Report - helixnixo.buzz/

Report Overview

Submitted URL
helixnixo.buzz/
IP
172.67.208.86
ASN
#13335 CLOUDFLARENET
Submitted
2023-02-06 16:40:28
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
1
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-13T08:44:36Z	2.0 kB	73 kB	142.250.74.35
a.exoclick.com	71579	2019-05-20T15:17:49Z	2023-03-13T05:42:16Z	360 B	922 B	205.185.216.10
www.google.com	7	2015-05-10T13:11:19Z	2023-03-13T06:40:43Z	400 B	1.1 kB	142.250.74.164
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-13T06:00:13Z	4.8 kB	8.8 kB	93.184.220.29
coffee2play.com	575294	2018-09-10T14:13:40Z	2023-03-13T00:56:05Z	566 B	4.3 kB	172.67.163.47
sat.crwds.net	unknown	2021-11-02T11:53:15Z	2023-03-12T08:01:16Z	441 B	21 kB	203.30.191.209
sat.ugabartint.net	unknown	2021-11-23T08:34:52Z	2023-02-25T17:42:07Z	1.9 kB	52 kB	203.34.80.159
chat.prod.yhelper.net	unknown	2022-05-05T18:50:38Z	2023-03-13T00:56:08Z	588 B	228 B	35.204.181.185
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	52.88.143.102
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-13T07:36:03Z	368 B	21 kB	142.250.74.110
ggbets1.net	unknown	2021-09-23T10:34:31Z	2023-03-11T21:07:42Z	2.8 kB	3.7 kB	203.30.189.19
secure.adnxs.com	396	2012-05-22T18:37:37Z	2023-03-13T05:28:06Z	1.2 kB	524 kB	37.252.171.149
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
ggbetpromo.com	730258	2017-01-18T16:59:46Z	2023-03-13T00:55:47Z	506 B	1.1 kB	104.21.51.166
stats.g.doubleclick.net	96	2013-06-10T22:21:11Z	2023-03-13T08:02:41Z	1.2 kB	1.2 kB	64.233.165.157
stat.ggbets1.net	unknown	2021-09-23T10:34:31Z	2023-01-29T00:22:37Z	606 B	561 B	203.30.189.19
helixnixo.buzz	unknown	2022-10-23T23:05:58Z	2023-01-20T12:10:31Z	790 B	2.1 kB	172.67.208.86
gbett1.net	unknown	2021-09-23T10:31:05Z	2023-03-13T00:56:19Z	390 B	487 B	203.32.121.98
region1.google-analytics.com	unknown	2022-03-17T12:26:33Z	2023-03-13T05:09:18Z	1.0 kB	442 B	216.239.34.36
zz.connextra.com	14652	2014-03-20T18:05:16Z	2023-03-13T06:57:52Z	492 B	2.9 kB	104.110.28.81
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-13T08:28:24Z	1.2 kB	128 kB	142.250.74.168
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	2.7 kB	49 kB	34.120.237.76
widget.yhelper.net	446459	2019-04-30T08:57:38Z	2023-03-13T01:47:26Z	3.1 kB	422 kB	203.30.189.107
f52dbc7f-cbcb-4ccf-87d5-3e05f6c9f762.seals-emr.certria.com	unknown	2022-11-30T15:19:45Z	2023-03-04T13:54:00Z	401 B	79 kB	143.204.55.108
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	2.4 kB	6.2 kB	23.36.77.32
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
e1.o.lencr.org	6159	2021-08-20T09:36:30Z	2023-03-13T05:21:46Z	676 B	1.5 kB	23.36.77.32
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	4.1 kB	58 kB	142.250.74.131
www.gstatic.com	unknown	2016-07-26T11:37:06Z	2023-03-13T07:57:11Z	433 B	165 kB	142.250.74.35
static.hotjar.com	641	2014-11-01T06:14:27Z	2023-03-13T05:12:51Z	373 B	17 kB	143.204.55.84
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-13T08:14:31Z	411 B	1.2 kB	142.250.74.106
gg.bet	341059	2016-07-31T10:34:09Z	2023-03-11T21:07:28Z	386 B	1.0 kB	203.29.52.121

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-02-06 16:41:02	medium	Client IP	172.67.208.86	ET INFO HTTP Request to a *.buzz domain

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (78)

	URL	Size	First Seen	Last Seen
	a.exoclick.com/tag_gen.js	1.0 kB	2023-03-07	2023-05-03
Pretty URL a.exoclick.com/tag_gen.js IP 205.185.216.10 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:21 Last Seen2023-05-03 11:49:17 Times Seen218 Hash e04e1dcc070d00703ed07cf1d8d4dbbb a56c0470b9aa925085e51a6271a4a2185006fc13 3f89c138ce1226da6cf58792344304839adeea6fc1fad2ba4ff9fc137abb70a0 Loading...

	ggbets1.net/static/130237/assets/js/games.js	1.4 MB	2023-03-13	2023-03-13
Pretty URL ggbets1.net/static/130237/assets/js/games.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:29:56 Last Seen2023-03-13 18:29:56 Times Seen1 Hash b44e6888ec9c2e7d16d87a8676754be5 576d0222ed0e8b79801a2f07aac50bb5947a5382 2137a82ca82ab2db7886dec82a746d864b040a62fe352db033690033da1c700e Loading...

	www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit	909 B	2023-03-13	2023-03-13
Pretty URL www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:37:54 Last Seen2023-03-13 20:47:43 Times Seen1 Hash 3be8880a70e485f6b771b2a75dfaa735 62f6047f456201950f1deb69f65aa8b77ef95dba 0c39b99db1553c9a166d075afed3b614e0d513e39a4bf86d9ad2e5a340b7ddc9 Loading...

	coffee2play.com/?s=60&ref=gg_w174495c143008l8366gnop799_s8hnpa76e&encoded_url=Y2FzaW5vIyEvYXV0aC9yZWdpc3Rlcj9wb3B1cA==&click_id=s8hnpa76e	1.1 kB	2023-03-13	2023-03-13
Pretty URL coffee2play.com/?s=60&ref=gg_w174495c143008l8366gnop799_s8hnpa76e&encoded_url=Y2FzaW5vIyEvYXV0aC9yZWdpc3Rlcj9wb3B1cA==&click_id=s8hnpa76e IP 172.67.163.47 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:29:56 Last Seen2023-03-13 18:29:56 Times Seen1 Hash 83436d98770685f24ce36c1a2d68c142 173ae36bf0027dc07a2fc19d554c1c302687317d 763f2687926eead348dd2850b065393b1ae2611d53376c402251a45b6b7314a5 Loading...

	coffee2play.com/?s=60&ref=gg_w174495c143008l8366gnop799_s8hnpa76e&encoded_url=Y2FzaW5vIyEvYXV0aC9yZWdpc3Rlcj9wb3B1cA==&click_id=s8hnpa76e	2.2 kB	2023-03-13	2023-03-13
Pretty URL coffee2play.com/?s=60&ref=gg_w174495c143008l8366gnop799_s8hnpa76e&encoded_url=Y2FzaW5vIyEvYXV0aC9yZWdpc3Rlcj9wb3B1cA==&click_id=s8hnpa76e IP 172.67.163.47 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:29:56 Last Seen2023-03-13 18:29:56 Times Seen1 Hash c93954e1ec24fbc0161866321d6589a3 ec31b0ecb2057b9740061f8b8080afb1741c8408 7bb7980565883209ebf47f026c661d84250a2f1d2fbc18666e5d9bd09bf76c66 Loading...

	ggbets1.net/en/casino?ref=gg_w174495c143008l8366gnop799_s8hnpa76e&affdata%5Bsubdata%5D=c89c19045bc1c74fffa579d1f73d1366&affdata%5Bclick_id%5D=s8hnpa76e&affdata%5Bgeo%5D=no&affdata%5Brotator%5D=143008&affdata%5Blanding%5D=8366&affdata%5Bsub_id%5D=s8hnpa76e#!/auth/register?popup	1.1 kB	2023-03-13	2024-01-25
Pretty URL ggbets1.net/en/casino?ref=gg_w174495c143008l8366gnop799_s8hnpa76e&affdata%5Bsubdata%5D=c89c19045bc1c74fffa579d1f73d1366&affdata%5Bclick_id%5D=s8hnpa76e&affdata%5Bgeo%5D=no&affdata%5Brotator%5D=143008&affdata%5Blanding%5D=8366&affdata%5Bsub_id%5D=s8hnpa76e#!/auth/register?popup IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:29:56 Last Seen2024-01-25 10:28:35 Times Seen10 Hash ea267153f39fb6c3055c203359e4545d 14a2b04368c71d78ce05efe12410583027177b66 73873f604358c99642ff7f92e0991d306480cffb05fa7a72475549a63f7729ed Loading...

	ggbets1.net/static/130237/assets/js/chunks/27114.d3935cbe8766e5381ac7.js	11 kB	2023-03-13	2023-05-10
Pretty URL ggbets1.net/static/130237/assets/js/chunks/27114.d3935cbe8766e5381ac7.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:29:56 Last Seen2023-05-10 08:29:36 Times Seen3 Hash 8424e53080d9d4c00a1de9b724b78a67 c840a8e9cc164e8d4acd0c1c076f163dce1348cc ff06ca80303031ca7e9a560e81a1e2da63e97f010242f07e8b0fa0de92cd22fe Loading...

	coffee2play.com/js/utils.js	3.3 kB	2023-03-08	2023-03-26
Pretty URL coffee2play.com/js/utils.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:25:56 Last Seen2023-03-26 03:55:07 Times Seen2 Hash 72d38603c8f3f15fcaf5093781c8889d 734ed4c33a0e0d618add92ea75eeaa8871feb11f bfe0d62be3f1364aaa487d23dca70e7d982eaabbbf75a29ea7131718fe80403e Loading...

	ggbets1.net/static/130237/assets/js/chunks/35075.5c1e593bb87b0fd74055.js	7.8 kB	2023-03-13	2023-03-13
Pretty URL ggbets1.net/static/130237/assets/js/chunks/35075.5c1e593bb87b0fd74055.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:29:56 Last Seen2023-03-13 18:29:56 Times Seen1 Hash 94be0877d87efa6ff1e3b56f6d948368 98e183e0ffcebf73d2c309481a8b3697b9bf995e 866576d24170ce896a91b57aeeea6339d64f3e4857b009fc27b84825dfb2cbe0 Loading...

	ggbets1.net/static/130237/assets/js/chunks/60162.b3d3682efdefc9f2a310.js	894 B	2023-03-13	2024-01-25
Pretty URL ggbets1.net/static/130237/assets/js/chunks/60162.b3d3682efdefc9f2a310.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:29:56 Last Seen2024-01-25 10:28:48 Times Seen6 Hash 840341f2bb889eba3aa2eb7c477c0f02 da28cab546de1157e027ac2910252529dd22a927 e7fac0805e5b7e032c7fbd539cb9105c201445fc30124e7e6f389195a6097c02 Loading...

	ggbets1.net/static/130237/assets/js/chunks/19628.281036b4f27b56968cc1.js	190 B	2023-03-13	2024-01-25
Pretty URL ggbets1.net/static/130237/assets/js/chunks/19628.281036b4f27b56968cc1.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:29:56 Last Seen2024-01-25 10:28:34 Times Seen5 Hash 94b2d06e44a2ecb45e1987a0c0e20663 cf1ab31f295549adb53f42c98b2953e9c47f1748 230d2b5e455b6277f180a34322eab9430c525345c15b1ccb26528f27ad972cdb Loading...

	widget.yhelper.net/widget.js	42 kB	2023-03-12	2023-06-30
Pretty URL widget.yhelper.net/widget.js IP 203.30.189.107 ASN #209242 Cloudflare London, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 14:23:55 Last Seen2023-06-30 06:48:51 Times Seen157 Hash 2b3c434e9dd37d26dffdc7a2bf9fd646 d5417aa51493da439ad3b42c8ff0654cc05bbd41 043c227f7ee5c99e172f2007cbb0ef3a621a3c9993c762e311879906c759599f Loading...

	ggbets1.net/static/130237/assets/js/chunks/70428.2993e9d0861c6ac99d9b.js	1.1 kB	2023-03-13	2024-01-25
Pretty URL ggbets1.net/static/130237/assets/js/chunks/70428.2993e9d0861c6ac99d9b.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:29:56 Last Seen2024-01-25 10:28:48 Times Seen11 Hash 84b7403378ba740dfca2dd57ea4014a4 f84ffc5e56aebf4b94425bc584c000647a0d51dc 3e0cc60b5ff9945737cd6f5bfeb2c8324eb6d124d09e353920adcd44e943122a Loading...

	ggbets1.net/static/130237/assets/js/chunks/10255.a07f29d4686aab5e1ce4.js	1.7 kB	2023-03-13	2023-08-25
Pretty URL ggbets1.net/static/130237/assets/js/chunks/10255.a07f29d4686aab5e1ce4.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:29:56 Last Seen2023-08-25 22:22:42 Times Seen6 Hash 8af7fc6089a1eb88e1324a342c9a9047 20949ffd5de401356ed1bd980f76dcf3bb375834 97fa596b3faeadf2bd4285ed770c11a9e96111fdf2276b420007d3eb51f25176 Loading...

	coffee2play.com/?s=60&ref=gg_w174495c143008l8366gnop799_s8hnpa76e&encoded_url=Y2FzaW5vIyEvYXV0aC9yZWdpc3Rlcj9wb3B1cA==&click_id=s8hnpa76e	369 B	2023-03-13	2023-03-14
Pretty URL coffee2play.com/?s=60&ref=gg_w174495c143008l8366gnop799_s8hnpa76e&encoded_url=Y2FzaW5vIyEvYXV0aC9yZWdpc3Rlcj9wb3B1cA==&click_id=s8hnpa76e IP 172.67.163.47 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 02:04:33 Last Seen2023-03-14 04:56:30 Times Seen1 Hash e21f94bcad199f3bb322e48937579e70 b9b1456e1283ffcdfe8a912cdd959bee786054d9 cee211a83a94cde9a8c3951b8b42943169a4a45342b6be6b4edd1d5d4fff666e Loading...

	zz.connextra.com/dcs/tagController/tag/992b65560df2/regstart	46 kB	2023-03-13	2023-03-13
Pretty URL zz.connextra.com/dcs/tagController/tag/992b65560df2/regstart IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:29:56 Last Seen2023-03-13 18:29:56 Times Seen1 Hash b3e77aaa061144522f3744f703016ae8 113797285f4f6837a810f2463a1dd642bd8d346e 6868d9247592757c9036eb2ee76361675a85e767f5dd66c655b510ce7840a8d7 Loading...

	www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js	412 kB	2023-03-13	2023-03-14
Pretty URL www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js IP 142.250.74.35 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:35:27 Last Seen2023-03-14 08:38:41 Times Seen1 Hash d2aff4cd4e40d9bfa2c1f818bcad7ce2 4cc960f771819bccd4783520506e3909e8ec0fcd d808130157ed1fca0469f5f40210d7d1b2dc2c41add64e658bb3222aea4d9eba Loading...

	f52dbc7f-cbcb-4ccf-87d5-3e05f6c9f762.seals-emr.certria.com/emr-seal.js	3.2 kB	2023-03-13	2023-03-13
Pretty URL f52dbc7f-cbcb-4ccf-87d5-3e05f6c9f762.seals-emr.certria.com/emr-seal.js IP 143.204.55.108 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:29:56 Last Seen2023-03-13 18:29:56 Times Seen1 Hash 21f6816ac11e401ca804332f68d2b415 b8d9f5c815f09f0490972265793b7fe7142758e5 b4aba244321e8e50d39f904f4d929121fb5d18c560ba569e640b52f79a947d3e Loading...

	ggbets1.net/static/130237/assets/js/chunks/70850.3fb68182ca3d13f0f2aa.js	1.5 kB	2023-03-13	2024-01-25
Pretty URL ggbets1.net/static/130237/assets/js/chunks/70850.3fb68182ca3d13f0f2aa.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:29:56 Last Seen2024-01-25 10:28:48 Times Seen11 Hash 98eef5fb9bf8f0640cf105d13a9c6025 09a64cff7c97309a6c78e17e75355d42eb48b6a1 9ad5dcc58450224aa330d353d6184fcc40107dbe375fab8d792f66cf267b591d Loading...

	ggbets1.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js	1.2 kB	2023-03-07	2024-04-27
Pretty URL ggbets1.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-27 01:47:54 Times Seen55091 Hash 9e8f56e8e1806253ba01a95cfc3d392c a8af90d7482e1e99d03de6bf88fed2315c5dd728 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Loading...

	ggbets1.net/static/130237/assets/js/chunks/55415.aecfcfdec7ae313a2336.js	1.2 kB	2023-03-13	2024-01-25
Pretty URL ggbets1.net/static/130237/assets/js/chunks/55415.aecfcfdec7ae313a2336.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:29:56 Last Seen2024-01-25 10:28:48 Times Seen6 Hash fbfd45359a55c115c539cc7ce9b65574 1557c47b8f9701db072334c5fda6323c813e4c31 2b2bed66bbcd1c6bab11cb6ded95e052cc1ef5c0d4fb27a121c6b796c8ce2a8b Loading...

	ggbets1.net/en/casino?ref=gg_w174495c143008l8366gnop799_s8hnpa76e&affdata%5Bsubdata%5D=c89c19045bc1c74fffa579d1f73d1366&affdata%5Bclick_id%5D=s8hnpa76e&affdata%5Bgeo%5D=no&affdata%5Brotator%5D=143008&affdata%5Blanding%5D=8366&affdata%5Bsub_id%5D=s8hnpa76e#!/auth/register?popup	109 B	2023-03-13	2024-01-25
Pretty URL ggbets1.net/en/casino?ref=gg_w174495c143008l8366gnop799_s8hnpa76e&affdata%5Bsubdata%5D=c89c19045bc1c74fffa579d1f73d1366&affdata%5Bclick_id%5D=s8hnpa76e&affdata%5Bgeo%5D=no&affdata%5Brotator%5D=143008&affdata%5Blanding%5D=8366&affdata%5Bsub_id%5D=s8hnpa76e#!/auth/register?popup IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:29:56 Last Seen2024-01-25 10:28:48 Times Seen6 Hash d699e34482ef6d305a7e40e118a8f0ea 694527c7b2113cc6ca72442b0cdfcacfe78bb1d5 763c01368a5199e888f9f06fb73745aa0fe218d335834e631c88273e08f89b9b Loading...

	ggbets1.net/static/130237/assets/js/chunks/566.00097ea3e04ceff00f55.js	13 kB	2023-03-13	2023-03-13
Pretty URL ggbets1.net/static/130237/assets/js/chunks/566.00097ea3e04ceff00f55.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:29:56 Last Seen2023-03-13 18:29:56 Times Seen1 Hash 364d50e45e233149cffb336181eb5099 c25dbcad7daa52729f7ea75f6e9066f2eeb8590b 564c9b34044e76e3ecff68ca6034e77c703f86288b7eac6d974fa69f80f2361a Loading...

	ggbets1.net/static/130237/assets/js/chunks/99354.119d358815c6c24fd0b8.js	4.4 kB	2023-03-13	2023-03-13
Pretty URL ggbets1.net/static/130237/assets/js/chunks/99354.119d358815c6c24fd0b8.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:29:56 Last Seen2023-03-13 18:29:56 Times Seen1 Hash ab0888fce665cfc518a9b2e0b8dba9cd 276a4e9434621f4aac57df65198bbce6d0b99906 d7c6063730a56c3e1387bf4a98b925b481911056e1ea4eba9ecc070bb09c7ca1 Loading...

	static.hotjar.com/c/hotjar-2089269.js?sv=7	24 kB	2023-03-13	2023-03-13
Pretty URL static.hotjar.com/c/hotjar-2089269.js?sv=7 IP 143.204.55.84 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:29:56 Last Seen2023-03-13 18:29:56 Times Seen1 Hash 652f14673d55b49dc0f165abb8e76034 a396b7e8449beaad2f95341d6b884ca5a8e6642c a9e440f405c12eb4c97c7a178bdae45181849dfc87371db8a930bd555cf4b11d Loading...

	www.googletagmanager.com/gtm.js?id=GTM-5F3SFTF	242 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-5F3SFTF IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:29:56 Last Seen2023-03-13 18:29:56 Times Seen1 Hash 309d7a375722c26815eebec519373cc1 d1ef57cd8fb39a6a09956966752f00ec1fb6a1da 4057c55f9cc76ca0b0a57eb0cfd1256320cac25c6b23587d83366889e3f43392 Loading...

	ggbets1.net/static/130237/assets/js/svg-icon-polyfill.min.js	1.3 kB	2023-03-13	2024-01-25
Pretty URL ggbets1.net/static/130237/assets/js/svg-icon-polyfill.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:29:56 Last Seen2024-01-25 10:28:48 Times Seen11 Hash 0a797daf0a59f8007c40b4d59d5efee9 f113da300b56960dbc2b58aefff1ab05612c825e 095e9649b2be1d1e219e656eaf6f3733d3730887204e314869d9b8482152b909 Loading...

	ggbets1.net/static/130237/assets/js/chunks/81430.ac2076ec35b41cc5a3a1.js	521 B	2023-03-13	2024-01-25
Pretty URL ggbets1.net/static/130237/assets/js/chunks/81430.ac2076ec35b41cc5a3a1.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:29:56 Last Seen2024-01-25 10:28:48 Times Seen11 Hash 1d70a70fe68c3a24e78881bebd0b6528 6cb6f5fbd119775b956379fd3119685aaa9d0176 d41720db3c3b77363182ee0f7c8ae20fab3674e6ec150ac2dbaed56bb3b89d1c Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-12	2024-04-15
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.110 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:46:21 Last Seen2024-04-15 18:54:35 Times Seen35101 Hash 54e51056211dda674100cc5b323a58ad 26dc5034cb6c7f3bbe061edd37c7fc6006cb835b 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Loading...

	ggbets1.net/en/casino?ref=gg_w174495c143008l8366gnop799_s8hnpa76e&affdata%5Bsubdata%5D=c89c19045bc1c74fffa579d1f73d1366&affdata%5Bclick_id%5D=s8hnpa76e&affdata%5Bgeo%5D=no&affdata%5Brotator%5D=143008&affdata%5Blanding%5D=8366&affdata%5Bsub_id%5D=s8hnpa76e#!/auth/register?popup	153 B	2023-03-13	2024-01-25
Pretty URL ggbets1.net/en/casino?ref=gg_w174495c143008l8366gnop799_s8hnpa76e&affdata%5Bsubdata%5D=c89c19045bc1c74fffa579d1f73d1366&affdata%5Bclick_id%5D=s8hnpa76e&affdata%5Bgeo%5D=no&affdata%5Brotator%5D=143008&affdata%5Blanding%5D=8366&affdata%5Bsub_id%5D=s8hnpa76e#!/auth/register?popup IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:29:56 Last Seen2024-01-25 10:28:33 Times Seen2 Hash bbf947c8991ecf0c7a26006830f8b224 90e3203aca2d1acb80beee02c7bbb8592d2535a1 47a198e3f413b703d73494bafa2e07927970e917f947194787324eff6ed7e166 Loading...

	ggbets1.net/en/casino?ref=gg_w174495c143008l8366gnop799_s8hnpa76e&affdata%5Bsubdata%5D=c89c19045bc1c74fffa579d1f73d1366&affdata%5Bclick_id%5D=s8hnpa76e&affdata%5Bgeo%5D=no&affdata%5Brotator%5D=143008&affdata%5Blanding%5D=8366&affdata%5Bsub_id%5D=s8hnpa76e#!/auth/register?popup	405 B	2023-03-13	2024-01-25
Pretty URL ggbets1.net/en/casino?ref=gg_w174495c143008l8366gnop799_s8hnpa76e&affdata%5Bsubdata%5D=c89c19045bc1c74fffa579d1f73d1366&affdata%5Bclick_id%5D=s8hnpa76e&affdata%5Bgeo%5D=no&affdata%5Brotator%5D=143008&affdata%5Blanding%5D=8366&affdata%5Bsub_id%5D=s8hnpa76e#!/auth/register?popup IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:29:56 Last Seen2024-01-25 10:28:48 Times Seen11 Hash cfc444bd8630438b05f18bf352c5a8d3 8516f221d7aef445593ab1408ef3719d860c2959 917e2fb898650446cd3932df0d78b28f5849d365797a95d6f247e580e9d55435 Loading...

	ggbets1.net/static/130237/assets/js/chunks/50263.ac27a401d186d4107610.js	1.2 kB	2023-03-13	2024-01-25
Pretty URL ggbets1.net/static/130237/assets/js/chunks/50263.ac27a401d186d4107610.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:29:56 Last Seen2024-01-25 10:28:48 Times Seen12 Hash f1be43ca182de483f556b3f392e59a4b ec12566ead2caa9cd46031d6fea9cbea52b6e66d 867ee5c224059954149d1e5b3d1bc5cffc679941706a68cab0474d6573780acf Loading...

	ggbets1.net/static/130237/assets/js/chunks/29699.6b4b2227808cc2cbf0d4.js	3.1 kB	2023-03-13	2023-05-10
Pretty URL ggbets1.net/static/130237/assets/js/chunks/29699.6b4b2227808cc2cbf0d4.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:29:56 Last Seen2023-05-10 08:29:35 Times Seen2 Hash 6d2de2f933edf5bbdd0fce2bbcae97c3 267cba3f401429cfcf2bff8a5712803986690fad 3bc7a5887e4b89ed6364683c5eeeb130f2ab5555240e078e002f9e4d1e047291 Loading...

	ggbets1.net/static/130237/assets/js/chunks/50776.8e5cc443759195c1ce16.js	985 B	2023-03-13	2023-03-13
Pretty URL ggbets1.net/static/130237/assets/js/chunks/50776.8e5cc443759195c1ce16.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:29:56 Last Seen2023-03-13 18:29:56 Times Seen1 Hash 9d81c870102568324087dad80a5c4f45 c51d6d826b24be8410da67f28508cd0bde60da64 aaceb537ad360364ef7af43301cd91f71d20b0f13d08ae027087ba2be5dae792 Loading...

	coffee2play.com/js/redirector.js?1673511228	3.3 kB	2023-03-08	2023-03-26
Pretty URL coffee2play.com/js/redirector.js?1673511228 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:25:56 Last Seen2023-03-26 03:55:08 Times Seen2 Hash 3e46e5673647eb785943aaeecf085d1e 4a80985df5757c85abfc03782496b09739c9e115 db43ac757eb2bf1855207bccdbc0743ff86f957a6b23b65df44f6e1cfa66f931 Loading...

	ggbets1.net/en/casino?ref=gg_w174495c143008l8366gnop799_s8hnpa76e&affdata%5Bsubdata%5D=c89c19045bc1c74fffa579d1f73d1366&affdata%5Bclick_id%5D=s8hnpa76e&affdata%5Bgeo%5D=no&affdata%5Brotator%5D=143008&affdata%5Blanding%5D=8366&affdata%5Bsub_id%5D=s8hnpa76e#!/auth/register?popup	14 B	2023-03-07	2024-04-27
Pretty URL ggbets1.net/en/casino?ref=gg_w174495c143008l8366gnop799_s8hnpa76e&affdata%5Bsubdata%5D=c89c19045bc1c74fffa579d1f73d1366&affdata%5Bclick_id%5D=s8hnpa76e&affdata%5Bgeo%5D=no&affdata%5Brotator%5D=143008&affdata%5Blanding%5D=8366&affdata%5Bsub_id%5D=s8hnpa76e#!/auth/register?popup IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:39 Last Seen2024-04-27 00:48:38 Times Seen453 Hash 179ad068ac0f04e2e18517821b8b45dc a4af10a643dedf0c09fa54aa4dba4bbb09c3d965 107c8e9cc904381f293522f76da0f3baa2936c6baca9f0829340ed6652d5a4ab Loading...

	ggbets1.net/en/casino?ref=gg_w174495c143008l8366gnop799_s8hnpa76e&affdata%5Bsubdata%5D=c89c19045bc1c74fffa579d1f73d1366&affdata%5Bclick_id%5D=s8hnpa76e&affdata%5Bgeo%5D=no&affdata%5Brotator%5D=143008&affdata%5Blanding%5D=8366&affdata%5Bsub_id%5D=s8hnpa76e#!/auth/register?popup	7.5 kB	2023-03-13	2023-03-13
Pretty URL ggbets1.net/en/casino?ref=gg_w174495c143008l8366gnop799_s8hnpa76e&affdata%5Bsubdata%5D=c89c19045bc1c74fffa579d1f73d1366&affdata%5Bclick_id%5D=s8hnpa76e&affdata%5Bgeo%5D=no&affdata%5Brotator%5D=143008&affdata%5Blanding%5D=8366&affdata%5Bsub_id%5D=s8hnpa76e#!/auth/register?popup IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:29:56 Last Seen2023-03-13 18:29:56 Times Seen1 Hash 2a41c56130fee70f62374c5db82386de 60377cbc1349151e395dc5b61c68bcddecc0d471 fc9298dc36f210c4e2526338e20395a5ec4c902d5c54180d04400bb133b6f174 Loading...

	ggbets1.net/en/casino?ref=gg_w174495c143008l8366gnop799_s8hnpa76e&affdata%5Bsubdata%5D=c89c19045bc1c74fffa579d1f73d1366&affdata%5Bclick_id%5D=s8hnpa76e&affdata%5Bgeo%5D=no&affdata%5Brotator%5D=143008&affdata%5Blanding%5D=8366&affdata%5Bsub_id%5D=s8hnpa76e#!/auth/register?popup	820 B	2023-03-13	2023-03-14
Pretty URL ggbets1.net/en/casino?ref=gg_w174495c143008l8366gnop799_s8hnpa76e&affdata%5Bsubdata%5D=c89c19045bc1c74fffa579d1f73d1366&affdata%5Bclick_id%5D=s8hnpa76e&affdata%5Bgeo%5D=no&affdata%5Brotator%5D=143008&affdata%5Blanding%5D=8366&affdata%5Bsub_id%5D=s8hnpa76e#!/auth/register?popup IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:29:56 Last Seen2023-03-14 04:42:51 Times Seen1 Hash d4d3193081789aa3c4b701698a882d81 3531582525ee72906900346eb15b16f2b4edc131 5338bae513c66eab28242c93352797ec48ee4b8caf310cdce5bb57ec78f05793 Loading...

	ggbets1.net/static/130237/assets/js/chunks/87888.6acd4f28d94c8811d83e.js	3.5 kB	2023-03-13	2023-08-25
Pretty URL ggbets1.net/static/130237/assets/js/chunks/87888.6acd4f28d94c8811d83e.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:29:56 Last Seen2023-08-25 22:22:42 Times Seen8 Hash 6f23c19b3d4df016ab69ae8f4d930146 d88cc354d089822d0d2a4939ad7059e5d91b8a9d 1bb8b40d480be14d9eae347e9f9040c4353717cbf271556c84ea96ed08faf460 Loading...

	ggbets1.net/static/130237/assets/js/chunks/22979.418af0d762860bfba6b8.js	6.6 kB	2023-03-13	2023-05-10
Pretty URL ggbets1.net/static/130237/assets/js/chunks/22979.418af0d762860bfba6b8.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:29:56 Last Seen2023-05-10 08:29:35 Times Seen2 Hash 8967b883c0b4a09a8a93c27cc6cb609a 03aef8ec51b9585f9e84bdbdf1790b2a3dd0e11f bf54cd45abab47cc04c60d0ca950f956659fa825c0081df41ed6162d1304e452 Loading...

	unknown	0 B	2023-03-07	2024-04-27
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-27 02:28:25 Times Seen37109059 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	ggbets1.net/static/130237/assets/js/chunks/38551.6125bf9b25bb5621e893.js	1.3 kB	2023-03-13	2023-06-18
Pretty URL ggbets1.net/static/130237/assets/js/chunks/38551.6125bf9b25bb5621e893.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:29:56 Last Seen2023-06-18 02:41:27 Times Seen7 Hash fb3eac445af1fbd427b181e9aabe6d84 a65fb6da345a7959d505967e5b733f32938a1145 a70297cd537804b3d4e6c69a82d0e8b5e3409ed9d6a1987b05788e15d722ed0a Loading...

	ggbets1.net/static/130237/assets/js/chunks/84050.955a2f3b5ed384914c30.js	4.0 kB	2023-03-13	2023-03-13
Pretty URL ggbets1.net/static/130237/assets/js/chunks/84050.955a2f3b5ed384914c30.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:29:56 Last Seen2023-03-13 18:29:56 Times Seen1 Hash 2725f99e802c502d27092f3f8d54f4e7 b0e742fbd3f7507bee8e0b4c12cc1e43dec9c49f bc1ef822ea35d1b7693eb8e4a09a3ac8f4ffd57120ebfee0c343af38eebbedec Loading...

	ggbets1.net/static/130237/assets/js/chunks/90646.f8c5eb480090cce6c476.js	6.1 kB	2023-03-13	2023-05-10
Pretty URL ggbets1.net/static/130237/assets/js/chunks/90646.f8c5eb480090cce6c476.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:29:56 Last Seen2023-05-10 08:29:35 Times Seen2 Hash d66fcbacb5b90bae8fd34307fd5a7d07 92bde235f8ec701ef89f8a1597c6b78b168a4efa 74e541112f0d2d84f3fcd6ac2ad2c9396a9c024f7584837d6cd0be8f9df8757d Loading...

	vars.hotjar.com/box-e031119f9e9e307a08fa610f85dbfb52.html	2.3 kB	2023-03-13	2023-03-14
Pretty URL vars.hotjar.com/box-e031119f9e9e307a08fa610f85dbfb52.html IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:50:52 Last Seen2023-03-14 14:54:55 Times Seen1 Hash 9dfb5fc1a14b81a3b18b479f63bb8ab3 2720e78ed93ca88089984dacdaaeae0e95a321d1 f7be6f445f6d0ff732728c98ddf542577272191c10478c1edf9913612de40f3b Loading...

	ggbets1.net/static/130237/assets/js/chunks/75089.dcf20f50ef82746ec173.js	1.2 kB	2023-03-13	2023-06-18
Pretty URL ggbets1.net/static/130237/assets/js/chunks/75089.dcf20f50ef82746ec173.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:29:56 Last Seen2023-06-18 02:41:27 Times Seen7 Hash ae14ae09b843f43801b0845cf1a97aa2 e12125eb66372b73e42ad612beec7898690ced46 b2a791411301a90dd0a8f597ee9e4b354d4474625f55feb976df0a7b81a93e1d Loading...

	sat.ugabartint.net/gnt908wk0bl6xyll5bj94zafs74gwo53/script.min.js?sub_1=gg_w174495c143008l8366gnop799_s8hnpa76e&visitorId=63e12d71ebe6efd47d08b31b	127 kB	2023-03-13	2023-03-13
Pretty URL sat.ugabartint.net/gnt908wk0bl6xyll5bj94zafs74gwo53/script.min.js?sub_1=gg_w174495c143008l8366gnop799_s8hnpa76e&visitorId=63e12d71ebe6efd47d08b31b IP 203.34.80.159 ASN #209242 Cloudflare London, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:29:56 Last Seen2023-03-13 18:29:56 Times Seen1 Hash 359db038e77dea6c83d05110db48cfea cdefaa563d63da50bb5f69222ee591719da5d376 6beeb0074352a20deb2d490cc5bc10be0d1fa4bb25f7f1b6610c2f7f85eda54b Loading...

	ggbets1.net/static/130237/assets/js/chunks/83321.cbf3359406c8768fb8f4.js	5.2 kB	2023-03-13	2023-03-13
Pretty URL ggbets1.net/static/130237/assets/js/chunks/83321.cbf3359406c8768fb8f4.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:29:56 Last Seen2023-03-13 18:29:56 Times Seen1 Hash c8c98def334a52bd97c0509bf9baf007 fcd5cb0d9b6229e00e5676dce5371d803120180e ae38dfa1b90e7c9c57672f6adaa85ccdce73c77dc5d7e3384b2793fd74b980ee Loading...

	ggbets1.net/static/130237/assets/js/chunks/62439.29c7de593a885293b46b.js	4.9 kB	2023-03-13	2024-01-25
Pretty URL ggbets1.net/static/130237/assets/js/chunks/62439.29c7de593a885293b46b.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:29:56 Last Seen2024-01-25 10:28:48 Times Seen6 Hash 4e35652d4c72110a98dee7c1c3d8468e 07c057af4d2dc50b189378b3f4e6ca08738ff324 e083e04a3f73714b138db458ce935dc9284a618de218b48abee950d4df3f1f37 Loading...

	ggbets1.net/static/130237/assets/js/chunks/7498.85c68e3a73c9cb68004d.js	15 kB	2023-03-13	2023-03-13
Pretty URL ggbets1.net/static/130237/assets/js/chunks/7498.85c68e3a73c9cb68004d.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:29:56 Last Seen2023-03-13 18:29:56 Times Seen1 Hash 6516ca491a2b7d6b8c9ee812923c29a1 1369589d396dcea6be563a980decc61794bd6ab2 02ffee4ae9e040cfc8b8c6ee21815ce10faeb77547ba24af4c1560ac5488ba3d Loading...

	ggbets1.net/static/130237/assets/js/chunks/55243.e584d87b3244c2a10eaa.js	12 kB	2023-03-13	2023-03-13
Pretty URL ggbets1.net/static/130237/assets/js/chunks/55243.e584d87b3244c2a10eaa.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:29:56 Last Seen2023-03-13 18:29:56 Times Seen1 Hash 1d640a967291a60f272e1b8d74b2aa8c 3bbea626801536e334ca15a615aed419ee6f0cc9 c08e93777dcf39a2a1798f753387fa0160dd07b9dafb5bb4e67f492b05777e7f Loading...

	ggbets1.net/static/130237/assets/js/chunks/22858.b48c59725e014b13fbfc.js	5.7 kB	2023-03-13	2023-03-13
Pretty URL ggbets1.net/static/130237/assets/js/chunks/22858.b48c59725e014b13fbfc.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:29:56 Last Seen2023-03-13 18:29:56 Times Seen1 Hash 49f008b82635fccc71bd97a56aa44d3b 584a9e3449b320751b464776cb4ae95abf6ac347 9421c6bc852a1c355b9f50c48dd743173c226dd3519184238421062545d7f846 Loading...

	ggbets1.net/en/casino?ref=gg_w174495c143008l8366gnop799_s8hnpa76e&affdata%5Bsubdata%5D=c89c19045bc1c74fffa579d1f73d1366&affdata%5Bclick_id%5D=s8hnpa76e&affdata%5Bgeo%5D=no&affdata%5Brotator%5D=143008&affdata%5Blanding%5D=8366&affdata%5Bsub_id%5D=s8hnpa76e#!/auth/register?popup	40 B	2023-03-13	2023-12-04
Pretty URL ggbets1.net/en/casino?ref=gg_w174495c143008l8366gnop799_s8hnpa76e&affdata%5Bsubdata%5D=c89c19045bc1c74fffa579d1f73d1366&affdata%5Bclick_id%5D=s8hnpa76e&affdata%5Bgeo%5D=no&affdata%5Brotator%5D=143008&affdata%5Blanding%5D=8366&affdata%5Bsub_id%5D=s8hnpa76e#!/auth/register?popup IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:29:56 Last Seen2023-12-04 18:25:06 Times Seen5 Hash 20130f87acdde6cdf2d30413cc60851d 4e13fa1e1f86f680812259ba54163a781a24131f bfc37d8306a67622778d1196c10c05150560963fd0e3ccdb46dc3b9063d549f8 Loading...

	coffee2play.com/js/base64.js	3.8 kB	2023-03-08	2023-03-26
Pretty URL coffee2play.com/js/base64.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:25:56 Last Seen2023-03-26 03:55:07 Times Seen2 Hash 7c4a35684cf6269f8839c485768fa8e0 53d6e2a4094be8e22fb12121ae18b52408a1af73 dc5c09b27d2e4fe6fa976a53fabf959ed98f5bbb95873304572f856916830e93 Loading...

	ggbets1.net/static/130237/assets/js/chunks/97852.02374aab0c35f8634c26.js	20 kB	2023-03-13	2023-03-13
Pretty URL ggbets1.net/static/130237/assets/js/chunks/97852.02374aab0c35f8634c26.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:29:56 Last Seen2023-03-13 18:29:56 Times Seen1 Hash c7f710625d03dccb40cfc87ddaffe154 019472dfe91ee0c0ea583161ee9673aa067d5a5a a7dd7e4c080ef9383e8c521c223ebed75f0bbc6eac73e3ba8a6b0baabf7c8c85 Loading...

	ggbets1.net/static/130237/assets/js/chunks/96756.f69430cd74bac3c10802.js	8.3 kB	2023-03-13	2023-05-10
Pretty URL ggbets1.net/static/130237/assets/js/chunks/96756.f69430cd74bac3c10802.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:29:57 Last Seen2023-05-10 08:29:35 Times Seen2 Hash 3d30aefe8b9c0df87b484538d55ac060 400e3d31064da8542aac5feba23e0c4c806e7a80 417a8b46695065436f1c0d8fde233b40cf073d25daa81934566ffddedc6497b1 Loading...

	ggbets1.net/static/130237/assets/js/chunks/79263.95c8ff2d194e5173a525.js	2.4 kB	2023-03-13	2024-01-25
Pretty URL ggbets1.net/static/130237/assets/js/chunks/79263.95c8ff2d194e5173a525.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:29:57 Last Seen2024-01-25 10:28:48 Times Seen6 Hash e80e735b8cd53bd5faa9368c688ff47e 8af27b132c6cf00bacb6638a7ae1644b2cc7f775 b7a09cc64b82082b7bdaca138445356d6428899c7378339e13323bf822373b73 Loading...

	ggbets1.net/static/130237/assets/js/chunks/78659.61342a3a3b3fc3c49089.js	4.3 kB	2023-03-13	2023-03-13
Pretty URL ggbets1.net/static/130237/assets/js/chunks/78659.61342a3a3b3fc3c49089.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:29:57 Last Seen2023-03-13 18:29:57 Times Seen1 Hash b769a643cf255cddef1f2f08e9017069 25e9d1a3137829b30f365f3c98a304f10f118450 259e8dc6b1c5b5db626d222215137c74a0f72517a8b3a81711d31236bbf07c95 Loading...

	ggbets1.net/static/130237/assets/js/chunks/70852.c47059ffda1fa9dce43e.js	6.2 kB	2023-03-13	2023-03-13
Pretty URL ggbets1.net/static/130237/assets/js/chunks/70852.c47059ffda1fa9dce43e.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:29:57 Last Seen2023-03-13 18:29:57 Times Seen1 Hash e19f86e8794c5a216d75eb8f34ff8331 c965d558b4dad192c83a4d1134495625a71a0b76 413c60322a10dccf30471da6c527d67c3fe733b52b91c1de02f087b673e6a10c Loading...

		Size	First Seen	Last Seen
	#1 Eval - f3700648c31a9f04cbabd9cbbdd8ba50	783 B	2023-03-10	2024-03-08
Pretty Observations First Seen2023-03-10 13:29:10 Last Seen2024-03-08 19:09:08 Times Seen24 Hash f3700648c31a9f04cbabd9cbbdd8ba50 cf6b22e7b29d37cb01daf958b71a190b0df28f74 5cdb8f9ae289e22b176903524140bfe19c12881e11d28733f9e6c3630ea3db55 Loading...

	#2 Eval - 81443bed3bd1bb543f88384fe427b4ab	1.5 kB	2023-03-10	2024-03-08
Pretty Observations First Seen2023-03-10 13:29:09 Last Seen2024-03-08 19:09:08 Times Seen26 Hash 81443bed3bd1bb543f88384fe427b4ab 044c7c84e55ec3eb0a3861b4eca3dddb8e25e16a 19c58effd754dee4b540dffa70ce728aa4535a6a47ac5002d1d93cf0fd9a3af6 Loading...

	#3 Eval - d236dbc9572b3aab2775a32f14eee247	1.7 kB	2023-03-10	2024-03-08
Pretty Observations First Seen2023-03-10 13:29:09 Last Seen2024-03-08 19:09:08 Times Seen26 Hash d236dbc9572b3aab2775a32f14eee247 20750dfff2630024d111caf7d2cebc5af6563cdc 55e832925c6d31b8079698cf14ce362c2360ca1bb661b2465ba49fb5cdc71c98 Loading...

	#4 Eval - 373cbf576ac2fd5669311fb7728735d3	846 B	2023-03-10	2024-03-08
Pretty Observations First Seen2023-03-10 13:29:09 Last Seen2024-03-08 19:09:08 Times Seen24 Hash 373cbf576ac2fd5669311fb7728735d3 912139757cfd2b812614062f5d7a32653aeaa94d e6aaa42d51e72cb4edd0c73ab01b2431c8e8f6f1f707bcf6e57b5f43d29d30b2 Loading...

	#5 Eval - b5196279228d057a8b49b64513f52ac8	3.1 kB	2023-03-10	2024-03-08
Pretty Observations First Seen2023-03-10 13:29:10 Last Seen2024-03-08 19:09:08 Times Seen26 Hash b5196279228d057a8b49b64513f52ac8 76add7112442684556da43add5f53459dd6adc42 7d8ea7cbfeaeb0c6af96a87af074076dcef389988a92fdd972afb735c98d0348 Loading...

	#6 Eval - d825e47fcf87e2a7ab1dc6b782e2cc43	335 B	2023-03-10	2024-03-08
Pretty Observations First Seen2023-03-10 13:29:10 Last Seen2024-03-08 19:09:08 Times Seen26 Hash d825e47fcf87e2a7ab1dc6b782e2cc43 9f9a3bac6b0ccf3fed1871170d31ad03a05d9377 bc202831c2aeb32a1068095ab5b32cd5fabdfd12b8fed87a243113054edce74b Loading...

	#7 Eval - cff3c0a4a216e0531aac54ee82723e70	335 B	2023-03-10	2024-03-08
Pretty Observations First Seen2023-03-10 13:29:10 Last Seen2024-03-08 19:09:08 Times Seen26 Hash cff3c0a4a216e0531aac54ee82723e70 fa3a6359034a24cc528e7f1baeeb51c3d3b26f7b 6dfe2f76c59812a737fc5e91e30149c2a6cd3eaae65e9272dee5e01df334b12e Loading...

	#8 Eval - 95d67c908fb46b1ff98fafd318f242a7	477 B	2023-03-10	2024-03-08
Pretty Observations First Seen2023-03-10 13:29:09 Last Seen2024-03-08 19:09:08 Times Seen26 Hash 95d67c908fb46b1ff98fafd318f242a7 622d9c2fa73d6f866ef28dfe6a543f22b6397052 201d28057fae8ae82ad5e7e168abceca5f3de53b42a850d234f869613fbbfb82 Loading...

	#9 Eval - 151cb08ac860f6a747979ddcaffac52d	1.2 kB	2023-03-10	2024-03-08
Pretty Observations First Seen2023-03-10 13:29:10 Last Seen2024-03-08 19:09:08 Times Seen26 Hash 151cb08ac860f6a747979ddcaffac52d bfbe7de68b281e52f31bb3a6fdfd13bd47b99bb2 0ebbda157d2ab4b6d79a9731f919daa0bd7f0f061340e0ea31cb7c6e1b7cd109 Loading...

	#10 Eval - c88af924bf7209f4767ce5460d1b98ea	2.0 kB	2023-03-10	2024-03-08
Pretty Observations First Seen2023-03-10 13:29:10 Last Seen2024-03-08 19:09:08 Times Seen26 Hash c88af924bf7209f4767ce5460d1b98ea 8e5221d9c479b259f8f3cd780c235c4afe7be6c3 8850ab32b2680ef4299602bc13958876bb64f0ad1480bf4bc7d2602c5461e755 Loading...

	#11 Eval - da6184c8ada08cee5c06a30e2728c60c	974 B	2023-03-10	2024-03-08
Pretty Observations First Seen2023-03-10 13:29:09 Last Seen2024-03-08 19:09:08 Times Seen24 Hash da6184c8ada08cee5c06a30e2728c60c a3aefb7d6dfc3812188e0a1233705dc0a1708592 f64eee423fa374fec6c383e9226fc2d2b7af7b980801e0447578555bd38409db Loading...

	#12 Eval - 8c867b50d72d0abfa06ed6382bf7db4a	1.6 kB	2023-03-10	2024-03-08
Pretty Observations First Seen2023-03-10 13:29:10 Last Seen2024-03-08 19:09:08 Times Seen26 Hash 8c867b50d72d0abfa06ed6382bf7db4a 280ca3a6adb84c4d72cd63348b7cbe1e6ecb4dcd 738d7c488ab47f213f462222d268edfb1483a19f78c11d039a2174901e983a85 Loading...

	#13 Eval - bda8857788185b26fc05e4fdab884ee6	751 B	2023-03-10	2024-03-08
Pretty Observations First Seen2023-03-10 13:29:10 Last Seen2024-03-08 19:09:08 Times Seen26 Hash bda8857788185b26fc05e4fdab884ee6 e4d11c7897b8900f2fdd68887e7d98bcf49924dd 9e26396f9392b93708d531169be5accb9fe1fd3cac732abba569206f35d28704 Loading...

	#14 Eval - a1ce46d6290052e347aa803a4bcff31e	411 B	2023-03-10	2024-03-08
Pretty Observations First Seen2023-03-10 13:29:10 Last Seen2024-03-08 19:09:08 Times Seen26 Hash a1ce46d6290052e347aa803a4bcff31e cba993025ad82b91ed07dfcf7a22f22673adfb1c 518b14555ec2effbb4609b7a923c5fed5420216ad2c4d7cb4170af5d4689a089 Loading...

	#15 Eval - d2a99a1942660b354c625b1eae329123	630 B	2023-03-10	2024-03-08
Pretty Observations First Seen2023-03-10 13:29:09 Last Seen2024-03-08 19:09:08 Times Seen26 Hash d2a99a1942660b354c625b1eae329123 205c2c4c0ac43791f38226272c9e508634b02316 e551d4a1604f00825e3dc6a80344c65d91369d9c177832bf8bfa8c22e3f838ed Loading...

	#16 Eval - ea776444f70484f3aef6a7d75748736b	2.3 kB	2023-03-10	2024-03-08
Pretty Observations First Seen2023-03-10 13:29:10 Last Seen2024-03-08 19:09:08 Times Seen26 Hash ea776444f70484f3aef6a7d75748736b fa86ddcda1519388fd5673bc0a0c2680fccb76c1 6a1f84354be49e2b7ac1e950b083b9183fb8e149c46336e188cebc2868f4fee2 Loading...

	#17 Eval - 4de0bec2d158e9a6f39e3060767d028e	587 B	2023-03-10	2024-03-08
Pretty Observations First Seen2023-03-10 13:29:09 Last Seen2024-03-08 19:09:08 Times Seen26 Hash 4de0bec2d158e9a6f39e3060767d028e 39abdb7ad73025b0954632378bf6f39e1886cf9b c92617a08dd945ed3edf475d97f5c4081d2e2bc8abef5e5fe392a2bbed627ca2 Loading...

		Size	First Seen	Last Seen
	#1 Write - be697b6dfc757d76713a72a0aced3741	190 B	2023-03-07	2023-05-06
Pretty Observations First Seen2023-03-07 01:06:21 Last Seen2023-05-06 00:11:34 Times Seen161 Hash be697b6dfc757d76713a72a0aced3741 6ebc97158e27218a733b71e28bab1d52c30c2afb 743f6492a5beb847167322304f93922a25b48b4fda556b6039418e53930e9df1 Loading...

	#2 Write - 355258e66e7f4858f8db33903b7a15be	176 B	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 18:29:57 Last Seen2023-03-13 18:29:57 Times Seen1 Hash 355258e66e7f4858f8db33903b7a15be 1dbd440059c77c7fb7f20fb63e0eac557f4ff5e7 20baa7073cf9c41f36158fe879ae372f3b9a261b628e026e39767ca6c2806c60 Loading...

HTTP Transactions (88)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
507011ccb9124dcd57e84a90a0965cc4
1a6575d0ac979c7184490cc9836ac4812ad2afd1
01626c18e1e68507aa33ef7448dbc3311901ab6f29adc2f51d449409b0680dce

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "01626C18E1E68507AA33EF7448DBC3311901AB6F29ADC2F51D449409B0680DCE"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15812
Expires: Mon, 06 Feb 2023 21:03:48 GMT
Date: Mon, 06 Feb 2023 16:40:16 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4758
Expires: Mon, 06 Feb 2023 17:59:34 GMT
Date: Mon, 06 Feb 2023 16:40:16 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Content-Type, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 06 Feb 2023 16:34:05 GMT
content-type: application/json
age: 371
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12466
Expires: Mon, 06 Feb 2023 20:08:02 GMT
Date: Mon, 06 Feb 2023 16:40:16 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: DQ0Io/FL3/kf51oebYNpvw8lvqjNctTGsAxDuPcSojoYsWtSfc/B7nAu5oYVC31BJTHRTb4e1K0=
x-amz-request-id: 4KBAGZY89T1K2ZRH
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 06 Feb 2023 15:53:45 GMT
age: 2791
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

helixnixo.buzz/

172.67.208.86

301 Moved Permanently

0 B

URL HTTP/1.1
helixnixo.buzz/
IP
172.67.208.86:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

NIDS	Severity	Alert
suricata	medium	ET INFO HTTP Request to a *.buzz domain

HTTP Headers

GET / HTTP/1.1
Host: helixnixo.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Mon, 06 Feb 2023 16:40:16 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Location: https://helixnixo.buzz/
Pragma: no-cache
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GEYg6zSsQMUNtk3NSofBkKihP9%2FHgSDeqQjLnC4w2%2Fpo5s8EhOQhtfjYhLZ4erlDPs%2BbZ7ZA8SCT%2BcmqgP0SI8cb09VlyarK7YfAByxRAn54pz6Gr3wSrHDxwEXMRQh0jg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7955539ea95e0b02-OSL
alt-svc: h2=":443"; ma=60

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 16:40:16 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.77.32

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
1c9a5c9aae6bf33e70f71bf4c20d4259
357d2d0856c90740294ba8eaac7c1485d766d3bf
b3092ce05712d9f2e381eae8667cf502cb8809f01f0de745f2d6f4b5ac18d4f6

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "B3092CE05712D9F2E381EAE8667CF502CB8809F01F0DE745F2D6F4B5AC18D4F6"
Last-Modified: Sun, 05 Feb 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21584
Expires: Mon, 06 Feb 2023 22:40:01 GMT
Date: Mon, 06 Feb 2023 16:40:17 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Expires, Pragma, Retry-After, Last-Modified, ETag, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 06 Feb 2023 15:51:19 GMT
age: 2938
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9b88bae61bca33aba8aa99f6128db8d9
a07b61fb2458917699613fcae68710941b595416
54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA"
Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11571
Expires: Mon, 06 Feb 2023 19:53:08 GMT
Date: Mon, 06 Feb 2023 16:40:17 GMT
Connection: keep-alive

e1.o.lencr.org/

23.36.77.32

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
1c9a5c9aae6bf33e70f71bf4c20d4259
357d2d0856c90740294ba8eaac7c1485d766d3bf
b3092ce05712d9f2e381eae8667cf502cb8809f01f0de745f2d6f4b5ac18d4f6

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "B3092CE05712D9F2E381EAE8667CF502CB8809F01F0DE745F2D6F4B5AC18D4F6"
Last-Modified: Sun, 05 Feb 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21584
Expires: Mon, 06 Feb 2023 22:40:01 GMT
Date: Mon, 06 Feb 2023 16:40:17 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
08a2a2192c7f49fbd23a252fb0964c45
38a9cec9f7234659581efd3145528a6b9dd7baf8
0e523e1a0e49765eaab1e0c962131095a368b9a62e7a2aa963e222432769b85c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3339
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 16:40:17 GMT
Etag: "63e0161c-117"
Last-Modified: Mon, 06 Feb 2023 15:44:38 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
08a2a2192c7f49fbd23a252fb0964c45
38a9cec9f7234659581efd3145528a6b9dd7baf8
0e523e1a0e49765eaab1e0c962131095a368b9a62e7a2aa963e222432769b85c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3339
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 16:40:17 GMT
Etag: "63e0161c-117"
Last-Modified: Mon, 06 Feb 2023 15:44:38 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
dc60ed295610c25d9c7d9b91fee9599d
372045e47c3a57e46b235fc696d72006eb697f44
1cbc2e2d5c6b513139658a71fc33dc7cc99eaa28d0f03af83ab80063d1ea7ccc

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5517
Cache-Control: max-age=117249
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 16:40:17 GMT
Etag: "63e03ee5-116"
Expires: Wed, 08 Feb 2023 01:14:26 GMT
Last-Modified: Sun, 05 Feb 2023 23:42:29 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 278

push.services.mozilla.com/

52.88.143.102

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.88.143.102:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 2GWryI1DjkYDwuMqUf+TIw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: YtQ58AP6XLCxZG2cJ7YrNSSy9c0=

ggbetpromo.com/l/63a07c78406fe15f2660c7fc?sub_id=s8hnpa76e&click_id=s8hnpa76e

104.21.51.166

302 Found

278 B

URL HTTP/2
ggbetpromo.com/l/63a07c78406fe15f2660c7fc?sub_id=s8hnpa76e&click_id=s8hnpa76e
IP
104.21.51.166:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
278 B (278 bytes)
Hash
dc60ed295610c25d9c7d9b91fee9599d
372045e47c3a57e46b235fc696d72006eb697f44
1cbc2e2d5c6b513139658a71fc33dc7cc99eaa28d0f03af83ab80063d1ea7ccc

HTTP Headers

GET /l/63a07c78406fe15f2660c7fc?sub_id=s8hnpa76e&click_id=s8hnpa76e HTTP/1.1
Host: ggbetpromo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 302 Found
date: Mon, 06 Feb 2023 16:40:17 GMT
content-type: text/html; charset=UTF-8
location: https://coffee2play.com/?s=60&ref=gg_w174495c143008l8366gnop799_s8hnpa76e&encoded_url=Y2FzaW5vIyEvYXV0aC9yZWdpc3Rlcj9wb3B1cA==&click_id=s8hnpa76e
x-xss-protection: 1; mode=block
strict-transport-security: max-age=300; includeSubDomains;
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lmV2ISU6n56dopCgCE57KuPezvWdfMFwPf1jOt0YDKMn%2BoZqHsknsMdK96hNtqQbCKIXDqFHTIRh6ZoafxQaYH3B7domkV45JX5AVwne08Cg1rWzEbIyMDUGbxLDNkSY3A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 795553a52d7ab50b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
26a15a1b880ec1026360b696b1c27074
fd35f80a1cf599da2a8e68a44477465a580440a5
a6d5caec988319523c120bc435a4ff0200b7ead114db10db19a09caeace978f7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 16:40:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
ad2d72821808ee5f77c0598fed0f8bd1
adcd92881d1c5ac3cca4687dc6347369240f4726
c7ce86611bf0b0063c0bcb2c6a6a4b85fe6be2d89e382b8907e8bbb2e1e5962d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 16:40:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
836bc62dbb011b6180fc7209d0061736
74e6f18561a7006a3afb6ab03559eec239ce4b36
90b197384670fdb210d364f91b423fd383d25838e38a494158a8185bef0061f0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 16:40:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

142.250.74.35

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15700, version 1.0\012- data
Size
16 kB (15700 bytes)
Hash
3d7f7413fca69bff4d231ebdc50aaab0
cb18e7943b6a8a0e3672d7242197c19a226b92e8
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36

HTTP Headers

GET /s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://coffee2play.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15700
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 01:03:45 GMT
expires: Fri, 02 Feb 2024 01:03:45 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 19 Apr 2022 18:51:55 GMT
content-type: font/woff2
age: 401792
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
70d7e4cd91d9f630c160410d22c1cede
82f5d0fbb11bcde09c107b6c1cbc6e014bb08b85
b8679be6c92167c51793ca4a8774caf0a50949737a99652243208fcfda917faf

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 16:40:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
665a5b2638dbaefac6e22734f94f071b
0d95d647f9bbb3fb3060b658c86f1590ebcf4b26
829868c0001723f01025d31d735e3c111eef6fd676c2cd2eba6a27375e8f888d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2564
Cache-Control: max-age=161488
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 16:40:17 GMT
Etag: "63e0f73d-116"
Expires: Wed, 08 Feb 2023 13:31:45 GMT
Last-Modified: Mon, 06 Feb 2023 12:49:01 GMT
Server: ECS (amb/6B93)
X-Cache: HIT
Content-Length: 278

www.googletagmanager.com/gtm.js?id=GTM-5RMQ4SV

142.250.74.168

200 OK

46 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-5RMQ4SV
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1759)
Size
46 kB (46183 bytes)
Hash
a825e8f8fa0b28ab3406bcc9d0e900a8
b6e13cabe682f54b53e321095d31fc11ff427b5c
ac6801ce74ae6a3a6aea7a3e9f50aceffdd50415ede7ae1c08e94ac935620278

HTTP Headers

GET /gtm.js?id=GTM-5RMQ4SV HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coffee2play.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 06 Feb 2023 16:40:17 GMT
expires: Mon, 06 Feb 2023 16:40:17 GMT
cache-control: private, max-age=900
last-modified: Mon, 06 Feb 2023 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 46183
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

coffee2play.com/?s=60&ref=gg_w174495c143008l8366gnop799_s8hnpa76e&encoded_url=Y2FzaW5vIyEvYXV0aC9yZWdpc3Rlcj9wb3B1cA==&click_id=s8hnpa76e

172.67.163.47

200 OK

3.5 kB

URL HTTP/2
coffee2play.com/?s=60&ref=gg_w174495c143008l8366gnop799_s8hnpa76e&encoded_url=Y2FzaW5vIyEvYXV0aC9yZWdpc3Rlcj9wb3B1cA==&click_id=s8hnpa76e
IP
172.67.163.47:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (505)
Size
3.5 kB (3488 bytes)
Hash
0e9b1861fd59454b10154326550d41e9
28562264920b2a927c2f0fc0f472d04c92ff87ac
6d856278b852cd792523593c3087a127d32cef326187f830f521bfe48fa189ae

HTTP Headers

GET /?s=60&ref=gg_w174495c143008l8366gnop799_s8hnpa76e&encoded_url=Y2FzaW5vIyEvYXV0aC9yZWdpc3Rlcj9wb3B1cA==&click_id=s8hnpa76e HTTP/1.1
Host: coffee2play.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Mon, 06 Feb 2023 16:40:17 GMT
content-type: text/html; charset=UTF-8
set-cookie: visit11f5cbb7625a4f005ea406f5cd052d1d=1; expires=Wed, 08-Mar-2023 16:40:17 GMT; Max-Age=2592000
x-xss-protection: 1; mode=block
strict-transport-security: max-age=300; includeSubDomains;
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gfi1lvxllYB2GMgEqv%2BTSDSONH6kyd5P5wNjGkc5K5aPOv0MOVZMRpzhYGxedHGOZJo7z%2B8DEJA4o1q4A710C%2FUdaQV50eOhuBQmAatrXxLZ3ycUyo%2BJ3Pdibo%2BzUFOYM08%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 795553a5fc481c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
9206c3ba6d5a17d62244c438fd03496e
069e8257aebe618953434b1299d065540125a512
937d395fed398e9410f75945e80f607f3146458b48cd47ba7249536ca2195817

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 16:40:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css2?family=Roboto+Condensed&display=swap

142.250.74.106

200 OK

590 B

URL HTTP/2
fonts.googleapis.com/css2?family=Roboto+Condensed&display=swap
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
data
Size
590 B (590 bytes)
Hash
cf4cc10711634155ae275eb5827ff98c
3f5cc2e2046e63e1ee32f2d15777ff2b6e8db9d3
8256233e143564483daa3ea0712a9c0185e2d9d3cff4e890f627cc760720d0ab

HTTP Headers

GET /css2?family=Roboto+Condensed&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coffee2play.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 06 Feb 2023 16:40:17 GMT
date: Mon, 06 Feb 2023 16:40:17 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
665a5b2638dbaefac6e22734f94f071b
0d95d647f9bbb3fb3060b658c86f1590ebcf4b26
829868c0001723f01025d31d735e3c111eef6fd676c2cd2eba6a27375e8f888d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 215
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 16:40:18 GMT
Etag: "63dfa5bf-118"
Last-Modified: Mon, 06 Feb 2023 16:36:43 GMT
Server: ECS (amb/6BC7)
X-Cache: HIT
Content-Length: 278

a.exoclick.com/tag_gen.js

205.185.216.10

200 OK

515 B

URL HTTP/1.1
a.exoclick.com/tag_gen.js
IP
205.185.216.10:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with very long lines (1030), with no line terminators
Size
515 B (515 bytes)
Hash
628e0302068ade64b5f411f39d5ce7e5
ff1a609269f34bad5ae67ed1678df3f7b905d018
c583ceaeae2e9a05e25c27b61520710f16b8b98ca7f9087a75ae90a040b8bc3f

HTTP Headers

GET /tag_gen.js HTTP/1.1
Host: a.exoclick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coffee2play.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 16:40:18 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 515
Content-Type: application/javascript
Accept-Ranges: bytes
Cache-Control: max-age=10800
Server: nginx
etag: W/"a56c0470b9aa925085e51a6271a"
X-HW: 1675701618.dop202.sk1.t,1675701618.cds216.sk1.shn,1675701618.dop202.sk1.t,1675701618.cds251.sk1.c
Access-Control-Allow-Origin: *, *

ocsp.digicert.com/

93.184.220.29

200 OK

1.3 kB

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
1.3 kB (1283 bytes)
Hash
b4dd79b6cf55addb6b801f5c98154709
9107151749782ca34896090c4ff0bc51c75aa799
6214488f77773f46a5e584e88867d1e43621ab4008fbc128630d88cb1d9ca30d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=163237
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 16:40:18 GMT
Etag: "63e10817-118"
Expires: Wed, 08 Feb 2023 14:00:55 GMT
Last-Modified: Mon, 06 Feb 2023 14:00:55 GMT
Server: nginx
Content-Length: 280

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
e418416d0b05e8806cfec69087c81575
3506f56e05b2766c3349e12e9fe30d8c6e7c3ce8
1e284daf250b1669e75c78a1421fc0e73d0dcce191fe7bd1ec9cba70569834d5

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=143431
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 16:40:18 GMT
Etag: "63e0bab9-116"
Expires: Wed, 08 Feb 2023 08:30:49 GMT
Last-Modified: Mon, 06 Feb 2023 08:30:49 GMT
Server: nginx
Content-Length: 278

gbett1.net/blank.gif?1675701663616

203.32.121.98

200 OK

43 B

URL HTTP/2
gbett1.net/blank.gif?1675701663616
IP
203.32.121.98:0
ASN
#209242 Cloudflare London, LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /blank.gif?1675701663616 HTTP/1.1
Host: gbett1.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coffee2play.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 06 Feb 2023 16:40:18 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
x-envoy-upstream-service-time: 0
x-frame-options: DENY
x-request-id: 729614b9-9446-49b7-8c4c-591401c7cc09
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 795553a93f790b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

gg.bet/blank.gif?1675701663617

203.29.52.121

200 OK

574 B

URL HTTP/2
gg.bet/blank.gif?1675701663617
IP
203.29.52.121:0
ASN
#209242 Cloudflare London, LLC

File type
data
Size
574 B (574 bytes)
Hash
f2518c2a7b2bb867c152a9cb495dd464
e560432e2070457c990678329f2dda6d6f520b66
17da213cef913a6643cc74a94515e654262da9e146e7efb7f6f3d689a8cb88cd

HTTP Headers

GET /blank.gif?1675701663617 HTTP/1.1
Host: gg.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coffee2play.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 06 Feb 2023 16:40:18 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
x-envoy-upstream-service-time: 1
x-frame-options: DENY
x-request-id: 8f3f2a54-b2f4-4a22-9d82-a49db5e78cc7
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 795553a96b81b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
c949632c572ad6a5424f9ae32b693681
d20049d998c7dab873f096f31de854f6187634ad
357fc0f0213095e51f6e3d1c0fd0a13849a78915c1e3ccfc78eac23cc2195151

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5105
Cache-Control: max-age=101396
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 16:40:18 GMT
Etag: "63e00295-116"
Expires: Tue, 07 Feb 2023 20:50:14 GMT
Last-Modified: Sun, 05 Feb 2023 19:25:09 GMT
Server: ECS (amb/6B87)
X-Cache: HIT
Content-Length: 278

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
9e41c53ce4a613f370c092f0b9bc54e6
287157aa22427807d80a3204a8c889018a80a55e
bf3478bf8c4df2375321619960dc221c2f0bf9443fa9881bc050ea6de5307e4a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 16:40:18 GMT
Etag: "63dfb69b-116"
Server: ECS (amb/6BC7)
Content-Length: 280

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
e418416d0b05e8806cfec69087c81575
3506f56e05b2766c3349e12e9fe30d8c6e7c3ce8
1e284daf250b1669e75c78a1421fc0e73d0dcce191fe7bd1ec9cba70569834d5

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 16:40:18 GMT
Etag: "63df6942-118"
Server: ECS (amb/6B87)
Content-Length: 278

sat.crwds.net/p/gnt908wk0bl6xyll5bj94zafs74gwo53/c89c19045bc1c74fffa579d1f73d1366.jpg

203.30.191.209

200 OK

20 kB

URL HTTP/2
sat.crwds.net/p/gnt908wk0bl6xyll5bj94zafs74gwo53/c89c19045bc1c74fffa579d1f73d1366.jpg
IP
203.30.191.209:0
ASN
#209242 Cloudflare London, LLC

File type
gzip compressed data, max compression\012- data
Size
20 kB (20085 bytes)
Hash
ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db

HTTP Headers

GET /p/gnt908wk0bl6xyll5bj94zafs74gwo53/c89c19045bc1c74fffa579d1f73d1366.jpg HTTP/1.1
Host: sat.crwds.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coffee2play.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 06 Feb 2023 16:40:18 GMT
content-type: image/jpeg
cache-control: no-cache, private
set-cookie: _7jt1oxhp4z=eyJpdiI6IjJoK0wxN2NKSUJYaUtsN0l3bWpqUXc9PSIsInZhbHVlIjoiUGgvWkdxQUlmM2piL1BWVjB2Ri9XUjBvazJockQ2NzZldmxDak5kb1RBNG1rcEJibzh1cHN4dWs4RjJaQTl5OXhOSS9ScEl3Y0xPTE12QThFMUprb0RuMEtvNnM1V1VWQ1hQNmVpUlN0R2M9IiwibWFjIjoiNGJmNGIzN2NjYTRkNjc2ZTQyMWYyNmZlMGRkNDU3OWRlNWUzNzNjNmYyM2FlMGUwODczMmNhZDlhM2VlYTJhZSIsInRhZyI6IiJ9; expires=Tue, 06-Feb-2024 16:40:18 GMT; Max-Age=31536000; path=/; domain=.crwds.net; secure; httponly; samesite=none
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 795553a9e9131c0a-OSL
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
262283a921f231669fd41486228a6e9a
4b96dcb2cd03f53280d2ecf5ccb249b0b32e6e97
13b8cc87c28e0113401d88f89971eb966afde870a3e4be2602ff34942e81862d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 16:40:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-156256613-1&cid=642252220.1675701664&jid=1055569827&gjid=1373167408&_gid=1970898072.1675701664&_u=YEBAAAAAAAAAAC~&z=1696803236

64.233.165.157

200 OK

1 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-156256613-1&cid=642252220.1675701664&jid=1055569827&gjid=1373167408&_gid=1970898072.1675701664&_u=YEBAAAAAAAAAAC~&z=1696803236
IP
64.233.165.157:0
ASN
#15169 GOOGLE

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-156256613-1&cid=642252220.1675701664&jid=1055569827&gjid=1373167408&_gid=1970898072.1675701664&_u=YEBAAAAAAAAAAC~&z=1696803236 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://coffee2play.com
Connection: keep-alive
Referer: https://coffee2play.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://coffee2play.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 06 Feb 2023 16:40:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7afb8eb5dcbd727fb69c14bfabe20e72
d4b1cc1973e4200a371f0aa8c5ec8232d780a77b
ca0a46edfe267973b60ff163d696fe7c0e862e56ee3f90f098bf309f276c987f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 16:40:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7757
Expires: Mon, 06 Feb 2023 18:49:35 GMT
Date: Mon, 06 Feb 2023 16:40:18 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7757
Expires: Mon, 06 Feb 2023 18:49:35 GMT
Date: Mon, 06 Feb 2023 16:40:18 GMT
Connection: keep-alive

sat.ugabartint.net/gnt908wk0bl6xyll5bj94zafs74gwo53/script.min.js?sub_1=gg_w174495c143008l8366gnop799_s8hnpa76e&visitorId=63e12d71ebe6efd47d08b31b

203.34.80.159

200 OK

51 kB

URL HTTP/2
sat.ugabartint.net/gnt908wk0bl6xyll5bj94zafs74gwo53/script.min.js?sub_1=gg_w174495c143008l8366gnop799_s8hnpa76e&visitorId=63e12d71ebe6efd47d08b31b
IP
203.34.80.159:0
ASN
#209242 Cloudflare London, LLC

File type
data
Size
51 kB (51309 bytes)
Hash
eb828a777ea6a546d013dccecf0564fd
0239045a7e1231fe9c1967ae7ca10ab14df90c32
9f63f1669d7a24e25480bb2519971a1f75ccd23f8ad67395ba0d38b39859a370

HTTP Headers

GET /gnt908wk0bl6xyll5bj94zafs74gwo53/script.min.js?sub_1=gg_w174495c143008l8366gnop799_s8hnpa76e&visitorId=63e12d71ebe6efd47d08b31b HTTP/1.1
Host: sat.ugabartint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coffee2play.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 06 Feb 2023 16:40:18 GMT
content-type: application/javascript
cache-control: must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
last-modified: Mon, 06 Feb 2023 16:40:18 GMT
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 795553a89b8db4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ba57757-8c86-4311-801e-5e416095984a.jpeg

34.120.237.76

200 OK

4.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ba57757-8c86-4311-801e-5e416095984a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.4 kB (4442 bytes)
Hash
7d8c3ebd17a435401c7f9fe3b8f842be
f2106be148fea23bf961fcdb69ea4cb127aa5f3e
ee708e68414539c75ddc077e0be7b75a86fd4fc9b6c1ddd1da86d0b9aca35558

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ba57757-8c86-4311-801e-5e416095984a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 4442
x-amzn-requestid: 1bb3d1b3-ff58-4b0d-9a2b-c25797530c5d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiQG1JoAMFRtg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-1bb478453ececa9613e7e4a2;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 9U-7wtL1xaLoE87hXcnrcTp-LCseI5ne10812N_9F_arqyi703w7Ng==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:50:10 GMT
age: 67808
etag: "f2106be148fea23bf961fcdb69ea4cb127aa5f3e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F085f1306-f595-4e1a-8162-7d3d1f959ac3.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.1 kB (9108 bytes)
Hash
7dbe304b5138a360ff07a9842bcf6a7f
00572f7667e322c9ef34bc35b7998c1c172dd34c
d63c58d6c96e23c61b92272de8c2aab01f4cf85f3420cc434c05447d355b1c77

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F085f1306-f595-4e1a-8162-7d3d1f959ac3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9108
x-amzn-requestid: 47a7d6da-229b-4fcc-a2c0-823f9c5e4224
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f0QLAGXgoAMFv6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63de60ac-5b8ee53114e58a056306067f;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 13:42:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 6oyg-X-GTV3HeKzW4a6Sa99JNjWcZFnE8okoqeAtp6ZgkTKCDtSoAw==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:46:53 GMT
age: 68005
etag: "00572f7667e322c9ef34bc35b7998c1c172dd34c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3694634-2f5a-47ff-b75c-9cb394881acc.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.8 kB (9808 bytes)
Hash
ccc8078cc937b7de0b299bcee1496f1b
395f04af71767acc9516387c8b07bde08968fdfe
cf959fc4a72d80dcab20c235bec6d21eadaab87efa7a8969744cd228628ba050

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3694634-2f5a-47ff-b75c-9cb394881acc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9808
x-amzn-requestid: 75cc8041-19f5-4994-96b6-b14d3c90ec6e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiSFZAIAMF65g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-355d272c345c8c37595b4bb2;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: T7YlRZ936VEDkBvo2YKrS3GbyEh1xzC8W-50KiODzFjTnQb-hvkKpw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:50:03 GMT
age: 67815
etag: "395f04af71767acc9516387c8b07bde08968fdfe"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F731dc7de-ce12-4639-9ceb-3218584c3d56.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10514 bytes)
Hash
9046d887fd45a0940e31a74173d17798
1ff698b9cf660165e846dfc4770f29852aedce45
0c7b0e1250aa7718b7b35b80a1442f62e94ace1fb578fb781ec8204ee96386d0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F731dc7de-ce12-4639-9ceb-3218584c3d56.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10514
x-amzn-requestid: ac2a383b-833d-4dae-9bd9-43dc3d9e373d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiPEIyoAMFqUw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-436bb6816b269ce45b9f8600;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RYNzle5-l5dOMPWb2Bmu_T5aIJw9NX2FKuJsej8hzpYZcgD6coH9SA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:50:09 GMT
age: 67809
etag: "1ff698b9cf660165e846dfc4770f29852aedce45"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d1adf44-5bff-4d36-99c4-8dd0dc2e5ac2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.8 kB (9779 bytes)
Hash
352e4166a431e781e56cc7f169c7f8ca
866b76c34076cf2e18c6a071336fcf4f581f3c4d
75ba13b601f4b00c5b091eb29e7f6739ffee3e127bd6d3c4b35cc967bb6d354a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d1adf44-5bff-4d36-99c4-8dd0dc2e5ac2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9779
x-amzn-requestid: 101b984b-9c04-4d07-b1fe-3d888f4bcd49
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ftcNRFV_oAMF2_w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dba721-72679ba0378015034e17b8ca;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 12:05:53 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FRZf4nkQyttwihy5BBbuHzT9lYQvBPqcOTdT5esu46vqMTvXAi5aQw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 18:39:44 GMT
age: 79234
etag: "866b76c34076cf2e18c6a071336fcf4f581f3c4d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
665a5b2638dbaefac6e22734f94f071b
0d95d647f9bbb3fb3060b658c86f1590ebcf4b26
829868c0001723f01025d31d735e3c111eef6fd676c2cd2eba6a27375e8f888d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 217
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 16:40:20 GMT
Last-Modified: Mon, 06 Feb 2023 16:36:43 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 278

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

50 kB

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
gzip compressed data, from Unix\012- data
Size
50 kB (49825 bytes)
Hash
3d7e01acc001d3c7f86c39c6117b8cf2
96cbc88a702922393e124fb2acd6be17fdd9f0db
94e779de2173c17ad30091eccf34c0076d52b56c85eee3ffb583419367c0fcd6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 16:40:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
040d512b73ad828b2dd7409c0c9dab49
a7b7256940377241abd22db537a864ec6348bf90
6e7f979d255eba736072b159be75a5865fd307781806c412ea66bb0f80e38aa6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 16:40:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
fd6de89e006fabe4f52236f90c669187
e387c4fda7559eadc096de1929873e655ed41fc9
71052e4869e46ae4020527bfab6c74ad0a11f16ae7c4ab6f1928048aa090a87c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5304
Cache-Control: max-age=130400
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 16:40:21 GMT
Etag: "63e0731d-117"
Expires: Wed, 08 Feb 2023 04:53:41 GMT
Last-Modified: Mon, 06 Feb 2023 03:25:17 GMT
Server: ECS (amb/6B87)
X-Cache: HIT
Content-Length: 279

www.googletagmanager.com/gtag/js?id=G-NJWKXH39RY

142.250.74.168

200 OK

80 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=G-NJWKXH39RY
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (25667)
Size
80 kB (79794 bytes)
Hash
bf8a2171a073bb97a9b17a6b6f7978cd
2511ba881037a8a6385d9ccc97477f5d25c4ed3b
53c755616fa2a9da9b7553e200372fd4776325b6147e7252c0a5060bc1fdccb7

HTTP Headers

GET /gtag/js?id=G-NJWKXH39RY HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ggbets1.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 06 Feb 2023 16:40:21 GMT
expires: Mon, 06 Feb 2023 16:40:21 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 79794
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit

142.250.74.164

200 OK

578 B

URL HTTP/2
www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (909), with no line terminators
Size
578 B (578 bytes)
Hash
2672ff05f8bc7eda93c563abfc745b2b
1f034b4ed041dcd30213c216cf9577e33fee586e
cf5c01ee8166251a53f7c12e7e1635df845c491f16217106f35512093cb4d729

HTTP Headers

GET /recaptcha/api.js?onload=onloadCallback&render=explicit HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ggbets1.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
expires: Mon, 06 Feb 2023 16:40:21 GMT
date: Mon, 06 Feb 2023 16:40:21 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 578
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2183fdf183ed33f2cd4342abd7bcadbe
007fe0bb01b7d77fbaaff5346fd7582041c978c8
8f0381d12ab5a76be5137b365e811e75db681eb0f6ad04d7ce28ad73101c33d5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 16:40:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
6a874172e9ec3dfa1c94c13b7cb10e4d
56c74168ac66e8fd9d5369949eed1fab35d90c9d
c1b45e13fa5fd70cb845c19920f298e4b8b5add9e10c825a125cccf34e89c19d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 16:40:21 GMT
Etag: "63dfa71d-116"
Server: ECS (amb/6BC7)
Content-Length: 279

stat.ggbets1.net/font.png?project=ggbet&uniqueId=669d1407-f971-4447-9798-d42e96e623d9&is_auth=0&action=visit&refCode=gg_w174495c143008l8366gnop799_s8hnpa76e&affdata=subdata=c89c19045bc1c74fffa579d1f73d1366&click_id=s8hnpa76e&geo=no&rotator=143008&landing=8366&sub_id=s8hnpa76e

203.30.189.19

200 OK

95 B

URL HTTP/2
stat.ggbets1.net/font.png?project=ggbet&uniqueId=669d1407-f971-4447-9798-d42e96e623d9&is_auth=0&action=visit&refCode=gg_w174495c143008l8366gnop799_s8hnpa76e&affdata=subdata=c89c19045bc1c74fffa579d1f73d1366&click_id=s8hnpa76e&geo=no&rotator=143008&landing=8366&sub_id=s8hnpa76e
IP
203.30.189.19:0
ASN
#209242 Cloudflare London, LLC

File type
PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Size
95 B (95 bytes)
Hash
71a50dbba44c78128b221b7df7bb51f1
0ec63b140374ba704a58fa0c743cb357683313dd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

HTTP Headers

GET /font.png?project=ggbet&uniqueId=669d1407-f971-4447-9798-d42e96e623d9&is_auth=0&action=visit&refCode=gg_w174495c143008l8366gnop799_s8hnpa76e&affdata=subdata=c89c19045bc1c74fffa579d1f73d1366&click_id=s8hnpa76e&geo=no&rotator=143008&landing=8366&sub_id=s8hnpa76e HTTP/1.1
Host: stat.ggbets1.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ggbets1.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
date: Mon, 06 Feb 2023 16:40:21 GMT
content-type: image/png
content-length: 95
expires: Mon, 06 Feb 2023 16:40:20 GMT
cache-control: no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
last-modified: Mon, 06 Feb 2023 16:40:21 GMT
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 795553bedc710afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
0a8ea253ef61b5c330b3285f9a94e6ae
0cf9a1c66c83f505c7195774996b107c145f5884
8b6bca0cd9c9adcb16bba03349e8fcbfcd645719c82c95f0111095b731842402

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 16:40:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js

142.250.74.35

200 OK

164 kB

URL HTTP/2
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (633)
Size
164 kB (163841 bytes)
Hash
fe98364486b3206867b17008f995646f
35a5e9aa210970f7abd718d99e629c6982a3cc02
1fd703cb16e3f6f3f7192109d19c69d6e5ac1cfa0feb5b105a86564b7970d28a

HTTP Headers

GET /recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ggbets1.net
Connection: keep-alive
Referer: https://ggbets1.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 163841
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 08:53:11 GMT
expires: Wed, 31 Jan 2024 08:53:11 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 31 Jan 2023 02:51:47 GMT
content-type: text/javascript
age: 546430
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

142.250.74.110

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.110:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1490)
Size
20 kB (20085 bytes)
Hash
ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ggbets1.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Mon, 06 Feb 2023 15:44:08 GMT
expires: Mon, 06 Feb 2023 17:44:08 GMT
cache-control: public, max-age=7200
age: 3373
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
6a874172e9ec3dfa1c94c13b7cb10e4d
56c74168ac66e8fd9d5369949eed1fab35d90c9d
c1b45e13fa5fd70cb845c19920f298e4b8b5add9e10c825a125cccf34e89c19d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=159268
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 16:40:21 GMT
Etag: "63e0f899-117"
Expires: Wed, 08 Feb 2023 12:54:49 GMT
Last-Modified: Mon, 06 Feb 2023 12:54:49 GMT
Server: nginx
Content-Length: 279

ggbets1.net/gql/query

203.30.189.19

101 Switching Protocols

472 B

URL HTTP/1.1
ggbets1.net/gql/query
IP
203.30.189.19:0
ASN
#209242 Cloudflare London, LLC

File type
gzip compressed data, from Unix\012- data
Size
472 B (472 bytes)
Hash
de30b83c25e652129b2dc17be9e51912
4c08b5c83cd542f70d4693d8d28cf7d1d5bf38f9
334819cf7758e5a8ca849b14ab6b2e7a3392272f030a885b045093c02e0d1137

HTTP Headers

GET /gql/query HTTP/1.1
Host: ggbets1.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://ggbets1.net
Sec-WebSocket-Protocol: graphql-ws
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: odp/k6g1VXhodxFXWnIcGQ==
Connection: keep-alive, Upgrade
Cookie: uuid=669d1407-f971-4447-9798-d42e96e623d9; refCode=gg_w174495c143008l8366gnop799_s8hnpa76e; affdata=subdata%3Dc89c19045bc1c74fffa579d1f73d1366%26click_id%3Ds8hnpa76e%26geo%3Dno%26rotator%3D143008%26landing%3D8366%26sub_id%3Ds8hnpa76e; landingId=8366; first_entrypoint=L2VuL2Nhc2lubz9yZWY9Z2dfdzE3NDQ5NWMxNDMwMDhsODM2Nmdub3A3OTlfczhobnBhNzZlJmFmZmRhdGElNUJzdWJkYXRhJTVEPWM4OWMxOTA0NWJjMWM3NGZmZmE1NzlkMWY3M2QxMzY2JmFmZmRhdGElNUJjbGlja19pZCU1RD1zOGhucGE3NmUmYWZmZGF0YSU1QmdlbyU1RD1ubyZhZmZkYXRhJTVCcm90YXRvciU1RD0xNDMwMDgmYWZmZGF0YSU1QmxhbmRpbmclNUQ9ODM2NiZhZmZkYXRhJTVCc3ViX2lkJTVEPXM4aG5wYTc2ZQ%3D%3D; player_affiliation=casino; _ga_NJWKXH39RY=GS1.1.1675701667.1.0.1675701667.0.0.0; _ga=GA1.1.886843265.1675701667
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Date: Mon, 06 Feb 2023 16:40:21 GMT
Content-Type: application/json
Connection: upgrade
sec-websocket-accept: E6eQc6evxq4p9bl5fdpalu+ksys=
sec-websocket-extensions: permessage-deflate; server_no_context_takeover; client_no_context_takeover
sec-websocket-protocol: graphql-ws
upgrade: websocket
x-frame-options: DENY
x-request-id: 95437d77-63ac-4d3a-822d-c2c0a4163af4
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 795553c0ba19b50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

region1.google-analytics.com/g/collect?v=2&tid=G-NJWKXH39RY&gtm=45je3210&_p=736501965&cid=886843265.1675701667&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675701667&sct=1&seg=0&dl=https%3A%2F%2Fggbets1.net%2Fen%2Fcasino%3Fref%3Dgg_w174495c143008l8366gnop799_s8hnpa76e%26affdata%255Bsubdata%255D%3Dc89c19045bc1c74fffa579d1f73d1366%26affdata%255Bclick_id%255D%3Ds8hnpa76e%26affdata%255Bgeo%255D%3Dno%26affdata%255Brotator%255D%3D143008%26affdata%255Blanding%255D%3D8366%26affdata%255Bsub_id%255D%3Ds8hnpa76e&dr=https%3A%2F%2Fcoffee2play.com%2F&dt=Casino%20-%20Play%20Online%20for%20Real%20Money%20at%20GG.BET&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1

216.239.34.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-NJWKXH39RY&gtm=45je3210&_p=736501965&cid=886843265.1675701667&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675701667&sct=1&seg=0&dl=https%3A%2F%2Fggbets1.net%2Fen%2Fcasino%3Fref%3Dgg_w174495c143008l8366gnop799_s8hnpa76e%26affdata%255Bsubdata%255D%3Dc89c19045bc1c74fffa579d1f73d1366%26affdata%255Bclick_id%255D%3Ds8hnpa76e%26affdata%255Bgeo%255D%3Dno%26affdata%255Brotator%255D%3D143008%26affdata%255Blanding%255D%3D8366%26affdata%255Bsub_id%255D%3Ds8hnpa76e&dr=https%3A%2F%2Fcoffee2play.com%2F&dt=Casino%20-%20Play%20Online%20for%20Real%20Money%20at%20GG.BET&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP
216.239.34.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-NJWKXH39RY&gtm=45je3210&_p=736501965&cid=886843265.1675701667&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675701667&sct=1&seg=0&dl=https%3A%2F%2Fggbets1.net%2Fen%2Fcasino%3Fref%3Dgg_w174495c143008l8366gnop799_s8hnpa76e%26affdata%255Bsubdata%255D%3Dc89c19045bc1c74fffa579d1f73d1366%26affdata%255Bclick_id%255D%3Ds8hnpa76e%26affdata%255Bgeo%255D%3Dno%26affdata%255Brotator%255D%3D143008%26affdata%255Blanding%255D%3D8366%26affdata%255Bsub_id%255D%3Ds8hnpa76e&dr=https%3A%2F%2Fcoffee2play.com%2F&dt=Casino%20-%20Play%20Online%20for%20Real%20Money%20at%20GG.BET&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ggbets1.net
Connection: keep-alive
Referer: https://ggbets1.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://ggbets1.net
date: Mon, 06 Feb 2023 16:40:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

static.hotjar.com/c/hotjar-2089269.js?sv=7

143.204.55.84

200 OK

16 kB

URL HTTP/2
static.hotjar.com/c/hotjar-2089269.js?sv=7
IP
143.204.55.84:0
ASN
#16509 AMAZON-02

File type
data
Size
16 kB (16032 bytes)
Hash
8a52db3947ba27e7d008e82a41abf76a
52ef5c7a307131afbe0900cf34e83d3c80a59161
c275796674ca13e568f7dd1d5b1bd5205c43f884a7a156ff2bf2f23a984c1b5a

HTTP Headers

GET /c/hotjar-2089269.js?sv=7 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ggbets1.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
date: Mon, 06 Feb 2023 16:40:21 GMT
cache-control: max-age=60
etag: W/652f14673d55b49dc0f165abb8e76034
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: jSdrc8BeIKcXDw449Qgu779myFZgbP6kT0--dQX7elz69EtnS9qejg==
age: 28
X-Firefox-Spdy: h2

widget.yhelper.net/iframe/main.512329f3.js?3aff78d1c09dfe58e641

203.30.189.107

200 OK

312 kB

URL HTTP/2
widget.yhelper.net/iframe/main.512329f3.js?3aff78d1c09dfe58e641
IP
203.30.189.107:0
ASN
#209242 Cloudflare London, LLC

File type
data
Size
312 kB (311499 bytes)
Hash
6edddb8cb6b0420233a16e8e1b7605f7
8b5ffe1a0d4fd2680fcf108e3efa3a5eb1defdca
e6016d7aecf326f264e03045770942efc98701242b47e82f7416ecd2e4787dc3

HTTP Headers

GET /iframe/main.512329f3.js?3aff78d1c09dfe58e641 HTTP/1.1
Host: widget.yhelper.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widget.yhelper.net/iframe/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 16:40:22 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Monday, 06-Feb-2023 16:40:22 UTC
cache-control: no-store, no-cache
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
cf-ray: 795553c56e72b527-OSL
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

142.250.74.35

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Size
16 kB (15920 bytes)
Hash
3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://widget.yhelper.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 07:51:59 GMT
expires: Thu, 01 Feb 2024 07:51:59 GMT
cache-control: public, max-age=31536000
age: 463704
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.35

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://widget.yhelper.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 05 Feb 2023 22:02:00 GMT
expires: Mon, 05 Feb 2024 22:02:00 GMT
cache-control: public, max-age=31536000
age: 67103
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e5ece90dcf859fbfb5907545922b41f8
f0c23639673b841d8eb8e0dab730242755e63795
cb9e1225607aa7f5b01b5e5da9a9d961e67b7499a70fc3f1d81135d924dfc2f7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CB9E1225607AA7F5B01B5E5DA9A9D961E67B7499A70FC3F1D81135D924DFC2F7"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3785
Expires: Mon, 06 Feb 2023 17:43:28 GMT
Date: Mon, 06 Feb 2023 16:40:23 GMT
Connection: keep-alive

widget.yhelper.net/iframe/src/assets/icons/chat/24//1c089c1d.close.svg

203.30.189.107

200 OK

37 kB

URL HTTP/2
widget.yhelper.net/iframe/src/assets/icons/chat/24//1c089c1d.close.svg
IP
203.30.189.107:0
ASN
#209242 Cloudflare London, LLC

File type
data
Size
37 kB (37083 bytes)
Hash
98642728b92810114e153c21d89e7f47
bf24b31a2d9a690113f68f10ccb4f5583a0001bd
9a85fa5e2c72a515e8d8e69bdf6c03df91bc0d5c833abe24bad20feaf9b903fb

HTTP Headers

GET /iframe/src/assets/icons/chat/24//1c089c1d.close.svg HTTP/1.1
Host: widget.yhelper.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widget.yhelper.net/iframe/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 16:40:23 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Monday, 06-Feb-2023 16:40:23 UTC
cache-control: no-store, no-cache
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
cf-ray: 795553c9dd17b527-OSL
X-Firefox-Spdy: h2

f52dbc7f-cbcb-4ccf-87d5-3e05f6c9f762.seals-emr.certria.com/emr-seal.js

143.204.55.108

200 OK

78 kB

URL HTTP/2
f52dbc7f-cbcb-4ccf-87d5-3e05f6c9f762.seals-emr.certria.com/emr-seal.js
IP
143.204.55.108:0
ASN
#16509 AMAZON-02

File type
data
Size
78 kB (78447 bytes)
Hash
47b59f5369c0bc042576853610db0f51
c2f06baa8a46b024672f497038b017a68cfe0ea6
ead0723f941714c8e754452647d2c4cc0e24562ccedf3c276fdd9f8ef323768d

HTTP Headers

GET /emr-seal.js HTTP/1.1
Host: f52dbc7f-cbcb-4ccf-87d5-3e05f6c9f762.seals-emr.certria.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ggbets1.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
date: Mon, 06 Feb 2023 16:40:21 GMT
x-powered-by: Express
cache-control: max-age=300
etag: W/"c6a-uNn1yBXwnwSQlyJleTt/5xQnWOU"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 795553bdfd05362c-FRA
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: DunsyzP1tmz7ZtOSCJQuuBKKdLAkQ2i-W1JE-oN1Op05IVkuD_eDcw==
X-Firefox-Spdy: h2

widget.yhelper.net/iframe/src/assets/icons/chat/24//119f4539.history.svg

203.30.189.107

200 OK

17 kB

URL HTTP/2
widget.yhelper.net/iframe/src/assets/icons/chat/24//119f4539.history.svg
IP
203.30.189.107:0
ASN
#209242 Cloudflare London, LLC

File type
SVG Scalable Vector Graphics image\012- exported SGML document, ASCII text, with very long lines (2407)
Size
17 kB (16615 bytes)
Hash
8096c2fd0830fc97cda131f45942848e
7107a568d0e9a633270ba2246e058a5949efd575
af52656b48df491f7f13cdbc1972d385a8cbf41d150595a0dd0bf59cbc3679e3

HTTP Headers

GET /iframe/src/assets/icons/chat/24//119f4539.history.svg HTTP/1.1
Host: widget.yhelper.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widget.yhelper.net/iframe/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 16:40:23 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Monday, 06-Feb-2023 16:40:23 UTC
cache-control: no-store, no-cache
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
cf-ray: 795553c9dd20b527-OSL
X-Firefox-Spdy: h2

widget.yhelper.net/iframe/src/assets/sounds//4782183d.ChatIncomingInitial.wav

203.30.189.107

206 Partial Content

28 kB

URL HTTP/2
widget.yhelper.net/iframe/src/assets/sounds//4782183d.ChatIncomingInitial.wav
IP
203.30.189.107:0
ASN
#209242 Cloudflare London, LLC

File type
RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, mono 16000 Hz\012- data
Size
28 kB (27564 bytes)
Hash
1df95570b7377118f5e3aaf17713aae9
79f36413ac726b7e9fe372bb7150910d0b5d91a8
70f61fc75704bbe219317ebe36e8dc5f1c66bebe36b1debd903ae62a5913f35c

HTTP Headers

GET /iframe/src/assets/sounds//4782183d.ChatIncomingInitial.wav HTTP/1.1
Host: widget.yhelper.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://widget.yhelper.net/iframe/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 206 Partial Content
date: Mon, 06 Feb 2023 16:40:23 GMT
content-type: application/octet-stream
content-length: 27564
last-modified: Monday, 06-Feb-2023 16:40:23 UTC
cache-control: no-store, no-cache
content-range: bytes 0-27563/27564
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 795553c9fd38b527-OSL
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
262283a921f231669fd41486228a6e9a
4b96dcb2cd03f53280d2ecf5ccb249b0b32e6e97
13b8cc87c28e0113401d88f89971eb966afde870a3e4be2602ff34942e81862d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 16:40:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-82654859-1&cid=886843265.1675701667&jid=1314367487&gjid=838607717&_gid=667808133.1675701668&_u=YADAAEAAAAAAACAAI~&z=1674251915

64.233.165.154

200 OK

1 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-82654859-1&cid=886843265.1675701667&jid=1314367487&gjid=838607717&_gid=667808133.1675701668&_u=YADAAEAAAAAAACAAI~&z=1674251915
IP
64.233.165.154:0
ASN
#15169 GOOGLE

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-82654859-1&cid=886843265.1675701667&jid=1314367487&gjid=838607717&_gid=667808133.1675701668&_u=YADAAEAAAAAAACAAI~&z=1674251915 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://ggbets1.net
Connection: keep-alive
Referer: https://ggbets1.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://ggbets1.net
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 06 Feb 2023 16:40:23 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

chat.prod.yhelper.net/socket.io/?EIO=4&transport=websocket

35.204.181.185

101 Switching Protocols

0 B

URL HTTP/1.1
chat.prod.yhelper.net/socket.io/?EIO=4&transport=websocket
IP
35.204.181.185:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /socket.io/?EIO=4&transport=websocket HTTP/1.1
Host: chat.prod.yhelper.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://widget.yhelper.net
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: +WGGa9BRd6W9KSdS6b78LQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Date: Mon, 06 Feb 2023 16:40:23 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: RmvtD3G52Fdt6AHZTnHqv/WOjnY=
Strict-Transport-Security: max-age=15724800; includeSubDomains

zz.connextra.com/GGBet/dcs/tagController/tagData/992b65560df2

104.110.28.81

200 OK

2.1 kB

URL HTTP/2
zz.connextra.com/GGBet/dcs/tagController/tagData/992b65560df2
IP
104.110.28.81:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (5211), with no line terminators
Size
2.1 kB (2111 bytes)
Hash
94124a0e35f9a35b4e59d362aa807fdd
19e315583fc4081e789fc51dbf62e07e809b502c
fc7ae38924b6717bdaae354f751ad2668a10c23de563db76a73cabf259fbaa81

HTTP Headers

POST /GGBet/dcs/tagController/tagData/992b65560df2 HTTP/1.1
Host: zz.connextra.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 40
Origin: https://ggbets1.net
Connection: keep-alive
Referer: https://ggbets1.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: text/plain
server: istio-envoy
access-control-allow-credentials: true
access-control-allow-origin: https://ggbets1.net
vary: origin,accept-encoding
p3p: CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
content-encoding: gzip
x-envoy-upstream-service-time: 2
expires: Mon, 06 Feb 2023 16:40:23 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Mon, 06 Feb 2023 16:40:23 GMT
content-length: 20
set-cookie: CxtId=d4483fef-5749-4f0c-abf1-e96cd8356d16; Domain=.connextra.com; Expires=Wed, 05-Feb-2025 16:40:23 GMT; Path=/; Secure
GGBet=P%7Cregstart%7C1%7C202302061640; Domain=.connextra.com; Expires=Tue, 06-Feb-2024 16:40:23 GMT; Path=/; Secure; HttpOnly
X-Firefox-Spdy: h2

secure.adnxs.com/getuidnb?https%3A//zz.connextra.com/sync/data/uid/3bc1d7fd2e/%24UID

37.252.171.149

200 OK

43 B

URL HTTP/1.1
secure.adnxs.com/getuidnb?https%3A//zz.connextra.com/sync/data/uid/3bc1d7fd2e/%24UID
IP
37.252.171.149:0
ASN
#29990 ASN-APPNEX

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

HTTP Headers

GET /getuidnb?https%3A//zz.connextra.com/sync/data/uid/3bc1d7fd2e/%24UID HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ggbets1.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Mon, 06 Feb 2023 16:40:23 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 17ca3f3e-27c8-4a11-aed5-e415153c469a
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com

secure.adnxs.com/seg?add=31428075&t=2

37.252.171.149

307 Redirection

521 kB

URL HTTP/1.1
secure.adnxs.com/seg?add=31428075&t=2
IP
37.252.171.149:0
ASN
#29990 ASN-APPNEX

File type
gzip compressed data, from Unix\012- data
Size
521 kB (521284 bytes)
Hash
a5cf3cfd96386555eba4a0d3704f0be5
0adc302d8068b19e855ed89bf3c92fb053148d71
f1ebcf99010ca34d8e3170c9a176054deb416544e978476277128124d1dc5e0e

HTTP Headers

GET /seg?add=31428075&t=2 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ggbets1.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Mon, 06 Feb 2023 16:40:23 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D31428075%26t%3D2
AN-X-Request-Uuid: c6dfb641-d4cb-4cdf-9cef-2772eb8c5352
Set-Cookie: uuid2=4372576530280204130; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 07-May-2023 16:40:23 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com

widget.yhelper.net/iframe/

203.30.189.107

200 OK

26 kB

URL HTTP/2
widget.yhelper.net/iframe/
IP
203.30.189.107:0
ASN
#209242 Cloudflare London, LLC

File type
data
Size
26 kB (26300 bytes)
Hash
8580321bd3dfceb5aaaf6ffb799e4d47
d7ef96a039de8b7fdf9500f763865a396b4c5166
9125a565fac66ee74ce6dbbdc04fa1e0052b738e91e268983c0fcf024ffa371a

HTTP Headers

GET /iframe/ HTTP/1.1
Host: widget.yhelper.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ggbets1.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 16:40:21 GMT
content-type: text/html
vary: Accept-Encoding
last-modified: Monday, 06-Feb-2023 16:40:21 UTC
cache-control: no-store, no-cache
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 795553bfee9bb527-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

secure.adnxs.com/bounce?%2Fseg%3Fadd%3D31428075%26t%3D2

37.252.171.149

200 OK

43 B

URL HTTP/1.1
secure.adnxs.com/bounce?%2Fseg%3Fadd%3D31428075%26t%3D2
IP
37.252.171.149:0
ASN
#29990 ASN-APPNEX

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

HTTP Headers

GET /bounce?%2Fseg%3Fadd%3D31428075%26t%3D2 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ggbets1.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Mon, 06 Feb 2023 16:40:24 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 8117e3a2-364d-49e1-aaf9-180dc880148d
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2Il^G_iq(!@wnf-Te9(>wL5L!!'QX$gZ1y; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 07-May-2023 16:40:24 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

142.250.74.35

200 OK

22 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
gzip compressed data, from Unix\012- data
Size
22 kB (22253 bytes)
Hash
589281e9807979171c31a74cebb85f4f
4b7d3b21291a60aa734aeabe5eee2394d938b695
77b0f1b581c1c09b7ae5a00cc07033cae70890e236d12d966d39dbcca3e23da7

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://widget.yhelper.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 13:09:06 GMT
expires: Wed, 31 Jan 2024 13:09:06 GMT
cache-control: public, max-age=31536000
age: 531078
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

helixnixo.buzz/

172.67.208.86

302 Found

0 B

URL HTTP/2
helixnixo.buzz/
IP
172.67.208.86:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

NIDS	Severity	Alert
suricata	medium	ET INFO HTTP Request to a *.buzz domain

HTTP Headers

GET / HTTP/1.1
Host: helixnixo.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 302 Found
date: Mon, 06 Feb 2023 16:40:17 GMT
content-type: text/html; charset=UTF-8
location: https://ggbetpromo.com/l/63a07c78406fe15f2660c7fc?sub_id=s8hnpa76e&click_id=s8hnpa76e
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
set-cookie: _subid=s8hnpa76e;Expires=Thursday, 09-Mar-2023 16:40:17 GMT;Max-Age=2678400;Path=/
e4d08=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjIyXCI6MTY3NTcwMTYxN30sXCJjYW1wYWlnbnNcIjp7XCIxMVwiOjE2NzU3MDE2MTd9LFwidGltZVwiOjE2NzU3MDE2MTd9In0.DM0AZNmLksbgpIJdP0wjSaqdAHUwF2Zwk2ku1gZASLI;Expires=Sunday, 15-Mar-2076 09:20:34 GMT;Max-Age=1675788017;Path=/
_token=uuid_s8hnpa76e_s8hnpa76e63e12d714cd556.38876790;Expires=Thursday, 09-Mar-2023 16:40:17 GMT;Max-Age=2678400;Path=/
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CX7tKkTVa2dQyoT0irZLDKDF3RtQ7SkugarYzvd%2FQOW0waD9uITebFuC7%2F3Atz06LhRp3N340bvPnL%2BH1%2FlkJvNjO17G4wdDJTVd0jl3WdSZCUx4PJL1hCvfDW%2BWSupVRg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 795553a25ca30b59-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-5F3SFTF

142.250.74.168

200 OK

0 B

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-5F3SFTF
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /gtm.js?id=GTM-5F3SFTF HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ggbets1.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 06 Feb 2023 16:40:21 GMT
expires: Mon, 06 Feb 2023 16:40:21 GMT
cache-control: private, max-age=900
last-modified: Mon, 06 Feb 2023 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 71733
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

sat.ugabartint.net/ie/e?m=Yzg5YzE5MDQ1YmMxYzc0ZmZmYTU3OWQxZjczZDEzNjYgPSBDYW52YXMgZWxlbWVudCBkb2Vzbid0IGhhdmUgYW55IG9mIHRoaXMgY29udGV4dCAtIHdlYmdsMixleHBlcmltZW50YWwtd2ViZ2wyLCB3ZWJnbCwgZXhwZXJpbWVudGFsLXdlYmdsLCBtb3otd2ViZ2wuIFdlYkdsIHN1cHBvcnQgaXMgZGlzYWJsZWQ%3D&h=aHR0cHM6Ly9jb2ZmZWUycGxheS5jb20vP3M9NjAmcmVmPWdnX3cxNzQ0OTVjMTQzMDA4bDgzNjZnbm9wNzk5X3M4aG5wYTc2ZSZlbmNvZGVkX3VybD1ZMkZ6YVc1dkl5RXZZWFYwYUM5eVpXZHBjM1JsY2o5d2IzQjFjQT09JmNsaWNrX2lkPXM4aG5wYTc2ZQ%3D%3D&ua=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTA1LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTA1LjA%3D

203.34.80.159

200 OK

0 B

URL HTTP/2
sat.ugabartint.net/ie/e?m=Yzg5YzE5MDQ1YmMxYzc0ZmZmYTU3OWQxZjczZDEzNjYgPSBDYW52YXMgZWxlbWVudCBkb2Vzbid0IGhhdmUgYW55IG9mIHRoaXMgY29udGV4dCAtIHdlYmdsMixleHBlcmltZW50YWwtd2ViZ2wyLCB3ZWJnbCwgZXhwZXJpbWVudGFsLXdlYmdsLCBtb3otd2ViZ2wuIFdlYkdsIHN1cHBvcnQgaXMgZGlzYWJsZWQ%3D&h=aHR0cHM6Ly9jb2ZmZWUycGxheS5jb20vP3M9NjAmcmVmPWdnX3cxNzQ0OTVjMTQzMDA4bDgzNjZnbm9wNzk5X3M4aG5wYTc2ZSZlbmNvZGVkX3VybD1ZMkZ6YVc1dkl5RXZZWFYwYUM5eVpXZHBjM1JsY2o5d2IzQjFjQT09JmNsaWNrX2lkPXM4aG5wYTc2ZQ%3D%3D&ua=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTA1LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTA1LjA%3D
IP
203.34.80.159:0
ASN
#209242 Cloudflare London, LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /ie/e?m=Yzg5YzE5MDQ1YmMxYzc0ZmZmYTU3OWQxZjczZDEzNjYgPSBDYW52YXMgZWxlbWVudCBkb2Vzbid0IGhhdmUgYW55IG9mIHRoaXMgY29udGV4dCAtIHdlYmdsMixleHBlcmltZW50YWwtd2ViZ2wyLCB3ZWJnbCwgZXhwZXJpbWVudGFsLXdlYmdsLCBtb3otd2ViZ2wuIFdlYkdsIHN1cHBvcnQgaXMgZGlzYWJsZWQ%3D&h=aHR0cHM6Ly9jb2ZmZWUycGxheS5jb20vP3M9NjAmcmVmPWdnX3cxNzQ0OTVjMTQzMDA4bDgzNjZnbm9wNzk5X3M4aG5wYTc2ZSZlbmNvZGVkX3VybD1ZMkZ6YVc1dkl5RXZZWFYwYUM5eVpXZHBjM1JsY2o5d2IzQjFjQT09JmNsaWNrX2lkPXM4aG5wYTc2ZQ%3D%3D&ua=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTA1LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTA1LjA%3D HTTP/1.1
Host: sat.ugabartint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coffee2play.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 16:40:18 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 795553a98cbfb4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

sat.ugabartint.net/ie/js/c89c19045bc1c74fffa579d1f73d1366

203.34.80.159

200 OK

0 B

URL HTTP/2
sat.ugabartint.net/ie/js/c89c19045bc1c74fffa579d1f73d1366
IP
203.34.80.159:0
ASN
#209242 Cloudflare London, LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /ie/js/c89c19045bc1c74fffa579d1f73d1366 HTTP/1.1
Host: sat.ugabartint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 4144
Origin: https://coffee2play.com
Connection: keep-alive
Referer: https://coffee2play.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 16:40:19 GMT
content-type: application/json
cache-control: no-cache, private
access-control-allow-origin: https://coffee2play.com
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT, PATCH
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 795553b35cd6b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

ggbets1.net/casino?ref=gg_w174495c143008l8366gnop799_s8hnpa76e&affdata%5Bsubdata%5D=c89c19045bc1c74fffa579d1f73d1366&affdata%5Bclick_id%5D=s8hnpa76e&affdata%5Bgeo%5D=no&affdata%5Brotator%5D=143008&affdata%5Blanding%5D=8366&affdata%5Bsub_id%5D=s8hnpa76e

203.30.189.19

302 Found

0 B

URL HTTP/2
ggbets1.net/casino?ref=gg_w174495c143008l8366gnop799_s8hnpa76e&affdata%5Bsubdata%5D=c89c19045bc1c74fffa579d1f73d1366&affdata%5Bclick_id%5D=s8hnpa76e&affdata%5Bgeo%5D=no&affdata%5Brotator%5D=143008&affdata%5Blanding%5D=8366&affdata%5Bsub_id%5D=s8hnpa76e
IP
203.30.189.19:0
ASN
#209242 Cloudflare London, LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /casino?ref=gg_w174495c143008l8366gnop799_s8hnpa76e&affdata%5Bsubdata%5D=c89c19045bc1c74fffa579d1f73d1366&affdata%5Bclick_id%5D=s8hnpa76e&affdata%5Bgeo%5D=no&affdata%5Brotator%5D=143008&affdata%5Blanding%5D=8366&affdata%5Bsub_id%5D=s8hnpa76e HTTP/1.1
Host: ggbets1.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://coffee2play.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Mon, 06 Feb 2023 16:40:20 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=0, must-revalidate, private
location: /en/casino?ref=gg_w174495c143008l8366gnop799_s8hnpa76e&affdata%5Bsubdata%5D=c89c19045bc1c74fffa579d1f73d1366&affdata%5Bclick_id%5D=s8hnpa76e&affdata%5Bgeo%5D=no&affdata%5Brotator%5D=143008&affdata%5Blanding%5D=8366&affdata%5Bsub_id%5D=s8hnpa76e
expires: Mon, 06 Feb 2023 16:40:20 GMT
set-cookie: uuid=669d1407-f971-4447-9798-d42e96e623d9; expires=Wed, 08 Mar 2023 16:40:20 GMT; Max-Age=2592000; path=/; secure; samesite=none
x-upstream: fpm
x-envoy-upstream-service-time: 23
x-frame-options: DENY
x-request-id: abba6084-7c82-44a6-86a7-fba17d38bc46
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 795553b96dc4b500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ggbets1.net/en/casino?ref=gg_w174495c143008l8366gnop799_s8hnpa76e&affdata%5Bsubdata%5D=c89c19045bc1c74fffa579d1f73d1366&affdata%5Bclick_id%5D=s8hnpa76e&affdata%5Bgeo%5D=no&affdata%5Brotator%5D=143008&affdata%5Blanding%5D=8366&affdata%5Bsub_id%5D=s8hnpa76e

203.30.189.19

200 OK

0 B

URL HTTP/2
ggbets1.net/en/casino?ref=gg_w174495c143008l8366gnop799_s8hnpa76e&affdata%5Bsubdata%5D=c89c19045bc1c74fffa579d1f73d1366&affdata%5Bclick_id%5D=s8hnpa76e&affdata%5Bgeo%5D=no&affdata%5Brotator%5D=143008&affdata%5Blanding%5D=8366&affdata%5Bsub_id%5D=s8hnpa76e
IP
203.30.189.19:0
ASN
#209242 Cloudflare London, LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /en/casino?ref=gg_w174495c143008l8366gnop799_s8hnpa76e&affdata%5Bsubdata%5D=c89c19045bc1c74fffa579d1f73d1366&affdata%5Bclick_id%5D=s8hnpa76e&affdata%5Bgeo%5D=no&affdata%5Brotator%5D=143008&affdata%5Blanding%5D=8366&affdata%5Bsub_id%5D=s8hnpa76e HTTP/1.1
Host: ggbets1.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://coffee2play.com/
Connection: keep-alive
Cookie: uuid=669d1407-f971-4447-9798-d42e96e623d9
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 16:40:21 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=0, must-revalidate, private
link: </static/130237/assets/css/desktop.css>; rel="preload"; as="style",</static/130237/assets/css/games.css>; rel="preload"; as="style"
expires: Mon, 06 Feb 2023 16:40:21 GMT
set-cookie: actionPay=deleted; expires=Sun, 06 Feb 2022 16:40:20 GMT; Max-Age=0; path=/; secure; httponly; samesite=none
refCode=gg_w174495c143008l8366gnop799_s8hnpa76e; expires=Wed, 08 Mar 2023 16:40:20 GMT; Max-Age=2591999; path=/; secure; httponly; samesite=none
affdata=subdata%3Dc89c19045bc1c74fffa579d1f73d1366%26click_id%3Ds8hnpa76e%26geo%3Dno%26rotator%3D143008%26landing%3D8366%26sub_id%3Ds8hnpa76e; expires=Wed, 08 Mar 2023 16:40:20 GMT; Max-Age=2591999; path=/; secure; httponly; samesite=none
landingId=8366; expires=Wed, 08 Mar 2023 16:40:20 GMT; Max-Age=2591999; path=/; secure; httponly; samesite=none
first_entrypoint=L2VuL2Nhc2lubz9yZWY9Z2dfdzE3NDQ5NWMxNDMwMDhsODM2Nmdub3A3OTlfczhobnBhNzZlJmFmZmRhdGElNUJzdWJkYXRhJTVEPWM4OWMxOTA0NWJjMWM3NGZmZmE1NzlkMWY3M2QxMzY2JmFmZmRhdGElNUJjbGlja19pZCU1RD1zOGhucGE3NmUmYWZmZGF0YSU1QmdlbyU1RD1ubyZhZmZkYXRhJTVCcm90YXRvciU1RD0xNDMwMDgmYWZmZGF0YSU1QmxhbmRpbmclNUQ9ODM2NiZhZmZkYXRhJTVCc3ViX2lkJTVEPXM4aG5wYTc2ZQ%3D%3D; expires=Mon, 20 Feb 2023 16:40:21 GMT; Max-Age=1209600; path=/; secure; samesite=none
player_affiliation=casino; path=/; secure; httponly; samesite=lax
x-upstream: fpm
x-envoy-upstream-service-time: 310
x-frame-options: DENY
x-request-id: 8bd6750e-9fd0-4eef-9452-0f29b44d2560
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 795553ba2ef8b500-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-h2-pushed: </static/130237/assets/css/desktop.css>,</static/130237/assets/css/games.css>
X-Firefox-Spdy: h2

widget.yhelper.net/widget.js

203.30.189.107

200 OK

0 B

URL HTTP/2
widget.yhelper.net/widget.js
IP
203.30.189.107:0
ASN
#209242 Cloudflare London, LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /widget.js HTTP/1.1
Host: widget.yhelper.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ggbets1.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 06 Feb 2023 16:40:21 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Monday, 06-Feb-2023 16:40:21 UTC
cache-control: no-store, no-cache
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
cf-ray: 795553bd6a78b527-OSL
X-Firefox-Spdy: h2

widget.yhelper.net/iframe/src/assets/icons/chat/24//1e6304ab.article.svg

203.30.189.107

200 OK

0 B

URL HTTP/2
widget.yhelper.net/iframe/src/assets/icons/chat/24//1e6304ab.article.svg
IP
203.30.189.107:0
ASN
#209242 Cloudflare London, LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /iframe/src/assets/icons/chat/24//1e6304ab.article.svg HTTP/1.1
Host: widget.yhelper.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widget.yhelper.net/iframe/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 16:40:24 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Monday, 06-Feb-2023 16:40:24 UTC
cache-control: no-store, no-cache
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
cf-ray: 795553d2ea06b527-OSL
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (78)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML