Report - joycasinos.cc/

Report Overview

Submitted URL
joycasinos.cc/
IP
172.67.137.93
ASN
#13335 CLOUDFLARENET
Submitted
2023-02-02 15:18:17
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
2
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	100 kB	34.120.237.76
vi-sber1-5.jivosite.com	unknown	2022-05-03T09:02:44Z	2023-03-12T11:10:34Z	577 B	197 B	37.230.195.73
joycasinos.cc	unknown	2022-05-10T02:48:44Z	2023-02-11T19:56:08Z	788 B	1.4 kB	104.21.38.186
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	54.70.239.215
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-13T07:36:03Z	1.2 kB	516 B	142.250.74.110
code-ya.jivosite.com	66854	2019-12-06T19:49:15Z	2023-03-13T05:15:57Z	783 B	8.4 kB	92.223.126.56
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	686 B	1.4 kB	142.250.74.131
node-sber1-az2-1.jivosite.com	626086	2022-02-08T10:56:50Z	2023-03-09T05:36:45Z	444 B	735 B	46.243.226.213
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	2.7 kB	7.1 kB	23.36.76.226
e1.o.lencr.org	6159	2021-08-20T09:36:30Z	2023-03-13T05:21:46Z	676 B	1.5 kB	23.36.76.226
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
telemetry.jivosite.com	44693	2015-07-15T10:41:42Z	2023-03-13T09:49:16Z	449 B	107 B	94.139.254.11
ocsp.godaddy.com	698	2012-05-20T21:28:57Z	2023-03-13T05:12:19Z	340 B	3.2 kB	192.124.249.24
ocsp2.globalsign.com	1544	2012-05-23T20:10:04Z	2023-03-13T05:14:17Z	357 B	1.9 kB	104.18.21.226
code.jivo.ru	unknown	2022-03-30T17:10:58Z	2023-03-13T05:15:58Z	2.1 kB	384 kB	92.223.124.24

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-02-02 15:18:32	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-02-02 15:18:32	medium	Client IP	Internal IP	ET DNS Query for .cc TLD

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (22)

	URL	Size	First Seen	Last Seen
	joycasinos.cc/wp-content/cache/min/1/wp-content/themes/play/js/custom-f0d51512e6ceea080dbefc362b96778b.js	2.7 kB	2023-03-13	2023-03-13
Pretty URL joycasinos.cc/wp-content/cache/min/1/wp-content/themes/play/js/custom-f0d51512e6ceea080dbefc362b96778b.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 09:06:42 Last Seen2023-03-13 15:06:26 Times Seen1 Hash a975d8ba547097487ac6077c26c04f80 dde47e7a97748906a09c2532693aed40bede63e9 ca3464c3e1ac4f43ce8535419b676dd44fb411e72e679e7d129ae0a532d85abb Loading...

	joycasinos.cc/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/lazyload.min.js	7.9 kB	2023-03-07	2024-04-25
Pretty URL joycasinos.cc/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/lazyload.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:09 Last Seen2024-04-25 17:24:32 Times Seen3334 Hash d18523e4a4aaa9420a86e4dddfb07554 fa22a3d38dc3c87ca92f1456846682abeb696b96 6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41 Loading...

	http:text/javascript;base64,CiAgd2luZG93LmRhdGFMYXllciA9IHdpbmRvdy5kYXRhTGF5ZXIgfHwgW107CiAgZnVuY3Rpb24gZ3RhZygpe2RhdGFMYXllci5wdXNoKGFyZ3VtZW50cyk7fQogIGd0YWcoJ2pzJywgbmV3IERhdGUoKSk7CgogIGd0YWcoJ2NvbmZpZycsICdVQS0xMzc5NTEwMjItOScpOwo=	155 B	2023-03-13	2023-03-13
Pretty URL http:text/javascript;base64,CiAgd2luZG93LmRhdGFMYXllciA9IHdpbmRvdy5kYXRhTGF5ZXIgfHwgW107CiAgZnVuY3Rpb24gZ3RhZygpe2RhdGFMYXllci5wdXNoKGFyZ3VtZW50cyk7fQogIGd0YWcoJ2pzJywgbmV3IERhdGUoKSk7CgogIGd0YWcoJ2NvbmZpZycsICdVQS0xMzc5NTEwMjItOScpOwo= IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 09:06:42 Last Seen2023-03-13 15:06:26 Times Seen1 Hash fc3424df145f0fe0877f41ebaef58bb6 e8abfb165254a96a0a746de04de1c61006a564b0 78c0b832ba561c29fd6e10431e6d9b74df34eda6aaca096c94fe8c4280418acf Loading...

	joycasinos.cc/wp-content/cache/busting/google-tracking/ga-d40531c5e99a6f84e42535859476fe35.js	50 kB	2023-03-07	2024-04-25
Pretty URL joycasinos.cc/wp-content/cache/busting/google-tracking/ga-d40531c5e99a6f84e42535859476fe35.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-25 19:24:16 Times Seen842 Hash d40531c5e99a6f84e42535859476fe35 a901817d77b2fe5259c298c91bc65c54d7f8a1a9 a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Loading...

	joycasinos.cc/	1.1 MB	2023-03-13	2023-03-13
Pretty URL joycasinos.cc/ IP 104.21.38.186 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:37:42 Last Seen2023-03-13 19:02:02 Times Seen1 Hash f7d88d054519adcf06c4b4d86b45ff99 39083f0688af5b5edcd926701a237dc32995fabc 6456305376300ea6f206910c585f5da0f688c89c28f81a1df15945d50cc2c1f2 Loading...

	joycasinos.cc/	594 B	2023-03-13	2023-03-13
Pretty URL joycasinos.cc/ IP 104.21.38.186 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 09:06:42 Last Seen2023-03-13 15:06:26 Times Seen1 Hash 6ff96205282547987c5cff38f36730a3 2d17280c3a83b8bf86e37ebaa18705ee2d2b17bc db043c1dcf6f3fd4549842003babcaca54b9f656d20e9fe63db75073e4a5c3ff Loading...

	joycasinos.cc/	1.6 kB	2023-03-07	2024-02-24
Pretty URL joycasinos.cc/ IP 104.21.38.186 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:53 Last Seen2024-02-24 17:44:08 Times Seen21 Hash f4196b3a4ede6e3d213b9d873a9834c3 ed3ad74fa75d5e60a9d6901b5cdaedf428a58d56 e5fce1842f240bbc4599d98a4a0fe66d8e345c050f6c5ba73eae27de2b792610 Loading...

	joycasinos.cc/	1.1 kB	2023-03-08	2024-01-22
Pretty URL joycasinos.cc/ IP 104.21.38.186 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:51:29 Last Seen2024-01-22 20:52:12 Times Seen11 Hash 144e7378f3fb25d96058f08d4b20263a 27f53e6879ebad2b31eb471975d9015b83bdcc43 5c52798539407c29a67604001926a7c305de5a469a0f85393d066837bf27c3d0 Loading...

	joycasinos.cc/	2.1 kB	2023-03-07	2024-04-26
Pretty URL joycasinos.cc/ IP 104.21.38.186 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:09 Last Seen2024-04-26 06:21:32 Times Seen6356 Hash 9cd47ac5a0389a37b4d8e7d194e17c9a 9121da7907e37462c10ce8616f06b5c22f640744 ae37d2523200d80db4a789404c079f2cb1bb172ed526cb27909f929c9d935cda Loading...

	joycasinos.cc/	3.4 kB	2023-03-07	2024-01-21
Pretty URL joycasinos.cc/ IP 104.21.38.186 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:24:12 Last Seen2024-01-21 13:25:44 Times Seen31 Hash 100de5bed32cfc5a8d929858ff96b55b d126e355a41915858e25f97e92b8846c3ff4126a 73525f87990a2b6451ec674b671729b902bae4812a10058b75ce975b6af035f8 Loading...

	joycasinos.cc/	412 B	2023-03-07	2023-12-26
Pretty URL joycasinos.cc/ IP 104.21.38.186 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:53 Last Seen2023-12-26 02:10:21 Times Seen23 Hash 57d866f31fd3c8ef4107ec24df644978 76276bb21c6acbd5665ceb6601d7167e67159049 c05c169542a3ed730b0dca81b5fbfc3f141316fc8d089d864504248d68b35cb4 Loading...

	code-ya.jivosite.com/widget/skDSOuO5Xy	18 kB	2023-03-13	2023-03-13
Pretty URL code-ya.jivosite.com/widget/skDSOuO5Xy IP 92.223.126.56 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:06:57 Last Seen2023-03-13 19:02:02 Times Seen1 Hash bef5f14af57a8e43d7e80f80ca3c3419 0d650e593afcdb52e004d1054ff234a85724bdb1 9b5e3380a49c538347da5df52e9e8ee349a75943576d3a598cd35bd6f632fba1 Loading...

	joycasinos.cc/	1.4 kB	2023-03-07	2024-04-23
Pretty URL joycasinos.cc/ IP 104.21.38.186 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:53 Last Seen2024-04-23 23:58:28 Times Seen707 Hash 4c08d8c2ce8faf62e5d66e8364a6d881 ab090a0c6e7ce35c8da2a1c82ff36d0f8a2572d5 f7f5f6e9cf00e218439b997c3e68cd435dfa97bae7c751a7f715ecdb3dddba9f Loading...

	joycasinos.cc/wp-content/cache/min/1/wp-content/themes/play/js/bootstrap-63bb474b32e9b3ec917df4d8c66a9d78.js	80 kB	2023-03-13	2023-03-13
Pretty URL joycasinos.cc/wp-content/cache/min/1/wp-content/themes/play/js/bootstrap-63bb474b32e9b3ec917df4d8c66a9d78.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 09:06:42 Last Seen2023-03-13 15:06:26 Times Seen1 Hash 29a9e2988f8c70ec42955bd77f515edc c194e44588dff33754d76b4dc68d933cf7fddb29 c3ee5f2124110d3fc4d129ac8cd90c723e6a75cf99f200a2aff23a534ef9eab7 Loading...

	joycasinos.cc/wp-content/cache/min/1/wp-content/themes/play/js/modal-2239e7228d1da4f90dec1d5e45a2ea42.js	7.7 kB	2023-03-13	2023-03-13
Pretty URL joycasinos.cc/wp-content/cache/min/1/wp-content/themes/play/js/modal-2239e7228d1da4f90dec1d5e45a2ea42.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 09:06:42 Last Seen2023-03-13 15:06:26 Times Seen1 Hash a58f3b2be8bf20be9633f9243673cfe5 d0681afd7912d63721ed548bd0672af93ad29356 f0aec65e2ec717b06752dcd3deb4a871af6476526d9ddb3e15d5b391a679f649 Loading...

	joycasinos.cc/	404 B	2023-03-13	2023-03-13
Pretty URL joycasinos.cc/ IP 104.21.38.186 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 09:06:42 Last Seen2023-03-13 15:06:26 Times Seen1 Hash c5243f50573e0d7e302b65566aabb016 8e6f917cbe30b033c99f2aa9a330e2f7cde9efba 9f180233e51cafdfdc8a89a1fd60ffe2fe6fc853baf1c0f9bede7cef2a610ff8 Loading...

	joycasinos.cc/	1.6 kB	2023-03-07	2024-04-25
Pretty URL joycasinos.cc/ IP 104.21.38.186 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:32 Last Seen2024-04-25 10:08:32 Times Seen691 Hash 388722716c8c89af1136cef19a98017c 50875c3734cfd73eb9856bef783de97dbb496dae d39b00bf80cd9591e726005002d8084407bdb41ce867ac0e70ede5b7a781c472 Loading...

	joycasinos.cc/wp-content/cache/min/1/wp-content/themes/play/js/buffer-link-68727d1b70ad7f7662b5b990c5e7c542.js	846 B	2023-03-10	2023-10-19
Pretty URL joycasinos.cc/wp-content/cache/min/1/wp-content/themes/play/js/buffer-link-68727d1b70ad7f7662b5b990c5e7c542.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 09:30:41 Last Seen2023-10-19 10:51:49 Times Seen2 Hash c80a08e7f5a12b055f7c6fd66efdf938 03180f2049a24ebfb7b6ec4f1eb6beb8ff1ba3c3 00f3af798f6e5c9248ad7f4e722a2397331540d51d04c44dbdfb4189b8bb656a Loading...

	joycasinos.cc/wp-content/cache/min/1/wp-content/themes/play/js/faq-66f8345b0c21f3486de701feb39da13c.js	316 B	2023-03-10	2024-01-09
Pretty URL joycasinos.cc/wp-content/cache/min/1/wp-content/themes/play/js/faq-66f8345b0c21f3486de701feb39da13c.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 09:30:41 Last Seen2024-01-09 16:25:38 Times Seen15 Hash 135447573c4bd051375539ba6df890fa e97ae1ea05ea93309744562c29e3f85d491c2586 b26603497f00baabb22c8b7f5895a2ad28fa17bd3083738839a88bd268c583d4 Loading...

	joycasinos.cc/wp-content/cache/busting/1/gtm-1fee394ad8ee76be2f8bd1fe539ad891.js	98 kB	2023-03-13	2023-03-13
Pretty URL joycasinos.cc/wp-content/cache/busting/1/gtm-1fee394ad8ee76be2f8bd1fe539ad891.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 09:06:42 Last Seen2023-03-13 15:06:26 Times Seen1 Hash 833ff666d5a0004080c21f99d5ed655c c09b52a9ee480a75d6b7bb222eee590456433419 5483659360c37db82e9c8619583b3b02e7726cb581ce6388d8fd93bf9683f253 Loading...

	joycasinos.cc/wp-includes/js/jquery/jquery.min.js?ver=3.6.1	90 kB	2023-03-08	2024-04-26
Pretty URL joycasinos.cc/wp-includes/js/jquery/jquery.min.js?ver=3.6.1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:46 Last Seen2024-04-26 04:19:36 Times Seen31827 Hash 17738318d61d394f1de8890d589afaec f6d0c4dc1399cf02d53f5753ad46573a8bbc2ac3 cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981 Loading...

		Size	First Seen	Last Seen
	#1 Write - 29d23d4ac4e60b3e4dd6fcc2fa047262	1.1 MB	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 12:37:43 Last Seen2023-03-13 19:02:02 Times Seen1 Hash 29d23d4ac4e60b3e4dd6fcc2fa047262 24173ac60a5dd7c3d7c7d513dca3be5669ebf96d 3d5f8e209aef0e8545920616458f96e85bfbf2722518cdd5f9a95f86500cd444 Loading...

HTTP Transactions (38)

	URL	IP	Response	Size
	joycasinos.cc/	104.21.38.186	301 Moved Permanently	0 B
URL HTTP/1.1 joycasinos.cc/ IP 104.21.38.186:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET / HTTP/1.1 Host: joycasinos.cc User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1` HTTP/1.1 301 Moved Permanently Date: Thu, 02 Feb 2023 15:18:05 GMT Transfer-Encoding: chunked Connection: keep-alive Cache-Control: max-age=3600 Expires: Thu, 02 Feb 2023 16:18:05 GMT Location: https://joycasinos.cc/ Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XiJKFck9rLPEpFzyI9zXzNY2rKAr6sHcZE65ivLoYfwigprbXNF57z01CLHx0XTTGK8C%2BVvj4SU0gZkykUedFIVod7p%2Ba8rAk82xnrVGa9Bxpz7Zrw3lXIu4K8xth7Iq"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 7933e5bebfdeb50b-OSL alt-svc: h2=":443"; ma=60

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash e935ea42be4feaed61a824b0b903913e f966cfa80d65a805cb9d7c6a53b3340865d7c51a eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815" Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3107 Expires: Thu, 02 Feb 2023 16:09:53 GMT Date: Thu, 02 Feb 2023 15:18:06 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 7e05c8461bd2dc5a149f71e2c465ea29 705983959c887e243cb55a8a1796757b579ee977 4d9ea085d5dda9dabed11af9847c2b0aa6182358673b356a4e2bd631e22a9922 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "4D9EA085D5DDA9DABED11AF9847C2B0AA6182358673B356A4E2BD631E22A9922" Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9161 Expires: Thu, 02 Feb 2023 17:50:47 GMT Date: Thu, 02 Feb 2023 15:18:06 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/	35.241.9.150	200 OK	939 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/ IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size 939 B (939 bytes) Hash 30db107dcf4380cef05efea409c2e6a3 96e6a306fbc07299aba64e5c14e2bfca35872fa9 b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e HTTP Headers `GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Thu, 02 Feb 2023 14:36:06 GMT content-type: application/json age: 2520 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 9a76feabb767086ae0fa54e0ffbf763f 3655d78994a1e9838340669462728b67c8c12e54 bf215ab858c7785b7c01f7d3d437a918f056f00fe9b065820e1cdd09b7bba8f9 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "BF215AB858C7785B7C01F7D3D437A918F056F00FE9B065820E1CDD09B7BBA8F9" Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8027 Expires: Thu, 02 Feb 2023 17:31:53 GMT Date: Thu, 02 Feb 2023 15:18:06 GMT Connection: keep-alive`

	content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain	34.160.144.191	200 OK	5.3 kB
URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain IP 34.160.144.191:0 ASN #15169 GOOGLE File type PEM certificate\012- , ASCII text Size 5.3 kB (5348 bytes) Hash 7b922915ebf1fa3639b333f994c74f24 144a3f80b98fd0652d4614f24cf6cbbee40f8938 adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c HTTP Headers `GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK x-amz-id-2: iScX/5LLR6cnp+RC/7CtHHeipIpePDI2tY/IYHpjYCoFmhWI4IWvnDFLOEl4laoApt7eLPMCGhY= x-amz-request-id: X5MFRD7D049834ZC content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Thu, 02 Feb 2023 14:52:01 GMT age: 1565 last-modified: Mon, 09 Jan 2023 18:04:21 GMT etag: "7b922915ebf1fa3639b333f994c74f24" content-type: binary/octet-stream cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2`

	e1.o.lencr.org/	23.36.76.226	200 OK	345 B
URL HTTP/1.1 e1.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 345 B (345 bytes) Hash 887b6c71ae66e89e947586b7d5a81105 06400f7ed2fca06c6bc657cb234ad9e20643475e 9ff521b229d7b770ca14569c079a866e7de3463ee41251773ab2eb247104f485 HTTP Headers `POST / HTTP/1.1 Host: e1.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 345 ETag: "9FF521B229D7B770CA14569C079A866E7DE3463EE41251773AB2EB247104F485" Last-Modified: Wed, 01 Feb 2023 19:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=1900 Expires: Thu, 02 Feb 2023 15:49:46 GMT Date: Thu, 02 Feb 2023 15:18:06 GMT Connection: keep-alive`

	contile.services.mozilla.com/v1/tiles	34.117.237.239	200 OK	12 B
URL HTTP/2 contile.services.mozilla.com/v1/tiles IP 34.117.237.239:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with no line terminators Size 12 B (12 bytes) Hash 23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 HTTP Headers `GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Thu, 02 Feb 2023 15:18:06 GMT content-type: application/json content-length: 12 access-control-allow-credentials: true access-control-expose-headers: content-type vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2`

	e1.o.lencr.org/	23.36.76.226	200 OK	343 B
URL HTTP/1.1 e1.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 343 B (343 bytes) Hash f60bbcddee11b9cf9434a5ec4060aa49 cda072bc7dbe433d956d2297297f72ddfe521924 19b5948d63f46773ecf7a5615f172b56f9d03a0a7a28355da7828dbe0f8c42ef HTTP Headers `POST / HTTP/1.1 Host: e1.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 343 ETag: "19B5948D63F46773ECF7A5615F172B56F9D03A0A7A28355DA7828DBE0F8C42EF" Last-Modified: Thu, 02 Feb 2023 15:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=21600 Expires: Thu, 02 Feb 2023 21:18:06 GMT Date: Thu, 02 Feb 2023 15:18:06 GMT Connection: keep-alive`

	ocsp.godaddy.com/	192.124.249.24	200 OK	2.7 kB
URL HTTP/1.1 ocsp.godaddy.com/ IP 192.124.249.24:0 ASN #30148 SUCURI-SEC File type data Size 2.7 kB (2721 bytes) Hash cc8a5d36a0bff9279c3a6b43849f3e22 f0b279bfda2fe82ca4f0e87e003b0c4ac561bb9a 72ae50053b612f00150bcb02b9b1462657ff96174a1b1da90b0185db74e79d96 HTTP Headers `POST / HTTP/1.1 Host: ocsp.godaddy.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 75 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: Sucuri/Cloudproxy Date: Thu, 02 Feb 2023 15:18:06 GMT Content-Type: application/ocsp-response Content-Length: 1777 Connection: keep-alive X-Sucuri-ID: 15024 Content-Transfer-Encoding: Binary Cache-Control: public, no-transform, must-revalidate Last-Modified: Thu, 02 Feb 2023 01:53:32 GMT Expires: Fri, 03 Feb 2023 01:53:32 GMT ETag: "3f19be4f5ce47874e5caffd3c33a255239b9d250" P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"`

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US	35.241.9.150	200 OK	329 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size 329 B (329 bytes) Hash 0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 HTTP Headers `GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Length, Retry-After, Last-Modified, Cache-Control, Pragma, ETag, Backoff, Content-Type, Alert, Expires content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Thu, 02 Feb 2023 15:07:19 GMT age: 647 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	code-ya.jivosite.com/widget/skDSOuO5Xy	92.223.126.56	200 OK	6.0 kB
URL HTTP/2 code-ya.jivosite.com/widget/skDSOuO5Xy IP 92.223.126.56:0 ASN #199524 G-Core Labs S.A. File type ASCII text, with very long lines (17537), with no line terminators Size 6.0 kB (6030 bytes) Hash 69852c52507415a99029b96cfd024ba9 fe591f9ee6f059cb472a7ea117d808540e9c713e 1938915f08c01c8ad4275e86c8abcbbf8e113cd1d7fd53898e67aacfcb6a6017 HTTP Headers `GET /widget/skDSOuO5Xy HTTP/1.1 Host: code-ya.jivosite.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://joycasinos.cc/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Thu, 02 Feb 2023 15:18:06 GMT content-type: application/javascript content-length: 6030 access-control-allow-origin: * cache-control: max-age=7200 content-encoding: br etag: "63d3d1ff-178e" expires: Thu, 02 Feb 2023 09:50:43 GMT last-modified: Fri, 27 Jan 2023 13:30:39 GMT vary: Accept-Encoding via: 1.1 sharxy x-geo-shard: sber1 cache: STALE x-cached-since: 2023-02-02T07:50:43+00:00 x-id: am3-up-gc94 accept-ranges: bytes X-Firefox-Spdy: h2`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 2751084b42dd111d0a7f28241a77201b 680a9ac2f4cf451c9a8449c4df3587595ed9cc4c 1c68a770afbcdb5405fe330f2eabefa576ea1d08740719956083d7f6b490ccf8 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 02 Feb 2023 15:18:06 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	www.google-analytics.com/j/collect?v=1&_v=j96&a=792116176&t=pageview&_s=1&dl=https%3A%2F%2Fjoycasinos.cc%2F&ul=en-us&de=UTF-8&dt=JoyCasino%20%E2%80%94%20%D0%BE%D1%84%D0%B8%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BA%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE%20%D0%94%D0%B6%D0%BE%D0%B9%D0%BA%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE%2C%20%D0%B8%D0%B3%D1%80%D0%B0%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%B8%20%D0%BD%D0%B0%20%D0%B4%D0%B5%D0%BD%D1%8C%D0%B3%D0%B8%20%D0%B2%202023%20%D0%B3%D0%BE%D0%B4%D1%83&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAAC~&jid=207293826&gjid=1958812462&cid=62919623.1675351113&tid=UA-137951022-9&_gid=1592962177.1675351113&_r=1&gtm=2ou3u0&z=1578604458	142.250.74.110	200 OK	1 B
URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j96&a=792116176&t=pageview&_s=1&dl=https%3A%2F%2Fjoycasinos.cc%2F&ul=en-us&de=UTF-8&dt=JoyCasino%20%E2%80%94%20%D0%BE%D1%84%D0%B8%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BA%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE%20%D0%94%D0%B6%D0%BE%D0%B9%D0%BA%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE%2C%20%D0%B8%D0%B3%D1%80%D0%B0%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%B8%20%D0%BD%D0%B0%20%D0%B4%D0%B5%D0%BD%D1%8C%D0%B3%D0%B8%20%D0%B2%202023%20%D0%B3%D0%BE%D0%B4%D1%83&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAAC~&jid=207293826&gjid=1958812462&cid=62919623.1675351113&tid=UA-137951022-9&_gid=1592962177.1675351113&_r=1&gtm=2ou3u0&z=1578604458 IP 142.250.74.110:0 ASN #15169 GOOGLE File type very short file (no magic) Size 1 B (1 bytes) Hash c4ca4238a0b923820dcc509a6f75849b 356a192b7913b04c54574d18c28d46e6395428ab 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b HTTP Headers POST /j/collect?v=1&_v=j96&a=792116176&t=pageview&_s=1&dl=https%3A%2F%2Fjoycasinos.cc%2F&ul=en-us&de=UTF-8&dt=JoyCasino%20%E2%80%94%20%D0%BE%D1%84%D0%B8%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BA%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE%20%D0%94%D0%B6%D0%BE%D0%B9%D0%BA%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE%2C%20%D0%B8%D0%B3%D1%80%D0%B0%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%B8%20%D0%BD%D0%B0%20%D0%B4%D0%B5%D0%BD%D1%8C%D0%B3%D0%B8%20%D0%B2%202023%20%D0%B3%D0%BE%D0%B4%D1%83&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAAC~&jid=207293826&gjid=1958812462&cid=62919623.1675351113&tid=UA-137951022-9&_gid=1592962177.1675351113&_r=1&gtm=2ou3u0&z=1578604458 HTTP/1.1 Host: www.google-analytics.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain Content-Length: 0 Origin: https://joycasinos.cc Connection: keep-alive Referer: https://joycasinos.cc/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site `HTTP/2 200 OK access-control-allow-origin: https://joycasinos.cc date: Thu, 02 Feb 2023 15:18:06 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate last-modified: Sun, 17 May 1998 03:00:00 GMT access-control-allow-credentials: true x-content-type-options: nosniff content-type: text/plain cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 1 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 2751084b42dd111d0a7f28241a77201b 680a9ac2f4cf451c9a8449c4df3587595ed9cc4c 1c68a770afbcdb5405fe330f2eabefa576ea1d08740719956083d7f6b490ccf8 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 02 Feb 2023 15:18:06 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 8913af0be619500295008bb91f506660 a7b8068ba9aa506205a295b24458c2616997a0d1 6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A" Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2360 Expires: Thu, 02 Feb 2023 15:57:26 GMT Date: Thu, 02 Feb 2023 15:18:06 GMT Connection: keep-alive`

	code-ya.jivosite.com/script/widget/config/skDSOuO5Xy	92.223.126.56	200 OK	1.4 kB
URL HTTP/2 code-ya.jivosite.com/script/widget/config/skDSOuO5Xy IP 92.223.126.56:0 ASN #199524 G-Core Labs S.A. File type JSON data\012- , ASCII text, with very long lines (4535), with no line terminators Size 1.4 kB (1449 bytes) Hash ce5db721d219c80134c1831d09aafbb3 5c44b15177d00e7e6594e5caacac31721f1ac75f a777dc9a0e59c30904a26ad098c5e63aae674dd3cf298ea1baebc4574d214d0c HTTP Headers `GET /script/widget/config/skDSOuO5Xy HTTP/1.1 Host: code-ya.jivosite.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://joycasinos.cc Connection: keep-alive Referer: https://joycasinos.cc/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Thu, 02 Feb 2023 15:18:07 GMT content-type: application/x-javascript content-length: 1449 access-control-allow-origin: * cache-control: max-age=7200 content-encoding: gzip expires: Thu, 02 Feb 2023 09:50:43 GMT vary: Accept-Encoding via: 1.1 sharxy x-geo-shard: sber1 cache: STALE x-cached-since: 2023-02-02T07:50:43+00:00 x-id: am3-up-gc94 accept-ranges: bytes X-Firefox-Spdy: h2`

	node-sber1-az2-1.jivosite.com/widget/status/851242/skDSOuO5Xy?rnd=0.4837682776454457	46.243.226.213	200 OK	197 B
URL HTTP/2 node-sber1-az2-1.jivosite.com/widget/status/851242/skDSOuO5Xy?rnd=0.4837682776454457 IP 46.243.226.213:0 ASN #208677 Cloud technology Limited (Ltd.) File type JSON data\012- , Unicode text, UTF-8 text, with no line terminators Size 197 B (197 bytes) Hash 39c2ed6f03be380687782fd9cea21492 8d42d3969da71ea197da5933eee0cf1d65517e8b fd1a363fb2ca30fac7a6206f8c7ccaa87be64f9004557a59b06cfcd8380e4e0d HTTP Headers `GET /widget/status/851242/skDSOuO5Xy?rnd=0.4837682776454457 HTTP/1.1 Host: node-sber1-az2-1.jivosite.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://joycasinos.cc Connection: keep-alive Referer: https://joycasinos.cc/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK access-control-allow-credentials: true access-control-allow-max-age: 1728000 access-control-allow-origin: https://joycasinos.cc access-control-expose-headers: X-Geoip, X-Botmode cache-control: no-cache, no-store, must-revalidate content-security-policy: frame-ancestors 'none'; content-type: application/json; charset=utf-8; date: Thu, 02 Feb 2023 15:18:07 GMT pragma: no-cache server: foxy/2.0.1 x-botmode: no x-frame-options: DENY x-geoip: NO;03;Oslo (Alna District) content-length: 197 X-Firefox-Spdy: h2

	push.services.mozilla.com/	54.70.239.215	101 Switching Protocols	0 B
URL HTTP/1.1 push.services.mozilla.com/ IP 54.70.239.215:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: SDnewXaiV8RG1aN05H1lyg== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: gp4barsGv0AGNgxc9Vl6mF19Knc=`

	ocsp2.globalsign.com/gsalphasha2g2	104.18.21.226	200 OK	1.4 kB
URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2 IP 104.18.21.226:0 ASN #13335 CLOUDFLARENET File type data Size 1.4 kB (1423 bytes) Hash 19abae1b394f070b9c605ac110305fee 0c462a3b5d0db65be379a204dc7d1dd42957f0c5 8cd553a769f6bff1967ce2b6ca884825c6b76d300afd2a9a85d594c10c2685bf HTTP Headers `POST /gsalphasha2g2 HTTP/1.1 Host: ocsp2.globalsign.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 79 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Thu, 02 Feb 2023 15:18:07 GMT Content-Type: application/ocsp-response Content-Length: 1423 Connection: keep-alive Expires: Mon, 06 Feb 2023 12:51:07 GMT ETag: "0c462a3b5d0db65be379a204dc7d1dd42957f0c5" Last-Modified: Thu, 02 Feb 2023 12:51:08 GMT Cache-Control: public, no-transform, must-revalidate, s-maxage=3600 CF-Cache-Status: HIT Age: 967 Accept-Ranges: bytes Vary: Accept-Encoding Server: cloudflare CF-RAY: 7933e5c85bb90afa-OSL`

	code.jivo.ru/js/bundle_ru_RU.js?rand=1675073338	92.223.124.24	200 OK	312 kB
URL HTTP/2 code.jivo.ru/js/bundle_ru_RU.js?rand=1675073338 IP 92.223.124.24:0 ASN #199524 G-Core Labs S.A. File type Unicode text, UTF-8 text, with very long lines (61072), with no line terminators Size 312 kB (312243 bytes) Hash e0051d8ec4339805d765667e70dcef17 1fb505a49abf57e7d6fe0718254b69fd1c0bd5c6 0c273d5c1ba1ceea145e98e8a1a1cd67a15d2c5e0e7acfe59440489f43e9064a HTTP Headers `GET /js/bundle_ru_RU.js?rand=1675073338 HTTP/1.1 Host: code.jivo.ru User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://joycasinos.cc/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Thu, 02 Feb 2023 15:18:07 GMT content-type: application/javascript content-length: 312243 access-control-allow-origin: * cache-control: max-age=86400 content-encoding: br etag: "63d3d258-4c3b3" last-modified: Fri, 27 Jan 2023 13:32:08 GMT vary: Accept-Encoding via: 1.1 sharxy x-geo-shard: sber1 cache: HIT x-cached-since: 2023-02-02T10:09:20+00:00 x-id: fr5-up-gc15 accept-ranges: bytes X-Firefox-Spdy: h2`

	code.jivo.ru/css/b5db4a2/widget.css	92.223.124.24	200 OK	55 kB
URL HTTP/2 code.jivo.ru/css/b5db4a2/widget.css IP 92.223.124.24:0 ASN #199524 G-Core Labs S.A. File type ASCII text, with very long lines (65536), with no line terminators Size 55 kB (54830 bytes) Hash 004931a4da9cfd7562213d8bbb13d82e 736d6359b42f730f53e1584632d5ec5e9f843b81 aa7da624e1a373d5d19c1de7b2280c4684125a66bf45cc5a0d6d98cad216061c HTTP Headers `GET /css/b5db4a2/widget.css HTTP/1.1 Host: code.jivo.ru User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://joycasinos.cc/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK server: nginx date: Thu, 02 Feb 2023 15:18:07 GMT content-type: text/css content-length: 54830 cache-control: max-age=864000 content-encoding: br etag: "63d3d23f-d62e" expires: Thu, 09 Feb 2023 10:09:19 GMT last-modified: Fri, 27 Jan 2023 13:31:43 GMT vary: Accept-Encoding via: 1.1 sharxy x-geo-shard: sber1 cache: HIT x-cached-since: 2023-01-30T10:09:19+00:00 x-id: fr5-up-gc15 accept-ranges: bytes X-Firefox-Spdy: h2`

	code.jivo.ru/sounds/agent_message.mp3	92.223.124.24	206 Partial Content	3.8 kB
URL HTTP/2 code.jivo.ru/sounds/agent_message.mp3 IP 92.223.124.24:0 ASN #199524 G-Core Labs S.A. File type MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo\012- data Size 3.8 kB (3760 bytes) Hash 8e9a165c4cb185ffd0b2658fa088e43b 195873e5e8bbb2f5ecc32d95f90d6fb75817a649 ff81aad05612f90cf97c238f219765884e5cbf49351d8dc96a4a063c598c3f43 HTTP Headers `GET /sounds/agent_message.mp3 HTTP/1.1 Host: code.jivo.ru User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: audio/webm,audio/ogg,audio/wav,audio/;q=0.9,application/ogg;q=0.7,video/;q=0.6,/;q=0.5 Accept-Language: en-US,en;q=0.5 Range: bytes=0- Connection: keep-alive Referer: https://joycasinos.cc/ Sec-Fetch-Dest: audio Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 206 Partial Content server: nginx date: Thu, 02 Feb 2023 15:18:08 GMT content-type: audio/mpeg content-length: 3760 access-control-allow-methods: GET, POST, OPTIONS access-control-allow-origin: * cache-control: max-age=2592000 etag: "63cf9eb6-eb0" expires: Tue, 28 Feb 2023 09:08:20 GMT last-modified: Tue, 24 Jan 2023 09:02:46 GMT vary: Accept-Encoding via: 1.1 sharxy x-geo-shard: sber1 cache: HIT x-cached-since: 2023-01-29T09:08:20+00:00 x-id: fr5-up-gc15 content-range: bytes 0-3759/3760 X-Firefox-Spdy: h2

	code.jivo.ru/sounds/outgoing_message.mp3	92.223.124.24	206 Partial Content	5.0 kB
URL HTTP/2 code.jivo.ru/sounds/outgoing_message.mp3 IP 92.223.124.24:0 ASN #199524 G-Core Labs S.A. File type MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo\012- data Size 5.0 kB (5014 bytes) Hash 7bf3e4962a5ecf1f8cbcc2ff3428f531 f75c694461a643d2e096ae8d0f6c1a9d19602eee d44244617bf21df7a137694fa762d5cab3b82cb9fae8f33de5917977b02b2a11 HTTP Headers `GET /sounds/outgoing_message.mp3 HTTP/1.1 Host: code.jivo.ru User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: audio/webm,audio/ogg,audio/wav,audio/;q=0.9,application/ogg;q=0.7,video/;q=0.6,/;q=0.5 Accept-Language: en-US,en;q=0.5 Range: bytes=0- Connection: keep-alive Referer: https://joycasinos.cc/ Sec-Fetch-Dest: audio Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 206 Partial Content server: nginx date: Thu, 02 Feb 2023 15:18:08 GMT content-type: audio/mpeg content-length: 5014 access-control-allow-methods: GET, POST, OPTIONS access-control-allow-origin: * cache-control: max-age=2592000 etag: "63cf9eb6-1396" expires: Tue, 28 Feb 2023 09:08:26 GMT last-modified: Tue, 24 Jan 2023 09:02:46 GMT vary: Accept-Encoding via: 1.1 sharxy x-geo-shard: sber1 cache: HIT x-cached-since: 2023-01-29T09:08:26+00:00 x-id: fr5-up-gc15 content-range: bytes 0-5013/5014 X-Firefox-Spdy: h2

	code.jivo.ru/sounds/notification.mp3	92.223.124.24	206 Partial Content	5.8 kB
URL HTTP/2 code.jivo.ru/sounds/notification.mp3 IP 92.223.124.24:0 ASN #199524 G-Core Labs S.A. File type Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Monaural\012- data Size 5.8 kB (5808 bytes) Hash 9aa341af370c4e59155717260ba0f282 0c1216ecead8d1409557c843d96202c063f3f252 1112436abea08c851302bba4d4e37a27e25e5ec26b20474667a3369d41154bab HTTP Headers `GET /sounds/notification.mp3 HTTP/1.1 Host: code.jivo.ru User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: audio/webm,audio/ogg,audio/wav,audio/;q=0.9,application/ogg;q=0.7,video/;q=0.6,/;q=0.5 Accept-Language: en-US,en;q=0.5 Range: bytes=0- Connection: keep-alive Referer: https://joycasinos.cc/ Sec-Fetch-Dest: audio Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 206 Partial Content server: nginx date: Thu, 02 Feb 2023 15:18:08 GMT content-type: audio/mpeg content-length: 5808 access-control-allow-methods: GET, POST, OPTIONS access-control-allow-origin: * cache-control: max-age=2592000 etag: "63cf9eb6-16b0" expires: Tue, 28 Feb 2023 09:10:13 GMT last-modified: Tue, 24 Jan 2023 09:02:46 GMT vary: Accept-Encoding via: 1.1 sharxy x-geo-shard: sber1 cache: HIT x-cached-since: 2023-01-29T09:10:13+00:00 x-id: fr5-up-gc15 content-range: bytes 0-5807/5808 X-Firefox-Spdy: h2

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash e8e0173672ec76c01676a1ba4e1be857 3d01334320c94972440226cfe96c8c7646cae796 c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1" Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=15935 Expires: Thu, 02 Feb 2023 19:43:43 GMT Date: Thu, 02 Feb 2023 15:18:08 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash e8e0173672ec76c01676a1ba4e1be857 3d01334320c94972440226cfe96c8c7646cae796 c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1" Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=15935 Expires: Thu, 02 Feb 2023 19:43:43 GMT Date: Thu, 02 Feb 2023 15:18:08 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash e8e0173672ec76c01676a1ba4e1be857 3d01334320c94972440226cfe96c8c7646cae796 c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1" Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=15935 Expires: Thu, 02 Feb 2023 19:43:43 GMT Date: Thu, 02 Feb 2023 15:18:08 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash e8e0173672ec76c01676a1ba4e1be857 3d01334320c94972440226cfe96c8c7646cae796 c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1" Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=15935 Expires: Thu, 02 Feb 2023 19:43:43 GMT Date: Thu, 02 Feb 2023 15:18:08 GMT Connection: keep-alive`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdab614ba-4572-4b54-9079-a26b68b1ece7.jpeg	34.120.237.76	200 OK	15 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdab614ba-4572-4b54-9079-a26b68b1ece7.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 15 kB (15051 bytes) Hash 6bb5b89e738516f4862491eec286bf6d 8fb46b9ca85f2c578eb2a56d0007859183e12209 7f164a37b675bf39f8473392b07a2a383397da003303965fb190fd4f455bb43b HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdab614ba-4572-4b54-9079-a26b68b1ece7.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 15051 x-amzn-requestid: 72a3f2ae-538e-40dc-9496-86c28334ba0d x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: frc6jGTAIAMFy4A= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63dadb76-72178ed13a2e70d462785b90;Sampled=0 x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:54 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: CKTfQzCvXa4oL6Lm2n8Rw_9Uhj69YfgpDTP9s0zoaX5qW1vcqWIXDA== via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google date: Wed, 01 Feb 2023 21:54:58 GMT age: 62590 etag: "8fb46b9ca85f2c578eb2a56d0007859183e12209" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b0e15d-e5be-4197-a382-bf7332128068.jpeg	34.120.237.76	200 OK	41 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b0e15d-e5be-4197-a382-bf7332128068.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type data Size 41 kB (41194 bytes) Hash 48cf88c7c52007a6ea303be7171ac5d5 7264050820641652c24c1974ab150a1878b3ed81 c4b7bd6cf309cb360ce3668e42b8919fa6611bfa1ff8aca77101ff91b9752b6d HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b0e15d-e5be-4197-a382-bf7332128068.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 9221 x-amzn-requestid: 209c2ad4-7a1f-4867-bf98-4ca8621111a1 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: frdTBFv5IAMFgqQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63dadc13-1627a9d603c69f7760ad013b;Sampled=0 x-amzn-remapped-date: Wed, 01 Feb 2023 21:39:31 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: kAkcQOKAvuq3k-X081MLCqon-cnQJqGryVeE0fwX0a7bcXgJlySIvg== via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google date: Wed, 01 Feb 2023 22:21:38 GMT age: 60990 etag: "22847e3926db3e3d5f6b529297a4abe8b377c3a6" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg	34.120.237.76	200 OK	5.4 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 5.4 kB (5356 bytes) Hash 7c823f1d6bf1c50d58eb263b85e6e37c a7b74d11494fb3254df907e5cc1eead070d84617 b2706961eb756383e0988dfdb501dc424aea59697aedd1e4a6c294c314a31935 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 5356 x-amzn-requestid: fef22c83-35a4-4990-9008-af5853f838d1 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: frc5BEB6oAMFczg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63dadb6c-68d3017555c069bc3107d150;Sampled=0 x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:44 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: i697kJpdT4ZPeMLWIftWf16pWCic0-v4tL4GDKfVfTZLo-E4-3FwDQ== via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google date: Wed, 01 Feb 2023 22:21:38 GMT age: 60990 etag: "a7b74d11494fb3254df907e5cc1eead070d84617" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F04301881-7728-4218-a61a-642cd5ffae53.jpeg	34.120.237.76	200 OK	5.1 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F04301881-7728-4218-a61a-642cd5ffae53.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 5.1 kB (5061 bytes) Hash 0224e848c34cb32cf932ed99dfd8468a 31c1abac8979bca5a998a6649ca3e6f59c0fb2f5 f93d5a69758e57d4d2b0d307ce98ad5ea8d86b825108873e8ea5bc36567dc5c0 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F04301881-7728-4218-a61a-642cd5ffae53.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 5061 x-amzn-requestid: e8e96b85-5b24-48b4-bea3-6c1b93c55ca1 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: frdKVGf3oAMFj1w= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63dadbdb-558cb5ec6f31497d284518be;Sampled=0 x-amzn-remapped-date: Wed, 01 Feb 2023 21:38:35 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: AeFT9dVmzOw8800DKN7VouWS3HGHRYp64On9sF62J-aOK_OGtvAa7w== via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 981753271eb5b6d11bc29d52f173a5da.cloudfront.net (CloudFront), 1.1 google date: Wed, 01 Feb 2023 22:12:52 GMT age: 61516 etag: "31c1abac8979bca5a998a6649ca3e6f59c0fb2f5" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbaa9536b-a4e6-42f5-99dd-75298eecbbb1.jpeg	34.120.237.76	200 OK	16 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbaa9536b-a4e6-42f5-99dd-75298eecbbb1.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 16 kB (15656 bytes) Hash a4392f298c9e98515493f1235810838f b89eebf2b8adac69487262100b07da8bc171ecf7 b368d87d3a0fe4e1a8ddc82bed704b3056ad2874b8d325111b399b18807c1e5e HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbaa9536b-a4e6-42f5-99dd-75298eecbbb1.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 15656 x-amzn-requestid: c32afc98-7764-432a-8f5b-96d3e7cda49b x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fsGGCHjeoAMFWaQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63db1d59-467198bd54922de073d17e62;Sampled=0 x-amzn-remapped-date: Thu, 02 Feb 2023 02:18:01 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: sQg8cF89OT04hnqaTaYSmBMseq89yB4qeX1DTwupQ2qavx7pO0DCAg== via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google date: Thu, 02 Feb 2023 11:25:31 GMT age: 13957 etag: "b89eebf2b8adac69487262100b07da8bc171ecf7" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F496723d4-47ce-49a5-b3b3-9ae546523015.jpeg	34.120.237.76	200 OK	11 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F496723d4-47ce-49a5-b3b3-9ae546523015.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 11 kB (11367 bytes) Hash 395bb0f71f9eba82f5ca23548d08900f b1fada280c7ea3eb775a6fa46ce173a51eb045f5 7443babb69532e1ee3ee779e05ad4f62de2c5bf62548bcb5702f8290a527664c HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F496723d4-47ce-49a5-b3b3-9ae546523015.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 11367 x-amzn-requestid: 67702c15-9a68-46ec-95e5-efb57f08e2f1 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: frc5OGfBoAMF3Yw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63dadb6e-033182ba55fdd0230ad5a270;Sampled=0 x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:46 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: Ybz4mmNUwsKOkpz6GFm4nLz7iGX5gJ--EiUjqrs8G92GBLn6qaF7IQ== via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google date: Wed, 01 Feb 2023 21:57:51 GMT age: 62417 etag: "b1fada280c7ea3eb775a6fa46ce173a51eb045f5" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	vi-sber1-5.jivosite.com/skDSOuO5Xy?34a38aa1d8a936f7	37.230.195.73	101 Switching Protocols	0 B
URL HTTP/1.1 vi-sber1-5.jivosite.com/skDSOuO5Xy?34a38aa1d8a936f7 IP 37.230.195.73:0 ASN #208677 Cloud technology Limited (Ltd.) File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /skDSOuO5Xy?34a38aa1d8a936f7 HTTP/1.1 Host: vi-sber1-5.jivosite.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: https://joycasinos.cc Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: +xNRJn8dCLHDap7x/U8lbw== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Access-Control-Allow-Origin: https://joycasinos.cc Sec-WebSocket-Accept: j/QrfiMgtbcZaZpv7nJZJ7r8l6s= Server: hand/2.8`

	telemetry.jivosite.com/w	94.139.254.11	204 No Content	0 B
URL HTTP/1.1 telemetry.jivosite.com/w IP 94.139.254.11:0 ASN #208677 Cloud technology Limited (Ltd.) File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `POST /w HTTP/1.1 Host: telemetry.jivosite.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain;charset=UTF-8 Content-Length: 282 Origin: https://joycasinos.cc Connection: keep-alive Referer: https://joycasinos.cc/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/1.1 204 No Content Server: JivoTelemetry/fix-jivoapp-telemetry Date: Thu, 02 Feb 2023 15:18:09 GMT`

	joycasinos.cc/	104.21.38.186	200 OK	0 B
URL HTTP/2 joycasinos.cc/ IP 104.21.38.186:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET / HTTP/1.1 Host: joycasinos.cc User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1` HTTP/2 200 OK date: Thu, 02 Feb 2023 15:18:06 GMT content-type: text/html; charset=UTF-8 x-powered-by: PHP/7.2.29 last-modified: Wed, 01 Feb 2023 08:20:23 GMT vary: Accept-Encoding cache-control: max-age=0 expires: Thu, 02 Feb 2023 15:18:05 GMT cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k%2F5Ujlo36kaJmKWO1Tu9YGdKPDdXpCEUcr%2FR9VZflBIgY0RLk5nfqv71lJUqjEJIaH41420dzyz1q%2FyONHly1cj0njyDB6G8RnDvsJdhzSf4IASbJlF0eZ35qLKX%2F1kY"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7933e5c06d4e0b59-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (22)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML