Report - oxbet.top/

Report Overview

Submitted URL
oxbet.top/
IP
104.21.95.75
ASN
#13335 CLOUDFLARENET
Submitted
2022-11-28 04:33:13
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
130

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
api-iw.gwapigores.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	10 kB	172.67.188.97
secure.livechatinc.com	6541	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	576 B	5.8 kB	23.36.79.17
stats.g.doubleclick.net	96	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	701 B	142.251.1.156
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	52.42.74.230
ox1.oxbetd.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.5 kB	108 kB	172.67.147.70
cdn.livechatinc.com	6288	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.6 kB	379 kB	23.36.79.17
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	44 kB	34.120.237.76
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.9 kB	117 kB	216.58.207.195
socket.vergopjt.com	496970	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	1.4 kB	172.67.200.40
oxbet.top	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	780 B	1.3 kB	104.21.95.75
oxbet.vip	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	35 kB	4.5 MB	172.67.154.71
accounts.livechatinc.com	7698	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	492 B	1.6 kB	23.36.79.17
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	626 B	746 B	142.250.74.10
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	6.6 kB	23.36.77.32
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
cdn.onesignal.com	3015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	367 B	50 kB	104.18.226.52
maxst.icons8.com	39862	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	505 B	97 kB	185.76.9.14
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	3.8 kB	93.184.220.29
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.9 kB	15 kB	142.250.74.35
api.livechatinc.com	5353	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.1 kB	7.6 kB	23.36.79.17
asset.vergopjt.com	582747	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	365 B	235 kB	104.21.82.102

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-28	medium	oxbet.vip/_nuxt/ce56096.js	Phishing
2022-11-28	medium	oxbet.vip/_nuxt/3dc023d.js	Phishing
2022-11-28	medium	oxbet.vip/_nuxt/b21c69e.js	Phishing
2022-11-28	medium	oxbet.vip/_nuxt/69248e1.js	Phishing
2022-11-28	medium	oxbet.vip/_nuxt/fonts/UTMTalling.f50d3a1.woff2	Phishing
2022-11-28	medium	oxbet.vip/_nuxt/fonts/UTMTallingBold.6eb76d0.woff2	Phishing
2022-11-28	medium	oxbet.vip/_nuxt/fonts/UTMTallingBold.c183221.woff	Phishing
2022-11-28	medium	oxbet.vip/_nuxt/7361531.js	Phishing
2022-11-28	medium	oxbet.vip/_nuxt/fonts/Mulish-ExtraBold.bc8a82a.woff2	Phishing
2022-11-28	medium	oxbet.vip/_nuxt/fonts/Mulish-Bold.ff77b88.woff2	Phishing
2022-11-28	medium	oxbet.vip/_nuxt/fonts/Mulish-Black.bdbcb91.woff2	Phishing
2022-11-28	medium	oxbet.vip/_nuxt/fonts/Rowdies-Light.9f277c9.woff2	Phishing
2022-11-28	medium	oxbet.vip/_nuxt/fonts/Rowdies-Regular.598c9df.woff2	Phishing
2022-11-28	medium	oxbet.vip/_nuxt/fonts/Mulish-ExtraLight.4b2f81f.woff2	Phishing
2022-11-28	medium	oxbet.vip/_nuxt/fonts/Mulish-Light.f7bd231.woff2	Phishing
2022-11-28	medium	oxbet.vip/_nuxt/fonts/Mulish-Regular.7bcb951.woff2	Phishing
2022-11-28	medium	oxbet.vip/_nuxt/fonts/Mulish-SemiBold.33569a7.woff2	Phishing
2022-11-28	medium	oxbet.vip/_nuxt/fonts/Rowdies-Regular.6b55de0.woff	Phishing
2022-11-28	medium	oxbet.vip/_nuxt/fonts/Rowdies-Bold.5a1a263.woff	Phishing
2022-11-28	medium	oxbet.vip/_nuxt/fonts/UTMTalling.8e8f88d.woff	Phishing
2022-11-28	medium	oxbet.vip/_nuxt/b4261be.js	Phishing
2022-11-28	medium	oxbet.vip/_nuxt/5c5ac94.js	Phishing
2022-11-28	medium	oxbet.vip/_nuxt/fonts/Mulish-ExtraLight.f21caf9.woff	Phishing
2022-11-28	medium	oxbet.vip/_nuxt/fonts/Mulish-Black.b662452.woff	Phishing
2022-11-28	medium	oxbet.vip/_nuxt/fonts/Rowdies-Bold.eb29806.woff2	Phishing
2022-11-28	medium	oxbet.vip/_nuxt/fonts/Rowdies-Light.52e8cbd.woff	Phishing
2022-11-28	medium	oxbet.vip/_nuxt/fonts/Mulish-Medium.2743919.woff2	Phishing
2022-11-28	medium	oxbet.vip/_nuxt/fonts/Mulish-Regular.6e636bd.woff	Phishing
2022-11-28	medium	oxbet.vip/_nuxt/fonts/Mulish-Bold.9f046c6.woff	Phishing
2022-11-28	medium	oxbet.vip/_nuxt/fonts/Mulish-Medium.5ff01ad.woff	Phishing
2022-11-28	medium	oxbet.vip/_nuxt/fonts/Mulish-ExtraBold.c51dfa0.woff	Phishing
2022-11-28	medium	oxbet.vip/_nuxt/fonts/Mulish-Light.04dbad6.woff	Phishing
2022-11-28	medium	oxbet.vip/_nuxt/fonts/Mulish-SemiBold.a7e5660.woff	Phishing
2022-11-28	medium	oxbet.vip/_nuxt/fonts/DelaGothicOne-Regular.7f7c99c.woff2	Phishing
2022-11-28	medium	oxbet.vip/_nuxt/fonts/Rowdies-Light.ee28a7c.ttf	Phishing
2022-11-28	medium	oxbet.vip/_nuxt/fonts/DelaGothicOne-Regular.d0051c9.woff	Phishing
2022-11-28	medium	oxbet.vip/_nuxt/f25dea7.js	Phishing
2022-11-28	medium	oxbet.vip/_nuxt/af83af1.js	Phishing
2022-11-28	medium	oxbet.vip/_nuxt/fonts/Mulish-Medium.f58d5bf.ttf	Phishing
2022-11-28	medium	oxbet.vip/assets/img/banner/video-goal-scorer-2.mp4	Phishing
2022-11-28	medium	oxbet.vip/assets/img/before-logo.svg?v=1	Phishing
2022-11-28	medium	oxbet.vip/assets/img/header/go-lobby.svg	Phishing
2022-11-28	medium	oxbet.vip/assets/img/header/a-sport.svg	Phishing
2022-11-28	medium	oxbet.vip/assets/img/header/house-3d.svg	Phishing
2022-11-28	medium	oxbet.vip/_nuxt/fonts/Mulish-Light.800a9bb.ttf	Phishing
2022-11-28	medium	oxbet.vip/assets/img/banner/video-worldcup-mb.mp4	Phishing
2022-11-28	medium	oxbet.vip/assets/img/header/icon-phone.svg	Phishing
2022-11-28	medium	oxbet.vip/_nuxt/fonts/Rowdies-Regular.0d8fa59.ttf	Phishing
2022-11-28	medium	oxbet.vip/_nuxt/fonts/DelaGothicOne-Regular.34724b5.ttf	Phishing
2022-11-28	medium	oxbet.vip/_nuxt/fonts/Mulish-Regular.d8529ef.ttf	Phishing
2022-11-28	medium	oxbet.vip/_nuxt/6581c36.js	Phishing
2022-11-28	medium	oxbet.vip/_nuxt/f9d4736.js	Phishing
2022-11-28	medium	oxbet.vip/assets/img/header/sexy-casino.svg	Phishing
2022-11-28	medium	oxbet.vip/_nuxt/fonts/Mulish-ExtraBold.4f31a7b.ttf	Phishing
2022-11-28	medium	oxbet.vip/_nuxt/fonts/Mulish-SemiBold.8185e68.ttf	Phishing
2022-11-28	medium	oxbet.vip/assets/img/header/e-sport.svg	Phishing
2022-11-28	medium	oxbet.vip/assets/img/header/e-sports.svg	Phishing
2022-11-28	medium	oxbet.vip/_nuxt/fonts/Mulish-ExtraLight.94f4f51.ttf	Phishing
2022-11-28	medium	oxbet.vip/_nuxt/fonts/Mulish-Bold.1155f3a.ttf	Phishing
2022-11-28	medium	oxbet.vip/assets/img/header/esport.svg	Phishing
2022-11-28	medium	oxbet.vip/_nuxt/fonts/UTMTallingBold.e26c826.ttf	Phishing
2022-11-28	medium	oxbet.vip/_nuxt/fonts/Mulish-Black.e5311e6.ttf	Phishing
2022-11-28	medium	oxbet.vip/assets/img/header/k-sport.svg	Phishing
2022-11-28	medium	oxbet.vip/_nuxt/fonts/UTMTalling.9cbbfe9.ttf	Phishing
2022-11-28	medium	oxbet.vip/_nuxt/fonts/Rowdies-Bold.6db5b84.ttf	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (33)

	URL	Size	First Seen	Last Seen
	api.livechatinc.com/v3.3/customer/action/get_configuration?license_id=12108984&version=940.2.2.397.242.27.2.3.7.1.5.18.0&group_id=0&jsonp=__lc_static_config	4.3 kB	2023-03-08	2023-03-11
Pretty URL api.livechatinc.com/v3.3/customer/action/get_configuration?license_id=12108984&version=940.2.2.397.242.27.2.3.7.1.5.18.0&group_id=0&jsonp=__lc_static_config IP 23.36.79.17 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:41:26 Last Seen2023-03-11 21:44:48 Times Seen1 Hash da2772fdbe58b2823a313b3d0d07c3a8 d906d4c44e3162ee037ae2494eafe5e1dbba536b bf8b1a684a6214750af83a4016c5b2fade6089688883459b85a5765df014f7a4 Loading...

	secure.livechatinc.com/customer/action/open_chat?license_id=12108984&group=0&embedded=1&widget_version=3&unique_groups=0	2.5 kB	2023-03-08	2023-03-17
Pretty URL secure.livechatinc.com/customer/action/open_chat?license_id=12108984&group=0&embedded=1&widget_version=3&unique_groups=0 IP 23.36.79.17 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:26:58 Last Seen2023-03-17 22:17:08 Times Seen1 Hash f8b3ab438ea4549d516435cc496f021a 9c2c550c2e5efeff5e1cb71211fe14f0e5687a57 3d603991241ee4ab60c33a52b97ce15789aa513eb83dd49375f10e5b77ebd748 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-5DB6KQL	123 kB	2023-03-11	2023-03-11
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-5DB6KQL IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:44:48 Last Seen2023-03-11 21:44:48 Times Seen1 Hash e391ea21690e886614efcd988548c8c4 e585de8a1439d03dae5caaa7a33d431c4b1969b4 bcaaabbe136adf9564c0f608e73fbf1b71af0dc7337045f97cee9842a4262bec Loading...

	cdn.livechatinc.com/tracking.js	87 kB	2023-03-08	2023-03-17
Pretty URL cdn.livechatinc.com/tracking.js IP 23.36.79.17 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:26:58 Last Seen2023-03-17 22:17:07 Times Seen1 Hash 72abe41f23b1a5d3b25350cc7025a805 68bb41da28f8a4e1fbb10323c837d294065f3f16 6c6c248f0a1c0823102a9421be3f864afe20dd840f1041055bbaa6420896fc3c Loading...

	api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=12108984&url=https%3A%2F%2Foxbet.vip%2F&channel_type=code&jsonp=__l11qv5ghkio	265 B	2023-03-11	2023-03-11
Pretty URL api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=12108984&url=https%3A%2F%2Foxbet.vip%2F&channel_type=code&jsonp=__l11qv5ghkio IP 23.36.79.17 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:44:48 Last Seen2023-03-11 21:44:48 Times Seen1 Hash fa0d451826646a7bf76911e9dd407637 38dd917f4a7122a07f30f42ef9f7053c031778b3 9683d3bce6798304809c01b9139d0bf0b94a79161c452ec5c0b1945fea64dc21 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-24
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-24 18:41:20 Times Seen1526 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	oxbet.vip/	646 B	2023-03-08	2023-12-28
Pretty URL oxbet.vip/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:41:26 Last Seen2023-12-28 08:28:04 Times Seen60 Hash c39ea798eb9b10d45fdc4d8912c73c7f 87b200479dc937e410375dc3f0c75ff8204bd4a2 11142be16fa310fab83f929ee3a086e2b8c2ed681ef95d521f38c1410b140b46 Loading...

	oxbet.vip/	328 B	2023-03-08	2023-10-29
Pretty URL oxbet.vip/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:41:26 Last Seen2023-10-29 23:51:25 Times Seen42 Hash 1ec4c392eefdbd3d1f296463c91fb550 a07f2fe3321967a468150459bbb86badb332cf6f 4986eff97f4f2b07258a96fd49d04cc133dc020cc08b8ad9fea555d39c5eba62 Loading...

	oxbet.vip/_nuxt/7361531.js	4.5 kB	2023-03-11	2023-03-11
Pretty URL oxbet.vip/_nuxt/7361531.js IP 172.67.154.71 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:44:48 Last Seen2023-03-11 21:44:48 Times Seen1 Hash a19b0eab43ed9d75af6711b5223fb166 aacfd22a733d1a425dbbea5ce53ab46925c3ab27 504c610f93768fc201aeeeee43321a9fd1ef8f7c400b7b0fd80f57781cf3b46c Loading...

	secure.livechatinc.com/customer/action/open_chat?license_id=12108984&group=0&embedded=1&widget_version=3&unique_groups=0	105 B	2023-03-07	2023-04-05
Pretty URL secure.livechatinc.com/customer/action/open_chat?license_id=12108984&group=0&embedded=1&widget_version=3&unique_groups=0 IP 23.36.79.17 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:18 Last Seen2023-04-05 02:06:41 Times Seen330 Hash d30bfddcdb3764a782b7c8584021d1d6 64ed02149d0db57e6c1d68992361d7c1330a663a 5a8894efd9ef253bc344f5587ea4fb4f4b8da39d4dbd49a390c2302898411623 Loading...

	oxbet.vip/_nuxt/adc378b.js	144 kB	2023-03-11	2023-03-11
Pretty URL oxbet.vip/_nuxt/adc378b.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:44:48 Last Seen2023-03-11 21:44:48 Times Seen1 Hash d21db4be1d1aeba694022061eab1c254 4aa0dab82a92cbcc03718f9a86fbee507488983f 8433a37df87bec183934253189845af5d77f7a7e16ffd5cdeb2c3268a64f026f Loading...

	cdn.onesignal.com/sdks/OneSignalSDK.js	9.1 kB	2023-03-07	2023-04-02
Pretty URL cdn.onesignal.com/sdks/OneSignalSDK.js IP 104.18.226.52 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:42 Last Seen2023-04-02 21:25:26 Times Seen2 Hash ae63ef8ff03da61fffaa7f165729897a 96a95093b2be6ed11dc11b689c728c2ec0dbe19c d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4 Loading...

	oxbet.vip/_nuxt/b21c69e.js	3.8 kB	2023-03-11	2023-03-11
Pretty URL oxbet.vip/_nuxt/b21c69e.js IP 172.67.154.71 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:44:48 Last Seen2023-03-11 21:44:48 Times Seen1 Hash 8238a20eb90e76898a71bcf3fceaaff7 4e4bb41cebdbb4cf4f0909a181e42d783ce252f2 ea98c6a513e5f92e30f3a09ceb1bcd746b9340832c25ed810188e18c264df6e2 Loading...

	unknown	0 B	2023-03-07	2024-04-25
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-25 03:43:57 Times Seen37053329 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	cdn.livechatinc.com/widget/static/js/0.0f55d8dd.chunk.js	48 kB	2023-03-08	2023-03-17
Pretty URL cdn.livechatinc.com/widget/static/js/0.0f55d8dd.chunk.js IP 23.36.79.17 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:26:58 Last Seen2023-03-17 22:17:08 Times Seen1 Hash 10a3d7ac1ed37325d3341c379ee0de69 568234e1f256abe6987b7c9965b51bbc119c0160 8250a0a8a2b63bfae72b2604bc53e7764530aa08651e7c0cb253a90a6c762a8c Loading...

	oxbet.vip/_nuxt/af83af1.js	42 kB	2023-03-11	2023-03-11
Pretty URL oxbet.vip/_nuxt/af83af1.js IP 172.67.154.71 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:44:48 Last Seen2023-03-11 21:44:48 Times Seen1 Hash f4c945f3a9aa3f9cd9c7c01029ca2715 a1f597f461cfc34d6f2f39071f8b0256b7d466a3 fed115fe1d58b591ec47b265a8ecd594c92c09d752c9ab9981afefd9be5d0d6b Loading...

	www.googletagmanager.com/gtag/js?id=UA-167110571-2&l=dataLayer&cx=c	112 kB	2023-03-11	2023-03-11
Pretty URL www.googletagmanager.com/gtag/js?id=UA-167110571-2&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:44:48 Last Seen2023-03-11 21:44:48 Times Seen1 Hash 234d9808b8fc6e57862340f2a6c7dcfa 067002ff4bb7b0b6098046a22aa121ae11ec45ef 6c061d43472a9b5842e399f32eeb8355edbeb1a0b84676b92868ed78c136c9d7 Loading...

	oxbet.vip/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js	1.2 kB	2023-03-07	2024-04-25
Pretty URL oxbet.vip/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-25 03:31:31 Times Seen54884 Hash 9e8f56e8e1806253ba01a95cfc3d392c a8af90d7482e1e99d03de6bf88fed2315c5dd728 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Loading...

	oxbet.vip/_nuxt/3dc023d.js	72 kB	2023-03-11	2023-03-11
Pretty URL oxbet.vip/_nuxt/3dc023d.js IP 172.67.154.71 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:44:48 Last Seen2023-03-11 21:44:48 Times Seen1 Hash f67ab5fc44dab4de8c612f2a3491e2e5 88e48769ed2f5014dee480bee714d78ca262e525 fc04c8b11c5e9db9eaac8f16c55d81b86f7b23d5cec5cec4b5cfe89fe88945a8 Loading...

	oxbet.vip/_nuxt/6581c36.js	333 kB	2023-03-11	2023-03-11
Pretty URL oxbet.vip/_nuxt/6581c36.js IP 172.67.154.71 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:44:48 Last Seen2023-03-11 21:44:48 Times Seen1 Hash 2d3b8258a3afe3eb92a3003befd569a8 6d76e48300ae8e6d196413fb9dfe7247651817f7 c68ad68ce92c6e7ee9705ddf54b7368f97cf4f864a7e6fd15cbe839f5f27e0ef Loading...

	api.livechatinc.com/v3.3/customer/action/get_localization?license_id=12108984&version=d4234139f0f2a5e50173b124f65938ca_726da2db317a5f56bababc35341bd393&language=vi&group_id=0&jsonp=__lc_localization	14 kB	2023-03-11	2023-03-11
Pretty URL api.livechatinc.com/v3.3/customer/action/get_localization?license_id=12108984&version=d4234139f0f2a5e50173b124f65938ca_726da2db317a5f56bababc35341bd393&language=vi&group_id=0&jsonp=__lc_localization IP 23.36.79.17 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:44:48 Last Seen2023-03-11 21:44:48 Times Seen1 Hash b94c6597b2f354b4fd6ef31d9c37329f c95fd60d3286ed29c88906a2355378fe1433732b b2f8b52ddab9fa54a063b188e02a7bdb00ab7fa17890943bd7562add881caf4e Loading...

	oxbet.vip/	2.5 kB	2023-03-11	2023-03-11
Pretty URL oxbet.vip/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:44:48 Last Seen2023-03-11 21:44:48 Times Seen1 Hash 2442e5f758ef67f02c8091efeffddb88 2036ee35945f2462f665479b88560d798e2a1656 6dd76304d302baf625a2675fc35108f8deb28d4c1ead572d227804a85fd48b25 Loading...

	oxbet.vip/_nuxt/ce56096.js	24 kB	2023-03-11	2023-03-11
Pretty URL oxbet.vip/_nuxt/ce56096.js IP 172.67.154.71 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:44:48 Last Seen2023-03-11 21:44:48 Times Seen1 Hash 9a98ae7584e843c3472ccb606d83421e a7704a3ff3123a322741389da4a84727d955b6c5 596e2f061a5c18e282de1c0574676a91cadb50183816420a04cd7c5ee2fc7af0 Loading...

	onesignal.com/api/v1/sync/57a2a772-56e4-4d19-82d3-d81c74e09d51/web?callback=__jp0	5.3 kB	2023-03-11	2023-03-11
Pretty URL onesignal.com/api/v1/sync/57a2a772-56e4-4d19-82d3-d81c74e09d51/web?callback=__jp0 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:44:48 Last Seen2023-03-11 21:44:48 Times Seen1 Hash 5dffa9d9dfc47f136aee73a83dc7f4b9 d2f1cf77d24ece69a3856ce896c84230d3992373 d7fed749a35bbf10341808fe6ae46b43e076bac7245105c5831a01174a064b32 Loading...

	oxbet.vip/_nuxt/69248e1.js	6.2 kB	2023-03-11	2023-03-11
Pretty URL oxbet.vip/_nuxt/69248e1.js IP 172.67.154.71 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:44:48 Last Seen2023-03-11 21:44:48 Times Seen1 Hash 4bfa457d77e6bfcd98e80059d249deaa a2f92d36631cf0ccf186bd7fa5c51d5d73295827 c645494c03856f7e31784cc81696212e09fc253207f9f9708992ec5b85d90ecd Loading...

	oxbet.vip/_nuxt/5c5ac94.js	214 kB	2023-03-11	2023-03-11
Pretty URL oxbet.vip/_nuxt/5c5ac94.js IP 172.67.154.71 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:44:48 Last Seen2023-03-11 21:44:48 Times Seen1 Hash 401ef362798eeeb87008a9132c18a557 89de94bb84b4bafda2f1c889f68d6ac33f7867d1 13b20d7c98e0045cdd0e4e48f59cdc995b5681f8455ba56c79846662ed6a296f Loading...

	cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514	290 kB	2023-03-07	2023-05-22
Pretty URL cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:26 Last Seen2023-05-22 12:53:59 Times Seen6 Hash 2f96824aee4bf927e734cc519e3e726d 217f9bc83ea70521ed2b8d89b8e2a1fa05cf9146 843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c Loading...

	asset.vergopjt.com/js/app.js?v=1.0.1	867 kB	2023-03-08	2023-03-14
Pretty URL asset.vergopjt.com/js/app.js?v=1.0.1 IP 104.21.82.102 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:41:26 Last Seen2023-03-14 07:05:51 Times Seen1 Hash 2d80f971d7c32e45bafc231ebd300b6f 284005eef44259311e15810f5540b149413a505a f6a8b31e04f4a485b2327f38550de470619d30ba037d3f4600b36b44a2115d13 Loading...

	www.googletagmanager.com/gtag/js?id=UA-167110571-2	112 kB	2023-03-11	2023-03-11
Pretty URL www.googletagmanager.com/gtag/js?id=UA-167110571-2 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:44:48 Last Seen2023-03-11 21:44:48 Times Seen1 Hash af24e3e75791d7382404c1d94d6e098c e33d0c6bede17027e561d7df639bda8552981b92 d5b813ec0ec39605b6c64757f4b436caa6e42cff678e1eba2e4769f69284057f Loading...

	oxbet.vip/_nuxt/b4261be.js	6.1 kB	2023-03-11	2023-03-11
Pretty URL oxbet.vip/_nuxt/b4261be.js IP 172.67.154.71 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:44:48 Last Seen2023-03-11 21:44:48 Times Seen1 Hash 9d1c93a5cbfa95b48369592c3ae7843d 3277e8528b9970b4f15ef3a5a0b5553e98e91b41 d10f7a1a13a4284f9d9cf1665bffec1c213ba7e3a10ff101421e0400a82d2660 Loading...

	cdn.livechatinc.com/widget/static/js/iframe.5a8c73ef.chunk.js	763 kB	2023-03-08	2023-03-17
Pretty URL cdn.livechatinc.com/widget/static/js/iframe.5a8c73ef.chunk.js IP 23.36.79.17 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:26:58 Last Seen2023-03-17 22:17:08 Times Seen1 Hash 662ab831ab34600ffa4072f565bdfd64 e7f7e0861c9bb1f57941cda831c2c52fedc14401 29690d84dd08e9dfa116cb620e76211695d9a189e42582e10044a44db8d1a03f Loading...

	oxbet.vip/_nuxt/f25dea7.js	75 kB	2023-03-11	2023-03-11
Pretty URL oxbet.vip/_nuxt/f25dea7.js IP 172.67.154.71 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:44:48 Last Seen2023-03-11 21:44:48 Times Seen1 Hash 6409aed229c67591a55a67ea9f272661 b66c6dfa8a580dde99c9b96f46ee16360f0c7a07 9a69f6b4e7a2bc73c5d4586de5f70d73d61fd3b6dd6f2b1596fe0b1cbca00d6f Loading...

		Size	First Seen	Last Seen
	#1 Write - d527268f5c531a7274ac885d5192ec3c	13 kB	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 21:44:48 Last Seen2023-03-11 21:44:48 Times Seen1 Hash d527268f5c531a7274ac885d5192ec3c 84cf490ab82732b817910e0ffe6ba6dce37c09b9 7ae24d38fadd953812aefb4861300e41288bc10922feddf2e5dc1f443e5ef5fa Loading...

HTTP Transactions (152)

URL IP Response Size

oxbet.top/

104.21.95.75

301 Moved Permanently

0 B

URL HTTP/1.1
oxbet.top/
IP
104.21.95.75:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: oxbet.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Mon, 28 Nov 2022 04:33:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 28 Nov 2022 05:33:01 GMT
Location: https://oxbet.top/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HURlrdo3hdWY7MR9hlL0Jav8C5jZkdEcbbVACDbvvzqytyXmENEVPj5EPSabX8Ft%2FUQgohH65BLUv%2BT2r6oPtSoLBNCrXiy%2FCphcOupm9UdFlPbgVbtYALP9re4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 771062100d861c06-OSL
alt-svc: h2=":443"; ma=60

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
150792cfc458af013998f4ef6bdf5f74
d5179b2dcb11d06f82606bf6eb6648319998d63e
72937c756d3feeae6d04a6f445398b0436bdf559f8c7437e3a3233263943900e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "72937C756D3FEEAE6D04A6F445398B0436BDF559F8C7437E3A3233263943900E"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8719
Expires: Mon, 28 Nov 2022 06:58:20 GMT
Date: Mon, 28 Nov 2022 04:33:01 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
64b2a23eab6e5ae8c010ec7242be930c
0673e4385ba01a5a245711bab96cafc34f765793
64751d193f7af72431e9689581faffcae1a30ff50ea425697b2b80ff61c87909

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5485
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:33:01 GMT
Last-Modified: Mon, 28 Nov 2022 03:01:36 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3b56944f0e5716fd4fad2ec18994d4be
61cafa4de31ba960d1145ec37272f6f6b6944e0c
4fd46b0b6a2ea24f5ce175985a3933c04b4c01bd3e32bee2e50a61a65eef7af4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4FD46B0B6A2EA24F5CE175985A3933C04B4C01BD3E32BEE2E50A61A65EEF7AF4"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7418
Expires: Mon, 28 Nov 2022 06:36:39 GMT
Date: Mon, 28 Nov 2022 04:33:01 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 28 Nov 2022 04:17:45 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 916
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: RrbG4zuI/0TOuLG1vzNy2bzEWnCGludbbKpGAnqQwsiyhzhQnIAPlu/s4PWImC2LqvlrUAjtDnk=
x-amz-request-id: 7C73XB1FR51QSSFV
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 28 Nov 2022 03:44:53 GMT
age: 2888
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:33:01 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1p5/jmSQ8lXXukU

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/jmSQ8lXXukU
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
6cd20b83aae4bc1205d20bd46ca0e05c
b42ea8b219341d6cf4a9f20e756fc470300bb546
6128aa73e9cf119d985112bf62263bfe7c50c097cd03af29e36cd476171d3bd9

HTTP Headers

POST /s/gts1p5/jmSQ8lXXukU HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:33:02 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 28 Nov 2022 04:11:12 GMT
cache-control: public,max-age=3600
age: 1310
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
a6fee11dfe1b88cd768a0ca3e2bd0c89
59cec9a44a4a92467678afe65f347f68641a2174
50870c499aae4d5dfd6df25a36cd04b6d185b66ef0590e46933984bf52e2483f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2265
Cache-Control: max-age=105095
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:33:02 GMT
Etag: "638328ac-1d7"
Expires: Tue, 29 Nov 2022 09:44:37 GMT
Last-Modified: Sun, 27 Nov 2022 09:06:52 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

52.42.74.230

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.42.74.230:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 35dvSWFSx+4JSL/0Dth2yA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: vtJmXMeUvPyOEPqVaBc4nddEz3U=

ocsp.pki.goog/s/gts1p5/jmSQ8lXXukU

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/jmSQ8lXXukU
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
6cd20b83aae4bc1205d20bd46ca0e05c
b42ea8b219341d6cf4a9f20e756fc470300bb546
6128aa73e9cf119d985112bf62263bfe7c50c097cd03af29e36cd476171d3bd9

HTTP Headers

POST /s/gts1p5/jmSQ8lXXukU HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:33:02 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

oxbet.vip/_nuxt/2da1369d363af6cf3784.app.css

172.67.154.71

200 OK

87 kB

URL HTTP/2
oxbet.vip/_nuxt/2da1369d363af6cf3784.app.css
IP
172.67.154.71:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65536), with no line terminators
Size
87 kB (87102 bytes)
Hash
3a9efb20bf0fecf735284c2f32b75e0b
e8b01a7027b28fe92b2cf45221ec9efba862ec41
fd80ac60fde9f9b75bb9df1306bfb036f09c38e71f3c82b18c79b48e9527ca1b

HTTP Headers

GET /_nuxt/2da1369d363af6cf3784.app.css HTTP/1.1
Host: oxbet.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Cookie: device=desktop; domain=https%3A%2F%2Foxbet.vip; host=oxbet.vip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:02 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Sat, 26 Nov 2022 10:57:13 GMT
etag: W/"82391-184b3958bc2"
vary: Accept-Encoding
cf-cache-status: HIT
age: 146989
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yd7tbZsIP4MdDHGTdZ07PjRGIJY2YZEkwp2hCPVFUvIUgqQwIuCUJRDhkxoVJMoHtafypTFLGb054bjZR4gx%2FGlez4nWh3qAw7XsxM%2FTrH%2BMq2lkGPkzrvRqnGM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 771062187f7eb51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

oxbet.vip/_nuxt/ce56096.js

172.67.154.71

200 OK

9.2 kB

URL HTTP/2
oxbet.vip/_nuxt/ce56096.js
IP
172.67.154.71:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (23502), with no line terminators
Size
9.2 kB (9216 bytes)
Hash
226cae6602d41692588b815ef0ed8978
be4df48422db46044ab7d1866c963afacd7da0dc
c980e1bd076cea6cf6142d1ebfab2562eeb7caa0c004fac4f377659fceb6ffe9

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_nuxt/ce56096.js HTTP/1.1
Host: oxbet.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Cookie: device=desktop; domain=https%3A%2F%2Foxbet.vip; host=oxbet.vip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:02 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Fri, 25 Nov 2022 06:57:48 GMT
etag: W/"5bf2-184ad93ffc3"
vary: Accept-Encoding
cf-cache-status: HIT
age: 237895
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F7a4E8w0tQvmmIxo6UuDFF6jP7qylbvb5uNLYwVr8w9WZYhBkgPniReQiNMOxBeKNc3lFIgUX6naCzobEo6%2BytEdDfEK9OgJkX7k91Y0OQutL1sIJ%2BAPolc8Mps%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77106218d830b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
7505e6a6ec5b5b89eff187cd1e7b73dc
f2407e16efbe99af301250a98e08948199d66225
bca5c29d185ab671d9b97a74c815da37ff5e2a7baa5e1555d272d784b4221236

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4193
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:33:03 GMT
Last-Modified: Mon, 28 Nov 2022 03:23:10 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 279

oxbet.vip/_nuxt/3dc023d.js

172.67.154.71

200 OK

16 kB

URL HTTP/2
oxbet.vip/_nuxt/3dc023d.js
IP
172.67.154.71:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (65394), with no line terminators
Size
16 kB (16281 bytes)
Hash
ad777038a943a6532d996b13519b4740
61f51398f9f9efbd90b3a20a5aaee611a36e5a9e
9251bb7c50921ee7e33261e374c2d7aa53c5c5d49e72930e0c4a90cc6e0fc7ed

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_nuxt/3dc023d.js HTTP/1.1
Host: oxbet.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Cookie: device=desktop; domain=https%3A%2F%2Foxbet.vip; host=oxbet.vip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:02 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Fri, 25 Nov 2022 10:55:45 GMT
etag: W/"119af-184ae6dd8d8"
vary: Accept-Encoding
cf-cache-status: HIT
age: 223226
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t3me1SX52MBG2DSgfvnbq46%2FAUf1wEwCTqtudr8DwQXt02idoEpmB%2BpjG48C2ADoe2lCOB%2FaVCqSqG4yrKkqLbGhxTLK1jiZifDFB%2BJZhVrSLdx7BEeZBFbj9V8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77106218d82eb51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

oxbet.vip/_nuxt/b21c69e.js

172.67.154.71

200 OK

1.6 kB

URL HTTP/2
oxbet.vip/_nuxt/b21c69e.js
IP
172.67.154.71:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (3793), with no line terminators
Size
1.6 kB (1565 bytes)
Hash
a48dc78ded2726a9d1f1647174482427
065e715af0ef658602e075b2543fbdcf809a1666
94948a1c963a10d327472bb0bb3cd528ff3731bc0236c9c4fac7af04350b11ef

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_nuxt/b21c69e.js HTTP/1.1
Host: oxbet.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Cookie: device=desktop; domain=https%3A%2F%2Foxbet.vip; host=oxbet.vip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:02 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Fri, 25 Nov 2022 10:55:45 GMT
etag: W/"edd-184ae6dd8e3"
vary: Accept-Encoding
cf-cache-status: HIT
age: 223226
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rVhU8bEUix%2BRiXqswZ9RxDCc6waBKPCFd2Zmagirky5pELYFKFrfPPcswMJr5P5S5XfGM7JxSx466lYR5EbM9E3lCjQ3r4KIsmudzzuZONYokbNwc%2F6TWZhEzeM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77106218d82fb51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.onesignal.com/sdks/OneSignalSDK.js

104.18.226.52

200 OK

50 kB

URL HTTP/2
cdn.onesignal.com/sdks/OneSignalSDK.js
IP
104.18.226.52:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (9097)
Size
50 kB (49903 bytes)
Hash
1b6bf65bb136d30694e40210f65f15a3
91051c9fbfbfe87f63279c3794f945d37a8e2e2f
dacd4625e2b204ec222ca8ab11cc51460e96ef33b04e3aaad647767363242a26

HTTP Headers

GET /sdks/OneSignalSDK.js HTTP/1.1
Host: cdn.onesignal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:02 GMT
content-type: application/javascript
etag: W/"ae63ef8ff03da61fffaa7f165729897a"
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 484
expires: Thu, 01 Dec 2022 04:33:02 GMT
cache-control: public, max-age=259200
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
cf-ray: 771062199802b512-OSL
content-encoding: br
X-Firefox-Spdy: h2

oxbet.vip/_nuxt/2da1369d363af6cf3784.pages/index.css

172.67.154.71

200 OK

350 B

URL HTTP/2
oxbet.vip/_nuxt/2da1369d363af6cf3784.pages/index.css
IP
172.67.154.71:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
350 B (350 bytes)
Hash
c8a4daa7e938cd450d622bc85ce14fd1
7d4272d9c59acb14b771bcfe752bcf331e8799ad
c0f0ca0164fe6e42929350a4879077dc32508da452832cf55b913282ddb9431f

HTTP Headers

GET /_nuxt/2da1369d363af6cf3784.pages/index.css HTTP/1.1
Host: oxbet.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Cookie: device=desktop; domain=https%3A%2F%2Foxbet.vip; host=oxbet.vip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:02 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Sat, 26 Nov 2022 10:57:13 GMT
etag: W/"51-184b3958bc4"
vary: Accept-Encoding
cf-cache-status: HIT
age: 146989
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mlJZd7lCTM3M8XZn3CoNvmmzWh%2BRqgajGr2cdXXknWlj9tXwjIkILc6qPuxOwgRfHg1CA5rhnOP8njA3aq2lPY5PcMiBaI7vA2wu2lALk0ctykAScd2CP1BzurI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77106218d82db51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

oxbet.vip/_nuxt/69248e1.js

172.67.154.71

200 OK

2.0 kB

URL HTTP/2
oxbet.vip/_nuxt/69248e1.js
IP
172.67.154.71:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (6067), with no line terminators
Size
2.0 kB (2047 bytes)
Hash
f596d0243f6a87f393787d8ef4267366
7a6736c90e73935fdc561725a44646c11850a352
26c9b0851e99954ae23c53f1c446dac3399b4e4688e1ba8a93cf2d8ab9df8e61

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_nuxt/69248e1.js HTTP/1.1
Host: oxbet.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Cookie: device=desktop; domain=https%3A%2F%2Foxbet.vip; host=oxbet.vip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:02 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Fri, 25 Nov 2022 06:57:48 GMT
etag: W/"1840-184ad93ffc3"
vary: Accept-Encoding
cf-cache-status: HIT
age: 241115
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iw7c5SGA0y60O3jX3dglbSB2LV09btNGFl3Bf%2BzXzbzulQTc4XbjIVVStVP0K%2B4GBbDzjDu7UrKM4iF3P%2F5w8kkkd5FmKHgzparMPrgeJ%2BPLPPwnodmm91m8%2Bhk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77106218d832b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
773db5980b6b2db782d91a90775ace5f
7ac3e427745bd84c9629ca027966e3f4908abfe9
65ebc4a45bb5af41401f542aa675e032996ae0cdf47b40c1a7a92caeaeba62b3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=112540
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:33:03 GMT
Etag: "63834e9b-117"
Expires: Tue, 29 Nov 2022 11:48:43 GMT
Last-Modified: Sun, 27 Nov 2022 11:48:43 GMT
Server: nginx
Content-Length: 279

oxbet.vip/_nuxt/fonts/UTMTalling.f50d3a1.woff2

172.67.154.71

200 OK

11 kB

URL HTTP/2
oxbet.vip/_nuxt/fonts/UTMTalling.f50d3a1.woff2
IP
172.67.154.71:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 10884, version 1.0\012- data
Size
11 kB (10884 bytes)
Hash
f2a596bee41ef2b301297a89cef14858
2833b57207c8a8da792924b487dc182cdf429e24
a6bec3ebc9dd7e37d47185624c60d9a74fd629b6f82fab951150ce8931343dac

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_nuxt/fonts/UTMTalling.f50d3a1.woff2 HTTP/1.1
Host: oxbet.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Cookie: device=desktop; domain=https%3A%2F%2Foxbet.vip; host=oxbet.vip
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:03 GMT
content-type: font/woff2
content-length: 10884
cache-control: public, max-age=31536000
last-modified: Sat, 26 Nov 2022 10:57:13 GMT
etag: W/"2a84-184b3958bb3"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FWuOMNtVpdPWSfvpmZ3B1CEXK%2BGiFCTqipsmduVMjNM8gEs%2BENEYhLRJGwhTw43r7cPyMzbbt%2BG2yvBddRzBDj00pEXPMB%2FKS%2BVayF%2BT6lmfUXup8BxPeMNvkJo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771062187f84b51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

oxbet.vip/_nuxt/fonts/UTMTallingBold.6eb76d0.woff2

172.67.154.71

200 OK

11 kB

URL HTTP/2
oxbet.vip/_nuxt/fonts/UTMTallingBold.6eb76d0.woff2
IP
172.67.154.71:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 11000, version 1.0\012- data
Size
11 kB (11000 bytes)
Hash
e21c2a139cec43e6a52532475f197482
f827ff9fbbd1475f99cdcec0e918f273c4ad8da5
5277f56b2fb12249ac81168be2ee48a74b8107474ee6dd4db8fe825874db724f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_nuxt/fonts/UTMTallingBold.6eb76d0.woff2 HTTP/1.1
Host: oxbet.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Cookie: device=desktop; domain=https%3A%2F%2Foxbet.vip; host=oxbet.vip
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:03 GMT
content-type: font/woff2
content-length: 11000
cache-control: public, max-age=31536000
last-modified: Sat, 26 Nov 2022 10:57:13 GMT
etag: W/"2af8-184b3958bb3"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rtPGgwKv0%2FFrPslb1f14YGS3a833Dfr0Oum4%2BMLKLCaRdkfFIvgn1G%2BPySTdVVDeWA7dtuirHsoozjL4hcQcx6NGuHUn1GyUhykMuj6iyXxhPls%2FWcx%2B20wCfIw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771062187f89b51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

oxbet.vip/_nuxt/fonts/UTMTallingBold.c183221.woff

172.67.154.71

200 OK

15 kB

URL HTTP/2
oxbet.vip/_nuxt/fonts/UTMTallingBold.c183221.woff
IP
172.67.154.71:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format, TrueType, length 14948, version 0.0\012- data
Size
15 kB (14948 bytes)
Hash
0cc78e6c975dc7419f7bf15b2ff74282
b5c5ec4b3b77eaa0fd364c68306c6cfa30293f37
f12af5e60db502b3fe558b01703fb6a3d9484fbac1806af90a0827fb979ea7e8

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_nuxt/fonts/UTMTallingBold.c183221.woff HTTP/1.1
Host: oxbet.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Cookie: device=desktop; domain=https%3A%2F%2Foxbet.vip; host=oxbet.vip
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:03 GMT
content-type: font/woff
content-length: 14948
cache-control: public, max-age=31536000
last-modified: Sat, 26 Nov 2022 10:57:13 GMT
etag: W/"3a64-184b3958bb3"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k7axZc8dTIiP6AfZjTJDnA5Uaps3blbspsaHSVYZPZBnjgCMit8%2Bhtl4nmkNkzRiaGkHLm%2BVovVaz5%2B8IlDltmjBT0b6YPqVAVghPk2K5%2BJlxa%2FuSr5JdFQAQBc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771062188f93b51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
773db5980b6b2db782d91a90775ace5f
7ac3e427745bd84c9629ca027966e3f4908abfe9
65ebc4a45bb5af41401f542aa675e032996ae0cdf47b40c1a7a92caeaeba62b3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=112540
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:33:03 GMT
Etag: "63834e9b-117"
Expires: Tue, 29 Nov 2022 11:48:43 GMT
Last-Modified: Sun, 27 Nov 2022 11:48:43 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 279

oxbet.vip/_nuxt/7361531.js

172.67.154.71

200 OK

27 kB

URL HTTP/2
oxbet.vip/_nuxt/7361531.js
IP
172.67.154.71:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (4294), with no line terminators
Size
27 kB (26901 bytes)
Hash
b3e35be0327dbe266bb0e8bca8aea4eb
99c793870bce1c06250366cfdbb85bcc0ec5b6e5
a5f0751f211e85fbdfc74a3d44778f15aed1c389f4fd13421076db4a38a539c5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_nuxt/7361531.js HTTP/1.1
Host: oxbet.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Cookie: device=desktop; domain=https%3A%2F%2Foxbet.vip; host=oxbet.vip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:02 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Fri, 25 Nov 2022 06:57:48 GMT
etag: W/"1173-184ad93ffc3"
vary: Accept-Encoding
cf-cache-status: HIT
age: 237895
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PdrO84wu%2F7wkDmWfjJSgyv7hXtdTRyhkEb%2B%2FuuRdtCicKsvu2bMRIm4fEIGgFh7yQBkbSmJswK11zrUVRi5LvpKh009XPOuHpzBbAGBKANKnk3F1X%2BzlgNwtOHw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77106218d831b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

oxbet.vip/_nuxt/fonts/Mulish-ExtraBold.bc8a82a.woff2

172.67.154.71

200 OK

40 kB

URL HTTP/2
oxbet.vip/_nuxt/fonts/Mulish-ExtraBold.bc8a82a.woff2
IP
172.67.154.71:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 39648, version 1.0\012- data
Size
40 kB (39648 bytes)
Hash
f42e60aa1cbcbf53651c591fdfa23f61
f43a3ed2ae036157c2b23cf68ed86960213f2795
b4cb4eda61d1797e4a09fbe7539d053cce0e55525925915f825584352ca45c05

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_nuxt/fonts/Mulish-ExtraBold.bc8a82a.woff2 HTTP/1.1
Host: oxbet.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Cookie: device=desktop; domain=https%3A%2F%2Foxbet.vip; host=oxbet.vip
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:03 GMT
content-type: font/woff2
content-length: 39648
cache-control: public, max-age=31536000
last-modified: Sat, 26 Nov 2022 10:57:13 GMT
etag: W/"9ae0-184b3958bb3"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ry4sb809LKeGgyOwNHyOKmsvxOQBtgMVFEuenxMz0%2B7G16b86hdVxDI8I1EPLUY8x32wj2cqzNXQzfos1N6C2WHE2qVKaFbAXeIDYkB1RHQccqyVwqjnAwuerGk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771062189fc9b51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

oxbet.vip/_nuxt/fonts/Mulish-Bold.ff77b88.woff2

172.67.154.71

200 OK

39 kB

URL HTTP/2
oxbet.vip/_nuxt/fonts/Mulish-Bold.ff77b88.woff2
IP
172.67.154.71:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 39060, version 1.0\012- data
Size
39 kB (39060 bytes)
Hash
1712e70bfa5bd06a1e93fe91054fecca
ccf7a9a8328daf7a6484615495625487eadffdc2
46f1f017c704edf6b78d2add8b4d1360fa755f33fc037fa3aa77f274bd2b125b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_nuxt/fonts/Mulish-Bold.ff77b88.woff2 HTTP/1.1
Host: oxbet.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Cookie: device=desktop; domain=https%3A%2F%2Foxbet.vip; host=oxbet.vip
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:03 GMT
content-type: font/woff2
content-length: 39060
cache-control: public, max-age=31536000
last-modified: Sat, 26 Nov 2022 10:57:13 GMT
etag: W/"9894-184b3958bb3"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yPHJPG8NaogWXyZvPZ3K2j3MfbR5wAF7C54sMx9M8uiuax9Zbj4gWe%2BrPPQ7WDLgoWAvHAwWpHLs2M30W%2FS2z%2B29XVY0jjRrp%2FQnEFOPgAHCPmbwE89wPTq5mLY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771062188f98b51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5af61422c4eaa1b995ec63e463abda26
db75634681ed688840773ce828c169ac9da7d131
506791493bb08d458008ad072ac34a26c2170c1e775b83f55f20cd8af97aa895

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:33:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

oxbet.vip/_nuxt/fonts/Mulish-Black.bdbcb91.woff2

172.67.154.71

200 OK

40 kB

URL HTTP/2
oxbet.vip/_nuxt/fonts/Mulish-Black.bdbcb91.woff2
IP
172.67.154.71:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 39720, version 1.0\012- data
Size
40 kB (39720 bytes)
Hash
d3b10c9c491a007821b431cc07ad1818
22fb164a4cea8eac3e2fb6a16a246bcbae6cc414
adf8e9d2817b2126ff0a11adde8eca0635c4f0e99c8b0f523fd706542548396a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_nuxt/fonts/Mulish-Black.bdbcb91.woff2 HTTP/1.1
Host: oxbet.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Cookie: device=desktop; domain=https%3A%2F%2Foxbet.vip; host=oxbet.vip
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:03 GMT
content-type: font/woff2
content-length: 39720
cache-control: public, max-age=31536000
last-modified: Sat, 26 Nov 2022 10:57:13 GMT
etag: W/"9b28-184b3958bb3"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AxET1X8ofxH5SnNzEEroGj558aBAUFefeHHYbojla3NM1ThVSiNhAyqxZtQ2WNAwgvq0kCP3uYmv8q9g9UAHqxpIkq8GybECldd7JwX%2Fyc2YkLBZofiiYai%2F1WI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771062189fd1b51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

oxbet.vip/_nuxt/fonts/Rowdies-Light.9f277c9.woff2

172.67.154.71

200 OK

33 kB

URL HTTP/2
oxbet.vip/_nuxt/fonts/Rowdies-Light.9f277c9.woff2
IP
172.67.154.71:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 32908, version 1.0\012- data
Size
33 kB (32908 bytes)
Hash
f97ba0f56e3f9cf93e1deb60c4af4e86
e60e9560504ea149ed1ac8a5a79b2b2144c4131e
304c49f61adf967e3bdcb9287e6a4adeb286fed268bec0cea26ccee12718b59d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_nuxt/fonts/Rowdies-Light.9f277c9.woff2 HTTP/1.1
Host: oxbet.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Cookie: device=desktop; domain=https%3A%2F%2Foxbet.vip; host=oxbet.vip
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:03 GMT
content-type: font/woff2
content-length: 32908
cache-control: public, max-age=31536000
last-modified: Sat, 26 Nov 2022 10:57:13 GMT
etag: W/"808c-184b3958bb5"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z1v%2BvH4nTjB8eYbBPZzF3a5QLwJxbhjJJ6Ib9WNS4k4bE5FwCl3wi3SaBNpgDlSUjz0HnH3uzZ4rhpba7TM7CT9VV2rV43koNbH90Xixty1BEyqYjPfpXuyWsc0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77106218c81bb51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

oxbet.vip/_nuxt/fonts/Rowdies-Regular.598c9df.woff2

172.67.154.71

200 OK

33 kB

URL HTTP/2
oxbet.vip/_nuxt/fonts/Rowdies-Regular.598c9df.woff2
IP
172.67.154.71:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 32732, version 1.0\012- data
Size
33 kB (32732 bytes)
Hash
172b75f1eb1c01119d451b6df3272f0b
c02705535c7fa63de45692990bcfd532798d9368
b1624e27613d4cf55f5c48cdc988059f9e0bb83faafadc4a086615758c55ffea

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_nuxt/fonts/Rowdies-Regular.598c9df.woff2 HTTP/1.1
Host: oxbet.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Cookie: device=desktop; domain=https%3A%2F%2Foxbet.vip; host=oxbet.vip
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:03 GMT
content-type: font/woff2
content-length: 32732
cache-control: public, max-age=31536000
last-modified: Sat, 26 Nov 2022 10:57:13 GMT
etag: W/"7fdc-184b3958bb5"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h7C4c%2BdvKdt8kM8OCJV3DSvH0dwGVWkOuTHSgFn1Uo%2BuGgkdqbnSzdhz6BhWC2C%2BpqGGtZX56Od5kZGeWM2Aubqk0j48tbXlYTuNptiIQGVQ8gmxMC5AjNCcIb4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77106218c821b51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

oxbet.vip/_nuxt/fonts/Mulish-ExtraLight.4b2f81f.woff2

172.67.154.71

200 OK

38 kB

URL HTTP/2
oxbet.vip/_nuxt/fonts/Mulish-ExtraLight.4b2f81f.woff2
IP
172.67.154.71:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 37784, version 1.0\012- data
Size
38 kB (37784 bytes)
Hash
1fff0f3569060eb137c5e8780b2bd5ba
4461522ae77daf5e603f0e35a8a29c0631b71fc3
c07992a0ad818932e1b803f95336f024f32274e7abecc0acb5b71541df6de654

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_nuxt/fonts/Mulish-ExtraLight.4b2f81f.woff2 HTTP/1.1
Host: oxbet.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Cookie: device=desktop; domain=https%3A%2F%2Foxbet.vip; host=oxbet.vip
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:03 GMT
content-type: font/woff2
content-length: 37784
cache-control: public, max-age=31536000
last-modified: Sat, 26 Nov 2022 10:57:13 GMT
etag: W/"9398-184b3958bb3"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CAFG%2Fr%2F2LjNSfSMyaf0tael9lwUd0YFLMwNtD6pjN0anr7dKerabB6OOCa03ztC3CBBJhk3L%2BbfhKbEMReAQ2TVgF56ZYdazqPhT22zwbU%2B44GvxOhU6iwsGzCk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771062189fd9b51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

oxbet.vip/_nuxt/fonts/Mulish-Light.f7bd231.woff2

172.67.154.71

200 OK

39 kB

URL HTTP/2
oxbet.vip/_nuxt/fonts/Mulish-Light.f7bd231.woff2
IP
172.67.154.71:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 38972, version 1.0\012- data
Size
39 kB (38972 bytes)
Hash
d5e776cc8d9c1cd99d16fc09fe6cb1b2
9ea31e68fcb741896842343f75e07ab039432525
cc24a3d800d660f809795b400537ff812cccc9916770c159756aba012450c780

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_nuxt/fonts/Mulish-Light.f7bd231.woff2 HTTP/1.1
Host: oxbet.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Cookie: device=desktop; domain=https%3A%2F%2Foxbet.vip; host=oxbet.vip
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:03 GMT
content-type: font/woff2
content-length: 38972
cache-control: public, max-age=31536000
last-modified: Sat, 26 Nov 2022 10:57:13 GMT
etag: W/"983c-184b3958bb4"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u5CmXup8i4VufRqKfGV4SDry1Lpq8wu3eAgrrF%2BS9neJ4uZjuXSX7Zh9b%2FjHYJ7Wr2M1MQkAK5dKVtBNpIOrvw%2BK%2Fbp%2FqFRAbRf68vZuHSQzPJ2Ghwc307yP6NI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771062189fe2b51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

oxbet.vip/_nuxt/fonts/Mulish-Regular.7bcb951.woff2

172.67.154.71

200 OK

39 kB

URL HTTP/2
oxbet.vip/_nuxt/fonts/Mulish-Regular.7bcb951.woff2
IP
172.67.154.71:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 39332, version 1.0\012- data
Size
39 kB (39332 bytes)
Hash
bd8d82143e17ba5e6cd0f50a55817095
8dfc2ca331025c85c37bc787dbf83f5e141c4f34
fb2f6f569485f2a45ac411aea65567239d25f648a51ba6288d27f243a74a4986

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_nuxt/fonts/Mulish-Regular.7bcb951.woff2 HTTP/1.1
Host: oxbet.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Cookie: device=desktop; domain=https%3A%2F%2Foxbet.vip; host=oxbet.vip
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:03 GMT
content-type: font/woff2
content-length: 39332
cache-control: public, max-age=31536000
last-modified: Sat, 26 Nov 2022 10:57:13 GMT
etag: W/"99a4-184b3958bb4"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YsteySk46mxm16KO0w3vC5sS5yOggt2OJK1Q9263wZQvWfR%2FFnvyclv6PXGTcc3FDY%2FEMmAV4e5DFfWCBmi%2FUJLFsD5VAYT4hc9Y0u2Nhyj4GtnfgEfjSPim8Tc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77106218b804b51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ox1.oxbetd.com/oxstatic/assets/img/event/worldcup/hot-event-bar-schedule.png

172.67.147.70

200 OK

5.4 kB

URL HTTP/2
ox1.oxbetd.com/oxstatic/assets/img/event/worldcup/hot-event-bar-schedule.png
IP
172.67.147.70:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 152 x 44, 8-bit/color RGBA, non-interlaced\012- data
Size
5.4 kB (5439 bytes)
Hash
e1632af2329af1f596be50c3727993a3
5a34f69177d9ec30dc1d00f95813a90dc9f2d9ba
ca28439790966d5ebaf150766b2dfed94ed7d5bc4e9d41d4606252d90594c851

HTTP Headers

GET /oxstatic/assets/img/event/worldcup/hot-event-bar-schedule.png HTTP/1.1
Host: ox1.oxbetd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:03 GMT
content-type: image/png
content-length: 5439
last-modified: Wed, 09 Nov 2022 11:54:40 GMT
etag: "636b9500-153f"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l5gGqR8pJ%2B7VcgLw36IkFUWzSObboL%2B5rWpfCEWih9vB%2Bc%2BFIV8bQ0mm6zTktQ4Arm0SDPJs96kmiihpbKsCRvbcUq%2BAecMAnaSZEQzfLMqcE%2BMI3c9bsfpXTgBgfvZTPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7710621a1de91c02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

oxbet.vip/_nuxt/fonts/Mulish-SemiBold.33569a7.woff2

172.67.154.71

200 OK

40 kB

URL HTTP/2
oxbet.vip/_nuxt/fonts/Mulish-SemiBold.33569a7.woff2
IP
172.67.154.71:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 39820, version 1.0\012- data
Size
40 kB (39820 bytes)
Hash
f00abe236cb6381b9509667ef5e2f76e
c0ce9a39792b1fc8292d0bd0c3c7401896d7388e
7f98ee97fffc3422e86e911734901ca094179047110dafe7f01f5f175ec8fef5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_nuxt/fonts/Mulish-SemiBold.33569a7.woff2 HTTP/1.1
Host: oxbet.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Cookie: device=desktop; domain=https%3A%2F%2Foxbet.vip; host=oxbet.vip
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:03 GMT
content-type: font/woff2
content-length: 39820
cache-control: public, max-age=31536000
last-modified: Sat, 26 Nov 2022 10:57:13 GMT
etag: W/"9b8c-184b3958bb4"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5p1A0Zr6PCpzymSfMzFqxqfs6RzxLmT96mza1bJxqQB%2FamRyFS0PlbIPxa5weCKf1d0Q9Wb%2F2dHRuQaeccLa7ugMJG4iYROIaXnldelDhP8deSL1hcIk0GbdUnk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77106218b80ab51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ox1.oxbetd.com/oxstatic/assets/img/event/worldcup/hot-events-text.png

172.67.147.70

200 OK

5.2 kB

URL HTTP/2
ox1.oxbetd.com/oxstatic/assets/img/event/worldcup/hot-events-text.png
IP
172.67.147.70:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 170 x 44, 8-bit/color RGBA, non-interlaced\012- data
Size
5.2 kB (5239 bytes)
Hash
f6b2fc6a8b68cfb1fb037eb7c07dfb1c
e4b22fe642a80b936ff33f603ccc3b9f48c6b569
30d4787b16f8d0888f53c985baee0d2888b3d2959307338a3d08b13a6df26309

HTTP Headers

GET /oxstatic/assets/img/event/worldcup/hot-events-text.png HTTP/1.1
Host: ox1.oxbetd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:03 GMT
content-type: image/png
content-length: 5239
last-modified: Tue, 25 Oct 2022 04:27:51 GMT
etag: "635765c7-1477"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ihAUnEGgoB8xw%2BBuX2CZLZXlelxron9%2BONRiBJ7lhYvsvJO3omkBdwiqrGrOVuB%2BqR4BG2xiIXtYkeSr%2BK4qPKWTxRsvHuWM65fMwuVB90d0FAvxW57G8WOkCItJf8nJkg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7710621a1de21c02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ox1.oxbetd.com/oxstatic/assets/img/event/worldcup/wc-soccer-bar.png

172.67.147.70

200 OK

46 kB

URL HTTP/2
ox1.oxbetd.com/oxstatic/assets/img/event/worldcup/wc-soccer-bar.png
IP
172.67.147.70:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 175 x 163, 8-bit/color RGBA, non-interlaced\012- data
Size
46 kB (45939 bytes)
Hash
56b795c1bd2abb46db1779db2496f544
dcf9dcd9a20c5a63f4030e28020c5f7ce0d1e998
d10895039746ddf031113c0ac9db3e93282fbd496fcfbb5d98ac543f692148a3

HTTP Headers

GET /oxstatic/assets/img/event/worldcup/wc-soccer-bar.png HTTP/1.1
Host: ox1.oxbetd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:03 GMT
content-type: image/png
content-length: 45939
last-modified: Sat, 22 Oct 2022 05:17:44 GMT
etag: "63537cf8-b373"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gGYIAlwUFpJ8b%2FMGXzeU9WWuKO1DjdCdZc9wOESl1gTkh8x1OoH1SrfuK1cyntkkgvwO6t87nCPGtQ8Z6BZr8vjwWgDNx2Koa7lUp69mB6BkAUk35e3WmbxlHkBM2JK9FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7710621a1de71c02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

oxbet.vip/_nuxt/fonts/Rowdies-Regular.6b55de0.woff

172.67.154.71

200 OK

43 kB

URL HTTP/2
oxbet.vip/_nuxt/fonts/Rowdies-Regular.6b55de0.woff
IP
172.67.154.71:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format, TrueType, length 42804, version 0.0\012- data
Size
43 kB (42804 bytes)
Hash
73eac3e1b2a1a108c0f45d3f4f71ce11
4b6e1d2f9016c22ce3b942460ac25fdf75636eb2
d9e60843c27823d3e08dbb6276da48fececf2ebc30720d427cd5d45e2487a34d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_nuxt/fonts/Rowdies-Regular.6b55de0.woff HTTP/1.1
Host: oxbet.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Cookie: device=desktop; domain=https%3A%2F%2Foxbet.vip; host=oxbet.vip
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:03 GMT
content-type: font/woff
content-length: 42804
cache-control: public, max-age=31536000
last-modified: Sat, 26 Nov 2022 10:57:13 GMT
etag: W/"a734-184b3958bb5"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rdNL3C73cDJMfxljchW6ufZVJTUXaS7AmhtrWpautyjkx9naEyABFGKSjqD4ahp2xPt0q%2FK%2BbFqP%2BfzH%2BGDx3%2BZ3KetRIw6y4b7n87AFmSwvub8LStKuIuXroIg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77106218d824b51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

oxbet.vip/_nuxt/fonts/Rowdies-Bold.5a1a263.woff

172.67.154.71

200 OK

43 kB

URL HTTP/2
oxbet.vip/_nuxt/fonts/Rowdies-Bold.5a1a263.woff
IP
172.67.154.71:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format, TrueType, length 42932, version 0.0\012- data
Size
43 kB (42932 bytes)
Hash
94d93d059d60602dd21f1128db087a1b
4445a7e85a4f2a354be8ac203750fd97d79ab377
23cb7693d704ebcc285ced0e25bc9b9952dd7e7e5469665517ac74689f9e7220

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_nuxt/fonts/Rowdies-Bold.5a1a263.woff HTTP/1.1
Host: oxbet.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Cookie: device=desktop; domain=https%3A%2F%2Foxbet.vip; host=oxbet.vip
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:03 GMT
content-type: font/woff
content-length: 42932
cache-control: public, max-age=31536000
last-modified: Sat, 26 Nov 2022 10:57:13 GMT
etag: W/"a7b4-184b3958bb5"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9zsGa5QrgA8MY1%2BphFhxKpEgYZA%2B2FiasgoLNcSoN%2FB5z54L7GYBO1dCN%2B05f3nzlL0w5RPdyAiJenmrHVWhAfCvmKz4UUJDmcqLmOF2Wa8JigRgBtFjoL4D0YU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77106218b810b51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ox1.oxbetd.com/oxstatic/assets/img/header/icon-hot.png

172.67.147.70

200 OK

4.1 kB

URL HTTP/2
ox1.oxbetd.com/oxstatic/assets/img/header/icon-hot.png
IP
172.67.147.70:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 81 x 60, 8-bit/color RGBA, non-interlaced\012- data
Size
4.1 kB (4115 bytes)
Hash
929d3a0206d6f41232cba2822acfb1be
836d0ba11c67294731724830a9f6127fbd2154cf
627744275c431431b2db455148dbc6bea4a1f4eaf31b6a83836609301764b5a9

HTTP Headers

GET /oxstatic/assets/img/header/icon-hot.png HTTP/1.1
Host: ox1.oxbetd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:03 GMT
content-type: image/png
content-length: 4115
last-modified: Wed, 09 Nov 2022 03:47:39 GMT
etag: "636b22db-1013"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NL9aKAhZhGZ73X14j6W1tIHWSWZ5NUGp6mWlGeBi3YGM1EZK38js7bU1Ihk4uvZIyqQ%2BCkc7WEs0WygmJzb7wIiFwNozph2JqF7FSXFnoU3UPJZpxPHmxezeKsN4ngJAoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7710621a1dea1c02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

oxbet.vip/_nuxt/fonts/UTMTalling.8e8f88d.woff

172.67.154.71

200 OK

15 kB

URL HTTP/2
oxbet.vip/_nuxt/fonts/UTMTalling.8e8f88d.woff
IP
172.67.154.71:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format, TrueType, length 14884, version 0.0\012- data
Size
15 kB (14884 bytes)
Hash
75c01882021ba64d4e23d557d4c4db1b
b38c8f5dafc57ea31eaee7bdc682a44d6b073e30
5a96c738cec165b790ffe60dd7152c6dac312a15e6526f83bc17dd55c038f28e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_nuxt/fonts/UTMTalling.8e8f88d.woff HTTP/1.1
Host: oxbet.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Cookie: device=desktop; domain=https%3A%2F%2Foxbet.vip; host=oxbet.vip
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:03 GMT
content-type: font/woff
content-length: 14884
cache-control: public, max-age=31536000
last-modified: Sat, 26 Nov 2022 10:57:13 GMT
etag: W/"3a24-184b3958bb3"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jv9cyZCJDbh%2BzN3f06jFO2A1hVwgcC%2FQuBAYpf6XfykVrEU0p0tbR7jwR3VNV7Zybfrd%2FkiUbay2Fo2HLszRlqHxvrIq7CXAFpW%2BJYCrn2ez9c0W4Lk7jCtAJyk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771062187f86b51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ox1.oxbetd.com/oxstatic/assets/img/event/worldcup/wc-wheel-bar.png

172.67.147.70

200 OK

28 kB

URL HTTP/2
ox1.oxbetd.com/oxstatic/assets/img/event/worldcup/wc-wheel-bar.png
IP
172.67.147.70:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Size
28 kB (27903 bytes)
Hash
13740d3db123b9434d01981490bead0d
f9319071c6dbe42ea0f3eb4fdc7de1ecc9eab855
7872cd3acb9715c8ba85a8df323f25c7efcdcc5eb8d66486e724407091bcb878

HTTP Headers

GET /oxstatic/assets/img/event/worldcup/wc-wheel-bar.png HTTP/1.1
Host: ox1.oxbetd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:03 GMT
content-type: image/png
content-length: 27903
last-modified: Sat, 22 Oct 2022 05:17:44 GMT
etag: "63537cf8-6cff"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kuqg%2BwSXc5MEGktLl2I4bDCyXaJjWe3IgppH62aA79OYTecqsTfb%2FeVGZ1B7E9kl3%2B6yqFE8ChpsmRm0IURKHrYFqojVMr3GchUGjfIq52IVRMeOz04DyFi2CBRbx%2Ft4RQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7710621a1de81c02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
dfc6d93c89faf83ac654cd676c02764d
ce10d3ff46b50f22f7f79a7df65b0b7a6ddb741d
83947c7c69062338e3712fe76a493a2798aa2d1f63709eac14ba908d71080dd0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:33:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn.livechatinc.com/tracking.js

23.36.79.17

200 OK

26 kB

URL HTTP/2
cdn.livechatinc.com/tracking.js
IP
23.36.79.17:0
ASN
#20940 Akamai International B.V.

File type
data
Size
26 kB (26070 bytes)
Hash
fdb3fbabc9d0fdd42c1230d360cd2d44
3968a4d120665750710b64068c0af871d1a149d5
b774ad6e513f484794d2f3985d3b42667e11c38c6def308bcce6b3d81ebff9c7

HTTP Headers

GET /tracking.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Thu, 17 Nov 2022 13:08:42 GMT
x-amz-version-id: XiT9l9I6GGKdmfwcYLWex5TUwoVUOWV5
server: AmazonS3
content-encoding: br
etag: W/"72abe41f23b1a5d3b25350cc7025a805"
vary: Accept-Encoding
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: D3KEkfL4U2Yk1ikvSs7spz9_JmtUYKdfxg54PQ9go4a6WarOC0Sz5A==
content-length: 26070
cache-control: max-age=28800
expires: Mon, 28 Nov 2022 12:33:03 GMT
date: Mon, 28 Nov 2022 04:33:03 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
X-Firefox-Spdy: h2

oxbet.vip/_nuxt/b4261be.js

172.67.154.71

200 OK

27 kB

URL HTTP/2
oxbet.vip/_nuxt/b4261be.js
IP
172.67.154.71:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (6103), with no line terminators
Size
27 kB (26906 bytes)
Hash
03b50c0f6175bdd5c4cf08814cf33bc7
c08174126c77f82a4426a3423e012974931870bb
06714b8d3be21f309d90ecc22e57b0052a6d084d04e3e276344406c0db9b5211

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_nuxt/b4261be.js HTTP/1.1
Host: oxbet.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Cookie: device=desktop; domain=https%3A%2F%2Foxbet.vip; host=oxbet.vip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:02 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Sat, 26 Nov 2022 10:57:13 GMT
etag: W/"17d7-184b3958bcd"
vary: Accept-Encoding
cf-cache-status: HIT
age: 146989
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CjHj1f9i%2BZZJ5hk%2BnWzb1gWakn2RUOglSdeXJ1Ck0%2BE8qEn4hBJcoHOSOAxfnHRazSOtDtrpFlbYyoNnA759QRXE%2BEt%2F7yXOes6pVJVqHnvwLrz5RgSdyjeGSHo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 771062186f72b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

oxbet.vip/_nuxt/5c5ac94.js

172.67.154.71

200 OK

100 kB

URL HTTP/2
oxbet.vip/_nuxt/5c5ac94.js
IP
172.67.154.71:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65485)
Size
100 kB (99714 bytes)
Hash
9acb8c151cb66d7908713cdf9c7d04f6
f2021b7cc74a38699967c10f36e365080786d08c
97f4f89d9ebbc590aaf820e8c2a4d9ccacae6a93401bb629cb8d178f40549e6d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_nuxt/5c5ac94.js HTTP/1.1
Host: oxbet.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Cookie: device=desktop; domain=https%3A%2F%2Foxbet.vip; host=oxbet.vip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:02 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Fri, 25 Nov 2022 06:57:48 GMT
etag: W/"34401-184ad93ffb7"
vary: Accept-Encoding
cf-cache-status: HIT
age: 241115
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Jro0LH6AfHVJArnHmKAUdNPuaeFNBKJJolJ3bt7ommxX5%2FJV%2FOVaIHgLFew%2FLgnWX4c7V4HTaMSq0yTLPJ9vsKVr5gSSZ%2Fgqw%2Fum22JGOdiCijX8NoZPIgCKK4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 771062186f73b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

oxbet.vip/_nuxt/2da1369d363af6cf3784.vendors/app.css

172.67.154.71

200 OK

47 kB

URL HTTP/2
oxbet.vip/_nuxt/2da1369d363af6cf3784.vendors/app.css
IP
172.67.154.71:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65309)
Size
47 kB (46832 bytes)
Hash
1af013e4295ec26b098464e70a941fce
30f1e7d9ee0bc5d4dbffdb1b43da01a56aff80da
fc5ab44b1b0471d1a4994d49446da84b181e83e48f93c5fb2030347eb7d1e697

HTTP Headers

GET /_nuxt/2da1369d363af6cf3784.vendors/app.css HTTP/1.1
Host: oxbet.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Cookie: device=desktop; domain=https%3A%2F%2Foxbet.vip; host=oxbet.vip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:02 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Sat, 26 Nov 2022 10:57:13 GMT
etag: W/"3dd8a-184b3958bce"
vary: Accept-Encoding
cf-cache-status: HIT
age: 146989
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hoUyNhxzXiIeZBSzVa8FgvuluKhadQcvu%2Bs5MaMrjN7puGieTzr8e1Oqa%2BASgw7oPsWnCo6j%2F6PchXgkcutppT%2BvtScWAP3W81%2F1gDvphLJD5SLIrlFMgP0zux8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 771062187f79b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

oxbet.vip/_nuxt/fonts/Mulish-ExtraLight.f21caf9.woff

172.67.154.71

200 OK

53 kB

URL HTTP/2
oxbet.vip/_nuxt/fonts/Mulish-ExtraLight.f21caf9.woff
IP
172.67.154.71:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format, TrueType, length 53000, version 0.0\012- data
Size
53 kB (53000 bytes)
Hash
07bfacf8621b2749d924a2d071cc5634
277e60b8e12d38be071884fe0cd0d2da15cc4ec9
3df9f79b336dc2ee9c842b9056c9e7bd5156f2d4ab1cd2fd27955a5fdce4fb2d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_nuxt/fonts/Mulish-ExtraLight.f21caf9.woff HTTP/1.1
Host: oxbet.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Cookie: device=desktop; domain=https%3A%2F%2Foxbet.vip; host=oxbet.vip
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:03 GMT
content-type: font/woff
content-length: 53000
cache-control: public, max-age=31536000
last-modified: Sat, 26 Nov 2022 10:57:13 GMT
etag: W/"cf08-184b3958bb3"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V6B660pCJ0rf9Wq6ExzB4XyXrnGLVPz9HBNN6Yw77dAPYbRB6hzZlSoN3H4HynDi4t51mGKvlronmeAg2LAq8r0IT0lkOTf4BYAI69qGtzzSCo33x2Ui1h78RAo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771062189fdcb51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

oxbet.vip/_nuxt/fonts/Mulish-Black.b662452.woff

172.67.154.71

200 OK

55 kB

URL HTTP/2
oxbet.vip/_nuxt/fonts/Mulish-Black.b662452.woff
IP
172.67.154.71:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format, TrueType, length 55052, version 0.0\012- data
Size
55 kB (55052 bytes)
Hash
4e4da10c472f133f5b5179228d78dec3
b2a3d507ecf630f0292f7a2e8a8b94e1ecfaabbe
1ac7b6b213e052dbb4aada7aadb73b55eafe0fd9b8d3acfa893e88c5a90f7191

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_nuxt/fonts/Mulish-Black.b662452.woff HTTP/1.1
Host: oxbet.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Cookie: device=desktop; domain=https%3A%2F%2Foxbet.vip; host=oxbet.vip
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:03 GMT
content-type: font/woff
content-length: 55052
cache-control: public, max-age=31536000
last-modified: Sat, 26 Nov 2022 10:57:13 GMT
etag: W/"d70c-184b3958bb3"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O1aCiYZzxtCpnI124Z7Ppr7Gdv5lWdPS6H03gniIzBw9ks4nNFzTFW2OTuUqiFalpvqQH2py%2BQLeEO4IqzbDqM%2BNIY4YgkfO9I6cjz6xOeItKnMcIkg7HFpI%2Fms%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771062189fd6b51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

oxbet.vip/_nuxt/fonts/Rowdies-Bold.eb29806.woff2

172.67.154.71

200 OK

33 kB

URL HTTP/2
oxbet.vip/_nuxt/fonts/Rowdies-Bold.eb29806.woff2
IP
172.67.154.71:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 32988, version 1.0\012- data
Size
33 kB (32988 bytes)
Hash
715240975f97a96fe17b0835c91116da
94cfcf4e6746a9884b70d9b2c087558ac6739427
9f45162b1ebc53e06d93612c447b855412f7d84063625327f7f16e6e30aa00ef

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_nuxt/fonts/Rowdies-Bold.eb29806.woff2 HTTP/1.1
Host: oxbet.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Cookie: device=desktop; domain=https%3A%2F%2Foxbet.vip; host=oxbet.vip
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:03 GMT
content-type: font/woff2
content-length: 32988
cache-control: public, max-age=31536000
last-modified: Sat, 26 Nov 2022 10:57:13 GMT
etag: W/"80dc-184b3958bb4"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fSfxzCmuYVL4pahLcbgLZVN35x8XmEqbVawMpWYHYPsmiQlYO3k5AxpXUAYVgyX1rdTW6X1Py6psazRtF3H8AU34t1FGB%2BhrzYF9SypoSHsrocgHwcLFnVZ1Re8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77106218b80fb51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

oxbet.vip/_nuxt/fonts/Rowdies-Light.52e8cbd.woff

172.67.154.71

200 OK

43 kB

URL HTTP/2
oxbet.vip/_nuxt/fonts/Rowdies-Light.52e8cbd.woff
IP
172.67.154.71:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format, TrueType, length 42872, version 0.0\012- data
Size
43 kB (42872 bytes)
Hash
fa6f35f912eb5e1680f8b828e43c7bb6
2ad027e95765fb5722cbaaa10d7705682b1fd7a5
548cd26562cd83fd399857e5439fbde4ba006d25f9c29339a5a42d878dcd280f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_nuxt/fonts/Rowdies-Light.52e8cbd.woff HTTP/1.1
Host: oxbet.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Cookie: device=desktop; domain=https%3A%2F%2Foxbet.vip; host=oxbet.vip
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:03 GMT
content-type: font/woff
content-length: 42872
cache-control: public, max-age=31536000
last-modified: Sat, 26 Nov 2022 10:57:13 GMT
etag: W/"a778-184b3958bb5"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rf9sTcG07gYP10NmUFc85QX49L4nNX%2BV93DAsoGV2AOSB3a9Z%2FqLrn6n%2Bfesrx2QYYjr9tt%2B%2BRvTsvyM5q2FfF4qk3tElcQlIXIHZmMMJ8aHU%2BadfBtAQnsp7io%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77106218c81db51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

oxbet.vip/_nuxt/fonts/Mulish-Medium.2743919.woff2

172.67.154.71

200 OK

39 kB

URL HTTP/2
oxbet.vip/_nuxt/fonts/Mulish-Medium.2743919.woff2
IP
172.67.154.71:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 39436, version 1.0\012- data
Size
39 kB (39436 bytes)
Hash
2c99ea1ac787603f211094a82f2b33f8
f73695cb57627ac3ce75ec0940f6708e7bed326f
d6dd002ec775a66461a5a5ce4b2f9a6be8990470eca02538ef4335f7ce6397f5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_nuxt/fonts/Mulish-Medium.2743919.woff2 HTTP/1.1
Host: oxbet.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Cookie: device=desktop; domain=https%3A%2F%2Foxbet.vip; host=oxbet.vip
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:03 GMT
content-type: font/woff2
content-length: 39436
cache-control: public, max-age=31536000
last-modified: Sat, 26 Nov 2022 10:57:13 GMT
etag: W/"9a0c-184b3958bb4"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UHtCsEsUPID1RS59sTZ8EeUwFSQ9S5zfJlvjVctkIUDVI2rE%2FCyoKMRTurVbiqPzuuGqGqTAZE9urRir2OXuHnSJaz6ovLj8aIb%2FgIJoQoQPAFCXWF92A%2FAnecA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77106218b803b51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

oxbet.vip/_nuxt/fonts/Mulish-Regular.6e636bd.woff

172.67.154.71

200 OK

55 kB

URL HTTP/2
oxbet.vip/_nuxt/fonts/Mulish-Regular.6e636bd.woff
IP
172.67.154.71:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format, TrueType, length 54820, version 0.0\012- data
Size
55 kB (54820 bytes)
Hash
975392837dc9c82873fd686a47eb389f
bdb7eba65b631e7005fc6d96d459f9ddbd2be0bf
6333f3220cbc6f9dc91d79bb0831ca46863d6451788bcff56b3fc66edd3df829

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_nuxt/fonts/Mulish-Regular.6e636bd.woff HTTP/1.1
Host: oxbet.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Cookie: device=desktop; domain=https%3A%2F%2Foxbet.vip; host=oxbet.vip
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:03 GMT
content-type: font/woff
content-length: 54820
cache-control: public, max-age=31536000
last-modified: Sat, 26 Nov 2022 10:57:13 GMT
etag: W/"d624-184b3958bb4"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KY4XG4vjzDVj%2BEUxwGnF%2F7rvuJo9rIeXlAbnMkms%2FJvkArR6R2V4y7bT20XwM3slnIQkG%2BKnyU8imv6DsN8%2BurDsLsvVKvyqeFmv2H1HyZTJuVwEi9E49PsmY04%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77106218b806b51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

oxbet.vip/_nuxt/fonts/Mulish-Bold.9f046c6.woff

172.67.154.71

200 OK

55 kB

URL HTTP/2
oxbet.vip/_nuxt/fonts/Mulish-Bold.9f046c6.woff
IP
172.67.154.71:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format, TrueType, length 54592, version 0.0\012- data
Size
55 kB (54592 bytes)
Hash
f6ea637c7281138170955696a2353927
b90b86f43f19f2c176a2c897b07ce77fe8d746f1
78a0826423b77ccd9a7370ac695f39c3902a75608368597f37e9224cffbc56b4

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_nuxt/fonts/Mulish-Bold.9f046c6.woff HTTP/1.1
Host: oxbet.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Cookie: device=desktop; domain=https%3A%2F%2Foxbet.vip; host=oxbet.vip
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:03 GMT
content-type: font/woff
content-length: 54592
cache-control: public, max-age=31536000
last-modified: Sat, 26 Nov 2022 10:57:13 GMT
etag: W/"d540-184b3958bb3"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4LAp9507BsnaYcqhLAyS52d%2FyLBrlTjr5cE5uALrBwzF7ugsoC5NoXVf9Xi%2FabgZjdF3%2BDkyw5HxMBWhN9uU38CWrBzZ7%2BWp8odhT3AhRhj6slw5V76lICUJ3BQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771062188f9ab51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

oxbet.vip/_nuxt/fonts/Mulish-Medium.5ff01ad.woff

172.67.154.71

200 OK

55 kB

URL HTTP/2
oxbet.vip/_nuxt/fonts/Mulish-Medium.5ff01ad.woff
IP
172.67.154.71:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format, TrueType, length 55052, version 0.0\012- data
Size
55 kB (55052 bytes)
Hash
4e2ae86a4846a1444f4c2b590fdfa1de
6c95c14d467b5abc84fb5fc6b497b9c6eb3b6ff7
698df418e70fded8ebbec784857c15c74f5b4027138fa6803191db553c33fb6c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_nuxt/fonts/Mulish-Medium.5ff01ad.woff HTTP/1.1
Host: oxbet.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Cookie: device=desktop; domain=https%3A%2F%2Foxbet.vip; host=oxbet.vip
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:03 GMT
content-type: font/woff
content-length: 55052
cache-control: public, max-age=31536000
last-modified: Sat, 26 Nov 2022 10:57:13 GMT
etag: W/"d70c-184b3958bb4"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e3bAJSz6%2BP75efHBHR%2F2V0KUvOVvsYDvWiwMhaEXFhurcxGXqFJrL0ENByeGVt0wfkSKATmz%2B2miqE3KYjgQDR6kqpti1vRk7688V4eeZfN8ejtkUFcJoTQnzn0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77106218b802b51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

oxbet.vip/_nuxt/fonts/Mulish-ExtraBold.c51dfa0.woff

172.67.154.71

200 OK

55 kB

URL HTTP/2
oxbet.vip/_nuxt/fonts/Mulish-ExtraBold.c51dfa0.woff
IP
172.67.154.71:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format, TrueType, length 55012, version 0.0\012- data
Size
55 kB (55012 bytes)
Hash
ca7b573a08237ad4271a9fe78cf81791
0a590347b7b0e21f98783b7072314bca903b92ba
c0500cf401a829b8d194eb7ad06aaec925a308aea3512b18a95889f94274c4ce

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_nuxt/fonts/Mulish-ExtraBold.c51dfa0.woff HTTP/1.1
Host: oxbet.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Cookie: device=desktop; domain=https%3A%2F%2Foxbet.vip; host=oxbet.vip
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:03 GMT
content-type: font/woff
content-length: 55012
cache-control: public, max-age=31536000
last-modified: Sat, 26 Nov 2022 10:57:13 GMT
etag: W/"d6e4-184b3958bb3"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m6rDZchPTed2NS3py4I4ijDXVEU9EzsZoF5WDOMfUvg0TrMuVrUYFy8Kcv9TZg6%2FHIKXshJ%2B1Q9D7CWbTrvudx%2B3BgkK%2ByHsPSgexdsy1PHSJ9xeSjzRxtMDh%2Fo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771062189fceb51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

oxbet.vip/_nuxt/fonts/Mulish-Light.04dbad6.woff

172.67.154.71

200 OK

54 kB

URL HTTP/2
oxbet.vip/_nuxt/fonts/Mulish-Light.04dbad6.woff
IP
172.67.154.71:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format, TrueType, length 54408, version 0.0\012- data
Size
54 kB (54408 bytes)
Hash
6bc771505a232626ff06e4b88a1e1f9e
b2af89f68826fb2150b79dc1692c68bafcf65758
4c29af3bdd82c2549d14f91884f81a8b684fee1087b9e7226771ee16acc679e0

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_nuxt/fonts/Mulish-Light.04dbad6.woff HTTP/1.1
Host: oxbet.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Cookie: device=desktop; domain=https%3A%2F%2Foxbet.vip; host=oxbet.vip
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:03 GMT
content-type: font/woff
content-length: 54408
cache-control: public, max-age=31536000
last-modified: Sat, 26 Nov 2022 10:57:13 GMT
etag: W/"d488-184b3958bb4"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w5I%2BBidog7kaWdhZbczrIgI%2BYYG%2Bkfxn%2BCmYBkx0PBZYultwSvql9NEelhrfUQUFoBJ7B7xa7nvy7kVzKHZKeojKJo4rT85ywumEk5hpTm5KscC7TIvL7ay%2BYlU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77106218bffab51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

oxbet.vip/_nuxt/fonts/Mulish-SemiBold.a7e5660.woff

172.67.154.71

200 OK

55 kB

URL HTTP/2
oxbet.vip/_nuxt/fonts/Mulish-SemiBold.a7e5660.woff
IP
172.67.154.71:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format, TrueType, length 55076, version 0.0\012- data
Size
55 kB (55076 bytes)
Hash
82e676055f3fbef7aff7c1d51a2209ef
22c126cf6d5afdd2c6012d26a3d1aaa44ceb9102
32c196bd6f0b25644430f9dcc9cc5a9238a4d5d7b36ac20cdc648cfc56f0c5d5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_nuxt/fonts/Mulish-SemiBold.a7e5660.woff HTTP/1.1
Host: oxbet.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Cookie: device=desktop; domain=https%3A%2F%2Foxbet.vip; host=oxbet.vip
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:03 GMT
content-type: font/woff
content-length: 55076
cache-control: public, max-age=31536000
last-modified: Sat, 26 Nov 2022 10:57:13 GMT
etag: W/"d724-184b3958bb4"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s7at7jdvc2MoE4kCpYEUKiDfbed1z%2FpAmU2%2Bps2C5q%2BBBZC1oobLPILXvl0go%2F2TM%2BM2y2TDtygghmAglcL6vdQCF9LkMzRsc%2FYImidobXyF%2FUx9HwVQf9K7icc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77106218b80eb51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

865 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
865 B (865 bytes)
Hash
f20f44c17b8be92d9b73b54a0a72fe46
cf6242240f3571d69c1da0b68f1c4c4ea348a595
fdadcb832213b6b2246f6173f1c8b6653c6f4d4546919a77c7422cf677d81bcb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2168
Expires: Mon, 28 Nov 2022 05:09:11 GMT
Date: Mon, 28 Nov 2022 04:33:03 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2168
Expires: Mon, 28 Nov 2022 05:09:11 GMT
Date: Mon, 28 Nov 2022 04:33:03 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2168
Expires: Mon, 28 Nov 2022 05:09:11 GMT
Date: Mon, 28 Nov 2022 04:33:03 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2168
Expires: Mon, 28 Nov 2022 05:09:11 GMT
Date: Mon, 28 Nov 2022 04:33:03 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2168
Expires: Mon, 28 Nov 2022 05:09:11 GMT
Date: Mon, 28 Nov 2022 04:33:03 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd18bfa3f-3214-4f84-8a7e-d219428f5242.jpeg

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd18bfa3f-3214-4f84-8a7e-d219428f5242.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10813 bytes)
Hash
005e5ba3c9588cf389a58195001b64e3
238a7439d887fb3aa7f1302eeb43fce62f08441a
d75dd5b6f57d9c9290725c5be76cc7d7a39682ca569bea18eceb9bdc13d444f9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd18bfa3f-3214-4f84-8a7e-d219428f5242.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10813
x-amzn-requestid: 5a3c9584-1389-45ac-968d-0a2301f82eda
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR6_KG00oAMFpig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d860-6ffc3ff67f7f7e75399834e8;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3ggibSv4guzAQjW77yMg7HTp5JCBi1B9dxXi-Zy_-Vw0b6lP1PAGyQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:51:09 GMT
age: 24114
etag: "238a7439d887fb3aa7f1302eeb43fce62f08441a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F887b04ff-c782-4045-b122-5f0fda800771.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.7 kB (5652 bytes)
Hash
d407d1a700a02f6422a0415be9648354
e9a69711e04e8028f11082285a405bafc61c5b20
dfc27a9aea46df1e218ee485296392c5a6c03756e91487f37212c69d4b30a418

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F887b04ff-c782-4045-b122-5f0fda800771.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5652
x-amzn-requestid: 24915481-2902-4776-b489-7741957424f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMozvEfioAMFUJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bb4a-7846a98a5fb3d0786cb84130;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:07:54 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 2YLb6Et3z5MS3x4qk32fUeOCzFeofTOiHbTH2dGaQbGe_e8yMedqqw==
via: 1.1 2e20768704c71ff3ce2e677251d27f3c.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 08:11:10 GMT
age: 73313
etag: "e9a69711e04e8028f11082285a405bafc61c5b20"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74165307-11fe-455f-9c90-106d24a6495f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.5 kB (6498 bytes)
Hash
1bb306213437ea24ab879adc9e3b6da4
771d38e18cdfa54052f7cb150b73c03154eb4368
d4cce7533fd59ef11fb8fec4bc114d5be0bacaa9134e3f1536e0d6bac1f58ffb

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74165307-11fe-455f-9c90-106d24a6495f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6498
x-amzn-requestid: 2499eb0e-74c9-4c04-ba58-3e65fc452c34
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR8IwHU4oAMFaAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383da37-12f14e7a30bc1a75499cb272;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:44:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WaCfMUy6EtOLWvJy1jFbKp9KQzG5v7nq27sIo7d8gFeGesFd4uWdEw==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:24:14 GMT
age: 22129
etag: "771d38e18cdfa54052f7cb150b73c03154eb4368"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.4 kB (9430 bytes)
Hash
1f434933b5bd6377d299ada22d1ae7ef
075531f525e625b117b2497f31139c9824d0e9c5
b587a3249e4f20112088608e3651c2ccbc44225a5c9d88d3bf5884d7f0e9029c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9430
x-amzn-requestid: 454ca8bd-a256-45f2-8b41-feee86c5af82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR7wyGCIIAMFhgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d99e-1488f8ce71a91ebc3ad6b7e0;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:41:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NMMuQ1NNks65LJK_HDAK69MfCJ3pS0Y6VzBs8_5Oku64v4FSWADCdw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:01:46 GMT
age: 23477
etag: "075531f525e625b117b2497f31139c9824d0e9c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ox1.oxbetd.com/oxstatic/assets/img/footer/icon-mobile.svg

172.67.147.70

200 OK

9.1 kB

URL HTTP/2
ox1.oxbetd.com/oxstatic/assets/img/footer/icon-mobile.svg
IP
172.67.147.70:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (457)
Size
9.1 kB (9133 bytes)
Hash
a13ef030779a3f38aab357e2ef54e937
efaae2d249b33871bd8bc7285d7f74eefeb623f0
7e85fe31e6ee87d3b81d63a95181485b16ecc7806259ab3b449991513c0291f2

HTTP Headers

GET /oxstatic/assets/img/footer/icon-mobile.svg HTTP/1.1
Host: ox1.oxbetd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:03 GMT
content-type: image/svg+xml
last-modified: Sat, 01 Oct 2022 05:06:40 GMT
etag: W/"6337cae0-31b"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jy8jQhViGqHCI4Nrxoc8HKZXuFvmuD7MaWvYbddv77nPRFalHmZy3KPCjyXmnPQ6y9anYCLKaSPpCSck1M5NcYkTTEgfpINo48Ik5cMJzUMmL%2BVdvd42TS0FXqfynCSEBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7710621a1de01c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6c93814-fbc2-4f60-a417-7cb6ff99a2ef.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.3 kB (6263 bytes)
Hash
b24e349e9d22fb30fbc80497b512cead
c033d1ecdb9e7640f3df044e39053bed8292fcbc
2d77e3c39c60a3563613b1ba97ec0b1a256f41ad09936ba49b23d8cf22f8a7a8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6c93814-fbc2-4f60-a417-7cb6ff99a2ef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6263
x-amzn-requestid: 5c3da401-eb9e-4904-a7e9-5e74648b8b77
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR6_KFfWoAMF99A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d860-3110d65625e883502a5078a9;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: X6t2ucU4VTXi5XIRLVpmTMxEW3MtinOQs3mIHIhgeW6aK6kN53dWEQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:51:18 GMT
age: 24105
etag: "c033d1ecdb9e7640f3df044e39053bed8292fcbc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

maxst.icons8.com/vue-static/landings/line-awesome/line-awesome/1.3.0/fonts/la-solid-900.woff2

185.76.9.14

200 OK

97 kB

URL HTTP/2
maxst.icons8.com/vue-static/landings/line-awesome/line-awesome/1.3.0/fonts/la-solid-900.woff2
IP
185.76.9.14:0
ASN
#60068 Datacamp Limited

File type
Web Open Font Format (Version 2), TrueType, length 96752, version 1.0\012- data
Size
97 kB (96752 bytes)
Hash
36fc297902c9a2e857858baa6ac25f2c
89d9531c0c70a8751dff83c1917baab1f16a2071
10a68e01209d939afa9318ee71601b0a6e10f025d4cd6d98a492d340b73941fb

HTTP Headers

GET /vue-static/landings/line-awesome/line-awesome/1.3.0/fonts/la-solid-900.woff2 HTTP/1.1
Host: maxst.icons8.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://oxbet.vip
Connection: keep-alive
Referer: https://maxst.icons8.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:03 GMT
content-type: font/woff2
content-length: 96752
etag: "179f0-idlTHAxwqHUd/4PBkXuqsfFqIHE"
last-modified: 2022-05-16T12:30:47.849Z
server-timing: -;dur=0;desc="Generate"
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
access-control-allow-credentials: true
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
x-accel-expires: @1968663892
server: CDN77-Turbo
x-77-nzt: AblMCQ0Nh3n/q8/4AA
x-77-nzt-ray: c0a4cc28d1d6599bff3984634699193b
x-cache: HIT
x-age: 16306091
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1p5/H4DSpMETGhw

142.250.74.35

200 OK

1.8 kB

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/H4DSpMETGhw
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
1.8 kB (1760 bytes)
Hash
7d65165426fd06cfab07e6640cf5dd8f
e8a32f7147c6e6fbb1566816d06844f3e442be84
bee5be1091c51d3da94b5ca75727264d340de34de0f11e971735671baf58d823

HTTP Headers

POST /s/gts1p5/H4DSpMETGhw HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:33:04 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/s/gts1p5/H4DSpMETGhw

142.250.74.35

200 OK

1.5 kB

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/H4DSpMETGhw
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
1.5 kB (1508 bytes)
Hash
7473ee8b3bbc86965e854572458fb5d9
251b468d9f34d2f55637db24783e7626e8322c25
dabec2c71c846e4e67ce9c7a2e7bcb430ab6cd0bbe86f1c85ef681b27e1d01ab

HTTP Headers

POST /s/gts1p5/H4DSpMETGhw HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:33:04 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=12108984&url=https%3A%2F%2Foxbet.vip%2F&channel_type=code&jsonp=__l11qv5ghkio

23.36.79.17

200 OK

265 B

URL HTTP/2
api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=12108984&url=https%3A%2F%2Foxbet.vip%2F&channel_type=code&jsonp=__l11qv5ghkio
IP
23.36.79.17:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with no line terminators
Size
265 B (265 bytes)
Hash
fa0d451826646a7bf76911e9dd407637
38dd917f4a7122a07f30f42ef9f7053c031778b3
9683d3bce6798304809c01b9139d0bf0b94a79161c452ec5c0b1945fea64dc21

HTTP Headers

GET /v3.3/customer/action/get_dynamic_configuration?license_id=12108984&url=https%3A%2F%2Foxbet.vip%2F&channel_type=code&jsonp=__l11qv5ghkio HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-security-policy: frame-ancestors https://oxbet.vip/;
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
vary: Accept-Encoding
x-frame-options: allow-from https://oxbet.vip/
content-length: 265
date: Mon, 28 Nov 2022 04:33:04 GMT
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
cd0a5be4865b85e858cfcaafa90f8dca
122569d314b0900b1f5e5f58cdad0d9fc16b7e1b
624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:33:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
cd0a5be4865b85e858cfcaafa90f8dca
122569d314b0900b1f5e5f58cdad0d9fc16b7e1b
624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:33:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

891 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
891 B (891 bytes)
Hash
ca6af7ca760916bb8dfce9fb87c2af9e
64a766ad615259abf5a56a51556a7449379bcdc3
9e6ea9e1d2492dc990c6442fc0a176ebde580b4f77fa6421bb425520e33f2446

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:33:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/muli/v28/7Auwp_0qiz-afTLGLQ.woff2

216.58.207.195

200 OK

32 kB

URL HTTP/2
fonts.gstatic.com/s/muli/v28/7Auwp_0qiz-afTLGLQ.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
data
Size
32 kB (32238 bytes)
Hash
8fe1802c0bae3fd685c33ee3819f1fc8
08da06a7e1baf245593e8baa0a7db3aa78d5b5a8
4586e7cc6899fdb7cd24f39c448c77e78c0867f6afbd95e163816e9d73995818

HTTP Headers

GET /s/muli/v28/7Auwp_0qiz-afTLGLQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://oxbet.vip
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31196
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 06:19:59 GMT
expires: Fri, 24 Nov 2023 06:19:59 GMT
cache-control: public, max-age=31536000
age: 339185
last-modified: Mon, 11 Jul 2022 20:43:05 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/muli/v28/7Aujp_0qiz-afTfcIyoiGtm2P0wG05Fz4eqVww.woff2

216.58.207.195

200 OK

17 kB

URL HTTP/2
fonts.gstatic.com/s/muli/v28/7Aujp_0qiz-afTfcIyoiGtm2P0wG05Fz4eqVww.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 17252, version 1.0\012- data
Size
17 kB (17252 bytes)
Hash
9c5adaad91548776c4be32f4c723ad2c
3cfb3c2e7cb1b0d0e42a58ac593d8f326623fd30
2b773f333244b82e17697d03ac6262fbe77f95e9a9ce8c831b2aa7fc15bbba4f

HTTP Headers

GET /s/muli/v28/7Aujp_0qiz-afTfcIyoiGtm2P0wG05Fz4eqVww.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://oxbet.vip
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17252
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 26 Nov 2022 02:13:27 GMT
expires: Sun, 26 Nov 2023 02:13:27 GMT
cache-control: public, max-age=31536000
age: 181177
last-modified: Mon, 11 Jul 2022 21:01:19 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

oxbet.vip/_nuxt/fonts/DelaGothicOne-Regular.7f7c99c.woff2

172.67.154.71

200 OK

1.2 MB

URL HTTP/2
oxbet.vip/_nuxt/fonts/DelaGothicOne-Regular.7f7c99c.woff2
IP
172.67.154.71:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 1183504, version 1.0\012- data
Size
1.2 MB (1183504 bytes)
Hash
2995a18075b61f62b15cb93773f3a06e
d991c027cc97b57bbcc599a91ee087a6fbdf8148
be9a11c8cdb9efa2775a6c7e4fce9924f6339379a26e35d6e106edaa7f7347d9

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_nuxt/fonts/DelaGothicOne-Regular.7f7c99c.woff2 HTTP/1.1
Host: oxbet.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Cookie: device=desktop; domain=https%3A%2F%2Foxbet.vip; host=oxbet.vip
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:03 GMT
content-type: font/woff2
content-length: 1183504
cache-control: public, max-age=31536000
last-modified: Sat, 26 Nov 2022 10:57:13 GMT
etag: W/"120f10-184b3958bb7"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XtfcD3NhGWBflLc8AHXI50LQ4Tw32YO3BFipvOzPRZi7TFFAg5gtyaFuTQPaYuk1wDjloSziMN6CgGkGdG8WmVguBPA74MyHvulSvbGkh65fHs0z%2F3vFhO8cjBM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77106218d829b51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
cd0a5be4865b85e858cfcaafa90f8dca
122569d314b0900b1f5e5f58cdad0d9fc16b7e1b
624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:33:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/muli/v28/7Aujp_0qiz-afTfcIyoiGtm2P0wG05Fz4eSVw0iC.woff2

216.58.207.195

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/muli/v28/7Aujp_0qiz-afTfcIyoiGtm2P0wG05Fz4eSVw0iC.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15632, version 1.0\012- data
Size
16 kB (15632 bytes)
Hash
25b736410b0ecd5434342567fd10f914
cb8b1949570759b5879659dcd8dd7d340c2d46c6
3710a042c7d1d9063fd64310929d30587cd4f2ea17172b002aa74b5f06fb93b8

HTTP Headers

GET /s/muli/v28/7Aujp_0qiz-afTfcIyoiGtm2P0wG05Fz4eSVw0iC.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://oxbet.vip
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15632
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 18:51:27 GMT
expires: Thu, 23 Nov 2023 18:51:27 GMT
cache-control: public, max-age=31536000
age: 380497
last-modified: Mon, 11 Jul 2022 20:44:08 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/muli/v28/7Auwp_0qiz-afTzGLRrX.woff2

216.58.207.195

200 OK

29 kB

URL HTTP/2
fonts.gstatic.com/s/muli/v28/7Auwp_0qiz-afTzGLRrX.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
data
Size
29 kB (28811 bytes)
Hash
5292c5089f1e506cd919d0614207527e
d6c744deb40698134c738b1619899a6afbce6725
6e3e42c0d8e00ed888eea6d54df6fd41ccec15db6cb404706f4717bd5969e664

HTTP Headers

GET /s/muli/v28/7Auwp_0qiz-afTzGLRrX.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://oxbet.vip
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 28504
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 16:46:23 GMT
expires: Fri, 24 Nov 2023 16:46:23 GMT
cache-control: public, max-age=31536000
age: 301601
last-modified: Mon, 11 Jul 2022 20:36:34 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

oxbet.vip/_nuxt/fonts/Rowdies-Light.ee28a7c.ttf

172.67.154.71

200 OK

43 kB

URL HTTP/2
oxbet.vip/_nuxt/fonts/Rowdies-Light.ee28a7c.ttf
IP
172.67.154.71:0
ASN
#13335 CLOUDFLARENET

File type
TrueType Font data, 18 tables, 1st "FFTM", 28 names, Macintosh\012- data
Size
43 kB (42617 bytes)
Hash
63e44003bb55335f32bac8d557a13813
0c8ba3d05880292c4bcfd9d2196c7d0852de45e4
7f45b13b648f35959de249be8d51b4d932320ee4b0a6d6aa64744aab6267a3e4

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_nuxt/fonts/Rowdies-Light.ee28a7c.ttf HTTP/1.1
Host: oxbet.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Cookie: device=desktop; domain=https%3A%2F%2Foxbet.vip; host=oxbet.vip
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:03 GMT
content-type: font/ttf
cache-control: public, max-age=31536000
last-modified: Sat, 26 Nov 2022 10:57:13 GMT
etag: W/"142c4-184b3958bb5"
vary: Accept-Encoding
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Ma%2FQ%2B3rm%2BYyhQX%2F59a6NS%2B5802VGup50PWV0NO3gbBB%2F9MihAJ4v5D4cU%2BvfLozInVTqzQuiX0qrX6EEt7tjeOqDCmVasW3f%2F%2F95JHovQqAkbkKBBraVk1PR%2Fk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77106218d826b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.gstatic.com/s/muli/v28/7Auwp_0qiz-afT3GLRrX.woff2

216.58.207.195

200 OK

11 kB

URL HTTP/2
fonts.gstatic.com/s/muli/v28/7Auwp_0qiz-afT3GLRrX.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 10980, version 1.0\012- data
Size
11 kB (10980 bytes)
Hash
13587c6932f02f9900b2f2ecdbe27ece
11184f306f020f1f1d88bd1ac533cdd55056c254
3d58bdfc9d7ec30ad27b69b7b778cf94aa644a4d357542a5c30d758182ef4125

HTTP Headers

GET /s/muli/v28/7Auwp_0qiz-afT3GLRrX.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://oxbet.vip
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 10980
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:05:38 GMT
expires: Thu, 23 Nov 2023 19:05:38 GMT
cache-control: public, max-age=31536000
age: 379646
last-modified: Mon, 11 Jul 2022 20:48:34 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

oxbet.vip/_nuxt/fonts/DelaGothicOne-Regular.d0051c9.woff

172.67.154.71

200 OK

1.6 MB

URL HTTP/2
oxbet.vip/_nuxt/fonts/DelaGothicOne-Regular.d0051c9.woff
IP
172.67.154.71:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format, TrueType, length 1582164, version 0.0\012- data
Size
1.6 MB (1582164 bytes)
Hash
25a48493356b3c4220eef10517f75738
1e3548189801f71eda082fcb41729bc51480ab66
16107be2a5f4fdea9b9729e3882940fbbba65a15ceebc496b5aee0b60d561243

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_nuxt/fonts/DelaGothicOne-Regular.d0051c9.woff HTTP/1.1
Host: oxbet.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Cookie: device=desktop; domain=https%3A%2F%2Foxbet.vip; host=oxbet.vip
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:03 GMT
content-type: font/woff
content-length: 1582164
cache-control: public, max-age=31536000
last-modified: Sat, 26 Nov 2022 10:57:13 GMT
etag: W/"182454-184b3958bb7"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ISw6mOuskY16%2Fefg1thd6aHC3KOvTfegYBqMHfr1ZdsWuIZg84ytIzV2BXhTt1BU43Ns87hG7x%2BkSo8OH%2FEoxba3cFBqJDZ3U3%2FKRuvqNE2cl9Vz8AzgTIRasN4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77106218d82bb51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

api.livechatinc.com/v3.3/customer/action/get_configuration?license_id=12108984&version=940.2.2.397.242.27.2.3.7.1.5.18.0&group_id=0&jsonp=__lc_static_config

23.36.79.17

200 OK

1.5 kB

URL HTTP/2
api.livechatinc.com/v3.3/customer/action/get_configuration?license_id=12108984&version=940.2.2.397.242.27.2.3.7.1.5.18.0&group_id=0&jsonp=__lc_static_config
IP
23.36.79.17:0
ASN
#20940 Akamai International B.V.

File type
Unicode text, UTF-8 text, with very long lines (4224), with no line terminators
Size
1.5 kB (1539 bytes)
Hash
eea6fe9799bbe445d5a1a359c3849799
81e114ec902e3cff7e8c2816a90508663e33a216
24f8f3390763ac421089a4ce8d26c5d252d910856fe6dbe9eeadcd3cea09270c

HTTP Headers

GET /v3.3/customer/action/get_configuration?license_id=12108984&version=940.2.2.397.242.27.2.3.7.1.5.18.0&group_id=0&jsonp=__lc_static_config HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
vary: Accept-Encoding
content-length: 1539
cache-control: public, max-age=600
expires: Mon, 28 Nov 2022 04:43:04 GMT
date: Mon, 28 Nov 2022 04:33:04 GMT
X-Firefox-Spdy: h2

api-iw.gwapigores.net/glms/v1/jp?_=1669609983303

172.67.188.97

200 OK

2.2 kB

URL HTTP/2
api-iw.gwapigores.net/glms/v1/jp?_=1669609983303
IP
172.67.188.97:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
2.2 kB (2242 bytes)
Hash
56cf955a70ba105e8192c416045bd3c4
3a8c54a36871bdbdd2a0ea569ca01bc9c1e3dac5
7c6c637db07bc623e17b805f17057b4daab4cf312b2209565da953877a453fd8

HTTP Headers

OPTIONS /glms/v1/jp?_=1669609983303 HTTP/1.1
Host: api-iw.gwapigores.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Referer: https://oxbet.vip/
Origin: https://oxbet.vip
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:04 GMT
content-type: application/octet-stream
content-length: 0
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept, X-TOKEN
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ipbA2l%2FSWl7uHwEvuh5abqr1YSS%2BcvbERd7tVmrEN3v9E13SeeF06S3p41YKixv%2FL4QWy%2B%2Ba7q6ZTaYdKPVe%2BbD9g2xS%2Bsq1j%2FcidanEGOQuhMz1h5iYGJadJ6p3Hdx9ZSYePXJXojA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 771062218d60b4fd-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
cd0a5be4865b85e858cfcaafa90f8dca
122569d314b0900b1f5e5f58cdad0d9fc16b7e1b
624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:33:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/s/gts1p5/H4DSpMETGhw

142.250.74.35

200 OK

2.7 kB

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/H4DSpMETGhw
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
2.7 kB (2737 bytes)
Hash
06bb7bb8cbf0f1b117197f3ff5d5683c
cc9aa0c25606ce60346ae217f985c98d37ad0238
50d494f26f206ff64f08de0f9756ecc1aaa9b0ce50b3fa8b11ba3a34b7750b20

HTTP Headers

POST /s/gts1p5/H4DSpMETGhw HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:33:05 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/muli/v28/7Aujp_0qiz-afTfcIyoiGtm2P0wG05Fz4eWVw0iC.woff2

216.58.207.195

200 OK

6.7 kB

URL HTTP/2
fonts.gstatic.com/s/muli/v28/7Aujp_0qiz-afTfcIyoiGtm2P0wG05Fz4eWVw0iC.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 6700, version 1.0\012- data
Size
6.7 kB (6700 bytes)
Hash
18cdf48974e80b242eb8e2420888aed9
a7acd2ba860dc437bd72e1f8d1fde22be71b9005
7380e9faad3e9a26aff2182e24322be4eab37d5e1889ad5227d6cfa06619e27a

HTTP Headers

GET /s/muli/v28/7Aujp_0qiz-afTfcIyoiGtm2P0wG05Fz4eWVw0iC.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://oxbet.vip
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 6700
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 07:28:49 GMT
expires: Fri, 24 Nov 2023 07:28:49 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 11 Jul 2022 21:01:23 GMT
content-type: font/woff2
age: 335056
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

api.livechatinc.com/v3.3/customer/action/get_localization?license_id=12108984&version=d4234139f0f2a5e50173b124f65938ca_726da2db317a5f56bababc35341bd393&language=vi&group_id=0&jsonp=__lc_localization

23.36.79.17

200 OK

4.7 kB

URL HTTP/2
api.livechatinc.com/v3.3/customer/action/get_localization?license_id=12108984&version=d4234139f0f2a5e50173b124f65938ca_726da2db317a5f56bababc35341bd393&language=vi&group_id=0&jsonp=__lc_localization
IP
23.36.79.17:0
ASN
#20940 Akamai International B.V.

File type
Unicode text, UTF-8 text, with very long lines (11920), with no line terminators
Size
4.7 kB (4652 bytes)
Hash
2b641f62ebbffbb456e55b29b2cda515
791f46f8791c6e429107a4c69483eaaf060b3cfa
a58dc6ba32226d5e219d3d3ac849da13a5c3a2caa93e61a89668007106ddf38c

HTTP Headers

GET /v3.3/customer/action/get_localization?license_id=12108984&version=d4234139f0f2a5e50173b124f65938ca_726da2db317a5f56bababc35341bd393&language=vi&group_id=0&jsonp=__lc_localization HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
vary: Accept-Encoding
content-length: 4652
cache-control: public, max-age=599
expires: Mon, 28 Nov 2022 04:43:04 GMT
date: Mon, 28 Nov 2022 04:33:05 GMT
X-Firefox-Spdy: h2

secure.livechatinc.com/customer/action/open_chat?license_id=12108984&group=0&embedded=1&widget_version=3&unique_groups=0

23.36.79.17

200 OK

5.6 kB

URL HTTP/2
secure.livechatinc.com/customer/action/open_chat?license_id=12108984&group=0&embedded=1&widget_version=3&unique_groups=0
IP
23.36.79.17:0
ASN
#20940 Akamai International B.V.

File type
data
Size
5.6 kB (5579 bytes)
Hash
edf957ad4a7b006afd1c7744645f41ce
078cd5d0a67d8733849a279b57a6fb482eadb4c8
1ec91b7b39e8b7856b5f41101d3cf9ea157609fd2a7dceb8a3adf6d1f045cf0d

HTTP Headers

GET /customer/action/open_chat?license_id=12108984&group=0&embedded=1&widget_version=3&unique_groups=0 HTTP/1.1
Host: secure.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
content-type: text/html; charset=utf-8
vary: Accept-Encoding
content-length: 2558
date: Mon, 28 Nov 2022 04:33:05 GMT
X-Firefox-Spdy: h2

cdn.livechatinc.com/widget/static/js/0.0f55d8dd.chunk.js

23.36.79.17

200 OK

15 kB

URL HTTP/2
cdn.livechatinc.com/widget/static/js/0.0f55d8dd.chunk.js
IP
23.36.79.17:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (47599), with no line terminators
Size
15 kB (14934 bytes)
Hash
59df903a307f8661bd53313a1a1ec2dd
c1b075479edfeed640cea3038d08915f5eedb9a8
6a19cca29c349c638cdb3a4f5103fe14562c865fc49184f33770f0f87b87bb7c

HTTP Headers

GET /widget/static/js/0.0f55d8dd.chunk.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 10 Nov 2022 13:27:43 GMT
x-amz-version-id: FTaBdM5aPM6e3Wa0SH3EvXHWpAST4v3U
server: AmazonS3
content-encoding: br
etag: W/"10a3d7ac1ed37325d3341c379ee0de69"
vary: Accept-Encoding
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: KgvNFtC8e1Ondp6OM2DSbEHtkwN5kS2GkPwb0uCzLz2iu3P1-YllZA==
content-length: 14934
cache-control: max-age=31536000
expires: Tue, 28 Nov 2023 04:33:05 GMT
date: Mon, 28 Nov 2022 04:33:05 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
X-Firefox-Spdy: h2

cdn.livechatinc.com/widget/static/js/1.1e075a8f.chunk.js

23.36.79.17

200 OK

66 kB

URL HTTP/2
cdn.livechatinc.com/widget/static/js/1.1e075a8f.chunk.js
IP
23.36.79.17:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (65462)
Size
66 kB (66502 bytes)
Hash
524812952e0af015a7b1f7621b66446d
52de20770b835fc95c42ee8fb8c929ce889f1f41
9c6a9bc16e05afce31697dd6ef2530653501be1ea8af90e1905d9949d014a9ba

HTTP Headers

GET /widget/static/js/1.1e075a8f.chunk.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 10 Nov 2022 13:27:43 GMT
x-amz-version-id: o8X.laUPCA4HbBkhv_.0.rtHv1UEzu8S
server: AmazonS3
content-encoding: br
etag: W/"add645219cc09aca44e90ff2cb69482a"
vary: Accept-Encoding
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: wQvKSpsPRy26in0iJkcMTYfNv8UaYE7ghU0BTCtCVHFylj64oG5eMQ==
content-length: 66502
cache-control: max-age=31536000
expires: Tue, 28 Nov 2023 04:33:05 GMT
date: Mon, 28 Nov 2022 04:33:05 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
X-Firefox-Spdy: h2

cdn.livechatinc.com/widget/static/js/iframe.5a8c73ef.chunk.js

23.36.79.17

200 OK

207 kB

URL HTTP/2
cdn.livechatinc.com/widget/static/js/iframe.5a8c73ef.chunk.js
IP
23.36.79.17:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (65457)
Size
207 kB (206714 bytes)
Hash
4188f7d23693109a8a83746654a64be3
7cd1125e94ce76ba9eaeacd9b38b9bf7963e992a
5c1349e2f2eef1ea43dcfca2892abb2a1eff393f4214a08488d132c4b4a39284

HTTP Headers

GET /widget/static/js/iframe.5a8c73ef.chunk.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 17 Nov 2022 13:08:45 GMT
x-amz-version-id: P0PTNAbmnutUEWx5JwIuKC0qV1oD8pjU
server: AmazonS3
content-encoding: br
etag: W/"662ab831ab34600ffa4072f565bdfd64"
vary: Accept-Encoding
x-amz-cf-pop: AMS54-C1
x-amz-cf-id: 1Ip4wPazEkF_uHKhUPZDS0tSsxvZSsZmEMk6Zoy43CtXbndWYhSu6A==
content-length: 206714
cache-control: max-age=31536000
expires: Tue, 28 Nov 2023 04:33:05 GMT
date: Mon, 28 Nov 2022 04:33:05 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
X-Firefox-Spdy: h2

cdn.livechatinc.com/widget/o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2

23.36.79.17

200 OK

13 kB

URL HTTP/2
cdn.livechatinc.com/widget/o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2
IP
23.36.79.17:0
ASN
#20940 Akamai International B.V.

File type
Web Open Font Format (Version 2), TrueType, length 12852, version 1.0\012- data
Size
13 kB (12852 bytes)
Hash
3b5df7e947d77201eaf22f3dbdac08cc
21989ca07e4afe32d48982b816b8fac85ce3e668
4a46d61a9aed90cea010dbabcdb510b9ceff1b729a06b169cdbe142f66cbc86f

HTTP Headers

GET /widget/o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2 HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://secure.livechatinc.com
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
content-type: application/octet-stream
content-length: 12852
last-modified: Tue, 18 Oct 2022 07:22:37 GMT
etag: "3b5df7e947d77201eaf22f3dbdac08cc"
x-amz-version-id: 4jMtpmrTh3NU2il.eSSLRODO9UYgvJk9
accept-ranges: bytes
server: AmazonS3
x-amz-cf-pop: HAM50-C2
x-amz-cf-id: KM8abeyaVeSEIxlLTJcUkoNH7_q4l1PlUQolOkL0_K8Ml-Hn8lULcg==
cache-control: max-age=31536000
expires: Tue, 28 Nov 2023 04:33:05 GMT
date: Mon, 28 Nov 2022 04:33:05 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2

cdn.livechatinc.com/widget/o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2

23.36.79.17

200 OK

13 kB

URL HTTP/2
cdn.livechatinc.com/widget/o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2
IP
23.36.79.17:0
ASN
#20940 Akamai International B.V.

File type
Web Open Font Format (Version 2), TrueType, length 12688, version 1.0\012- data
Size
13 kB (12688 bytes)
Hash
d9f5998f47f6f22cb66e7dbf428c76ab
86b993baf91f867a03ea62e0d0adc9488530efaa
e94ba9c6df7a149b4b3c590bcc484ce24ce7c0f15c6f7f43479035a6311211d6

HTTP Headers

GET /widget/o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2 HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://secure.livechatinc.com
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
content-type: application/octet-stream
content-length: 12688
last-modified: Tue, 18 Oct 2022 07:22:38 GMT
etag: "d9f5998f47f6f22cb66e7dbf428c76ab"
x-amz-version-id: msVoGOeEvv4rBAjmPT.bOOY9QhLnYq.K
accept-ranges: bytes
server: AmazonS3
x-amz-cf-pop: HAM50-P2
x-amz-cf-id: X3prfpUvaSuujXUioKllfbrWJRSujJaRcEeTIItJqtcJgekTOM8gKw==
cache-control: max-age=31536000
expires: Tue, 28 Nov 2023 04:33:05 GMT
date: Mon, 28 Nov 2022 04:33:05 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2

api.livechatinc.com/v3.3/customer/rtm/ws?license_id=12108984

23.36.79.17

101 Switching Protocols

0 B

URL HTTP/1.1
api.livechatinc.com/v3.3/customer/rtm/ws?license_id=12108984
IP
23.36.79.17:0
ASN
#20940 Akamai International B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /v3.3/customer/rtm/ws?license_id=12108984 HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://secure.livechatinc.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: K7+WaDIsb2lQ0UbrnLe2Kw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
sec-websocket-accept: 7DXDWe6TQa0JZjJRM4NqLreB/f0=
legacy: 2023-06-30
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://secure.livechatinc.com
Date: Mon, 28 Nov 2022 04:33:05 GMT
Upgrade: websocket
Connection: Upgrade

accounts.livechatinc.com/customer/token

23.36.79.17

200 OK

138 B

URL HTTP/2
accounts.livechatinc.com/customer/token
IP
23.36.79.17:0
ASN
#20940 Akamai International B.V.

File type
JSON data\012- , ASCII text
Size
138 B (138 bytes)
Hash
d21bbeab1e70c9c68611dd48de0ac77e
91ebc22c9701f7f8723ab3cdade6b1b5403cd329
a21f717ff27c2978e9ad07a99ccc3e1eb5f1754613f073e404dab13a385d60e7

HTTP Headers

POST /customer/token HTTP/1.1
Host: accounts.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 190
Origin: https://secure.livechatinc.com
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://secure.livechatinc.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: application/json
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
content-length: 138
date: Mon, 28 Nov 2022 04:33:05 GMT
set-cookie: __lc_cid=c966be59-78f6-447d-70b5-3365449e6cbf; Path=/v2/customer/token; Domain=accounts.livechatinc.com; Expires=Thu, 28 Nov 2024 04:33:05 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None
__lc_cst=1f71f019fa4e78f3a6d3a79af49e8e133203b2b1e8a2a80d91c250b801e130cb0b305a4759c13096bf5b0db6abe2b7ad31121d5f350bcebb58a5b786ead5; Path=/v2/customer/token; Domain=accounts.livechatinc.com; Expires=Thu, 28 Nov 2024 04:33:05 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None
__lc_cid=c966be59-78f6-447d-70b5-3365449e6cbf; Path=/customer/token; Domain=accounts.livechatinc.com; Expires=Thu, 28 Nov 2024 04:33:05 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None
__lc_cst=1f71f019fa4e78f3a6d3a79af49e8e133203b2b1e8a2a80d91c250b801e130cb0b305a4759c13096bf5b0db6abe2b7ad31121d5f350bcebb58a5b786ead5; Path=/customer/token; Domain=accounts.livechatinc.com; Expires=Thu, 28 Nov 2024 04:33:05 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None
__oauth_redirect_detector=counter=1&t=1669610015&tag=7668f797f6cdbf825760b1cc90cfbd4b94f2c448; Path=/; Expires=Mon, 28 Nov 2022 04:33:35 GMT; HttpOnly; Secure; SameSite=None
X-Firefox-Spdy: h2

oxbet.vip/_nuxt/f25dea7.js

172.67.154.71

200 OK

277 kB

URL HTTP/2
oxbet.vip/_nuxt/f25dea7.js
IP
172.67.154.71:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (64427), with no line terminators
Size
277 kB (277245 bytes)
Hash
6af8c03983d0d698b550d9b7b53af8fc
a58cefe8d84b0600266e2df4c99af14db20841cb
32ff1cdeb5097bb366844f6a579272dc2ea230f7c8d1c83d62ac6fcc43520243

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_nuxt/f25dea7.js HTTP/1.1
Host: oxbet.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Cookie: device=desktop; domain=https%3A%2F%2Foxbet.vip; host=oxbet.vip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:05 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Fri, 25 Nov 2022 06:57:48 GMT
etag: W/"123c8-184ad93ffc1"
vary: Accept-Encoding
cf-cache-status: HIT
age: 237896
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kkuS1GO6yJvQTCDE9ZU0Hx1FnslBd3oFCYH7OI5XLALDpXFO0Ks83oS7siqdr6E6gA2TYBhfPDoHZZnQnXu1JwG1fD2317JOQei8hsmZEL5JRcSVP3tk2CN6uNc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7710622b39db0afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.livechatinc.com/widget/o-0NIpQlx3QUlC5A4PNjXhFVatyBx2pqPIif.woff2

23.36.79.17

200 OK

31 kB

URL HTTP/2
cdn.livechatinc.com/widget/o-0NIpQlx3QUlC5A4PNjXhFVatyBx2pqPIif.woff2
IP
23.36.79.17:0
ASN
#20940 Akamai International B.V.

File type
Web Open Font Format (Version 2), TrueType, length 31092, version 1.0\012- data
Size
31 kB (31092 bytes)
Hash
60db5ba869dc04cbfad361ebd964ebdc
1911685d952804398724839d862cfbf431982daa
87b2d47cd6007f42c65723b4b6335fa10e71be023dc834173d2030a6adfba457

HTTP Headers

GET /widget/o-0NIpQlx3QUlC5A4PNjXhFVatyBx2pqPIif.woff2 HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://oxbet.vip
Connection: keep-alive
Referer: https://oxbet.vip/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/octet-stream
content-length: 31092
last-modified: Tue, 18 Oct 2022 07:22:38 GMT
etag: "60db5ba869dc04cbfad361ebd964ebdc"
x-amz-version-id: p2hORrX3gRgWbtlvt4XPbYbyitjzxrDE
accept-ranges: bytes
server: AmazonS3
x-amz-cf-pop: HAM50-C2
x-amz-cf-id: _KSISAERjq7J7xsJVTg0_d1qxQTaSilX5O_4aFpzVbz1SZAwH_hBew==
cache-control: max-age=31536000
expires: Tue, 28 Nov 2023 04:33:06 GMT
date: Mon, 28 Nov 2022 04:33:06 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2

cdn.livechatinc.com/widget/o-0NIpQlx3QUlC5A4PNjXhFVa9yBx2pqPIif.woff2

23.36.79.17

200 OK

4.1 kB

URL HTTP/2
cdn.livechatinc.com/widget/o-0NIpQlx3QUlC5A4PNjXhFVa9yBx2pqPIif.woff2
IP
23.36.79.17:0
ASN
#20940 Akamai International B.V.

File type
Web Open Font Format (Version 2), TrueType, length 4084, version 1.0\012- data
Size
4.1 kB (4084 bytes)
Hash
4259457393bdcc73ba40d89ab3bfda1c
451738e9879bb73e8eb377a73e1b6dc2f8b065c6
1b6ce2206841f52599780cace00b76c31ac5d8ff4344635741c217be888287be

HTTP Headers

GET /widget/o-0NIpQlx3QUlC5A4PNjXhFVa9yBx2pqPIif.woff2 HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://oxbet.vip
Connection: keep-alive
Referer: https://oxbet.vip/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/octet-stream
content-length: 4084
last-modified: Tue, 18 Oct 2022 07:22:38 GMT
etag: "4259457393bdcc73ba40d89ab3bfda1c"
x-amz-version-id: fAI4wAFh.s76yi5ExbzXcu7N049kslhw
accept-ranges: bytes
server: AmazonS3
x-amz-cf-pop: HAM50-P2
x-amz-cf-id: 6NgtbyQD6W3MTfFlTYz4q4GaihRwJHR4ZvP5widntYxZMPS69NojEQ==
cache-control: max-age=31536000
expires: Tue, 28 Nov 2023 04:33:06 GMT
date: Mon, 28 Nov 2022 04:33:06 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2

oxbet.vip/_nuxt/af83af1.js

172.67.154.71

200 OK

35 kB

URL HTTP/2
oxbet.vip/_nuxt/af83af1.js
IP
172.67.154.71:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (42215), with no line terminators
Size
35 kB (35371 bytes)
Hash
40fd43714c30f5bd9067b5e64fda4324
8be1b7384fdb43d9967a4dd59f21459b12945743
957b140465091e427ebc25203a223657c808cd8769b30db0b26e907b9e8ac86c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_nuxt/af83af1.js HTTP/1.1
Host: oxbet.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Cookie: device=desktop; domain=https%3A%2F%2Foxbet.vip; host=oxbet.vip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:05 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Fri, 25 Nov 2022 10:55:45 GMT
etag: W/"a4e7-184ae6dd8e3"
vary: Accept-Encoding
cf-cache-status: HIT
age: 214616
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aqxra3X5oKldAgjlNt7HHRgr%2F5ez%2FiSJ8Ens2sEluWSx7iF%2FIGllj6xu58tAatHC%2BR%2F0YQLffj77z8vjnDMItsb%2B0ubM%2FBHRxDWteyq1Fo8MrEUIUXBGooxoreo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7710622b29d60afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
dfca7620649f18fb4e66872097b71a21
ca3305683da12bf67446b19f93f5fd23f9369573
222485d6298ac56ce9d2af6c844d476effac62e494c4de0496957abbddd2441d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=91319
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:33:07 GMT
Etag: "6382fbba-116"
Expires: Tue, 29 Nov 2022 05:55:06 GMT
Last-Modified: Sun, 27 Nov 2022 05:55:06 GMT
Server: nginx
Content-Length: 278

asset.vergopjt.com/js/app.js?v=1.0.1

104.21.82.102

200 OK

234 kB

URL HTTP/2
asset.vergopjt.com/js/app.js?v=1.0.1
IP
104.21.82.102:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (35714)
Size
234 kB (234022 bytes)
Hash
bc4454ac76a7e1cae3675a1c68e12238
65ffcd403c82fa103232ef68fa142a59b488c6fe
a3e907a15a901eff2b2deedaba3a97849879d241f0a8798126a68a11f068aaf3

HTTP Headers

GET /js/app.js?v=1.0.1 HTTP/1.1
Host: asset.vergopjt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:07 GMT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cf-polished: origSize=867295
etag: W/"62383412-d3bdf"
last-modified: Mon, 21 Mar 2022 08:15:14 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2619070
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tX95DKjusufzu9ZeKra5x1iTwRLxP7oVJxcB9K%2F5kACwK3YHGgILaEqw3Lz3yYlVgR%2B36l9sz9L8R1u3cwLOWSBfkM%2BHAU5nNuraFhEE3DO53Tbi%2BnGqUMKbgCtDrrp2S6CiDs8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77106233ee4eb4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

api-iw.gwapigores.net/glms/v1/jp?_=1669609983303

172.67.188.97

200 OK

5.5 kB

URL HTTP/2
api-iw.gwapigores.net/glms/v1/jp?_=1669609983303
IP
172.67.188.97:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with very long lines (19266), with no line terminators
Size
5.5 kB (5548 bytes)
Hash
b1d9f59ef951c9c38de9788ca92e6123
8668e3f9f60a19644dc1504c18a971c884bacaae
a7f766227f919875db53ea42d63769928cf615fdfdfecc59e6cc42fd4e9b3cde

HTTP Headers

GET /glms/v1/jp?_=1669609983303 HTTP/1.1
Host: api-iw.gwapigores.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://oxbet.vip
Connection: keep-alive
Referer: https://oxbet.vip/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:05 GMT
content-type: application/json; charset=utf-8
x-execution-time: 0.484 ms
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yy5RdJ8tDeSw3KOdRp2kqdy7Gjqj1cA3i1qKlN0GTVq7rHlRMbWuRMByT1dvspwF6zUDJUbepo2Vs1Evfdnbyh3haL3dB3nnTVDu9NrQN%2B3mVie%2FmdsUU6dlPS7sBChDErZyZ3uzjuw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 771062251eb2b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

812 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
812 B (812 bytes)
Hash
1ef836956a823565292d332484b823a8
37bc4470186c9d2cabd42994e51e48c026f7aa17
04d7b5a7ce02b0ade8a7f7a5a110576d68026c6be027830f81868f3241dc6e0f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:33:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-167110571-2&cid=702508860.1669609986&jid=1072196439&gjid=1000437977&_gid=203293583.1669609986&_u=aEDAAUABAAAAACAAI~&z=1470813295

142.251.1.156

200 OK

1 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-167110571-2&cid=702508860.1669609986&jid=1072196439&gjid=1000437977&_gid=203293583.1669609986&_u=aEDAAUABAAAAACAAI~&z=1470813295
IP
142.251.1.156:0
ASN
#15169 GOOGLE

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-167110571-2&cid=702508860.1669609986&jid=1072196439&gjid=1000437977&_gid=203293583.1669609986&_u=aEDAAUABAAAAACAAI~&z=1470813295 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://oxbet.vip
Connection: keep-alive
Referer: https://oxbet.vip/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://oxbet.vip
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 28 Nov 2022 04:33:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
770555aa8a0a52c611bafb289ca8a650
62504cadc49747f328e3c31ad3aa7a740043072c
6317c8530220392b1339be640b8c1181c468ff8e3f3d1d5692b39cb32404216f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:33:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

socket.vergopjt.com/socket.io/?EIO=3&transport=websocket&sid=ddbe5f52-9c58-4518-8f79-2730b6b28afe

172.67.200.40

101 Switching Protocols

0 B

URL HTTP/1.1
socket.vergopjt.com/socket.io/?EIO=3&transport=websocket&sid=ddbe5f52-9c58-4518-8f79-2730b6b28afe
IP
172.67.200.40:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /socket.io/?EIO=3&transport=websocket&sid=ddbe5f52-9c58-4518-8f79-2730b6b28afe HTTP/1.1
Host: socket.vergopjt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://oxbet.vip
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: w4mZuRAtU7N/OZ1R/SJEtQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Date: Mon, 28 Nov 2022 04:33:08 GMT
Connection: upgrade
upgrade: websocket
sec-websocket-accept: AL2UFHhjX1XkqtiZy7D0ID2VTPE=
sec-websocket-extensions: permessage-deflate
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1vmZ%2BtBeK4QcAkkXKsWhn4zb6QUZ20y1t%2BiaRyVL8fiqc%2BKlYzoXFOqyPh2eSfDt9839AriIsaT6Hp9Zh2D%2BvwVxdLYFFgL9Q1JOuyp%2BoFYVnCNHjP9AuofQ5qAhwUlzYd5PaUR2"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 771062388beb1c0a-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

api-iw.gwapigores.net/glms/v1/jp?_=1669609988315

172.67.188.97

200 OK

0 B

URL HTTP/2
api-iw.gwapigores.net/glms/v1/jp?_=1669609988315
IP
172.67.188.97:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /glms/v1/jp?_=1669609988315 HTTP/1.1
Host: api-iw.gwapigores.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Referer: https://oxbet.vip/
Origin: https://oxbet.vip
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:09 GMT
content-type: application/octet-stream
content-length: 0
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept, X-TOKEN
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jXK5%2BDBUTYGHGeWuE%2BijoMBJO0z6tMcAHZsvo8iUWA1NmZ6Zr1B%2FQYQ5oJTpc592sfwxJ%2FLsIxF0HgoiCSYDHoittxT1O1kXlGdcuVWzlQH7PnZVWFxj1XxVjukmKebg%2FOE%2FZLX1Kcs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7710623e0885b4fd-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

oxbet.top/

172.67.169.219

301 Moved Permanently

0 B

URL HTTP/2
oxbet.top/
IP
172.67.169.219:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET / HTTP/1.1
Host: oxbet.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 301 Moved Permanently
date: Mon, 28 Nov 2022 04:33:01 GMT
location: https://oxbet.vip/
cache-control: max-age=3600
expires: Mon, 28 Nov 2022 05:33:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lZC%2BJe%2BKZ26epbrrmalykldC9qcNeOJdWpv5zqiZI3d42RrC%2F2IpVATT9%2FxuoTldQkenQRReK6I77OuhS3w6uByjS%2BFgdj2b8hDr%2BpGlro4NLG6937plBbpweQU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77106211ebe5b51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ox1.oxbetd.com/oxstatic/assets/img/header/icon-new.svg

172.67.147.70

200 OK

0 B

URL HTTP/2
ox1.oxbetd.com/oxstatic/assets/img/header/icon-new.svg
IP
172.67.147.70:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /oxstatic/assets/img/header/icon-new.svg HTTP/1.1
Host: ox1.oxbetd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:03 GMT
content-type: image/svg+xml
last-modified: Sat, 01 Oct 2022 05:06:40 GMT
etag: W/"6337cae0-7d0"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ou91%2BXL35puNfAP3yCMT%2BiEPDVrQNOLMTFZIG%2FEoJGaXzmokGAKlJ%2BzXdza0hC%2B94mdtpVTW06HzdOujd0VJtR1UPk%2FDS%2FM%2BajikCvUJQjgvmDLJXiU3T1%2FM6dtqwA7buQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7710621a1ddc1c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

oxbet.vip/_nuxt/fonts/Mulish-Medium.f58d5bf.ttf

172.67.154.71

200 OK

0 B

URL HTTP/2
oxbet.vip/_nuxt/fonts/Mulish-Medium.f58d5bf.ttf
IP
172.67.154.71:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_nuxt/fonts/Mulish-Medium.f58d5bf.ttf HTTP/1.1
Host: oxbet.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Cookie: device=desktop; domain=https%3A%2F%2Foxbet.vip; host=oxbet.vip
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:03 GMT
content-type: font/ttf
cache-control: public, max-age=31536000
last-modified: Sat, 26 Nov 2022 10:57:13 GMT
etag: W/"1d61c-184b3958bb4"
vary: Accept-Encoding
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ku7mVVIzmfPptR3x930KWxuPFCg6AIRrn8KNkGAKbMdBPoSxoWbzqGP3AjUYwBgkRRcJaaEaTkXCHybnDJ%2FevO%2Ftn4G%2BSEx%2Fm%2F2ZvS3UpJyy7d2p2fG2Gsk6xdc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77106218b805b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

oxbet.vip/assets/img/banner/video-goal-scorer-2.mp4

172.67.154.71

200 OK

0 B

URL HTTP/2
oxbet.vip/assets/img/banner/video-goal-scorer-2.mp4
IP
172.67.154.71:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/img/banner/video-goal-scorer-2.mp4 HTTP/1.1
Host: oxbet.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Cookie: device=desktop; domain=https%3A%2F%2Foxbet.vip; host=oxbet.vip; _ga=GA1.2.702508860.1669609986; _gid=GA1.2.203293583.1669609986; _gat_UA-177224808-1=1; vgmnid=1376.820011000447441669609986914
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:07 GMT
content-type: video/mp4
content-length: 814795
cache-control: public, max-age=14400
last-modified: Sat, 12 Nov 2022 05:20:40 GMT
etag: W/"c6ecb-1846a4864d2"
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZNetb3r6%2FiWcMlmEgOI6Owl6INSWcgT1kYaIREf51U5oOJRYMb0khMbRjA0DCOUXyX8AHPdXQgvL5U%2F4xhfzH6rOw%2FmSfqQHgEZLGTADjtwA1laL4PxS4%2Bka6ss%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771062358cb50afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

oxbet.vip/assets/img/before-logo.svg?v=1

172.67.154.71

200 OK

0 B

URL HTTP/2
oxbet.vip/assets/img/before-logo.svg?v=1
IP
172.67.154.71:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/img/before-logo.svg?v=1 HTTP/1.1
Host: oxbet.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Cookie: device=desktop; domain=https%3A%2F%2Foxbet.vip; host=oxbet.vip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:03 GMT
content-type: image/svg+xml
cache-control: public, max-age=14400
last-modified: Sat, 01 Oct 2022 05:06:40 GMT
etag: W/"13b86-18391f07d15"
vary: Accept-Encoding
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mk%2F%2F5MG%2B5ggrKyKGacKjutRg4SjT14WSPHs5%2F%2F476s%2BKL7NJVG3CwoYpizs1tfZ1Ys4Sa7IptYWiN4Wh7HKlIn2WE6Mxnao%2Fu%2B64%2F9ZPfoOFS0Fzp%2F6CO1goGVo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77106218d833b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

oxbet.vip/assets/img/header/go-lobby.svg

172.67.154.71

200 OK

0 B

URL HTTP/2
oxbet.vip/assets/img/header/go-lobby.svg
IP
172.67.154.71:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/img/header/go-lobby.svg HTTP/1.1
Host: oxbet.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Cookie: device=desktop; domain=https%3A%2F%2Foxbet.vip; host=oxbet.vip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:03 GMT
content-type: image/svg+xml
cache-control: public, max-age=14400
last-modified: Tue, 01 Nov 2022 06:21:48 GMT
etag: W/"1c2-18431da6b54"
vary: Accept-Encoding
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bjtpip2BkG0cbkmy%2FkQgvOxAwUoFqBasfvkmedieDTeDXrKtujHD4A2%2FtfaZPgRvQ7GvUGBOAAdYRTaQMlRPf4BeuObQhBwxu2h2hwjL72BLlrivhiicI0966IU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77106218e843b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

oxbet.vip/assets/img/header/a-sport.svg

172.67.154.71

200 OK

0 B

URL HTTP/2
oxbet.vip/assets/img/header/a-sport.svg
IP
172.67.154.71:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/img/header/a-sport.svg HTTP/1.1
Host: oxbet.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Cookie: device=desktop; domain=https%3A%2F%2Foxbet.vip; host=oxbet.vip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:03 GMT
content-type: image/svg+xml
cache-control: public, max-age=14400
last-modified: Tue, 01 Nov 2022 06:21:48 GMT
etag: W/"199-18431da6b54"
vary: Accept-Encoding
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4BwPMATNwgIMWnCU85cJ%2F8gjS1I%2FwJM2O%2BPbpWsa%2F8fLzZ0wtmi447lIUlSp2l6FAQqY4wU1CR6bPfu9dpdCnlCDtwf5oR35minF5Ii8BqAg5C6%2Bax1VaRoiWlw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77106218d835b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

oxbet.vip/assets/img/header/house-3d.svg

172.67.154.71

200 OK

0 B

URL HTTP/2
oxbet.vip/assets/img/header/house-3d.svg
IP
172.67.154.71:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/img/header/house-3d.svg HTTP/1.1
Host: oxbet.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Cookie: device=desktop; domain=https%3A%2F%2Foxbet.vip; host=oxbet.vip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:03 GMT
content-type: image/svg+xml
cache-control: public, max-age=14400
last-modified: Tue, 01 Nov 2022 06:21:48 GMT
etag: W/"e20-18431da6b54"
vary: Accept-Encoding
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gGuK9jzVfHJ58QKq0WhjayMnwSSb8ckXela83PPALK8HRal7dTaDelyDhyKnuhlDmJkxoVUKqR24z1gRRyl%2F0Kbp7fPLqMvNHrtjeXKDZTBF0Tttij45yQDOoRE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77106218d838b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ox1.oxbetd.com/oxstatic/assets/img/header/label-live.svg

172.67.147.70

200 OK

0 B

URL HTTP/2
ox1.oxbetd.com/oxstatic/assets/img/header/label-live.svg
IP
172.67.147.70:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /oxstatic/assets/img/header/label-live.svg HTTP/1.1
Host: ox1.oxbetd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:03 GMT
content-type: image/svg+xml
last-modified: Sat, 01 Oct 2022 05:06:40 GMT
etag: W/"6337cae0-513"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WqDSNUXQwOiLJUwWg78IQu0%2Fi%2Bu%2F6Wt77k7bNi6smhDm%2BkjwaRUsLGRPWi1YJhnAFXJl4tjwvl8zejf8uQFMczjou%2BwD%2BWo39g1au37eIvRmjTV39t3mB8DD1wWJ%2FeAGJw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7710621a1ddd1c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ox1.oxbetd.com/oxstatic/assets/img/footer/icon-title.svg

172.67.147.70

200 OK

0 B

URL HTTP/2
ox1.oxbetd.com/oxstatic/assets/img/footer/icon-title.svg
IP
172.67.147.70:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /oxstatic/assets/img/footer/icon-title.svg HTTP/1.1
Host: ox1.oxbetd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:03 GMT
content-type: image/svg+xml
last-modified: Sat, 01 Oct 2022 05:06:40 GMT
etag: W/"6337cae0-426"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LKFbLK9tyIZ8zvS09Rbo4Mc2e%2B%2F5BwlF5Yzygx3X49%2FK9It3hNSTGnebLH%2BS1izxVw5WWsvQep%2Fhplh2UBZ54FBsM1B86BUfzynPlvSkoARPLCK0GNEUh6Co%2Bmp9aGv3VQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7710621a1ddf1c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

oxbet.vip/_nuxt/fonts/Mulish-Light.800a9bb.ttf

172.67.154.71

200 OK

0 B

URL HTTP/2
oxbet.vip/_nuxt/fonts/Mulish-Light.800a9bb.ttf
IP
172.67.154.71:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_nuxt/fonts/Mulish-Light.800a9bb.ttf HTTP/1.1
Host: oxbet.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Cookie: device=desktop; domain=https%3A%2F%2Foxbet.vip; host=oxbet.vip
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:03 GMT
content-type: font/ttf
cache-control: public, max-age=31536000
last-modified: Sat, 26 Nov 2022 10:57:13 GMT
etag: W/"1d65c-184b3958bb4"
vary: Accept-Encoding
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qPEj3V5kCYI8VV4rYrw7q3tdVifM%2FPiir40sIP2GNU1bWct9qNP4HhFBVTK84sPpQh1tCxzT5Ryxi2aheBq6sWOr4R%2B7TvC5r8FHwbU2m9gcWcRTg2sSS5%2BdJ2Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77106218bfffb51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

oxbet.vip/assets/img/banner/video-worldcup-mb.mp4

172.67.154.71

206 Partial Content

0 B

URL HTTP/2
oxbet.vip/assets/img/banner/video-worldcup-mb.mp4
IP
172.67.154.71:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/img/banner/video-worldcup-mb.mp4 HTTP/1.1
Host: oxbet.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=410280-
Connection: keep-alive
Referer: https://oxbet.vip/
Cookie: device=desktop; domain=https%3A%2F%2Foxbet.vip; host=oxbet.vip
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/2 206 Partial Content
date: Mon, 28 Nov 2022 04:33:05 GMT
content-type: video/mp4
content-length: 303461
cache-control: public, max-age=14400
last-modified: Wed, 12 Oct 2022 04:50:32 GMT
etag: W/"ae40d-183ca87aba0"
cf-cache-status: REVALIDATED
content-range: bytes 410280-713740/713741
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ir4xv%2BqgXG1dmt5gi3ZiMjMzv4WmoyZMT0QGY1xd0V1PHffztyrpcwBP8XfFQF1ANDHy15p59c96YkpZ8jXzBp36xB2Dy7XHkYTQpwMqZQLArrqRcuMJV5bxAuM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77106229995a0afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

oxbet.vip/assets/img/header/icon-phone.svg

172.67.154.71

200 OK

0 B

URL HTTP/2
oxbet.vip/assets/img/header/icon-phone.svg
IP
172.67.154.71:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/img/header/icon-phone.svg HTTP/1.1
Host: oxbet.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Cookie: device=desktop; domain=https%3A%2F%2Foxbet.vip; host=oxbet.vip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:03 GMT
content-type: image/svg+xml
cache-control: public, max-age=14400
last-modified: Sat, 01 Oct 2022 05:06:40 GMT
etag: W/"1683-18391f07d38"
vary: Accept-Encoding
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ME3zL%2FUWX9tG087UqPoIPcz8Ld5rOlW8l7VP3%2BDpE%2BOKwl0bXCMF67YgOrk2Z5trH6r6sGHMZN6QH5OQYQkuAz59LAxfaQzWNWks3ymDjwFvCyEoO0Yl8ulufY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77106218d834b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ox1.oxbetd.com/oxstatic/assets/img/event/worldcup/play.svg

172.67.147.70

200 OK

0 B

URL HTTP/2
ox1.oxbetd.com/oxstatic/assets/img/event/worldcup/play.svg
IP
172.67.147.70:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /oxstatic/assets/img/event/worldcup/play.svg HTTP/1.1
Host: ox1.oxbetd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:03 GMT
content-type: image/svg+xml
last-modified: Sat, 22 Oct 2022 05:17:44 GMT
etag: W/"63537cf8-1b6"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hOLu%2FC2HDzAl4UdUtxU4uC2K8nGtKq%2BO7aYBATWEFV%2BS2N5%2FuFlxFNx27NBHOGtDSfO3%2BVGWk5PaztDjwS%2BJRKzCOYdKVKsYCKM%2FyJeF4WMfGrCb7hHJ1CnxcNkFRK0LUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7710621a1de51c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

oxbet.vip/_nuxt/fonts/Rowdies-Regular.0d8fa59.ttf

172.67.154.71

200 OK

0 B

URL HTTP/2
oxbet.vip/_nuxt/fonts/Rowdies-Regular.0d8fa59.ttf
IP
172.67.154.71:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_nuxt/fonts/Rowdies-Regular.0d8fa59.ttf HTTP/1.1
Host: oxbet.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Cookie: device=desktop; domain=https%3A%2F%2Foxbet.vip; host=oxbet.vip
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:03 GMT
content-type: font/ttf
cache-control: public, max-age=31536000
last-modified: Sat, 26 Nov 2022 10:57:13 GMT
etag: W/"143b0-184b3958bb5"
vary: Accept-Encoding
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QMRPU45riSgSYMoCG%2BV5KgLTC7IaaVHx6gnsQD4QgGY1oO6rJ8K9XCzLcrtPp%2Fw%2BTZ1XeUkOWjuI6PCloFvn9Uz6LA7QezA3HBHvmY1MNQ8v8dgKY6Gk8fbU4Wc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77106218d827b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

oxbet.vip/_nuxt/fonts/DelaGothicOne-Regular.34724b5.ttf

172.67.154.71

200 OK

0 B

URL HTTP/2
oxbet.vip/_nuxt/fonts/DelaGothicOne-Regular.34724b5.ttf
IP
172.67.154.71:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_nuxt/fonts/DelaGothicOne-Regular.34724b5.ttf HTTP/1.1
Host: oxbet.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Cookie: device=desktop; domain=https%3A%2F%2Foxbet.vip; host=oxbet.vip
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:04 GMT
content-type: font/ttf
cache-control: public, max-age=31536000
last-modified: Sat, 26 Nov 2022 10:57:13 GMT
etag: W/"261f3c-184b3958bbb"
vary: Accept-Encoding
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4mvzZCy4zpQXooYnhSS59YQyb6cd9f3y1dXKOdM%2B1s8SbXhf9TApU7oCh%2FRDyxULpU402hoO796HWbsmB0780RsNxao9%2FBYx78lq2rmWStpA%2F1AJNloPwFTiKJM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77106218d82cb51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

oxbet.vip/_nuxt/fonts/Mulish-Regular.d8529ef.ttf

172.67.154.71

200 OK

0 B

URL HTTP/2
oxbet.vip/_nuxt/fonts/Mulish-Regular.d8529ef.ttf
IP
172.67.154.71:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_nuxt/fonts/Mulish-Regular.d8529ef.ttf HTTP/1.1
Host: oxbet.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Cookie: device=desktop; domain=https%3A%2F%2Foxbet.vip; host=oxbet.vip
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:03 GMT
content-type: font/ttf
cache-control: public, max-age=31536000
last-modified: Sat, 26 Nov 2022 10:57:13 GMT
etag: W/"1d5e4-184b3958bb4"
vary: Accept-Encoding
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1eeNn0e54Y5cN6nLU9q39Xz87VLPYuVVUHadunx743wQ2W9QIZQdXnGIrmo%2F9c4QyFVWsr0s6ZB0ZlTbTDNcuTcEEqOi57ftuVgLOuLU0dyAyZsiLgHGpJtKPRk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77106218b80db51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

oxbet.vip/_nuxt/6581c36.js

172.67.154.71

200 OK

0 B

URL HTTP/2
oxbet.vip/_nuxt/6581c36.js
IP
172.67.154.71:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_nuxt/6581c36.js HTTP/1.1
Host: oxbet.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Cookie: device=desktop; domain=https%3A%2F%2Foxbet.vip; host=oxbet.vip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:02 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Sat, 26 Nov 2022 10:57:13 GMT
etag: W/"513c9-184b3958bc2"
vary: Accept-Encoding
cf-cache-status: HIT
age: 146989
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MClHmwfGoRlzeCGxU3D0UOV90lZ6zRVetRwONoaMNS%2FlJLlma%2FpNnYl3q4ocC1yzxZOr8j8a32u1z%2FXJwc2NoyFHVdf3ked80wIUAiM%2FsPxbhNc4FtiXN%2BMVUi8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 771062187f81b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

oxbet.vip/_nuxt/f9d4736.js

172.67.154.71

200 OK

0 B

URL HTTP/2
oxbet.vip/_nuxt/f9d4736.js
IP
172.67.154.71:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_nuxt/f9d4736.js HTTP/1.1
Host: oxbet.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Cookie: device=desktop; domain=https%3A%2F%2Foxbet.vip; host=oxbet.vip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:02 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Fri, 25 Nov 2022 06:57:48 GMT
etag: W/"1b16eb-184ad93ffc2"
vary: Accept-Encoding
cf-cache-status: HIT
age: 241115
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7vIkyAvnVIX4iEucrHvkDd51SkGayel4wTx7MA%2FHCJcR6elVKGTuh9002O9dApHiXWkhANYYaJLKQNkiz7nBPR%2FVjbeLYCelADmFjubxD%2Bx066IxjAs%2BBluKxYA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 771062187f7cb51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

oxbet.vip/assets/img/header/sexy-casino.svg

172.67.154.71

200 OK

0 B

URL HTTP/2
oxbet.vip/assets/img/header/sexy-casino.svg
IP
172.67.154.71:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/img/header/sexy-casino.svg HTTP/1.1
Host: oxbet.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Cookie: device=desktop; domain=https%3A%2F%2Foxbet.vip; host=oxbet.vip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:03 GMT
content-type: image/svg+xml
cache-control: public, max-age=14400
last-modified: Tue, 01 Nov 2022 06:21:48 GMT
etag: W/"8c8-18431da6b55"
vary: Accept-Encoding
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6IgUjFKZtYKwW%2BebfKYjmfGUwyb4pw0OapJuRGlWL0c1Rw0b30LJoE0UfFmYQIRb2yBXw%2FxHX1861sP7M1kbldx%2Fdr3ZL3DFJsJioCxBfOUeVRfmN%2BW6s%2FlvK1U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77106218e844b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ox1.oxbetd.com/oxstatic/assets/img/event/icon-event.svg

172.67.147.70

200 OK

0 B

URL HTTP/2
ox1.oxbetd.com/oxstatic/assets/img/event/icon-event.svg
IP
172.67.147.70:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /oxstatic/assets/img/event/icon-event.svg HTTP/1.1
Host: ox1.oxbetd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:03 GMT
content-type: image/svg+xml
last-modified: Sat, 01 Oct 2022 05:06:40 GMT
etag: W/"6337cae0-666"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SmVWSJuXHWpWa8%2Fl8YSVxMhMO4gdKYYuUzv%2BOHClYe33qbxJ0JyUlYaIxeLA0oKQCZTVy6CjteUP9eqpCJdgJDG0gwrUbtjZiK6brc9EoUGhfQ%2FZp2JH3j8iTLfU%2FTxT%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7710621a1dde1c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

oxbet.vip/_nuxt/fonts/Mulish-ExtraBold.4f31a7b.ttf

172.67.154.71

200 OK

0 B

URL HTTP/2
oxbet.vip/_nuxt/fonts/Mulish-ExtraBold.4f31a7b.ttf
IP
172.67.154.71:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_nuxt/fonts/Mulish-ExtraBold.4f31a7b.ttf HTTP/1.1
Host: oxbet.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Cookie: device=desktop; domain=https%3A%2F%2Foxbet.vip; host=oxbet.vip
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:03 GMT
content-type: font/ttf
cache-control: public, max-age=31536000
last-modified: Sat, 26 Nov 2022 10:57:13 GMT
etag: W/"1d600-184b3958bb4"
vary: Accept-Encoding
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VJG1KohW12dabarmKZsVvppph3v3YYTTgQfd0VroaLqX1Cksh151tJ2SvyWkkknqbUe7vwjrXjj7faeJriiH95tkTjuK1K%2BhPMZ%2BY3FwqhqqIgnqh5f2D2j637s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 771062189fe0b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

oxbet.vip/_nuxt/fonts/Mulish-SemiBold.8185e68.ttf

172.67.154.71

200 OK

0 B

URL HTTP/2
oxbet.vip/_nuxt/fonts/Mulish-SemiBold.8185e68.ttf
IP
172.67.154.71:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_nuxt/fonts/Mulish-SemiBold.8185e68.ttf HTTP/1.1
Host: oxbet.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Cookie: device=desktop; domain=https%3A%2F%2Foxbet.vip; host=oxbet.vip
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:03 GMT
content-type: font/ttf
cache-control: public, max-age=31536000
last-modified: Sat, 26 Nov 2022 10:57:13 GMT
etag: W/"1d62c-184b3958bb5"
vary: Accept-Encoding
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xHX1LJN%2F4bn%2BkWhJmQQ%2F%2F3alNtCbZBprd3UGIUgve54JRlRGPu6oQOVGAdsJa476J8cui9dnUXkmNpDI9ZPxfw134x%2BnplacJjWyxUyIHI8owtnd%2Bh3eLdkTftU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77106218c818b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

oxbet.vip/assets/img/header/e-sport.svg

172.67.154.71

200 OK

0 B

URL HTTP/2
oxbet.vip/assets/img/header/e-sport.svg
IP
172.67.154.71:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/img/header/e-sport.svg HTTP/1.1
Host: oxbet.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Cookie: device=desktop; domain=https%3A%2F%2Foxbet.vip; host=oxbet.vip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:03 GMT
content-type: image/svg+xml
cache-control: public, max-age=14400
last-modified: Tue, 01 Nov 2022 06:21:48 GMT
etag: W/"165-18431da6b54"
vary: Accept-Encoding
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9XWtdspw7%2FJxV5SgcNamM2Hzk3yhYGQa0qPl24aHHdjNsTEALxNA2q4X6xDXotrcnyv5zIVxyTzR8FzwYaUvi3vCDaThOUEYrnE3XqO5d7US%2BZUYZquADgWxcDk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77106218d836b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

oxbet.vip/assets/img/header/e-sports.svg

172.67.154.71

200 OK

0 B

URL HTTP/2
oxbet.vip/assets/img/header/e-sports.svg
IP
172.67.154.71:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/img/header/e-sports.svg HTTP/1.1
Host: oxbet.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Cookie: device=desktop; domain=https%3A%2F%2Foxbet.vip; host=oxbet.vip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:03 GMT
content-type: image/svg+xml
cache-control: public, max-age=14400
last-modified: Tue, 01 Nov 2022 06:21:48 GMT
etag: W/"647-18431da6b54"
vary: Accept-Encoding
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hu4v9NaNQWNCJ8Y2ar0Rfaa1adrnLyBSk1yMlq2e9QGpRd0nhmWoLZhS%2Bi3YLSfuLSbkCmoNbrNDbr7jvTNRNMQhaCYAy5pj7yydsZI5Z7lHYZGrE4kuRC26K9k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77106218e83fb51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

oxbet.vip/_nuxt/fonts/Mulish-ExtraLight.94f4f51.ttf

172.67.154.71

200 OK

0 B

URL HTTP/2
oxbet.vip/_nuxt/fonts/Mulish-ExtraLight.94f4f51.ttf
IP
172.67.154.71:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_nuxt/fonts/Mulish-ExtraLight.94f4f51.ttf HTTP/1.1
Host: oxbet.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Cookie: device=desktop; domain=https%3A%2F%2Foxbet.vip; host=oxbet.vip
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:03 GMT
content-type: font/ttf
cache-control: public, max-age=31536000
last-modified: Sat, 26 Nov 2022 10:57:13 GMT
etag: W/"1d60c-184b3958bb4"
vary: Accept-Encoding
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q10hvMPJFHOtFZAzDkyfXUMfv%2F%2FVpcaxBHNpHsOS4akFxyrE8871XnLy85yHYsRDX9T2B99P9r%2FpZfOH1kvMCRkYQDxl2eevXfoFFTm3mwnjnGp4gMu7uCof3pk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77106218b801b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

socket.vergopjt.com/socket.io/?EIO=3&transport=polling&t=OIyWfuu&sid=ddbe5f52-9c58-4518-8f79-2730b6b28afe

172.67.200.40

200 OK

0 B

URL HTTP/2
socket.vergopjt.com/socket.io/?EIO=3&transport=polling&t=OIyWfuu&sid=ddbe5f52-9c58-4518-8f79-2730b6b28afe
IP
172.67.200.40:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /socket.io/?EIO=3&transport=polling&t=OIyWfuu&sid=ddbe5f52-9c58-4518-8f79-2730b6b28afe HTTP/1.1
Host: socket.vergopjt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://oxbet.vip
Connection: keep-alive
Referer: https://oxbet.vip/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:08 GMT
content-type: application/octet-stream
set-cookie: io=ddbe5f52-9c58-4518-8f79-2730b6b28afe
access-control-allow-origin: https://oxbet.vip
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3eXzfg%2FqLx%2Bz5yFqEGJHo2uaRudJjtbI56VS%2FsFHaj9itJGByrdtRbVFgWjx4LuV5Kskr%2BVqmJWvh6S5F%2B6equhhpeAMaoCDo0ATzeGtWcrZY85dv%2BYe%2BGdDyK%2BbpQtmeAzeXAC6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77106239c887b521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

oxbet.vip/_nuxt/fonts/Mulish-Bold.1155f3a.ttf

172.67.154.71

200 OK

0 B

URL HTTP/2
oxbet.vip/_nuxt/fonts/Mulish-Bold.1155f3a.ttf
IP
172.67.154.71:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_nuxt/fonts/Mulish-Bold.1155f3a.ttf HTTP/1.1
Host: oxbet.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Cookie: device=desktop; domain=https%3A%2F%2Foxbet.vip; host=oxbet.vip
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:03 GMT
content-type: font/ttf
cache-control: public, max-age=31536000
last-modified: Sat, 26 Nov 2022 10:57:13 GMT
etag: W/"1d550-184b3958bb3"
vary: Accept-Encoding
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pU2ljgiqex8nP8m4ffPq%2BfQvUUzph6RehLZNl2iUiJkuzgzqb9aKJ6aNFdMErGh%2Bf3vaG1s5sRaxW3lZy91ji2V3XdGkwn2%2BpCaN90kvXu%2BKriTtKAHVBfNC8DI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 771062189fccb51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

oxbet.vip/_nuxt/2da1369d363af6cf3784.pages/worldcup.css

172.67.154.71

200 OK

0 B

URL HTTP/2
oxbet.vip/_nuxt/2da1369d363af6cf3784.pages/worldcup.css
IP
172.67.154.71:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_nuxt/2da1369d363af6cf3784.pages/worldcup.css HTTP/1.1
Host: oxbet.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Cookie: device=desktop; domain=https%3A%2F%2Foxbet.vip; host=oxbet.vip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:05 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Sat, 26 Nov 2022 10:57:13 GMT
etag: W/"ae4-184b3958bce"
vary: Accept-Encoding
cf-cache-status: HIT
age: 146987
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MtchemAp%2Fh2SisfSDUZJwNLz%2Bjn0jycJOV661XO5fQyKYsGVjGftRGukf3vp%2B6qq2MEOrsB%2FgYbb1EriReHPmK%2BMLSGhKURQ6EzYcKhnN2eubDakXjFxfgDRCXQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7710622b39da0afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

oxbet.vip/assets/img/header/esport.svg

172.67.154.71

200 OK

0 B

URL HTTP/2
oxbet.vip/assets/img/header/esport.svg
IP
172.67.154.71:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/img/header/esport.svg HTTP/1.1
Host: oxbet.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Cookie: device=desktop; domain=https%3A%2F%2Foxbet.vip; host=oxbet.vip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:03 GMT
content-type: image/svg+xml
cache-control: public, max-age=14400
last-modified: Tue, 01 Nov 2022 06:21:48 GMT
etag: W/"e69-18431da6b54"
vary: Accept-Encoding
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F4q24047vA7ygqh3v%2BKMap5Ubg4a02qNXPp9g4%2Fo575cmJXokgSDHxLTTkhPcxYNMKGaEw3Ckk5CQ4QKEzApLCgYgWWcK1rg2Ncr3D6f%2BAo6IuSFV5xzd3N0EDk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77106218d839b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

oxbet.vip/_nuxt/fonts/UTMTallingBold.e26c826.ttf

172.67.154.71

200 OK

0 B

URL HTTP/2
oxbet.vip/_nuxt/fonts/UTMTallingBold.e26c826.ttf
IP
172.67.154.71:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_nuxt/fonts/UTMTallingBold.e26c826.ttf HTTP/1.1
Host: oxbet.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Cookie: device=desktop; domain=https%3A%2F%2Foxbet.vip; host=oxbet.vip
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:03 GMT
content-type: font/ttf
cache-control: public, max-age=31536000
last-modified: Sat, 26 Nov 2022 10:57:13 GMT
etag: W/"7b38-184b3958bb3"
vary: Accept-Encoding
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6ZomGOP6KxZjsdzArby8ljuSR6js5GPh3l8e4rJJPBNlyqAQt5cXUVAiql00Z20oh%2FeDDUoe9Xm0bQUZN3dRrOqbIz9luVmjWgUYXzJ2%2Bf2EuqZ8ph9xx3639Q8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 771062188f95b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ox1.oxbetd.com/oxstatic/assets/img/header/icon-hot.svg

172.67.147.70

200 OK

0 B

URL HTTP/2
ox1.oxbetd.com/oxstatic/assets/img/header/icon-hot.svg
IP
172.67.147.70:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /oxstatic/assets/img/header/icon-hot.svg HTTP/1.1
Host: ox1.oxbetd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:03 GMT
content-type: image/svg+xml
last-modified: Sat, 01 Oct 2022 05:06:40 GMT
etag: W/"6337cae0-b5b"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hCgKI1fhh0zlmFVgxZKHBf0HpzM6LqY39mpiyd%2FQjoVqCC9LF%2BR4DdYz0pqUJYTvqmEw3y2y8qfG0s92x%2FikCJdIZFm2ZQ%2FbcxXoYlq4FhUz7JxuUhtwixO%2FCRgtjSELVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7710621a1ddb1c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

oxbet.vip/_nuxt/fonts/Mulish-Black.e5311e6.ttf

172.67.154.71

200 OK

0 B

URL HTTP/2
oxbet.vip/_nuxt/fonts/Mulish-Black.e5311e6.ttf
IP
172.67.154.71:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_nuxt/fonts/Mulish-Black.e5311e6.ttf HTTP/1.1
Host: oxbet.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Cookie: device=desktop; domain=https%3A%2F%2Foxbet.vip; host=oxbet.vip
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:03 GMT
content-type: font/ttf
cache-control: public, max-age=31536000
last-modified: Sat, 26 Nov 2022 10:57:13 GMT
etag: W/"1d5e4-184b3958bb4"
vary: Accept-Encoding
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=McZ%2BUUPXPk7VssBsb6Iy%2FUsOJcoekqJ8Nnwm2PmMcqRY7uowD1ChgEAjM8cKpxXQlmS0gztm8OxLrFOUg9UZwD%2B14gnOxzOupVOZyzSR89bBs3JKmgXZXw5MTDM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 771062189fdeb51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

oxbet.vip/_nuxt/2da1369d363af6cf3784.pages/goal-scorer.css

172.67.154.71

200 OK

0 B

URL HTTP/2
oxbet.vip/_nuxt/2da1369d363af6cf3784.pages/goal-scorer.css
IP
172.67.154.71:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_nuxt/2da1369d363af6cf3784.pages/goal-scorer.css HTTP/1.1
Host: oxbet.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Cookie: device=desktop; domain=https%3A%2F%2Foxbet.vip; host=oxbet.vip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:05 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Sat, 26 Nov 2022 10:57:13 GMT
etag: W/"acc-184b3958bc4"
vary: Accept-Encoding
cf-cache-status: HIT
age: 146987
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jKVC%2FNZlWw7O76IB77o0oZEIGI2a35umMJkq3%2FRSN8heLZUqPDAK3YumEjb7rXQbttTiLh8MTQyikiVHjFIHipCos%2B8kxJlX3l0zWpKLUjrJrkGA13sBAlKs%2B1M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7710622b29d80afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Muli:ital,wght@0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap%7CMulish:ital,wght@0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Muli:ital,wght@0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap%7CMulish:ital,wght@0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Muli:ital,wght@0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap%7CMulish:ital,wght@0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 28 Nov 2022 04:33:03 GMT
date: Mon, 28 Nov 2022 04:33:03 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

oxbet.vip/assets/img/header/k-sport.svg

172.67.154.71

200 OK

0 B

URL HTTP/2
oxbet.vip/assets/img/header/k-sport.svg
IP
172.67.154.71:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/img/header/k-sport.svg HTTP/1.1
Host: oxbet.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Cookie: device=desktop; domain=https%3A%2F%2Foxbet.vip; host=oxbet.vip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:03 GMT
content-type: image/svg+xml
cache-control: public, max-age=14400
last-modified: Tue, 01 Nov 2022 06:21:48 GMT
etag: W/"22c-18431da6b55"
vary: Accept-Encoding
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y5lDeo6noOFcLspti7neFaiWvgHCoD7bd9TQ0NSPe2svSNgmsMJuK0L0Q3GrC7CVq29Ddmcmxjl9quoRtIIapt1FIM%2BDrRM3vqG8m2FCqynfQfMlAGe49dHpBvA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77106218d837b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

oxbet.vip/_nuxt/fonts/UTMTalling.9cbbfe9.ttf

172.67.154.71

200 OK

0 B

URL HTTP/2
oxbet.vip/_nuxt/fonts/UTMTalling.9cbbfe9.ttf
IP
172.67.154.71:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_nuxt/fonts/UTMTalling.9cbbfe9.ttf HTTP/1.1
Host: oxbet.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Cookie: device=desktop; domain=https%3A%2F%2Foxbet.vip; host=oxbet.vip
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:03 GMT
content-type: font/ttf
cache-control: public, max-age=31536000
last-modified: Sat, 26 Nov 2022 10:57:13 GMT
etag: W/"7900-184b3958bb3"
vary: Accept-Encoding
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k7yOTMKI60xWEV2uYsu7hQSeSzEULVNg2R7t91ujF5F4jg%2FK8ncI0cgbmHNmytZcqXs0fjqJVRJnq6K9mBBxuqvJq1f0XMkbyI5weTazAnagJ%2Bcy%2Fj76FbT1hG8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 771062187f88b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ox1.oxbetd.com/oxstatic/assets/img/footer/icon-gmail.svg

172.67.147.70

200 OK

0 B

URL HTTP/2
ox1.oxbetd.com/oxstatic/assets/img/footer/icon-gmail.svg
IP
172.67.147.70:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /oxstatic/assets/img/footer/icon-gmail.svg HTTP/1.1
Host: ox1.oxbetd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:03 GMT
content-type: image/svg+xml
last-modified: Sat, 01 Oct 2022 05:06:40 GMT
etag: W/"6337cae0-2cb"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uiG28Iz2TumN2fkf%2FzXgt2%2BRnDcO2tPZ32bI5083tNAkU5kXbwY2N1d5c8yusd8VYSG9bZLdGEDkSqI9kJ8ZeqiAMBGWMYSs76LX4O5lSkVR6uATc%2BPIejMxoUjBxTEMQw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7710621a1de11c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

oxbet.vip/_nuxt/fonts/Rowdies-Bold.6db5b84.ttf

172.67.154.71

200 OK

0 B

URL HTTP/2
oxbet.vip/_nuxt/fonts/Rowdies-Bold.6db5b84.ttf
IP
172.67.154.71:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /_nuxt/fonts/Rowdies-Bold.6db5b84.ttf HTTP/1.1
Host: oxbet.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oxbet.vip/
Cookie: device=desktop; domain=https%3A%2F%2Foxbet.vip; host=oxbet.vip
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:33:03 GMT
content-type: font/ttf
cache-control: public, max-age=31536000
last-modified: Sat, 26 Nov 2022 10:57:13 GMT
etag: W/"14354-184b3958bb5"
vary: Accept-Encoding
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uv%2FZbfpRwrPY8EYdOi0esRAjFZD4qBjBQPR4LaUc5RQ5BFeBm%2FGDX7BeLk%2B48Plf2QqRbFY%2B65Iw%2F2diF7WQeYA61vgjNj4zO9oAM5qO6ssymLzis1Ts8zNhW30%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77106218c81ab51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (33)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations