Report - thebetterdealss.com/Campaign/Casino/Canada-EN/Casino-14-TY-3/index.html

Report Overview

Submitted URL
thebetterdealss.com/Campaign/Casino/Canada-EN/Casino-14-TY-3/index.html
IP
54.230.111.122
ASN
#16509 AMAZON-02
Submitted
2022-10-20 04:56:36
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-09T05:09:49Z	401 B	5.8 kB	34.160.144.191
ocsp.sca1b.amazontrust.com	1015	2017-03-03T16:20:51Z	2019-03-27T05:05:54Z	338 B	984 B	54.230.245.118
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-09T05:09:50Z	1.3 kB	2.8 kB	142.250.74.3
my.rtmark.net	9054	2015-02-04T10:54:57Z	2023-03-09T10:18:28Z	1.1 kB	1.4 kB	139.45.195.8
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-09T13:40:16Z	373 B	39 kB	142.250.74.168
trk.thebetterdealz.com	unknown	2021-08-09T20:28:35Z	2023-03-09T10:58:31Z	505 B	414 B	18.184.38.55
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-09T05:09:13Z	594 B	127 B	34.215.56.181
region1.google-analytics.com	unknown	2022-03-17T12:26:33Z	2023-03-09T05:09:40Z	699 B	566 B	216.239.32.36
shaumtol.com	258042	2021-09-14T17:15:35Z	2023-03-09T12:39:37Z	431 B	27 kB	139.45.197.250
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-09T10:04:36Z	3.2 kB	58 kB	34.120.237.76
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-09T05:09:18Z	758 B	2.8 kB	143.204.55.115
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-09T05:09:05Z	2.0 kB	5.3 kB	23.36.76.226
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-09T11:52:10Z	987 B	2.0 kB	93.184.220.29
cdnjs.cloudflare.com	235	2015-04-17T22:46:33Z	2023-03-09T05:09:51Z	416 B	2.5 kB	104.17.24.14
ajax.googleapis.com	12905	2013-08-16T11:51:31Z	2023-03-09T13:58:35Z	383 B	32 kB	172.217.21.170
ocsp.sectigo.com	487	2019-11-29T12:50:24Z	2023-03-09T11:25:06Z	328 B	963 B	104.18.32.68
thebetterdealss.com	unknown	2021-08-09T21:39:04Z	2023-03-09T10:58:29Z	6.6 kB	217 kB	54.230.111.17
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-09T05:09:48Z	321 B	229 B	34.117.237.239

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-10-19	medium	shaumtol.com	Sinkholed

JavaScript (26)

	URL	Size	First Seen	Last Seen
	thebetterdealss.com/Campaign/Casino/Canada-EN/Casino-14-TY-3/index.html	822 B	2023-03-07	2024-02-12
Pretty URL thebetterdealss.com/Campaign/Casino/Canada-EN/Casino-14-TY-3/index.html IP 54.230.111.17 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:54:04 Last Seen2024-02-12 05:28:00 Times Seen96 Hash b97d7f47f2911874af688e6e2ede8352 5a4b2280a41d2336f08429e8893c977e2b5a9ccf c3bd6903d4aec63ca04f85055acb71ad0305e4a01d104c1e3460afd6bd430c4a Loading...

	my.rtmark.net/p.js?f=sync&lr=1&partner=567737222dc141f78a16cbadcf8efe9b0e8ae6469c9c147e48b2bbca746e3cd8	697 B	2023-03-07	2024-02-12
Pretty URL my.rtmark.net/p.js?f=sync&lr=1&partner=567737222dc141f78a16cbadcf8efe9b0e8ae6469c9c147e48b2bbca746e3cd8 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:54:04 Last Seen2024-02-12 05:28:00 Times Seen181 Hash c9403da8f2e07b42a7abb2ca02510847 54707a8174b1e2539eb1170b78c548a832ea2867 8c4f1df9606db3187c5b0a76d0586cfa938845ab7cfbbe65805fb21c2032ec47 Loading...

	thebetterdealss.com/Campaign/Casino/Canada-EN/Casino-14-TY-3/b381167682fc24f7d21b80139356c31d.static.js	87 kB	2023-03-07	2024-04-19
Pretty URL thebetterdealss.com/Campaign/Casino/Canada-EN/Casino-14-TY-3/b381167682fc24f7d21b80139356c31d.static.js IP 54.230.111.17 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-19 05:22:19 Times Seen60684 Hash c9f5aeeca3ad37bf2aa006139b935f0a 1055018c28ab41087ef9ccefe411606893dabea2 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de Loading...

	thebetterdealss.com/Campaign/Casino/Canada-EN/Casino-14-TY-3/f25504e7888a55c8f51cf4674240e55f.static.js?z=4495707&sw=/sw-check-permissions-3a841.js	81 kB	2023-03-07	2024-02-12
Pretty URL thebetterdealss.com/Campaign/Casino/Canada-EN/Casino-14-TY-3/f25504e7888a55c8f51cf4674240e55f.static.js?z=4495707&sw=/sw-check-permissions-3a841.js IP 54.230.111.17 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:54:04 Last Seen2024-02-12 05:28:00 Times Seen110 Hash 221a4875f104c38145363ac8d0c34223 9d0916090b6659bc573d3de77bcbdc6a04931824 56ef2b1864e916208271e0307629c14db9201bf91da62246dfeb9d9704b985df Loading...

	www.googletagmanager.com/gtm.js?id=GTM-M7SJHXC	97 kB	2023-03-10	2023-03-10
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-M7SJHXC IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 11:55:58 Last Seen2023-03-10 11:55:58 Times Seen1 Hash 80a69d2c31b0631e677c3c6fb7777118 d6ba3c987ba84c7d3531f19916f52f533852bc71 23fa5e9395ce2f39f6dc90994bf3c401ce9b74657ff2fde0a2a9aec4990a92b6 Loading...

	thebetterdealss.com/Campaign/Casino/Canada-EN/Casino-14-TY-3/index.html	103 B	2023-03-10	2023-03-10
Pretty URL thebetterdealss.com/Campaign/Casino/Canada-EN/Casino-14-TY-3/index.html IP 54.230.111.17 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 11:55:58 Last Seen2023-03-10 11:55:58 Times Seen1 Hash acd59b669c7ebf24ecc3ca5b65ec1ae0 d5d542cc27befe075e560329dc0607ecd0fc808a d53d3895ce9399e21814744db55f458311395bbff1596f9fadb1b919e120057a Loading...

	thebetterdealss.com/Campaign/Casino/Canada-EN/Casino-14-TY-3/index.html	40 B	2023-03-07	2024-03-03
Pretty URL thebetterdealss.com/Campaign/Casino/Canada-EN/Casino-14-TY-3/index.html IP 54.230.111.17 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:14:12 Last Seen2024-03-03 01:26:32 Times Seen301 Hash c908e839697a159f578392b7120a32e6 3177107843b3eb502c5f1c3bc4bda8dd2c4fe2f6 36780db9d5ede0c49775774fd5654f46212440322b1dd8e7d6d83d5bb8547f52 Loading...

	thebetterdealss.com/Campaign/Casino/Canada-EN/Casino-14-TY-3/4c0948bf4f4c9251986ffd7516631834.static.js	645 B	2023-03-08	2023-11-18
Pretty URL thebetterdealss.com/Campaign/Casino/Canada-EN/Casino-14-TY-3/4c0948bf4f4c9251986ffd7516631834.static.js IP 54.230.111.17 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:46:44 Last Seen2023-11-18 08:23:58 Times Seen15 Hash ba05dd08407d90513d7ea64622f94fab e42b779a85d18f5df3ee6744ac719b1c92c8b26e 32810073d4833635f8add044979b297aa848543a22c3c5d24a3b07486ec21587 Loading...

	thebetterdealss.com/Campaign/Casino/Canada-EN/Casino-14-TY-3/index.html	341 B	2023-03-09	2024-02-12
Pretty URL thebetterdealss.com/Campaign/Casino/Canada-EN/Casino-14-TY-3/index.html IP 54.230.111.17 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 01:57:31 Last Seen2024-02-12 05:28:00 Times Seen94 Hash 236b49af207f999653913dc0551087f2 10156cf3ec139f25f5d22abc85c76a53d95acaab 8e1950892e059db14bf5b97b1b576aad84a370954b1bd1abd1090f7ecf0ec4a2 Loading...

	thebetterdealss.com/Campaign/Casino/Canada-EN/Casino-14-TY-3/index.html	136 B	2023-03-07	2024-03-24
Pretty URL thebetterdealss.com/Campaign/Casino/Canada-EN/Casino-14-TY-3/index.html IP 54.230.111.17 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:42 Last Seen2024-03-24 15:05:33 Times Seen533 Hash 96e82ebcc1bba26e17346488fdd431b1 24626aa3c03c14ff2fe20e52694acadbfca5ddba bb30099f988a6c87efcfbe186ff09863e87a3e1f5437e9ab9e224a7e934876cc Loading...

	thebetterdealss.com/Campaign/Casino/Canada-EN/Casino-14-TY-3/index.html	660 B	2023-03-07	2023-03-26
Pretty URL thebetterdealss.com/Campaign/Casino/Canada-EN/Casino-14-TY-3/index.html IP 54.230.111.17 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:54:04 Last Seen2023-03-26 05:28:46 Times Seen8 Hash 8e0eb89cd27df62f894e9e00c381074c 4a5e50c2e907e58015692800833ef5c2fdaeb587 dad36e2c4afb45d8a95f3e03c3d9dec0f69c13f46bf3cfd5ed8770db70f13392 Loading...

	shaumtol.com/pfe/current/micro.tag.min.js?z=4492922&ymid=null&var=null&sw=/sw-check-permissions-a7c35.js	76 kB	2023-03-10	2023-03-10
Pretty URL shaumtol.com/pfe/current/micro.tag.min.js?z=4492922&ymid=null&var=null&sw=/sw-check-permissions-a7c35.js IP 139.45.197.250 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 11:08:57 Last Seen2023-03-10 12:02:22 Times Seen1 Hash f2c763e07d61e8fd797834ee57f36ed6 80fca7b259ae3ad03d450de6303827bbaa89565d 2ca7fb820125e888354aa2b573b6465dec5e3c411ade5c8b3da7757cb16a8604 Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js	90 kB	2023-03-07	2024-04-19
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js IP 172.217.21.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:13 Last Seen2024-04-19 03:54:41 Times Seen259743 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

	thebetterdealss.com/Campaign/Casino/Canada-EN/Casino-14-TY-3/index.html	39 B	2023-03-07	2024-02-12
Pretty URL thebetterdealss.com/Campaign/Casino/Canada-EN/Casino-14-TY-3/index.html IP 54.230.111.17 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:54:04 Last Seen2024-02-12 05:28:00 Times Seen96 Hash 1a45093d1f9187c67a3bf6d0afa34975 bfaa500c1998604b4ea205c697c548c0f253d3a5 e3e1d984b7f9536015f49da7efa7e18240be98e6c195fe71546e9bcf00c1ca93 Loading...

	thebetterdealss.com/Campaign/Casino/Canada-EN/Casino-14-TY-3/index.html	81 B	2023-03-07	2024-04-18
Pretty URL thebetterdealss.com/Campaign/Casino/Canada-EN/Casino-14-TY-3/index.html IP 54.230.111.17 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:40 Last Seen2024-04-18 08:55:45 Times Seen380 Hash c0211a10e5bdf9d68c40a31c758e1771 a1ba4ba2803ccf705fabf143a7422c5da5c67477 e1d462e0028d01b1829fdd49d99c692bcc9189772959390bb18054f14deda85e Loading...

	thebetterdealss.com/Campaign/Casino/Canada-EN/Casino-14-TY-3/index.html	79 B	2023-03-07	2024-04-18
Pretty URL thebetterdealss.com/Campaign/Casino/Canada-EN/Casino-14-TY-3/index.html IP 54.230.111.17 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:40 Last Seen2024-04-18 08:55:45 Times Seen378 Hash 330cb3e23d95121bd55d849997798301 ac065eea17a1fe8f68bf72a5645acdffab3105b5 02edff9349933e1f564c6cad886e0eed218cf96d3b43a390735e2e6084bbc22c Loading...

	thebetterdealss.com/Campaign/Casino/Canada-EN/Casino-14-TY-3/index.html	1.0 kB	2023-03-08	2023-11-18
Pretty URL thebetterdealss.com/Campaign/Casino/Canada-EN/Casino-14-TY-3/index.html IP 54.230.111.17 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:46:44 Last Seen2023-11-18 08:23:58 Times Seen9 Hash cd82efc7b3e8893c1352aebacf7f1e2d 49a1a9fd60026f0210c82ba60f2e298e44665795 56c69e31b4a5084999dc5012f3f28d7a8839a17c5925a3c407ce285ea5260b79 Loading...

	thebetterdealss.com/Campaign/Casino/Canada-EN/Casino-14-TY-3/index.html	1.4 kB	2023-03-07	2023-03-26
Pretty URL thebetterdealss.com/Campaign/Casino/Canada-EN/Casino-14-TY-3/index.html IP 54.230.111.17 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:54:04 Last Seen2023-03-26 05:28:46 Times Seen8 Hash 23084c6250077beda06d90124ce3b6d4 71d43ae7499905150a250e45f8be0005184ba3bf 78021c49ef94cc8d7444258ec056e679658fa4732eb85489c52b2f47024c404a Loading...

	www.googletagmanager.com/gtag/js?id=G-N55404SP04&l=dataLayer&cx=c	226 kB	2023-03-10	2023-03-10
Pretty URL www.googletagmanager.com/gtag/js?id=G-N55404SP04&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 11:55:58 Last Seen2023-03-10 11:55:58 Times Seen1 Hash ac9bba218562d809dc6b9d6c94e37f76 1e31edd548d7bf321fb8a1dc8145e506309f9f1a d013a5c607fa8fb480e8fd78f5c3846595f51877eddc5e5cd2be67073d3b2873 Loading...

	thebetterdealss.com/Campaign/Casino/Canada-EN/Casino-14-TY-3/index.html	103 B	2023-03-10	2023-03-10
Pretty URL thebetterdealss.com/Campaign/Casino/Canada-EN/Casino-14-TY-3/index.html IP 54.230.111.17 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 11:55:58 Last Seen2023-03-10 11:55:58 Times Seen1 Hash 94ea34aa0da5bdabee770ae891addc0c f138e406225d1fbfa7f92363edf6d2771f4ad1b4 2059f008837d30fc4399c6af4d8e533839c1a0b8cbbfd7c4b33165137dde83b9 Loading...

	thebetterdealss.com/Campaign/Casino/Canada-EN/Casino-14-TY-3/index.html	88 B	2023-03-07	2024-04-18
Pretty URL thebetterdealss.com/Campaign/Casino/Canada-EN/Casino-14-TY-3/index.html IP 54.230.111.17 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:40 Last Seen2024-04-18 08:55:45 Times Seen379 Hash ed6cf71315499a6827f20b3e13d312ad 71b272cdddcacc233e31d69df4ed7c38ba05a3d3 06bac6943b40cf25de3797e62a98c681ee26f658ef18871adb9c338d4f8c5e7c Loading...

	thebetterdealss.com/Campaign/Casino/Canada-EN/Casino-14-TY-3/index.html	103 B	2023-03-07	2024-02-12
Pretty URL thebetterdealss.com/Campaign/Casino/Canada-EN/Casino-14-TY-3/index.html IP 54.230.111.17 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:54:04 Last Seen2024-02-12 05:28:00 Times Seen96 Hash c067efefe6c33d907b811d7f3ae64031 543ebbe364b0eb52d1b27e76033350e578f0514e 4d6632cfe46894c451c8b84df933ff9fc77f024b56701b814b2edb4af5799a13 Loading...

		Size	First Seen	Last Seen
	#1 Eval - d51aae8f3b1dd9ab6bbb43426ab04137	80 B	2023-03-10	2023-03-10
Pretty Observations First Seen2023-03-10 11:55:58 Last Seen2023-03-10 11:55:58 Times Seen1 Hash d51aae8f3b1dd9ab6bbb43426ab04137 e142ff04851e036e7478102296eee9be4333fbdf 5d2e46d68a7eecffcde399af5c5ee0a8207db9cbb3ec924310719474034bb22d Loading...

	#2 Eval - 69e527223671ef01d07f2c92fd9759cb	80 B	2023-03-10	2023-03-10
Pretty Observations First Seen2023-03-10 11:55:58 Last Seen2023-03-10 11:55:58 Times Seen1 Hash 69e527223671ef01d07f2c92fd9759cb 3a00f255f4fcc6c2f2f90a7a4a83c347a6091226 8a299a0ffba05b9c9df371f0889a4b3a906bcad9126e4ca76b554aae47125db0 Loading...

	#3 Eval - dae00eef1ea1a29c56b6461026df895b	80 B	2023-03-07	2024-02-12
Pretty Observations First Seen2023-03-07 14:54:04 Last Seen2024-02-12 05:28:00 Times Seen95 Hash dae00eef1ea1a29c56b6461026df895b c0a1942ef7294ad4a98720e1872929ec6995f2b8 6dab1be67891087e84cbef1e2970cbb2d460c9c676e41b2b03c2be0942d1ceb3 Loading...

		Size	First Seen	Last Seen
	#1 Write - d41d8cd98f00b204e9800998ecf8427e	0 B	2023-03-07	2024-04-19
Pretty Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-19 05:36:02 Times Seen36952503 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

HTTP Transactions (47)

URL IP Response Size

thebetterdealss.com/Campaign/Casino/Canada-EN/Casino-14-TY-3/index.html

54.230.111.17

301 Moved Permanently

167 B

URL HTTP/1.1
thebetterdealss.com/Campaign/Casino/Canada-EN/Casino-14-TY-3/index.html
IP
54.230.111.17:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
167 B (167 bytes)
Hash
f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d

HTTP Headers

GET /Campaign/Casino/Canada-EN/Casino-14-TY-3/index.html HTTP/1.1
Host: thebetterdealss.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Thu, 20 Oct 2022 04:56:25 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://thebetterdealss.com/Campaign/Casino/Canada-EN/Casino-14-TY-3/index.html
X-Cache: Redirect from cloudfront
Via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: WZYE4bRyx-iecjvrIGHglVgGe8HjiQeSFdb8T7aopARC1AP2vdB6Qw==

firefox.settings.services.mozilla.com/v1/

143.204.55.115

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
bdb8b66c705a7b996496d780f50c00b5
403ae92039fcc933870f51f913f78ccaf9652256
c923ed2539f4ce9f4d43743c402fbb2060a52a4cbedbf14c5f5742ab718073d6

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Content-Length, Retry-After, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 20 Oct 2022 04:51:49 GMT
Expires: Thu, 20 Oct 2022 05:46:28 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: fGyYLAcqtYNZ0-1Q-7zSa_pkASck8PwfmLsuSfZlacwI1kLqCFgBRQ==
Age: 276

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
24a97183f836954e0f05c4dc794ff4d1
52778bbe39b9f736c16b5798575d1d96607ce9d0
01f6721f2674f54662fff590fdf7247cc8c58a3f84906cae75527fb7b6dd2436

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "01F6721F2674F54662FFF590FDF7247CC8C58A3F84906CAE75527FB7B6DD2436"
Last-Modified: Wed, 19 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5535
Expires: Thu, 20 Oct 2022 06:28:40 GMT
Date: Thu, 20 Oct 2022 04:56:25 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
533e1d53f291993ed5886f88a85c6e55
eb4396e8422f71168d32ac6ff3ef49496f625e62
0d1b73b2a228fe76bf14688e603741025a40803971e05570f873b28788334b33

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0D1B73B2A228FE76BF14688E603741025A40803971E05570F873B28788334B33"
Last-Modified: Mon, 17 Oct 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2336
Expires: Thu, 20 Oct 2022 05:35:21 GMT
Date: Thu, 20 Oct 2022 04:56:25 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: G8Z8kqT459f8a0FA0nkYmL5zD2oWt/JE/QorHLVdO74mRUEsekbdOW55HJSlAw+1hsrJI25M4sc=
x-amz-request-id: 84XX4HQYXZHJVVEC
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 20 Oct 2022 04:36:34 GMT
age: 1191
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

54.230.245.118

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.118:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
32bebd23dd9dae2052f80aa62f53f9ba
ca938657649b138cf8a587f0f0c7b2ab714de7ac
c5f40ff79e2922b0e6138aba45569f54cd6481f44fb8c7d8752650e008f5462a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=153653
Date: Thu, 20 Oct 2022 04:56:25 GMT
Etag: "63508a2e-1d7"
Expires: Fri, 21 Oct 2022 23:37:18 GMT
Last-Modified: Wed, 19 Oct 2022 23:37:18 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: w8VcUoE50Rmib915eKwuUPwdzZXE79VxevRDUidMhWK_0FavuMF4Rg==

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 20 Oct 2022 04:56:25 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
18b23741e87ccf9a70227948d53e0fbc
d6846eec3c338e846612a76aae25679218180cdf
9dc13eae0a47c289dbe396d64d2120b77886ee84b809c6902feef5a72547351d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6174
Cache-Control: max-age=144687
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 04:56:26 GMT
Etag: "63504f0b-117"
Expires: Fri, 21 Oct 2022 21:07:53 GMT
Last-Modified: Wed, 19 Oct 2022 19:24:59 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 279

cdnjs.cloudflare.com/ajax/libs/froala-editor/2.8.5/css/froala_style.min.css

104.17.24.14

200 OK

1.4 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/froala-editor/2.8.5/css/froala_style.min.css
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (7048)
Size
1.4 kB (1380 bytes)
Hash
aa3b4ed7478b3a40f2409188a0c9fdab
1b4efc2536689dde7205f6eb81766b6ad54ada8f
80db261e2480e9541813923e022ea7d0dceece776b3aa606216545a1ba272d26

HTTP Headers

GET /ajax/libs/froala-editor/2.8.5/css/froala_style.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebetterdealss.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 20 Oct 2022 04:56:26 GMT
content-type: text/css; charset=utf-8
content-length: 1380
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e6a-1c28"
last-modified: Mon, 04 May 2020 16:10:18 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 11528650
expires: Tue, 10 Oct 2023 04:56:26 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5EWBQTelLAYM53eWLl15YgTIa2HzYV3UEE0R42OW4MLIjfBKwNoDas0Ke2bRccCylUcBaYoXCXnyR2NcelHeNCx3TQhc%2BmywXvDzQ9gX4w2mC9mNEn%2FjBndJ4J76dMYMhLoYhi8R"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 75cf2abc8a41fac0-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7d3049667c1a65b13995652bad0748a5
3e74f4761dfedb4511db7aa1b35ffa17fcb5535c
e19690b3e0e53e52ec5374d01b2d89fa0f234c242d089574d61f3f1c737eb5a8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 04:56:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
05025e12c744a753bae14903a181bc6f
309a7f4e7837c166679406f9504d85430f06a4ba
bd1969739779b443a44c3cc6ec601115d14a19374c9a3f1becc197fa70daaa16

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 04:56:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

thebetterdealss.com/Campaign/Casino/Canada-EN/Casino-14-TY-3/d846b391ab89ca16fda20d187927d0a0.static.png

54.230.111.17

200 OK

2.2 kB

URL HTTP/2
thebetterdealss.com/Campaign/Casino/Canada-EN/Casino-14-TY-3/d846b391ab89ca16fda20d187927d0a0.static.png
IP
54.230.111.17:0
ASN
#16509 AMAZON-02

File type
PNG image data, 265 x 133, 8-bit colormap, non-interlaced\012- data
Size
2.2 kB (2249 bytes)
Hash
46d3b5e50a1c32641e6a1d75edb1a0ee
7241d2bd02093af81f2bc5e47c3980d7530ebe6f
8ce56b652e2fbac94f83d2b6df6ee621e9c4f298eefe4a92c53dda2dbfe744d4

HTTP Headers

GET /Campaign/Casino/Canada-EN/Casino-14-TY-3/d846b391ab89ca16fda20d187927d0a0.static.png HTTP/1.1
Host: thebetterdealss.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebetterdealss.com/Campaign/Casino/Canada-EN/Casino-14-TY-3/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 2249
x-amz-meta-origin-date-iso8601: 2021-10-10T13:09:36.000Z
last-modified: Fri, 13 May 2022 18:57:17 GMT
server: AmazonS3
date: Thu, 20 Oct 2022 04:56:27 GMT
etag: "46d3b5e50a1c32641e6a1d75edb1a0ee"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: mwwFmeJ3XMXM5_x2Hs0hr3uiG0jtorQB0srWWUaS6IDPBSHE4wGVlQ==
X-Firefox-Spdy: h2

thebetterdealss.com/Campaign/Casino/Canada-EN/Casino-14-TY-3/leovegas-casino.png

54.230.111.17

200 OK

25 kB

URL HTTP/2
thebetterdealss.com/Campaign/Casino/Canada-EN/Casino-14-TY-3/leovegas-casino.png
IP
54.230.111.17:0
ASN
#16509 AMAZON-02

File type
PNG image data, 394 x 100, 8-bit/color RGBA, non-interlaced\012- data
Size
25 kB (25160 bytes)
Hash
6c70312463ee3dcd7b3ad7d71260f0f2
e3e9a5f85076a182b19474c10314abae656e187b
a855f233fbeba18164fdf39dfb454b29fa147af0de581a167691e081a7c8e9c1

HTTP Headers

GET /Campaign/Casino/Canada-EN/Casino-14-TY-3/leovegas-casino.png HTTP/1.1
Host: thebetterdealss.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebetterdealss.com/Campaign/Casino/Canada-EN/Casino-14-TY-3/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 25160
x-amz-meta-origin-date-iso8601: 2021-10-12T07:24:34.244Z
last-modified: Fri, 13 May 2022 18:57:25 GMT
server: AmazonS3
date: Thu, 20 Oct 2022 04:56:27 GMT
etag: "6c70312463ee3dcd7b3ad7d71260f0f2"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: WOb0T0pVksiBu4y7SWOfri4rG9zjx9soaFe6Wy638ucFHQnYznNaYA==
X-Firefox-Spdy: h2

thebetterdealss.com/Campaign/Casino/Canada-EN/Casino-14-TY-3/562b1a8e5aab3041b04ffe62c956ca5f.static.png

54.230.111.17

200 OK

119 kB

URL HTTP/2
thebetterdealss.com/Campaign/Casino/Canada-EN/Casino-14-TY-3/562b1a8e5aab3041b04ffe62c956ca5f.static.png
IP
54.230.111.17:0
ASN
#16509 AMAZON-02

File type
PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced\012- data
Size
119 kB (118696 bytes)
Hash
5e81ef327f6ce63e76742ef5b890d99f
6ebcf6b775c0ef4b5aa157b53872cde5ef87be27
e76f6a31d1bac8cbdca494b6c27ea2c9b64dcd320d09c179c159378d55356aee

HTTP Headers

GET /Campaign/Casino/Canada-EN/Casino-14-TY-3/562b1a8e5aab3041b04ffe62c956ca5f.static.png HTTP/1.1
Host: thebetterdealss.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebetterdealss.com/Campaign/Casino/Canada-EN/Casino-14-TY-3/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 118696
x-amz-meta-origin-date-iso8601: 2022-01-14T19:54:30.840Z
last-modified: Fri, 13 May 2022 18:57:31 GMT
server: AmazonS3
date: Thu, 20 Oct 2022 04:56:27 GMT
etag: "5e81ef327f6ce63e76742ef5b890d99f"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: xDEgS8q49HrUh7lS0E5D7OIPWEnl5ck_AU-Arg-LjAiJ9pALUdYUtg==
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.115

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Thu, 20 Oct 2022 04:43:40 GMT
Cache-Control: max-age=3600
Expires: Thu, 20 Oct 2022 05:15:35 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 5qrZTETBMuAXt9o8SaTbGey7zCZG7v-WP2YSZBsdk5TBljmQJdahCw==
Age: 766

thebetterdealss.com/Campaign/Casino/Canada-EN/Casino-14-TY-3/4c0948bf4f4c9251986ffd7516631834.static.js

54.230.111.17

200 OK

645 B

URL HTTP/2
thebetterdealss.com/Campaign/Casino/Canada-EN/Casino-14-TY-3/4c0948bf4f4c9251986ffd7516631834.static.js
IP
54.230.111.17:0
ASN
#16509 AMAZON-02

File type
ASCII text
Size
645 B (645 bytes)
Hash
ba05dd08407d90513d7ea64622f94fab
e42b779a85d18f5df3ee6744ac719b1c92c8b26e
32810073d4833635f8add044979b297aa848543a22c3c5d24a3b07486ec21587

HTTP Headers

GET /Campaign/Casino/Canada-EN/Casino-14-TY-3/4c0948bf4f4c9251986ffd7516631834.static.js HTTP/1.1
Host: thebetterdealss.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebetterdealss.com/Campaign/Casino/Canada-EN/Casino-14-TY-3/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/x-javascript
content-length: 645
x-amz-meta-origin-date-iso8601: 2022-01-14T21:00:11.083Z
last-modified: Fri, 13 May 2022 18:57:22 GMT
server: AmazonS3
date: Thu, 20 Oct 2022 04:56:27 GMT
etag: "ba05dd08407d90513d7ea64622f94fab"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: L-0kpgg1F7riIQ2emX6tEpU5xW_fSPMa-XCfnTPurJfOw7jZ2rV4YQ==
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

172.217.21.170

200 OK

31 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
IP
172.217.21.170:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (65447)
Size
31 kB (31017 bytes)
Hash
7808e0e4b7a714230373852158500533
4a79d18722a68a2f38d52e2d3a11b550bdd30b3c
8ba5796bee6a065b8b31895e7e8d59ba564cfd36d2ce056e327588e67736f054

HTTP Headers

GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebetterdealss.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31017
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 17 Oct 2022 09:42:03 GMT
expires: Tue, 17 Oct 2023 09:42:03 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 242063
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
18b23741e87ccf9a70227948d53e0fbc
d6846eec3c338e846612a76aae25679218180cdf
9dc13eae0a47c289dbe396d64d2120b77886ee84b809c6902feef5a72547351d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6174
Cache-Control: max-age=144687
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 04:56:26 GMT
Etag: "63504f0b-117"
Expires: Fri, 21 Oct 2022 21:07:53 GMT
Last-Modified: Wed, 19 Oct 2022 19:24:59 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 279

www.googletagmanager.com/gtm.js?id=GTM-M7SJHXC

142.250.74.168

200 OK

38 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-M7SJHXC
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1850)
Size
38 kB (37929 bytes)
Hash
b800d1b4ad5d1618c259852c9edb7f29
b8d9e1bfe98ae6da05ea3178bb9ddd661791c04c
965860edb9ed7a5a4b3557e4a59961bd8e4f82ba8f18d299987090940e421b57

HTTP Headers

GET /gtm.js?id=GTM-M7SJHXC HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebetterdealss.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 20 Oct 2022 04:56:26 GMT
expires: Thu, 20 Oct 2022 04:56:26 GMT
cache-control: private, max-age=900
last-modified: Thu, 20 Oct 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 37929
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
62fc1aa250922e13956facbf8071aebb
111e2978b9e6931f7ba9ee3beac67d1af7bf8c92
1d0de3a88ad67da5ba748190f997994299058b77fff93caa24f4c611b3dec560

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2525
Cache-Control: max-age=100346
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 04:56:26 GMT
Etag: "634fb017-1d7"
Expires: Fri, 21 Oct 2022 08:48:52 GMT
Last-Modified: Wed, 19 Oct 2022 08:06:47 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7d3049667c1a65b13995652bad0748a5
3e74f4761dfedb4511db7aa1b35ffa17fcb5535c
e19690b3e0e53e52ec5374d01b2d89fa0f234c242d089574d61f3f1c737eb5a8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 04:56:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

thebetterdealss.com/zone?&pub=0&zone_id=4495707&is_mobile=false&domain=thebetterdealss.com&var=&ymid=&var_3=&dsig=&action=prerequest

54.230.111.17

403 Forbidden

1.1 kB

URL HTTP/2
thebetterdealss.com/zone?&pub=0&zone_id=4495707&is_mobile=false&domain=thebetterdealss.com&var=&ymid=&var_3=&dsig=&action=prerequest
IP
54.230.111.17:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
1.1 kB (1053 bytes)
Hash
177025c3e79adf5b3a05f20edfd000ae
7f9f0515c0cb38b24fa7f2d969968d09cf5b39da
1a3b4cce4d9166fcb1738decbbf14ca1cd1d8665b1c5f2e4073ac4ef5ca0aa9e

HTTP Headers

POST /zone?&pub=0&zone_id=4495707&is_mobile=false&domain=thebetterdealss.com&var=&ymid=&var_3=&dsig=&action=prerequest HTTP/1.1
Host: thebetterdealss.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://thebetterdealss.com
Connection: keep-alive
Referer: https://thebetterdealss.com/Campaign/Casino/Canada-EN/Casino-14-TY-3/index.html
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers

HTTP/2 403 Forbidden
server: CloudFront
date: Thu, 20 Oct 2022 04:56:26 GMT
content-type: text/html
content-length: 1053
x-cache: Error from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: RnISDh8jhjLWo-ZpJT7dC_oD2Xwr5qTkFOOSJu2h_nh-pzsjF6CJ2Q==
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
05025e12c744a753bae14903a181bc6f
309a7f4e7837c166679406f9504d85430f06a4ba
bd1969739779b443a44c3cc6ec601115d14a19374c9a3f1becc197fa70daaa16

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 04:56:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
82571dc3b59726a8e88def1043dd5dc2
ee071d908b0d2e32f05c1f82ccf7c620dc4e8015
5f0d328ff3c1a099fc8a405c0ef33168dbdb6fdec93d0db8ea9c0b7795ad7e34

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 20 Oct 2022 04:56:26 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 17 Oct 2022 06:25:19 GMT
Expires: Mon, 24 Oct 2022 06:25:18 GMT
Etag: "ee071d908b0d2e32f05c1f82ccf7c620dc4e8015"
Cache-Control: max-age=350331,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75cf2abd7e35b512-OSL

thebetterdealss.com/Campaign/Casino/Canada-EN/Casino-14-TY-3/index.html

54.230.111.17

200 OK

5.3 kB

URL HTTP/2
thebetterdealss.com/Campaign/Casino/Canada-EN/Casino-14-TY-3/index.html
IP
54.230.111.17:0
ASN
#16509 AMAZON-02

File type
data
Size
5.3 kB (5345 bytes)
Hash
f85bdbf85e199e94fc246e7aeaea0493
14e1ea63c60b5a74da2f062cf0f897bd2b791a14
c3cd3b46b4546fe1dbd9d2d800d7a77a93cc309c0b2983123cf0504d52eeeb5e

HTTP Headers

GET /Campaign/Casino/Canada-EN/Casino-14-TY-3/index.html HTTP/1.1
Host: thebetterdealss.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
content-type: text/html
last-modified: Tue, 18 Oct 2022 18:00:27 GMT
server: AmazonS3
content-encoding: gzip
date: Thu, 20 Oct 2022 04:56:27 GMT
etag: W/"b9d3ed57df0497e021c8ad0c049aa136"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: KUmfjD6DcHzlkK9jniFW-oKSkv7yZOC4bpqV40cxXACmL6-SLIUnZw==
X-Firefox-Spdy: h2

my.rtmark.net/gid.js?pub=0&userId=&zoneId=4495707&checkDuplicate=true&ymid=&var=

139.45.195.8

200 OK

65 B

URL HTTP/2
my.rtmark.net/gid.js?pub=0&userId=&zoneId=4495707&checkDuplicate=true&ymid=&var=
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
65 B (65 bytes)
Hash
44d932c08ef2da981eceb1629ec7ea6d
d7a974df49ddbc0cdf05223a99e8dec09512e180
a3a00ada92d0bb1b5523c6cf4046a98d2bde2339d8d15704f062aeeb3a780384

HTTP Headers

GET /gid.js?pub=0&userId=&zoneId=4495707&checkDuplicate=true&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://thebetterdealss.com/
Origin: https://thebetterdealss.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 20 Oct 2022 04:56:26 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://thebetterdealss.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=ea6c5cba22104bc5a67affe79a82c566; expires=Fri, 20 Oct 2023 04:56:26 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

thebetterdealss.com/Campaign/Casino/Canada-EN/Casino-14-TY-3/in_css_34d506b688dd263f9470dc2315529716.static.jpg

54.230.111.17

200 OK

56 kB

URL HTTP/2
thebetterdealss.com/Campaign/Casino/Canada-EN/Casino-14-TY-3/in_css_34d506b688dd263f9470dc2315529716.static.jpg
IP
54.230.111.17:0
ASN
#16509 AMAZON-02

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1080, components 3\012- data
Size
56 kB (56400 bytes)
Hash
daed3767de815d8c15505c86b978dfbf
2e238bd17a590a987f15c6762185b7e3e58e048e
2596ca41818504ef1d96465d290b129676e812d8b3b09e1b731a690d8d35af50

HTTP Headers

GET /Campaign/Casino/Canada-EN/Casino-14-TY-3/in_css_34d506b688dd263f9470dc2315529716.static.jpg HTTP/1.1
Host: thebetterdealss.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebetterdealss.com/Campaign/Casino/Canada-EN/Casino-14-TY-3/03a2f250c19db9fd62bacac660640af3.static.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 56400
x-amz-meta-origin-date-iso8601: 2021-10-10T13:09:38.000Z
last-modified: Fri, 13 May 2022 18:57:37 GMT
server: AmazonS3
date: Thu, 20 Oct 2022 04:56:27 GMT
etag: "daed3767de815d8c15505c86b978dfbf"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: fRt9C_TxzYvu0wGddtoBLrdVSavlSnfypMuv0I5HMeEiTi3Snf7WJg==
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
11270d5247cedb61b214e58ff674360f
fb701b760da3412c3fc26eed4fbd4f30f8d02097
3a8c4b7fb6ebf8b9e9afa3176977c8cc594bd0f76e4c8d64fe5d00e2048de7bf

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3A8C4B7FB6EBF8B9E9AFA3176977C8CC594BD0F76E4C8D64FE5D00E2048DE7BF"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3408
Expires: Thu, 20 Oct 2022 05:53:14 GMT
Date: Thu, 20 Oct 2022 04:56:26 GMT
Connection: keep-alive

thebetterdealss.com/zone?&pub=0&zone_id=4495707&is_mobile=false&domain=thebetterdealss.com&var=&ymid=&var_3=&dsig=&action=settings

54.230.111.17

404 Not Found

809 B

URL HTTP/2
thebetterdealss.com/zone?&pub=0&zone_id=4495707&is_mobile=false&domain=thebetterdealss.com&var=&ymid=&var_3=&dsig=&action=settings
IP
54.230.111.17:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Size
809 B (809 bytes)
Hash
a2d9253fb772384c3019e2ecc3e9e32f
4b8918f726ada95a50218b229ddfa2ad2b4e9288
f3bd8f754d9f8b808694ac7175a5001587bd0b5d73e1ef0792fe467831ad6bac

HTTP Headers

GET /zone?&pub=0&zone_id=4495707&is_mobile=false&domain=thebetterdealss.com&var=&ymid=&var_3=&dsig=&action=settings HTTP/1.1
Host: thebetterdealss.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://thebetterdealss.com/Campaign/Casino/Canada-EN/Casino-14-TY-3/index.html
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-type: text/html
content-length: 809
last-modified: Mon, 17 Oct 2022 17:21:55 GMT
etag: "a2d9253fb772384c3019e2ecc3e9e32f"
x-amz-error-code: NoSuchKey
x-amz-error-message: The specified key does not exist.
x-amz-error-detail-key: zone
date: Thu, 20 Oct 2022 04:56:26 GMT
server: AmazonS3
x-cache: Error from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: p5nT3MY1_NO9gbFpderSNTHL3EQoBI0Uvwwgq-ywx0v5qLLAeda2Yw==
X-Firefox-Spdy: h2

trk.thebetterdealz.com/d/.js?lpref=&lpurl=https%3A%2F%2Fthebetterdealss.com%2FCampaign%2FCasino%2FCanada-EN%2FCasino-14-TY-3%2Findex.html%23&lpt=DAILY%20JACKPOTS!&t=1666241796766

18.184.38.55

400 Bad Request

152 B

URL HTTP/2
trk.thebetterdealz.com/d/.js?lpref=&lpurl=https%3A%2F%2Fthebetterdealss.com%2FCampaign%2FCasino%2FCanada-EN%2FCasino-14-TY-3%2Findex.html%23&lpt=DAILY%20JACKPOTS!&t=1666241796766
IP
18.184.38.55:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Size
152 B (152 bytes)
Hash
d9bacc468aa23334526933389545e120
e26288b4bada404ce340ca72989f9f1193dc649c
0605685efb44dd3decd77517436c575731b61f807247587de67080c579ffa2d4

HTTP Headers

GET /d/.js?lpref=&lpurl=https%3A%2F%2Fthebetterdealss.com%2FCampaign%2FCasino%2FCanada-EN%2FCasino-14-TY-3%2Findex.html%23&lpt=DAILY%20JACKPOTS!&t=1666241796766 HTTP/1.1
Host: trk.thebetterdealz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebetterdealss.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 400 Bad Request
server: nginx
date: Thu, 20 Oct 2022 04:56:26 GMT
content-type: text/html
content-length: 152
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
X-Firefox-Spdy: h2

push.services.mozilla.com/

34.215.56.181

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.215.56.181:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: uF+0vvxDfZvau6RZgeAmbw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: maNPLYoLyEuV+lUYgYAZrvXFfq4=

shaumtol.com/pfe/current/micro.tag.min.js?z=4492922&ymid=null&var=null&sw=/sw-check-permissions-a7c35.js

139.45.197.250

200 OK

27 kB

URL HTTP/2
shaumtol.com/pfe/current/micro.tag.min.js?z=4492922&ymid=null&var=null&sw=/sw-check-permissions-a7c35.js
IP
139.45.197.250:0
ASN
#9002 RETN Limited

File type
data
Size
27 kB (26560 bytes)
Hash
3dfd30f2c9014d803845be34379f6c31
d8cf10bdb36f4a69fe44b7e716dec12fa81c644a
62fff616d17391f46ba32d43e5de48ccbe4ef6f9a8055cc6c58e1f001f3fc974

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pfe/current/micro.tag.min.js?z=4492922&ymid=null&var=null&sw=/sw-check-permissions-a7c35.js HTTP/1.1
Host: shaumtol.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebetterdealss.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 20 Oct 2022 04:56:26 GMT
content-type: application/javascript
last-modified: Tue, 18 Oct 2022 10:49:49 GMT
etag: W/"634e84cd-126ff"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

my.rtmark.net/img.gif?f=sync&partner=567737222dc141f78a16cbadcf8efe9b0e8ae6469c9c147e48b2bbca746e3cd8&ttl=&rurl=https%3A%2F%2Fthebetterdealss.com%2FCampaign%2FCasino%2FCanada-EN%2FCasino-14-TY-3%2Findex.html%23

139.45.195.8

200 OK

43 B

URL HTTP/2
my.rtmark.net/img.gif?f=sync&partner=567737222dc141f78a16cbadcf8efe9b0e8ae6469c9c147e48b2bbca746e3cd8&ttl=&rurl=https%3A%2F%2Fthebetterdealss.com%2FCampaign%2FCasino%2FCanada-EN%2FCasino-14-TY-3%2Findex.html%23
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

HTTP Headers

GET /img.gif?f=sync&partner=567737222dc141f78a16cbadcf8efe9b0e8ae6469c9c147e48b2bbca746e3cd8&ttl=&rurl=https%3A%2F%2Fthebetterdealss.com%2FCampaign%2FCasino%2FCanada-EN%2FCasino-14-TY-3%2Findex.html%23 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebetterdealss.com/
Cookie: ID=ea6c5cba22104bc5a67affe79a82c566
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 20 Oct 2022 04:56:27 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=ea6c5cba22104bc5a67affe79a82c566; expires=Fri, 20 Oct 2023 04:56:27 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

region1.google-analytics.com/g/collect?v=2&tid=G-N55404SP04&gtm=2oeah0&_p=1244946247&cid=1337237638.1666241797&ul=en-us&sr=1280x1024&_s=1&sid=1666241796&sct=1&seg=0&dl=https%3A%2F%2Fthebetterdealss.com%2FCampaign%2FCasino%2FCanada-EN%2FCasino-14-TY-3%2Findex.html&dt=DAILY%20JACKPOTS!&en=page_view&_fv=1&_nsi=1&_ss=1

216.239.32.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-N55404SP04&gtm=2oeah0&_p=1244946247&cid=1337237638.1666241797&ul=en-us&sr=1280x1024&_s=1&sid=1666241796&sct=1&seg=0&dl=https%3A%2F%2Fthebetterdealss.com%2FCampaign%2FCasino%2FCanada-EN%2FCasino-14-TY-3%2Findex.html&dt=DAILY%20JACKPOTS!&en=page_view&_fv=1&_nsi=1&_ss=1
IP
216.239.32.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-N55404SP04&gtm=2oeah0&_p=1244946247&cid=1337237638.1666241797&ul=en-us&sr=1280x1024&_s=1&sid=1666241796&sct=1&seg=0&dl=https%3A%2F%2Fthebetterdealss.com%2FCampaign%2FCasino%2FCanada-EN%2FCasino-14-TY-3%2Findex.html&dt=DAILY%20JACKPOTS!&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://thebetterdealss.com
Connection: keep-alive
Referer: https://thebetterdealss.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://thebetterdealss.com
date: Thu, 20 Oct 2022 04:56:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dcbf142b7958e83961fc03b9676d1fc6
930f67e486f95de63450b6d73d1957aac204fb43
9194e452419c2c850073f3dc2d2b23d759dd793b9a0d881cb7b6d862d54805b1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9194E452419C2C850073F3DC2D2B23D759DD793B9A0D881CB7B6D862D54805B1"
Last-Modified: Wed, 19 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21317
Expires: Thu, 20 Oct 2022 10:51:45 GMT
Date: Thu, 20 Oct 2022 04:56:28 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dcbf142b7958e83961fc03b9676d1fc6
930f67e486f95de63450b6d73d1957aac204fb43
9194e452419c2c850073f3dc2d2b23d759dd793b9a0d881cb7b6d862d54805b1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9194E452419C2C850073F3DC2D2B23D759DD793B9A0D881CB7B6D862D54805B1"
Last-Modified: Wed, 19 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21317
Expires: Thu, 20 Oct 2022 10:51:45 GMT
Date: Thu, 20 Oct 2022 04:56:28 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dcbf142b7958e83961fc03b9676d1fc6
930f67e486f95de63450b6d73d1957aac204fb43
9194e452419c2c850073f3dc2d2b23d759dd793b9a0d881cb7b6d862d54805b1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9194E452419C2C850073F3DC2D2B23D759DD793B9A0D881CB7B6D862D54805B1"
Last-Modified: Wed, 19 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21317
Expires: Thu, 20 Oct 2022 10:51:45 GMT
Date: Thu, 20 Oct 2022 04:56:28 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67e511de-4645-4af5-8c48-e662c0c8a54b.jpeg

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67e511de-4645-4af5-8c48-e662c0c8a54b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10237 bytes)
Hash
6ade21554dc39ead350de30c95b27da4
646d0636b09f0432821ed1cfd8c842d3901e49c3
cd8a878e413595ffd88ad706ba9fea7cfd7ad49e1723f276e37cd33b023596eb

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67e511de-4645-4af5-8c48-e662c0c8a54b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10237
x-amzn-requestid: c30f14d4-a7fa-46ff-872f-1ed9053317c9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aRX9dHfhoAMF6_w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63506d22-295f032a518f847e4323fa46;Sampled=0
x-amzn-remapped-date: Wed, 19 Oct 2022 21:33:22 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: PLFgB_bE4YKZgpWh4xeOg9n9C9Yje1A-8hdWNt1qDma4y5QyGtOX1w==
via: 1.1 a8e5d5aeee6eacca5c379e5059b1f68c.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Wed, 19 Oct 2022 21:56:00 GMT
age: 25228
etag: "646d0636b09f0432821ed1cfd8c842d3901e49c3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62f5f540-31b5-4aa6-b4cc-525320d668bb.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.3 kB (5271 bytes)
Hash
4ab69334daf0ae01ea1464a1bf94f59c
37f9e5e45a2f1a772be738c1b26fa33beb0b7841
407ad50be96152f0123551811bc70e796f4d143650e6c36e7fe9f5baf5b29b76

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62f5f540-31b5-4aa6-b4cc-525320d668bb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5271
x-amzn-requestid: bc46c571-22e9-44dd-87cd-70e205b0b60e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aRX9KFQVIAMFqqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63506d20-4cd2c717604ae52a6cde9b99;Sampled=0
x-amzn-remapped-date: Wed, 19 Oct 2022 21:33:20 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: v3r_XvpoXUqu2e4l44vAoa-Ktug5wXQIVt9xfvtjqw-Eb4lmxH4yng==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 19 Oct 2022 21:51:14 GMT
age: 25514
etag: "37f9e5e45a2f1a772be738c1b26fa33beb0b7841"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2af2b9dc-3279-48a4-b300-2aca0a094dd4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.1 kB (8120 bytes)
Hash
3ac5c50f8ffe0da11f1adb9f67d811cf
2b586d1c26208d6fe7df3a4cec286e28f21807ca
12414dcf4afa766503c9328fe626c2d1317a0d6838887e0dd30e9b56e85ea3d2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2af2b9dc-3279-48a4-b300-2aca0a094dd4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8120
x-amzn-requestid: 42dc2299-203a-4269-a252-e239978fe80d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z7EhLHX0IAMF89g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6347813a-1357899758d9403e4b920418;Sampled=0
x-amzn-remapped-date: Thu, 13 Oct 2022 03:08:42 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: flB2uCMeuA1ccXaitzB0OqhRSdlChu6JWWGnfIUfYeIPkOht4drfTQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 20 Oct 2022 04:39:55 GMT
age: 993
etag: "2b586d1c26208d6fe7df3a4cec286e28f21807ca"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F045386d1-e047-4765-9e94-5759a6e150ff.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (12619 bytes)
Hash
6aab32061ed1479f801057d229980206
297369f45777ff3b2d96df32bd7fca23080683c0
e3a83259363357bcc2a20d9214ed817117b5fff5275137b7809c43b8347afb7c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F045386d1-e047-4765-9e94-5759a6e150ff.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12619
x-amzn-requestid: aea0d009-2c65-4d37-a2ac-283f7ba466a6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aLiDoExqIAMFoaA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634e16e3-0ce333fd119ef9864444cc87;Sampled=0
x-amzn-remapped-date: Tue, 18 Oct 2022 03:00:51 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: kNFpNLy5V79CPutEmcP8RIMsBgRE3fquiAWVtvCDdU5uTb8TZPleKQ==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Thu, 20 Oct 2022 04:21:07 GMT
age: 2121
etag: "297369f45777ff3b2d96df32bd7fca23080683c0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab5d17f5-6084-45a5-9677-8ae8646d6ee1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.6 kB (9607 bytes)
Hash
81216ad70664e969888ae7b13871fda0
6b15c7d7abb9ff1cc040853401ad5a39f81c19a4
7294e93d890b4c8eeb8383a67aac0be8b88cac5e0882865c9f38ade713157799

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab5d17f5-6084-45a5-9677-8ae8646d6ee1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9607
x-amzn-requestid: 590b20a6-039c-4c25-a61a-5f579c5b31f2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aRZj6HZ7oAMFsSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63506fb2-04b740c442ae735347b4e2c3;Sampled=0
x-amzn-remapped-date: Wed, 19 Oct 2022 21:44:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: bL5fVog2SuW8ZNt9a0ECc8jwcAELUBVo63LXPovdnIRxCRnsMWVvvQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 19 Oct 2022 21:49:50 GMT
age: 25598
etag: "6b15c7d7abb9ff1cc040853401ad5a39f81c19a4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F638eac9f-fba9-43ad-a54e-d70a9233253b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.6 kB (5566 bytes)
Hash
4b38fcf82dcb60f48ee2b0df158d2eb6
14207b4845fc4c2c72a18a77cbcbe5f50aa9056e
4cff326ed72c61a05f1150ac1a5423b006915bbb25dfaa11dadab2c24e71de1a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F638eac9f-fba9-43ad-a54e-d70a9233253b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5566
x-amzn-requestid: 0eb4a0a4-9659-4c49-81d4-cd605eceed66
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aRZKGEwzIAMFVbA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63506f0d-0bc0a25f4f5b1e893f448ae2;Sampled=0
x-amzn-remapped-date: Wed, 19 Oct 2022 21:41:33 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: CYc4z6vU4jFleVwO0v7iD4CI7Ic5YgqMfqgAFCw8OEOtwMouN8zzbw==
via: 1.1 c07670802688417c8b871124c547eb0a.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Wed, 19 Oct 2022 22:03:55 GMT
age: 24753
etag: "14207b4845fc4c2c72a18a77cbcbe5f50aa9056e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

thebetterdealss.com/Campaign/Casino/Canada-EN/Casino-14-TY-3/b381167682fc24f7d21b80139356c31d.static.js

54.230.111.17

200 OK

0 B

URL HTTP/2
thebetterdealss.com/Campaign/Casino/Canada-EN/Casino-14-TY-3/b381167682fc24f7d21b80139356c31d.static.js
IP
54.230.111.17:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /Campaign/Casino/Canada-EN/Casino-14-TY-3/b381167682fc24f7d21b80139356c31d.static.js HTTP/1.1
Host: thebetterdealss.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebetterdealss.com/Campaign/Casino/Canada-EN/Casino-14-TY-3/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/x-javascript
x-amz-meta-origin-date-iso8601: 2021-10-10T13:09:36.000Z
last-modified: Fri, 13 May 2022 18:57:20 GMT
server: AmazonS3
content-encoding: br
date: Thu, 20 Oct 2022 04:56:27 GMT
etag: W/"c9f5aeeca3ad37bf2aa006139b935f0a"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: evZkda0GK9WJ6vkoa-ZOMKzsRs6OCrK5khSR64bp76RWOgMDEmRErg==
X-Firefox-Spdy: h2

thebetterdealss.com/Campaign/Casino/Canada-EN/Casino-14-TY-3/f25504e7888a55c8f51cf4674240e55f.static.js?z=4495707&sw=/sw-check-permissions-3a841.js

54.230.111.17

200 OK

0 B

URL HTTP/2
thebetterdealss.com/Campaign/Casino/Canada-EN/Casino-14-TY-3/f25504e7888a55c8f51cf4674240e55f.static.js?z=4495707&sw=/sw-check-permissions-3a841.js
IP
54.230.111.17:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /Campaign/Casino/Canada-EN/Casino-14-TY-3/f25504e7888a55c8f51cf4674240e55f.static.js?z=4495707&sw=/sw-check-permissions-3a841.js HTTP/1.1
Host: thebetterdealss.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebetterdealss.com/Campaign/Casino/Canada-EN/Casino-14-TY-3/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/x-javascript
x-amz-meta-origin-date-iso8601: 2021-10-10T13:09:36.000Z
last-modified: Fri, 13 May 2022 18:57:38 GMT
server: AmazonS3
content-encoding: br
date: Thu, 20 Oct 2022 04:56:27 GMT
etag: W/"221a4875f104c38145363ac8d0c34223"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: o68of_Bi5Rg1gOiMQrGzLCjaEkjKEJLWJYRqOJcBD8AXkXOvlg6MPw==
X-Firefox-Spdy: h2

thebetterdealss.com/Campaign/Casino/Canada-EN/Casino-14-TY-3/ae50ba77acae77ced1d303cb70026f9b.static.css

54.230.111.17

200 OK

0 B

URL HTTP/2
thebetterdealss.com/Campaign/Casino/Canada-EN/Casino-14-TY-3/ae50ba77acae77ced1d303cb70026f9b.static.css
IP
54.230.111.17:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /Campaign/Casino/Canada-EN/Casino-14-TY-3/ae50ba77acae77ced1d303cb70026f9b.static.css HTTP/1.1
Host: thebetterdealss.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebetterdealss.com/Campaign/Casino/Canada-EN/Casino-14-TY-3/index.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
x-amz-meta-origin-date-iso8601: 2021-10-10T13:09:38.000Z
last-modified: Fri, 13 May 2022 18:57:31 GMT
server: AmazonS3
content-encoding: br
date: Thu, 20 Oct 2022 04:56:27 GMT
etag: W/"ec3bb52a00e176a7181d454dffaea219"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 32wK-NDfGs-cxCxJiFcyBLQM46UWT4cObL-LjBBxJ3KwQDgldD06_Q==
X-Firefox-Spdy: h2

thebetterdealss.com/Campaign/Casino/Canada-EN/Casino-14-TY-3/03a2f250c19db9fd62bacac660640af3.static.css

54.230.111.17

200 OK

0 B

URL HTTP/2
thebetterdealss.com/Campaign/Casino/Canada-EN/Casino-14-TY-3/03a2f250c19db9fd62bacac660640af3.static.css
IP
54.230.111.17:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /Campaign/Casino/Canada-EN/Casino-14-TY-3/03a2f250c19db9fd62bacac660640af3.static.css HTTP/1.1
Host: thebetterdealss.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebetterdealss.com/Campaign/Casino/Canada-EN/Casino-14-TY-3/index.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
x-amz-meta-origin-date-iso8601: 2021-10-10T13:09:38.000Z
last-modified: Fri, 13 May 2022 18:57:34 GMT
server: AmazonS3
content-encoding: br
date: Thu, 20 Oct 2022 04:56:27 GMT
etag: W/"85f5243aa29794da8e981c44feae0346"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ldOrvDsECW4gEE9fdHE1gojcfeYUOUM0Umzob446UhFqzs9DpEkVAQ==
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (26)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations