firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 04 Oct 2022 13:47:04 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: vFRwu7CEdwJndLxLOUjdzsIu8k9lwH7ASJSAHtxz9uCHRXy8pM6v-g==
Age: 3406
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9955bda9c9ef64bc5700a14af0bae25e
8de7b7469e905af0374bdfcc3006bbb844f13e94
1f611155394fac39439b8ec8217d8cd493d6b588d372d264e0d66c03129c50c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8511
Expires: Tue, 04 Oct 2022 17:05:41 GMT
Date: Tue, 04 Oct 2022 14:43:50 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 74134730f642b6f6dfeca3ecc61a329e
668914cc93cceb123d199a45df13ad764704fa84
d681a4c2e20a6019c7e2d980cbfa77b34db9356899099296c3b8b4263ca5fb5f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D681A4C2E20A6019C7E2D980CBFA77B34DB9356899099296C3B8B4263CA5FB5F"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9753
Expires: Tue, 04 Oct 2022 17:26:23 GMT
Date: Tue, 04 Oct 2022 14:43:50 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: hZW+6oHKfRnQgEigYfEDDtqlBu+CPdnAjOKHvi0xHvhgivEYe//ZK8T+5IVaz/sHmFSei6CL8Hk=
x-amz-request-id: N1XN4ZQRXKRCQZEF
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 04 Oct 2022 13:51:23 GMT
age: 3147
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 14:43:50 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 5ba23234dfb31276cc3bf9a347508595
a225d0a9ecf5d7f0032816c6f3d4a5ae1f3b27a3
33558bed4856ac3f2a7267965521b316ccd3ccc669877994c6c590e2d2a1b559
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 14:43:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 60dea52abe2437132a0387ad8becc0ac
61e9fb41f1fc795ef7204b8948621d4dbc6d3052
ac998fb48810aeb183ec2d19cfd58b81f2243207add4c553e1e87f00fa6d5f3f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 14:43:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-209811083-3
200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-209811083-3
IP
File type ASCII text, with very long lines (2039)
Hash 1837d62445a904fa4bcae60a17c38ec4
511b083784340977079c6bfa340cab2a16648dd5
22a9aaccf013a9f1bf4feb1a8dd07563e06e955b604ed7244cc69628d9e838d4
GET /gtag/js?id=UA-209811083-3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://iblplay.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 04 Oct 2022 14:43:50 GMT
expires: Tue, 04 Oct 2022 14:43:50 GMT
cache-control: private, max-age=900
last-modified: Tue, 04 Oct 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42365
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-167190551-1
200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-167190551-1
IP
File type ASCII text, with very long lines (2039)
Hash 99e6313622c025359acd486d2b28de1f
9060b41ad2b895daa6e6be6b4361d2f6161b07ec
a34f410b6e5ed30f74150e8f185a051bd16cb8369619649e5b769f9f8c45d6da
GET /gtag/js?id=UA-167190551-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://iblplay.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 04 Oct 2022 14:43:50 GMT
expires: Tue, 04 Oct 2022 14:43:50 GMT
cache-control: private, max-age=900
last-modified: Tue, 04 Oct 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42409
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 5ba23234dfb31276cc3bf9a347508595
a225d0a9ecf5d7f0032816c6f3d4a5ae1f3b27a3
33558bed4856ac3f2a7267965521b316ccd3ccc669877994c6c590e2d2a1b559
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 14:43:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
iblplay.org/Assets/css/styles.css
200 OK 1.3 kB URL HTTP/1.1 iblplay.org/Assets/css/styles.css
IP
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 54b7517c4aa0bc0f5a1c117ad12c8cb7
1acf91bc2681b53fd64db14bc244299b83fe3c12
16aa8562c8692116c87bdc5d1bee51782c71dc3565f089bbbe68dbdbd9d2f35d
GET /Assets/css/styles.css HTTP/1.1
Host: iblplay.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iblplay.org/
Cookie: ASP.NET_SessionId=poo3vuj4gb511zxvw13hxgza
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 14:43:50 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 07 Jan 2019 02:22:33 GMT
ETag: W/"e053b9d82fa6d41:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OdJeLmlDVmyJ5J2GQGll6qpvApZSYAIadyHKOyePUrMzNlLWrmX%2FcGXWafX6rOmPh1QGlkfiZGd5xcQe%2FkYxhZi95BJ6FCLP1zdsfyRemu%2F4bbmZ6KiYGwv%2BC%2FAEjA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754eb130abdcb512-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Tue, 04 Oct 2022 14:29:33 GMT
Expires: Tue, 04 Oct 2022 14:31:25 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ySzWHvJrUvf0fzScDOe2vLOmdBhbPSO1gj7qb6c5jX7LvNOAomyWeg==
Age: 857
ocsp.digicert.com/
200 OK 471 B IP
Hash 16ebfb2aa621547ecf581e26fc828a7d
f78993331f6f5b8af6409a9ad2fc50b77070f68a
0f81fd1d6be9ccc04b74f0348aafe642c7b9ab7dffb7e8a679b5d67cc2e5fac3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5858
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 14:43:51 GMT
Last-Modified: Tue, 04 Oct 2022 13:06:13 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
iblplay.org/Assets/css/bootstrap-theme.css
200 OK 2.0 kB URL HTTP/1.1 iblplay.org/Assets/css/bootstrap-theme.css
IP
File type ASCII text, with CRLF line terminators
Hash 105c6373dbad7de82447394b5a691a09
d477fd9fa53b262b3ec612a11904e673852cc15c
a68b5a03440e4bb78b32a999711f9e71e0137f7fb308f7c28a0db3fd4588e5db
GET /Assets/css/bootstrap-theme.css HTTP/1.1
Host: iblplay.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iblplay.org/
Cookie: ASP.NET_SessionId=poo3vuj4gb511zxvw13hxgza
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 14:43:51 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 10 Aug 2018 11:24:23 GMT
ETag: W/"8215bdb09c30d41:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ttkEJXYj4NC7bKBoTMc82e%2F4NAT6YvTCcsWT0tZ7hQ884m%2FEgcLE%2FNAUtI4OK77QTIqXav9EFE80UcMwliVclQ0hfoQoWyWjBxApI01OdZDN3aTMhBU8wXDzEy4sbA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754eb130ac11b524-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 9MXnCg6j0E/8nSdoi2JZyA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: x3IhVZ+q4+N+9MF1aaqJjMLiiHU=
iblplay.org/Assets/css/theme/RajaOLB388_v6.css
200 OK 9.7 kB URL HTTP/1.1 iblplay.org/Assets/css/theme/RajaOLB388_v6.css
IP
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 0881ef1feef7f535da1ac3516f306e7a
c2e9702dce4a40bd943b99ce6c545a263a7af71c
c541d4cd985353eeb083b7358547f2ca615e3543580cbc5b28e106bbb8635974
GET /Assets/css/theme/RajaOLB388_v6.css HTTP/1.1
Host: iblplay.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iblplay.org/
Cookie: ASP.NET_SessionId=poo3vuj4gb511zxvw13hxgza
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 14:43:51 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 02 Aug 2022 08:36:10 GMT
ETag: W/"231c1aeb4aa6d81:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=61UEfEJ1KLyOl%2FjI4UIEhBoCpyetJ9UBs0iVUBbamvlsaBOADvgnkj4q1b2P6qHPMN8m0qdW1lLcAJ9aXi8bI6yisKXVM9nKjRoSK2OsUCHO5pJ3pLJGLf%2Bgn2EgmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754eb130a998b506-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
iblplay.org/
200 OK 89 kB IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (52907), with CRLF, LF line terminators
Hash 45d4ff46443a10ae95bdcc47b75b61d2
9719c1dac1df5369c89fe52b8cf713978baac341
3892bdfd6a32d2613d42f5f3de58ff264fe72470a5ba7694d8d2d8c7d350763c
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: iblplay.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 14:43:50 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private
Set-Cookie: ASP.NET_SessionId=poo3vuj4gb511zxvw13hxgza; path=/; HttpOnly
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n2AtUQUc2YwiUGaE8IevHVfnnxin5%2BvbX6IjScuyV%2BUPO%2F2YPfiZX1axTgCwnHzQ9G68tHBPnBI8lzVxebg%2BVeT%2B4ophR7axbR9HLqPkkFzJtDHVvPVohT%2BI%2FJO5zg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 754eb12d1f75b4f1-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
iblplay.org/Assets/css/bootstrap.css
200 OK 21 kB URL HTTP/1.1 iblplay.org/Assets/css/bootstrap.css
IP
File type ASCII text, with very long lines (540)
Hash 7eb4e09380ce06fd3f878dbe09c4f09b
5b0927e1e919a51c4918ead7cd81c1e177066257
92d5d750c3f41f01a8248352deed188eeda4e4d2902d2061ad07572213be30d0
GET /Assets/css/bootstrap.css HTTP/1.1
Host: iblplay.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iblplay.org/
Cookie: ASP.NET_SessionId=poo3vuj4gb511zxvw13hxgza
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 14:43:52 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 16 Jun 2015 08:12:50 GMT
ETag: W/"0ed633cca8d01:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7uc%2FbWWJVg6M9XhOgUMqyWH%2Fis2eJgWayNIxEC%2FqwbgxXxqMuR%2F%2FZREZUDue3MGLT1JP6RFthUNb4znRbWVH2PXebkBf4HiiXKrRgLri2XPJPTfwsXuqDinZXhJOjA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754eb130af58b500-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
cdn.livechatinc.com/tracking.js
301 Moved Permanently 0 B URL HTTP/1.1 cdn.livechatinc.com/tracking.js
IP
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tracking.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iblplay.org/
HTTP/1.1 301 Moved Permanently
Server: AkamaiGHost
Content-Length: 0
Location: https://cdn.livechatinc.com/tracking.js
Cache-Control: max-age=28800
Expires: Tue, 04 Oct 2022 22:43:52 GMT
Date: Tue, 04 Oct 2022 14:43:52 GMT
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 938ca8d04dae51b68f67cb6b99851772
8a3956985c77128a745c8b50bf63ba9a1085d195
f5e23e685fda24bd65f31a39291ab9006074bf8c0b946de073297129515fe571
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 14:43:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 938ca8d04dae51b68f67cb6b99851772
8a3956985c77128a745c8b50bf63ba9a1085d195
f5e23e685fda24bd65f31a39291ab9006074bf8c0b946de073297129515fe571
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 14:43:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
iblplay.org/Assets/js/jquery.touchSwipe.min.js
200 OK 5.0 kB URL HTTP/1.1 iblplay.org/Assets/js/jquery.touchSwipe.min.js
IP
File type ASCII text, with very long lines (19969)
Hash fc386a28310c0b6c49f9ab370f549c93
9bcb67c04f89511a3d57001399e5e7e53677f6b4
c73efb2a59214c5ab89baaf4f95b60baec7ccb2087115026280a73c638d49887
Analyzer Verdict Alert fortinet Phishing
GET /Assets/js/jquery.touchSwipe.min.js HTTP/1.1
Host: iblplay.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iblplay.org/
Cookie: ASP.NET_SessionId=poo3vuj4gb511zxvw13hxgza
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 14:43:52 GMT
Content-Type: application/javascript
Content-Length: 5041
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Sun, 26 Jan 2020 02:09:58 GMT
ETag: "01f51b5edd3d51:0"
Vary: Accept-Encoding
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m8ktTjfoM6m9kza8g48tM9Jbmr8iZVqxYpZzfwttCShOtCXglcAues7Ue8pwN0eFBkWHMeddSWVOJBrS9KFM7SKXvJ%2BbB7nU5THRTyPORLOuc3HVWvA3Bq46uAv%2BUw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 754eb1385eeeb524-OSL
alt-svc: h2=":443"; ma=60
iblplay.org/Assets/js/jquery-marquee.js
200 OK 700 B URL HTTP/1.1 iblplay.org/Assets/js/jquery-marquee.js
IP
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 5943c153ad8920b88e9af02abc05aa31
a3659cc5a761a5f1bc9b732a7066016b00f40c11
d24c78f8edb9f28ee225cc5556f085bded087bf9a7c7d2d766e7fd4adbf3a105
Analyzer Verdict Alert fortinet Phishing
GET /Assets/js/jquery-marquee.js HTTP/1.1
Host: iblplay.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iblplay.org/
Cookie: ASP.NET_SessionId=poo3vuj4gb511zxvw13hxgza
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 14:43:52 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 02 Feb 2022 03:39:46 GMT
ETag: W/"6bc82786e617d81:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ewZ3FZu9CVwvRHGwbKqMzoCoXkHaddSW4yPVyPlIjzr6T0BcXYkKSMMomLFOJsWmocJKbdNdFLykO%2FGcUZpOp4d0EHa36FlOH00HuNqOaQgIVsRmOFTaEkDMLxLCpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754eb1385de2b512-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
iblplay.org/Assets/js/ie10-viewport-bug-workaround.js
200 OK 424 B URL HTTP/1.1 iblplay.org/Assets/js/ie10-viewport-bug-workaround.js
IP
Hash 03985dd7dbd89dc05815e24164ab11f8
041eaa40f19e56a4a02aabb1624ac1fbe6df2a96
72e34699c5c5e5a0a40042977d00332a4e19d01ff67c41277673a86e5e46f2cf
Analyzer Verdict Alert fortinet Phishing
GET /Assets/js/ie10-viewport-bug-workaround.js HTTP/1.1
Host: iblplay.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iblplay.org/
Cookie: ASP.NET_SessionId=poo3vuj4gb511zxvw13hxgza
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 14:43:52 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 19 Oct 2015 07:37:48 GMT
ETag: W/"0ee22d41ad11:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DbWV7rjPs1%2BSH2OhqRe2Y5aSE72ZPwNmi2kvJaoWy534tZB%2BMDbOz%2FjW5UwTF1Aa1sEpAwAWpce7DsigLM1OF2RUL1pzjFDcjWZPIpw0oENCRbE6C5Y7vzo8iux9Gg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754eb1385eefb524-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
static.getbutton.io/widget-send-button/js/init.js
302 Moved Temporarily 145 B URL HTTP/1.1 static.getbutton.io/widget-send-button/js/init.js
IP
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 0e0a408f3009ae4498e7f3ffc9c5fa7b
113078a9c13645b225d88d5e306709f8994ea817
e3a16c76764dacf8ea25637976a03595564530a9fce185c2145f7c1903f2707b
GET /widget-send-button/js/init.js HTTP/1.1
Host: static.getbutton.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iblplay.org/
HTTP/1.1 302 Moved Temporarily
Server: nginx/1.23.1
Date: Tue, 04 Oct 2022 14:43:52 GMT
Content-Type: text/html
Content-Length: 145
Connection: keep-alive
Location: https://static.getbutton.io/widget/bundle.js
iblplay.org/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZLWlrfPdLj_QCkJ7NHn5ZvmcB38puaiECj4aQ98GT5FAvXJ3TwKkIIofUP0Zc993fA2&t=636681603604795562
200 OK 4.6 kB URL HTTP/1.1 iblplay.org/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZLWlrfPdLj_QCkJ7NHn5ZvmcB38puaiECj4aQ98GT5FAvXJ3TwKkIIofUP0Zc993fA2&t=636681603604795562
IP
File type ASCII text, with CRLF line terminators
Hash 01ea0a6394ba4a60fcf44d45af78700a
2c2f09a336e76dc2a7ff76e7fc47fbb13c6545d6
c24a31bf41f9a2a9aa14c25fa678199a3bd435ef782fbd107c20adbbc93f88e4
GET /WebResource.axd?d=pynGkmcFUV13He1Qd6_TZLWlrfPdLj_QCkJ7NHn5ZvmcB38puaiECj4aQ98GT5FAvXJ3TwKkIIofUP0Zc993fA2&t=636681603604795562 HTTP/1.1
Host: iblplay.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iblplay.org/
Cookie: ASP.NET_SessionId=poo3vuj4gb511zxvw13hxgza
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 14:43:52 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public
Expires: Wed, 04 Oct 2023 08:16:01 GMT
Last-Modified: Thu, 26 Jul 2018 00:06:00 GMT
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GX%2BCNYtS%2BKP2ikcvn6WD%2BzsFY4T43%2FnYGbe61wVY8XX%2BfCXgmbaUDT3TN4M8x9Uml6Ru9R2ZsNzHOv%2BbDyROHkoU3aBucc9mrTDlmEy0TEbpK9d2yfXcSmYhQcn2NA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 754eb13a6f75b500-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
cdn.livechatinc.com/tracking.js
200 OK 26 kB URL HTTP/2 cdn.livechatinc.com/tracking.js
IP
ASN #20940 Akamai International B.V.
Hash 6d3a2ae40bc8b1a9d4db4491a8b8a2de
586a0476415b81afe725bbd9ab93052222f56a2b
68432d22583705e7515d896d46ac76e5962b6cdee4b2ffb24099e6abd54fc924
GET /tracking.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://iblplay.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Mon, 03 Oct 2022 08:52:45 GMT
x-amz-version-id: ShWf3uxOW76WIXrfmBNYEunJ4VXa8qrD
server: AmazonS3
content-encoding: br
etag: W/"76bb2b42910688967d67aa5519646e5d"
vary: Accept-Encoding
x-amz-cf-pop: AMS54-C1
x-amz-cf-id: rn7s_tBh0iAmVniiyguB1enwQ-YRMXK5bH3Zd6OV5vDOdHRsEY6Unw==
content-length: 25677
cache-control: max-age=28800
expires: Tue, 04 Oct 2022 22:43:52 GMT
date: Tue, 04 Oct 2022 14:43:52 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
X-Firefox-Spdy: h2
iblplay.org/Assets/brand/togel/hrz/NaganoPools.png?v1
200 OK 5.4 kB URL HTTP/1.1 iblplay.org/Assets/brand/togel/hrz/NaganoPools.png?v1
IP
File type PNG image data, 160 x 72, 8-bit colormap, non-interlaced\012- data
Hash 579994450c368cf2e99df85b9297e2f5
9597809ec55500edeb6c1f26215908b301ef65bf
df97b1553c421f20c18bdc540859ccc343b65766fac8817d774781ae574c014e
GET /Assets/brand/togel/hrz/NaganoPools.png?v1 HTTP/1.1
Host: iblplay.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iblplay.org/
Cookie: ASP.NET_SessionId=poo3vuj4gb511zxvw13hxgza
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 14:43:52 GMT
Content-Type: image/png
Content-Length: 5438
Connection: keep-alive
Last-Modified: Thu, 04 Feb 2021 08:11:09 GMT
ETag: "a58cb74bcdfad61:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZyXeU837O1yTYXgLiXUCVEJxLvTQwmZw3mAB1gUApUlvV%2BNqKr8yxFC%2FlKIcqpFJ%2BnuGSRKGkru6dcU9WQvJCb9qjrZqq4wdId6pROuPEtRF%2FE4SYFUSXtI0HqcB%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754eb13adb5ab524-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 6a7055210b78c204cc9d3535c591e984
bc1f7a9eb66f2f8d85cece13ded4f187f5ee1323
4a609873db1bf95a90d386f14a594dd17d24828bacb53c5291ac00151806b7cc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A609873DB1BF95A90D386F14A594DD17D24828BACB53C5291AC00151806B7CC"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=595
Expires: Tue, 04 Oct 2022 14:53:47 GMT
Date: Tue, 04 Oct 2022 14:43:52 GMT
Connection: keep-alive
icon.ozzogame2.com/RajaOLB/c1nspiq0.png
200 OK 5.0 kB URL HTTP/1.1 icon.ozzogame2.com/RajaOLB/c1nspiq0.png
IP
File type PNG image data, 160 x 72, 8-bit/color RGBA, non-interlaced\012- data
Hash 325a8d3134377187d34f646ea639a5b6
40c9f497c15c13d1086442818cbe9c3a47f29a72
91619ad624bf829be4c5b4f20488ff0ebbf7d3606b94c9635348c33dafa2a658
GET /RajaOLB/c1nspiq0.png HTTP/1.1
Host: icon.ozzogame2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iblplay.org/
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Mon, 27 Apr 2020 13:52:31 GMT
Accept-Ranges: bytes
ETag: "86bac7189b1cd61:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Tue, 04 Oct 2022 14:43:47 GMT
Content-Length: 5030
api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=10529112&url=http%3A%2F%2Fiblplay.org%2F&channel_type=code&jsonp=__sa40ybtraat
200 OK 267 B URL HTTP/2 api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=10529112&url=http%3A%2F%2Fiblplay.org%2F&channel_type=code&jsonp=__sa40ybtraat
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with no line terminators
Hash ce45027f2de4b50d2485de1da715f4e2
41b7b5b2d214ed75ee335bfa454fd0d23ff66b83
8bef4dd6bb13d1123171ae57b2e7549683d182b4390747c6e9c005be9b915e4a
GET /v3.3/customer/action/get_dynamic_configuration?license_id=10529112&url=http%3A%2F%2Fiblplay.org%2F&channel_type=code&jsonp=__sa40ybtraat HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://iblplay.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-security-policy: frame-ancestors http://iblplay.org/;
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
vary: Accept-Encoding
x-frame-options: allow-from http://iblplay.org/
content-length: 267
date: Tue, 04 Oct 2022 14:43:52 GMT
X-Firefox-Spdy: h2
static.getbutton.io/widget/bundle.js
200 OK 94 kB URL HTTP/1.1 static.getbutton.io/widget/bundle.js
IP
ASN #24940 Hetzner Online GmbH
File type Unicode text, UTF-8 text, with very long lines (65475)
Hash e71520287bb9126c2b225d2a3b337940
e7cd3e88c04ad3e0e9e089d0e63e657ca2d09665
d8aff402695c89c58cbbc7bbd9b7ee5c791da1692646aea46b08d75866629471
GET /widget/bundle.js HTTP/1.1
Host: static.getbutton.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://iblplay.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.23.1
Date: Tue, 04 Oct 2022 14:43:52 GMT
Content-Type: application/javascript
Last-Modified: Thu, 08 Sep 2022 09:49:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6319baba-4a52c"
Expires: Tue, 04 Oct 2022 17:43:52 GMT
Cache-Control: max-age=10800
Access-Control-Allow-Origin: *
Content-Encoding: gzip
1.bp.blogspot.com/-oNotrSKV-tw/Xuwr28Mmk9I/AAAAAAAABwU/v0CvzBB3ysgFRXSVAMJjMTHHrA-hYYW9ACK4BGAsYHg/d/allgameicon-20.png
200 OK 17 kB URL HTTP/2 1.bp.blogspot.com/-oNotrSKV-tw/Xuwr28Mmk9I/AAAAAAAABwU/v0CvzBB3ysgFRXSVAMJjMTHHrA-hYYW9ACK4BGAsYHg/d/allgameicon-20.png
IP
File type PNG image data, 240 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 3f6877c31492b3d3c194a974e98e2b0d
e3b1b220f1ec2aba004b0dd0eb0032b6d5dfacd0
d3a16033014c41ba29093ebb7f956f5268fd116c2732fee2fb8aca114a5975d0
GET /-oNotrSKV-tw/Xuwr28Mmk9I/AAAAAAAABwU/v0CvzBB3ysgFRXSVAMJjMTHHrA-hYYW9ACK4BGAsYHg/d/allgameicon-20.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://iblplay.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v708"
expires: Wed, 05 Oct 2022 14:43:52 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: attachment;filename="allgameicon-20.png"
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Tue, 04 Oct 2022 14:43:52 GMT
server: fife
content-length: 16994
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
iblplay.org/Assets/js/jquery-1.11.3.min.js
200 OK 33 kB URL HTTP/1.1 iblplay.org/Assets/js/jquery-1.11.3.min.js
IP
File type ASCII text, with very long lines (32038)
Hash 1dd22c37d7b6e8af40c36f37352fd48a
f5d30d405a442e1a98e5e9f026d46a3075dd0688
aaa322d39973638fa8049734adb9a76490b95eb2b9a3b666ac22f27e61abfe6a
Analyzer Verdict Alert fortinet Phishing
GET /Assets/js/jquery-1.11.3.min.js HTTP/1.1
Host: iblplay.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iblplay.org/
Cookie: ASP.NET_SessionId=poo3vuj4gb511zxvw13hxgza
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 14:43:52 GMT
Content-Type: application/javascript
Content-Length: 33365
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Mon, 19 Oct 2015 07:47:16 GMT
ETag: "0dab05f42ad11:0"
Vary: Accept-Encoding
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ldlXdy5TQQ%2Ffju9rwCYqhWjJYx2ztof%2BtT3aZ5LpWpqZdJZG1zzo6YGWUVw3MHs6lRoaDlUD8fy8dpAWOzToP%2BlabOYgmqFzebZ3GuPOcCz88JiS0TmX0hTgi%2FFByw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 754eb1385c58b506-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 938ca8d04dae51b68f67cb6b99851772
8a3956985c77128a745c8b50bf63ba9a1085d195
f5e23e685fda24bd65f31a39291ab9006074bf8c0b946de073297129515fe571
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 14:43:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8975
Expires: Tue, 04 Oct 2022 17:13:27 GMT
Date: Tue, 04 Oct 2022 14:43:52 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8975
Expires: Tue, 04 Oct 2022 17:13:27 GMT
Date: Tue, 04 Oct 2022 14:43:52 GMT
Connection: keep-alive
1.bp.blogspot.com/-HcUG0nrEsus/XuhIGHYAWgI/AAAAAAAABis/n-nisusUo2Mune1oWqXfMY3nMctTkYK4ACK4BGAsYHg/s800/slot.jpg
200 OK 221 kB URL HTTP/2 1.bp.blogspot.com/-HcUG0nrEsus/XuhIGHYAWgI/AAAAAAAABis/n-nisusUo2Mune1oWqXfMY3nMctTkYK4ACK4BGAsYHg/s800/slot.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=3, software=Google], progressive, precision 8, 800x246, components 3\012- data
Size 221 kB (220626 bytes)
Hash e221e71a69e1f22d668930794d272705
72541ff362640212f63b40d4d5a3942c6473c165
165e6bfc93f022445503de9c0e86aa99f7e54c26a9c6d0467cd4522a4fdbf4c0
GET /-HcUG0nrEsus/XuhIGHYAWgI/AAAAAAAABis/n-nisusUo2Mune1oWqXfMY3nMctTkYK4ACK4BGAsYHg/s800/slot.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://iblplay.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v62e"
expires: Wed, 05 Oct 2022 14:43:52 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="slot.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Tue, 04 Oct 2022 14:43:52 GMT
server: fife
content-length: 220626
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8975
Expires: Tue, 04 Oct 2022 17:13:27 GMT
Date: Tue, 04 Oct 2022 14:43:52 GMT
Connection: keep-alive
1.bp.blogspot.com/-YfkgVbMwZ9s/XuhIFyUQccI/AAAAAAAABio/95gshwUJW2kyXQWp4rM3WB55Gi7qzfcmACK4BGAsYHg/s800/provider.jpg
200 OK 182 kB URL HTTP/2 1.bp.blogspot.com/-YfkgVbMwZ9s/XuhIFyUQccI/AAAAAAAABio/95gshwUJW2kyXQWp4rM3WB55Gi7qzfcmACK4BGAsYHg/s800/provider.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=3, software=Google], progressive, precision 8, 800x246, components 3\012- data
Size 182 kB (182406 bytes)
Hash b2df9a8e4af573b229a6f7f49277d4f3
3fc14c91e13b9561375da2b6160e92fa554a620d
73d42b77e91b25572f3ee37668cd1944604a69f52b8a606af73d046485411e7e
GET /-YfkgVbMwZ9s/XuhIFyUQccI/AAAAAAAABio/95gshwUJW2kyXQWp4rM3WB55Gi7qzfcmACK4BGAsYHg/s800/provider.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://iblplay.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v62e"
expires: Wed, 05 Oct 2022 14:43:52 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="provider.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Tue, 04 Oct 2022 14:43:52 GMT
server: fife
content-length: 182406
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8975
Expires: Tue, 04 Oct 2022 17:13:27 GMT
Date: Tue, 04 Oct 2022 14:43:52 GMT
Connection: keep-alive
1.bp.blogspot.com/-zH576C5K1hg/XutdYGlu0qI/AAAAAAAABvA/PB2JACj7NVYdTHvOBSKeCFb5wa0K5F7zgCK4BGAsYHg/d/bgking.jpg
200 OK 1.3 MB URL HTTP/2 1.bp.blogspot.com/-zH576C5K1hg/XutdYGlu0qI/AAAAAAAABvA/PB2JACj7NVYdTHvOBSKeCFb5wa0K5F7zgCK4BGAsYHg/d/bgking.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 2340x1690, components 3\012- data
Size 1.3 MB (1272158 bytes)
Hash 2718fe02133d944d5a589f9aa930d215
6e07855da49c3c8ae7aeca8680156c6bb803805f
571a8329e77ca8a1c3f105588df59c488a1ec91f21f140d8295d7be82ea9ba17
GET /-zH576C5K1hg/XutdYGlu0qI/AAAAAAAABvA/PB2JACj7NVYdTHvOBSKeCFb5wa0K5F7zgCK4BGAsYHg/d/bgking.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://iblplay.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v6f2"
expires: Wed, 05 Oct 2022 14:43:52 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: attachment;filename="bgking.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Tue, 04 Oct 2022 14:43:52 GMT
server: fife
content-length: 1272158
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
api.livechatinc.com/v3.3/customer/action/get_configuration?license_id=10529112&version=1467.1.1.1199.136.61.1.1.3.313.2.54&group_id=0&jsonp=__lc_static_config
200 OK 2.1 kB URL HTTP/2 api.livechatinc.com/v3.3/customer/action/get_configuration?license_id=10529112&version=1467.1.1.1199.136.61.1.1.3.313.2.54&group_id=0&jsonp=__lc_static_config
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (6742), with no line terminators
Hash 0adb07baf50c99e3ee20b3cf42cba71e
8e284c2f8e0d7c5bcebf822ed5d286cf54784440
64b310df1fd45e7edc9073472206092dbbd05c91e84c4dca64ed1543df1e3ecd
GET /v3.3/customer/action/get_configuration?license_id=10529112&version=1467.1.1.1199.136.61.1.1.3.313.2.54&group_id=0&jsonp=__lc_static_config HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://iblplay.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
vary: Accept-Encoding
cache-control: public, max-age=600
expires: Tue, 04 Oct 2022 14:53:52 GMT
date: Tue, 04 Oct 2022 14:43:52 GMT
content-length: 2125
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8975
Expires: Tue, 04 Oct 2022 17:13:27 GMT
Date: Tue, 04 Oct 2022 14:43:52 GMT
Connection: keep-alive
icon.ozzogame2.com/RajaOLB/wbtkxny5.png
200 OK 7.3 kB URL HTTP/1.1 icon.ozzogame2.com/RajaOLB/wbtkxny5.png
IP
File type PNG image data, 160 x 72, 8-bit/color RGBA, non-interlaced\012- data
Hash 7f5e0181f7bbb1e2024100d91fbc7fdc
d7905eb2ac76fe3f10e5dcc1339af9ad2921ae83
56a20db1eeb3299d80adb8bdc52ce9d9814650f89d116946fd9f2de02d23f401
GET /RajaOLB/wbtkxny5.png HTTP/1.1
Host: icon.ozzogame2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iblplay.org/
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Wed, 17 Jun 2020 13:28:07 GMT
Accept-Ranges: bytes
ETag: "17e7f522ab44d61:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Tue, 04 Oct 2022 14:43:47 GMT
Content-Length: 7330
icon.ozzogame2.com/RajaOLB/5wag0wif.png
200 OK 13 kB URL HTTP/1.1 icon.ozzogame2.com/RajaOLB/5wag0wif.png
IP
File type PNG image data, 160 x 72, 8-bit/color RGBA, non-interlaced\012- data
Hash 3fbd0aa7f7e2697a9fa4328d25a3c474
7ff2b6d6f3fabfa4f38eee7c2d266da12c2838ff
a1bdf1e2b107ed5921899236f3778b438a53042733ce393d306b6ac03745629a
GET /RajaOLB/5wag0wif.png HTTP/1.1
Host: icon.ozzogame2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iblplay.org/
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Mon, 27 Apr 2020 13:52:49 GMT
Accept-Ranges: bytes
ETag: "cfb797239b1cd61:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Tue, 04 Oct 2022 14:43:47 GMT
Content-Length: 13226
icon.ozzogame2.com/RajaOLB/w2b5gskt.png
200 OK 10 kB URL HTTP/1.1 icon.ozzogame2.com/RajaOLB/w2b5gskt.png
IP
File type PNG image data, 160 x 72, 8-bit/color RGBA, non-interlaced\012- data
Hash 6de40bf47dcb7e6eca6203e11cfa44e5
3a7cf6232d32a8646bbe6b1fe553bf7d68f6db33
8b3fcafd3c0516a06efca54da2b1dc253a173a2f033d81b967df0306e419ca32
GET /RajaOLB/w2b5gskt.png HTTP/1.1
Host: icon.ozzogame2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iblplay.org/
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Mon, 27 Apr 2020 13:52:07 GMT
Accept-Ranges: bytes
ETag: "c7975aa9b1cd61:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Tue, 04 Oct 2022 14:43:47 GMT
Content-Length: 10107
icon.ozzogame2.com/RajaOLB/w2cqu0fc.png
200 OK 6.8 kB URL HTTP/1.1 icon.ozzogame2.com/RajaOLB/w2cqu0fc.png
IP
File type PNG image data, 160 x 72, 8-bit/color RGBA, non-interlaced\012- data
Hash eec8c2f486b2e19aae140455382f85de
45a122b0481de700bd99f85a33a7643b8134e010
a6c7724b35b8aa5843588b532726b7b831502a39271bb3ac01a46f4df14b83fc
GET /RajaOLB/w2cqu0fc.png HTTP/1.1
Host: icon.ozzogame2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iblplay.org/
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Wed, 17 Jun 2020 13:27:46 GMT
Accept-Ranges: bytes
ETag: "8b79a316ab44d61:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Tue, 04 Oct 2022 14:43:47 GMT
Content-Length: 6777
icon.ozzogame2.com/RajaOLB/rjm2haud.png
200 OK 13 kB URL HTTP/1.1 icon.ozzogame2.com/RajaOLB/rjm2haud.png
IP
File type PNG image data, 160 x 72, 8-bit/color RGBA, non-interlaced\012- data
Hash ec7ff04482b54b48749a35abfed67ed2
0d912c9259b330fb43984fe5a8073240410fd57f
d73964ebd270ac1d452099099d0e08d77d0c391f990ee2b66b9474b6fcd581ff
GET /RajaOLB/rjm2haud.png HTTP/1.1
Host: icon.ozzogame2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iblplay.org/
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Mon, 27 Apr 2020 13:52:59 GMT
Accept-Ranges: bytes
ETag: "a0aa81299b1cd61:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Tue, 04 Oct 2022 14:43:47 GMT
Content-Length: 12644
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp
200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d8c08f8066cc732de8befd6ccd629a95
22aab05208a01ae5def4d63dc145085630f57bcb
f8a560a0563518d992d0bd2655d2b5c406435a18e874ca00b51374d2ff901770
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9917
x-amzn-requestid: 2dff93d9-795d-4885-9b82-610b0d235a82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTGEnIAMF1zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-117afa703663ada75627792c;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: p5nOqBojKO6S-c_DxIu8B3p-NK0pzRHkz0DOPeyv7PQt9h0x1jdtoQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:55:54 GMT
age: 60478
etag: "22aab05208a01ae5def4d63dc145085630f57bcb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 206fb65e75dbadf119512f71e0b78402
58ff0bf8ce7528b303d28bab01a80ad721705569
56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 04:42:53 GMT
age: 36059
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6bf68975-a099-4d4b-9abd-6e684653439d.webp
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6bf68975-a099-4d4b-9abd-6e684653439d.webp
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f62719b24a32198c6f462a0a0412ac98
d893d8035379e06e53e365b9f47f5da40bff932b
ca863affca1559e92e415a4de2e78e4b4c1ec4cf8e8549693499c6f79bd27975
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6bf68975-a099-4d4b-9abd-6e684653439d.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10878
x-amzn-requestid: a849d918-ec40-47d4-93cb-e938b010bd50
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpJKGAPIAMFSiw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b556d-242a8d2208b6574c34063c1f;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 40cLnZvUr45pWmnT6qZgZu13Y1pyeycMEK-m9ALI1LVo2Wpysjt7Vw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:45:04 GMT
age: 61128
etag: "d893d8035379e06e53e365b9f47f5da40bff932b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg
200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6779181f9c06975f2a662da743893939
585e7146fd24cdc2496b05baafea04091dc541e2
8e9a9f92fd89b7cdce77884ccd76b83ab82d28f125ebfc1cb0d371d4046b7985
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4858
x-amzn-requestid: fb21c414-2994-444a-a838-e643fd05b171
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTEfPoAMFfeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-593dd8043b0490e7301cac0d;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: MiSh_FjAciKCaOakY2mM_EHBN1Z6GIDYIP8mwS4ikkrToQN3Ktsv2g==
via: 1.1 773ca14e6bd4bf9244988cb69fc9dca8.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:56:46 GMT
age: 60426
etag: "585e7146fd24cdc2496b05baafea04091dc541e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
iblplay.org/Assets/js/bootstrap.min.js
200 OK 9.8 kB URL HTTP/1.1 iblplay.org/Assets/js/bootstrap.min.js
IP
File type ASCII text, with very long lines (32033)
Hash 5001f34e4d6720378751012dedda52d6
d582a3fa4a2772626a934ade1489dc5e5f97a845
3cbb8f3723828476519f646eed5cd50a490f1cb1a03b9c2e92ad2a749c1dbf5a
Analyzer Verdict Alert fortinet Phishing
GET /Assets/js/bootstrap.min.js HTTP/1.1
Host: iblplay.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iblplay.org/
Cookie: ASP.NET_SessionId=poo3vuj4gb511zxvw13hxgza
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 14:43:52 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 20 Oct 2018 00:22:03 GMT
ETag: W/"ab1b6eca68d41:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=staaSMNFVCIPo9TxcObR92S3WqRhuDnEhR3nUp%2F4UXzbo5Or6uw94A14GODqCYfEJqlzHejGhr5d7blfjrRKqqduAOTixA%2BLrG440cEZO%2BRVY53uuStVVYlCut%2BCKA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754eb1385867b4f1-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg
200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6c6882c60d7ca6f918c77104e3ad1d52
20ef861be49c652a938e0145e4ca3a60159367e2
861f5870990fbd2939d151ae18384cf311e87067ca9a50818efe0c2d51b83088
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5504
x-amzn-requestid: 37405eb0-5c75-46a9-84c0-e8ed726995d8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpHvHPvoAMF3mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5564-77fd550b58af612525e74761;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Ovm2wuk28PygH4EZNEUoPchoHQggWCyXbYHOjMV1tZmfyDrL6PjPZA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 22:29:19 GMT
age: 58473
etag: "20ef861be49c652a938e0145e4ca3a60159367e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
iblplay.org/Assets/images/theme/RajaOLB388/imgBtnRegister.png
200 OK 1.4 kB URL HTTP/1.1 iblplay.org/Assets/images/theme/RajaOLB388/imgBtnRegister.png
IP
File type PNG image data, 111 x 36, 8-bit/color RGBA, non-interlaced\012- data
Hash 3d9d87a8be3f9ff6b88ea8b641f787dc
47b1cdddf2b353446cd9e52ff33f98149b24ff70
b8ed966777037d9ea7d80002b5ee213651033c1e5fe99b3166cc721f13e333e6
GET /Assets/images/theme/RajaOLB388/imgBtnRegister.png HTTP/1.1
Host: iblplay.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iblplay.org/Assets/css/theme/RajaOLB388_v6.css
Cookie: ASP.NET_SessionId=poo3vuj4gb511zxvw13hxgza
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 14:43:52 GMT
Content-Type: image/png
Content-Length: 1420
Connection: keep-alive
Last-Modified: Sat, 21 Mar 2020 07:48:50 GMT
ETag: "e5842e2955ffd51:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i72%2Bl9Xf7zhKPFbTaWXa7h8rCGQwJ%2BCJgYmLGcZ4Hd16uF9%2BmUprATRJ6Ul9K1vRW%2BtKZNYVwY1s%2FYmS1SATf9avGK2xvp4h4xg9C8TQ4b9J7KH%2FeK9458j51RXYLA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754eb13d5ba4b506-OSL
alt-svc: h2=":443"; ma=60
iblplay.org/Assets/images/theme/RajaOLB388/imgBtnLogin.png
200 OK 1.4 kB URL HTTP/1.1 iblplay.org/Assets/images/theme/RajaOLB388/imgBtnLogin.png
IP
File type PNG image data, 111 x 36, 8-bit/color RGBA, non-interlaced\012- data
Hash 2e539c8195f0784a1f1ed314ec7896b7
52476e398f3f5baab23755af8799ce427eb24b7d
ca2fe6cf26af5450b16a9bfd75b5304838a01e567008fe62a4030cc51a34f986
GET /Assets/images/theme/RajaOLB388/imgBtnLogin.png HTTP/1.1
Host: iblplay.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iblplay.org/Assets/css/theme/RajaOLB388_v6.css
Cookie: ASP.NET_SessionId=poo3vuj4gb511zxvw13hxgza
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 14:43:52 GMT
Content-Type: image/png
Content-Length: 1422
Connection: keep-alive
Last-Modified: Sat, 21 Mar 2020 07:49:50 GMT
ETag: "97d0d74c55ffd51:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RBs6U9mHWtra8DBJO6Dj2gw38r3f%2FsxzEuBNHEFYEOGVcqG7Rfpa0oa4Q%2FJD1oGY7De6Rhi9%2F0QAlDmQwNw3SnJ7t2UH%2FO1xjBshTKRNll6aOpD0FaTC4Ls6CHhBfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754eb13c1db4b524-OSL
alt-svc: h2=":443"; ma=60
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec31ab6c-46f2-4d77-a807-9f14bb5073bc.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec31ab6c-46f2-4d77-a807-9f14bb5073bc.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 54b3ef7aa50273b78b59c24511b0c1f9
e2ea2ef6805e391c497e62e101e76a0bdecfce64
296e8954022d5160137b3e02ab5085a15cee7c23cd6d4ca61b36880706062457
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec31ab6c-46f2-4d77-a807-9f14bb5073bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11955
x-amzn-requestid: ce6bbe93-95b0-4b6e-a8bc-012796485e67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zcqb9FUtoAMF0WQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b577f-59dc0a18523f900a059aa5df;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:43:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: tJwzKfs7HnQ7dVcINwnlzxTChXiEi4JPj8jrS8p5KhurRx_o3ZVOZQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 22:10:59 GMT
etag: "e2ea2ef6805e391c497e62e101e76a0bdecfce64"
content-type: image/jpeg
age: 59573
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
icon.ozzogame2.com/RajaOLB/gd2yt2te.png
200 OK 11 kB URL HTTP/1.1 icon.ozzogame2.com/RajaOLB/gd2yt2te.png
IP
File type PNG image data, 160 x 72, 8-bit/color RGBA, non-interlaced\012- data
Hash c6657b4ae12426e015b4815cfaffd859
9107008f1c96c677c1af8e5b9cff5a85bc47dc56
04fd18e797e78f3ec20c57f944e01b18debdce1b990f332659c428f6f093abb7
GET /RajaOLB/gd2yt2te.png HTTP/1.1
Host: icon.ozzogame2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iblplay.org/
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Wed, 17 Jun 2020 13:28:33 GMT
Accept-Ranges: bytes
ETag: "c743f832ab44d61:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Tue, 04 Oct 2022 14:43:47 GMT
Content-Length: 10550
api.livechatinc.com/v3.3/customer/action/get_localization?license_id=10529112&version=13159fb2ee05429e3ae48a4031b3d0e0_e20635debd4fdfc538e82ca2ca10de55&language=id&group_id=0&jsonp=__lc_localization
200 OK 4.0 kB URL HTTP/2 api.livechatinc.com/v3.3/customer/action/get_localization?license_id=10529112&version=13159fb2ee05429e3ae48a4031b3d0e0_e20635debd4fdfc538e82ca2ca10de55&language=id&group_id=0&jsonp=__lc_localization
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (11657), with no line terminators
Hash cb0a909973eac865d0f6e3384d290c8c
f37718ed89db636aac2d3a0b2633a4876593d857
a7e709603e818007b1d0f40ffa1ffe51bd839f6231a68d4c32fc322b1f06f8cc
GET /v3.3/customer/action/get_localization?license_id=10529112&version=13159fb2ee05429e3ae48a4031b3d0e0_e20635debd4fdfc538e82ca2ca10de55&language=id&group_id=0&jsonp=__lc_localization HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://iblplay.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
vary: Accept-Encoding
cache-control: public, max-age=600
expires: Tue, 04 Oct 2022 14:53:52 GMT
date: Tue, 04 Oct 2022 14:43:52 GMT
content-length: 4005
X-Firefox-Spdy: h2
secure.livechatinc.com/customer/action/open_chat?license_id=10529112&group=0&embedded=1&widget_version=3&unique_groups=0
200 OK 2.0 kB URL HTTP/2 secure.livechatinc.com/customer/action/open_chat?license_id=10529112&group=0&embedded=1&widget_version=3&unique_groups=0
IP
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4424), with no line terminators
Hash 312e534c06f06d0772876e23f93fcd4f
03d31b86e128c396ea00fa140f247527d41e2a76
30e59bad654134ed0c5f5c238c1d68c87dccd439173aa12c4e3d44aa4695fb54
GET /customer/action/open_chat?license_id=10529112&group=0&embedded=1&widget_version=3&unique_groups=0 HTTP/1.1
Host: secure.livechatinc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://iblplay.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: text/html; charset=utf-8
vary: Accept-Encoding
content-length: 1965
date: Tue, 04 Oct 2022 14:43:52 GMT
X-Firefox-Spdy: h2
iblplay.org/Assets/images/theme/RajaOLB388/new.png
200 OK 2.5 kB URL HTTP/1.1 iblplay.org/Assets/images/theme/RajaOLB388/new.png
IP
File type PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash 6a5993adbc814253708ba814b628dacf
63bf680cf56d7e97a24f911ce6e3e602439569f7
6ea782fb476b4a944c1f0f13f5c71f35a7d6560cd2f208d8e499f427f2dab0c1
GET /Assets/images/theme/RajaOLB388/new.png HTTP/1.1
Host: iblplay.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iblplay.org/Assets/css/theme/RajaOLB388_v6.css
Cookie: ASP.NET_SessionId=poo3vuj4gb511zxvw13hxgza
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 14:43:52 GMT
Content-Type: image/png
Content-Length: 2496
Connection: keep-alive
Last-Modified: Wed, 13 Mar 2019 09:17:27 GMT
ETag: "a059e1937dd9d41:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IPJySODO%2FUXmjh2QQJe0ncxundYKqEhcwPbeplqyTa5jRv5dZsaGmYkO4eQdFdt5BnAJ3IdyBPfESoaYsdIEsZ1WzWVkvUigH0mh%2BPoNkNmlyV7uYhgBOok6mEanvA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754eb13e9d77b506-OSL
alt-svc: h2=":443"; ma=60
cdn.livechatinc.com/widget/static/js/0.96a16c18.chunk.js
200 OK 70 kB URL HTTP/2 cdn.livechatinc.com/widget/static/js/0.96a16c18.chunk.js
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65462)
Hash 4e94f8d92e0b5b5d837c91a71518ae93
3a901f88735fe470d89fabae6f6da1bd6ef57370
ad40d01aa34c47aa7e9bc7bf52adc65074e90e7ea81a3646ee536b79a278be8c
GET /widget/static/js/0.96a16c18.chunk.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 07 Sep 2022 12:23:44 GMT
etag: W/"6a835528d087d08b1f0fe0642cb6d223"
x-amz-version-id: D3auGCHl.1EBD8fIsGg0TVEJ4vGgzVLu
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-amz-cf-pop: AMS54-C1
x-amz-cf-id: 2Z3Jj0ChNSBBVMOnJi6CzXCHxdv4j89b_Ig-RZcY8UGtT5nFkSAmPg==
content-length: 69542
cache-control: max-age=31536000
expires: Wed, 04 Oct 2023 14:43:52 GMT
date: Tue, 04 Oct 2022 14:43:52 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
X-Firefox-Spdy: h2
cdn.livechatinc.com/widget/static/js/2.92af70d8.chunk.js
200 OK 94 kB URL HTTP/2 cdn.livechatinc.com/widget/static/js/2.92af70d8.chunk.js
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65462)
Hash 02111854c917c5c061c21202d4aaded0
4ce8e254a4a4ea1eccecd2b83514914c7ac8825c
6f20626509b89a2bc6f300002c848a505e6a49005829f4ac81d6df8c7bc43cf3
GET /widget/static/js/2.92af70d8.chunk.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 03 Oct 2022 08:52:46 GMT
x-amz-version-id: xNCHeeVTtdNpDpNtiXX6xPNMc.7ECuTs
server: AmazonS3
content-encoding: br
etag: W/"9b36a5f685bf617dab4bbe59e3f5b4c1"
vary: Accept-Encoding
x-amz-cf-pop: AMS54-C1
x-amz-cf-id: srjxuF86LFZt_sFpAhCHx9ISSo-2Jc1AEL7QqmLvmqJKQf3U6GcoSw==
content-length: 94299
cache-control: max-age=31536000
expires: Wed, 04 Oct 2023 14:43:52 GMT
date: Tue, 04 Oct 2022 14:43:52 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
X-Firefox-Spdy: h2
icon.ozzogame2.com/RajaOLB/zl0uhvva.png
200 OK 10 kB URL HTTP/1.1 icon.ozzogame2.com/RajaOLB/zl0uhvva.png
IP
File type PNG image data, 160 x 72, 8-bit/color RGBA, non-interlaced\012- data
Hash 586fb62c63b4f86c9530ea5783f0ce80
da4a18df42b2473b2850a9da540ca50caf535f21
b9b1fffba23c5416be94dbcfa90de79c936a3020699cd24b37d5376041405eeb
GET /RajaOLB/zl0uhvva.png HTTP/1.1
Host: icon.ozzogame2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iblplay.org/
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Mon, 27 Apr 2020 13:52:24 GMT
Accept-Ranges: bytes
ETag: "ffff72149b1cd61:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Tue, 04 Oct 2022 14:43:47 GMT
Content-Length: 10260
icon.ozzogame2.com/RajaOLB/ispkdyur.png
200 OK 11 kB URL HTTP/1.1 icon.ozzogame2.com/RajaOLB/ispkdyur.png
IP
File type PNG image data, 160 x 72, 8-bit/color RGBA, non-interlaced\012- data
Hash 73c749edc805bdc0f252fe6838d68709
e0c25256cf543b83ee440284f6a725c833e18bc6
aa10336149ce60b356bab87277c5e4c89db7601f49b01ad2902f7fd6df8792fe
GET /RajaOLB/ispkdyur.png HTTP/1.1
Host: icon.ozzogame2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iblplay.org/
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Wed, 17 Jun 2020 13:28:17 GMT
Accept-Ranges: bytes
ETag: "33bc3c29ab44d61:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Tue, 04 Oct 2022 14:43:47 GMT
Content-Length: 11046
icon.ozzogame2.com/RajaOLB/bgt3p522.png
200 OK 6.4 kB URL HTTP/1.1 icon.ozzogame2.com/RajaOLB/bgt3p522.png
IP
File type PNG image data, 160 x 72, 8-bit/color RGBA, non-interlaced\012- data
Hash abfd13bde7ee3fb7fc95d260ab186a54
b67f71c1635a793786f9a12d56bc0c7c15aa1fd9
505805bc7c51d05b69824ce55a76d17e15e83c339ea9e75bbb06aa4f7f3d5ab5
GET /RajaOLB/bgt3p522.png HTTP/1.1
Host: icon.ozzogame2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iblplay.org/
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Wed, 17 Jun 2020 13:27:55 GMT
Accept-Ranges: bytes
ETag: "b7f0e81bab44d61:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Tue, 04 Oct 2022 14:43:47 GMT
Content-Length: 6445
icon.ozzogame2.com/RajaOLB/dqepcsmx.png
200 OK 7.8 kB URL HTTP/1.1 icon.ozzogame2.com/RajaOLB/dqepcsmx.png
IP
File type PNG image data, 160 x 72, 8-bit/color RGBA, non-interlaced\012- data
Hash bdffed6b6120a6b7887865e8f736279b
1b37abe6911b0368772cad6af16c8f8909285152
6180d6de91fd9aca41ae8f4f9320ae2a84c7bdf96b0e48c86c77e13cf661e801
GET /RajaOLB/dqepcsmx.png HTTP/1.1
Host: icon.ozzogame2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iblplay.org/
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Mon, 27 Apr 2020 13:52:38 GMT
Accept-Ranges: bytes
ETag: "2a37ea1c9b1cd61:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Tue, 04 Oct 2022 14:43:47 GMT
Content-Length: 7754
iblplay.org/Assets/fonts/glyphicons-halflings-regular.woff2
200 OK 18 kB URL HTTP/1.1 iblplay.org/Assets/fonts/glyphicons-halflings-regular.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 18028, version 1.589\012- data
Hash 448c34a56d699c29117adc64c43affeb
ca35b697d99cae4d1b60f2d60fcd37771987eb07
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
Analyzer Verdict Alert fortinet Phishing
GET /Assets/fonts/glyphicons-halflings-regular.woff2 HTTP/1.1
Host: iblplay.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://iblplay.org/Assets/css/bootstrap.css
Cookie: ASP.NET_SessionId=poo3vuj4gb511zxvw13hxgza
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 14:43:53 GMT
Content-Type: application/font-woff2
Content-Length: 18028
Connection: keep-alive
Last-Modified: Tue, 16 Jun 2015 07:56:18 GMT
ETag: "0bd1ced9a8d01:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zX8%2Bm6IYtQWgjT1J5UqyufsL91Ap0f76e0Bs5eHaEmtftQPUVtnStIxV2tZVZHzxQ4Y4LC%2BOiI6jPogR6cd3gdoMToZCQpCgUEW0wvzDNe%2BcGYQLdFoTo%2Fg%2BvJ%2BtMw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754eb13bb92ab500-OSL
alt-svc: h2=":443"; ma=60
icon.ozzogame2.com/RajaOLB/bkwgcfhk.png
200 OK 9.8 kB URL HTTP/1.1 icon.ozzogame2.com/RajaOLB/bkwgcfhk.png
IP
File type PNG image data, 160 x 72, 8-bit/color RGBA, non-interlaced\012- data
Hash dcda19d38ed3fa78b2d892642e7848b0
84f00eab2ab1a8391afcea8b02a6f375f2917791
229be4091f0e8ec5f5bc7f745641c231f23cd4fcda201dc5cf225b7cfd1f9ff9
GET /RajaOLB/bkwgcfhk.png HTTP/1.1
Host: icon.ozzogame2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iblplay.org/
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Mon, 27 Apr 2020 13:52:14 GMT
Accept-Ranges: bytes
ETag: "cbdd6ee9b1cd61:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Tue, 04 Oct 2022 14:43:47 GMT
Content-Length: 9794
iblplay.org/Assets/images/theme/RajaOLB388/navbar.png
200 OK 1.9 kB URL HTTP/1.1 iblplay.org/Assets/images/theme/RajaOLB388/navbar.png
IP
File type PNG image data, 1920 x 40, 8-bit/color RGB, non-interlaced\012- data
Hash 2faa729d821e5cf92b9ab18dcbd5ca29
cff09da19e04dc787b0ee1f15a652ec69f575e79
5fd4ebf8ca529e0afbfc5ba8e984c09999dbc982866557e10adccc7a2430ebde
GET /Assets/images/theme/RajaOLB388/navbar.png HTTP/1.1
Host: iblplay.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iblplay.org/Assets/css/theme/RajaOLB388_v6.css
Cookie: ASP.NET_SessionId=poo3vuj4gb511zxvw13hxgza
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 14:43:53 GMT
Content-Type: image/png
Content-Length: 1919
Connection: keep-alive
Last-Modified: Sat, 21 Mar 2020 08:18:23 GMT
ETag: "2d90cd4959ffd51:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9jl69vcn%2B%2B0cEKI9alm%2BBbXhHjiebDB1SIdwlBMwohrjYHr%2B%2BtvIjBvs9cXqtPo7y7kmbHgIxZHtc8RE6CI5YmccFSH9lSjqk5pSp2OeshcmxQ9djVl9aWEa6dZJmw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754eb13e9ab3b4f1-OSL
alt-svc: h2=":443"; ma=60
iblplay.org/Assets/images/theme/RajaOLB388/android.png
200 OK 3.4 kB URL HTTP/1.1 iblplay.org/Assets/images/theme/RajaOLB388/android.png
IP
File type PNG image data, 48 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 0d8f3bf22c6929273089c737f03e544c
3e2e25a14eb7a89574673f72a49c5d7e43cf47b1
11bcf926ab198bace92a7e3b2c338408487e6972a9372fd335f2d40b4eced49d
GET /Assets/images/theme/RajaOLB388/android.png HTTP/1.1
Host: iblplay.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iblplay.org/Assets/css/theme/RajaOLB388_v6.css
Cookie: ASP.NET_SessionId=poo3vuj4gb511zxvw13hxgza
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 14:43:53 GMT
Content-Type: image/png
Content-Length: 3365
Connection: keep-alive
Last-Modified: Sat, 21 Mar 2020 08:47:10 GMT
ETag: "5a15464f5dffd51:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=koLLnSScZTHUZpjFcqI8h3vmiiXZB6i2eEmvsdUdoxUvLTXNfmWJHaQr1MXSITZm2QW%2BJtZ1lQSyCRNy4HA1onjnenLviS9QvNLLunosD%2BzxpHCLn5LNRm0S3%2BzSTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754eb13e99a8b524-OSL
alt-svc: h2=":443"; ma=60
iblplay.org/Default.aspx/UpdateJackpot
200 OK 75 B URL HTTP/1.1 iblplay.org/Default.aspx/UpdateJackpot
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 468edc78cf7e97c70c580a9e28430289
5c6157a88f10d957838aa8fb8b261d6adf3d8bc1
32606a7dfe9b0b8bd1ef623cd9ea266fbe42bbabadfeeb39110179d0d88d58b5
Analyzer Verdict Alert fortinet Phishing
POST /Default.aspx/UpdateJackpot HTTP/1.1
Host: iblplay.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/json; charset=utf-8
X-Requested-With: XMLHttpRequest
Origin: http://iblplay.org
Connection: keep-alive
Referer: http://iblplay.org/
Cookie: ASP.NET_SessionId=poo3vuj4gb511zxvw13hxgza
Content-Length: 0
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 14:43:53 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, max-age=0
X-Powered-By: ASP.NET
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XAkPVdzgffeF3gMu%2BIzV4XCzpEvc0TmR1LnnRIPCgAN%2By84g13TvrPUVYIzy2s42y68tZsHjnV1rw%2FnjdLsAQ3YUcszyNBqRcDZd3890n5NuN8aBvKpUQWPky8vJFA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 754eb13fef59b506-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
icon.ozzogame2.com/RajaOLB/dncqogqd.png
200 OK 12 kB URL HTTP/1.1 icon.ozzogame2.com/RajaOLB/dncqogqd.png
IP
File type PNG image data, 160 x 72, 8-bit/color RGBA, non-interlaced\012- data
Hash 63d66697e43a9e7f355be491e65cb101
eb04d9043c0b962bbb56e61737c0bcdc8ae50918
ba5d66c76d43dc9fb49cb81a40ec7df756783db7d85bf507d43e3e89c3ba293b
GET /RajaOLB/dncqogqd.png HTTP/1.1
Host: icon.ozzogame2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iblplay.org/
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Mon, 27 Apr 2020 13:53:08 GMT
Accept-Ranges: bytes
ETag: "ee0cb2e9b1cd61:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Tue, 04 Oct 2022 14:43:47 GMT
Content-Length: 12181
iblplay.org/Assets/banner/IND/KM-RT-OG.jpg?V=1630663426
200 OK 103 kB URL HTTP/1.1 iblplay.org/Assets/banner/IND/KM-RT-OG.jpg?V=1630663426
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, baseline, precision 8, 1000x400, components 3\012- data
Size 103 kB (103117 bytes)
Hash 903d85910935a8075db031d67bb28413
a592ae0d00dd76cb00e759883b34764627f36ee5
4b6b5c56cf7cb1a413915eebc34d96124b28458dba9f3c0fd1067854de9c00ae
Analyzer Verdict Alert fortinet Phishing
GET /Assets/banner/IND/KM-RT-OG.jpg?V=1630663426 HTTP/1.1
Host: iblplay.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iblplay.org/
Cookie: ASP.NET_SessionId=poo3vuj4gb511zxvw13hxgza
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 14:43:53 GMT
Content-Type: image/jpeg
Content-Length: 103117
Connection: keep-alive
Last-Modified: Mon, 16 Nov 2020 04:01:15 GMT
ETag: "4b3b3421cdbbd61:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TyaLOJh40Fh3SbIH8DIWIOZlTNYTkaa11UktJf%2FJrS2XVK%2B3X8hbchvg01VEsTGyrUjS1bzlbyuX%2BD7PdisuhXUzQZuc14mPioWw0JinPBqDG%2FEIXYGVilNFKufuZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754eb13adb53b524-OSL
alt-svc: h2=":443"; ma=60
iblplay.org/Assets/images/theme/RajaOLB388/bankbar.jpg
200 OK 1.5 kB URL HTTP/1.1 iblplay.org/Assets/images/theme/RajaOLB388/bankbar.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x2, components 3\012- data
Hash e62d3352fa7802249956cfb1f2a34403
b6ebd244f4a8cdb9d7d85693c2dc730d6d2dcfec
af274bc244e10cc6fa01ffbbfab358672b9116e9bf0f70883b458269c5387344
GET /Assets/images/theme/RajaOLB388/bankbar.jpg HTTP/1.1
Host: iblplay.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iblplay.org/Assets/css/theme/RajaOLB388_v6.css
Cookie: ASP.NET_SessionId=poo3vuj4gb511zxvw13hxgza
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 14:43:53 GMT
Content-Type: image/jpeg
Content-Length: 1506
Connection: keep-alive
Last-Modified: Sat, 21 Mar 2020 09:49:01 GMT
ETag: "b7f122f365ffd51:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g%2Bj6i3xWQfH8SMwio8Mrk9XP2Cccoxwa91uv6ci03TI%2F61Ry4aiLw%2BN5NxXI5mBoUxEp2VJ1Lwtztaf20GpSrdQhZWbaPUzEYkqOKFxCHNMfkcNztJBartl0LNEREw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754eb1411d41b524-OSL
alt-svc: h2=":443"; ma=60
iblplay.org/Assets/images/theme/RajaOLB388/indicator.png
200 OK 2.5 kB URL HTTP/1.1 iblplay.org/Assets/images/theme/RajaOLB388/indicator.png
IP
File type PNG image data, 22 x 44, 8-bit/color RGBA, non-interlaced\012- data
Hash 11002d827cbba944b6eff9592c5c8f4d
db8193b747999119293db145e13b9dcf77330264
64588730c2a0deec34b12b4404a83b5a8b2e7e75bb5c51c4078c00d85130c70a
GET /Assets/images/theme/RajaOLB388/indicator.png HTTP/1.1
Host: iblplay.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iblplay.org/Assets/css/theme/RajaOLB388_v6.css
Cookie: ASP.NET_SessionId=poo3vuj4gb511zxvw13hxgza
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 14:43:53 GMT
Content-Type: image/png
Content-Length: 2540
Connection: keep-alive
Last-Modified: Wed, 21 Feb 2018 02:00:45 GMT
ETag: "f47f48c9b7aad31:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=isf0vW%2B1mwcCyN%2BV8EhuUsjEzgCbEkZ0yr4N%2F%2FRQ809d3NnTreXZoyDh%2FUJzoZ7aSRySqKxNANEBpjska%2FvWNj91gNEjvpzv%2FQ%2BrcCaQXhByhP3HCGhcUvfM6AHt1A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754eb141595cb506-OSL
alt-svc: h2=":443"; ma=60
iblplay.org/Assets/banner/imgLinkBanner.png?V=1592591675
200 OK 128 kB URL HTTP/1.1 iblplay.org/Assets/banner/imgLinkBanner.png?V=1592591675
IP
File type PNG image data, 1000 x 150, 8-bit/color RGBA, non-interlaced\012- data
Size 128 kB (127922 bytes)
Hash 3b4f811bd5fe9a4b94f42d7b4a3e8838
eff8cc5c0707c03d1cb7638bd82a43614047c2a8
c9ad7b1da558438559f82e785d2ab5515c6a636407948c64f4fcbf5f96b22329
Analyzer Verdict Alert fortinet Phishing
GET /Assets/banner/imgLinkBanner.png?V=1592591675 HTTP/1.1
Host: iblplay.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iblplay.org/
Cookie: ASP.NET_SessionId=poo3vuj4gb511zxvw13hxgza
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 14:43:53 GMT
Content-Type: image/png
Content-Length: 127922
Connection: keep-alive
Last-Modified: Sat, 21 Mar 2020 05:31:58 GMT
ETag: "cced5fa42ffd51:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x5HkZIIB8N5BRO3E7faAgkQxh9enOA2vYWALP%2BXkRllyjaIwDtzPjMfWOeCiHhFuzfEZzYtddgWNukSlYA7WfKuUhqcAH24%2FLFFPXAQRWf7PuuLDrxW1NaVJTszIxA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754eb13ad982b512-OSL
alt-svc: h2=":443"; ma=60
iblplay.org/Assets/contact/white/facebook.svg?v=1
200 OK 365 B URL HTTP/1.1 iblplay.org/Assets/contact/white/facebook.svg?v=1
IP
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (595), with no line terminators
Hash 3ecaf3864184c498e28b7406455b9a65
915341b46769a607c222657081e396988cd4b3ae
7d4eb9a789b77d676e5061d65f219b36793048365529a130f3b69f244f6678f2
Analyzer Verdict Alert fortinet Phishing
GET /Assets/contact/white/facebook.svg?v=1 HTTP/1.1
Host: iblplay.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iblplay.org/
Cookie: ASP.NET_SessionId=poo3vuj4gb511zxvw13hxgza
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 14:43:53 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 28 Jul 2022 08:39:46 GMT
ETag: W/"f3b14a975da2d81:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5U5lThLninNN5LP0MJEVRP6b5m0Wxn5y2XlAm3cQTOoWuAgNf%2BE2pYR3RHSFMJ0RNOoqJ8nOupEmxkR56kh2KbfNnX%2BjyPgUcVELJ2MOCYpC2Wqz%2Blo5ZjkdvS6GuA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754eb1429b41b506-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 4d6b344f7e5123552495c56971708cef
efcf4bd4bdb6964b29ce0bc239ea32ab573dac3a
8092e24c3c24d08ffebca3781af0ec9574604e1ae4bd40d2c21865c3297f44bc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 14:43:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
iblplay.org/Assets/images/theme/RajaOLB388/footerbg.jpg
200 OK 5.6 kB URL HTTP/1.1 iblplay.org/Assets/images/theme/RajaOLB388/footerbg.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 992x180, components 3\012- data
Hash a2be470f799984825f81ab086e28f624
78dcb49751a5c0977520e959fb6eb3f4f050f8f9
1d29656b8274006a11a584575e766f71f6091c2e50ed5f1a69d38f68d5e9819c
GET /Assets/images/theme/RajaOLB388/footerbg.jpg HTTP/1.1
Host: iblplay.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iblplay.org/Assets/css/theme/RajaOLB388_v6.css
Cookie: ASP.NET_SessionId=poo3vuj4gb511zxvw13hxgza
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 14:43:53 GMT
Content-Type: image/jpeg
Content-Length: 5642
Connection: keep-alive
Last-Modified: Sat, 21 Mar 2020 09:24:04 GMT
ETag: "4dea167762ffd51:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oei%2BCDUCpo%2BW2aFCcrs%2F5t5f%2FThLHpsTVtuPOHK3Tn3iWNsWtFdNGoJFUBL5idtYitkt1IgxRwcjbZXoROtKYBkTWXG0DsrJ%2F6rZcM27EccLIhQieiegpr05jITdSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754eb1422ee6b524-OSL
alt-svc: h2=":443"; ma=60
iblplay.org/Assets/contact/white/line.svg?v=1
200 OK 481 B URL HTTP/1.1 iblplay.org/Assets/contact/white/line.svg?v=1
IP
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1141), with no line terminators
Hash 8940d415aca08b5d7f4a22ed692a86b6
393516d86b6c10f6285accb14c4ff4b50ed99c97
f4e11cbdff7adec4835c4366522afc6c78a5b6ae2e13e4c051e0d0ea66de294a
GET /Assets/contact/white/line.svg?v=1 HTTP/1.1
Host: iblplay.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iblplay.org/
Cookie: ASP.NET_SessionId=poo3vuj4gb511zxvw13hxgza
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 14:43:53 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 28 Jul 2022 08:39:20 GMT
ETag: W/"df2b5885da2d81:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZOVN7dD04a1l2QPSCHJB120tNEVOBvUbAc%2BLbwgYC7bvrd5%2BTorHohrNGWlt4k4wVe9ikAJ%2FPDwxpiRRITVDNvXBZwmi8IFYrdzfrfeks1%2Fs5d9qBGajekxOCjzpzg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754eb1436e15b512-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
fonts.googleapis.com/css?family=Noto+Sans:400,700&subset=latin-ext&display=swap
200 OK 1.2 kB URL HTTP/2 fonts.googleapis.com/css?family=Noto+Sans:400,700&subset=latin-ext&display=swap
IP
Hash 080761084199eadedac192d1a0e4f531
708a4c702ed24ebadd81df916858337616b34d32
4a3230694143bbf0568d4c248bcd12ae58c19be3aff799371ab7f0fcd4b103db
GET /css?family=Noto+Sans:400,700&subset=latin-ext&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 04 Oct 2022 14:43:53 GMT
date: Tue, 04 Oct 2022 14:43:53 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
iblplay.org/Assets/images/theme/RajaOLB388/imgResultBG.png
200 OK 23 kB URL HTTP/1.1 iblplay.org/Assets/images/theme/RajaOLB388/imgResultBG.png
IP
File type PNG image data, 160 x 187, 8-bit/color RGBA, non-interlaced\012- data
Hash 41ce9d4e2d1ecf427bdc10d699d36076
aea361108ea87d890b16f0c4ceba4bb696e700ae
3efb5e256d1ec8097dec2676dfd392affc45290edfce4b8629dcb0d91ac57793
GET /Assets/images/theme/RajaOLB388/imgResultBG.png HTTP/1.1
Host: iblplay.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iblplay.org/Assets/css/theme/RajaOLB388_v6.css
Cookie: ASP.NET_SessionId=poo3vuj4gb511zxvw13hxgza
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 14:43:53 GMT
Content-Type: image/png
Content-Length: 22854
Connection: keep-alive
Last-Modified: Sat, 21 Mar 2020 09:39:43 GMT
ETag: "f3dcada664ffd51:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OMfhorZZz%2B2K47OsKhoUjL06aP3A4oadBNCqBaqy5kyupjVDKNod8Yu0xKpvRVziRQjPMejmIRF%2BNdb13Ji0v4ZH6HpZwIU7kFP6IJn7V%2FNSbWQLxqSmQz8R52zcnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754eb1410e84b4f1-OSL
alt-svc: h2=":443"; ma=60
iblplay.org/Assets/images/btnclose.png
200 OK 6.4 kB URL HTTP/1.1 iblplay.org/Assets/images/btnclose.png
IP
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash a6348ae91b3a712a49914adea2d6883b
112e23565926c1c98a34a53f26f6300fa8903f3d
86701be5f4e1043bde4b8f54c2996f17380189f67d54a64c2ac87103641fb144
GET /Assets/images/btnclose.png HTTP/1.1
Host: iblplay.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iblplay.org/Assets/css/theme/RajaOLB388_v6.css
Cookie: ASP.NET_SessionId=poo3vuj4gb511zxvw13hxgza
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 14:43:53 GMT
Content-Type: image/png
Content-Length: 6377
Connection: keep-alive
Last-Modified: Wed, 24 Aug 2016 06:46:48 GMT
ETag: "07c4a49d3fdd11:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4LPIGD4Hedzcz9fetxZt%2BWd8NN599%2FmYVP4%2ByyENiMGjhcKTe6B9Huy7aEUVdK0gT4zVUppLL9BNMdidt9m3Hjz6dfIGoWv29JeDaGMMC0F1dUcPuO9itPm4im4%2B8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754eb1427f41b524-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 14:43:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 14:43:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/notosans/v27/o-0IIpQlx3QUlC5A4PNr5TRA.woff2
200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/notosans/v27/o-0IIpQlx3QUlC5A4PNr5TRA.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 12860, version 1.0\012- data
Hash ab21c24efd75543e16e34807ebc6cdec
eb2562f9729079333fbcbbe94868695669dd3301
88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265
GET /s/notosans/v27/o-0IIpQlx3QUlC5A4PNr5TRA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://secure.livechatinc.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 03 Oct 2022 21:03:13 GMT
expires: Tue, 03 Oct 2023 21:03:13 GMT
cache-control: public, max-age=31536000
age: 63641
last-modified: Mon, 09 May 2022 18:27:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/notosans/v27/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/notosans/v27/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 12684, version 1.0\012- data
Hash 0c235386bcf6af06f67e6c89fd19e434
10720574d4609322023984a761f32f9518c07bc4
c1c30918a861cb6a985ab55d54ad7e861682354197f164cb3b7194f20eed67ac
GET /s/notosans/v27/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://secure.livechatinc.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12684
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 03 Oct 2022 21:03:15 GMT
expires: Tue, 03 Oct 2023 21:03:15 GMT
cache-control: public, max-age=31536000
age: 63639
last-modified: Mon, 09 May 2022 18:28:04 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 14:43:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
iblplay.org/Assets/contact/white/whatsapp.svg?v=1
200 OK 448 B URL HTTP/1.1 iblplay.org/Assets/contact/white/whatsapp.svg?v=1
IP
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (800), with no line terminators
Hash 147fe5e7ced1076a6164b7404b63acfb
5a226a33a1613e97fe6ad1fc8d6a9fa12df0b9fc
4b9ab45862fb28eabe88c519070583ef21abd8143c65caca9e1835686709557a
Analyzer Verdict Alert fortinet Phishing
GET /Assets/contact/white/whatsapp.svg?v=1 HTTP/1.1
Host: iblplay.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iblplay.org/
Cookie: ASP.NET_SessionId=poo3vuj4gb511zxvw13hxgza
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 14:43:54 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 28 Jul 2022 08:36:17 GMT
ETag: W/"7b3aaf1a5da2d81:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8XG%2BvhmEowOnQdeN1gdZRWQLVu87Gcg8iTup5gA6TgV1jfMq3lrk833FMKdS0QbJRlLKqZ75Gdz6Wg8XgOzSDlQYg%2BqT%2FE2%2B3foPjGV20PbpwixZWqDoGoo1XiTwKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754eb145dc9fb524-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
icon.ozzogame2.com/RajaOLB/lxxwoyjx.png
200 OK 8.9 kB URL HTTP/1.1 icon.ozzogame2.com/RajaOLB/lxxwoyjx.png
IP
File type PNG image data, 160 x 72, 8-bit/color RGBA, non-interlaced\012- data
Hash 19743d18630477fcb60e7969376325f1
5e0f8a60cceb3b4363e7ea1abcdd1a60827479e3
510a2bfdf810c3ffc1904eeaaefc31b7b59027dcdbda86d4d91baf239f515ba0
GET /RajaOLB/lxxwoyjx.png HTTP/1.1
Host: icon.ozzogame2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iblplay.org/
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Wed, 17 Jun 2020 13:28:25 GMT
Accept-Ranges: bytes
ETag: "6684382eab44d61:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Tue, 04 Oct 2022 14:43:48 GMT
Content-Length: 8948
iblplay.org/Assets/brand/togel/hrz/KievPool.png?v1
200 OK 2.4 kB URL HTTP/1.1 iblplay.org/Assets/brand/togel/hrz/KievPool.png?v1
IP
File type PNG image data, 160 x 72, 8-bit colormap, non-interlaced\012- data
Hash fbcb5356fa739da3b7fdfca07b211565
9a9fccde6b0aff21b7984be607b399cd7d9f9e7b
e46840d6df93ac410a6d593decb83bea54bf472e0fb21909cef7f520c8226615
GET /Assets/brand/togel/hrz/KievPool.png?v1 HTTP/1.1
Host: iblplay.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iblplay.org/
Cookie: ASP.NET_SessionId=poo3vuj4gb511zxvw13hxgza
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 14:43:54 GMT
Content-Type: image/png
Content-Length: 2406
Connection: keep-alive
Last-Modified: Thu, 04 Feb 2021 08:11:02 GMT
ETag: "b2415947cdfad61:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q0TKZWXAV4UqIt4O25rgP58hJLH%2FO%2FQNNBvCKt064j2vD2BY%2BtTTAdyX5rt87xub1QeDRKUgk6FfVJh77GmgurbrNrglKbzm%2F0ArFbIo4av3MTu%2BfS8tAKLbowOTFw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754eb1465d2fb524-OSL
alt-svc: h2=":443"; ma=60
iblplay.org/Assets/contact/white/wechat.svg?v=1
200 OK 517 B URL HTTP/1.1 iblplay.org/Assets/contact/white/wechat.svg?v=1
IP
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1023), with no line terminators
Hash c7afdbf38cb7572e4b3cf58d2ff9b115
8b8b0746f583c4a80cca5f2da5272535946e50a0
4fec4162e3f215c466161d3d3ad0f5ec7e954846d7c3413df2e10706903f6ac8
Analyzer Verdict Alert fortinet Phishing
GET /Assets/contact/white/wechat.svg?v=1 HTTP/1.1
Host: iblplay.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iblplay.org/
Cookie: ASP.NET_SessionId=poo3vuj4gb511zxvw13hxgza
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 14:43:54 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 28 Jul 2022 08:36:34 GMT
ETag: W/"8e843f255da2d81:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IdLlDA7mlP3B2gh6J2w%2F8%2F2j9KsD0tBf0aFQKlPD%2FVaenFB7sWSsyha4fR6LTLvZM10IIQ3YBQK7PV67b%2B8i4N5sonjgcUaxiWTLd%2FAAIfjd%2FZekAwjCK6siwN0cqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754eb1451f01b506-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
accounts.livechatinc.com/customer/token
200 OK 138 B URL HTTP/2 accounts.livechatinc.com/customer/token
IP
ASN #20940 Akamai International B.V.
File type JSON data\012- , ASCII text
Hash 9a86433ecdef6eb37d35a6a84635c95a
78c2eb299143180b1197f815b0810a74c684a2c5
d88646298d6ce7ecad8cde02232aab4bbdf26804cbdd2bdeb0e04196bcc5b03e
POST /customer/token HTTP/1.1
Host: accounts.livechatinc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 190
Origin: https://secure.livechatinc.com
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://secure.livechatinc.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: application/json
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
content-length: 138
date: Tue, 04 Oct 2022 14:43:54 GMT
set-cookie: __lc_cid=1d29ff63-3887-4794-6128-c512669c4153; Path=/v2/customer/token; Domain=accounts.livechatinc.com; Expires=Fri, 04 Oct 2024 14:43:54 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None
__lc_cst=82bfd270e9bcbd428de76610de17ebabbd5523bc1dfcb8eae55614b8a8b65843aeb751485e9cf3cdc5aed840b462c3fa8ed141717c6956d2dca9d6daae52; Path=/v2/customer/token; Domain=accounts.livechatinc.com; Expires=Fri, 04 Oct 2024 14:43:54 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None
__lc_cid=1d29ff63-3887-4794-6128-c512669c4153; Path=/customer/token; Domain=accounts.livechatinc.com; Expires=Fri, 04 Oct 2024 14:43:54 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None
__lc_cst=82bfd270e9bcbd428de76610de17ebabbd5523bc1dfcb8eae55614b8a8b65843aeb751485e9cf3cdc5aed840b462c3fa8ed141717c6956d2dca9d6daae52; Path=/customer/token; Domain=accounts.livechatinc.com; Expires=Fri, 04 Oct 2024 14:43:54 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None
__oauth_redirect_detector=counter=1&t=1664894664&tag=c1c3f0163b3b59d5ec5a647c242224a116f53c78; Path=/; Expires=Tue, 04 Oct 2022 14:44:24 GMT; HttpOnly; Secure; SameSite=None
X-Firefox-Spdy: h2
api.livechatinc.com/v3.3/customer/rtm/ws?license_id=10529112
101 Switching Protocols 0 B URL HTTP/1.1 api.livechatinc.com/v3.3/customer/rtm/ws?license_id=10529112
IP
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v3.3/customer/rtm/ws?license_id=10529112 HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://secure.livechatinc.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: mfYbbqI1PdAJOwLkriC2xA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
sec-websocket-accept: A0vqcNw+uJedgVkSdT+xBzjxCRc=
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://secure.livechatinc.com
legacy: 2023-06-30
Date: Tue, 04 Oct 2022 14:43:54 GMT
Upgrade: websocket
Connection: Upgrade
iblplay.org/Assets/brand/togel/hrz/NairobiPools.png?v1
200 OK 5.2 kB URL HTTP/1.1 iblplay.org/Assets/brand/togel/hrz/NairobiPools.png?v1
IP
File type PNG image data, 160 x 72, 8-bit colormap, non-interlaced\012- data
Hash 14e484b15bdd75e7b8b9232857399292
47e6b07b36fae4eecf769aa6406b9781a9debb49
afa3f78c35f98feb54b36374e3e7c030e8675b535ecced5c490606e42675451c
Analyzer Verdict Alert fortinet Phishing
GET /Assets/brand/togel/hrz/NairobiPools.png?v1 HTTP/1.1
Host: iblplay.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iblplay.org/
Cookie: ASP.NET_SessionId=poo3vuj4gb511zxvw13hxgza
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 14:43:54 GMT
Content-Type: image/png
Content-Length: 5245
Connection: keep-alive
Last-Modified: Thu, 04 Feb 2021 08:11:09 GMT
ETag: "24efb94bcdfad61:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F8c5wXhtowkjHoC3vrgsskUiELideBEENPLQIH%2FrH9mhcS%2FM9psvns%2BJS%2BsSd%2F%2BjPmfTikOOAhBbABy3WelyIr%2BhZQgxw9y9qCnx%2BG9YPohSBN5%2BRld%2BJzRA69xKdg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754eb145fd06b4f1-OSL
alt-svc: h2=":443"; ma=60
iblplay.org/Assets/images/theme/RajaOLB388/progressiveJackpotBg.gif
200 OK 125 kB URL HTTP/1.1 iblplay.org/Assets/images/theme/RajaOLB388/progressiveJackpotBg.gif
IP
File type GIF image data, version 89a, 1000 x 150\012- data
Size 125 kB (124992 bytes)
Hash f8f90585d289d510b5ac08947968b32a
cbf5e84f41fd3114154561473f05be5a3b24b358
ea3aadfc572d07ca57cbf187de6f58cb372f827fcd65986f21154a85a3f60fbb
GET /Assets/images/theme/RajaOLB388/progressiveJackpotBg.gif HTTP/1.1
Host: iblplay.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iblplay.org/Assets/css/theme/RajaOLB388_v6.css
Cookie: ASP.NET_SessionId=poo3vuj4gb511zxvw13hxgza
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 14:43:54 GMT
Content-Type: image/gif
Content-Length: 124992
Connection: keep-alive
Last-Modified: Thu, 18 Mar 2021 21:40:26 GMT
ETag: "041b94e3f1cd71:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xSl0cURYT%2Bd2wTGPzB43huj681J20RVll9EKyWTaNt9Fz4G8XU%2B9HfJucYiS3bFotJ%2FCVvITHCWwRKMDBAwsfTPMuih6iLa4F%2FxBtPCtmq9mLNVb9ZkzOJm6Ank2%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754eb1409fecb500-OSL
alt-svc: h2=":443"; ma=60
iblplay.org/Assets/brand/togel/hrz/UnionPools.png?v1
200 OK 5.6 kB URL HTTP/1.1 iblplay.org/Assets/brand/togel/hrz/UnionPools.png?v1
IP
File type PNG image data, 160 x 72, 8-bit colormap, non-interlaced\012- data
Hash e8d7a040baf43526194ff989931bbfde
34c6ad5dbf0c0cec0846e3449e1fecfdb596e415
f29ab81281b0c08ceb839c38641b32bc78a71f77aa1584f07f6861c7076e7378
Analyzer Verdict Alert fortinet Phishing
GET /Assets/brand/togel/hrz/UnionPools.png?v1 HTTP/1.1
Host: iblplay.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iblplay.org/
Cookie: ASP.NET_SessionId=poo3vuj4gb511zxvw13hxgza
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 14:43:54 GMT
Content-Type: image/png
Content-Length: 5578
Connection: keep-alive
Last-Modified: Thu, 04 Feb 2021 08:11:14 GMT
ETag: "241d214ecdfad61:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ai6LdtsN%2Bc8w%2BJH7n13FoTuIhHMmVPUUhumd3qsdQYmATxO5RglvG%2B%2FzzDTkGHi%2BDZPH86iQgjYWRcgiyuk5hN%2BOAYdSrJTHwlzKmvjdpRB4m6q7r3HnlzIdVejbw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754eb1471ea6b524-OSL
alt-svc: h2=":443"; ma=60
iblplay.org/Assets/bank/white/bca.png?v=1
200 OK 2.2 kB URL HTTP/1.1 iblplay.org/Assets/bank/white/bca.png?v=1
IP
File type PNG image data, 69 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash a3b40457f0f1b4f4a67d82c01604a019
5c6ce31e3c747965d7dca0687c014383b5cc717f
d78525a5a75dac2ec088957fe0ed6ae8479089ff9d5626c2c331d46116fbfcc7
Analyzer Verdict Alert fortinet Phishing
GET /Assets/bank/white/bca.png?v=1 HTTP/1.1
Host: iblplay.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iblplay.org/
Cookie: ASP.NET_SessionId=poo3vuj4gb511zxvw13hxgza
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 14:43:54 GMT
Content-Type: image/png
Content-Length: 2177
Connection: keep-alive
Last-Modified: Thu, 20 Feb 2020 08:16:23 GMT
ETag: "64dfe89c6e7d51:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2553VggxmzSaFFldzL9F9nrrIfwjE%2BzYG8RjVwqRVMT8d600DERdWft9LWLMWVHBXywWzQ%2BCbQUqHGlwgmzpwngbjbYK1PTjQZsLEFXfpBVQHepR5An1X60JRJI1Xw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754eb14868e5b4f1-OSL
alt-svc: h2=":443"; ma=60
iblplay.org/Assets/brand/togel/hrz/TokyoPool.png?v1
200 OK 2.6 kB URL HTTP/1.1 iblplay.org/Assets/brand/togel/hrz/TokyoPool.png?v1
IP
File type PNG image data, 160 x 72, 8-bit colormap, non-interlaced\012- data
Hash 07e1fc3b15b7e1e50299b853bcdd3e57
5d4d3fef845728180f8b63d26fe9cb805daf3b9a
82840b4423df71821c2d2115fe541e79c31f47e59785cace2f19f8e16d5c4ade
Analyzer Verdict Alert fortinet Phishing
GET /Assets/brand/togel/hrz/TokyoPool.png?v1 HTTP/1.1
Host: iblplay.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iblplay.org/
Cookie: ASP.NET_SessionId=poo3vuj4gb511zxvw13hxgza
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 14:43:54 GMT
Content-Type: image/png
Content-Length: 2615
Connection: keep-alive
Last-Modified: Thu, 04 Feb 2021 08:11:14 GMT
ETag: "241d214ecdfad61:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VqQwQhhvqp7DD1P%2BLWmfsc5qCzXAvMfV62H9LOS%2B6hNZ2IDdgAD%2BfxM3H%2BK3fwhYOi%2Bs8v%2BJkD45%2F2QVCTO4Sv1iojt9DyNh33Tb5Jii0BHedPtl6SKnvO7eQjoaKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754eb1479f28b524-OSL
alt-svc: h2=":443"; ma=60
iblplay.org/Assets/brand/togel/hrz/HamburgPools.png?v1
200 OK 4.6 kB URL HTTP/1.1 iblplay.org/Assets/brand/togel/hrz/HamburgPools.png?v1
IP
File type PNG image data, 160 x 72, 8-bit colormap, non-interlaced\012- data
Hash 9176ba783e9fc18376ed090376dfe0d7
a31b80b3cd13e6f2cd7c799c97a697cbb0fc6ca7
329e344f51234dfcd30c574cc97229f625429ebf762170b3c0270a57376ebbec
Analyzer Verdict Alert fortinet Phishing
GET /Assets/brand/togel/hrz/HamburgPools.png?v1 HTTP/1.1
Host: iblplay.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iblplay.org/
Cookie: ASP.NET_SessionId=poo3vuj4gb511zxvw13hxgza
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 14:43:54 GMT
Content-Type: image/png
Content-Length: 4556
Connection: keep-alive
Last-Modified: Thu, 04 Feb 2021 08:11:02 GMT
ETag: "fe7c5447cdfad61:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oPRuX2l1qVWFpoynG6PYB%2BnXD%2F0HhC07WNT9VEu6vs2PnjUOUEBgJ7AymHqzVhsetOvKHJPq96%2FYDzTsXWLGuW3qq2Vxa%2FXL%2F1Ua57UpFzVr4qKActbuswEoy0SalA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754eb1479b3eb506-OSL
alt-svc: h2=":443"; ma=60
iblplay.org/Assets/bank/white/bni.png?v=1
200 OK 2.0 kB URL HTTP/1.1 iblplay.org/Assets/bank/white/bni.png?v=1
IP
File type PNG image data, 65 x 18, 8-bit/color RGBA, non-interlaced\012- data
Hash 2a27da5b74628a4f9fa99020075db478
c86088f71f6f78c9236f4eebc0830559da9ade21
b294fac2509283e51498f30cc9ad99427d3b2e14c6f61fd73c9fa30d44c23014
Analyzer Verdict Alert fortinet Phishing
GET /Assets/bank/white/bni.png?v=1 HTTP/1.1
Host: iblplay.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iblplay.org/
Cookie: ASP.NET_SessionId=poo3vuj4gb511zxvw13hxgza
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 14:43:54 GMT
Content-Type: image/png
Content-Length: 2024
Connection: keep-alive
Last-Modified: Thu, 20 Feb 2020 08:16:48 GMT
ETag: "a558d818c6e7d51:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8uG6XWcEU56GyilLGrixmNtmtoPrCY8aFFOejRCVZEK3uoBKBs5AeIBs%2Bq6TPdNLsODwZ3casStSULmR%2Fd7emGBYVCmraQQHpMwgmSS0XBLzuNvFtJ%2FEyOJnLuqObQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754eb1492d54b500-OSL
alt-svc: h2=":443"; ma=60
iblplay.org/Assets/bank/white/dana.png?v=1
200 OK 1.8 kB URL HTTP/1.1 iblplay.org/Assets/bank/white/dana.png?v=1
IP
File type PNG image data, 75 x 22, 8-bit/color RGBA, non-interlaced\012- data
Hash 112496acb5660a02ea36c9efa24e1885
43a9b5ca160b294d4858a60facc323fa61c7e168
8d8da9c0e5599ad406dfb521a79483b25c10eb4a5f507a2a1946fa0542337aa4
GET /Assets/bank/white/dana.png?v=1 HTTP/1.1
Host: iblplay.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iblplay.org/
Cookie: ASP.NET_SessionId=poo3vuj4gb511zxvw13hxgza
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 14:43:54 GMT
Content-Type: image/png
Content-Length: 1819
Connection: keep-alive
Last-Modified: Tue, 26 May 2020 14:12:37 GMT
ETag: "3ba448b56733d61:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KFzZ0URECwHk6JuVkz0kq6Pzr2CIBOrQedsrgrCKQII6rOOG0dlUxHZ6SBJqZq3gWRCdVxqqvCgdd3pcR%2BCREfkvOct%2FNJHRwV2AvdH4jSt2g5g%2BWC8bNSL5%2Bjt64w%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754eb149aaa5b4f1-OSL
alt-svc: h2=":443"; ma=60
iblplay.org/Assets/bank/white/mandiri.png?v=1
200 OK 1.6 kB URL HTTP/1.1 iblplay.org/Assets/bank/white/mandiri.png?v=1
IP
File type PNG image data, 45 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash f784c452f09131bfadf9825d6dcf4ba3
7217c46d1b4689428ba07571a4f85088aeee0d2a
a1b0ae99f8c7c9cbaf59741151d27c25d9c44717fc1c7ebfe08bad39f605bb77
GET /Assets/bank/white/mandiri.png?v=1 HTTP/1.1
Host: iblplay.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iblplay.org/
Cookie: ASP.NET_SessionId=poo3vuj4gb511zxvw13hxgza
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 14:43:54 GMT
Content-Type: image/png
Content-Length: 1591
Connection: keep-alive
Last-Modified: Sat, 21 Aug 2021 02:43:39 GMT
ETag: "7ec33593696d71:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4LdB5i4YecWIrAZEHFehLs5Fk0iRQxxcF1oNQli6X7CnvKEcwT6OyjY7bMeaNDEuCH623VBMtwVWuF2oHB6NHf15PSDxU2tz2X0q3EpbGu9BRVqIFflcA7OsfbxMNA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754eb14a1f4cb506-OSL
alt-svc: h2=":443"; ma=60
iblplay.org/Assets/bank/white/telkomsel.png?v=1
200 OK 2.2 kB URL HTTP/1.1 iblplay.org/Assets/bank/white/telkomsel.png?v=1
IP
File type PNG image data, 105 x 26, 8-bit/color RGBA, non-interlaced\012- data
Hash 0f2804e62edddd1991d4e66338903939
038ec2a914eb00bc4aa736a62d54678785bcec28
dec31fc5ef2bb2e06311afe4e1116b2547f4e5fc0115394b9eccd6c66dd38367
Analyzer Verdict Alert fortinet Phishing
GET /Assets/bank/white/telkomsel.png?v=1 HTTP/1.1
Host: iblplay.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iblplay.org/
Cookie: ASP.NET_SessionId=poo3vuj4gb511zxvw13hxgza
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 14:43:54 GMT
Content-Type: image/png
Content-Length: 2174
Connection: keep-alive
Last-Modified: Thu, 20 Feb 2020 08:18:40 GMT
ETag: "e359b35bc6e7d51:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cG2deVRYyWZpYAWjD3j4Mhi4LIvbaJUfAOMouF7eS0e%2BwbHcJkIv5S5z4bLZX4wlTC%2B7ljw29tI9qC7UXxGuBpIrsxwTXy3ZE6qP27%2BJmNriSwyL92jIT5cCsAMvAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754eb14a6f0db500-OSL
alt-svc: h2=":443"; ma=60
iblplay.org/Assets/bank/white/bri.png?v=1
200 OK 2.1 kB URL HTTP/1.1 iblplay.org/Assets/bank/white/bri.png?v=1
IP
File type PNG image data, 83 x 19, 8-bit/color RGBA, non-interlaced\012- data
Hash 3a014e85dc25ebb968cdb2579c5d5e8a
9d90f6bf95e900392466237ce4c6862dee670934
260ae110e7770bdbbbe1b4cabc2958c05b3bba36d96193dfc8e896608ca0b837
Analyzer Verdict Alert fortinet Phishing
GET /Assets/bank/white/bri.png?v=1 HTTP/1.1
Host: iblplay.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iblplay.org/
Cookie: ASP.NET_SessionId=poo3vuj4gb511zxvw13hxgza
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 14:43:54 GMT
Content-Type: image/png
Content-Length: 2122
Connection: keep-alive
Last-Modified: Thu, 20 Feb 2020 08:16:58 GMT
ETag: "9bd2c21ec6e7d51:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6vMQTh71lPddGKMZD5r2gO2g7oCN5ZJK%2B6zhPsoxoePCpaViaU41ubeAVX%2BceKMgwN%2Fc6UIUwb24Pg92KE%2FrzPZvY1eLjlq5y6cUHYuO9YqpAfbEwcyyY1Xsnw7z5g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754eb1499a47b524-OSL
alt-svc: h2=":443"; ma=60
iblplay.org/Assets/bank/white/danamon.png?v=1
200 OK 1.9 kB URL HTTP/1.1 iblplay.org/Assets/bank/white/danamon.png?v=1
IP
File type PNG image data, 81 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash 9de6e4fe7979e80a52814e5762de883a
8b33a94f63526d6ecfe1293e081f100e057a11fd
a9ea07532f7d2564114890ba775966a216d4aa8da6e51e2c7a386dd8b91c0372
GET /Assets/bank/white/danamon.png?v=1 HTTP/1.1
Host: iblplay.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iblplay.org/
Cookie: ASP.NET_SessionId=poo3vuj4gb511zxvw13hxgza
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 14:43:54 GMT
Content-Type: image/png
Content-Length: 1924
Connection: keep-alive
Last-Modified: Thu, 20 Feb 2020 08:17:37 GMT
ETag: "772e1b36c6e7d51:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7w9i2yINHEVKnpx6d9%2Bgq%2BxR5z284P4VseDlvVLqTHXJvLyS5xBbEUk9AN33k2JvodUQGyl3YmwZOrgat70GN%2FsDzfDOpdDZnGtCgHai1kKaQpfMR51FfeyxFXPn2g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754eb14a1b16b524-OSL
alt-svc: h2=":443"; ma=60
iblplay.org/Assets/banner/RajaLogo.png?V=1592591710
200 OK 84 kB URL HTTP/1.1 iblplay.org/Assets/banner/RajaLogo.png?V=1592591710
IP
File type PNG image data, 387 x 172, 8-bit/color RGBA, non-interlaced\012- data
Hash 89ef374b1fd2e91601271b45003b9b39
1e3e4ac8b3b13dc7b4e96725c16d0fb609d1ecea
d2cbbb3ca66de7cddb31bf0606aa8ae569e4abb4b94f3efb046298fab80c0534
GET /Assets/banner/RajaLogo.png?V=1592591710 HTTP/1.1
Host: iblplay.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iblplay.org/
Cookie: ASP.NET_SessionId=poo3vuj4gb511zxvw13hxgza
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 14:43:55 GMT
Content-Type: image/png
Content-Length: 83517
Connection: keep-alive
Last-Modified: Fri, 17 Apr 2020 20:33:04 GMT
ETag: "a1fc6c65f714d61:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iHIyVvUDDvB9FSQ%2FN%2F2ZOkr7kYoZZyj%2BRbkWCTsDnySUxL%2F2Z2%2FUCF7sOxSDu5a%2BzIZWHpfp5jTkX7k%2FHVeXMOvPYzP8eOkJzB4t1lPL%2FscGvFjwAlGgO4dWkly2Aw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754eb145d968b512-OSL
alt-svc: h2=":443"; ma=60
cdn.livechatinc.com/widget/static/media/new_message.34190d36.ogg
206 Partial Content 11 kB URL HTTP/2 cdn.livechatinc.com/widget/static/media/new_message.34190d36.ogg
IP
ASN #20940 Akamai International B.V.
File type Ogg data, Vorbis audio, stereo, 44100 Hz, ~112000 bps\012- data
Hash a37211a6cfcda45352d5abcff1e446bb
5f46f941ea3247a17e35be65dcd38583c7ecbfb6
1d0bdbe8013ddd58bf31229ea12bd42dfe6bf4cb022cc65d519a45a13c403b5d
GET /widget/static/media/new_message.34190d36.ogg HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://iblplay.org/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 206 Partial Content
content-type: application/octet-stream
last-modified: Tue, 07 Jun 2022 10:31:15 GMT
x-amz-version-id: 0eCQ7JzXZ_yjxrlSX_vlQead.GgqRhbb
accept-ranges: bytes
server: AmazonS3
etag: "a37211a6cfcda45352d5abcff1e446bb"
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: Jl-kA9f70ZstJ4iycPT9C0iokBLbhTz1Y4Rh3_BJ2ixGlD1N4r6mMA==
cache-control: max-age=31536000
expires: Wed, 04 Oct 2023 14:43:55 GMT
date: Tue, 04 Oct 2022 14:43:55 GMT
content-range: bytes 0-11403/11404
content-length: 11404
access-control-allow-origin: *
X-Firefox-Spdy: h2
iblplay.org/Assets/banner/CAROUSEL-SPORTBOOK.png?V=1592369212
200 OK 109 kB URL HTTP/1.1 iblplay.org/Assets/banner/CAROUSEL-SPORTBOOK.png?V=1592369212
IP
File type PNG image data, 240 x 332, 8-bit/color RGBA, non-interlaced\012- data
Size 109 kB (109240 bytes)
Hash 7f6851d564b085ae33d966494ad4c89f
3807e70ab3a148899d37af31806de2ad071c62c8
8e9612a376b222e9d83d9f7b362a53923c854dd9aeb82e790d0cbe9bd4d9d12b
Analyzer Verdict Alert fortinet Phishing
GET /Assets/banner/CAROUSEL-SPORTBOOK.png?V=1592369212 HTTP/1.1
Host: iblplay.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iblplay.org/
Cookie: ASP.NET_SessionId=poo3vuj4gb511zxvw13hxgza
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 14:43:55 GMT
Content-Type: image/png
Content-Length: 109240
Connection: keep-alive
Last-Modified: Wed, 17 Jun 2020 04:46:51 GMT
ETag: "f6a0fb506244d61:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fIVUQUeOfInihHYVM36jGYmwLNk2TJnXYKk6nYTBH5sQghK02AYrRJMvDH4%2FfkBj778oEhUX%2BRtCq5i1YUG0leBQaz%2FP1iix03B%2FYUcFswmZ8Kk1034ctsbrDiCabA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754eb14c1dd0b524-OSL
alt-svc: h2=":443"; ma=60
cdn.livechatinc.com/widget/static/js/3.cd7b604a.chunk.js
200 OK 16 kB URL HTTP/2 cdn.livechatinc.com/widget/static/js/3.cd7b604a.chunk.js
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (52942), with no line terminators
Hash e24266f83c5adbf65e8b7a85dff05d15
76ed38b9f746b4842b69e5b2bbf2d5263b3d5646
c8e6b0b67074192d2f77665b13da1bfceb1e14288dc0dfb6dcabd6de07cd261d
GET /widget/static/js/3.cd7b604a.chunk.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 07 Sep 2022 12:23:45 GMT
x-amz-version-id: ACT31q3AFQmsPoAT7EH9L9FCtxN19Gpa
server: AmazonS3
content-encoding: br
etag: W/"3704797e47db934eb80141667edbbf42"
vary: Accept-Encoding
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: nCwDjtP1jjh00BgZo-UEVlgnfbE_B_lpbvccVPSbNrz5C_F9ShZusg==
content-length: 16332
cache-control: max-age=31536000
expires: Wed, 04 Oct 2023 14:43:55 GMT
date: Tue, 04 Oct 2022 14:43:55 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
X-Firefox-Spdy: h2
cdn.livechatinc.com/widget/static/js/main-view.4cdba5e4.chunk.js
200 OK 43 kB URL HTTP/2 cdn.livechatinc.com/widget/static/js/main-view.4cdba5e4.chunk.js
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 420e5ac08946519e4a2fb25756969020
1871f6b37adeaea8433d0709c286cdeece881452
9f2e03d813d3cda5d4f1a487cf4635b332d226ceebaf14d6b934e49f98a4ff0c
GET /widget/static/js/main-view.4cdba5e4.chunk.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 03 Oct 2022 08:52:46 GMT
x-amz-version-id: XYfMwZQt.svuQQHkjBDGUyAyGMg1eHsn
server: AmazonS3
content-encoding: br
etag: W/"7e42eefdfe2c3f01ae3a9f33f33042b1"
vary: Accept-Encoding
x-amz-cf-pop: AMS54-C1
x-amz-cf-id: LFlZHa8dBvOyvmb9RdDoKmEIh6L5IWTNxWGnRk-f6W5FQmLJu0LqxQ==
content-length: 42594
cache-control: max-age=31536000
expires: Wed, 04 Oct 2023 14:43:55 GMT
date: Tue, 04 Oct 2022 14:43:55 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
X-Firefox-Spdy: h2
iblplay.org/Assets/banner/CAROUSEL-LO.png?V=1592382018
200 OK 112 kB URL HTTP/1.1 iblplay.org/Assets/banner/CAROUSEL-LO.png?V=1592382018
IP
File type PNG image data, 240 x 332, 8-bit/color RGBA, non-interlaced\012- data
Size 112 kB (112145 bytes)
Hash 3e06fdd9749d8577e517f3675224540a
28bf8375105bc5b016855d58f28ea4c9db3b7312
9b752e8f287b63af679585feb4b8367a9240f21fc08ee38f65474d42c57d9126
GET /Assets/banner/CAROUSEL-LO.png?V=1592382018 HTTP/1.1
Host: iblplay.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iblplay.org/
Cookie: ASP.NET_SessionId=poo3vuj4gb511zxvw13hxgza
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 14:43:55 GMT
Content-Type: image/png
Content-Length: 112145
Connection: keep-alive
Last-Modified: Wed, 17 Jun 2020 07:55:01 GMT
ETag: "17b5649a7c44d61:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DCpCcmWI8BBaGsmu%2FxcsTL%2BNAgTqIkXQfoZYNGhjvB2r2WiqAIEz%2BAyr7xBPQrlKb0RkAScVWq6qrUEczqiimIg7LRMG7OJQ7bNOA6N0ssf5C1XHM02WG6Z%2FjYo4bQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754eb14b591bb506-OSL
alt-svc: h2=":443"; ma=60
cdn.livechatinc.com/cloud/?uri=https%3A%2F%2Flivechat.s3.amazonaws.com%2F10529112%2Favatars%2F1919c875150d7079c0907602f6553541.png
200 OK 36 kB URL HTTP/2 cdn.livechatinc.com/cloud/?uri=https%3A%2F%2Flivechat.s3.amazonaws.com%2F10529112%2Favatars%2F1919c875150d7079c0907602f6553541.png
IP
ASN #20940 Akamai International B.V.
File type PNG image data, 257 x 257, 8-bit colormap, non-interlaced\012- data
Hash ea492dda3e8d32fa877aed33cafca805
27abc5086940f8c426ffc6d5b728fb1f125f75fc
08cde809dd072532d46f44ece77a024509e8d9daef271896063f7b86c1094dce
GET /cloud/?uri=https%3A%2F%2Flivechat.s3.amazonaws.com%2F10529112%2Favatars%2F1919c875150d7079c0907602f6553541.png HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: AmazonS3
x-amz-id-2: K+Q8Dw7xXj60PhlUK3ok+k1M+Tg86ZrDsEcgK2QTXTwDfnnSJ999hQWWU8Pc9vddIeLa67Zj498=
x-amz-request-id: SPT8GJBET87209XW
x-amz-version-id: YpPuD5SMVeuJbuv71ub2loBbeNkp3sun
accept-ranges: bytes
last-modified: Sun, 30 Jun 2019 15:38:46 GMT
etag: "ea492dda3e8d32fa877aed33cafca805"
content-length: 36480
access-control-allow-origin: *
content-type: image/png
cache-control: public, max-age=61968980
expires: Fri, 20 Sep 2024 20:20:15 GMT
date: Tue, 04 Oct 2022 14:43:55 GMT
X-Firefox-Spdy: h2
cdn.livechat-files.com/api/file/lc/main/default/logo/c4bf6633aa89a76af7461279581d8bdb.png
200 OK 5.5 kB URL HTTP/2 cdn.livechat-files.com/api/file/lc/main/default/logo/c4bf6633aa89a76af7461279581d8bdb.png
IP
ASN #20940 Akamai International B.V.
File type PNG image data, 192 x 104, 8-bit/color RGBA, non-interlaced\012- data
Hash eadfb0adf70579a2ca4bf62b18f88972
90aefb9c4eff448f08d9b56fb4fd4b913c911300
5979d0e93f704debf66c618be604a6f0c7533c1fd643df1db682705c9569eb59
GET /api/file/lc/main/default/logo/c4bf6633aa89a76af7461279581d8bdb.png HTTP/1.1
Host: cdn.livechat-files.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 5512
content-type: image/png
cache-control: private, max-age=23582
date: Tue, 04 Oct 2022 14:43:56 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
iblplay.org/Assets/banner/CAROUSEL-CASINO.png?V=1592374244
200 OK 92 kB URL HTTP/1.1 iblplay.org/Assets/banner/CAROUSEL-CASINO.png?V=1592374244
IP
File type PNG image data, 240 x 332, 8-bit/color RGBA, non-interlaced\012- data
Hash 0d4b33db7ba4ccc2ae73bb044ef81d5c
6e23746305f082e622e0ce11c308c7d66f996de9
359598cb2f116ba430be41878a57ec8896842f2e733bae673d22c1cc99b0c84d
Analyzer Verdict Alert fortinet Phishing
GET /Assets/banner/CAROUSEL-CASINO.png?V=1592374244 HTTP/1.1
Host: iblplay.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iblplay.org/
Cookie: ASP.NET_SessionId=poo3vuj4gb511zxvw13hxgza
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 14:43:55 GMT
Content-Type: image/png
Content-Length: 91807
Connection: keep-alive
Last-Modified: Wed, 17 Jun 2020 06:10:43 GMT
ETag: "d55b7086e44d61:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vwnV6mkgOJRXLIZTPXwMaw8xbzCki%2BCsfX1wrvwHX5hF5JBvSHStHPqBXVUHr%2FlKPUFOEiqeb5pwG%2FEc3ZzxOXlNTEvSkbtEI4SnozAgie1Vm4JmJxzXim4LHrdPcg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754eb14c8e85b524-OSL
alt-svc: h2=":443"; ma=60
iblplay.org/Assets/banner/CAROUSEL-SLOT.png?V=1592306249
200 OK 134 kB URL HTTP/1.1 iblplay.org/Assets/banner/CAROUSEL-SLOT.png?V=1592306249
IP
File type PNG image data, 240 x 332, 8-bit/color RGBA, non-interlaced\012- data
Size 134 kB (133650 bytes)
Hash f6a7da42aa246356bcaa5314a47c6f81
dad5b987a00fc0f35e95e213309efe251ac1eca3
85c73547ed4df363dbd6bcafdba1cecb331f7dc22cd69049b7d3d957b473c747
Analyzer Verdict Alert fortinet Phishing
GET /Assets/banner/CAROUSEL-SLOT.png?V=1592306249 HTTP/1.1
Host: iblplay.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iblplay.org/
Cookie: ASP.NET_SessionId=poo3vuj4gb511zxvw13hxgza
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 14:43:55 GMT
Content-Type: image/png
Content-Length: 133650
Connection: keep-alive
Last-Modified: Tue, 16 Jun 2020 11:17:28 GMT
ETag: "d09d80b8cf43d61:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RFS%2FmUxucsxG9nGjniDz5z5SmIEKzBH0NEaVsTt1iEmzM6qlfKO2yB9hP3g1fgF3GyamP%2BCHd%2FMPqhZRw9WerNunyUKSX1KLNC%2FKYJkflt7lmJdXrUCLzipQI6hdBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754eb14bb8ddb500-OSL
alt-svc: h2=":443"; ma=60
iblplay.org/Assets/images/btnclose.png?v=1
200 OK 6.4 kB URL HTTP/1.1 iblplay.org/Assets/images/btnclose.png?v=1
IP
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash a6348ae91b3a712a49914adea2d6883b
112e23565926c1c98a34a53f26f6300fa8903f3d
86701be5f4e1043bde4b8f54c2996f17380189f67d54a64c2ac87103641fb144
GET /Assets/images/btnclose.png?v=1 HTTP/1.1
Host: iblplay.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iblplay.org/
Cookie: ASP.NET_SessionId=poo3vuj4gb511zxvw13hxgza
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 14:43:56 GMT
Content-Type: image/png
Content-Length: 6377
Connection: keep-alive
Last-Modified: Wed, 24 Aug 2016 06:46:48 GMT
ETag: "07c4a49d3fdd11:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5PHyqqiwEIPBCEqj1pm9itzHxBBIajFRUtLaTpxn%2FAcvmrUhCRwPw%2Fbiz0I59PcS%2BQoyGnsA0zzMrpq3Xu9SOzHbYShfFegnnJkdU817G0pfpmFcEa8l%2B1leuPTWzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754eb1543de9b500-OSL
alt-svc: h2=":443"; ma=60
iblplay.org/Assets/banner/CAROUSEL-ARCADE.png?V=1592379623
200 OK 136 kB URL HTTP/1.1 iblplay.org/Assets/banner/CAROUSEL-ARCADE.png?V=1592379623
IP
File type PNG image data, 240 x 332, 8-bit/color RGBA, non-interlaced\012- data
Size 136 kB (136517 bytes)
Hash 9b7d931140458769df2b259f1feebe44
f7376a51801599b6ca8f395a60445d802e3be539
2ccc6982373bfddf8ee3c5675063d7ee9211a07251ba18df55cb06d063517e73
Analyzer Verdict Alert fortinet Phishing
GET /Assets/banner/CAROUSEL-ARCADE.png?V=1592379623 HTTP/1.1
Host: iblplay.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iblplay.org/
Cookie: ASP.NET_SessionId=poo3vuj4gb511zxvw13hxgza
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 14:43:56 GMT
Content-Type: image/png
Content-Length: 136517
Connection: keep-alive
Last-Modified: Wed, 17 Jun 2020 07:40:21 GMT
ETag: "11fa4b8e7a44d61:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7bkhQr%2BS9TYSOSH0eATLnRBWmceoOFjrYH5uR4Xv%2BBZrXaROMP0bGV4qQc60DOWP0t0DqqFfpigB3lYYn3G4et1ZZ%2Bf8W2h%2BC1ksyKXbjWON%2BpUjOKpm%2BpUBagbJhA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754eb14d2ab5b512-OSL
alt-svc: h2=":443"; ma=60
iblplay.org/Assets/banner/IND/bonus20-rajaolb388_20221419061419.jpg?V=1652422464
200 OK 453 kB URL HTTP/1.1 iblplay.org/Assets/banner/IND/bonus20-rajaolb388_20221419061419.jpg?V=1652422464
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=6, xresolution=86, yresolution=94, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2022-05-12T15:21:08+07:00], baseline, precision 8, 1000x400, components 3\012- data
Size 453 kB (452837 bytes)
Hash 4fb404fa12476f94bf2bbe2fee2ea348
b3a43d5d8724c13b27a109847612b46e55915fd0
49a543ce32fac436c3a0a97f993d6e43656a078762e9a68eb5b79d46e38b3477
Analyzer Verdict Alert fortinet Phishing
GET /Assets/banner/IND/bonus20-rajaolb388_20221419061419.jpg?V=1652422464 HTTP/1.1
Host: iblplay.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iblplay.org/
Cookie: ASP.NET_SessionId=poo3vuj4gb511zxvw13hxgza
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 14:43:55 GMT
Content-Type: image/jpeg
Content-Length: 452837
Connection: keep-alive
Last-Modified: Fri, 13 May 2022 06:14:19 GMT
ETag: "48c390ae9066d81:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L%2FW2gRmgUG%2Fbk1b5HuiJowW9Kckxv%2F5ieK7tiBtuXYXApyhJIAxM2dQCDGmSLs8a8MsHq0EJwkMzTTGP%2FHVebXaeslonKzUmholIN7MNUdP0TeIzuVHlG7YCd4hj8A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754eb14afc32b4f1-OSL
alt-svc: h2=":443"; ma=60
iblplay.org/Assets/banner/CAROUSEL-DINGDONG.png?V=1592397346
200 OK 94 kB URL HTTP/1.1 iblplay.org/Assets/banner/CAROUSEL-DINGDONG.png?V=1592397346
IP
File type PNG image data, 240 x 332, 8-bit/color RGBA, non-interlaced\012- data
Hash c0f13884396879e039ee190a806b220f
84d1c39b6b12195f61e1ef7d78d8311263b165e1
ad650337d6f9dc453f920617e4bbb26077477909de425424055fc4dd9e1e4c7f
GET /Assets/banner/CAROUSEL-DINGDONG.png?V=1592397346 HTTP/1.1
Host: iblplay.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iblplay.org/
Cookie: ASP.NET_SessionId=poo3vuj4gb511zxvw13hxgza
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 14:43:56 GMT
Content-Type: image/png
Content-Length: 94432
Connection: keep-alive
Last-Modified: Wed, 17 Jun 2020 12:35:45 GMT
ETag: "b787fd2a344d61:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VQUaIisRCPDEcGJaQDtsEPRFxxtP3viTdeaAxO41g4X8qbjqeIzzRKAtauRGpBLtugn%2FFIgWTYjzKpXGQE5FPrMKKHHKnnZQVSh3HGnAAQ0C2ZOkuX1nmmeVJksinw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754eb1510d35b524-OSL
alt-svc: h2=":443"; ma=60
iblplay.org/Assets/banner/CAROUSEL-TANGKAS.png?V=1592382054
200 OK 85 kB URL HTTP/1.1 iblplay.org/Assets/banner/CAROUSEL-TANGKAS.png?V=1592382054
IP
File type PNG image data, 240 x 332, 8-bit/color RGBA, non-interlaced\012- data
Hash 1cbba42a2f69250f23ecec2702bc90b8
e229cb5972a459424ee437267b6a8fb3cf8d33ee
ecd2226f55cba3545e166fe81bf59c276e07e8cf78375f759c2eb3f1dabf7336
Analyzer Verdict Alert fortinet Phishing
GET /Assets/banner/CAROUSEL-TANGKAS.png?V=1592382054 HTTP/1.1
Host: iblplay.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iblplay.org/
Cookie: ASP.NET_SessionId=poo3vuj4gb511zxvw13hxgza
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 14:43:56 GMT
Content-Type: image/png
Content-Length: 85369
Connection: keep-alive
Last-Modified: Wed, 17 Jun 2020 08:20:53 GMT
ETag: "143ebf378044d61:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BHRJYmos8%2Bx0AmslH%2F0pyEFVtx66DllUGrd544oTA1EzrpWgyEfuUCa9sTqhA5rAM%2F%2BlyhMgHMxYr8q8AVfk40zM8Fgp8d50OmmXek8XWKzrOV4tO7n6EkgTeGQsCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754eb152abd3b506-OSL
alt-svc: h2=":443"; ma=60
iblplay.org/Assets/banner/IND/SUZY-DEPO-PULSA_20213045053045.jpg?V=1633502412
200 OK 278 kB URL HTTP/1.1 iblplay.org/Assets/banner/IND/SUZY-DEPO-PULSA_20213045053045.jpg?V=1633502412
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=3, software=Adobe Photoshop CS6 (Windows), datetime=2021-09-18T12:28:57+07:00], baseline, precision 8, 566x566, components 3\012- data
Size 278 kB (278489 bytes)
Hash f99156baec73176f348a0b63af25f201
62b0a84efd0fe152421e339e4876b68906aadcb2
dff169c07058d11bdd2a0af41953ccfd72e263f97d0f4eca23ad9804ab11dde8
Analyzer Verdict Alert fortinet Phishing
GET /Assets/banner/IND/SUZY-DEPO-PULSA_20213045053045.jpg?V=1633502412 HTTP/1.1
Host: iblplay.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iblplay.org/
Cookie: ASP.NET_SessionId=poo3vuj4gb511zxvw13hxgza
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 14:43:56 GMT
Content-Type: image/jpeg
Content-Length: 278489
Connection: keep-alive
Last-Modified: Sat, 18 Sep 2021 05:30:50 GMT
ETag: "cc7fb9574eacd71:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gG3n5KFWtI0w36KEwHFsTYvWbkKF1GJaa4RE9q9%2Fh3pFtmiPsVbCHOxfx7mSpiGy%2FD%2BVJ4Dspj9hcniwkV13SPHAJ%2FWDMKGo3dUF7pgBeFC7Ar2myZaPEXAX0QSoHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754eb1558851b500-OSL
alt-svc: h2=":443"; ma=60
iblplay.org/Assets/banner/IND/double-bonus-slot-rajaolb388_20221610061610.jpg?V=1652422609
200 OK 422 kB URL HTTP/1.1 iblplay.org/Assets/banner/IND/double-bonus-slot-rajaolb388_20221610061610.jpg?V=1652422609
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=6, xresolution=86, yresolution=94, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2022-05-12T17:36:34+07:00], baseline, precision 8, 1000x400, components 3\012- data
Size 422 kB (421487 bytes)
Hash 70eeedafab159828d0be9cf97a2ae552
3f97940b51ba68c0f70d8b45bd9acfc63db1d218
1c5a1c9e5b0bfa533e19fd256f1b2f7a9340d77be48842ab438b795677b701d9
GET /Assets/banner/IND/double-bonus-slot-rajaolb388_20221610061610.jpg?V=1652422609 HTTP/1.1
Host: iblplay.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iblplay.org/
Cookie: ASP.NET_SessionId=poo3vuj4gb511zxvw13hxgza
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 14:43:56 GMT
Content-Type: image/jpeg
Content-Length: 421487
Connection: keep-alive
Last-Modified: Fri, 13 May 2022 06:16:44 GMT
ETag: "3378fd49166d81:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B9UypVWFMPnU26W%2BbEbtexmUTBQc%2FdPOCKOTJcj1xDm5%2BFH2IVX8zKYglRIBNol7TLEQFLQrviPe65Ie8ETDqWV8DuG0BILwaH8qw2x6pC1kcUSQsHZ3gTAOFhBzcA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754eb155beddb512-OSL
alt-svc: h2=":443"; ma=60
iblplay.org/assets/menuicon/white/home.svg?v=1
200 OK 530 B URL HTTP/1.1 iblplay.org/assets/menuicon/white/home.svg?v=1
IP
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1231), with no line terminators
Hash cf326be72b90537cf646c76a734b459f
2e3a29172491c8a7c7cf2532115284f7290525df
e30b581796b80e5d94bd8a3335c49a7f98417725f64714883827dde0f10b2ac7
Analyzer Verdict Alert fortinet Phishing
GET /assets/menuicon/white/home.svg?v=1 HTTP/1.1
Host: iblplay.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iblplay.org/
Cookie: ASP.NET_SessionId=poo3vuj4gb511zxvw13hxgza
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 14:43:57 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 22 Jun 2022 06:02:21 GMT
ETag: W/"c5f231a3fd85d81:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=STYGtkb1APxnJFF6kyDS0yUAKX7A%2BxJW77kpCSAhuMzkqYlB%2FgV0lkSQELTD2xDrMFyZu%2F4POqoHkprTYQ7r1VXo9IqxPGVc0Nw%2Fc8PRwyLccFK2TnK%2FtN1iOaZTSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754eb158bd3fb506-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
iblplay.org/Assets/banner/CAROUSEL-SABUNGAYAM.png?V=1592399706
200 OK 127 kB URL HTTP/1.1 iblplay.org/Assets/banner/CAROUSEL-SABUNGAYAM.png?V=1592399706
IP
File type PNG image data, 240 x 332, 8-bit/color RGBA, non-interlaced\012- data
Size 127 kB (127083 bytes)
Hash fc99017c9c620d4c5d301365e5503719
3ced62c82c5a8463e33b8340b78b2c36b6472491
3baf8bba658ba42dd94e445d1e7832852b404b005f737d2c9bb739be3a9e1890
Analyzer Verdict Alert fortinet Phishing
GET /Assets/banner/CAROUSEL-SABUNGAYAM.png?V=1592399706 HTTP/1.1
Host: iblplay.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iblplay.org/
Cookie: ASP.NET_SessionId=poo3vuj4gb511zxvw13hxgza
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 14:43:57 GMT
Content-Type: image/png
Content-Length: 127083
Connection: keep-alive
Last-Modified: Wed, 17 Jun 2020 13:12:56 GMT
ETag: "f8a844a944d61:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nBDNQAVJcNS6P%2Ff5YB78VP00iOT9g2Kyfa4DGBNnpQnBa3lJwDTAHuLU0ksAq3fw6Lf1mLC6PLzbrsbkZt%2FrB%2FXLGSX%2FjuSpwFTXlCtegn%2B4TP4632c8GkCwJ8kLbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754eb153d9ddb524-OSL
alt-svc: h2=":443"; ma=60
iblplay.org/Assets/brand/game/2/Color_gold_ID.png?v=1
200 OK 3.4 kB URL HTTP/1.1 iblplay.org/Assets/brand/game/2/Color_gold_ID.png?v=1
IP
File type PNG image data, 200 x 110, 8-bit colormap, non-interlaced\012- data
Hash 51cb3de47cbf065eb8a1918d0676c7f9
1046091885e8a43ca48b36800f67f83ba2d7f219
f71a4df4ebbd15c75bffdf890e5755458314cbe4f3506f053ab3f1837e42cb80
Analyzer Verdict Alert fortinet Phishing
GET /Assets/brand/game/2/Color_gold_ID.png?v=1 HTTP/1.1
Host: iblplay.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iblplay.org/
Cookie: ASP.NET_SessionId=poo3vuj4gb511zxvw13hxgza
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 14:43:57 GMT
Content-Type: image/png
Content-Length: 3369
Connection: keep-alive
Last-Modified: Thu, 30 Jun 2022 14:27:18 GMT
ETag: "0e767808d8cd81:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZMJqeTZ7IqZvk2eQflkc5vrT8JcfeqHf%2B%2B9WR4tAYq%2Fo471ZT%2Fber8wf7%2FJgxAgwR0JoGIEN0nIk9SayjK%2FF4Y4XsPd1kp%2B5z32gxwTXGK7d1%2FegwhaOv%2Fdx3bPHGg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754eb15b3871b506-OSL
alt-svc: h2=":443"; ma=60
iblplay.org/Assets/banner/IND/Joker_MoneyMeteor_20224017024017.jpg?V=1657766493
200 OK 160 kB URL HTTP/1.1 iblplay.org/Assets/banner/IND/Joker_MoneyMeteor_20224017024017.jpg?V=1657766493
IP
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 0x0, segment length 16, baseline, precision 8, 1000x400, components 3\012- data
Size 160 kB (160073 bytes)
Hash 584608ff0216b2540d607aace5d3b3f6
7c6bdae3ff487ea66c19a4b762675a88fc004a00
9ea5438dd85676acf7c798c971d629b9a45d26bee904a5e5d88c6a9691c415b0
Analyzer Verdict Alert fortinet Phishing
GET /Assets/banner/IND/Joker_MoneyMeteor_20224017024017.jpg?V=1657766493 HTTP/1.1
Host: iblplay.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iblplay.org/
Cookie: ASP.NET_SessionId=poo3vuj4gb511zxvw13hxgza
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 14:43:58 GMT
Content-Type: image/jpeg
Content-Length: 160073
Connection: keep-alive
Last-Modified: Thu, 14 Jul 2022 02:41:28 GMT
ETag: "f9f919382b97d81:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lS0NWkHt8egaB0Z7TRuDyMWTm9QLfcOcN%2B5YIqYHqStWQYBG%2FsrYevt%2BmBjg1N0zglG1cx0V9tSlkZzwoZkCrzP39zpA4LQexaXW1yKSXiywksHLDw5aLWzF0EDmog%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754eb15dbc1db506-OSL
alt-svc: h2=":443"; ma=60
iblplay.org/Assets/banner/IND/RAJA-KUTA_20213512063512.jpg?V=1633502122
200 OK 244 kB URL HTTP/1.1 iblplay.org/Assets/banner/IND/RAJA-KUTA_20213512063512.jpg?V=1633502122
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=3, software=Adobe Photoshop CS6 (Windows), datetime=2021-10-06T13:31:24+07:00], baseline, precision 8, 566x566, components 3\012- data
Size 244 kB (243653 bytes)
Hash 2093b3e83184703451de3557eefc2f0d
1993580146846b0d275f146c1a9b4c3862d78a84
6aa6fab51bb841b8245b9866689326c541740f4ae5af8ea4588688674886b2b7
Analyzer Verdict Alert fortinet Phishing
GET /Assets/banner/IND/RAJA-KUTA_20213512063512.jpg?V=1633502122 HTTP/1.1
Host: iblplay.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iblplay.org/
Cookie: ASP.NET_SessionId=poo3vuj4gb511zxvw13hxgza
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 14:43:57 GMT
Content-Type: image/jpeg
Content-Length: 243653
Connection: keep-alive
Last-Modified: Wed, 06 Oct 2021 06:35:18 GMT
ETag: "75c28d547cbad71:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i4Tuoa6e8m86LaCfRcew6XDGUfp3Uv5plWku7ug5iADJ8I7JytSA%2BHd17tDf2R8NLhdRZPkpj%2BYiJjkjNF3NFv77hJJvbROXQwuom2OTP8tSvf0om8UefuGcBxjjmA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754eb1572f31b4f1-OSL
alt-svc: h2=":443"; ma=60
iblplay.org/Assets/banner/IND/double-bonus-casino-rajaolb388_20221733061733.jpg?V=1652422657
200 OK 412 kB URL HTTP/1.1 iblplay.org/Assets/banner/IND/double-bonus-casino-rajaolb388_20221733061733.jpg?V=1652422657
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, baseline, precision 8, 1000x400, components 3\012- data
Size 412 kB (412411 bytes)
Hash bc1892236b967fe2ceae2f482f81a3db
33f60379087de3c346629ae0443001a35297e87b
b0143c665fe0fc41dbc789e3eafee445cecc44dc732c578948705c5023784266
Analyzer Verdict Alert fortinet Phishing
GET /Assets/banner/IND/double-bonus-casino-rajaolb388_20221733061733.jpg?V=1652422657 HTTP/1.1
Host: iblplay.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iblplay.org/
Cookie: ASP.NET_SessionId=poo3vuj4gb511zxvw13hxgza
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 14:43:57 GMT
Content-Type: image/jpeg
Content-Length: 412411
Connection: keep-alive
Last-Modified: Fri, 13 May 2022 06:17:31 GMT
ETag: "d0b326219166d81:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=An629dFv8PvRG4kS%2F7p1sQAPy0Krn%2BNP4%2FvaNJml1NTLFyZlt%2BMu1qGfDulobYL5rMOR1X91Pnp%2Fb%2FsHbH5hspR42%2Fle6VtiUI6SV91hWYGZQdozoKB5F%2F%2Fi10Wphw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754eb1573f19b524-OSL
alt-svc: h2=":443"; ma=60
iblplay.org/Assets/banner/IND/double-bonus-sport-rajaolb388_20222125062125.jpg?V=1652422890
200 OK 410 kB URL HTTP/1.1 iblplay.org/Assets/banner/IND/double-bonus-sport-rajaolb388_20222125062125.jpg?V=1652422890
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, baseline, precision 8, 1000x400, components 3\012- data
Size 410 kB (410029 bytes)
Hash 2dca82bf359788310190e1e8105bd300
fcebd33c54f8a8c14f4b85c702f2bbd5c2d29eff
5998a1aa38aa5ea84f43c4afd09b3ae1e6220d25ae48f43b209e19786d74402d
Analyzer Verdict Alert fortinet Phishing
GET /Assets/banner/IND/double-bonus-sport-rajaolb388_20222125062125.jpg?V=1652422890 HTTP/1.1
Host: iblplay.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iblplay.org/
Cookie: ASP.NET_SessionId=poo3vuj4gb511zxvw13hxgza
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 14:43:58 GMT
Content-Type: image/jpeg
Content-Length: 410029
Connection: keep-alive
Last-Modified: Fri, 13 May 2022 06:21:25 GMT
ETag: "7ea633ac9166d81:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w%2FRsX8jFC9Qb%2BNNPRTf627vJ3hlC5GFpM1z8d%2B%2F3x56PUjfEmcLRJ7WiznM36p2pWV0AzM9ja6VfpwlBdhndrbGNSys07kBbhJLgehI22mhiFNsaFd0bhjhfBjInxA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754eb15a7f60b500-OSL
alt-svc: h2=":443"; ma=60
iblplay.org/Assets/banner/IND/TOGELL_20214007114007.jpg?V=1630842014
200 OK 340 kB URL HTTP/1.1 iblplay.org/Assets/banner/IND/TOGELL_20214007114007.jpg?V=1630842014
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=3, software=Adobe Photoshop CS6 (Windows), datetime=2021-09-05T18:37:45+07:00], baseline, precision 8, 1000x400, components 3\012- data
Size 340 kB (340495 bytes)
Hash fd527a199cfc4f999fa77dbc1058860a
bf22aab75345d698d863b485672053036869ab1f
2b3033dc5d6befe2ce2ee09ca2fd191e296a50a48551d30415bc4cea92a7b9ee
Analyzer Verdict Alert fortinet Phishing
GET /Assets/banner/IND/TOGELL_20214007114007.jpg?V=1630842014 HTTP/1.1
Host: iblplay.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iblplay.org/
Cookie: ASP.NET_SessionId=poo3vuj4gb511zxvw13hxgza
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 14:43:58 GMT
Content-Type: image/jpeg
Content-Length: 340495
Connection: keep-alive
Last-Modified: Sun, 05 Sep 2021 11:40:13 GMT
ETag: "1b3d6eca4aa2d71:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yOJmOHuKEbRxB9hRKzcc46dauLFtLmyne9h6bD1xete8U1Tv6ONAyQq4%2FxpTFOWt3xG%2B3AxtHlMxcp37LIlXsK%2B7thshWbDN0uo63ae44MpvkMBbe3slRFRjAHvNvw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754eb160ed65b4f1-OSL
alt-svc: h2=":443"; ma=60
iblplay.org/assets/menuicon/white/android.svg?v=1
200 OK 467 B URL HTTP/1.1 iblplay.org/assets/menuicon/white/android.svg?v=1
IP
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (941), with no line terminators
Hash df9bda617bc32e09535f4d0b89a7d848
b7f6f5b3c3a81387948b9c9b2701733d1a5c025e
25c7f3e3152ff1656d8470b6e10e82f63a86a7c10f1ac51283df63f2911dd4df
Analyzer Verdict Alert fortinet Phishing
GET /assets/menuicon/white/android.svg?v=1 HTTP/1.1
Host: iblplay.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iblplay.org/
Cookie: ASP.NET_SessionId=poo3vuj4gb511zxvw13hxgza
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 14:43:59 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 22 Jun 2022 06:03:51 GMT
ETag: W/"52b5d1d8fd85d81:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8aHQKBlwWsLUKuU2TWRFuOdxuhCtV%2FLrcuYh7cEmiuKP0X6ZgXTd9PF47RI7ZD%2BgljCaIUq%2FYVwRtozVDUour%2FG7r2Ws1FqJwubss9JP2HAZlL4C7be%2BePK%2F8pJmFw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754eb1636a18b524-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
iblplay.org/assets/menuicon/white/promo.svg?v=1
200 OK 517 B URL HTTP/1.1 iblplay.org/assets/menuicon/white/promo.svg?v=1
IP
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1008), with no line terminators
Hash 1f439de71bf9c9285bb53e72c2344d0f
fc666516eb056c59e00136ca8811ebddff54b33e
fbeb46bc33fca4347ec1fa1bbff8fa56a98677ec6e6e047fe3bc2d1b4da0cc6d
Analyzer Verdict Alert fortinet Phishing
GET /assets/menuicon/white/promo.svg?v=1 HTTP/1.1
Host: iblplay.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iblplay.org/
Cookie: ASP.NET_SessionId=poo3vuj4gb511zxvw13hxgza
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 14:43:59 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 22 Jun 2022 07:18:22 GMT
ETag: W/"4b2e6341886d81:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u6ldBZyUMGjoaYutB3ubTMtm%2BxXH%2FHu%2BNM7N2u5x3UWGhtyn3XCOAqpMUhEGNb%2Br%2FA%2B3rXdYSYrT4kt3N3esQDpDuNIjCsSwvEq%2BI8w2DVrZvb6c2m1xirD169Khqw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754eb1643d0fb500-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
iblplay.org/Assets/banner/IND/double-bonus-dingdong-rajaolb388_20221829061829.jpg?V=1652422749
200 OK 441 kB URL HTTP/1.1 iblplay.org/Assets/banner/IND/double-bonus-dingdong-rajaolb388_20221829061829.jpg?V=1652422749
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, baseline, precision 8, 1000x400, components 3\012- data
Size 441 kB (441267 bytes)
Hash e06c6cd7307817ed7c9ce76fdffdf932
966338f90404e67cf217d8ab1dfdc1f643c1e603
319442b57b7af758a54fa263a7db5f2aab352e7fdd0ccd8957ef27a61b30012b
Analyzer Verdict Alert fortinet Phishing
GET /Assets/banner/IND/double-bonus-dingdong-rajaolb388_20221829061829.jpg?V=1652422749 HTTP/1.1
Host: iblplay.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iblplay.org/
Cookie: ASP.NET_SessionId=poo3vuj4gb511zxvw13hxgza
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 14:43:58 GMT
Content-Type: image/jpeg
Content-Length: 441267
Connection: keep-alive
Last-Modified: Fri, 13 May 2022 06:19:04 GMT
ETag: "7f4319589166d81:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l6vjLrb0RaBsjvPzclBKZ84%2FWH7s7iFb1EYhioPveYB88wTIMVafv5xTGo5zyJ%2BTcxFyqKZavUBWhDgucJBqirR5dDngyPk5YWA5zQe8QN4gM1eCm7u5I%2FvUN1gItg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754eb15abd86b512-OSL
alt-svc: h2=":443"; ma=60
iblplay.org/assets/menuicon/white/whatsapp.svg?v=1
200 OK 469 B URL HTTP/1.1 iblplay.org/assets/menuicon/white/whatsapp.svg?v=1
IP
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (859), with no line terminators
Hash 585c7bf9876fdc9733cf89d6c07fa9c3
8c374c23868c6dcfb521c7f693769e281ed048c6
b9bddf0473c395c44c78760eed4e26e728354467ce3c479346539c84b9fb92fb
Analyzer Verdict Alert fortinet Phishing
GET /assets/menuicon/white/whatsapp.svg?v=1 HTTP/1.1
Host: iblplay.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iblplay.org/
Cookie: ASP.NET_SessionId=poo3vuj4gb511zxvw13hxgza
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 14:43:59 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 22 Jun 2022 06:29:01 GMT
ETag: W/"32dcb45c186d81:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iyDLjnKfV2t0%2BEpdJbGSzGnOgdixUbdJK5POStMqaDh1ilPBsHI3CPbAvsDaJ45In0e9zN0dE%2BIGwemcMf3WS3z16Zg14bW92TOl8h4nzZ9fyeT90gQrpJbKTJO3HA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754eb164aaa5b4f1-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
iblplay.org/assets/menuicon/white/livechat.svg?v=1
200 OK 568 B URL HTTP/1.1 iblplay.org/assets/menuicon/white/livechat.svg?v=1
IP
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1333), with no line terminators
Hash b7fae4bda7f51ca50798a11b26caf654
d4c2bffdce7416330c6c98f830585f122782172c
072a195d3b729f6a033b116c66903035c18a4fd9ee13aa2cf7b08e34ecfadca2
Analyzer Verdict Alert fortinet Phishing
GET /assets/menuicon/white/livechat.svg?v=1 HTTP/1.1
Host: iblplay.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iblplay.org/
Cookie: ASP.NET_SessionId=poo3vuj4gb511zxvw13hxgza
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 14:43:59 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 22 Jun 2022 07:22:52 GMT
ETag: W/"c5b3c5e2886d81:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aMUG0a9NOQZ5%2BZioKSRrkNIYiNe2VIamzyushdyehk3GJ6cwxjWxsGbiimU%2FH7ulqD%2BzbxCcxGgjkCut%2FWDbWBs8hxZx%2FrHTuw7QGg6YoU%2FMj2ZW28sxkNZAlKqHyA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754eb165ddd4b524-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
iblplay.org/Assets/brand/game/2/3-Joker.png?v=1
200 OK 9.1 kB URL HTTP/1.1 iblplay.org/Assets/brand/game/2/3-Joker.png?v=1
IP
File type PNG image data, 200 x 110, 8-bit colormap, non-interlaced\012- data
Hash b33250b9b82a01c7b747671af537489e
61b3cf40a7482ea06d764b44d2d28d98ad8fc8fc
854a590e2fb238f0ff31da2e959062c59f1176a11b1d27ad70fe919af518e9b0
Analyzer Verdict Alert fortinet Phishing
GET /Assets/brand/game/2/3-Joker.png?v=1 HTTP/1.1
Host: iblplay.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iblplay.org/
Cookie: ASP.NET_SessionId=poo3vuj4gb511zxvw13hxgza
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 14:43:59 GMT
Content-Type: image/png
Content-Length: 9116
Connection: keep-alive
Last-Modified: Thu, 30 Jun 2022 14:13:48 GMT
ETag: "0b69b9d8b8cd81:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=54BnAIAu%2BK3Hu6Ga8vyf7lxyUfNZ7yFUPqL%2Bojz64npa4bmRj%2B9AIi3L7n1zXIROS%2BoZ7bJW67c4WBEmzUesthbbGZsAbzDdLX0UwRbvk9HFH%2BATbTVg6UYGTF92jQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754eb166eecbb512-OSL
alt-svc: h2=":443"; ma=60
iblplay.org/Assets/banner/IND/Joker_Meteor_20220243050243.png?V=1664341370
200 OK 775 kB URL HTTP/1.1 iblplay.org/Assets/banner/IND/Joker_Meteor_20220243050243.png?V=1664341370
IP
File type PNG image data, 1000 x 400, 8-bit/color RGB, non-interlaced\012- data
Size 775 kB (775155 bytes)
Hash 5887bdf29a757b2b70e619a06be18709
fbded4a8d7f3668586f0f3e8af00ca3e43db54f2
71685bc1a6ab7f4ee462e38d539e60efe0c62df9e850f7e92b9da825c3deb466
Analyzer Verdict Alert fortinet Phishing
GET /Assets/banner/IND/Joker_Meteor_20220243050243.png?V=1664341370 HTTP/1.1
Host: iblplay.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iblplay.org/
Cookie: ASP.NET_SessionId=poo3vuj4gb511zxvw13hxgza
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 14:43:58 GMT
Content-Type: image/png
Content-Length: 775155
Connection: keep-alive
Last-Modified: Wed, 28 Sep 2022 04:50:26 GMT
ETag: "7c90aad3f5d2d81:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WI7ld5Fspcm85N52OYn2R7b2mcrsRr4EscJx7t7sE29lNct4yDl2GVJpA5kh8KgHuWyucVf2myCXVTtaM%2FtvgtcbtYk4eu7gpFO3%2FXezX6CkRHszZO148J0QU%2Bdmsw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754eb15c5e3bb524-OSL
alt-svc: h2=":443"; ma=60
iblplay.org/Assets/brand/game/2/3-Habanero.png?v=1
200 OK 6.9 kB URL HTTP/1.1 iblplay.org/Assets/brand/game/2/3-Habanero.png?v=1
IP
File type PNG image data, 200 x 110, 8-bit colormap, non-interlaced\012- data
Hash 680fdd1b8acbb4c6782019a4d798e0ef
51cb24c0a8d7e1924c9730dbd509a929caf23445
021c35050873b42751f8977b9c5fadb3122a37b925b8dd26a764414366c7aac7
Analyzer Verdict Alert fortinet Phishing
GET /Assets/brand/game/2/3-Habanero.png?v=1 HTTP/1.1
Host: iblplay.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iblplay.org/
Cookie: ASP.NET_SessionId=poo3vuj4gb511zxvw13hxgza
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 14:43:59 GMT
Content-Type: image/png
Content-Length: 6894
Connection: keep-alive
Last-Modified: Thu, 30 Jun 2022 14:13:48 GMT
ETag: "0b69b9d8b8cd81:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wGXJQp0HWtkMncUTwKcvPGazm6apQxoI7OVd%2Bw0bx%2BLwVwrk3fhjID3AGnG2rahn%2BNrIgQ%2BtiqZ34SjCwsJQ9RS9J2zUfvlhpf7rcCbfRrPRr8CXPgx%2F2b8x7BIFGg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754eb167280fb524-OSL
alt-svc: h2=":443"; ma=60
iblplay.org/Assets/banner/IND/double-bonus-tangkas-rajaolb388_20222324062324.jpg?V=1652423010
200 OK 0 B URL HTTP/1.1 iblplay.org/Assets/banner/IND/double-bonus-tangkas-rajaolb388_20222324062324.jpg?V=1652423010
IP
GET /Assets/banner/IND/double-bonus-tangkas-rajaolb388_20222324062324.jpg?V=1652423010 HTTP/1.1
Host: iblplay.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iblplay.org/
Cookie: ASP.NET_SessionId=poo3vuj4gb511zxvw13hxgza
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 14:43:59 GMT
Content-Type: image/jpeg
Content-Length: 401013
Connection: keep-alive
Last-Modified: Fri, 13 May 2022 06:23:25 GMT
ETag: "7ac9af39166d81:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3%2F2efdSCGsU%2FqFDTBIjo%2Fm5FrPeFztirkKh4lbwnC%2FkBmU%2FMG4hn9httAT71cd3nU9B2EP4p1xEq79gN1Z1fE%2BZEkZ6%2B4GZeHHVzbb4JfGsKK76VDOg%2FcTzAOsfkrA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754eb1603fdbb506-OSL
alt-svc: h2=":443"; ma=60
104.21.34.23
216.58.207.195
93.184.220.29
23.36.79.16
104.21.34.23
18.138.208.232
176.9.188.20