Report - track.afrsportsbetting.com/66236579-1328-4dea-8e3e-c7fd8a5baf6d

Report Overview

Visited public
2023-11-13 19:15:38
Tags
URL
track.afrsportsbetting.com/66236579-1328-4dea-8e3e-c7fd8a5baf6d
Finishing URL
play.falconvegas.com/register/casino?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790
IP / ASN
3.72.158.57
#16509 AMAZON-02
Title
FalconVegas

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
play.falconvegas.com	unknown	2023-05-04	2023-11-11 13:34:34	2023-11-11 13:34:34	21 kB	3.3 MB	143.204.55.25
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2023-11-13 12:50:12	1.4 kB	364 kB	142.250.74.168
api.falconvegas.com	unknown	2023-05-04	2023-11-11 15:22:30	2023-11-11 15:22:30	1.1 kB	1.5 kB	54.230.111.125
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-11-13 14:06:59	1.0 kB	48 kB	216.58.207.227
content.realtimems.com	unknown	2019-07-25	2022-10-08 08:35:44	2023-10-21 00:23:41	3.1 kB	7.8 MB	143.204.55.106
cdn.webpu.sh	347676	2016-01-23	2017-09-29 10:51:47	2023-11-13 03:26:42	435 B	186 kB	54.230.111.116
locooler-ageneral.com	unknown	2019-06-14	2019-08-08 06:09:07	2023-11-12 09:33:59	763 B	669 B	3.72.158.57
ivyaffsolutions.com	unknown	2021-02-25	2021-02-28 06:42:16	2023-11-11 15:22:54	1.2 kB	2.3 kB	20.93.81.72
cdn.seondf.com	200610	2021-06-30	2021-07-27 16:12:20	2023-11-12 18:36:01	410 B	344 kB	172.67.148.159
region1.analytics.google.com	unknown	1997-09-15	2022-03-17 12:26:33	2023-11-13 05:09:21	3.3 kB	1.7 kB	216.239.32.36
www.google.no	25607	2001-02-26	2016-04-05 21:50:59	2023-11-13 14:27:39	589 B	578 B	142.250.74.163

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

Scan Date	Severity	Indicator	Alert
2023-11-13	medium	cdn.seondf.com/js/v5/agent.js	Unique code from Jetriz, Swid & Jeniva of the Tetris framework

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (24)

	URL	From	Size	First Seen	Last Seen
	play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790	ScriptElement	5.8 kB	2024-08-20	2024-08-20
Pretty URL play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790 IP 143.204.55.25 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 19:44 Last Seen2024-08-20 19:44 Times Seen1 Hash 938ff88a81ce07bafed4380a965ebe70 2ec288c5a31c4661ec976da81214d550fcd9a209 8408b3661329a9199502d879dc0d9b0e4d5d89658b7853858a4db8df47adb365 Loading...

	play.falconvegas.com/js/chunk-32fce606.3f82b1d9.js	ScriptElement	60 kB	2023-11-13	2023-11-13
Pretty URL play.falconvegas.com/js/chunk-32fce606.3f82b1d9.js IP 143.204.55.25 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-13 20:15 Last Seen2023-11-13 20:15 Times Seen1 Hash 44c43e7997099c5a81663ac3cda70925 8e2f1c5e77eb0a72f043c7747b17097da189ff5e 446f6590eeec91dec30f0148a2b3ef262f1f8b04dc238cfaa8743684b6ac735a Loading...

	play.falconvegas.com/js/chunk-62917b77.3b789710.js	ScriptElement	25 kB	2024-08-20	2024-08-20
Pretty URL play.falconvegas.com/js/chunk-62917b77.3b789710.js IP 143.204.55.25 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 19:44 Last Seen2024-08-20 19:44 Times Seen1 Hash 7f4fea935e1216808fa5a8451ee159ec 8a545fd346b175e58bca4a83886ed2b943ac3be7 84602cd6fceec286367902619f93b55145c06c2fa8f126d0bf9ca61019025ffe Loading...

	play.falconvegas.com/js/acct-details.422c18cf.js	ScriptElement	250 kB	2024-08-20	2024-08-20
Pretty URL play.falconvegas.com/js/acct-details.422c18cf.js IP 143.204.55.25 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 19:44 Last Seen2024-08-20 19:44 Times Seen1 Hash 9c0078c013fceff129535f41d80b4ee1 30eadd8525ff0e1520116eb85df3e162164d7880 4819e792dfb3c66ad02f5b081f458fd11cdc24021af6d60c5c40828edd202c33 Loading...

	unknown	ScriptElement	40 B	2024-08-20	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 19:44 Last Seen2024-08-20 19:44 Times Seen1 Hash 73bb722ae64f1034986843c59c68776a ebc4902d93d0f42c34cc72b25a419aed731f8b37 2ff0fee3cc3466023dee464e65518029e68a3d7a49a31d0430429ea0ed0f3cb0 Loading...

	www.googletagmanager.com/gtag/js?id=G-T242DQJTSY&l=dataLayer&cx=c	ScriptElement	281 kB	2023-11-13	2023-11-13
Pretty URL www.googletagmanager.com/gtag/js?id=G-T242DQJTSY&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-13 20:15 Last Seen2023-11-13 20:15 Times Seen1 Hash 70bf164dcb11c99919f946edf31e2022 cdb37228bd3d732c609d3121ea7366a5efb6d393 5713120912ce867dd75d0a2d071b7d141ae25694c21ce5a1347f7d6184ebebd9 Loading...

	play.falconvegas.com/js/chunk-0f9ad738.30bd3161.js	ScriptElement	55 kB	2023-08-13	2024-08-21
Pretty URL play.falconvegas.com/js/chunk-0f9ad738.30bd3161.js IP 143.204.55.25 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-13 23:53 Last Seen2024-08-21 08:48 Times Seen4 Hash f93818244c08032916d76c25475e6240 b7a957778e35ee2ac674f8fdb6c6c9c0cfd74ef7 64378c62b77392eda63154fb8dc4f24f28ab2b52c947df158603c5744e7c1664 Loading...

	play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790	ScriptElement	394 B	2023-11-13	2024-08-20
Pretty URL play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790 IP 143.204.55.25 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-13 20:15 Last Seen2024-08-20 19:44 Times Seen2 Hash 33a6fb7dd394347ca539c9298e61c00c bec516a2f4f44c610dc00015530dd7a653e2f3b9 e57ffbf6434028080e64eb78aa4c7ab0088440bdbfb65218287364c018a12693 Loading...

	play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790	ScriptElement	407 B	2024-08-20	2024-08-20
Pretty URL play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790 IP 143.204.55.25 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 19:44 Last Seen2024-08-20 19:44 Times Seen1 Hash 05826468bed8b6160f086a6115ea95e6 924093aed2eda94dfe44d6c28176748cb2487f47 79d2c8e601c5c5ee1bd97468e2fdccc2e97a15d7a5befe2b6c65362d3172023e Loading...

	play.falconvegas.com/js/chunk-vendors.1c97e481.js	ScriptElement	390 kB	2023-11-13	2024-08-20
Pretty URL play.falconvegas.com/js/chunk-vendors.1c97e481.js IP 143.204.55.25 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-13 20:15 Last Seen2024-08-20 19:44 Times Seen2 Hash 5e80e317869ef946eb2d5466dd2b5d4e 0979b5b93a3cae0a9effc5cabf4ab32406e5ea05 519533c73c766e6301ce4953480e1d51acc4270def39491cbbd515a76c8ebcd0 Loading...

	play.falconvegas.com/js/app.663d4fe1.js	ScriptElement	135 kB	2023-11-13	2023-11-13
Pretty URL play.falconvegas.com/js/app.663d4fe1.js IP 143.204.55.25 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-13 20:15 Last Seen2023-11-13 20:15 Times Seen1 Hash 910709d4f3be8adbef2242a6028406f1 ed18cbf1e46ea9e6dcf4b7e6f780f3a264fae9a4 e16acf3f4839eace6e566bdcc191be8d693708a303c5768c8db233daa5d54d4d Loading...

	play.falconvegas.com/js/chunk-07fd9a13.f8a33a85.js	ScriptElement	29 kB	2024-08-20	2024-08-20
Pretty URL play.falconvegas.com/js/chunk-07fd9a13.f8a33a85.js IP 143.204.55.25 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 19:44 Last Seen2024-08-20 19:44 Times Seen1 Hash 4e5d71d3a7380d31bbf194122d8a5335 62a368810b839c5725978172992c761149b2139e 03080469933e93e6399236d99e7321439313c64359f644963e6dd5b23ecedcd9 Loading...

	play.falconvegas.com/js/chunk-54e76b9b.a122aca0.js	ScriptElement	17 kB	2023-11-13	2023-11-13
Pretty URL play.falconvegas.com/js/chunk-54e76b9b.a122aca0.js IP 143.204.55.25 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-13 20:15 Last Seen2023-11-13 20:15 Times Seen1 Hash a7910af0383e0994eb91769ea12b6669 c5591c3d1a9d5dfcf62fa3a78c212dce09165c8c 44717d519c9f00f85b04860ba4fca42feaf951af882ce8d36a07854733c6e642 Loading...

	play.falconvegas.com/js/game-play.35553514.js	ScriptElement	335 kB	2024-08-20	2024-08-20
Pretty URL play.falconvegas.com/js/game-play.35553514.js IP 143.204.55.25 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 19:44 Last Seen2024-08-20 19:44 Times Seen1 Hash 802da6da8a9a08ee3783119ec8345165 a3cf6e4e151e1cbfe25286822365d532dbff7fbd 39cd5f6e6ffaa1f55950aa51447a753f6a3ac7d878f34ae59e7ddb8806788d3f Loading...

	cdn.seondf.com/js/v5/agent.js	ScriptElement	505 kB	2023-10-17	2025-02-06
Pretty URL cdn.seondf.com/js/v5/agent.js IP 172.67.148.159 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-17 14:34 Last Seen2025-02-06 21:33 Times Seen94 Hash f3dbf12133e672d7dd1f2f1f848c8230 46608036761e3d229abb9b50a89b50e93b103222 91604d705edcbf8b2c29aae55d54a1f7d85ff83d3990a2337d05c3bc3185548f Loading...

	play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790	ScriptElement	38 kB	2024-08-20	2024-08-20
Pretty URL play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790 IP 143.204.55.25 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 19:44 Last Seen2024-08-20 19:44 Times Seen1 Hash 198f6b94d39dcb483ecb4637f19eb311 640ea0ca5fd982a4eaf723b568a5639f51529360 5165e59f35c9f4675eaa4d762274f29d102e0844743d6b43f76a786b37665265 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-T9CJQD4	ScriptElement	268 kB	2023-11-13	2023-11-13
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-T9CJQD4 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-13 20:15 Last Seen2023-11-13 20:15 Times Seen1 Hash 3d547435f95fdd277db42ac624ea8552 ba2061984ddcd7f5fd79e46e0af3c3d83db9778b 1473017e962d6aa2da6a5cf656369d75ba2f32b6601c4ff6530983c53b4fae6b Loading...

	play.falconvegas.com/js/chunk-7b64e981.d9f8e2e5.js	ScriptElement	11 kB	2024-08-20	2024-08-20
Pretty URL play.falconvegas.com/js/chunk-7b64e981.d9f8e2e5.js IP 143.204.55.25 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 19:44 Last Seen2024-08-20 19:44 Times Seen1 Hash 57152abd7ac7d5a4d92cf2c8f86e43f7 4893597f6a5140e21f32334d1f0f6aa171194a68 3d72f2a3ce66ba8f1ee641fb880083c7944b7bc4642cb9f2466f9b345f57177c Loading...

	cdn.webpu.sh/Nn2O8A68V8n0IymYHoOKumwuwyniPoua/sdk.js	ScriptElement	186 kB	2023-11-13	2023-11-13
Pretty URL cdn.webpu.sh/Nn2O8A68V8n0IymYHoOKumwuwyniPoua/sdk.js IP 54.230.111.116 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-13 20:15 Last Seen2023-11-13 20:15 Times Seen1 Hash 53e4dbd41a403d6820714bc5f97c9c8d a23d62facf8ad2756fd9e1abd0aaa42e95c255da 9edd965971567195aa2753f5fe29b31d79624cbf9206a77b2268854917e94c03 Loading...

	play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790	ScriptElement	59 kB	2024-08-20	2024-08-20
Pretty URL play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790 IP 143.204.55.25 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 19:44 Last Seen2024-08-20 19:44 Times Seen1 Hash d36763926c384a86d1a1828dff33f444 11c883235400857ff862dca11bf389883d1be583 e53ee7278134491fc9a1d5e59c3f1f256baa144a33ca0bab3628ae5b68f0d458 Loading...

	play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790	ScriptElement	16 B	2023-08-13	2024-08-21
Pretty URL play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790 IP 143.204.55.25 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-13 23:53 Last Seen2024-08-21 08:48 Times Seen4 Hash bb555250c697884087e5cd06f76bbcef 66dd40df9c37d200f77c6376995cc4dc06ddb7e0 0bfa2abd3a7f1e87085961e600f7d2aaf6791176edceeadf1020217e5d6f060a Loading...

	play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790	ScriptElement	12 B	2023-08-13	2024-08-21
Pretty URL play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790 IP 143.204.55.25 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-13 23:53 Last Seen2024-08-21 08:48 Times Seen4 Hash 3edd3d677a603c318526e93c3ba76cf2 e8231c9299921a2153750f449cdbff0186304416 fb2dd13c2cd83d77ce1bd6e37c341d13e20672349b455efabf79ae8195fb7e26 Loading...

	play.falconvegas.com/js/chunk-41827f2f.7d8fe65f.js	ScriptElement	176 kB	2024-08-20	2024-08-20
Pretty URL play.falconvegas.com/js/chunk-41827f2f.7d8fe65f.js IP 143.204.55.25 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 19:44 Last Seen2024-08-20 19:44 Times Seen1 Hash ecc601ffb1c78d11e27aa130f840753b bb1e87a63fac536725ae16d0e13cb339d29dda7b 9b526acaf1b904be3c0d4d966106c2766f8f812d47ddbc42a1f99f45a995bc2a Loading...

		Size	First Seen	Last Seen
	#1 Write - 0c2ec1c73b657f07bc7db7c692e08b46	346 B	2024-08-20 19:44	2024-08-20 19:44
Pretty Observations First Seen2024-08-20 19:44 Last Seen2024-08-20 19:44 Times Seen1 Hash 0c2ec1c73b657f07bc7db7c692e08b46 dfdbb92d24f329c1ee152723502b0cb90c89f91c df72b469e1cf131e60439595c1653304f60200dd07e89e9be9aacf36af22e873 Loading...

HTTP Transactions (55)

URL IP Response Size

locooler-ageneral.com/redirect?target=BASE64aHR0cHM6Ly9pdnlhZmZzb2x1dGlvbnMuY29tL0MuYXNoeD9idGFnPWFfMzE2ODliXzc5MGNfJmFmZmlkPTYxNTYmc2l0ZWlkPTMxNjg5JmFkaWQ9NzkwJmM9d2E4dmMxanF1a2p1Y2owdDJlc202OTZrJkFjaWQ9d2E4dmMxanF1a2p1Y2owdDJlc202OTZr&ts=1699902918260&hash=-y5kShBXAH6_98VlnJzvYKyyApn86alGYXQkrl2Fopo&rm=D

3.72.158.57

402 B

URL
locooler-ageneral.com/redirect?target=BASE64aHR0cHM6Ly9pdnlhZmZzb2x1dGlvbnMuY29tL0MuYXNoeD9idGFnPWFfMzE2ODliXzc5MGNfJmFmZmlkPTYxNTYmc2l0ZWlkPTMxNjg5JmFkaWQ9NzkwJmM9d2E4dmMxanF1a2p1Y2owdDJlc202OTZrJkFjaWQ9d2E4dmMxanF1a2p1Y2owdDJlc202OTZr&ts=1699902918260&hash=-y5kShBXAH6_98VlnJzvYKyyApn86alGYXQkrl2Fopo&rm=D
IP
3.72.158.57:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document, ASCII text, with very long lines (402), with no line terminators
Size
402 B (402 bytes)
Hash
9b306f4a47912001ac2f6709f9bd7606
f7f03590122c97bf163a4f11abc49c1a666e3416
da50f5870ad8f8b4d3f97bbcfbd1c64445b7b60efcf5e282454625068940e97b

HTTP Headers

GET /redirect?target=BASE64aHR0cHM6Ly9pdnlhZmZzb2x1dGlvbnMuY29tL0MuYXNoeD9idGFnPWFfMzE2ODliXzc5MGNfJmFmZmlkPTYxNTYmc2l0ZWlkPTMxNjg5JmFkaWQ9NzkwJmM9d2E4dmMxanF1a2p1Y2owdDJlc202OTZrJkFjaWQ9d2E4dmMxanF1a2p1Y2owdDJlc202OTZr&ts=1699902918260&hash=-y5kShBXAH6_98VlnJzvYKyyApn86alGYXQkrl2Fopo&rm=D HTTP/1.1
Host: locooler-ageneral.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 13 Nov 2023 19:15:18 GMT
content-type: text/html;charset=UTF-8
content-length: 402
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
X-Firefox-Spdy: h2

ivyaffsolutions.com/C.ashx?btag=a_31689b_790c_&affid=6156&siteid=31689&adid=790&c=wa8vc1jqukjucj0t2esm696k&Acid=wa8vc1jqukjucj0t2esm696k

20.93.81.72

302 Found

287 B

URL User Request GET HTTP/1.1
ivyaffsolutions.com/C.ashx?btag=a_31689b_790c_&affid=6156&siteid=31689&adid=790&c=wa8vc1jqukjucj0t2esm696k&Acid=wa8vc1jqukjucj0t2esm696k
IP
20.93.81.72:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Certificate
IssuerDigiCert Inc
Subjectivyaffsolutions.com
Fingerprint54:89:21:6A:9B:0D:54:5D:26:8C:1A:12:E9:3D:F3:4C:12:09:1E:54
ValidityWed, 15 Mar 2023 00:00:00 GMT - Thu, 14 Mar 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
287 B (287 bytes)
Hash
7261373baa5ef6b03e35acbaaa6ffc7d
ca59f6037b95e0cbd9a975b0c605e4c3e75987a7
f36ed9ed646bcca612f01efb67a3180b967bc70092a25f2942c13b19e472bfa1

HTTP Headers

GET /C.ashx?btag=a_31689b_790c_&affid=6156&siteid=31689&adid=790&c=wa8vc1jqukjucj0t2esm696k&Acid=wa8vc1jqukjucj0t2esm696k HTTP/1.1
Host: ivyaffsolutions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Mon, 13 Nov 2023 19:15:19 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 287
Connection: keep-alive
Cache-Control: private
Location: //ivyaffsolutions.com/C.ashx?btag=a_31689b_790c_&affid=6156&siteid=31689&adid=790&c=wa8vc1jqukjucj0t2esm696k&Acid=wa8vc1jqukjucj0t2esm696k&AutoR=1
Server: Microsoft-IIS/10.0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
X-AspNet-Version: 4.0.30319
Set-Cookie: CEK=a; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; SameSite=None; Secure
X-Powered-By: ASP.NET
X-XSS-Protection: 1; mode=block

ivyaffsolutions.com/C.ashx?btag=a_31689b_790c_&affid=6156&siteid=31689&adid=790&c=wa8vc1jqukjucj0t2esm696k&Acid=wa8vc1jqukjucj0t2esm696k&AutoR=1

20.93.81.72

302 Found

222 B

URL User Request GET HTTP/1.1
ivyaffsolutions.com/C.ashx?btag=a_31689b_790c_&affid=6156&siteid=31689&adid=790&c=wa8vc1jqukjucj0t2esm696k&Acid=wa8vc1jqukjucj0t2esm696k&AutoR=1
IP
20.93.81.72:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Certificate
IssuerDigiCert Inc
Subjectivyaffsolutions.com
Fingerprint54:89:21:6A:9B:0D:54:5D:26:8C:1A:12:E9:3D:F3:4C:12:09:1E:54
ValidityWed, 15 Mar 2023 00:00:00 GMT - Thu, 14 Mar 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
222 B (222 bytes)
Hash
cf6797075f5a0b782a13c4d6683132ef
6d42f9c3ede8038df429eb9b75598cb2742f5c1a
01506c40d8c30d32b73b72213136eef663081b7f683e2fffdc839656ebe4c12c

HTTP Headers

GET /C.ashx?btag=a_31689b_790c_&affid=6156&siteid=31689&adid=790&c=wa8vc1jqukjucj0t2esm696k&Acid=wa8vc1jqukjucj0t2esm696k&AutoR=1 HTTP/1.1
Host: ivyaffsolutions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: CEK=a
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Mon, 13 Nov 2023 19:15:19 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 222
Connection: keep-alive
Cache-Control: private
Location: https://play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790
Server: Microsoft-IIS/10.0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
X-AspNet-Version: 4.0.30319
Set-Cookie: XYZ=3&1&19&oslo&oslo&norway&0&1&&e791bf53-bdb5-48d9-924d-abd923165adf&&a_31689b_790&; expires=Sun, 11-Feb-2024 19:15:19 GMT; path=/; SameSite=None; Secure
A_790=a=790&r=0&fv=0&lv=0&vc=0&fc=20231113&lc=20231113071519&cc=1; expires=Sun, 11-Feb-2024 19:15:19 GMT; path=/; SameSite=None; Secure
PM_53=id=d2c48b91-d6b6-46b8-9f3a-5e3fb3964f05&c=wa8vc1jqukjucj0t2esm696k&s=31689&ad=790&md=0&pm=53&d=20231113191519&ip=1532635802&r=0&ref=&RedirectParams=tcode%3Da_31689b_790c_wa8vc1jqukjucj0t2esm696k%26as%3Dia%26adid%3D790&cip=OTEuOTAuNDIuMTU0; expires=Sun, 11-Feb-2024 19:15:19 GMT; path=/; SameSite=None; Secure
CEK=a; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; SameSite=None; Secure
X-Powered-By: ASP.NET
X-XSS-Protection: 1; mode=block

play.falconvegas.com/css/chunk-vendors.ce496f2a.css

143.204.55.25

200 OK

620 B

URL GET HTTP/2
play.falconvegas.com/css/chunk-vendors.ce496f2a.css
IP
143.204.55.25:443
ASN
#16509 AMAZON-02

Requested by
https://play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790
Certificate
IssuerLet's Encrypt
Subject*.markortechnology.com
Fingerprint58:E9:17:24:45:CA:6F:8C:7D:20:A4:FF:0B:03:B1:2B:1B:25:3D:A0
ValidityFri, 15 Sep 2023 04:21:43 GMT - Thu, 14 Dec 2023 04:21:42 GMT

File type
ASCII text, with very long lines (620), with no line terminators
Size
620 B (620 bytes)
Hash
218167ac7305dec5248daae23586fdbd
c7fdeb7ac06c0f090862476385faee2ed23f1404
658b055cb55e2cd22671b555231da3041bcf66e945cf6b4626cd20f3486ec394

HTTP Headers

GET /css/chunk-vendors.ce496f2a.css HTTP/1.1
Host: play.falconvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-length: 620
date: Mon, 13 Nov 2023 19:15:22 GMT
last-modified: Thu, 09 Nov 2023 09:50:56 GMT
etag: "218167ac7305dec5248daae23586fdbd"
x-amz-server-side-encryption: AES256
cache-control: max-age=604800
accept-ranges: bytes
server: MarkorLobby
x-frame-options: ALLOWALL
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-cache: Miss from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ljFjKhJV1eUu6JJfWxaDfzZPBMkxB8EdD3bND5POfkuknq6OcLDCqw==
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
X-Firefox-Spdy: h2

www.googletagmanager.com/ns.html?id=GTM-T9CJQD4

142.250.74.168

200 OK

92 B

URL GET HTTP/2
www.googletagmanager.com/ns.html?id=GTM-T9CJQD4
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint3B:1D:9C:59:AC:F8:2F:47:8A:C6:AE:4F:88:F0:8D:84:C7:6A:47:DA
ValidityMon, 16 Oct 2023 08:02:30 GMT - Mon, 08 Jan 2024 08:02:29 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
92 B (92 bytes)
Hash
59863d74149a23bfe65a6f3fe7a5ce47
a1729380620153fdcf2e2baa9d9b20ff033ff79c
746321081f72a20cbaf241e8956b2a6ff1d5e11e0ba11fb572dab1db6c7e5499

HTTP Headers

GET /ns.html?id=GTM-T9CJQD4 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://play.falconvegas.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html; charset=UTF-8
content-encoding: br
vary: *
date: Mon, 13 Nov 2023 19:15:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 92
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-T9CJQD4

142.250.74.168

200 OK

81 kB

URL GET HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-T9CJQD4
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint3B:1D:9C:59:AC:F8:2F:47:8A:C6:AE:4F:88:F0:8D:84:C7:6A:47:DA
ValidityMon, 16 Oct 2023 08:02:30 GMT - Mon, 08 Jan 2024 08:02:29 GMT

File type
ASCII text, with very long lines (39312)
Size
81 kB (80866 bytes)
Hash
3d547435f95fdd277db42ac624ea8552
ba2061984ddcd7f5fd79e46e0af3c3d83db9778b
1473017e962d6aa2da6a5cf656369d75ba2f32b6601c4ff6530983c53b4fae6b

HTTP Headers

GET /gtm.js?id=GTM-T9CJQD4 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://play.falconvegas.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 13 Nov 2023 19:15:22 GMT
expires: Mon, 13 Nov 2023 19:15:22 GMT
cache-control: private, max-age=900
last-modified: Mon, 13 Nov 2023 18:54:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 80866
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

api.falconvegas.com/revolve/api/account/active?timestamp=1699902922036

54.230.111.125

406 Not Acceptable

185 B

URL GET HTTP/2
api.falconvegas.com/revolve/api/account/active?timestamp=1699902922036
IP
54.230.111.125:443
ASN
#16509 AMAZON-02

Requested by
https://play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790
Certificate
IssuerLet's Encrypt
Subject*.markortechnology.com
Fingerprint58:E9:17:24:45:CA:6F:8C:7D:20:A4:FF:0B:03:B1:2B:1B:25:3D:A0
ValidityFri, 15 Sep 2023 04:21:43 GMT - Thu, 14 Dec 2023 04:21:42 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
185 B (185 bytes)
Hash
8b8edc120949ec11bdeeabb8f9e39955
c0042d0d32ab78915d82f56cb8372319fade7323
57139519e1e6eaf77bcf54108d43fda7ef7ba58c2beba1f5d5c6cb949fc5705a

HTTP Headers

OPTIONS /revolve/api/account/active?timestamp=1699902922036 HTTP/1.1
Host: api.falconvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-timezone
Referer: https://play.falconvegas.com/
Origin: https://play.falconvegas.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/json
content-length: 185
server: CloudFront
date: Mon, 13 Nov 2023 19:15:22 GMT
cloudfront-viewer-country: NO
cache-control: no-cache
content-encoding: UTF-8
access-control-allow-origin: https://play.falconvegas.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,X-Timezone,X_BD_TOKEN
x-cache: Miss from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: zvaGlDp-BpAGXPoeqOWZ0LbsTH7yDmdybd2Rjb62pgm6bypYeTa5_w==
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

api.falconvegas.com/country?_=1699902922000

54.230.111.125

200 OK

30 B

URL GET HTTP/2
api.falconvegas.com/country?_=1699902922000
IP
54.230.111.125:443
ASN
#16509 AMAZON-02

Requested by
https://play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790
Certificate
IssuerLet's Encrypt
Subject*.markortechnology.com
Fingerprint58:E9:17:24:45:CA:6F:8C:7D:20:A4:FF:0B:03:B1:2B:1B:25:3D:A0
ValidityFri, 15 Sep 2023 04:21:43 GMT - Thu, 14 Dec 2023 04:21:42 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
30 B (30 bytes)
Hash
c33fb7727ce1f2c66f8d6c6cedbb12b1
7273ce7651fd12a64db27321ad456dfc054d4d19
21b196f5566f8ec52ccd845bab462d53d96c014ed7a45e45f8a0d5551b8afdf7

HTTP Headers

GET /country?_=1699902922000 HTTP/1.1
Host: api.falconvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://play.falconvegas.com/
Origin: https://play.falconvegas.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/json
content-length: 30
server: CloudFront
date: Mon, 13 Nov 2023 19:15:22 GMT
x-cache: Miss from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _K6AjjsiIl68tYVuexaCMHPovXixHX6YtZuvlkQXyDp3LCOkdrpE7A==
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

play.falconvegas.com/brands/falconvegas/styles/overrides.css

143.204.55.25

200 OK

3.5 kB

URL GET HTTP/2
play.falconvegas.com/brands/falconvegas/styles/overrides.css
IP
143.204.55.25:443
ASN
#16509 AMAZON-02

Requested by
https://play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790
Certificate
IssuerLet's Encrypt
Subject*.markortechnology.com
Fingerprint58:E9:17:24:45:CA:6F:8C:7D:20:A4:FF:0B:03:B1:2B:1B:25:3D:A0
ValidityFri, 15 Sep 2023 04:21:43 GMT - Thu, 14 Dec 2023 04:21:42 GMT

File type
gzip compressed data, from Unix\012- data
Size
3.5 kB (3465 bytes)
Hash
d9dff07380f8485162b085566ed02ccf
47aeb1ea9d81857d5ac5d4f29bbbaf9a4c0f4f58
04dd4cc3b3bddae1ad9a93b79a2a1237a13c5dfd490ca6e5b830d6d5ed45b0af

HTTP Headers

GET /brands/falconvegas/styles/overrides.css HTTP/1.1
Host: play.falconvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/css
date: Mon, 13 Nov 2023 19:15:23 GMT
last-modified: Thu, 09 Nov 2023 09:50:56 GMT
etag: W/"358d9b50140be4dbdc3be69cd102a570"
x-amz-server-side-encryption: AES256
cache-control: max-age=604800
server: MarkorLobby
x-frame-options: ALLOWALL
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 2itMir0iXoC7tDdQohQah9tHMfYszNDq8Zqduz40byQ5DFrGIQGPTw==
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
X-Firefox-Spdy: h2

play.falconvegas.com/js/chunk-7b64e981.d9f8e2e5.js

143.204.55.25

200 OK

96 kB

URL GET HTTP/2
play.falconvegas.com/js/chunk-7b64e981.d9f8e2e5.js
IP
143.204.55.25:443
ASN
#16509 AMAZON-02

Requested by
https://play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790
Certificate
IssuerLet's Encrypt
Subject*.markortechnology.com
Fingerprint58:E9:17:24:45:CA:6F:8C:7D:20:A4:FF:0B:03:B1:2B:1B:25:3D:A0
ValidityFri, 15 Sep 2023 04:21:43 GMT - Thu, 14 Dec 2023 04:21:42 GMT

File type
gzip compressed data, from Unix\012- data
Size
96 kB (96091 bytes)
Hash
0d2e9fb05f5f92997c21b5c54dde0f39
8115f77af555ec0b5000a5c915d8408f55e04888
32ca80645c9581192c1fd8358c70bca29e15c01ffcf8a72526330cac5f462110

HTTP Headers

GET /js/chunk-7b64e981.d9f8e2e5.js HTTP/1.1
Host: play.falconvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Cookie: locale=en; trackingCode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k; trackingInfo=tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790&geo=CA; trackingSystem=ia; trackingAdId=790
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
date: Mon, 13 Nov 2023 19:15:23 GMT
last-modified: Thu, 09 Nov 2023 09:51:01 GMT
etag: W/"57152abd7ac7d5a4d92cf2c8f86e43f7"
x-amz-server-side-encryption: AES256
cache-control: max-age=604800
server: MarkorLobby
x-frame-options: ALLOWALL
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: bRj3zaJ4w2hJftn9Du54aAZo0BkzLdSmc_z808iq0N1DPH5wtxkKCA==
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
X-Firefox-Spdy: h2

play.falconvegas.com/css/acct-details.4ff1a297.css

143.204.55.25

200 OK

13 kB

URL GET HTTP/2
play.falconvegas.com/css/acct-details.4ff1a297.css
IP
143.204.55.25:443
ASN
#16509 AMAZON-02

Requested by
https://play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790
Certificate
IssuerLet's Encrypt
Subject*.markortechnology.com
Fingerprint58:E9:17:24:45:CA:6F:8C:7D:20:A4:FF:0B:03:B1:2B:1B:25:3D:A0
ValidityFri, 15 Sep 2023 04:21:43 GMT - Thu, 14 Dec 2023 04:21:42 GMT

File type
gzip compressed data, from Unix\012- data
Size
13 kB (12905 bytes)
Hash
f660d89eacf22b5aa2e023e70190be78
9d55f275189e0dc55e7872fe26e8e3a9a138609d
f201ecf4c37c9d5cde18e57daa1bef5006d0e1c31ada023dc2e2eac315e53f6f

HTTP Headers

GET /css/acct-details.4ff1a297.css HTTP/1.1
Host: play.falconvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790
DNT: 1
Connection: keep-alive
Cookie: locale=en; trackingCode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k; trackingInfo=tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790&geo=CA; trackingSystem=ia; trackingAdId=790
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/css
date: Mon, 13 Nov 2023 19:15:23 GMT
last-modified: Thu, 09 Nov 2023 09:50:56 GMT
etag: W/"dd57b051f21395e3156e117d62bc953f"
x-amz-server-side-encryption: AES256
cache-control: max-age=604800
server: MarkorLobby
x-frame-options: ALLOWALL
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ouVAvzErOHDj1xg7YdVjS4O9r_R3zVPzY5uWvrRrwPkIqcflYibf6Q==
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
X-Firefox-Spdy: h2

play.falconvegas.com/js/chunk-07fd9a13.f8a33a85.js

143.204.55.25

200 OK

7.0 kB

URL GET HTTP/2
play.falconvegas.com/js/chunk-07fd9a13.f8a33a85.js
IP
143.204.55.25:443
ASN
#16509 AMAZON-02

Requested by
https://play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790
Certificate
IssuerLet's Encrypt
Subject*.markortechnology.com
Fingerprint58:E9:17:24:45:CA:6F:8C:7D:20:A4:FF:0B:03:B1:2B:1B:25:3D:A0
ValidityFri, 15 Sep 2023 04:21:43 GMT - Thu, 14 Dec 2023 04:21:42 GMT

File type
gzip compressed data, from Unix\012- data
Size
7.0 kB (7019 bytes)
Hash
2468c77c10fac8dbfe2d2c866f62b448
dd4cf254d6b6e5901fccccd3dbecbeea1098ecc9
5d995217831e7888b3d4b768373d444d5722af45ae5878862d8f35d9360dd74a

HTTP Headers

GET /js/chunk-07fd9a13.f8a33a85.js HTTP/1.1
Host: play.falconvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Cookie: locale=en; trackingCode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k; trackingInfo=tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790&geo=CA; trackingSystem=ia; trackingAdId=790
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
date: Mon, 13 Nov 2023 19:15:23 GMT
last-modified: Thu, 09 Nov 2023 09:51:01 GMT
etag: W/"4e5d71d3a7380d31bbf194122d8a5335"
x-amz-server-side-encryption: AES256
cache-control: max-age=604800
server: MarkorLobby
x-frame-options: ALLOWALL
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: v6U8rY8ThB71u0EYO9dzLRbFakG4bmJbM0StxpCnWl1Oa3seta55ew==
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
X-Firefox-Spdy: h2

fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

216.58.207.227

200 OK

24 kB

URL GET HTTP/2
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintEB:59:E9:F3:0F:CE:D8:1A:8C:BB:EE:7D:2E:B7:B8:39:73:7A:CE:28
ValidityMon, 16 Oct 2023 08:10:00 GMT - Mon, 08 Jan 2024 08:09:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Size
24 kB (23580 bytes)
Hash
e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

HTTP Headers

GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://play.falconvegas.com/
Origin: https://play.falconvegas.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 Nov 2023 15:01:17 GMT
expires: Fri, 08 Nov 2024 15:01:17 GMT
cache-control: public, max-age=31536000
age: 360845
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

content.realtimems.com/e2-lobby-images/common/img/svg/country_not_allowed_top.svg

143.204.55.106

200 OK

26 kB

URL GET HTTP/2
content.realtimems.com/e2-lobby-images/common/img/svg/country_not_allowed_top.svg
IP
143.204.55.106:443
ASN
#16509 AMAZON-02

Requested by
https://play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790
Certificate
IssuerLet's Encrypt
Subject*.markortechnology.com
Fingerprint58:E9:17:24:45:CA:6F:8C:7D:20:A4:FF:0B:03:B1:2B:1B:25:3D:A0
ValidityFri, 15 Sep 2023 04:21:43 GMT - Thu, 14 Dec 2023 04:21:42 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (887), with CRLF line terminators
Size
26 kB (25588 bytes)
Hash
9ba575352d52277923af52b89111826d
25b41e58444fb8719cb6a839b7f35d09165acb35
13103dc7e828ef15c0244b88b5a79ed620fd372ca22b7f002bdfc7f1a532df83

HTTP Headers

GET /e2-lobby-images/common/img/svg/country_not_allowed_top.svg HTTP/1.1
Host: content.realtimems.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://play.falconvegas.com/
Origin: https://play.falconvegas.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
date: Mon, 13 Nov 2023 11:23:49 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, PUT, DELETE, HEAD
access-control-max-age: 3000
last-modified: Wed, 08 Feb 2023 11:42:48 GMT
etag: W/"9ba575352d52277923af52b89111826d"
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 13103dc7e828ef15c0244b88b5a79ed620fd372ca22b7f002bdfc7f1a532df83
cache-control: max-age=86400
x-amz-meta-s3b-last-modified: 20230131T101639Z
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2afd697fc5d0058ea30d6c4b939e714c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 02zxXpZuZwv58W4MMJjS3gBd0zMKvewpFjN8nitwkAHUjLH3efX8AA==
age: 28294
X-Firefox-Spdy: h2

cdn.seondf.com/js/v5/agent.js

172.67.148.159

200 OK

343 kB

URL GET HTTP/2
cdn.seondf.com/js/v5/agent.js
IP
172.67.148.159:443
ASN
#13335 CLOUDFLARENET

Requested by
https://play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790
Certificate
IssuerGoogle Trust Services LLC
Subjectseondf.com
Fingerprint14:E9:73:6F:05:19:4B:48:0A:2E:BF:A1:89:FF:C6:1A:F9:1D:C0:4B
ValidityFri, 06 Oct 2023 14:15:33 GMT - Thu, 04 Jan 2024 14:15:32 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
343 kB (342603 bytes)
Hash
f3dbf12133e672d7dd1f2f1f848c8230
46608036761e3d229abb9b50a89b50e93b103222
91604d705edcbf8b2c29aae55d54a1f7d85ff83d3990a2337d05c3bc3185548f

Detections

Analyzer	Verdict	Alert
Public Nextron YARA rules	malware	Unique code from Jetriz, Swid & Jeniva of the Tetris framework

HTTP Headers

GET /js/v5/agent.js HTTP/1.1
Host: cdn.seondf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://play.falconvegas.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 13 Nov 2023 19:15:20 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 17 Oct 2023 11:27:47 GMT
etag: W/"f3dbf12133e672d7dd1f2f1f848c8230"
x-amz-server-side-encryption: AES256
cache-control: max-age=14400
x-amz-version-id: zy284qGkh7Ktxg45J1fFRVXe7ZDsqWes
x-cache: Miss from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: KUYR9l0b3dlc3vuJmIi8jPaNAKa7vtaJIdPM137QdePJWqj5wqwjjw==
cf-cache-status: HIT
age: 986
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2zd9DJdYdE72afdLBdHYaoVmARD9hpI5PACuHhoypO3SWaDWNqtHU82cMIzWDA5k8J9zf0yUr3jf7mhJv8e4kOUcbM6zE5Q8FBEOrHcDEBqrUmARE6AfdCVJ4nhYGGGYbA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 825957c72e115699-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-T242DQJTSY&gtm=45je3b81v9133994542z89133354112&_p=1699902922028&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1299215228.1699902922&ul=en-us&sr=1280x1024&_s=1&sid=1699902922&sct=1&seg=0&dl=https%3A%2F%2Fplay.falconvegas.com%2Fregister%3Ftcode%3Da_31689b_790c_wa8vc1jqukjucj0t2esm696k%26as%3Dia%26adid%3D790&dt=FalconVegas&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3668

216.239.32.36

204 No Content

0 B

URL POST HTTP/2
region1.analytics.google.com/g/collect?v=2&tid=G-T242DQJTSY&gtm=45je3b81v9133994542z89133354112&_p=1699902922028&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1299215228.1699902922&ul=en-us&sr=1280x1024&_s=1&sid=1699902922&sct=1&seg=0&dl=https%3A%2F%2Fplay.falconvegas.com%2Fregister%3Ftcode%3Da_31689b_790c_wa8vc1jqukjucj0t2esm696k%26as%3Dia%26adid%3D790&dt=FalconVegas&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3668
IP
216.239.32.36:443
ASN
#15169 GOOGLE

Requested by
https://play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint3B:1D:9C:59:AC:F8:2F:47:8A:C6:AE:4F:88:F0:8D:84:C7:6A:47:DA
ValidityMon, 16 Oct 2023 08:02:30 GMT - Mon, 08 Jan 2024 08:02:29 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-T242DQJTSY&gtm=45je3b81v9133994542z89133354112&_p=1699902922028&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1299215228.1699902922&ul=en-us&sr=1280x1024&_s=1&sid=1699902922&sct=1&seg=0&dl=https%3A%2F%2Fplay.falconvegas.com%2Fregister%3Ftcode%3Da_31689b_790c_wa8vc1jqukjucj0t2esm696k%26as%3Dia%26adid%3D790&dt=FalconVegas&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3668 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://play.falconvegas.com/
Origin: https://play.falconvegas.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://play.falconvegas.com
date: Mon, 13 Nov 2023 19:15:23 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

play.falconvegas.com/js/chunk-vendors.1c97e481.js

143.204.55.25

200 OK

135 kB

URL GET HTTP/2
play.falconvegas.com/js/chunk-vendors.1c97e481.js
IP
143.204.55.25:443
ASN
#16509 AMAZON-02

Requested by
https://play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790
Certificate
IssuerLet's Encrypt
Subject*.markortechnology.com
Fingerprint58:E9:17:24:45:CA:6F:8C:7D:20:A4:FF:0B:03:B1:2B:1B:25:3D:A0
ValidityFri, 15 Sep 2023 04:21:43 GMT - Thu, 14 Dec 2023 04:21:42 GMT

File type
gzip compressed data, from Unix\012- data
Size
135 kB (135213 bytes)
Hash
5edce610aab404cdd4203b78ad67001b
a9cdfe28af176dd5cd4e7315c97737fcd3291495
d215e7361740725170aae7b1cf573ded160856ededf9148beb2887e7e2b659cb

HTTP Headers

GET /js/chunk-vendors.1c97e481.js HTTP/1.1
Host: play.falconvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
date: Mon, 13 Nov 2023 19:15:22 GMT
last-modified: Thu, 09 Nov 2023 09:51:01 GMT
etag: W/"5e80e317869ef946eb2d5466dd2b5d4e"
x-amz-server-side-encryption: AES256
cache-control: max-age=604800
server: MarkorLobby
x-frame-options: ALLOWALL
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: CGtFXsBYF8cnc6IeThYJq4mM31IzSjQ8DTz09bAApLaqo0CYS18ttw==
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
X-Firefox-Spdy: h2

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-T242DQJTSY&cid=1299215228.1699902922&gtm=45je3b81v9133994542z89133354112&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1445993854

142.250.74.163

200 OK

42 B

URL GET HTTP/2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-T242DQJTSY&cid=1299215228.1699902922&gtm=45je3b81v9133994542z89133354112&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1445993854
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.no
Fingerprint29:58:11:F3:D3:18:F5:CB:E0:44:F2:26:7E:93:2F:BD:DE:27:0C:EB
ValidityMon, 16 Oct 2023 08:13:02 GMT - Mon, 08 Jan 2024 08:13:01 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-T242DQJTSY&cid=1299215228.1699902922&gtm=45je3b81v9133994542z89133354112&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1445993854 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://play.falconvegas.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 13 Nov 2023 19:15:23 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

play.falconvegas.com/js/my-account-cashier.8a86e879.js

143.204.55.25

200 OK

84 kB

URL GET HTTP/2
play.falconvegas.com/js/my-account-cashier.8a86e879.js
IP
143.204.55.25:443
ASN
#16509 AMAZON-02

Requested by
https://play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790
Certificate
IssuerLet's Encrypt
Subject*.markortechnology.com
Fingerprint58:E9:17:24:45:CA:6F:8C:7D:20:A4:FF:0B:03:B1:2B:1B:25:3D:A0
ValidityFri, 15 Sep 2023 04:21:43 GMT - Thu, 14 Dec 2023 04:21:42 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
84 kB (83847 bytes)
Hash
fa1a0f9b839d8dd860e06222a93de1f0
de6dc4f2f9ef84e3083283493f60c09556ef2897
32cb436c6e22cb76798fd8c6c05644fd4112207b80ab66b66ce205f6e917e5d5

HTTP Headers

GET /js/my-account-cashier.8a86e879.js HTTP/1.1
Host: play.falconvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Cookie: locale=en; trackingCode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k; trackingInfo=tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790&geo=CA; trackingSystem=ia; trackingAdId=790; _ga_T242DQJTSY=GS1.1.1699902922.1.0.1699902922.60.0.0; _ga=GA1.1.1299215228.1699902922
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
date: Mon, 13 Nov 2023 19:15:24 GMT
last-modified: Thu, 09 Nov 2023 09:51:01 GMT
etag: W/"fa1a0f9b839d8dd860e06222a93de1f0"
x-amz-server-side-encryption: AES256
cache-control: max-age=604800
server: MarkorLobby
x-frame-options: ALLOWALL
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ESQ0Z8hceutHdn5daKhCnWwUCREalmRo7H0IRxrwyvFFVBZ59IEgEQ==
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
X-Firefox-Spdy: h2

play.falconvegas.com/brands/falconvegas/icons/apple-touch-icon-152x152.png

143.204.55.25

200 OK

21 kB

URL GET HTTP/2
play.falconvegas.com/brands/falconvegas/icons/apple-touch-icon-152x152.png
IP
143.204.55.25:443
ASN
#16509 AMAZON-02

Requested by
https://play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790
Certificate
IssuerLet's Encrypt
Subject*.markortechnology.com
Fingerprint58:E9:17:24:45:CA:6F:8C:7D:20:A4:FF:0B:03:B1:2B:1B:25:3D:A0
ValidityFri, 15 Sep 2023 04:21:43 GMT - Thu, 14 Dec 2023 04:21:42 GMT

File type
PNG image data, 152 x 152, 8-bit/color RGBA, non-interlaced\012- data
Size
21 kB (21032 bytes)
Hash
4fcf0e25b2d5447757e0472d21ab9e55
02531ac7ae441709979ed4a4e9ccf6565c30782a
2ccc4fbef8a7796fd0165b436cfadd2c85cc4e907cc6a53688bb84a06e0e34dd

HTTP Headers

GET /brands/falconvegas/icons/apple-touch-icon-152x152.png HTTP/1.1
Host: play.falconvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790
DNT: 1
Connection: keep-alive
Cookie: locale=en; trackingCode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k; trackingInfo=tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790&geo=CA; trackingSystem=ia; trackingAdId=790; _ga_T242DQJTSY=GS1.1.1699902922.1.0.1699902923.59.0.0; _ga=GA1.1.1299215228.1699902922
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 21032
date: Mon, 13 Nov 2023 19:15:24 GMT
last-modified: Thu, 09 Nov 2023 09:50:55 GMT
etag: "4fcf0e25b2d5447757e0472d21ab9e55"
x-amz-server-side-encryption: AES256
cache-control: max-age=604800
accept-ranges: bytes
server: MarkorLobby
x-frame-options: ALLOWALL
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-cache: Miss from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Got8EDbj_KVfQQZd6qRwmGnAdF1isk83wYTlm2ZFLWNtAnjdPsL5iA==
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
X-Firefox-Spdy: h2

play.falconvegas.com/brands/jackpotstrike/icons/favicon-16x16.png

143.204.55.25

200 OK

16 kB

URL GET HTTP/2
play.falconvegas.com/brands/jackpotstrike/icons/favicon-16x16.png
IP
143.204.55.25:443
ASN
#16509 AMAZON-02

Requested by
https://play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790
Certificate
IssuerLet's Encrypt
Subject*.markortechnology.com
Fingerprint58:E9:17:24:45:CA:6F:8C:7D:20:A4:FF:0B:03:B1:2B:1B:25:3D:A0
ValidityFri, 15 Sep 2023 04:21:43 GMT - Thu, 14 Dec 2023 04:21:42 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (51586)
Size
16 kB (16428 bytes)
Hash
e0dde478e9656ddf6e4ed405e0be63d2
138f82f7811f2cbd966809f78fe83ef849064b73
81b383ac7c975921724b7f349e89c3004d1e6ea5dee3e515c273179a2e14092e

HTTP Headers

GET /brands/jackpotstrike/icons/favicon-16x16.png HTTP/1.1
Host: play.falconvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790
DNT: 1
Connection: keep-alive
Cookie: locale=en; trackingCode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k; trackingInfo=tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790&geo=CA; trackingSystem=ia; trackingAdId=790; _ga_T242DQJTSY=GS1.1.1699902922.1.0.1699902923.59.0.0; _ga=GA1.1.1299215228.1699902922
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/html
date: Mon, 13 Nov 2023 19:15:25 GMT
last-modified: Thu, 09 Nov 2023 09:51:08 GMT
etag: W/"e0dde478e9656ddf6e4ed405e0be63d2"
x-amz-server-side-encryption: AES256
cache-control: no-cache
server: MarkorLobby
x-frame-options: ALLOWALL
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
vary: Accept-Encoding
x-cache: Error from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: rBCpPbb5WqpMfWDexH3YL0Bfk0KAE0YWOonXHD7z3gL3gH8WH2nGHw==
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-T242DQJTSY&gtm=45je3b81v9133994542&_p=1699902922028&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1299215228.1699902922&ul=en-us&sr=1280x1024&_eu=AEA&_s=4&dl=https%3A%2F%2Fplay.falconvegas.com%2Fregister%2Fcasino%3Ftcode%3Da_31689b_790c_wa8vc1jqukjucj0t2esm696k%26as%3Dia%26adid%3D790&dr=https%3A%2F%2Fplay.falconvegas.com%2Fregister%3Ftcode%3Da_31689b_790c_wa8vc1jqukjucj0t2esm696k%26as%3Dia%26adid%3D790&sid=1699902922&sct=1&seg=1&dt=FalconVegas&en=page_view&tfd=11280

216.239.32.36

204 No Content

0 B

URL POST HTTP/3
region1.analytics.google.com/g/collect?v=2&tid=G-T242DQJTSY&gtm=45je3b81v9133994542&_p=1699902922028&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1299215228.1699902922&ul=en-us&sr=1280x1024&_eu=AEA&_s=4&dl=https%3A%2F%2Fplay.falconvegas.com%2Fregister%2Fcasino%3Ftcode%3Da_31689b_790c_wa8vc1jqukjucj0t2esm696k%26as%3Dia%26adid%3D790&dr=https%3A%2F%2Fplay.falconvegas.com%2Fregister%3Ftcode%3Da_31689b_790c_wa8vc1jqukjucj0t2esm696k%26as%3Dia%26adid%3D790&sid=1699902922&sct=1&seg=1&dt=FalconVegas&en=page_view&tfd=11280
IP
216.239.32.36:443
ASN
#15169 GOOGLE

Requested by
https://play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint3B:1D:9C:59:AC:F8:2F:47:8A:C6:AE:4F:88:F0:8D:84:C7:6A:47:DA
ValidityMon, 16 Oct 2023 08:02:30 GMT - Mon, 08 Jan 2024 08:02:29 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-T242DQJTSY&gtm=45je3b81v9133994542&_p=1699902922028&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1299215228.1699902922&ul=en-us&sr=1280x1024&_eu=AEA&_s=4&dl=https%3A%2F%2Fplay.falconvegas.com%2Fregister%2Fcasino%3Ftcode%3Da_31689b_790c_wa8vc1jqukjucj0t2esm696k%26as%3Dia%26adid%3D790&dr=https%3A%2F%2Fplay.falconvegas.com%2Fregister%3Ftcode%3Da_31689b_790c_wa8vc1jqukjucj0t2esm696k%26as%3Dia%26adid%3D790&sid=1699902922&sct=1&seg=1&dt=FalconVegas&en=page_view&tfd=11280 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://play.falconvegas.com/
Origin: https://play.falconvegas.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/3 204 No Content
access-control-allow-origin: https://play.falconvegas.com
date: Mon, 13 Nov 2023 19:15:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

cdn.webpu.sh/Nn2O8A68V8n0IymYHoOKumwuwyniPoua/sdk.js

54.230.111.116

200 OK

186 kB

URL GET HTTP/2
cdn.webpu.sh/Nn2O8A68V8n0IymYHoOKumwuwyniPoua/sdk.js
IP
54.230.111.116:443
ASN
#16509 AMAZON-02

Requested by
https://play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790
Certificate
IssuerAmazon
Subjectcdn.webpu.sh
Fingerprint69:B1:C2:48:41:5C:3B:1D:F1:57:16:61:23:69:4B:14:C3:21:36:E4
ValiditySat, 21 Oct 2023 00:00:00 GMT - Sun, 17 Nov 2024 23:59:59 GMT

File type
ASCII text, with very long lines (53795)
Size
186 kB (185548 bytes)
Hash
53e4dbd41a403d6820714bc5f97c9c8d
a23d62facf8ad2756fd9e1abd0aaa42e95c255da
9edd965971567195aa2753f5fe29b31d79624cbf9206a77b2268854917e94c03

HTTP Headers

GET /Nn2O8A68V8n0IymYHoOKumwuwyniPoua/sdk.js HTTP/1.1
Host: cdn.webpu.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://play.falconvegas.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript
last-modified: Thu, 20 Jul 2023 13:28:35 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Mon, 13 Nov 2023 19:15:22 GMT
cache-control: max-age=21600
etag: W/"53e4dbd41a403d6820714bc5f97c9c8d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: kL0d3O956JHrlmdwwZYm94-QyBmNE3_T5yIg9g2iwMKhTjGMggeh4Q==
age: 7723
X-Firefox-Spdy: h2

play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790

143.204.55.25

200 OK

111 kB

URL User Request GET HTTP/2
play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790
IP
143.204.55.25:443
ASN
#16509 AMAZON-02

Certificate
IssuerLet's Encrypt
Subject*.markortechnology.com
Fingerprint58:E9:17:24:45:CA:6F:8C:7D:20:A4:FF:0B:03:B1:2B:1B:25:3D:A0
ValidityFri, 15 Sep 2023 04:21:43 GMT - Thu, 14 Dec 2023 04:21:42 GMT

File type

Size
111 kB (111130 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790 HTTP/1.1
Host: play.falconvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html
date: Mon, 13 Nov 2023 19:15:21 GMT
last-modified: Thu, 09 Nov 2023 09:51:08 GMT
etag: W/"e0dde478e9656ddf6e4ed405e0be63d2"
x-amz-server-side-encryption: AES256
cache-control: no-cache
server: MarkorLobby
x-frame-options: ALLOWALL
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
vary: Accept-Encoding
x-cache: Error from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: xqJ-SCojlS-Sb1X8mY2km17c7_wGIoFYJ4720BT3we4NYMpkPtc00Q==
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
X-Firefox-Spdy: h2

play.falconvegas.com/js/chunk-41827f2f.7d8fe65f.js

143.204.55.25

200 OK

176 kB

URL GET HTTP/2
play.falconvegas.com/js/chunk-41827f2f.7d8fe65f.js
IP
143.204.55.25:443
ASN
#16509 AMAZON-02

Requested by
https://play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790
Certificate
IssuerLet's Encrypt
Subject*.markortechnology.com
Fingerprint58:E9:17:24:45:CA:6F:8C:7D:20:A4:FF:0B:03:B1:2B:1B:25:3D:A0
ValidityFri, 15 Sep 2023 04:21:43 GMT - Thu, 14 Dec 2023 04:21:42 GMT

File type

Size
176 kB (176347 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /js/chunk-41827f2f.7d8fe65f.js HTTP/1.1
Host: play.falconvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790
DNT: 1
Connection: keep-alive
Cookie: locale=en; trackingCode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k; trackingInfo=tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790&geo=CA; trackingSystem=ia; trackingAdId=790
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
date: Mon, 13 Nov 2023 19:15:23 GMT
last-modified: Thu, 09 Nov 2023 09:51:01 GMT
etag: W/"ecc601ffb1c78d11e27aa130f840753b"
x-amz-server-side-encryption: AES256
cache-control: max-age=604800
server: MarkorLobby
x-frame-options: ALLOWALL
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: x1_31QbgCvc2UJtoqAPhIJIe3zLjg6VN_C54xLzxN40hjBQ9hzDmnA==
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-T242DQJTSY&gtm=45je3b81v9133994542z89133354112&_p=1699902922028&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1299215228.1699902922&ul=en-us&sr=1280x1024&_s=3&sid=1699902922&sct=1&seg=0&dl=https%3A%2F%2Fplay.falconvegas.com%2Fregister%2Fcasino%3Ftcode%3Da_31689b_790c_wa8vc1jqukjucj0t2esm696k%26as%3Dia%26adid%3D790&dt=FalconVegas&en=signup_start&tfd=6279

216.239.32.36

204 No Content

0 B

URL POST HTTP/3
region1.analytics.google.com/g/collect?v=2&tid=G-T242DQJTSY&gtm=45je3b81v9133994542z89133354112&_p=1699902922028&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1299215228.1699902922&ul=en-us&sr=1280x1024&_s=3&sid=1699902922&sct=1&seg=0&dl=https%3A%2F%2Fplay.falconvegas.com%2Fregister%2Fcasino%3Ftcode%3Da_31689b_790c_wa8vc1jqukjucj0t2esm696k%26as%3Dia%26adid%3D790&dt=FalconVegas&en=signup_start&tfd=6279
IP
216.239.32.36:443
ASN
#15169 GOOGLE

Requested by
https://play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint3B:1D:9C:59:AC:F8:2F:47:8A:C6:AE:4F:88:F0:8D:84:C7:6A:47:DA
ValidityMon, 16 Oct 2023 08:02:30 GMT - Mon, 08 Jan 2024 08:02:29 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-T242DQJTSY&gtm=45je3b81v9133994542z89133354112&_p=1699902922028&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1299215228.1699902922&ul=en-us&sr=1280x1024&_s=3&sid=1699902922&sct=1&seg=0&dl=https%3A%2F%2Fplay.falconvegas.com%2Fregister%2Fcasino%3Ftcode%3Da_31689b_790c_wa8vc1jqukjucj0t2esm696k%26as%3Dia%26adid%3D790&dt=FalconVegas&en=signup_start&tfd=6279 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://play.falconvegas.com/
Origin: https://play.falconvegas.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/3 204 No Content
access-control-allow-origin: https://play.falconvegas.com
date: Mon, 13 Nov 2023 19:15:25 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.googletagmanager.com/gtag/js?id=G-T242DQJTSY&l=dataLayer&cx=c

142.250.74.168

200 OK

281 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-T242DQJTSY&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint3B:1D:9C:59:AC:F8:2F:47:8A:C6:AE:4F:88:F0:8D:84:C7:6A:47:DA
ValidityMon, 16 Oct 2023 08:02:30 GMT - Mon, 08 Jan 2024 08:02:29 GMT

File type
ASCII text, with very long lines (5955)
Size
281 kB (281012 bytes)
Hash
70bf164dcb11c99919f946edf31e2022
cdb37228bd3d732c609d3121ea7366a5efb6d393
5713120912ce867dd75d0a2d071b7d141ae25694c21ce5a1347f7d6184ebebd9

HTTP Headers

GET /gtag/js?id=G-T242DQJTSY&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://play.falconvegas.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 13 Nov 2023 19:15:22 GMT
expires: Mon, 13 Nov 2023 19:15:22 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 92922
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

play.falconvegas.com/js/game-play.35553514.js

143.204.55.25

200 OK

335 kB

URL GET HTTP/2
play.falconvegas.com/js/game-play.35553514.js
IP
143.204.55.25:443
ASN
#16509 AMAZON-02

Requested by
https://play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790
Certificate
IssuerLet's Encrypt
Subject*.markortechnology.com
Fingerprint58:E9:17:24:45:CA:6F:8C:7D:20:A4:FF:0B:03:B1:2B:1B:25:3D:A0
ValidityFri, 15 Sep 2023 04:21:43 GMT - Thu, 14 Dec 2023 04:21:42 GMT

File type

Size
335 kB (335085 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /js/game-play.35553514.js HTTP/1.1
Host: play.falconvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Cookie: locale=en; trackingCode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k; trackingInfo=tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790&geo=CA; trackingSystem=ia; trackingAdId=790
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
date: Mon, 13 Nov 2023 19:15:23 GMT
last-modified: Thu, 09 Nov 2023 09:51:01 GMT
etag: W/"802da6da8a9a08ee3783119ec8345165"
x-amz-server-side-encryption: AES256
cache-control: max-age=604800
server: MarkorLobby
x-frame-options: ALLOWALL
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: yPerRKy1XB34E8SSjKoK_IPjbwxvzyNYA9fYZLLPMThqUqEYF2_L3A==
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-T242DQJTSY&gtm=45je3b81v9133994542&_p=1699902922028&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1299215228.1699902922&ul=en-us&sr=1280x1024&_eu=AEA&_s=2&sid=1699902922&sct=1&seg=0&dl=https%3A%2F%2Fplay.falconvegas.com%2Fregister%3Ftcode%3Da_31689b_790c_wa8vc1jqukjucj0t2esm696k%26as%3Dia%26adid%3D790&dt=FalconVegas&en=scroll&epn.percent_scrolled=90&tfd=4349

216.239.32.36

204 No Content

0 B

URL POST HTTP/3
region1.analytics.google.com/g/collect?v=2&tid=G-T242DQJTSY&gtm=45je3b81v9133994542&_p=1699902922028&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1299215228.1699902922&ul=en-us&sr=1280x1024&_eu=AEA&_s=2&sid=1699902922&sct=1&seg=0&dl=https%3A%2F%2Fplay.falconvegas.com%2Fregister%3Ftcode%3Da_31689b_790c_wa8vc1jqukjucj0t2esm696k%26as%3Dia%26adid%3D790&dt=FalconVegas&en=scroll&epn.percent_scrolled=90&tfd=4349
IP
216.239.32.36:443
ASN
#15169 GOOGLE

Requested by
https://play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint3B:1D:9C:59:AC:F8:2F:47:8A:C6:AE:4F:88:F0:8D:84:C7:6A:47:DA
ValidityMon, 16 Oct 2023 08:02:30 GMT - Mon, 08 Jan 2024 08:02:29 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-T242DQJTSY&gtm=45je3b81v9133994542&_p=1699902922028&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1299215228.1699902922&ul=en-us&sr=1280x1024&_eu=AEA&_s=2&sid=1699902922&sct=1&seg=0&dl=https%3A%2F%2Fplay.falconvegas.com%2Fregister%3Ftcode%3Da_31689b_790c_wa8vc1jqukjucj0t2esm696k%26as%3Dia%26adid%3D790&dt=FalconVegas&en=scroll&epn.percent_scrolled=90&tfd=4349 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://play.falconvegas.com/
Origin: https://play.falconvegas.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/3 204 No Content
access-control-allow-origin: https://play.falconvegas.com
date: Mon, 13 Nov 2023 19:15:23 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

play.falconvegas.com/js/chunk-32fce606.3f82b1d9.js

143.204.55.25

200 OK

60 kB

URL GET HTTP/2
play.falconvegas.com/js/chunk-32fce606.3f82b1d9.js
IP
143.204.55.25:443
ASN
#16509 AMAZON-02

Requested by
https://play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790
Certificate
IssuerLet's Encrypt
Subject*.markortechnology.com
Fingerprint58:E9:17:24:45:CA:6F:8C:7D:20:A4:FF:0B:03:B1:2B:1B:25:3D:A0
ValidityFri, 15 Sep 2023 04:21:43 GMT - Thu, 14 Dec 2023 04:21:42 GMT

File type
ASCII text, with very long lines (60202), with no line terminators
Size
60 kB (60202 bytes)
Hash
44c43e7997099c5a81663ac3cda70925
8e2f1c5e77eb0a72f043c7747b17097da189ff5e
446f6590eeec91dec30f0148a2b3ef262f1f8b04dc238cfaa8743684b6ac735a

HTTP Headers

GET /js/chunk-32fce606.3f82b1d9.js HTTP/1.1
Host: play.falconvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Cookie: locale=en; trackingCode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k; trackingInfo=tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790&geo=CA; trackingSystem=ia; trackingAdId=790
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
date: Mon, 13 Nov 2023 19:15:23 GMT
last-modified: Thu, 09 Nov 2023 09:51:01 GMT
etag: W/"44c43e7997099c5a81663ac3cda70925"
x-amz-server-side-encryption: AES256
cache-control: max-age=604800
server: MarkorLobby
x-frame-options: ALLOWALL
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: aBdmsQw35aFB4xxHNwCsm1f8bhhRlbWVWP92fEEzT6PlEArD0liCzg==
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
X-Firefox-Spdy: h2

play.falconvegas.com/brands/falconvegas/layout/loader_75px.gif

143.204.55.25

200 OK

188 kB

URL GET HTTP/2
play.falconvegas.com/brands/falconvegas/layout/loader_75px.gif
IP
143.204.55.25:443
ASN
#16509 AMAZON-02

Requested by
https://play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790
Certificate
IssuerLet's Encrypt
Subject*.markortechnology.com
Fingerprint58:E9:17:24:45:CA:6F:8C:7D:20:A4:FF:0B:03:B1:2B:1B:25:3D:A0
ValidityFri, 15 Sep 2023 04:21:43 GMT - Thu, 14 Dec 2023 04:21:42 GMT

File type
GIF image data, version 89a, 75 x 75\012- data
Size
188 kB (188082 bytes)
Hash
567e883fb6f494c4ee969e6fc8f07d2d
d40afc1683729490018ac7575dddf59416953b4a
8565adbc7398193a51d2dac0857a357a55efbfd1cbe297c2f9a874065a95083c

HTTP Headers

GET /brands/falconvegas/layout/loader_75px.gif HTTP/1.1
Host: play.falconvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/gif
content-length: 188082
date: Mon, 13 Nov 2023 19:15:23 GMT
last-modified: Thu, 09 Nov 2023 09:50:55 GMT
etag: "567e883fb6f494c4ee969e6fc8f07d2d"
x-amz-server-side-encryption: AES256
cache-control: max-age=604800
accept-ranges: bytes
server: MarkorLobby
x-frame-options: ALLOWALL
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-cache: Miss from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 3o0rSxO8vxLHUgPTYY_c8NaOrbW9edrYnFKUQWHTQ_gEQv5gWjUUWQ==
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
X-Firefox-Spdy: h2

play.falconvegas.com/css/game-play.14463e30.css

143.204.55.25

200 OK

74 kB

URL GET HTTP/2
play.falconvegas.com/css/game-play.14463e30.css
IP
143.204.55.25:443
ASN
#16509 AMAZON-02

Requested by
https://play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790
Certificate
IssuerLet's Encrypt
Subject*.markortechnology.com
Fingerprint58:E9:17:24:45:CA:6F:8C:7D:20:A4:FF:0B:03:B1:2B:1B:25:3D:A0
ValidityFri, 15 Sep 2023 04:21:43 GMT - Thu, 14 Dec 2023 04:21:42 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
74 kB (74505 bytes)
Hash
4b57dc710615fea29b6fc61e4fb1134e
7304fd3ce9552c84571fc9dd223859155bd371f6
8a760115170371edd541ed883e600e4b5709debc5b06c2a1de4c3f1826fe4824

HTTP Headers

GET /css/game-play.14463e30.css HTTP/1.1
Host: play.falconvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790
DNT: 1
Connection: keep-alive
Cookie: locale=en; trackingCode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k; trackingInfo=tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790&geo=CA; trackingSystem=ia; trackingAdId=790
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css
date: Mon, 13 Nov 2023 19:15:23 GMT
last-modified: Thu, 09 Nov 2023 09:50:56 GMT
etag: W/"4b57dc710615fea29b6fc61e4fb1134e"
x-amz-server-side-encryption: AES256
cache-control: max-age=604800
server: MarkorLobby
x-frame-options: ALLOWALL
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: WuzqCh3deItrG-guQi67SOskaBM2Yt12mc567jFeO_wNcgpbTqSx0w==
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
X-Firefox-Spdy: h2

play.falconvegas.com/brands/falconvegas/layout/logo.svg

143.204.55.25

200 OK

22 kB

URL GET HTTP/2
play.falconvegas.com/brands/falconvegas/layout/logo.svg
IP
143.204.55.25:443
ASN
#16509 AMAZON-02

Requested by
https://play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790
Certificate
IssuerLet's Encrypt
Subject*.markortechnology.com
Fingerprint58:E9:17:24:45:CA:6F:8C:7D:20:A4:FF:0B:03:B1:2B:1B:25:3D:A0
ValidityFri, 15 Sep 2023 04:21:43 GMT - Thu, 14 Dec 2023 04:21:42 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1825)
Size
22 kB (21535 bytes)
Hash
aa87ee186674eb999d04306f53a3271d
bbdbe90ea90bc2de1ebab0d71a49f2068345f2e8
c9d175ebe695ad6eb75ba38f7f49aada5b053a28c07df7c0197f672ce31e1798

HTTP Headers

GET /brands/falconvegas/layout/logo.svg HTTP/1.1
Host: play.falconvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790
DNT: 1
Connection: keep-alive
Cookie: locale=en; trackingCode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k; trackingInfo=tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790&geo=CA; trackingSystem=ia; trackingAdId=790
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/svg+xml
date: Mon, 13 Nov 2023 19:15:23 GMT
last-modified: Thu, 09 Nov 2023 09:50:56 GMT
etag: W/"aa87ee186674eb999d04306f53a3271d"
x-amz-server-side-encryption: AES256
cache-control: max-age=604800
server: MarkorLobby
x-frame-options: ALLOWALL
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: KssvpS2-3RrwZMSG5uTYAMa1qVmgUckcpORZ8uKy_BwqK1UGrnBauw==
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
X-Firefox-Spdy: h2

content.realtimems.com/e2-lobby-content/falconvegas/json/translations/en/translations.json

143.204.55.106

200 OK

136 kB

URL GET HTTP/2
content.realtimems.com/e2-lobby-content/falconvegas/json/translations/en/translations.json
IP
143.204.55.106:443
ASN
#16509 AMAZON-02

Requested by
https://play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790
Certificate
IssuerLet's Encrypt
Subject*.markortechnology.com
Fingerprint58:E9:17:24:45:CA:6F:8C:7D:20:A4:FF:0B:03:B1:2B:1B:25:3D:A0
ValidityFri, 15 Sep 2023 04:21:43 GMT - Thu, 14 Dec 2023 04:21:42 GMT

File type

Size
136 kB (136289 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /e2-lobby-content/falconvegas/json/translations/en/translations.json HTTP/1.1
Host: content.realtimems.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://play.falconvegas.com/
Origin: https://play.falconvegas.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/json; charset=UTF-8
date: Mon, 13 Nov 2023 11:00:28 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, PUT, DELETE, HEAD
access-control-max-age: 3000
last-modified: Thu, 09 Nov 2023 11:42:20 GMT
etag: W/"56a70809e17499003e50026ce8851b61"
x-amz-server-side-encryption: AES256
cache-control: max-age=604800, must-revalidate
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2afd697fc5d0058ea30d6c4b939e714c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: YLD_-DDVvxKjey8T97QdBOdp9bWE7LovEy5QwJk2izIHHUSP6_NY_g==
age: 29695
X-Firefox-Spdy: h2

play.falconvegas.com/js/chunk-0f9ad738.30bd3161.js

143.204.55.25

200 OK

55 kB

URL GET HTTP/2
play.falconvegas.com/js/chunk-0f9ad738.30bd3161.js
IP
143.204.55.25:443
ASN
#16509 AMAZON-02

Requested by
https://play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790
Certificate
IssuerLet's Encrypt
Subject*.markortechnology.com
Fingerprint58:E9:17:24:45:CA:6F:8C:7D:20:A4:FF:0B:03:B1:2B:1B:25:3D:A0
ValidityFri, 15 Sep 2023 04:21:43 GMT - Thu, 14 Dec 2023 04:21:42 GMT

File type
ASCII text, with very long lines (55434), with no line terminators
Size
55 kB (55434 bytes)
Hash
f93818244c08032916d76c25475e6240
b7a957778e35ee2ac674f8fdb6c6c9c0cfd74ef7
64378c62b77392eda63154fb8dc4f24f28ab2b52c947df158603c5744e7c1664

HTTP Headers

GET /js/chunk-0f9ad738.30bd3161.js HTTP/1.1
Host: play.falconvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790
DNT: 1
Connection: keep-alive
Cookie: locale=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
date: Mon, 13 Nov 2023 19:15:23 GMT
last-modified: Thu, 09 Nov 2023 09:51:01 GMT
etag: W/"f93818244c08032916d76c25475e6240"
x-amz-server-side-encryption: AES256
cache-control: max-age=604800
server: MarkorLobby
x-frame-options: ALLOWALL
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 4WU_NUuJpzOFlTwNoTIUgEVguJrE-PiUIB3NAAg-c1Kog9oGXZWraA==
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
X-Firefox-Spdy: h2

content.realtimems.com/e2-lobby-images/common/img/svg/country_not_allowed_bottom.svg

143.204.55.106

200 OK

20 kB

URL GET HTTP/2
content.realtimems.com/e2-lobby-images/common/img/svg/country_not_allowed_bottom.svg
IP
143.204.55.106:443
ASN
#16509 AMAZON-02

Requested by
https://play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790
Certificate
IssuerLet's Encrypt
Subject*.markortechnology.com
Fingerprint58:E9:17:24:45:CA:6F:8C:7D:20:A4:FF:0B:03:B1:2B:1B:25:3D:A0
ValidityFri, 15 Sep 2023 04:21:43 GMT - Thu, 14 Dec 2023 04:21:42 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (887), with CRLF line terminators
Size
20 kB (19887 bytes)
Hash
569458a1f00c02022dfa3f5243b421c5
094580df0f09037c682cce294cb463982f9fa530
bb042ac27442c28f641e43462f3d2ce7fe2916a5e1dd162e376c0dc14bea127b

HTTP Headers

GET /e2-lobby-images/common/img/svg/country_not_allowed_bottom.svg HTTP/1.1
Host: content.realtimems.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://play.falconvegas.com/
Origin: https://play.falconvegas.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/svg+xml
date: Mon, 13 Nov 2023 11:23:49 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, PUT, DELETE, HEAD
access-control-max-age: 3000
last-modified: Wed, 08 Feb 2023 11:42:48 GMT
etag: W/"569458a1f00c02022dfa3f5243b421c5"
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: bb042ac27442c28f641e43462f3d2ce7fe2916a5e1dd162e376c0dc14bea127b
cache-control: max-age=86400
x-amz-meta-s3b-last-modified: 20230131T102004Z
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2afd697fc5d0058ea30d6c4b939e714c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: nv92-q8itR1mjJAU9rFxdZpGZLX8HRv2jPqYOZkwTlsv1IXV3ns5vQ==
age: 28294
X-Firefox-Spdy: h2

play.falconvegas.com/js/game-play.35553514.js

143.204.55.25

200 OK

335 kB

URL GET HTTP/2
play.falconvegas.com/js/game-play.35553514.js
IP
143.204.55.25:443
ASN
#16509 AMAZON-02

Requested by
https://play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790
Certificate
IssuerLet's Encrypt
Subject*.markortechnology.com
Fingerprint58:E9:17:24:45:CA:6F:8C:7D:20:A4:FF:0B:03:B1:2B:1B:25:3D:A0
ValidityFri, 15 Sep 2023 04:21:43 GMT - Thu, 14 Dec 2023 04:21:42 GMT

File type

Size
335 kB (335085 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /js/game-play.35553514.js HTTP/1.1
Host: play.falconvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790
DNT: 1
Connection: keep-alive
Cookie: locale=en; trackingCode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k; trackingInfo=tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790&geo=CA; trackingSystem=ia; trackingAdId=790
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
date: Mon, 13 Nov 2023 19:15:23 GMT
last-modified: Thu, 09 Nov 2023 09:51:01 GMT
etag: W/"802da6da8a9a08ee3783119ec8345165"
x-amz-server-side-encryption: AES256
cache-control: max-age=604800
server: MarkorLobby
x-frame-options: ALLOWALL
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 3XN3zEwx3J9eq01qztjWtDO_CUyDwDdVABuIDGGnXYGIt-fPK9da2Q==
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
X-Firefox-Spdy: h2

play.falconvegas.com/js/0.dff29444.worker.js

143.204.55.25

200 OK

71 kB

URL GET HTTP/2
play.falconvegas.com/js/0.dff29444.worker.js
IP
143.204.55.25:443
ASN
#16509 AMAZON-02

Requested by
https://play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790
Certificate
IssuerLet's Encrypt
Subject*.markortechnology.com
Fingerprint58:E9:17:24:45:CA:6F:8C:7D:20:A4:FF:0B:03:B1:2B:1B:25:3D:A0
ValidityFri, 15 Sep 2023 04:21:43 GMT - Thu, 14 Dec 2023 04:21:42 GMT

File type

Size
71 kB (71017 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /js/0.dff29444.worker.js HTTP/1.1
Host: play.falconvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790
DNT: 1
Connection: keep-alive
Cookie: locale=en; trackingCode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k; trackingInfo=tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790&geo=CA; trackingSystem=ia; trackingAdId=790
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
date: Mon, 13 Nov 2023 19:15:23 GMT
last-modified: Thu, 09 Nov 2023 09:51:00 GMT
etag: W/"5fc81ba7b46d0e44f386fc9c44fddac2"
x-amz-server-side-encryption: AES256
cache-control: max-age=604800
server: MarkorLobby
x-frame-options: ALLOWALL
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ntSobJP0RTVaSsCmp4yk3VFdQhMcZQZvwwAT8Chl39WeaM448Vi7Lw==
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
X-Firefox-Spdy: h2

play.falconvegas.com/js/chunk-54e76b9b.a122aca0.js

143.204.55.25

200 OK

17 kB

URL GET HTTP/2
play.falconvegas.com/js/chunk-54e76b9b.a122aca0.js
IP
143.204.55.25:443
ASN
#16509 AMAZON-02

Requested by
https://play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790
Certificate
IssuerLet's Encrypt
Subject*.markortechnology.com
Fingerprint58:E9:17:24:45:CA:6F:8C:7D:20:A4:FF:0B:03:B1:2B:1B:25:3D:A0
ValidityFri, 15 Sep 2023 04:21:43 GMT - Thu, 14 Dec 2023 04:21:42 GMT

File type
ASCII text, with very long lines (17431), with no line terminators
Size
17 kB (17431 bytes)
Hash
a7910af0383e0994eb91769ea12b6669
c5591c3d1a9d5dfcf62fa3a78c212dce09165c8c
44717d519c9f00f85b04860ba4fca42feaf951af882ce8d36a07854733c6e642

HTTP Headers

GET /js/chunk-54e76b9b.a122aca0.js HTTP/1.1
Host: play.falconvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Cookie: locale=en; trackingCode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k; trackingInfo=tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790&geo=CA; trackingSystem=ia; trackingAdId=790
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
date: Mon, 13 Nov 2023 19:15:23 GMT
last-modified: Thu, 09 Nov 2023 09:51:01 GMT
etag: W/"a7910af0383e0994eb91769ea12b6669"
x-amz-server-side-encryption: AES256
cache-control: max-age=604800
server: MarkorLobby
x-frame-options: ALLOWALL
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: VtWOSWgmbsM4QiXXeBifbrjcdycmnvECEnQxO6q62S3yJuVs3CwcsA==
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
X-Firefox-Spdy: h2

play.falconvegas.com/js/chunk-62917b77.3b789710.js

143.204.55.25

200 OK

25 kB

URL GET HTTP/2
play.falconvegas.com/js/chunk-62917b77.3b789710.js
IP
143.204.55.25:443
ASN
#16509 AMAZON-02

Requested by
https://play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790
Certificate
IssuerLet's Encrypt
Subject*.markortechnology.com
Fingerprint58:E9:17:24:45:CA:6F:8C:7D:20:A4:FF:0B:03:B1:2B:1B:25:3D:A0
ValidityFri, 15 Sep 2023 04:21:43 GMT - Thu, 14 Dec 2023 04:21:42 GMT

File type

Size
25 kB (24676 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /js/chunk-62917b77.3b789710.js HTTP/1.1
Host: play.falconvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790
DNT: 1
Connection: keep-alive
Cookie: locale=en; trackingCode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k; trackingInfo=tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790&geo=CA; trackingSystem=ia; trackingAdId=790
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
date: Mon, 13 Nov 2023 19:15:23 GMT
last-modified: Thu, 09 Nov 2023 09:51:01 GMT
etag: W/"7f4fea935e1216808fa5a8451ee159ec"
x-amz-server-side-encryption: AES256
cache-control: max-age=604800
server: MarkorLobby
x-frame-options: ALLOWALL
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: jUb2OB-zB1zcT_fjtOqPfOh8vEfyfG-wXx00yRqpwpohYgdlglhayg==
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
X-Firefox-Spdy: h2

play.falconvegas.com/css/chunk-41827f2f.ae33d77a.css

143.204.55.25

200 OK

103 kB

URL GET HTTP/2
play.falconvegas.com/css/chunk-41827f2f.ae33d77a.css
IP
143.204.55.25:443
ASN
#16509 AMAZON-02

Requested by
https://play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790
Certificate
IssuerLet's Encrypt
Subject*.markortechnology.com
Fingerprint58:E9:17:24:45:CA:6F:8C:7D:20:A4:FF:0B:03:B1:2B:1B:25:3D:A0
ValidityFri, 15 Sep 2023 04:21:43 GMT - Thu, 14 Dec 2023 04:21:42 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
103 kB (102613 bytes)
Hash
f0c452e64c40ad755466065df79af24b
3d1617ac8311fef65bd172a405efeef169b1821f
d85b4eda6f383fbdccf6d462239eed3f880d9e990e0b85ae793dc79c763009a4

HTTP Headers

GET /css/chunk-41827f2f.ae33d77a.css HTTP/1.1
Host: play.falconvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790
DNT: 1
Connection: keep-alive
Cookie: locale=en; trackingCode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k; trackingInfo=tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790&geo=CA; trackingSystem=ia; trackingAdId=790
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css
date: Mon, 13 Nov 2023 19:15:23 GMT
last-modified: Thu, 09 Nov 2023 09:50:56 GMT
etag: W/"f0c452e64c40ad755466065df79af24b"
x-amz-server-side-encryption: AES256
cache-control: max-age=604800
server: MarkorLobby
x-frame-options: ALLOWALL
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 1glrvEk6zr8l4ebpJ3FrTDPKIdQWFEmnJOKWPBEDbw1nSMEewNGygw==
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
X-Firefox-Spdy: h2

play.falconvegas.com/css/chunk-7b64e981.7636c233.css

143.204.55.25

200 OK

10 kB

URL GET HTTP/2
play.falconvegas.com/css/chunk-7b64e981.7636c233.css
IP
143.204.55.25:443
ASN
#16509 AMAZON-02

Requested by
https://play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790
Certificate
IssuerLet's Encrypt
Subject*.markortechnology.com
Fingerprint58:E9:17:24:45:CA:6F:8C:7D:20:A4:FF:0B:03:B1:2B:1B:25:3D:A0
ValidityFri, 15 Sep 2023 04:21:43 GMT - Thu, 14 Dec 2023 04:21:42 GMT

File type
ASCII text, with very long lines (10005), with no line terminators
Size
10 kB (10005 bytes)
Hash
fcc3a6ef85eb67afe0bd1133a8f9c972
7c501bc2c818b812e854656c2952ae86511f779b
94ffe9f2703a17538661c8cd2bed40738dc4a8d8b677607da226dbd545c1bd53

HTTP Headers

GET /css/chunk-7b64e981.7636c233.css HTTP/1.1
Host: play.falconvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790
DNT: 1
Connection: keep-alive
Cookie: locale=en; trackingCode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k; trackingInfo=tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790&geo=CA; trackingSystem=ia; trackingAdId=790
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css
date: Mon, 13 Nov 2023 19:15:23 GMT
last-modified: Thu, 09 Nov 2023 09:50:56 GMT
etag: W/"fcc3a6ef85eb67afe0bd1133a8f9c972"
x-amz-server-side-encryption: AES256
cache-control: max-age=604800
server: MarkorLobby
x-frame-options: ALLOWALL
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: k0x6fs_PD0J6GfQgIxPNr-lorHfitJzJO7tPKLZDJtWkGpO4ecjVig==
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
X-Firefox-Spdy: h2

play.falconvegas.com/js/acct-details.422c18cf.js

143.204.55.25

200 OK

250 kB

URL GET HTTP/2
play.falconvegas.com/js/acct-details.422c18cf.js
IP
143.204.55.25:443
ASN
#16509 AMAZON-02

Requested by
https://play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790
Certificate
IssuerLet's Encrypt
Subject*.markortechnology.com
Fingerprint58:E9:17:24:45:CA:6F:8C:7D:20:A4:FF:0B:03:B1:2B:1B:25:3D:A0
ValidityFri, 15 Sep 2023 04:21:43 GMT - Thu, 14 Dec 2023 04:21:42 GMT

File type

Size
250 kB (249783 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /js/acct-details.422c18cf.js HTTP/1.1
Host: play.falconvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790
DNT: 1
Connection: keep-alive
Cookie: locale=en; trackingCode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k; trackingInfo=tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790&geo=CA; trackingSystem=ia; trackingAdId=790
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
date: Mon, 13 Nov 2023 19:15:23 GMT
last-modified: Thu, 09 Nov 2023 09:51:00 GMT
etag: W/"9c0078c013fceff129535f41d80b4ee1"
x-amz-server-side-encryption: AES256
cache-control: max-age=604800
server: MarkorLobby
x-frame-options: ALLOWALL
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: opi5CaTSogiPnJqItJE45kOWF1cXyDQhVyfskKAt43RS7KB-Vc1_KQ==
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
X-Firefox-Spdy: h2

play.falconvegas.com/js/my-account.7fefc2d0.js

143.204.55.25

200 OK

325 kB

URL GET HTTP/2
play.falconvegas.com/js/my-account.7fefc2d0.js
IP
143.204.55.25:443
ASN
#16509 AMAZON-02

Requested by
https://play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790
Certificate
IssuerLet's Encrypt
Subject*.markortechnology.com
Fingerprint58:E9:17:24:45:CA:6F:8C:7D:20:A4:FF:0B:03:B1:2B:1B:25:3D:A0
ValidityFri, 15 Sep 2023 04:21:43 GMT - Thu, 14 Dec 2023 04:21:42 GMT

File type

Size
325 kB (324582 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /js/my-account.7fefc2d0.js HTTP/1.1
Host: play.falconvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Cookie: locale=en; trackingCode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k; trackingInfo=tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790&geo=CA; trackingSystem=ia; trackingAdId=790
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
date: Mon, 13 Nov 2023 19:15:23 GMT
last-modified: Thu, 09 Nov 2023 09:51:01 GMT
etag: W/"b14455186e4daaf7e5f19bb4d348058b"
x-amz-server-side-encryption: AES256
cache-control: max-age=604800
server: MarkorLobby
x-frame-options: ALLOWALL
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 6wCqq-9H8aMw6MYCO_zWGaIBGzOji1buENJXq2jlzaRHotjQvQc7JA==
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
X-Firefox-Spdy: h2

play.falconvegas.com/js/chunk-32fce606.3f82b1d9.js

143.204.55.25

200 OK

60 kB

URL GET HTTP/2
play.falconvegas.com/js/chunk-32fce606.3f82b1d9.js
IP
143.204.55.25:443
ASN
#16509 AMAZON-02

Requested by
https://play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790
Certificate
IssuerLet's Encrypt
Subject*.markortechnology.com
Fingerprint58:E9:17:24:45:CA:6F:8C:7D:20:A4:FF:0B:03:B1:2B:1B:25:3D:A0
ValidityFri, 15 Sep 2023 04:21:43 GMT - Thu, 14 Dec 2023 04:21:42 GMT

File type
ASCII text, with very long lines (60202), with no line terminators
Size
60 kB (60202 bytes)
Hash
44c43e7997099c5a81663ac3cda70925
8e2f1c5e77eb0a72f043c7747b17097da189ff5e
446f6590eeec91dec30f0148a2b3ef262f1f8b04dc238cfaa8743684b6ac735a

HTTP Headers

GET /js/chunk-32fce606.3f82b1d9.js HTTP/1.1
Host: play.falconvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790
DNT: 1
Connection: keep-alive
Cookie: locale=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
date: Mon, 13 Nov 2023 19:15:23 GMT
last-modified: Thu, 09 Nov 2023 09:51:01 GMT
etag: W/"44c43e7997099c5a81663ac3cda70925"
x-amz-server-side-encryption: AES256
cache-control: max-age=604800
server: MarkorLobby
x-frame-options: ALLOWALL
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 2RJ3_Z-E927N3H8nuQujxp9MAltxVdUUhsqRlrvGpA_HbKY9WkgJnA==
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
X-Firefox-Spdy: h2

content.realtimems.com/e2-lobby-content/falconvegas/json/en/cad/seoContent.json

143.204.55.106

200 OK

64 kB

URL GET HTTP/2
content.realtimems.com/e2-lobby-content/falconvegas/json/en/cad/seoContent.json
IP
143.204.55.106:443
ASN
#16509 AMAZON-02

Requested by
https://play.falconvegas.com/js/0.dff29444.worker.js
Certificate
IssuerLet's Encrypt
Subject*.markortechnology.com
Fingerprint58:E9:17:24:45:CA:6F:8C:7D:20:A4:FF:0B:03:B1:2B:1B:25:3D:A0
ValidityFri, 15 Sep 2023 04:21:43 GMT - Thu, 14 Dec 2023 04:21:42 GMT

File type

Size
64 kB (63750 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /e2-lobby-content/falconvegas/json/en/cad/seoContent.json HTTP/1.1
Host: content.realtimems.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://play.falconvegas.com/
Origin: https://play.falconvegas.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/json; charset=UTF-8
date: Mon, 13 Nov 2023 11:00:28 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, PUT, DELETE, HEAD
access-control-max-age: 3000
last-modified: Thu, 03 Aug 2023 09:40:06 GMT
etag: W/"4fd99e155dafe2e58e8b1a53eb935204"
x-amz-server-side-encryption: AES256
cache-control: max-age=604800, must-revalidate
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2afd697fc5d0058ea30d6c4b939e714c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 9d7roaLwJl4a6gHF8Om7Jof9QeMI059g8Y8lidLzG77LhlxQCWaiRQ==
age: 29696
X-Firefox-Spdy: h2

play.falconvegas.com/js/chunk-54e76b9b.a122aca0.js

143.204.55.25

200 OK

17 kB

URL GET HTTP/2
play.falconvegas.com/js/chunk-54e76b9b.a122aca0.js
IP
143.204.55.25:443
ASN
#16509 AMAZON-02

Requested by
https://play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790
Certificate
IssuerLet's Encrypt
Subject*.markortechnology.com
Fingerprint58:E9:17:24:45:CA:6F:8C:7D:20:A4:FF:0B:03:B1:2B:1B:25:3D:A0
ValidityFri, 15 Sep 2023 04:21:43 GMT - Thu, 14 Dec 2023 04:21:42 GMT

File type
ASCII text, with very long lines (17431), with no line terminators
Size
17 kB (17431 bytes)
Hash
a7910af0383e0994eb91769ea12b6669
c5591c3d1a9d5dfcf62fa3a78c212dce09165c8c
44717d519c9f00f85b04860ba4fca42feaf951af882ce8d36a07854733c6e642

HTTP Headers

GET /js/chunk-54e76b9b.a122aca0.js HTTP/1.1
Host: play.falconvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790
DNT: 1
Connection: keep-alive
Cookie: locale=en; trackingCode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k; trackingInfo=tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790&geo=CA; trackingSystem=ia; trackingAdId=790
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
date: Mon, 13 Nov 2023 19:15:23 GMT
last-modified: Thu, 09 Nov 2023 09:51:01 GMT
etag: W/"a7910af0383e0994eb91769ea12b6669"
x-amz-server-side-encryption: AES256
cache-control: max-age=604800
server: MarkorLobby
x-frame-options: ALLOWALL
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Smx7ZSk_skwdEewu8LtyMl68yuXflHJQGfZKZZ6satFR_TQGQbwZbA==
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
X-Firefox-Spdy: h2

content.realtimems.com/e2-lobby-images/common/img/svg/country_not_allowed.svg

143.204.55.106

200 OK

748 B

URL GET HTTP/2
content.realtimems.com/e2-lobby-images/common/img/svg/country_not_allowed.svg
IP
143.204.55.106:443
ASN
#16509 AMAZON-02

Requested by
https://play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790
Certificate
IssuerLet's Encrypt
Subject*.markortechnology.com
Fingerprint58:E9:17:24:45:CA:6F:8C:7D:20:A4:FF:0B:03:B1:2B:1B:25:3D:A0
ValidityFri, 15 Sep 2023 04:21:43 GMT - Thu, 14 Dec 2023 04:21:42 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (786), with no line terminators
Size
748 B (748 bytes)
Hash
4f8984e19b0a555052976408f1b24bd9
a305c18dc36be8b0121394b0944ffc2053c7d6be
76ac3e11cd72eada68c635702fb4d9fce418302ca0a3796c71dfc2b5724db804

HTTP Headers

GET /e2-lobby-images/common/img/svg/country_not_allowed.svg HTTP/1.1
Host: content.realtimems.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://play.falconvegas.com/
Origin: https://play.falconvegas.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 748
date: Mon, 13 Nov 2023 11:23:49 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, PUT, DELETE, HEAD
access-control-max-age: 3000
last-modified: Wed, 08 Feb 2023 11:42:48 GMT
etag: "443644fa84f2408f479efb6db7c2b525"
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: b079600ffcf32ef994490e14f23767c5ba5c72b3043a56e305596db3065c5069
cache-control: max-age=86400
x-amz-meta-s3b-last-modified: 20230131T101839Z
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 2afd697fc5d0058ea30d6c4b939e714c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: p5VgSlSMHffzwIRX_G3AVRHGjWLEcR9gkALhogVLa9JOXpou6At8Fw==
age: 28294
X-Firefox-Spdy: h2

play.falconvegas.com/js/chunk-62917b77.3b789710.js

143.204.55.25

200 OK

25 kB

URL GET HTTP/2
play.falconvegas.com/js/chunk-62917b77.3b789710.js
IP
143.204.55.25:443
ASN
#16509 AMAZON-02

Requested by
https://play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790
Certificate
IssuerLet's Encrypt
Subject*.markortechnology.com
Fingerprint58:E9:17:24:45:CA:6F:8C:7D:20:A4:FF:0B:03:B1:2B:1B:25:3D:A0
ValidityFri, 15 Sep 2023 04:21:43 GMT - Thu, 14 Dec 2023 04:21:42 GMT

File type

Size
25 kB (24676 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /js/chunk-62917b77.3b789710.js HTTP/1.1
Host: play.falconvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Cookie: locale=en; trackingCode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k; trackingInfo=tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790&geo=CA; trackingSystem=ia; trackingAdId=790
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
date: Mon, 13 Nov 2023 19:15:23 GMT
last-modified: Thu, 09 Nov 2023 09:51:01 GMT
etag: W/"7f4fea935e1216808fa5a8451ee159ec"
x-amz-server-side-encryption: AES256
cache-control: max-age=604800
server: MarkorLobby
x-frame-options: ALLOWALL
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: W6rfdGo9DbKVTheIRqrVrc4JiQAEj-05ysL6ORS4N8Usl7trPUyx7w==
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
X-Firefox-Spdy: h2

content.realtimems.com/e2-lobby-content/falconvegas/json/gameslayout.json

143.204.55.106

200 OK

7.6 MB

URL GET HTTP/2
content.realtimems.com/e2-lobby-content/falconvegas/json/gameslayout.json
IP
143.204.55.106:443
ASN
#16509 AMAZON-02

Requested by
https://play.falconvegas.com/js/0.dff29444.worker.js
Certificate
IssuerLet's Encrypt
Subject*.markortechnology.com
Fingerprint58:E9:17:24:45:CA:6F:8C:7D:20:A4:FF:0B:03:B1:2B:1B:25:3D:A0
ValidityFri, 15 Sep 2023 04:21:43 GMT - Thu, 14 Dec 2023 04:21:42 GMT

File type

Size
7.6 MB (7552411 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /e2-lobby-content/falconvegas/json/gameslayout.json HTTP/1.1
Host: content.realtimems.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://play.falconvegas.com/
Origin: https://play.falconvegas.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/json; charset=UTF-8
date: Mon, 13 Nov 2023 10:50:17 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, PUT, DELETE, HEAD
access-control-max-age: 3000
last-modified: Fri, 03 Nov 2023 07:31:18 GMT
etag: W/"721ee52314e68d194be234f619a625e7"
x-amz-server-side-encryption: AES256
cache-control: max-age=604800, must-revalidate
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2afd697fc5d0058ea30d6c4b939e714c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: aRNJnq6AeYAaH2WXfGCrRjLRtkW-zxfjxoLzLIprLW4kAXOqMMQwDg==
age: 30306
X-Firefox-Spdy: h2

play.falconvegas.com/css/app.70d51d75.css

143.204.55.25

200 OK

244 kB

URL GET HTTP/2
play.falconvegas.com/css/app.70d51d75.css
IP
143.204.55.25:443
ASN
#16509 AMAZON-02

Requested by
https://play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790
Certificate
IssuerLet's Encrypt
Subject*.markortechnology.com
Fingerprint58:E9:17:24:45:CA:6F:8C:7D:20:A4:FF:0B:03:B1:2B:1B:25:3D:A0
ValidityFri, 15 Sep 2023 04:21:43 GMT - Thu, 14 Dec 2023 04:21:42 GMT

File type
ASCII text, with very long lines (38519)
Size
244 kB (243901 bytes)
Hash
5d761fcaab6cdbcb65328321944918cc
4de06ac25271ee05f421a25e820f9bf7bd431556
192ba858efbcc3f4ceae3e40d11646ae0901464197f8a1481118bd3909450f7c

HTTP Headers

GET /css/app.70d51d75.css HTTP/1.1
Host: play.falconvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css
date: Mon, 13 Nov 2023 19:15:22 GMT
last-modified: Thu, 09 Nov 2023 09:50:56 GMT
etag: W/"5d761fcaab6cdbcb65328321944918cc"
x-amz-server-side-encryption: AES256
cache-control: max-age=604800
server: MarkorLobby
x-frame-options: ALLOWALL
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 66tIS0zANoUu5S7calA7mhwzrOPdXqxfg815mwnkvoFDXaXvYunPXg==
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
X-Firefox-Spdy: h2

fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh50XSwiPGQ.woff2

216.58.207.227

200 OK

22 kB

URL GET HTTP/2
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh50XSwiPGQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintEB:59:E9:F3:0F:CE:D8:1A:8C:BB:EE:7D:2E:B7:B8:39:73:7A:CE:28
ValidityMon, 16 Oct 2023 08:10:00 GMT - Mon, 08 Jan 2024 08:09:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 22504, version 1.0\012- data
Size
22 kB (22504 bytes)
Hash
1c6c65523675abc6fcd78e804325bd77
898d9808304dc157f5dcb18ca169ec6e2b96b3d7
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92

HTTP Headers

GET /s/lato/v23/S6u9w4BMUTPHh50XSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://play.falconvegas.com/
Origin: https://play.falconvegas.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22504
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 Nov 2023 21:32:22 GMT
expires: Fri, 08 Nov 2024 21:32:22 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 26 Apr 2022 16:04:16 GMT
content-type: font/woff2
age: 337380
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

play.falconvegas.com/js/acct-details.422c18cf.js

143.204.55.25

200 OK

250 kB

URL GET HTTP/2
play.falconvegas.com/js/acct-details.422c18cf.js
IP
143.204.55.25:443
ASN
#16509 AMAZON-02

Requested by
https://play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790
Certificate
IssuerLet's Encrypt
Subject*.markortechnology.com
Fingerprint58:E9:17:24:45:CA:6F:8C:7D:20:A4:FF:0B:03:B1:2B:1B:25:3D:A0
ValidityFri, 15 Sep 2023 04:21:43 GMT - Thu, 14 Dec 2023 04:21:42 GMT

File type

Size
250 kB (249783 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /js/acct-details.422c18cf.js HTTP/1.1
Host: play.falconvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Cookie: locale=en; trackingCode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k; trackingInfo=tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790&geo=CA; trackingSystem=ia; trackingAdId=790
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
date: Mon, 13 Nov 2023 19:15:23 GMT
last-modified: Thu, 09 Nov 2023 09:51:00 GMT
etag: W/"9c0078c013fceff129535f41d80b4ee1"
x-amz-server-side-encryption: AES256
cache-control: max-age=604800
server: MarkorLobby
x-frame-options: ALLOWALL
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ocCXbOGMUpGq-0KIskIkiUTa64xapgRmCqsifvpnoyy8hTkI1YZkoQ==
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
X-Firefox-Spdy: h2

play.falconvegas.com/js/app.663d4fe1.js

143.204.55.25

200 OK

135 kB

URL GET HTTP/2
play.falconvegas.com/js/app.663d4fe1.js
IP
143.204.55.25:443
ASN
#16509 AMAZON-02

Requested by
https://play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790
Certificate
IssuerLet's Encrypt
Subject*.markortechnology.com
Fingerprint58:E9:17:24:45:CA:6F:8C:7D:20:A4:FF:0B:03:B1:2B:1B:25:3D:A0
ValidityFri, 15 Sep 2023 04:21:43 GMT - Thu, 14 Dec 2023 04:21:42 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
135 kB (134750 bytes)
Hash
910709d4f3be8adbef2242a6028406f1
ed18cbf1e46ea9e6dcf4b7e6f780f3a264fae9a4
e16acf3f4839eace6e566bdcc191be8d693708a303c5768c8db233daa5d54d4d

HTTP Headers

GET /js/app.663d4fe1.js HTTP/1.1
Host: play.falconvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
date: Mon, 13 Nov 2023 19:15:22 GMT
last-modified: Thu, 09 Nov 2023 09:51:00 GMT
etag: W/"910709d4f3be8adbef2242a6028406f1"
x-amz-server-side-encryption: AES256
cache-control: max-age=604800
server: MarkorLobby
x-frame-options: ALLOWALL
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: CFxX9xALh903U1F9lQ8IFaCoOTGRIXH-Fr1TkjqIx7caPsTHD0PG7Q==
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
X-Firefox-Spdy: h2

play.falconvegas.com/js/chunk-0f9ad738.30bd3161.js

143.204.55.25

200 OK

55 kB

URL GET HTTP/2
play.falconvegas.com/js/chunk-0f9ad738.30bd3161.js
IP
143.204.55.25:443
ASN
#16509 AMAZON-02

Requested by
https://play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790
Certificate
IssuerLet's Encrypt
Subject*.markortechnology.com
Fingerprint58:E9:17:24:45:CA:6F:8C:7D:20:A4:FF:0B:03:B1:2B:1B:25:3D:A0
ValidityFri, 15 Sep 2023 04:21:43 GMT - Thu, 14 Dec 2023 04:21:42 GMT

File type
ASCII text, with very long lines (55434), with no line terminators
Size
55 kB (55434 bytes)
Hash
f93818244c08032916d76c25475e6240
b7a957778e35ee2ac674f8fdb6c6c9c0cfd74ef7
64378c62b77392eda63154fb8dc4f24f28ab2b52c947df158603c5744e7c1664

HTTP Headers

GET /js/chunk-0f9ad738.30bd3161.js HTTP/1.1
Host: play.falconvegas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://play.falconvegas.com/register?tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Cookie: locale=en; trackingCode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k; trackingInfo=tcode=a_31689b_790c_wa8vc1jqukjucj0t2esm696k&as=ia&adid=790&geo=CA; trackingSystem=ia; trackingAdId=790
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
date: Mon, 13 Nov 2023 19:15:23 GMT
last-modified: Thu, 09 Nov 2023 09:51:01 GMT
etag: W/"f93818244c08032916d76c25475e6240"
x-amz-server-side-encryption: AES256
cache-control: max-age=604800
server: MarkorLobby
x-frame-options: ALLOWALL
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 6ZmuZoPY2ggLmLICsErEQtk9eTSw3Z_MhNyZm396cIsIyuHeu6-q5g==
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (24)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash