warsabnormality.com/rz9qh4am75?nyws=75&refer=https://dzapk.com/neomoe-ai-art-generator-mod-apk-premium-unlocked&kw=[%22neomoe%22,%22-%22,%22ai%22,%22art%22,%22generator%22,%22v1%22,%224%22,%2202%22,%22mod%22,%22apk%22,%22premium%22,%22unlocked%22,%22-%22,%22dzapk%22,%22com%22]&key=b5cb183d5d4f6754215564c38a1e1e05&scrWidth=360&scrHeight=800&tz=2&v=24.5.6485&ship=&psid=dzapk.com,dzapk.com&sub3=invoke_layer&res=14.229&dev=r&uuid=d30b6dbb-a5da-4572-b671-f4475e037b81:1:1&adb=n&adb=n
172.240.108.68 1.7 kB URL warsabnormality.com/rz9qh4am75?nyws=75&refer=https://dzapk.com/neomoe-ai-art-generator-mod-apk-premium-unlocked&kw=[%22neomoe%22,%22-%22,%22ai%22,%22art%22,%22generator%22,%22v1%22,%224%22,%2202%22,%22mod%22,%22apk%22,%22premium%22,%22unlocked%22,%22-%22,%22dzapk%22,%22com%22]&key=b5cb183d5d4f6754215564c38a1e1e05&scrWidth=360&scrHeight=800&tz=2&v=24.5.6485&ship=&psid=dzapk.com,dzapk.com&sub3=invoke_layer&res=14.229&dev=r&uuid=d30b6dbb-a5da-4572-b671-f4475e037b81:1:1&adb=n&adb=n
IP 172.240.108.68:0
File type HTML document, ASCII text, with very long lines (1022)
Hash 12a1ddf3007cc3401574d3bb9511dba2
9556e4c6b1b4b7c63524d0d3084dac60ceead8aa
4a6ee5137a414e5f4480964d805d83095ac46bb4069d6e5f5ae2e44af8191d25
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /rz9qh4am75?nyws=75&refer=https://dzapk.com/neomoe-ai-art-generator-mod-apk-premium-unlocked&kw=[%22neomoe%22,%22-%22,%22ai%22,%22art%22,%22generator%22,%22v1%22,%224%22,%2202%22,%22mod%22,%22apk%22,%22premium%22,%22unlocked%22,%22-%22,%22dzapk%22,%22com%22]&key=b5cb183d5d4f6754215564c38a1e1e05&scrWidth=360&scrHeight=800&tz=2&v=24.5.6485&ship=&psid=dzapk.com,dzapk.com&sub3=invoke_layer&res=14.229&dev=r&uuid=d30b6dbb-a5da-4572-b671-f4475e037b81:1:1&adb=n&adb=n HTTP/1.1
Host: warsabnormality.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 18:02:23 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=20608058; expires=Sat, 11 May 2024 18:02:23 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMDYwODA1OCwiayI6ImI1Y2IxODNkNWQ0ZjY3NTQyMTU1NjRjMzhhMWUxZTA1Iiwic2lkIjoiZHphcGsuY29tLGR6YXBrLmNvbSIsImlzaWQiOjIsImFzaWQiOjEsInppZCI6Mjk3ODMyNSwicGlkIjoxMTk5MTcxLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjMsImFpZCI6MjgsInB0Ijo0LCJwayI6InJ6OXFoNGFtNzUiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vZHphcGsuY29tL25lb21vZS1haS1hcnQtZ2VuZXJhdG9yLW1vZC1hcGstcHJlbWl1bS11bmxvY2tlZCIsImFyIjpbXX19.rJYC549ekvfA0spSKHEwjvbhIlIGx5yQbXYiandL-Eg; expires=Fri, 10 May 2024 18:03:23 GMT
uid_id2=d30b6dbb-a5da-4572-b671-f4475e037b81:1:1; expires=Fri, 17 May 2024 18:02:23 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b39e94b93f9e47bc5da187af3453e1fc
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
warsabnormality.com/api/users?token=L3J6OXFoNGFtNzU_YWRiPW4mZGV2PXIma2V5PWI1Y2IxODNkNWQ0ZjY3NTQyMTU1NjRjMzhhMWUxZTA1Jmt3PSU1QiUyMm5lb21vZSUyMiUyQyUyMi0lMjIlMkMlMjJhaSUyMiUyQyUyMmFydCUyMiUyQyUyMmdlbmVyYXRvciUyMiUyQyUyMnYxJTIyJTJDJTIyNCUyMiUyQyUyMjAyJTIyJTJDJTIybW9kJTIyJTJDJTIyYXBrJTIyJTJDJTIycHJlbWl1bSUyMiUyQyUyMnVubG9ja2VkJTIyJTJDJTIyLSUyMiUyQyUyMmR6YXBrJTIyJTJDJTIyY29tJTIyJTVEJm55d3M9NzUmcHNpZD1kemFway5jb20lMkNkemFway5jb20mcHN0PTE3MTUzNjQyMDMmcmVmZXI9aHR0cHMlM0ElMkYlMkZkemFway5jb20lMkZuZW9tb2UtYWktYXJ0LWdlbmVyYXRvci1tb2QtYXBrLXByZW1pdW0tdW5sb2NrZWQmcmVzPTE0LjIyOSZybXRjPXQmc2NySGVpZ2h0PTgwMCZzY3JXaWR0aD0zNjAmc2hpcD0mc2h1PWQxMGZiM2ZlYTVkMzNmYjYwNzRlZjBjODBmODk1YmI3NGQyNzhjNWU5MGVkYzYxOTNjYjI5MThkNGU2MTI3OTI1OTc3MzdlMjExYTlhMTdlMDEwNjM5MWJhMmI5NDYyYzBjMmE0ZGZhNDFhOGEwNjdkMzdmYjAxYmY4NmIzYjhiNmVlMzU1ZmYxZTU3N2NmMmJjMDNhMzEzYTQ1NzQxNzMyYzdiZmYyYzE4NjgxYTEyMTA3NTM5ZGJiYjg4MzdkNWQwJnN1YjM9aW52b2tlX2xheWVyJnR6PTImdXVpZD1kMzBiNmRiYi1hNWRhLTQ1NzItYjY3MS1mNDQ3NWUwMzdiODElM0ExJTNBMSZ2PTI0LjUuNjQ4NQ&uuid=d30b6dbb-a5da-4572-b671-f4475e037b81%3A1%3A1&pii=&in=false
172.240.108.68 0 B URL warsabnormality.com/api/users?token=L3J6OXFoNGFtNzU_YWRiPW4mZGV2PXIma2V5PWI1Y2IxODNkNWQ0ZjY3NTQyMTU1NjRjMzhhMWUxZTA1Jmt3PSU1QiUyMm5lb21vZSUyMiUyQyUyMi0lMjIlMkMlMjJhaSUyMiUyQyUyMmFydCUyMiUyQyUyMmdlbmVyYXRvciUyMiUyQyUyMnYxJTIyJTJDJTIyNCUyMiUyQyUyMjAyJTIyJTJDJTIybW9kJTIyJTJDJTIyYXBrJTIyJTJDJTIycHJlbWl1bSUyMiUyQyUyMnVubG9ja2VkJTIyJTJDJTIyLSUyMiUyQyUyMmR6YXBrJTIyJTJDJTIyY29tJTIyJTVEJm55d3M9NzUmcHNpZD1kemFway5jb20lMkNkemFway5jb20mcHN0PTE3MTUzNjQyMDMmcmVmZXI9aHR0cHMlM0ElMkYlMkZkemFway5jb20lMkZuZW9tb2UtYWktYXJ0LWdlbmVyYXRvci1tb2QtYXBrLXByZW1pdW0tdW5sb2NrZWQmcmVzPTE0LjIyOSZybXRjPXQmc2NySGVpZ2h0PTgwMCZzY3JXaWR0aD0zNjAmc2hpcD0mc2h1PWQxMGZiM2ZlYTVkMzNmYjYwNzRlZjBjODBmODk1YmI3NGQyNzhjNWU5MGVkYzYxOTNjYjI5MThkNGU2MTI3OTI1OTc3MzdlMjExYTlhMTdlMDEwNjM5MWJhMmI5NDYyYzBjMmE0ZGZhNDFhOGEwNjdkMzdmYjAxYmY4NmIzYjhiNmVlMzU1ZmYxZTU3N2NmMmJjMDNhMzEzYTQ1NzQxNzMyYzdiZmYyYzE4NjgxYTEyMTA3NTM5ZGJiYjg4MzdkNWQwJnN1YjM9aW52b2tlX2xheWVyJnR6PTImdXVpZD1kMzBiNmRiYi1hNWRhLTQ1NzItYjY3MS1mNDQ3NWUwMzdiODElM0ExJTNBMSZ2PTI0LjUuNjQ4NQ&uuid=d30b6dbb-a5da-4572-b671-f4475e037b81%3A1%3A1&pii=&in=false
IP 172.240.108.68:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /api/users?token=L3J6OXFoNGFtNzU_YWRiPW4mZGV2PXIma2V5PWI1Y2IxODNkNWQ0ZjY3NTQyMTU1NjRjMzhhMWUxZTA1Jmt3PSU1QiUyMm5lb21vZSUyMiUyQyUyMi0lMjIlMkMlMjJhaSUyMiUyQyUyMmFydCUyMiUyQyUyMmdlbmVyYXRvciUyMiUyQyUyMnYxJTIyJTJDJTIyNCUyMiUyQyUyMjAyJTIyJTJDJTIybW9kJTIyJTJDJTIyYXBrJTIyJTJDJTIycHJlbWl1bSUyMiUyQyUyMnVubG9ja2VkJTIyJTJDJTIyLSUyMiUyQyUyMmR6YXBrJTIyJTJDJTIyY29tJTIyJTVEJm55d3M9NzUmcHNpZD1kemFway5jb20lMkNkemFway5jb20mcHN0PTE3MTUzNjQyMDMmcmVmZXI9aHR0cHMlM0ElMkYlMkZkemFway5jb20lMkZuZW9tb2UtYWktYXJ0LWdlbmVyYXRvci1tb2QtYXBrLXByZW1pdW0tdW5sb2NrZWQmcmVzPTE0LjIyOSZybXRjPXQmc2NySGVpZ2h0PTgwMCZzY3JXaWR0aD0zNjAmc2hpcD0mc2h1PWQxMGZiM2ZlYTVkMzNmYjYwNzRlZjBjODBmODk1YmI3NGQyNzhjNWU5MGVkYzYxOTNjYjI5MThkNGU2MTI3OTI1OTc3MzdlMjExYTlhMTdlMDEwNjM5MWJhMmI5NDYyYzBjMmE0ZGZhNDFhOGEwNjdkMzdmYjAxYmY4NmIzYjhiNmVlMzU1ZmYxZTU3N2NmMmJjMDNhMzEzYTQ1NzQxNzMyYzdiZmYyYzE4NjgxYTEyMTA3NTM5ZGJiYjg4MzdkNWQwJnN1YjM9aW52b2tlX2xheWVyJnR6PTImdXVpZD1kMzBiNmRiYi1hNWRhLTQ1NzItYjY3MS1mNDQ3NWUwMzdiODElM0ExJTNBMSZ2PTI0LjUuNjQ4NQ&uuid=d30b6dbb-a5da-4572-b671-f4475e037b81%3A1%3A1&pii=&in=false HTTP/1.1
Host: warsabnormality.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://warsabnormality.com/api/users?token=L3J6OXFoNGFtNzU_a2V5PTBmMjJjMWZkNjA5ZjEzY2I3OTQ3YzhjYWJmZTFhOTBkJnN1Ym1ldHJpYz0yMDYwODA1OA
Cookie: u_pl=20608058; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMDYwODA1OCwiayI6ImI1Y2IxODNkNWQ0ZjY3NTQyMTU1NjRjMzhhMWUxZTA1Iiwic2lkIjoiZHphcGsuY29tLGR6YXBrLmNvbSIsImlzaWQiOjIsImFzaWQiOjEsInppZCI6Mjk3ODMyNSwicGlkIjoxMTk5MTcxLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjMsImFpZCI6MjgsInB0Ijo0LCJwayI6InJ6OXFoNGFtNzUiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vZHphcGsuY29tL25lb21vZS1haS1hcnQtZ2VuZXJhdG9yLW1vZC1hcGstcHJlbWl1bS11bmxvY2tlZCIsImFyIjpbXX19.rJYC549ekvfA0spSKHEwjvbhIlIGx5yQbXYiandL-Eg; uid_id2=d30b6dbb-a5da-4572-b671-f4475e037b81:1:1; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.21.6
Date: Fri, 10 May 2024 18:02:23 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://nylonnickel.xyz/c9b2l0k.php?key=ssh20i85vx88tciu4a4m&SUB_ID_SHORT=39fadf6b97f60aea61dc6adeb41de2c0&COST_CPC=&PLACEMENT_ID=20608058&CAMPAIGN_ID=1026545&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Linux&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&REMOTE_LANGUAGE=11&BANNER_ID=2895359
Set-Cookie: uid_id2=d30b6dbb-a5da-4572-b671-f4475e037b81:1:1; expires=Fri, 17 May 2024 18:02:23 GMT
pdhtkv=true; expires=Sat, 11 May 2024 18:02:23 GMT
uncs=1; expires=Sat, 11 May 2024 18:02:23 GMT
pdhtkv28=true; expires=Sat, 11 May 2024 18:02:23 GMT
uncs28=1; expires=Sat, 11 May 2024 18:02:23 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4bc0333040ac88b345845d93c8ad8111
Strict-Transport-Security: max-age=0; includeSubdomains
warsabnormality.com/favicon.ico
172.240.108.68 0 B URL warsabnormality.com/favicon.ico
IP 172.240.108.68:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /favicon.ico HTTP/1.1
Host: warsabnormality.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://warsabnormality.com/api/users?token=L3J6OXFoNGFtNzU_a2V5PTBmMjJjMWZkNjA5ZjEzY2I3OTQ3YzhjYWJmZTFhOTBkJnN1Ym1ldHJpYz0yMDYwODA1OA
Cookie: u_pl=20608058; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMDYwODA1OCwiayI6ImI1Y2IxODNkNWQ0ZjY3NTQyMTU1NjRjMzhhMWUxZTA1Iiwic2lkIjoiZHphcGsuY29tLGR6YXBrLmNvbSIsImlzaWQiOjIsImFzaWQiOjEsInppZCI6Mjk3ODMyNSwicGlkIjoxMTk5MTcxLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjMsImFpZCI6MjgsInB0Ijo0LCJwayI6InJ6OXFoNGFtNzUiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vZHphcGsuY29tL25lb21vZS1haS1hcnQtZ2VuZXJhdG9yLW1vZC1hcGstcHJlbWl1bS11bmxvY2tlZCIsImFyIjpbXX19.rJYC549ekvfA0spSKHEwjvbhIlIGx5yQbXYiandL-Eg; uid_id2=d30b6dbb-a5da-4572-b671-f4475e037b81:1:1; cjs=t
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 18:02:23 GMT
Content-Type: image/x-icon
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 973f8879162186714cc7d7d4cf566f1a
Strict-Transport-Security: max-age=0; includeSubdomains
nylonnickel.xyz/c9b2l0k.php?key=ssh20i85vx88tciu4a4m&SUB_ID_SHORT=39fadf6b97f60aea61dc6adeb41de2c0&COST_CPC=&PLACEMENT_ID=20608058&CAMPAIGN_ID=1026545&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Linux&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&REMOTE_LANGUAGE=11&BANNER_ID=2895359
192.64.81.118 0 B URL nylonnickel.xyz/c9b2l0k.php?key=ssh20i85vx88tciu4a4m&SUB_ID_SHORT=39fadf6b97f60aea61dc6adeb41de2c0&COST_CPC=&PLACEMENT_ID=20608058&CAMPAIGN_ID=1026545&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Linux&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&REMOTE_LANGUAGE=11&BANNER_ID=2895359
IP 192.64.81.118:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c9b2l0k.php?key=ssh20i85vx88tciu4a4m&SUB_ID_SHORT=39fadf6b97f60aea61dc6adeb41de2c0&COST_CPC=&PLACEMENT_ID=20608058&CAMPAIGN_ID=1026545&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Linux&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&REMOTE_LANGUAGE=11&BANNER_ID=2895359 HTTP/1.1
Host: nylonnickel.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://warsabnormality.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.22.0
Date: Fri, 10 May 2024 18:02:24 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: uclick=us1617h9kt; expires=Sat, 11-May-2024 18:02:24 GMT; Max-Age=86400; path=/; secure; SameSite=none
uclickhash=us1617h9kt-us1617h9kt-xr46-0-usgm6o-9rib8n-9ribwj-3456d2; expires=Sat, 11-May-2024 18:02:24 GMT; Max-Age=86400; path=/; secure; SameSite=none
Location: https://rqqlj.canopusacrux.com/?pl=4l9EZwXc2kSH_LKKjogwWA&click_id=81134us1617h9ktff6&sub_id=20608058
Strict-Transport-Security: max-age=31536000
rqqlj.canopusacrux.com/?pl=4l9EZwXc2kSH_LKKjogwWA&click_id=81134us1617h9ktff6&sub_id=20608058
188.114.97.1 0 B URL rqqlj.canopusacrux.com/?pl=4l9EZwXc2kSH_LKKjogwWA&click_id=81134us1617h9ktff6&sub_id=20608058
IP 188.114.97.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?pl=4l9EZwXc2kSH_LKKjogwWA&click_id=81134us1617h9ktff6&sub_id=20608058 HTTP/1.1
Host: rqqlj.canopusacrux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://warsabnormality.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Fri, 10 May 2024 18:02:24 GMT
content-length: 0
location: https://rqqlj.check-tl-ver-154-2.com/space-robot/?pl=4l9EZwXc2kSH_LKKjogwWA&sm=space-robot&click_id=81134us1617h9ktff6&sub_id=20608058&nrid=3e809b999996466f91b0103080b9fe81&hash=GFXzvtFtoyVqUE0ZMpM7pQ&exp=1715364444
set-cookie: 4l9EZwXc2kSH_LKKjogwWA=1; max-age=345600; path=/; samesite=lax
__pl=0a60458c-7d73-4b82-b721-3e2db7723221; expires=Sun, 10 May 2026 18:02:24 GMT; path=/; samesite=lax
__cap=1; max-age=3600; path=/; samesite=lax
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K3tauPJo%2BqWRv%2FYCGkxs9GPuZObJvyet%2FxxbntALyoxXCxVXUYT3K3k9f2dAzQ5Xbwn7x%2B8jV21Eap1zCGXzofjBN9GPECyHLoMst67uBVo2F9%2FwbxuePlFg09wZTr0P9%2BKuObkvvEbX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881bd70d091656ab-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
rqqlj.check-tl-ver-154-2.com/space-robot/assets/corner.png
104.21.37.155 300 B URL rqqlj.check-tl-ver-154-2.com/space-robot/assets/corner.png
IP 104.21.37.155:0
File type PNG image data, 44 x 44, 8-bit colormap, non-interlaced
Hash f66c38fa2cd7c50bd1989d41da28fb80
e1de333eca72647f3c1831083fe678cfa8fe9eab
3059be4046e0315ad1c0d1cb163d9daaf759bdf16e906e908842fac07e5608a2
GET /space-robot/assets/corner.png HTTP/1.1
Host: rqqlj.check-tl-ver-154-2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rqqlj.check-tl-ver-154-2.com/space-robot/?pl=4l9EZwXc2kSH_LKKjogwWA&sm=space-robot&click_id=81134us1617h9ktff6&sub_id=20608058&nrid=3e809b999996466f91b0103080b9fe81&hash=GFXzvtFtoyVqUE0ZMpM7pQ&exp=1715364444
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 18:02:24 GMT
content-type: image/png
content-length: 300
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: "6627c958-12c"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DvZrmmD%2BwIQb%2FoNrouxnzJ%2FfLizM0F6oaotNYFD5auPsncjsgpxiaQUQX6AvQ%2FviNqhWapR%2B3UzmpbgCoDk3zePwZWIkMygeiqrti%2BcNUH8oj6sLhrjvIaC1imMNiO4weboA2T9gHj%2FGI1sAuIag"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881bd70fa8615695-OSL
alt-svc: h3=":443"; ma=86400
rqqlj.check-tl-ver-154-2.com/space-robot/?pl=4l9EZwXc2kSH_LKKjogwWA&sm=space-robot&click_id=81134us1617h9ktff6&sub_id=20608058&nrid=3e809b999996466f91b0103080b9fe81&hash=GFXzvtFtoyVqUE0ZMpM7pQ&exp=1715364444
104.21.37.155 20 kB URL rqqlj.check-tl-ver-154-2.com/space-robot/?pl=4l9EZwXc2kSH_LKKjogwWA&sm=space-robot&click_id=81134us1617h9ktff6&sub_id=20608058&nrid=3e809b999996466f91b0103080b9fe81&hash=GFXzvtFtoyVqUE0ZMpM7pQ&exp=1715364444
IP 104.21.37.155:0
File type HTML document, Unicode text, UTF-8 text, with very long lines (474)
Hash 01041709ecf6a3f0b549820730593c03
55775e4279d24a34f601bf8180d9f280b8131e0d
51907b3319c05ec1c1a7466f4017f4dcc7b6dc59a29ed962bfd36572f223bb51
GET /space-robot/?pl=4l9EZwXc2kSH_LKKjogwWA&sm=space-robot&click_id=81134us1617h9ktff6&sub_id=20608058&nrid=3e809b999996466f91b0103080b9fe81&hash=GFXzvtFtoyVqUE0ZMpM7pQ&exp=1715364444 HTTP/1.1
Host: rqqlj.check-tl-ver-154-2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://warsabnormality.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 18:02:24 GMT
content-type: text/html
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HL%2F0rPsPZp7o5dbtmtrkt3Bi%2BJVRQbAV%2BrI2hNOSRdN51HFEsww5bjVGCDZ5CTNFUy3JpoF6pu63rHRrKcTB72JVLnR73bkGAa%2F9hdbA92eXCESXRL4ofL9oPlcAYxBrKSENRLM5P861O7zyGbO1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881bd70de8085696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
rqqlj.check-tl-ver-154-2.com/space-robot/assets/apple-touch-icon.png
104.21.37.155 23 kB URL rqqlj.check-tl-ver-154-2.com/space-robot/assets/apple-touch-icon.png
IP 104.21.37.155:0
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced
Hash f500ba7eee0ae7d1ceb44236ac253165
0614de220ecadb48038ed894d91120ba102c8367
ba5a3083c38d71a2191ee7e614a96812d1f9d88bbfb360d3b61dbb1ffcd51de5
GET /space-robot/assets/apple-touch-icon.png HTTP/1.1
Host: rqqlj.check-tl-ver-154-2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rqqlj.check-tl-ver-154-2.com/space-robot/?pl=4l9EZwXc2kSH_LKKjogwWA&sm=space-robot&click_id=81134us1617h9ktff6&sub_id=20608058&nrid=3e809b999996466f91b0103080b9fe81&hash=GFXzvtFtoyVqUE0ZMpM7pQ&exp=1715364444
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 18:02:24 GMT
content-type: image/png
content-length: 23177
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: "6627c958-5a89"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2464
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vVbSUte%2Fu7eeDrZkJWiits7ajPbT%2Fa6elR7TO3mQUfOpLRJL%2FXzT17qzgnAAlyArxNswNG%2F05anogACjfDNbnBVOtAd3lyE9mNiXhR7lk2YBpQRNzV2tD964mdLt7FXnU505Y8%2BW%2BDYKxp5L%2Bnak"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881bd7119a725695-OSL
alt-svc: h3=":443"; ma=86400
rqqlj.check-tl-ver-154-2.com/space-robot/assets/favicon-16x16.png
104.21.37.155 1.2 kB URL rqqlj.check-tl-ver-154-2.com/space-robot/assets/favicon-16x16.png
IP 104.21.37.155:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced
Hash 9d35b617fd258f648c37812252297dd3
7e32fd007f1c6fe1466d15439173082c0fbe82da
e8a768f8122da75777dc64b6d35e756a1848c4f330f293920c18480df085000a
GET /space-robot/assets/favicon-16x16.png HTTP/1.1
Host: rqqlj.check-tl-ver-154-2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rqqlj.check-tl-ver-154-2.com/space-robot/?pl=4l9EZwXc2kSH_LKKjogwWA&sm=space-robot&click_id=81134us1617h9ktff6&sub_id=20608058&nrid=3e809b999996466f91b0103080b9fe81&hash=GFXzvtFtoyVqUE0ZMpM7pQ&exp=1715364444
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 18:02:24 GMT
content-type: image/png
content-length: 1163
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: "6627c958-48b"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1681
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V1%2FHaUBreGyto5OpA0uci1AbB35ZLO%2FaUIyuJDAbdzKTykdDzzN2gMju%2B4N%2BRNXyhUZrPiTNJVEpNp3%2FMmO7IEsvluGFHhLz9lrF4fAAYBeW1ScFFQFFNsziCbQr%2B7l6w%2B77CFlCSF7KYS9UWlK2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881bd711aa845695-OSL
alt-svc: h3=":443"; ma=86400
www.gstatic.com/firebasejs/10.3.1/firebase-app-compat.js
142.250.74.99 9.3 kB URL www.gstatic.com/firebasejs/10.3.1/firebase-app-compat.js
IP 142.250.74.99:0
File type JavaScript source, ASCII text, with very long lines (28368)
Hash 9900403b65514fad7df39a4e788a6e45
75f9ba061ef4e72bb23528c700f2a11c56d637e9
a202b2051ea9810cd9ba592b3f9418a89e2062f5c185e29e288080b28eb64fe5
GET /firebasejs/10.3.1/firebase-app-compat.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rqqlj.check-tl-ver-154-2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 9308
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 01:57:01 GMT
expires: Fri, 09 May 2025 01:57:01 GMT
cache-control: public, max-age=31536000
age: 144323
last-modified: Thu, 31 Aug 2023 15:20:38 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdnstatic.check-tl-ver-154-2.com/ps/config.js?id=4l9EZwXc2kSH_LKKjogwWA
104.21.37.155 10 kB URL cdnstatic.check-tl-ver-154-2.com/ps/config.js?id=4l9EZwXc2kSH_LKKjogwWA
IP 104.21.37.155:0
File type JavaScript source, ASCII text, with very long lines (38233), with CRLF, LF line terminators
Hash f5a2c251cc0ab9c8dbff856a86737c60
e07dfcac034aa2cb79e7fbe0bf82d8f6259f9bc7
f4aa040b1647114218966b416b6a235c1c040fba6471bc6fed915e614ef0c1fc
GET /ps/config.js?id=4l9EZwXc2kSH_LKKjogwWA HTTP/1.1
Host: cdnstatic.check-tl-ver-154-2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rqqlj.check-tl-ver-154-2.com/
Cookie: __psu=253814d6-9a12-430f-b5c9-a63d842e714f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 18:02:24 GMT
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-encoding: gzip
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QJcJKXrpUX9xZZYSUgeiUz8v8KCdSyYveZBpJqFRh78kPQQiXGjqTrpv18oTaErbgr3SniB%2BYCsmEuSrxBPjUXeadkrNo7vs1q6ixoABbCsJYiEBSHpD%2F4rzHZHwU%2Bag4RAyWGG9vIr%2F7S4lZRwwurcmqw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881bd7114a155695-OSL
alt-svc: h3=":443"; ma=86400
ta.check-tl-ver-154-2.com/space-robot/assets/corner.png
104.21.37.155 300 B URL ta.check-tl-ver-154-2.com/space-robot/assets/corner.png
IP 104.21.37.155:0
File type PNG image data, 44 x 44, 8-bit colormap, non-interlaced
Hash f66c38fa2cd7c50bd1989d41da28fb80
e1de333eca72647f3c1831083fe678cfa8fe9eab
3059be4046e0315ad1c0d1cb163d9daaf759bdf16e906e908842fac07e5608a2
GET /space-robot/assets/corner.png HTTP/1.1
Host: ta.check-tl-ver-154-2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ta.check-tl-ver-154-2.com/space-robot/?pl=4l9EZwXc2kSH_LKKjogwWA&sm=space-robot&click_id=81134us1617h9ktff6&sub_id=20608058&nrid=3e809b999996466f91b0103080b9fe81&hash=GFXzvtFtoyVqUE0ZMpM7pQ&exp=1715364444
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 18:02:25 GMT
content-type: image/png
content-length: 300
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: "6627c958-12c"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1102
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YEcbVnNIjDG6VCUpRPtqLoT56REaE6yNMfY9hGLTZX8zYZVnTNGk5EP21cGjja%2BNnmmdlhD4gvNgbR2Q%2BfdgRgV7oBhbFF7uFHtVxd4jeZ207%2BSrTiw%2FpJF%2FW0ktTJ8jljEzJnFnYm%2FN0T%2Fi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881bd7132c695695-OSL
alt-svc: h3=":443"; ma=86400
ta.check-tl-ver-154-2.com/space-robot/assets/trls.js
104.21.37.155 20 kB URL ta.check-tl-ver-154-2.com/space-robot/assets/trls.js
IP 104.21.37.155:0
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (357), with CRLF line terminators
Hash 7f5c725b2c23b9687fa08d162a17427a
94973f1227871750d2ef13a367ce691f1a062527
c9611ce748d6c7c99d3f374a0b687db2e2428fc5ec9c4e7ae71b2e4305ac60e3
GET /space-robot/assets/trls.js HTTP/1.1
Host: ta.check-tl-ver-154-2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ta.check-tl-ver-154-2.com/space-robot/?pl=4l9EZwXc2kSH_LKKjogwWA&sm=space-robot&click_id=81134us1617h9ktff6&sub_id=20608058&nrid=3e809b999996466f91b0103080b9fe81&hash=GFXzvtFtoyVqUE0ZMpM7pQ&exp=1715364444
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 18:02:25 GMT
content-type: application/javascript
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: W/"6627c958-2f4d"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1103
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qyj2nuzlbfriZDP13dnD89VOHb8KMxfd9z9RLLn6OdwOL1kOEG31xvFECP8YiaFQ49l0zdXgRwtV1KGzsDKLTj8Lg%2BZYd3YwLL5uPwMAsAJuYma3BsfaRcIn7w%2Bb8ugEW6JVmo1MPUdepho6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881bd7131c5e5695-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
ta.check-tl-ver-154-2.com/space-robot/assets/favicon-16x16.png
104.21.37.155 1.2 kB URL ta.check-tl-ver-154-2.com/space-robot/assets/favicon-16x16.png
IP 104.21.37.155:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced
Hash 9d35b617fd258f648c37812252297dd3
7e32fd007f1c6fe1466d15439173082c0fbe82da
e8a768f8122da75777dc64b6d35e756a1848c4f330f293920c18480df085000a
GET /space-robot/assets/favicon-16x16.png HTTP/1.1
Host: ta.check-tl-ver-154-2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ta.check-tl-ver-154-2.com/space-robot/?pl=4l9EZwXc2kSH_LKKjogwWA&sm=space-robot&click_id=81134us1617h9ktff6&sub_id=20608058&nrid=3e809b999996466f91b0103080b9fe81&hash=GFXzvtFtoyVqUE0ZMpM7pQ&exp=1715364444
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 18:02:25 GMT
content-type: image/png
content-length: 1163
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: "6627c958-48b"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1101
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bdBXVQ13QfPYCQBnHz%2F17g7wKCCD6S7snNQMtyYoqDglZa%2F8nwmqeqwiX%2Bsnls%2BDC5rG10lRzipzC830q5S1lBgAjZAO%2BJqBgAyMKYfIm35Ad0ynkIiUX18x7aIy%2FYyxFuDakKSGAirpGKeD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881bd713bd4d5695-OSL
alt-svc: h3=":443"; ma=86400
cdnstatic.check-tl-ver-154-2.com/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=4l9EZwXc2kSH_LKKjogwWA&sm=space-robot&click_id=81134us1617h9ktff6&sub_id=20608058&appspot=&d=https%3A%2F%2Fcdnstatic.check-tl-ver-154-2.com&timeout=30&tb=true&nrid=3e809b999996466f91b0103080b9fe81
104.21.37.155 37 kB URL cdnstatic.check-tl-ver-154-2.com/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=4l9EZwXc2kSH_LKKjogwWA&sm=space-robot&click_id=81134us1617h9ktff6&sub_id=20608058&appspot=&d=https%3A%2F%2Fcdnstatic.check-tl-ver-154-2.com&timeout=30&tb=true&nrid=3e809b999996466f91b0103080b9fe81
IP 104.21.37.155:0
File type gzip compressed data, from Unix
Hash 9cfff37a36c629ad703f654a79305897
099241bce8e14d082bcdeedddd64841a6d3c2b12
1e4fe152ecf26b6c64d4afbd21909ec38ae28ff1b5fe94769b9db19e4c6def29
GET /ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=4l9EZwXc2kSH_LKKjogwWA&sm=space-robot&click_id=81134us1617h9ktff6&sub_id=20608058&appspot=&d=https%3A%2F%2Fcdnstatic.check-tl-ver-154-2.com&timeout=30&tb=true&nrid=3e809b999996466f91b0103080b9fe81 HTTP/1.1
Host: cdnstatic.check-tl-ver-154-2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ta.check-tl-ver-154-2.com/
Cookie: __psu=253814d6-9a12-430f-b5c9-a63d842e714f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 18:02:25 GMT
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-encoding: gzip
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MCcEXjLnI3OqcsOumGapXjrUCgcwVbd4xsZvN%2B%2Fvkb1SUMGfAwYhSwuMjIyw4dihAhuwOLdP7MZlHD7EnOtYYl3QNOKYyW%2BtbG3vAN8537YhnFhw6YkgzBm0DOa4N7HY1aYo%2Fb3vLsTlXQvBWE6WOTdQ9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881bd7136cc35695-OSL
alt-svc: h3=":443"; ma=86400
www.gstatic.com/firebasejs/10.3.1/firebase-app-compat.js
142.250.74.99 9.3 kB URL www.gstatic.com/firebasejs/10.3.1/firebase-app-compat.js
IP 142.250.74.99:0
File type JavaScript source, ASCII text, with very long lines (28368)
Hash 9900403b65514fad7df39a4e788a6e45
75f9ba061ef4e72bb23528c700f2a11c56d637e9
a202b2051ea9810cd9ba592b3f9418a89e2062f5c185e29e288080b28eb64fe5
GET /firebasejs/10.3.1/firebase-app-compat.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ta.check-tl-ver-154-2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 9308
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 01:57:01 GMT
expires: Fri, 09 May 2025 01:57:01 GMT
cache-control: public, max-age=31536000
age: 144324
last-modified: Thu, 31 Aug 2023 15:20:38 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ta.check-tl-ver-154-2.com/shared-js/assets/static-pl.js?v=2
104.21.37.155 11 kB URL ta.check-tl-ver-154-2.com/shared-js/assets/static-pl.js?v=2
IP 104.21.37.155:0
File type JavaScript source, ASCII text, with CRLF line terminators
Hash 7224243dd0b18bb2508a1d77d4b2a0b2
bd833c24aa241861316053fd8bd46a1bef3d343f
920aa94a10634fc23234b5e4f55c428f6311fc7811d3591792381678cb492659
GET /shared-js/assets/static-pl.js?v=2 HTTP/1.1
Host: ta.check-tl-ver-154-2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ta.check-tl-ver-154-2.com/space-robot/?pl=4l9EZwXc2kSH_LKKjogwWA&sm=space-robot&click_id=81134us1617h9ktff6&sub_id=20608058&nrid=3e809b999996466f91b0103080b9fe81&hash=GFXzvtFtoyVqUE0ZMpM7pQ&exp=1715364444
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 18:02:25 GMT
content-type: application/javascript
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: W/"6627c958-dee"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1102
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1ICPzyJvtI3hZYnmeMuD4zUgyzQxD0p43h%2BOU%2BRpWlWznVlph%2FxVX9f%2BkLrlYh6ik3JCCk%2BHLlOvyCZq6tWuNdSgpVM961a0DfcSSfSG%2FlB18ibsvQDjxtYQ1n0gt4k2N9FagT5x50UunpWL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881bd7132c7a5695-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
tb.check-tl-ver-154-2.com/space-robot/assets/corner.png
104.21.37.155 300 B URL tb.check-tl-ver-154-2.com/space-robot/assets/corner.png
IP 104.21.37.155:0
File type PNG image data, 44 x 44, 8-bit colormap, non-interlaced
Hash f66c38fa2cd7c50bd1989d41da28fb80
e1de333eca72647f3c1831083fe678cfa8fe9eab
3059be4046e0315ad1c0d1cb163d9daaf759bdf16e906e908842fac07e5608a2
GET /space-robot/assets/corner.png HTTP/1.1
Host: tb.check-tl-ver-154-2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tb.check-tl-ver-154-2.com/space-robot/?pl=4l9EZwXc2kSH_LKKjogwWA&sm=space-robot&click_id=81134us1617h9ktff6&sub_id=20608058&nrid=3e809b999996466f91b0103080b9fe81&hash=GFXzvtFtoyVqUE0ZMpM7pQ&exp=1715364444
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 18:02:25 GMT
content-type: image/png
content-length: 300
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: "6627c958-12c"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4cBz5Xc4kUxqnMTtvWIyqaMfI9uaOUJ319JGN0M2sjad%2FdWH6jO3Ol40nnkbNTObUbdr4oGyio8d8uaA1MgAxJPtdeLeEz0398guV%2B7CpApaVQYvrF0u25lyOGikQa3qkdue%2F8wohwjvyw8J"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881bd7157fe65695-OSL
alt-svc: h3=":443"; ma=86400
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227 16 kB URL fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://tb.check-tl-ver-154-2.com
DNT: 1
Connection: keep-alive
Referer: https://tb.check-tl-ver-154-2.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 01:50:52 GMT
expires: Fri, 09 May 2025 01:50:52 GMT
cache-control: public, max-age=31536000
age: 144693
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
tb.check-tl-ver-154-2.com/space-robot/assets/trls.js
104.21.37.155 6.1 kB URL tb.check-tl-ver-154-2.com/space-robot/assets/trls.js
IP 104.21.37.155:0
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (357), with CRLF line terminators
Hash 7f5c725b2c23b9687fa08d162a17427a
94973f1227871750d2ef13a367ce691f1a062527
c9611ce748d6c7c99d3f374a0b687db2e2428fc5ec9c4e7ae71b2e4305ac60e3
GET /space-robot/assets/trls.js HTTP/1.1
Host: tb.check-tl-ver-154-2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tb.check-tl-ver-154-2.com/space-robot/?pl=4l9EZwXc2kSH_LKKjogwWA&sm=space-robot&click_id=81134us1617h9ktff6&sub_id=20608058&nrid=3e809b999996466f91b0103080b9fe81&hash=GFXzvtFtoyVqUE0ZMpM7pQ&exp=1715364444
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 18:02:25 GMT
content-type: application/javascript
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: W/"6627c958-2f4d"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KwU7hlDhrbw%2Flf%2FC8CPBx9jlpseXZVqiikEtks7TuEKOcBIMmXvVpY1090HimaAMKL7DUSNELvFQiknOEzb%2Fzq0IUO2x9h90heIcLAAsyEZTjHcTg6NuYbFXWReeqyQzp3cs1240UK7Jgx0h"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881bd7157fd65695-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
tb.check-tl-ver-154-2.com/space-robot/assets/style.css?v=4
104.21.37.155 39 kB URL tb.check-tl-ver-154-2.com/space-robot/assets/style.css?v=4
IP 104.21.37.155:0
File type gzip compressed data, from Unix
Hash ce8f2d19a3fcfac1afc78ef47254ee5e
1ffb523a1b923a1331273719bbc85e03fccd2458
76503dd74d1056a681e16c9c84cd7d4e8cadafd5d7e921543e41e0991158e873
GET /space-robot/assets/style.css?v=4 HTTP/1.1
Host: tb.check-tl-ver-154-2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tb.check-tl-ver-154-2.com/space-robot/?pl=4l9EZwXc2kSH_LKKjogwWA&sm=space-robot&click_id=81134us1617h9ktff6&sub_id=20608058&nrid=3e809b999996466f91b0103080b9fe81&hash=GFXzvtFtoyVqUE0ZMpM7pQ&exp=1715364444
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 18:02:25 GMT
content-type: text/css
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: W/"6627c958-1986"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4YnbNI3YF1tD25qEtJrhO4tCCq%2FXFeE%2BKkCnz00Qgnb1LhU9dtuThu9%2F5aGEn0KQ486DK%2BB0g6CeR18U0al06J9MbTbK6NdVAKsHdPxdHcItaWfX7DZsjBhaI2V5jKbPWpthj8Zk57TdEAV6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881bd7157fdc5695-OSL
alt-svc: h3=":443"; ma=86400
www.gstatic.com/firebasejs/10.3.1/firebase-app-compat.js
142.250.74.99 9.3 kB URL www.gstatic.com/firebasejs/10.3.1/firebase-app-compat.js
IP 142.250.74.99:0
File type JavaScript source, ASCII text, with very long lines (28368)
Hash 9900403b65514fad7df39a4e788a6e45
75f9ba061ef4e72bb23528c700f2a11c56d637e9
a202b2051ea9810cd9ba592b3f9418a89e2062f5c185e29e288080b28eb64fe5
GET /firebasejs/10.3.1/firebase-app-compat.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tb.check-tl-ver-154-2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 9308
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 01:57:01 GMT
expires: Fri, 09 May 2025 01:57:01 GMT
cache-control: public, max-age=31536000
age: 144324
last-modified: Thu, 31 Aug 2023 15:20:38 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js
142.250.74.99 9.9 kB URL www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js
IP 142.250.74.99:0
File type JavaScript source, ASCII text, with very long lines (38231)
Hash 0541b823dfaf39162ef84cf075c9951b
e0934726455558cc1a59823efada9651e33aafaa
21f1d62f222007068c793f0947d98f4ccb7c1595adb68efeb783390fdd8b5522
GET /firebasejs/10.3.1/firebase-messaging-compat.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tb.check-tl-ver-154-2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 9934
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 10 May 2024 02:03:17 GMT
expires: Sat, 10 May 2025 02:03:17 GMT
cache-control: public, max-age=31536000
age: 57548
last-modified: Thu, 31 Aug 2023 15:20:50 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.highcpmgate.com/g0rcyaaab7?key=95e6f21cd393f59a1833b1034d8951ec
192.243.59.13 1.3 kB URL www.highcpmgate.com/g0rcyaaab7?key=95e6f21cd393f59a1833b1034d8951ec
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document, ASCII text, with very long lines (410)
Hash e2c5b17e10dff927d4d425bc0c782a82
95d0433c939a4a30dd9e5ed4fab9449b6aa3a54d
088db63abaa8ebc998fcc6a6102f97b05444299a6e6aea829768bdc797545647
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /g0rcyaaab7?key=95e6f21cd393f59a1833b1034d8951ec HTTP/1.1
Host: www.highcpmgate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 10 May 2024 18:02:26 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=23070551; expires=Sat, 11 May 2024 18:02:26 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMzA3MDU1MSwiayI6Ijk1ZTZmMjFjZDM5M2Y1OWExODMzYjEwMzRkODk1MWVjIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozNzk1OTI5LCJwaWQiOjE4MjM3NzAsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MzEsImFpZCI6MjgsInB0Ijo0LCJwayI6ImcwcmN5YWFhYjciLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6IiIsImFyIjpbXX19.U2ebwFjEv1emnUSOTmNQTe-4rPP39OWIepgfVbZEwNQ; expires=Fri, 10 May 2024 18:03:26 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b4749e0397402f4acbe1b184f675705e
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.highcpmgate.com/api/users?token=L2cwcmN5YWFhYjc_a2V5PTk1ZTZmMjFjZDM5M2Y1OWExODMzYjEwMzRkODk1MWVjJnBzdD0xNzE1MzY0MjA2JnJtdGM9dCZzaHU9MDNhOTdiYTZjZTFlZTk4Mjc3YzZlNDU5YjA4ZGUxZmRlMDQzNWQwMmIxNGYxY2ZjNGViMGY1YjQ1NzlhZjBjOGU0OTU5MTcyYmUwNzUzMzI0ZGZhOWQ2YjYxYzA5YzIxYWRjYzgxNWJlYzIzOTQ5MjE5Mzk0YzIyNjVlMjBhOTNmZWVlMjU2YjRmZWJiOGU5YTZhMjE5OWIyZDRiMjAxNzc5YjZjY2Q4NDRmNDA5NmI2NmFmNjAyZjc3MzBkNQ&uuid=&pii=&in=false
172.240.127.234 0 B URL www.highcpmgate.com/api/users?token=L2cwcmN5YWFhYjc_a2V5PTk1ZTZmMjFjZDM5M2Y1OWExODMzYjEwMzRkODk1MWVjJnBzdD0xNzE1MzY0MjA2JnJtdGM9dCZzaHU9MDNhOTdiYTZjZTFlZTk4Mjc3YzZlNDU5YjA4ZGUxZmRlMDQzNWQwMmIxNGYxY2ZjNGViMGY1YjQ1NzlhZjBjOGU0OTU5MTcyYmUwNzUzMzI0ZGZhOWQ2YjYxYzA5YzIxYWRjYzgxNWJlYzIzOTQ5MjE5Mzk0YzIyNjVlMjBhOTNmZWVlMjU2YjRmZWJiOGU5YTZhMjE5OWIyZDRiMjAxNzc5YjZjY2Q4NDRmNDA5NmI2NmFmNjAyZjc3MzBkNQ&uuid=&pii=&in=false
IP 172.240.127.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /api/users?token=L2cwcmN5YWFhYjc_a2V5PTk1ZTZmMjFjZDM5M2Y1OWExODMzYjEwMzRkODk1MWVjJnBzdD0xNzE1MzY0MjA2JnJtdGM9dCZzaHU9MDNhOTdiYTZjZTFlZTk4Mjc3YzZlNDU5YjA4ZGUxZmRlMDQzNWQwMmIxNGYxY2ZjNGViMGY1YjQ1NzlhZjBjOGU0OTU5MTcyYmUwNzUzMzI0ZGZhOWQ2YjYxYzA5YzIxYWRjYzgxNWJlYzIzOTQ5MjE5Mzk0YzIyNjVlMjBhOTNmZWVlMjU2YjRmZWJiOGU5YTZhMjE5OWIyZDRiMjAxNzc5YjZjY2Q4NDRmNDA5NmI2NmFmNjAyZjc3MzBkNQ&uuid=&pii=&in=false HTTP/1.1
Host: www.highcpmgate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.highcpmgate.com/api/users?token=L2cwcmN5YWFhYjc_a2V5PWE5NjljYTVjOWFkMjYxMTc2MmYxMWI3OWE1MjZlMmQyJnN1Ym1ldHJpYz0yMzA3MDU1MQ
Cookie: u_pl=23070551; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMzA3MDU1MSwiayI6Ijk1ZTZmMjFjZDM5M2Y1OWExODMzYjEwMzRkODk1MWVjIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozNzk1OTI5LCJwaWQiOjE4MjM3NzAsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MzEsImFpZCI6MjgsInB0Ijo0LCJwayI6ImcwcmN5YWFhYjciLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6IiIsImFyIjpbXX19.U2ebwFjEv1emnUSOTmNQTe-4rPP39OWIepgfVbZEwNQ; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.21.6
Date: Fri, 10 May 2024 18:02:27 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://wifescamara.click/c9b2l0k.php?key=j9bvotykda242i8ilk8f&SUB_ID_SHORT=39ff65930df2fd99e6c446fedcc31e1e&COST_CPC=&PLACEMENT_ID=23070551&CAMPAIGN_ID=1030445&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Linux&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&REMOTE_LANGUAGE=11&BANNER_ID=2904296
Set-Cookie: iprcb9bac160ca7855a8f588110e1d0cbce1=5206192; expires=Sat, 11 May 2024 18:02:27 GMT
pdhtkv=true; expires=Sat, 11 May 2024 18:02:27 GMT
uncs=1; expires=Sat, 11 May 2024 18:02:27 GMT
pdhtkv28=true; expires=Sat, 11 May 2024 18:02:27 GMT
uncs28=1; expires=Sat, 11 May 2024 18:02:27 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 20f26f35d2f022052afd0a1dac3b3b17
Strict-Transport-Security: max-age=0; includeSubdomains
wifescamara.click/c9b2l0k.php?key=j9bvotykda242i8ilk8f&SUB_ID_SHORT=39ff65930df2fd99e6c446fedcc31e1e&COST_CPC=&PLACEMENT_ID=23070551&CAMPAIGN_ID=1030445&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Linux&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&REMOTE_LANGUAGE=11&BANNER_ID=2904296
192.64.81.118 0 B URL wifescamara.click/c9b2l0k.php?key=j9bvotykda242i8ilk8f&SUB_ID_SHORT=39ff65930df2fd99e6c446fedcc31e1e&COST_CPC=&PLACEMENT_ID=23070551&CAMPAIGN_ID=1030445&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Linux&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&REMOTE_LANGUAGE=11&BANNER_ID=2904296
IP 192.64.81.118:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c9b2l0k.php?key=j9bvotykda242i8ilk8f&SUB_ID_SHORT=39ff65930df2fd99e6c446fedcc31e1e&COST_CPC=&PLACEMENT_ID=23070551&CAMPAIGN_ID=1030445&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Linux&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&REMOTE_LANGUAGE=11&BANNER_ID=2904296 HTTP/1.1
Host: wifescamara.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.highcpmgate.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.22.0
Date: Fri, 10 May 2024 18:02:27 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: uclick=us1617q5tw; expires=Sat, 11-May-2024 18:02:27 GMT; Max-Age=86400; path=/; secure; SameSite=none
uclickhash=us1617q5tw-us1617q5tw-uoxs-0-usa30-9rq5dz-9rq5bl-116a90; expires=Sat, 11-May-2024 18:02:27 GMT; Max-Age=86400; path=/; secure; SameSite=none
Location: https://gzeao.canopusacrux.com/?pl=dR1J35fCDkibR45g1XXjgg&click_id=a3ceaus1617q5tw7cf&sub_id=23070551
Strict-Transport-Security: max-age=31536000
gzeao.canopusacrux.com/?pl=dR1J35fCDkibR45g1XXjgg&click_id=a3ceaus1617q5tw7cf&sub_id=23070551
188.114.97.1 0 B URL gzeao.canopusacrux.com/?pl=dR1J35fCDkibR45g1XXjgg&click_id=a3ceaus1617q5tw7cf&sub_id=23070551
IP 188.114.97.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?pl=dR1J35fCDkibR45g1XXjgg&click_id=a3ceaus1617q5tw7cf&sub_id=23070551 HTTP/1.1
Host: gzeao.canopusacrux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.highcpmgate.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Fri, 10 May 2024 18:02:27 GMT
content-length: 0
location: https://gzeao.check-tl-ver-54-1.com/allow-button/?pl=dR1J35fCDkibR45g1XXjgg&sm=allow-button&click_id=a3ceaus1617q5tw7cf&sub_id=23070551&nrid=cfd89700f2f7455dac5d2f32dcad0cd6&hash=528WzTeD4JI5z3dqeJVa6A&exp=1715364447
set-cookie: dR1J35fCDkibR45g1XXjgg=2; max-age=345600; path=/; samesite=lax
__pl=5a38c7af-4238-4286-8af5-5941cd9d9588; expires=Sun, 10 May 2026 18:02:27 GMT; path=/; samesite=lax
__cap=1; max-age=3600; path=/; samesite=lax
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iyoaEAqZGbgAveZa3vL82Xv9mJkjMf4VvgYIs3q31pFzJDTXWZBUfRDry2jnxibbGzB9b5EnnHC4cuKz%2Fyx0RHfRSwPhy7rSM%2FQyr67OZzwPpsyL%2B7Se7P9dRRnKjFKFUepq4v4b873W"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881bd7226b400b31-OSL
alt-svc: h3=":443"; ma=86400
gzeao.check-tl-ver-54-1.com/allow-button/assets/trls.js
188.114.97.1 15 kB URL gzeao.check-tl-ver-54-1.com/allow-button/assets/trls.js
IP 188.114.97.1:0
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (362), with CRLF line terminators
Hash d4a23c4124d49f909abaef62a8bf47a5
e7b26553db1400d07f1b12137053ebe7b066972f
3efcd61ce47244f47b15c9f5d5749f79b2ddd57e51ebf995267ab02d4dcf2180
GET /allow-button/assets/trls.js HTTP/1.1
Host: gzeao.check-tl-ver-54-1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gzeao.check-tl-ver-54-1.com/allow-button/?pl=dR1J35fCDkibR45g1XXjgg&sm=allow-button&click_id=a3ceaus1617q5tw7cf&sub_id=23070551&nrid=cfd89700f2f7455dac5d2f32dcad0cd6&hash=528WzTeD4JI5z3dqeJVa6A&exp=1715364447
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 18:02:28 GMT
content-type: application/javascript
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: W/"6627c958-1e6a"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ae0zcHvZ3lLm24lQfBrHqWnmR2lBUVLpVro1SQY31CF72FJye150tyfzIbYHoEtsRNnYe3sQ%2BW3w%2FZhaEaU%2BljJ0nJBbKVuswJengcCMLxiFKjV%2BP742kV0rpMQG15JwSYRDN4VXNNb%2BRFWiva8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881bd724dd02b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.gstatic.com/firebasejs/10.3.1/firebase-app-compat.js
142.250.74.99 9.3 kB URL www.gstatic.com/firebasejs/10.3.1/firebase-app-compat.js
IP 142.250.74.99:0
File type JavaScript source, ASCII text, with very long lines (28368)
Hash 9900403b65514fad7df39a4e788a6e45
75f9ba061ef4e72bb23528c700f2a11c56d637e9
a202b2051ea9810cd9ba592b3f9418a89e2062f5c185e29e288080b28eb64fe5
GET /firebasejs/10.3.1/firebase-app-compat.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gzeao.check-tl-ver-54-1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 9308
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 01:57:01 GMT
expires: Fri, 09 May 2025 01:57:01 GMT
cache-control: public, max-age=31536000
age: 144327
last-modified: Thu, 31 Aug 2023 15:20:38 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js
142.250.74.99 9.9 kB URL www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js
IP 142.250.74.99:0
File type JavaScript source, ASCII text, with very long lines (38231)
Hash 0541b823dfaf39162ef84cf075c9951b
e0934726455558cc1a59823efada9651e33aafaa
21f1d62f222007068c793f0947d98f4ccb7c1595adb68efeb783390fdd8b5522
GET /firebasejs/10.3.1/firebase-messaging-compat.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gzeao.check-tl-ver-54-1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 9934
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 10 May 2024 02:03:17 GMT
expires: Sat, 10 May 2025 02:03:17 GMT
cache-control: public, max-age=31536000
age: 57551
last-modified: Thu, 31 Aug 2023 15:20:50 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Early-Data: accepted
va.check-tl-ver-54-1.com/allow-button/?pl=dR1J35fCDkibR45g1XXjgg&sm=allow-button&click_id=a3ceaus1617q5tw7cf&sub_id=23070551&nrid=cfd89700f2f7455dac5d2f32dcad0cd6&hash=528WzTeD4JI5z3dqeJVa6A&exp=1715364447
188.114.97.1 9.5 kB URL va.check-tl-ver-54-1.com/allow-button/?pl=dR1J35fCDkibR45g1XXjgg&sm=allow-button&click_id=a3ceaus1617q5tw7cf&sub_id=23070551&nrid=cfd89700f2f7455dac5d2f32dcad0cd6&hash=528WzTeD4JI5z3dqeJVa6A&exp=1715364447
IP 188.114.97.1:0
File type HTML document, ASCII text, with very long lines (10169)
Hash 80f93dbb557a8864dc665d0ce557af58
963f36ccd9c2e63967ea3a66d051a8b4b7e08ab6
ee4d53ba73ffa074d944eae12df6386888e842ce4ca82d0ca6d6779256257f3b
GET /allow-button/?pl=dR1J35fCDkibR45g1XXjgg&sm=allow-button&click_id=a3ceaus1617q5tw7cf&sub_id=23070551&nrid=cfd89700f2f7455dac5d2f32dcad0cd6&hash=528WzTeD4JI5z3dqeJVa6A&exp=1715364447 HTTP/1.1
Host: va.check-tl-ver-54-1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gzeao.check-tl-ver-54-1.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 18:02:28 GMT
content-type: text/html
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9vsqFxxdQR%2FL8rWPt8fjsb51Lwt1kiO3QEExL%2Fcxbi3Fg816LV5OksF0Xw7OTm8h8kSD5TJwEIdp%2B275DSlY5YSFNUdX%2FeIJcsRmjXvQP5R5QrsS2YW%2F6FJ3fKgy%2BVX1W8jlmmQmAmMWSl4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881bd727a8d7b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.gstatic.com/firebasejs/10.3.1/firebase-app-compat.js
142.250.74.99 9.3 kB URL www.gstatic.com/firebasejs/10.3.1/firebase-app-compat.js
IP 142.250.74.99:0
File type JavaScript source, ASCII text, with very long lines (28368)
Hash 9900403b65514fad7df39a4e788a6e45
75f9ba061ef4e72bb23528c700f2a11c56d637e9
a202b2051ea9810cd9ba592b3f9418a89e2062f5c185e29e288080b28eb64fe5
GET /firebasejs/10.3.1/firebase-app-compat.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://va.check-tl-ver-54-1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 9308
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 01:57:01 GMT
expires: Fri, 09 May 2025 01:57:01 GMT
cache-control: public, max-age=31536000
age: 144327
last-modified: Thu, 31 Aug 2023 15:20:38 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js
142.250.74.99 9.9 kB URL www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js
IP 142.250.74.99:0
File type JavaScript source, ASCII text, with very long lines (38231)
Hash 0541b823dfaf39162ef84cf075c9951b
e0934726455558cc1a59823efada9651e33aafaa
21f1d62f222007068c793f0947d98f4ccb7c1595adb68efeb783390fdd8b5522
GET /firebasejs/10.3.1/firebase-messaging-compat.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://va.check-tl-ver-54-1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 9934
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 10 May 2024 02:03:17 GMT
expires: Sat, 10 May 2025 02:03:17 GMT
cache-control: public, max-age=31536000
age: 57551
last-modified: Thu, 31 Aug 2023 15:20:50 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
glugherg.net/sftouch?userId=0080586b3d21461bfb536f030e49fb56&z=6662145&p_rid=fa72af7d-59cb-4cc6-82dd-e8be1a66fc70&p_src=sf&branchId=0&rb=KPMqZspqKjnZSXahZmxW-VRtUgUZSkDGnzrXfGvoJKNTnhAJbv5q_hMvOUZlJ1g7L81DCLfZCVFRizwqRaLTQ3KusIfzeqNlTqdcIyA7vKiNzQdDnwkA93u1rMyAQlygJaxx-i_fAlgPYIaf5dbB51cgYim26dTRankq2A-hDZLQgS8h0MzftfbZhoIDmhGY9_NMENw2KOXMya8ox5Hy5KPZeNHLbir-qnkX42I2LUM=
139.45.197.237 2 B URL glugherg.net/sftouch?userId=0080586b3d21461bfb536f030e49fb56&z=6662145&p_rid=fa72af7d-59cb-4cc6-82dd-e8be1a66fc70&p_src=sf&branchId=0&rb=KPMqZspqKjnZSXahZmxW-VRtUgUZSkDGnzrXfGvoJKNTnhAJbv5q_hMvOUZlJ1g7L81DCLfZCVFRizwqRaLTQ3KusIfzeqNlTqdcIyA7vKiNzQdDnwkA93u1rMyAQlygJaxx-i_fAlgPYIaf5dbB51cgYim26dTRankq2A-hDZLQgS8h0MzftfbZhoIDmhGY9_NMENw2KOXMya8ox5Hy5KPZeNHLbir-qnkX42I2LUM=
IP 139.45.197.237:0
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /sftouch?userId=0080586b3d21461bfb536f030e49fb56&z=6662145&p_rid=fa72af7d-59cb-4cc6-82dd-e8be1a66fc70&p_src=sf&branchId=0&rb=KPMqZspqKjnZSXahZmxW-VRtUgUZSkDGnzrXfGvoJKNTnhAJbv5q_hMvOUZlJ1g7L81DCLfZCVFRizwqRaLTQ3KusIfzeqNlTqdcIyA7vKiNzQdDnwkA93u1rMyAQlygJaxx-i_fAlgPYIaf5dbB51cgYim26dTRankq2A-hDZLQgS8h0MzftfbZhoIDmhGY9_NMENw2KOXMya8ox5Hy5KPZeNHLbir-qnkX42I2LUM= HTTP/1.1
Host: glugherg.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://glugherg.net
DNT: 1
Connection: keep-alive
Referer: https://glugherg.net/4/6662145
Cookie: OAID=0080586b3d21461bfb536f030e49fb56; oaidts=1715364149
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 18:02:29 GMT
content-type: text/plain
content-length: 2
x-trace-id: e6f6c14dd03e614086f5c3cea1117c6c
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://glugherg.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
my.rtmark.net/img.gif?f=merge&userId=0080586b3d21461bfb536f030e49fb56&z=6662145&p_rid=fa72af7d-59cb-4cc6-82dd-e8be1a66fc70&p_src=sf
139.45.195.8 43 B URL my.rtmark.net/img.gif?f=merge&userId=0080586b3d21461bfb536f030e49fb56&z=6662145&p_rid=fa72af7d-59cb-4cc6-82dd-e8be1a66fc70&p_src=sf
IP 139.45.195.8:0
File type GIF image data, version 89a, 1 x 1
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /img.gif?f=merge&userId=0080586b3d21461bfb536f030e49fb56&z=6662145&p_rid=fa72af7d-59cb-4cc6-82dd-e8be1a66fc70&p_src=sf HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://glugherg.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 18:02:29 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=0080586b3d21461bfb536f030e49fb56; expires=Sat, 10 May 2025 18:02:29 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
glugherg.net/favicon.ico
139.45.197.237 0 B IP 139.45.197.237:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /favicon.ico HTTP/1.1
Host: glugherg.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://glugherg.net/4/6662145
Cookie: OAID=0080586b3d21461bfb536f030e49fb56; oaidts=1715364149
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Fri, 10 May 2024 18:02:29 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
pragma: public
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
X-Firefox-Spdy: h2
glugherg.net/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=fa72af7d-59cb-4cc6-82dd-e8be1a66fc70
139.45.197.237 12 B URL glugherg.net/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=fa72af7d-59cb-4cc6-82dd-e8be1a66fc70
IP 139.45.197.237:0
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=fa72af7d-59cb-4cc6-82dd-e8be1a66fc70 HTTP/1.1
Host: glugherg.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1381
Origin: https://glugherg.net
DNT: 1
Connection: keep-alive
Referer: https://glugherg.net/4/6662145
Cookie: OAID=0080586b3d21461bfb536f030e49fb56; oaidts=1715364149
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 18:02:29 GMT
content-type: application/json; charset=utf-8
content-length: 12
access-control-allow-origin: https://glugherg.net
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
glugherg.net/?z=6662145&syncedCookie=true&rhd=false
139.45.197.237 0 B URL glugherg.net/?z=6662145&syncedCookie=true&rhd=false
IP 139.45.197.237:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /?z=6662145&syncedCookie=true&rhd=false HTTP/1.1
Host: glugherg.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 520
Origin: https://glugherg.net
DNT: 1
Connection: keep-alive
Referer: https://glugherg.net/afu.php?zoneid=6662145&var=6662145&rid=XXz4jyvWNyEJSqRKY8d18w%3D%3D&rhd=false&ab2r=0&sf=1
Cookie: OAID=0080586b3d21461bfb536f030e49fb56; oaidts=1715364149
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Fri, 10 May 2024 18:02:29 GMT
content-length: 0
location: https://millinschioner.com/cac6f840-a47c-4cc3-bd0f-02a6f8972f0d?zoneid=6662145&bannerid=20854761&zonetype={zone_type}&campaignid=8131625&device=desktop®ion=03&isp=blix group as&useragent=Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0&language=en&connectiontype=broadband&cost=0.001050&visitor_id=812858759725715675
x-trace-id: 00680a75f15b04376adc2294e44febb3
link: <https://millinschioner.com>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
referrer-policy: no-referrer
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://glugherg.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=0080586b3d21461bfb536f030e49fb56; expires=Sat, 10 May 2025 18:02:29 GMT; path=/; secure; SameSite=None
oaidts=1715364149; expires=Sat, 10 May 2025 18:02:29 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Fri, 17 May 2024 18:02:29 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
millinschioner.com/cac6f840-a47c-4cc3-bd0f-02a6f8972f0d?zoneid=6662145&bannerid=20854761&zonetype={zone_type}&campaignid=8131625&device=desktop®ion=03&isp=blix%20group%20as&useragent=Mozilla/5.0%20(X11;%20Linux%20x86_64;%20rv:96.0)%20Gecko/20100101%20Firefox/96.0&language=en&connectiontype=broadband&cost=0.001050&visitor_id=812858759725715675
54.230.111.57302 Found 0 B URL User Request GET HTTP/2 millinschioner.com/cac6f840-a47c-4cc3-bd0f-02a6f8972f0d?zoneid=6662145&bannerid=20854761&zonetype={zone_type}&campaignid=8131625&device=desktop®ion=03&isp=blix%20group%20as&useragent=Mozilla/5.0%20(X11;%20Linux%20x86_64;%20rv:96.0)%20Gecko/20100101%20Firefox/96.0&language=en&connectiontype=broadband&cost=0.001050&visitor_id=812858759725715675
IP 54.230.111.57:443
Certificate IssuerAmazon
Subjectmillinschioner.com
FingerprintB8:2B:38:47:5B:8E:09:D0:A4:F1:B7:52:6D:0A:E4:03:79:CA:13:40
ValidityMon, 12 Feb 2024 00:00:00 GMT - Wed, 12 Mar 2025 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cac6f840-a47c-4cc3-bd0f-02a6f8972f0d?zoneid=6662145&bannerid=20854761&zonetype={zone_type}&campaignid=8131625&device=desktop®ion=03&isp=blix%20group%20as&useragent=Mozilla/5.0%20(X11;%20Linux%20x86_64;%20rv:96.0)%20Gecko/20100101%20Firefox/96.0&language=en&connectiontype=broadband&cost=0.001050&visitor_id=812858759725715675 HTTP/1.1
Host: millinschioner.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-length: 0
location: https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=wk37rut9fionlq6130c2as5q
date: Fri, 10 May 2024 18:02:29 GMT
cache-control: no-store, no-cache, pre-check=0, post-check=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: cac6f840-a47c-4cc3-bd0f-02a6f8972f0d-v4=H-nCJdIr39x0qbn57QsAo2saugly6AiJmSzZTfHX8e0; Max-Age=86400; Expires=Sat, 11-May-2024 18:02:29 GMT; Domain=millinschioner.com; Path=/; Secure; HttpOnly;SameSite=None
voluum-cid-v4=%7B%22cid%22%3A%22wk37rut9fionlq6130c2as5q%22%2C%22caid%22%3A%22cac6f840-a47c-4cc3-bd0f-02a6f8972f0d%22%7D; Max-Age=31536000; Expires=Sat, 10-May-2025 18:02:29 GMT; Domain=millinschioner.com; Path=/; Secure; HttpOnly;SameSite=None
server: nginx
x-cache: Miss from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: yQz8qfShdh2cAAfz0oBi_2KS3smjvAN-H6HNhr_lqYzuMQnhCEn84g==
X-Firefox-Spdy: h2
alphabookbet.com/assets/public/producers-icon/ruby-play-small.png
104.21.11.147200 OK 3.7 kB URL GET HTTP/3 alphabookbet.com/assets/public/producers-icon/ruby-play-small.png
IP 104.21.11.147:443
Requested by https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=wk37rut9fionlq6130c2as5q
Certificate IssuerGoogle Trust Services LLC
Subjectalphabookbet.com
Fingerprint24:32:C4:83:7D:C1:33:4D:0D:18:31:71:12:62:C6:5F:4E:76:A2:88
ValidityTue, 16 Apr 2024 09:14:41 GMT - Mon, 15 Jul 2024 09:14:40 GMT
File type gzip compressed data, from Unix
Hash 17589b7f82d69024808761c81bb087a4
ffc38d1891ed0871e99138e66fc4c60d58382000
e9c59371dea472cfc81b88e1683d82292d7a5a80dd1cefa1b51102ceadc4863f
GET /assets/public/producers-icon/ruby-play-small.png HTTP/1.1
Host: alphabookbet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=wk37rut9fionlq6130c2as5q
Cookie: locale=en; deviceType=desktop; isPwa=false; userTrackingCodes=%7B%22btag%22%3A%22p55317p55622p2ac1%26subid%3Dwk37rut9fionlq6130c2as5q%22%7D; connect.sid=s%3ALc7vrHV6R_VUkuZmWtVOckkiUgqyeF_-.CsviaG0DRQbkoCTtfr4FB%2BdAReqFqD9MLCirPZRpwj0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 18:02:31 GMT
content-type: image/png
last-modified: Thu, 02 May 2024 08:08:51 GMT
etag: W/"66334a13-c97"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 4108
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tn8jXyQb7zFpUgVAyyzNwiMF6Cu4cLysNriV6ly6T%2FpLMXDPifVfTmKYoN7yUaC8MhrDvYocgE%2FoAB3%2BT2xjrGuhKPHifkPRlKszbHostYV%2FhJty%2F%2FSotKqkybZTt03N1f8y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881bd73968e456cc-OSL
alt-svc: h3=":443"; ma=86400
glugherg.net/4/6662145
139.45.197.237 116 kB IP 139.45.197.237:0
File type gzip compressed data, max speed, from Unix
Size 116 kB (115554 bytes)
Hash fd2ce63b4a6f320deed75db80ca74306
963c6738b83aeff4fa1b64cc7ce9b98dc76eed06
f975e4760508ae11dfee3d0d4fc08375d1f77af138dcb265370380e3eb2abff1
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /4/6662145 HTTP/1.1
Host: glugherg.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 18:02:29 GMT
content-type: text/html; charset=utf8
x-trace-id: a4027c58b82e77ebc000c8ba0146d90b
link: <https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=0080586b3d21461bfb536f030e49fb56; expires=Sat, 10 May 2025 18:02:29 GMT; path=/; secure; SameSite=None
oaidts=1715364149; expires=Sat, 10 May 2025 18:02:29 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
alphabookbet.com/assets/public/images/footer-social/instagram.png
104.21.11.147 4.3 kB URL alphabookbet.com/assets/public/images/footer-social/instagram.png
IP 104.21.11.147:0
Certificate IssuerGoogle Trust Services LLC
Subjectalphabookbet.com
Fingerprint24:32:C4:83:7D:C1:33:4D:0D:18:31:71:12:62:C6:5F:4E:76:A2:88
ValidityTue, 16 Apr 2024 09:14:41 GMT - Mon, 15 Jul 2024 09:14:40 GMT
File type gzip compressed data, from Unix
Hash 383eadad91c46cc299d45b9cc29a87c5
70c9e09a6ce608c5fa81260803c50620e1861136
7911f07c0b396ec6bdac1b0e4c40a3b05269e819d653614b640012d86c239463
GET /assets/public/images/footer-social/instagram.png HTTP/1.1
Host: alphabookbet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=wk37rut9fionlq6130c2as5q
Cookie: locale=en; deviceType=desktop; isPwa=false; userTrackingCodes=%7B%22btag%22%3A%22p55317p55622p2ac1%26subid%3Dwk37rut9fionlq6130c2as5q%22%7D; connect.sid=s%3ALc7vrHV6R_VUkuZmWtVOckkiUgqyeF_-.CsviaG0DRQbkoCTtfr4FB%2BdAReqFqD9MLCirPZRpwj0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 18:02:31 GMT
content-type: image/png
last-modified: Thu, 02 May 2024 08:08:51 GMT
etag: W/"66334a13-aa9"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 4934
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DTqYnB7ZJwah77pIEPteK9eoPiOh4TIJouLKWKSEat8XruAm%2BcTD7wxmkwOGTVdWrPRkpw83sJUkdss6UUajjL%2BIT2Y2OFhecZGTS6SrwOSGh%2Fole9OaOcOCGUoN6S%2F6cI8t"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881bd739890856cc-OSL
alt-svc: h3=":443"; ma=86400
alphabookbet.com/assets/main.5c02046c6706569f0122.js
104.21.11.147 974 kB URL alphabookbet.com/assets/main.5c02046c6706569f0122.js
IP 104.21.11.147:0
Certificate IssuerGoogle Trust Services LLC
Subjectalphabookbet.com
Fingerprint24:32:C4:83:7D:C1:33:4D:0D:18:31:71:12:62:C6:5F:4E:76:A2:88
ValidityTue, 16 Apr 2024 09:14:41 GMT - Mon, 15 Jul 2024 09:14:40 GMT
File type gzip compressed data, from Unix
Size 974 kB (973934 bytes)
Hash f0581c7d446c618c321af58bcb0a1bb5
8363e4377b415d1695f566e709c3182d4a0b93b0
fa2e212e721df3aea61a2943f4ea680c074ec07aaf39075fe12582414c8d5ec6
GET /assets/main.5c02046c6706569f0122.js HTTP/1.1
Host: alphabookbet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=wk37rut9fionlq6130c2as5q
Cookie: locale=en; deviceType=desktop; isPwa=false; userTrackingCodes=%7B%22btag%22%3A%22p55317p55622p2ac1%26subid%3Dwk37rut9fionlq6130c2as5q%22%7D; connect.sid=s%3ALc7vrHV6R_VUkuZmWtVOckkiUgqyeF_-.CsviaG0DRQbkoCTtfr4FB%2BdAReqFqD9MLCirPZRpwj0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 18:02:31 GMT
content-type: application/javascript
last-modified: Thu, 02 May 2024 08:08:51 GMT
etag: W/"66334a13-34e9c2"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 2506
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XPMZsHiqNsh1hXBQXa2NiXyvgkDM64syXZ1gPaO%2BsQFKylzECLIoSUnwQ3uAnyTPQv5DrgMSndHfU%2BvwwYkT9UDh71BJsDIRhyyzJUxnxAjiBkqLtoI2LH%2F9G%2BJN3GbHDB1L"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881bd73a6a3956cc-OSL
alt-svc: h3=":443"; ma=86400
alphabookbet.com/assets/public/producers-icon/game-corps.png
104.21.11.147 42 kB URL alphabookbet.com/assets/public/producers-icon/game-corps.png
IP 104.21.11.147:0
Certificate IssuerGoogle Trust Services LLC
Subjectalphabookbet.com
Fingerprint24:32:C4:83:7D:C1:33:4D:0D:18:31:71:12:62:C6:5F:4E:76:A2:88
ValidityTue, 16 Apr 2024 09:14:41 GMT - Mon, 15 Jul 2024 09:14:40 GMT
File type gzip compressed data, from Unix
Hash 7bdb5a9c9c4945ea20483a999a2ec87a
0a4457c5d63d15519e288e126f06e3ac72c64b59
5d93b17b2407f112ae9eccc1f36be87b538cf73322fc93722197d18b03ebc797
GET /assets/public/producers-icon/game-corps.png HTTP/1.1
Host: alphabookbet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=wk37rut9fionlq6130c2as5q
Cookie: locale=en; deviceType=desktop; isPwa=false; userTrackingCodes=%7B%22btag%22%3A%22p55317p55622p2ac1%26subid%3Dwk37rut9fionlq6130c2as5q%22%7D; connect.sid=s%3ALc7vrHV6R_VUkuZmWtVOckkiUgqyeF_-.CsviaG0DRQbkoCTtfr4FB%2BdAReqFqD9MLCirPZRpwj0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 18:02:31 GMT
content-type: image/png
last-modified: Thu, 02 May 2024 08:08:51 GMT
etag: W/"66334a13-a66"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 4935
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ll7v5nNvFSPlP16FVCvPpBqG5XsstZtBuBsHb7LW%2BuKdg%2B8Iaap80W17Zg40mHQcUNrnoxNwDEjCiGFvMKWqwGMhHgvGDO5f7a9yBLmsr5D%2Fz6SIwysNdY%2BcmogXI2vxwj%2BA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881bd73968e556cc-OSL
alt-svc: h3=":443"; ma=86400
alphabookbet.com/assets/public/fonts/mori/PPMori-Bold.woff2
104.21.11.147 41 kB URL alphabookbet.com/assets/public/fonts/mori/PPMori-Bold.woff2
IP 104.21.11.147:0
Certificate IssuerGoogle Trust Services LLC
Subjectalphabookbet.com
Fingerprint24:32:C4:83:7D:C1:33:4D:0D:18:31:71:12:62:C6:5F:4E:76:A2:88
ValidityTue, 16 Apr 2024 09:14:41 GMT - Mon, 15 Jul 2024 09:14:40 GMT
File type Web Open Font Format (Version 2), TrueType, length 41268, version 1.0
Hash b9eb4972777f0182fe841bbc280e5cde
edc69b1aa4b56048ea6b5c0217dabe8144036e25
d37ab938d33fe41fec69cc38c301a5ab7cb5ab928dba29d9e9407582e08d3d24
GET /assets/public/fonts/mori/PPMori-Bold.woff2 HTTP/1.1
Host: alphabookbet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/assets/theme.31e3a9f5096fcfb21796.css
Cookie: locale=en; deviceType=desktop; isPwa=false; userTrackingCodes=%7B%22btag%22%3A%22p55317p55622p2ac1%26subid%3Dwk37rut9fionlq6130c2as5q%22%7D; connect.sid=s%3ALc7vrHV6R_VUkuZmWtVOckkiUgqyeF_-.CsviaG0DRQbkoCTtfr4FB%2BdAReqFqD9MLCirPZRpwj0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 18:02:31 GMT
content-type: application/octet-stream
content-length: 41268
last-modified: Thu, 02 May 2024 08:08:51 GMT
etag: "66334a13-a134"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2497
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jyVuzVfSV3AiX0X8unKm85iSRYsg2hSp%2FSKljwcwo9DSPakBfwktcjfm4IRQaE77z%2B8oz9ELR8dmhgaiwRGn4HdEu6B9%2BxSZt1R6%2BCQGoAXPDtfzVOVUqs1PpQG1i%2F%2FAuUAe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881bd73cdd5a56cc-OSL
alt-svc: h3=":443"; ma=86400
alphabookbet.com/assets/public/images/footer-social/facebook.png
104.21.11.147 70 kB URL alphabookbet.com/assets/public/images/footer-social/facebook.png
IP 104.21.11.147:0
Certificate IssuerGoogle Trust Services LLC
Subjectalphabookbet.com
Fingerprint24:32:C4:83:7D:C1:33:4D:0D:18:31:71:12:62:C6:5F:4E:76:A2:88
ValidityTue, 16 Apr 2024 09:14:41 GMT - Mon, 15 Jul 2024 09:14:40 GMT
File type gzip compressed data, from Unix
Hash 2a53333fc9602c9e3b12b9890ace1dea
fb0ed9b59d48a7c19e6a0c6cbdf5303247c17b0f
fde8fd9d944bcb5f2453149264291b7c10b85690cc74dec26fe48136c0f9fb0a
GET /assets/public/images/footer-social/facebook.png HTTP/1.1
Host: alphabookbet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=wk37rut9fionlq6130c2as5q
Cookie: locale=en; deviceType=desktop; isPwa=false; userTrackingCodes=%7B%22btag%22%3A%22p55317p55622p2ac1%26subid%3Dwk37rut9fionlq6130c2as5q%22%7D; connect.sid=s%3ALc7vrHV6R_VUkuZmWtVOckkiUgqyeF_-.CsviaG0DRQbkoCTtfr4FB%2BdAReqFqD9MLCirPZRpwj0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 18:02:31 GMT
content-type: image/png
last-modified: Thu, 02 May 2024 08:08:51 GMT
etag: W/"66334a13-267"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 4934
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iOZQC7BsISDWaz77wc%2BDReUebS973LFPZ9kZEytHn0bBRnUpb94KwtT%2BKFUaxaKF0uXM%2Bui%2FCXWqw1aeMaJaPDdSSlWhTiI6%2ByA0aOZ1B94JbNLaRyg1yop7DiOSnV4ZV9O0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881bd739891356cc-OSL
alt-svc: h3=":443"; ma=86400
alphabookbet.com/assets/public/producers-icon/gamesinc-small.png
104.21.11.147 14 kB URL alphabookbet.com/assets/public/producers-icon/gamesinc-small.png
IP 104.21.11.147:0
Certificate IssuerGoogle Trust Services LLC
Subjectalphabookbet.com
Fingerprint24:32:C4:83:7D:C1:33:4D:0D:18:31:71:12:62:C6:5F:4E:76:A2:88
ValidityTue, 16 Apr 2024 09:14:41 GMT - Mon, 15 Jul 2024 09:14:40 GMT
File type gzip compressed data, from Unix
Hash 1390eaec92c1f3af7c4d2b1df75f9a4c
6621c76a57ba4c436c449649b6fed4db32d90232
9aba760e4ef6c2ab223dbf70641800200a173fbb792b5122867f3ace4c2ba2eb
GET /assets/public/producers-icon/gamesinc-small.png HTTP/1.1
Host: alphabookbet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=wk37rut9fionlq6130c2as5q
Cookie: locale=en; deviceType=desktop; isPwa=false; userTrackingCodes=%7B%22btag%22%3A%22p55317p55622p2ac1%26subid%3Dwk37rut9fionlq6130c2as5q%22%7D; connect.sid=s%3ALc7vrHV6R_VUkuZmWtVOckkiUgqyeF_-.CsviaG0DRQbkoCTtfr4FB%2BdAReqFqD9MLCirPZRpwj0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 18:02:31 GMT
content-type: image/png
last-modified: Thu, 02 May 2024 08:08:51 GMT
etag: W/"66334a13-4a9"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 4934
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pnZ4Zcd6Uu7O3WXNFOJhUk1aXlUffuB%2Fu6nMZtojPln1scNjSiHKrflYDRYSSsKiMIPDynNZeIkmvFgA%2BJS1a1OyQP%2BHnx3n65IwpRDPtjKcxA3iO1q74aTZq%2B%2FbFxohWZfj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881bd73978f156cc-OSL
alt-svc: h3=":443"; ma=86400
licensing.gaming-curacao.com/images/gc-logo.png
172.67.20.245200 OK 23 kB URL GET HTTP/2 licensing.gaming-curacao.com/images/gc-logo.png
IP 172.67.20.245:443
Requested by https://licensing.gaming-curacao.com/validator/?lh=ef5d00f94b7d7146760f228013c4867a&template=tseal
Certificate IssuerLet's Encrypt
Subjectgaming-curacao.com
Fingerprint44:CF:7C:81:A0:6F:EE:C8:08:34:16:FE:D7:77:43:F2:08:68:DC:44
ValidityMon, 08 Apr 2024 03:14:27 GMT - Sun, 07 Jul 2024 03:14:26 GMT
File type PNG image data, 467 x 153, 8-bit/color RGBA, non-interlaced
Hash 345b8202717ca046a3a42458c4195889
8191ac7afafd013f5c6202cd8fc0cb9bfe47ae19
1fe41354b33c5e3476dd644b879cb89bf596193b46b036ce3a3b6c097a21ca53
GET /images/gc-logo.png HTTP/1.1
Host: licensing.gaming-curacao.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://licensing.gaming-curacao.com/validator/?lh=ef5d00f94b7d7146760f228013c4867a&template=tseal
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 10 May 2024 18:02:32 GMT
content-type: image/png
content-length: 23156
last-modified: Fri, 12 Oct 2018 11:28:23 GMT
etag: "5a74-57806629ac3c0"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4910
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 881bd741797a5689-OSL
X-Firefox-Spdy: h2
licensing.gaming-curacao.com/validator/images/verified.png
172.67.20.245200 OK 953 B URL GET HTTP/2 licensing.gaming-curacao.com/validator/images/verified.png
IP 172.67.20.245:443
Requested by https://licensing.gaming-curacao.com/validator/?lh=ef5d00f94b7d7146760f228013c4867a&template=tseal
Certificate IssuerLet's Encrypt
Subjectgaming-curacao.com
Fingerprint44:CF:7C:81:A0:6F:EE:C8:08:34:16:FE:D7:77:43:F2:08:68:DC:44
ValidityMon, 08 Apr 2024 03:14:27 GMT - Sun, 07 Jul 2024 03:14:26 GMT
File type PNG image data, 43 x 32, 8-bit/color RGBA, non-interlaced
Hash c1c467d17b067adc5cf9c59f68158293
00c9d7a48d611755224491a60e5c3e9bc71bd8e5
7734cd90da737336b1480bd252c52c3a416800ce0a7216368b9e9ee4c398c62a
GET /validator/images/verified.png HTTP/1.1
Host: licensing.gaming-curacao.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://licensing.gaming-curacao.com/validator/?lh=ef5d00f94b7d7146760f228013c4867a&template=tseal
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 10 May 2024 18:02:32 GMT
content-type: image/png
content-length: 953
last-modified: Fri, 12 Oct 2018 14:39:35 GMT
etag: "3b9-578090e6397c0"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4889
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 881bd74179805689-OSL
X-Firefox-Spdy: h2
licensing.gaming-curacao.com/validator/images/gotham-book.woff
172.67.20.245 21 kB URL licensing.gaming-curacao.com/validator/images/gotham-book.woff
IP 172.67.20.245:0
Certificate IssuerLet's Encrypt
Subjectgaming-curacao.com
Fingerprint44:CF:7C:81:A0:6F:EE:C8:08:34:16:FE:D7:77:43:F2:08:68:DC:44
ValidityMon, 08 Apr 2024 03:14:27 GMT - Sun, 07 Jul 2024 03:14:26 GMT
File type Web Open Font Format, TrueType, length 21040, version 1.200
Hash ef0c0d54bf76955e1c3687490d73a0ad
8c314ebc4c3d8a7ca1ef84f8dfb1935b33e46888
c6fad3d6fb62f82aebd05c60800e16b3f7e878d468bbbe7ae4af0c35a9579aff
GET /validator/images/gotham-book.woff HTTP/1.1
Host: licensing.gaming-curacao.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://licensing.gaming-curacao.com/validator/images/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 10 May 2024 18:02:32 GMT
content-type: application/font-woff
content-length: 21040
last-modified: Fri, 12 Oct 2018 14:49:29 GMT
etag: "5230-5780931cb5040"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5013
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 881bd741a9a75689-OSL
X-Firefox-Spdy: h2
alphabookbet.com/assets/public/producers-icon/betsolutions-small.png
104.21.11.147200 OK 51 kB URL GET HTTP/3 alphabookbet.com/assets/public/producers-icon/betsolutions-small.png
IP 104.21.11.147:443
Requested by https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=wk37rut9fionlq6130c2as5q
Certificate IssuerGoogle Trust Services LLC
Subjectalphabookbet.com
Fingerprint24:32:C4:83:7D:C1:33:4D:0D:18:31:71:12:62:C6:5F:4E:76:A2:88
ValidityTue, 16 Apr 2024 09:14:41 GMT - Mon, 15 Jul 2024 09:14:40 GMT
File type gzip compressed data, from Unix
Hash 60b5ccba745defb0293ca68d994f5c4d
b18e9b8e0e5e95ccd7724e3c16a16f88a38e16d3
674c6c50550a405a5f65ff9324c35904643c9c7e2ce97e2b9870d4f6579e8f80
GET /assets/public/producers-icon/betsolutions-small.png HTTP/1.1
Host: alphabookbet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=wk37rut9fionlq6130c2as5q
Cookie: locale=en; deviceType=desktop; isPwa=false; userTrackingCodes=%7B%22btag%22%3A%22p55317p55622p2ac1%26subid%3Dwk37rut9fionlq6130c2as5q%22%7D; connect.sid=s%3ALc7vrHV6R_VUkuZmWtVOckkiUgqyeF_-.CsviaG0DRQbkoCTtfr4FB%2BdAReqFqD9MLCirPZRpwj0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 18:02:31 GMT
content-type: image/png
last-modified: Thu, 02 May 2024 08:08:51 GMT
etag: W/"66334a13-4f0"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 4934
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zz7UhuPOuDD2TcCHBTj3cEC3%2FRux5EZ4Da%2FaNEgoR2dRuINOh0OLIqrV2jsDQRGi69qGD2CLOru64dbZvc%2BuC%2FpHJtOd37ltiSRS%2FEi6E%2FE15v%2Bgli%2BltqDOMqD1GoGKGfBk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881bd73978f656cc-OSL
alt-svc: h3=":443"; ma=86400
alphabookbet.com/assets/public/fonts/mori/PPMori-Regular.woff2
104.21.11.147200 OK 37 kB URL GET HTTP/3 alphabookbet.com/assets/public/fonts/mori/PPMori-Regular.woff2
IP 104.21.11.147:443
Requested by https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=wk37rut9fionlq6130c2as5q
Certificate IssuerGoogle Trust Services LLC
Subjectalphabookbet.com
Fingerprint24:32:C4:83:7D:C1:33:4D:0D:18:31:71:12:62:C6:5F:4E:76:A2:88
ValidityTue, 16 Apr 2024 09:14:41 GMT - Mon, 15 Jul 2024 09:14:40 GMT
File type Web Open Font Format (Version 2), TrueType, length 36944, version 1.0
Hash 167e1cf5fed6b58439cac0f8cbc8b112
6257b8db5be9b64ac8df883bd15f93549bc5fd3a
87a8c06a966031596415b7d116bcdad5fc51e32b613b386491094a87a0e36714
GET /assets/public/fonts/mori/PPMori-Regular.woff2 HTTP/1.1
Host: alphabookbet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/assets/theme.31e3a9f5096fcfb21796.css
Cookie: locale=en; deviceType=desktop; isPwa=false; userTrackingCodes=%7B%22btag%22%3A%22p55317p55622p2ac1%26subid%3Dwk37rut9fionlq6130c2as5q%22%7D; connect.sid=s%3ALc7vrHV6R_VUkuZmWtVOckkiUgqyeF_-.CsviaG0DRQbkoCTtfr4FB%2BdAReqFqD9MLCirPZRpwj0; _ga_LWDH4XKP02=GS1.1.1715364152.1.0.1715364152.0.0.0; _ga=GA1.1.1549650673.1715364153
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 18:02:32 GMT
content-type: application/octet-stream
content-length: 36944
last-modified: Thu, 02 May 2024 08:08:51 GMT
etag: "66334a13-9050"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4883
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1L%2FrEjo1YHzYSQ8LH%2FeQ%2BBJiJwJTyTu9dVUTrsKRiUZWVC0sOBY0%2F%2F3i1riTBIJTcbkoHgWVPBOIoKEHSkxMVizmaAqc8DAgfRoOBTQC7eS7AoPFr%2FgA7rTu8Y912RIckBEy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881bd743bd5f56cc-OSL
alt-svc: h3=":443"; ma=86400
alphabookbet.com/assets/public/favicon/favicon-16x16.png
104.21.11.147 42 kB URL alphabookbet.com/assets/public/favicon/favicon-16x16.png
IP 104.21.11.147:0
Certificate IssuerGoogle Trust Services LLC
Subjectalphabookbet.com
Fingerprint24:32:C4:83:7D:C1:33:4D:0D:18:31:71:12:62:C6:5F:4E:76:A2:88
ValidityTue, 16 Apr 2024 09:14:41 GMT - Mon, 15 Jul 2024 09:14:40 GMT
File type gzip compressed data, from Unix
Hash c09fca1fc6896475e1ec1e82f40cff94
b0de1141af0f828f6899c380ba4f05c0a40b3171
a071368684693b32f311e14ad3610801094376047dd91ca6f33fede403d973b0
GET /assets/public/favicon/favicon-16x16.png HTTP/1.1
Host: alphabookbet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=wk37rut9fionlq6130c2as5q
Cookie: locale=en; deviceType=desktop; isPwa=false; userTrackingCodes=%7B%22btag%22%3A%22p55317p55622p2ac1%26subid%3Dwk37rut9fionlq6130c2as5q%22%7D; connect.sid=s%3ALc7vrHV6R_VUkuZmWtVOckkiUgqyeF_-.CsviaG0DRQbkoCTtfr4FB%2BdAReqFqD9MLCirPZRpwj0; _ga_LWDH4XKP02=GS1.1.1715364152.1.0.1715364152.0.0.0; _ga=GA1.1.1549650673.1715364153
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 18:02:32 GMT
content-type: image/png
last-modified: Thu, 02 May 2024 08:08:51 GMT
etag: W/"66334a13-118"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 6092
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9CzNTMEH7g4lVYwBP2pkxTQwmT24hSwNDAmrvY08hBIrBW1vihGVatCB2%2F1O9hGTn3%2FTST3MXsYY7dCxazQKoulvUcE%2By38cNqtolZvwuAi5X8RHB4%2FakIui0YGytjuVypQn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881bd7435cf556cc-OSL
alt-svc: h3=":443"; ma=86400
affiliate-api.income.partners/?project=alphabook&refcode=partner%3Dp55317p55622p2ac1%26subid%3Dwk37rut9fionlq6130c2as5q
172.67.219.99 2 B URL affiliate-api.income.partners/?project=alphabook&refcode=partner%3Dp55317p55622p2ac1%26subid%3Dwk37rut9fionlq6130c2as5q
IP 172.67.219.99:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
GET /?project=alphabook&refcode=partner%3Dp55317p55622p2ac1%26subid%3Dwk37rut9fionlq6130c2as5q HTTP/1.1
Host: affiliate-api.income.partners
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 18:02:33 GMT
content-type: text/plain; charset=utf-8
content-length: 2
x-powered-by: Express
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3IDKmGCjaXIrezS0%2Fzxar2WZbg0gDemNVp5qcSwBa97kcU3XsrT6ATE0DTJsOm0uvdEKX0Eo%2BAYkEX%2FLmkRXKMS9opF3W997E0fvINjScb6AgO2U012FzcQC8Vpgnyj0UUrwPcdfOjrOMct%2BPlH60Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881bd7423ac75690-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
alphabookbet.com/assets/public/images/footer-social/telegram.png
104.21.11.147 35 kB URL alphabookbet.com/assets/public/images/footer-social/telegram.png
IP 104.21.11.147:0
Certificate IssuerGoogle Trust Services LLC
Subjectalphabookbet.com
Fingerprint24:32:C4:83:7D:C1:33:4D:0D:18:31:71:12:62:C6:5F:4E:76:A2:88
ValidityTue, 16 Apr 2024 09:14:41 GMT - Mon, 15 Jul 2024 09:14:40 GMT
File type gzip compressed data, from Unix
Hash 7e0a051af5516c471ecde511a1faf3bb
7dc5e0ed67f7de114bfadfe5269527cd24b7955c
127e83d1a33f8e67034e24db0911e957496de5f38c92ff168b181d315db1f505
GET /assets/public/images/footer-social/telegram.png HTTP/1.1
Host: alphabookbet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=wk37rut9fionlq6130c2as5q
Cookie: locale=en; deviceType=desktop; isPwa=false; userTrackingCodes=%7B%22btag%22%3A%22p55317p55622p2ac1%26subid%3Dwk37rut9fionlq6130c2as5q%22%7D; connect.sid=s%3ALc7vrHV6R_VUkuZmWtVOckkiUgqyeF_-.CsviaG0DRQbkoCTtfr4FB%2BdAReqFqD9MLCirPZRpwj0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 18:02:31 GMT
content-type: image/png
last-modified: Thu, 02 May 2024 08:08:51 GMT
etag: W/"66334a13-2f9"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 4934
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sSFO2GAhGd%2FZ1nI%2FhBYVB54UDn9ld534w5V8SP2De7UpaGiRixcNCbKDarzx0ppDhnseRv6iNhuqW3rkgg5hx%2F969f2tQKow47ohZS5ezjltW8lJ0tP5QUGoix7HnjTgzmUZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881bd739890656cc-OSL
alt-svc: h3=":443"; ma=86400
cdnstatic.check-tl-ver-154-2.com/ps/tb?id=4l9EZwXc2kSH_LKKjogwWA&sm=space-robot&sub_id=20608058&click_id=81134us1617h9ktff6&nrid=3e1f433f45cf02203bc4c5844edaf241&reason=tb_exit&attempt=3
104.21.37.155 260 kB URL cdnstatic.check-tl-ver-154-2.com/ps/tb?id=4l9EZwXc2kSH_LKKjogwWA&sm=space-robot&sub_id=20608058&click_id=81134us1617h9ktff6&nrid=3e1f433f45cf02203bc4c5844edaf241&reason=tb_exit&attempt=3
IP 104.21.37.155:0
File type HTML document, ASCII text, with CRLF line terminators
Size 260 kB (259855 bytes)
Hash ad99043e8917f5f994ab97c303a89f3d
eb5b0e0541c8cba0064ceae978e4ab77d16224cb
79dd6d05dd3f77f42d90d78e05d5e57ebb118bada7e9a2e68462337ef4148e89
GET /ps/tb?id=4l9EZwXc2kSH_LKKjogwWA&sm=space-robot&sub_id=20608058&click_id=81134us1617h9ktff6&nrid=3e1f433f45cf02203bc4c5844edaf241&reason=tb_exit&attempt=3 HTTP/1.1
Host: cdnstatic.check-tl-ver-154-2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tb.check-tl-ver-154-2.com/
Cookie: __psu=253814d6-9a12-430f-b5c9-a63d842e714f
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 18:02:25 GMT
content-type: text/html
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FcRNlDlYzE%2BSoGdZI1c9cnd2nLAijFH%2FcjlpTKFk3k5AT2PZIiyY0OcNOyxSao3NbYZS%2BQVrvkmbfsge2PoxVD5%2BiNaf2DPRbps%2FwqCDmJRylTcVmLh68LgoyGM2OBp21372hn3MVmUZ9LRoq7dXrrgeaA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881bd7176a7e5695-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
alphabook-static.ams3.cdn.digitaloceanspaces.com/images/games/BigBassBonanzaTH_47082f3cb6afb707.jpg
172.64.145.29 24 kB URL alphabook-static.ams3.cdn.digitaloceanspaces.com/images/games/BigBassBonanzaTH_47082f3cb6afb707.jpg
IP 172.64.145.29:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 360x260, components 3
Hash ac7fa2668fd42c49e6fd54455d86a7a8
f6e0454c64da78d24c108989623607ce7f5a8d1e
6eb6e3a7e71b4f4c5b1959b98844c8cbb17b7d5f961f6c9aa05d77ef26f26536
GET /images/games/BigBassBonanzaTH_47082f3cb6afb707.jpg HTTP/1.1
Host: alphabook-static.ams3.cdn.digitaloceanspaces.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 18:02:35 GMT
content-type: image/jpeg
content-length: 24418
cache-control: max-age=3600
cf-bgj: h2pri
etag: "ac7fa2668fd42c49e6fd54455d86a7a8"
last-modified: Wed, 12 Apr 2023 10:57:27 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-meta-mtime: 1680084860
x-amz-request-id: tx00000dbe7483a6ad44276-0065dd152a-471ab797-ams3c
x-do-cdn-uuid: 13675b4a-88fe-453f-b127-1cc8b20ab375
x-envoy-upstream-healthchecked-cluster:
x-rgw-object-type: Normal
cf-cache-status: HIT
age: 3540
accept-ranges: bytes
set-cookie: __cf_bm=hOUrAk.cHdW5VWFPr1Bh_Ut7F2Rgwt4hOgOeY1z9I0c-1715364155-1.0.1.1-wMG5e97dorFbuAxLXoXSwErwJbhJvGsZzW42FEdbrL7YG8xltxbe2TKMiKWF9q5JCJHn2Kwm4nXwFEllsbufdw; path=/; expires=Fri, 10-May-24 18:32:35 GMT; domain=.digitaloceanspaces.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 881bd755fbd6569a-OSL
X-Firefox-Spdy: h2
ta.check-tl-ver-154-2.com/space-robot/?pl=4l9EZwXc2kSH_LKKjogwWA&sm=space-robot&click_id=81134us1617h9ktff6&sub_id=20608058&nrid=3e809b999996466f91b0103080b9fe81&hash=GFXzvtFtoyVqUE0ZMpM7pQ&exp=1715364444
104.21.37.155 38 kB URL ta.check-tl-ver-154-2.com/space-robot/?pl=4l9EZwXc2kSH_LKKjogwWA&sm=space-robot&click_id=81134us1617h9ktff6&sub_id=20608058&nrid=3e809b999996466f91b0103080b9fe81&hash=GFXzvtFtoyVqUE0ZMpM7pQ&exp=1715364444
IP 104.21.37.155:0
File type HTML document, Unicode text, UTF-8 text, with very long lines (474)
Hash 01041709ecf6a3f0b549820730593c03
55775e4279d24a34f601bf8180d9f280b8131e0d
51907b3319c05ec1c1a7466f4017f4dcc7b6dc59a29ed962bfd36572f223bb51
GET /space-robot/?pl=4l9EZwXc2kSH_LKKjogwWA&sm=space-robot&click_id=81134us1617h9ktff6&sub_id=20608058&nrid=3e809b999996466f91b0103080b9fe81&hash=GFXzvtFtoyVqUE0ZMpM7pQ&exp=1715364444 HTTP/1.1
Host: ta.check-tl-ver-154-2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rqqlj.check-tl-ver-154-2.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 18:02:25 GMT
content-type: text/html
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6Q5aAOBCBqAwU7GikX9wVGi4NJSzjLb8D4K3x9VneJHFA9QqiPTkqTg%2FHn4scoNlCgqR%2BnHTO25yJKnuIBdd8Y2xTDEd5MTktJgH7YzpDLjq946RRtbcVpCclw3D1U9QRlOcFb1txNZ4623g"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881bd7129b9f5695-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=wk37rut9fionlq6130c2as5q
104.21.11.147 1.2 MB URL alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=wk37rut9fionlq6130c2as5q
IP 104.21.11.147:0
Certificate IssuerGoogle Trust Services LLC
Subjectalphabookbet.com
Fingerprint24:32:C4:83:7D:C1:33:4D:0D:18:31:71:12:62:C6:5F:4E:76:A2:88
ValidityTue, 16 Apr 2024 09:14:41 GMT - Mon, 15 Jul 2024 09:14:40 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (28031)
Size 1.2 MB (1239442 bytes)
Hash f257277c915e6af215d785979710eb5b
2a4409ac1ffae85de7faa4691658efc48f19dd75
98a70f9c38025a074d9842babb996b197d0db1fec63a47a74ab7494202a9d4e3
GET /en/games?partner=p55317p55622p2ac1&subid=wk37rut9fionlq6130c2as5q HTTP/1.1
Host: alphabookbet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 18:02:30 GMT
content-type: text/html
content-security-policy: frame-ancestors 'self' alphabookbet101.com alphabookbet.com
set-cookie: locale=en; Max-Age=31536000; Domain=.alphabookbet.com; Path=/; Expires=Sat, 10 May 2025 18:02:29 GMT
deviceType=desktop; Max-Age=2592000; Domain=.alphabookbet.com; Path=/; Expires=Sun, 09 Jun 2024 18:02:29 GMT
isPwa=false; Max-Age=2592000; Domain=.alphabookbet.com; Path=/; Expires=Sun, 09 Jun 2024 18:02:29 GMT
userTrackingCodes=%7B%22btag%22%3A%22p55317p55622p2ac1%26subid%3Dwk37rut9fionlq6130c2as5q%22%7D; Max-Age=2592000; Domain=.alphabookbet.com; Path=/; Expires=Sun, 09 Jun 2024 18:02:29 GMT
connect.sid=s%3ALc7vrHV6R_VUkuZmWtVOckkiUgqyeF_-.CsviaG0DRQbkoCTtfr4FB%2BdAReqFqD9MLCirPZRpwj0; Path=/; Expires=Fri, 10 May 2024 18:03:30 GMT; HttpOnly
x-pool-number: 2
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bv5dBzr11xFMB2WWpQQeg%2Fd7OeAkAmgHjZtOXqF%2B0Ik8dbQ1mT6EiVyA9bxo4%2FI4DpFNzTceWofWh67Hyc1YpmYWQoDM8kVHYTMlzLaVQeV7TxJ26t0AlaxpXPA0LY0yXxNa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881bd7302e5bb4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
game2.betgames.tv/design/client/js/betgames.js
104.22.8.110 8.1 kB URL game2.betgames.tv/design/client/js/betgames.js
IP 104.22.8.110:0
File type gzip compressed data, from Unix
Hash 5b2dd16acf06e3cf9091256ab4ce0f90
726414e456295bc7d74ccc073f06ec0068e661fd
6263bcb497d00c1d77ccd189dfec961cd3086cab23f08e1fddde236b062beac6
GET /design/client/js/betgames.js HTTP/1.1
Host: game2.betgames.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 18:02:31 GMT
content-type: application/javascript
last-modified: Thu, 09 May 2024 08:49:48 GMT
vary: Accept-Encoding
etag: W/"663c8e2c-59c9"
expires: Fri, 10 May 2024 18:02:30 GMT
cache-control: no-cache
content-encoding: gzip
x-ttl: 0.000
x-cache: M
cf-cache-status: REVALIDATED
strict-transport-security: max-age=0; includeSubDomains
server: cloudflare
cf-ray: 881bd739cf9756c9-OSL
X-Firefox-Spdy: h2
cdnstatic.check-tl-ver-154-2.com/ps/config.js?id=4l9EZwXc2kSH_LKKjogwWA
104.21.37.155 205 kB URL cdnstatic.check-tl-ver-154-2.com/ps/config.js?id=4l9EZwXc2kSH_LKKjogwWA
IP 104.21.37.155:0
File type JavaScript source, ASCII text, with very long lines (632), with CRLF, LF line terminators
Size 205 kB (204949 bytes)
Hash 949434405b33d99ad8a26af5caf9efb3
879ccc6ae65db224d9d71061e234e5053b51c273
0cc5975709f715847c789af7d9f704475685bcc203c6171832615bb286d17bf5
GET /ps/config.js?id=4l9EZwXc2kSH_LKKjogwWA HTTP/1.1
Host: cdnstatic.check-tl-ver-154-2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ta.check-tl-ver-154-2.com/
Cookie: __psu=253814d6-9a12-430f-b5c9-a63d842e714f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 18:02:25 GMT
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-encoding: gzip
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nnZZu%2F1MvXjqUYbvByPZPs6vW007fAvsRmcXllYW9XPvXs%2Bc8u9lB5pvPaBpG7gdnZKoYNMDBy7svRObqTCZf1QyM4TzbXUMVoNx2%2Fc3i%2F3SiZbPRk5yc4FlMGTUpj6e1dYIWDYrc8thBKYtHZoqAm7ptw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881bd713cd6b5695-OSL
alt-svc: h3=":443"; ma=86400
alphabook-static.ams3.digitaloceanspaces.com/images/banners-new/image13def9c9f44ccf72.webp
5.101.110.225 52 kB URL alphabook-static.ams3.digitaloceanspaces.com/images/banners-new/image13def9c9f44ccf72.webp
IP 5.101.110.225:0
ASN #14061 DIGITALOCEAN-ASN
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1361x432, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 214b5a2846419b7d863ca3e2546b7796
3e67ae9015cce3047a679036e9f69bba7f86208f
2017341cc24303f402410181495393b93c53a243f517612e415ebcf3957520f8
GET /images/banners-new/image13def9c9f44ccf72.webp HTTP/1.1
Host: alphabook-static.ams3.digitaloceanspaces.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 51760
accept-ranges: bytes
last-modified: Tue, 16 Apr 2024 11:52:48 GMT
x-rgw-object-type: Normal
etag: "214b5a2846419b7d863ca3e2546b7796"
x-amz-request-id: tx000001dda279943535f24-00663e613e-5b3f74c5-ams3c
content-type: image/jpeg
date: Fri, 10 May 2024 18:02:38 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-envoy-upstream-healthchecked-cluster:
X-Firefox-Spdy: h2
alphabook-static.ams3.digitaloceanspaces.com/images/banners-new/image3f622c1597d5999f.webp
5.101.110.225 49 kB URL alphabook-static.ams3.digitaloceanspaces.com/images/banners-new/image3f622c1597d5999f.webp
IP 5.101.110.225:0
ASN #14061 DIGITALOCEAN-ASN
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1361x432, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 43bead5a5ce5501ce839887946adc97d
03d0c02fe96a549fff9668355e1341cf76af6aa8
dc5d412668c452d520eca7e09e0fcdbf25ea4dc68cc64aa1b1fcd158658cb49d
GET /images/banners-new/image3f622c1597d5999f.webp HTTP/1.1
Host: alphabook-static.ams3.digitaloceanspaces.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 49352
accept-ranges: bytes
last-modified: Tue, 16 Apr 2024 10:14:39 GMT
x-rgw-object-type: Normal
etag: "43bead5a5ce5501ce839887946adc97d"
x-amz-request-id: tx000006a8c40c211afb39c-00663e613e-5b3b08a0-ams3c
content-type: image/jpeg
date: Fri, 10 May 2024 18:02:38 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-envoy-upstream-healthchecked-cluster:
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/styles__ltr.css
142.250.74.99 25 kB URL www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/styles__ltr.css
IP 142.250.74.99:0
File type ASCII text, with very long lines (56412), with no line terminators
Hash 2c00b9f417b688224937053cd0c284a5
17b4c18ebc129055dd25f214c3f11e03e9df2d82
1e754b107428162c65a26d399b66db3daaea09616bf8620d9de4bc689ce48eed
GET /recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24617
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 May 2024 17:09:08 GMT
expires: Tue, 06 May 2025 17:09:08 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 05 May 2024 20:00:16 GMT
content-type: text/css
vary: Accept-Encoding
age: 348810
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__en.js
142.250.74.99200 OK 204 kB URL GET HTTP/2 www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__en.js
IP 142.250.74.99:443
Requested by https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=wk37rut9fionlq6130c2as5q
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File type JavaScript source, ASCII text, with very long lines (632)
Size 204 kB (204445 bytes)
Hash add520996e437bff5d081315da187fbf
2e489fe16f3712bf36df00b03a8a5af8fa8d4b42
922b951591d52d44aa7015ebc95cab08192aa435b64f9016673ac5da1124a8b4
GET /recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 204445
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 May 2024 16:27:37 GMT
expires: Tue, 06 May 2025 16:27:37 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 05 May 2024 20:00:16 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 351301
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 15 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:443
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldhc0AlAAAAAJUY_BS5coGTzfWcigG8Ffq24P4i&co=aHR0cHM6Ly9hbHBoYWJvb2tiZXQuY29tOjQ0Mw..&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=invisible&cb=rkcbyomlyfk
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 10 May 2024 16:31:04 GMT
expires: Sat, 10 May 2025 16:31:04 GMT
cache-control: public, max-age=31536000
age: 5495
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227 16 kB URL fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 01:50:52 GMT
expires: Fri, 09 May 2025 01:50:52 GMT
cache-control: public, max-age=31536000
age: 144707
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
rqqlj.check-tl-ver-154-2.com/space-robot/assets/style.css?v=4
104.21.37.155 206 kB URL rqqlj.check-tl-ver-154-2.com/space-robot/assets/style.css?v=4
IP 104.21.37.155:0
File type JavaScript source, ASCII text, with very long lines (6532), with CRLF, LF line terminators
Size 206 kB (206323 bytes)
Hash 6a97262c01a1b23a3be3b0c37af21edc
aada1abfee44a364ce060a4e60e60703a4c6abce
1a161440036263dee2efae28f2d181290efc3567aa717df270e8f2d3738fa375
GET /space-robot/assets/style.css?v=4 HTTP/1.1
Host: rqqlj.check-tl-ver-154-2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rqqlj.check-tl-ver-154-2.com/space-robot/?pl=4l9EZwXc2kSH_LKKjogwWA&sm=space-robot&click_id=81134us1617h9ktff6&sub_id=20608058&nrid=3e809b999996466f91b0103080b9fe81&hash=GFXzvtFtoyVqUE0ZMpM7pQ&exp=1715364444
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 18:02:24 GMT
content-type: text/css
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: W/"6627c958-1986"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=78zKWVhGwSXr9WX1ciWO6L6dgpbNGs82msrJp9CH5iUhbCLR0BOgRP4Sot3x6P7%2BiopfRiKXkXlq6Lnh3%2BX%2Bd%2BL1hIwBsWKwUBO4S6Z5p3f3A91VDtpXgJv%2BjqDWkNznzCmDyvVtI00JgrUQPwxa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881bd70fa85a5695-OSL
alt-svc: h3=":443"; ma=86400
www.gstatic.com/recaptcha/api2/logo_48.png
142.250.74.99 2.2 kB URL www.gstatic.com/recaptcha/api2/logo_48.png
IP 142.250.74.99:0
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
Hash ef9941290c50cd3866e2ba6b793f010d
4736508c795667dcea21f8d864233031223b7832
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 10 May 2024 00:37:29 GMT
expires: Fri, 17 May 2024 00:37:29 GMT
cache-control: public, max-age=604800
age: 62710
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
rqqlj.check-tl-ver-154-2.com/space-robot/assets/main.js?v=3
104.21.37.155 22 kB URL rqqlj.check-tl-ver-154-2.com/space-robot/assets/main.js?v=3
IP 104.21.37.155:0
File type JavaScript source, ASCII text, with very long lines (2745)
Hash 01c51ed0a287b5ddf6793778cfa3a72c
ebd2613cd806b8e080f556b0d254c0f7a6c738a9
4c0224d810d4f0ac617ddd4ab215e0084aeec230d8944780a129c0046de2dad5
GET /space-robot/assets/main.js?v=3 HTTP/1.1
Host: rqqlj.check-tl-ver-154-2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rqqlj.check-tl-ver-154-2.com/space-robot/?pl=4l9EZwXc2kSH_LKKjogwWA&sm=space-robot&click_id=81134us1617h9ktff6&sub_id=20608058&nrid=3e809b999996466f91b0103080b9fe81&hash=GFXzvtFtoyVqUE0ZMpM7pQ&exp=1715364444
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 18:02:24 GMT
content-type: application/javascript
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: W/"6627c958-1255"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ucqh5URgubAlQtgZUvUEoFo3D0fXtN24RQW9SpEQWpxAWIlnYX6hgEB4BAgq84E11HhOKHds6mWwxCAQysXB1E%2BP%2BGe9Wtfmb9vEmzGVadgnGdJfYl%2BeFRI6%2BtqK%2FNBe24Cg3cjK70jwK9u%2FxCvo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881bd70fa8665695-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
alphabookbet.com/assets/14.eaec9aaa818168eb55ed.css
104.21.11.147 40 kB URL alphabookbet.com/assets/14.eaec9aaa818168eb55ed.css
IP 104.21.11.147:0
Certificate IssuerGoogle Trust Services LLC
Subjectalphabookbet.com
Fingerprint24:32:C4:83:7D:C1:33:4D:0D:18:31:71:12:62:C6:5F:4E:76:A2:88
ValidityTue, 16 Apr 2024 09:14:41 GMT - Mon, 15 Jul 2024 09:14:40 GMT
File type gzip compressed data, from Unix
Hash 38d90f0dfdf8a95d751117f686cefb5c
43d9506971df62bbedcf62b17662b8246af7389c
a00adadc6581e08ccde07d22a5a7b37c73323b89474375f61c2faaa164681e8e
GET /assets/14.eaec9aaa818168eb55ed.css HTTP/1.1
Host: alphabookbet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=wk37rut9fionlq6130c2as5q
Cookie: locale=en; deviceType=desktop; isPwa=false; userTrackingCodes=%7B%22btag%22%3A%22p55317p55622p2ac1%26subid%3Dwk37rut9fionlq6130c2as5q%22%7D; connect.sid=s%3ALc7vrHV6R_VUkuZmWtVOckkiUgqyeF_-.CsviaG0DRQbkoCTtfr4FB%2BdAReqFqD9MLCirPZRpwj0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 18:02:31 GMT
content-type: text/css
last-modified: Thu, 02 May 2024 08:08:51 GMT
etag: W/"66334a13-920b"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 4946
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MSeOoXLoVFOeyMs5dtZtOGl2dKuz70Brq%2FVNobOBgDIH3EyhIj9sVz4b6NNd5plwEopX6Abh8nqinuVccmnXwcQg32rLCj38HEvc%2B8fLgOoYdjPdkyrymgcJ2HSO%2F93xXO67"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881bd73968e056cc-OSL
alt-svc: h3=":443"; ma=86400
code.gist.build/web/latest/gist.min.js
104.26.11.146 143 B URL code.gist.build/web/latest/gist.min.js
IP 104.26.11.146:0
File type HTML document, ASCII text, with CRLF line terminators
Hash cb7b8f439b04c00f4a2d78160ddfee8d
9aa44b5d68f6359f10de0dcd24ea3e12548d9bd4
12755429beb15d5eb57eafa45b8dba326343dd099bf0552038694c3856e8860e
GET /web/latest/gist.min.js HTTP/1.1
Host: code.gist.build
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Fri, 10 May 2024 18:02:39 GMT
content-type: text/html
content-length: 143
location: https://code.gist.build/web/3.10.2/gist.min.js
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vkL1QHyShx42LmdYnzq1rba2ppxF5H0PXElWUaDrjw1d2Zyq9Bd%2Fo%2FewKNfxfUqYj6P2eUXRgTPtskm3udnF6uNd%2BV5DLiR%2BOYx2%2Fneh%2F76j07yKPSW0up%2Bd76hlPDYudg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881bd76c487f5685-OSL
X-Firefox-Spdy: h2
code.gist.build/web/3.10.2/gist.min.js
104.26.11.146 15 kB URL code.gist.build/web/3.10.2/gist.min.js
IP 104.26.11.146:0
File type JavaScript source, ASCII text, with very long lines (42607), with no line terminators
Hash ff7b540040c15a491538b382d0df7309
84d75dea5528bd3041d63588137e8c7c076d9bde
9339332eb85f421ff0b2166e4935ebbcfe0da932aff4685ee85735dddc192cb6
GET /web/3.10.2/gist.min.js HTTP/1.1
Host: code.gist.build
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alphabookbet.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 10 May 2024 18:02:39 GMT
content-type: application/javascript
last-modified: Wed, 08 May 2024 10:38:06 GMT
x-rgw-object-type: Normal
etag: W/"ff7b540040c15a491538b382d0df7309"
x-amz-request-id: tx000004099933fc2bf57b6-00663b56c4-445f9411-ams3b
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: 03b5fb56-b915-4b88-b380-33c921f54627
cache-control: max-age=14400
x-envoy-upstream-healthchecked-cluster:
cf-cache-status: HIT
age: 49
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ddu5XyxTCBPt%2BUmvSubAFa6HigIJi3E%2B81B7t49ufk3bEAVhO6lbIHlZxTYsHj2seUN2T10T1XCiJKFuy4alyHDulcpCsM8%2Fvn2dSw8YirSY8YBYGDZlR5wth2Y3iqhwew%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881bd76c68985685-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.google.com/recaptcha/api2/webworker.js?hl=en&v=vjbW55W42X033PfTdVf6Ft4q
216.58.211.4200 OK 147 B URL GET HTTP/3 www.google.com/recaptcha/api2/webworker.js?hl=en&v=vjbW55W42X033PfTdVf6Ft4q
IP 216.58.211.4:443
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldhc0AlAAAAAJUY_BS5coGTzfWcigG8Ffq24P4i&co=aHR0cHM6Ly9hbHBoYWJvb2tiZXQuY29tOjQ0Mw..&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=invisible&cb=rkcbyomlyfk
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0
ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
Hash 77958ffbec976eba0c325f34a30bfcd6
4d194a02313dba39a93e289cf78b937bfdab808b
9e6eeff9c9a7d435d16a9ac65436dfbd1a56731e06d42a63f24fd10b27ae42b2
GET /recaptcha/api2/webworker.js?hl=en&v=vjbW55W42X033PfTdVf6Ft4q HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldhc0AlAAAAAJUY_BS5coGTzfWcigG8Ffq24P4i&co=aHR0cHM6Ly9hbHBoYWJvb2tiZXQuY29tOjQ0Mw..&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=invisible&cb=rkcbyomlyfk
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/javascript; charset=utf-8
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Fri, 10 May 2024 18:02:39 GMT
date: Fri, 10 May 2024 18:02:39 GMT
cache-control: private, max-age=300
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
gzeao.check-tl-ver-54-1.com/allow-button/?pl=dR1J35fCDkibR45g1XXjgg&sm=allow-button&click_id=a3ceaus1617q5tw7cf&sub_id=23070551&nrid=cfd89700f2f7455dac5d2f32dcad0cd6&hash=528WzTeD4JI5z3dqeJVa6A&exp=1715364447
188.114.97.1 8.6 kB URL gzeao.check-tl-ver-54-1.com/allow-button/?pl=dR1J35fCDkibR45g1XXjgg&sm=allow-button&click_id=a3ceaus1617q5tw7cf&sub_id=23070551&nrid=cfd89700f2f7455dac5d2f32dcad0cd6&hash=528WzTeD4JI5z3dqeJVa6A&exp=1715364447
IP 188.114.97.1:0
File type HTML document, ASCII text, with very long lines (10169)
Hash 80f93dbb557a8864dc665d0ce557af58
963f36ccd9c2e63967ea3a66d051a8b4b7e08ab6
ee4d53ba73ffa074d944eae12df6386888e842ce4ca82d0ca6d6779256257f3b
GET /allow-button/?pl=dR1J35fCDkibR45g1XXjgg&sm=allow-button&click_id=a3ceaus1617q5tw7cf&sub_id=23070551&nrid=cfd89700f2f7455dac5d2f32dcad0cd6&hash=528WzTeD4JI5z3dqeJVa6A&exp=1715364447 HTTP/1.1
Host: gzeao.check-tl-ver-54-1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.highcpmgate.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 18:02:27 GMT
content-type: text/html
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eV1jFO34F0nUyTxz%2FVLYL4FXLKxQ8bBja5CMbjXrQ1gxkPF8ywQeo6iQaAyi%2FIUsgK7UFfFirZbmIJkYp3XEbHsj3WtrhrSxPLJLIAs5xHsnnHENgJU8KC98jQwhIOBjGlUy4kJhFH1y2huzVoE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881bd7234a1e0b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ams3.digitaloceanspaces.com/alphabook-static/images/banners-new/imageedeab98b4c5167931712750452711.webp
5.101.110.225 48 kB URL ams3.digitaloceanspaces.com/alphabook-static/images/banners-new/imageedeab98b4c5167931712750452711.webp
IP 5.101.110.225:0
ASN #14061 DIGITALOCEAN-ASN
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1361x432, Scaling: [none]x[none], YUV color, decoders should clamp
Hash a7f3da3d0638e5633e88c090acb34a4e
b86db59106f8bc2c15f2a5933092370a547f2dc1
34e0fe8f84217013b042613a8688890e282523dbb39b8803e27ecbd71c897c24
GET /alphabook-static/images/banners-new/imageedeab98b4c5167931712750452711.webp HTTP/1.1
Host: ams3.digitaloceanspaces.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 48548
accept-ranges: bytes
last-modified: Wed, 10 Apr 2024 12:00:52 GMT
x-rgw-object-type: Normal
etag: "a7f3da3d0638e5633e88c090acb34a4e"
x-amz-request-id: tx0000025d584ccb2adb2b7-00663e6140-5b314d75-ams3c
content-type: image/jpeg
date: Fri, 10 May 2024 18:02:40 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-envoy-upstream-healthchecked-cluster:
X-Firefox-Spdy: h2
alphabook-static.ams3.digitaloceanspaces.com/images/banners-new/image59aa9795f9bba97f.webp
5.101.110.225200 OK 26 kB URL GET HTTP/2 alphabook-static.ams3.digitaloceanspaces.com/images/banners-new/image59aa9795f9bba97f.webp
IP 5.101.110.225:443
ASN #14061 DIGITALOCEAN-ASN
Requested by https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=wk37rut9fionlq6130c2as5q
Certificate IssuerDigiCert Inc
Subject*.ams3.digitaloceanspaces.com
Fingerprint74:0E:28:77:1B:40:9C:2E:63:02:BE:C3:BA:F6:2F:5F:42:1D:49:A0
ValidityMon, 27 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1361x432, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 7f5da4504be74ff79c2a5c9564e1f8ac
abeffd5965c1c7919e93d62ac708699413f70892
f84bb8dcab5e11b1438f8237aa81f4f19aeb60e5ac0e0189c206091284ba93be
GET /images/banners-new/image59aa9795f9bba97f.webp HTTP/1.1
Host: alphabook-static.ams3.digitaloceanspaces.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 25752
accept-ranges: bytes
last-modified: Wed, 17 Apr 2024 11:16:45 GMT
x-rgw-object-type: Normal
etag: "7f5da4504be74ff79c2a5c9564e1f8ac"
x-amz-request-id: tx000008b1be5cffcac385b-00663e6141-5b3b08a0-ams3c
content-type: image/jpeg
date: Fri, 10 May 2024 18:02:41 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-envoy-upstream-healthchecked-cluster:
X-Firefox-Spdy: h2
alphabook-static.ams3.digitaloceanspaces.com/images/banners-new/imagedf8cf60db7ee75bd.webp
5.101.110.225200 OK 27 kB URL GET HTTP/2 alphabook-static.ams3.digitaloceanspaces.com/images/banners-new/imagedf8cf60db7ee75bd.webp
IP 5.101.110.225:443
ASN #14061 DIGITALOCEAN-ASN
Requested by https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=wk37rut9fionlq6130c2as5q
Certificate IssuerDigiCert Inc
Subject*.ams3.digitaloceanspaces.com
Fingerprint74:0E:28:77:1B:40:9C:2E:63:02:BE:C3:BA:F6:2F:5F:42:1D:49:A0
ValidityMon, 27 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1361x432, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 81ebbb68f05575efd73b834d409dc973
5d6ffab9d3db86e68c2a330186e3959f410b6312
d91f0bee20240ef2a913692d714554570da58a712d67306b6a0130db5ab0e9c6
GET /images/banners-new/imagedf8cf60db7ee75bd.webp HTTP/1.1
Host: alphabook-static.ams3.digitaloceanspaces.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 27128
accept-ranges: bytes
last-modified: Mon, 22 Apr 2024 12:36:25 GMT
x-rgw-object-type: Normal
etag: "81ebbb68f05575efd73b834d409dc973"
x-amz-request-id: tx000007532da9d66938a7c-00663e6142-5b42f85f-ams3c
content-type: image/jpeg
date: Fri, 10 May 2024 18:02:42 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-envoy-upstream-healthchecked-cluster:
X-Firefox-Spdy: h2
alphabook-static.ams3.digitaloceanspaces.com/images/banners-new/image3bbdca9e6787d7c0.webp
5.101.110.225 25 kB URL alphabook-static.ams3.digitaloceanspaces.com/images/banners-new/image3bbdca9e6787d7c0.webp
IP 5.101.110.225:0
ASN #14061 DIGITALOCEAN-ASN
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1361x432, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 2b6d780095dd4d809bb4c73d388ef69a
de7506238cbb41996b1230abdf4483055711ca6c
f022fb611c589916c2756b9776395909cc24a0ad5cfc45636f4a5614074bb87f
GET /images/banners-new/image3bbdca9e6787d7c0.webp HTTP/1.1
Host: alphabook-static.ams3.digitaloceanspaces.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 24812
accept-ranges: bytes
last-modified: Tue, 16 Apr 2024 10:37:51 GMT
x-rgw-object-type: Normal
etag: "2b6d780095dd4d809bb4c73d388ef69a"
x-amz-request-id: tx00000b212e46da45cd3ff-00663e6143-5b314d5c-ams3c
content-type: image/jpeg
date: Fri, 10 May 2024 18:02:43 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-envoy-upstream-healthchecked-cluster:
X-Firefox-Spdy: h2
alphabook-static.ams3.digitaloceanspaces.com/images/banners-new/image744df30b9195e18a.webp
5.101.110.225200 OK 32 kB URL GET HTTP/2 alphabook-static.ams3.digitaloceanspaces.com/images/banners-new/image744df30b9195e18a.webp
IP 5.101.110.225:443
ASN #14061 DIGITALOCEAN-ASN
Requested by https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=wk37rut9fionlq6130c2as5q
Certificate IssuerDigiCert Inc
Subject*.ams3.digitaloceanspaces.com
Fingerprint74:0E:28:77:1B:40:9C:2E:63:02:BE:C3:BA:F6:2F:5F:42:1D:49:A0
ValidityMon, 27 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1361x420, Scaling: [none]x[none], YUV color, decoders should clamp
Hash cf01d60bb8cbd57180e16004c707293a
1f13284d0f2a32a9a618b4f8fae247faffbb679a
9568e9100fff3f860cefdfb90e76303b10d832ed5bcf7b3b82335bda7fa14bf1
GET /images/banners-new/image744df30b9195e18a.webp HTTP/1.1
Host: alphabook-static.ams3.digitaloceanspaces.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 32508
accept-ranges: bytes
last-modified: Tue, 23 Apr 2024 08:55:51 GMT
x-rgw-object-type: Normal
etag: "cf01d60bb8cbd57180e16004c707293a"
x-amz-request-id: tx000005ae2fcfe6d14c0e3-00663e6144-5b3b08b4-ams3c
content-type: image/jpeg
date: Fri, 10 May 2024 18:02:44 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-envoy-upstream-healthchecked-cluster:
X-Firefox-Spdy: h2
renderer.gist.build/2.0/index.html?options=eyJlbmRwb2ludCI6Imh0dHBzOi8vZW5naW5lLmFwaS5naXN0LmJ1aWxkIiwic2l0ZUlkIjoiNTE0NTQ5NWYxYmE4ZWM1ZTNhNzciLCJkYXRhQ2VudGVyIjoidXMiLCJtZXNzYWdlSWQiOiIiLCJpbnN0YW5jZUlkIjoiZWFhN2E0ZGItYzllOC00NjQ3LWIzZWUtZDViOTc2NTUxMGM5IiwibGl2ZVByZXZpZXciOmZhbHNlfQ%3D%3D
172.67.69.25 143 B URL renderer.gist.build/2.0/index.html?options=eyJlbmRwb2ludCI6Imh0dHBzOi8vZW5naW5lLmFwaS5naXN0LmJ1aWxkIiwic2l0ZUlkIjoiNTE0NTQ5NWYxYmE4ZWM1ZTNhNzciLCJkYXRhQ2VudGVyIjoidXMiLCJtZXNzYWdlSWQiOiIiLCJpbnN0YW5jZUlkIjoiZWFhN2E0ZGItYzllOC00NjQ3LWIzZWUtZDViOTc2NTUxMGM5IiwibGl2ZVByZXZpZXciOmZhbHNlfQ%3D%3D
IP 172.67.69.25:0
File type HTML document, ASCII text, with CRLF line terminators
Hash cb7b8f439b04c00f4a2d78160ddfee8d
9aa44b5d68f6359f10de0dcd24ea3e12548d9bd4
12755429beb15d5eb57eafa45b8dba326343dd099bf0552038694c3856e8860e
GET /2.0/index.html?options=eyJlbmRwb2ludCI6Imh0dHBzOi8vZW5naW5lLmFwaS5naXN0LmJ1aWxkIiwic2l0ZUlkIjoiNTE0NTQ5NWYxYmE4ZWM1ZTNhNzciLCJkYXRhQ2VudGVyIjoidXMiLCJtZXNzYWdlSWQiOiIiLCJpbnN0YW5jZUlkIjoiZWFhN2E0ZGItYzllOC00NjQ3LWIzZWUtZDViOTc2NTUxMGM5IiwibGl2ZVByZXZpZXciOmZhbHNlfQ%3D%3D HTTP/1.1
Host: renderer.gist.build
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Fri, 10 May 2024 18:02:44 GMT
content-type: text/html
content-length: 143
location: https://code.gist.build/renderer/0.2.17/index.html?options=eyJlbmRwb2ludCI6Imh0dHBzOi8vZW5naW5lLmFwaS5naXN0LmJ1aWxkIiwic2l0ZUlkIjoiNTE0NTQ5NWYxYmE4ZWM1ZTNhNzciLCJkYXRhQ2VudGVyIjoidXMiLCJtZXNzYWdlSWQiOiIiLCJpbnN0YW5jZUlkIjoiZWFhN2E0ZGItYzllOC00NjQ3LWIzZWUtZDViOTc2NTUxMGM5IiwibGl2ZVByZXZpZXciOmZhbHNlfQ%3D%3D
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ObaBqKijKFS9I8xqPx94J4haqAe1sBpIZQQmWLrWFLHzPfcWIRNzd9LqfEevjXSCyQUhr8WXH8h38j2Zk7lr7D9WnM2B44FHKjztP5hjlk8RJ02cksrQ8YxapheLMQw4s1W6qLA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881bd78cbbcc5687-OSL
X-Firefox-Spdy: h2
renderer.gist.build/2.0/index.html?options=eyJlbmRwb2ludCI6Imh0dHBzOi8vZW5naW5lLmFwaS5naXN0LmJ1aWxkIiwic2l0ZUlkIjoiNTE0NTQ5NWYxYmE4ZWM1ZTNhNzciLCJkYXRhQ2VudGVyIjoidXMiLCJtZXNzYWdlSWQiOiIiLCJpbnN0YW5jZUlkIjoiMWJjNjhlOTUtZDU3OC00ZjI1LTg2ZjgtZWFiMTBjMzlmOWRlIiwibGl2ZVByZXZpZXciOmZhbHNlfQ%3D%3D
172.67.69.25 143 B URL renderer.gist.build/2.0/index.html?options=eyJlbmRwb2ludCI6Imh0dHBzOi8vZW5naW5lLmFwaS5naXN0LmJ1aWxkIiwic2l0ZUlkIjoiNTE0NTQ5NWYxYmE4ZWM1ZTNhNzciLCJkYXRhQ2VudGVyIjoidXMiLCJtZXNzYWdlSWQiOiIiLCJpbnN0YW5jZUlkIjoiMWJjNjhlOTUtZDU3OC00ZjI1LTg2ZjgtZWFiMTBjMzlmOWRlIiwibGl2ZVByZXZpZXciOmZhbHNlfQ%3D%3D
IP 172.67.69.25:0
File type HTML document, ASCII text, with CRLF line terminators
Hash cb7b8f439b04c00f4a2d78160ddfee8d
9aa44b5d68f6359f10de0dcd24ea3e12548d9bd4
12755429beb15d5eb57eafa45b8dba326343dd099bf0552038694c3856e8860e
GET /2.0/index.html?options=eyJlbmRwb2ludCI6Imh0dHBzOi8vZW5naW5lLmFwaS5naXN0LmJ1aWxkIiwic2l0ZUlkIjoiNTE0NTQ5NWYxYmE4ZWM1ZTNhNzciLCJkYXRhQ2VudGVyIjoidXMiLCJtZXNzYWdlSWQiOiIiLCJpbnN0YW5jZUlkIjoiMWJjNjhlOTUtZDU3OC00ZjI1LTg2ZjgtZWFiMTBjMzlmOWRlIiwibGl2ZVByZXZpZXciOmZhbHNlfQ%3D%3D HTTP/1.1
Host: renderer.gist.build
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Fri, 10 May 2024 18:02:44 GMT
content-type: text/html
content-length: 143
location: https://code.gist.build/renderer/0.2.17/index.html?options=eyJlbmRwb2ludCI6Imh0dHBzOi8vZW5naW5lLmFwaS5naXN0LmJ1aWxkIiwic2l0ZUlkIjoiNTE0NTQ5NWYxYmE4ZWM1ZTNhNzciLCJkYXRhQ2VudGVyIjoidXMiLCJtZXNzYWdlSWQiOiIiLCJpbnN0YW5jZUlkIjoiMWJjNjhlOTUtZDU3OC00ZjI1LTg2ZjgtZWFiMTBjMzlmOWRlIiwibGl2ZVByZXZpZXciOmZhbHNlfQ%3D%3D
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pz3G0fNVIv6KDHn%2FMf3CzgTGNwCejtau1qAsdcM5iOKSDYJ224PlHKvyQis0peZXu6j5qhlkR%2BNTnpO2Jfvy8x281fNoBbFOZGftODKFafpPx0uAwo3XsZ4nlJ2%2BNFxfGljdFNw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881bd78cbbdc5687-OSL
X-Firefox-Spdy: h2
code.gist.build/renderer/0.2.17/main.min.js
104.26.11.146 83 kB URL code.gist.build/renderer/0.2.17/main.min.js
IP 104.26.11.146:0
File type ASCII text, with very long lines (2607)
Hash 5074b3b3f2bd4520ed4a76c3c5d22f15
7cfc68a8768718db168b2d4e7babbfc07563c696
f8a425cc9c486070ec47b0300f7e0a58179b396d1deb49b1182d3e36274d111e
GET /renderer/0.2.17/main.min.js HTTP/1.1
Host: code.gist.build
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://code.gist.build/renderer/0.2.17/index.html?options=eyJlbmRwb2ludCI6Imh0dHBzOi8vZW5naW5lLmFwaS5naXN0LmJ1aWxkIiwic2l0ZUlkIjoiNTE0NTQ5NWYxYmE4ZWM1ZTNhNzciLCJkYXRhQ2VudGVyIjoidXMiLCJtZXNzYWdlSWQiOiIiLCJpbnN0YW5jZUlkIjoiMWJjNjhlOTUtZDU3OC00ZjI1LTg2ZjgtZWFiMTBjMzlmOWRlIiwibGl2ZVByZXZpZXciOmZhbHNlfQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 10 May 2024 18:02:44 GMT
content-type: application/javascript
last-modified: Thu, 09 May 2024 11:19:10 GMT
x-rgw-object-type: Normal
etag: W/"5074b3b3f2bd4520ed4a76c3c5d22f15"
x-amz-request-id: tx00000e9e86d890d4086aa-00663cb391-445f93e9-ams3b
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: 03b5fb56-b915-4b88-b380-33c921f54627
cache-control: max-age=14400
x-envoy-upstream-healthchecked-cluster:
cf-cache-status: HIT
age: 1868
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fLGR7kDPwcaCICS2cLnST8iskmsAOj%2BYFaz%2FwZ3r1grS3%2FBrEZa492EqNee80D%2F37h4alxcAbgbjlfDhFVo4JSHo5%2BhheeZBE7uY6vedVL%2FS6Rz1L2qAcPJjFECKEEXTRg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881bd78e8abd5685-OSL
content-encoding: br
X-Firefox-Spdy: h2
alphabook-static.ams3.digitaloceanspaces.com/images/banners-new/character_1698760097539.png
5.101.110.225 1.4 kB URL alphabook-static.ams3.digitaloceanspaces.com/images/banners-new/character_1698760097539.png
IP 5.101.110.225:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 780 x 432, 8-bit/color RGBA, non-interlaced
Hash 74c3d77052575a1c0060032e82cc877a
7a42b32992e105c579fb66f45e05f37e24f11f4e
cd4a96bccd1752ebf29e525a2e9df02d9d18031e287349ce1e69f3025cd55f07
GET /images/banners-new/character_1698760097539.png HTTP/1.1
Host: alphabook-static.ams3.digitaloceanspaces.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 1386
accept-ranges: bytes
last-modified: Tue, 31 Oct 2023 13:48:22 GMT
x-rgw-object-type: Normal
etag: "74c3d77052575a1c0060032e82cc877a"
x-amz-request-id: tx000006db3dba33f639ee2-00663e6145-5b3b08a0-ams3c
content-type: image/png
date: Fri, 10 May 2024 18:02:45 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-envoy-upstream-healthchecked-cluster:
X-Firefox-Spdy: h2
code.gist.build/renderer/0.2.17/assets/FontManifest.json
104.26.11.146 2 B URL code.gist.build/renderer/0.2.17/assets/FontManifest.json
IP 104.26.11.146:0
Hash d751713988987e9331980363e24189ce
97d170e1550eee4afc0af065b78cda302a97674c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
GET /renderer/0.2.17/assets/FontManifest.json HTTP/1.1
Host: code.gist.build
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://code.gist.build/renderer/0.2.17/index.html?options=eyJlbmRwb2ludCI6Imh0dHBzOi8vZW5naW5lLmFwaS5naXN0LmJ1aWxkIiwic2l0ZUlkIjoiNTE0NTQ5NWYxYmE4ZWM1ZTNhNzciLCJkYXRhQ2VudGVyIjoidXMiLCJtZXNzYWdlSWQiOiIiLCJpbnN0YW5jZUlkIjoiMWJjNjhlOTUtZDU3OC00ZjI1LTg2ZjgtZWFiMTBjMzlmOWRlIiwibGl2ZVByZXZpZXciOmZhbHNlfQ%3D%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 10 May 2024 18:02:45 GMT
content-type: application/json
content-length: 2
last-modified: Thu, 09 May 2024 11:19:10 GMT
x-rgw-object-type: Normal
etag: "d751713988987e9331980363e24189ce"
x-amz-request-id: tx000002ec19e2217e3cf15-00663cb395-445f93d0-ams3b
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: 03b5fb56-b915-4b88-b380-33c921f54627
cache-control: max-age=3600
x-envoy-upstream-healthchecked-cluster:
cf-cache-status: DYNAMIC
age: 1882
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=67PYakEvOCDjFDQcTQZvvthQrq6l2KbqvCNKHgso5vLcsE%2B3sclUiDP4Qm%2F9iuZHsOhWVxVEyfq0R98p%2B9z78QNG7FzOYyqHzb%2B8U0P6hc0cncImG1lzXJ26DgZXZWF7Xg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881bd79308825685-OSL
X-Firefox-Spdy: h2
code.gist.build/renderer/0.2.17/assets/FontManifest.json
104.26.11.146 2 B URL code.gist.build/renderer/0.2.17/assets/FontManifest.json
IP 104.26.11.146:0
Hash d751713988987e9331980363e24189ce
97d170e1550eee4afc0af065b78cda302a97674c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
GET /renderer/0.2.17/assets/FontManifest.json HTTP/1.1
Host: code.gist.build
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://code.gist.build/renderer/0.2.17/index.html?options=eyJlbmRwb2ludCI6Imh0dHBzOi8vZW5naW5lLmFwaS5naXN0LmJ1aWxkIiwic2l0ZUlkIjoiNTE0NTQ5NWYxYmE4ZWM1ZTNhNzciLCJkYXRhQ2VudGVyIjoidXMiLCJtZXNzYWdlSWQiOiIiLCJpbnN0YW5jZUlkIjoiZWFhN2E0ZGItYzllOC00NjQ3LWIzZWUtZDViOTc2NTUxMGM5IiwibGl2ZVByZXZpZXciOmZhbHNlfQ%3D%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 10 May 2024 18:02:45 GMT
content-type: application/json
content-length: 2
last-modified: Thu, 09 May 2024 11:19:10 GMT
x-rgw-object-type: Normal
etag: "d751713988987e9331980363e24189ce"
x-amz-request-id: tx000002ec19e2217e3cf15-00663cb395-445f93d0-ams3b
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: 03b5fb56-b915-4b88-b380-33c921f54627
cache-control: max-age=3600
x-envoy-upstream-healthchecked-cluster:
cf-cache-status: DYNAMIC
age: 1882
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mzqfT0B8vW0HDv3G3t2jTt45mTFQobW6ggzeErd%2FRsqkQO7h8Vv%2Br8tBS3gJZD%2B%2BLVmVcEmLoRNRQjRv6cmfgzVikVf3CGNecVZOysMgRiopDlApe%2FRcRQx%2BW4I3bqoJTw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881bd7943a575685-OSL
X-Firefox-Spdy: h2
code.gist.build/renderer/0.2.17/main.dart.js
104.26.11.146 569 kB URL code.gist.build/renderer/0.2.17/main.dart.js
IP 104.26.11.146:0
File type JavaScript source, ASCII text, with very long lines (727)
Size 569 kB (568820 bytes)
Hash ba2cc37615483d76cfbb34478b5061f3
7bf30746672b9f659e65d34619490bfa78c92141
1446b90a921e2fe51d0d45cbe9a35424fc490e7dc3b935893e5b8a455ad78965
GET /renderer/0.2.17/main.dart.js HTTP/1.1
Host: code.gist.build
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://code.gist.build/renderer/0.2.17/index.html?options=eyJlbmRwb2ludCI6Imh0dHBzOi8vZW5naW5lLmFwaS5naXN0LmJ1aWxkIiwic2l0ZUlkIjoiNTE0NTQ5NWYxYmE4ZWM1ZTNhNzciLCJkYXRhQ2VudGVyIjoidXMiLCJtZXNzYWdlSWQiOiIiLCJpbnN0YW5jZUlkIjoiZWFhN2E0ZGItYzllOC00NjQ3LWIzZWUtZDViOTc2NTUxMGM5IiwibGl2ZVByZXZpZXciOmZhbHNlfQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 10 May 2024 18:02:44 GMT
content-type: application/javascript
last-modified: Thu, 09 May 2024 11:19:11 GMT
x-rgw-object-type: Normal
etag: W/"ba2cc37615483d76cfbb34478b5061f3"
x-amz-request-id: tx0000076d0ca70aff419c8-00663cb395-445f18cc-ams3b
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: 03b5fb56-b915-4b88-b380-33c921f54627
cache-control: max-age=14400
x-envoy-upstream-healthchecked-cluster:
cf-cache-status: HIT
age: 1869
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W8rNCPOCHuGdr9iIkhWzU3BAMrsMjDog6L4jXCNa8Nh%2FSi0gH90EguqIKYCF4Qbee85vRgxGJ%2BjDMfoL9EEDHhKRALQ6LnizsqlFpoxXGpIdcvMi1VNr9vQAFkzOMeSvQA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881bd78eaaf55685-OSL
content-encoding: br
X-Firefox-Spdy: h2
engine-consumer-api.cloud.gist.build/api/v2/configuration?cioSiteId=5145495f1ba8ec5e3a77&cioDatacenter=us&random=1715364165886
34.120.32.134 0 B URL engine-consumer-api.cloud.gist.build/api/v2/configuration?cioSiteId=5145495f1ba8ec5e3a77&cioDatacenter=us&random=1715364165886
IP 34.120.32.134:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/v2/configuration?cioSiteId=5145495f1ba8ec5e3a77&cioDatacenter=us&random=1715364165886 HTTP/1.1
Host: engine-consumer-api.cloud.gist.build
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://code.gist.build/
Origin: https://code.gist.build
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
access-control-allow-headers: X-Bourbon-Organization-Id,X-Engine-Project-Id,Authorization,Content-Type
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: https://code.gist.build
vary: Origin
x-cloud-trace-context: 2de14b663394c58537134be4223eea33
date: Fri, 10 May 2024 18:02:45 GMT
content-type: text/html
server: Google Frontend
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
engine-consumer-api.cloud.gist.build/api/v2/configuration?cioSiteId=5145495f1ba8ec5e3a77&cioDatacenter=us&random=0
34.120.32.134 0 B URL GET engine-consumer-api.cloud.gist.build/api/v2/configuration?cioSiteId=5145495f1ba8ec5e3a77&cioDatacenter=us&random=0
IP 34.120.32.134:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://code.gist.build/renderer/0.2.17/index.html?options=eyJlbmRwb2ludCI6Imh0dHBzOi8vZW5naW5lLmFwaS5naXN0LmJ1aWxkIiwic2l0ZUlkIjoiNTE0NTQ5NWYxYmE4ZWM1ZTNhNzciLCJkYXRhQ2VudGVyIjoidXMiLCJtZXNzYWdlSWQiOiIiLCJpbnN0YW5jZUlkIjoiZWFhN2E0ZGItYzllOC00NjQ3LWIzZWUtZDViOTc2NTUxMGM5IiwibGl2ZVByZXZpZXciOmZhbHNlfQ%3D%3D
Certificate IssuerGoogle Trust Services LLC
Subjectgist-queue-consumer-api.cloud.gist.build
Fingerprint68:98:E0:BA:18:9D:01:75:4C:29:D5:4C:8E:A0:A9:7D:59:7B:03:48
ValiditySat, 06 Apr 2024 14:27:32 GMT - Fri, 05 Jul 2024 15:21:26 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/v2/configuration?cioSiteId=5145495f1ba8ec5e3a77&cioDatacenter=us&random=0 HTTP/1.1
Host: engine-consumer-api.cloud.gist.build
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://code.gist.build/
Origin: https://code.gist.build
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
access-control-allow-headers: X-Bourbon-Organization-Id,X-Engine-Project-Id,Authorization,Content-Type
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: https://code.gist.build
vary: Origin
x-cloud-trace-context: 4145feaa863815882a12648114002818
date: Fri, 10 May 2024 18:02:45 GMT
content-type: text/html
server: Google Frontend
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
engine-consumer-api.cloud.gist.build/api/v2/configuration?cioSiteId=5145495f1ba8ec5e3a77&cioDatacenter=us&random=0
34.120.32.134 0 B URL GET engine-consumer-api.cloud.gist.build/api/v2/configuration?cioSiteId=5145495f1ba8ec5e3a77&cioDatacenter=us&random=0
IP 34.120.32.134:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://code.gist.build/renderer/0.2.17/index.html?options=eyJlbmRwb2ludCI6Imh0dHBzOi8vZW5naW5lLmFwaS5naXN0LmJ1aWxkIiwic2l0ZUlkIjoiNTE0NTQ5NWYxYmE4ZWM1ZTNhNzciLCJkYXRhQ2VudGVyIjoidXMiLCJtZXNzYWdlSWQiOiIiLCJpbnN0YW5jZUlkIjoiZWFhN2E0ZGItYzllOC00NjQ3LWIzZWUtZDViOTc2NTUxMGM5IiwibGl2ZVByZXZpZXciOmZhbHNlfQ%3D%3D
Certificate IssuerGoogle Trust Services LLC
Subjectgist-queue-consumer-api.cloud.gist.build
Fingerprint68:98:E0:BA:18:9D:01:75:4C:29:D5:4C:8E:A0:A9:7D:59:7B:03:48
ValiditySat, 06 Apr 2024 14:27:32 GMT - Fri, 05 Jul 2024 15:21:26 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/v2/configuration?cioSiteId=5145495f1ba8ec5e3a77&cioDatacenter=us&random=0 HTTP/1.1
Host: engine-consumer-api.cloud.gist.build
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://code.gist.build/
Origin: https://code.gist.build
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
access-control-allow-headers: X-Bourbon-Organization-Id,X-Engine-Project-Id,Authorization,Content-Type
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: https://code.gist.build
vary: Origin
x-cloud-trace-context: 3f5239dbfa55fac85fe45406b10806b9
date: Fri, 10 May 2024 18:02:45 GMT
content-type: text/html
server: Google Frontend
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
code.gist.build/renderer/0.2.17/main.min.js
104.26.11.146 1.4 kB URL code.gist.build/renderer/0.2.17/main.min.js
IP 104.26.11.146:0
File type ASCII text, with very long lines (2607)
Hash 5074b3b3f2bd4520ed4a76c3c5d22f15
7cfc68a8768718db168b2d4e7babbfc07563c696
f8a425cc9c486070ec47b0300f7e0a58179b396d1deb49b1182d3e36274d111e
GET /renderer/0.2.17/main.min.js HTTP/1.1
Host: code.gist.build
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://code.gist.build/renderer/0.2.17/index.html?options=eyJlbmRwb2ludCI6Imh0dHBzOi8vZW5naW5lLmFwaS5naXN0LmJ1aWxkIiwic2l0ZUlkIjoiNTE0NTQ5NWYxYmE4ZWM1ZTNhNzciLCJkYXRhQ2VudGVyIjoidXMiLCJtZXNzYWdlSWQiOiIiLCJpbnN0YW5jZUlkIjoiZWFhN2E0ZGItYzllOC00NjQ3LWIzZWUtZDViOTc2NTUxMGM5IiwibGl2ZVByZXZpZXciOmZhbHNlfQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 10 May 2024 18:02:44 GMT
content-type: application/javascript
last-modified: Thu, 09 May 2024 11:19:10 GMT
x-rgw-object-type: Normal
etag: W/"5074b3b3f2bd4520ed4a76c3c5d22f15"
x-amz-request-id: tx00000e9e86d890d4086aa-00663cb391-445f93e9-ams3b
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: 03b5fb56-b915-4b88-b380-33c921f54627
cache-control: max-age=14400
x-envoy-upstream-healthchecked-cluster:
cf-cache-status: HIT
age: 1868
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EvSyax0OErdFD%2BPo7h1FGyJcIB6XeXZk664KN25RphfP7YJIHNWfF6XU9TG77LyLtgy09j9QthEpSd5bf54%2FnjbwPZdZu2lP05RttVuAajiopBvk%2FxvCIZrbCfhcp6kOkA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881bd78e7aa55685-OSL
content-encoding: br
X-Firefox-Spdy: h2
engine-consumer-api.cloud.gist.build/api/v2/configuration?cioSiteId=5145495f1ba8ec5e3a77&cioDatacenter=us&random=1715364165886
34.120.32.134 98 kB URL engine-consumer-api.cloud.gist.build/api/v2/configuration?cioSiteId=5145495f1ba8ec5e3a77&cioDatacenter=us&random=1715364165886
IP 34.120.32.134:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash da8d08dd926cc153629a8948ab9db010
fc85cf9614bc340caee9005050cf458d4f6c1edd
96175deb1174617a24dd0163067412ea3a8dc27eceb059dfbad33784ea2850a5
GET /api/v2/configuration?cioSiteId=5145495f1ba8ec5e3a77&cioDatacenter=us&random=1715364165886 HTTP/1.1
Host: engine-consumer-api.cloud.gist.build
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://code.gist.build
DNT: 1
Connection: keep-alive
Referer: https://code.gist.build/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=utf-8
access-control-allow-origin: https://code.gist.build
cache-control: public,max-age=300
vary: Origin
date: Fri, 10 May 2024 18:02:46 GMT
server: Google Frontend
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
engine-consumer-api.cloud.gist.build/api/v2/configuration?cioSiteId=5145495f1ba8ec5e3a77&cioDatacenter=us&random=0
34.120.32.134 105 kB URL GET engine-consumer-api.cloud.gist.build/api/v2/configuration?cioSiteId=5145495f1ba8ec5e3a77&cioDatacenter=us&random=0
IP 34.120.32.134:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://code.gist.build/renderer/0.2.17/index.html?options=eyJlbmRwb2ludCI6Imh0dHBzOi8vZW5naW5lLmFwaS5naXN0LmJ1aWxkIiwic2l0ZUlkIjoiNTE0NTQ5NWYxYmE4ZWM1ZTNhNzciLCJkYXRhQ2VudGVyIjoidXMiLCJtZXNzYWdlSWQiOiIiLCJpbnN0YW5jZUlkIjoiZWFhN2E0ZGItYzllOC00NjQ3LWIzZWUtZDViOTc2NTUxMGM5IiwibGl2ZVByZXZpZXciOmZhbHNlfQ%3D%3D
Certificate IssuerGoogle Trust Services LLC
Subjectgist-queue-consumer-api.cloud.gist.build
Fingerprint68:98:E0:BA:18:9D:01:75:4C:29:D5:4C:8E:A0:A9:7D:59:7B:03:48
ValiditySat, 06 Apr 2024 14:27:32 GMT - Fri, 05 Jul 2024 15:21:26 GMT
Size 105 kB (105360 bytes)
Hash e90846be773356a7a2ff26f47faff875
1f7f00e181519a0f5ecbfddc3700766716e855b7
5d5a048ebf06c5dbe7b01fd34a5de996de3426efe691385f55dc48585072b98e
GET /api/v2/configuration?cioSiteId=5145495f1ba8ec5e3a77&cioDatacenter=us&random=0 HTTP/1.1
Host: engine-consumer-api.cloud.gist.build
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://code.gist.build
DNT: 1
Connection: keep-alive
Referer: https://code.gist.build/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=utf-8
access-control-allow-origin: https://code.gist.build
cache-control: public,max-age=300
vary: Origin
date: Fri, 10 May 2024 18:02:46 GMT
server: Google Frontend
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
engine-consumer-api.cloud.gist.build/api/v2/configuration?cioSiteId=5145495f1ba8ec5e3a77&cioDatacenter=us&random=0
34.120.32.134 98 kB URL GET engine-consumer-api.cloud.gist.build/api/v2/configuration?cioSiteId=5145495f1ba8ec5e3a77&cioDatacenter=us&random=0
IP 34.120.32.134:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://code.gist.build/renderer/0.2.17/index.html?options=eyJlbmRwb2ludCI6Imh0dHBzOi8vZW5naW5lLmFwaS5naXN0LmJ1aWxkIiwic2l0ZUlkIjoiNTE0NTQ5NWYxYmE4ZWM1ZTNhNzciLCJkYXRhQ2VudGVyIjoidXMiLCJtZXNzYWdlSWQiOiIiLCJpbnN0YW5jZUlkIjoiZWFhN2E0ZGItYzllOC00NjQ3LWIzZWUtZDViOTc2NTUxMGM5IiwibGl2ZVByZXZpZXciOmZhbHNlfQ%3D%3D
Certificate IssuerGoogle Trust Services LLC
Subjectgist-queue-consumer-api.cloud.gist.build
Fingerprint68:98:E0:BA:18:9D:01:75:4C:29:D5:4C:8E:A0:A9:7D:59:7B:03:48
ValiditySat, 06 Apr 2024 14:27:32 GMT - Fri, 05 Jul 2024 15:21:26 GMT
Hash da8d08dd926cc153629a8948ab9db010
fc85cf9614bc340caee9005050cf458d4f6c1edd
96175deb1174617a24dd0163067412ea3a8dc27eceb059dfbad33784ea2850a5
GET /api/v2/configuration?cioSiteId=5145495f1ba8ec5e3a77&cioDatacenter=us&random=0 HTTP/1.1
Host: engine-consumer-api.cloud.gist.build
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://code.gist.build
DNT: 1
Connection: keep-alive
Referer: https://code.gist.build/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=utf-8
access-control-allow-origin: https://code.gist.build
cache-control: public,max-age=300
vary: Origin
date: Fri, 10 May 2024 18:02:46 GMT
server: Google Frontend
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
assets.gist.build/templates/fonts/OpenSans/OpenSans-Bold.ttf
172.67.69.25 104 kB URL assets.gist.build/templates/fonts/OpenSans/OpenSans-Bold.ttf
IP 172.67.69.25:0
File type TrueType Font data, 17 tables, 1st "GDEF", 13 names, Microsoft, language 0x409, Digitized data copyright � 2010-2011, Google Corporation.Open SansBold1.10;1ASC;OpenSans-BoldOpe
Size 104 kB (104120 bytes)
Hash 1025a6e0fb0fa86f17f57cc82a6b9756
1e3704ee48b5ff7e582488ead87b05249f14dc1c
f7916a37377e38527d4306303cfe89b653b49b0a6b0b05c6b7593f7ab0248da8
GET /templates/fonts/OpenSans/OpenSans-Bold.ttf HTTP/1.1
Host: assets.gist.build
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://code.gist.build
DNT: 1
Connection: keep-alive
Referer: https://code.gist.build/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 18:02:46 GMT
content-length: 104120
last-modified: Fri, 26 Jun 2020 13:13:55 GMT
x-rgw-object-type: Normal
etag: "1025a6e0fb0fa86f17f57cc82a6b9756"
x-amz-request-id: tx00000e6b24f276e0fd6b0-00659e9b9f-cc30e3ec-fra1b
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 0
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: 412ce67d-ec87-4b93-8040-9ef0eceddcfd
cache-control: max-age=14400
x-envoy-upstream-healthchecked-cluster:
age: 2266
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bBqEW1PY2oGAxtPi%2BZET29XqGrKMv7uSEltbZ7GEeXEigWlgvBQnicbM2XGglDw0igFHzuowkS%2FO5pKiEmlekUp0ZkqS4mHdiqRtIj3%2Brupv8p2ffxB4ETpyVGx5GL98PkZ6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881bd7974f050afa-OSL
X-Firefox-Spdy: h2
static.zdassets.com/web_widget/messenger/latest/web-widget-9535-1220b2e.js
104.18.70.113200 OK 16 kB URL GET HTTP/2 static.zdassets.com/web_widget/messenger/latest/web-widget-9535-1220b2e.js
IP 104.18.70.113:443
Requested by https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=wk37rut9fionlq6130c2as5q
Certificate IssuerLet's Encrypt
Subjectzdassets.com
Fingerprint91:4E:55:88:20:64:B8:AA:0E:42:DA:60:4E:C8:0C:21:93:4F:B1:F7
ValidityWed, 01 May 2024 21:55:19 GMT - Tue, 30 Jul 2024 21:55:18 GMT
File type JavaScript source, ASCII text, with very long lines (15513), with no line terminators
Hash 49e0c7e2a647623949726517bb39175a
a408186bb7ad54f4eadfe0ff1b58d670fc676f2e
d52b4f234c5594531fe5d7b44dc0152721c4c1d8fa24fc1363e62d83dcf9b090
GET /web_widget/messenger/latest/web-widget-9535-1220b2e.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 18:02:38 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: P7o+8J+sVMhwszAhd3uDeQ13+WmNmd6v85MLMbQqJ8D2Cuqtoe5zBXm5Tb3gSM9LKGcQYlZrX5klIrCKOdLBjA==
x-amz-request-id: XD9C3A21FB03HTMA
x-amz-replication-status: COMPLETED
last-modified: Mon, 06 May 2024 20:40:56 GMT
etag: W/"49e0c7e2a647623949726517bb39175a"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Tue, 06 May 2025 20:40:55 GMT
x-amz-version-id: LmRQZqtJqXrgxoxJfP.UJuouuHotUuO0
cf-cache-status: HIT
age: 106826
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jJ2vlFRv7IXdauSsYj1sRw4GqWeaaSowc4r8YCo2iOFOmSUwpyt5G4pzMcz5duNV%2FpJfKztX4zuaKjEwpvuHEl4Ko%2Bsq%2BcypoUhgV1iUWeQ0PAEplSw34jpTZLBoprmiC23CUo4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-max-age: 0
server: cloudflare
cf-ray: 881bd7674db90b31-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.google.com/js/bg/EghGp72f3L_y9HVk4Nn8Vk_BAMWB9fGIEzP3DzvQDW8.js
216.58.211.4200 OK 18 kB URL GET HTTP/3 www.google.com/js/bg/EghGp72f3L_y9HVk4Nn8Vk_BAMWB9fGIEzP3DzvQDW8.js
IP 216.58.211.4:443
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldhc0AlAAAAAJUY_BS5coGTzfWcigG8Ffq24P4i&co=aHR0cHM6Ly9hbHBoYWJvb2tiZXQuY29tOjQ0Mw..&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=invisible&cb=rkcbyomlyfk
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0
ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
File type JavaScript source, ASCII text, with very long lines (17542)
Hash 7c111ad0cbb18935696bc8bb0846ec26
a9c77f0678ff71a4032e787999ada733e7da10cf
120846a7bd9fdcbff2f47564e0d9fc564fc100c581f5f1881333f70f3bd00d6f
GET /js/bg/EghGp72f3L_y9HVk4Nn8Vk_BAMWB9fGIEzP3DzvQDW8.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldhc0AlAAAAAJUY_BS5coGTzfWcigG8Ffq24P4i&co=aHR0cHM6Ly9hbHBoYWJvb2tiZXQuY29tOjQ0Mw..&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=invisible&cb=rkcbyomlyfk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 7438
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 15:13:02 GMT
expires: Fri, 09 May 2025 15:13:02 GMT
cache-control: public, max-age=31536000
age: 96577
last-modified: Mon, 29 Apr 2024 11:30:00 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
licensing.gaming-curacao.com/validator/images/mobile.css
172.67.20.245200 OK 1.0 kB URL GET HTTP/2 licensing.gaming-curacao.com/validator/images/mobile.css
IP 172.67.20.245:443
Requested by https://licensing.gaming-curacao.com/validator/?lh=ef5d00f94b7d7146760f228013c4867a&template=tseal
Certificate IssuerLet's Encrypt
Subjectgaming-curacao.com
Fingerprint44:CF:7C:81:A0:6F:EE:C8:08:34:16:FE:D7:77:43:F2:08:68:DC:44
ValidityMon, 08 Apr 2024 03:14:27 GMT - Sun, 07 Jul 2024 03:14:26 GMT
File type ASCII text, with very long lines (1257), with no line terminators
Hash bdd0a66d7c061f0844641b81a7307797
fc08bdf11ba1cf629641e2e3de9f67d7780c51d2
434abec520f34f197a3b4663ca903a14d4afd6da4504b6e2d74e58d474ea9950
GET /validator/images/mobile.css HTTP/1.1
Host: licensing.gaming-curacao.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://licensing.gaming-curacao.com/validator/?lh=ef5d00f94b7d7146760f228013c4867a&template=tseal
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 18:02:32 GMT
content-type: text/css
last-modified: Fri, 12 Oct 2018 14:39:35 GMT
etag: W/"416-578090e6397c0"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1269
vary: Accept-Encoding
server: cloudflare
cf-ray: 881bd74179775689-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
alphabookbet.com/assets/1.b775fd254de3af86a8ad.css
104.21.11.147200 OK 11 kB URL GET HTTP/3 alphabookbet.com/assets/1.b775fd254de3af86a8ad.css
IP 104.21.11.147:443
Requested by https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=wk37rut9fionlq6130c2as5q
Certificate IssuerGoogle Trust Services LLC
Subjectalphabookbet.com
Fingerprint24:32:C4:83:7D:C1:33:4D:0D:18:31:71:12:62:C6:5F:4E:76:A2:88
ValidityTue, 16 Apr 2024 09:14:41 GMT - Mon, 15 Jul 2024 09:14:40 GMT
File type ASCII text, with very long lines (7349)
Hash 6ded5ac1b2a10453c03ec36d6a4649ed
8ef17206cc6347bdeae605f15609256ef259b4b4
2028795e8535b6e0c98abacd301a5e68604567d7cac6a17e5cf3bb4970bb7567
GET /assets/1.b775fd254de3af86a8ad.css HTTP/1.1
Host: alphabookbet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=wk37rut9fionlq6130c2as5q
Cookie: locale=en; deviceType=desktop; isPwa=false; userTrackingCodes=%7B%22btag%22%3A%22p55317p55622p2ac1%26subid%3Dwk37rut9fionlq6130c2as5q%22%7D; connect.sid=s%3ALc7vrHV6R_VUkuZmWtVOckkiUgqyeF_-.CsviaG0DRQbkoCTtfr4FB%2BdAReqFqD9MLCirPZRpwj0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 18:02:31 GMT
content-type: text/css
last-modified: Thu, 02 May 2024 08:08:51 GMT
etag: W/"66334a13-2950"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 4946
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IVrnPRAw0Lp%2By9B2Pgk2denmwPO6qBpI46kTBsy6ZGlks3H2653GQ4vZ5f1yMSr8P21eg51F3s1W7M52mZHnl03AkaZ20pqzru0F9aTa0TDGVra%2FX78iTePFNPtKA%2BzV5jAX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881bd73968de56cc-OSL
alt-svc: h3=":443"; ma=86400
alphabookbet.com/assets/public/producers-icon/spinomenal-small.png
104.21.11.147200 OK 2.9 kB URL GET HTTP/3 alphabookbet.com/assets/public/producers-icon/spinomenal-small.png
IP 104.21.11.147:443
Requested by https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=wk37rut9fionlq6130c2as5q
Certificate IssuerGoogle Trust Services LLC
Subjectalphabookbet.com
Fingerprint24:32:C4:83:7D:C1:33:4D:0D:18:31:71:12:62:C6:5F:4E:76:A2:88
ValidityTue, 16 Apr 2024 09:14:41 GMT - Mon, 15 Jul 2024 09:14:40 GMT
File type PNG image data, 72 x 72, 8-bit/color RGBA, non-interlaced
Hash 2c90ac946ec25933869b934a708448e0
fb5c9db4caeb1c8ade45e7b296f0366a7cb26976
54d0e393ad0321003cb06beef20269bcda05476f7c2afac850b88b90d9f159ed
GET /assets/public/producers-icon/spinomenal-small.png HTTP/1.1
Host: alphabookbet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=wk37rut9fionlq6130c2as5q
Cookie: locale=en; deviceType=desktop; isPwa=false; userTrackingCodes=%7B%22btag%22%3A%22p55317p55622p2ac1%26subid%3Dwk37rut9fionlq6130c2as5q%22%7D; connect.sid=s%3ALc7vrHV6R_VUkuZmWtVOckkiUgqyeF_-.CsviaG0DRQbkoCTtfr4FB%2BdAReqFqD9MLCirPZRpwj0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 18:02:31 GMT
content-type: image/png
last-modified: Thu, 02 May 2024 08:08:51 GMT
etag: W/"66334a13-b4e"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 4108
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n4ZAPnMSbr6ECNhTFoJiHqT85aRTmrA4tSiGVJt5zHC9UZN8euWL7%2BXXN%2BZvd%2Bc6swd%2B7i%2B04ubkqQRnivWzoRDUII8HbJmLtOQz1SqSTGrk4YOfpDqRPdUk2Ge8Xb8Teabt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881bd73968e156cc-OSL
alt-svc: h3=":443"; ma=86400
alphabookbet.com/assets/public/fonts/mori/PPMori-SemiBold.woff2
104.21.11.147200 OK 39 kB URL GET HTTP/3 alphabookbet.com/assets/public/fonts/mori/PPMori-SemiBold.woff2
IP 104.21.11.147:443
Requested by https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=wk37rut9fionlq6130c2as5q
Certificate IssuerGoogle Trust Services LLC
Subjectalphabookbet.com
Fingerprint24:32:C4:83:7D:C1:33:4D:0D:18:31:71:12:62:C6:5F:4E:76:A2:88
ValidityTue, 16 Apr 2024 09:14:41 GMT - Mon, 15 Jul 2024 09:14:40 GMT
File type Web Open Font Format (Version 2), TrueType, length 39232, version 1.0
Hash aeaeff9cb640c265ebcf5beeb9a597f0
72b5f06ea439ef489343d58f31c1d1a27820c441
ae7907fb3dd3338d731906393f793e9d14e6a74c3e557866ce77a1ef99cd7d15
GET /assets/public/fonts/mori/PPMori-SemiBold.woff2 HTTP/1.1
Host: alphabookbet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/assets/theme.31e3a9f5096fcfb21796.css
Cookie: locale=en; deviceType=desktop; isPwa=false; userTrackingCodes=%7B%22btag%22%3A%22p55317p55622p2ac1%26subid%3Dwk37rut9fionlq6130c2as5q%22%7D; connect.sid=s%3ALc7vrHV6R_VUkuZmWtVOckkiUgqyeF_-.CsviaG0DRQbkoCTtfr4FB%2BdAReqFqD9MLCirPZRpwj0; _ga_LWDH4XKP02=GS1.1.1715364152.1.0.1715364152.0.0.0; _ga=GA1.1.1549650673.1715364153
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 18:02:32 GMT
content-type: application/octet-stream
content-length: 39232
last-modified: Thu, 02 May 2024 08:08:51 GMT
etag: "66334a13-9940"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4883
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dvB%2FT%2Ftn3sQo1uzvmW902ejGihHlk6JNiEeOodWMeYN4Lxr6fL7eWnxfJBgu5oOw%2BxtpaPKhUJSDcmj%2F2lwNKL5w%2FWx4ZrRg7Yb6JqA7%2FteK6ie%2FlV1Wa5VXPIWgG4jWFlJg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881bd743ad4b56cc-OSL
alt-svc: h3=":443"; ma=86400
licensing.gaming-curacao.com/validator/?lh=ef5d00f94b7d7146760f228013c4867a&template=tseal
172.67.20.245200 OK 2.4 kB URL GET HTTP/2 licensing.gaming-curacao.com/validator/?lh=ef5d00f94b7d7146760f228013c4867a&template=tseal
IP 172.67.20.245:443
Requested by https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=wk37rut9fionlq6130c2as5q
Certificate IssuerLet's Encrypt
Subjectgaming-curacao.com
Fingerprint44:CF:7C:81:A0:6F:EE:C8:08:34:16:FE:D7:77:43:F2:08:68:DC:44
ValidityMon, 08 Apr 2024 03:14:27 GMT - Sun, 07 Jul 2024 03:14:26 GMT
File type HTML document, ASCII text, with very long lines (2657), with no line terminators
Hash 8bd0e76a55282d5b51887ee9fcf4c73c
8418925e1dc287068df96026a06595536ab6401e
75574861eee4938b5c195a6fa491e704a362b50363393fe52bec1b06d5df8979
GET /validator/?lh=ef5d00f94b7d7146760f228013c4867a&template=tseal HTTP/1.1
Host: licensing.gaming-curacao.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 18:02:32 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/5.4.16
set-cookie: PHPSESSID=9cp7bembnvngcle5l2d7ti4or1; path=/; HttpOnly
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: private
pragma: no-cache
x-robots-tag: noindex
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 881bd73dfd805689-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
licensing.gaming-curacao.com/validator/images/style.css
172.67.20.245200 OK 16 kB URL GET HTTP/2 licensing.gaming-curacao.com/validator/images/style.css
IP 172.67.20.245:443
Requested by https://licensing.gaming-curacao.com/validator/?lh=ef5d00f94b7d7146760f228013c4867a&template=tseal
Certificate IssuerLet's Encrypt
Subjectgaming-curacao.com
Fingerprint44:CF:7C:81:A0:6F:EE:C8:08:34:16:FE:D7:77:43:F2:08:68:DC:44
ValidityMon, 08 Apr 2024 03:14:27 GMT - Sun, 07 Jul 2024 03:14:26 GMT
File type ASCII text, with very long lines (1227), with CRLF line terminators
Hash c421b1f5193608dc08ddc6311d01fa99
4bf8fb5aa499e6127da0fe15c2ce6d475bd44230
01b5ac66d05cc93ea69eb8e76427d55f38d8d9b7eedbed0d04477d72e399ce55
GET /validator/images/style.css HTTP/1.1
Host: licensing.gaming-curacao.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://licensing.gaming-curacao.com/validator/?lh=ef5d00f94b7d7146760f228013c4867a&template=tseal
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 18:02:32 GMT
content-type: text/css
last-modified: Fri, 12 Oct 2018 14:56:07 GMT
etag: W/"3cbe-5780949844fc0"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4110
vary: Accept-Encoding
server: cloudflare
cf-ray: 881bd74179715689-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
alphabookbet.com/assets/public/producers-icon/thunderkick.png
104.21.11.147200 OK 9.9 kB URL GET HTTP/3 alphabookbet.com/assets/public/producers-icon/thunderkick.png
IP 104.21.11.147:443
Requested by https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=wk37rut9fionlq6130c2as5q
Certificate IssuerGoogle Trust Services LLC
Subjectalphabookbet.com
Fingerprint24:32:C4:83:7D:C1:33:4D:0D:18:31:71:12:62:C6:5F:4E:76:A2:88
ValidityTue, 16 Apr 2024 09:14:41 GMT - Mon, 15 Jul 2024 09:14:40 GMT
File type PNG image data, 576 x 719, 8-bit colormap, non-interlaced
Hash 840f0761c7d0def8d00edd2a4b9e2b57
ca82dc9556cf81390b5d0898f14dfa76d6082ca9
0d918ce77ffd6ca9afab37ef1d955358907966b174096014d4d716b84573c319
GET /assets/public/producers-icon/thunderkick.png HTTP/1.1
Host: alphabookbet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=wk37rut9fionlq6130c2as5q
Cookie: locale=en; deviceType=desktop; isPwa=false; userTrackingCodes=%7B%22btag%22%3A%22p55317p55622p2ac1%26subid%3Dwk37rut9fionlq6130c2as5q%22%7D; connect.sid=s%3ALc7vrHV6R_VUkuZmWtVOckkiUgqyeF_-.CsviaG0DRQbkoCTtfr4FB%2BdAReqFqD9MLCirPZRpwj0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 18:02:31 GMT
content-type: image/png
last-modified: Thu, 02 May 2024 08:08:51 GMT
etag: W/"66334a13-26d2"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 6050
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N6bAK1B31w5x3CjQHALLXriL3YFOHZeUsfBBeaAVm62sOCBt%2FzivETkn16QQTlEzD%2FuL3GC7eVgb3sf6%2FC4dmDy36eBSVSNB7sZCPMjUnuVVHVp3hOaOhQzUgnP8f%2FlsufmC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881bd73968e856cc-OSL
alt-svc: h3=":443"; ma=86400
alphabookbet.com/assets/public/producers-icon/playn-go-small.png
104.21.11.147200 OK 3.8 kB URL GET HTTP/3 alphabookbet.com/assets/public/producers-icon/playn-go-small.png
IP 104.21.11.147:443
Requested by https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=wk37rut9fionlq6130c2as5q
Certificate IssuerGoogle Trust Services LLC
Subjectalphabookbet.com
Fingerprint24:32:C4:83:7D:C1:33:4D:0D:18:31:71:12:62:C6:5F:4E:76:A2:88
ValidityTue, 16 Apr 2024 09:14:41 GMT - Mon, 15 Jul 2024 09:14:40 GMT
File type PNG image data, 72 x 48, 8-bit/color RGBA, non-interlaced
Hash 603c4fa6de8d9622e1192419b661afc9
f59c36ec9ab64e339b684a2c45229593477733b9
264476099e21ce9ccb9eb84d843041d3f54744b0bd16d3a7e59cf25da6a3d60a
GET /assets/public/producers-icon/playn-go-small.png HTTP/1.1
Host: alphabookbet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/assets/14.eaec9aaa818168eb55ed.css
Cookie: locale=en; deviceType=desktop; isPwa=false; userTrackingCodes=%7B%22btag%22%3A%22p55317p55622p2ac1%26subid%3Dwk37rut9fionlq6130c2as5q%22%7D; connect.sid=s%3ALc7vrHV6R_VUkuZmWtVOckkiUgqyeF_-.CsviaG0DRQbkoCTtfr4FB%2BdAReqFqD9MLCirPZRpwj0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 18:02:31 GMT
content-type: image/png
last-modified: Thu, 02 May 2024 08:08:51 GMT
etag: W/"66334a13-ea8"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 4899
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A49W%2FvlR1KcgvZJxIihgKpAmAHMDp%2Fj3jMyb5rpCST26UImMg4btm1Y2hmJc%2F8MdY0MdXV5z2Z5uWtCpL7NTrHPy0FrtxPbUlgGvnfSHUaECNLI1RS2K6NIEkxUFjadM1Kto"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881bd73ccd4556cc-OSL
alt-svc: h3=":443"; ma=86400
track.customer.io/events/page.gif?name=https%3A%2F%2Falphabookbet.com%2Fen%2Fgames%3Fpartner%3Dp55317p55622p2ac1%26subid%3Dwk37rut9fionlq6130c2as5q&data%5Bpartner%5D=p55317p55622p2ac1&data%5Bsubid%5D=wk37rut9fionlq6130c2as5q&data%5Bwidth%5D=1280&data%5Bheight%5D=1024&c=&s=3f9eb9d0-3507-a9ef-7ede-2c7dfe121128&site_id=5145495f1ba8ec5e3a77×tamp=1715364159312
35.227.225.220200 OK 35 B URL GET HTTP/2 track.customer.io/events/page.gif?name=https%3A%2F%2Falphabookbet.com%2Fen%2Fgames%3Fpartner%3Dp55317p55622p2ac1%26subid%3Dwk37rut9fionlq6130c2as5q&data%5Bpartner%5D=p55317p55622p2ac1&data%5Bsubid%5D=wk37rut9fionlq6130c2as5q&data%5Bwidth%5D=1280&data%5Bheight%5D=1024&c=&s=3f9eb9d0-3507-a9ef-7ede-2c7dfe121128&site_id=5145495f1ba8ec5e3a77×tamp=1715364159312
IP 35.227.225.220:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=wk37rut9fionlq6130c2as5q
Certificate IssuerGoogle Trust Services LLC
Subjectapi.customer.io
FingerprintA3:FF:88:84:E2:3E:E7:DA:BE:84:01:16:8D:FD:EA:58:1D:DE:8F:BB
ValidityFri, 12 Apr 2024 15:42:01 GMT - Thu, 11 Jul 2024 16:35:32 GMT
File type GIF image data, version 89a, 1 x 1
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /events/page.gif?name=https%3A%2F%2Falphabookbet.com%2Fen%2Fgames%3Fpartner%3Dp55317p55622p2ac1%26subid%3Dwk37rut9fionlq6130c2as5q&data%5Bpartner%5D=p55317p55622p2ac1&data%5Bsubid%5D=wk37rut9fionlq6130c2as5q&data%5Bwidth%5D=1280&data%5Bheight%5D=1024&c=&s=3f9eb9d0-3507-a9ef-7ede-2c7dfe121128&site_id=5145495f1ba8ec5e3a77×tamp=1715364159312 HTTP/1.1
Host: track.customer.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
content-disposition: attachment
content-length: 35
content-transfer-encoding: binary
content-type: image/gif
cross-origin-resource-policy: cross-origin
date: Fri, 10 May 2024 18:02:39 GMT
status: 200 OK
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
static.zdassets.com/web_widget/messenger/latest/web-widget-4852-1220b2e.js
104.18.70.113200 OK 142 kB URL GET HTTP/2 static.zdassets.com/web_widget/messenger/latest/web-widget-4852-1220b2e.js
IP 104.18.70.113:443
Requested by https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=wk37rut9fionlq6130c2as5q
Certificate IssuerLet's Encrypt
Subjectzdassets.com
Fingerprint91:4E:55:88:20:64:B8:AA:0E:42:DA:60:4E:C8:0C:21:93:4F:B1:F7
ValidityWed, 01 May 2024 21:55:19 GMT - Tue, 30 Jul 2024 21:55:18 GMT
File type JavaScript source, ASCII text, with very long lines (65307)
Size 142 kB (142417 bytes)
Hash 40fb729956c4a956df4256614af4b393
4d42f2785f7ac8d2c850c39cd92414b47c5f8c99
356c4544c456b989861d78d9cb42a8e8625171a6eec736fa2f5424601d985a42
GET /web_widget/messenger/latest/web-widget-4852-1220b2e.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 18:02:38 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: i2kbLylBK/Fo8PFw9LrPLm8VpWgDRkAoPTdPpjzS6mGOO5Vwpn+oTey5WJo+wemC4X9mdKK15hoQ5jQ3bW+B/g==
x-amz-request-id: XD9BJZQGEZ0MBQBB
x-amz-replication-status: COMPLETED
last-modified: Mon, 06 May 2024 20:40:56 GMT
etag: W/"40fb729956c4a956df4256614af4b393"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Tue, 06 May 2025 20:40:55 GMT
x-amz-version-id: 5arJaDeWiN6TtcgKTivZ.mzquPjCW5it
cf-cache-status: HIT
age: 106826
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xgRlduTnBcS7OVdnhk8hJU4MPif%2F5J1WDEI7TlWAG83S%2BtrYXdBqAuboek4DpbGscHsVaUnCluSoR5hAlM%2FrWqB8l0JRa6tt9eRuzphqYbc%2BZcFVBPDR8eY9QkhfHMaENXa3Zw8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-max-age: 0
server: cloudflare
cf-ray: 881bd7674daf0b31-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.zdassets.com/web_widget/messenger/latest/web-widget-5178-1220b2e.js
104.18.70.113200 OK 12 kB URL GET HTTP/2 static.zdassets.com/web_widget/messenger/latest/web-widget-5178-1220b2e.js
IP 104.18.70.113:443
Requested by https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=wk37rut9fionlq6130c2as5q
Certificate IssuerLet's Encrypt
Subjectzdassets.com
Fingerprint91:4E:55:88:20:64:B8:AA:0E:42:DA:60:4E:C8:0C:21:93:4F:B1:F7
ValidityWed, 01 May 2024 21:55:19 GMT - Tue, 30 Jul 2024 21:55:18 GMT
File type JavaScript source, ASCII text, with very long lines (12530), with no line terminators
Hash 7ea6a03ae546d28215fb61ff43d384ab
396fd003ec081a6ed61f538bb0e3457f4ec3080e
b8ff59d329d21518b345f0932febb24febe12b0143d9f56c31676c9bc5db2459
GET /web_widget/messenger/latest/web-widget-5178-1220b2e.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 18:02:38 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: i6oc+Fe5eD70mjTbgeoclu+4ciKwXBTwTSZi8wCJrrgUyfzWhmV3xUcPIraXWvxEclaeI699sO7mF45oorZQEg==
x-amz-request-id: XD9BBPT06WHCM3TQ
x-amz-replication-status: COMPLETED
last-modified: Mon, 06 May 2024 20:40:56 GMT
etag: W/"7ea6a03ae546d28215fb61ff43d384ab"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Tue, 06 May 2025 20:40:55 GMT
x-amz-version-id: OOag60rQCLbawIHHXXGrezG074AFswZt
cf-cache-status: HIT
age: 106826
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rz6Lp4Tumm0EJI%2FuO83y2ohMfEcNpfmwLF7nof3c6SMhsE1TihBpHnF2Zw56rmVrcYTrhMIUuIkynLS0oEw8yrCqGiyKIVyfkf7UzIeaxU2NPEoVibYeyPYuYWJlBXw1P9fRQYA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-max-age: 0
server: cloudflare
cf-ray: 881bd7674db60b31-OSL
content-encoding: br
X-Firefox-Spdy: h2
assets.customer.io/assets/in-app.js
54.230.111.44200 OK 3.1 kB URL GET HTTP/2 assets.customer.io/assets/in-app.js
IP 54.230.111.44:443
Requested by https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=wk37rut9fionlq6130c2as5q
Certificate IssuerAmazon
Subject*.customer.io
Fingerprint14:0F:58:A3:B8:6F:7D:56:35:72:0F:D3:A7:0E:62:05:C5:9A:09:FC
ValidityThu, 19 Oct 2023 00:00:00 GMT - Fri, 15 Nov 2024 23:59:59 GMT
File type ASCII text, with very long lines (3171), with no line terminators
Hash 11dd1c5fcd0239ca6592a4ae4e84036d
130c0b73d142967e2f483b7b033bbd3dd3da7183
8da722d98a027d9f6440fb420d4edd4368c1700142d05ea69b59d548e797e348
GET /assets/in-app.js HTTP/1.1
Host: assets.customer.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Mon, 15 Apr 2024 20:40:43 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: z8zBcp.TxQ1avpTeVvTRh3ayyF7CTfY3
server: AmazonS3
content-encoding: gzip
date: Fri, 10 May 2024 04:00:23 GMT
etag: W/"2419fbd26ba76588bf89bc14c5a941d0"
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: k-KKUVjokIWa75KUveAakhAvvRgeOB9sna8-wr5-vvCTGkQPlT5zYQ==
age: 58074
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
alphabookbet.com/assets/public/pwa/icons/icon-152x152-safari.png
104.21.11.147200 OK 2.3 kB URL GET HTTP/3 alphabookbet.com/assets/public/pwa/icons/icon-152x152-safari.png
IP 104.21.11.147:443
Requested by https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=wk37rut9fionlq6130c2as5q
Certificate IssuerGoogle Trust Services LLC
Subjectalphabookbet.com
Fingerprint24:32:C4:83:7D:C1:33:4D:0D:18:31:71:12:62:C6:5F:4E:76:A2:88
ValidityTue, 16 Apr 2024 09:14:41 GMT - Mon, 15 Jul 2024 09:14:40 GMT
File type PNG image data, 152 x 152, 8-bit colormap, non-interlaced
Hash 6fd3550ec8f31170e94c321b6321282e
86f89e1d4e16876921b17a2bf3e4f51bc1bae9f6
68f666947cd07d48f61514fad617ef09c06ee3c2cce1a917a8f76f3153513a77
GET /assets/public/pwa/icons/icon-152x152-safari.png HTTP/1.1
Host: alphabookbet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=wk37rut9fionlq6130c2as5q
Cookie: locale=en; deviceType=desktop; isPwa=false; userTrackingCodes=%7B%22btag%22%3A%22p55317p55622p2ac1%26subid%3Dwk37rut9fionlq6130c2as5q%22%7D; connect.sid=s%3ALc7vrHV6R_VUkuZmWtVOckkiUgqyeF_-.CsviaG0DRQbkoCTtfr4FB%2BdAReqFqD9MLCirPZRpwj0; _ga_LWDH4XKP02=GS1.1.1715364152.1.0.1715364152.0.0.0; _ga=GA1.1.1549650673.1715364153
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 18:02:32 GMT
content-type: image/png
last-modified: Thu, 02 May 2024 08:08:51 GMT
etag: W/"66334a13-8db"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 1929
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5%2BRD3osiY6ZAlzdPvj7kEup%2Bon9udFCAz7sU8tmw8fSXMN%2Bpg6B3VAZpt17Xm27BPS4R3NR%2BeSho4L%2BOpRlYWJxlVe7akgkdsie5gNLWUm7IVfH5N80FoEkyHZ%2FX8IVTXokN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881bd7435cf356cc-OSL
alt-svc: h3=":443"; ma=86400
cdn.onesignal.com/sdks/web/v16/OneSignalSDK.page.js
104.17.111.223200 OK 1.7 kB URL GET HTTP/2 cdn.onesignal.com/sdks/web/v16/OneSignalSDK.page.js
IP 104.17.111.223:443
Requested by https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=wk37rut9fionlq6130c2as5q
Certificate IssuerGoogle Trust Services LLC
Subjectonesignal.com
Fingerprint28:4D:B2:BB:68:03:29:A7:D8:CB:4B:48:D4:14:BD:A4:4C:0F:D8:70
ValidityMon, 01 Apr 2024 23:12:28 GMT - Sun, 30 Jun 2024 23:12:27 GMT
File type JavaScript source, ASCII text, with very long lines (1766), with no line terminators
Hash 17ba573ef8bde8f7bae54697ae98b376
56fe76e7c409cb8648a811dc6c6fb81a7af5d772
e2067dd5fb289b0bc34fe8d08b17eced27667f4d216f10cfa596a2d2f679d592
GET /sdks/web/v16/OneSignalSDK.page.js HTTP/1.1
Host: cdn.onesignal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 18:02:31 GMT
content-type: application/javascript
etag: W/"e97acd0bc7104d45af67c0c1d883418e"
access-control-allow-headers: OneSignal-Subscription-Id
via: 1.1 google
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 2365
expires: Mon, 13 May 2024 18:02:31 GMT
cache-control: public, max-age=259200
set-cookie: __cf_bm=YH4gpXIRlxfgN3Z7fEBFHAxC.tKcGJ2suEXbG4MzVjc-1715364151-1.0.1.1-Oy1ZW1zkRUUlVPFvgQMpdX0YiM7nWqEvs6xJoZvG.Pa0pcKGq5IHQliS8gul5JLTmQxYn3Wi883y1UxshVc0Kw; path=/; expires=Fri, 10-May-24 18:32:31 GMT; domain=.onesignal.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
cf-ray: 881bd7397f5e0afa-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.zdassets.com/web_widget/messenger/latest/web-widget-9527-1220b2e.js
104.18.70.113200 OK 30 kB URL GET HTTP/2 static.zdassets.com/web_widget/messenger/latest/web-widget-9527-1220b2e.js
IP 104.18.70.113:443
Requested by https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=wk37rut9fionlq6130c2as5q
Certificate IssuerLet's Encrypt
Subjectzdassets.com
Fingerprint91:4E:55:88:20:64:B8:AA:0E:42:DA:60:4E:C8:0C:21:93:4F:B1:F7
ValidityWed, 01 May 2024 21:55:19 GMT - Tue, 30 Jul 2024 21:55:18 GMT
File type JavaScript source, ASCII text, with very long lines (30186), with no line terminators
Hash 083d4fe56f4013855997ad6d21392f69
09911e3ab09d861f133c686c5e1767e6b50a628c
9ad71bb2996ac89c0922d74c03405115600a0e9108c738f101c8b06e4dd59f62
GET /web_widget/messenger/latest/web-widget-9527-1220b2e.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 18:02:38 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: 2H0SZQmY6d6OnkE526fvSF387+UUgfNFoGaZskHPqIDQtkgQdjK5Le+YZPj9U9ird7y1qXCQBIw=
x-amz-request-id: XD94EXAR99HH17DT
x-amz-replication-status: COMPLETED
last-modified: Mon, 06 May 2024 20:40:56 GMT
etag: W/"083d4fe56f4013855997ad6d21392f69"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Tue, 06 May 2025 20:40:55 GMT
x-amz-version-id: yBlOTeXYn1k9NPEHNkGPRponBAjCWoJ1
cf-cache-status: HIT
age: 106826
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZNuBQ3xRqYp8nOfImyg%2BYxDmmXPOyss4PbLyiVeDLmDsSyP%2FgEM0MuWaCoEnQbl0bcs5pzD5wtd3ruJxagoRA6wThf7IFZsao0wh26oCtOUJYSmsDnCJspTSkWaV%2BfkCyaxSNkc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-max-age: 0
server: cloudflare
cf-ray: 881bd7674db10b31-OSL
content-encoding: br
X-Firefox-Spdy: h2
licensing.gaming-curacao.com/validator/images/tablet.css
172.67.20.245200 OK 320 B URL GET HTTP/2 licensing.gaming-curacao.com/validator/images/tablet.css
IP 172.67.20.245:443
Requested by https://licensing.gaming-curacao.com/validator/?lh=ef5d00f94b7d7146760f228013c4867a&template=tseal
Certificate IssuerLet's Encrypt
Subjectgaming-curacao.com
Fingerprint44:CF:7C:81:A0:6F:EE:C8:08:34:16:FE:D7:77:43:F2:08:68:DC:44
ValidityMon, 08 Apr 2024 03:14:27 GMT - Sun, 07 Jul 2024 03:14:26 GMT
File type ASCII text, with very long lines (382), with no line terminators
Hash 2b2b872c5c38abdfbd2ddf9fc0c13047
a0f11cce1b2eea0ba96b06924e23e39e8019fb40
96dd6318d41113c7ae1e9d0a9ffa997cce8c06911abc7ef1cc18bd0efa1089c0
GET /validator/images/tablet.css HTTP/1.1
Host: licensing.gaming-curacao.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://licensing.gaming-curacao.com/validator/?lh=ef5d00f94b7d7146760f228013c4867a&template=tseal
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 18:02:32 GMT
content-type: text/css
last-modified: Fri, 12 Oct 2018 14:39:35 GMT
etag: W/"140-578090e6397c0"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5905
vary: Accept-Encoding
server: cloudflare
cf-ray: 881bd74179745689-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
alphabookbet.com/assets/public/fonts/mori/PPMori-SemiBold.woff2
104.21.11.147200 OK 39 kB URL GET HTTP/3 alphabookbet.com/assets/public/fonts/mori/PPMori-SemiBold.woff2
IP 104.21.11.147:443
Requested by https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=wk37rut9fionlq6130c2as5q
Certificate IssuerGoogle Trust Services LLC
Subjectalphabookbet.com
Fingerprint24:32:C4:83:7D:C1:33:4D:0D:18:31:71:12:62:C6:5F:4E:76:A2:88
ValidityTue, 16 Apr 2024 09:14:41 GMT - Mon, 15 Jul 2024 09:14:40 GMT
File type Web Open Font Format (Version 2), TrueType, length 39232, version 1.0
Hash aeaeff9cb640c265ebcf5beeb9a597f0
72b5f06ea439ef489343d58f31c1d1a27820c441
ae7907fb3dd3338d731906393f793e9d14e6a74c3e557866ce77a1ef99cd7d15
GET /assets/public/fonts/mori/PPMori-SemiBold.woff2 HTTP/1.1
Host: alphabookbet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/assets/theme.31e3a9f5096fcfb21796.css
Cookie: locale=en; deviceType=desktop; isPwa=false; userTrackingCodes=%7B%22btag%22%3A%22p55317p55622p2ac1%26subid%3Dwk37rut9fionlq6130c2as5q%22%7D; connect.sid=s%3ALc7vrHV6R_VUkuZmWtVOckkiUgqyeF_-.CsviaG0DRQbkoCTtfr4FB%2BdAReqFqD9MLCirPZRpwj0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 18:02:31 GMT
content-type: application/octet-stream
content-length: 39232
last-modified: Thu, 02 May 2024 08:08:51 GMT
etag: "66334a13-9940"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4882
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j9nUUMTCAYPzWkbxPVBks1DQM%2FUsRiezCWh7E%2BGlJGrRH31v5n9%2FWQQF6MaXl%2BcRfEE4rWSA2UPZnGb0UhDf49r%2BhHeRTwV%2FH0W2bEANYkhKq27bXtraS6AKOfNuQxRx%2BNWF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881bd73cdd4f56cc-OSL
alt-svc: h3=":443"; ma=86400