, from Unix
Size
26 kB (25622 bytes)
Hash
5581d6b2c32792ad3cc80a286af44359
616c3e6ebee57e135b8c5a5cacc73b96b540909f
63bbf635291f39973108f41be751814260b4aea1deb542639ce894dc8bb76430

HTTP Headers

GET /assets/in-app.js HTTP/1.1
Host: assets.customer.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Mon, 15 Apr 2024 20:40:43 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: z8zBcp.TxQ1avpTeVvTRh3ayyF7CTfY3
server: AmazonS3
content-encoding: gzip
date: Fri, 10 May 2024 04:00:23 GMT
etag: W/"2419fbd26ba76588bf89bc14c5a941d0"
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: mSE_b1cZ7x2iotzgY1TY5-X2RqoQk4iMRn5iIfmV3N96I-YzuPrQGg==
age: 84002
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2

alphabook-static.ams3.cdn.digitaloceanspaces.com/images/games/GatesofOlympus360x260b94e39e0c33a686a.gif

172.64.145.29

260 kB

URL
alphabook-static.ams3.cdn.digitaloceanspaces.com/images/games/GatesofOlympus360x260b94e39e0c33a686a.gif
IP
172.64.145.29:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 360 x 260
Size
260 kB (259688 bytes)
Hash
e1a132e21e50d7f963fa4f7880b3a21d
784571af9d8e1c3fe92e5faf04881c065bdc2497
06d066df651a57739dd035a4ad2ff69680e5df5e83e8dc14b6846969dd661718

HTTP Headers

GET /images/games/GatesofOlympus360x260b94e39e0c33a686a.gif HTTP/1.1
Host: alphabook-static.ams3.cdn.digitaloceanspaces.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 11 May 2024 01:14:47 GMT
content-type: image/gif
content-length: 259688
last-modified: Tue, 07 May 2024 09:07:28 GMT
x-rgw-object-type: Normal
etag: "e1a132e21e50d7f963fa4f7880b3a21d"
x-amz-request-id: tx0000086dc4d05371a2851-006639f009-5a86340e-ams3c
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: 13675b4a-88fe-453f-b127-1cc8b20ab375
cache-control: max-age=3600
x-envoy-upstream-healthchecked-cluster: 
cf-cache-status: HIT
age: 45
accept-ranges: bytes
set-cookie: __cf_bm=aO9rrCGdnUcdG5MaNtI7G5pkU.hw5WILXXH78sIJBAQ-1715390087-1.0.1.1-zHhjuH8zdXDeLf0490SR1pr2tw.nHRHPyIwvI1WwmUFAaXUg4ui.bB06S8iDnPcnhL3l0vigsBjbkKvxiIyNSw; path=/; expires=Sat, 11-May-24 01:44:47 GMT; domain=.digitaloceanspaces.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 881e506d68e156c3-OSL
X-Firefox-Spdy: h2

alphabook-static.ams3.cdn.digitaloceanspaces.com/images/games/play'n_go_book_of_dead_thumb.jpg

172.64.145.29

200 OK

34 kB

URL GET HTTP/2
alphabook-static.ams3.cdn.digitaloceanspaces.com/images/games/play'n_go_book_of_dead_thumb.jpg
IP
172.64.145.29:443
ASN
#13335 CLOUDFLARENET

Requested by
https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w3i5qriae740o17137h6l166
Certificate
IssuerDigiCert Inc
Subject*.ams3.cdn.digitaloceanspaces.com
Fingerprint9A:82:28:72:94:55:AD:99:B2:AE:0E:96:16:F8:70:CA:8E:94:FD:A3
ValidityFri, 19 Apr 2024 00:00:00 GMT - Wed, 07 May 2025 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 360x260, components 3
Size
34 kB (34216 bytes)
Hash
6216a705ababfffc4e57c802782ce8f1
73f47e766455e0b5b181863372332b15fd68ecad
bbcd4031d8f7201c7a0fee3d03beedf1c439c56d602b7c49bb014fa411004824

HTTP Headers

GET /images/games/play'n_go_book_of_dead_thumb.jpg HTTP/1.1
Host: alphabook-static.ams3.cdn.digitaloceanspaces.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 11 May 2024 01:14:47 GMT
content-type: image/jpeg
content-length: 34216
cache-control: max-age=3600
cf-bgj: h2pri
etag: "6216a705ababfffc4e57c802782ce8f1"
last-modified: Wed, 12 Apr 2023 11:16:38 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-meta-mtime: 1638370273
x-amz-request-id: tx00000d7bc8be158184176-0065f1f329-5280ad0f-ams3c
x-do-cdn-uuid: 13675b4a-88fe-453f-b127-1cc8b20ab375
x-envoy-upstream-healthchecked-cluster: 
x-rgw-object-type: Normal
cf-cache-status: HIT
age: 1733
accept-ranges: bytes
set-cookie: __cf_bm=uApvEUsqulsUiFGDB4UvfVBn.rDWH_x3_3ve9oqr6d0-1715390087-1.0.1.1-gX5QjA_TqmT7OZpybJ28y6u4H6DaEsALGG8aQMyf5N2GcRRchVVKv3x8FFtTmG3RQexMzxYjTzippYugAKxf_Q; path=/; expires=Sat, 11-May-24 01:44:47 GMT; domain=.digitaloceanspaces.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 881e506d68e456c3-OSL
X-Firefox-Spdy: h2

alphabook-static.ams3.cdn.digitaloceanspaces.com/images/games/play'n_go_legacy_of_dead_thumb.jpg

172.64.145.29

28 kB

URL
alphabook-static.ams3.cdn.digitaloceanspaces.com/images/games/play'n_go_legacy_of_dead_thumb.jpg
IP
172.64.145.29:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 360x260, components 3
Size
28 kB (28536 bytes)
Hash
f6e77c2b85f69a50d7c67f46bfe8f3d8
1dc7b2d4fa58f705dddf17560d1efa73364eb890
4310f13bde40d680c0a93340395996ac8d686a4d1fc4e3f4bbf0e3b64864b3f4

HTTP Headers

GET /images/games/play'n_go_legacy_of_dead_thumb.jpg HTTP/1.1
Host: alphabook-static.ams3.cdn.digitaloceanspaces.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 11 May 2024 01:14:47 GMT
content-type: image/jpeg
content-length: 28536
cache-control: max-age=3600
cf-bgj: h2pri
etag: "f6e77c2b85f69a50d7c67f46bfe8f3d8"
last-modified: Wed, 12 Apr 2023 11:16:54 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-meta-mtime: 1638370274
x-amz-request-id: tx000002c2cf28cc51cb2b8-0065fc8c0a-535fa4dc-ams3c
x-do-cdn-uuid: 13675b4a-88fe-453f-b127-1cc8b20ab375
x-envoy-upstream-healthchecked-cluster: 
x-rgw-object-type: Normal
cf-cache-status: HIT
age: 1733
accept-ranges: bytes
set-cookie: __cf_bm=uZlZyqjbacJFpPIzNywn2X.5VRl1b7QxvtEIp4aVYjg-1715390087-1.0.1.1-6bK_fBxYi9Z83CX7ynnfmcBmT3Vxdevi_TCfINMJjB4h2iF6tojaeNUcIkVQPmSWCkYnvYpdHFnE1vz7JnvHnQ; path=/; expires=Sat, 11-May-24 01:44:47 GMT; domain=.digitaloceanspaces.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 881e506d68e856c3-OSL
X-Firefox-Spdy: h2

code.gist.build/web/latest/gist.min.js

104.26.10.146

302 Found

143 B

URL GET HTTP/2
code.gist.build/web/latest/gist.min.js
IP
104.26.10.146:443
ASN
#13335 CLOUDFLARENET

Requested by
https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w3i5qriae740o17137h6l166
Certificate
IssuerGoogle Trust Services LLC
Subjectcode.gist.build
FingerprintFA:67:04:D3:A1:44:E1:B1:B2:7A:D6:F5:AB:9C:CB:CB:54:A3:FA:11
ValidityThu, 09 May 2024 12:46:32 GMT - Wed, 07 Aug 2024 12:46:31 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
143 B (143 bytes)
Hash
cb7b8f439b04c00f4a2d78160ddfee8d
9aa44b5d68f6359f10de0dcd24ea3e12548d9bd4
12755429beb15d5eb57eafa45b8dba326343dd099bf0552038694c3856e8860e

HTTP Headers

GET /web/latest/gist.min.js HTTP/1.1
Host: code.gist.build
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Sat, 11 May 2024 01:14:47 GMT
content-type: text/html
content-length: 143
location: https://code.gist.build/web/3.10.2/gist.min.js
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7ryCYShbxOJqD8ng%2FrLo0CEyFDI4A%2B4AeRICUs5DyJiAYMoJ8kDO8R2S9BlpyJRcnQ4eexTTjI4mkJX4DunvD%2BW%2FTFSdlLibZtLaGrNQoM4LEpugMTF7SciJekp5ietNHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881e506eed1a569b-OSL
X-Firefox-Spdy: h2

cdnstatic.check-tl-ver-54-1.com/ps/tb?id=dR1J35fCDkibR45g1XXjgg&sm=allow-button&sub_id=23070551&click_id=4628bus168wdv1n76b&nrid=ef91bdfe7e3eb64af6578a1cb735728e&reason=tb_exit&attempt=2

188.114.97.1

602 B

URL
cdnstatic.check-tl-ver-54-1.com/ps/tb?id=dR1J35fCDkibR45g1XXjgg&sm=allow-button&sub_id=23070551&click_id=4628bus168wdv1n76b&nrid=ef91bdfe7e3eb64af6578a1cb735728e&reason=tb_exit&attempt=2
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with CRLF line terminators
Size
602 B (602 bytes)
Hash
f6dcca680a4d5fe1e3c9a5e8035b5c90
9362a4e50a3aaa0115daae01b4d28778c9bca070
5dd762ac2af693c86641ae5dc26c78566329fc590b7ca72dc34ed53151feafe3

HTTP Headers

GET /ps/tb?id=dR1J35fCDkibR45g1XXjgg&sm=allow-button&sub_id=23070551&click_id=4628bus168wdv1n76b&nrid=ef91bdfe7e3eb64af6578a1cb735728e&reason=tb_exit&attempt=2 HTTP/1.1
Host: cdnstatic.check-tl-ver-54-1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ua.check-tl-ver-54-1.com/
Cookie: __psu=8e3b8201-d4a6-438b-a77a-029c136b077e
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 11 May 2024 01:14:39 GMT
content-type: text/html
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wk5EDzhs33bpOhtvomidzON%2BLqw1nUbleo1zTRRNcOHJOwnOXknPWaY0erTJ3B1G8aeuPqboDCXitJ74TwbINUdq%2B3ygM9vp1UamvZ5bjpYcCBZShXIpcWqqY7HcGaHDvaTHCYrkmBWXoNAuRqQueIwd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881e503ab8f456a5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

alphabookbet.com/api/banners?dateTime=1715390085482

104.21.11.147

58 kB

URL
alphabookbet.com/api/banners?dateTime=1715390085482
IP
104.21.11.147:0
ASN
#13335 CLOUDFLARENET

File type
gzip compressed data, from Unix
Size
58 kB (58467 bytes)
Hash
2bf4de191f341e314031fc0f447b8324
2d5dd00a805258bca34b06eb0620968e5b0090bf
53aac6202fe1c57957f9a9ae5498f7b5bc4d06ffeac80da2efa011548aff3d5b

HTTP Headers

GET /api/banners?dateTime=1715390085482 HTTP/1.1
Host: alphabookbet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w3i5qriae740o17137h6l166
Cookie: locale=en; deviceType=desktop; isPwa=false; userTrackingCodes=%7B%22btag%22%3A%22p55317p55622p2ac1%26subid%3Dw3i5qriae740o17137h6l166%22%7D; connect.sid=s%3AkNRFc_GlSIPfkqq_Mt1ZrbIXwjemrm5_.VDm0L0L1v0Ia06SCMHOkibdxV8H8x44nEUOthr2krhE; _ga_LWDH4XKP02=GS1.1.1715390084.1.0.1715390084.0.0.0; _ga=GA1.1.1083605207.1715390085
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 11 May 2024 01:14:45 GMT
content-type: application/json; charset=utf-8
x-request-id: 9fb6b7ab-0efa-47ce-a6f3-357e945bada7
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-response-time: 32ms
x-pool-number-api: 1
x-cache-status: MISS
x-pool-number: 4
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xProRnQkO1PMJxCV10Q28nezUxRSMTK2opbTqBnjVJFSNKFs6Jzhx67MVsZurWJQ6lBKpwOJ8KTOcGzZNKL8EKug7CU0nD58UiLuSQ7IeH4sh3xLOvSoYZzh359%2BKz7Jgdqp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881e50625c55568d-OSL
alt-svc: h3=":443"; ma=86400

licensing.gaming-curacao.com/validator/images/mobile.css

104.22.74.254

200 OK

419 B

URL GET HTTP/2
licensing.gaming-curacao.com/validator/images/mobile.css
IP
104.22.74.254:443
ASN
#13335 CLOUDFLARENET

Requested by
https://licensing.gaming-curacao.com/validator/?lh=ef5d00f94b7d7146760f228013c4867a&template=tseal
Certificate
IssuerLet's Encrypt
Subjectgaming-curacao.com
Fingerprint44:CF:7C:81:A0:6F:EE:C8:08:34:16:FE:D7:77:43:F2:08:68:DC:44
ValidityMon, 08 Apr 2024 03:14:27 GMT - Sun, 07 Jul 2024 03:14:26 GMT

File type
gzip compressed data, from Unix
Size
419 B (419 bytes)
Hash
383cf61ff8d3aed7bcb514ae6d208189
7afec481ba2408be6cae489483d87d759a821562
5be770426626ef44e4c3cdfe08f783acb5ea8db2235b7c7e85622f6aaacf073e

HTTP Headers

GET /validator/images/mobile.css HTTP/1.1
Host: licensing.gaming-curacao.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://licensing.gaming-curacao.com/validator/?lh=ef5d00f94b7d7146760f228013c4867a&template=tseal
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 11 May 2024 01:14:44 GMT
content-type: text/css
last-modified: Fri, 12 Oct 2018 14:39:35 GMT
etag: W/"416-578090e6397c0"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4319
vary: Accept-Encoding
server: cloudflare
cf-ray: 881e505d0a50be5b-CPH
content-encoding: gzip
X-Firefox-Spdy: h2

kb.check-tl-ver-54-3.com/shared-js/assets/static-pl.js?v=2

104.21.58.39

1.7 kB

URL
kb.check-tl-ver-54-3.com/shared-js/assets/static-pl.js?v=2
IP
104.21.58.39:0
ASN
#13335 CLOUDFLARENET

File type
JavaScript source, ASCII text, with CRLF line terminators
Size
1.7 kB (1684 bytes)
Hash
7224243dd0b18bb2508a1d77d4b2a0b2
bd833c24aa241861316053fd8bd46a1bef3d343f
920aa94a10634fc23234b5e4f55c428f6311fc7811d3591792381678cb492659

HTTP Headers

GET /shared-js/assets/static-pl.js?v=2 HTTP/1.1
Host: kb.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kb.check-tl-ver-54-3.com/blue-robot/?pl=4l9EZwXc2kSH_LKKjogwWA&sm=blue-robot&click_id=f2dd7us168wxi46796&sub_id=15123025&nrid=d83a48da84474378a2c68de29a4139ed&hash=-q8aJ8dqSXmMcJRXJgfJ9g&exp=1715390374
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 11 May 2024 01:14:36 GMT
content-type: application/javascript
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: W/"6627c958-dee"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=keXWZPlgfMCGq1z5wWcCjXXuJAObGhr%2F0J6L6FHwM2x%2BPUI21eJWy8yu7%2F7Pp64u3KhYCKecH0r8DGCw9HzfbNLrZSeiIk3F%2FRWP4fIQCk54FHao9ZL3TJ265lceZhLxzW9UX6oNWpKR7pQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881e5026be8456c7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ua.check-tl-ver-54-1.com/allow-button/assets/trls.js

188.114.97.1

3.5 kB

URL
ua.check-tl-ver-54-1.com/allow-button/assets/trls.js
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (362), with CRLF line terminators
Size
3.5 kB (3530 bytes)
Hash
d4a23c4124d49f909abaef62a8bf47a5
e7b26553db1400d07f1b12137053ebe7b066972f
3efcd61ce47244f47b15c9f5d5749f79b2ddd57e51ebf995267ab02d4dcf2180

HTTP Headers

GET /allow-button/assets/trls.js HTTP/1.1
Host: ua.check-tl-ver-54-1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ua.check-tl-ver-54-1.com/allow-button/?pl=dR1J35fCDkibR45g1XXjgg&sm=allow-button&click_id=4628bus168wdv1n76b&sub_id=23070551&nrid=093ba76a52e04a5b8d29dd852aa3fa2d&hash=-igp6L7GvtRs24uXaUI4ww&exp=1715390378
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 11 May 2024 01:14:38 GMT
content-type: application/javascript
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: W/"6627c958-1e6a"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aCtd51lkq5yoZjts0bHF4p7wqn4MM9CnbbuyGUpVH4A%2Fd9tdTl46wYlurbL7HVCbJwv76fiG7Ev4BV%2BmhbloF5DptmANQd9Q2EO8ecvD2EjwL9NBHz9vHH1zTT0yUhgstHqzkhHUxMI%2BnXA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881e5038c80956a5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__en.js

142.250.74.67

200 OK

204 kB

URL GET HTTP/2
www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__en.js
IP
142.250.74.67:443
ASN
#15169 GOOGLE

Requested by
https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w3i5qriae740o17137h6l166
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
JavaScript source, ASCII text, with very long lines (632)
Size
204 kB (204445 bytes)
Hash
add520996e437bff5d081315da187fbf
2e489fe16f3712bf36df00b03a8a5af8fa8d4b42
922b951591d52d44aa7015ebc95cab08192aa435b64f9016673ac5da1124a8b4

HTTP Headers

GET /recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://alphabookbet.com
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 204445
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 May 2024 16:12:34 GMT
expires: Tue, 06 May 2025 16:12:34 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 05 May 2024 20:00:16 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 378133
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

alphabookbet.com/assets/14.eaec9aaa818168eb55ed.css

104.21.11.147

200 OK

31 kB

URL GET HTTP/3
alphabookbet.com/assets/14.eaec9aaa818168eb55ed.css
IP
104.21.11.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w3i5qriae740o17137h6l166
Certificate
IssuerGoogle Trust Services LLC
Subjectalphabookbet.com
Fingerprint24:32:C4:83:7D:C1:33:4D:0D:18:31:71:12:62:C6:5F:4E:76:A2:88
ValidityTue, 16 Apr 2024 09:14:41 GMT - Mon, 15 Jul 2024 09:14:40 GMT

File type
ASCII text, with very long lines (28203)
Size
31 kB (30674 bytes)
Hash
22bd2f287bd3654d3be869509bdc0324
3a331a964a66e1a23a3093db61da6d235856ee79
e97b79ef6649e73233712105d88ed33969d2fe2154c16479917fcaf9e8ccd9bc

HTTP Headers

GET /assets/14.eaec9aaa818168eb55ed.css HTTP/1.1
Host: alphabookbet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w3i5qriae740o17137h6l166
Cookie: locale=en; deviceType=desktop; isPwa=false; userTrackingCodes=%7B%22btag%22%3A%22p55317p55622p2ac1%26subid%3Dw3i5qriae740o17137h6l166%22%7D; connect.sid=s%3AkNRFc_GlSIPfkqq_Mt1ZrbIXwjemrm5_.VDm0L0L1v0Ia06SCMHOkibdxV8H8x44nEUOthr2krhE
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 11 May 2024 01:14:42 GMT
content-type: text/css
last-modified: Thu, 02 May 2024 08:08:51 GMT
etag: W/"66334a13-920b"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 2048
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u86j6G%2BnnYsc%2BvwukA6qlN%2BYrIOJ7%2BUNQDnBB0JT8yE15XkYBrgdWJ0yQu3bXbt3A0ML5bgcJaPumfME5637CKuWR79sxHIRzEswO2P1D%2FuadoDhvZrEgosMP%2FJQuIiuVbMz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881e504ceace568d-OSL
alt-svc: h3=":443"; ma=86400

rqqlj.check-tl-ver-54-3.com/blue-robot/assets/style.css

188.114.97.1

220 kB

URL
rqqlj.check-tl-ver-54-3.com/blue-robot/assets/style.css
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
220 kB (220342 bytes)
Hash
4f52fe3882af03acb58f7623503a5ee6
7571ead3fd03a399974bc0a10cf07ba16a354fc5
cc2d4c67b27d898b006916e896757d807b3ef9c99ecf90046ab80263f4811e09

HTTP Headers

GET /blue-robot/assets/style.css HTTP/1.1
Host: rqqlj.check-tl-ver-54-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rqqlj.check-tl-ver-54-3.com/blue-robot/?pl=4l9EZwXc2kSH_LKKjogwWA&sm=blue-robot&click_id=f2dd7us168wxi46796&sub_id=15123025&nrid=d83a48da84474378a2c68de29a4139ed&hash=-q8aJ8dqSXmMcJRXJgfJ9g&exp=1715390374
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 11 May 2024 01:14:35 GMT
content-type: text/css
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: W/"6627c958-f8e"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8lHgPZNj8aNU3GbzXVD7BNeoGSQs5%2F0gPAmwaAYuVX%2B51JXk96zUQIVcNTaz9oaTiufajW9EeweZDAF1UsPGhDcNOLVAot8XVcwqovZH%2Bq%2Fqw%2FNyvCFaL3c9l4%2FmKGuMW03nnjJfQE8k2IDouOc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881e502099d3712e-OSL
alt-svc: h3=":443"; ma=86400

alphabook-static.ams3.digitaloceanspaces.com/images/banners-new/image3f622c1597d5999f.webp

5.101.110.225

200 OK

49 kB

URL GET HTTP/2
alphabook-static.ams3.digitaloceanspaces.com/images/banners-new/image3f622c1597d5999f.webp
IP
5.101.110.225:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w3i5qriae740o17137h6l166
Certificate
IssuerDigiCert Inc
Subject*.ams3.digitaloceanspaces.com
Fingerprint74:0E:28:77:1B:40:9C:2E:63:02:BE:C3:BA:F6:2F:5F:42:1D:49:A0
ValidityMon, 27 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1361x432, Scaling: [none]x[none], YUV color, decoders should clamp
Size
49 kB (49352 bytes)
Hash
43bead5a5ce5501ce839887946adc97d
03d0c02fe96a549fff9668355e1341cf76af6aa8
dc5d412668c452d520eca7e09e0fcdbf25ea4dc68cc64aa1b1fcd158658cb49d

HTTP Headers

GET /images/banners-new/image3f622c1597d5999f.webp HTTP/1.1
Host: alphabook-static.ams3.digitaloceanspaces.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-length: 49352
accept-ranges: bytes
last-modified: Tue, 16 Apr 2024 10:14:39 GMT
x-rgw-object-type: Normal
etag: "43bead5a5ce5501ce839887946adc97d"
x-amz-request-id: tx0000044deb77ce0470cb9-00663ec688-5b73e618-ams3c
content-type: image/jpeg
date: Sat, 11 May 2024 01:14:48 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-envoy-upstream-healthchecked-cluster: 
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.163

15 kB

URL
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 05 May 2024 18:37:19 GMT
expires: Mon, 05 May 2025 18:37:19 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
age: 455849
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

142.250.74.163

16 kB

URL
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15552, version 1.0
Size
16 kB (15552 bytes)
Hash
285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 10 May 2024 03:22:23 GMT
expires: Sat, 10 May 2025 03:22:23 GMT
cache-control: public, max-age=31536000
age: 78745
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__en.js

142.250.74.67

200 OK

204 kB

URL GET HTTP/2
www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__en.js
IP
142.250.74.67:443
ASN
#15169 GOOGLE

Requested by
https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w3i5qriae740o17137h6l166
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
JavaScript source, ASCII text, with very long lines (632)
Size
204 kB (204445 bytes)
Hash
add520996e437bff5d081315da187fbf
2e489fe16f3712bf36df00b03a8a5af8fa8d4b42
922b951591d52d44aa7015ebc95cab08192aa435b64f9016673ac5da1124a8b4

HTTP Headers

GET /recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 204445
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 May 2024 16:12:34 GMT
expires: Tue, 06 May 2025 16:12:34 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 05 May 2024 20:00:16 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 378134
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

alphabookbet.com/assets/14.ba5be7efef44763ec7f6.js

104.21.11.147

200 OK

35 kB

URL GET HTTP/3
alphabookbet.com/assets/14.ba5be7efef44763ec7f6.js
IP
104.21.11.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w3i5qriae740o17137h6l166
Certificate
IssuerGoogle Trust Services LLC
Subjectalphabookbet.com
Fingerprint24:32:C4:83:7D:C1:33:4D:0D:18:31:71:12:62:C6:5F:4E:76:A2:88
ValidityTue, 16 Apr 2024 09:14:41 GMT - Mon, 15 Jul 2024 09:14:40 GMT

File type
gzip compressed data, from Unix
Size
35 kB (34736 bytes)
Hash
d878edce44fd23dd15d411b3eb36b6b6
d82c0e2fde9114469c9c6b2e2e40891fb7a971ba
ec924143bb696a1079031b2e7d4fb3e27d08d9a733b4aa4af78161cbca4701c5

HTTP Headers

GET /assets/14.ba5be7efef44763ec7f6.js HTTP/1.1
Host: alphabookbet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w3i5qriae740o17137h6l166
Cookie: locale=en; deviceType=desktop; isPwa=false; userTrackingCodes=%7B%22btag%22%3A%22p55317p55622p2ac1%26subid%3Dw3i5qriae740o17137h6l166%22%7D; connect.sid=s%3AkNRFc_GlSIPfkqq_Mt1ZrbIXwjemrm5_.VDm0L0L1v0Ia06SCMHOkibdxV8H8x44nEUOthr2krhE
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 11 May 2024 01:14:42 GMT
content-type: application/javascript
last-modified: Thu, 02 May 2024 08:08:51 GMT
etag: W/"66334a13-1e093"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 2006
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cKo7cWvw2QSROnhMWEAnOUCF5NzIOEV1x85lRPe1p04rlHmROAenlB%2FK5RV6AIzrfUW7SdmPfMP0kEdR5BVMdk%2F4cVb9VVSj0EeTOMtmQDDr1g8kvYjCS5VM3txidDxuE5cJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881e504e0b7a568d-OSL
alt-svc: h3=":443"; ma=86400

www.google.com/js/bg/EghGp72f3L_y9HVk4Nn8Vk_BAMWB9fGIEzP3DzvQDW8.js

142.250.74.132

200 OK

7.4 kB

URL GET HTTP/3
www.google.com/js/bg/EghGp72f3L_y9HVk4Nn8Vk_BAMWB9fGIEzP3DzvQDW8.js
IP
142.250.74.132:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldhc0AlAAAAAJUY_BS5coGTzfWcigG8Ffq24P4i&co=aHR0cHM6Ly9hbHBoYWJvb2tiZXQuY29tOjQ0Mw..&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=invisible&cb=rtev3f3rymsw
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0
ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT

File type
JavaScript source, ASCII text, with very long lines (17542)
Size
7.4 kB (7438 bytes)
Hash
7c111ad0cbb18935696bc8bb0846ec26
a9c77f0678ff71a4032e787999ada733e7da10cf
120846a7bd9fdcbff2f47564e0d9fc564fc100c581f5f1881333f70f3bd00d6f

HTTP Headers

GET /js/bg/EghGp72f3L_y9HVk4Nn8Vk_BAMWB9fGIEzP3DzvQDW8.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldhc0AlAAAAAJUY_BS5coGTzfWcigG8Ffq24P4i&co=aHR0cHM6Ly9hbHBoYWJvb2tiZXQuY29tOjQ0Mw..&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=invisible&cb=rtev3f3rymsw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 7438
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 10 May 2024 01:06:37 GMT
expires: Sat, 10 May 2025 01:06:37 GMT
cache-control: public, max-age=31536000
age: 86891
last-modified: Mon, 29 Apr 2024 11:30:00 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

alphabook-static.ams3.digitaloceanspaces.com/images/banners-new/imagec0cfb606153a3acb.webp

5.101.110.225

200 OK

34 kB

URL GET HTTP/2
alphabook-static.ams3.digitaloceanspaces.com/images/banners-new/imagec0cfb606153a3acb.webp
IP
5.101.110.225:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w3i5qriae740o17137h6l166
Certificate
IssuerDigiCert Inc
Subject*.ams3.digitaloceanspaces.com
Fingerprint74:0E:28:77:1B:40:9C:2E:63:02:BE:C3:BA:F6:2F:5F:42:1D:49:A0
ValidityMon, 27 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1361x432, Scaling: [none]x[none], YUV color, decoders should clamp
Size
34 kB (34264 bytes)
Hash
15ead8bb6f02bd3a2b51a31b37ea7a98
3bf41445848e36ccb05f744967864bf1945e97f7
78e28b9da813ead4ea4a90c48bf4a49428e0f9d8c6d694ad7b9f1113c96be93a

HTTP Headers

GET /images/banners-new/imagec0cfb606153a3acb.webp HTTP/1.1
Host: alphabook-static.ams3.digitaloceanspaces.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-length: 34264
accept-ranges: bytes
last-modified: Mon, 22 Apr 2024 12:00:21 GMT
x-rgw-object-type: Normal
etag: "15ead8bb6f02bd3a2b51a31b37ea7a98"
x-amz-request-id: tx00000eddd31ee72814090-00663ec689-5b703b05-ams3c
content-type: image/jpeg
date: Sat, 11 May 2024 01:14:49 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-envoy-upstream-healthchecked-cluster: 
X-Firefox-Spdy: h2

glugherg.net/4/6662145

139.45.197.237

62 kB

URL
glugherg.net/4/6662145
IP
139.45.197.237:0
ASN
#9002 RETN Limited

File type
gzip compressed data, max speed, from Unix
Size
62 kB (61874 bytes)
Hash
921b447c90e6938d6e4a33175f03474f
ef48a419b13fbbd17df6ba022dee80480ebb2884
4b7693b4eb5bc0e7fae44e9c0021a41cd3e051903d581e9b6bf2cf0ee37e9b7e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /4/6662145 HTTP/1.1
Host: glugherg.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 11 May 2024 01:14:39 GMT
content-type: text/html; charset=utf8
x-trace-id: 5097e125f40439eff833acf5be575455
link: <https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=008059ef5b94410ce73f53e29e63de0d; expires=Sun, 11 May 2025 01:14:39 GMT; path=/; secure; SameSite=None
oaidts=1715390079; expires=Sun, 11 May 2025 01:14:39 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldhc0AlAAAAAJUY_BS5coGTzfWcigG8Ffq24P4i&co=aHR0cHM6Ly9hbHBoYWJvb2tiZXQuY29tOjQ0Mw..&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=invisible&cb=rtev3f3rymsw

142.250.74.132

58 kB

URL
www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldhc0AlAAAAAJUY_BS5coGTzfWcigG8Ffq24P4i&co=aHR0cHM6Ly9hbHBoYWJvb2tiZXQuY29tOjQ0Mw..&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=invisible&cb=rtev3f3rymsw
IP
142.250.74.132:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0
ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT

File type
gzip compressed data
Size
58 kB (58015 bytes)
Hash
b272985f05389d47d35611a88fe4bd78
f0f036d3e1fd2a2d5c4c5d18d7678cc4a6e1fecf
1c0df187eae7a0fea30b8d57d30dca0172bdb483afbc4fb92e0de3ddba5c5eb6

HTTP Headers

GET /recaptcha/api2/anchor?ar=1&k=6Ldhc0AlAAAAAJUY_BS5coGTzfWcigG8Ffq24P4i&co=aHR0cHM6Ly9hbHBoYWJvb2tiZXQuY29tOjQ0Mw..&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=invisible&cb=rtev3f3rymsw HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 11 May 2024 01:14:48 GMT
content-security-policy: script-src 'nonce-mKOS3NVygP3j74Jqcx4Y8w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

alphabook-static.ams3.digitaloceanspaces.com/images/banners-new/imagedf8cf60db7ee75bd.webp

5.101.110.225

27 kB

URL
alphabook-static.ams3.digitaloceanspaces.com/images/banners-new/imagedf8cf60db7ee75bd.webp
IP
5.101.110.225:0
ASN
#14061 DIGITALOCEAN-ASN

Certificate
IssuerDigiCert Inc
Subject*.ams3.digitaloceanspaces.com
Fingerprint74:0E:28:77:1B:40:9C:2E:63:02:BE:C3:BA:F6:2F:5F:42:1D:49:A0
ValidityMon, 27 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1361x432, Scaling: [none]x[none], YUV color, decoders should clamp
Size
27 kB (27128 bytes)
Hash
81ebbb68f05575efd73b834d409dc973
5d6ffab9d3db86e68c2a330186e3959f410b6312
d91f0bee20240ef2a913692d714554570da58a712d67306b6a0130db5ab0e9c6

HTTP Headers

GET /images/banners-new/imagedf8cf60db7ee75bd.webp HTTP/1.1
Host: alphabook-static.ams3.digitaloceanspaces.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-length: 27128
accept-ranges: bytes
last-modified: Mon, 22 Apr 2024 12:36:25 GMT
x-rgw-object-type: Normal
etag: "81ebbb68f05575efd73b834d409dc973"
x-amz-request-id: tx0000027f098852998d1b5-00663ec68c-5b703ae2-ams3c
content-type: image/jpeg
date: Sat, 11 May 2024 01:14:52 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-envoy-upstream-healthchecked-cluster: 
X-Firefox-Spdy: h2

renderer.gist.build/2.0/index.html?options=eyJlbmRwb2ludCI6Imh0dHBzOi8vZW5naW5lLmFwaS5naXN0LmJ1aWxkIiwic2l0ZUlkIjoiNTE0NTQ5NWYxYmE4ZWM1ZTNhNzciLCJkYXRhQ2VudGVyIjoidXMiLCJtZXNzYWdlSWQiOiIiLCJpbnN0YW5jZUlkIjoiZGEwM2VjYmUtZTFhNC00Njg2LTk1NmItODkxYjdmYThmN2E5IiwibGl2ZVByZXZpZXciOmZhbHNlfQ%3D%3D

104.26.10.146

302 Found

143 B

URL GET HTTP/2
renderer.gist.build/2.0/index.html?options=eyJlbmRwb2ludCI6Imh0dHBzOi8vZW5naW5lLmFwaS5naXN0LmJ1aWxkIiwic2l0ZUlkIjoiNTE0NTQ5NWYxYmE4ZWM1ZTNhNzciLCJkYXRhQ2VudGVyIjoidXMiLCJtZXNzYWdlSWQiOiIiLCJpbnN0YW5jZUlkIjoiZGEwM2VjYmUtZTFhNC00Njg2LTk1NmItODkxYjdmYThmN2E5IiwibGl2ZVByZXZpZXciOmZhbHNlfQ%3D%3D
IP
104.26.10.146:443
ASN
#13335 CLOUDFLARENET

Requested by
https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w3i5qriae740o17137h6l166
Certificate
IssuerLet's Encrypt
Subjectgist.build
Fingerprint0C:DC:B5:1A:AC:AF:BF:26:D6:76:24:39:FE:C6:D2:A5:67:DA:E5:6E
ValidityWed, 08 May 2024 22:40:24 GMT - Tue, 06 Aug 2024 22:40:23 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
143 B (143 bytes)
Hash
cb7b8f439b04c00f4a2d78160ddfee8d
9aa44b5d68f6359f10de0dcd24ea3e12548d9bd4
12755429beb15d5eb57eafa45b8dba326343dd099bf0552038694c3856e8860e

HTTP Headers

GET /2.0/index.html?options=eyJlbmRwb2ludCI6Imh0dHBzOi8vZW5naW5lLmFwaS5naXN0LmJ1aWxkIiwic2l0ZUlkIjoiNTE0NTQ5NWYxYmE4ZWM1ZTNhNzciLCJkYXRhQ2VudGVyIjoidXMiLCJtZXNzYWdlSWQiOiIiLCJpbnN0YW5jZUlkIjoiZGEwM2VjYmUtZTFhNC00Njg2LTk1NmItODkxYjdmYThmN2E5IiwibGl2ZVByZXZpZXciOmZhbHNlfQ%3D%3D HTTP/1.1
Host: renderer.gist.build
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Sat, 11 May 2024 01:14:52 GMT
content-type: text/html
content-length: 143
location: https://code.gist.build/renderer/0.2.17/index.html?options=eyJlbmRwb2ludCI6Imh0dHBzOi8vZW5naW5lLmFwaS5naXN0LmJ1aWxkIiwic2l0ZUlkIjoiNTE0NTQ5NWYxYmE4ZWM1ZTNhNzciLCJkYXRhQ2VudGVyIjoidXMiLCJtZXNzYWdlSWQiOiIiLCJpbnN0YW5jZUlkIjoiZGEwM2VjYmUtZTFhNC00Njg2LTk1NmItODkxYjdmYThmN2E5IiwibGl2ZVByZXZpZXciOmZhbHNlfQ%3D%3D
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3Nd3dj5WSYOkxXSmKqtPYwpabMTSkdI7jWe4WpPqLNNFaWquznJoEkHisbk%2BoaV37oKVR5sQLj2JhYgTcvco36BAOOeLit8Bq1OvGn%2FbFQV%2BFa%2Bn%2FF8f0D%2BZTHRl7rkNF0BOnxY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881e508f4a22569b-OSL
X-Firefox-Spdy: h2

renderer.gist.build/2.0/index.html?options=eyJlbmRwb2ludCI6Imh0dHBzOi8vZW5naW5lLmFwaS5naXN0LmJ1aWxkIiwic2l0ZUlkIjoiNTE0NTQ5NWYxYmE4ZWM1ZTNhNzciLCJkYXRhQ2VudGVyIjoidXMiLCJtZXNzYWdlSWQiOiIiLCJpbnN0YW5jZUlkIjoiMjFiNTc0ZjktMmI4NS00ZTU4LWI3YzUtNTliYTZmNWE5N2FiIiwibGl2ZVByZXZpZXciOmZhbHNlfQ%3D%3D

104.26.10.146

302 Found

143 B

URL GET HTTP/2
renderer.gist.build/2.0/index.html?options=eyJlbmRwb2ludCI6Imh0dHBzOi8vZW5naW5lLmFwaS5naXN0LmJ1aWxkIiwic2l0ZUlkIjoiNTE0NTQ5NWYxYmE4ZWM1ZTNhNzciLCJkYXRhQ2VudGVyIjoidXMiLCJtZXNzYWdlSWQiOiIiLCJpbnN0YW5jZUlkIjoiMjFiNTc0ZjktMmI4NS00ZTU4LWI3YzUtNTliYTZmNWE5N2FiIiwibGl2ZVByZXZpZXciOmZhbHNlfQ%3D%3D
IP
104.26.10.146:443
ASN
#13335 CLOUDFLARENET

Requested by
https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w3i5qriae740o17137h6l166
Certificate
IssuerLet's Encrypt
Subjectgist.build
Fingerprint0C:DC:B5:1A:AC:AF:BF:26:D6:76:24:39:FE:C6:D2:A5:67:DA:E5:6E
ValidityWed, 08 May 2024 22:40:24 GMT - Tue, 06 Aug 2024 22:40:23 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
143 B (143 bytes)
Hash
cb7b8f439b04c00f4a2d78160ddfee8d
9aa44b5d68f6359f10de0dcd24ea3e12548d9bd4
12755429beb15d5eb57eafa45b8dba326343dd099bf0552038694c3856e8860e

HTTP Headers

GET /2.0/index.html?options=eyJlbmRwb2ludCI6Imh0dHBzOi8vZW5naW5lLmFwaS5naXN0LmJ1aWxkIiwic2l0ZUlkIjoiNTE0NTQ5NWYxYmE4ZWM1ZTNhNzciLCJkYXRhQ2VudGVyIjoidXMiLCJtZXNzYWdlSWQiOiIiLCJpbnN0YW5jZUlkIjoiMjFiNTc0ZjktMmI4NS00ZTU4LWI3YzUtNTliYTZmNWE5N2FiIiwibGl2ZVByZXZpZXciOmZhbHNlfQ%3D%3D HTTP/1.1
Host: renderer.gist.build
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
date: Sat, 11 May 2024 01:14:52 GMT
content-type: text/html
content-length: 143
location: https://code.gist.build/renderer/0.2.17/index.html?options=eyJlbmRwb2ludCI6Imh0dHBzOi8vZW5naW5lLmFwaS5naXN0LmJ1aWxkIiwic2l0ZUlkIjoiNTE0NTQ5NWYxYmE4ZWM1ZTNhNzciLCJkYXRhQ2VudGVyIjoidXMiLCJtZXNzYWdlSWQiOiIiLCJpbnN0YW5jZUlkIjoiMjFiNTc0ZjktMmI4NS00ZTU4LWI3YzUtNTliYTZmNWE5N2FiIiwibGl2ZVByZXZpZXciOmZhbHNlfQ%3D%3D
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WP9yvWfewr5nRPecoXVvOLowSMw44dRG0ciyC6oEFDNy7rUCZ40jVM9s%2BXY2jELMsgpF1xEDgFIxA1mnaCTf2kvCLU3LwESkeXujmwkOKu8ldxvTo0hXaaBhcIJev4dHVEEaba0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881e508f8a43569b-OSL
X-Firefox-Spdy: h2

alphabook-static.ams3.digitaloceanspaces.com/images/banners-new/image3bbdca9e6787d7c0.webp

5.101.110.225

200 OK

25 kB

URL GET HTTP/2
alphabook-static.ams3.digitaloceanspaces.com/images/banners-new/image3bbdca9e6787d7c0.webp
IP
5.101.110.225:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w3i5qriae740o17137h6l166
Certificate
IssuerDigiCert Inc
Subject*.ams3.digitaloceanspaces.com
Fingerprint74:0E:28:77:1B:40:9C:2E:63:02:BE:C3:BA:F6:2F:5F:42:1D:49:A0
ValidityMon, 27 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1361x432, Scaling: [none]x[none], YUV color, decoders should clamp
Size
25 kB (24812 bytes)
Hash
2b6d780095dd4d809bb4c73d388ef69a
de7506238cbb41996b1230abdf4483055711ca6c
f022fb611c589916c2756b9776395909cc24a0ad5cfc45636f4a5614074bb87f

HTTP Headers

GET /images/banners-new/image3bbdca9e6787d7c0.webp HTTP/1.1
Host: alphabook-static.ams3.digitaloceanspaces.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-length: 24812
accept-ranges: bytes
last-modified: Tue, 16 Apr 2024 10:37:51 GMT
x-rgw-object-type: Normal
etag: "2b6d780095dd4d809bb4c73d388ef69a"
x-amz-request-id: tx00000582cb9e960119b09-00663ec68d-5b73e618-ams3c
content-type: image/jpeg
date: Sat, 11 May 2024 01:14:53 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-envoy-upstream-healthchecked-cluster: 
X-Firefox-Spdy: h2

code.gist.build/renderer/0.2.17/assets/FontManifest.json

104.26.10.146

200 OK

2 B

URL GET HTTP/2
code.gist.build/renderer/0.2.17/assets/FontManifest.json
IP
104.26.10.146:443
ASN
#13335 CLOUDFLARENET

Requested by
https://code.gist.build/renderer/0.2.17/index.html?options=eyJlbmRwb2ludCI6Imh0dHBzOi8vZW5naW5lLmFwaS5naXN0LmJ1aWxkIiwic2l0ZUlkIjoiNTE0NTQ5NWYxYmE4ZWM1ZTNhNzciLCJkYXRhQ2VudGVyIjoidXMiLCJtZXNzYWdlSWQiOiIiLCJpbnN0YW5jZUlkIjoiMjFiNTc0ZjktMmI4NS00ZTU4LWI3YzUtNTliYTZmNWE5N2FiIiwibGl2ZVByZXZpZXciOmZhbHNlfQ%3D%3D
Certificate
IssuerGoogle Trust Services LLC
Subjectcode.gist.build
FingerprintFA:67:04:D3:A1:44:E1:B1:B2:7A:D6:F5:AB:9C:CB:CB:54:A3:FA:11
ValidityThu, 09 May 2024 12:46:32 GMT - Wed, 07 Aug 2024 12:46:31 GMT

File type
JSON text data
Size
2 B (2 bytes)
Hash
d751713988987e9331980363e24189ce
97d170e1550eee4afc0af065b78cda302a97674c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

HTTP Headers

GET /renderer/0.2.17/assets/FontManifest.json HTTP/1.1
Host: code.gist.build
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://code.gist.build/renderer/0.2.17/index.html?options=eyJlbmRwb2ludCI6Imh0dHBzOi8vZW5naW5lLmFwaS5naXN0LmJ1aWxkIiwic2l0ZUlkIjoiNTE0NTQ5NWYxYmE4ZWM1ZTNhNzciLCJkYXRhQ2VudGVyIjoidXMiLCJtZXNzYWdlSWQiOiIiLCJpbnN0YW5jZUlkIjoiMjFiNTc0ZjktMmI4NS00ZTU4LWI3YzUtNTliYTZmNWE5N2FiIiwibGl2ZVByZXZpZXciOmZhbHNlfQ%3D%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 11 May 2024 01:14:53 GMT
content-type: application/json
content-length: 2
last-modified: Thu, 09 May 2024 11:19:10 GMT
x-rgw-object-type: Normal
etag: "d751713988987e9331980363e24189ce"
x-amz-request-id: tx000002ec19e2217e3cf15-00663cb395-445f93d0-ams3b
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: 03b5fb56-b915-4b88-b380-33c921f54627
cache-control: max-age=3600
x-envoy-upstream-healthchecked-cluster: 
cf-cache-status: DYNAMIC
age: 2598
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Az2%2BjrgJvLvroNyxReKC4pNc9CL0oU0Pu35MXCfVs9Rt%2BE4ysXdVUwS5zlAH5l2hcyqKmfttgEGxccppIx6YGaCv6563NmivRtrz6h7TXPK13UZz%2FjQirWamseVS62gygw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881e50958d4f569b-OSL
X-Firefox-Spdy: h2

code.gist.build/renderer/0.2.17/assets/FontManifest.json

104.26.10.146

200 OK

2 B

URL GET HTTP/2
code.gist.build/renderer/0.2.17/assets/FontManifest.json
IP
104.26.10.146:443
ASN
#13335 CLOUDFLARENET

Requested by
https://code.gist.build/renderer/0.2.17/index.html?options=eyJlbmRwb2ludCI6Imh0dHBzOi8vZW5naW5lLmFwaS5naXN0LmJ1aWxkIiwic2l0ZUlkIjoiNTE0NTQ5NWYxYmE4ZWM1ZTNhNzciLCJkYXRhQ2VudGVyIjoidXMiLCJtZXNzYWdlSWQiOiIiLCJpbnN0YW5jZUlkIjoiMjFiNTc0ZjktMmI4NS00ZTU4LWI3YzUtNTliYTZmNWE5N2FiIiwibGl2ZVByZXZpZXciOmZhbHNlfQ%3D%3D
Certificate
IssuerGoogle Trust Services LLC
Subjectcode.gist.build
FingerprintFA:67:04:D3:A1:44:E1:B1:B2:7A:D6:F5:AB:9C:CB:CB:54:A3:FA:11
ValidityThu, 09 May 2024 12:46:32 GMT - Wed, 07 Aug 2024 12:46:31 GMT

File type
JSON text data
Size
2 B (2 bytes)
Hash
d751713988987e9331980363e24189ce
97d170e1550eee4afc0af065b78cda302a97674c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

HTTP Headers

GET /renderer/0.2.17/assets/FontManifest.json HTTP/1.1
Host: code.gist.build
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://code.gist.build/renderer/0.2.17/index.html?options=eyJlbmRwb2ludCI6Imh0dHBzOi8vZW5naW5lLmFwaS5naXN0LmJ1aWxkIiwic2l0ZUlkIjoiNTE0NTQ5NWYxYmE4ZWM1ZTNhNzciLCJkYXRhQ2VudGVyIjoidXMiLCJtZXNzYWdlSWQiOiIiLCJpbnN0YW5jZUlkIjoiZGEwM2VjYmUtZTFhNC00Njg2LTk1NmItODkxYjdmYThmN2E5IiwibGl2ZVByZXZpZXciOmZhbHNlfQ%3D%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 11 May 2024 01:14:53 GMT
content-type: application/json
content-length: 2
last-modified: Thu, 09 May 2024 11:19:10 GMT
x-rgw-object-type: Normal
etag: "d751713988987e9331980363e24189ce"
x-amz-request-id: tx000002ec19e2217e3cf15-00663cb395-445f93d0-ams3b
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: 03b5fb56-b915-4b88-b380-33c921f54627
cache-control: max-age=3600
x-envoy-upstream-healthchecked-cluster: 
cf-cache-status: DYNAMIC
age: 2598
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nbWpvhB%2BDBcT1bJzy9n7AFBEIycAtZ7MmOAtQJ%2FagkwE%2Beprj2jSeL9jY18FlVfDjwOQYoYIPd6uxfCFNfUxKcjp4JEdKLEZ5faw0bKiAKJOeFk4LZr6xKhJ5tLY44p6yw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881e50968d97569b-OSL
X-Firefox-Spdy: h2

code.gist.build/renderer/0.2.17/main.dart.js

104.26.10.146

200 OK

569 kB

URL GET HTTP/2
code.gist.build/renderer/0.2.17/main.dart.js
IP
104.26.10.146:443
ASN
#13335 CLOUDFLARENET

Requested by
https://code.gist.build/renderer/0.2.17/index.html?options=eyJlbmRwb2ludCI6Imh0dHBzOi8vZW5naW5lLmFwaS5naXN0LmJ1aWxkIiwic2l0ZUlkIjoiNTE0NTQ5NWYxYmE4ZWM1ZTNhNzciLCJkYXRhQ2VudGVyIjoidXMiLCJtZXNzYWdlSWQiOiIiLCJpbnN0YW5jZUlkIjoiMjFiNTc0ZjktMmI4NS00ZTU4LWI3YzUtNTliYTZmNWE5N2FiIiwibGl2ZVByZXZpZXciOmZhbHNlfQ%3D%3D
Certificate
IssuerGoogle Trust Services LLC
Subjectcode.gist.build
FingerprintFA:67:04:D3:A1:44:E1:B1:B2:7A:D6:F5:AB:9C:CB:CB:54:A3:FA:11
ValidityThu, 09 May 2024 12:46:32 GMT - Wed, 07 Aug 2024 12:46:31 GMT

File type
JavaScript source, ASCII text, with very long lines (727)
Size
569 kB (569292 bytes)
Hash
ba2cc37615483d76cfbb34478b5061f3
7bf30746672b9f659e65d34619490bfa78c92141
1446b90a921e2fe51d0d45cbe9a35424fc490e7dc3b935893e5b8a455ad78965

HTTP Headers

GET /renderer/0.2.17/main.dart.js HTTP/1.1
Host: code.gist.build
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://code.gist.build/renderer/0.2.17/index.html?options=eyJlbmRwb2ludCI6Imh0dHBzOi8vZW5naW5lLmFwaS5naXN0LmJ1aWxkIiwic2l0ZUlkIjoiNTE0NTQ5NWYxYmE4ZWM1ZTNhNzciLCJkYXRhQ2VudGVyIjoidXMiLCJtZXNzYWdlSWQiOiIiLCJpbnN0YW5jZUlkIjoiMjFiNTc0ZjktMmI4NS00ZTU4LWI3YzUtNTliYTZmNWE5N2FiIiwibGl2ZVByZXZpZXciOmZhbHNlfQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 11 May 2024 01:14:53 GMT
content-type: application/javascript
last-modified: Thu, 09 May 2024 11:19:11 GMT
x-rgw-object-type: Normal
etag: W/"ba2cc37615483d76cfbb34478b5061f3"
x-amz-request-id: tx0000076d0ca70aff419c8-00663cb395-445f18cc-ams3b
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: 03b5fb56-b915-4b88-b380-33c921f54627
cache-control: max-age=14400
x-envoy-upstream-healthchecked-cluster: 
cf-cache-status: HIT
age: 2567
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BDsE3AMOuhB%2BDy3aaCumzrObAdSn4m8JLew8vd1%2BFlK2KhIcDQjn42gKLIEAH%2BynaL7y8URIqoFxAdmHrYY0YvjyEc95IAGLzCH3huq4cglcQoX0hKzKLKpKvY5GddEzdw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881e50913b3c569b-OSL
content-encoding: br
X-Firefox-Spdy: h2

engine-consumer-api.cloud.gist.build/api/v2/configuration?cioSiteId=5145495f1ba8ec5e3a77&cioDatacenter=us&random=0

34.120.32.134

200 OK

0 B

URL GET HTTP/2
engine-consumer-api.cloud.gist.build/api/v2/configuration?cioSiteId=5145495f1ba8ec5e3a77&cioDatacenter=us&random=0
IP
34.120.32.134:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://code.gist.build/renderer/0.2.17/index.html?options=eyJlbmRwb2ludCI6Imh0dHBzOi8vZW5naW5lLmFwaS5naXN0LmJ1aWxkIiwic2l0ZUlkIjoiNTE0NTQ5NWYxYmE4ZWM1ZTNhNzciLCJkYXRhQ2VudGVyIjoidXMiLCJtZXNzYWdlSWQiOiIiLCJpbnN0YW5jZUlkIjoiZGEwM2VjYmUtZTFhNC00Njg2LTk1NmItODkxYjdmYThmN2E5IiwibGl2ZVByZXZpZXciOmZhbHNlfQ%3D%3D
Certificate
IssuerGoogle Trust Services LLC
Subjectgist-queue-consumer-api.cloud.gist.build
Fingerprint68:98:E0:BA:18:9D:01:75:4C:29:D5:4C:8E:A0:A9:7D:59:7B:03:48
ValiditySat, 06 Apr 2024 14:27:32 GMT - Fri, 05 Jul 2024 15:21:26 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /api/v2/configuration?cioSiteId=5145495f1ba8ec5e3a77&cioDatacenter=us&random=0 HTTP/1.1
Host: engine-consumer-api.cloud.gist.build
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://code.gist.build/
Origin: https://code.gist.build
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
access-control-allow-headers: X-Bourbon-Organization-Id,X-Engine-Project-Id,Authorization,Content-Type
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: https://code.gist.build
vary: Origin
x-cloud-trace-context: 6fe2e701a78b5d65b55b4d2b9f300af7
date: Sat, 11 May 2024 01:14:54 GMT
content-type: text/html
server: Google Frontend
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

engine-consumer-api.cloud.gist.build/api/v2/configuration?cioSiteId=5145495f1ba8ec5e3a77&cioDatacenter=us&random=1715390093856

34.120.32.134

204 No Content

0 B

URL OPTIONS HTTP/2
engine-consumer-api.cloud.gist.build/api/v2/configuration?cioSiteId=5145495f1ba8ec5e3a77&cioDatacenter=us&random=1715390093856
IP
34.120.32.134:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://code.gist.build/renderer/0.2.17/index.html?options=eyJlbmRwb2ludCI6Imh0dHBzOi8vZW5naW5lLmFwaS5naXN0LmJ1aWxkIiwic2l0ZUlkIjoiNTE0NTQ5NWYxYmE4ZWM1ZTNhNzciLCJkYXRhQ2VudGVyIjoidXMiLCJtZXNzYWdlSWQiOiIiLCJpbnN0YW5jZUlkIjoiMjFiNTc0ZjktMmI4NS00ZTU4LWI3YzUtNTliYTZmNWE5N2FiIiwibGl2ZVByZXZpZXciOmZhbHNlfQ%3D%3D
Certificate
IssuerGoogle Trust Services LLC
Subjectgist-queue-consumer-api.cloud.gist.build
Fingerprint68:98:E0:BA:18:9D:01:75:4C:29:D5:4C:8E:A0:A9:7D:59:7B:03:48
ValiditySat, 06 Apr 2024 14:27:32 GMT - Fri, 05 Jul 2024 15:21:26 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /api/v2/configuration?cioSiteId=5145495f1ba8ec5e3a77&cioDatacenter=us&random=1715390093856 HTTP/1.1
Host: engine-consumer-api.cloud.gist.build
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://code.gist.build/
Origin: https://code.gist.build
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
access-control-allow-headers: X-Bourbon-Organization-Id,X-Engine-Project-Id,Authorization,Content-Type
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: https://code.gist.build
vary: Origin
x-cloud-trace-context: 1b65ae9e66a4f0eac8deb3510131964e
date: Sat, 11 May 2024 01:14:54 GMT
content-type: text/html
server: Google Frontend
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

alphabookbet.com/assets/main.3cfe049b9baf815f4988.css

104.21.11.147

200 OK

20 kB

URL GET HTTP/3
alphabookbet.com/assets/main.3cfe049b9baf815f4988.css
IP
104.21.11.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w3i5qriae740o17137h6l166
Certificate
IssuerGoogle Trust Services LLC
Subjectalphabookbet.com
Fingerprint24:32:C4:83:7D:C1:33:4D:0D:18:31:71:12:62:C6:5F:4E:76:A2:88
ValidityTue, 16 Apr 2024 09:14:41 GMT - Mon, 15 Jul 2024 09:14:40 GMT

File type
Unicode text, UTF-8 text, with very long lines (9363)
Size
20 kB (19459 bytes)
Hash
4524b3356c79900e8f882b371cc3f44c
7d5d3f51d969fd22575b5297f70c2a86c33f3961
4b98aeaf1a5c23e0f6e69cf6c1965e604e0a7305da7a549703f692684eb21844

HTTP Headers

GET /assets/main.3cfe049b9baf815f4988.css HTTP/1.1
Host: alphabookbet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w3i5qriae740o17137h6l166
Cookie: locale=en; deviceType=desktop; isPwa=false; userTrackingCodes=%7B%22btag%22%3A%22p55317p55622p2ac1%26subid%3Dw3i5qriae740o17137h6l166%22%7D; connect.sid=s%3AkNRFc_GlSIPfkqq_Mt1ZrbIXwjemrm5_.VDm0L0L1v0Ia06SCMHOkibdxV8H8x44nEUOthr2krhE
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 11 May 2024 01:14:42 GMT
content-type: text/css
last-modified: Thu, 02 May 2024 08:08:51 GMT
etag: W/"66334a13-1b084"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 6826
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dy1EzRSVrtgg3of1Pv4LCxjhvUWS4bYP4inb%2FBV55CDXRF9Ts6DwxHmDj3xuY4nsG%2BV2eykX4bdsr2Hz6KiVooGG1ntEazcE7tsKtKVNx69ZsO6sR7hIGgaX%2FYEj%2BtYrpAQy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881e504cdac5568d-OSL
alt-svc: h3=":443"; ma=86400

engine-consumer-api.cloud.gist.build/api/v2/configuration?cioSiteId=5145495f1ba8ec5e3a77&cioDatacenter=us&random=1715390093889

34.120.32.134

204 No Content

0 B

URL OPTIONS HTTP/2
engine-consumer-api.cloud.gist.build/api/v2/configuration?cioSiteId=5145495f1ba8ec5e3a77&cioDatacenter=us&random=1715390093889
IP
34.120.32.134:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://code.gist.build/renderer/0.2.17/index.html?options=eyJlbmRwb2ludCI6Imh0dHBzOi8vZW5naW5lLmFwaS5naXN0LmJ1aWxkIiwic2l0ZUlkIjoiNTE0NTQ5NWYxYmE4ZWM1ZTNhNzciLCJkYXRhQ2VudGVyIjoidXMiLCJtZXNzYWdlSWQiOiIiLCJpbnN0YW5jZUlkIjoiZGEwM2VjYmUtZTFhNC00Njg2LTk1NmItODkxYjdmYThmN2E5IiwibGl2ZVByZXZpZXciOmZhbHNlfQ%3D%3D
Certificate
IssuerGoogle Trust Services LLC
Subjectgist-queue-consumer-api.cloud.gist.build
Fingerprint68:98:E0:BA:18:9D:01:75:4C:29:D5:4C:8E:A0:A9:7D:59:7B:03:48
ValiditySat, 06 Apr 2024 14:27:32 GMT - Fri, 05 Jul 2024 15:21:26 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /api/v2/configuration?cioSiteId=5145495f1ba8ec5e3a77&cioDatacenter=us&random=1715390093889 HTTP/1.1
Host: engine-consumer-api.cloud.gist.build
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://code.gist.build/
Origin: https://code.gist.build
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
access-control-allow-headers: X-Bourbon-Organization-Id,X-Engine-Project-Id,Authorization,Content-Type
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: https://code.gist.build
vary: Origin
x-cloud-trace-context: e5c6b625e8a1f7fb1ad467c7322e4b82
date: Sat, 11 May 2024 01:14:54 GMT
content-type: text/html
server: Google Frontend
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

assets.gist.build/templates/fonts/OpenSans/OpenSans-Regular.ttf

104.26.10.146

200 OK

97 kB

URL GET HTTP/2
assets.gist.build/templates/fonts/OpenSans/OpenSans-Regular.ttf
IP
104.26.10.146:443
ASN
#13335 CLOUDFLARENET

Requested by
https://code.gist.build/renderer/0.2.17/index.html?options=eyJlbmRwb2ludCI6Imh0dHBzOi8vZW5naW5lLmFwaS5naXN0LmJ1aWxkIiwic2l0ZUlkIjoiNTE0NTQ5NWYxYmE4ZWM1ZTNhNzciLCJkYXRhQ2VudGVyIjoidXMiLCJtZXNzYWdlSWQiOiIiLCJpbnN0YW5jZUlkIjoiZGEwM2VjYmUtZTFhNC00Njg2LTk1NmItODkxYjdmYThmN2E5IiwibGl2ZVByZXZpZXciOmZhbHNlfQ%3D%3D
Certificate
IssuerGoogle Trust Services LLC
Subjectassets.gist.build
Fingerprint44:B6:07:43:7F:A9:14:0F:57:91:0F:B8:2E:84:5B:7E:9F:7D:5F:A6
ValidityThu, 09 May 2024 12:21:47 GMT - Wed, 07 Aug 2024 12:21:46 GMT

File type
TrueType Font data, 17 tables, 1st "GDEF", 13 names, Microsoft, language 0x409, Digitized data copyright � 2010-2011, Google Corporation.Open SansRegular1.10;1ASC;OpenSans-Regu
Size
97 kB (96932 bytes)
Hash
3ed9575dcc488c3e3a5bd66620bdf5a4
babe8dce93a3e48b6c3c79720a0c048e88dd1fe7
037236ed4bf58a85f67074c165d308260fd6be01c86d7df4e79ea16eb273f8c5

HTTP Headers

GET /templates/fonts/OpenSans/OpenSans-Regular.ttf HTTP/1.1
Host: assets.gist.build
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://code.gist.build
DNT: 1
Connection: keep-alive
Referer: https://code.gist.build/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 11 May 2024 01:14:54 GMT
content-length: 96932
last-modified: Fri, 26 Jun 2020 13:13:55 GMT
x-rgw-object-type: Normal
etag: "3ed9575dcc488c3e3a5bd66620bdf5a4"
x-amz-request-id: tx000006bbe3dfb7eb753f5-0065f1c7c9-e72b424b-fra1b
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 0
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: 412ce67d-ec87-4b93-8040-9ef0eceddcfd
cache-control: max-age=14400
x-envoy-upstream-healthchecked-cluster: 
cf-cache-status: HIT
age: 1033
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WntvYJwPlxYhJKbSOUUVGfDo3VwPW07%2BU%2FbZQHNs5uiXeSbEiEVYKywPoQ8VgOY7QmaZ3XZiS3FuYk%2B8JoV9y6fkIWiELIhJuoXFe8cPGBkqpVwj83jdvFmQ%2Bng94UlD%2FfHN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881e509aad521c16-OSL
X-Firefox-Spdy: h2

engine-consumer-api.cloud.gist.build/api/v2/configuration?cioSiteId=5145495f1ba8ec5e3a77&cioDatacenter=us&random=1715390093856

34.120.32.134

204 No Content

105 kB

URL OPTIONS HTTP/2
engine-consumer-api.cloud.gist.build/api/v2/configuration?cioSiteId=5145495f1ba8ec5e3a77&cioDatacenter=us&random=1715390093856
IP
34.120.32.134:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://code.gist.build/renderer/0.2.17/index.html?options=eyJlbmRwb2ludCI6Imh0dHBzOi8vZW5naW5lLmFwaS5naXN0LmJ1aWxkIiwic2l0ZUlkIjoiNTE0NTQ5NWYxYmE4ZWM1ZTNhNzciLCJkYXRhQ2VudGVyIjoidXMiLCJtZXNzYWdlSWQiOiIiLCJpbnN0YW5jZUlkIjoiMjFiNTc0ZjktMmI4NS00ZTU4LWI3YzUtNTliYTZmNWE5N2FiIiwibGl2ZVByZXZpZXciOmZhbHNlfQ%3D%3D
Certificate
IssuerGoogle Trust Services LLC
Subjectgist-queue-consumer-api.cloud.gist.build
Fingerprint68:98:E0:BA:18:9D:01:75:4C:29:D5:4C:8E:A0:A9:7D:59:7B:03:48
ValiditySat, 06 Apr 2024 14:27:32 GMT - Fri, 05 Jul 2024 15:21:26 GMT

File type
data
Size
105 kB (105360 bytes)
Hash
e90846be773356a7a2ff26f47faff875
1f7f00e181519a0f5ecbfddc3700766716e855b7
5d5a048ebf06c5dbe7b01fd34a5de996de3426efe691385f55dc48585072b98e

HTTP Headers

GET /api/v2/configuration?cioSiteId=5145495f1ba8ec5e3a77&cioDatacenter=us&random=1715390093856 HTTP/1.1
Host: engine-consumer-api.cloud.gist.build
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://code.gist.build
DNT: 1
Connection: keep-alive
Referer: https://code.gist.build/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/json; charset=utf-8
access-control-allow-origin: https://code.gist.build
cache-control: public,max-age=300
vary: Origin
date: Sat, 11 May 2024 01:14:54 GMT
server: Google Frontend
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

alphabook-static.ams3.digitaloceanspaces.com/images/banners-new/image744df30b9195e18a.webp

5.101.110.225

32 kB

URL
alphabook-static.ams3.digitaloceanspaces.com/images/banners-new/image744df30b9195e18a.webp
IP
5.101.110.225:0
ASN
#14061 DIGITALOCEAN-ASN

Certificate
IssuerDigiCert Inc
Subject*.ams3.digitaloceanspaces.com
Fingerprint74:0E:28:77:1B:40:9C:2E:63:02:BE:C3:BA:F6:2F:5F:42:1D:49:A0
ValidityMon, 27 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1361x420, Scaling: [none]x[none], YUV color, decoders should clamp
Size
32 kB (32508 bytes)
Hash
cf01d60bb8cbd57180e16004c707293a
1f13284d0f2a32a9a618b4f8fae247faffbb679a
9568e9100fff3f860cefdfb90e76303b10d832ed5bcf7b3b82335bda7fa14bf1

HTTP Headers

GET /images/banners-new/image744df30b9195e18a.webp HTTP/1.1
Host: alphabook-static.ams3.digitaloceanspaces.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-length: 32508
accept-ranges: bytes
last-modified: Tue, 23 Apr 2024 08:55:51 GMT
x-rgw-object-type: Normal
etag: "cf01d60bb8cbd57180e16004c707293a"
x-amz-request-id: tx000002d8ff331d50f947c-00663ec68e-5b73e618-ams3c
content-type: image/jpeg
date: Sat, 11 May 2024 01:14:54 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-envoy-upstream-healthchecked-cluster: 
X-Firefox-Spdy: h2

assets.gist.build/templates/fonts/OpenSans/OpenSans-Regular.ttf

104.26.10.146

200 OK

97 kB

URL GET HTTP/2
assets.gist.build/templates/fonts/OpenSans/OpenSans-Regular.ttf
IP
104.26.10.146:443
ASN
#13335 CLOUDFLARENET

Requested by
https://code.gist.build/renderer/0.2.17/index.html?options=eyJlbmRwb2ludCI6Imh0dHBzOi8vZW5naW5lLmFwaS5naXN0LmJ1aWxkIiwic2l0ZUlkIjoiNTE0NTQ5NWYxYmE4ZWM1ZTNhNzciLCJkYXRhQ2VudGVyIjoidXMiLCJtZXNzYWdlSWQiOiIiLCJpbnN0YW5jZUlkIjoiZGEwM2VjYmUtZTFhNC00Njg2LTk1NmItODkxYjdmYThmN2E5IiwibGl2ZVByZXZpZXciOmZhbHNlfQ%3D%3D
Certificate
IssuerGoogle Trust Services LLC
Subjectassets.gist.build
Fingerprint44:B6:07:43:7F:A9:14:0F:57:91:0F:B8:2E:84:5B:7E:9F:7D:5F:A6
ValidityThu, 09 May 2024 12:21:47 GMT - Wed, 07 Aug 2024 12:21:46 GMT

File type
TrueType Font data, 17 tables, 1st "GDEF", 13 names, Microsoft, language 0x409, Digitized data copyright � 2010-2011, Google Corporation.Open SansRegular1.10;1ASC;OpenSans-Regu
Size
97 kB (96932 bytes)
Hash
3ed9575dcc488c3e3a5bd66620bdf5a4
babe8dce93a3e48b6c3c79720a0c048e88dd1fe7
037236ed4bf58a85f67074c165d308260fd6be01c86d7df4e79ea16eb273f8c5

HTTP Headers

GET /templates/fonts/OpenSans/OpenSans-Regular.ttf HTTP/1.1
Host: assets.gist.build
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://code.gist.build
DNT: 1
Connection: keep-alive
Referer: https://code.gist.build/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 11 May 2024 01:14:54 GMT
content-length: 96932
last-modified: Fri, 26 Jun 2020 13:13:55 GMT
x-rgw-object-type: Normal
etag: "3ed9575dcc488c3e3a5bd66620bdf5a4"
x-amz-request-id: tx000006bbe3dfb7eb753f5-0065f1c7c9-e72b424b-fra1b
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 0
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: 412ce67d-ec87-4b93-8040-9ef0eceddcfd
cache-control: max-age=14400
x-envoy-upstream-healthchecked-cluster: 
cf-cache-status: HIT
age: 1033
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B4bInNXKS%2B%2B36elw10Ns5NbjCuZP66gpvQB62E6p2T6Gbtrej3e4WxbaIKlNPGhmg2LxGxvZ%2F%2FYDX6IzsHOzhUF%2BtXfSpRkdEM%2BKpMyDA%2FIRJCgjEhCyXbmfPkp1fh20n5dD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881e509b2da51c16-OSL
X-Firefox-Spdy: h2

engine-consumer-api.cloud.gist.build/api/v2/configuration?cioSiteId=5145495f1ba8ec5e3a77&cioDatacenter=us&random=1715390093889

34.120.32.134

204 No Content

105 kB

URL OPTIONS HTTP/2
engine-consumer-api.cloud.gist.build/api/v2/configuration?cioSiteId=5145495f1ba8ec5e3a77&cioDatacenter=us&random=1715390093889
IP
34.120.32.134:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://code.gist.build/renderer/0.2.17/index.html?options=eyJlbmRwb2ludCI6Imh0dHBzOi8vZW5naW5lLmFwaS5naXN0LmJ1aWxkIiwic2l0ZUlkIjoiNTE0NTQ5NWYxYmE4ZWM1ZTNhNzciLCJkYXRhQ2VudGVyIjoidXMiLCJtZXNzYWdlSWQiOiIiLCJpbnN0YW5jZUlkIjoiZGEwM2VjYmUtZTFhNC00Njg2LTk1NmItODkxYjdmYThmN2E5IiwibGl2ZVByZXZpZXciOmZhbHNlfQ%3D%3D
Certificate
IssuerGoogle Trust Services LLC
Subjectgist-queue-consumer-api.cloud.gist.build
Fingerprint68:98:E0:BA:18:9D:01:75:4C:29:D5:4C:8E:A0:A9:7D:59:7B:03:48
ValiditySat, 06 Apr 2024 14:27:32 GMT - Fri, 05 Jul 2024 15:21:26 GMT

File type
data
Size
105 kB (105360 bytes)
Hash
e90846be773356a7a2ff26f47faff875
1f7f00e181519a0f5ecbfddc3700766716e855b7
5d5a048ebf06c5dbe7b01fd34a5de996de3426efe691385f55dc48585072b98e

HTTP Headers

GET /api/v2/configuration?cioSiteId=5145495f1ba8ec5e3a77&cioDatacenter=us&random=1715390093889 HTTP/1.1
Host: engine-consumer-api.cloud.gist.build
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://code.gist.build
DNT: 1
Connection: keep-alive
Referer: https://code.gist.build/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/json; charset=utf-8
access-control-allow-origin: https://code.gist.build
cache-control: public,max-age=300
vary: Origin
date: Sat, 11 May 2024 01:14:54 GMT
server: Google Frontend
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

alphabook-static.ams3.digitaloceanspaces.com/images/banners-new/character_1698760097539.png

5.101.110.225

200 OK

1.4 kB

URL GET HTTP/2
alphabook-static.ams3.digitaloceanspaces.com/images/banners-new/character_1698760097539.png
IP
5.101.110.225:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w3i5qriae740o17137h6l166
Certificate
IssuerDigiCert Inc
Subject*.ams3.digitaloceanspaces.com
Fingerprint74:0E:28:77:1B:40:9C:2E:63:02:BE:C3:BA:F6:2F:5F:42:1D:49:A0
ValidityMon, 27 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT

File type
PNG image data, 780 x 432, 8-bit/color RGBA, non-interlaced
Size
1.4 kB (1386 bytes)
Hash
74c3d77052575a1c0060032e82cc877a
7a42b32992e105c579fb66f45e05f37e24f11f4e
cd4a96bccd1752ebf29e525a2e9df02d9d18031e287349ce1e69f3025cd55f07

HTTP Headers

GET /images/banners-new/character_1698760097539.png HTTP/1.1
Host: alphabook-static.ams3.digitaloceanspaces.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-length: 1386
accept-ranges: bytes
last-modified: Tue, 31 Oct 2023 13:48:22 GMT
x-rgw-object-type: Normal
etag: "74c3d77052575a1c0060032e82cc877a"
x-amz-request-id: tx000005cd76aa211d7604d-00663ec68f-5b703b05-ams3c
content-type: image/png
date: Sat, 11 May 2024 01:14:55 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-envoy-upstream-healthchecked-cluster: 
X-Firefox-Spdy: h2

alphabook-static.ams3.digitaloceanspaces.com/images/banners-new/image0f2b87a11daf114e.webp

5.101.110.225

200 OK

82 kB

URL GET HTTP/2
alphabook-static.ams3.digitaloceanspaces.com/images/banners-new/image0f2b87a11daf114e.webp
IP
5.101.110.225:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w3i5qriae740o17137h6l166
Certificate
IssuerDigiCert Inc
Subject*.ams3.digitaloceanspaces.com
Fingerprint74:0E:28:77:1B:40:9C:2E:63:02:BE:C3:BA:F6:2F:5F:42:1D:49:A0
ValidityMon, 27 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1361x432, Scaling: [none]x[none], YUV color, decoders should clamp
Size
82 kB (81926 bytes)
Hash
5a13a09df5094cc7b2b44781cf4f7dc6
4aff6ce7d4d926e6d357fdbb8873c33a403c0426
5b35dd36cabd845229357dc9bc7fec3376d31c37775a2e177f747a6be725e5a8

HTTP Headers

GET /images/banners-new/image0f2b87a11daf114e.webp HTTP/1.1
Host: alphabook-static.ams3.digitaloceanspaces.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-length: 81926
accept-ranges: bytes
last-modified: Tue, 07 May 2024 16:50:03 GMT
x-rgw-object-type: Normal
etag: "5a13a09df5094cc7b2b44781cf4f7dc6"
x-amz-request-id: tx00000fa26cb0a2920e343-00663ec68f-5b6ba005-ams3c
content-type: image/jpeg
date: Sat, 11 May 2024 01:14:55 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-envoy-upstream-healthchecked-cluster: 
X-Firefox-Spdy: h2

alphabookbet.com/assets/public/images/footer-social/twitter.png

104.21.11.147

200 OK

903 B

URL GET HTTP/3
alphabookbet.com/assets/public/images/footer-social/twitter.png
IP
104.21.11.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w3i5qriae740o17137h6l166
Certificate
IssuerGoogle Trust Services LLC
Subjectalphabookbet.com
Fingerprint24:32:C4:83:7D:C1:33:4D:0D:18:31:71:12:62:C6:5F:4E:76:A2:88
ValidityTue, 16 Apr 2024 09:14:41 GMT - Mon, 15 Jul 2024 09:14:40 GMT

File type
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
Size
903 B (903 bytes)
Hash
6915f36099c1f7fcd5bb507a260496c7
8ed14e59d88836052b3390d65c7b0808d1ab18ad
5e7f26a8123b0071e4a6b992de582d2b61b0473b1cb68de1f93edd7cae5f5bd0

HTTP Headers

GET /assets/public/images/footer-social/twitter.png HTTP/1.1
Host: alphabookbet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w3i5qriae740o17137h6l166
Cookie: locale=en; deviceType=desktop; isPwa=false; userTrackingCodes=%7B%22btag%22%3A%22p55317p55622p2ac1%26subid%3Dw3i5qriae740o17137h6l166%22%7D; connect.sid=s%3AkNRFc_GlSIPfkqq_Mt1ZrbIXwjemrm5_.VDm0L0L1v0Ia06SCMHOkibdxV8H8x44nEUOthr2krhE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 11 May 2024 01:14:42 GMT
content-type: image/png
last-modified: Thu, 02 May 2024 08:08:51 GMT
etag: W/"66334a13-387"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 2042
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9zJYcJXRWMCIq77VYvD8bK0JqUBCRYgqa3ac%2BV9tdgZNdxSHVIo7Aw1d66SmXI0cvlz8JVzXbgcQJvaylRVduwcI2%2Bpc4V5Ds835ypoR4iMbVAyPJCARU9u8XrOrJQidQdY%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881e504d1aea568d-OSL
alt-svc: h3=":443"; ma=86400

www.google.com/recaptcha/api.js?render=6Ldhc0AlAAAAAJUY_BS5coGTzfWcigG8Ffq24P4i

142.250.74.132

200 OK

884 B

URL GET HTTP/2
www.google.com/recaptcha/api.js?render=6Ldhc0AlAAAAAJUY_BS5coGTzfWcigG8Ffq24P4i
IP
142.250.74.132:443
ASN
#15169 GOOGLE

Requested by
https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w3i5qriae740o17137h6l166
Certificate
IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintC6:A2:DC:31:5A:53:FA:DD:55:71:A3:F4:DD:43:3D:16:71:B8:B3:99
ValidityTue, 16 Apr 2024 04:20:32 GMT - Tue, 09 Jul 2024 04:20:31 GMT

File type
JavaScript source, ASCII text, with very long lines (884), with no line terminators
Size
884 B (884 bytes)
Hash
4729288ad0b21449eec12bad609135ba
bdc097fa6b6e3868617cb1f8648086b601bb5db5
5e206fed0c011faac27e155a20cbed416eaf7ff327e3ec3a6c124b8d336d892c

HTTP Headers

GET /recaptcha/api.js?render=6Ldhc0AlAAAAAJUY_BS5coGTzfWcigG8Ffq24P4i HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
expires: Sat, 11 May 2024 01:14:47 GMT
date: Sat, 11 May 2024 01:14:47 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/en-us-json-1220b2e.js

104.18.72.113

200 OK

19 kB

URL GET HTTP/2
static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/en-us-json-1220b2e.js
IP
104.18.72.113:443
ASN
#13335 CLOUDFLARENET

Requested by
https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w3i5qriae740o17137h6l166
Certificate
IssuerLet's Encrypt
Subjectzdassets.com
Fingerprint91:4E:55:88:20:64:B8:AA:0E:42:DA:60:4E:C8:0C:21:93:4F:B1:F7
ValidityWed, 01 May 2024 21:55:19 GMT - Tue, 30 Jul 2024 21:55:18 GMT

File type

Size
19 kB (19118 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /web_widget/messenger/latest/web-widget-locales/messenger/en-us-json-1220b2e.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 11 May 2024 01:14:48 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: hdMelwb1TcDq6qbrZjBW2f/MVDOvtGlmjwfls2Fz50LKP1Iof7vj0fKf+Wglv3g+DReExaUWsbY15nF4FzmuJg==
x-amz-request-id: XD9939AN0HMBC43N
x-amz-replication-status: COMPLETED
last-modified: Mon, 06 May 2024 20:40:58 GMT
etag: W/"0950a1ea6ac93c32e32c9163c222d3b1"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Tue, 06 May 2025 20:40:57 GMT
x-amz-version-id: 1Dk7LrAyz2Cr21ovLHnUeWBQuuu1hrKc
cf-cache-status: HIT
age: 132741
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L7M%2Bzg%2BqwvjypRb5bS1YZTUasYzhiPY0rit%2BwX2XmemBcKP%2Bt5OSKuzUUBltO0pvwRnd9AiJe0ImVZUlam5J%2B2flfXGkud3eca%2B5mpQk5iXGxzINWfn89pGM8QXXHtQcDkm6KpU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-max-age: 0
server: cloudflare
cf-ray: 881e50740a5c5687-OSL
content-encoding: br
X-Firefox-Spdy: h2

alphabookbet.com/assets/public/producers-icon/ruby-play-small.png

104.21.11.147

200 OK

3.2 kB

URL GET HTTP/3
alphabookbet.com/assets/public/producers-icon/ruby-play-small.png
IP
104.21.11.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w3i5qriae740o17137h6l166
Certificate
IssuerGoogle Trust Services LLC
Subjectalphabookbet.com
Fingerprint24:32:C4:83:7D:C1:33:4D:0D:18:31:71:12:62:C6:5F:4E:76:A2:88
ValidityTue, 16 Apr 2024 09:14:41 GMT - Mon, 15 Jul 2024 09:14:40 GMT

File type
PNG image data, 73 x 72, 8-bit/color RGBA, non-interlaced
Size
3.2 kB (3223 bytes)
Hash
00fa1d7aea3ae657e265d7d16e7a29f0
0f15f0018ede4607bd32fe2bdc61e602d636f6ce
b6cd37557046d1ce84d269eb4ba6eb6e0c4326b053b8177d31709b60afc20d9f

HTTP Headers

GET /assets/public/producers-icon/ruby-play-small.png HTTP/1.1
Host: alphabookbet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w3i5qriae740o17137h6l166
Cookie: locale=en; deviceType=desktop; isPwa=false; userTrackingCodes=%7B%22btag%22%3A%22p55317p55622p2ac1%26subid%3Dw3i5qriae740o17137h6l166%22%7D; connect.sid=s%3AkNRFc_GlSIPfkqq_Mt1ZrbIXwjemrm5_.VDm0L0L1v0Ia06SCMHOkibdxV8H8x44nEUOthr2krhE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 11 May 2024 01:14:42 GMT
content-type: image/png
last-modified: Thu, 02 May 2024 08:08:51 GMT
etag: W/"66334a13-c97"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 1213
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bfgmh4%2F517RIoXQfvW0QeCRoLT1o9wtgURPwCl5XFTqSs4tM5QLeQLPCzzAY%2FS%2FEbfWe%2Fx%2FPnis1fWaTAZvvGrHD%2FMdyqR8Wdk72YSiLfqbvwD%2BoCW9pu4vQZPr0d%2BmqTGDl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881e504cfad6568d-OSL
alt-svc: h3=":443"; ma=86400

alphabookbet.com/assets/public/producers-icon/gamesinc-small.png

104.21.11.147

200 OK

1.2 kB

URL GET HTTP/3
alphabookbet.com/assets/public/producers-icon/gamesinc-small.png
IP
104.21.11.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w3i5qriae740o17137h6l166
Certificate
IssuerGoogle Trust Services LLC
Subjectalphabookbet.com
Fingerprint24:32:C4:83:7D:C1:33:4D:0D:18:31:71:12:62:C6:5F:4E:76:A2:88
ValidityTue, 16 Apr 2024 09:14:41 GMT - Mon, 15 Jul 2024 09:14:40 GMT

File type
PNG image data, 73 x 72, 8-bit colormap, non-interlaced
Size
1.2 kB (1193 bytes)
Hash
d3c20b4937a26a34483d9bf740733138
2b610081c324b2fd1f7f712436ded70d22023b90
63c5c5bb8d906ab29bbb9f100dc53c95ac703446d56913e945823544e4e19b91

HTTP Headers

GET /assets/public/producers-icon/gamesinc-small.png HTTP/1.1
Host: alphabookbet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w3i5qriae740o17137h6l166
Cookie: locale=en; deviceType=desktop; isPwa=false; userTrackingCodes=%7B%22btag%22%3A%22p55317p55622p2ac1%26subid%3Dw3i5qriae740o17137h6l166%22%7D; connect.sid=s%3AkNRFc_GlSIPfkqq_Mt1ZrbIXwjemrm5_.VDm0L0L1v0Ia06SCMHOkibdxV8H8x44nEUOthr2krhE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 11 May 2024 01:14:42 GMT
content-type: image/png
last-modified: Thu, 02 May 2024 08:08:51 GMT
etag: W/"66334a13-4a9"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 2042
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ISHGJsnpSfYsrl%2FmkgNTuepz%2BMZuMpHmxBeOUaxLdsXvJH9KtQVqV%2BdpefuZCdpA44U4gFP%2BkinyZvdCiVTvGLINO92FFXwf7aUtrCBe0lhHUMr8Ho%2Bnoa0f2OhT%2ByC4bPU9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881e504cfada568d-OSL
alt-svc: h3=":443"; ma=86400

alphabookbet.com/assets/public/images/footer-social/telegram.png

104.21.11.147

200 OK

761 B

URL GET HTTP/3
alphabookbet.com/assets/public/images/footer-social/telegram.png
IP
104.21.11.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w3i5qriae740o17137h6l166
Certificate
IssuerGoogle Trust Services LLC
Subjectalphabookbet.com
Fingerprint24:32:C4:83:7D:C1:33:4D:0D:18:31:71:12:62:C6:5F:4E:76:A2:88
ValidityTue, 16 Apr 2024 09:14:41 GMT - Mon, 15 Jul 2024 09:14:40 GMT

File type
PNG image data, 64 x 64, 8-bit colormap, non-interlaced
Size
761 B (761 bytes)
Hash
4b74e3fb4306d687c9f264eed798521f
baeaa99c6a40baf4a27611345d14dd9a1e16b28d
0a91aa5d5d73e5a60985f77fd1fd53f9aea08075441a8d1b441fc1c0e44c940c

HTTP Headers

GET /assets/public/images/footer-social/telegram.png HTTP/1.1
Host: alphabookbet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w3i5qriae740o17137h6l166
Cookie: locale=en; deviceType=desktop; isPwa=false; userTrackingCodes=%7B%22btag%22%3A%22p55317p55622p2ac1%26subid%3Dw3i5qriae740o17137h6l166%22%7D; connect.sid=s%3AkNRFc_GlSIPfkqq_Mt1ZrbIXwjemrm5_.VDm0L0L1v0Ia06SCMHOkibdxV8H8x44nEUOthr2krhE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 11 May 2024 01:14:42 GMT
content-type: image/png
last-modified: Thu, 02 May 2024 08:08:51 GMT
etag: W/"66334a13-2f9"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 2042
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nwHiuFpwqCbvDos8BowpPhlQLCPi7Qk89xhMTVegkpoa%2F6Jmg6yfw3moCqeL2uePpQvydooQ6P7hwAprOu1MaYzEhFw1lhfYdyDkm0ckbbf3xT22eyqzDzCj2C0Nq4ZXNOzD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881e504d1ae6568d-OSL
alt-svc: h3=":443"; ma=86400

www.gstatic.com/recaptcha/api2/logo_48.png

142.250.74.67

200 OK

2.2 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/logo_48.png
IP
142.250.74.67:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldhc0AlAAAAAJUY_BS5coGTzfWcigG8Ffq24P4i&co=aHR0cHM6Ly9hbHBoYWJvb2tiZXQuY29tOjQ0Mw..&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=invisible&cb=rtev3f3rymsw
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
Size
2.2 kB (2228 bytes)
Hash
ef9941290c50cd3866e2ba6b793f010d
4736508c795667dcea21f8d864233031223b7832
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

HTTP Headers

GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 02:54:07 GMT
expires: Thu, 16 May 2024 02:54:07 GMT
cache-control: public, max-age=604800
age: 166841
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

ekr.zdassets.com/compose/78a84f04-0f2c-44f9-9c19-d4e3dd5a5974

104.18.70.113

200 OK

1.2 kB

URL GET HTTP/2
ekr.zdassets.com/compose/78a84f04-0f2c-44f9-9c19-d4e3dd5a5974
IP
104.18.70.113:443
ASN
#13335 CLOUDFLARENET

Requested by
https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w3i5qriae740o17137h6l166
Certificate
IssuerLet's Encrypt
Subjectzdassets.com
Fingerprint91:4E:55:88:20:64:B8:AA:0E:42:DA:60:4E:C8:0C:21:93:4F:B1:F7
ValidityWed, 01 May 2024 21:55:19 GMT - Tue, 30 Jul 2024 21:55:18 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (1301), with no line terminators
Size
1.2 kB (1169 bytes)
Hash
ca1f95e26947a2569ab8468d763b6b22
459d9af753fbb0b9bea4e050b0747c3bdf52a2d5
5d6cae4da295f1837e77450a4bc487ee577f9901f8edaa5dedc237f5f5a787b9

HTTP Headers

GET /compose/78a84f04-0f2c-44f9-9c19-d4e3dd5a5974 HTTP/1.1
Host: ekr.zdassets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alphabookbet.com/
Origin: https://alphabookbet.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 11 May 2024 01:14:47 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-expose-headers: 
access-control-max-age: 7200
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cdn-cache-control: max-age=60
vary: Accept, Origin, Accept-Encoding
cache-control: max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
etag: W/"41e5d295dcf710077f6f72a4ef81c523"
x-request-id: 8811a877edea0de7-SEA, 8811a877edea0de7-SEA
x-runtime: 0.009551
x-zendesk-zorg: yes
cf-cache-status: HIT
age: 3
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9JVlupFU7KU4VoaAcdtpEOZyaF8m%2FaAwntz3w6qVQ%2BoSwRvUg1MWWCph%2B3Y2SFhriayxOxFnZyzKtSkK4mBZshuRuWH%2BdWGXixY6PIrm%2F%2FWsyVaEUoIiBoUIhadiAHAmLfc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 881e50704da056b7-OSL
content-encoding: br
X-Firefox-Spdy: h2

code.gist.build/web/3.10.2/gist.min.js

104.26.10.146

200 OK

43 kB

URL GET HTTP/2
code.gist.build/web/3.10.2/gist.min.js
IP
104.26.10.146:443
ASN
#13335 CLOUDFLARENET

Requested by
https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w3i5qriae740o17137h6l166
Certificate
IssuerGoogle Trust Services LLC
Subjectcode.gist.build
FingerprintFA:67:04:D3:A1:44:E1:B1:B2:7A:D6:F5:AB:9C:CB:CB:54:A3:FA:11
ValidityThu, 09 May 2024 12:46:32 GMT - Wed, 07 Aug 2024 12:46:31 GMT

File type
JavaScript source, ASCII text, with very long lines (42607), with no line terminators
Size
43 kB (42607 bytes)
Hash
ff7b540040c15a491538b382d0df7309
84d75dea5528bd3041d63588137e8c7c076d9bde
9339332eb85f421ff0b2166e4935ebbcfe0da932aff4685ee85735dddc192cb6

HTTP Headers

GET /web/3.10.2/gist.min.js HTTP/1.1
Host: code.gist.build
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alphabookbet.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 11 May 2024 01:14:47 GMT
content-type: application/javascript
last-modified: Wed, 08 May 2024 10:38:06 GMT
x-rgw-object-type: Normal
etag: W/"ff7b540040c15a491538b382d0df7309"
x-amz-request-id: tx000004099933fc2bf57b6-00663b56c4-445f9411-ams3b
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: 03b5fb56-b915-4b88-b380-33c921f54627
cache-control: max-age=14400
x-envoy-upstream-healthchecked-cluster: 
cf-cache-status: HIT
age: 765
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eSbBEWryNwd8KfPs924R6Wo3ohzv%2F%2FdJlx6%2FaEBVSLc%2FTGslwSa0zxgwDaBgJZB7evB03cWu%2FnYxgH6qW9mvw5wrovLc%2BHycLVloCaOroUedES1aF0vyIuVNUmNCjQjd5A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881e506f1d2a569b-OSL
content-encoding: br
X-Firefox-Spdy: h2

code.gist.build/renderer/0.2.17/index.html?options=eyJlbmRwb2ludCI6Imh0dHBzOi8vZW5naW5lLmFwaS5naXN0LmJ1aWxkIiwic2l0ZUlkIjoiNTE0NTQ5NWYxYmE4ZWM1ZTNhNzciLCJkYXRhQ2VudGVyIjoidXMiLCJtZXNzYWdlSWQiOiIiLCJpbnN0YW5jZUlkIjoiMjFiNTc0ZjktMmI4NS00ZTU4LWI3YzUtNTliYTZmNWE5N2FiIiwibGl2ZVByZXZpZXciOmZhbHNlfQ%3D%3D

104.26.10.146

200 OK

516 B

URL GET HTTP/2
code.gist.build/renderer/0.2.17/index.html?options=eyJlbmRwb2ludCI6Imh0dHBzOi8vZW5naW5lLmFwaS5naXN0LmJ1aWxkIiwic2l0ZUlkIjoiNTE0NTQ5NWYxYmE4ZWM1ZTNhNzciLCJkYXRhQ2VudGVyIjoidXMiLCJtZXNzYWdlSWQiOiIiLCJpbnN0YW5jZUlkIjoiMjFiNTc0ZjktMmI4NS00ZTU4LWI3YzUtNTliYTZmNWE5N2FiIiwibGl2ZVByZXZpZXciOmZhbHNlfQ%3D%3D
IP
104.26.10.146:443
ASN
#13335 CLOUDFLARENET

Requested by
https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w3i5qriae740o17137h6l166
Certificate
IssuerGoogle Trust Services LLC
Subjectcode.gist.build
FingerprintFA:67:04:D3:A1:44:E1:B1:B2:7A:D6:F5:AB:9C:CB:CB:54:A3:FA:11
ValidityThu, 09 May 2024 12:46:32 GMT - Wed, 07 Aug 2024 12:46:31 GMT

File type
HTML document, ASCII text, with very long lines (546), with no line terminators
Size
516 B (516 bytes)
Hash
b960eab7a7bf6eca59c33ab3b6ad5ec9
63822fce8e262d45ccfd1416492ce1dd43aab9ea
04f72254130f1fe8c3853faeae1694daa9a3798015df56944eea46faf104de08

HTTP Headers

GET /renderer/0.2.17/index.html?options=eyJlbmRwb2ludCI6Imh0dHBzOi8vZW5naW5lLmFwaS5naXN0LmJ1aWxkIiwic2l0ZUlkIjoiNTE0NTQ5NWYxYmE4ZWM1ZTNhNzciLCJkYXRhQ2VudGVyIjoidXMiLCJtZXNzYWdlSWQiOiIiLCJpbnN0YW5jZUlkIjoiMjFiNTc0ZjktMmI4NS00ZTU4LWI3YzUtNTliYTZmNWE5N2FiIiwibGl2ZVByZXZpZXciOmZhbHNlfQ%3D%3D HTTP/1.1
Host: code.gist.build
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alphabookbet.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 11 May 2024 01:14:52 GMT
content-type: text/html
last-modified: Thu, 09 May 2024 11:19:10 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx00000a8e14f1a1c9de5ee-00663ec68c-445f93e9-ams3b
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: 03b5fb56-b915-4b88-b380-33c921f54627
cache-control: max-age=3600
x-envoy-upstream-healthchecked-cluster: 
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ol%2BqhU61LaZt2r3RG8kK0P90Rdd0em2kGugRb5zelJwIoNX8hr0m0vgl%2F7%2FkDQ4cs51aFC7uAkxAlqpGuPEGmmvsLq0e%2BWoRUdaFUK27QKKK0ZZNKEwUg5F0acJ2mZbQ%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881e508f9a7b569b-OSL
content-encoding: br
X-Firefox-Spdy: h2

alphabookbet.com/assets/0.e108435188c550b4d37f.css

104.21.11.147

200 OK

9.5 kB

URL GET HTTP/3
alphabookbet.com/assets/0.e108435188c550b4d37f.css
IP
104.21.11.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w3i5qriae740o17137h6l166
Certificate
IssuerGoogle Trust Services LLC
Subjectalphabookbet.com
Fingerprint24:32:C4:83:7D:C1:33:4D:0D:18:31:71:12:62:C6:5F:4E:76:A2:88
ValidityTue, 16 Apr 2024 09:14:41 GMT - Mon, 15 Jul 2024 09:14:40 GMT

File type
ASCII text, with very long lines (9583), with no line terminators
Size
9.5 kB (9492 bytes)
Hash
8384fdb1215406ccc88c795c90469c4d
af9bfa8143f617e783aa161d943c6f5b8f8f5cc4
03a1f72145ec1f9e77e59a7ab241c85a8fdb33820c7039b12388c24fc1ee20a7

HTTP Headers

GET /assets/0.e108435188c550b4d37f.css HTTP/1.1
Host: alphabookbet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w3i5qriae740o17137h6l166
Cookie: locale=en; deviceType=desktop; isPwa=false; userTrackingCodes=%7B%22btag%22%3A%22p55317p55622p2ac1%26subid%3Dw3i5qriae740o17137h6l166%22%7D; connect.sid=s%3AkNRFc_GlSIPfkqq_Mt1ZrbIXwjemrm5_.VDm0L0L1v0Ia06SCMHOkibdxV8H8x44nEUOthr2krhE
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 11 May 2024 01:14:42 GMT
content-type: text/css
last-modified: Thu, 02 May 2024 08:08:51 GMT
etag: W/"66334a13-2514"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 6826
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Lm%2FehUOOXUZ4qOm2gLTJ7tlnzs4zEeGtiZSPqhl5xdWMdrB65wZyNI02aCs8rmdx9HvVdBh2qWQ91f9GkxcJPi9CTSuJi3orFqfFdWoJwZgM2NOrLZ9RfUG%2BS9FU7t5Q35N0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881e504ceacc568d-OSL
alt-svc: h3=":443"; ma=86400

www.google.com/recaptcha/api2/webworker.js?hl=en&v=vjbW55W42X033PfTdVf6Ft4q

142.250.74.132

200 OK

102 B

URL GET HTTP/3
www.google.com/recaptcha/api2/webworker.js?hl=en&v=vjbW55W42X033PfTdVf6Ft4q
IP
142.250.74.132:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldhc0AlAAAAAJUY_BS5coGTzfWcigG8Ffq24P4i&co=aHR0cHM6Ly9hbHBoYWJvb2tiZXQuY29tOjQ0Mw..&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=invisible&cb=rtev3f3rymsw
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0
ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT

File type
ASCII text, with no line terminators
Size
102 B (102 bytes)
Hash
88f0c38a7e2040f9de4edcadf67abd93
0fac6e63c661377c3a229dc53dadb04d96f1140a
732c8f6da5ca71626a4d4e2d7cd0ebe8e6b4453e70208fb1fef7ec2dd8fa84a6

HTTP Headers

GET /recaptcha/api2/webworker.js?hl=en&v=vjbW55W42X033PfTdVf6Ft4q HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldhc0AlAAAAAJUY_BS5coGTzfWcigG8Ffq24P4i&co=aHR0cHM6Ly9hbHBoYWJvb2tiZXQuY29tOjQ0Mw..&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=invisible&cb=rtev3f3rymsw
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/javascript; charset=utf-8
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sat, 11 May 2024 01:14:48 GMT
date: Sat, 11 May 2024 01:14:48 GMT
cache-control: private, max-age=300
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

licensing.gaming-curacao.com/validator/images/verified.png

104.22.74.254

200 OK

953 B

URL GET HTTP/2
licensing.gaming-curacao.com/validator/images/verified.png
IP
104.22.74.254:443
ASN
#13335 CLOUDFLARENET

Requested by
https://licensing.gaming-curacao.com/validator/?lh=ef5d00f94b7d7146760f228013c4867a&template=tseal
Certificate
IssuerLet's Encrypt
Subjectgaming-curacao.com
Fingerprint44:CF:7C:81:A0:6F:EE:C8:08:34:16:FE:D7:77:43:F2:08:68:DC:44
ValidityMon, 08 Apr 2024 03:14:27 GMT - Sun, 07 Jul 2024 03:14:26 GMT

File type
PNG image data, 43 x 32, 8-bit/color RGBA, non-interlaced
Size
953 B (953 bytes)
Hash
c1c467d17b067adc5cf9c59f68158293
00c9d7a48d611755224491a60e5c3e9bc71bd8e5
7734cd90da737336b1480bd252c52c3a416800ce0a7216368b9e9ee4c398c62a

HTTP Headers

GET /validator/images/verified.png HTTP/1.1
Host: licensing.gaming-curacao.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://licensing.gaming-curacao.com/validator/?lh=ef5d00f94b7d7146760f228013c4867a&template=tseal
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 11 May 2024 01:14:44 GMT
content-type: image/png
content-length: 953
last-modified: Fri, 12 Oct 2018 14:39:35 GMT
etag: "3b9-578090e6397c0"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6835
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 881e505d0a52be5b-CPH
X-Firefox-Spdy: h2

static.zdassets.com/web_widget/messenger/latest/web-widget-2306-1220b2e.js

104.18.72.113

200 OK

14 kB

URL GET HTTP/2
static.zdassets.com/web_widget/messenger/latest/web-widget-2306-1220b2e.js
IP
104.18.72.113:443
ASN
#13335 CLOUDFLARENET

Requested by
https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w3i5qriae740o17137h6l166
Certificate
IssuerLet's Encrypt
Subjectzdassets.com
Fingerprint91:4E:55:88:20:64:B8:AA:0E:42:DA:60:4E:C8:0C:21:93:4F:B1:F7
ValidityWed, 01 May 2024 21:55:19 GMT - Tue, 30 Jul 2024 21:55:18 GMT

File type
JavaScript source, ASCII text, with very long lines (14043), with no line terminators
Size
14 kB (14043 bytes)
Hash
941e56141b15f77aa166569e274867c7
6f25fa272defb4836af7df8ba063ffef738d1f12
0ee197b187206e2067b38f9d0661715bc3aa6dce8cee088a88a5212e0b31b6b9

HTTP Headers

GET /web_widget/messenger/latest/web-widget-2306-1220b2e.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 11 May 2024 01:14:48 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: oIP2eYJKEj4GDhG1AgWbvB9jQdMEUBoijfOGRWtcXbnfkqUlg2c0K5Fk4WoBICUdve73Wx6h0Oc=
x-amz-request-id: KEDSNK4GN68KTKRK
x-amz-replication-status: COMPLETED
last-modified: Mon, 06 May 2024 20:40:56 GMT
etag: W/"941e56141b15f77aa166569e274867c7"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Tue, 06 May 2025 20:40:54 GMT
x-amz-version-id: EnF4gLRdmwsavZP3xT.5VbJ..jHQ8kAK
cf-cache-status: HIT
age: 132756
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VvD0pRwpAV3XRy25PuaPX4HcKKHPJWGgsoZPTAIWcUZJSKU8ipiHo2sQ95iXJ948g3IAWjHWgsAXCcxE%2BrTRT%2BmmnINJML1jmDcCHPIUti96qz9F%2Fxeghjc0RNbn11q9G28jPDU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-max-age: 0
server: cloudflare
cf-ray: 881e50741a655687-OSL
content-encoding: br
X-Firefox-Spdy: h2

alphabookbet.com/assets/public/favicon/favicon-16x16.png

104.21.11.147

200 OK

280 B

URL GET HTTP/3
alphabookbet.com/assets/public/favicon/favicon-16x16.png
IP
104.21.11.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w3i5qriae740o17137h6l166
Certificate
IssuerGoogle Trust Services LLC
Subjectalphabookbet.com
Fingerprint24:32:C4:83:7D:C1:33:4D:0D:18:31:71:12:62:C6:5F:4E:76:A2:88
ValidityTue, 16 Apr 2024 09:14:41 GMT - Mon, 15 Jul 2024 09:14:40 GMT

File type
PNG image data, 16 x 16, 8-bit colormap, non-interlaced
Size
280 B (280 bytes)
Hash
9208557a9a14a88e64f41ef4b4369980
3feb7f2ffa74adea0b514e518cbef5e3b4c7c57f
1d5ff95a3285e8fa45d7ac0112f1eae576bb18db120d81e9c0feb3bbc552b087

HTTP Headers

GET /assets/public/favicon/favicon-16x16.png HTTP/1.1
Host: alphabookbet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w3i5qriae740o17137h6l166
Cookie: locale=en; deviceType=desktop; isPwa=false; userTrackingCodes=%7B%22btag%22%3A%22p55317p55622p2ac1%26subid%3Dw3i5qriae740o17137h6l166%22%7D; connect.sid=s%3AkNRFc_GlSIPfkqq_Mt1ZrbIXwjemrm5_.VDm0L0L1v0Ia06SCMHOkibdxV8H8x44nEUOthr2krhE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 11 May 2024 01:14:44 GMT
content-type: image/png
last-modified: Thu, 02 May 2024 08:08:51 GMT
etag: W/"66334a13-118"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 3141
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LcycSaWNfNGywtkmYSGzkLCXDzN%2BZCSXH2Ua9pA7mVWQYEWDLhykxEY%2BlMklgDXkhmB%2FWvvR33Og3vTjJxrO%2FoPai2aKT%2FSdedJa13f33Zx%2B41mxWexZlJtqaap6%2Bjv2RxlA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881e505c498f568d-OSL
alt-svc: h3=":443"; ma=86400

alphabook-static.ams3.cdn.digitaloceanspaces.com/images/games/BigBassBonanzaTH_47082f3cb6afb707.jpg

172.64.145.29

200 OK

24 kB

URL GET HTTP/2
alphabook-static.ams3.cdn.digitaloceanspaces.com/images/games/BigBassBonanzaTH_47082f3cb6afb707.jpg
IP
172.64.145.29:443
ASN
#13335 CLOUDFLARENET

Requested by
https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w3i5qriae740o17137h6l166
Certificate
IssuerDigiCert Inc
Subject*.ams3.cdn.digitaloceanspaces.com
Fingerprint9A:82:28:72:94:55:AD:99:B2:AE:0E:96:16:F8:70:CA:8E:94:FD:A3
ValidityFri, 19 Apr 2024 00:00:00 GMT - Wed, 07 May 2025 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 360x260, components 3
Size
24 kB (24418 bytes)
Hash
ac7fa2668fd42c49e6fd54455d86a7a8
f6e0454c64da78d24c108989623607ce7f5a8d1e
6eb6e3a7e71b4f4c5b1959b98844c8cbb17b7d5f961f6c9aa05d77ef26f26536

HTTP Headers

GET /images/games/BigBassBonanzaTH_47082f3cb6afb707.jpg HTTP/1.1
Host: alphabook-static.ams3.cdn.digitaloceanspaces.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 11 May 2024 01:14:47 GMT
content-type: image/jpeg
content-length: 24418
cache-control: max-age=3600
cf-bgj: h2pri
etag: "ac7fa2668fd42c49e6fd54455d86a7a8"
last-modified: Wed, 12 Apr 2023 10:57:27 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-meta-mtime: 1680084860
x-amz-request-id: tx00000dbe7483a6ad44276-0065dd152a-471ab797-ams3c
x-do-cdn-uuid: 13675b4a-88fe-453f-b127-1cc8b20ab375
x-envoy-upstream-healthchecked-cluster: 
x-rgw-object-type: Normal
cf-cache-status: HIT
age: 45
accept-ranges: bytes
set-cookie: __cf_bm=Aijj9pT1cp2YlKrjS0YhFFMAMyTG_P2u6A4VjxMNdqo-1715390087-1.0.1.1-5i1TfrCowqq_HJBB5rt4VVl_VppxEvdB2ykz1GWdLtnKBZfpZ5LqI9OvIiEkQvQpd7mvA400xo546Fg8NByDBg; path=/; expires=Sat, 11-May-24 01:44:47 GMT; domain=.digitaloceanspaces.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 881e506d58df56c3-OSL
X-Firefox-Spdy: h2

alphabookbet.com/assets/public/pwa/icons/icon-152x152-safari.png

104.21.11.147

200 OK

2.3 kB

URL GET HTTP/3
alphabookbet.com/assets/public/pwa/icons/icon-152x152-safari.png
IP
104.21.11.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w3i5qriae740o17137h6l166
Certificate
IssuerGoogle Trust Services LLC
Subjectalphabookbet.com
Fingerprint24:32:C4:83:7D:C1:33:4D:0D:18:31:71:12:62:C6:5F:4E:76:A2:88
ValidityTue, 16 Apr 2024 09:14:41 GMT - Mon, 15 Jul 2024 09:14:40 GMT

File type
PNG image data, 152 x 152, 8-bit colormap, non-interlaced
Size
2.3 kB (2267 bytes)
Hash
6fd3550ec8f31170e94c321b6321282e
86f89e1d4e16876921b17a2bf3e4f51bc1bae9f6
68f666947cd07d48f61514fad617ef09c06ee3c2cce1a917a8f76f3153513a77

HTTP Headers

GET /assets/public/pwa/icons/icon-152x152-safari.png HTTP/1.1
Host: alphabookbet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w3i5qriae740o17137h6l166
Cookie: locale=en; deviceType=desktop; isPwa=false; userTrackingCodes=%7B%22btag%22%3A%22p55317p55622p2ac1%26subid%3Dw3i5qriae740o17137h6l166%22%7D; connect.sid=s%3AkNRFc_GlSIPfkqq_Mt1ZrbIXwjemrm5_.VDm0L0L1v0Ia06SCMHOkibdxV8H8x44nEUOthr2krhE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 11 May 2024 01:14:44 GMT
content-type: image/png
last-modified: Thu, 02 May 2024 08:08:51 GMT
etag: W/"66334a13-8db"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 6074
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TW9POuizmgcyLDzQ8IYLJshvDVGaIeqSVzBLw9GDHa3U%2Fn6YTjgQm5sMhf%2BqO7AE0o8hEZb6cN91iYHNJDUz8zDFrw50WDn6iqf6I0vSfPR%2FK2U8H%2FKIAiTtDrQTKvErV6Fl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881e505c498e568d-OSL
alt-svc: h3=":443"; ma=86400

alphabookbet.com/assets/main.5c02046c6706569f0122.js

104.21.11.147

200 OK

3.5 MB

URL GET HTTP/3
alphabookbet.com/assets/main.5c02046c6706569f0122.js
IP
104.21.11.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w3i5qriae740o17137h6l166
Certificate
IssuerGoogle Trust Services LLC
Subjectalphabookbet.com
Fingerprint24:32:C4:83:7D:C1:33:4D:0D:18:31:71:12:62:C6:5F:4E:76:A2:88
ValidityTue, 16 Apr 2024 09:14:41 GMT - Mon, 15 Jul 2024 09:14:40 GMT

File type

Size
3.5 MB (3467714 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /assets/main.5c02046c6706569f0122.js HTTP/1.1
Host: alphabookbet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w3i5qriae740o17137h6l166
Cookie: locale=en; deviceType=desktop; isPwa=false; userTrackingCodes=%7B%22btag%22%3A%22p55317p55622p2ac1%26subid%3Dw3i5qriae740o17137h6l166%22%7D; connect.sid=s%3AkNRFc_GlSIPfkqq_Mt1ZrbIXwjemrm5_.VDm0L0L1v0Ia06SCMHOkibdxV8H8x44nEUOthr2krhE
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 11 May 2024 01:14:42 GMT
content-type: application/javascript
last-modified: Thu, 02 May 2024 08:08:51 GMT
etag: W/"66334a13-34e9c2"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 6805
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0ZWHa%2BkiVMIP0uVuJKhOKSmnqJosjjo%2FFYm7CiN3pLDdlEe7BdpvdyrIGlgm%2BE5HidJT44WtOqAljrAj%2F5hat0sGfnbH38DjAL7Bj2c1jjsb3seqSL3rLI%2B%2B7gl2ZGkEje4y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881e504e0b74568d-OSL
alt-svc: h3=":443"; ma=86400

www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/styles__ltr.css

142.250.74.67

200 OK

56 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/styles__ltr.css
IP
142.250.74.67:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldhc0AlAAAAAJUY_BS5coGTzfWcigG8Ffq24P4i&co=aHR0cHM6Ly9hbHBoYWJvb2tiZXQuY29tOjQ0Mw..&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=invisible&cb=rtev3f3rymsw
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
ASCII text, with very long lines (56412), with no line terminators
Size
56 kB (56412 bytes)
Hash
2c00b9f417b688224937053cd0c284a5
17b4c18ebc129055dd25f214c3f11e03e9df2d82
1e754b107428162c65a26d399b66db3daaea09616bf8620d9de4bc689ce48eed

HTTP Headers

GET /recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24617
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 May 2024 19:34:32 GMT
expires: Tue, 06 May 2025 19:34:32 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 05 May 2024 20:00:16 GMT
content-type: text/css
vary: Accept-Encoding
age: 366016
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

glugherg.net/?z=6662145&syncedCookie=true&rhd=false

139.45.197.237

302 Found

12 MB

URL User Request POST HTTP/2
glugherg.net/?z=6662145&syncedCookie=true&rhd=false
IP
139.45.197.237:443
ASN
#9002 RETN Limited

Certificate
IssuerLet's Encrypt
Subjectglugherg.net
Fingerprint32:41:21:37:65:99:C2:A0:C3:78:74:04:E3:8D:18:A9:B6:60:97:57
ValiditySun, 14 Apr 2024 05:10:47 GMT - Sat, 13 Jul 2024 05:10:46 GMT

File type

Size
12 MB (12009974 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /?z=6662145&syncedCookie=true&rhd=false HTTP/1.1
Host: glugherg.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 520
Origin: https://glugherg.net
DNT: 1
Connection: keep-alive
Referer: https://glugherg.net/afu.php?zoneid=6662145&var=6662145&rid=XXz4jyvWNyEJSqRKY8d18w%3D%3D&rhd=false&ab2r=0&sf=1
Cookie: OAID=008059ef5b94410ce73f53e29e63de0d; oaidts=1715390079
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx
date: Sat, 11 May 2024 01:14:39 GMT
content-length: 0
location: https://millinschioner.com/cac6f840-a47c-4cc3-bd0f-02a6f8972f0d?zoneid=6662145&bannerid=20854761&zonetype={zone_type}&campaignid=8131625&device=desktop&region=03&isp=blix group as&useragent=Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0&language=en&connectiontype=broadband&cost=0.001050&visitor_id=812967518997327875
x-trace-id: 3f356dbe1cd51e5f0c385313342dabe6
link: <https://millinschioner.com>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
referrer-policy: no-referrer
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://glugherg.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=008059ef5b94410ce73f53e29e63de0d; expires=Sun, 11 May 2025 01:14:39 GMT; path=/; secure; SameSite=None
oaidts=1715390079; expires=Sun, 11 May 2025 01:14:39 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Sat, 18 May 2024 01:14:39 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

code.gist.build/renderer/0.2.17/main.min.js

104.26.10.146

200 OK

2.6 kB

URL GET HTTP/2
code.gist.build/renderer/0.2.17/main.min.js
IP
104.26.10.146:443
ASN
#13335 CLOUDFLARENET

Requested by
https://code.gist.build/renderer/0.2.17/index.html?options=eyJlbmRwb2ludCI6Imh0dHBzOi8vZW5naW5lLmFwaS5naXN0LmJ1aWxkIiwic2l0ZUlkIjoiNTE0NTQ5NWYxYmE4ZWM1ZTNhNzciLCJkYXRhQ2VudGVyIjoidXMiLCJtZXNzYWdlSWQiOiIiLCJpbnN0YW5jZUlkIjoiMjFiNTc0ZjktMmI4NS00ZTU4LWI3YzUtNTliYTZmNWE5N2FiIiwibGl2ZVByZXZpZXciOmZhbHNlfQ%3D%3D
Certificate
IssuerGoogle Trust Services LLC
Subjectcode.gist.build
FingerprintFA:67:04:D3:A1:44:E1:B1:B2:7A:D6:F5:AB:9C:CB:CB:54:A3:FA:11
ValidityThu, 09 May 2024 12:46:32 GMT - Wed, 07 Aug 2024 12:46:31 GMT

File type
ASCII text, with very long lines (2609), with no line terminators
Size
2.6 kB (2608 bytes)
Hash
49c1b572a6a24e0c2010957ffa79c019
5326acd799375a5b7c71370d0a6eae3b01e27244
10aa9041556f3ad9575836c329a8f4fd803d16489533d63105f46126bf06d242

HTTP Headers

GET /renderer/0.2.17/main.min.js HTTP/1.1
Host: code.gist.build
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://code.gist.build/renderer/0.2.17/index.html?options=eyJlbmRwb2ludCI6Imh0dHBzOi8vZW5naW5lLmFwaS5naXN0LmJ1aWxkIiwic2l0ZUlkIjoiNTE0NTQ5NWYxYmE4ZWM1ZTNhNzciLCJkYXRhQ2VudGVyIjoidXMiLCJtZXNzYWdlSWQiOiIiLCJpbnN0YW5jZUlkIjoiMjFiNTc0ZjktMmI4NS00ZTU4LWI3YzUtNTliYTZmNWE5N2FiIiwibGl2ZVByZXZpZXciOmZhbHNlfQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 11 May 2024 01:14:52 GMT
content-type: application/javascript
last-modified: Thu, 09 May 2024 11:19:10 GMT
x-rgw-object-type: Normal
etag: W/"5074b3b3f2bd4520ed4a76c3c5d22f15"
x-amz-request-id: tx00000e9e86d890d4086aa-00663cb391-445f93e9-ams3b
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: 03b5fb56-b915-4b88-b380-33c921f54627
cache-control: max-age=14400
x-envoy-upstream-healthchecked-cluster: 
cf-cache-status: HIT
age: 2566
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3YJ8ZGU6ZBza00qeA%2FFYk861I9b3lU3ImBigrv%2B8VMvCYmI2HYjJ8PronjJ55sCmKCKX4Gne5T9jcqd8g2jXFLcHpm%2FSPabhvTOyPENALnQJt1aop6MHHjYePcQUS2cgUw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881e50910b28569b-OSL
content-encoding: br
X-Firefox-Spdy: h2

alphabookbet.com/assets/theme.31e3a9f5096fcfb21796.css

104.21.11.147

200 OK

732 kB

URL GET HTTP/3
alphabookbet.com/assets/theme.31e3a9f5096fcfb21796.css
IP
104.21.11.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w3i5qriae740o17137h6l166
Certificate
IssuerGoogle Trust Services LLC
Subjectalphabookbet.com
Fingerprint24:32:C4:83:7D:C1:33:4D:0D:18:31:71:12:62:C6:5F:4E:76:A2:88
ValidityTue, 16 Apr 2024 09:14:41 GMT - Mon, 15 Jul 2024 09:14:40 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
732 kB (731881 bytes)
Hash
9e3d97082252b00b8a10c29613d380b6
9a55a663e6e245ffd5e78b1d93fc8966a0ab62c1
08ffc785f99054ed11e44f47a3261e5df269bfecf8c9f58fbc02f033006dc90a

HTTP Headers

GET /assets/theme.31e3a9f5096fcfb21796.css HTTP/1.1
Host: alphabookbet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w3i5qriae740o17137h6l166
Cookie: locale=en; deviceType=desktop; isPwa=false; userTrackingCodes=%7B%22btag%22%3A%22p55317p55622p2ac1%26subid%3Dw3i5qriae740o17137h6l166%22%7D; connect.sid=s%3AkNRFc_GlSIPfkqq_Mt1ZrbIXwjemrm5_.VDm0L0L1v0Ia06SCMHOkibdxV8H8x44nEUOthr2krhE
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 11 May 2024 01:14:42 GMT
content-type: text/css
last-modified: Thu, 02 May 2024 08:08:51 GMT
etag: W/"66334a13-b2ae9"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 6826
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ajhzYU5lgIIBCxgSVZfqhUTvMXzTNkb4hojQ3xJxodM7j3P01KIBOZuWNgU6ncsLWqSUKXC56KGEpLsQUy3qbjrCt6BD32hg%2BKZCU7mRCd%2BXrvCstMQINHQf1GQoxxS76EEQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881e504ceacb568d-OSL
alt-svc: h3=":443"; ma=86400

alphabookbet.com/assets/public/producers-icon/spinomenal-small.png

104.21.11.147

200 OK

2.9 kB

URL GET HTTP/3
alphabookbet.com/assets/public/producers-icon/spinomenal-small.png
IP
104.21.11.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w3i5qriae740o17137h6l166
Certificate
IssuerGoogle Trust Services LLC
Subjectalphabookbet.com
Fingerprint24:32:C4:83:7D:C1:33:4D:0D:18:31:71:12:62:C6:5F:4E:76:A2:88
ValidityTue, 16 Apr 2024 09:14:41 GMT - Mon, 15 Jul 2024 09:14:40 GMT

File type
PNG image data, 72 x 72, 8-bit/color RGBA, non-interlaced
Size
2.9 kB (2894 bytes)
Hash
2c90ac946ec25933869b934a708448e0
fb5c9db4caeb1c8ade45e7b296f0366a7cb26976
54d0e393ad0321003cb06beef20269bcda05476f7c2afac850b88b90d9f159ed

HTTP Headers

GET /assets/public/producers-icon/spinomenal-small.png HTTP/1.1
Host: alphabookbet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w3i5qriae740o17137h6l166
Cookie: locale=en; deviceType=desktop; isPwa=false; userTrackingCodes=%7B%22btag%22%3A%22p55317p55622p2ac1%26subid%3Dw3i5qriae740o17137h6l166%22%7D; connect.sid=s%3AkNRFc_GlSIPfkqq_Mt1ZrbIXwjemrm5_.VDm0L0L1v0Ia06SCMHOkibdxV8H8x44nEUOthr2krhE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 11 May 2024 01:14:42 GMT
content-type: image/png
last-modified: Thu, 02 May 2024 08:08:51 GMT
etag: W/"66334a13-b4e"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 1213
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yI%2FVUg%2Fy6LLdJTy16eP380JkLMgKGztuqB1xBlmrYOarJO3Dd17JKSd3QogAkq4QYzozMoy0eKdv0a1iHs3oUMlGEpPd6K4UlsvSi0CoVahv%2FIDm1tdjhyCZDUTEBiwkupQ%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881e504cead0568d-OSL
alt-svc: h3=":443"; ma=86400

cdn.onesignal.com/sdks/web/v16/OneSignalSDK.page.js

104.16.160.145

200 OK

1.7 kB

URL GET HTTP/2
cdn.onesignal.com/sdks/web/v16/OneSignalSDK.page.js
IP
104.16.160.145:443
ASN
#13335 CLOUDFLARENET

Requested by
https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w3i5qriae740o17137h6l166
Certificate
IssuerGoogle Trust Services LLC
Subjectonesignal.com
Fingerprint28:4D:B2:BB:68:03:29:A7:D8:CB:4B:48:D4:14:BD:A4:4C:0F:D8:70
ValidityMon, 01 Apr 2024 23:12:28 GMT - Sun, 30 Jun 2024 23:12:27 GMT

File type
JavaScript source, ASCII text, with very long lines (1766), with no line terminators
Size
1.7 kB (1741 bytes)
Hash
17ba573ef8bde8f7bae54697ae98b376
56fe76e7c409cb8648a811dc6c6fb81a7af5d772
e2067dd5fb289b0bc34fe8d08b17eced27667f4d216f10cfa596a2d2f679d592

HTTP Headers

GET /sdks/web/v16/OneSignalSDK.page.js HTTP/1.1
Host: cdn.onesignal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 11 May 2024 01:14:42 GMT
content-type: application/javascript
etag: W/"e97acd0bc7104d45af67c0c1d883418e"
access-control-allow-headers: OneSignal-Subscription-Id
via: 1.1 google
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 3082
expires: Tue, 14 May 2024 01:14:42 GMT
cache-control: public, max-age=259200
set-cookie: __cf_bm=_kLDXKDP5z5OE3uEk9eOyR.4tuKFKNjt2xU1hIHMRFU-1715390082-1.0.1.1-kr1aJ.MPTEJ432lbpmIMHkQGVqBG9X8XGOXZxVGkGT2ISwrPUpYhyhb5yS44q0B6HmXIDudEUDI5r_.g2s.Upg; path=/; expires=Sat, 11-May-24 01:44:42 GMT; domain=.onesignal.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
cf-ray: 881e504d1eca1c06-OSL
content-encoding: br
X-Firefox-Spdy: h2

static.zdassets.com/web_widget/messenger/latest/web-widget-main-1220b2e.js

104.18.72.113

200 OK

465 kB

URL GET HTTP/2
static.zdassets.com/web_widget/messenger/latest/web-widget-main-1220b2e.js
IP
104.18.72.113:443
ASN
#13335 CLOUDFLARENET

Requested by
https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w3i5qriae740o17137h6l166
Certificate
IssuerLet's Encrypt
Subjectzdassets.com
Fingerprint91:4E:55:88:20:64:B8:AA:0E:42:DA:60:4E:C8:0C:21:93:4F:B1:F7
ValidityWed, 01 May 2024 21:55:19 GMT - Tue, 30 Jul 2024 21:55:18 GMT

File type

Size
465 kB (464880 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /web_widget/messenger/latest/web-widget-main-1220b2e.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 11 May 2024 01:14:48 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: uYWKegHmhbnFTsxiR/0dlLgWulDInubv0nY6MQCzeM5eOtFXcI+Mm+3dGlJoLR7F7OTTGKJrxGs=
x-amz-request-id: KEDYMG1JBRXCQCVT
x-amz-replication-status: COMPLETED
last-modified: Mon, 06 May 2024 20:40:56 GMT
etag: W/"565a0c5144b0794d1d5a1063fd60378e"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Tue, 06 May 2025 20:40:55 GMT
x-amz-version-id: y_gfG1vONMHqWQ.mQEsIq7R0YYGjKtMY
cf-cache-status: HIT
age: 132756
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PMGWNG4kjTNlHl2WWtR4R8bVvDBtaifn8Y1o1C9kEXGJ18VEPfRZ%2BaLeOPFzHE23gIZS5qiBWILBJC5GDh0KvkVswJXKYHSvkCc6GUiF7oIKw9H7i3qGO05z3YREEvlqSffDGp4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-max-age: 0
server: cloudflare
cf-ray: 881e5071e9915687-OSL
content-encoding: br
X-Firefox-Spdy: h2

licensing.gaming-curacao.com/validator/images/tablet.css

104.22.74.254

200 OK

320 B

URL GET HTTP/2
licensing.gaming-curacao.com/validator/images/tablet.css
IP
104.22.74.254:443
ASN
#13335 CLOUDFLARENET

Requested by
https://licensing.gaming-curacao.com/validator/?lh=ef5d00f94b7d7146760f228013c4867a&template=tseal
Certificate
IssuerLet's Encrypt
Subjectgaming-curacao.com
Fingerprint44:CF:7C:81:A0:6F:EE:C8:08:34:16:FE:D7:77:43:F2:08:68:DC:44
ValidityMon, 08 Apr 2024 03:14:27 GMT - Sun, 07 Jul 2024 03:14:26 GMT

File type
ASCII text, with very long lines (382), with no line terminators
Size
320 B (320 bytes)
Hash
2b2b872c5c38abdfbd2ddf9fc0c13047
a0f11cce1b2eea0ba96b06924e23e39e8019fb40
96dd6318d41113c7ae1e9d0a9ffa997cce8c06911abc7ef1cc18bd0efa1089c0

HTTP Headers

GET /validator/images/tablet.css HTTP/1.1
Host: licensing.gaming-curacao.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://licensing.gaming-curacao.com/validator/?lh=ef5d00f94b7d7146760f228013c4867a&template=tseal
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 11 May 2024 01:14:44 GMT
content-type: text/css
last-modified: Fri, 12 Oct 2018 14:39:35 GMT
etag: W/"140-578090e6397c0"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6857
vary: Accept-Encoding
server: cloudflare
cf-ray: 881e505d0a4ebe5b-CPH
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (43)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL