debet.info/
104.26.14.14301 Moved Permanently 0 B IP 104.26.14.14:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Wed, 23 Nov 2022 19:47:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 23 Nov 2022 20:47:52 GMT
Location: https://debet.info/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DSJaH9aZm1TGLScRTXTXcnTUbXgA1uxMyVynKgQx12RsJnfM0V%2FzGGwo%2FW%2FVVEjR6SNk0BJasjW%2FAea33dQjOP3FeqN8urRpoClM5Aqnirb4mhm4KSlpQ%2B65%2Fz4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ec6b4aacda0b51-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1456357aecbd23f21ad98da57e0127eb
7074815b39fa8da9013883971d665e4c1b0797ea
f3eba265ee64870b2f822f1511b36c747d763c382557789cdad8be1d3b52d1f5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F3EBA265EE64870B2F822F1511B36C747D763C382557789CDAD8BE1D3B52D1F5"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3961
Expires: Wed, 23 Nov 2022 20:53:53 GMT
Date: Wed, 23 Nov 2022 19:47:52 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 770d09773b5f304acf141fd66a4862b4
5ddc46ab75de26c858a9a6f6d1beaaec9bb181f5
c7bcc6928fa1c0bb225ce8a2f6badd6cb1bd6ea002fb808ed34e8dafbd7b3b26
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3253
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 19:47:52 GMT
Last-Modified: Wed, 23 Nov 2022 18:53:39 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 23 Nov 2022 19:18:50 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1742
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 054ff0d1a0a43f7cb1d78dbd34e27f99
3caf54f3de1d6a8c6f6454083f8b8e7dec77db54
fcdcef8306ae31f20c366489e1f88aa40b08f154d25d45f4055c4f8cdef47634
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FCDCEF8306AE31F20C366489E1F88AA40B08F154D25D45F4055C4F8CDEF47634"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2676
Expires: Wed, 23 Nov 2022 20:32:28 GMT
Date: Wed, 23 Nov 2022 19:47:52 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: hYFRdI3lyDx592i0av6NL9DVYLKiMF6XeTVG+FGlrbk07RXBvgj8ck2NvNET/FUf8WWEP0gbkTg=
x-amz-request-id: M5FJPVBC2305B86H
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 23 Nov 2022 19:43:06 GMT
age: 286
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 19:47:52 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 39ab972741a3d568cef9fada0f9a1e19
3412bec9771ea72fe33073b492b8401a4aa8c3d3
9ac82b90df2e033bb3a6adeac4cb0da26f10ed1cec2f3cd9ebe4e1e332f8132b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "9AC82B90DF2E033BB3A6ADEAC4CB0DA26F10ED1CEC2F3CD9EBE4E1E332F8132B"
Last-Modified: Tue, 22 Nov 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21575
Expires: Thu, 24 Nov 2022 01:47:27 GMT
Date: Wed, 23 Nov 2022 19:47:52 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 23 Nov 2022 19:11:11 GMT
cache-control: public,max-age=3600
age: 2201
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash eb52164d651f5f45416e873aec29eb04
405b29bb7e7cd4367cf82988f8603e53db65f139
ed885e05db822ff30fe951e10b6d4f21e574d053939afca792992a1549a15301
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1396
Cache-Control: max-age=135736
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 19:47:53 GMT
Etag: "637de2ad-1d7"
Expires: Fri, 25 Nov 2022 09:30:09 GMT
Last-Modified: Wed, 23 Nov 2022 09:06:53 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.38.146.2101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.38.146.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: dtSXKlgb+/4tV2rcqlFsBQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: /FUbPi0Xog0SoTA/sJ5vYxjK48s=
debet.info/images/header/p-sports.png
104.26.15.14200 OK 48 kB URL HTTP/2 debet.info/images/header/p-sports.png
IP 104.26.15.14:0
File type PNG image data, 336 x 696, 8-bit colormap, non-interlaced\012- data
Hash d2f473c198db9f6adf7134c4acaad56a
f8af41394bbdfeafa1974a493d6a9d96a3632f9f
9d0661594e93fb4d92ab34da7a2538acd06e54052fd7f4504b16e338734a73b0
GET /images/header/p-sports.png HTTP/1.1
Host: debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Cookie: device=desktop; domain=https%3A%2F%2Fdebet.info; host=debet.info
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:53 GMT
content-type: image/png
content-length: 48185
cache-control: public, max-age=14400
last-modified: Thu, 27 Oct 2022 08:14:16 GMT
etag: W/"bc39-18418819439"
server-timing: total;dur=1;desc="Nuxt Server Time"
access-control-allow-origin: *
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ov%2FxkMjBYDK5j2QR1TJJK7wfNxh1Ucv52AJWeAcQz45Bo3Ui%2FEi1YGK5ej9gLp7QoXcT%2BU2vsZsS9BVgSo6mUZH9BttqoXWK2J3MihHSAw3CRrRc9oceouQwVE0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ec6b51b906b517-OSL
X-Firefox-Spdy: h2
d1.debet.info/rs2/images/loidangnhap.png
104.26.15.14200 OK 13 kB URL HTTP/2 d1.debet.info/rs2/images/loidangnhap.png
IP 104.26.15.14:0
File type PNG image data, 362 x 295, 8-bit colormap, non-interlaced\012- data
Hash d3ff1bd5cf80e3872f1d6e82e2b722e5
82a43d28d1995e66b0bca70818b814e160489079
e62dd1b02f36b66283bdef1d91165bb857e3ed10788bcb4419b8455681c4ac2f
GET /rs2/images/loidangnhap.png HTTP/1.1
Host: d1.debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:53 GMT
content-type: image/png
content-length: 13030
last-modified: Mon, 25 Nov 2019 04:30:17 GMT
etag: "5ddb58d9-32e6"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QLafHr6eFkL5NrYHplPlpNmbz5QseXsSrsbNp2hPlnhBHVguypCS4T9HZ70WYS1u%2BV5i%2FswsfUVaPKDVvwRc%2B2%2FaF6FcMIaL%2F0RcJEqFBd%2BuakywWpxjMEG8VKN5%2F8M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ec6b51d951b517-OSL
X-Firefox-Spdy: h2
debet.info/images/header/c-sports.png
104.26.15.14200 OK 48 kB URL HTTP/2 debet.info/images/header/c-sports.png
IP 104.26.15.14:0
File type PNG image data, 336 x 696, 8-bit colormap, non-interlaced\012- data
Hash 54b7932507915ce0e3db153960e4c8af
2c66c4fde0c0b810b505d1dfa094ce554236a59b
50dca9ce715576128867d86bf68d9786fd437011f7a639f18538d8456d73eafb
GET /images/header/c-sports.png HTTP/1.1
Host: debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Cookie: device=desktop; domain=https%3A%2F%2Fdebet.info; host=debet.info
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:53 GMT
content-type: image/png
content-length: 48266
cache-control: public, max-age=14400
last-modified: Thu, 27 Oct 2022 08:14:16 GMT
etag: W/"bc8a-18418819438"
server-timing: total;dur=1;desc="Nuxt Server Time"
access-control-allow-origin: *
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3gJKl60%2BPGfZaShIN18uf%2BLPow91DnLwa%2FZRfhGw0TEh50s1Rwdvvd2BM5aeSVirSgLoYQa7LhAN%2BoPBGi7WBmdRpgTtvOpkahjemCdoRKQKonwk%2BS6i43Xp8g8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ec6b51b905b517-OSL
X-Firefox-Spdy: h2
d1.debet.info/rs2/images/hetphiendangnhap.png
104.26.15.14200 OK 9.7 kB URL HTTP/2 d1.debet.info/rs2/images/hetphiendangnhap.png
IP 104.26.15.14:0
File type PNG image data, 362 x 295, 8-bit colormap, non-interlaced\012- data
Hash 14767522582812c408d4c40c03ea3bcd
d1940f3e43652d810400bbc429a7109e60d1ed6e
0d21ba18861663a49cfb6705a3d33423742dfc1f3f860e9fc1764f7bfbf9574d
GET /rs2/images/hetphiendangnhap.png HTTP/1.1
Host: d1.debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:53 GMT
content-type: image/png
content-length: 9731
last-modified: Mon, 25 Nov 2019 04:30:17 GMT
etag: "5ddb58d9-2603"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UJR2xvmUqmEH%2BLyq053xYiwXW1izRfQf6HWVadxZwc0DE2WOnPSPgaVcazTZmCdRqI7tHeY7Qq%2BcyL6xhRNBERV80hojRKaWnxWYmo205OgEhnrdtK8O4IEtPYNwAVo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ec6b51e95db517-OSL
X-Firefox-Spdy: h2
debet.info/images/header/s-sports.png
104.26.15.14200 OK 43 kB URL HTTP/2 debet.info/images/header/s-sports.png
IP 104.26.15.14:0
File type PNG image data, 336 x 696, 8-bit colormap, non-interlaced\012- data
Hash d798911e9de379649a876468b3e18981
c13c070ad900f45e3f42de54e3ca820507ffb6ba
7869fb3cbe15e9766d7c6f974fcb384c05565c105e6a54d2e6ad8c632ff4b782
GET /images/header/s-sports.png HTTP/1.1
Host: debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Cookie: device=desktop; domain=https%3A%2F%2Fdebet.info; host=debet.info
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:53 GMT
content-type: image/png
content-length: 42704
cache-control: public, max-age=14400
last-modified: Thu, 27 Oct 2022 08:14:16 GMT
etag: W/"a6d0-18418819439"
server-timing: total;dur=0;desc="Nuxt Server Time"
access-control-allow-origin: *
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Px2fpKp8Q2hKbYQu2QrOpjH4Gi8n4uXf6z052u72UAstVIAx9xvkopaQOVGi74B0rMJSaFiXBaBKIt7lNTfudVKT5WkQU%2BrpYkIet%2FhuqbTIFdH5jsHTgEjFSQc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ec6b51b902b517-OSL
X-Firefox-Spdy: h2
d1.debet.info/rs2/images/bg_loading.jpg?v=2
104.26.15.14200 OK 52 kB URL HTTP/2 d1.debet.info/rs2/images/bg_loading.jpg?v=2
IP 104.26.15.14:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1425x891, components 3\012- data
Hash c0c7d0617c20cfb8dfbaf021cc170612
3ab6f7f9ef5de0ec38288798abf13adb90f8a20f
abe0af157077bb3a1159bf8e146bbd84a6c30cf1b7c78d447d9b9cf744d50a80
Analyzer Verdict Alert fortinet Phishing
GET /rs2/images/bg_loading.jpg?v=2 HTTP/1.1
Host: d1.debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:54 GMT
content-type: image/jpeg
content-length: 51968
last-modified: Tue, 03 Mar 2020 06:30:49 GMT
etag: "5e5df999-cb00"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q7WYAh4Pwowo%2Fmn7nYBjCuhrFbPPRkkAkgmEyJlPC38Fz9c3QWmPE27L3UV2whfbU7UYb4XG%2BLlKGB6haGfBGwG65fSitNcqHGFgSZTpdCwcnULAvluZHtMH9s5iqSw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ec6b51e961b517-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fb4ee3082622f9f3340432290d63437e
852ca64934462e133e34043fca561aca215e6255
d4c2f665873baede94309128e276df6fdf7f0e1ec15699e75cd6bae2c24d556a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 19:47:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
d1.debet.info/rs2/images/icon/fishing.svg
104.26.15.14200 OK 82 kB URL HTTP/2 d1.debet.info/rs2/images/icon/fishing.svg
IP 104.26.15.14:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (833)
Hash f89dc37ffdf812ddfab131aec7823257
48c26d995dc680931469621059d8a5160d38e6b5
f5a42908caf24b1b6246c58be997b947e71bb2f4bcaa0fcfbc38dd90f4919337
Analyzer Verdict Alert fortinet Phishing
GET /rs2/images/icon/fishing.svg HTTP/1.1
Host: d1.debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:53 GMT
content-type: image/svg+xml
last-modified: Thu, 27 Oct 2022 08:14:16 GMT
etag: W/"635a3dd8-a40"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R4p8exuuYfZooPSPez%2Fjs05vWd%2BHaFDlWU73a168F4%2FoESFeraZTHxdNjQu40ZKygAA%2FZpNJl1ioPj6c55qz9tOhCktndMMRrzmK9LuYUoLm5kcZP6Fn5mZebzckaaw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ec6b51c92fb517-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fb4ee3082622f9f3340432290d63437e
852ca64934462e133e34043fca561aca215e6255
d4c2f665873baede94309128e276df6fdf7f0e1ec15699e75cd6bae2c24d556a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 19:47:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
debet.info/assets/images/components/common/lucky-number/top-bar.jpg
104.26.15.14200 OK 111 kB URL HTTP/2 debet.info/assets/images/components/common/lucky-number/top-bar.jpg
IP 104.26.15.14:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 3840x100, components 3\012- data
Size 111 kB (111056 bytes)
Hash 526c9be94df8e80182ec07cf063384e5
304fb1809f70195182bb6adcd4fa7702c7e44369
378d538ee6b7849039fe74da90894e5a85a7f3fd978780a8b2dfcc2da4407b04
GET /assets/images/components/common/lucky-number/top-bar.jpg HTTP/1.1
Host: debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Cookie: device=desktop; domain=https%3A%2F%2Fdebet.info; host=debet.info
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:54 GMT
content-type: image/jpeg
content-length: 111056
cache-control: public, max-age=14400
last-modified: Thu, 27 Oct 2022 08:14:16 GMT
etag: W/"1b1d0-18418819424"
server-timing: total;dur=0;desc="Nuxt Server Time"
access-control-allow-origin: *
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j8IfBYEcwNAYRISEg%2B68i6UcdYzgxR6pwz1u%2BcfROyXUvDqfyphLQv7b%2FXqSTmy7OeImxT%2FFPDA%2BTW7NDtfYqQHBEKQC%2BIcsw8hZvNv5fJ9QZPam5vOzlqObNZg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ec6b51b8feb517-OSL
X-Firefox-Spdy: h2
debet.info/images/header/k-sports.png
104.26.15.14200 OK 48 kB URL HTTP/2 debet.info/images/header/k-sports.png
IP 104.26.15.14:0
File type PNG image data, 336 x 696, 8-bit colormap, non-interlaced\012- data
Hash fed79568f30e43c5cb604e55f6cbf1db
60a8a4950ba654d94aaae05a3228d954adc2537b
48f2c54daafe1f7a1eeca4ae12f574ca06ab9d38f616023bf4544424da2c6fbd
GET /images/header/k-sports.png HTTP/1.1
Host: debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Cookie: device=desktop; domain=https%3A%2F%2Fdebet.info; host=debet.info
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:54 GMT
content-type: image/png
content-length: 47479
cache-control: public, max-age=14400
last-modified: Thu, 27 Oct 2022 08:14:16 GMT
etag: W/"b977-18418819438"
server-timing: total;dur=0;desc="Nuxt Server Time"
access-control-allow-origin: *
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BmPYoHFvwqDW1leBdwiQP4OQ1VrrCe3Dl1qevruaHQWJSbwz0UUrg8EicFKjHuXgFr0EvGr2dqmbfUY85rcTcjy%2FtZa2YU7FR8N4LVI66Mzs1GPbbz8y4%2BsBRpw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ec6b51b90bb517-OSL
X-Firefox-Spdy: h2
debet.info/_nuxt/48db7ef09a682b8151fa.js
104.26.15.14200 OK 5.4 kB URL HTTP/2 debet.info/_nuxt/48db7ef09a682b8151fa.js
IP 104.26.15.14:0
File type Unicode text, UTF-8 text, with very long lines (28853), with no line terminators
Hash 5dad354244b2be29f5348d9c01257c07
d7a52ee7a5474f0a135e9aba6ed3b29fc31134d2
fd36ed415df3e043c43bc2373be808e550f0ef04b9bcaf8febb5f8334020f480
Analyzer Verdict Alert fortinet Phishing
GET /_nuxt/48db7ef09a682b8151fa.js HTTP/1.1
Host: debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Cookie: device=desktop; domain=https%3A%2F%2Fdebet.info; host=debet.info
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:53 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Tue, 22 Nov 2022 13:10:41 GMT
etag: W/"7242-1849f764ff3"
server-timing: total;dur=0;desc="Nuxt Server Time"
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 105738
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EEIbpO%2Bv5iIBRh6jgSrpmsOgsO8ioWXPN6VOJf7YZwVXquxHLC9fTFBQKudpHGNBPdP0nnc%2FfBDVGSSLg69ptn2TWZ1a84wxCbQpL5%2B7ghpAQvoEiUEtFVzZJQg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ec6b51b8fdb517-OSL
content-encoding: br
X-Firefox-Spdy: h2
d1.debet.info/rs2/images/icon/keno.svg
104.26.15.14200 OK 971 B URL HTTP/2 d1.debet.info/rs2/images/icon/keno.svg
IP 104.26.15.14:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1437)
Hash 6beba4f5c48a3fbebf0e9bea2e166ded
95ce99e4656045285d7f026032bea8cda11ec9cc
c6087985cc5696cbb9b45d9dd4a8773a7a55a1e06f9953b8e1e744ed3705b36c
Analyzer Verdict Alert fortinet Phishing
GET /rs2/images/icon/keno.svg HTTP/1.1
Host: d1.debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:53 GMT
content-type: image/svg+xml
last-modified: Thu, 27 Oct 2022 08:14:16 GMT
etag: W/"635a3dd8-605"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nf8DRusauEwU5E2rvpDfRDHEm3c1yuWT07YrUvBi%2B3rH9Y%2FZYnowT9PxCHFz2feof7W32%2Bdwl%2FgnSyQcgbZ1xxes%2FN1PUfkaoFSck2TqQmXt4yTGD683GglMwR1S6q4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ec6b51b919b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
d1.debet.info/rs2/images/icon/table-game.svg
104.26.15.14200 OK 13 kB URL HTTP/2 d1.debet.info/rs2/images/icon/table-game.svg
IP 104.26.15.14:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1668)
Hash 1676ae791f8292f3fdc120ed6be8fb30
2df6d51c53d57342815a7319f461cd9353df371f
6011f55e02a7edad0c7a0c903fb0a5728c6f1d38f61405ac3b599c2b4afc7273
Analyzer Verdict Alert fortinet Phishing
GET /rs2/images/icon/table-game.svg HTTP/1.1
Host: d1.debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:53 GMT
content-type: image/svg+xml
last-modified: Thu, 27 Oct 2022 08:14:16 GMT
etag: W/"635a3dd8-a4b"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ekl2OeP4YLznqb09jVaAFP2PQ0r2OE5w3v29vj6ZZ6qjwm6j1wkec%2BccbYnxkhTxpwlfJUGA6ClvGzH3MoGcKPqVtzEdmuuGOhUJVsBwjlr1wc6e5TeHwhI6vAg7lw8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ec6b51c93ab517-OSL
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2316
Expires: Wed, 23 Nov 2022 20:26:30 GMT
Date: Wed, 23 Nov 2022 19:47:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2316
Expires: Wed, 23 Nov 2022 20:26:30 GMT
Date: Wed, 23 Nov 2022 19:47:54 GMT
Connection: keep-alive
d1.debet.info/rs2/images/icon/slot.svg
104.26.15.14200 OK 2.1 kB URL HTTP/2 d1.debet.info/rs2/images/icon/slot.svg
IP 104.26.15.14:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1220)
Hash 9ec709e067f7682c077b06db51887f7e
08b7656f5ba0b3679b43c4e99c07c8198af50f55
8238de2490faae24823a56a2a91688ba40cd84c661f68521eb7fa0974399e92e
Analyzer Verdict Alert fortinet Phishing
GET /rs2/images/icon/slot.svg HTTP/1.1
Host: d1.debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:53 GMT
content-type: image/svg+xml
last-modified: Thu, 27 Oct 2022 08:14:16 GMT
etag: W/"635a3dd8-5dd"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8tRLhyFIgGQzga7WaG5bh8iDYN8JnyAUn%2Bfu17yvzEt3LvYxVD8EHtj0l07BsVdxJjmXJUWScD30yQUz7L48Rch3eOJieNi%2F7mldBRVGiu78F11FW01Czxv0nIOb51Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ec6b51c936b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2316
Expires: Wed, 23 Nov 2022 20:26:30 GMT
Date: Wed, 23 Nov 2022 19:47:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2316
Expires: Wed, 23 Nov 2022 20:26:30 GMT
Date: Wed, 23 Nov 2022 19:47:54 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70cd6ebf-bddf-4637-8842-4c05872ec539.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70cd6ebf-bddf-4637-8842-4c05872ec539.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 35a44687c086af7b41c8333297bec58e
1b3efc7e58c1e7220830d0060a6d1942869243a0
39a525fde61e3110f773cb121407925a2d2d1b8003c7beb58cf4fd8b18b8d78a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70cd6ebf-bddf-4637-8842-4c05872ec539.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8683
x-amzn-requestid: 4e9d4c04-802f-4ab8-bb51-645f31de068a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cBb_4G8voAMF-YQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d4065-01d3c8271b80e7ba7bb40f88;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 21:34:29 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: juNmmSsvjf_CNHlUVIpJTDDg6Cqyu2X1Xl9EQW8ZrC6Tuu7RmcrMKA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 21:52:56 GMT
age: 78898
etag: "1b3efc7e58c1e7220830d0060a6d1942869243a0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20f7461d-18d1-4343-9ecb-d68d44ce1ee4.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20f7461d-18d1-4343-9ecb-d68d44ce1ee4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 06c6e720bc9900b38e88cd72f739603e
22884cbc78622d6f78c1c3397c9b440946144a99
8675d08e6d8ae5bdedbc7c7ce647f8c6e72cc457917b4ed1856c50b11c2fe88b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20f7461d-18d1-4343-9ecb-d68d44ce1ee4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7589
x-amzn-requestid: 533d7650-cb21-4090-a50a-e205adad316d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: brr5zH4qoAMF79Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63748d0b-017f7bf4390eb124097af648;Sampled=0
x-amzn-remapped-date: Wed, 16 Nov 2022 07:11:07 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ZtjzvMh_vqVaOqm8xPfZ2EWGGl0X7Iv8GK40Z32EbKM4wk6tGPnlYA==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 22:27:21 GMT
age: 76833
etag: "22884cbc78622d6f78c1c3397c9b440946144a99"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d582ed2-f829-4647-9113-832d4500a207.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d582ed2-f829-4647-9113-832d4500a207.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6d2c986e076309d51d199332caebb07a
343a5bfba0f8fec28f9345f276b44f44c6eaf6a6
64e6fba6a45c70c1db6040a2273472774c00257bef373cc45b6ca00cb819681a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d582ed2-f829-4647-9113-832d4500a207.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9138
x-amzn-requestid: 524e565e-a9fb-45f9-b786-d64cf26a3cdf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cBcAAHG8IAMFhwQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d4066-3689e70e6212e9e77dc134f4;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 21:34:30 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: cwu__NPGaU0zyAG0H1yZhmjGsFzvNmzsGv6Zt9hrF5gwSysEio2MjA==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 21:45:52 GMT
age: 79322
etag: "343a5bfba0f8fec28f9345f276b44f44c6eaf6a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45ca81c5-d11a-4d86-a922-dbdce0f6b46c.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45ca81c5-d11a-4d86-a922-dbdce0f6b46c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0cc111ba6ae699fca7fbff3490640960
18084197b48ea3b4a143636250396e8791d0285f
34fbba92e665ad371ea2bd1a871251cf0c5b7832d6f4661b21b2cfbd7f786923
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45ca81c5-d11a-4d86-a922-dbdce0f6b46c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4977
x-amzn-requestid: 3e56de91-7ed1-4b1e-b230-5f19b2cc6601
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bxQKBHzdIAMFpUw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376c70c-41c572d27999534d3c198372;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 23:43:08 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Or1B6k7o4cYqVXfndjJsKLOV-aYKX8bfHCQIUqNzvofjQSnIf8f04A==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 21:52:42 GMT
age: 78912
etag: "18084197b48ea3b4a143636250396e8791d0285f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F559c6770-d162-460d-b372-5ff036a364d6.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F559c6770-d162-460d-b372-5ff036a364d6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9defa28d124bae7e5ef29a1fb165ee02
2afe813f0fefae511064297ccff9a6de548104e8
8cfdd12386dcc87cfd874ed0c2d42cd33ae2a05cb35127f1a94e163d17bd5b31
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F559c6770-d162-460d-b372-5ff036a364d6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11576
x-amzn-requestid: 9dd2cb2e-de79-4937-b525-05be9d57c03b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-IrdFuxoAMFa9g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637bee49-5437ea0f1568967278fe96ad;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 21:31:53 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 1daKtJmaZARpzMRiPQaWttMITAndRqZt0VwhiBzbxzxBvw4a28a2sg==
via: 1.1 b4085435efbe95a420f374958bd145be.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 22:03:20 GMT
age: 78274
etag: "2afe813f0fefae511064297ccff9a6de548104e8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0ea68cc-d723-41ae-8bc2-16e2e422e2aa.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0ea68cc-d723-41ae-8bc2-16e2e422e2aa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c6380f73d47906bd63b9c48137e4df61
94e053461d2db89e9d08321f26a2555ebcd7e0b9
84144e3c3e7acc7339fd1da9b373f18582734b6f4d235b2aef8c90616ed1c8a7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0ea68cc-d723-41ae-8bc2-16e2e422e2aa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5914
x-amzn-requestid: 175363fa-bb7a-4c95-8aa4-ebb3f16f3745
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1lI3HaqIAMFmTA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63788238-1bb736b52bbae37c5e19486f;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 07:14:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 39Lmple6qq9vrKeKJ4lcditVdK5XfRFtv3Cs0_R8B7pVDYPiRAGFtg==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 22:13:08 GMT
age: 77686
etag: "94e053461d2db89e9d08321f26a2555ebcd7e0b9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
d1.debet.info/rs2/images/logo_debet.svg?v=2
104.26.15.14200 OK 86 kB URL HTTP/2 d1.debet.info/rs2/images/logo_debet.svg?v=2
IP 104.26.15.14:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1261)
Hash fa2eafd468431db727a8a6bc137d6e0b
4ed6e5c5c82792ee2b9df173c99cd00f556b3bc3
c732d05109bd81efeffe4bea899f4b38cd38cbfc201274228d8250be8da4c8b0
Analyzer Verdict Alert fortinet Phishing
GET /rs2/images/logo_debet.svg?v=2 HTTP/1.1
Host: d1.debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:53 GMT
content-type: image/svg+xml
last-modified: Thu, 27 Oct 2022 08:14:16 GMT
etag: W/"635a3dd8-111e"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2mOOR3IRpxQdzz1yZZsh9CblEUOwfTI6qq9nf%2F6t6%2FVuMyk9eaQh33pBFk5Xgs%2BHn98bMzfYcyFs99O%2BZMmMGR2y3bj0nUup56FzlOF8IeWVvd4R8rFkhUZTQHdOxdU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ec6b51b900b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
analytics.tiktok.com/i18n/pixel/config.js?sdkid=C3J6C71M4B6L4J2ECRV0&hostname=debet.info
23.36.79.17200 OK 348 B URL HTTP/2 analytics.tiktok.com/i18n/pixel/config.js?sdkid=C3J6C71M4B6L4J2ECRV0&hostname=debet.info
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash f199b19116e9b53a222b395e78aa760e
b7c3be3a12139325ff943cbbae15384bbd07dcca
2fc2223551f3daa582c606bd71915de73b9604bd61aa178e8fc2b6c9997b3a7d
GET /i18n/pixel/config.js?sdkid=C3J6C71M4B6L4J2ECRV0&hostname=debet.info HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
x-tt-logid: 20221123194754A15FFB7CEE402D6D1C5D
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf601c5f6a04a777121cde7d9af65489455eb8fcdd59b18318910e83f925f2d50ec898121b0a6490f381d9b3c281adcfa66316ad262eea026ff0e6367f1e1a9a4918
content-encoding: gzip
expires: Wed, 23 Nov 2022 19:47:55 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 23 Nov 2022 19:47:55 GMT
content-length: 348
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
vary: Accept-Encoding
set-cookie: _ttp=2HxhvllGvrAH7bTew0clzAWKAcU; Path=/; Domain=tiktok.com; Max-Age=33696000; Secure; SameSite=None
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=2, origin; dur=98
x-origin-response-time: 99,23.36.79.13
x-akamai-request-id: 615989ed
X-Firefox-Spdy: h2
analytics.tiktok.com/api/v2/pixel
23.36.79.17200 OK 0 B URL HTTP/2 analytics.tiktok.com/api/v2/pixel
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v2/pixel HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 760
Origin: https://debet.info
Connection: keep-alive
Referer: https://debet.info/
Cookie: _ttp=2HxhvllGvrAH7bTew0clzAWKAcU
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/octet-stream
content-length: 0
access-control-allow-origin: *
x-tt-logid: 2022112319475586185E0506E39867F56D
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf601c5f6a04a777121cde7d9af65489455e85b28326866efd84ae04897ed66abbc686c714465d5a8ece14233c48705ab98893792d6d3c2350ee8364c9334fa399a4
expires: Wed, 23 Nov 2022 19:47:55 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 23 Nov 2022 19:47:55 GMT
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=15, cdn-cache; desc=MISS, edge; dur=4, origin; dur=110
x-origin-response-time: 110,23.36.79.13
x-akamai-request-id: 61598b5b
X-Firefox-Spdy: h2
d1.debet.info/rs2/images/icon/discount.svg
104.26.15.14200 OK 86 kB URL HTTP/2 d1.debet.info/rs2/images/icon/discount.svg
IP 104.26.15.14:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1673)
Hash cfcae9da0e41fc88caf0bb168f50a4c6
e3b336d4546979df93a1a34aa5ab4f3fb049566c
bfaaee515fb274819b63c4fe34456be8bd1bc58e96765a38f45d9d794ab7b137
Analyzer Verdict Alert fortinet Phishing
GET /rs2/images/icon/discount.svg HTTP/1.1
Host: d1.debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:53 GMT
content-type: image/svg+xml
last-modified: Thu, 27 Oct 2022 08:14:16 GMT
etag: W/"635a3dd8-95b"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vhV36K0dvmmHmESNONg93HTLA1%2FCfWGb8GADCKAoRGnk%2FOoB%2B8oQTJguuPyK15i5NPE4%2FsxZ9heqFSxsXrbaSmvBhBnMnI754%2FuS2CidQr1v6V%2B9X%2FzruGK%2FjWnHED4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ec6b51d945b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
analytics.tiktok.com/i18n/pixel/identify.js
23.36.79.17200 OK 57 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/identify.js
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash 8209f53243f50eb4bfd24f3199891eb6
6076b8aba5695eae4089283808c11dc5d2ddc416
2d0d2032447a5a0b0767a919a7e1a6a4b75e17f08045898d76593381ac149765
GET /i18n/pixel/identify.js HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
x-tt-logid: 202211231947547B163E8366B7A272B499
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf601c5f6a04a777121cde7d9af65489455e71147da323f96c45ce54e4617fd04fa202b006e638376123db91091c04ee28a6b1ca8b4bd702f44773fbd97e4276fe0a
content-encoding: gzip
expires: Wed, 23 Nov 2022 19:47:55 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 23 Nov 2022 19:47:55 GMT
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=0, origin; dur=99
x-origin-response-time: 99,23.36.79.13
x-akamai-request-id: 615989c7
X-Firefox-Spdy: h2
d1.debet.info/rs2/images/icon/truyen-thong.svg
104.26.15.14200 OK 86 kB URL HTTP/2 d1.debet.info/rs2/images/icon/truyen-thong.svg
IP 104.26.15.14:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1586)
Hash 00bb64ed8a7e3d6725f1d905897984d3
fbf7e1a9a487cf531add38f6725e3998469de39e
99077e89a7b3688a1641fba4bdbafa5fb210f34724cc5b5eb911cef0c41dbc36
Analyzer Verdict Alert fortinet Phishing
GET /rs2/images/icon/truyen-thong.svg HTTP/1.1
Host: d1.debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:53 GMT
content-type: image/svg+xml
last-modified: Thu, 27 Oct 2022 08:14:16 GMT
etag: W/"635a3dd8-e4d"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KLO3LMo66CrkoYyCRTAGIAGzQiN%2BYaRjOMz1wESuT0UA4ub7uWCjZJvUnV8hyQKsGlb3PuftusRapibgIQgm%2BPsEV24hlUbv1pe48iMxUs0MXmY5yKqoMX4prA82MJU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ec6b51d941b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
debet.info/fonts/Montserrat-Bold.woff2
104.26.15.14200 OK 85 kB URL HTTP/2 debet.info/fonts/Montserrat-Bold.woff2
IP 104.26.15.14:0
File type Web Open Font Format (Version 2), TrueType, length 85008, version 1.0\012- data
Hash 8a651e1b8b7c465bdbb7dfaef8edbec1
ff70bbd6716ebe3407a6c309bf1d6a96ca808bd1
013ca6b8afd75b7008c983500ca61a09c15c4151df256ce0cbcf40021b2950a7
Analyzer Verdict Alert fortinet Phishing
GET /fonts/Montserrat-Bold.woff2 HTTP/1.1
Host: debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://debet.info/css/main.css?v=2c11c021b89d5aa2cd0e
Cookie: device=desktop; domain=https%3A%2F%2Fdebet.info; host=debet.info
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:55 GMT
content-type: font/woff2
content-length: 85008
cache-control: public, max-age=14400
last-modified: Fri, 01 Nov 2019 09:46:32 GMT
etag: W/"14c10-16e265bf944"
server-timing: total;dur=0;desc="Nuxt Server Time"
access-control-allow-origin: *
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=meuTpcrw9hci0Ed2mSm9mPWvzkwpm1te4o4QyYqobq4J01HwGAznt6csLaaS6Z6onEdNK8lbQnwOwj7LPmW%2FtaBU2zcIbpjZtm1apIEPahA7bnDRvoyXRHnuumQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ec6b57ac33b517-OSL
X-Firefox-Spdy: h2
d1.debet.info/rs2/images/icon/event.svg
104.26.15.14200 OK 1.9 kB URL HTTP/2 d1.debet.info/rs2/images/icon/event.svg
IP 104.26.15.14:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2311)
Hash 3f7441afaa400bf4df0ce6f9a5399665
49e24fe768df9ecb0c5601768b7270111faeb76a
19d5cc98ceb3f66b99366eb36161430c73ec16be898544fc0156ae880792ab45
Analyzer Verdict Alert fortinet Phishing
GET /rs2/images/icon/event.svg HTTP/1.1
Host: d1.debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:53 GMT
content-type: image/svg+xml
last-modified: Thu, 27 Oct 2022 08:14:16 GMT
etag: W/"635a3dd8-a05"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LlmVFEQLiNHegPPSKvIa4UN%2F5HJBOtYyjopMn84xWMVZpm3W%2BY%2B49a3hTlB2HatSt6BVA2iES5LSUdQ661R1LdhAaqQTaS3VE8EqejPglx19yiN11UlFgS2WSbQUZG0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ec6b51d950b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=11520933&url=https%3A%2F%2Fdebet.info%2F&channel_type=code&jsonp=__nrtcak13ilm
23.36.79.16200 OK 268 B URL HTTP/2 api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=11520933&url=https%3A%2F%2Fdebet.info%2F&channel_type=code&jsonp=__nrtcak13ilm
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
File type ASCII text, with no line terminators
Hash 57dac52222014def575f92c7f813df73
ca7dc7fe0c5394c71aa8dff5048c4a0907887d96
37e738a00627b5c5cf8daf034dd73fc23173a77480e58faff1d65cd0aab5f79d
GET /v3.3/customer/action/get_dynamic_configuration?license_id=11520933&url=https%3A%2F%2Fdebet.info%2F&channel_type=code&jsonp=__nrtcak13ilm HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-security-policy: frame-ancestors https://debet.info/;
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
vary: Accept-Encoding
x-frame-options: allow-from https://debet.info/
content-length: 268
date: Wed, 23 Nov 2022 19:47:55 GMT
X-Firefox-Spdy: h2
d1.debet.info/rs/images/btn_close.png
104.26.15.14200 OK 406 B URL HTTP/2 d1.debet.info/rs/images/btn_close.png
IP 104.26.15.14:0
File type PNG image data, 35 x 35, 8-bit colormap, non-interlaced\012- data
Hash 5a525da6bffc10a0958e659bf9983967
602c339c06be1aa2905bae9bdd29496447e0ce7b
016ee8b40203d307fa164e84d1d68524cc5d6e1b98331d4fa3943f77d224feab
GET /rs/images/btn_close.png HTTP/1.1
Host: d1.debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Cookie: _gcl_au=1.1.564911974.1669232874; _tt_enable_cookie=1; _ttp=9e31561d-f8c5-4aab-9809-9b220a7c5fcc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:55 GMT
content-type: image/png
content-length: 406
cache-control: public, max-age=14400
last-modified: Mon, 25 Nov 2019 04:30:17 GMT
etag: W/"196-16ea0d31291"
server-timing: total;dur=0;desc="Nuxt Server Time"
access-control-allow-origin: *
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=trRapI3G0%2BmDzcDlS52g31wvXXWa3xZj3CS1whZ%2BRYFFYcHqIUpGFh11E3nmZM9h2c%2FioyailYEDLhk7BnZPfMSSSDuEayUxS28zj6UKbeOvl%2FOhU5gs0Dx52JoX%2BCU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ec6b605a85b517-OSL
X-Firefox-Spdy: h2
api.livechatinc.com/v3.3/customer/action/get_configuration?license_id=11520933&version=1198.2.2.1243.243.159.15.3.3.1.2.3.0&group_id=0&jsonp=__lc_static_config
23.36.79.16200 OK 1.7 kB URL HTTP/2 api.livechatinc.com/v3.3/customer/action/get_configuration?license_id=11520933&version=1198.2.2.1243.243.159.15.3.3.1.2.3.0&group_id=0&jsonp=__lc_static_config
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (4480), with no line terminators
Hash f2743c5fb49f393180329541dc02a8bf
0ace5fd7def3694387f12f369f304bbc14c09dea
73f55915343fe344075bf86e7a9175eb9e186afdfd4175acb1d2274b3382054c
GET /v3.3/customer/action/get_configuration?license_id=11520933&version=1198.2.2.1243.243.159.15.3.3.1.2.3.0&group_id=0&jsonp=__lc_static_config HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
vary: Accept-Encoding
content-length: 1709
cache-control: public, max-age=600
expires: Wed, 23 Nov 2022 19:57:55 GMT
date: Wed, 23 Nov 2022 19:47:55 GMT
X-Firefox-Spdy: h2
d1.debet.info/rs2/images/icon/dai-phat.svg
104.26.15.14200 OK 2.1 kB URL HTTP/2 d1.debet.info/rs2/images/icon/dai-phat.svg
IP 104.26.15.14:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1425)
Hash 95eeed753f3ecc9fe2eb96265bd98030
6603abd9e8a5327a20fdda8e70d15ca22a8ab149
5d23df51c733a71705e9d2f304898944b5ab2f6ee5330d3b6f33e1a6aeeddfa6
Analyzer Verdict Alert fortinet Phishing
GET /rs2/images/icon/dai-phat.svg HTTP/1.1
Host: d1.debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:53 GMT
content-type: image/svg+xml
last-modified: Thu, 27 Oct 2022 08:14:16 GMT
etag: W/"635a3dd8-a5a"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TuSsxVMInxE3Cmsa7HKA9j7k3gTumKtOh1nFyW1laWXBUZ1wy07Lyf4TAYpDWLOs5GhWLVFBIlU%2BPKjVE7%2BbpuxCk7jIMdNj%2FXQFwwK0rY0qPjWrxhVpmAmx6QDvM9I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ec6b51c93eb517-OSL
content-encoding: br
X-Firefox-Spdy: h2
d1.debet.info/rs/images/ico_question.svg
104.26.15.14200 OK 14 kB URL HTTP/2 d1.debet.info/rs/images/ico_question.svg
IP 104.26.15.14:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1665)
Hash cd9371a2fc2805291221ff0b7b9a2994
f761bed583fff7130984f6c02ed9beb75ea7de40
69ec5a1b0473ff7aa816b9dc448fb7a20961b7eebbde66da6154cc5323f35e3c
Analyzer Verdict Alert fortinet Phishing
GET /rs/images/ico_question.svg HTTP/1.1
Host: d1.debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:54 GMT
content-type: image/svg+xml
cache-control: public, max-age=14400
last-modified: Sun, 08 Mar 2020 08:24:49 GMT
etag: W/"682-170b93f2b91"
server-timing: total;dur=0;desc="Nuxt Server Time"
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D2D5x7tZiI3JGAhvD78HQ6lcoLB7dbJISlgV18kM5cggdLJ4vbLfLSg3vCMAOc9XihGEHyvhp8Bbr1fOLhaHZ%2F5rvYJiuoFOIRvaGssRcUe2tVrTyGaSHKAV4NPfEBk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ec6b579c20b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
d1.debet.info/rs2/images/game-hot/live-casino.jpg
104.26.15.14200 OK 48 kB URL HTTP/2 d1.debet.info/rs2/images/game-hot/live-casino.jpg
IP 104.26.15.14:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 411x360, components 3\012- data
Hash 293d9d09966e5cdd8337d5fabbe4c5f7
0cc3ac99d0d30117ea52e86df0af14ca5d3f09f0
667df3c477331cac4f940a5f0880f6fd7135024726ba10d274e814595a8d6166
GET /rs2/images/game-hot/live-casino.jpg HTTP/1.1
Host: d1.debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Cookie: _gcl_au=1.1.564911974.1669232874; _tt_enable_cookie=1; _ttp=9e31561d-f8c5-4aab-9809-9b220a7c5fcc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:56 GMT
content-type: image/jpeg
content-length: 48028
last-modified: Sat, 12 Mar 2022 06:01:00 GMT
etag: "622c371c-bb9c"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3NXnoxLKIufYQwf4AqnyvoZCl5cTpgw51UKum0fCnFWnqAr%2F%2Fc%2BXfmrprAdEvx5AKmrrWhfs59tP%2FqTCXpp%2BEGmHaabK6faR9qMpOWu5uAriZhDM2fxhaOEcNBjO%2Bb4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ec6b619c75b517-OSL
X-Firefox-Spdy: h2
api.livechatinc.com/v3.3/customer/action/get_localization?license_id=11520933&version=d4234139f0f2a5e50173b124f65938ca_6a3b6055b9095ee3d2ad07f990db5bca&language=vi&group_id=0&jsonp=__lc_localization
23.36.79.16200 OK 4.7 kB URL HTTP/2 api.livechatinc.com/v3.3/customer/action/get_localization?license_id=11520933&version=d4234139f0f2a5e50173b124f65938ca_6a3b6055b9095ee3d2ad07f990db5bca&language=vi&group_id=0&jsonp=__lc_localization
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (11804), with no line terminators
Hash 3289e7bda24df4ac63919878a37e686d
64f6d46e543a40620621091df081f36009fefb17
9cfc7d255345ba6407614f5722ef4ed8a418c4d043b5bb7fef42851fa2ffe1ea
GET /v3.3/customer/action/get_localization?license_id=11520933&version=d4234139f0f2a5e50173b124f65938ca_6a3b6055b9095ee3d2ad07f990db5bca&language=vi&group_id=0&jsonp=__lc_localization HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
vary: Accept-Encoding
cache-control: public, max-age=600
expires: Wed, 23 Nov 2022 19:57:56 GMT
date: Wed, 23 Nov 2022 19:47:56 GMT
content-length: 4694
X-Firefox-Spdy: h2
secure.livechatinc.com/customer/action/open_chat?license_id=11520933&group=0&embedded=1&widget_version=3&unique_groups=0
23.36.79.16200 OK 2.6 kB URL HTTP/2 secure.livechatinc.com/customer/action/open_chat?license_id=11520933&group=0&embedded=1&widget_version=3&unique_groups=0
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (8824), with no line terminators
Hash 2af834d2c1666ed80bdf535ba7baf0cf
f83744b1d09476acd71ce975971ace5404982232
1727455617bd6865da97b3dfba29fae5b9b7f43662bf5b57d9bde8f5a987dc67
GET /customer/action/open_chat?license_id=11520933&group=0&embedded=1&widget_version=3&unique_groups=0 HTTP/1.1
Host: secure.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: text/html; charset=utf-8
vary: Accept-Encoding
date: Wed, 23 Nov 2022 19:47:56 GMT
content-length: 2558
X-Firefox-Spdy: h2
debet.info/api/v1/whitelist/add
104.26.15.14200 OK 26 B URL HTTP/2 debet.info/api/v1/whitelist/add
IP 104.26.15.14:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 036fbc518b30da6faaa6bd989d2d3867
f9e6fe1b89963c515184342a5a5c5d533c105e3f
b096fad615b479aea30b6026850272ec8b323fdc054a78acb28dac3713506439
Analyzer Verdict Alert fortinet Phishing
GET /api/v1/whitelist/add HTTP/1.1
Host: debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Cookie: device=desktop; domain=https%3A%2F%2Fdebet.info; host=debet.info; _gcl_au=1.1.564911974.1669232874; _tt_enable_cookie=1; _ttp=9e31561d-f8c5-4aab-9809-9b220a7c5fcc; showPopupDomain=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:56 GMT
content-type: application/json; charset=utf-8
content-length: 26
x-powered-by: Express
vary: Origin
access-control-allow-credentials: true
x-ratelimit-limit: 2000
x-ratelimit-remaining: 1997
x-ratelimit-reset: 1669233017
set-cookie: whitelist=true; Max-Age=3600; Path=/; Expires=Wed, 23 Nov 2022 20:47:55 GMT
etag: W/"1a-+eb+G4mWPFFRhDQqWlxdUzwQXj8"
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=abaPDdmJgMoB9vy8l%2BZOnn%2FSUCSnas1E8SI8ePgug4wP2j3eMVW8RljaMw9FvZGtT8jtuVWPTyIdpgukuIz9aAziiDQKo4cbTFRx6HwOEXFAyPtWZ3sotxu24tk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ec6b607aafb517-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash cacc91afd0ab337337bbe59785f8500e
cd004af6501153337ea7eb95268680c18a7f8a18
42788556e39167c1e0c70213a26dcd7602dc51fc290a947940ddc6f985ef9441
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=161696
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 19:47:56 GMT
Etag: "637e4d8b-118"
Expires: Fri, 25 Nov 2022 16:42:52 GMT
Last-Modified: Wed, 23 Nov 2022 16:42:51 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 280
cdn.livechatinc.com/widget/static/js/0.0f55d8dd.chunk.js
23.36.79.16200 OK 15 kB URL HTTP/2 cdn.livechatinc.com/widget/static/js/0.0f55d8dd.chunk.js
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (47599), with no line terminators
Hash 59df903a307f8661bd53313a1a1ec2dd
c1b075479edfeed640cea3038d08915f5eedb9a8
6a19cca29c349c638cdb3a4f5103fe14562c865fc49184f33770f0f87b87bb7c
GET /widget/static/js/0.0f55d8dd.chunk.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 10 Nov 2022 13:27:43 GMT
x-amz-version-id: FTaBdM5aPM6e3Wa0SH3EvXHWpAST4v3U
server: AmazonS3
content-encoding: br
etag: W/"10a3d7ac1ed37325d3341c379ee0de69"
vary: Accept-Encoding
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: KgvNFtC8e1Ondp6OM2DSbEHtkwN5kS2GkPwb0uCzLz2iu3P1-YllZA==
content-length: 14934
cache-control: max-age=31536000
expires: Thu, 23 Nov 2023 19:47:56 GMT
date: Wed, 23 Nov 2022 19:47:56 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
X-Firefox-Spdy: h2
cdn.livechatinc.com/widget/static/js/1.1e075a8f.chunk.js
23.36.79.16200 OK 66 kB URL HTTP/2 cdn.livechatinc.com/widget/static/js/1.1e075a8f.chunk.js
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65462)
Hash 524812952e0af015a7b1f7621b66446d
52de20770b835fc95c42ee8fb8c929ce889f1f41
9c6a9bc16e05afce31697dd6ef2530653501be1ea8af90e1905d9949d014a9ba
GET /widget/static/js/1.1e075a8f.chunk.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 10 Nov 2022 13:27:43 GMT
x-amz-version-id: o8X.laUPCA4HbBkhv_.0.rtHv1UEzu8S
server: AmazonS3
content-encoding: br
etag: W/"add645219cc09aca44e90ff2cb69482a"
vary: Accept-Encoding
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: wQvKSpsPRy26in0iJkcMTYfNv8UaYE7ghU0BTCtCVHFylj64oG5eMQ==
content-length: 66502
cache-control: max-age=31536000
expires: Thu, 23 Nov 2023 19:47:56 GMT
date: Wed, 23 Nov 2022 19:47:56 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
X-Firefox-Spdy: h2
socket.debet.info/socket.io/?EIO=4&transport=websocket&sid=vkmGUk8zOg90ZtcBBJYZ
104.26.14.14101 Switching Protocols 0 B URL HTTP/1.1 socket.debet.info/socket.io/?EIO=4&transport=websocket&sid=vkmGUk8zOg90ZtcBBJYZ
IP 104.26.14.14:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /socket.io/?EIO=4&transport=websocket&sid=vkmGUk8zOg90ZtcBBJYZ HTTP/1.1
Host: socket.debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://debet.info
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: CSGRbY+pdf4uB49arqRwgw==
Connection: keep-alive, Upgrade
Cookie: _gcl_au=1.1.564911974.1669232874; _tt_enable_cookie=1; _ttp=9e31561d-f8c5-4aab-9809-9b220a7c5fcc
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Wed, 23 Nov 2022 19:47:56 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: KgOTg5envKEe9tvFGkKDdWjX5NQ=
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wJkT2bigQjQ%2Bckxili9BHzJMqqMi0Spf1K0mQw0oqSKOXeMp7D9vOk3JE9NiZmVhQijo4XvM0j4HPQenJDHmKvxCY3akOlCcIsiwkBJXSgbb%2FPizQym%2BZ0HDrXBApE9SQqYS"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76ec6b6169020b61-OSL
debet.info/_nuxt/969e9af12dc303b57f8d.js
104.26.15.14200 OK 15 kB URL HTTP/2 debet.info/_nuxt/969e9af12dc303b57f8d.js
IP 104.26.15.14:0
File type Unicode text, UTF-8 text, with very long lines (7959), with no line terminators
Hash d21f9a0e116ef4143447af444c843098
008936103294de74f0da69870dfc03336c8e8df3
1682f666acfee200acfe5616c4798ac18f77cfafaa3772d2acb445c6af2fcd9e
Analyzer Verdict Alert fortinet Phishing
GET /_nuxt/969e9af12dc303b57f8d.js HTTP/1.1
Host: debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Cookie: device=desktop; domain=https%3A%2F%2Fdebet.info; host=debet.info; _gcl_au=1.1.564911974.1669232874; _tt_enable_cookie=1; _ttp=9e31561d-f8c5-4aab-9809-9b220a7c5fcc; showPopupDomain=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:56 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Tue, 22 Nov 2022 13:10:41 GMT
etag: W/"1f30-1849f765002"
server-timing: total;dur=0;desc="Nuxt Server Time"
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3D0rJwzYqV%2FVTNURkb1OTpQFiueHO4RBRnE2ESUlGQDoRvY2EZ3VjnQ7iYp2iWAPpMpQlY5XXJIpeAbT3q5lKSe0hdJDq7ZueO5bZCFWDXxx585%2FQmJbBFHPzsQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ec6b635fb1b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
d1.debet.info/rs2/images/icon/sieu-toc.svg
104.26.15.14200 OK 15 kB URL HTTP/2 d1.debet.info/rs2/images/icon/sieu-toc.svg
IP 104.26.15.14:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (648)
Hash 0b9384e6a62754267dd1b99cccf8a8e8
b07afc5be474ec05c22b6248482b8caf087264ed
2edafb22cf4ff867e4ad9e277fab555b318a42b651a7912597d1e5cbc94e3609
Analyzer Verdict Alert fortinet Phishing
GET /rs2/images/icon/sieu-toc.svg HTTP/1.1
Host: d1.debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:53 GMT
content-type: image/svg+xml
last-modified: Thu, 27 Oct 2022 08:14:16 GMT
etag: W/"635a3dd8-1021"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=msnnON0eGv8%2FeCK4q3Pg%2BBeLZS2siAFvDPf4QkTg1cj1hrEtmCVjIkhIEX8El%2BX2RzYDfY472CRJqYhd9ypOFEFSlczLgEoZ1Cy4KSN6WRnZV%2FyiREN9IzTPC%2Fus0Q8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ec6b51d943b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
d1.debet.info/rs2/images/game-hot/keno.jpg
104.26.15.14200 OK 35 kB URL HTTP/2 d1.debet.info/rs2/images/game-hot/keno.jpg
IP 104.26.15.14:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 548x480, components 3\012- data
Hash ff1b832e8d6e59c8d27b4be9d794b474
fde1a5410c85b977cb77882cf046cee74465c840
dbe1c3401317850a41d1274a366a05330a2069524a7f03489bf00dbe4a7717d6
GET /rs2/images/game-hot/keno.jpg HTTP/1.1
Host: d1.debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Cookie: _gcl_au=1.1.564911974.1669232874; _tt_enable_cookie=1; _ttp=9e31561d-f8c5-4aab-9809-9b220a7c5fcc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:56 GMT
content-type: image/jpeg
content-length: 34726
last-modified: Tue, 24 Aug 2021 10:13:46 GMT
etag: "6124c65a-87a6"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FagOqAcMMh8SRB9HC4a%2BvTLjzuYqxSdGBw%2BE%2BGjNV4SgCai%2BEjplLC%2BNyuPoKPs5xqzAVG2ZAWOP7kPbmbuKl90CeDhyVVtn%2B7JDb51evQ5nNM2eFFWK57R%2FSagsLRo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ec6b61ac7cb517-OSL
X-Firefox-Spdy: h2
d3.debet.info/img/2022/11/18/hero-tasubasa-pc.jpg
104.26.15.14200 OK 279 kB URL HTTP/2 d3.debet.info/img/2022/11/18/hero-tasubasa-pc.jpg
IP 104.26.15.14:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 3840x912, components 3\012- data
Size 279 kB (278553 bytes)
Hash deca67e10fc5b5820f7b56ad9ae2b3f7
ed18293b9c8282770bf9d17820e66ec7830ebb0d
258417cea14b837be4a9454ce3db33ed3141c5220dd0298f2b9cece5c01cb53d
GET /img/2022/11/18/hero-tasubasa-pc.jpg HTTP/1.1
Host: d3.debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Cookie: _gcl_au=1.1.564911974.1669232874; _tt_enable_cookie=1; _ttp=9e31561d-f8c5-4aab-9809-9b220a7c5fcc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:56 GMT
content-type: image/jpeg
content-length: 278553
last-modified: Fri, 18 Nov 2022 03:34:55 GMT
etag: "6376fd5f-44019"
access-control-allow-origin: *, *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GbH%2BtgXvXFtHPZAB2wU7NSij6Axc0Lq8LDmIlZP8UbMylpTQsaSmlxjX156UfapQLfHpeCHCaEiaeaC%2BudL8BLdO7o4mG3gXaGcqs4YmYr2%2BrcDDVkSAT4lUqIZZjKg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ec6b620d24b517-OSL
X-Firefox-Spdy: h2
d1.debet.info/bmp/football/teams/1569.png
104.26.15.14200 OK 7.5 kB URL HTTP/2 d1.debet.info/bmp/football/teams/1569.png
IP 104.26.15.14:0
File type PNG image data, 2880 x 1131, 8-bit colormap, non-interlaced\012- data
Hash 404d9b3c4858731d2417a3b9a278fbbf
bcdfc57df5ae2fc9a190c60fe539a811a4111e32
9efc9cd5b1f9aea15f9a6a6896ef4b8aa1ca40062c1bc5a6d2bef994d8904a36
GET /bmp/football/teams/1569.png HTTP/1.1
Host: d1.debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Cookie: _gcl_au=1.1.564911974.1669232874; _tt_enable_cookie=1; _ttp=9e31561d-f8c5-4aab-9809-9b220a7c5fcc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:56 GMT
content-type: image/png
content-length: 7454
x-powered-by: Express
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
x-ratelimit-limit: 10000
x-ratelimit-remaining: 9996
x-ratelimit-reset: 1669233051
cache-control: public, max-age=2592000
last-modified: Tue, 15 Nov 2022 12:10:33 GMT
etag: W/"1d1e-1847b32bd10"
access-control-allow-origin: *
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AMbBQsKubndraMhuct6%2F35HNXkS3YQQkr0vlTxBfRBUy7WKWIOB4k711ewfl%2BjnIyrQ97BNuszr0t1mY3qVINAa5QU2%2Bs1JDehpJWZKMPhFrT%2F%2FaKRceAnQXRReVQ4s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ec6b64e9ecb517-OSL
X-Firefox-Spdy: h2
d1.debet.info/rs2/images/game-hot/ban-ca.jpg
104.26.15.14200 OK 84 kB URL HTTP/2 d1.debet.info/rs2/images/game-hot/ban-ca.jpg
IP 104.26.15.14:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 548x480, components 3\012- data
Hash 289a3e4f2bda074342f63ae526545392
a5190ad0d541d1ba11cc7052392494945c7af5e7
bd882632c3b12a065653fbc0e50d33d2e58df11679705f164d45cdcee8896680
GET /rs2/images/game-hot/ban-ca.jpg HTTP/1.1
Host: d1.debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Cookie: _gcl_au=1.1.564911974.1669232874; _tt_enable_cookie=1; _ttp=9e31561d-f8c5-4aab-9809-9b220a7c5fcc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:56 GMT
content-type: image/jpeg
content-length: 84000
last-modified: Tue, 24 Aug 2021 10:13:46 GMT
etag: "6124c65a-14820"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ikuUnvxLkQgyrNr8J4DOM%2FI8WxtOXi37AVpkcAd%2FXs89E1Q57fOy0QbqhglzMQmg7Qwt%2FtGc9U4BOR3EQmdlD%2FzybO9UrrtPXtOA08RwhvRos%2BIrsbMdSu3ZK6dems%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ec6b61bc9cb517-OSL
X-Firefox-Spdy: h2
debet.info/_nuxt/05d2965d9188df997525.js
104.26.15.14200 OK 6.8 kB URL HTTP/2 debet.info/_nuxt/05d2965d9188df997525.js
IP 104.26.15.14:0
File type Unicode text, UTF-8 text, with very long lines (14747), with no line terminators
Hash 63ad6e6ebfb33cea112d04466504bcdf
e7927def9be3d341455b6ed810f2c47f508b1af8
89f0ba660c4e09a23da1e99b0855b6594afefb02226fffb5b0ceff0e89c9f580
Analyzer Verdict Alert fortinet Phishing
GET /_nuxt/05d2965d9188df997525.js HTTP/1.1
Host: debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Cookie: device=desktop; domain=https%3A%2F%2Fdebet.info; host=debet.info; _gcl_au=1.1.564911974.1669232874; _tt_enable_cookie=1; _ttp=9e31561d-f8c5-4aab-9809-9b220a7c5fcc; showPopupDomain=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:56 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Tue, 22 Nov 2022 13:10:41 GMT
etag: W/"39bd-1849f765004"
server-timing: total;dur=0;desc="Nuxt Server Time"
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FmrGB%2Fm8cCX%2F7oSHM%2Br2Qf3nMu4Vnh57EVoZvu1LKCw9bRgnHrkmQT6l0QU9HnEbjJg7rJPutGB9QAP8GuN4J46Cyr1kvI3yt3krDPyF9d5CmRNxN13iKvQyFCA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ec6b60fb69b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
d1.debet.info/bmp/football/teams/13.png
104.26.15.14200 OK 29 kB URL HTTP/2 d1.debet.info/bmp/football/teams/13.png
IP 104.26.15.14:0
File type PNG image data, 2560 x 1707, 8-bit/color RGB, non-interlaced\012- data
Hash e7e529735b021fcdb9abd28966d749f7
30791f6ecb5a728bbe83cd47c07c1a8d6d49bf1d
96b58a5a900bad15ca8532dd4483567658e0412c5dec5c7a7cc1549f43a31794
GET /bmp/football/teams/13.png HTTP/1.1
Host: d1.debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Cookie: _gcl_au=1.1.564911974.1669232874; _tt_enable_cookie=1; _ttp=9e31561d-f8c5-4aab-9809-9b220a7c5fcc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:56 GMT
content-type: image/png
content-length: 28999
x-powered-by: Express
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
x-ratelimit-limit: 10000
x-ratelimit-remaining: 9994
x-ratelimit-reset: 1669233051
cache-control: public, max-age=2592000
last-modified: Tue, 15 Nov 2022 12:10:34 GMT
etag: W/"7147-1847b32bf4c"
access-control-allow-origin: *
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tr8VmmqWfltKw%2FbX1f6wQUKrX8vCR7aRYf65xR5z0P08SB%2F8542EB46Sui0I62XzLOhPt%2Bo93DVjMCcMA9T4K3GOj7hAsHWcMMQ4xuKhqQapBRyselFGnO3YPg6GmAA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ec6b64e9f4b517-OSL
X-Firefox-Spdy: h2
d1.debet.info/rs2/images/game-hot/quay-so.jpg
104.26.15.14200 OK 22 kB URL HTTP/2 d1.debet.info/rs2/images/game-hot/quay-so.jpg
IP 104.26.15.14:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 548x480, components 3\012- data
Hash 551cdae241e792a01b985ba563fed693
91ae1ca603d670a30c90428e1578513aace57c94
aff4a54115d55b69fa83665603ab7ee8e81a3da07a589f2c7c75903ae7f80a06
GET /rs2/images/game-hot/quay-so.jpg HTTP/1.1
Host: d1.debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Cookie: _gcl_au=1.1.564911974.1669232874; _tt_enable_cookie=1; _ttp=9e31561d-f8c5-4aab-9809-9b220a7c5fcc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:56 GMT
content-type: image/jpeg
content-length: 22243
last-modified: Tue, 24 Aug 2021 10:13:46 GMT
etag: "6124c65a-56e3"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uk2uPipDGDHn5RK2XsA33vMyWjQNLeAltEKVu%2FszLWDZvHeOI72nFWnuoo10mSlK4OCrjI1lPYg86gsD8Whlw4yZNz9ulcLJYqWgEjenXUtzZ7dLObPhKachFOsw%2Fbo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ec6b61bc95b517-OSL
X-Firefox-Spdy: h2
api.livechatinc.com/v3.3/customer/rtm/ws?license_id=11520933
23.36.79.16101 Switching Protocols 0 B URL HTTP/1.1 api.livechatinc.com/v3.3/customer/rtm/ws?license_id=11520933
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v3.3/customer/rtm/ws?license_id=11520933 HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://secure.livechatinc.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: YB50yrFgv3405M4qN18ltw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
sec-websocket-accept: 5vGUuFJsS7338eSS5TDoWwejZL8=
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://secure.livechatinc.com
legacy: 2023-06-30
Date: Wed, 23 Nov 2022 19:47:56 GMT
Upgrade: websocket
Connection: Upgrade
debet.info/_nuxt/265aff554854a0c76b67.js
104.26.15.14200 OK 4.4 kB URL HTTP/2 debet.info/_nuxt/265aff554854a0c76b67.js
IP 104.26.15.14:0
File type Unicode text, UTF-8 text, with very long lines (13445), with no line terminators
Hash 0fcf056abdb090397368658c8df7ec6e
91324670e02dfe9c964c50c6deabd76c64c4413e
dfcffb9e759acba8fb0717070f55707e396c4f69d34dc0acb5d047613beca36c
Analyzer Verdict Alert fortinet Phishing
GET /_nuxt/265aff554854a0c76b67.js HTTP/1.1
Host: debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Cookie: device=desktop; domain=https%3A%2F%2Fdebet.info; host=debet.info; _gcl_au=1.1.564911974.1669232874; _tt_enable_cookie=1; _ttp=9e31561d-f8c5-4aab-9809-9b220a7c5fcc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:56 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Tue, 22 Nov 2022 13:10:41 GMT
etag: W/"3514-1849f764ff0"
server-timing: total;dur=0;desc="Nuxt Server Time"
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kKUs%2F3BD29EOB3nFZwIKFB2cbGto0G%2FuiZ2exut2vvAlJnxwa%2F8JPkLDp6G17TdprmwZq0qfY3n0%2BtDQPSNKCFSAFhuGI%2Fsb5JWLpPAcsV%2Bo2RNUx6fAW1UDoGU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ec6b5fe9e2b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
socket.debet.info/socket.io/?EIO=4&transport=polling&t=OIc25Xi&sid=vkmGUk8zOg90ZtcBBJYZ
104.26.15.14200 OK 8 B URL HTTP/2 socket.debet.info/socket.io/?EIO=4&transport=polling&t=OIc25Xi&sid=vkmGUk8zOg90ZtcBBJYZ
IP 104.26.15.14:0
File type ASCII text, with no line terminators
Hash 00469b8642527674fcb004ca4d3d0579
90b5e2f822d04ad97e1aade88c2b9d8f1629729d
07564748ccf629378becc8bf7cc3ae66c89767731222b12db269b924f1d33a79
POST /socket.io/?EIO=4&transport=polling&t=OIc25Xi&sid=vkmGUk8zOg90ZtcBBJYZ HTTP/1.1
Host: socket.debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain;charset=UTF-8
Content-Length: 2
Origin: https://debet.info
Connection: keep-alive
Referer: https://debet.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:55 GMT
content-type: text/html
access-control-allow-origin: *
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bszlfiGd1THUTxsHjZA%2FreCbHbnDzm11B1CGsYkX%2BSawiFIJrSWJ1iIV5iC1DUf2dmA80qRjmnohojr%2BKtE8W1xEUP4fNfR1vNnYMhw4u8JpirEv62Q59P9BHOxxqOyidNNR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ec6b613c0ab518-OSL
content-encoding: br
X-Firefox-Spdy: h2
d1.debet.info/rs2/images/game-hot/lo-de.jpg
104.26.15.14200 OK 40 kB URL HTTP/2 d1.debet.info/rs2/images/game-hot/lo-de.jpg
IP 104.26.15.14:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 548x480, components 3\012- data
Hash b103f986c4e867c950a186f014a95dbd
d34290fb341bdb3bbe72ccd19cae7f1678ea0e3d
1d88a9c64255e89392fc85c3fb3f196e90ebef660d551ee3898cecf3717c1219
GET /rs2/images/game-hot/lo-de.jpg HTTP/1.1
Host: d1.debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Cookie: _gcl_au=1.1.564911974.1669232874; _tt_enable_cookie=1; _ttp=9e31561d-f8c5-4aab-9809-9b220a7c5fcc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:56 GMT
content-type: image/jpeg
content-length: 39752
last-modified: Tue, 24 Aug 2021 10:13:46 GMT
etag: "6124c65a-9b48"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mk7Xme8QJiuqiHJPnCkK7x8FiDePCskOpSNNdlgi%2FJb00MBa0DAplhegysBtTU6axKuY2qDTv0DkwcZs%2B%2BQjm4NZFwRnMes0lBiXU0rn8AYmSFjy1NclHZe9y5VzJ5U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ec6b61bc92b517-OSL
X-Firefox-Spdy: h2
d1.debet.info/rs2/images/game-hot/game-bai.jpg
104.26.15.14200 OK 41 kB URL HTTP/2 d1.debet.info/rs2/images/game-hot/game-bai.jpg
IP 104.26.15.14:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 411x360, components 3\012- data
Hash 49678ba7ddf3ef1d1ee8c34d7d8c9fd4
45156398f3148905dadc54f830f60c7f66d29a1b
779f5b4cf62e21bf6e3493a81c8ba95368c4c9cf5773bc4e3df818a081792df5
GET /rs2/images/game-hot/game-bai.jpg HTTP/1.1
Host: d1.debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Cookie: _gcl_au=1.1.564911974.1669232874; _tt_enable_cookie=1; _ttp=9e31561d-f8c5-4aab-9809-9b220a7c5fcc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:56 GMT
content-type: image/jpeg
content-length: 41021
last-modified: Sat, 12 Mar 2022 06:01:00 GMT
etag: "622c371c-a03d"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RvsQGsPo0v5%2Bf47zZiKAnt2skPFpYDAApNSjRBc2Hr%2BpnbkpMOQtq0hMmanHstoi07YfwQzYsYTfoTLYbOzKGuBdiI%2FKUxsAxqRAvGpl9z32nLuUn8GZcwZyo0VoJks%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ec6b61ac79b517-OSL
X-Firefox-Spdy: h2
cdn.livechatinc.com/widget/static/js/iframe.5a8c73ef.chunk.js
23.36.79.16200 OK 1.7 kB URL HTTP/2 cdn.livechatinc.com/widget/static/js/iframe.5a8c73ef.chunk.js
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
Hash b889c05d030774c9da4abd412af6c59b
766bf894d0f7b37a3992e05fe62f3699925afc1a
a4066e02c4701e652379313ca9396404dad605c157d62149c2a4c5b4b52e8efa
GET /widget/static/js/iframe.5a8c73ef.chunk.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 17 Nov 2022 13:08:45 GMT
x-amz-version-id: P0PTNAbmnutUEWx5JwIuKC0qV1oD8pjU
server: AmazonS3
content-encoding: br
etag: W/"662ab831ab34600ffa4072f565bdfd64"
vary: Accept-Encoding
x-amz-cf-pop: AMS54-C1
x-amz-cf-id: sR-5pPSHowFYzLBZ2ofqs8DxRRrwv2J2VVm5UA7oF9d3KMAWrh3oYg==
content-length: 206714
cache-control: max-age=31536000
expires: Thu, 23 Nov 2023 19:47:56 GMT
date: Wed, 23 Nov 2022 19:47:56 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
X-Firefox-Spdy: h2
debet.info/_nuxt/2c11c021b89d5aa2cd0e.1.css
104.26.15.14200 OK 60 kB URL HTTP/2 debet.info/_nuxt/2c11c021b89d5aa2cd0e.1.css
IP 104.26.15.14:0
File type ASCII text, with very long lines (4139), with no line terminators
Hash 4fe1d39aee5df1ffdcc36d8aec629ddf
65599b036643e73d1a3a95d627c579d74bca5c81
1c2cd8c481339d626fa92e3d82ed966492a7dd1f8d07ecc1e4f06464dde33d71
GET /_nuxt/2c11c021b89d5aa2cd0e.1.css HTTP/1.1
Host: debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Cookie: device=desktop; domain=https%3A%2F%2Fdebet.info; host=debet.info; _gcl_au=1.1.564911974.1669232874; _tt_enable_cookie=1; _ttp=9e31561d-f8c5-4aab-9809-9b220a7c5fcc
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:56 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Tue, 22 Nov 2022 13:10:41 GMT
etag: W/"102b-1849f764ff0"
server-timing: total;dur=1;desc="Nuxt Server Time"
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qdSK%2FRklDxgIWSueRquapgB0nfhcWtn38PRLJ08bZ5FDeH4clBgJcTU%2BAb3mqM3FBwMh6TyU%2BxNzOWrSXTiKSMdi%2B%2FBCpyzTFoiDcudpkxyB1DvouZEWX6Se4x0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ec6b5fe9dfb517-OSL
content-encoding: br
X-Firefox-Spdy: h2
d1.debet.info/bmp/football/teams/1118.png
104.26.15.14200 OK 2.6 kB URL HTTP/2 d1.debet.info/bmp/football/teams/1118.png
IP 104.26.15.14:0
File type PNG image data, 2560 x 1707, 2-bit colormap, non-interlaced\012- data
Hash 37bc53ffd42a0d09c493425e07f1e9e2
462946472f05f34ff09a93b2194e087f737fc465
4514991539f364b28f4a699ad8f1721c3ec94f26fd9069c62bff8cb9870d48d2
GET /bmp/football/teams/1118.png HTTP/1.1
Host: d1.debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Cookie: _gcl_au=1.1.564911974.1669232874; _tt_enable_cookie=1; _ttp=9e31561d-f8c5-4aab-9809-9b220a7c5fcc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:56 GMT
content-type: image/png
content-length: 2645
x-powered-by: Express
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
x-ratelimit-limit: 10000
x-ratelimit-remaining: 9985
x-ratelimit-reset: 1669233051
cache-control: public, max-age=2592000
last-modified: Tue, 15 Nov 2022 12:10:33 GMT
etag: W/"a55-1847b32bd0e"
access-control-allow-origin: *
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JY1tZYmQupB%2FOA6WurCRE5SJfwy3O5RUQswwyB%2BOFNHHFnfvxXLtUNN4sOUG8vYth70ACxhh5zM85142d2dGSxqD%2FqSTIaopOxO16n51HczjLAqAyKwWXX4T1tKn8X8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ec6b64f9fcb517-OSL
X-Firefox-Spdy: h2
debet.info/_nuxt/089cce4f1307e197dbd3.js
104.26.15.14200 OK 38 kB URL HTTP/2 debet.info/_nuxt/089cce4f1307e197dbd3.js
IP 104.26.15.14:0
File type Unicode text, UTF-8 text, with very long lines (47106), with no line terminators
Hash e920cadfc67ba1673f47d1d387723ff9
f0ebd8c99a7dfe03b0b1f16cf4d408002b1d4235
e258fcb9a89344fdcc82131ccf02e8e1579b7a609a952be16299889266ddb9df
Analyzer Verdict Alert fortinet Phishing
GET /_nuxt/089cce4f1307e197dbd3.js HTTP/1.1
Host: debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Cookie: device=desktop; domain=https%3A%2F%2Fdebet.info; host=debet.info; _gcl_au=1.1.564911974.1669232874
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:54 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Tue, 22 Nov 2022 13:10:41 GMT
etag: W/"b8ed-1849f764ff2"
server-timing: total;dur=0;desc="Nuxt Server Time"
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 105737
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W4VZ1OGmup96a4xHRHMzRvDLLJ1dMFHR3vnjf8OSq1gQShSnZAztiwZgRVFxp3SDRuRY3EJvq8fRVGbM9XMwtLzHIMSpSYREIXQ%2Bp%2BbWWjjVf4lGO5khSplqQxE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ec6b5bdb5ab517-OSL
content-encoding: br
X-Firefox-Spdy: h2
d3.debet.info/img/2021/10/28/banner-slot-microgaming.webp
104.26.15.14200 OK 53 kB URL HTTP/2 d3.debet.info/img/2021/10/28/banner-slot-microgaming.webp
IP 104.26.15.14:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1920x481, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c92723f8220c2ba907c2c3f38b2936f7
109de59d003f313a301e0ce8d61f4a01b4095463
f0d772ef9d53963b79c1f5383b26627d40d76eb7296312ea2d593c32e8651f6c
Analyzer Verdict Alert fortinet Phishing
GET /img/2021/10/28/banner-slot-microgaming.webp HTTP/1.1
Host: d3.debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Cookie: _gcl_au=1.1.564911974.1669232874; _tt_enable_cookie=1; _ttp=9e31561d-f8c5-4aab-9809-9b220a7c5fcc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:56 GMT
content-type: image/webp
content-length: 52782
last-modified: Thu, 28 Oct 2021 12:25:52 GMT
etag: "617a96d0-ce2e"
access-control-allow-origin: *, *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A9l3E39TXcaB4amX1e%2FTHSCA6TM4cgannDON0tOTyYvUPHeR1TX7LU%2FLQGMNXrIwqow3W44ZZJAsxztcdZbqbb66ZhWlrRxp9sWImYZeo5TgBuY3RCTFCas6M9witC4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ec6b621d54b517-OSL
X-Firefox-Spdy: h2
d1.debet.info/rs2/images/game-hot/the-thao.jpg
104.26.15.14200 OK 115 kB URL HTTP/2 d1.debet.info/rs2/images/game-hot/the-thao.jpg
IP 104.26.15.14:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 858x360, components 3\012- data
Size 115 kB (115052 bytes)
Hash 97d38e2f7f0383d28b616b815ceec3ae
d459777fc9da182b826ba899e9802a9820b43c5a
c62da4bd6a2db594cb5066a41e5813437259b9bbf0196089a3e79f247bbb4887
GET /rs2/images/game-hot/the-thao.jpg HTTP/1.1
Host: d1.debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Cookie: _gcl_au=1.1.564911974.1669232874; _tt_enable_cookie=1; _ttp=9e31561d-f8c5-4aab-9809-9b220a7c5fcc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:56 GMT
content-type: image/jpeg
content-length: 115052
last-modified: Sat, 12 Mar 2022 06:01:00 GMT
etag: "622c371c-1c16c"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7JuKBVwycwxtuxYzinKMaJDDhPWRq4QwtY84gK%2B%2BHb2MrZpQTUeGAY3O7rkDXuuhls%2BzNLOwuyqGUxUbnBWrg%2F54LFBhJLcE9g3FPyK31rxKVtFVC139NBIJSi6xGbs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ec6b608ac8b517-OSL
X-Firefox-Spdy: h2
debet.info/_nuxt/ae0f20a77968c7ca7be1.js
104.26.15.14200 OK 28 kB URL HTTP/2 debet.info/_nuxt/ae0f20a77968c7ca7be1.js
IP 104.26.15.14:0
File type Unicode text, UTF-8 text, with very long lines (13871), with no line terminators
Hash c950f9ec13e13b68071772af381a00e4
5c00f9b9e85f1d3986ae36d1198ac4cbd2a3a0ad
24c82db8a6867e2651bc1f2b1e9b61ed13019f418f25603d1d115af2f981dd48
Analyzer Verdict Alert fortinet Phishing
GET /_nuxt/ae0f20a77968c7ca7be1.js HTTP/1.1
Host: debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Cookie: device=desktop; domain=https%3A%2F%2Fdebet.info; host=debet.info; _gcl_au=1.1.564911974.1669232874; _tt_enable_cookie=1; _ttp=9e31561d-f8c5-4aab-9809-9b220a7c5fcc; showPopupDomain=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:56 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Tue, 22 Nov 2022 13:10:41 GMT
etag: W/"364d-1849f764ffa"
server-timing: total;dur=0;desc="Nuxt Server Time"
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HI0mXoy2DGXiQKmvvUggOuY6iSaRtX0cE4M%2Bx6p7S2On%2BKAXkiesG2pFB5QM7%2BP1v4C2roDr7R%2FWY7%2FE727mGZbMTJDVtNwOmUc6DX%2Fnv%2BxXtCp%2Fm66TGHyR7VY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ec6b627e48b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
d3.debet.info/img/2022/11/21/hot-pc.jpg
104.26.15.14200 OK 295 kB URL HTTP/2 d3.debet.info/img/2022/11/21/hot-pc.jpg
IP 104.26.15.14:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 3840x912, components 3\012- data
Size 295 kB (295404 bytes)
Hash ededcd1d3b9c94a99b95f76805a417e2
54b382d4a39f169c6cc495e4d065c6b79ab9e94e
00c33aa1d23589585832d49d4adadcb8c5fec3acff33868b38efad765c696a69
GET /img/2022/11/21/hot-pc.jpg HTTP/1.1
Host: d3.debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Cookie: _gcl_au=1.1.564911974.1669232874; _tt_enable_cookie=1; _ttp=9e31561d-f8c5-4aab-9809-9b220a7c5fcc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:56 GMT
content-type: image/jpeg
content-length: 295404
last-modified: Mon, 21 Nov 2022 16:18:54 GMT
etag: "637ba4ee-481ec"
access-control-allow-origin: *, *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z0erDwkVHIVuiLHFF3NJ5ug8MSYUcGFVhVMS%2BzHrp2KMlUEP1yE4ocGITLb3mG6Jy%2F1SO5i37Igj0HXJT291%2F1KIZKtq%2Bfm3q0W8Ak7vDVNCC6a7Xz54IoK4q3X9geA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ec6b620d15b517-OSL
X-Firefox-Spdy: h2
d1.debet.info/rs2/images/icon/no-hu.svg
104.26.15.14200 OK 163 kB URL HTTP/2 d1.debet.info/rs2/images/icon/no-hu.svg
IP 104.26.15.14:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (328)
Size 163 kB (163208 bytes)
Hash 51c1c9fb1c3a5342a8f7de23f82979af
a92054eb1fb55ba7c261aef8b6e84eada92dd7b0
19c11e305b3c5ee2f71c5fa7335ccec659d30deb838d1c59fc5a8872ee2415de
Analyzer Verdict Alert fortinet Phishing
GET /rs2/images/icon/no-hu.svg HTTP/1.1
Host: d1.debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:53 GMT
content-type: image/svg+xml
last-modified: Thu, 27 Oct 2022 08:14:16 GMT
etag: W/"635a3dd8-1b0"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CKdnEra8OU%2BFu79Gjh%2FEfyHSNzokd16k7uFhebL5JuPT8dr%2BtmOmkE2lkpQDeKgyvUBW92M03niI5F6mDSkKEL0%2Fqq6gODh3cNzEFwpW03I3zSREMLyqpYrzxmbNTpc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ec6b51c933b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
debet.info/_nuxt/7fa8415cc38cbdf541e6.js
104.26.15.14200 OK 33 kB URL HTTP/2 debet.info/_nuxt/7fa8415cc38cbdf541e6.js
IP 104.26.15.14:0
File type Unicode text, UTF-8 text, with very long lines (8051), with no line terminators
Hash 16404e7980b77086e8b07c7bd8b20e9b
cf13ed0e68d30d13180777e0921710ed84f6da28
7dbdeec1a6a3ef5d96547cb98c3359ba3c33264d993a025a6582593bcbf68eca
Analyzer Verdict Alert fortinet Phishing
GET /_nuxt/7fa8415cc38cbdf541e6.js HTTP/1.1
Host: debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Cookie: device=desktop; domain=https%3A%2F%2Fdebet.info; host=debet.info; _gcl_au=1.1.564911974.1669232874; _tt_enable_cookie=1; _ttp=9e31561d-f8c5-4aab-9809-9b220a7c5fcc; showPopupDomain=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:56 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Tue, 22 Nov 2022 13:10:41 GMT
etag: W/"1f8c-1849f764ffe"
server-timing: total;dur=0;desc="Nuxt Server Time"
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZPK8mHjfCWoD%2FXJtj04OTa278xhLHTzgcQ8ozje94nGpyZQwodPk%2BZDbkFiRKtuKqLz2hPnL7Ij6Knz37JErn5m0Ml5RTJaKu6s%2BvGWNtE5sa8ymLmg3k6HtWbg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ec6b631f34b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
d3.debet.info/img/2022/10/27/mini-pc.jpg
104.26.15.14200 OK 197 kB URL HTTP/2 d3.debet.info/img/2022/10/27/mini-pc.jpg
IP 104.26.15.14:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 3840x912, components 3\012- data
Size 197 kB (196886 bytes)
Hash 709e254aa639f26ba784fbfd831f20cc
b2a86df86029d6465af67447f716efcda10221e1
84c663d3bda06283b49733ed453010dbf7567885504d90df1700f556df4acd4d
GET /img/2022/10/27/mini-pc.jpg HTTP/1.1
Host: d3.debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Cookie: _gcl_au=1.1.564911974.1669232874; _tt_enable_cookie=1; _ttp=9e31561d-f8c5-4aab-9809-9b220a7c5fcc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:56 GMT
content-type: image/jpeg
content-length: 196886
last-modified: Thu, 27 Oct 2022 04:24:59 GMT
etag: "635a081b-30116"
access-control-allow-origin: *, *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WykaOfk7uzmKa7KSGHHLhmkbOWp7Sl2sXMpetnXhcuGsX8cDN%2F6wsBPpRlWUCcOHqSNaWLjEj1HbqZtTwGrI10iXeSsscrHo4tv%2BVXFXEoTuWxY6wG9YUTCcHo7nKo4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ec6b620d1bb517-OSL
X-Firefox-Spdy: h2
d1.debet.info/bmp/football/teams/1530.png
104.26.15.14200 OK 17 kB URL HTTP/2 d1.debet.info/bmp/football/teams/1530.png
IP 104.26.15.14:0
File type PNG image data, 2560 x 1707, 8-bit colormap, non-interlaced\012- data
Hash 94a3274305a8995a0942320160e5f278
104b2e623f6a16539e9d1696c6805fcbd0755427
819dde6e38b826362f4e8094ec48ec57211d86fd09a37136cf3d334a86f2a65a
GET /bmp/football/teams/1530.png HTTP/1.1
Host: d1.debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Cookie: _gcl_au=1.1.564911974.1669232874; _tt_enable_cookie=1; _ttp=9e31561d-f8c5-4aab-9809-9b220a7c5fcc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:57 GMT
content-type: image/png
content-length: 16745
x-powered-by: Express
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
x-ratelimit-limit: 10000
x-ratelimit-remaining: 9990
x-ratelimit-reset: 1669233051
cache-control: public, max-age=2592000
last-modified: Tue, 15 Nov 2022 12:10:39 GMT
etag: W/"4169-1847b32d3c0"
access-control-allow-origin: *
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=48d185l46MMwbAi0xLROXBgUI0WBuobafYJ0c1%2BBepZ8QLM6IAPWhUQq0G3%2FEz2gHDUl%2Bie7a7l4arTTBU7XAfMndZCS8JidqAcV5EkC6kVe1U7ovI4GlZs7OLfSZ14%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ec6b64d9cbb517-OSL
X-Firefox-Spdy: h2
d1.debet.info/bmp/football/teams/14.png
104.26.15.14200 OK 390 kB URL HTTP/2 d1.debet.info/bmp/football/teams/14.png
IP 104.26.15.14:0
File type PNG image data, 2560 x 1707, 8-bit/color RGB, non-interlaced\012- data
Size 390 kB (390109 bytes)
Hash d13ce2e291d386c16c1956fa4615cd84
5637c7df1e06c2dfd56b1a5d57d5a63a27ddc98c
21b8e80fbfdabf87f647c32d1c76665cf0434eda66f290a9f4b344847534847c
GET /bmp/football/teams/14.png HTTP/1.1
Host: d1.debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Cookie: _gcl_au=1.1.564911974.1669232874; _tt_enable_cookie=1; _ttp=9e31561d-f8c5-4aab-9809-9b220a7c5fcc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:56 GMT
content-type: image/png
content-length: 390109
x-powered-by: Express
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
x-ratelimit-limit: 10000
x-ratelimit-remaining: 9997
x-ratelimit-reset: 1669233051
cache-control: public, max-age=2592000
last-modified: Tue, 15 Nov 2022 12:10:40 GMT
etag: W/"5f3dd-1847b32d9e5"
access-control-allow-origin: *
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0h%2FUjnexft3QyaG66RVUru3C5s9q6Ew6LIxM%2FYbZsp8oUGtnUaI8GDTbCxTuigI3xSSUTS8xfKZaJD46Jw9KwWsvuvVEgsxWP%2FO2vu%2FU9NucwWw6OdfOsWuq1iiGOiI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ec6b64e9e9b517-OSL
X-Firefox-Spdy: h2
d3.debet.info/img/2022/11/23/keo-thom-pc.jpg
104.26.15.14200 OK 275 kB URL HTTP/2 d3.debet.info/img/2022/11/23/keo-thom-pc.jpg
IP 104.26.15.14:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 3840x912, components 3\012- data
Size 275 kB (274719 bytes)
Hash 0c667ba61acf02d3c14088340b592de3
52706b5be7fde1ca7740f1182f0d929bc53c1faa
cb6cb76775bd2c0fae8333868cf01991098ab0857af8d69f990e99a734c18a42
GET /img/2022/11/23/keo-thom-pc.jpg HTTP/1.1
Host: d3.debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Cookie: _gcl_au=1.1.564911974.1669232874; _tt_enable_cookie=1; _ttp=9e31561d-f8c5-4aab-9809-9b220a7c5fcc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:56 GMT
content-type: image/jpeg
content-length: 274719
last-modified: Wed, 23 Nov 2022 14:58:28 GMT
etag: "637e3514-4311f"
access-control-allow-origin: *, *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cjb3ekzfIPohtbAyld4hxA%2F77wouQZhehHGG2%2BMP9Lt7O3TCcQ7TZ1m0fgTe%2BZ2taiR2D6fOwyOGf8GiXJaXPdYu1JHbNIJu%2BIzGx7cRK8Qthwkn%2FDFLXCtI3dOtlgo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ec6b620d18b517-OSL
X-Firefox-Spdy: h2
debet.info/_nuxt/2c11c021b89d5aa2cd0e.0.css
104.26.15.14200 OK 223 kB URL HTTP/2 debet.info/_nuxt/2c11c021b89d5aa2cd0e.0.css
IP 104.26.15.14:0
File type ASCII text, with no line terminators
Size 223 kB (222904 bytes)
Hash 4c474c2fabec2f0fa56cad9f335b7354
a15256488d92ebdcc1a89446489abe9a33d6fb0a
6895bd99490a9d5ea54cf043b4527dab43a491e02eaaf62d54512dc771399b60
GET /_nuxt/2c11c021b89d5aa2cd0e.0.css HTTP/1.1
Host: debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Cookie: device=desktop; domain=https%3A%2F%2Fdebet.info; host=debet.info; _gcl_au=1.1.564911974.1669232874; _tt_enable_cookie=1; _ttp=9e31561d-f8c5-4aab-9809-9b220a7c5fcc
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:55 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Tue, 22 Nov 2022 13:10:41 GMT
etag: W/"126-1849f764ff0"
server-timing: total;dur=0;desc="Nuxt Server Time"
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Cz79ye4uGKH3J7nW7a2Ykaf3szgC8vjsjm6RTmO1PUmHw6fWdI7dtT1V1OJNa1PhmOaarndFuP4GqeP3kpRb%2BfjwATq7W%2FDU5iDyk6BwGa8bqOYwCOUzscbxDc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ec6b5fe9e4b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
d1.debet.info/rs2/images/icon/quay-so.svg
104.26.15.14200 OK 350 kB URL HTTP/2 d1.debet.info/rs2/images/icon/quay-so.svg
IP 104.26.15.14:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (881)
Size 350 kB (350107 bytes)
Hash 5a7b72897e0dd0c7350acc28f8882703
3106048ece9015de6237c04bc437ff11be5dfc28
8a25a5e854fc06fe867cc0b69876e0fa7073d93352cf7484e9251a620d6a09cc
Analyzer Verdict Alert fortinet Phishing
GET /rs2/images/icon/quay-so.svg HTTP/1.1
Host: d1.debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:53 GMT
content-type: image/svg+xml
last-modified: Thu, 27 Oct 2022 08:14:16 GMT
etag: W/"635a3dd8-f8a"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sLNz%2FW7dndmBdRLbS1z6NFYMfHBn4LJJCjO7OZkR13qo2bablMm5GdQeQa6ZXXfe3XGi9NhmUgyfFE5jS8aNQ%2BT%2FYkQsZ57mvBm4vOvlRE8xiTY1oAZnQ%2B%2Fp9UAmaqw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ec6b51c92ab517-OSL
content-encoding: br
X-Firefox-Spdy: h2
d1.debet.info/bmp/football/teams/17.png
104.26.15.14200 OK 94 kB URL HTTP/2 d1.debet.info/bmp/football/teams/17.png
IP 104.26.15.14:0
File type PNG image data, 2560 x 1707, 8-bit/color RGB, non-interlaced\012- data
Hash 9e91551adc3a56efb926851a78ea3fe3
897789fc5cf5c35cdfa2ad7483581027dd451398
24ced1601f3e572586f73dbd277685ac6f9f51441e92b086e30f4ecdef4738b0
GET /bmp/football/teams/17.png HTTP/1.1
Host: d1.debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Cookie: _gcl_au=1.1.564911974.1669232874; _tt_enable_cookie=1; _ttp=9e31561d-f8c5-4aab-9809-9b220a7c5fcc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:57 GMT
content-type: image/png
content-length: 94087
x-powered-by: Express
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
x-ratelimit-limit: 10000
x-ratelimit-remaining: 9984
x-ratelimit-reset: 1669233051
cache-control: public, max-age=2592000
last-modified: Tue, 15 Nov 2022 12:10:38 GMT
etag: W/"16f87-1847b32cfb1"
access-control-allow-origin: *
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FSZqnQRqKXLHsAPOszbLskRJvHoPivuYFUDUoPLcTbm%2F0uzDu7RqdwTYBABBIKv3wsZoH1xY3Yop8r%2B6AaTBijjDLjgZi8rzr70rvwdHKY4HpQajXaAhzvdWVzZUfkw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ec6b64d9d9b517-OSL
X-Firefox-Spdy: h2
d3.debet.info/img/2022/11/17/thai-binh-duong-pc.jpg
104.26.15.14200 OK 370 kB URL HTTP/2 d3.debet.info/img/2022/11/17/thai-binh-duong-pc.jpg
IP 104.26.15.14:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 3840x912, components 3\012- data
Size 370 kB (370492 bytes)
Hash 7cf16535ad3a218c719c08849ba97eed
cc7cbb5ffab3a9912a26b179f2d91dbdd81a16aa
08ca2bb654578acb435dc731db8057111d546ffcb99ad11eea89828b125389be
GET /img/2022/11/17/thai-binh-duong-pc.jpg HTTP/1.1
Host: d3.debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Cookie: _gcl_au=1.1.564911974.1669232874; _tt_enable_cookie=1; _ttp=9e31561d-f8c5-4aab-9809-9b220a7c5fcc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:57 GMT
content-type: image/jpeg
content-length: 370492
last-modified: Thu, 17 Nov 2022 07:42:19 GMT
etag: "6375e5db-5a73c"
access-control-allow-origin: *, *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ir%2Bxs%2BC38AB6wPKWLgmDQbjXN27W9eDWHaBR7v%2BJLDqSbDw70%2FcWIH0La9p2gtZQAj68Kf7r4CnWbI4J8N1n%2BP4Y7W9dS6MRtfwcc06wTMDqyu6p4VTaX4yJceG8in0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ec6b620d1cb517-OSL
X-Firefox-Spdy: h2
d1.debet.info/bmp/football/teams/27.png
104.26.15.14200 OK 222 kB URL HTTP/2 d1.debet.info/bmp/football/teams/27.png
IP 104.26.15.14:0
File type PNG image data, 2560 x 1707, 8-bit/color RGB, non-interlaced\012- data
Size 222 kB (222091 bytes)
Hash 01c623b9c0611cd653b443e3e5131568
fe6baad15e26861910d10f080e9599e6b8986a89
390341354ff9956568da604a8366de7a4b6c151a9648323b5068ede1faa02756
GET /bmp/football/teams/27.png HTTP/1.1
Host: d1.debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Cookie: _gcl_au=1.1.564911974.1669232874; _tt_enable_cookie=1; _ttp=9e31561d-f8c5-4aab-9809-9b220a7c5fcc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:57 GMT
content-type: image/png
content-length: 222091
x-powered-by: Express
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
x-ratelimit-limit: 10000
x-ratelimit-remaining: 9998
x-ratelimit-reset: 1669233051
cache-control: public, max-age=2592000
last-modified: Tue, 15 Nov 2022 12:10:38 GMT
etag: W/"3638b-1847b32d1e3"
access-control-allow-origin: *
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WFUfLWXYa%2FwzT%2BSNHeEh9o5DFW%2BKF3n9QqN6%2BtsMIo8q43iySSLR0Cp%2BU5ooQiMKTXJxjWpa2vhZRwP5DphBdwSEz1srnpbQZf4YYmn%2BwZvnbzKU7YYET%2Fl5%2FwAKQYc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ec6b64e9e1b517-OSL
X-Firefox-Spdy: h2
d1.debet.info/bmp/football/teams/7.png
104.26.15.14200 OK 103 kB URL HTTP/2 d1.debet.info/bmp/football/teams/7.png
IP 104.26.15.14:0
File type PNG image data, 2560 x 1707, 8-bit/color RGB, non-interlaced\012- data
Size 103 kB (103196 bytes)
Hash b2337d2b6c93052b0b70efa7c35abe76
ea0a64d18103fef3a37e0b1eb1a267ec8e3f53e3
b1b6c3c134b24d77bcba800a23ad58b6dc853f0879d7ae226676a83c75a1f9fc
GET /bmp/football/teams/7.png HTTP/1.1
Host: d1.debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Cookie: _gcl_au=1.1.564911974.1669232874; _tt_enable_cookie=1; _ttp=9e31561d-f8c5-4aab-9809-9b220a7c5fcc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:57 GMT
content-type: image/png
content-length: 103196
x-powered-by: Express
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
x-ratelimit-limit: 10000
x-ratelimit-remaining: 9989
x-ratelimit-reset: 1669233051
cache-control: public, max-age=2592000
last-modified: Tue, 15 Nov 2022 12:10:39 GMT
etag: W/"1931c-1847b32d3e7"
access-control-allow-origin: *
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FE%2FQDoAjfZPe9MDXiEfpzIWK74eLXnYHZPMWQS2vQVG00I2tN55OD4sWbnvBxhvYaIiZrSF4xiZ0BNDaDSWK8F8RCRq9xNlM%2BZiRuCdoUKADxRHKmqK20JfJ4r%2FVYgo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ec6b64d9d8b517-OSL
X-Firefox-Spdy: h2
d3.debet.info/img/2022/11/17/event-pc1.jpg
104.26.15.14200 OK 482 kB URL HTTP/2 d3.debet.info/img/2022/11/17/event-pc1.jpg
IP 104.26.15.14:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 3840x912, components 3\012- data
Size 482 kB (482298 bytes)
Hash 79157b382a480110d77c064333830f66
94927d4e475d940ed7e0a770dca84c2e04ac8c5a
2c16745ab7dc78f42b82fc3c851bf6f06edba28d148e844a247b246c6f8c273e
GET /img/2022/11/17/event-pc1.jpg HTTP/1.1
Host: d3.debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Cookie: _gcl_au=1.1.564911974.1669232874; _tt_enable_cookie=1; _ttp=9e31561d-f8c5-4aab-9809-9b220a7c5fcc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:56 GMT
content-type: image/jpeg
content-length: 482298
last-modified: Thu, 17 Nov 2022 08:14:44 GMT
etag: "6375ed74-75bfa"
access-control-allow-origin: *, *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3sBkay2dS53YvzU4HiNRDy67gITf5oPXZzlz4wM3YcoEF%2BRXI2H7iG6ERLcVwjSwqtho9Jya2JF%2B5SHi8a%2BWJnNeupylfnAJXPAI%2BPKVdcFYPq8YcbpxFX6fwo9sz9w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ec6b620d12b517-OSL
X-Firefox-Spdy: h2
d1.debet.info/bmp/football/teams/6.png
104.26.15.14200 OK 150 kB URL HTTP/2 d1.debet.info/bmp/football/teams/6.png
IP 104.26.15.14:0
File type PNG image data, 2560 x 1794, 8-bit/color RGBA, non-interlaced\012- data
Size 150 kB (149843 bytes)
Hash 1409b550861a83dd75857a6b512273f7
522d64f18951b78e84d4bbf4cbc55d1b7f53aa1f
07cbb4dfa66f4303a7ccb3c4aef66c5438da72ddf591a7baf9a7d295ac1819c6
GET /bmp/football/teams/6.png HTTP/1.1
Host: d1.debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Cookie: _gcl_au=1.1.564911974.1669232874; _tt_enable_cookie=1; _ttp=9e31561d-f8c5-4aab-9809-9b220a7c5fcc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:57 GMT
content-type: image/png
content-length: 149843
x-powered-by: Express
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
x-ratelimit-limit: 10000
x-ratelimit-remaining: 9987
x-ratelimit-reset: 1669233051
cache-control: public, max-age=2592000
last-modified: Tue, 15 Nov 2022 12:10:39 GMT
etag: W/"24953-1847b32d5eb"
access-control-allow-origin: *
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zzm2tAvFrB4NxR%2BplDyvwOgrJt5Qg39LJ8MunvAqfVk1OYQdnWGWQzvbQ2FRqojp4U37Rx5ebFK1N60GtOnadJ4PBShw8jtd2uO%2B7944YYbmOwcCSyCh6oVAncdAFYA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ec6b64e9e5b517-OSL
X-Firefox-Spdy: h2
d1.debet.info/bmp/football/teams/2382.png
104.26.15.14200 OK 321 kB URL HTTP/2 d1.debet.info/bmp/football/teams/2382.png
IP 104.26.15.14:0
File type PNG image data, 2560 x 1707, 8-bit/color RGB, non-interlaced\012- data
Size 321 kB (320814 bytes)
Hash b51636f2b2163198e141d18bd475e62d
0f575e6ed6a29e50ac065d1ecf45fd36f906ea5b
d3ca12dc4667b2c2a8cc7de80219c5bb0895a9cee11ed5a717cc8254d39b726b
GET /bmp/football/teams/2382.png HTTP/1.1
Host: d1.debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Cookie: _gcl_au=1.1.564911974.1669232874; _tt_enable_cookie=1; _ttp=9e31561d-f8c5-4aab-9809-9b220a7c5fcc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:57 GMT
content-type: image/png
content-length: 320814
x-powered-by: Express
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
x-ratelimit-limit: 10000
x-ratelimit-remaining: 9988
x-ratelimit-reset: 1669233051
cache-control: public, max-age=2592000
last-modified: Tue, 15 Nov 2022 12:10:34 GMT
etag: W/"4e52e-1847b32c084"
access-control-allow-origin: *
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=65L%2FJKG4R3cXLa0c%2BioQya%2BQcEsGK0d6oG0K1H%2BkMHemzLrFbVtdqe1%2FOD7GDK3AtK5XkzbRsQI4HjIoAi3ilfsf9hy6ZvXfFnn%2FFmOC6m8x4rFIn1a8BG1NgU%2BcJpg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ec6b64f9ffb517-OSL
X-Firefox-Spdy: h2
debet.info/_nuxt/8f7932756b7d76ec5199.js
104.26.15.14200 OK 3.9 kB URL HTTP/2 debet.info/_nuxt/8f7932756b7d76ec5199.js
IP 104.26.15.14:0
File type Unicode text, UTF-8 text, with very long lines (11556), with no line terminators
Hash fb877db27fad2919dcd20bcc93597d99
5466c6f66a7ee70def7371540e92c863bdb5e4b0
4fc66b87b63b8349a7e5486ab1fd97912af3549f860d0d827470aa5a7df932a9
Analyzer Verdict Alert fortinet Phishing
GET /_nuxt/8f7932756b7d76ec5199.js HTTP/1.1
Host: debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Cookie: device=desktop; domain=https%3A%2F%2Fdebet.info; host=debet.info; _gcl_au=1.1.564911974.1669232874; _tt_enable_cookie=1; _ttp=9e31561d-f8c5-4aab-9809-9b220a7c5fcc; showPopupDomain=true; whitelist=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:57 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Tue, 22 Nov 2022 13:10:41 GMT
etag: W/"2d9a-1849f764ff9"
server-timing: total;dur=0;desc="Nuxt Server Time"
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rbvLhkpHgEbJI1GkhTPFnuGBjVDqzklsQc00sLO7Zh3KZ2WVWMZE2YCtZ5%2B1u8e1Q5Mb1ZqlsADFkz49z2ZSEGXXKDnbqTWcp%2B2ZnNVAlVg8iiG3oqnzQ9JSKuw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ec6b6a2c10b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
debet.info/_nuxt/783d0d1ce0bb0c63dacc.js
104.26.15.14200 OK 22 kB URL HTTP/2 debet.info/_nuxt/783d0d1ce0bb0c63dacc.js
IP 104.26.15.14:0
File type Unicode text, UTF-8 text, with very long lines (8062), with no line terminators
Hash fff24744902c480fe27a89dbbce006a6
969cf0a89e28506168407e4066013803473922ba
ea5f6592c2e71cd69b5ee733a1ad2e4c3895e1dd45ec9e41dc1d2ba5efc602e7
Analyzer Verdict Alert fortinet Phishing
GET /_nuxt/783d0d1ce0bb0c63dacc.js HTTP/1.1
Host: debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Cookie: device=desktop; domain=https%3A%2F%2Fdebet.info; host=debet.info; _gcl_au=1.1.564911974.1669232874; _tt_enable_cookie=1; _ttp=9e31561d-f8c5-4aab-9809-9b220a7c5fcc; showPopupDomain=true; whitelist=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:57 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Tue, 22 Nov 2022 13:10:41 GMT
etag: W/"1f97-1849f764ffe"
server-timing: total;dur=0;desc="Nuxt Server Time"
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mKxl2UB4S0YG8aQ5S2snGdSuWeQSQm8f%2BTnbl2a8%2BgxBA%2BjuBTLqJfMkJFL7%2FvK2ENSwlfz3XlEWgmJo3dq0T2zG8xC6wbqeCNmlCCCA%2BEPXcMUrWz3T3BorSdw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ec6b6a3c2db517-OSL
content-encoding: br
X-Firefox-Spdy: h2
debet.info/_nuxt/2c11c021b89d5aa2cd0e.pages/lode-dai-phat.css
104.26.15.14200 OK 27 kB URL HTTP/2 debet.info/_nuxt/2c11c021b89d5aa2cd0e.pages/lode-dai-phat.css
IP 104.26.15.14:0
Hash 056623a9f3797bdd6b6cb69a6e1a8129
d2e959e487f0386ec1cae909a19c7486bcc5a715
921b272d7b625d9fdcf423123e74d97bc3731588c7116b50d14768e26f0e38bc
GET /_nuxt/2c11c021b89d5aa2cd0e.pages/lode-dai-phat.css HTTP/1.1
Host: debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Cookie: device=desktop; domain=https%3A%2F%2Fdebet.info; host=debet.info; _gcl_au=1.1.564911974.1669232874; _tt_enable_cookie=1; _ttp=9e31561d-f8c5-4aab-9809-9b220a7c5fcc; showPopupDomain=true; whitelist=true
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:57 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Tue, 22 Nov 2022 13:10:41 GMT
etag: W/"0-1849f764ffe"
server-timing: total;dur=0;desc="Nuxt Server Time"
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AiT9wfX6uVM5c8Cv8ktnu2WYDAwKCNaOFsd9qcLAkgW38uOhiZTD57O9CSDfy%2FYBXqMdLR1YcSxiw9%2BCp0RWDi9%2Fl%2Bk%2BarQvBMWCBYRBF2RML0L21lFOMmHTpyE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ec6b696a97b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
debet.info/_nuxt/2c11c021b89d5aa2cd0e.pages/lode-sieu-toc.css
104.26.15.14200 OK 472 B URL HTTP/2 debet.info/_nuxt/2c11c021b89d5aa2cd0e.pages/lode-sieu-toc.css
IP 104.26.15.14:0
Hash 888546913e924a2538b26b50dd01bd86
8cb47d2807832f5219b66fa7b37a0d38e4aaea85
91738b0c17339ecbeb34c9d027d0ebf6e415600bad4125ae43afb87f0c947def
GET /_nuxt/2c11c021b89d5aa2cd0e.pages/lode-sieu-toc.css HTTP/1.1
Host: debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Cookie: device=desktop; domain=https%3A%2F%2Fdebet.info; host=debet.info; _gcl_au=1.1.564911974.1669232874; _tt_enable_cookie=1; _ttp=9e31561d-f8c5-4aab-9809-9b220a7c5fcc; showPopupDomain=true; whitelist=true
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:57 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Tue, 22 Nov 2022 13:10:41 GMT
etag: W/"0-1849f764fff"
server-timing: total;dur=0;desc="Nuxt Server Time"
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=46svbBdRWtYVMGtSCUWzce1WQ7FYZN1l%2Fu3pa%2FU1HA0CAZO9VxGaRhM%2BTt0aqHrlUuw3%2FRLU4v4%2BF6bc8os4KuE4XKwetITnCkQ5S7wg%2FPRd1eD2orRE2ERJ1zA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ec6b6a2bfeb517-OSL
content-encoding: br
X-Firefox-Spdy: h2
analytics-s4.com//matomo.js
172.67.216.8200 OK 470 kB URL HTTP/2 analytics-s4.com//matomo.js
IP 172.67.216.8:0
File type ASCII text, with very long lines (1601)
Size 470 kB (470120 bytes)
Hash 487b9c6c4fd324d5ed51e04e92cf2b1a
a9fccc8f9f5d1aa0846e43f0161e16f9411b5551
bb8e12151904689e8706caefb1ec8fada482e0be798636179417dbed84541002
GET //matomo.js HTTP/1.1
Host: analytics-s4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:56 GMT
content-type: application/javascript
last-modified: Wed, 16 Nov 2022 10:17:30 GMT
etag: W/"6374b8ba-10132"
expires: Wed, 23 Nov 2022 20:47:55 GMT
cache-control: public, max-age=14400
pragma: public
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u9%2BtBDgqYfH5E8dR3Eh3zYlPeVAo7rtzo3q3meqB0sdjYuzd0mjd4W9YnJuJy%2B%2BvNV2Tbu7ISFsiGBGV8OjuHHMk0Srz8OT5pdQtpv8vub3bvwgXp%2BhOLJmFYzDcv0IULW24"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ec6b6049220b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
script.hotjar.com/modules.142ca8ad0099c834b74b.js
143.204.55.96200 OK 69 kB URL HTTP/2 script.hotjar.com/modules.142ca8ad0099c834b74b.js
IP 143.204.55.96:0
File type Unicode text, UTF-8 text, with very long lines (48714)
Hash 89212b5c8abb5621e2a22cf9215bd643
2b18176c96f995460cd9d4e5282a65232629f342
f07b1382d3ba11923089aaf8c381cc515bd0f5b25f46472a84c228deb4a5dde5
GET /modules.142ca8ad0099c834b74b.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 68590
date: Wed, 23 Nov 2022 13:10:06 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "89212b5c8abb5621e2a22cf9215bd643"
last-modified: Wed, 23 Nov 2022 13:09:18 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: xpbpY1q0MMyFuA77ZYGshaAfQrAtcXxvRpptZamCDEeu0dgspiyvbQ==
age: 23872
X-Firefox-Spdy: h2
vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
143.204.55.105200 OK 1.0 kB URL HTTP/2 vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
IP 143.204.55.105:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Hash e0652b84b7b3b650769c759fc520c3f8
0b55d6e28613350c7f41b88f19e726e6751ad03b
94b4c240f83065223dcacdd3f8b69cb229d0616edc3e2041eef3e270d859fc3d
GET /box-5e66f98b4ee957db209dc6f63e3d59dd.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1035
date: Wed, 23 Nov 2022 13:10:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "e0652b84b7b3b650769c759fc520c3f8"
last-modified: Wed, 23 Nov 2022 13:09:18 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ppP48Scb4BopU6WTR01yINkLV-bon0NvPGbVFfh_GwgZRZAlI8ox5g==
age: 23872
X-Firefox-Spdy: h2
debet.info/_nuxt/2c11c021b89d5aa2cd0e.pages/_.pages/huong-dan.pages/ricbet-huong-dan.css
104.26.15.14200 OK 3.4 kB URL HTTP/2 debet.info/_nuxt/2c11c021b89d5aa2cd0e.pages/_.pages/huong-dan.pages/ricbet-huong-dan.css
IP 104.26.15.14:0
File type ASCII text, with very long lines (17378), with no line terminators
Hash a8f30f2ada73f45e6f2134eb1739972b
4afb4576a8b5772f49dcdf4c2441068a2feb1ae3
7fa55f902011c3d2bb28bdb0bc219bd1b1317b18b8721f22a3a42ed34869cd01
GET /_nuxt/2c11c021b89d5aa2cd0e.pages/_.pages/huong-dan.pages/ricbet-huong-dan.css HTTP/1.1
Host: debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Cookie: device=desktop; domain=https%3A%2F%2Fdebet.info; host=debet.info; _gcl_au=1.1.564911974.1669232874; _tt_enable_cookie=1; _ttp=9e31561d-f8c5-4aab-9809-9b220a7c5fcc; showPopupDomain=true; whitelist=true
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:57 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Tue, 22 Nov 2022 13:10:41 GMT
etag: W/"43e2-1849f764ff3"
server-timing: total;dur=0;desc="Nuxt Server Time"
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GqRCTUlgZUOJTbDULBlw83wSF%2Bk%2BwUuxu96ZujUGBKmJ9LhPyxeef895ZggEELhfGNR4URx1putPSY87A%2FK%2FPqlA6CgJlsZ%2BKtQ1WBA8RvWOmEtO80HDTKX%2BRT0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ec6b6a2c01b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 607141dbdf7250468288835dd37f20ea
d4dd5d2e9a45480a496892fc296373baa907f341
6733f0430f4ad237bd1c48d089885abaddaffad971d433d8da4038205a47c7d4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=103734
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 19:47:58 GMT
Etag: "637d6b24-116"
Expires: Fri, 25 Nov 2022 00:36:52 GMT
Last-Modified: Wed, 23 Nov 2022 00:36:52 GMT
Server: nginx
Content-Length: 278
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b2b92f1110c82662bfa1addc9bab3130
d6f86300cbfd5b21b3d505c08ffd6edef34b654a
6914944644172d563d0d7c2a5084690fce86ead13949ff29f42842d4bb6e0734
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 19:47:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-154730764-1&cid=1248888150.1669232878&jid=86738281&gjid=1370910781&_gid=2068111065.1669232878&_u=YEBAAEAAAAAAACAAI~&z=399133587
142.251.1.154200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-154730764-1&cid=1248888150.1669232878&jid=86738281&gjid=1370910781&_gid=2068111065.1669232878&_u=YEBAAEAAAAAAACAAI~&z=399133587
IP 142.251.1.154:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-154730764-1&cid=1248888150.1669232878&jid=86738281&gjid=1370910781&_gid=2068111065.1669232878&_u=YEBAAEAAAAAAACAAI~&z=399133587 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://debet.info
Connection: keep-alive
Referer: https://debet.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://debet.info
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 23 Nov 2022 19:47:58 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
vc.hotjar.io/sessions/1618335?s=0.25&r=0.23321834553516774
54.230.111.91204 No Content 0 B URL HTTP/2 vc.hotjar.io/sessions/1618335?s=0.25&r=0.23321834553516774
IP 54.230.111.91:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sessions/1618335?s=0.25&r=0.23321834553516774 HTTP/1.1
Host: vc.hotjar.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://debet.info
Connection: keep-alive
Referer: https://debet.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-origin: *
cache-control: no-store
date: Wed, 23 Nov 2022 19:47:58 GMT
server: Python/3.7 aiohttp/3.5.4
x-cache: Miss from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: YqGeTBlkWnCcGrpa1D2LzKnEQ_MFozTMVCQLeiLSj3ZIh7iyV1hOpg==
X-Firefox-Spdy: h2
debet.info/_nuxt/aedce443e8612f4d26c6.js
104.26.15.14200 OK 58 kB URL HTTP/2 debet.info/_nuxt/aedce443e8612f4d26c6.js
IP 104.26.15.14:0
File type Unicode text, UTF-8 text, with very long lines (4694), with no line terminators
Hash f0965cc3f6fec7f0ac84b5cb52693582
dc873a9e08397732764d7a725a36fdb55d0a4036
a2fc9be839bf5c5e110f2bcf4fd146fc6f307d2664d436fa0e1063c3fa4803f1
Analyzer Verdict Alert fortinet Phishing
GET /_nuxt/aedce443e8612f4d26c6.js HTTP/1.1
Host: debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Cookie: device=desktop; domain=https%3A%2F%2Fdebet.info; host=debet.info; _gcl_au=1.1.564911974.1669232874; _tt_enable_cookie=1; _ttp=9e31561d-f8c5-4aab-9809-9b220a7c5fcc; showPopupDomain=true; whitelist=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:57 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Tue, 22 Nov 2022 13:10:41 GMT
etag: W/"1285-1849f764ffe"
server-timing: total;dur=0;desc="Nuxt Server Time"
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KHx9su4N3m3pRJFFF%2FKarQmg86PTnDO1TB3HT589qMh3De6N4Z58tK1JptUIdpUE4ONKx9X9oJsi7U9HZhArZQ4dsT9qNdWnFXjOY5O%2FnclrP%2BpkBxGdQfzfAso%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ec6b685867b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b2b92f1110c82662bfa1addc9bab3130
d6f86300cbfd5b21b3d505c08ffd6edef34b654a
6914944644172d563d0d7c2a5084690fce86ead13949ff29f42842d4bb6e0734
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 19:47:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash c04aed338f8610ba6b0acc4ab749c52e
9cce76bf45ca7cb7e101d6c5c8013ecc83f188a4
4d4e0d35a6f2357ff749b146e4f0fdff7f5f8631b3e6efee952f5c82fb256fbd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 19:47:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ae7674294f5a17ef8761b33ac4dad848
30a771e623dd1e3cb8694bb5f71393aaa9e87b6a
cac85ed50ce25c45d5093aaaa231a0d1cd9667f47bd2312947070ba202c5d96b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 19:47:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-154730764-1&cid=1248888150.1669232878&jid=86738281&_u=YEBAAEAAAAAAACAAI~&z=659831592
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-154730764-1&cid=1248888150.1669232878&jid=86738281&_u=YEBAAEAAAAAAACAAI~&z=659831592
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-154730764-1&cid=1248888150.1669232878&jid=86738281&_u=YEBAAEAAAAAAACAAI~&z=659831592 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 19:47:58 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
d1.debet.info/rs2/images/icon/ingame.svg
104.26.15.14200 OK 45 kB URL HTTP/2 d1.debet.info/rs2/images/icon/ingame.svg
IP 104.26.15.14:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1129)
Hash 79b4d6b1c8456c8bd7b77865f9fdbd05
c75735a860fa04c80e0c0759f3b85dfa12c08cbe
0e07bb882c362b2f56871b114ae8dbac33277a2f5e07ad31a13d5233abfe8701
Analyzer Verdict Alert fortinet Phishing
GET /rs2/images/icon/ingame.svg HTTP/1.1
Host: d1.debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:53 GMT
content-type: image/svg+xml
last-modified: Thu, 27 Oct 2022 08:14:16 GMT
etag: W/"635a3dd8-a9f"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bM4U2n6s%2B9q7IVehzp0RCDpPUE9jZKJy%2BAZFEEqUi07HmfAC2YdrNQPX7y1NwGmBzj79Wk3Tj9Vo%2B4pixcijJq0kXKB2qvYQw%2FH43S8zR%2Fa7K2MPT%2FEju5qcmmDviZY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ec6b51c937b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash c04aed338f8610ba6b0acc4ab749c52e
9cce76bf45ca7cb7e101d6c5c8013ecc83f188a4
4d4e0d35a6f2357ff749b146e4f0fdff7f5f8631b3e6efee952f5c82fb256fbd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 19:47:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 8069f5e67c25fc0b7388ba5d4decd8c9
64a85ba44c80ea206f4382f573c3d61e4f607ccf
7587cd04333ddf1cff15ae219cb8fca0618786a9fe4cee989975f4d50889e72a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 19:47:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
c.clarity.ms/c.gif
20.234.93.27302 Found 0 B IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?CtsSyncId=9FA0E4D6635845C280C53B74968213CF&RedC=c.clarity.ms&MXFR=3A12D1FD923F66610048C398963F68AE
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure;
MUID=3A12D1FD923F66610048C398963F68AE; domain=.clarity.ms; expires=Mon, 18-Dec-2023 19:47:58 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Wed, 23 Nov 2022 19:47:57 GMT
content-length: 0
X-Firefox-Spdy: h2
c.bing.com/c.gif?CtsSyncId=9FA0E4D6635845C280C53B74968213CF&RedC=c.clarity.ms&MXFR=3A12D1FD923F66610048C398963F68AE
204.79.197.200302 Found 0 B URL HTTP/2 c.bing.com/c.gif?CtsSyncId=9FA0E4D6635845C280C53B74968213CF&RedC=c.clarity.ms&MXFR=3A12D1FD923F66610048C398963F68AE
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif?CtsSyncId=9FA0E4D6635845C280C53B74968213CF&RedC=c.clarity.ms&MXFR=3A12D1FD923F66610048C398963F68AE HTTP/1.1
Host: c.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://debet.info/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?CtsSyncId=9FA0E4D6635845C280C53B74968213CF&MUID=3CFCE6503CE461F427F3F4353DB36029
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SRM_B=3CFCE6503CE461F427F3F4353DB36029; domain=c.bing.com; expires=Mon, 18-Dec-2023 19:47:58 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A545D3BD66BF4B9E94CF1D664B33A53B Ref B: OSL30EDGE0307 Ref C: 2022-11-23T19:47:58Z
date: Wed, 23 Nov 2022 19:47:57 GMT
content-length: 0
X-Firefox-Spdy: h2
c.clarity.ms/c.gif?CtsSyncId=9FA0E4D6635845C280C53B74968213CF&MUID=3CFCE6503CE461F427F3F4353DB36029
20.234.93.27200 OK 42 B URL HTTP/2 c.clarity.ms/c.gif?CtsSyncId=9FA0E4D6635845C280C53B74968213CF&MUID=3CFCE6503CE461F427F3F4353DB36029
IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 1 x 1\012- data
Hash 32023bb33cfb2a1990a4ef2d85b6ac16
23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
GET /c.gif?CtsSyncId=9FA0E4D6635845C280C53B74968213CF&MUID=3CFCE6503CE461F427F3F4353DB36029 HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://debet.info/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
content-type: image/gif
last-modified: Thu, 13 Oct 2022 20:07:05 GMT
accept-ranges: bytes
etag: "40db785d3fdfd81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Wed, 23-Nov-2022 19:57:58 GMT; path=/; SameSite=None; Secure;
date: Wed, 23 Nov 2022 19:47:58 GMT
content-length: 42
X-Firefox-Spdy: h2
d1.debet.com/rs2/fav/favicon-16x16.png
104.26.6.30200 OK 1.3 kB URL HTTP/2 d1.debet.com/rs2/fav/favicon-16x16.png
IP 104.26.6.30:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash d4586f55ab8a3c31c4a9338b73320011
47e9f03542af7ff4b339658a156e502124a1940c
e46a8898dd6a9deac9cca8f32bfbb4cf58c501478d303ad726710508b74643e0
Analyzer Verdict Alert quad9 Sinkholed
GET /rs2/fav/favicon-16x16.png HTTP/1.1
Host: d1.debet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:58 GMT
content-type: image/png
content-length: 1307
last-modified: Mon, 25 Nov 2019 04:30:17 GMT
etag: "5ddb58d9-51b"
access-control-allow-origin: *
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pq%2BZOEE5XM7ZhvLOhx7T%2BkbLsRNtVlTYAOj95EtNrsOEwoOKBy1qRlE4PbGrdaGVeiocIKDoh%2Bdp0DdxQtQXoLdIkgbXGEBMjWvtUd9Sprv92ZYm3Kck%2FmH8gxfUYg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ec6b70db2c1c06-OSL
X-Firefox-Spdy: h2
b.clarity.ms/collect
20.75.32.255204 No Content 0 B IP 20.75.32.255:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 698
Origin: https://debet.info
Connection: keep-alive
Referer: https://debet.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://debet.info
access-control-allow-credentials: true
date: Wed, 23 Nov 2022 19:47:58 GMT
X-Firefox-Spdy: h2
socket.debet.info/socket.io/?EIO=4&transport=polling&t=OIc25Xl&sid=vkmGUk8zOg90ZtcBBJYZ
104.26.15.14200 OK 81 kB URL HTTP/2 socket.debet.info/socket.io/?EIO=4&transport=polling&t=OIc25Xl&sid=vkmGUk8zOg90ZtcBBJYZ
IP 104.26.15.14:0
Hash 37569c5097109630dd65f5b109afad87
c29755664b2611a719194d3bc5ed2d81f3981b18
878f1a5ba45c2dc01d6ff850fc72d99f5824c9f2937b1ae068c0d655b657c4ad
GET /socket.io/?EIO=4&transport=polling&t=OIc25Xl&sid=vkmGUk8zOg90ZtcBBJYZ HTTP/1.1
Host: socket.debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://debet.info
Connection: keep-alive
Referer: https://debet.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:56 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dc7l%2FvIUBUwOAgchs%2FPsTercaxN7JxG%2BAtsMXAaKxl5GuYhEQ7RQwGbP%2BIX%2Bfs6IkG9iDSuejszGpjFE%2BwNHOvWNeIxlLVz61cQVUi4Z7iWipexN3GhNRS%2FgubGs%2F%2FDEtHIk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ec6b614c0eb518-OSL
content-encoding: br
X-Firefox-Spdy: h2
b.clarity.ms/collect
20.75.32.255204 No Content 0 B IP 20.75.32.255:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 65924
Origin: https://debet.info
Connection: keep-alive
Referer: https://debet.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://debet.info
access-control-allow-credentials: true
date: Wed, 23 Nov 2022 19:47:58 GMT
X-Firefox-Spdy: h2
debet.info/_nuxt/2c11c021b89d5aa2cd0e.pages/index.pages/seagames.pages/transfer-money.css
104.26.15.14200 OK 0 B URL HTTP/2 debet.info/_nuxt/2c11c021b89d5aa2cd0e.pages/index.pages/seagames.pages/transfer-money.css
IP 104.26.15.14:0
GET /_nuxt/2c11c021b89d5aa2cd0e.pages/index.pages/seagames.pages/transfer-money.css HTTP/1.1
Host: debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Cookie: device=desktop; domain=https%3A%2F%2Fdebet.info; host=debet.info; _gcl_au=1.1.564911974.1669232874
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:54 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Tue, 22 Nov 2022 13:10:41 GMT
etag: W/"57f0-1849f764ff4"
server-timing: total;dur=0;desc="Nuxt Server Time"
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 105737
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4mLw%2FOnxNtQLsio3Sm%2FijdmsWUDrhJAXpO0uca5jDUeR6K9hapmAmGcw8T3K4Qm1L7pAyZWOP%2B09YV5Gj%2Bw2OIeXbRfnu9HfrGttq%2FxlwfdcyTh%2FV%2BzOZXs3eWo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ec6b5bcb54b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
debet.info/api/v2/sportdata/hotmatches
104.26.15.14200 OK 0 B URL HTTP/2 debet.info/api/v2/sportdata/hotmatches
IP 104.26.15.14:0
Analyzer Verdict Alert fortinet Phishing
GET /api/v2/sportdata/hotmatches HTTP/1.1
Host: debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Cookie: device=desktop; domain=https%3A%2F%2Fdebet.info; host=debet.info; _gcl_au=1.1.564911974.1669232874; _tt_enable_cookie=1; _ttp=9e31561d-f8c5-4aab-9809-9b220a7c5fcc; showPopupDomain=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:56 GMT
content-type: text/html; charset=utf-8
x-powered-by: Express
vary: Origin
access-control-allow-credentials: true
x-ratelimit-limit: 2000
x-ratelimit-remaining: 1998
x-ratelimit-reset: 1669233017
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lIK%2FrQOHoGXCqt40iF9WCw%2BO2kvK4eMXsntXc0Mf2%2FF8T3xB3wSbV%2BOyKYRLdLVEjS402z4BrNWb2xORiQo%2FdHWIbcWq0%2F17VoI4ugjaZYa%2F7ZRZuXrKAQ9BDgE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ec6b607aabb517-OSL
content-encoding: br
X-Firefox-Spdy: h2
debet.info/_nuxt/7916245ecb8cdc74c296.js
104.26.15.14200 OK 0 B URL HTTP/2 debet.info/_nuxt/7916245ecb8cdc74c296.js
IP 104.26.15.14:0
Analyzer Verdict Alert fortinet Phishing
GET /_nuxt/7916245ecb8cdc74c296.js HTTP/1.1
Host: debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Cookie: device=desktop; domain=https%3A%2F%2Fdebet.info; host=debet.info
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:53 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Tue, 22 Nov 2022 13:10:41 GMT
etag: W/"b8eaa-1849f76500e"
server-timing: total;dur=0;desc="Nuxt Server Time"
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 105738
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TliBJHm9mMQi9oloebTLIqkORgYbZURWNXs3MFUragc3KBX%2B4jOhxtWHw0W%2BMjsFPnjJUkz0yECL%2FY72VTlLUFwuahNCEK1do%2BegOOACq9n7YS%2BCLF5SlNkFAOg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ec6b51a8e6b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
d1.debet.info/rs2/images/icon/songbai.svg
104.26.15.14200 OK 0 B URL HTTP/2 d1.debet.info/rs2/images/icon/songbai.svg
IP 104.26.15.14:0
Analyzer Verdict Alert fortinet Phishing
GET /rs2/images/icon/songbai.svg HTTP/1.1
Host: d1.debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:53 GMT
content-type: image/svg+xml
last-modified: Thu, 17 Nov 2022 08:00:07 GMT
etag: W/"6375ea07-857"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kh3jmz1zAT5bhKhybL4us6wapBJrY0Nd8kO7aPqAsGnr%2BXK%2FeiVTyrl9t6aV0cWgwnm8TdOykAoL4pd8hwOyUkVBlw%2Fra%2FLf2jAjsRQEoInYUAUNhHfZqtSS59EUFJw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ec6b51b916b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
debet.info/css/main.css?v=2c11c021b89d5aa2cd0e
104.26.15.14200 OK 0 B URL HTTP/2 debet.info/css/main.css?v=2c11c021b89d5aa2cd0e
IP 104.26.15.14:0
GET /css/main.css?v=2c11c021b89d5aa2cd0e HTTP/1.1
Host: debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Cookie: device=desktop; domain=https%3A%2F%2Fdebet.info; host=debet.info
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:54 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=14400
last-modified: Tue, 22 Nov 2022 13:09:33 GMT
etag: W/"47f59-1849f7542ea"
server-timing: total;dur=0;desc="Nuxt Server Time"
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XwdmfTFMV%2F9JZOPmttXgLUMH5BUpkpeLgR%2BVfHvwthBwZm9rXFCJOfcb9Fjvs2%2FTLhyW7NqI%2BsJfAkoooe6acfXF3tLN0S%2FjlsAtlCjErKS2Z3ZD%2Fl2eObCjTrU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ec6b51a8d5b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
debet.info/_nuxt/2c11c021b89d5aa2cd0e.pages/ksport.css
104.26.15.14200 OK 0 B URL HTTP/2 debet.info/_nuxt/2c11c021b89d5aa2cd0e.pages/ksport.css
IP 104.26.15.14:0
GET /_nuxt/2c11c021b89d5aa2cd0e.pages/ksport.css HTTP/1.1
Host: debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Cookie: device=desktop; domain=https%3A%2F%2Fdebet.info; host=debet.info; _gcl_au=1.1.564911974.1669232874; _tt_enable_cookie=1; _ttp=9e31561d-f8c5-4aab-9809-9b220a7c5fcc; showPopupDomain=true; whitelist=true
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:57 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Tue, 22 Nov 2022 13:10:41 GMT
etag: W/"0-1849f764ffe"
server-timing: total;dur=0;desc="Nuxt Server Time"
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PcZIbNffCz5hEKSL12x733Jd%2FZR2GG6R5NaDeu5F6cE3EDuupj44ib3NWWLySDouIEMdlAcPyYwYo8O4YLQ0ZcOWXQCzsdtm7TTzXSgeTDeqfn3oqOrUFUyv%2F08%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ec6b6a3c16b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
debet.info/_nuxt/0f21a9bf9c4d1bb46b24.js
104.26.15.14200 OK 0 B URL HTTP/2 debet.info/_nuxt/0f21a9bf9c4d1bb46b24.js
IP 104.26.15.14:0
Analyzer Verdict Alert fortinet Phishing
GET /_nuxt/0f21a9bf9c4d1bb46b24.js HTTP/1.1
Host: debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Cookie: device=desktop; domain=https%3A%2F%2Fdebet.info; host=debet.info; _gcl_au=1.1.564911974.1669232874; _tt_enable_cookie=1; _ttp=9e31561d-f8c5-4aab-9809-9b220a7c5fcc; showPopupDomain=true; whitelist=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:57 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Tue, 22 Nov 2022 13:10:41 GMT
etag: W/"1f59-1849f764fff"
server-timing: total;dur=0;desc="Nuxt Server Time"
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9ujGV9Dx%2FLdbw3okM75vQAjxxi2s3z1Qcxiygc%2FzwMv4qh2IGpFvexXNp0ZCgucs0LLJQKzf307XVMh9snKiKLovU%2Be5UuhXgrreGYVVIRBiIpliyV6NBY0CM9Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ec6b6a1bdfb517-OSL
content-encoding: br
X-Firefox-Spdy: h2
debet.info/_nuxt/2c11c021b89d5aa2cd0e.pages/lottery-atom.css
104.26.15.14200 OK 0 B URL HTTP/2 debet.info/_nuxt/2c11c021b89d5aa2cd0e.pages/lottery-atom.css
IP 104.26.15.14:0
GET /_nuxt/2c11c021b89d5aa2cd0e.pages/lottery-atom.css HTTP/1.1
Host: debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Cookie: device=desktop; domain=https%3A%2F%2Fdebet.info; host=debet.info; _gcl_au=1.1.564911974.1669232874; _tt_enable_cookie=1; _ttp=9e31561d-f8c5-4aab-9809-9b220a7c5fcc; showPopupDomain=true; whitelist=true
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:56 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Tue, 22 Nov 2022 13:10:41 GMT
etag: W/"0-1849f764fff"
server-timing: total;dur=0;desc="Nuxt Server Time"
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iwbU1g9FQ8vqtPIDoSFxvgCJ32igqnJZc6ZS5lzOfKWVqYUsXnsatmK4voR%2B1df3zyA2qhPOknkXvMuxXrHAztVfr8DqoFNPww3I4rspDDxwrkxJugeEogvPlFw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ec6b662bfab517-OSL
content-encoding: br
X-Firefox-Spdy: h2
debet.info/_nuxt/2c11c021b89d5aa2cd0e.pages/index.pages/top-racing.pages/transfer-money.css
104.26.15.14200 OK 0 B URL HTTP/2 debet.info/_nuxt/2c11c021b89d5aa2cd0e.pages/index.pages/top-racing.pages/transfer-money.css
IP 104.26.15.14:0
GET /_nuxt/2c11c021b89d5aa2cd0e.pages/index.pages/top-racing.pages/transfer-money.css HTTP/1.1
Host: debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Cookie: device=desktop; domain=https%3A%2F%2Fdebet.info; host=debet.info; _gcl_au=1.1.564911974.1669232874
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:55 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Tue, 22 Nov 2022 13:10:41 GMT
etag: W/"5210-1849f764ff3"
server-timing: total;dur=0;desc="Nuxt Server Time"
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fYlWHunoa8YqOGigKUmLCWlJtAfGKT1owi%2FHzBW%2FRARVC0evyTIWclXKNJkDgpgbHpUYY0Oe11jPW%2B%2FQlFXnsIszU0j8QXGfJDScMub1jz%2FAxkOPMsK01mvYZXk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ec6b5bdb5eb517-OSL
content-encoding: br
X-Firefox-Spdy: h2
debet.info/_nuxt/2531f37fdb87964d3e5e.js
104.26.15.14200 OK 0 B URL HTTP/2 debet.info/_nuxt/2531f37fdb87964d3e5e.js
IP 104.26.15.14:0
Analyzer Verdict Alert fortinet Phishing
GET /_nuxt/2531f37fdb87964d3e5e.js HTTP/1.1
Host: debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Cookie: device=desktop; domain=https%3A%2F%2Fdebet.info; host=debet.info; _gcl_au=1.1.564911974.1669232874; _tt_enable_cookie=1; _ttp=9e31561d-f8c5-4aab-9809-9b220a7c5fcc; showPopupDomain=true; whitelist=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:56 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Tue, 22 Nov 2022 13:10:41 GMT
etag: W/"1f25-1849f764fff"
server-timing: total;dur=0;desc="Nuxt Server Time"
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AfuZHoPI8DeJRPZmHL0ejHpAwNPX5kH8KmqIa8XpKgIWYLwsje%2F4fLlfiI20yY11Smu7HmFtw2bLXyP5AuRaRklQPTYnZPMHKWrVxTrdPB0VMEgF4gHYQpG4e6U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ec6b652a66b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
debet.info/_nuxt/b0cf7b88ba96350cb01a.js
104.26.15.14200 OK 0 B URL HTTP/2 debet.info/_nuxt/b0cf7b88ba96350cb01a.js
IP 104.26.15.14:0
Analyzer Verdict Alert fortinet Phishing
GET /_nuxt/b0cf7b88ba96350cb01a.js HTTP/1.1
Host: debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Cookie: device=desktop; domain=https%3A%2F%2Fdebet.info; host=debet.info; _gcl_au=1.1.564911974.1669232874; _tt_enable_cookie=1; _ttp=9e31561d-f8c5-4aab-9809-9b220a7c5fcc; showPopupDomain=true; whitelist=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:56 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Tue, 22 Nov 2022 13:10:41 GMT
etag: W/"1f29-1849f764fff"
server-timing: total;dur=0;desc="Nuxt Server Time"
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DBrae4JZPdoXzrqdh3LbqPSdMCqw2hXEmGr%2FK6f1PmU%2F0fZHze4Fuw9UjduINTLVrt1mR1gcR1CrAKn4Nu%2BWaTq8GMf9PJCepQlNbvKDLLQ6qhZ3XNnBZcci8Ng%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ec6b662bffb517-OSL
content-encoding: br
X-Firefox-Spdy: h2
debet.info/socket/lyp/v2/minigame/maintenance
104.26.15.14200 OK 0 B URL HTTP/2 debet.info/socket/lyp/v2/minigame/maintenance
IP 104.26.15.14:0
Analyzer Verdict Alert fortinet Phishing
GET /socket/lyp/v2/minigame/maintenance HTTP/1.1
Host: debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Cookie: device=desktop; domain=https%3A%2F%2Fdebet.info; host=debet.info; _gcl_au=1.1.564911974.1669232874; _tt_enable_cookie=1; _ttp=9e31561d-f8c5-4aab-9809-9b220a7c5fcc; showPopupDomain=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:55 GMT
content-type: application/json; charset=utf-8
x-powered-by: Express
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
x-ratelimit-limit: 10000
x-ratelimit-remaining: 9999
x-ratelimit-reset: 1669232987
etag: W/"14f-3vVRLxc7IXtLAVmLA1H62ou7AH0"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j3gtYrnBOAXeaTyHMNsaXUd4eiCZwmIVgFgJHF1DS%2F%2Bff0F2v35wLXjuSCWNCBYz%2F%2FJCPhramJKvcnFfXB7kmQaMiJ0LH8p%2BPSZWK2uEZwWCKUTSWj29bAVu%2F3Gy3AL8FF%2BZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server-timing: total;dur=18;desc="Nuxt Server Time"
access-control-allow-origin: *
server: cloudflare
cf-ray: 76ec6b607aaab517-OSL
content-encoding: br
X-Firefox-Spdy: h2
debet.info/_nuxt/2c11c021b89d5aa2cd0e.pages/numbergame.css
104.26.15.14200 OK 0 B URL HTTP/2 debet.info/_nuxt/2c11c021b89d5aa2cd0e.pages/numbergame.css
IP 104.26.15.14:0
GET /_nuxt/2c11c021b89d5aa2cd0e.pages/numbergame.css HTTP/1.1
Host: debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Cookie: device=desktop; domain=https%3A%2F%2Fdebet.info; host=debet.info; _gcl_au=1.1.564911974.1669232874; _tt_enable_cookie=1; _ttp=9e31561d-f8c5-4aab-9809-9b220a7c5fcc; showPopupDomain=true
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:56 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Tue, 22 Nov 2022 13:10:41 GMT
etag: W/"0-1849f765002"
server-timing: total;dur=0;desc="Nuxt Server Time"
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ha%2FPi6rRNDMrN5UEIxPtlTLrXpC41xxyL0PZPqakFswCl2Euks5AuYNawve20uFLt%2BXI4g5LfoFX9d1%2FOOiCulPNvFsYjTG6IegyQBzEn%2FR4mzxKvJ1tjIw5L9c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ec6b635faab517-OSL
content-encoding: br
X-Firefox-Spdy: h2
debet.info/_nuxt/2c11c021b89d5aa2cd0e.pages/mngame/tim-so-may-man.css
104.26.15.14200 OK 0 B URL HTTP/2 debet.info/_nuxt/2c11c021b89d5aa2cd0e.pages/mngame/tim-so-may-man.css
IP 104.26.15.14:0
GET /_nuxt/2c11c021b89d5aa2cd0e.pages/mngame/tim-so-may-man.css HTTP/1.1
Host: debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Cookie: device=desktop; domain=https%3A%2F%2Fdebet.info; host=debet.info; _gcl_au=1.1.564911974.1669232874; _tt_enable_cookie=1; _ttp=9e31561d-f8c5-4aab-9809-9b220a7c5fcc; showPopupDomain=true; whitelist=true
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:57 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Tue, 22 Nov 2022 13:10:41 GMT
etag: W/"314-1849f765002"
server-timing: total;dur=0;desc="Nuxt Server Time"
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P%2BkmGxxx2SqdjdUG%2F7EhC2Kbp3Q3onK%2FxTsn1%2FR9bg8JMqEWLeRu492d5dVetaBdjYNaynt3pWd%2BH8si4qXphVDfziHdENPnhnKuFNu0IoefToh%2BVmmq6ExKxT4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ec6b6a2c11b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
debet.info/_nuxt/2273b54ea6c537420217.js
104.26.15.14200 OK 0 B URL HTTP/2 debet.info/_nuxt/2273b54ea6c537420217.js
IP 104.26.15.14:0
Analyzer Verdict Alert fortinet Phishing
GET /_nuxt/2273b54ea6c537420217.js HTTP/1.1
Host: debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Cookie: device=desktop; domain=https%3A%2F%2Fdebet.info; host=debet.info
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:53 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Tue, 22 Nov 2022 13:10:41 GMT
etag: W/"2558-1849f76500e"
server-timing: total;dur=0;desc="Nuxt Server Time"
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 105738
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZDMdvusFv1Ps10RDHgHG5y0HLWr%2B7hg2c9hEbkNMempSRLmQWCVssZLmIGDwy1Sbw%2F4DYtc8HIWiae2UO%2FRNVp2kAQGc51P1n1oWuxNWtRRSIxVyx0lPI%2FUYOCg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ec6b51a8e1b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
d1.debet.info/rs2/images/icon/loyalty.svg
104.26.15.14200 OK 0 B URL HTTP/2 d1.debet.info/rs2/images/icon/loyalty.svg
IP 104.26.15.14:0
Analyzer Verdict Alert fortinet Phishing
GET /rs2/images/icon/loyalty.svg HTTP/1.1
Host: d1.debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:53 GMT
content-type: image/svg+xml
last-modified: Thu, 27 Oct 2022 08:14:16 GMT
etag: W/"635a3dd8-43e"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LkiA8Fh1lKNF87Mx4pXSD%2F9fXs%2FZFn1ExLv0IFSerdlytYdChzD1mJLiw977BzslDr4A9%2FMgARCDBUgx7viX05F2LYH0Yn%2FasoWBC8OMwvYbnS4TTVsH5m%2FwWAsMxoo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ec6b51d94fb517-OSL
content-encoding: br
X-Firefox-Spdy: h2
debet.info/_nuxt/a98214d454674c9e7e57.js
104.26.15.14200 OK 0 B URL HTTP/2 debet.info/_nuxt/a98214d454674c9e7e57.js
IP 104.26.15.14:0
Analyzer Verdict Alert fortinet Phishing
GET /_nuxt/a98214d454674c9e7e57.js HTTP/1.1
Host: debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Cookie: device=desktop; domain=https%3A%2F%2Fdebet.info; host=debet.info
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:53 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Tue, 22 Nov 2022 13:10:41 GMT
etag: W/"6d065-1849f764ff9"
server-timing: total;dur=0;desc="Nuxt Server Time"
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 105738
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ky28qnEtRrVCkZMev1qhGhRqwrjxuIPQaPYYqIzC0I5GmtPkxVB7fgsMNQC1oF%2F2m3TxqcQ75adQlcnxrSAIRWjx3h1BqDwzIG4hN7%2FR8wh8PgrwkpiP%2BV1Xt8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ec6b51b8f1b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
d1.debet.info/rs2/images/icon/number-game.svg
104.26.15.14200 OK 0 B URL HTTP/2 d1.debet.info/rs2/images/icon/number-game.svg
IP 104.26.15.14:0
Analyzer Verdict Alert fortinet Phishing
GET /rs2/images/icon/number-game.svg HTTP/1.1
Host: d1.debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:53 GMT
content-type: image/svg+xml
last-modified: Thu, 27 Oct 2022 08:14:16 GMT
etag: W/"635a3dd8-d5a"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iqMYSBVFekO%2BuGPAmeMkis%2B1DOdOkKrwfREGYKJXs0kHY29I5wbhtcqGHRKLlcpIEzsx%2BPKLEiEeQSuNjCbxuOAi9Y1AgGri8gJ0qI1s3%2FJC2ySxmUWNURaKhMrdCuo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ec6b51b91bb517-OSL
content-encoding: br
X-Firefox-Spdy: h2
d1.debet.info/rs2/images/icon/munich.svg
104.26.15.14200 OK 0 B URL HTTP/2 d1.debet.info/rs2/images/icon/munich.svg
IP 104.26.15.14:0
Analyzer Verdict Alert fortinet Phishing
GET /rs2/images/icon/munich.svg HTTP/1.1
Host: d1.debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:53 GMT
content-type: image/svg+xml
last-modified: Thu, 27 Oct 2022 08:14:16 GMT
etag: W/"635a3dd8-42d"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2BR2a6rt1UzxefrBqrdSmPtFzFXQmxQsIufpuJrH%2BbcuH7qJx33tp7rHqimFlAlz%2FErMOpiwqaiB8IAtJy09kEOFz833VnYxOrk10IzH%2BdDHjEGElJL490ISvSGca1o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ec6b51c928b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
d1.debet.info/rs2/images/icon/game-bai.svg
104.26.15.14200 OK 0 B URL HTTP/2 d1.debet.info/rs2/images/icon/game-bai.svg
IP 104.26.15.14:0
Analyzer Verdict Alert fortinet Phishing
GET /rs2/images/icon/game-bai.svg HTTP/1.1
Host: d1.debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:53 GMT
content-type: image/svg+xml
last-modified: Thu, 27 Oct 2022 08:14:16 GMT
etag: W/"635a3dd8-83e"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v9icwA04qyIj7UYc0Oq8GBmI1Vs3nXt7O6yeOnFFAimv4bSt5pZXJIjM6Y%2BDEki3HkG9gNkx8xfsSZ3W27WMMfoV6dLuwFTno9F64i%2BJNTitdgGqcmFqgxDAZ63yYb8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ec6b51b90eb517-OSL
content-encoding: br
X-Firefox-Spdy: h2
debet.info/_nuxt/2c11c021b89d5aa2cd0e.pages/lottery-berlin.css
104.26.15.14200 OK 0 B URL HTTP/2 debet.info/_nuxt/2c11c021b89d5aa2cd0e.pages/lottery-berlin.css
IP 104.26.15.14:0
GET /_nuxt/2c11c021b89d5aa2cd0e.pages/lottery-berlin.css HTTP/1.1
Host: debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Cookie: device=desktop; domain=https%3A%2F%2Fdebet.info; host=debet.info; _gcl_au=1.1.564911974.1669232874; _tt_enable_cookie=1; _ttp=9e31561d-f8c5-4aab-9809-9b220a7c5fcc; showPopupDomain=true; whitelist=true
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:56 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Tue, 22 Nov 2022 13:10:41 GMT
etag: W/"0-1849f764fff"
server-timing: total;dur=0;desc="Nuxt Server Time"
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6hfWdniStDgGTeebO2AjwiKSWn%2BUAT9EwEwdjMl%2BVhSYRDs559IV3xk5u4dhVgkwzcKtLbe3T%2BECdg23rvGT8eI%2F%2BFzZrSTm4AHdnOgynPcyd2pKNn5fW8ZqsfI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ec6b652a64b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
debet.info/
104.26.15.14200 OK 0 B IP 104.26.15.14:0
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:53 GMT
content-type: text/html; charset=utf-8
set-cookie: device=desktop; Path=/
domain=https%3A%2F%2Fdebet.info; Path=/
host=debet.info; Path=/
server-timing: total;dur=39;desc="Nuxt Server Time"
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1WrMPhyHEOx1PeOYoGe7kaAJL7bE8qGqeKv97hkHE0OTObZyGcAo%2F9eTwA%2FXwpL3d0lIYRN1TnQI6Zu7sh%2BPsO25NllFoZShv1jM9DhjncEf6gq4Le9VE7GkYvY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ec6b4dfae0b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
debet.info/_nuxt/2c11c021b89d5aa2cd0e.app.css
104.26.15.14200 OK 0 B URL HTTP/2 debet.info/_nuxt/2c11c021b89d5aa2cd0e.app.css
IP 104.26.15.14:0
GET /_nuxt/2c11c021b89d5aa2cd0e.app.css HTTP/1.1
Host: debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Cookie: device=desktop; domain=https%3A%2F%2Fdebet.info; host=debet.info
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:53 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Tue, 22 Nov 2022 13:10:41 GMT
etag: W/"248b9-1849f764ff9"
server-timing: total;dur=0;desc="Nuxt Server Time"
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 105738
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V2mh0o6xmzfjL1fQDqJaCoRCKX6MgcYJftMmDV2aQLyHR%2BHIWJr3FdKRb9fiUhJLmmDsxAX4iVf0SM51ynuv0J7Xu5zJnpZ4Hp9ClJdEdTXK9hXYKt9iDqkbeIg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ec6b51a8e9b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
debet.info/_nuxt/5ee8ba76f648ed87a9d0.js
104.26.15.14200 OK 0 B URL HTTP/2 debet.info/_nuxt/5ee8ba76f648ed87a9d0.js
IP 104.26.15.14:0
Analyzer Verdict Alert fortinet Phishing
GET /_nuxt/5ee8ba76f648ed87a9d0.js HTTP/1.1
Host: debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Cookie: device=desktop; domain=https%3A%2F%2Fdebet.info; host=debet.info; _gcl_au=1.1.564911974.1669232874; _tt_enable_cookie=1; _ttp=9e31561d-f8c5-4aab-9809-9b220a7c5fcc; showPopupDomain=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:56 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Tue, 22 Nov 2022 13:10:41 GMT
etag: W/"c9f1-1849f764ffa"
server-timing: total;dur=0;desc="Nuxt Server Time"
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kxFPaTnPP5voTI%2F%2FSBjKMaCQvDm5agyFVvhp9olJVKxiM%2Bn2pBeOM0GkBuxaovs53ouvMyHjWqDBCBOHyTNe2rLf640a5XVuIjFnIAwGXu8SZRfIXQv2w3nmyPs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ec6b61bca6b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
d1.debet.info/rs2/js/main.js
104.26.15.14200 OK 0 B URL HTTP/2 d1.debet.info/rs2/js/main.js
IP 104.26.15.14:0
Analyzer Verdict Alert fortinet Phishing
GET /rs2/js/main.js HTTP/1.1
Host: d1.debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:54 GMT
content-type: application/javascript
last-modified: Tue, 22 Nov 2022 13:09:33 GMT
etag: W/"637cca0d-30cea"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5tbcY1zy1G9AZq2VjQgomuEkD3xwlkVxFjr8wodJndaKrrYK%2FOAam2yoyJ38XY%2FHozhAWUU0zwYRYMDwOqfLoknci3MX95w%2Fdu4G7s%2BrlYwrlY1QNLpOJN3LuFdHUjA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ec6b51a8ecb517-OSL
content-encoding: br
X-Firefox-Spdy: h2
debet.info/_nuxt/2c11c021b89d5aa2cd0e.pages/lottery-munich.css
104.26.15.14200 OK 0 B URL HTTP/2 debet.info/_nuxt/2c11c021b89d5aa2cd0e.pages/lottery-munich.css
IP 104.26.15.14:0
GET /_nuxt/2c11c021b89d5aa2cd0e.pages/lottery-munich.css HTTP/1.1
Host: debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Cookie: device=desktop; domain=https%3A%2F%2Fdebet.info; host=debet.info; _gcl_au=1.1.564911974.1669232874; _tt_enable_cookie=1; _ttp=9e31561d-f8c5-4aab-9809-9b220a7c5fcc; showPopupDomain=true; whitelist=true
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:56 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Tue, 22 Nov 2022 13:10:41 GMT
etag: W/"0-1849f765000"
server-timing: total;dur=0;desc="Nuxt Server Time"
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=esUoA88sGJwU1OuctzfFOWQdD3XV6Udx4vHFzlarxU%2Fpor0JTKdtbns%2FEEyRrxiOylsM9tQXhJnWm%2BJLnONZS62jbv6YccGtsGNOhrfE2PT4DhEZ3s9eQDAxxyM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ec6b655aa4b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
debet.info/_nuxt/f993de9ea44bc4391f67.js
104.26.15.14200 OK 0 B URL HTTP/2 debet.info/_nuxt/f993de9ea44bc4391f67.js
IP 104.26.15.14:0
Analyzer Verdict Alert fortinet Phishing
GET /_nuxt/f993de9ea44bc4391f67.js HTTP/1.1
Host: debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Cookie: device=desktop; domain=https%3A%2F%2Fdebet.info; host=debet.info; _gcl_au=1.1.564911974.1669232874
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:55 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Tue, 22 Nov 2022 13:10:41 GMT
etag: W/"4695-1849f764ff2"
server-timing: total;dur=0;desc="Nuxt Server Time"
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j1xtAcFiGIDIr2h0Qpb2kqgVCkX%2FpTmalcNZEWqJ6nFXg8U%2FqWQ%2By6uShjXXG94d5PNbxqAqhJNBqUc%2FgbbYfTvapNxBEoHOyeOE4gtx2Wl4XEgUZuqlHRB2xes%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ec6b5bdb64b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
debet.info/_nuxt/0f48916a3a7f579960c9.js
104.26.15.14200 OK 0 B URL HTTP/2 debet.info/_nuxt/0f48916a3a7f579960c9.js
IP 104.26.15.14:0
Analyzer Verdict Alert fortinet Phishing
GET /_nuxt/0f48916a3a7f579960c9.js HTTP/1.1
Host: debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Cookie: device=desktop; domain=https%3A%2F%2Fdebet.info; host=debet.info
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:53 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Tue, 22 Nov 2022 13:10:41 GMT
etag: W/"2d1c5-1849f764ff9"
server-timing: total;dur=0;desc="Nuxt Server Time"
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 105738
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LmVkSRT%2BBFOL%2FhN8NSsd8Ge82iiO7X0G4nmtk2nC1r99t3bLpGzvsV57jK9yWYWAO62OSqer4tvq4duOmBcc0HtA7askvyOZYY2uv%2BLInsLWoTRtpSov7gF29YE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ec6b51a8e4b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
d1.debet.info/rs2/images/icon/quick-game.svg
104.26.15.14200 OK 0 B URL HTTP/2 d1.debet.info/rs2/images/icon/quick-game.svg
IP 104.26.15.14:0
Analyzer Verdict Alert fortinet Phishing
GET /rs2/images/icon/quick-game.svg HTTP/1.1
Host: d1.debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:53 GMT
content-type: image/svg+xml
last-modified: Thu, 27 Oct 2022 08:14:16 GMT
etag: W/"635a3dd8-7cc"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LTzwDf%2BSxdbU320bycGQpUW3MgJVRCwMfqZL3O7F6oKctIhS7jpTh6pi6xGZQ3Skd4Ak31nz8SAcIWs%2FLxgQzq7AWhOgWLEW3aeUWgYorTvcys9tjUKGCQ63%2B3FI3zQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ec6b51c921b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
debet.info/_nuxt/4a0a76e1f51d16befff0.js
104.26.15.14200 OK 0 B URL HTTP/2 debet.info/_nuxt/4a0a76e1f51d16befff0.js
IP 104.26.15.14:0
Analyzer Verdict Alert fortinet Phishing
GET /_nuxt/4a0a76e1f51d16befff0.js HTTP/1.1
Host: debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Cookie: device=desktop; domain=https%3A%2F%2Fdebet.info; host=debet.info; _gcl_au=1.1.564911974.1669232874; _tt_enable_cookie=1; _ttp=9e31561d-f8c5-4aab-9809-9b220a7c5fcc; showPopupDomain=true; whitelist=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:57 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Tue, 22 Nov 2022 13:10:41 GMT
etag: W/"4abf-1849f764ff0"
server-timing: total;dur=0;desc="Nuxt Server Time"
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BfUXDaMhL13ckkU4Zoz4SlZSgneClwOyp5YzjLbo2TNFAWlhzOfkiWlt1ybZpQwEKwsOjSNHZpXQNDOF7gxEPlg9omFCPLGNUO5hU8fmS4nC%2FFpaNjj6RK033Bk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ec6b6a2c03b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
d1.debet.info/rs/images/ico_playing-cards.svg
104.26.15.14200 OK 0 B URL HTTP/2 d1.debet.info/rs/images/ico_playing-cards.svg
IP 104.26.15.14:0
Analyzer Verdict Alert fortinet Phishing
GET /rs/images/ico_playing-cards.svg HTTP/1.1
Host: d1.debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:54 GMT
content-type: image/svg+xml
cache-control: public, max-age=14400
last-modified: Sun, 08 Mar 2020 08:24:49 GMT
etag: W/"501-170b93f2b91"
server-timing: total;dur=0;desc="Nuxt Server Time"
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aKnW%2BVY5J%2Fj03GtIWNpOkF1xWP%2Ff%2Bjy5FFKkGkewZVoYRS7PiSv1humRPuIEH0yF1NuZjqrZi%2BqrLbWAL7XVlJ1Rt6s8nGaQvz9WEHohuQyuH4oVXNQe3tIBVSO7XVs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ec6b579c1ab517-OSL
content-encoding: br
X-Firefox-Spdy: h2
debet.info/_nuxt/2c11c021b89d5aa2cd0e.pages/casino.css
104.26.15.14200 OK 0 B URL HTTP/2 debet.info/_nuxt/2c11c021b89d5aa2cd0e.pages/casino.css
IP 104.26.15.14:0
GET /_nuxt/2c11c021b89d5aa2cd0e.pages/casino.css HTTP/1.1
Host: debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Cookie: device=desktop; domain=https%3A%2F%2Fdebet.info; host=debet.info; _gcl_au=1.1.564911974.1669232874; _tt_enable_cookie=1; _ttp=9e31561d-f8c5-4aab-9809-9b220a7c5fcc; showPopupDomain=true
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:56 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Tue, 22 Nov 2022 13:10:41 GMT
etag: W/"f6-1849f764ffa"
server-timing: total;dur=0;desc="Nuxt Server Time"
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JG4lxEf0nbrT3%2F5Zc3p2QatMeGl17HI%2FQddWpKs%2ByGlIxs5XDx7VZ9njQ6SpPAZIyzJDEwowCtTQPoqe07zgxOHr74qgxAGVj5QEgj6ObwASmYE3vxFQlbbAsw0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ec6b627e44b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
d1.debet.info/rs2/images/icon/berlin.svg
104.26.15.14200 OK 0 B URL HTTP/2 d1.debet.info/rs2/images/icon/berlin.svg
IP 104.26.15.14:0
Analyzer Verdict Alert fortinet Phishing
GET /rs2/images/icon/berlin.svg HTTP/1.1
Host: d1.debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:53 GMT
content-type: image/svg+xml
last-modified: Thu, 27 Oct 2022 08:14:16 GMT
etag: W/"635a3dd8-5b6"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CFfAiyyfkG1wDTeCiPinNkGbKe7BNzT4DrpXueuv%2Fml4C3z%2BQ5zWQdVoaicLv69JBFBBZM6o8TJF6OtJHIVm3dx2AQ2htTDrkazXVSJTluNYqT%2F7WR33o1jf87FVE8Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ec6b51c924b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-1618335.js?sv=7
143.204.55.37200 OK 0 B URL HTTP/2 static.hotjar.com/c/hotjar-1618335.js?sv=7
IP 143.204.55.37:0
GET /c/hotjar-1618335.js?sv=7 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Wed, 23 Nov 2022 19:47:51 GMT
access-control-allow-origin: *
cache-control: max-age=60
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
etag: W/ab057428d828fa04c9d28ab1d4064c98
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 1T9rW8U1gZ3ASwtIm9W39aFkY4CeJtR5Q3PSNYHVstwAU2avh5MAYg==
age: 7
X-Firefox-Spdy: h2
debet.info/_nuxt/fd29780d99f57ff85b63.js
104.26.15.14200 OK 0 B URL HTTP/2 debet.info/_nuxt/fd29780d99f57ff85b63.js
IP 104.26.15.14:0
Analyzer Verdict Alert fortinet Phishing
GET /_nuxt/fd29780d99f57ff85b63.js HTTP/1.1
Host: debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Cookie: device=desktop; domain=https%3A%2F%2Fdebet.info; host=debet.info; _gcl_au=1.1.564911974.1669232874; _tt_enable_cookie=1; _ttp=9e31561d-f8c5-4aab-9809-9b220a7c5fcc; showPopupDomain=true; whitelist=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:57 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Tue, 22 Nov 2022 13:10:41 GMT
etag: W/"1f67-1849f764ffe"
server-timing: total;dur=0;desc="Nuxt Server Time"
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8StAcmE%2FkCoThiX%2BB7ZPibrK7M2v5GJUxlTmldMySCS2ro%2BFabzoqv2Kk5bhzV0tPfMCgNMdx08R7Oz%2FRGEj8icCzujJbzsLeQwAsIMg5vnJcoHhZ90JB1kG8W4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ec6b696aa3b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
debet.info/_nuxt/bcfbe58cce125a1a39cb.js
104.26.15.14200 OK 0 B URL HTTP/2 debet.info/_nuxt/bcfbe58cce125a1a39cb.js
IP 104.26.15.14:0
Analyzer Verdict Alert fortinet Phishing
GET /_nuxt/bcfbe58cce125a1a39cb.js HTTP/1.1
Host: debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Cookie: device=desktop; domain=https%3A%2F%2Fdebet.info; host=debet.info; _gcl_au=1.1.564911974.1669232874; _tt_enable_cookie=1; _ttp=9e31561d-f8c5-4aab-9809-9b220a7c5fcc; showPopupDomain=true; whitelist=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:57 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Tue, 22 Nov 2022 13:10:41 GMT
etag: W/"1266-1849f765001"
server-timing: total;dur=0;desc="Nuxt Server Time"
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EPc%2BYfJK%2FXJaKGZYW7zeWr8kQqv2iyQQpSn1McXjK0%2BRhB48WK8FaR9%2FnQ1ZoUl6zP49RAnKWSBKt1wXLWGuyh3XqkhF12s073iOQREvCpSukVCvsD6wQF7FUTM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ec6b6a3c14b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
debet.info/_nuxt/0d861eb27134bfa80322.js
104.26.15.14200 OK 0 B URL HTTP/2 debet.info/_nuxt/0d861eb27134bfa80322.js
IP 104.26.15.14:0
Analyzer Verdict Alert fortinet Phishing
GET /_nuxt/0d861eb27134bfa80322.js HTTP/1.1
Host: debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Cookie: device=desktop; domain=https%3A%2F%2Fdebet.info; host=debet.info
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:53 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Tue, 22 Nov 2022 13:10:41 GMT
etag: W/"3d9-1849f764ffe"
server-timing: total;dur=0;desc="Nuxt Server Time"
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 105738
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=17%2FOE3EhvN6KPMZCIvJNnaRWYY%2BpnLExhv32C8c1tX24RTBqTuOwJgbU3x0ugnH5S70Y4JO2TlDelXF2g0XMIaX2C1cbXlXOg4VptOX1Hal7nTPlHD%2FQQoLqFI4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ec6b51b8fab517-OSL
content-encoding: br
X-Firefox-Spdy: h2
debet.info/_nuxt/2c11c021b89d5aa2cd0e.pages/index.pages/transfer-money.css
104.26.15.14200 OK 0 B URL HTTP/2 debet.info/_nuxt/2c11c021b89d5aa2cd0e.pages/index.pages/transfer-money.css
IP 104.26.15.14:0
GET /_nuxt/2c11c021b89d5aa2cd0e.pages/index.pages/transfer-money.css HTTP/1.1
Host: debet.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://debet.info/
Cookie: device=desktop; domain=https%3A%2F%2Fdebet.info; host=debet.info
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 19:47:53 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Tue, 22 Nov 2022 13:10:41 GMT
etag: W/"9a6b-1849f764ff6"
server-timing: total;dur=0;desc="Nuxt Server Time"
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 105738
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2engtvT7at5YAKVFqoJ022EcS3pkGpzRy7jDFYpfS3%2BZ0wWb2kjljL1Lu%2BtH4j1eQeeDgH6t8S%2BdFDGHZTgbW1RNpdStxAfDnKpNuPmW%2BObM47Y47KmRhby7Kh4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ec6b51b8fcb517-OSL
content-encoding: br
X-Firefox-Spdy: h2