Report - mkkuei4kdsz.com/855/917.html

Report Overview

Submitted URL
mkkuei4kdsz.com/855/917.html
IP
64.225.91.73
ASN
#14061 DIGITALOCEAN-ASN
Submitted
2023-01-29 17:01:37
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
16

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
stats.g.doubleclick.net	96	2013-06-10T22:21:11Z	2023-03-13T08:02:41Z	1.1 kB	1.0 kB	173.194.221.155
www.google.com	7	2015-05-10T13:11:19Z	2023-03-13T06:40:43Z	1.0 kB	1.2 kB	216.58.207.228
mkkuei4kdsz.com	unknown	2012-11-29T21:21:30Z	2023-03-13T05:18:04Z	673 B	1.1 kB	64.225.91.73
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	3.4 kB	8.9 kB	95.101.11.115
img.sedoparking.com	54200	2013-04-23T00:23:29Z	2023-03-13T05:39:39Z	322 B	4.8 kB	205.234.175.175
link.affiliates.cyber.bet	unknown	2022-05-23T16:23:27Z	2023-03-13T06:01:56Z	582 B	1.0 kB	172.66.43.156
ajax.googleapis.com	12905	2013-08-16T11:51:31Z	2023-03-13T08:37:09Z	385 B	32 kB	142.250.74.42
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-13T08:44:36Z	1.4 kB	50 kB	216.58.207.227
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	5.8 kB	12 kB	216.58.211.3
cdn.jsdelivr.net	439	2012-09-30T02:15:09Z	2023-03-13T06:17:54Z	395 B	16 kB	104.16.88.20
backend.cyberbet.academy	unknown	2020-06-11T19:59:41Z	2023-03-07T08:21:53Z	1.9 kB	4.0 kB	34.254.83.154
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	56 kB	34.120.237.76
xml.sedodna.com	278378	2020-10-22T10:18:03Z	2023-03-13T05:42:37Z	406 B	278 B	173.239.53.32
my.rtmark.net	9054	2015-02-04T10:54:57Z	2023-03-13T05:11:40Z	1.2 kB	1.9 kB	139.45.195.8
domaincntrol.com	274993	2018-01-06T23:46:59Z	2023-03-13T08:48:52Z	467 B	593 B	172.67.68.176
region1.analytics.google.com	unknown	2022-03-17T12:26:33Z	2023-03-13T05:11:52Z	998 B	440 B	216.239.34.36
ps.l.admedo.com	79900	2018-09-04T05:24:56Z	2023-03-08T08:11:09Z	409 B	735 B	54.230.111.97
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-13T08:14:31Z	430 B	630 B	142.250.74.138
ww2.mkkuei4kdsz.com	unknown	2022-01-21T15:07:05Z	2023-03-13T05:42:34Z	2.6 kB	3.8 kB	64.190.63.136
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-13T08:28:24Z	375 B	73 kB	142.250.74.40
pj.l.admedo.com	81464	2018-08-31T03:52:54Z	2023-03-10T08:21:27Z	366 B	2.5 kB	54.230.111.48
static.cyber.bet	unknown	2020-10-09T19:12:55Z	2023-03-07T08:21:53Z	7.8 kB	12 kB	172.66.43.156
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
cdnjs.cloudflare.com	235	2015-04-17T22:46:33Z	2023-03-13T05:09:21Z	420 B	29 kB	104.17.25.14
orest-vlv.com	unknown	2023-01-16T11:21:19Z	2023-03-13T02:10:56Z	1.6 kB	3.8 kB	52.7.54.238
xml-v4.gipostart-2.co	unknown	2023-01-25T14:43:19Z	2023-03-12T01:39:09Z	406 B	269 B	173.239.53.32
cyber.bet	658696	2019-03-07T04:37:47Z	2023-03-13T06:02:01Z	8.2 kB	659 kB	172.66.43.156
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-13T07:36:03Z	366 B	21 kB	216.239.36.178
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-13T06:00:13Z	682 B	1.4 kB	93.184.220.29
pool.admedo.com	4728	2014-03-06T15:36:11Z	2023-03-10T19:21:33Z	750 B	775 B	35.210.53.219
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
e1.o.lencr.org	6159	2021-08-20T09:36:30Z	2023-03-13T05:21:46Z	338 B	729 B	23.33.119.27
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	54.149.71.248
cdnstatic.cyber.bet	unknown	2021-04-30T21:09:27Z	2023-03-08T06:52:57Z	7.2 kB	227 kB	54.230.111.71
ocsp.sca1b.amazontrust.com	1015	2017-03-03T16:20:51Z	2019-03-27T05:05:54Z	1.1 kB	2.9 kB	54.230.245.39
www.google.no	25607	2016-04-05T21:50:59Z	2023-03-13T06:26:15Z	476 B	578 B	142.250.74.67

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-01-29	medium	mkkuei4kdsz.com/855/917.html	Malware
2023-01-29	medium	ww2.mkkuei4kdsz.com/	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-01-29	medium	mkkuei4kdsz.com	Sinkholed
2023-01-29	medium	mkkuei4kdsz.com	Sinkholed
2023-01-29	medium	mkkuei4kdsz.com	Sinkholed
2023-01-29	medium	mkkuei4kdsz.com	Sinkholed
2023-01-29	medium	mkkuei4kdsz.com	Sinkholed
2023-01-29	medium	mkkuei4kdsz.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (33)

	URL	Size	First Seen	Last Seen
	www.googletagmanager.com/gtm.js?id=GTM-NR2G4XB	202 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-NR2G4XB IP 142.250.74.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 11:26:28 Last Seen2023-03-13 11:26:28 Times Seen1 Hash 047e70c077415bfd03803c257efad34a 68d8cdac51b30d1638b89018eb472df3a8cb701f 6d6a064ce3f783348c612491efd583b6f0ceb8662496a027f1c0cd9f66ee70e9 Loading...

	my.rtmark.net/p.js?f=sync&lr=1&partner=ba0d5680aec92ed9c5c9da2be8d0e8a3a577866b71c7089a32ed732bc1246910	697 B	2023-03-10	2024-01-26
Pretty URL my.rtmark.net/p.js?f=sync&lr=1&partner=ba0d5680aec92ed9c5c9da2be8d0e8a3a577866b71c7089a32ed732bc1246910 IP 139.45.195.8 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 06:49:08 Last Seen2024-01-26 23:34:58 Times Seen71 Hash bb07e31c2c066db5c4b3259d1f69a442 db79e9d4a817ce703b11b65faf2ba097228063b2 d96b7a3f7fe0803348c6ea7cd2f02b2a3d96feabac2339d2f89033336f6583a8 Loading...

	cdnstatic.cyber.bet/js/libs/phone/intlTelInput.js	88 kB	2023-03-07	2024-04-23
Pretty URL cdnstatic.cyber.bet/js/libs/phone/intlTelInput.js IP 54.230.111.71 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:38:25 Last Seen2024-04-23 14:42:28 Times Seen89 Hash c73ba86bd67306c5889e9aac41e959e0 fff500c277ef00fd6cfc115b5e94f9281ac8d8cc 9b2b5fa78ba1f9424d7e85b0d2f160a8df6068d911dc1cfe26f78fb78d1d7172 Loading...

	pool.admedo.com/pixel?id=148776&t=js	0 B	2023-03-07	2024-04-25
Pretty URL pool.admedo.com/pixel?id=148776&t=js IP 35.210.53.219 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-25 01:28:06 Times Seen37052061 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	ww2.mkkuei4kdsz.com/	1.1 kB	2023-03-13	2023-03-13
Pretty URL ww2.mkkuei4kdsz.com/ IP 64.190.63.136 ASN #47846 SEDO GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 11:26:28 Last Seen2023-03-13 11:26:28 Times Seen1 Hash d1e2c95dcf53620de49f4aff4b4c8fee 4cae763d9bb42b70be19508a742b0e951669ce84 402c8cbdd6cac55389498f739c0c5e5540f16b1004ebc0e2fdc1bf71ac0bd527 Loading...

	cdnstatic.cyber.bet/js/global.js	71 kB	2023-03-10	2023-03-13
Pretty URL cdnstatic.cyber.bet/js/global.js IP 54.230.111.71 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 06:49:08 Last Seen2023-03-13 15:08:47 Times Seen1 Hash 8943965f22a29b6f800a98e0eaed584f 1cfa4c3d79808cce1785967a637819b88a9d11f5 3655c70a4699f50b8ffedcba2985671c7c8788b6a73e665e45515e6b8e69e3db Loading...

	cdnstatic.cyber.bet/js/currencyMapping.js	16 kB	2023-03-10	2023-03-13
Pretty URL cdnstatic.cyber.bet/js/currencyMapping.js IP 54.230.111.71 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 06:49:08 Last Seen2023-03-13 20:30:42 Times Seen1 Hash 2a3d85d14eaeaac04949a29f3c94c548 8d14a1f32ac11f78446fdfb26d24d0944780b626 af9a360f190345d8781bcd1955ca7d5d40c9e8c95f4e096fef7c825500c9b740 Loading...

	cdnstatic.cyber.bet/js/fp.js	533 B	2023-03-10	2023-10-09
Pretty URL cdnstatic.cyber.bet/js/fp.js IP 54.230.111.71 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 06:49:08 Last Seen2023-10-09 15:18:47 Times Seen13 Hash d1abfbe2c5b50e7f427e41c79197dcd3 01f6142a97168fd15da33334c35ce351d676ed08 7266855231eab7a13a11e53e9df50e1c84582649d9708e9a8f72d62e8af8b569 Loading...

	mkkuei4kdsz.com/855/917.html	142 B	2023-03-07	2023-03-17
Pretty URL mkkuei4kdsz.com/855/917.html IP 64.225.91.73 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:05 Last Seen2023-03-17 12:54:28 Times Seen1 Hash 684d594f850e0ad8681baa04fe3e9fbb 44b967e247ad29272305184c4c1536c433fd0f4b a293c4c83524d36d1dbe0da94053a3e4f0fc05479eb9ca1f4652e76373238b21 Loading...

	cdnstatic.cyber.bet/js/payments.js	1.2 kB	2023-03-11	2023-05-19
Pretty URL cdnstatic.cyber.bet/js/payments.js IP 54.230.111.71 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:37:10 Last Seen2023-05-19 19:23:42 Times Seen2 Hash 86e0165b432077320adbf690e339604e 37c74e9724bb46c7596b23bf3df45f64449cb94a f2812c1ded3ff4e7051c5866040b0e90b1dfdf6b3d10588dd200d00199d13ae8 Loading...

	cyber.bet/land/gold_football/?cid=63d6a66a1d24f00001e96706&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_betting&promocode=CYBERMAX300&subid2=&subid3=&aff_bnnr=&aff_land=1616692149	739 B	2023-03-10	2024-01-26
Pretty URL cyber.bet/land/gold_football/?cid=63d6a66a1d24f00001e96706&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_betting&promocode=CYBERMAX300&subid2=&subid3=&aff_bnnr=&aff_land=1616692149 IP 172.66.43.156 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 06:49:08 Last Seen2024-01-26 23:34:57 Times Seen39 Hash dda0c4c5c9e00b5c718403e613cf2d57 dad1499931e90b20118a8ec383e109c61e40f207 c1931e011368966ab988daf963cbbbe32251588a274f432406550ea02f781db0 Loading...

	pj.l.admedo.com/admtracker.lib.min.js	5.4 kB	2023-03-10	2023-05-13
Pretty URL pj.l.admedo.com/admtracker.lib.min.js IP 54.230.111.48 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 06:49:08 Last Seen2023-05-13 12:33:22 Times Seen8 Hash 5a420213029638ecea775a40089898aa 17ca797e031f3383df78562421115476d8ffb00a 412c173f93136f00006d6941a755fc6b84e29ea6a772cd274a668deef3e77dd1 Loading...

	cdnstatic.cyber.bet/js/libs/phone/utils.js	245 kB	2023-03-07	2024-04-18
Pretty URL cdnstatic.cyber.bet/js/libs/phone/utils.js IP 54.230.111.71 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:38:25 Last Seen2024-04-18 11:23:34 Times Seen455 Hash 8f3a2154b225b6257161c4dfc9b89c9c 16b798cbb9e22cd4e1d710a8de7b12734551ca00 acaefecc2a438420ae02baa357bb498ac4abec71c80ba9e3c2b7079cacf256c2 Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js	90 kB	2023-03-07	2024-04-25
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-25 00:40:36 Times Seen139042 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	orest-vlv.com/zcvisitor/91df5fe3-9ff6-11ed-b59a-0a4fc52141e9/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=91f42064-9ff6-11ed-b59a-0a4fc52141e9	849 B	2023-03-13	2023-03-13
Pretty URL orest-vlv.com/zcvisitor/91df5fe3-9ff6-11ed-b59a-0a4fc52141e9/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=91f42064-9ff6-11ed-b59a-0a4fc52141e9 IP 52.7.54.238 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 11:26:28 Last Seen2023-03-13 11:26:28 Times Seen1 Hash f31800b17efebc65b61f0788474f4484 4c46d120cb38f9c00cbddab07edc5478a03565cb 5dba4cab3e869a77fa51315a0aaa4d08513c7f99c8fd9eddfff4245e17070a04 Loading...

	cyber.bet/land/js/locales/base/locales.js	18 kB	2023-03-11	2023-03-13
Pretty URL cyber.bet/land/js/locales/base/locales.js IP 172.66.43.156 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:37:10 Last Seen2023-03-13 20:30:42 Times Seen1 Hash da171d6428ea339c35467233f6059b92 21daf450888f9902edac2386849f1cb2672f52bc 655ab4745a46082bf9d1507abf92be57c1b35be4591a6d1b9fd6fc96f4747c4c Loading...

	orest-vlv.com/zcredirect?visitid=91df5fe3-9ff6-11ed-b59a-0a4fc52141e9&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false	76 B	2023-03-13	2023-03-13
Pretty URL orest-vlv.com/zcredirect?visitid=91df5fe3-9ff6-11ed-b59a-0a4fc52141e9&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false IP 52.7.54.238 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 11:26:28 Last Seen2023-03-13 11:26:28 Times Seen1 Hash d1007c207027e0f0bb09469294b3832b 923e5aa90071990194c6aca4a8f65cb53fd2f882 ac29b9bd2c201fed7fa061318fd1a23abd7edbcf561d9b41d6a9d05ddccd8631 Loading...

	cyber.bet/land/gold_football/?cid=63d6a66a1d24f00001e96706&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_betting&promocode=CYBERMAX300&subid2=&subid3=&aff_bnnr=&aff_land=1616692149	361 B	2023-03-11	2023-03-13
Pretty URL cyber.bet/land/gold_football/?cid=63d6a66a1d24f00001e96706&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_betting&promocode=CYBERMAX300&subid2=&subid3=&aff_bnnr=&aff_land=1616692149 IP 172.66.43.156 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:37:10 Last Seen2023-03-13 20:30:42 Times Seen1 Hash 3cbf10b07991ac2d8d6a179fb9602a72 8f341726913948dfb589ba214e8b46a08d9726ba 09bebddd017c2158b5815526c65988227cb021c77df3951eb2b12634e404c65c Loading...

	www.googletagmanager.com/gtag/destination?id=G-ZK6ZSCE3G7&l=dataLayer&cx=c	223 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtag/destination?id=G-ZK6ZSCE3G7&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 11:26:28 Last Seen2023-03-13 11:26:28 Times Seen1 Hash 2ec2d4ed1e18801af66bd3639f76edc0 12c912d299d3629f4c14fbad10be0b0bb0c08566 c523d49fcfc12f21d9bd2334ef6b9f87571b9d8e8003569cec97631579125aa6 Loading...

	cdnstatic.cyber.bet/js/libs/jquery.nice-select.min.js	2.9 kB	2023-03-07	2024-04-18
Pretty URL cdnstatic.cyber.bet/js/libs/jquery.nice-select.min.js IP 54.230.111.71 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01:42 Last Seen2024-04-18 22:13:37 Times Seen748 Hash 4e2def5093eb4c4281624db4a5aa8f9c c3b8e8919f96d8d34594f111b95586ec28545a36 b73acfa96127f9a41a2c76fcf2196d37ff818460d02d48415770979eb59e4f3a Loading...

	cyber.bet/land/gold_football/?cid=63d6a66a1d24f00001e96706&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_betting&promocode=CYBERMAX300&subid2=&subid3=&aff_bnnr=&aff_land=1616692149	331 B	2023-03-10	2023-10-09
Pretty URL cyber.bet/land/gold_football/?cid=63d6a66a1d24f00001e96706&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_betting&promocode=CYBERMAX300&subid2=&subid3=&aff_bnnr=&aff_land=1616692149 IP 172.66.43.156 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 06:49:08 Last Seen2023-10-09 15:18:47 Times Seen7 Hash b9c3d6bdb1ffaf083e5e1b6358a294c4 d2ff06cef74700843afc99a78e8bc4703de02ade 62c732a98ac2767df6e93c610f50aa9f95f7d8892da7e3c2811a9f002f4316c8 Loading...

	www.googletagmanager.com/gtag/js?id=G-8FYNJV02NV&l=dataLayer&cx=c	217 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtag/js?id=G-8FYNJV02NV&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 11:26:28 Last Seen2023-03-13 11:26:28 Times Seen1 Hash 580ff75154f6635931469c32a16f9a0b 65c1c777d9ca896fe447112a3c2f09f1db3c462d 5006857a1d4ec86a9b9a9b6570f700b149e776dc921a21b3d0f20a9afab3b480 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-12	2024-04-15
Pretty URL www.google-analytics.com/analytics.js IP 216.239.36.178 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:46:21 Last Seen2024-04-15 18:54:35 Times Seen35101 Hash 54e51056211dda674100cc5b323a58ad 26dc5034cb6c7f3bbe061edd37c7fc6006cb835b 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Loading...

	cdnstatic.cyber.bet/js/geoMapping.js	443 B	2023-03-10	2023-10-09
Pretty URL cdnstatic.cyber.bet/js/geoMapping.js IP 54.230.111.71 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 06:49:08 Last Seen2023-10-09 15:18:47 Times Seen12 Hash 2f6043a16c26cde9a190dbb829b5519c 791479cfced1a000ef6411990f1c4bba615b6b4c f9dfb0c2f94be90f2cdeb66286b36cdeb5d8fb0fbb9f28b1e1d3d99a3780306a Loading...

	cyber.bet/land/gold_football/?cid=63d6a66a1d24f00001e96706&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_betting&promocode=CYBERMAX300&subid2=&subid3=&aff_bnnr=&aff_land=1616692149	1.6 kB	2023-03-10	2024-01-26
Pretty URL cyber.bet/land/gold_football/?cid=63d6a66a1d24f00001e96706&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_betting&promocode=CYBERMAX300&subid2=&subid3=&aff_bnnr=&aff_land=1616692149 IP 172.66.43.156 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 06:49:08 Last Seen2024-01-26 23:34:57 Times Seen39 Hash 563c19e863e3315d859414dd57018095 8a7bc9fa92864a5d6cbbceaedd1b5692776627fb 5214dde220113de229b3ea10c1ea4afa3dce510dd4c1deee822534bc62166dd1 Loading...

	cdnstatic.cyber.bet/js/libs/iso3to2.js	4.1 kB	2023-03-10	2023-05-22
Pretty URL cdnstatic.cyber.bet/js/libs/iso3to2.js IP 54.230.111.71 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 06:49:08 Last Seen2023-05-22 14:54:42 Times Seen5 Hash db031116c7888248916813c60a4cce2b 34bf6f00efd8944708b1a819d56cbbbe4715a069 41393b689fa5ab55cc3783118cf6c8eeb8ab4b5972cb4a7736c47837f5b461fd Loading...

		Size	First Seen	Last Seen
	#1 Eval - 0850b953a585b70b1afa351a40444c84	81 B	2023-03-10	2024-01-26
Pretty Observations First Seen2023-03-10 06:49:09 Last Seen2024-01-26 23:34:58 Times Seen39 Hash 0850b953a585b70b1afa351a40444c84 9d81b6cf79a23fafc4f0b5f5077a622fbd88959a 29d16afb11928cf04fe3eb6ec9937a4d7f5321257ce886d2918cb5d09d0cd044 Loading...

	#2 Eval - 14faeed9447073abce7e4bd2df76bd8e	209 B	2023-03-07	2024-04-24
Pretty Observations First Seen2023-03-07 01:32:33 Last Seen2024-04-24 16:00:14 Times Seen283 Hash 14faeed9447073abce7e4bd2df76bd8e b786cd710b75c9d2cd0c54ddfba101030cae0220 0cfc8f57ea174bb9e3a746405077c0156867dc3a2dc5901ae81c4b52e82a80ab Loading...

	#3 Eval - ec5836df6eeba268a0fc3eb8119d3824	65 B	2023-03-10	2024-01-26
Pretty Observations First Seen2023-03-10 06:49:09 Last Seen2024-01-26 23:34:58 Times Seen39 Hash ec5836df6eeba268a0fc3eb8119d3824 df817559287b119c318901c4de5cc04f42c816ef 7c3aab0ec1bedd74fec8eb4338a8ec29d5548db5b99bdc031bcb1b939820711c Loading...

	#4 Eval - 7269d0b2114cacaedb0519b785487922	84 B	2023-03-08	2024-04-24
Pretty Observations First Seen2023-03-08 01:40:31 Last Seen2024-04-24 16:00:14 Times Seen49 Hash 7269d0b2114cacaedb0519b785487922 db531ec467b76eb36dbe13c5a33d7b87099c6107 792f580a888b462212032166a87582b6c764e5a166b54faa0c3fffdfa6a95b1f Loading...

	#5 Eval - c8c66afc783afdaa5ccb23de68b346c3	74 B	2023-03-07	2024-04-10
Pretty Observations First Seen2023-03-07 01:03:02 Last Seen2024-04-10 12:39:55 Times Seen293 Hash c8c66afc783afdaa5ccb23de68b346c3 cb571480a4ffd5ead7677c6e63e5206f6f8d1ee6 a23001dc0a49b03a2c257d85dec6791ab3b81ab3e971cb6e0d38ae1be1473100 Loading...

	#6 Eval - 1bdddf0717a25257dc9b5f41948293bc	82 B	2023-03-10	2024-01-26
Pretty Observations First Seen2023-03-10 06:49:09 Last Seen2024-01-26 23:34:58 Times Seen38 Hash 1bdddf0717a25257dc9b5f41948293bc 7473e1698e1de047889207ef0e7ead943a438873 5cf62f23df0a9958ae85f7aca4742e41cc2193224a7b240b883442442ba0b62d Loading...

	#7 Eval - fea868702356dd2f7073216002d4e759	58 B	2023-03-10	2023-10-09
Pretty Observations First Seen2023-03-10 06:49:08 Last Seen2023-10-09 15:18:47 Times Seen7 Hash fea868702356dd2f7073216002d4e759 3625a96c014974f566f41516b38447929dafb5e4 1d9b92eafcbdd9c3b487de09e8e76b0c25552c9d60daf73cde231b16788b0b83 Loading...

HTTP Transactions (126)

URL IP Response Size

mkkuei4kdsz.com/855/917.html

64.225.91.73

200 OK

329 B

URL HTTP/1.1
mkkuei4kdsz.com/855/917.html
IP
64.225.91.73:0
ASN
#14061 DIGITALOCEAN-ASN

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
329 B (329 bytes)
Hash
ecbcb8bae64098de3e587487b474f8b8
e275409fb40ea27c3826af493f70faf147d0f995
2597a3f2418586d8a9fb0764743a84486ba066c6af3ff194922fb6c65a783688

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /855/917.html HTTP/1.1
Host: mkkuei4kdsz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sun, 29 Jan 2023 17:01:26 GMT
content-type: text/html
last-modified: Wed, 12 Jan 2022 17:20:45 GMT
etag: W/"61df0ded-1ad"
content-encoding: gzip
transfer-encoding: chunked

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5eb7c9bc996a0ff420e58af45526f053
8c2614832b8efe1c9da0bbd465d6f3f172d95a9e
c085cf277dd0429fe15e4a4bce5595636e9f2204d5a8e77220f8bf88adf4068f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C085CF277DD0429FE15E4A4BCE5595636E9F2204D5A8E77220F8BF88ADF4068F"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10365
Expires: Sun, 29 Jan 2023 19:54:11 GMT
Date: Sun, 29 Jan 2023 17:01:26 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3eb88dea4fe00db1182370e72683c3ab
ca520abf1e91bfd2aef40c6a1270a911071e8922
d8083ee567c7b3023111dc30f32c94237df7db30d4d2daaea0a569e8a3069ad7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8083EE567C7B3023111DC30F32C94237DF7DB30D4D2DAAEA0A569E8A3069AD7"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12592
Expires: Sun, 29 Jan 2023 20:31:18 GMT
Date: Sun, 29 Jan 2023 17:01:26 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 29 Jan 2023 16:35:38 GMT
content-type: application/json
age: 1548
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
302c7548412192add063ad6c8b99cf3b
e5d178931a27db036ce8daae302594d3ff7050b8
fc2bd9091006189e67e8074093805ee5492ce16e1dbfba32e083abeeae34969d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC2BD9091006189E67E8074093805EE5492CE16E1DBFBA32E083ABEEAE34969D"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14324
Expires: Sun, 29 Jan 2023 21:00:10 GMT
Date: Sun, 29 Jan 2023 17:01:26 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: rJcQVFRFGXPTZ3cxuLiGyPCMrjKoPveHHNgnml+oQI/x5oNmylFTywqAFJHI54RPteNEBX7z1JA=
x-amz-request-id: 29NGM2VWPBXFT1HT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 29 Jan 2023 16:21:27 GMT
age: 2399
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 17:01:26 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js

104.17.25.14

200 OK

28 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65451)
Size
28 kB (27958 bytes)
Hash
4b5f47439b640180cc3450f7de05d0d8
5a0dc9bcab80ddc409dd35fcb00a88fe6846fee2
1f85e8b327f42c17c025d69849914068536d9aa95412fe473ae90ffb2f4ebd82

HTTP Headers

GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://mkkuei4kdsz.com
Connection: keep-alive
Referer: http://mkkuei4kdsz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 29 Jan 2023 17:01:26 GMT
content-type: application/javascript; charset=utf-8
content-length: 27958
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb09ed3-15d84"
last-modified: Mon, 04 May 2020 23:01:39 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 858145
expires: Fri, 19 Jan 2024 17:01:26 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q3Q2bObORhBy5PZL5zgnDK88tneBQT0KpsuKXhwubFU9m2cN%2FO3cE12Kl2NnVwgnWSlQMB3SL%2Bdo2tHNCvEuI7TVOCmTa9sad7uY9ySo0b8EkhnJzgQM2%2Bzly%2BMY4FH9AplSKW6t"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 791387a09cb20b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.33.119.27

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
7606335b395869127492388d1ef407a0
94ced6cbf710bac4b73cd79a95894098e859ff88
7dd5743ffb450380aa49f90d6815cd7d7b149881d887fb49162416c774af193e

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "7DD5743FFB450380AA49F90D6815CD7D7B149881D887FB49162416C774AF193E"
Last-Modified: Sat, 28 Jan 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12184
Expires: Sun, 29 Jan 2023 20:24:30 GMT
Date: Sun, 29 Jan 2023 17:01:26 GMT
Connection: keep-alive

mkkuei4kdsz.com/favicon.ico

64.225.91.73

200 OK

329 B

URL HTTP/1.1
mkkuei4kdsz.com/favicon.ico
IP
64.225.91.73:0
ASN
#14061 DIGITALOCEAN-ASN

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
329 B (329 bytes)
Hash
ecbcb8bae64098de3e587487b474f8b8
e275409fb40ea27c3826af493f70faf147d0f995
2597a3f2418586d8a9fb0764743a84486ba066c6af3ff194922fb6c65a783688

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: mkkuei4kdsz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mkkuei4kdsz.com/855/917.html

HTTP/1.1 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sun, 29 Jan 2023 17:01:26 GMT
content-type: text/html
last-modified: Wed, 12 Jan 2022 17:20:45 GMT
etag: W/"61df0ded-1ad"
content-encoding: gzip
transfer-encoding: chunked

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Last-Modified, ETag, Content-Length, Expires, Cache-Control, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 29 Jan 2023 16:41:41 GMT
age: 1185
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

domaincntrol.com/?orighost=http://mkkuei4kdsz.com/855/917.html

172.67.68.176

200 OK

28 B

URL HTTP/2
domaincntrol.com/?orighost=http://mkkuei4kdsz.com/855/917.html
IP
172.67.68.176:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
28 B (28 bytes)
Hash
7aae16ed70d2e07943585bbb1cd02b55
3209123510c034e6e38ca45edf14307f1375a8f5
51bfb53a70df6adc48f0670be59a16a657ab5a2bafc176973a32d5c36a4fc5d3

HTTP Headers

GET /?orighost=http://mkkuei4kdsz.com/855/917.html HTTP/1.1
Host: domaincntrol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://mkkuei4kdsz.com
Connection: keep-alive
Referer: http://mkkuei4kdsz.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 29 Jan 2023 17:01:27 GMT
content-type: text/javascript;charset=UTF-8
content-length: 28
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XgAGnUX089gtGOm8tJ4PQKwJ4DHnHpuKhFeLLjO8Eo9OPhH82UJfBJs7TdUEYFdUdTxNjxk7JuumRKzGaWw%2Bl%2Bf2C4kPQh48BGzAZeQuneTY3U8QuuzzzzzRTmWqoS7X17A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791387a22a410b65-OSL
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
16a7b6a7128312e2f985d30df18c4487
6017bff79ffb525d9c7f9f32b999b74b5dc69602
663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16"
Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11184
Expires: Sun, 29 Jan 2023 20:07:51 GMT
Date: Sun, 29 Jan 2023 17:01:27 GMT
Connection: keep-alive

push.services.mozilla.com/

54.149.71.248

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.149.71.248:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: SZ6Xu6Rgwf1tn+yg9GFTwA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 7JUaS2rnB37H7XMTFFrovotTub0=

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7212
Expires: Sun, 29 Jan 2023 19:01:40 GMT
Date: Sun, 29 Jan 2023 17:01:28 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7212
Expires: Sun, 29 Jan 2023 19:01:40 GMT
Date: Sun, 29 Jan 2023 17:01:28 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7212
Expires: Sun, 29 Jan 2023 19:01:40 GMT
Date: Sun, 29 Jan 2023 17:01:28 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce27f1aa-8d31-4110-a47f-73de0b95926d.jpeg

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce27f1aa-8d31-4110-a47f-73de0b95926d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11470 bytes)
Hash
10a6491e2c1dfde68c7cd7297e70700f
d0f195319825a6d3e5e50ad15b2fcab27cb65896
4d9353d5874e5ea03c25e1562db5f479c222a48db526fdd10ede7c2e6a4dd874

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce27f1aa-8d31-4110-a47f-73de0b95926d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11470
x-amzn-requestid: 62d61967-9380-4ca9-b11a-531425dbd2ae
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fIf6WFgAIAMF6gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cce042-6d9fe51029094b7f37c0a648;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 07:05:38 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rUIvvkZQ028ey3klplI-x9oZFugon5HsAWT-SN2GQo5hBeBJWqoMAg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 23:12:28 GMT
age: 64140
etag: "d0f195319825a6d3e5e50ad15b2fcab27cb65896"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf6aeac1-fd74-4724-86b5-f0e86d98c915.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8652 bytes)
Hash
43c4a8e963936a8064dbd2bd3c67b905
8508727c97127c98b886833af28b3470306216c2
070c29fe7c0a227029483d675eac863904ab6b291467acdf62167f4845699c21

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf6aeac1-fd74-4724-86b5-f0e86d98c915.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8652
x-amzn-requestid: 5a5a883e-d7d4-4fc5-925a-3a95830c504e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVguyG7BIAMFm8g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d214c4-390b59a32060e41203533c58;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 05:51:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ewSsCY4u9DwRtaj00U9JCim9tYeCgHRuIQFpdHm4ttI6L02-e44iDQ==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 23:11:24 GMT
age: 64204
etag: "8508727c97127c98b886833af28b3470306216c2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.6 kB (5594 bytes)
Hash
4c77437e3a7361861aed8bfecbfe6bd6
fefd238c13c0fdfb7d964c90fcc8a8cbbf953034
282d15c443cb6232ae0a30046a0dc24360617355a4651cdba59b11e6f7313d8a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5594
x-amzn-requestid: d56c9b84-dc1f-4d5c-91bf-7db55058bf67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fLyeEGOloAMFpzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ce3126-5013a6b971d6800c5c85a4eb;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 07:03:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: D2ZAelkDgsd0wjoOSoPRwTzhozs84_aIcgwU-QmbDrTnHztVD0VL_A==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 05:26:16 GMT
age: 41712
etag: "fefd238c13c0fdfb7d964c90fcc8a8cbbf953034"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.5 kB (4475 bytes)
Hash
4205d8106659e00fff1cbe9262918b8c
ab4f6528594a1725934727dc7d834c028a79c609
31f1a28602a194bd0856495d4d81d5c72cd7ff4e5bad6bdd1a31ec3041f4a2cc

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4475
x-amzn-requestid: b7b272d6-3089-4f33-89b5-5cb388640e10
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_e6HsaIAMF5Lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d445f8-1789f7f4264270916da323db;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:45:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 4jPbm4WufkUKm7ljLvpHrJUFhr-JQ_nl3iYfI5S8nTqEszFdUtz9EQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 05:24:09 GMT
etag: "ab4f6528594a1725934727dc7d834c028a79c609"
content-type: image/jpeg
age: 41839
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.2 kB (9167 bytes)
Hash
3be81f83687ddb6c93d3ff3c09a9dba2
50a48e737310d3f31840db4301b25927fbcc12c5
e78c909e2381898e7f546183784a05dff47c31734c95358aaada8c2777ad47be

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9167
x-amzn-requestid: e6e0789c-a4a9-4ffa-a0ae-691770d1035b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPF9YEBmIAMF0kQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf8388-01d2093432d3959903671a69;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:06:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: awfNeaKbFw2bjiTGwUrwUTxU-qbVS2eTjn948H8kn1hy7pi_DwLMlQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 17:35:56 GMT
age: 84332
etag: "50a48e737310d3f31840db4301b25927fbcc12c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7f9ffe5-495a-4f90-a1f3-01e6bafe9287.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10213 bytes)
Hash
d8744995437fb5a3fa77a14c2e72ac6f
f8ad682561dd204e1193bd6ea1fb7e8eccd51610
76445eced51bce8532ffd0ef6131b5c6d8f38a15267bcad99767795f9191efd9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7f9ffe5-495a-4f90-a1f3-01e6bafe9287.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10213
x-amzn-requestid: f95cebd1-4305-4dda-b750-4801a441a6a5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_vkFR5oAMFQQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d44663-59ba391e439557731d323660;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:47:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XR5NrPkuizerZFKPiaAF9TWk8RNPKJIwymg928epIbo3kaTvPj_Lmg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 22:05:06 GMT
age: 68182
etag: "f8ad682561dd204e1193bd6ea1fb7e8eccd51610"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ww2.mkkuei4kdsz.com/

64.190.63.136

200 OK

1.3 kB

URL HTTP/1.1
ww2.mkkuei4kdsz.com/
IP
64.190.63.136:0
ASN
#47846 SEDO GmbH

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (700)
Size
1.3 kB (1322 bytes)
Hash
f127bd2c299b75b0302b942d0e209683
7db66125c32f4523e45e6be1ddf0aa230d60b63f
be7bf5424323b42160ce06812c534e727e822c1e13c0c71726ffdd2a9e66cdb9

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: ww2.mkkuei4kdsz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mkkuei4kdsz.com/
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
date: Sun, 29 Jan 2023 17:01:29 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
vary: Accept-Encoding
x-powered-by: PHP/8.1.9
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_zfi2IAQMFhbeJz7TohoVHVtJWU2hwm7Lrp9mU2CS1tg8fh6Um4KcOzzYJ6LQkNLWAjiGBQP1WU+h5qP7TrTizQ==
last-modified: Sun, 29 Jan 2023 17:01:27 GMT
x-cache-miss-from: parking-7649dfd87f-d57kf
server: NginX
content-encoding: gzip

img.sedoparking.com/images/js_preloader.gif

205.234.175.175

200 OK

4.3 kB

URL HTTP/1.1
img.sedoparking.com/images/js_preloader.gif
IP
205.234.175.175:0
ASN
#30081 CACHENETWORKS

File type
GIF image data, version 89a, 16 x 16\012- data
Size
4.3 kB (4254 bytes)
Hash
90c93102a88c2ab94bff1575b7a6e86e
56d71bf13de464534643db9d127629a0a3bf677a
5f6ad7031600056b578a6e8c6b34bc718d13125cc8256aa4a9050e549576f81a

HTTP Headers

GET /images/js_preloader.gif HTTP/1.1
Host: img.sedoparking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww2.mkkuei4kdsz.com/

HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 17:01:29 GMT
Content-Type: image/gif
Content-Length: 4254
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Expires: Sun, 05 Feb 2023 17:01:29 GMT
X-CFHash: "90c93102a88c2ab94bff1575b7a6e86e"
X-CFF: B
Last-Modified: Fri, 15 Mar 2019 12:24:07 GMT
X-CF3: M
CF4Age: 0
x-cf-tsc: 1672141863
CF4ttl: 31536000.000
X-CF2: H
Server: CFS 0215
X-CF-ReqID: 7ed14e6018889d207fafaaa0c5a4bc8e
X-CF1: 11696:fA.arn1:cf:cacheN.arn1-01:H
Accept-Ranges: bytes

ww2.mkkuei4kdsz.com/search/tsc.php?200=MzgzNDQ1ODM3&21=OTEuOTAuNDIuMTU0&681=MTY3NTAxMTY4OWY4OTRhNjljNDI2Yjg3Zjk3ZmMxMGY5ZWU0ODhmN2Ux&crc=e0c8b625b446f3b7a813017adbae9bf2ec4c41b7&cv=1

64.190.63.136

200 OK

0 B

URL HTTP/1.1
ww2.mkkuei4kdsz.com/search/tsc.php?200=MzgzNDQ1ODM3&21=OTEuOTAuNDIuMTU0&681=MTY3NTAxMTY4OWY4OTRhNjljNDI2Yjg3Zjk3ZmMxMGY5ZWU0ODhmN2Ux&crc=e0c8b625b446f3b7a813017adbae9bf2ec4c41b7&cv=1
IP
64.190.63.136:0
ASN
#47846 SEDO GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /search/tsc.php?200=MzgzNDQ1ODM3&21=OTEuOTAuNDIuMTU0&681=MTY3NTAxMTY4OWY4OTRhNjljNDI2Yjg3Zjk3ZmMxMGY5ZWU0ODhmN2Ux&crc=e0c8b625b446f3b7a813017adbae9bf2ec4c41b7&cv=1 HTTP/1.1
Host: ww2.mkkuei4kdsz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww2.mkkuei4kdsz.com/

HTTP/1.1 200 OK
date: Sun, 29 Jan 2023 17:01:29 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-powered-by: PHP/8.1.9
x-cache-miss-from: parking-7649dfd87f-8jz64
server: NginX

ww2.mkkuei4kdsz.com/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DxIyEALMi3u4_0&v=ODc0NDJmY2JhYzY1YWNhNWE5YTUzMTVlNzE4OGQ4NGEJMQl3dzIubWtrdWVpNGtkc3ouY29tNjNkNmE2Njc2YmYzMjMuNzE5ODc5NzkJd3cyLm1ra3VlaTRrZHN6LmNvbTYzZDZhNjY3NmJmOTIxLjIyNzc4MjIwCTE2NzUwMTE2ODkJYWRfNjNfMA==&l=OAk5YmExZDM2Nzg2MTViOGJiYjQxOWU0NjNjYzFkNDAxOQkwCTM1CTAJZWY3ZjY4YmY1YzRjMTcyNjQ0NzVmNDI1Y2VkYTZlMzUJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE2NzUwMTE2ODkJMC4wMDAzMjMJTgkwCTEJODMwCTEyMDUJMTk0MDQzMTQyCTkxLjkwLjQyLjE1NAkw

64.190.63.136

302 Found

0 B

URL HTTP/1.1
ww2.mkkuei4kdsz.com/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DxIyEALMi3u4_0&v=ODc0NDJmY2JhYzY1YWNhNWE5YTUzMTVlNzE4OGQ4NGEJMQl3dzIubWtrdWVpNGtkc3ouY29tNjNkNmE2Njc2YmYzMjMuNzE5ODc5NzkJd3cyLm1ra3VlaTRrZHN6LmNvbTYzZDZhNjY3NmJmOTIxLjIyNzc4MjIwCTE2NzUwMTE2ODkJYWRfNjNfMA==&l=OAk5YmExZDM2Nzg2MTViOGJiYjQxOWU0NjNjYzFkNDAxOQkwCTM1CTAJZWY3ZjY4YmY1YzRjMTcyNjQ0NzVmNDI1Y2VkYTZlMzUJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE2NzUwMTE2ODkJMC4wMDAzMjMJTgkwCTEJODMwCTEyMDUJMTk0MDQzMTQyCTkxLjkwLjQyLjE1NAkw
IP
64.190.63.136:0
ASN
#47846 SEDO GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DxIyEALMi3u4_0&v=ODc0NDJmY2JhYzY1YWNhNWE5YTUzMTVlNzE4OGQ4NGEJMQl3dzIubWtrdWVpNGtkc3ouY29tNjNkNmE2Njc2YmYzMjMuNzE5ODc5NzkJd3cyLm1ra3VlaTRrZHN6LmNvbTYzZDZhNjY3NmJmOTIxLjIyNzc4MjIwCTE2NzUwMTE2ODkJYWRfNjNfMA==&l=OAk5YmExZDM2Nzg2MTViOGJiYjQxOWU0NjNjYzFkNDAxOQkwCTM1CTAJZWY3ZjY4YmY1YzRjMTcyNjQ0NzVmNDI1Y2VkYTZlMzUJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE2NzUwMTE2ODkJMC4wMDAzMjMJTgkwCTEJODMwCTEyMDUJMTk0MDQzMTQyCTkxLjkwLjQyLjE1NAkw HTTP/1.1
Host: ww2.mkkuei4kdsz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww2.mkkuei4kdsz.com/
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
date: Sun, 29 Jan 2023 17:01:29 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-powered-by: PHP/8.1.9
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
last-modified: Sun, 29 Jan 2023 17:01:29 GMT
location: /search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DxIyEALMi3u4_0&v=ODc0NDJmY2JhYzY1YWNhNWE5YTUzMTVlNzE4OGQ4NGEJMQl3dzIubWtrdWVpNGtkc3ouY29tNjNkNmE2Njc2YmYzMjMuNzE5ODc5NzkJd3cyLm1ra3VlaTRrZHN6LmNvbTYzZDZhNjY3NmJmOTIxLjIyNzc4MjIwCTE2NzUwMTE2ODkJYWRfNjNfMA==&l=OAk5YmExZDM2Nzg2MTViOGJiYjQxOWU0NjNjYzFkNDAxOQkwCTM1CTAJZWY3ZjY4YmY1YzRjMTcyNjQ0NzVmNDI1Y2VkYTZlMzUJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE2NzUwMTE2ODkJMC4wMDAzMjMJTgkwCTEJODMwCTEyMDUJMTk0MDQzMTQyCTkxLjkwLjQyLjE1NAkw
x-cache-miss-from: parking-7649dfd87f-txn6x
server: NginX

ww2.mkkuei4kdsz.com/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DxIyEALMi3u4_0&v=ODc0NDJmY2JhYzY1YWNhNWE5YTUzMTVlNzE4OGQ4NGEJMQl3dzIubWtrdWVpNGtkc3ouY29tNjNkNmE2Njc2YmYzMjMuNzE5ODc5NzkJd3cyLm1ra3VlaTRrZHN6LmNvbTYzZDZhNjY3NmJmOTIxLjIyNzc4MjIwCTE2NzUwMTE2ODkJYWRfNjNfMA==&l=OAk5YmExZDM2Nzg2MTViOGJiYjQxOWU0NjNjYzFkNDAxOQkwCTM1CTAJZWY3ZjY4YmY1YzRjMTcyNjQ0NzVmNDI1Y2VkYTZlMzUJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE2NzUwMTE2ODkJMC4wMDAzMjMJTgkwCTEJODMwCTEyMDUJMTk0MDQzMTQyCTkxLjkwLjQyLjE1NAkw

64.190.63.136

302 Found

311 B

URL HTTP/1.1
ww2.mkkuei4kdsz.com/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DxIyEALMi3u4_0&v=ODc0NDJmY2JhYzY1YWNhNWE5YTUzMTVlNzE4OGQ4NGEJMQl3dzIubWtrdWVpNGtkc3ouY29tNjNkNmE2Njc2YmYzMjMuNzE5ODc5NzkJd3cyLm1ra3VlaTRrZHN6LmNvbTYzZDZhNjY3NmJmOTIxLjIyNzc4MjIwCTE2NzUwMTE2ODkJYWRfNjNfMA==&l=OAk5YmExZDM2Nzg2MTViOGJiYjQxOWU0NjNjYzFkNDAxOQkwCTM1CTAJZWY3ZjY4YmY1YzRjMTcyNjQ0NzVmNDI1Y2VkYTZlMzUJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE2NzUwMTE2ODkJMC4wMDAzMjMJTgkwCTEJODMwCTEyMDUJMTk0MDQzMTQyCTkxLjkwLjQyLjE1NAkw
IP
64.190.63.136:0
ASN
#47846 SEDO GmbH

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
311 B (311 bytes)
Hash
315b4da648ca82988fbe1aa5fedfcf8f
dff98ffb888edf54f9b68e23d566351ea348311d
3974290ed3ce999012625192e8c0a469ee6d502d79a7dd31653c27896ebe4c56

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DxIyEALMi3u4_0&v=ODc0NDJmY2JhYzY1YWNhNWE5YTUzMTVlNzE4OGQ4NGEJMQl3dzIubWtrdWVpNGtkc3ouY29tNjNkNmE2Njc2YmYzMjMuNzE5ODc5NzkJd3cyLm1ra3VlaTRrZHN6LmNvbTYzZDZhNjY3NmJmOTIxLjIyNzc4MjIwCTE2NzUwMTE2ODkJYWRfNjNfMA==&l=OAk5YmExZDM2Nzg2MTViOGJiYjQxOWU0NjNjYzFkNDAxOQkwCTM1CTAJZWY3ZjY4YmY1YzRjMTcyNjQ0NzVmNDI1Y2VkYTZlMzUJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE2NzUwMTE2ODkJMC4wMDAzMjMJTgkwCTEJODMwCTEyMDUJMTk0MDQzMTQyCTkxLjkwLjQyLjE1NAkw HTTP/1.1
Host: ww2.mkkuei4kdsz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww2.mkkuei4kdsz.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
date: Sun, 29 Jan 2023 17:01:29 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
x-powered-by: PHP/8.1.9
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
last-modified: Sun, 29 Jan 2023 17:01:29 GMT
location: http://xml.sedodna.com/click?i=xIyEALMi3u4_0
x-cache-miss-from: parking-7649dfd87f-d57kf
server: NginX

xml.sedodna.com/click?i=xIyEALMi3u4_0

173.239.53.32

302 Found

0 B

URL HTTP/1.1
xml.sedodna.com/click?i=xIyEALMi3u4_0
IP
173.239.53.32:0
ASN
#27257 WEBAIR-INTERNET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /click?i=xIyEALMi3u4_0 HTTP/1.1
Host: xml.sedodna.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww2.mkkuei4kdsz.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Cache-Control: no-store
Content-Length: 0
Age: 0
Connection: keep-alive
Location: http://orest-vlv.com/zcvisitor/91df5fe3-9ff6-11ed-b59a-0a4fc52141e9/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=91f42064-9ff6-11ed-b59a-0a4fc52141e9
Pragma: no-cache

orest-vlv.com/zcvisitor/91df5fe3-9ff6-11ed-b59a-0a4fc52141e9/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=91f42064-9ff6-11ed-b59a-0a4fc52141e9

52.7.54.238

200

1.1 kB

URL HTTP/1.1
orest-vlv.com/zcvisitor/91df5fe3-9ff6-11ed-b59a-0a4fc52141e9/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=91f42064-9ff6-11ed-b59a-0a4fc52141e9
IP
52.7.54.238:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
1.1 kB (1098 bytes)
Hash
04933e465d3a0fb6861cac1535c40855
d63820444b13f5e824f613e4218c52cf751589ab
4302e14260555a4a057801fd018787cca42d4efd6f53e60fa9be71f8266d2efc

HTTP Headers

GET /zcvisitor/91df5fe3-9ff6-11ed-b59a-0a4fc52141e9/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=91f42064-9ff6-11ed-b59a-0a4fc52141e9 HTTP/1.1
Host: orest-vlv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww2.mkkuei4kdsz.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 
Date: Sun, 29 Jan 2023 17:01:30 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server: GIHKdhEh

orest-vlv.com/zcredirect?visitid=91df5fe3-9ff6-11ed-b59a-0a4fc52141e9&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false

52.7.54.238

200

282 B

URL HTTP/1.1
orest-vlv.com/zcredirect?visitid=91df5fe3-9ff6-11ed-b59a-0a4fc52141e9&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
IP
52.7.54.238:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
282 B (282 bytes)
Hash
378f4c73fda3078c996cd0ed958b947e
a270e94b44766c47b858f92e28ef5e2151f90609
5a2606e2ebe6f0340be218d07e17be7f7f259b02121e8f1cf2e89c3ad7bf041b

HTTP Headers

GET /zcredirect?visitid=91df5fe3-9ff6-11ed-b59a-0a4fc52141e9&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false HTTP/1.1
Host: orest-vlv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://orest-vlv.com/zcvisitor/91df5fe3-9ff6-11ed-b59a-0a4fc52141e9/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=91f42064-9ff6-11ed-b59a-0a4fc52141e9
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 
Date: Sun, 29 Jan 2023 17:01:30 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
Server: VwBTVyiX

orest-vlv.com/favicon.ico

52.7.54.238

404

653 B

URL HTTP/1.1
orest-vlv.com/favicon.ico
IP
52.7.54.238:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (649), with no line terminators
Size
653 B (653 bytes)
Hash
ba2732b1b2fa2626ffaa15f62f9e7d66
203d4e7fbb1d80449d6e4e1f3ae7a9bf8625debe
879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: orest-vlv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://orest-vlv.com/zcredirect?visitid=91df5fe3-9ff6-11ed-b59a-0a4fc52141e9&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false

HTTP/1.1 404 
Date: Sun, 29 Jan 2023 17:01:30 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 653
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Content-Language: en
Server: WAghKsca

xml-v4.gipostart-2.co/click?i=C0UF1IW-D7o_0

173.239.53.32

302 Found

0 B

URL HTTP/1.1
xml-v4.gipostart-2.co/click?i=C0UF1IW-D7o_0
IP
173.239.53.32:0
ASN
#27257 WEBAIR-INTERNET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /click?i=C0UF1IW-D7o_0 HTTP/1.1
Host: xml-v4.gipostart-2.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://orest-vlv.com/
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Cache-Control: no-store
Content-Length: 0
Age: 0
Connection: keep-alive
Location: https://link.affiliates.cyber.bet/click?b=0&pid=8425&offer_id=53&l=1616692149&sub4=CYBERMAX300&sub8=_betting&sub6=1616692149&ref_id=st1drnhdWlQ
Pragma: no-cache

link.affiliates.cyber.bet/click?b=0&pid=8425&offer_id=53&l=1616692149&sub4=CYBERMAX300&sub8=_betting&sub6=1616692149&ref_id=st1drnhdWlQ

172.66.43.156

302 Found

0 B

URL HTTP/2
link.affiliates.cyber.bet/click?b=0&pid=8425&offer_id=53&l=1616692149&sub4=CYBERMAX300&sub8=_betting&sub6=1616692149&ref_id=st1drnhdWlQ
IP
172.66.43.156:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /click?b=0&pid=8425&offer_id=53&l=1616692149&sub4=CYBERMAX300&sub8=_betting&sub6=1616692149&ref_id=st1drnhdWlQ HTTP/1.1
Host: link.affiliates.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://orest-vlv.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Sun, 29 Jan 2023 17:01:30 GMT
content-length: 0
location: https://cyber.bet/land/gold_football/?cid=63d6a66a1d24f00001e96706&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_betting&promocode=CYBERMAX300&subid2=&subid3=&aff_bnnr=&aff_land=1616692149
x-adjust-use-original-forwarded-for: 1
access-control-allow-origin: *
set-cookie: afclick=63d6a66a1d24f00001e96706; expires=Mon, 29 Jan 2024 17:01:30 GMT; secure; SameSite=None
afoffers={"53":1675011690}; expires=Mon, 29 Jan 2024 17:01:30 GMT; secure; SameSite=None
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6W5VUqQohoP%2Bn4ZI%2FYikfJWQsbrdozvIqFm0gMOOGOy7AUHIQ37bq0YQlBYSlmwUuSNiHL5k3OglBKImNxxzCsKZ%2B0H2gdZWgpoP5GS7yugGteGAO3I9fOreAD26PCxLY%2BLlhgx5LbUPLn4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791387ba0f730b31-OSL
X-Firefox-Spdy: h2

cdnstatic.cyber.bet/css/payments.css

54.230.111.71

200 OK

699 B

URL HTTP/2
cdnstatic.cyber.bet/css/payments.css
IP
54.230.111.71:0
ASN
#16509 AMAZON-02

File type
ASCII text, with CRLF line terminators
Size
699 B (699 bytes)
Hash
70e2a5d4745300aed2bfccf31551eb7f
c913b11b1f043706b73941110c33543f3c942cfb
f33896366d0d98962fd3e5b79963449dd3c1c3ea48e617e5b6d6bdb46e0c7022

HTTP Headers

GET /css/payments.css HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
content-type: text/css
content-length: 699
last-modified: Tue, 24 Jan 2023 12:10:32 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Sun, 29 Jan 2023 17:00:49 GMT
etag: "70e2a5d4745300aed2bfccf31551eb7f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rcO0l_11cCY5HeLz6MxPOk8Q6tzahC__hjO5Wca3LQG-lxS7KkbGLQ==
age: 44
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
8c630e9bbc930d1c367efa81b67be3f7
ec536695531d40a813d99a06271c7c2d698d51d3
39ca0a60c3e2e85712757ead0830d0da82beac1e4f44b6e90243e5ca9326bf4b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 17:01:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
8c630e9bbc930d1c367efa81b67be3f7
ec536695531d40a813d99a06271c7c2d698d51d3
39ca0a60c3e2e85712757ead0830d0da82beac1e4f44b6e90243e5ca9326bf4b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 17:01:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

142.250.74.42

200 OK

31 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP
142.250.74.42:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (65451)
Size
31 kB (31021 bytes)
Hash
903bc7a7e510f87aa5d0201eb59a0832
ac9aa4dd94cde1bcba9037e94087138b127e41fc
41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f

HTTP Headers

GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 09:52:09 GMT
expires: Sat, 27 Jan 2024 09:52:09 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
age: 198561
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
75bf326700e29b1b06e57fb96ee2b064
4f979f28905b65637a058cd44be6c25bb51a42e4
385f7a9c4112c4d674264d02229719e7f82e7039e681db8aaa6685ebab2be0c1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 17:01:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
8c630e9bbc930d1c367efa81b67be3f7
ec536695531d40a813d99a06271c7c2d698d51d3
39ca0a60c3e2e85712757ead0830d0da82beac1e4f44b6e90243e5ca9326bf4b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 17:01:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.sca1b.amazontrust.com/

54.230.245.39

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.39:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
aeb6965f65188062c56e244577fdafaa
8db65de204963a6228b1d09e01226e89d6639419
29c5e41dc1af0854a34adc9eb32815aec81fb3dbc2b800dcc82f24ce26262d1e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=150806
Date: Sun, 29 Jan 2023 17:01:30 GMT
Etag: "63d65080-1d7"
Expires: Tue, 31 Jan 2023 10:54:56 GMT
Last-Modified: Sun, 29 Jan 2023 10:54:56 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: r6aTvF0gDdIkIUxHJpcxVmPENaLc0ULu_SkbjOcUwtzScdAllQWSzQ==

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
bab8a4c1e6bb2e6c9cc00222eef1235d
1a5dd108e9f9aaf33bc048b0097a9f510d295cad
fd182297a143655a9142e3ee5bbafefd76ca974094f43fb695611f6876f3ab63

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 17:01:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtm.js?id=GTM-NR2G4XB

142.250.74.40

200 OK

72 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-NR2G4XB
IP
142.250.74.40:0
ASN
#15169 GOOGLE

File type
Unicode text, UTF-8 text, with very long lines (15106)
Size
72 kB (72141 bytes)
Hash
42b26d6b5594d0e7a4bc04718f08ce6b
3928c07800b7462e053a898c7325b7ba01025f1a
a7008bf94c8cc4589d59c4a2544b23eda08a21f578e31444c38a537fc0a02df4

HTTP Headers

GET /gtm.js?id=GTM-NR2G4XB HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 29 Jan 2023 17:01:31 GMT
expires: Sun, 29 Jan 2023 17:01:31 GMT
cache-control: private, max-age=900
last-modified: Sun, 29 Jan 2023 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 72141
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
bab8a4c1e6bb2e6c9cc00222eef1235d
1a5dd108e9f9aaf33bc048b0097a9f510d295cad
fd182297a143655a9142e3ee5bbafefd76ca974094f43fb695611f6876f3ab63

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 17:01:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdnstatic.cyber.bet/js/global.js

54.230.111.71

200 OK

71 kB

URL HTTP/2
cdnstatic.cyber.bet/js/global.js
IP
54.230.111.71:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text, with very long lines (5000), with CRLF line terminators
Size
71 kB (70834 bytes)
Hash
8943965f22a29b6f800a98e0eaed584f
1cfa4c3d79808cce1785967a637819b88a9d11f5
3655c70a4699f50b8ffedcba2985671c7c8788b6a73e665e45515e6b8e69e3db

HTTP Headers

GET /js/global.js HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
content-type: application/javascript
content-length: 70834
vary: Accept-Encoding
date: Sun, 29 Jan 2023 17:01:32 GMT
last-modified: Tue, 24 Jan 2023 12:10:35 GMT
etag: "8943965f22a29b6f800a98e0eaed584f"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: pZKLrAyIedAN81VlzVHKgzbE3_z3HPYmPm89J_zHAPuTalbKeLm6FQ==
cache-control: no-store, no-cache, must-revalidate
X-Firefox-Spdy: h2

cdnstatic.cyber.bet/css/global.css

54.230.111.71

200 OK

4.7 kB

URL HTTP/2
cdnstatic.cyber.bet/css/global.css
IP
54.230.111.71:0
ASN
#16509 AMAZON-02

File type
ASCII text, with CRLF line terminators
Size
4.7 kB (4746 bytes)
Hash
1d710fedcd0ddfd6744b7011d3261d07
884abf5c059be6ddcdd9067c24c55f744d6df31f
47db4a55aeef076b5cc2c69bb230028feb69a8575b5a9651a1fa79e51990edb9

HTTP Headers

GET /css/global.css HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
content-type: text/css
content-length: 4746
vary: Accept-Encoding
date: Sun, 29 Jan 2023 17:01:32 GMT
last-modified: Tue, 24 Jan 2023 12:10:32 GMT
etag: "1d710fedcd0ddfd6744b7011d3261d07"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rrHPXLkUWgQyS32drp5V2dMrmZzOlC_XaFq2qIkLqhEPpk3s1jDfZQ==
cache-control: no-store, no-cache, must-revalidate
X-Firefox-Spdy: h2

cyber.bet/land/gold_football/img/input.png

172.66.43.156

200 OK

10 kB

URL HTTP/2
cyber.bet/land/gold_football/img/input.png
IP
172.66.43.156:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 684 x 134, 8-bit/color RGBA, non-interlaced\012- data
Size
10 kB (10123 bytes)
Hash
029eb00d46a95ea9be209224c3d913db
6437f53a0ac6d920ce054424e379bc4035890d9f
2edf7d5caba07cf65cf390191d6e21b25a0510b09ea2809df2630515e7bccb7f

HTTP Headers

GET /land/gold_football/img/input.png HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/gold_football/css/form.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 29 Jan 2023 17:01:31 GMT
content-type: image/png
content-length: 10123
last-modified: Mon, 28 Dec 2020 16:41:37 GMT
etag: "5fea0ac1-278b"
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6673
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BlcfHqG%2FjZztD3q6z2SlnF6Qk02lgwkEU9v47gVaHCLRAIqKWZvYinPbTs9IDhnnYFIo4t7n2c0fPMKspMWr%2FYZB5SMK%2BqGVg%2BUNj2YZk3uPtdh2eA%2FpSg10iA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791387be4c980b31-OSL
X-Firefox-Spdy: h2

cyber.bet/land/gold_football/img/cb_picked.png

172.66.43.156

200 OK

3.2 kB

URL HTTP/2
cyber.bet/land/gold_football/img/cb_picked.png
IP
172.66.43.156:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 82 x 80, 8-bit/color RGBA, non-interlaced\012- data
Size
3.2 kB (3193 bytes)
Hash
774fc89cb9c8f999121c719e5f9f29df
d7d8ce07db925dc13908ea8c2c587fbb597c9eef
b1dd144f891842f0c1f19fff5c6ee14e4ab6ae491c7cac4aa2c2d7f156885bcb

HTTP Headers

GET /land/gold_football/img/cb_picked.png HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/gold_football/css/form.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 29 Jan 2023 17:01:31 GMT
content-type: image/png
content-length: 3193
last-modified: Mon, 28 Dec 2020 16:41:37 GMT
etag: "5fea0ac1-c79"
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6673
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sxDtP2xjouHUnlQd%2BIEqcRgO9%2FoEG%2F5vZeOGuCR0T%2BdMWm6Y7qFCjYmnI6u6N2RU%2BFT6EA7bg2CrPN%2FMYARocsaGnF%2FDNhEJWFcsk%2FmAD413Qvq9UvU8Wmn6Zg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791387be5c9c0b31-OSL
X-Firefox-Spdy: h2

cyber.bet/land/gold_football/img/promo.png

172.66.43.156

200 OK

13 kB

URL HTTP/2
cyber.bet/land/gold_football/img/promo.png
IP
172.66.43.156:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 684 x 134, 8-bit/color RGBA, non-interlaced\012- data
Size
13 kB (13216 bytes)
Hash
5798187ffb0edc7c4525a1415d9e03db
240b77c6c3c8c2a75d133c14907805d85def5588
93a1d190fd9a50423a0f7518a9147a2ef4cf969478056c6001c1124a0a1fe830

HTTP Headers

GET /land/gold_football/img/promo.png HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/gold_football/css/form.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 29 Jan 2023 17:01:31 GMT
content-type: image/png
content-length: 13216
last-modified: Mon, 28 Dec 2020 16:41:37 GMT
etag: "5fea0ac1-33a0"
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6673
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aDJVwK4Ze99xPoWiQ67nJs%2BvlpIVDCMA%2BQ5nAcCJbxixknyF7KNRaq40N9Lzjc9E7fR0cX8Ib5HptPPOqSx8%2BnXecNSM%2BLzNJQx9vxiSTVisSmEHp1FDjvXReA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791387be4c990b31-OSL
X-Firefox-Spdy: h2

cyber.bet/land/gold_football/img/bg.jpg

172.66.43.156

200 OK

156 kB

URL HTTP/2
cyber.bet/land/gold_football/img/bg.jpg
IP
172.66.43.156:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 3840x1920, components 3\012- data
Size
156 kB (156361 bytes)
Hash
99c31d6b59863498102fbe5c4b996372
a9021e63249c09a63b5f8697aa35f481679c9e55
02731f701c8f844ccc4ce0eb8b48db077aa17d878acb98935b8d85cd52f643fc

HTTP Headers

GET /land/gold_football/img/bg.jpg HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/gold_football/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 29 Jan 2023 17:01:31 GMT
content-type: image/jpeg
content-length: 156361
cf-bgj: h2pri
etag: "601aaeac-262c9"
last-modified: Wed, 03 Feb 2021 14:09:48 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6673
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1cPOwmTEyGLV41LN21JI%2BNIrsnZb2JM2X%2FtnZUJEhv3A7nH59ywkCtuQd3aMoj8U%2FgNk53uOQfcL84p8cXbdBRd6cJFDgilQmP592WG6IbaZpkCUCw5wOffbsA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791387be4c900b31-OSL
X-Firefox-Spdy: h2

cyber.bet/land/gold_football/img/right.png

172.66.43.156

200 OK

161 kB

URL HTTP/2
cyber.bet/land/gold_football/img/right.png
IP
172.66.43.156:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 1148 x 1011, 8-bit colormap, non-interlaced\012- data
Size
161 kB (161228 bytes)
Hash
868616a393080ccaabef8c8104d3b1a0
31c2ed6aa818e92e7da23816c66f3d5936d87167
3c2a56ff51a274511266e19c00e0f077c1f2d7f7ba9207ae08789332e06f4c36

HTTP Headers

GET /land/gold_football/img/right.png HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/gold_football/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 29 Jan 2023 17:01:31 GMT
content-type: image/png
content-length: 161228
last-modified: Wed, 03 Feb 2021 14:09:48 GMT
etag: "601aaeac-275cc"
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5688
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cx9HeeBT%2BfWtKraLgmWT8eAljdUVreVDQcdcPAH%2B4USkRM7Oczrb7wN%2BkFDBxD7Ph5iqjDDi%2FlyCejFe2x%2Bv7z9ChNnXud%2F1M9ODPBN5ya8F3s4UAkT8pYYlQw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791387be4c940b31-OSL
X-Firefox-Spdy: h2

cyber.bet/land/gold_football/img/cta.png

172.66.43.156

200 OK

99 kB

URL HTTP/2
cyber.bet/land/gold_football/img/cta.png
IP
172.66.43.156:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 1076 x 266, 8-bit/color RGBA, non-interlaced\012- data
Size
99 kB (98590 bytes)
Hash
6af15da4b150dd671aa73c54a5d000b2
1292d7e77d7ea538594b8f43527c1464a73e3ac6
383559b3e7496fbf5f0d7ebf89bb9fd90e149fee99bca2a0007224fed63ca51b

HTTP Headers

GET /land/gold_football/img/cta.png HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/gold_football/css/form.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 29 Jan 2023 17:01:31 GMT
content-type: image/png
content-length: 98590
last-modified: Mon, 28 Dec 2020 16:41:37 GMT
etag: "5fea0ac1-1811e"
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6673
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Iiqcjuvr8TO9zYhWgqrEQ2IDThXLwx1eps8X1ng9qKo43s5wlOPuUXRSmjXWMlYxYJiE%2F0C%2FvmE93ut%2Fck8MqrQJbBEhg2zpl39dHaHq985Ni2dboOuqzR08g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791387be5ca00b31-OSL
X-Firefox-Spdy: h2

cyber.bet/land/gold_football/img/left.png

172.66.43.156

200 OK

164 kB

URL HTTP/2
cyber.bet/land/gold_football/img/left.png
IP
172.66.43.156:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 1192 x 1181, 8-bit colormap, non-interlaced\012- data
Size
164 kB (163919 bytes)
Hash
fc9c2a3760148ae23e2b1182f308a84b
63d0d68f5737f3b86b8262503bf78295cb082637
4459f9d27eacbd75068d51b041786be1bb27b46350c67aca8734997e3543d583

HTTP Headers

GET /land/gold_football/img/left.png HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/gold_football/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 29 Jan 2023 17:01:31 GMT
content-type: image/png
content-length: 163919
last-modified: Wed, 03 Feb 2021 14:09:46 GMT
etag: "601aaeaa-2804f"
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5688
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kGJS6ziv4cDU8VDdFswfmlqqwUy4Spci8%2FsXsJrNr0%2FIABhpN%2BqQL45evmHc9arh1a3C4RT554D7pBpCG08uxNkVGdmno%2FTp%2F9xyj8%2Bj7JOtf6F2z0iEyOc%2BGw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791387be4c930b31-OSL
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
8cf65fcdafa84b63cf7005fe57927fcb
3f7d163a96e7f00eb2de9828624ec46e22b4b40a
dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 17:01:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
8cf65fcdafa84b63cf7005fe57927fcb
3f7d163a96e7f00eb2de9828624ec46e22b4b40a
dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 17:01:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
db3290a85d0ba4da27406ae9636aa618
4c69da45eddd66a1e26fce5562fc45eda7005309
19db4d0cc84bff9586883a5fa69c426af0b5fc1c2760ee7c259b0307c8afa6b2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 17:01:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
db3290a85d0ba4da27406ae9636aa618
4c69da45eddd66a1e26fce5562fc45eda7005309
19db4d0cc84bff9586883a5fa69c426af0b5fc1c2760ee7c259b0307c8afa6b2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 17:01:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cyber.bet/land/js/locales/base/locales.js

172.66.43.156

200 OK

5.6 kB

URL HTTP/2
cyber.bet/land/js/locales/base/locales.js
IP
172.66.43.156:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (16549), with no line terminators
Size
5.6 kB (5626 bytes)
Hash
689edbeb85a52ed7249dfdda92adfddc
0ea4bf012954b963a5a0e25027211d921e6bedeb
433dd8fb8eb9854d428d0e484853230c53559b11f598096525601ebac505badc

HTTP Headers

GET /land/js/locales/base/locales.js HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/gold_football/?cid=63d6a66a1d24f00001e96706&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_betting&promocode=CYBERMAX300&subid2=&subid3=&aff_bnnr=&aff_land=1616692149
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 29 Jan 2023 17:01:30 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=22124
etag: W/"636c24bc-566c"
last-modified: Wed, 09 Nov 2022 22:07:56 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6708
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X6S%2BOmA9hC%2B5iPvhq9rlUCLtwXwIrvOWPDq%2BA4ZM8NnYFhJZgcI5cW8avDNR%2BbXz1Dv7DJ%2BjDT12HxwKLvlxZq44GW7RpZXSZCNGwtW4YtfU58T1LaJetATcCg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791387bb99660b31-OSL
content-encoding: br
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

216.58.207.227

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15752, version 1.0\012- data
Size
16 kB (15752 bytes)
Hash
b20371a6daf29d4a1f2e85dbbf40fb20
0355a01c1ccb45cb728e7e07c41c8ebf456f70bb
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cyber.bet
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15752
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 01:49:59 GMT
expires: Sat, 27 Jan 2024 01:49:59 GMT
cache-control: public, max-age=31536000
age: 227492
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cyber.bet
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 19:33:54 GMT
expires: Thu, 25 Jan 2024 19:33:54 GMT
cache-control: public, max-age=31536000
age: 336457
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cyber.bet/land/gold_football/css/style.css

172.66.43.156

200 OK

17 kB

URL HTTP/2
cyber.bet/land/gold_football/css/style.css
IP
172.66.43.156:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (2573), with no line terminators
Size
17 kB (16656 bytes)
Hash
0bc0ea1a1119022b5567c243680910b8
46ba56d53cee2014e492b8faca3f7f61257d14b1
927ad84ee3a11b600b9c88278d8b70141244137f5d8a468317678be5ee76e611

HTTP Headers

GET /land/gold_football/css/style.css HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/gold_football/?cid=63d6a66a1d24f00001e96706&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_betting&promocode=CYBERMAX300&subid2=&subid3=&aff_bnnr=&aff_land=1616692149
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 29 Jan 2023 17:01:30 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=3754
etag: W/"605e02e5-eaa"
last-modified: Fri, 26 Mar 2021 15:51:01 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3404
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vm1ht2Ag5TO4TjCE242BlkWESg%2FHrabWOGC2Gk8LJuG95pe8DrAX7Y6cRWNHWfx9hM0ELAKb%2BExX0UmEEVq2DTMB%2BWfANmn1LGWn3e%2FGl3iP6u%2FgRhnC%2F285cQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791387bb99620b31-OSL
content-encoding: br
X-Firefox-Spdy: h2

cyber.bet/land/gold_football/img/logo.svg

172.66.43.156

200 OK

17 kB

URL HTTP/2
cyber.bet/land/gold_football/img/logo.svg
IP
172.66.43.156:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1777), with CRLF line terminators
Size
17 kB (17272 bytes)
Hash
7d65885db008bff4ca9de6648fc1e20a
b7ae6132404f52c28ffdf8a255ec9089677bb9b9
89cb7d004aedc557697463171650f314144e6c45ad85b2ac46184df2b38dfc2e

HTTP Headers

GET /land/gold_football/img/logo.svg HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/gold_football/css/common.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 29 Jan 2023 17:01:31 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Dec 2020 16:41:37 GMT
etag: W/"5fea0ac1-b67"
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6673
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=81Y0W%2B1hTQmiAeykoPZZ8qCwjVK4cYkfdIyNUhpDv1hHyeOEamapsKyY7fj0QRPvult08I4b%2BpQhGPS6HiicRAYi88016iwjDmCVMn2wILAwX1%2FrKFvp2ilY%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791387be4c960b31-OSL
content-encoding: br
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

216.58.207.227

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Size
16 kB (15740 bytes)
Hash
b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cyber.bet
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 28 Jan 2023 10:26:49 GMT
expires: Sun, 28 Jan 2024 10:26:49 GMT
cache-control: public, max-age=31536000
age: 110082
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cyber.bet/land/gold_football/favicon.ico

172.66.43.156

200 OK

2.1 kB

URL HTTP/2
cyber.bet/land/gold_football/favicon.ico
IP
172.66.43.156:0
ASN
#13335 CLOUDFLARENET

File type
MS Windows icon resource - 3 icons, 48x48, 8 bits/pixel, 32x32, 8 bits/pixel\012- data
Size
2.1 kB (2078 bytes)
Hash
d9fed1f2593550b7b8441dc4b2c587b8
0552c4c0718db4022ab4e7862066432d80d71313
9a22b8e440f4c22c107cf3458103f12c4c38d95fe836b2503af043bfe1ca73e0

HTTP Headers

GET /land/gold_football/favicon.ico HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/gold_football/?cid=63d6a66a1d24f00001e96706&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_betting&promocode=CYBERMAX300&subid2=&subid3=&aff_bnnr=&aff_land=1616692149
Cookie: _ga_8FYNJV02NV=GS1.1.1675011699.1.0.1675011699.60.0.0; _ga=GA1.1.1494117069.1675011699
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 29 Jan 2023 17:01:31 GMT
content-type: image/x-icon
last-modified: Mon, 28 Dec 2020 16:41:37 GMT
etag: W/"5fea0ac1-1cee"
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5422
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iCCPzYVg9jkLqakuag0f8pBF74qrAJhU3lnrlysX%2FsWbkezJN%2BMrUXfixrQwmvK9EwCVOm9YkDzNl9zP%2BmO3RtvHexzjVkB081tdW7SAbEBTX2lUZ1RVkkSMcw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791387bf2d9a0b31-OSL
content-encoding: br
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

216.239.36.178

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
216.239.36.178:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1490)
Size
20 kB (20085 bytes)
Hash
ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Sun, 29 Jan 2023 15:45:20 GMT
expires: Sun, 29 Jan 2023 17:45:20 GMT
cache-control: public, max-age=7200
age: 4571
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b7da7d1d3e5880d5d4e313ac7fcf2a83
60a1e887ccb7c7cdae0035c65ef7df9908547fef
af17efcd17df50324c29cff05cea79f18cba79f6b1134ec0e6d1637759b5e895

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 17:01:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdnstatic.cyber.bet/js/fp.js

54.230.111.71

200 OK

533 B

URL HTTP/2
cdnstatic.cyber.bet/js/fp.js
IP
54.230.111.71:0
ASN
#16509 AMAZON-02

File type
ASCII text, with CRLF line terminators
Size
533 B (533 bytes)
Hash
d1abfbe2c5b50e7f427e41c79197dcd3
01f6142a97168fd15da33334c35ce351d676ed08
7266855231eab7a13a11e53e9df50e1c84582649d9708e9a8f72d62e8af8b569

HTTP Headers

GET /js/fp.js HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1675011699.1.0.1675011699.60.0.0; _ga=GA1.1.1494117069.1675011699
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 533
last-modified: Tue, 24 Jan 2023 12:10:35 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Sun, 29 Jan 2023 17:00:55 GMT
etag: "d1abfbe2c5b50e7f427e41c79197dcd3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: JsKRZUfEdi5r4youyfZg0QDAp7SIrQsPHl2W22rAl-_9T8Hsu_XJuQ==
age: 42
X-Firefox-Spdy: h2

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8FYNJV02NV&cid=1494117069.1675011699&gtm=2oe1p0&aip=1&z=1929443799

142.250.74.67

200 OK

42 B

URL HTTP/2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8FYNJV02NV&cid=1494117069.1675011699&gtm=2oe1p0&aip=1&z=1929443799
IP
142.250.74.67:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8FYNJV02NV&cid=1494117069.1675011699&gtm=2oe1p0&aip=1&z=1929443799 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 17:01:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdnstatic.cyber.bet/js/geoMapping.js

54.230.111.71

200 OK

443 B

URL HTTP/2
cdnstatic.cyber.bet/js/geoMapping.js
IP
54.230.111.71:0
ASN
#16509 AMAZON-02

File type
ASCII text, with CRLF line terminators
Size
443 B (443 bytes)
Hash
2f6043a16c26cde9a190dbb829b5519c
791479cfced1a000ef6411990f1c4bba615b6b4c
f9dfb0c2f94be90f2cdeb66286b36cdeb5d8fb0fbb9f28b1e1d3d99a3780306a

HTTP Headers

GET /js/geoMapping.js HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1675011699.1.0.1675011699.60.0.0; _ga=GA1.2.1494117069.1675011699; _gid=GA1.2.1432588000.1675011700; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 443
last-modified: Tue, 24 Jan 2023 12:10:35 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Sun, 29 Jan 2023 17:00:55 GMT
etag: "2f6043a16c26cde9a190dbb829b5519c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9EywILSj6IOblfRpnCdOnWov4p_U3-86V_JWxxO8hvScHBVJlPV_zw==
age: 40
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
c3fa8c0d3d9045fff6a6da164946a6b2
3f49c2ca05a7a78f25950345231980b544a790e1
82258db78bc0594ae354753c0933d4defdd28c88d5f134635b888f3ca68d2f72

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4641
Cache-Control: max-age=92793
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 17:01:31 GMT
Etag: "63d55bc3-117"
Expires: Mon, 30 Jan 2023 18:48:04 GMT
Last-Modified: Sat, 28 Jan 2023 17:30:43 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 279

cdnstatic.cyber.bet/css/libs/nice-select.css

54.230.111.71

200 OK

1.6 kB

URL HTTP/2
cdnstatic.cyber.bet/css/libs/nice-select.css
IP
54.230.111.71:0
ASN
#16509 AMAZON-02

File type
data
Size
1.6 kB (1551 bytes)
Hash
3725ea628c9b1861991011650a096a4b
95a48fd67d20a2891ea9dcb1ec0eac45a56d3d8f
e17ce3aa6cdb452dd1908313474ccee4ceaeab54a60f0cb11c8df549524eb334

HTTP Headers

GET /css/libs/nice-select.css HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
content-type: text/css
last-modified: Tue, 24 Jan 2023 12:10:32 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Sun, 29 Jan 2023 17:01:00 GMT
etag: W/"b83506d101e8a03948d5c01e83da2b8e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: e214oXxQbhtZAY7UOeMJ6DfmgOXUfelQiQAb4ob6oJ0SoKM5GbiJ9A==
age: 35
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/@fingerprintjs/fingerprintjs@3/dist/fp.min.js

104.16.88.20

200 OK

15 kB

URL HTTP/2
cdn.jsdelivr.net/npm/@fingerprintjs/fingerprintjs@3/dist/fp.min.js
IP
104.16.88.20:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (34150)
Size
15 kB (15015 bytes)
Hash
5bec71d8d81aa064688711c2abeadefc
793a9cc2704d4aec9035c1a1461404eb6b9feb1e
f5698d59e503a98e070c97a8fbb8b6bf7992910837ca1c9f0815666cf8ffda16

HTTP Headers

GET /npm/@fingerprintjs/fingerprintjs@3/dist/fp.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 29 Jan 2023 17:01:31 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 3.4.0
x-jsd-version-type: version
etag: W/"86b4-0dT4vbRAvda9ZROiHYU1ptjFWSM"
x-served-by: cache-fra-eddf8230075-FRA, cache-yyz4566-YYZ
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 40550
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F4yeHwR4Oykn13gbR3%2F29eHq2ctbrkrf1yE9eMuhD5KSJTmo%2FxM0Cog1V5%2FUXGBIUBJp%2BkW2cl2sGiBJ99WIFEUcwdyMqDoROGN3nTeUHRicPP9ItF8%2FiveTo%2BXT7LVnbvA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791387bfdbbc0b45-OSL
content-encoding: br
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2c4380697a101b67d9f8edb80bbe917c
d031ccb76ff8aeef9f80594b3ac3a7117e1ad05d
92fcb57afd01dbdc56cdd37ff2ebfb8807a286936093b1a863d334a3826aceb3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "92FCB57AFD01DBDC56CDD37FF2EBFB8807A286936093B1A863D334A3826ACEB3"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8138
Expires: Sun, 29 Jan 2023 19:17:09 GMT
Date: Sun, 29 Jan 2023 17:01:31 GMT
Connection: keep-alive

cdnstatic.cyber.bet/js/currencyMapping.js

54.230.111.71

200 OK

3.6 kB

URL HTTP/2
cdnstatic.cyber.bet/js/currencyMapping.js
IP
54.230.111.71:0
ASN
#16509 AMAZON-02

File type
data
Size
3.6 kB (3581 bytes)
Hash
6288997615178d923d132c2ccc75992e
b3571c8965637652d581079586c924916e78d1fa
fd449ed0d946f76fd87d0950a415adb77c8c84eb40d5811df870b41b20d412f4

HTTP Headers

GET /js/currencyMapping.js HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1675011699.1.0.1675011699.60.0.0; _ga=GA1.1.1494117069.1675011699
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 24 Jan 2023 12:10:35 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Sun, 29 Jan 2023 17:00:55 GMT
etag: W/"2a3d85d14eaeaac04949a29f3c94c548"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: hfhz2YNCr0sEjflVeZ6lIchow2Em64C0pak0BxLpQ2YRy_Qq8GtFtw==
age: 49
X-Firefox-Spdy: h2

cdnstatic.cyber.bet/js/payments.js

54.230.111.71

200 OK

641 B

URL HTTP/2
cdnstatic.cyber.bet/js/payments.js
IP
54.230.111.71:0
ASN
#16509 AMAZON-02

File type
data
Size
641 B (641 bytes)
Hash
5dfc15922ae2776d11df25fffbafbbb7
8238d0b459fbb937310d59d6dcd7b99ce7b9e497
1917d4e269d042cd66d567da6c3e34e0aef4ebfe7d8c764a8e141f6f680517dd

HTTP Headers

GET /js/payments.js HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 24 Jan 2023 12:10:36 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Sun, 29 Jan 2023 17:00:49 GMT
etag: W/"86e0165b432077320adbf690e339604e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: lmrvADvDI5Vm1nuIpwlF13C8M7PKxerp6-DI8vxmsyjd6_l3eWrXAQ==
age: 50
X-Firefox-Spdy: h2

my.rtmark.net/p.js?f=sync&lr=1&partner=ba0d5680aec92ed9c5c9da2be8d0e8a3a577866b71c7089a32ed732bc1246910

139.45.195.8

200 OK

697 B

URL HTTP/2
my.rtmark.net/p.js?f=sync&lr=1&partner=ba0d5680aec92ed9c5c9da2be8d0e8a3a577866b71c7089a32ed732bc1246910
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
ASCII text
Size
697 B (697 bytes)
Hash
bb07e31c2c066db5c4b3259d1f69a442
db79e9d4a817ce703b11b65faf2ba097228063b2
d96b7a3f7fe0803348c6ea7cd2f02b2a3d96feabac2339d2f89033336f6583a8

HTTP Headers

GET /p.js?f=sync&lr=1&partner=ba0d5680aec92ed9c5c9da2be8d0e8a3a577866b71c7089a32ed732bc1246910 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 17:01:31 GMT
content-type: text/javascript
content-length: 697
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

54.230.245.39

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.39:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
6cb2bc0b7d239f8262a3853e8966603e
69c153f69571171ab45b77b7843b533dd2054a30
61a1ece1823a63c25d72a1250dd74a5d9b82e8798879899ce8914430f736e5f0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 29 Jan 2023 17:01:31 GMT
Last-Modified: Sun, 29 Jan 2023 16:22:24 GMT
Server: ECS (dcb/7F60)
X-Cache: Miss from cloudfront
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: lqoADf1rsEebOnk76erK3JovrropUJGqFLIyro5XhPPQ6rHtN_8v0w==
Age: 2347

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ed8a8c45dceab588456b222e04775919
0242859712655caa3c3e9b936878c7c7874b7b5a
669f0691b8bf32a10fb219ce47ad69495e5cd2a11317b672aecca53f50b51de3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 17:01:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ed8a8c45dceab588456b222e04775919
0242859712655caa3c3e9b936878c7c7874b7b5a
669f0691b8bf32a10fb219ce47ad69495e5cd2a11317b672aecca53f50b51de3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 17:01:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

pj.l.admedo.com/admtracker.lib.min.js

54.230.111.48

200 OK

2.0 kB

URL HTTP/2
pj.l.admedo.com/admtracker.lib.min.js
IP
54.230.111.48:0
ASN
#16509 AMAZON-02

File type
data
Size
2.0 kB (2014 bytes)
Hash
e0bc4286859cab2943b2c73eecd1fd82
7bf8aa80a5e27f4975992e1408ad589e45b54658
dfe0fdf7b9345166833c80f64b497f08c84cdaea1a414b1cbcad956942a4ed37

HTTP Headers

GET /admtracker.lib.min.js HTTP/1.1
Host: pj.l.admedo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 25 Aug 2020 14:10:14 GMT
server: AmazonS3
content-encoding: gzip
date: Sun, 29 Jan 2023 16:55:54 GMT
cache-control: public,max-age=900
etag: W/"5a420213029638ecea775a40089898aa"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 83II-m2EFA_45VaiV1YX41vPQS6djNQZmYxhe20f709uJYikvWjtPQ==
age: 340
X-Firefox-Spdy: h2

stats.g.doubleclick.net/g/collect?v=2&tid=G-8FYNJV02NV&cid=1494117069.1675011699&gtm=2oe1p0&aip=1

173.194.221.155

204 No Content

0 B

URL HTTP/2
stats.g.doubleclick.net/g/collect?v=2&tid=G-8FYNJV02NV&cid=1494117069.1675011699&gtm=2oe1p0&aip=1
IP
173.194.221.155:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-8FYNJV02NV&cid=1494117069.1675011699&gtm=2oe1p0&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cyber.bet
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/2 204 No Content
access-control-allow-origin: https://cyber.bet
date: Sun, 29 Jan 2023 17:01:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-113371679-5&cid=1494117069.1675011699&jid=281395997&gjid=920852931&_gid=1432588000.1675011700&_u=YCDACEABBAAAACAFK~&z=913053101

173.194.221.155

200 OK

4 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-113371679-5&cid=1494117069.1675011699&jid=281395997&gjid=920852931&_gid=1432588000.1675011700&_u=YCDACEABBAAAACAFK~&z=913053101
IP
173.194.221.155:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-113371679-5&cid=1494117069.1675011699&jid=281395997&gjid=920852931&_gid=1432588000.1675011700&_u=YCDACEABBAAAACAFK~&z=913053101 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://cyber.bet
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://cyber.bet
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 29 Jan 2023 17:01:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
35112889038daf39a2fd0a0bd85546e9
fd9b12ade2568f76aa570d9402f25f2f30d7bc73
24f35ecf77dfab6976210efe89bf26464e812e00efae1675593014b8e252adec

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "24F35ECF77DFAB6976210EFE89BF26464E812E00EFAE1675593014B8E252ADEC"
Last-Modified: Sun, 29 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8180
Expires: Sun, 29 Jan 2023 19:17:51 GMT
Date: Sun, 29 Jan 2023 17:01:31 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
35112889038daf39a2fd0a0bd85546e9
fd9b12ade2568f76aa570d9402f25f2f30d7bc73
24f35ecf77dfab6976210efe89bf26464e812e00efae1675593014b8e252adec

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "24F35ECF77DFAB6976210EFE89BF26464E812E00EFAE1675593014B8E252ADEC"
Last-Modified: Sun, 29 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8180
Expires: Sun, 29 Jan 2023 19:17:51 GMT
Date: Sun, 29 Jan 2023 17:01:31 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ed8a8c45dceab588456b222e04775919
0242859712655caa3c3e9b936878c7c7874b7b5a
669f0691b8bf32a10fb219ce47ad69495e5cd2a11317b672aecca53f50b51de3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 17:01:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

region1.analytics.google.com/g/collect?v=2&tid=G-8FYNJV02NV&gtm=2oe1p0&_p=902436792&_gaz=1&cid=1494117069.1675011699&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675011699&sct=1&seg=0&dl=https%3A%2F%2Fcyber.bet%2Fland%2Fgold_football%2F%3Fcid%3D63d6a66a1d24f00001e96706%26pid%3D8425%26subid1%3D%26affs%3D1%26sid%3Daffs%26utm_medium%3Drevshare%26utm_source%3Daffise%26utm_campaign%3D53_betting%26promocode%3DCYBERMAX300%26subid2%3D%26subid3%3D%26aff_bnnr%3D%26aff_land%3D1616692149&dr=http%3A%2F%2Forest-vlv.com%2F&dt=Bets%20on%20Football%20Matches%20%7C%20Cyber.Bet&en=page_view&_fv=2&_nsi=1&_ss=2&up.ip=&up.anon_id=&up.score_bot=

216.239.34.36

204 No Content

0 B

URL HTTP/2
region1.analytics.google.com/g/collect?v=2&tid=G-8FYNJV02NV&gtm=2oe1p0&_p=902436792&_gaz=1&cid=1494117069.1675011699&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675011699&sct=1&seg=0&dl=https%3A%2F%2Fcyber.bet%2Fland%2Fgold_football%2F%3Fcid%3D63d6a66a1d24f00001e96706%26pid%3D8425%26subid1%3D%26affs%3D1%26sid%3Daffs%26utm_medium%3Drevshare%26utm_source%3Daffise%26utm_campaign%3D53_betting%26promocode%3DCYBERMAX300%26subid2%3D%26subid3%3D%26aff_bnnr%3D%26aff_land%3D1616692149&dr=http%3A%2F%2Forest-vlv.com%2F&dt=Bets%20on%20Football%20Matches%20%7C%20Cyber.Bet&en=page_view&_fv=2&_nsi=1&_ss=2&up.ip=&up.anon_id=&up.score_bot=
IP
216.239.34.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-8FYNJV02NV&gtm=2oe1p0&_p=902436792&_gaz=1&cid=1494117069.1675011699&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675011699&sct=1&seg=0&dl=https%3A%2F%2Fcyber.bet%2Fland%2Fgold_football%2F%3Fcid%3D63d6a66a1d24f00001e96706%26pid%3D8425%26subid1%3D%26affs%3D1%26sid%3Daffs%26utm_medium%3Drevshare%26utm_source%3Daffise%26utm_campaign%3D53_betting%26promocode%3DCYBERMAX300%26subid2%3D%26subid3%3D%26aff_bnnr%3D%26aff_land%3D1616692149&dr=http%3A%2F%2Forest-vlv.com%2F&dt=Bets%20on%20Football%20Matches%20%7C%20Cyber.Bet&en=page_view&_fv=2&_nsi=1&_ss=2&up.ip=&up.anon_id=&up.score_bot= HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cyber.bet
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://cyber.bet
date: Sun, 29 Jan 2023 17:01:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

backend.cyberbet.academy/api/gql/send?ttl=86400

34.254.83.154

200 OK

4 B

URL HTTP/2
backend.cyberbet.academy/api/gql/send?ttl=86400
IP
34.254.83.154:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
5b3abf9c1aa7556c3a36fea4e695c5d2
3fd967d09a748e1f2b26d6fe562e7155aa87e9de
98c4922bb641c65c7a30b7bcafdf230b9b00b6693631c56146ab25b2786ee4a3

HTTP Headers

OPTIONS /api/gql/send?ttl=86400 HTTP/1.1
Host: backend.cyberbet.academy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://cyber.bet/
Origin: https://cyber.bet
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 29 Jan 2023 17:01:31 GMT
content-type: application/json; charset=utf-8
content-length: 4
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-headers: origin, content-type, accept
etag: W/"4-P9ln0Jp0jh8rJtb+Vi5xVaqH6d4"
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2

backend.cyberbet.academy/api/gql/send?ttl=86400

34.254.83.154

200 OK

1.7 kB

URL HTTP/2
backend.cyberbet.academy/api/gql/send?ttl=86400
IP
34.254.83.154:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (1732), with no line terminators
Size
1.7 kB (1732 bytes)
Hash
7d262be351a12c20d4e65ce60529f9fc
8081b04642d8b42d8af4fe92cf2e496ed15eaca5
a9d1bfc8e3fcf82bc6d372d278866fb7cc002c158e1ed329bd4f94a70a965241

HTTP Headers

POST /api/gql/send?ttl=86400 HTTP/1.1
Host: backend.cyberbet.academy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cyber.bet/
Content-Type: application/json;charset=utf-8
Origin: https://cyber.bet
Content-Length: 359
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 29 Jan 2023 17:01:32 GMT
content-type: application/json; charset=utf-8
content-length: 1732
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-headers: origin, content-type, accept
etag: W/"6c4-gIGwRkLYtC2K9P6Szy5JbtFerKU"
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2

cdnstatic.cyber.bet/img/input.png

54.230.111.71

200 OK

10 kB

URL HTTP/2
cdnstatic.cyber.bet/img/input.png
IP
54.230.111.71:0
ASN
#16509 AMAZON-02

File type
PNG image data, 684 x 134, 8-bit/color RGBA, non-interlaced\012- data
Size
10 kB (10123 bytes)
Hash
029eb00d46a95ea9be209224c3d913db
6437f53a0ac6d920ce054424e379bc4035890d9f
2edf7d5caba07cf65cf390191d6e21b25a0510b09ea2809df2630515e7bccb7f

HTTP Headers

GET /img/input.png HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdnstatic.cyber.bet/css/global.css
Cookie: _ga_8FYNJV02NV=GS1.1.1675011699.1.0.1675011699.60.0.0; _ga=GA1.2.1494117069.1675011699; _gid=GA1.2.1432588000.1675011700; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 10123
last-modified: Thu, 07 Apr 2022 09:30:15 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Sun, 29 Jan 2023 17:01:02 GMT
etag: "029eb00d46a95ea9be209224c3d913db"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: SCCjxDgMOJuXnKRDWNmzphCH8gqEggTassb3CLPNnqSzV7lRQiWa9g==
age: 31
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
86352d15c37831cf9bf1e41325029224
ac8b28bcc1e6dd026e1f62d1ef8b9f80a42eee21
154f5f5e116df41f5d3bd414c671138b2afc198071529a0f3573109277566cd8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 17:01:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

backend.cyberbet.academy/api/affise/land_promocode?promocode=CYBERMAX300

34.254.83.154

200 OK

728 B

URL HTTP/2
backend.cyberbet.academy/api/affise/land_promocode?promocode=CYBERMAX300
IP
34.254.83.154:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (724), with no line terminators
Size
728 B (728 bytes)
Hash
4bfd4b30ef9033553e00792bd3938e29
dc712b27d1b73701adcda989f9da1c23128bba31
6956ba998ac2794a1286eaf1fbc2283e127c4044f76ac0aa28c8974aae8635d1

HTTP Headers

GET /api/affise/land_promocode?promocode=CYBERMAX300 HTTP/1.1
Host: backend.cyberbet.academy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cyber.bet/
Origin: https://cyber.bet
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 29 Jan 2023 17:01:32 GMT
content-type: application/json; charset=utf-8
content-length: 728
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-headers: origin, content-type, accept
etag: W/"2d8-3HErJ9G3NwGtzamJ+docIxKLujE"
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b67335a8e235eacf68e4b7f98cc5dc40
887a9b34cf2ba9371bbe8c93e362c174668cf812
1ad2f6328af6d819acd85f4e4646afcafd945e17e555d5eeb54244db83cd48fa

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 17:01:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-113371679-5&cid=1494117069.1675011699&jid=281395997&_u=YCDACEABBAAAACAFK~&z=1663412868

216.58.207.228

200 OK

42 B

URL HTTP/2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-113371679-5&cid=1494117069.1675011699&jid=281395997&_u=YCDACEABBAAAACAFK~&z=1663412868
IP
216.58.207.228:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-113371679-5&cid=1494117069.1675011699&jid=281395997&_u=YCDACEABBAAAACAFK~&z=1663412868 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 17:01:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-113371679-3&cid=1494117069.1675011699&jid=1092184661&_u=YCDACEAABAAAACABI~&z=1696788008

216.58.207.228

200 OK

42 B

URL HTTP/2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-113371679-3&cid=1494117069.1675011699&jid=1092184661&_u=YCDACEAABAAAACABI~&z=1696788008
IP
216.58.207.228:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-113371679-3&cid=1494117069.1675011699&jid=1092184661&_u=YCDACEAABAAAACABI~&z=1696788008 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 17:01:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

54.230.245.39

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.39:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
f1547d6bc72caa7f859546cd95874e5a
a06beffcf17fe63f5835cf3b5b38fd210e29fbbf
a983f9c7045e1d0b4f37f7a1ce8a331463f1737782f2dc4c44217197c3bc5b46

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=111642
Date: Sun, 29 Jan 2023 17:01:32 GMT
Etag: "63d5b30c-1d7"
Expires: Tue, 31 Jan 2023 00:02:14 GMT
Last-Modified: Sat, 28 Jan 2023 23:43:08 GMT
Server: ECS (nyb/1D1C)
X-Cache: Miss from cloudfront
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 7_ouIb_p1WVbAemOkOkIB3vnrqFId21FQegHXhTBj73DLa2B6o-nYg==
Age: 1147

ps.l.admedo.com/c819e718-9a80-40f1-b954-13f8b6dff8ac.json

54.230.111.97

200 OK

54 B

URL HTTP/2
ps.l.admedo.com/c819e718-9a80-40f1-b954-13f8b6dff8ac.json
IP
54.230.111.97:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with no line terminators
Size
54 B (54 bytes)
Hash
1868a00f61221a8d1874ceda2b815caf
cfea9926b0c325482e74961fa182b98ccb400852
2251c54ec6d6a304338dd54e64f058fdd0226017b1a43e4b53deb1f7bf26c313

HTTP Headers

GET /c819e718-9a80-40f1-b954-13f8b6dff8ac.json HTTP/1.1
Host: ps.l.admedo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cyber.bet
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/json
content-length: 54
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 01 Feb 2022 13:20:13 GMT
accept-ranges: bytes
server: AmazonS3
date: Sun, 29 Jan 2023 16:50:05 GMT
cache-control: public,max-age=900
etag: "1868a00f61221a8d1874ceda2b815caf"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: YdHs8tMFcZSRWeSAv1W_7AFTYCYYGcN7OcrZeJajG_Ik9HboaQUApw==
age: 688
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ef589be52a3e55b643978f17949a73da
74545de6f144282252ff92c751f97cc835c80341
7bfa68c43e60a2627770163b5c1b96fbd7e4843984ad5ff6225c5490b8073b26

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 17:01:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdnstatic.cyber.bet/js/libs/phone/utils.js

54.230.111.71

200 OK

55 kB

URL HTTP/2
cdnstatic.cyber.bet/js/libs/phone/utils.js
IP
54.230.111.71:0
ASN
#16509 AMAZON-02

File type
data
Size
55 kB (55157 bytes)
Hash
de91f2cf069ef9b3db327cd2661893f2
146a0aebda3925681eb67841f168286e11c303c8
c16001cdf902ddecc53920c20ed67778f7fdd2383038990f69ed76747be30354

HTTP Headers

GET /js/libs/phone/utils.js HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1675011699.1.0.1675011699.60.0.0; _ga=GA1.2.1494117069.1675011699; _gid=GA1.2.1432588000.1675011700; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 24 Jan 2023 12:10:35 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Sun, 29 Jan 2023 17:00:55 GMT
etag: W/"8f3a2154b225b6257161c4dfc9b89c9c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: YB0_WW7gaRBFRu6VnV7DHX0Srt-aTwbNRVazk64L2B3oTxUKdAXIvQ==
age: 39
X-Firefox-Spdy: h2

cdnstatic.cyber.bet/css/img/flags.png

54.230.111.71

200 OK

71 kB

URL HTTP/2
cdnstatic.cyber.bet/css/img/flags.png
IP
54.230.111.71:0
ASN
#16509 AMAZON-02

File type
PNG image data, 5652 x 15, 8-bit/color RGBA, non-interlaced\012- data
Size
71 kB (70857 bytes)
Hash
416250f60d785a2e02f17e054d2e4e44
21572c9751e5a3dc20395befa0fcb349c32c4811
0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55

HTTP Headers

GET /css/img/flags.png HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdnstatic.cyber.bet/css/iti/intlTelInput.css
Cookie: _ga_8FYNJV02NV=GS1.1.1675011699.1.0.1675011699.60.0.0; _ga=GA1.2.1494117069.1675011699; _gid=GA1.2.1432588000.1675011700; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 70857
last-modified: Tue, 24 Jan 2023 12:10:32 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Sun, 29 Jan 2023 17:01:32 GMT
etag: "416250f60d785a2e02f17e054d2e4e44"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: wfI4v5NLw-7n6xeZXY2K3veTAPGD8Flzk9tbpX1xteYTkQRG3_4JlA==
age: 25
X-Firefox-Spdy: h2

backend.cyberbet.academy/api/land_regs/session

34.254.83.154

200 OK

8 B

URL HTTP/2
backend.cyberbet.academy/api/land_regs/session
IP
34.254.83.154:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
8 B (8 bytes)
Hash
758d03240938c9a7a4709e26a48a385e
074a01d890236171824843af0482dc38050d0fc7
c852c2aa5cabf215aba5ff49e32623938e1185ee17817b9e797d3f0452da27db

HTTP Headers

POST /api/land_regs/session HTTP/1.1
Host: backend.cyberbet.academy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cyber.bet/
Content-Type: application/json;charset=utf-8
Origin: https://cyber.bet
Content-Length: 252
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 29 Jan 2023 17:01:32 GMT
content-type: application/json; charset=utf-8
content-length: 8
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-headers: origin, content-type, accept
etag: W/"8-B0oB2JAjYXGCSEOvBILcOAUND8c"
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2

my.rtmark.net/img.gif?f=sync&partner=ba0d5680aec92ed9c5c9da2be8d0e8a3a577866b71c7089a32ed732bc1246910&ttl=&rurl=https%3A%2F%2Fcyber.bet%2Fland%2Fgold_football%2F%3Fcid%3D63d6a66a1d24f00001e96706%26pid%3D8425%26subid1%3D%26affs%3D1%26sid%3Daffs%26utm_medium%3Drevshare%26utm_source%3Daffise%26utm_campaign%3D53_betting%26promocode%3DCYBERMAX300%26subid2%3D%26subid3%3D%26aff_bnnr%3D%26aff_land%3D1616692149

139.45.195.8

200 OK

43 B

URL HTTP/2
my.rtmark.net/img.gif?f=sync&partner=ba0d5680aec92ed9c5c9da2be8d0e8a3a577866b71c7089a32ed732bc1246910&ttl=&rurl=https%3A%2F%2Fcyber.bet%2Fland%2Fgold_football%2F%3Fcid%3D63d6a66a1d24f00001e96706%26pid%3D8425%26subid1%3D%26affs%3D1%26sid%3Daffs%26utm_medium%3Drevshare%26utm_source%3Daffise%26utm_campaign%3D53_betting%26promocode%3DCYBERMAX300%26subid2%3D%26subid3%3D%26aff_bnnr%3D%26aff_land%3D1616692149
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

HTTP Headers

GET /img.gif?f=sync&partner=ba0d5680aec92ed9c5c9da2be8d0e8a3a577866b71c7089a32ed732bc1246910&ttl=&rurl=https%3A%2F%2Fcyber.bet%2Fland%2Fgold_football%2F%3Fcid%3D63d6a66a1d24f00001e96706%26pid%3D8425%26subid1%3D%26affs%3D1%26sid%3Daffs%26utm_medium%3Drevshare%26utm_source%3Daffise%26utm_campaign%3D53_betting%26promocode%3DCYBERMAX300%26subid2%3D%26subid3%3D%26aff_bnnr%3D%26aff_land%3D1616692149 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 17:01:32 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=4b509008bb0a48e8a56c0406348121b9; expires=Mon, 29 Jan 2024 17:01:32 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
25d021b0062a425a334d5a5092944e41
3a501eb49d697b5e01fdd31445e051ceb3a080b2
2d6a16e9cfebaa065ddcf435cffb59c4a5cec0ba864c15eaa59fe89dfefd4235

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 640
Cache-Control: max-age=131642
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 17:01:32 GMT
Etag: "63d60326-1d7"
Expires: Tue, 31 Jan 2023 05:35:34 GMT
Last-Modified: Sun, 29 Jan 2023 05:24:54 GMT
Server: ECS (amb/6B96)
X-Cache: HIT
Content-Length: 471

pool.admedo.com/pixel?id=148776&t=js

35.210.53.219

302 Found

0 B

URL HTTP/2
pool.admedo.com/pixel?id=148776&t=js
IP
35.210.53.219:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pixel?id=148776&t=js HTTP/1.1
Host: pool.admedo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Sun, 29 Jan 2023 17:01:32 GMT
location: https://pool.admedo.com/ul_cb/pixel?id=148776&t=js
set-cookie: tuuid=9d1eaf5e-f27a-472f-8a64-3a18142e85c2; path=/; expires=Mon, 29-Jan-2024 17:01:32 GMT
c=1675011692; path=/; expires=Mon, 29-Jan-2024 17:01:32 GMT
tuuid_lu=1675011692; path=/; expires=Mon, 29-Jan-2024 17:01:32 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

pool.admedo.com/ul_cb/pixel?id=148776&t=js

35.210.53.219

200 OK

0 B

URL HTTP/2
pool.admedo.com/ul_cb/pixel?id=148776&t=js
IP
35.210.53.219:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ul_cb/pixel?id=148776&t=js HTTP/1.1
Host: pool.admedo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cyber.bet/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-length: 0
content-type: text/javascript; charset=UTF-8
date: Sun, 29 Jan 2023 17:01:32 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cyber.bet/graphql/v2

172.66.43.156

200 OK

0 B

URL HTTP/2
cyber.bet/graphql/v2
IP
172.66.43.156:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /graphql/v2 HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cyber.bet/land/gold_football/?cid=63d6a66a1d24f00001e96706&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_betting&promocode=CYBERMAX300&subid2=&subid3=&aff_bnnr=&aff_land=1616692149
Content-Type: application/json;charset=utf-8
Origin: https://cyber.bet
Content-Length: 51
Connection: keep-alive
Cookie: _ga_8FYNJV02NV=GS1.1.1675011699.1.0.1675011699.60.0.0; _ga=GA1.2.1494117069.1675011699; _gid=GA1.2.1432588000.1675011700; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 29 Jan 2023 17:01:31 GMT
content-type: application/json
strict-transport-security: max-age=15724800; includeSubDomains
cb-blocked: no
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MPHDmVARurDGrmCTdiF9OqlEHyLcnNXfpJwjEC%2B39NT%2FbzPedv60FXLcWiLkhJkbedWWS3GVLbPKGlgGKWKsVapFuurYSCtrjicUvBS%2BkzdR%2BPqRadKousRQDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791387bfce550b31-OSL
content-encoding: br
X-Firefox-Spdy: h2

cdnstatic.cyber.bet/js/libs/phone/intlTelInput.js

54.230.111.71

200 OK

0 B

URL HTTP/2
cdnstatic.cyber.bet/js/libs/phone/intlTelInput.js
IP
54.230.111.71:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js/libs/phone/intlTelInput.js HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1675011699.1.0.1675011699.60.0.0; _ga=GA1.2.1494117069.1675011699; _gid=GA1.2.1432588000.1675011700; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 24 Jan 2023 12:10:35 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Sun, 29 Jan 2023 17:00:55 GMT
etag: W/"c73ba86bd67306c5889e9aac41e959e0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7jSiZ6rgJinVAlneRojr8I43oX-Unz8HX2o4Tt8_yPqeyXHsWj-AYw==
age: 39
X-Firefox-Spdy: h2

static.cyber.bet//hi/an/6ce04cc3-d308-42ee-8f2d-04e0a81e7319.svg

172.66.43.156

200 OK

0 B

URL HTTP/2
static.cyber.bet//hi/an/6ce04cc3-d308-42ee-8f2d-04e0a81e7319.svg
IP
172.66.43.156:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET //hi/an/6ce04cc3-d308-42ee-8f2d-04e0a81e7319.svg HTTP/1.1
Host: static.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1675011699.1.0.1675011699.60.0.0; _ga=GA1.2.1494117069.1675011699; _gid=GA1.2.1432588000.1675011700; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Sun, 29 Jan 2023 17:01:32 GMT
content-type: image/svg+xml
cache-control: public, max-age=31536000
last-modified: Fri, 13 May 2022 15:59:53 GMT
x-imgix-id: 0d9a0eb61d73b4e7f1e6f9d63934aa27a4dabba7
x-imgix-render-farm: 02.552
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10077-SJC, cache-bma1665-BMA
x-cache: HIT, MISS
vary: Accept-Encoding
cf-cache-status: HIT
age: 408750
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dyUg6D2%2FKqaa87nwGNZmUMxvPRbSybQ%2FAL5VT4AWVQegDxHnL0j6Pp%2Bf4FOyhGdj6zbqSnM1QDwfQWWXpHVVbYUGh5NPbGvTgIuvqoFmZ35qRQ2d4gfJAJufbduL3IeEomg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791387c3ac040b31-OSL
content-encoding: br
X-Firefox-Spdy: h2

static.cyber.bet//rz/ah/a55f56cd-663f-4587-9ba0-7780f4fffe06.svg

172.66.43.156

200 OK

0 B

URL HTTP/2
static.cyber.bet//rz/ah/a55f56cd-663f-4587-9ba0-7780f4fffe06.svg
IP
172.66.43.156:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET //rz/ah/a55f56cd-663f-4587-9ba0-7780f4fffe06.svg HTTP/1.1
Host: static.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1675011699.1.0.1675011699.60.0.0; _ga=GA1.2.1494117069.1675011699; _gid=GA1.2.1432588000.1675011700; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Sun, 29 Jan 2023 17:01:32 GMT
content-type: image/svg+xml
cache-control: public, max-age=31536000
last-modified: Tue, 15 Feb 2022 14:00:23 GMT
x-imgix-id: 124d84afd81dd36ff5dd18c8efb73ffa18bdb828
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10066-SJC, cache-maa10232-MAA
x-cache: HIT, HIT
vary: Accept-Encoding
cf-cache-status: HIT
age: 408750
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VFx6kUyFXL4AELedvO2%2F7IcgNRGI%2BOukoMjIXJSS%2FTXT9zAAZAa9Ar2YQXMFlOLS3xtwLMJnlVuRcip9i8sTeuhRNG2c0wtFJUlu7NH%2BAinw0KFuRaiKOTp3vnSzg1d5cuE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791387c3ac080b31-OSL
content-encoding: br
X-Firefox-Spdy: h2

static.cyber.bet//us/va/9e380f15-f52c-4b37-9e1a-ee1e29eda72f.svg

172.66.43.156

200 OK

0 B

URL HTTP/2
static.cyber.bet//us/va/9e380f15-f52c-4b37-9e1a-ee1e29eda72f.svg
IP
172.66.43.156:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET //us/va/9e380f15-f52c-4b37-9e1a-ee1e29eda72f.svg HTTP/1.1
Host: static.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1675011699.1.0.1675011699.60.0.0; _ga=GA1.2.1494117069.1675011699; _gid=GA1.2.1432588000.1675011700; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Sun, 29 Jan 2023 17:01:32 GMT
content-type: image/svg+xml
cache-control: public, max-age=31536000
last-modified: Tue, 15 Feb 2022 14:01:52 GMT
x-imgix-id: 5009dab7bf9c2c57dfc23b32759803b69d7d3cb3
x-imgix-render-farm: 01.1064
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10049-SJC, cache-bma1666-BMA
x-cache: HIT, MISS
vary: Accept-Encoding
cf-cache-status: HIT
age: 408750
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sgx0%2Bw129RER%2Fbbl1oBiCuaDTsRc9Pl5Cqju77cpPbWOO07Mn1ss1xtEEWZQWqrLO9gLJimpQrMr6JNl6UbWH%2B9879VZ5nE8hXfv9O%2FNkyl1oy71sPel4geFQowmdzWAQc8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791387c3ac0a0b31-OSL
content-encoding: br
X-Firefox-Spdy: h2

static.cyber.bet//wt/ry/aa27642b-8721-4fd0-8c84-c3e841f603b4.svg

172.66.43.156

200 OK

0 B

URL HTTP/2
static.cyber.bet//wt/ry/aa27642b-8721-4fd0-8c84-c3e841f603b4.svg
IP
172.66.43.156:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET //wt/ry/aa27642b-8721-4fd0-8c84-c3e841f603b4.svg HTTP/1.1
Host: static.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1675011699.1.0.1675011699.60.0.0; _ga=GA1.2.1494117069.1675011699; _gid=GA1.2.1432588000.1675011700; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Sun, 29 Jan 2023 17:01:32 GMT
content-type: image/svg+xml
cache-control: public, max-age=31536000
last-modified: Sun, 27 Nov 2022 13:15:26 GMT
x-imgix-id: befd1e5b23a603e2ad9e7e0e220abae092937310
x-imgix-render-farm: 02.552
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10033-SJC, cache-bma1648-BMA
x-cache: HIT, MISS
vary: Accept-Encoding
cf-cache-status: HIT
age: 958817
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7snWlA%2FQVCsDyWeCac5G4f53mIO3crV%2BZPqWFpJ1657R8q5IWaswz7oz64LMuX5%2BWAyHRc2VdMjuuW%2BPtM3i0NYLi14M0bjPYRKeIHw%2BVfysnzxA3OdmgGoSqp1iE4bjXY0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791387c3ac060b31-OSL
content-encoding: br
X-Firefox-Spdy: h2

static.cyber.bet//wf/sp/611bc275-0144-4101-8422-c5e1f672bc87.svg

172.66.43.156

200 OK

0 B

URL HTTP/2
static.cyber.bet//wf/sp/611bc275-0144-4101-8422-c5e1f672bc87.svg
IP
172.66.43.156:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET //wf/sp/611bc275-0144-4101-8422-c5e1f672bc87.svg HTTP/1.1
Host: static.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1675011699.1.0.1675011699.60.0.0; _ga=GA1.2.1494117069.1675011699; _gid=GA1.2.1432588000.1675011700; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Sun, 29 Jan 2023 17:01:32 GMT
content-type: image/svg+xml
cache-control: public, max-age=31536000
last-modified: Tue, 15 Feb 2022 14:02:39 GMT
x-imgix-id: 75c58e24d4ac8f5051021d0ef9be81344e6a26d6
x-imgix-render-farm: 01.1064
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10029-SJC, cache-bma1653-BMA
x-cache: HIT, MISS
vary: Accept-Encoding
cf-cache-status: HIT
age: 958817
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rfT%2BjSB594yTXkbj8DgZ6eyeaWLB1gN%2F8WCOt9bpzVatbRkfmJHoDzJSRSRnnlRBEKLUNaCKI5rSzlfrOde8J6kAXK6HQsU7jyvJLlIIDh8LISxQGvSQ7X%2FOluQ0aqZjCAc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791387c3ac110b31-OSL
content-encoding: br
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto:100,200,300,400,500,600,700,800,900&display=swap

142.250.74.138

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Roboto:100,200,300,400,500,600,700,800,900&display=swap
IP
142.250.74.138:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Roboto:100,200,300,400,500,600,700,800,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 29 Jan 2023 17:01:30 GMT
date: Sun, 29 Jan 2023 17:01:30 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

static.cyber.bet//fw/ex/770b02e2-890b-47f9-9097-5ce9131c6dae.svg

172.66.43.156

200 OK

0 B

URL HTTP/2
static.cyber.bet//fw/ex/770b02e2-890b-47f9-9097-5ce9131c6dae.svg
IP
172.66.43.156:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET //fw/ex/770b02e2-890b-47f9-9097-5ce9131c6dae.svg HTTP/1.1
Host: static.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1675011699.1.0.1675011699.60.0.0; _ga=GA1.2.1494117069.1675011699; _gid=GA1.2.1432588000.1675011700; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Sun, 29 Jan 2023 17:01:32 GMT
content-type: image/svg+xml
cache-control: public, max-age=31536000
last-modified: Tue, 15 Feb 2022 13:53:49 GMT
x-imgix-id: 3071167306fd7e404ce6c9d0b6695258dcb9f78c
x-imgix-render-farm: 02.552
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10063-SJC, cache-bma1621-BMA
x-cache: HIT, MISS
vary: Accept-Encoding
cf-cache-status: HIT
age: 276334
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=79yTNiMwo8z3ZSmmcUpQY%2B%2BQ7oo8rz4HXaoHRSl7V%2BbZlVKJfq4f%2FRpjQowDQ1ZLN8g4eQr%2F7QkzAjxXdfH7G6grLgwpZ%2BUvYMEIsRAMzA5sB126Ta2dIcNgaNQHKget6bQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791387c3ac0e0b31-OSL
content-encoding: br
X-Firefox-Spdy: h2

static.cyber.bet//vw/ul/f38ce5a4-5465-4e1b-9b88-e542693f572d.svg

172.66.43.156

200 OK

0 B

URL HTTP/2
static.cyber.bet//vw/ul/f38ce5a4-5465-4e1b-9b88-e542693f572d.svg
IP
172.66.43.156:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET //vw/ul/f38ce5a4-5465-4e1b-9b88-e542693f572d.svg HTTP/1.1
Host: static.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1675011699.1.0.1675011699.60.0.0; _ga=GA1.2.1494117069.1675011699; _gid=GA1.2.1432588000.1675011700; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Sun, 29 Jan 2023 17:01:32 GMT
content-type: image/svg+xml
cache-control: public, max-age=31536000
last-modified: Tue, 15 Feb 2022 14:02:28 GMT
x-imgix-id: be499ee77bb9f13f4e61b37ea512299d94aa8c27
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10068-SJC, cache-maa10242-MAA
x-cache: HIT, MISS
vary: Accept-Encoding
cf-cache-status: HIT
age: 769121
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B0m6xdFl9IZ2o6dttzrA4j8Bjq0ZD2KQTzDxg%2F5yGMvqxPJq5i3pdbo0q9SujjoQlxBw3mRWNcEqmRunfXw19F35B6EHKXGhYppO7SHSe%2BVZs5GvlUSe%2BdQj9FRMsrkgD20%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791387c3ac100b31-OSL
content-encoding: br
X-Firefox-Spdy: h2

static.cyber.bet//ct/pt/c85e2438-91ec-44f1-86b9-a8968e2be0a4.svg

172.66.43.156

200 OK

0 B

URL HTTP/2
static.cyber.bet//ct/pt/c85e2438-91ec-44f1-86b9-a8968e2be0a4.svg
IP
172.66.43.156:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET //ct/pt/c85e2438-91ec-44f1-86b9-a8968e2be0a4.svg HTTP/1.1
Host: static.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1675011699.1.0.1675011699.60.0.0; _ga=GA1.2.1494117069.1675011699; _gid=GA1.2.1432588000.1675011700; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Sun, 29 Jan 2023 17:01:32 GMT
content-type: image/svg+xml
cache-control: public, max-age=31536000
last-modified: Tue, 15 Feb 2022 13:52:12 GMT
x-imgix-features: {"linux_painter":"0","tannhauser_routing":"0","tannhauser_shield":"0"}
x-imgix-id: a52b6d3a19f01fc91c01ef38ea74345ce0cc3d68
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10055-SJC, cache-hel1410027-HEL
x-cache: MISS, HIT
vary: Accept-Encoding
cf-cache-status: HIT
age: 276334
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3fnFr3o38tRZ6Vp31ASgPy9jpCWNn4Kqlptc3ykIemMBdNW0vU677VGE2rO%2FVGma9haUT6oJHKeBVHoMuKcfaEzT5j73qrT%2BCGZV4Bf7I5yZ2vxMm2iYNvaixGVw9FLXt%2BM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791387c3ac0f0b31-OSL
content-encoding: br
X-Firefox-Spdy: h2

cdnstatic.cyber.bet/js/libs/iso3to2.js

54.230.111.71

200 OK

0 B

URL HTTP/2
cdnstatic.cyber.bet/js/libs/iso3to2.js
IP
54.230.111.71:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js/libs/iso3to2.js HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1675011699.1.0.1675011699.60.0.0; _ga=GA1.2.1494117069.1675011699; _gid=GA1.2.1432588000.1675011700; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 24 Jan 2023 12:10:35 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Sun, 29 Jan 2023 17:00:56 GMT
etag: W/"db031116c7888248916813c60a4cce2b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: JY5nTVZeqzW7hdQdzoKH_AYktD0bDfdm7SIyHeXKiD13tSkq4XEAjA==
age: 38
X-Firefox-Spdy: h2

cdnstatic.cyber.bet/css/iti/intlTelInput.css

54.230.111.71

200 OK

0 B

URL HTTP/2
cdnstatic.cyber.bet/css/iti/intlTelInput.css
IP
54.230.111.71:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css/iti/intlTelInput.css HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1675011699.1.0.1675011699.60.0.0; _ga=GA1.2.1494117069.1675011699; _gid=GA1.2.1432588000.1675011700; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
content-type: text/css
last-modified: Tue, 24 Jan 2023 12:10:32 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Sun, 29 Jan 2023 17:00:55 GMT
etag: W/"a69aa970266649e0b08c2cb4bc166568"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: EwRWjOGqA76lRwB637sCV77qIUrMoP9x5MQtq99FYdMORwVyqmAhJw==
age: 40
X-Firefox-Spdy: h2

static.cyber.bet//fs/kc/17bc1130-a40d-4486-8805-8edc5e3ab5e0.svg

172.66.43.156

200 OK

0 B

URL HTTP/2
static.cyber.bet//fs/kc/17bc1130-a40d-4486-8805-8edc5e3ab5e0.svg
IP
172.66.43.156:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET //fs/kc/17bc1130-a40d-4486-8805-8edc5e3ab5e0.svg HTTP/1.1
Host: static.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1675011699.1.0.1675011699.60.0.0; _ga=GA1.2.1494117069.1675011699; _gid=GA1.2.1432588000.1675011700; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Sun, 29 Jan 2023 17:01:32 GMT
content-type: image/svg+xml
cache-control: public, max-age=31536000
last-modified: Sat, 26 Nov 2022 04:32:34 GMT
x-imgix-id: eaa9a5ceb4ef9ff91d93849720aab7cfa394d578
x-imgix-render-farm: 02.552
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10054-SJC, cache-bma1648-BMA
x-cache: HIT, MISS
vary: Accept-Encoding
cf-cache-status: HIT
age: 408750
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h%2FgtX8jLbYrqOgOURGVSApj%2FTjQNqAhR6nKaeDWWKyO9OC2AQCxzs8ZIpzMmOcuOdEby9uYRFvIjE%2F0g2KfItpW%2Fw9VIl%2FYDKQdnuBL4ddovHhf%2Bm9ahoaF%2FnsgCQoSuxV0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791387c3ac120b31-OSL
content-encoding: br
X-Firefox-Spdy: h2

static.cyber.bet//rp/gc/3a3b6125-5608-486b-8f79-4497ca3badfe.svg

172.66.43.156

200 OK

0 B

URL HTTP/2
static.cyber.bet//rp/gc/3a3b6125-5608-486b-8f79-4497ca3badfe.svg
IP
172.66.43.156:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET //rp/gc/3a3b6125-5608-486b-8f79-4497ca3badfe.svg HTTP/1.1
Host: static.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1675011699.1.0.1675011699.60.0.0; _ga=GA1.2.1494117069.1675011699; _gid=GA1.2.1432588000.1675011700; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Sun, 29 Jan 2023 17:01:32 GMT
content-type: image/svg+xml
cache-control: public, max-age=31536000
last-modified: Tue, 15 Feb 2022 14:00:10 GMT
x-imgix-id: 854adac84f9266f0b69e2c7ea9353daa4bedcf8d
x-imgix-render-farm: 02.552
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10068-SJC, cache-bma1650-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
cf-cache-status: HIT
age: 276334
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QH4dsgR%2BCPC3THHrIxNGyRwJzorBea0Zb7NdMy1QqQNLuz3yGIKOVgBt6KBiGz7qsdbDLS6JOqOb8AGAFD9BlPsRzwhMwJAx9NxqYVlsPFAW%2FX1LHp%2Fx9ub34TAuIEfJ624%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791387c3ac0c0b31-OSL
content-encoding: br
X-Firefox-Spdy: h2

cdnstatic.cyber.bet/js/libs/jquery.nice-select.min.js

54.230.111.71

200 OK

0 B

URL HTTP/2
cdnstatic.cyber.bet/js/libs/jquery.nice-select.min.js
IP
54.230.111.71:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js/libs/jquery.nice-select.min.js HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 24 Jan 2023 12:10:35 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Sun, 29 Jan 2023 17:00:54 GMT
etag: W/"4e2def5093eb4c4281624db4a5aa8f9c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: M_vCIGmU_SgIwyX-Gdr_cYRiLTd5mtzdA4KeGOhxwbvt_j7VkaqP6g==
age: 40
X-Firefox-Spdy: h2

cyber.bet/land/gold_football/css/form.css

172.66.43.156

200 OK

0 B

URL HTTP/2
cyber.bet/land/gold_football/css/form.css
IP
172.66.43.156:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /land/gold_football/css/form.css HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/gold_football/?cid=63d6a66a1d24f00001e96706&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_betting&promocode=CYBERMAX300&subid2=&subid3=&aff_bnnr=&aff_land=1616692149
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 29 Jan 2023 17:01:30 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=9305
etag: W/"5feaf99b-2459"
last-modified: Tue, 29 Dec 2020 09:40:43 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3404
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rQqaYKyKUwC2T%2F%2B%2BH%2BDglfKxh4WJ3wXVrFOCNhUSSMFJr89n7g4DgkrfuDrVv1a6pNOsOugnc0dWQhWDUo4BPS5q6%2Bz5PK7nC1LhU8mfVYv7ELhlelPksz9KSA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791387bb99630b31-OSL
content-encoding: br
X-Firefox-Spdy: h2

cyber.bet/land/gold_football/css/common.css

172.66.43.156

200 OK

0 B

URL HTTP/2
cyber.bet/land/gold_football/css/common.css
IP
172.66.43.156:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /land/gold_football/css/common.css HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/gold_football/?cid=63d6a66a1d24f00001e96706&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_betting&promocode=CYBERMAX300&subid2=&subid3=&aff_bnnr=&aff_land=1616692149
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 29 Jan 2023 17:01:30 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=2676
etag: W/"5fea0ac1-a74"
last-modified: Mon, 28 Dec 2020 16:41:37 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3404
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RM392PXwizUEQ0Zk74xuy%2FZKR60agUHvbVErQNrKhuUuco7Qnm0BDEuZ75vC4klnP8wb3Ow2a9TP%2BThTCXwcyaOcTed91L4OalHZ2uPGK3LaRgJI7PbJKXPIDw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791387bb99600b31-OSL
content-encoding: br
X-Firefox-Spdy: h2

static.cyber.bet//xb/uj/c55700c6-fd25-4428-ab94-d164b9de3298.svg

172.66.43.156

200 OK

0 B

URL HTTP/2
static.cyber.bet//xb/uj/c55700c6-fd25-4428-ab94-d164b9de3298.svg
IP
172.66.43.156:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET //xb/uj/c55700c6-fd25-4428-ab94-d164b9de3298.svg HTTP/1.1
Host: static.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1675011699.1.0.1675011699.60.0.0; _ga=GA1.2.1494117069.1675011699; _gid=GA1.2.1432588000.1675011700; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Sun, 29 Jan 2023 17:01:32 GMT
content-type: image/svg+xml
cache-control: public, max-age=31536000
last-modified: Tue, 30 Aug 2022 12:06:01 GMT
x-imgix-id: 9bdf3c27132191386bea4ec4bc43098d462dc9fd
x-imgix-render-farm: 02.552
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10022-SJC, cache-bma1631-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
cf-cache-status: HIT
age: 958817
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sf32Vfb5W6R%2Fdh9gl4KG%2BmgF%2FBLB9vQxh1ApsHHmqOoziPN5xmU87804kPQzYzx7IOJNB7n596TYWlrUSMhGaX6CVNP683JnS9ClWurGgw0oF8%2FT6XfOcCuthttHOLQtCSw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791387c3ac030b31-OSL
content-encoding: br
X-Firefox-Spdy: h2

static.cyber.bet//nj/mq/749129a1-2b84-46a8-bfc2-36c7fb837f56.svg

172.66.43.156

200 OK

0 B

URL HTTP/2
static.cyber.bet//nj/mq/749129a1-2b84-46a8-bfc2-36c7fb837f56.svg
IP
172.66.43.156:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET //nj/mq/749129a1-2b84-46a8-bfc2-36c7fb837f56.svg HTTP/1.1
Host: static.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1675011699.1.0.1675011699.60.0.0; _ga=GA1.2.1494117069.1675011699; _gid=GA1.2.1432588000.1675011700; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Sun, 29 Jan 2023 17:01:32 GMT
content-type: image/svg+xml
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 04:06:38 GMT
x-imgix-id: 58d927587a2791fa5ee8dc913a6ff0f83e28f73b
x-imgix-render-farm: 02.552
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10051-SJC, cache-bma1681-BMA
x-cache: MISS, HIT
vary: Accept-Encoding
cf-cache-status: HIT
age: 276334
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WLsfhdlWTCiAAFx4dJhd6aw5gStuWvMn1kfRFX803A7X26qh2SUGIXYJ7dXBiepU%2F%2BosDSywtC3h2V116%2BPZSsgPfWg0QzXNNc0kAp6d0qkQ940XE%2B1cka9svSASx8WrXyA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791387c3ac050b31-OSL
content-encoding: br
X-Firefox-Spdy: h2

static.cyber.bet//rg/xl/324c146b-3f35-4a0f-88ce-5f2b13d51113.svg

172.66.43.156

200 OK

0 B

URL HTTP/2
static.cyber.bet//rg/xl/324c146b-3f35-4a0f-88ce-5f2b13d51113.svg
IP
172.66.43.156:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET //rg/xl/324c146b-3f35-4a0f-88ce-5f2b13d51113.svg HTTP/1.1
Host: static.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1675011699.1.0.1675011699.60.0.0; _ga=GA1.2.1494117069.1675011699; _gid=GA1.2.1432588000.1675011700; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Sun, 29 Jan 2023 17:01:32 GMT
content-type: image/svg+xml
cache-control: public, max-age=31536000
last-modified: Tue, 15 Feb 2022 13:59:51 GMT
x-imgix-id: c912ac4741157f0c624624a3b61b365f5d2f134f
x-imgix-render-farm: 01.1064
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10082-SJC, cache-bma1655-BMA
x-cache: HIT, MISS
vary: Accept-Encoding
cf-cache-status: HIT
age: 958817
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7ztkGas2UEBidxNP7Y1oVBX8rBHrPwF0xf%2Bi6Ew6CHJDSJjyeauIa7ZqbtA5YSO8gC9aOkgebtG1QcAveWmZZq1ks5A160uBFwpIwTffoMWN7jcbzcMjs%2BPWYSq%2FNm9rCoI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791387c3ac0d0b31-OSL
content-encoding: br
X-Firefox-Spdy: h2

cyber.bet/land/gold_football/?cid=63d6a66a1d24f00001e96706&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_betting&promocode=CYBERMAX300&subid2=&subid3=&aff_bnnr=&aff_land=1616692149

172.66.43.156

200 OK

0 B

URL HTTP/2
cyber.bet/land/gold_football/?cid=63d6a66a1d24f00001e96706&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_betting&promocode=CYBERMAX300&subid2=&subid3=&aff_bnnr=&aff_land=1616692149
IP
172.66.43.156:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /land/gold_football/?cid=63d6a66a1d24f00001e96706&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_betting&promocode=CYBERMAX300&subid2=&subid3=&aff_bnnr=&aff_land=1616692149 HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://orest-vlv.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 29 Jan 2023 17:01:30 GMT
content-type: text/html
last-modified: Tue, 22 Mar 2022 09:45:58 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wk5ekRTibE1E32I8Ky8TP1AW8%2BKN4r9WL6nsIFKry%2F7K8Ok7luInTR3BYZNVOKyofCFXgeJesqdUewWpVOC87Pa3TAO8h%2FawBEr19kiDpCsXWj2zi4REE4HThQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791387ba88080b31-OSL
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (33)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML