debet.info/
301 Moved Permanently 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 24 Dec 2022 16:20:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 24 Dec 2022 17:20:45 GMT
Location: https://debet.info/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4zmJ7AxyODZxmj%2FethjRYZuSoY9%2BDPqfbaHc5CCWC6gPmNdpmLTLEIzojuFKtp6NvsYrBklVHQoeprwzOcXE2GBMqZJVW%2Fyp3VmL3siOZB8XWwm1pUkeDFwSqpc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77eaaa88fea6b4ff-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ede732d48f2c32ad5e3b899bb4348df9
15fa12733818b3ae39f3022a715ed0f431b28242
446c9bf6bc38a43f5758f6f44f89ad76eff44eb8779cf7e62bbfeb002b298dee
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "446C9BF6BC38A43F5758F6F44F89AD76EFF44EB8779CF7E62BBFEB002B298DEE"
Last-Modified: Thu, 22 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14067
Expires: Sat, 24 Dec 2022 20:15:12 GMT
Date: Sat, 24 Dec 2022 16:20:45 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ad598540c6639aaaa344fb3ce4f3162f
b0b9f86d50de7dc23bdc7aee2f45d79a06165afc
4e9aaff330ce0c9c11f6bb8502fe21296b1845151bace75f73908a3194d5d0a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4E9AAFF330CE0C9C11F6BB8502FE21296B1845151BACE75F73908A3194D5D0A1"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3046
Expires: Sat, 24 Dec 2022 17:11:31 GMT
Date: Sat, 24 Dec 2022 16:20:45 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f7f0ad5c2841a345f98197c2f1e86f4d
84cbfd91934a8715baba4a2da46451f35597c99c
be30540f2e06a3565c9b38bdbb9691f707d692b196bdcef5d671708aa9609795
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE30540F2E06A3565C9B38BDBB9691F707D692B196BDCEF5D671708AA9609795"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2998
Expires: Sat, 24 Dec 2022 17:10:43 GMT
Date: Sat, 24 Dec 2022 16:20:45 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Type, Content-Length, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 24 Dec 2022 15:46:17 GMT
content-type: application/json
age: 2068
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Ook6iBEaNHo6xU9AylgkHMMZU4kd+LjPXFK236e7wQds/dCeX7ISVcLhtjgcvJZRqcRJcZ4deWo=
x-amz-request-id: X527DWQKPF9B4TF8
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 24 Dec 2022 15:56:39 GMT
age: 1446
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 24 Dec 2022 16:20:45 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 62d823a38fb1fd8249b3a68d6e7aaac1
537936eb6291b4be57a7356dd30aaf826238c107
8744c54170da3b207ae485098e1aed9be703518bed7d3266f6b9340e1b21ef83
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "8744C54170DA3B207AE485098E1AED9BE703518BED7D3266F6B9340E1B21EF83"
Last-Modified: Fri, 23 Dec 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21521
Expires: Sat, 24 Dec 2022 22:19:26 GMT
Date: Sat, 24 Dec 2022 16:20:45 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 280 B IP
Hash bccb0bbab4a6218d3344bb2e99212908
bddba84f1b11ba0bc25d34722205a28198adb825
242ee399181286251ca39da6381448ecedd5cdf9adc15a2ade66871cb00fcae6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=167987
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 16:20:46 GMT
Etag: "63a71411-118"
Expires: Mon, 26 Dec 2022 15:00:33 GMT
Last-Modified: Sat, 24 Dec 2022 15:00:33 GMT
Server: nginx
Content-Length: 280
ocsp.digicert.com/
200 OK 280 B IP
Hash bccb0bbab4a6218d3344bb2e99212908
bddba84f1b11ba0bc25d34722205a28198adb825
242ee399181286251ca39da6381448ecedd5cdf9adc15a2ade66871cb00fcae6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=167987
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 16:20:46 GMT
Etag: "63a71411-118"
Expires: Mon, 26 Dec 2022 15:00:33 GMT
Last-Modified: Sat, 24 Dec 2022 15:00:33 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 280
debet.club/
301 Moved Permanently 472 B IP
Hash 98750fdbb4e22f4817425f5643ae5cc8
98cf66925e6cf6bb619f95c187258270d6d7b033
d529b7f45a01f2bb3e7c0cca4338a8ce458398b74dda73f0511f7c318e658557
GET / HTTP/1.1
Host: debet.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
date: Sat, 24 Dec 2022 16:20:46 GMT
location: https://debet.win/
cache-control: max-age=3600
expires: Sat, 24 Dec 2022 17:20:46 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ct0Lp6y%2FORxF9HDXehxzQXblw5fKUZ%2B72WetvhMUE6c51cHtOadrTGuMtrL0%2BSjf96Ae55%2Biy9%2FGen1jSo7U2PpF%2BqrY0ylFyVPjxX2m9WbHELbzZffpRXDiAscw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77eaaa8cafc20afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Last-Modified, Retry-After, Content-Type, Alert, Pragma, ETag, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 24 Dec 2022 15:33:26 GMT
age: 2840
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash d7938ab2263405a708c44813f3e16cb8
3ba9f4363ecc2834ea1211f761ce2d04e0077ab3
8a8ef4218bcd8ecb1f12ecdb74f3f453a7093be8dd3c233615577dcc9b40fa92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4654
Cache-Control: max-age=151417
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 16:20:46 GMT
Etag: "63a6c129-1d7"
Expires: Mon, 26 Dec 2022 10:24:23 GMT
Last-Modified: Sat, 24 Dec 2022 09:06:49 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/s/gts1p5/1FJJzz0dIPc
200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/1FJJzz0dIPc
IP
Hash 98750fdbb4e22f4817425f5643ae5cc8
98cf66925e6cf6bb619f95c187258270d6d7b033
d529b7f45a01f2bb3e7c0cca4338a8ce458398b74dda73f0511f7c318e658557
POST /s/gts1p5/1FJJzz0dIPc HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 16:20:46 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: UC6rFdmb0dnFqqbkgk3RIw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: G0URDFjelR61EUvNogjDSnW2sJA=
d1.debet.win/rs2/images/loidangnhap.png
200 OK 13 kB URL HTTP/2 d1.debet.win/rs2/images/loidangnhap.png
IP
File type PNG image data, 362 x 295, 8-bit colormap, non-interlaced\012- data
Hash d3ff1bd5cf80e3872f1d6e82e2b722e5
82a43d28d1995e66b0bca70818b814e160489079
e62dd1b02f36b66283bdef1d91165bb857e3ed10788bcb4419b8455681c4ac2f
GET /rs2/images/loidangnhap.png HTTP/1.1
Host: d1.debet.win
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Dec 2022 16:20:47 GMT
content-type: image/png
content-length: 13030
last-modified: Mon, 25 Nov 2019 04:30:17 GMT
etag: "5ddb58d9-32e6"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FY%2FB7nW44W8l6d5Zf8d2SV3%2B5IJ94dpGnuJQDH1BUp9wXaVsQlJ%2F7LNHVtbnma%2FRI1sPymP1GafYMIP7PwOTYIawtPRWQQq%2FM2IBhSzjduB76u5b6kotFujnCUI%2B5Q4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77eaaa91f8bc0afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
d1.debet.win/rs2/images/hetphiendangnhap.png
200 OK 9.7 kB URL HTTP/2 d1.debet.win/rs2/images/hetphiendangnhap.png
IP
File type PNG image data, 362 x 295, 8-bit colormap, non-interlaced\012- data
Hash 14767522582812c408d4c40c03ea3bcd
d1940f3e43652d810400bbc429a7109e60d1ed6e
0d21ba18861663a49cfb6705a3d33423742dfc1f3f860e9fc1764f7bfbf9574d
GET /rs2/images/hetphiendangnhap.png HTTP/1.1
Host: d1.debet.win
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Dec 2022 16:20:47 GMT
content-type: image/png
content-length: 9731
last-modified: Mon, 25 Nov 2019 04:30:17 GMT
etag: "5ddb58d9-2603"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R6%2FfkvZbAk8o6k8DYNfsMT1hITqqFTnGum46LObRJA48WIjHm%2B5Mu%2FjwNUUfRvOw7RjeoQG7zfXOmH8Rk%2BYpu5EHSUQMAmO6i%2F605xV3kpgSmvpKOg1yEblByR8gfPk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77eaaa91f8be0afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
d1.debet.win/rs2/images/event/noel/light-banner-noel.png?v=1
200 OK 20 kB URL HTTP/2 d1.debet.win/rs2/images/event/noel/light-banner-noel.png?v=1
IP
File type PNG image data, 680 x 130, 8-bit colormap, non-interlaced\012- data
Hash acb28a6e0ba3a71dd620b714c6113b2f
936b1f603d5db7d84914457d31c5c388b62e431b
6288acd171f145648cf3247ab2c8d638c7dad6fea5732ad231c19c370512c372
GET /rs2/images/event/noel/light-banner-noel.png?v=1 HTTP/1.1
Host: d1.debet.win
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Dec 2022 16:20:47 GMT
content-type: image/png
content-length: 19814
last-modified: Mon, 20 Dec 2021 10:18:16 GMT
etag: "61c05868-4d66"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NxrK8ALL2fw7A4inmhZzVRzqFcZOdwVJtPiGz60kdmCzgarNOy%2B%2B8a5Md2%2Ff6bp7JwnfKSKiOJ9sbedyedaH19yx4uutNbJa3RjZbd19sYpsBrcy56Antu04oQwz9Gk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77eaaa91f8c20afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
d1.debet.win/rs2/images/icon/berlin.svg
200 OK 1.2 kB URL HTTP/2 d1.debet.win/rs2/images/icon/berlin.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1181)
Hash a7cf2c7a979fa0e2b2ab693b145b21cf
72870b808cf654013dc3d8c612559596abe5d25d
81a7f9ae0a39a434aa1dfc2c332000e0c13de6161e5615f792939cb4afc387bb
GET /rs2/images/icon/berlin.svg HTTP/1.1
Host: d1.debet.win
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Dec 2022 16:20:47 GMT
content-type: image/svg+xml
last-modified: Thu, 27 Oct 2022 08:14:16 GMT
etag: W/"635a3dd8-5b6"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CUClU%2FM7akkoqKwmMFY0yHM963A%2BcZwa1%2FXJQwXI%2BuaCExQqST53rt7v3voeZ0LYEF5fwBlj%2FOTB%2B%2FXJaNx%2BSMcizSmpx6N4kKjhJvaSUXw83ZiG9mTSlss4cmvAvmw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77eaaa91e8a80afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
d1.debet.win/rs2/images/bg_loading.jpg?v=2
200 OK 52 kB URL HTTP/2 d1.debet.win/rs2/images/bg_loading.jpg?v=2
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1425x891, components 3\012- data
Hash c0c7d0617c20cfb8dfbaf021cc170612
3ab6f7f9ef5de0ec38288798abf13adb90f8a20f
abe0af157077bb3a1159bf8e146bbd84a6c30cf1b7c78d447d9b9cf744d50a80
GET /rs2/images/bg_loading.jpg?v=2 HTTP/1.1
Host: d1.debet.win
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Dec 2022 16:20:47 GMT
content-type: image/jpeg
content-length: 51968
last-modified: Tue, 03 Mar 2020 06:30:49 GMT
etag: "5e5df999-cb00"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YlM6LU4UVu7eUkD%2FPI8NpBlyP5r6VZ%2FAj8RZCm3k7qnPMCypKJq4rsn80IKeCf%2F7dQmwWvk4bat0c4Xk%2BBYVMlXHSVtXCt4mdsaitQIzJL%2BP73UBUFbIXFpCf1gaPNE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77eaaa91f8c10afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
d1.debet.win/rs2/images/icon/fishing.svg
200 OK 82 kB URL HTTP/2 d1.debet.win/rs2/images/icon/fishing.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (833)
Hash 9d6a90e054c66433567f71d84f675050
e6d09e32f880d7216158f34f5029ff9ba049bfc2
eb6157e2394a3a1d29f6782e5288b747e03f1d4a1f6751d118632fb96c950ec4
GET /rs2/images/icon/fishing.svg HTTP/1.1
Host: d1.debet.win
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Dec 2022 16:20:47 GMT
content-type: image/svg+xml
last-modified: Thu, 27 Oct 2022 08:14:16 GMT
etag: W/"635a3dd8-a40"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WiPHU7%2F4RAd3MYm9%2FSY%2BCvs3ZS5qJL92yjuZT7LU0I1XPpkUSPzi6tThC3f5ZjhcPjUL22oBoKkXn%2FAOwfXPtlMcOAb2GMjcyNC2RVDqT5TnG6fIsmjzyvLVoAdikCs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77eaaa91e8ac0afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 305e61785b6a439d62cc6d1eb782acf0
51c1e3e213b20326f9b0a6089a07d64559945d85
b04548c1d4e00ddc872aad4bd3b532cade0bf423138620e351a6d58a2e8f19fc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 16:20:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fc328f2e44d4ac962c03be665dbf6436
7ac1bb5dd0d42c9cb2e6a67b06b55934190691fe
7d7ced4a7da10564449ddec77f05d85557a2b2f7e8fe2a7d15541c7b52aee928
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7CED4A7DA10564449DDEC77F05D85557A2B2F7E8FE2A7D15541C7B52AEE928"
Last-Modified: Thu, 22 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8801
Expires: Sat, 24 Dec 2022 18:47:29 GMT
Date: Sat, 24 Dec 2022 16:20:48 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fc328f2e44d4ac962c03be665dbf6436
7ac1bb5dd0d42c9cb2e6a67b06b55934190691fe
7d7ced4a7da10564449ddec77f05d85557a2b2f7e8fe2a7d15541c7b52aee928
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7CED4A7DA10564449DDEC77F05D85557A2B2F7E8FE2A7D15541C7B52AEE928"
Last-Modified: Thu, 22 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8801
Expires: Sat, 24 Dec 2022 18:47:29 GMT
Date: Sat, 24 Dec 2022 16:20:48 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fc328f2e44d4ac962c03be665dbf6436
7ac1bb5dd0d42c9cb2e6a67b06b55934190691fe
7d7ced4a7da10564449ddec77f05d85557a2b2f7e8fe2a7d15541c7b52aee928
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7CED4A7DA10564449DDEC77F05D85557A2B2F7E8FE2A7D15541C7B52AEE928"
Last-Modified: Thu, 22 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8801
Expires: Sat, 24 Dec 2022 18:47:29 GMT
Date: Sat, 24 Dec 2022 16:20:48 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46c838f6-5365-43bb-981e-8ddefc5f3f14.jpeg
200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46c838f6-5365-43bb-981e-8ddefc5f3f14.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2d4cf077d410b94f1326e942304f9e9b
98fb13feecfada3cc8b467aa48d7cdf1ed8ab001
ec82cd83bfd4da849888b0535c9764cd4d462ef9e12c5934512858375908dfe4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46c838f6-5365-43bb-981e-8ddefc5f3f14.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5659
x-amzn-requestid: bc225a93-868b-42d4-aa94-c8fa16ef2c64
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dk33gHUqIAMFg1A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a50696-7710727f0f086a791a0e7939;Sampled=0
x-amzn-remapped-date: Fri, 23 Dec 2022 01:38:30 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Es7YaIRVfiybyKGY41ZE5UYSN0bfn6LmOUqcYZASi9QsXQqR9NSwTA==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Dec 2022 07:07:36 GMT
age: 33192
etag: "98fb13feecfada3cc8b467aa48d7cdf1ed8ab001"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fc328f2e44d4ac962c03be665dbf6436
7ac1bb5dd0d42c9cb2e6a67b06b55934190691fe
7d7ced4a7da10564449ddec77f05d85557a2b2f7e8fe2a7d15541c7b52aee928
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7CED4A7DA10564449DDEC77F05D85557A2B2F7E8FE2A7D15541C7B52AEE928"
Last-Modified: Thu, 22 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8801
Expires: Sat, 24 Dec 2022 18:47:29 GMT
Date: Sat, 24 Dec 2022 16:20:48 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fc328f2e44d4ac962c03be665dbf6436
7ac1bb5dd0d42c9cb2e6a67b06b55934190691fe
7d7ced4a7da10564449ddec77f05d85557a2b2f7e8fe2a7d15541c7b52aee928
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7CED4A7DA10564449DDEC77F05D85557A2B2F7E8FE2A7D15541C7B52AEE928"
Last-Modified: Thu, 22 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8801
Expires: Sat, 24 Dec 2022 18:47:29 GMT
Date: Sat, 24 Dec 2022 16:20:48 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d8a813d-10ee-4216-bb6b-8bcd1d8141e4.jpeg
200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d8a813d-10ee-4216-bb6b-8bcd1d8141e4.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6d90b80ebad103c48c3043c8d5e4c3ca
ab36c9309ce13b2a3d075461c2445f76bfc582aa
2287a6db0a6a58c570930c1f94c3b36d7acf383b26cdfa42261eb254598fa7c2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d8a813d-10ee-4216-bb6b-8bcd1d8141e4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7669
x-amzn-requestid: 4b35e79d-21c8-48d7-b11b-44bd820e29d2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dnnROG4UoAMFZdA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a61f3a-765739ad7e9063781ccb12b2;Sampled=0
x-amzn-remapped-date: Fri, 23 Dec 2022 21:35:54 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lhQA2yVBNtJ04goTms0KXhX6Q4v86TEe4EUioQs3eJzzMsCxbVmykw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 21:39:58 GMT
age: 67250
etag: "ab36c9309ce13b2a3d075461c2445f76bfc582aa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9bbf0437-e3f8-4c0c-ac43-11a9d84659cb.jpeg
200 OK 4.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9bbf0437-e3f8-4c0c-ac43-11a9d84659cb.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b92387330acabeb3e5475a52f789314e
c27aa6c638e130063905e556d5d2213dcadb690f
b67e7688d3ed7d4a7aaa9bae8c083f296ed9f52986e8bddbcc93ac13ae02a6af
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9bbf0437-e3f8-4c0c-ac43-11a9d84659cb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4576
x-amzn-requestid: 81468234-ef31-40ad-b003-2d22e8fd2ef8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dnnpAGi8oAMFXBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a61fd3-0ddf619f2677a5a134334202;Sampled=0
x-amzn-remapped-date: Fri, 23 Dec 2022 21:38:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: IxJvwJFHYzKzXY7mfM3nIRaRoDVu3auCR-dYq-zI_v77uau1cRT1LA==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 21:49:04 GMT
age: 66704
etag: "c27aa6c638e130063905e556d5d2213dcadb690f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
d1.debet.win/rs2/images/icon/truyen-thong.svg
200 OK 13 kB URL HTTP/2 d1.debet.win/rs2/images/icon/truyen-thong.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1586)
Hash 42e7439d42f8ef3accbad5bfbd5bd8db
324fe581b4e4cde1ece48b57d5b335bdf4497499
76ab5a3a974e4c9a13303dd12d86ecf9efda9aefe461ffd2f7176197c95e5a82
GET /rs2/images/icon/truyen-thong.svg HTTP/1.1
Host: d1.debet.win
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Dec 2022 16:20:47 GMT
content-type: image/svg+xml
last-modified: Thu, 27 Oct 2022 08:14:16 GMT
etag: W/"635a3dd8-e4d"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aoRm2y5ensVux5EgI64xzZj7KAyRxkYWL%2Bx0GdTjlB%2BJGG1Rs%2BQtvr2cQ5DDaiCEqN4AWuL9Mb9KvXZa%2Fo95QguZZkcFVr%2FXQIc9uDyxvTkY0kemtXsK8iOVXeuHnyc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77eaaa91e8b30afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
d1.debet.win/rs2/images/icon/sieu-toc.svg
200 OK 13 kB URL HTTP/2 d1.debet.win/rs2/images/icon/sieu-toc.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (648)
Hash d3ecbe9273ff58e75e2499d943e27604
457f7f1675dbd708b1e0ba2c8e801470182bab63
791846000470b080e9989aed1ed98c274667439ac28e5579bf5c5c95b3ea7f13
GET /rs2/images/icon/sieu-toc.svg HTTP/1.1
Host: d1.debet.win
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Dec 2022 16:20:47 GMT
content-type: image/svg+xml
last-modified: Thu, 27 Oct 2022 08:14:16 GMT
etag: W/"635a3dd8-1021"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vUW%2BPT8vinL0vRz%2BSimWPQ0vmc6x4k%2Bh1h09rnO%2BYuhLiIYQE8m1bqMIc1336wlTZLUk0fLWW7WkR%2FAqFAalov9P4Sb2aAVlzlmWylS7mIMYccvoDMnRSSEFlLc3zAM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77eaaa91e8b40afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4e532075-b8a0-41ff-8f08-8512cbb1b3d4.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4e532075-b8a0-41ff-8f08-8512cbb1b3d4.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3071a834e874a992c3b14f7a3f91b30f
559014c7e6e5019097b7da8b3a820a80a1f55b6c
4f8e29303936b4168f0ad765d8a2773a7247f249396147f68f6f9639b1ad1208
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4e532075-b8a0-41ff-8f08-8512cbb1b3d4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10356
x-amzn-requestid: 32dbf731-a18f-4150-b3cd-f30d2ab3c6a1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dnoi1GY2oAMFesg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a62145-55a5f14a6ea6e7dc3754a8be;Sampled=0
x-amzn-remapped-date: Fri, 23 Dec 2022 21:44:37 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: DC1Eu98-ihibH4I6ZY03Af2PxBrywSyjnoJRR2N453KiYvsa6hGefw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 21:49:04 GMT
age: 66704
etag: "559014c7e6e5019097b7da8b3a820a80a1f55b6c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ebee3d-1399-4100-87ce-23d8990b97d2.jpeg
200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ebee3d-1399-4100-87ce-23d8990b97d2.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 33d7fa2f0af62e65eb23c36297749038
d28362f2babfde4ca02f309b80be75bfc520de9a
070da72e06d4492a954b130ff6bef5ca5fd625f0fcfee81e801ef26a03d07e2f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ebee3d-1399-4100-87ce-23d8990b97d2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7478
x-amzn-requestid: b9f7f6d8-fada-45fd-80a7-3ac122dae6fc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dnoYlEbVIAMF_lA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a62103-15601045320b166c295d24d2;Sampled=0
x-amzn-remapped-date: Fri, 23 Dec 2022 21:43:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 1lxJbDYXaWwexDy9roJuh8FUu85Vi7qHtkZYBze8SbE2dWCCxH7duw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 21:49:01 GMT
age: 66707
etag: "d28362f2babfde4ca02f309b80be75bfc520de9a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcdce5468-cf1b-4a55-968b-1aaa101e60d6.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcdce5468-cf1b-4a55-968b-1aaa101e60d6.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 38cc82b5e5d8c2fee6f51021e156ec81
eafb4e029313caabcdbdc1002abcab95f66e91b1
b8cad011e1a98ee4e896f00263495aab7f9cab986736a7a5b4187b8e94c46493
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcdce5468-cf1b-4a55-968b-1aaa101e60d6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11939
x-amzn-requestid: a00e5ab5-ad16-4576-b046-381e36456998
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dkUhqE94oAMFu5A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a4ce0a-28687ad51eea1f6f3ce8cc86;Sampled=0
x-amzn-remapped-date: Thu, 22 Dec 2022 21:37:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: uIDvI3BVK0v68x1jkgw9GB0U1i3l2kyW81q2Kiy3ZDREqQmyUTXCnQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 21:38:32 GMT
age: 67336
etag: "eafb4e029313caabcdbdc1002abcab95f66e91b1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 98c3adfbf46be87e0af356cfb9f0c743
de71c9e14a3ddbbbc8e1879647824235dd35f87a
e09b0dc8d048869746fc0ff282fcc6c9a922133f7c8aeeb9ded2f621e7a05628
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3624
Cache-Control: max-age=146091
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 16:20:48 GMT
Etag: "63a6b063-117"
Expires: Mon, 26 Dec 2022 08:55:39 GMT
Last-Modified: Sat, 24 Dec 2022 07:55:15 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
200 OK 279 B IP
Hash 98c3adfbf46be87e0af356cfb9f0c743
de71c9e14a3ddbbbc8e1879647824235dd35f87a
e09b0dc8d048869746fc0ff282fcc6c9a922133f7c8aeeb9ded2f621e7a05628
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3624
Cache-Control: max-age=146091
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 16:20:48 GMT
Etag: "63a6b063-117"
Expires: Mon, 26 Dec 2022 08:55:39 GMT
Last-Modified: Sat, 24 Dec 2022 07:55:15 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 279
analytics.tiktok.com/i18n/pixel/events.js?sdkid=C3J6C71M4B6L4J2ECRV0&lib=ttq
200 OK 1.1 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/events.js?sdkid=C3J6C71M4B6L4J2ECRV0&lib=ttq
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (2310)
Hash eae9fe9d268ebe97e98c627e0ec71a5c
90ef62bdc0ce5f0a4a83c310bfa428fb4daab990
38fecf1382e9c65b71660020985e44bdc95d908bf882ef8b109de5ae0a31ef3f
GET /i18n/pixel/events.js?sdkid=C3J6C71M4B6L4J2ECRV0&lib=ttq HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.win/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
x-tt-logid: 20221224162048C896609791E70774B19F
x-tt-trace-host: 01250e51f4d5abc0e156abb7e367bacbb61987e92ca6e82fe8f5ce61a0d782a00b4dfd08e50f0278277be87baea86cf839a03835afe1e70aa2ecb05609acc545f0b904a00e2c19120e009776c9260fca5501eb04266a176194d9aebffc7179401b36f24943202063fab3f6761964528c8e
content-encoding: gzip
content-length: 1137
x-origin-response-time: 8,23.220.106.152
x-akamai-request-id: 184d22ca.20264035
expires: Sat, 24 Dec 2022 16:20:48 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 24 Dec 2022 16:20:48 GMT
x-cache: TCP_MISS from a95-101-10-109.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
vary: Accept-Encoding
set-cookie: _ttp=2JMrZXZxCCkxLAEtg393qdCVH2q; Path=/; Domain=tiktok.com; Max-Age=33696000; Secure; SameSite=None
x-cache-remote: TCP_MISS from a23-220-106-152.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=91, origin; dur=8, inner; dur=4
x-parent-response-time: 99,95.101.10.109
X-Firefox-Spdy: h2
cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514
200 OK 137 kB URL HTTP/2 cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514
IP
File type Unicode text, UTF-8 text, with very long lines (65532), with no line terminators
Size 137 kB (137110 bytes)
Hash e771e3048c81e2fefbd34516f8081cf4
ba730c578306e0de8b2b125788f6eb26102220c4
c7778e9bba9e3449f29c8a5ade2b155c494ca29dbd38bb3277e6ea5b3b5d9649
GET /sdks/OneSignalPageSDKES6.js?v=151514 HTTP/1.1
Host: cdn.onesignal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.win/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Dec 2022 16:20:48 GMT
content-type: application/javascript
etag: W/"2f96824aee4bf927e734cc519e3e726d"
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 730
expires: Tue, 27 Dec 2022 16:20:48 GMT
cache-control: public, max-age=259200
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
cf-ray: 77eaaa996afbb4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
analytics.tiktok.com/i18n/pixel/static/identify_13839.js
200 OK 31 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/static/identify_13839.js
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash bdbe45678ce11238207e20b501d7b7c4
2a061a285a8a0c205f334329b2e56ebac6cf8895
49f5403b6ec67d55d6825fe3b68bb6800d626624874bd6adb7559c7062687258
GET /i18n/pixel/static/identify_13839.js HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.win/
Cookie: _ttp=2JMrZXZxCCkxLAEtg393qdCVH2q
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-logid: 202212201657267608A5E9F4861511C10A
x-tt-trace-host: 0174209eab6deed09fed7ba820602a8f9dd4ca3726d5bfc9d82fd15f04e810a3c95b268479802a0cb91b232a29acb572422da2c28a019f05c7837b0e8da627a5828908ac44ad85c1662c88a539afbc6cc508efccb60b9ffdce113a9e9e4acf0ab9
content-encoding: gzip
content-length: 30900
date: Sat, 24 Dec 2022 16:20:48 GMT
x-cache: TCP_MEM_HIT from a95-101-10-109.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
x-akamai-request-id: 2026411e
X-Firefox-Spdy: h2
analytics.tiktok.com/api/v2/pixel
200 OK 0 B URL HTTP/2 analytics.tiktok.com/api/v2/pixel
IP
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v2/pixel HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 698
Origin: https://debet.win
Connection: keep-alive
Referer: https://debet.win/
Cookie: _ttp=2JMrZXZxCCkxLAEtg393qdCVH2q
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 202212241620483740F8D07E87DE7A9166
x-tt-trace-host: 01250e51f4d5abc0e156abb7e367bacbb61987e92ca6e82fe8f5ce61a0d782a00b4dfd08e50f0278277be87baea86cf839e87dd3c37a2e46e4a4d53dfe69c8b6c0f209c34521925cf1a36c698e6b982d0726f744e9bf4433f7200b57dd2565cfc830d674deda2083046634b603cfe79a56
x-origin-response-time: 28,23.220.106.152
x-akamai-request-id: 184d286c.20264128
expires: Sat, 24 Dec 2022 16:20:48 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 24 Dec 2022 16:20:48 GMT
x-cache: TCP_MISS from a95-101-10-109.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-cache-remote: TCP_MISS from a23-220-106-152.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=96, origin; dur=28, inner; dur=16
x-parent-response-time: 120,95.101.10.109
X-Firefox-Spdy: h2
d1.debet.win/rs2/images/icon/number-game.svg
200 OK 86 kB URL HTTP/2 d1.debet.win/rs2/images/icon/number-game.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (313)
Hash 7c198d4148d8a2c206622d572c7b2dfa
7bb1b3bcc30860eb704ce1ca93fee5ac62dd0138
35e68cb251da0b2f4866351c01b3e62bbe8a1b6f1c56820156c4857ed8377412
GET /rs2/images/icon/number-game.svg HTTP/1.1
Host: d1.debet.win
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sat, 24 Dec 2022 16:20:47 GMT
content-type: image/svg+xml
last-modified: Thu, 27 Oct 2022 08:14:16 GMT
etag: W/"635a3dd8-d5a"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G7XHaRdaDtLPfHOTrGp1%2ByEKJ8%2BSfcm4X%2Fl%2B8Y%2Be2HlqEbyqZChNemclBBiUnDDkMHRzN3a3tVy%2BsI%2BpO4OWsAHN535%2FLc4R%2Fu8EtazCl11UF74f7wtYgNg24ZkourM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77eaaa91f8c80afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
d1.debet.win/rs2/images/icon/loyalty.svg
200 OK 86 kB URL HTTP/2 d1.debet.win/rs2/images/icon/loyalty.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (906)
Hash 4bce393f4b0af23148ab13c581eadfc2
d8c491db2c7ab2f532e19808d6d383b95a9abd18
6dd7678da98a497b7a27c79b84f1b5903cce847aafab4c4322e5fb688a7be952
GET /rs2/images/icon/loyalty.svg HTTP/1.1
Host: d1.debet.win
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Dec 2022 16:20:47 GMT
content-type: image/svg+xml
last-modified: Thu, 27 Oct 2022 08:14:16 GMT
etag: W/"635a3dd8-43e"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zw8T8JWmOTuVNxQmiF46erGK1o7tOQ5CIZN%2BGyR9Hw%2BnrHEnv05fjUXpTMWIRftdhVS7vYeX%2FHr0c%2B3l026Gi5Wt9Dc4%2Fw8RwjlIORs7a%2B7Kw1DHbKkjD7t3zNojlXo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77eaaa91f8ba0afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
d1.debet.win/rs2/images/icon/dai-phat.svg
200 OK 86 kB URL HTTP/2 d1.debet.win/rs2/images/icon/dai-phat.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1425)
Hash b47064d97d25632e31258e5d6e8ce8ed
a879d351b07e6a51398e01756fc4829628a0aad4
41ebff8df8219312dd3cbe068007a08e68dce02f3d96234a85aed58635d551e2
GET /rs2/images/icon/dai-phat.svg HTTP/1.1
Host: d1.debet.win
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Dec 2022 16:20:47 GMT
content-type: image/svg+xml
last-modified: Thu, 27 Oct 2022 08:14:16 GMT
etag: W/"635a3dd8-a5a"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vJM44VSAQRvKxRNqA%2FnAwVV03yKULcUGhDWrWC8sh6%2BLjmVL0ExBo081w9AU1AeMxK2x7EBeoKYOfV3opfWacz93IzrFbibMt8zGKFPq3NMeQ43z8jACOyBTwFacQUo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77eaaa91e8b20afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 1dff53e8811ed358c6312229839778e0
79b4bb8a649b28725355d550dcddedab8ce3b29c
8aa0e7c04e39ac810428a9cace465fc9d7fe99b0224443cdf2eed12b148260cc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3268
Cache-Control: max-age=109004
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 16:20:49 GMT
Etag: "63a620e9-1d7"
Expires: Sun, 25 Dec 2022 22:37:33 GMT
Last-Modified: Fri, 23 Dec 2022 21:43:05 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.win/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sat, 24 Dec 2022 15:34:02 GMT
expires: Sat, 24 Dec 2022 17:34:02 GMT
cache-control: public, max-age=7200
age: 2807
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
200 OK 32 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP
Hash 1abe715b64b024babfc91b5d1edc93d3
d6c8846d3bf34761f887f6e99a3002996c949926
b3e64e8a8d76a1fa8d5ec3c950fc6d727ad687d1ecfea091218ff7101254ddc3
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.win/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: l6xDjO5UOjlSMSoyQHZiGiIHzb+R9TKeB6rdX03JN6epJQduJu2n1M0tZSbVjxSCWgFGrwryKDA2MOEsqbRo9g==
content-length: 27298
x-fb-trip-id: 1904183273
date: Sat, 24 Dec 2022 16:20:49 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
d1.debet.win/rs2/images/icon/no-hu.svg
200 OK 1.4 kB URL HTTP/2 d1.debet.win/rs2/images/icon/no-hu.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (328)
Hash 3518dfd2c0602e921d3abf1c192e4afb
bb480312848cb96aa16b3a3efb5729ed4d7cba0a
1111dd64b69f88abe67922ebcd1c58951ce9cdd03a4fedbf1b8c1c3a44946ed0
GET /rs2/images/icon/no-hu.svg HTTP/1.1
Host: d1.debet.win
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Dec 2022 16:20:47 GMT
content-type: image/svg+xml
last-modified: Thu, 27 Oct 2022 08:14:16 GMT
etag: W/"635a3dd8-1b0"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PsSsnk4fel12YgtHZg3eZz1LcsMTdhT0xqLbokSsOy8aqvtYaIQQQA%2Bfl%2Blu45Te3ZvJWBfLEh0VX0Sl3xwcIj944nN7ASQn4fH9%2FaeXno%2BtP7PXQaDMUIUCd7h1Z4o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77eaaa91e8ad0afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
d1.debet.win/rs2/images/icon/ingame.svg
200 OK 2.0 kB URL HTTP/2 d1.debet.win/rs2/images/icon/ingame.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1129)
Hash eeb2e7b03d3a28cfc2c540aa7900f7c3
17d903018865f4fcf9e0c4b37545463090944a9b
b58e0a03b5cf12eeba7914d5f10e018567b00939122c628d8e60f3ac99e23f53
GET /rs2/images/icon/ingame.svg HTTP/1.1
Host: d1.debet.win
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Dec 2022 16:20:47 GMT
content-type: image/svg+xml
last-modified: Thu, 27 Oct 2022 08:14:16 GMT
etag: W/"635a3dd8-a9f"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nH9Ze8Fjqvf%2BtCkyK9A96PlfOX8naxZowVz3SZIjwwiz4wc5kNHVITfoCeepC364ZcAUFUFTL5MFheK8Nl6IlnjCiihaJGz%2Fqi6y0DteCB7PsnqEJTBtzQ%2FbzYJ1%2B%2FI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77eaaa91e8b00afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
script.hotjar.com/modules.352fddba5b21bbfc3a08.js
200 OK 69 kB URL HTTP/2 script.hotjar.com/modules.352fddba5b21bbfc3a08.js
IP
File type Unicode text, UTF-8 text, with very long lines (48638)
Hash 3256c76707175033b83ffe82f89b32ec
d33e93f001d08e0449fde66b60493900f8f5c62e
cdb9b4030412de584b24a407d6186cd5971df1b3fb3168d819c8d9b9e5927bdf
GET /modules.352fddba5b21bbfc3a08.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.win/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 68894
date: Thu, 22 Dec 2022 08:07:05 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "3256c76707175033b83ffe82f89b32ec"
last-modified: Thu, 22 Dec 2022 08:06:23 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: QCg9ODiMlMsDJ5DX0hYJd6OkB5oT58i6lI8mwRGE9w64VSJmmBuqAA==
age: 202424
X-Firefox-Spdy: h2
cdn.livechatinc.com/tracking.js
200 OK 26 kB URL HTTP/2 cdn.livechatinc.com/tracking.js
IP
ASN #20940 Akamai International B.V.
Hash c406469fe11b48d86321c1248557cd1e
2fb2fb150707238f5f407e752d37d95570877695
54e0802a62929dc6665a0e70f497ae746dd0c793d2b99b42c1a480381f59d37b
GET /tracking.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.win/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Wed, 21 Dec 2022 09:50:36 GMT
x-amz-version-id: 5Yjqz9Bmhj6BVA2T4Mz1vi93OsAWGHkr
server: AmazonS3
content-encoding: br
etag: W/"23a81efcb30e2c563a43cb0327a64467"
vary: Accept-Encoding
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: pN0f-qPl6eY3cFGx0lOhEcBNHF1X1Wiw-O1xF8gl_WJZfCLNOMlaTw==
content-length: 26033
cache-control: max-age=28800
expires: Sun, 25 Dec 2022 00:20:49 GMT
date: Sat, 24 Dec 2022 16:20:49 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
X-Firefox-Spdy: h2
vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
200 OK 1.0 kB URL HTTP/2 vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Hash e0652b84b7b3b650769c759fc520c3f8
0b55d6e28613350c7f41b88f19e726e6751ad03b
94b4c240f83065223dcacdd3f8b69cb229d0616edc3e2041eef3e270d859fc3d
GET /box-5e66f98b4ee957db209dc6f63e3d59dd.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.win/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1035
date: Wed, 23 Nov 2022 13:10:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "e0652b84b7b3b650769c759fc520c3f8"
last-modified: Wed, 23 Nov 2022 13:09:18 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Oz3J7h7S-cTQcGFbz2h4diD9kOLIktIpusthcP4yAN7iiMDfLl1riw==
age: 2689843
X-Firefox-Spdy: h2
api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=14837349&url=https%3A%2F%2Fdebet.win%2F&channel_type=code&jsonp=__9nw079ul0nm
200 OK 262 B URL HTTP/2 api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=14837349&url=https%3A%2F%2Fdebet.win%2F&channel_type=code&jsonp=__9nw079ul0nm
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with no line terminators
Hash 26808feed433314ac7a7f48db0d7130a
42a5d4792528682cd12069f3c137f7dfd0149442
3f84af620f21c2014cc93ad329498cfb7425e203b49ef06b81f7fddd63038e21
GET /v3.3/customer/action/get_dynamic_configuration?license_id=14837349&url=https%3A%2F%2Fdebet.win%2F&channel_type=code&jsonp=__9nw079ul0nm HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.win/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-security-policy: frame-ancestors https://debet.win/;
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
vary: Accept-Encoding
x-frame-options: allow-from https://debet.win/
content-length: 262
date: Sat, 24 Dec 2022 16:20:49 GMT
X-Firefox-Spdy: h2
api.livechatinc.com/v3.3/customer/action/get_configuration?license_id=14837349&version=25.2.2.5.12.16.2.3.1.1.1.2.128&group_id=0&jsonp=__lc_static_config
200 OK 1.7 kB URL HTTP/2 api.livechatinc.com/v3.3/customer/action/get_configuration?license_id=14837349&version=25.2.2.5.12.16.2.3.1.1.1.2.128&group_id=0&jsonp=__lc_static_config
IP
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (4718), with no line terminators
Hash e91a1edd3fa6377d5e7ab0a13a6009ec
a1ddc5fad2958b4e6ad4a66148ce7ab5225b5ce7
f15e3633f4254d952d96d020373b4a1f2a61124b2da02e0ace2aae34c5351784
GET /v3.3/customer/action/get_configuration?license_id=14837349&version=25.2.2.5.12.16.2.3.1.1.1.2.128&group_id=0&jsonp=__lc_static_config HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.win/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
vary: Accept-Encoding
content-length: 1682
cache-control: public, max-age=599
expires: Sat, 24 Dec 2022 16:30:49 GMT
date: Sat, 24 Dec 2022 16:20:50 GMT
X-Firefox-Spdy: h2
api.livechatinc.com/v3.3/customer/action/get_localization?license_id=14837349&version=d4234139f0f2a5e50173b124f65938ca_30a86ee5938b4a9e12b52977b88981c9&language=vi&group_id=0&jsonp=__lc_localization
200 OK 4.7 kB URL HTTP/2 api.livechatinc.com/v3.3/customer/action/get_localization?license_id=14837349&version=d4234139f0f2a5e50173b124f65938ca_30a86ee5938b4a9e12b52977b88981c9&language=vi&group_id=0&jsonp=__lc_localization
IP
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (11813), with no line terminators
Hash f21a4419567717850da65e22c9929f78
621eafe3b8adee876910a0d550f7ac7af16a13c2
14a1cdb486cb0ecc45cca6974b7893597eab09542c06f4f2d7c2c2b3e25a07f5
GET /v3.3/customer/action/get_localization?license_id=14837349&version=d4234139f0f2a5e50173b124f65938ca_30a86ee5938b4a9e12b52977b88981c9&language=vi&group_id=0&jsonp=__lc_localization HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.win/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
vary: Accept-Encoding
cache-control: public, max-age=600
expires: Sat, 24 Dec 2022 16:30:50 GMT
date: Sat, 24 Dec 2022 16:20:50 GMT
content-length: 4664
X-Firefox-Spdy: h2
secure.livechatinc.com/customer/action/open_chat?license_id=14837349&group=0&embedded=1&widget_version=3&unique_groups=0
200 OK 6.7 kB URL HTTP/2 secure.livechatinc.com/customer/action/open_chat?license_id=14837349&group=0&embedded=1&widget_version=3&unique_groups=0
IP
ASN #20940 Akamai International B.V.
Hash a556978c21249b5bcfaa661b14acb5ab
3037ea53334c1f3be371931d1fd0caf99ba0698b
7bd2ebfe0736361297d417568d112939db0c13f14ea891a17dc9355e84cd7b60
GET /customer/action/open_chat?license_id=14837349&group=0&embedded=1&widget_version=3&unique_groups=0 HTTP/1.1
Host: secure.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.win/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: text/html; charset=utf-8
vary: Accept-Encoding
date: Sat, 24 Dec 2022 16:20:50 GMT
content-length: 2558
X-Firefox-Spdy: h2
cdn.livechatinc.com/widget/static/js/0.0f55d8dd.chunk.js
200 OK 15 kB URL HTTP/2 cdn.livechatinc.com/widget/static/js/0.0f55d8dd.chunk.js
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (47599), with no line terminators
Hash 59df903a307f8661bd53313a1a1ec2dd
c1b075479edfeed640cea3038d08915f5eedb9a8
6a19cca29c349c638cdb3a4f5103fe14562c865fc49184f33770f0f87b87bb7c
GET /widget/static/js/0.0f55d8dd.chunk.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 10 Nov 2022 13:27:43 GMT
x-amz-version-id: FTaBdM5aPM6e3Wa0SH3EvXHWpAST4v3U
server: AmazonS3
content-encoding: br
etag: W/"10a3d7ac1ed37325d3341c379ee0de69"
vary: Accept-Encoding
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: KgvNFtC8e1Ondp6OM2DSbEHtkwN5kS2GkPwb0uCzLz2iu3P1-YllZA==
content-length: 14934
cache-control: max-age=31536000
expires: Sun, 24 Dec 2023 16:20:50 GMT
date: Sat, 24 Dec 2022 16:20:50 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
X-Firefox-Spdy: h2
cdn.livechatinc.com/widget/static/js/iframe.6eb8d1d0.chunk.js
200 OK 206 kB URL HTTP/2 cdn.livechatinc.com/widget/static/js/iframe.6eb8d1d0.chunk.js
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65457)
Size 206 kB (205591 bytes)
Hash 65023dbe9798247646de81a93c912f4b
1313f463c1ec591782785cd914c81b96cff3ac52
148c502c15b7f0d17b22ef5012083fe5276de956abd9c31a893e59f8d5c46f9e
GET /widget/static/js/iframe.6eb8d1d0.chunk.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Dec 2022 09:50:39 GMT
x-amz-version-id: cG2sUKtNgTJp0NQQPdYhN5C9owT6edtj
server: AmazonS3
content-encoding: br
etag: W/"20b7d4b79c9b65f029f78fd5ce776c79"
vary: Accept-Encoding
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: fqGeijNObU4whbTrpmc1KBdRBvF3Js6zHlxRrnMDaHqvYpNg4dC8dg==
content-length: 205591
cache-control: max-age=31536000
expires: Sun, 24 Dec 2023 16:20:50 GMT
date: Sat, 24 Dec 2022 16:20:50 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
X-Firefox-Spdy: h2
cdn.livechatinc.com/widget/o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2
200 OK 13 kB URL HTTP/2 cdn.livechatinc.com/widget/o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2
IP
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 12852, version 1.0\012- data
Hash 3b5df7e947d77201eaf22f3dbdac08cc
21989ca07e4afe32d48982b816b8fac85ce3e668
4a46d61a9aed90cea010dbabcdb510b9ceff1b729a06b169cdbe142f66cbc86f
GET /widget/o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2 HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://secure.livechatinc.com
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 12852
last-modified: Tue, 18 Oct 2022 07:22:37 GMT
etag: "3b5df7e947d77201eaf22f3dbdac08cc"
x-amz-version-id: 4jMtpmrTh3NU2il.eSSLRODO9UYgvJk9
accept-ranges: bytes
server: AmazonS3
x-amz-cf-pop: HAM50-C2
x-amz-cf-id: KM8abeyaVeSEIxlLTJcUkoNH7_q4l1PlUQolOkL0_K8Ml-Hn8lULcg==
cache-control: max-age=31536000
expires: Sun, 24 Dec 2023 16:20:50 GMT
date: Sat, 24 Dec 2022 16:20:50 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
cdn.livechatinc.com/widget/o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2
200 OK 13 kB URL HTTP/2 cdn.livechatinc.com/widget/o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2
IP
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 12688, version 1.0\012- data
Hash d9f5998f47f6f22cb66e7dbf428c76ab
86b993baf91f867a03ea62e0d0adc9488530efaa
e94ba9c6df7a149b4b3c590bcc484ce24ce7c0f15c6f7f43479035a6311211d6
GET /widget/o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2 HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://secure.livechatinc.com
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 12688
last-modified: Tue, 18 Oct 2022 07:22:38 GMT
etag: "d9f5998f47f6f22cb66e7dbf428c76ab"
x-amz-version-id: msVoGOeEvv4rBAjmPT.bOOY9QhLnYq.K
accept-ranges: bytes
server: AmazonS3
x-amz-cf-pop: HAM50-P2
x-amz-cf-id: X3prfpUvaSuujXUioKllfbrWJRSujJaRcEeTIItJqtcJgekTOM8gKw==
cache-control: max-age=31536000
expires: Sun, 24 Dec 2023 16:20:50 GMT
date: Sat, 24 Dec 2022 16:20:50 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
socket.debet.win/socket.io/?EIO=4&transport=websocket&sid=7UG9B8b2oi4ZjnAsYhaK
101 Switching Protocols 0 B URL HTTP/1.1 socket.debet.win/socket.io/?EIO=4&transport=websocket&sid=7UG9B8b2oi4ZjnAsYhaK
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /socket.io/?EIO=4&transport=websocket&sid=7UG9B8b2oi4ZjnAsYhaK HTTP/1.1
Host: socket.debet.win
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://debet.win
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 5O7WKm0MrSES53OP+k9RWA==
Connection: keep-alive, Upgrade
Cookie: _gcl_au=1.1.638949366.1671898846; _ga=GA1.2.1227441239.1671898847; _gid=GA1.2.413774006.1671898847; _gat_UA-154730764-1=1; _hjSessionUser_1618335=eyJpZCI6IjRjOTc2NGViLWNhNjEtNTRlZi1iNzlkLWI0NmNhMTljOTMzNSIsImNyZWF0ZWQiOjE2NzE4OTg4NDc2MDgsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjSession_1618335=eyJpZCI6ImFjN2YwODBlLTg0Y2YtNGIwNy04YWQ2LTZjM2JmNGZmODYxZSIsImNyZWF0ZWQiOjE2NzE4OTg4NDc3MDQsImluU2FtcGxlIjpmYWxzZX0=; _hjAbsoluteSessionInProgress=0
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Sat, 24 Dec 2022 16:20:50 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: TUf49AdgYAqk3AYSM0SdovHsxk0=
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nh68AnIGcfhfIQaTu9X%2FaAgGmwDKuEBfcsAbkQt0IomnKlPsOYOzhKdRQ%2BmbwavLNcdp9H7iZtRy6wO5VqKYFRpAI6eBNdUsXsNEJmiEo7udxQWIUaFLGpNpVLKamSXMMn25"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77eaaaa40f9f1c12-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
analytics-s4.com//matomo.js
521 No Reason Phrase 29 kB URL HTTP/2 analytics-s4.com//matomo.js
IP
Hash 82325beea9ce100717c96aaead2ba991
cdf3e285269876ad3e0b95b89df7deaf304552fe
2da1492ec4b3bddbba739678c208e2364e284a0f479b5a0b92d78a801c57bd85
GET //matomo.js HTTP/1.1
Host: analytics-s4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.win/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 521 No Reason Phrase
date: Sat, 24 Dec 2022 16:20:49 GMT
content-type: text/html; charset=UTF-8
set-cookie: cf_use_ob=0; path=/; expires=Sat, 24-Dec-22 16:21:19 GMT
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
cf-ray: 77eaaaa0af9a0b4d-OSL
server: cloudflare
X-Firefox-Spdy: h2
socket.debet.win/socket.io/?EIO=4&transport=polling&t=OL4xzXI
200 OK 162 kB URL HTTP/2 socket.debet.win/socket.io/?EIO=4&transport=polling&t=OL4xzXI
IP
File type ASCII text, with no line terminators
Size 162 kB (161877 bytes)
Hash 550333314eab3a9a3c2a61e491627da1
32ac994faae420302437faaf9c1ecffcca30219b
7df8a7a26f878b597f599ad635f0d8603d9af7962ad669c0654cd4c6d366f42c
GET /socket.io/?EIO=4&transport=polling&t=OL4xzXI HTTP/1.1
Host: socket.debet.win
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://debet.win
Connection: keep-alive
Referer: https://debet.win/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sat, 24 Dec 2022 16:20:49 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=15pc2KxbNgxCqz0oJotRQPQXWhdmNx5eH111bbY7rdT8L5OoT%2FI091U20H6Z1cYhFD%2BZy%2Bc5%2BMGg3%2BVhYdmWGr4yR%2FDXt96gN3dWP5GKlkJ7ug2kyJ3TRxFHjuZfLM6u6ydj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77eaaaa0aa660b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
accounts.livechatinc.com/customer/token
200 OK 2.6 kB URL HTTP/2 accounts.livechatinc.com/customer/token
IP
ASN #20940 Akamai International B.V.
Hash dc35f9e16155bbc1f9399a3703f11748
639055d44b1be86d03b57c23d55c4c19d5ed0f74
4dba4eb4b3d0af9511c2b84025681ef0216bedf0f2a7302abb3cf711975dc806
POST /customer/token HTTP/1.1
Host: accounts.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 190
Origin: https://secure.livechatinc.com
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://secure.livechatinc.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: application/json
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
content-length: 138
date: Sat, 24 Dec 2022 16:20:50 GMT
set-cookie: __lc_cid=28ef751e-1978-4d0d-61c6-5d099340bb96; Path=/v2/customer/token; Domain=accounts.livechatinc.com; Expires=Tue, 24 Dec 2024 16:20:50 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None
__lc_cst=983ba590005c7f4db63e5f349bd6f5b87197319b1da6c2dd207cdec15b7cb45b3f540aa75ab597a2614a32f9e226d3904179c8ef84ef261b31e31f3f5a14; Path=/v2/customer/token; Domain=accounts.livechatinc.com; Expires=Tue, 24 Dec 2024 16:20:50 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None
__lc_cid=28ef751e-1978-4d0d-61c6-5d099340bb96; Path=/customer/token; Domain=accounts.livechatinc.com; Expires=Tue, 24 Dec 2024 16:20:50 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None
__lc_cst=983ba590005c7f4db63e5f349bd6f5b87197319b1da6c2dd207cdec15b7cb45b3f540aa75ab597a2614a32f9e226d3904179c8ef84ef261b31e31f3f5a14; Path=/customer/token; Domain=accounts.livechatinc.com; Expires=Tue, 24 Dec 2024 16:20:50 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None
__oauth_redirect_detector=counter=1&t=1671898880&tag=7ab936bf33b8f3dfd45304b408c639a47ffc6319; Path=/; Expires=Sat, 24 Dec 2022 16:21:20 GMT; HttpOnly; Secure; SameSite=None
X-Firefox-Spdy: h2
api.livechatinc.com/v3.3/customer/rtm/ws?license_id=14837349
101 Switching Protocols 1 B URL HTTP/1.1 api.livechatinc.com/v3.3/customer/rtm/ws?license_id=14837349
IP
ASN #20940 Akamai International B.V.
File type very short file (no magic)
Hash eccbc87e4b5ce2fe28308fd9f2a7baf3
77de68daecd823babbb58edb1c8e14d7106e83bb
4e07408562bedb8b60ce05c1decfe3ad16b72230967de01f640b7e4729b49fce
GET /v3.3/customer/rtm/ws?license_id=14837349 HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://secure.livechatinc.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: J85RXo7OWCJsahn0TWLYiA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
sec-websocket-accept: OZI+9vd5Vs+SXD7HpK+IyhK0BSs=
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://secure.livechatinc.com
legacy: 2023-06-30
Date: Sat, 24 Dec 2022 16:20:51 GMT
Upgrade: websocket
Connection: Upgrade
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e2b94572412cbd6dec9120f26fbd8edd
4ded5a76d85e2c35e8d3b1c5c196fa58159ba2a5
1371df100af0981a2cc1a7d9796c06dd16b71bd3e94f3439d7f789281853bb82
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 16:20:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-154730764-1&cid=1227441239.1671898847&jid=1934773135&gjid=74431951&_gid=413774006.1671898847&_u=YEBAAEAAAAAAACAAI~&z=1487969864
200 OK 2.5 kB URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-154730764-1&cid=1227441239.1671898847&jid=1934773135&gjid=74431951&_gid=413774006.1671898847&_u=YEBAAEAAAAAAACAAI~&z=1487969864
IP
Hash f80a2b857ce0e39ec57d5fa3ccf54ec2
d89ea677f0570c6a64c177cc74775ce18820d00b
4d843ee1a11d0bf76a48254175240c511094440efbd64931bb36704dc8efd8e8
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-154730764-1&cid=1227441239.1671898847&jid=1934773135&gjid=74431951&_gid=413774006.1671898847&_u=YEBAAEAAAAAAACAAI~&z=1487969864 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://debet.win
Connection: keep-alive
Referer: https://debet.win/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://debet.win
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 24 Dec 2022 16:20:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 473 B IP
Hash 1e5e594769011a03569725fc6e9e6a80
1b092770c8081f6e964bde8cd5e1233c7e589278
7d574cae5ddf3809e56e976f6ee7bcda11401bd4acb3e3366ac09b85fc448e0a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 16:20:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 2.3 kB IP
Hash 458207139dc46a47fdfae64b9cc79c6f
53d05bc4c6942238649865670988127232926cfd
254174af7f52d741b121f191dc95f7419d2091731a01d9b8e2d679dd0aeb6609
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 16:20:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 3.7 kB IP
Hash 8b187a625e548453e9856994a2689534
649216dd09fe14275c63187ddcac7fbac4d6a8c8
0e375d62dc111d06f967170cadf57134652316c9decf8fd469381e28be460c03
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 16:20:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-154730764-1&cid=1227441239.1671898847&jid=1934773135&_u=YEBAAEAAAAAAACAAI~&z=1002143387
200 OK 5.3 kB URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-154730764-1&cid=1227441239.1671898847&jid=1934773135&_u=YEBAAEAAAAAAACAAI~&z=1002143387
IP
Hash 35fea52dadf007478633ba4cdb7c498c
0b13548a03b3b3fd091f4ed5c01644a777bcc626
4d5ace9140b9609998fb3ddf50a9c41321327eea06a24b00feff4f0891c2ebe8
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-154730764-1&cid=1227441239.1671898847&jid=1934773135&_u=YEBAAEAAAAAAACAAI~&z=1002143387 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 24 Dec 2022 16:20:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-154730764-1&cid=1227441239.1671898847&jid=1934773135&_u=YEBAAEAAAAAAACAAI~&z=1002143387
200 OK 6.2 kB URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-154730764-1&cid=1227441239.1671898847&jid=1934773135&_u=YEBAAEAAAAAAACAAI~&z=1002143387
IP
Hash 47429cb72d04a432a0e956f40de07c8b
1521d8fb6f945c4f0516a247d2f6fca5cdbf66f4
dd17724e048d5d37edeae4cb16da14ef608ed93a257b55d98c4d8d726c082806
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-154730764-1&cid=1227441239.1671898847&jid=1934773135&_u=YEBAAEAAAAAAACAAI~&z=1002143387 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 24 Dec 2022 16:20:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 5ec1233b7456781e4e2fb3e8dfea4860
bf61533c9ec2a6310d80457b1231400cf8631868
820ff717f6d3609bf61e238fda2ecfd8fd9aaf77e85760c0154f72461b33de6e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 16:20:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 1.9 kB IP
Hash 9d0466291d221632c39e5d00742eb825
9672243705b4f05ddb6601de5f3712094f74ba3d
40d0bf7b7b8ff1d34649574ea23d9eb26b9c5961572b21ae8a5badc846bfdf01
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Dec 2022 16:20:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
c.clarity.ms/c.gif
302 Found 1 B IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type very short file (no magic)
Hash eccbc87e4b5ce2fe28308fd9f2a7baf3
77de68daecd823babbb58edb1c8e14d7106e83bb
4e07408562bedb8b60ce05c1decfe3ad16b72230967de01f640b7e4729b49fce
GET /c.gif HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?CtsSyncId=5CEA4096DD61458DA47C032C4DF04B72&RedC=c.clarity.ms&MXFR=3387FD425A5E66323BEBEFC65E5E6857
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure;
MUID=3387FD425A5E66323BEBEFC65E5E6857; domain=.clarity.ms; expires=Thu, 18-Jan-2024 16:20:51 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Sat, 24 Dec 2022 16:20:51 GMT
content-length: 0
X-Firefox-Spdy: h2
c.bing.com/c.gif?CtsSyncId=5CEA4096DD61458DA47C032C4DF04B72&RedC=c.clarity.ms&MXFR=3387FD425A5E66323BEBEFC65E5E6857
302 Found 0 B URL HTTP/2 c.bing.com/c.gif?CtsSyncId=5CEA4096DD61458DA47C032C4DF04B72&RedC=c.clarity.ms&MXFR=3387FD425A5E66323BEBEFC65E5E6857
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif?CtsSyncId=5CEA4096DD61458DA47C032C4DF04B72&RedC=c.clarity.ms&MXFR=3387FD425A5E66323BEBEFC65E5E6857 HTTP/1.1
Host: c.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://debet.win/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?CtsSyncId=5CEA4096DD61458DA47C032C4DF04B72&MUID=3ADFFCCD8F7A69211C12EE498E2D6876
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SRM_B=3ADFFCCD8F7A69211C12EE498E2D6876; domain=c.bing.com; expires=Thu, 18-Jan-2024 16:20:51 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4FD6A152C2DB477B92C1814140BE9F91 Ref B: OSL30EDGE0414 Ref C: 2022-12-24T16:20:51Z
date: Sat, 24 Dec 2022 16:20:51 GMT
content-length: 0
X-Firefox-Spdy: h2
c.clarity.ms/c.gif?CtsSyncId=5CEA4096DD61458DA47C032C4DF04B72&MUID=3ADFFCCD8F7A69211C12EE498E2D6876
200 OK 42 B URL HTTP/2 c.clarity.ms/c.gif?CtsSyncId=5CEA4096DD61458DA47C032C4DF04B72&MUID=3ADFFCCD8F7A69211C12EE498E2D6876
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 1 x 1\012- data
Hash 32023bb33cfb2a1990a4ef2d85b6ac16
23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
GET /c.gif?CtsSyncId=5CEA4096DD61458DA47C032C4DF04B72&MUID=3ADFFCCD8F7A69211C12EE498E2D6876 HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://debet.win/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
content-type: image/gif
last-modified: Mon, 12 Dec 2022 18:28:34 GMT
accept-ranges: bytes
etag: "ea79178b57ed91:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Sat, 24-Dec-2022 16:30:51 GMT; path=/; SameSite=None; Secure;
date: Sat, 24 Dec 2022 16:20:51 GMT
content-length: 42
X-Firefox-Spdy: h2
www.clarity.ms/eus2/s/0.7.1/clarity.js
200 OK 22 kB URL HTTP/2 www.clarity.ms/eus2/s/0.7.1/clarity.js
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 16ee98030c950dd43d4c74a2d4386aa2
3db9239b96e7cf8bb7b67aee527d456963c15747
365417306efcd516411a15b29dab8ecece5b638675d293639fdbfc782a2dc524
GET /eus2/s/0.7.1/clarity.js HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.win/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=86400
content-type: application/javascript;charset=utf-8
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
accept-ranges: bytes
etag: "1d913c18f6c839e"
server: Microsoft-IIS/10.0
x-cache: TCP_HIT
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
x-azure-ref-originshield: 0MlumYwAAAAA9BOkBe/VKSI7lrSOwN1NNQU1TMDRFREdFMTkxNwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-azure-ref: 04yanYwAAAAAD0LnihtyWQJ68XhbM0f77U1ZHMjBFREdFMDUxOAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Sat, 24 Dec 2022 16:20:51 GMT
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f2370a8-14bd-40e5-9d9f-63e8b4b4e9f3.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f2370a8-14bd-40e5-9d9f-63e8b4b4e9f3.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fae75097a9e461f59779e2725dd153d9
95b1e2797d9d047ca71f60851976937e83c804be
63981e99d995c1c79028f5e2205883a13ef9b1b96f3aa47cde2f4aa08ae6badb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f2370a8-14bd-40e5-9d9f-63e8b4b4e9f3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 10613
x-amzn-requestid: da298549-e2ce-47b1-9efa-ed817c6c416c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dnniXE12oAMF-Jw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a61fa8-2b396ad16595c0b349fdb450;Sampled=0
x-amzn-remapped-date: Fri, 23 Dec 2022 21:37:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _C8_4MMvadzwCZt0X_zX1Ors5vXDfS3NUMZAYFYwMXwZZOhpwsBdhA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 22:24:24 GMT
age: 64590
etag: "95b1e2797d9d047ca71f60851976937e83c804be"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
debet.info/
301 Moved Permanently 0 B IP
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
date: Sat, 24 Dec 2022 16:20:45 GMT
location: https://debet.club/
cache-control: max-age=3600
expires: Sat, 24 Dec 2022 17:20:45 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ei2S0N92lHQZx%2BX5xNj1y7sqtcR4NZ1MGOgaoALpvLtsIJysuzXkHgEM6WB4vxC%2BPD8NIOcItb1CXcQeafDwviTAyTJH7B%2FfkLrSWYLt93%2Bz%2FavD7zyWlBqT76o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77eaaa8b6d7ab521-OSL
X-Firefox-Spdy: h2
d1.debet.win/rs2/js/main.js
200 OK 0 B URL HTTP/2 d1.debet.win/rs2/js/main.js
IP
GET /rs2/js/main.js HTTP/1.1
Host: d1.debet.win
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.win/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sat, 24 Dec 2022 16:20:48 GMT
content-type: application/javascript
last-modified: Fri, 23 Dec 2022 11:52:23 GMT
etag: W/"63a59677-30cea"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QJ15ybBrbOG1fgdN%2FBKqYlLLq9P8QHZS8Q6a8R07wNn18njAcyvdJs1POo4EoNrUyVV1w9fDYJFVF2PjcXfQ7vbU8g1mEd0Ggdw7Ch9ePpGIjRjlP8TfT8CQFgZwd58%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77eaaa91e8a50afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
d1.debet.win/rs2/images/icon/game-bai.svg
200 OK 0 B URL HTTP/2 d1.debet.win/rs2/images/icon/game-bai.svg
IP
GET /rs2/images/icon/game-bai.svg HTTP/1.1
Host: d1.debet.win
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sat, 24 Dec 2022 16:20:47 GMT
content-type: image/svg+xml
last-modified: Thu, 27 Oct 2022 08:14:16 GMT
etag: W/"635a3dd8-83e"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F2OsGemMd31NjbqXo77OTn59Yam7evYutr5ZoJsgvNZZ3M6TBBj4fO59RO47fXT8V1EY5uHFgrnXTkLWv0ctvSsRzwUJoSxgaGAgOnZrGS7vSVMDrJ4OnWTe0rIhFUc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77eaaa91f8c60afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
debet.win/
200 OK 0 B IP
GET / HTTP/1.1
Host: debet.win
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sat, 24 Dec 2022 16:20:46 GMT
content-type: text/html; charset=utf-8
set-cookie: device=desktop; Path=/
domain=https%3A%2F%2Fdebet.win; Path=/
host=debet.win; Path=/
server-timing: total;dur=44;desc="Nuxt Server Time"
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2iTwd1EufBG6Toiq9cEKbajiO1VQGVIDwjxAGqi0UCQxt1l5w4%2BEClHM38AW5EoB9zHHYELi6Bg5yT9Dk1r6vrql%2FowXURJhbh3D%2BBi2tRlYZmvDztlBvBC9u5k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77eaaa8d987eb500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
d1.debet.win/rs2/images/icon/quay-so.svg
200 OK 0 B URL HTTP/2 d1.debet.win/rs2/images/icon/quay-so.svg
IP
GET /rs2/images/icon/quay-so.svg HTTP/1.1
Host: d1.debet.win
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Dec 2022 16:20:47 GMT
content-type: image/svg+xml
last-modified: Thu, 27 Oct 2022 08:14:16 GMT
etag: W/"635a3dd8-f8a"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0p9O5eu7XkGW5nuOZER30hsqDvKzp%2FD2xgOKOUCFKPhZgEOOC47qXWGMHYnlQt8R1tL58K7mYk2bhEcpida%2FO6CuJtf786lZdaTAUp%2Fs7ys4a9rgOYbeHv3DEfYTjNQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77eaaa91e8ab0afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
d1.debet.win/rs2/images/icon/slot.svg
200 OK 0 B URL HTTP/2 d1.debet.win/rs2/images/icon/slot.svg
IP
GET /rs2/images/icon/slot.svg HTTP/1.1
Host: d1.debet.win
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Dec 2022 16:20:47 GMT
content-type: image/svg+xml
last-modified: Thu, 27 Oct 2022 08:14:16 GMT
etag: W/"635a3dd8-5dd"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nGYhocLAyvQFwY6em%2Fxr86Uk7gc0Zt%2FwJIFdkuYdHNx31%2FFrmVXWl6aVz9TgHHxGSrBOWrLFPAyUklFAET1YJzsSbrNquW0Uz2%2FW%2Fuf6jViygRTjFkObJkASJVcT1Qc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77eaaa91e8ae0afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
d1.debet.win/rs2/images/icon/songbai.svg
200 OK 0 B URL HTTP/2 d1.debet.win/rs2/images/icon/songbai.svg
IP
GET /rs2/images/icon/songbai.svg HTTP/1.1
Host: d1.debet.win
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sat, 24 Dec 2022 16:20:47 GMT
content-type: image/svg+xml
last-modified: Thu, 17 Nov 2022 08:00:07 GMT
etag: W/"6375ea07-857"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qlsv1IBAWdy3eVuHbsf34rcE%2B%2FrNIP5a%2BR60g%2Bhc6J63OAq1KPqtwgxW%2BLH7%2B4D03GWXqzGOkmPzholPT8sUh3JMoQi%2Bx6zXIOJhEP8UYFwFv9kIfhDMo7bNNjnpUc4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77eaaa91f8c50afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
d1.debet.win/rs2/images/icon/munich.svg
200 OK 0 B URL HTTP/2 d1.debet.win/rs2/images/icon/munich.svg
IP
GET /rs2/images/icon/munich.svg HTTP/1.1
Host: d1.debet.win
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Dec 2022 16:20:47 GMT
content-type: image/svg+xml
last-modified: Thu, 27 Oct 2022 08:14:16 GMT
etag: W/"635a3dd8-42d"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=taayV34sekKvixje0ITwzpb5a6Ds8OFmoiPKJRiABz1ElAG%2BikYjHw6ta1Sux4FM%2B4U1qTgBjOl5AYG3BKvEwUV7DzGTCWqOaIXWAcZuiA1%2FLZB2Cr0O4iYuuBTh7Ss%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77eaaa91e8a90afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.clarity.ms/tag/74lt8w59wa
200 OK 0 B URL HTTP/2 www.clarity.ms/tag/74lt8w59wa
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /tag/74lt8w59wa HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.win/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: application/x-javascript
expires: -1
set-cookie: CLID=15c416daef694a308e11b89f93b74dbb.20221224.20231224; expires=Sun, 24 Dec 2023 16:20:49 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
x-cache: CONFIG_NOCACHE
x-azure-ref: 04SanYwAAAABD7iDNG4NSR4eKCg6lwHXuU1ZHMjBFREdFMDUxOAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Sat, 24 Dec 2022 16:20:49 GMT
X-Firefox-Spdy: h2
d1.debet.win/rs2/images/icon/discount.svg
200 OK 0 B URL HTTP/2 d1.debet.win/rs2/images/icon/discount.svg
IP
GET /rs2/images/icon/discount.svg HTTP/1.1
Host: d1.debet.win
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Dec 2022 16:20:47 GMT
content-type: image/svg+xml
last-modified: Thu, 27 Oct 2022 08:14:16 GMT
etag: W/"635a3dd8-95b"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JpWIh4AIwdcCJcKvFPom7Cn%2BimUDPykA%2FprrO%2FZpxoaWoYq4dHXpn6rDeVI57NEDJvqbteU5EA6381LjHZC4yYkTCWLiK4yGBu9zwyGp1Jn6cq%2B9MivXQ7eWujGgpec%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77eaaa91f8b60afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
d1.debet.win/rs2//images/icon-tele-new.svg
200 OK 0 B URL HTTP/2 d1.debet.win/rs2//images/icon-tele-new.svg
IP
GET /rs2//images/icon-tele-new.svg HTTP/1.1
Host: d1.debet.win
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Dec 2022 16:20:47 GMT
content-type: image/svg+xml
last-modified: Wed, 07 Dec 2022 06:47:50 GMT
etag: W/"63903716-298"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jd7Pkyc4XAoVZoXe8eBIZzH%2BU%2B11MnmpVmYUzXPvuIIqrw2dvgjiq00LKuTJwXFlzjw8%2BQ59KwlQZSMSvUIw8uzBGw9VLZkLKxeSOj7lVC779WodCDYbR9BHbY97g8k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77eaaa91f8c30afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.livechatinc.com/widget/static/js/1.e70c3212.chunk.js
200 OK 0 B URL HTTP/2 cdn.livechatinc.com/widget/static/js/1.e70c3212.chunk.js
IP
ASN #20940 Akamai International B.V.
GET /widget/static/js/1.e70c3212.chunk.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 13 Dec 2022 11:41:36 GMT
x-amz-version-id: 4he9aXnAzzD0s9QWqf7vYLwfUTS9PPNG
server: AmazonS3
content-encoding: br
etag: W/"baae8b5a0b52d6c3a7fb6e64c0990eb9"
vary: Accept-Encoding
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: 46c1wpc46IOlD77LQuI2vveF6NXpn48lbXHFieMkVeKt1lRP5p1KGw==
content-length: 66530
cache-control: max-age=31536000
expires: Sun, 24 Dec 2023 16:20:50 GMT
date: Sat, 24 Dec 2022 16:20:50 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
X-Firefox-Spdy: h2
d1.debet.win/rs2/images/icon/keno.svg
200 OK 0 B URL HTTP/2 d1.debet.win/rs2/images/icon/keno.svg
IP
GET /rs2/images/icon/keno.svg HTTP/1.1
Host: d1.debet.win
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sat, 24 Dec 2022 16:20:47 GMT
content-type: image/svg+xml
last-modified: Thu, 27 Oct 2022 08:14:16 GMT
etag: W/"635a3dd8-605"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KmSzg1s4sT7R%2BvgUuc%2Fl%2BCavvXEs1GBD5nuh%2FBPfgatsZoRXoZtvJs1Xr5%2FvK7IS0oSgCWvsOtXFva42eYQORpiRWTCHxe42iUxrs5uvwaaCdViE0QRQd%2BlhtK2h5uc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77eaaa91f8c70afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
socket.debet.win/socket.io/?EIO=4&transport=polling&t=OL4xzok&sid=7UG9B8b2oi4ZjnAsYhaK
200 OK 0 B URL HTTP/2 socket.debet.win/socket.io/?EIO=4&transport=polling&t=OL4xzok&sid=7UG9B8b2oi4ZjnAsYhaK
IP
GET /socket.io/?EIO=4&transport=polling&t=OL4xzok&sid=7UG9B8b2oi4ZjnAsYhaK HTTP/1.1
Host: socket.debet.win
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://debet.win
Connection: keep-alive
Referer: https://debet.win/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Dec 2022 16:20:50 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TCJSW6%2FXKrx1SwkzNOzTNg4XTmdGP5g3vGmeEoc7D3B5aSFOrdiKhWitaw4U36KsMeBVw5ppB4vytMOoZqyw0lE6%2FuZyaCmEqDGNY9AIdpaQQxgBBc98hbdaoQIB8imdevAl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77eaaaa74d5d0b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.onesignal.com/sdks/OneSignalSDK.js
200 OK 0 B URL HTTP/2 cdn.onesignal.com/sdks/OneSignalSDK.js
IP
GET /sdks/OneSignalSDK.js HTTP/1.1
Host: cdn.onesignal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.win/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 24 Dec 2022 16:20:48 GMT
content-type: application/javascript
etag: W/"ae63ef8ff03da61fffaa7f165729897a"
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 742
expires: Tue, 27 Dec 2022 16:20:48 GMT
cache-control: public, max-age=259200
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
cf-ray: 77eaaa992ac8b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
d1.debet.win/rs2/images/icon/quick-game.svg
200 OK 0 B URL HTTP/2 d1.debet.win/rs2/images/icon/quick-game.svg
IP
GET /rs2/images/icon/quick-game.svg HTTP/1.1
Host: d1.debet.win
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Dec 2022 16:20:47 GMT
content-type: image/svg+xml
last-modified: Thu, 27 Oct 2022 08:14:16 GMT
etag: W/"635a3dd8-7cc"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iv2Be63j93zRkhxRC0EUVcvmgLMoEOSDbCU71xNStTNKIfBZz7196k34xyYQrdzFfh13Ezvs69WXiaNSz%2Fe3e4%2FY0g0GXLR5E3TVSj766YPxP%2Fg%2FgePpUSdZA%2B29LS8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77eaaa91e8a70afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
d1.debet.win/rs2/images/icon/table-game.svg
200 OK 0 B URL HTTP/2 d1.debet.win/rs2/images/icon/table-game.svg
IP
GET /rs2/images/icon/table-game.svg HTTP/1.1
Host: d1.debet.win
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Dec 2022 16:20:47 GMT
content-type: image/svg+xml
last-modified: Thu, 27 Oct 2022 08:14:16 GMT
etag: W/"635a3dd8-a4b"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cBsrauuUL1Dvg6gpH1el8DT8ok67ePu%2BqHPpQVrxcM%2Bg20zYdFltcIrFCGBe9H9sTn4EWGQGpf9WxeEDa7eGbdUqHiPhHpkYT4Lw51LkxrK8Osp%2FGQCVPXg6YpdKDGw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77eaaa91e8b10afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
d1.debet.win/rs2/images/icon/event.svg
200 OK 0 B URL HTTP/2 d1.debet.win/rs2/images/icon/event.svg
IP
GET /rs2/images/icon/event.svg HTTP/1.1
Host: d1.debet.win
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Dec 2022 16:20:47 GMT
content-type: image/svg+xml
last-modified: Thu, 27 Oct 2022 08:14:16 GMT
etag: W/"635a3dd8-a05"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ndFH%2FYxZrfZwx2hyoJxL1Ab6ilJd83tdKa2sZxgarC8ArZalfoDEhNpc6mSFV3Sv1XKvdxZd6D1Cvs1WEWB8cUk3HQhQ8ujYQN4h%2FNDhRmFsos2C3ybRpGwB5K%2FkYmE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77eaaa91f8bb0afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
d1.debet.win/rs2/assets/images/theme/noel/logo.svg
200 OK 0 B URL HTTP/2 d1.debet.win/rs2/assets/images/theme/noel/logo.svg
IP
GET /rs2/assets/images/theme/noel/logo.svg HTTP/1.1
Host: d1.debet.win
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sat, 24 Dec 2022 16:20:48 GMT
content-type: image/svg+xml
last-modified: Mon, 19 Dec 2022 11:39:37 GMT
etag: W/"63a04d79-1c4740"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qR5TNdUskg084xUcC1Q8PKAYbONEV7jd5KkCosl7HwY%2Bc%2B3AyVoTUV%2FyBlroJ2TzW7ccu1TiUqOe7x4gEVQUcv1%2Flbp0su2cNxyLd4EWqEIFO%2BOHxgi4%2F0J3ZmWOpPA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77eaaa91f8c40afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-1618335.js?sv=7
200 OK 0 B URL HTTP/2 static.hotjar.com/c/hotjar-1618335.js?sv=7
IP
GET /c/hotjar-1618335.js?sv=7 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.win/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
date: Sat, 24 Dec 2022 16:20:49 GMT
cache-control: max-age=60
etag: W/56984693579b47b8e094fcc8aa1d2cfb
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: O8M8kLh-UwOndvmNT55radW6toDcYyfDEDigfS3_YHrgAqliigIfJQ==
X-Firefox-Spdy: h2
172.67.74.31
95.101.10.113
104.21.8.213
93.184.220.29
188.114.96.1
31.13.72.12