| evaporatepublicity.com/b2tz5c1vfg?dev=r&key=4e5057de80609a2a04a3e5cbed8ad68f&kw=[high,definition,3d,uhd,-,mygully,com]&psid=mygully.com,mygully.com&refer=https://mygully.com/forum/123-high-definition-3d-uhd/&res=14.31&scrHeight=1440&scrWidth=2560&ship=&sub3=invoke_layer&tz=2&uuid=69f1b6f9-2148-41f1-9e19-f8256e9d0206:3:1&v=24.5.6485&xgjcaas=93 | 172.240.108.84 | | 1.7 kB |
URL evaporatepublicity.com/b2tz5c1vfg?dev=r&key=4e5057de80609a2a04a3e5cbed8ad68f&kw=[high,definition,3d,uhd,-,mygully,com]&psid=mygully.com,mygully.com&refer=https://mygully.com/forum/123-high-definition-3d-uhd/&res=14.31&scrHeight=1440&scrWidth=2560&ship=&sub3=invoke_layer&tz=2&uuid=69f1b6f9-2148-41f1-9e19-f8256e9d0206:3:1&v=24.5.6485&xgjcaas=93 IP172.240.108.84:0
File typeHTML document, ASCII text, with very long lines (826) Hash2856744f5a41d54fcfc035a3a7f638f6 3b9dbcbd04cc175bfb11a4c45db05ddea5aaafbd 4e74a2e93d563fe79b00120ad457bb8abd26d420cf765df31d58c98ee9847bc0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /b2tz5c1vfg?dev=r&key=4e5057de80609a2a04a3e5cbed8ad68f&kw=[high,definition,3d,uhd,-,mygully,com]&psid=mygully.com,mygully.com&refer=https://mygully.com/forum/123-high-definition-3d-uhd/&res=14.31&scrHeight=1440&scrWidth=2560&ship=&sub3=invoke_layer&tz=2&uuid=69f1b6f9-2148-41f1-9e19-f8256e9d0206:3:1&v=24.5.6485&xgjcaas=93 HTTP/1.1
Host: evaporatepublicity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 07 May 2024 21:44:23 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=18274444; expires=Wed, 08 May 2024 21:44:23 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODI3NDQ0NCwiayI6IjRlNTA1N2RlODA2MDlhMmEwNGEzZTVjYmVkOGFkNjhmIiwic2lkIjoibXlndWxseS5jb20sbXlndWxseS5jb20iLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0OTM5MDQsInBpZCI6MTU3NTEsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MjcsImFpZCI6MjgsInB0Ijo0LCJwayI6ImIydHo1YzF2ZmciLCJjcGtzIjp7IjI5IjoiOTc5Yzc3YTUwNTJkOTRiZDQ1OTVjN2RhNDkyNzczYjkifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL215Z3VsbHkuY29tL2ZvcnVtLzEyMy1oaWdoLWRlZmluaXRpb24tM2QtdWhkLyIsImFyIjpbXX19.SV4HPM2QWWfXsc_cPn_jnC8sWNciaiv08mexQWIAUcU; expires=Tue, 07 May 2024 21:45:23 GMT
uid_id2=69f1b6f9-2148-41f1-9e19-f8256e9d0206:3:1; expires=Tue, 14 May 2024 21:44:23 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c821b0bfffbbb143ebbc05f2e3269b8c
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| evaporatepublicity.com/api/users?token=L2IydHo1YzF2Zmc_ZGV2PXIma2V5PTRlNTA1N2RlODA2MDlhMmEwNGEzZTVjYmVkOGFkNjhmJmt3PSU1QmhpZ2glMkNkZWZpbml0aW9uJTJDM2QlMkN1aGQlMkMtJTJDbXlndWxseSUyQ2NvbSU1RCZwc2lkPW15Z3VsbHkuY29tJTJDbXlndWxseS5jb20mcHN0PTE3MTUxMTgzMjMmcmVmZXI9aHR0cHMlM0ElMkYlMkZteWd1bGx5LmNvbSUyRmZvcnVtJTJGMTIzLWhpZ2gtZGVmaW5pdGlvbi0zZC11aGQlMkYmcmVzPTE0LjMxJnJtdGM9dCZzY3JIZWlnaHQ9MTQ0MCZzY3JXaWR0aD0yNTYwJnNoaXA9JnNodT1kYTFmNWViMTc5MDA4YzhmMzlkMWI5ZjIyNmZhMjA4NDczYjcwYjdiODExOWM1MWE3OWM4M2ViNjNjYThmYWE1OTMxOWE5MDNkYzAzYThiZWMyZDJkYmJlMGZlODVmMzc5NTQ5Mjg2MWVkMGIxODVmNjUyMDA0ZGJmNzQ3YmI0M2Q2OWI3NTY2MDBmZGU4MDhlYjE4M2JhZGJiNzkwYmJiOTM0ZTQwZWIwMTg1ZGQ1MzU2ZGJhMjhlNzBhYWU5NjBjZSZzdWIzPWludm9rZV9sYXllciZ0ej0yJnV1aWQ9NjlmMWI2ZjktMjE0OC00MWYxLTllMTktZjgyNTZlOWQwMjA2JTNBMyUzQTEmdj0yNC41LjY0ODUmeGdqY2Fhcz05Mw&uuid=69f1b6f9-2148-41f1-9e19-f8256e9d0206%3A3%3A1&pii=&in=false | 172.240.108.84 | | 0 B |
URL evaporatepublicity.com/api/users?token=L2IydHo1YzF2Zmc_ZGV2PXIma2V5PTRlNTA1N2RlODA2MDlhMmEwNGEzZTVjYmVkOGFkNjhmJmt3PSU1QmhpZ2glMkNkZWZpbml0aW9uJTJDM2QlMkN1aGQlMkMtJTJDbXlndWxseSUyQ2NvbSU1RCZwc2lkPW15Z3VsbHkuY29tJTJDbXlndWxseS5jb20mcHN0PTE3MTUxMTgzMjMmcmVmZXI9aHR0cHMlM0ElMkYlMkZteWd1bGx5LmNvbSUyRmZvcnVtJTJGMTIzLWhpZ2gtZGVmaW5pdGlvbi0zZC11aGQlMkYmcmVzPTE0LjMxJnJtdGM9dCZzY3JIZWlnaHQ9MTQ0MCZzY3JXaWR0aD0yNTYwJnNoaXA9JnNodT1kYTFmNWViMTc5MDA4YzhmMzlkMWI5ZjIyNmZhMjA4NDczYjcwYjdiODExOWM1MWE3OWM4M2ViNjNjYThmYWE1OTMxOWE5MDNkYzAzYThiZWMyZDJkYmJlMGZlODVmMzc5NTQ5Mjg2MWVkMGIxODVmNjUyMDA0ZGJmNzQ3YmI0M2Q2OWI3NTY2MDBmZGU4MDhlYjE4M2JhZGJiNzkwYmJiOTM0ZTQwZWIwMTg1ZGQ1MzU2ZGJhMjhlNzBhYWU5NjBjZSZzdWIzPWludm9rZV9sYXllciZ0ej0yJnV1aWQ9NjlmMWI2ZjktMjE0OC00MWYxLTllMTktZjgyNTZlOWQwMjA2JTNBMyUzQTEmdj0yNC41LjY0ODUmeGdqY2Fhcz05Mw&uuid=69f1b6f9-2148-41f1-9e19-f8256e9d0206%3A3%3A1&pii=&in=false IP172.240.108.84:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /api/users?token=L2IydHo1YzF2Zmc_ZGV2PXIma2V5PTRlNTA1N2RlODA2MDlhMmEwNGEzZTVjYmVkOGFkNjhmJmt3PSU1QmhpZ2glMkNkZWZpbml0aW9uJTJDM2QlMkN1aGQlMkMtJTJDbXlndWxseSUyQ2NvbSU1RCZwc2lkPW15Z3VsbHkuY29tJTJDbXlndWxseS5jb20mcHN0PTE3MTUxMTgzMjMmcmVmZXI9aHR0cHMlM0ElMkYlMkZteWd1bGx5LmNvbSUyRmZvcnVtJTJGMTIzLWhpZ2gtZGVmaW5pdGlvbi0zZC11aGQlMkYmcmVzPTE0LjMxJnJtdGM9dCZzY3JIZWlnaHQ9MTQ0MCZzY3JXaWR0aD0yNTYwJnNoaXA9JnNodT1kYTFmNWViMTc5MDA4YzhmMzlkMWI5ZjIyNmZhMjA4NDczYjcwYjdiODExOWM1MWE3OWM4M2ViNjNjYThmYWE1OTMxOWE5MDNkYzAzYThiZWMyZDJkYmJlMGZlODVmMzc5NTQ5Mjg2MWVkMGIxODVmNjUyMDA0ZGJmNzQ3YmI0M2Q2OWI3NTY2MDBmZGU4MDhlYjE4M2JhZGJiNzkwYmJiOTM0ZTQwZWIwMTg1ZGQ1MzU2ZGJhMjhlNzBhYWU5NjBjZSZzdWIzPWludm9rZV9sYXllciZ0ej0yJnV1aWQ9NjlmMWI2ZjktMjE0OC00MWYxLTllMTktZjgyNTZlOWQwMjA2JTNBMyUzQTEmdj0yNC41LjY0ODUmeGdqY2Fhcz05Mw&uuid=69f1b6f9-2148-41f1-9e19-f8256e9d0206%3A3%3A1&pii=&in=false HTTP/1.1
Host: evaporatepublicity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://evaporatepublicity.com/api/users?token=L2IydHo1YzF2Zmc_a2V5PTBmMjJjMWZkNjA5ZjEzY2I3OTQ3YzhjYWJmZTFhOTBkJnN1Ym1ldHJpYz0xODI3NDQ0NA
Cookie: u_pl=18274444; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODI3NDQ0NCwiayI6IjRlNTA1N2RlODA2MDlhMmEwNGEzZTVjYmVkOGFkNjhmIiwic2lkIjoibXlndWxseS5jb20sbXlndWxseS5jb20iLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0OTM5MDQsInBpZCI6MTU3NTEsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MjcsImFpZCI6MjgsInB0Ijo0LCJwayI6ImIydHo1YzF2ZmciLCJjcGtzIjp7IjI5IjoiOTc5Yzc3YTUwNTJkOTRiZDQ1OTVjN2RhNDkyNzczYjkifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL215Z3VsbHkuY29tL2ZvcnVtLzEyMy1oaWdoLWRlZmluaXRpb24tM2QtdWhkLyIsImFyIjpbXX19.SV4HPM2QWWfXsc_cPn_jnC8sWNciaiv08mexQWIAUcU; uid_id2=69f1b6f9-2148-41f1-9e19-f8256e9d0206:3:1; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.21.6
Date: Tue, 07 May 2024 21:44:23 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://nylonnickel.xyz/c9b2l0k.php?key=725l9nmctij07aovqopa&SUB_ID_SHORT=39c648a9696c1b482a90100473e4122e&COST_CPC=&PLACEMENT_ID=18274444&CAMPAIGN_ID=1033197&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Linux&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&REMOTE_LANGUAGE=11&BANNER_ID=2909415
Set-Cookie: uid_id2=69f1b6f9-2148-41f1-9e19-f8256e9d0206:3:1; expires=Tue, 14 May 2024 21:44:23 GMT
pdhtkv=true; expires=Wed, 08 May 2024 21:44:23 GMT
uncs=1; expires=Wed, 08 May 2024 21:44:23 GMT
pdhtkv28=true; expires=Wed, 08 May 2024 21:44:23 GMT
uncs28=1; expires=Wed, 08 May 2024 21:44:23 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 081c039c4168312e0872f198a17d0956
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| evaporatepublicity.com/favicon.ico | 192.243.59.13 | | 0 B |
URL evaporatepublicity.com/favicon.ico IP192.243.59.13:0 ASN#39572 DataWeb Global Group B.V.
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: evaporatepublicity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://evaporatepublicity.com/api/users?token=L2IydHo1YzF2Zmc_a2V5PTBmMjJjMWZkNjA5ZjEzY2I3OTQ3YzhjYWJmZTFhOTBkJnN1Ym1ldHJpYz0xODI3NDQ0NA
Cookie: u_pl=18274444; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODI3NDQ0NCwiayI6IjRlNTA1N2RlODA2MDlhMmEwNGEzZTVjYmVkOGFkNjhmIiwic2lkIjoibXlndWxseS5jb20sbXlndWxseS5jb20iLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0OTM5MDQsInBpZCI6MTU3NTEsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MjcsImFpZCI6MjgsInB0Ijo0LCJwayI6ImIydHo1YzF2ZmciLCJjcGtzIjp7IjI5IjoiOTc5Yzc3YTUwNTJkOTRiZDQ1OTVjN2RhNDkyNzczYjkifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL215Z3VsbHkuY29tL2ZvcnVtLzEyMy1oaWdoLWRlZmluaXRpb24tM2QtdWhkLyIsImFyIjpbXX19.SV4HPM2QWWfXsc_cPn_jnC8sWNciaiv08mexQWIAUcU; uid_id2=69f1b6f9-2148-41f1-9e19-f8256e9d0206:3:1; cjs=t
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 07 May 2024 21:44:24 GMT
Content-Type: image/x-icon
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7e6a12edc5df42b4ae6085d7337ebfa9
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| nylonnickel.xyz/c9b2l0k.php?key=725l9nmctij07aovqopa&SUB_ID_SHORT=39c648a9696c1b482a90100473e4122e&COST_CPC=&PLACEMENT_ID=18274444&CAMPAIGN_ID=1033197&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Linux&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&REMOTE_LANGUAGE=11&BANNER_ID=2909415 | 192.64.81.118 | | 0 B |
URL nylonnickel.xyz/c9b2l0k.php?key=725l9nmctij07aovqopa&SUB_ID_SHORT=39c648a9696c1b482a90100473e4122e&COST_CPC=&PLACEMENT_ID=18274444&CAMPAIGN_ID=1033197&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Linux&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&REMOTE_LANGUAGE=11&BANNER_ID=2909415 IP192.64.81.118:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c9b2l0k.php?key=725l9nmctij07aovqopa&SUB_ID_SHORT=39c648a9696c1b482a90100473e4122e&COST_CPC=&PLACEMENT_ID=18274444&CAMPAIGN_ID=1033197&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Linux&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&REMOTE_LANGUAGE=11&BANNER_ID=2909415 HTTP/1.1
Host: nylonnickel.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://evaporatepublicity.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.22.0
Date: Tue, 07 May 2024 21:44:24 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: uclick=usbzfvxi8p; expires=Wed, 08-May-2024 21:44:24 GMT; Max-Age=86400; path=/; secure; SameSite=none
uclickhash=usbzfvxi8p-usbzfvxi8p-fyyd-0-us8pwj-g5us0-g5pm3y-0ed90b; expires=Wed, 08-May-2024 21:44:24 GMT; Max-Age=86400; path=/; secure; SameSite=none
Location: https://rqqlj.canopusacrux.com/?pl=4l9EZwXc2kSH_LKKjogwWA&click_id=00f00usbzfvxi8p7fe&sub_id=18274444
Strict-Transport-Security: max-age=31536000
|
|
| rqqlj.canopusacrux.com/?pl=4l9EZwXc2kSH_LKKjogwWA&click_id=00f00usbzfvxi8p7fe&sub_id=18274444 | 104.21.4.72 | | 0 B |
URL rqqlj.canopusacrux.com/?pl=4l9EZwXc2kSH_LKKjogwWA&click_id=00f00usbzfvxi8p7fe&sub_id=18274444 IP104.21.4.72:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?pl=4l9EZwXc2kSH_LKKjogwWA&click_id=00f00usbzfvxi8p7fe&sub_id=18274444 HTTP/1.1
Host: rqqlj.canopusacrux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://evaporatepublicity.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Tue, 07 May 2024 21:44:24 GMT
content-length: 0
location: https://rqqlj.check-tl-ver-154-2.com/blue-robot/?pl=4l9EZwXc2kSH_LKKjogwWA&sm=blue-robot&click_id=00f00usbzfvxi8p7fe&sub_id=18274444&nrid=d36a814aeb04490eb51c89d6b7f23ab2&hash=6DASwib6ZHF3ASbo3T8IYg&exp=1715118564
set-cookie: 4l9EZwXc2kSH_LKKjogwWA=3; max-age=345600; path=/; samesite=lax
__pl=2d1dc8fd-1c3f-468c-8c5f-98c91c699d8b; expires=Thu, 07 May 2026 21:44:24 GMT; path=/; samesite=lax
__cap=1; max-age=3600; path=/; samesite=lax
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H2Bm9%2F9swUsOBvNdsFOaIS6koNtwXHHno5Kx9uJS2hB8YcsBJmC3SN7DnOynfRKzKiv1tt9Y%2B8OmoMBtzasqKWBLW3QgXO8SwN8wDaMoTlnA1H%2B82cFJynAJSgA%2B7Bus4vNPitZmqF6a"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804642138a9b4f9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 | 142.250.74.67 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 IP142.250.74.67:443
Requested byhttps://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldhc0AlAAAAAJUY_BS5coGTzfWcigG8Ffq24P4i&co=aHR0cHM6Ly9hbHBoYWJvb2tiZXQuY29tOjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=9rjsjj92rqqt CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15552, version 1.0 Hash285467176f7fe6bb6a9c6873b3dad2cc ea04e4ff5142ddd69307c183def721a160e0a64e 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rqqlj.check-tl-ver-154-2.com
DNT: 1
Connection: keep-alive
Referer: https://rqqlj.check-tl-ver-154-2.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:50:52 GMT
expires: Fri, 02 May 2025 01:50:52 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
age: 503613
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 | 142.250.74.67 | | 15 kB |
URL fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 IP142.250.74.67:0
CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15440, version 1.0 Hash55536c8e9e9a532651e3cf374f290ea3 ff3a9b8ae317896cbbcbadfbe615d671bd1d32a2 eca8ffa764a66cd084800e2e71c4176ef089ebd805515664a6cb8d4fb3b598bf
GET /s/roboto/v18/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rqqlj.check-tl-ver-154-2.com
DNT: 1
Connection: keep-alive
Referer: https://rqqlj.check-tl-ver-154-2.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15440
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:57:58 GMT
expires: Fri, 02 May 2025 01:57:58 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:32:43 GMT
content-type: font/woff2
age: 503187
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| rqqlj.check-tl-ver-154-2.com/favicon.ico | 104.21.37.155 | | 0 B |
URL rqqlj.check-tl-ver-154-2.com/favicon.ico IP104.21.37.155:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: rqqlj.check-tl-ver-154-2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rqqlj.check-tl-ver-154-2.com/blue-robot/?pl=4l9EZwXc2kSH_LKKjogwWA&sm=blue-robot&click_id=00f00usbzfvxi8p7fe&sub_id=18274444&nrid=d36a814aeb04490eb51c89d6b7f23ab2&hash=6DASwib6ZHF3ASbo3T8IYg&exp=1715118564
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Tue, 07 May 2024 21:44:25 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 4537
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rEF5C5jvO%2BKY3ekTXYXBvSlP%2B2MB5rn%2Fo6l4u3C4yPI%2Fa8eKUq6DjRjEq7p2l558wbt2o5i7lDPNzge8th8R6QipEtSWwNjnodp6fgwso341U8fc9C3aiQQ1tYyNg8yWKNI7ZcqlqhYXZA2fMHq4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880464258f04b52d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| rqqlj.check-tl-ver-154-2.com/blue-robot/assets/trls.js | 104.21.37.155 | | 2.1 kB |
URL rqqlj.check-tl-ver-154-2.com/blue-robot/assets/trls.js IP104.21.37.155:0
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (362), with CRLF line terminators Hasha1172576cb7f22b41247c5571d2f6d9e 8ede5adfb13a76a2d04dfa26ccdf5a15d2abd18c 2c0b0f46a0c12f49cc290e1b3d62a890e8da3434dc80720e3c5a20bec0ab43e1
GET /blue-robot/assets/trls.js HTTP/1.1
Host: rqqlj.check-tl-ver-154-2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rqqlj.check-tl-ver-154-2.com/blue-robot/?pl=4l9EZwXc2kSH_LKKjogwWA&sm=blue-robot&click_id=00f00usbzfvxi8p7fe&sub_id=18274444&nrid=d36a814aeb04490eb51c89d6b7f23ab2&hash=6DASwib6ZHF3ASbo3T8IYg&exp=1715118564
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 21:44:24 GMT
content-type: application/javascript
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: W/"6627c958-1fa7"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4353
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QNovRiKFlGMh0st0FrRxcfcCKLQjqHNPH%2FpNzzUHDQxy5VkV6aoVOxfoBYEb6wedZaoCE0ALBYyeZsN9EhSyPNZ4ZJlejGrhCFgXRfGfl0Dk04FWg9%2FtlPfX7HBbsVf69N%2FzErHAnjhhW3uh6Dve"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880464239d0fb52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| rqqlj.check-tl-ver-154-2.com/blue-robot/assets/style.css | 104.21.37.155 | | 10 kB |
URL rqqlj.check-tl-ver-154-2.com/blue-robot/assets/style.css IP104.21.37.155:0
File typeJavaScript source, ASCII text, with very long lines (28369), with CRLF, LF line terminators Hash565499283d560a5096b604aae7a3d933 e287e72b627af83181e311795e2d20a9da43b99d d911ed8456878b0e298c4620f447c52841b8f31163ed76ec9631b4af10e75a04
GET /blue-robot/assets/style.css HTTP/1.1
Host: rqqlj.check-tl-ver-154-2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rqqlj.check-tl-ver-154-2.com/blue-robot/?pl=4l9EZwXc2kSH_LKKjogwWA&sm=blue-robot&click_id=00f00usbzfvxi8p7fe&sub_id=18274444&nrid=d36a814aeb04490eb51c89d6b7f23ab2&hash=6DASwib6ZHF3ASbo3T8IYg&exp=1715118564
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 21:44:24 GMT
content-type: text/css
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: W/"6627c958-f8e"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 4353
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PQeZgHxC5MOfpCsTl4BsBiGfhc2%2FvO7cb2jYTtjjtS5kksD35eXwoE7LC2I1ByDeEhdY1wkZv8dy%2BotPHUpviTNo1O0D%2BkTLJAwbHGtHMBDP5SIco0VuzfZUIdBxIi2EzPPDjMk3%2FW0MJbDZV0HC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88046423ad15b52d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js | 142.250.74.99 | | 9.9 kB |
URL www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js IP142.250.74.99:0
File typeJavaScript source, ASCII text, with very long lines (38231) Hash0541b823dfaf39162ef84cf075c9951b e0934726455558cc1a59823efada9651e33aafaa 21f1d62f222007068c793f0947d98f4ccb7c1595adb68efeb783390fdd8b5522
GET /firebasejs/10.3.1/firebase-messaging-compat.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rqqlj.check-tl-ver-154-2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 9934
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 02:03:05 GMT
expires: Sat, 03 May 2025 02:03:05 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 31 Aug 2023 15:20:50 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 416480
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ia.check-tl-ver-154-2.com/blue-robot/assets/style.css | 104.21.37.155 | | 16 kB |
URL ia.check-tl-ver-154-2.com/blue-robot/assets/style.css IP104.21.37.155:0
File typegzip compressed data, from Unix Hashbfdd750fbc817088e6ee8fae090a3ef2 d13da0228e795ef84dd237adc108c5cb68314ef6 4bf23427d53068746569ac19d0570e82389cedfba4ef5952bd5fcdc907b620e4
GET /blue-robot/assets/style.css HTTP/1.1
Host: ia.check-tl-ver-154-2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ia.check-tl-ver-154-2.com/blue-robot/?pl=4l9EZwXc2kSH_LKKjogwWA&sm=blue-robot&click_id=00f00usbzfvxi8p7fe&sub_id=18274444&nrid=d36a814aeb04490eb51c89d6b7f23ab2&hash=6DASwib6ZHF3ASbo3T8IYg&exp=1715118564
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 21:44:25 GMT
content-type: text/css
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: W/"6627c958-f8e"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BlB4G%2BtVkZFe%2BhWik7cHQAqdp8HI58MS5NyxrkJkAWWiOtPe6tNBjjToj9VWAoito1p5FMMdYiJmSlVHIgwWJ3rWtD4lh9%2BBVcvACTlgyJmp2%2BZoXi0pO%2BpUNKHi68yOEVT6p7amiPXv1Axw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8804642738a3b52d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ia.check-tl-ver-154-2.com/shared-js/assets/static-pl.js?v=2 | 104.21.37.155 | | 17 kB |
URL ia.check-tl-ver-154-2.com/shared-js/assets/static-pl.js?v=2 IP104.21.37.155:0
File typeJavaScript source, ASCII text, with CRLF line terminators Hash7224243dd0b18bb2508a1d77d4b2a0b2 bd833c24aa241861316053fd8bd46a1bef3d343f 920aa94a10634fc23234b5e4f55c428f6311fc7811d3591792381678cb492659
GET /shared-js/assets/static-pl.js?v=2 HTTP/1.1
Host: ia.check-tl-ver-154-2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ia.check-tl-ver-154-2.com/blue-robot/?pl=4l9EZwXc2kSH_LKKjogwWA&sm=blue-robot&click_id=00f00usbzfvxi8p7fe&sub_id=18274444&nrid=d36a814aeb04490eb51c89d6b7f23ab2&hash=6DASwib6ZHF3ASbo3T8IYg&exp=1715118564
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 21:44:25 GMT
content-type: application/javascript
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: W/"6627c958-dee"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4783
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ma69t3OMhMVdl8dS1lHnVPTFXFP%2FrTkeVYcu37%2BpN95NIaFpp8GsakHDH6gZ3RQsM6nyouKH88BwjXXRXy80CMJk%2FgEYyyaZjxzODGntUOBdxaQ1tShtcC8roaFeRwevrt7URSZMa4I8SmGT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8804642738a9b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ia.check-tl-ver-154-2.com/blue-robot/assets/trls.js | 104.21.37.155 | | 15 kB |
URL ia.check-tl-ver-154-2.com/blue-robot/assets/trls.js IP104.21.37.155:0
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (362), with CRLF line terminators Hasha1172576cb7f22b41247c5571d2f6d9e 8ede5adfb13a76a2d04dfa26ccdf5a15d2abd18c 2c0b0f46a0c12f49cc290e1b3d62a890e8da3434dc80720e3c5a20bec0ab43e1
GET /blue-robot/assets/trls.js HTTP/1.1
Host: ia.check-tl-ver-154-2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ia.check-tl-ver-154-2.com/blue-robot/?pl=4l9EZwXc2kSH_LKKjogwWA&sm=blue-robot&click_id=00f00usbzfvxi8p7fe&sub_id=18274444&nrid=d36a814aeb04490eb51c89d6b7f23ab2&hash=6DASwib6ZHF3ASbo3T8IYg&exp=1715118564
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 21:44:25 GMT
content-type: application/javascript
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: W/"6627c958-1fa7"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J0RKr%2BHSJwbMKCLguUIrGPrQnRyROxBQetKoVuJD%2BxJuzLw%2F%2BPbckJcs03UBti10pleYWamC5tlkIomNShyy%2FgA7priRwnuRfVG9KIzCvnhkbuiWmZmrEZ5q%2Fmzquekcq2yQfSjaCpYbjDOV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88046427389eb52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.gstatic.com/firebasejs/10.3.1/firebase-app-compat.js | 142.250.74.99 | | 9.3 kB |
URL www.gstatic.com/firebasejs/10.3.1/firebase-app-compat.js IP142.250.74.99:0
File typeJavaScript source, ASCII text, with very long lines (28368) Hash9900403b65514fad7df39a4e788a6e45 75f9ba061ef4e72bb23528c700f2a11c56d637e9 a202b2051ea9810cd9ba592b3f9418a89e2062f5c185e29e288080b28eb64fe5
GET /firebasejs/10.3.1/firebase-app-compat.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ia.check-tl-ver-154-2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 9308
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:56:57 GMT
expires: Fri, 02 May 2025 01:56:57 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 31 Aug 2023 15:20:38 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 503248
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js | 142.250.74.99 | | 9.9 kB |
URL www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js IP142.250.74.99:0
File typeJavaScript source, ASCII text, with very long lines (38231) Hash0541b823dfaf39162ef84cf075c9951b e0934726455558cc1a59823efada9651e33aafaa 21f1d62f222007068c793f0947d98f4ccb7c1595adb68efeb783390fdd8b5522
GET /firebasejs/10.3.1/firebase-messaging-compat.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ia.check-tl-ver-154-2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 9934
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 02:03:05 GMT
expires: Sat, 03 May 2025 02:03:05 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 31 Aug 2023 15:20:50 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 416480
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| ib.check-tl-ver-154-2.com/blue-robot/?pl=4l9EZwXc2kSH_LKKjogwWA&sm=blue-robot&click_id=00f00usbzfvxi8p7fe&sub_id=18274444&nrid=d36a814aeb04490eb51c89d6b7f23ab2&hash=6DASwib6ZHF3ASbo3T8IYg&exp=1715118564 | 104.21.37.155 | | 21 kB |
URL ib.check-tl-ver-154-2.com/blue-robot/?pl=4l9EZwXc2kSH_LKKjogwWA&sm=blue-robot&click_id=00f00usbzfvxi8p7fe&sub_id=18274444&nrid=d36a814aeb04490eb51c89d6b7f23ab2&hash=6DASwib6ZHF3ASbo3T8IYg&exp=1715118564 IP104.21.37.155:0
File typeHTML document, ASCII text, with very long lines (1380), with CRLF line terminators Hash9a97caf42661ea48c9a8d347229b398a 5ee1404818c517813439e1a056b4016531fa11c7 8ac0a629dba5a9c8e52055295882680ede84c8d0a9f9e1c1af3636d1f47fa3bd
GET /blue-robot/?pl=4l9EZwXc2kSH_LKKjogwWA&sm=blue-robot&click_id=00f00usbzfvxi8p7fe&sub_id=18274444&nrid=d36a814aeb04490eb51c89d6b7f23ab2&hash=6DASwib6ZHF3ASbo3T8IYg&exp=1715118564 HTTP/1.1
Host: ib.check-tl-ver-154-2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ia.check-tl-ver-154-2.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 21:44:25 GMT
content-type: text/html
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=diumNqx8Kdhn2ko3v5exeMVS4qy73FRKYVnKSKLgu77zfZY8xbQP%2FSuFMzbI2vy%2By8jRkdMTt8XkxBv7CRJjk1BDnSG9TCUt4%2BbzFKLijX6hEgVzM0u3907IQfWFvTvYQYI5avBbnbWQ%2BiSA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880464296a95b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 | 142.250.74.67 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 IP142.250.74.67:443
Requested byhttps://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldhc0AlAAAAAJUY_BS5coGTzfWcigG8Ffq24P4i&co=aHR0cHM6Ly9hbHBoYWJvb2tiZXQuY29tOjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=9rjsjj92rqqt CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15552, version 1.0 Hash285467176f7fe6bb6a9c6873b3dad2cc ea04e4ff5142ddd69307c183def721a160e0a64e 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ib.check-tl-ver-154-2.com
DNT: 1
Connection: keep-alive
Referer: https://ib.check-tl-ver-154-2.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:50:52 GMT
expires: Fri, 02 May 2025 01:50:52 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
age: 503614
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| ib.check-tl-ver-154-2.com/blue-robot/assets/style.css | 104.21.37.155 | | 812 B |
URL ib.check-tl-ver-154-2.com/blue-robot/assets/style.css IP104.21.37.155:0
File typeASCII text, with CRLF line terminators Hashff38fe2c7e467d3883201690baacfa93 edb4a93e0faa1c7b8968aab788b3e33e181c6c00 3a4bd4aed7f8c1fe11b9a39c4e70da33ccf8df29109e23f1ec10f6d07220bcd9
GET /blue-robot/assets/style.css HTTP/1.1
Host: ib.check-tl-ver-154-2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ib.check-tl-ver-154-2.com/blue-robot/?pl=4l9EZwXc2kSH_LKKjogwWA&sm=blue-robot&click_id=00f00usbzfvxi8p7fe&sub_id=18274444&nrid=d36a814aeb04490eb51c89d6b7f23ab2&hash=6DASwib6ZHF3ASbo3T8IYg&exp=1715118564
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 21:44:25 GMT
content-type: text/css
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: W/"6627c958-f8e"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ItIrgVDopV9zj1gj1tJOgVdPxjGnZ8e6pTmufB1%2BlBMNMZLLktSUQx21UDGrQdkZiyJhFrFI53ZVjoSu57M0Ol4y%2Ffa1mSNO1NB7i9UvbCtrz9HPTFL9PJS1Rv0IsbTa00c6tVf7nb37h15q"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8804642a2b68b52d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdnstatic.check-tl-ver-154-2.com/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=4l9EZwXc2kSH_LKKjogwWA&sm=blue-robot&click_id=00f00usbzfvxi8p7fe&sub_id=18274444&appspot=&d=https%3A%2F%2Fcdnstatic.check-tl-ver-154-2.com&timeout=30&tb=true&nrid=d36a814aeb04490eb51c89d6b7f23ab2 | 104.21.37.155 | | 23 kB |
URL cdnstatic.check-tl-ver-154-2.com/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=4l9EZwXc2kSH_LKKjogwWA&sm=blue-robot&click_id=00f00usbzfvxi8p7fe&sub_id=18274444&appspot=&d=https%3A%2F%2Fcdnstatic.check-tl-ver-154-2.com&timeout=30&tb=true&nrid=d36a814aeb04490eb51c89d6b7f23ab2 IP104.21.37.155:0
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (61654) Hash317a8eabc7b97fb5d9602f7579447567 e79956eb383becbb2e25c4474280932e36b63516 a247bb8e6d27c0bae9a2483a548f2a8e227ffbddae85ba153be6d2c8b6a5397c
GET /ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=4l9EZwXc2kSH_LKKjogwWA&sm=blue-robot&click_id=00f00usbzfvxi8p7fe&sub_id=18274444&appspot=&d=https%3A%2F%2Fcdnstatic.check-tl-ver-154-2.com&timeout=30&tb=true&nrid=d36a814aeb04490eb51c89d6b7f23ab2 HTTP/1.1
Host: cdnstatic.check-tl-ver-154-2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ib.check-tl-ver-154-2.com/
Cookie: __psu=2c4d4821-9138-4d95-bb78-a0701961bbf6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 21:44:26 GMT
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-encoding: gzip
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nb02B%2B7ZED454zUYPIh8M%2BBjppw%2BCD%2B2dtCZt4qgoLYFu096OhFBalBcqssK3E%2BypMHIryqvUV9GhiJ%2BI%2B0EI2qVaDcp9FjOUANzgr0MgajphN2ydhKqqU78ngy0cdcfmtBCgFeK6ENwXTIlqauPbqACXw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8804642acc10b52d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js | 142.250.74.99 | | 9.9 kB |
URL www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js IP142.250.74.99:0
File typeJavaScript source, ASCII text, with very long lines (38231) Hash0541b823dfaf39162ef84cf075c9951b e0934726455558cc1a59823efada9651e33aafaa 21f1d62f222007068c793f0947d98f4ccb7c1595adb68efeb783390fdd8b5522
GET /firebasejs/10.3.1/firebase-messaging-compat.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ib.check-tl-ver-154-2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 9934
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 02:03:05 GMT
expires: Sat, 03 May 2025 02:03:05 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 31 Aug 2023 15:20:50 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 416481
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.highcpmgate.com/g0rcyaaab7?key=95e6f21cd393f59a1833b1034d8951ec | 192.243.59.20 | | 1.3 kB |
URL www.highcpmgate.com/g0rcyaaab7?key=95e6f21cd393f59a1833b1034d8951ec IP192.243.59.20:0 ASN#39572 DataWeb Global Group B.V.
File typeHTML document, ASCII text, with very long lines (410) Hash49c29e96b7581c409e2b6f7fb0f4c363 bb5a295cafe0100f1fe996ba3ee0f852ac069e0b 94b35526753806da2c7eaa9c6024419f07ef005bf08178bc3f2d6555a0f1aa32
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /g0rcyaaab7?key=95e6f21cd393f59a1833b1034d8951ec HTTP/1.1
Host: www.highcpmgate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 07 May 2024 21:44:26 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=23070551; expires=Wed, 08 May 2024 21:44:26 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMzA3MDU1MSwiayI6Ijk1ZTZmMjFjZDM5M2Y1OWExODMzYjEwMzRkODk1MWVjIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozNzk1OTI5LCJwaWQiOjE4MjM3NzAsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MzEsImFpZCI6MjgsInB0Ijo0LCJwayI6ImcwcmN5YWFhYjciLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6IiIsImFyIjpbXX19.U2ebwFjEv1emnUSOTmNQTe-4rPP39OWIepgfVbZEwNQ; expires=Tue, 07 May 2024 21:45:26 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c5573eb4d4ae8b70a9ba38f36d4d5986
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| www.highcpmgate.com/api/users?token=L2cwcmN5YWFhYjc_a2V5PTk1ZTZmMjFjZDM5M2Y1OWExODMzYjEwMzRkODk1MWVjJnBzdD0xNzE1MTE4MzI2JnJtdGM9dCZzaHU9ZjA0MjRiYTA0YTEyYzFhMjk3MmQwYjY3NjEwYzFkNjJkMzAyZmVjODc4MTBmMDA5YmQ1ODcyNTUzNzNkMjMzZmYwYTYwODllMGE4MjE0NDNkMDRiZjNiODdiMTY4ZDM0ZGJiYjdmM2NmN2IxZGE4Yjk2NmZjZTNhYjAxZWRkYzNiMThlN2ZlMDhlZWRiYmNhMDRjNWQ0OGEzY2VhNzk4MTEzZTI1ZDczMDY0OTY1YjBlYzU0ZTZmN2VjMDc3MA&uuid=&pii=&in=false | 172.240.108.76 | | 0 B |
URL www.highcpmgate.com/api/users?token=L2cwcmN5YWFhYjc_a2V5PTk1ZTZmMjFjZDM5M2Y1OWExODMzYjEwMzRkODk1MWVjJnBzdD0xNzE1MTE4MzI2JnJtdGM9dCZzaHU9ZjA0MjRiYTA0YTEyYzFhMjk3MmQwYjY3NjEwYzFkNjJkMzAyZmVjODc4MTBmMDA5YmQ1ODcyNTUzNzNkMjMzZmYwYTYwODllMGE4MjE0NDNkMDRiZjNiODdiMTY4ZDM0ZGJiYjdmM2NmN2IxZGE4Yjk2NmZjZTNhYjAxZWRkYzNiMThlN2ZlMDhlZWRiYmNhMDRjNWQ0OGEzY2VhNzk4MTEzZTI1ZDczMDY0OTY1YjBlYzU0ZTZmN2VjMDc3MA&uuid=&pii=&in=false IP172.240.108.76:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /api/users?token=L2cwcmN5YWFhYjc_a2V5PTk1ZTZmMjFjZDM5M2Y1OWExODMzYjEwMzRkODk1MWVjJnBzdD0xNzE1MTE4MzI2JnJtdGM9dCZzaHU9ZjA0MjRiYTA0YTEyYzFhMjk3MmQwYjY3NjEwYzFkNjJkMzAyZmVjODc4MTBmMDA5YmQ1ODcyNTUzNzNkMjMzZmYwYTYwODllMGE4MjE0NDNkMDRiZjNiODdiMTY4ZDM0ZGJiYjdmM2NmN2IxZGE4Yjk2NmZjZTNhYjAxZWRkYzNiMThlN2ZlMDhlZWRiYmNhMDRjNWQ0OGEzY2VhNzk4MTEzZTI1ZDczMDY0OTY1YjBlYzU0ZTZmN2VjMDc3MA&uuid=&pii=&in=false HTTP/1.1
Host: www.highcpmgate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.highcpmgate.com/api/users?token=L2cwcmN5YWFhYjc_a2V5PWE5NjljYTVjOWFkMjYxMTc2MmYxMWI3OWE1MjZlMmQyJnN1Ym1ldHJpYz0yMzA3MDU1MQ
Cookie: u_pl=23070551; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMzA3MDU1MSwiayI6Ijk1ZTZmMjFjZDM5M2Y1OWExODMzYjEwMzRkODk1MWVjIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozNzk1OTI5LCJwaWQiOjE4MjM3NzAsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MzEsImFpZCI6MjgsInB0Ijo0LCJwayI6ImcwcmN5YWFhYjciLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6IiIsImFyIjpbXX19.U2ebwFjEv1emnUSOTmNQTe-4rPP39OWIepgfVbZEwNQ; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.21.6
Date: Tue, 07 May 2024 21:44:27 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://wifescamara.click/c9b2l0k.php?key=j9bvotykda242i8ilk8f&SUB_ID_SHORT=39c08d636cac06620e0070b348b75f86&COST_CPC=&PLACEMENT_ID=23070551&CAMPAIGN_ID=1030445&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Linux&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&REMOTE_LANGUAGE=11&BANNER_ID=2904296
Set-Cookie: iprc8ff7060cc5feb29a444a9fba4e11f215=5206192; expires=Wed, 08 May 2024 21:44:27 GMT
pdhtkv=true; expires=Wed, 08 May 2024 21:44:27 GMT
uncs=1; expires=Wed, 08 May 2024 21:44:27 GMT
pdhtkv28=true; expires=Wed, 08 May 2024 21:44:27 GMT
uncs28=1; expires=Wed, 08 May 2024 21:44:27 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 033a464dcadfd10967b20b3dfd890e92
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| wifescamara.click/c9b2l0k.php?key=j9bvotykda242i8ilk8f&SUB_ID_SHORT=39c08d636cac06620e0070b348b75f86&COST_CPC=&PLACEMENT_ID=23070551&CAMPAIGN_ID=1030445&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Linux&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&REMOTE_LANGUAGE=11&BANNER_ID=2904296 | 192.64.81.118 | | 0 B |
URL wifescamara.click/c9b2l0k.php?key=j9bvotykda242i8ilk8f&SUB_ID_SHORT=39c08d636cac06620e0070b348b75f86&COST_CPC=&PLACEMENT_ID=23070551&CAMPAIGN_ID=1030445&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Linux&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&REMOTE_LANGUAGE=11&BANNER_ID=2904296 IP192.64.81.118:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c9b2l0k.php?key=j9bvotykda242i8ilk8f&SUB_ID_SHORT=39c08d636cac06620e0070b348b75f86&COST_CPC=&PLACEMENT_ID=23070551&CAMPAIGN_ID=1030445&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Linux&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&REMOTE_LANGUAGE=11&BANNER_ID=2904296 HTTP/1.1
Host: wifescamara.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.highcpmgate.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.22.0
Date: Tue, 07 May 2024 21:44:27 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: uclick=usbzfvdvwf; expires=Wed, 08-May-2024 21:44:27 GMT; Max-Age=86400; path=/; secure; SameSite=none
uclickhash=usbzfvdvwf-usbzfvdvwf-uoxs-0-usa30-9rq5dz-9rq5bl-0cc3ce; expires=Wed, 08-May-2024 21:44:27 GMT; Max-Age=86400; path=/; secure; SameSite=none
Location: https://gzeao.canopusacrux.com/?pl=dR1J35fCDkibR45g1XXjgg&click_id=8b3e9usbzfvdvwf85b&sub_id=23070551
Strict-Transport-Security: max-age=31536000
|
|
| gzeao.canopusacrux.com/?pl=dR1J35fCDkibR45g1XXjgg&click_id=8b3e9usbzfvdvwf85b&sub_id=23070551 | 188.114.97.1 | | 0 B |
URL gzeao.canopusacrux.com/?pl=dR1J35fCDkibR45g1XXjgg&click_id=8b3e9usbzfvdvwf85b&sub_id=23070551 IP188.114.97.1:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?pl=dR1J35fCDkibR45g1XXjgg&click_id=8b3e9usbzfvdvwf85b&sub_id=23070551 HTTP/1.1
Host: gzeao.canopusacrux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.highcpmgate.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Tue, 07 May 2024 21:44:28 GMT
content-length: 0
location: https://gzeao.check-tl-ver-154-1.com/allow-button/?pl=dR1J35fCDkibR45g1XXjgg&sm=allow-button&click_id=8b3e9usbzfvdvwf85b&sub_id=23070551&nrid=5a630eee73ca424ca7bf46d6924e2022&hash=gHyIUQb6z-cZDmLSwRLkSg&exp=1715118568
set-cookie: dR1J35fCDkibR45g1XXjgg=2; max-age=345600; path=/; samesite=lax
__pl=a0e2f9c3-e440-4f55-9731-1fa914278755; expires=Thu, 07 May 2026 21:44:28 GMT; path=/; samesite=lax
__cap=1; max-age=3600; path=/; samesite=lax
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8TN2RSdxc8nqtyjIAmE1SLaZlMAqQ%2BkvMH3ooIWrONJoVJ9YGly0Nm4lZegEAx5%2BPBufhRoZUgQal8EZM%2FzlM6Z7keAp0F8EPCC2fF77VIoW2FZVne2r6rtPXe40SBYapqmJ9evqDra4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880464379a64b4ee-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| gzeao.check-tl-ver-154-1.com/favicon.ico | 188.114.97.1 | | 0 B |
URL gzeao.check-tl-ver-154-1.com/favicon.ico IP188.114.97.1:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: gzeao.check-tl-ver-154-1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gzeao.check-tl-ver-154-1.com/allow-button/?pl=dR1J35fCDkibR45g1XXjgg&sm=allow-button&click_id=8b3e9usbzfvdvwf85b&sub_id=23070551&nrid=5a630eee73ca424ca7bf46d6924e2022&hash=gHyIUQb6z-cZDmLSwRLkSg&exp=1715118568
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Tue, 07 May 2024 21:44:28 GMT
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=abKK53%2FF48bmdSv1ildUvHwsk%2BCNrfRL4vK0p1Y%2BoATgwn06JDSo%2F7UH6Y4lXRJ7c8EJ3les3nlgntQXcPdbGGhmKvRtU%2BRHwKF7%2FIACJUYwQCgRScipxFP55nxSRO7K6xRbEVUDtKmWT%2BR8V66v"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8804643afc1fb50c-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gzeao.check-tl-ver-154-1.com/allow-button/assets/trls.js | 188.114.97.1 | | 25 kB |
URL gzeao.check-tl-ver-154-1.com/allow-button/assets/trls.js IP188.114.97.1:0
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (362), with CRLF line terminators Hashd4a23c4124d49f909abaef62a8bf47a5 e7b26553db1400d07f1b12137053ebe7b066972f 3efcd61ce47244f47b15c9f5d5749f79b2ddd57e51ebf995267ab02d4dcf2180
GET /allow-button/assets/trls.js HTTP/1.1
Host: gzeao.check-tl-ver-154-1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gzeao.check-tl-ver-154-1.com/allow-button/?pl=dR1J35fCDkibR45g1XXjgg&sm=allow-button&click_id=8b3e9usbzfvdvwf85b&sub_id=23070551&nrid=5a630eee73ca424ca7bf46d6924e2022&hash=gHyIUQb6z-cZDmLSwRLkSg&exp=1715118568
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 21:44:28 GMT
content-type: application/javascript
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: W/"6627c958-1e6a"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nk4t8B%2FkJBvyBy%2BYhQx%2FBuCEtRKKdWCDVh9JISzAz%2BmxkshmyIcu1dvbeWaUTKIso%2BQCGS%2Fsy5VN591RUu68nCmUbqnqYve3mdlocT0o2gfmu1Iot5i3GSiPDPm7TZJ7cfZTRE%2FUFYfoVOy1XuzV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88046439baadb50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js | 142.250.74.99 | | 9.9 kB |
URL www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js IP142.250.74.99:0
File typeJavaScript source, ASCII text, with very long lines (38231) Hash0541b823dfaf39162ef84cf075c9951b e0934726455558cc1a59823efada9651e33aafaa 21f1d62f222007068c793f0947d98f4ccb7c1595adb68efeb783390fdd8b5522
GET /firebasejs/10.3.1/firebase-messaging-compat.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gzeao.check-tl-ver-154-1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 9934
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 02:03:05 GMT
expires: Sat, 03 May 2025 02:03:05 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 31 Aug 2023 15:20:50 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 416483
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Early-Data: accepted
|
|
| gzeao.check-tl-ver-154-1.com/shared-js/assets/static-pl.js?v=2 | 188.114.97.1 | | 1.2 kB |
URL gzeao.check-tl-ver-154-1.com/shared-js/assets/static-pl.js?v=2 IP188.114.97.1:0
File typeJavaScript source, ASCII text, with CRLF line terminators Hash7224243dd0b18bb2508a1d77d4b2a0b2 bd833c24aa241861316053fd8bd46a1bef3d343f 920aa94a10634fc23234b5e4f55c428f6311fc7811d3591792381678cb492659
GET /shared-js/assets/static-pl.js?v=2 HTTP/1.1
Host: gzeao.check-tl-ver-154-1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gzeao.check-tl-ver-154-1.com/allow-button/?pl=dR1J35fCDkibR45g1XXjgg&sm=allow-button&click_id=8b3e9usbzfvdvwf85b&sub_id=23070551&nrid=5a630eee73ca424ca7bf46d6924e2022&hash=gHyIUQb6z-cZDmLSwRLkSg&exp=1715118568
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 21:44:28 GMT
content-type: application/javascript
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: W/"6627c958-dee"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nl2Zfi6ndCJn65GHZYpVUMAoIwqqDkJ7jOVI94r%2BGHMY%2BqUccw4NSOSDIlW3tTk45B0DAlBeMRAttPAgl%2BpuYuGhFiOAbjpF2k3%2B8GgC2ED%2FlaX7wHdQz%2FZewvVunW%2BNqfPcJqQYtvhzMM8e6sw%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88046439cab6b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| na.check-tl-ver-154-1.com/allow-button/?pl=dR1J35fCDkibR45g1XXjgg&sm=allow-button&click_id=8b3e9usbzfvdvwf85b&sub_id=23070551&nrid=5a630eee73ca424ca7bf46d6924e2022&hash=gHyIUQb6z-cZDmLSwRLkSg&exp=1715118568 | 188.114.97.1 | | 17 kB |
URL na.check-tl-ver-154-1.com/allow-button/?pl=dR1J35fCDkibR45g1XXjgg&sm=allow-button&click_id=8b3e9usbzfvdvwf85b&sub_id=23070551&nrid=5a630eee73ca424ca7bf46d6924e2022&hash=gHyIUQb6z-cZDmLSwRLkSg&exp=1715118568 IP188.114.97.1:0
File typeHTML document, ASCII text, with very long lines (10169) Hash80f93dbb557a8864dc665d0ce557af58 963f36ccd9c2e63967ea3a66d051a8b4b7e08ab6 ee4d53ba73ffa074d944eae12df6386888e842ce4ca82d0ca6d6779256257f3b
GET /allow-button/?pl=dR1J35fCDkibR45g1XXjgg&sm=allow-button&click_id=8b3e9usbzfvdvwf85b&sub_id=23070551&nrid=5a630eee73ca424ca7bf46d6924e2022&hash=gHyIUQb6z-cZDmLSwRLkSg&exp=1715118568 HTTP/1.1
Host: na.check-tl-ver-154-1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gzeao.check-tl-ver-154-1.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 21:44:28 GMT
content-type: text/html
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QK%2BrHvGmasiRKnVzqQ9vpVvrnsMNYq8qfsg%2FkWVH2o7eBjwOTvV%2F%2B%2BpsxZIUQ4pdY9gzK1tPfmT%2FWdwl9IDQHr%2BO0mJdQrHzOcdwUNXbQMZGpfjOVa6%2Fibyu0uC%2BvCk9bXJkH7SKdrij1ycI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804643ccdfab50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js | 142.250.74.99 | | 9.9 kB |
URL www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js IP142.250.74.99:0
File typeJavaScript source, ASCII text, with very long lines (38231) Hash0541b823dfaf39162ef84cf075c9951b e0934726455558cc1a59823efada9651e33aafaa 21f1d62f222007068c793f0947d98f4ccb7c1595adb68efeb783390fdd8b5522
GET /firebasejs/10.3.1/firebase-messaging-compat.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://na.check-tl-ver-154-1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 9934
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 02:03:05 GMT
expires: Sat, 03 May 2025 02:03:05 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 31 Aug 2023 15:20:50 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 416484
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| glugherg.net/sftouch?userId=0080551e1e3c4ac6eebd19fc50b5986b&z=6662145&p_rid=7647e17a-8ab8-4b58-9c45-24d1e5cb05ab&p_src=sf&branchId=0&rb=6AftwZe3bwPFQXf9OCODvCaHEWtPpbYUazv813WwAZz5sxgj-cAtdej9ROmkgVhf_uAbLOi9ynSVfp1KVFfkQxaXwujxG6XKYQnerdibqS5t09KLdbb3SA2shlJrcJaHnwXKPmVE6kt3ogGZCkTTdcrbV1J6TfaMBcPoo36LdvHNPyUp8aLCJpzrlH67smAVU4qQVRQXxv1uzub7eNFVB65m-hjFSdGdqWyNFBTihzI= | 139.45.197.237 | | 2 B |
URL glugherg.net/sftouch?userId=0080551e1e3c4ac6eebd19fc50b5986b&z=6662145&p_rid=7647e17a-8ab8-4b58-9c45-24d1e5cb05ab&p_src=sf&branchId=0&rb=6AftwZe3bwPFQXf9OCODvCaHEWtPpbYUazv813WwAZz5sxgj-cAtdej9ROmkgVhf_uAbLOi9ynSVfp1KVFfkQxaXwujxG6XKYQnerdibqS5t09KLdbb3SA2shlJrcJaHnwXKPmVE6kt3ogGZCkTTdcrbV1J6TfaMBcPoo36LdvHNPyUp8aLCJpzrlH67smAVU4qQVRQXxv1uzub7eNFVB65m-hjFSdGdqWyNFBTihzI= IP139.45.197.237:0
File typeASCII text, with no line terminators Hash444bcb3a3fcf8389296c49467f27e1d6 7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /sftouch?userId=0080551e1e3c4ac6eebd19fc50b5986b&z=6662145&p_rid=7647e17a-8ab8-4b58-9c45-24d1e5cb05ab&p_src=sf&branchId=0&rb=6AftwZe3bwPFQXf9OCODvCaHEWtPpbYUazv813WwAZz5sxgj-cAtdej9ROmkgVhf_uAbLOi9ynSVfp1KVFfkQxaXwujxG6XKYQnerdibqS5t09KLdbb3SA2shlJrcJaHnwXKPmVE6kt3ogGZCkTTdcrbV1J6TfaMBcPoo36LdvHNPyUp8aLCJpzrlH67smAVU4qQVRQXxv1uzub7eNFVB65m-hjFSdGdqWyNFBTihzI= HTTP/1.1
Host: glugherg.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://glugherg.net
DNT: 1
Connection: keep-alive
Referer: https://glugherg.net/4/6662145
Cookie: OAID=0080551e1e3c4ac6eebd19fc50b5986b; oaidts=1715118269
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 21:44:29 GMT
content-type: text/plain
content-length: 2
x-trace-id: d747b8c94fd2ae3445379d0054c0f91b
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://glugherg.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| cdnstatic.check-tl-ver-154-1.com/ps/tb?id=dR1J35fCDkibR45g1XXjgg&sm=allow-button&sub_id=23070551&click_id=8b3e9usbzfvdvwf85b&nrid=ce6e270a5e6d7508e3c55d7dbd6fe51e&reason=tb_exit&attempt=2 | 188.114.97.1 | | 14 kB |
URL cdnstatic.check-tl-ver-154-1.com/ps/tb?id=dR1J35fCDkibR45g1XXjgg&sm=allow-button&sub_id=23070551&click_id=8b3e9usbzfvdvwf85b&nrid=ce6e270a5e6d7508e3c55d7dbd6fe51e&reason=tb_exit&attempt=2 IP188.114.97.1:0
File typeHTML document, ASCII text, with CRLF line terminators Hashf6dcca680a4d5fe1e3c9a5e8035b5c90 9362a4e50a3aaa0115daae01b4d28778c9bca070 5dd762ac2af693c86641ae5dc26c78566329fc590b7ca72dc34ed53151feafe3
GET /ps/tb?id=dR1J35fCDkibR45g1XXjgg&sm=allow-button&sub_id=23070551&click_id=8b3e9usbzfvdvwf85b&nrid=ce6e270a5e6d7508e3c55d7dbd6fe51e&reason=tb_exit&attempt=2 HTTP/1.1
Host: cdnstatic.check-tl-ver-154-1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://na.check-tl-ver-154-1.com/
Cookie: __psu=b0a6071c-25b8-49ca-89ef-53da647ce2a4
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 21:44:29 GMT
content-type: text/html
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FiKjv7o55hyYs0kRGGJVfsCHsNdzkbtuJ6vjXDr1a3vFJbjdX5cxhCl%2BwkSUhhwk%2F2VNQBqMFbwWRucZuB%2BXtb2IOEnk9p9QH07gQ1%2FchJJt54TLz%2FSYxalrHah3LxqAAwbrBDvp5vwZ9JajMsXeEbrqrg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804643f1854b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| glugherg.net/favicon.ico | 139.45.197.237 | | 0 B |
IP139.45.197.237:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: glugherg.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://glugherg.net/4/6662145
Cookie: OAID=0080551e1e3c4ac6eebd19fc50b5986b; oaidts=1715118269
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Tue, 07 May 2024 21:44:29 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
pragma: public
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
X-Firefox-Spdy: h2
|
|
| glugherg.net/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=7647e17a-8ab8-4b58-9c45-24d1e5cb05ab | 139.45.197.237 | | 12 B |
URL glugherg.net/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=7647e17a-8ab8-4b58-9c45-24d1e5cb05ab IP139.45.197.237:0
Hashadb4650bfc9d2a73d4dd69583b0ceb14 1ce399d6e936232aaf2192cd7903a279c5015f22 21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=7647e17a-8ab8-4b58-9c45-24d1e5cb05ab HTTP/1.1
Host: glugherg.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1381
Origin: https://glugherg.net
DNT: 1
Connection: keep-alive
Referer: https://glugherg.net/4/6662145
Cookie: OAID=0080551e1e3c4ac6eebd19fc50b5986b; oaidts=1715118269
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 21:44:29 GMT
content-type: application/json; charset=utf-8
content-length: 12
access-control-allow-origin: https://glugherg.net
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
|
|
| glugherg.net/?z=6662145&syncedCookie=true&rhd=false | 139.45.197.237 | | 0 B |
URL glugherg.net/?z=6662145&syncedCookie=true&rhd=false IP139.45.197.237:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /?z=6662145&syncedCookie=true&rhd=false HTTP/1.1
Host: glugherg.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 520
Origin: https://glugherg.net
DNT: 1
Connection: keep-alive
Referer: https://glugherg.net/afu.php?zoneid=6662145&var=6662145&rid=XXz4jyvWNyEJSqRKY8d18w%3D%3D&rhd=false&ab2r=0&sf=1
Cookie: OAID=0080551e1e3c4ac6eebd19fc50b5986b; oaidts=1715118269
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Tue, 07 May 2024 21:44:30 GMT
content-length: 0
location: https://millinschioner.com/cac6f840-a47c-4cc3-bd0f-02a6f8972f0d?zoneid=6662145&bannerid=20854761&zonetype={zone_type}&campaignid=8131625&device=desktop®ion=03&isp=blix group as&useragent=Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0&language=en&connectiontype=broadband&cost=0.001050&visitor_id=811827463440306993
x-trace-id: 477296cb40cad4cab540aba4523f3938
link: <https://millinschioner.com>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
referrer-policy: no-referrer
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://glugherg.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=0080551e1e3c4ac6eebd19fc50b5986b; expires=Wed, 07 May 2025 21:44:30 GMT; path=/; secure; SameSite=None
oaidts=1715118269; expires=Wed, 07 May 2025 21:44:30 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Tue, 14 May 2024 21:44:30 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| millinschioner.com/cac6f840-a47c-4cc3-bd0f-02a6f8972f0d?zoneid=6662145&bannerid=20854761&zonetype={zone_type}&campaignid=8131625&device=desktop®ion=03&isp=blix%20group%20as&useragent=Mozilla/5.0%20(X11;%20Linux%20x86_64;%20rv:96.0)%20Gecko/20100101%20Firefox/96.0&language=en&connectiontype=broadband&cost=0.001050&visitor_id=811827463440306993 | 143.204.55.94 | | 0 B |
URL millinschioner.com/cac6f840-a47c-4cc3-bd0f-02a6f8972f0d?zoneid=6662145&bannerid=20854761&zonetype={zone_type}&campaignid=8131625&device=desktop®ion=03&isp=blix%20group%20as&useragent=Mozilla/5.0%20(X11;%20Linux%20x86_64;%20rv:96.0)%20Gecko/20100101%20Firefox/96.0&language=en&connectiontype=broadband&cost=0.001050&visitor_id=811827463440306993 IP143.204.55.94:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cac6f840-a47c-4cc3-bd0f-02a6f8972f0d?zoneid=6662145&bannerid=20854761&zonetype={zone_type}&campaignid=8131625&device=desktop®ion=03&isp=blix%20group%20as&useragent=Mozilla/5.0%20(X11;%20Linux%20x86_64;%20rv:96.0)%20Gecko/20100101%20Firefox/96.0&language=en&connectiontype=broadband&cost=0.001050&visitor_id=811827463440306993 HTTP/1.1
Host: millinschioner.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-length: 0
location: https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w0a175f2ff2t1l41jh45hm44
date: Tue, 07 May 2024 21:44:30 GMT
cache-control: no-store, no-cache, pre-check=0, post-check=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: cac6f840-a47c-4cc3-bd0f-02a6f8972f0d-v4=_DH4ZPxer-qoxXP_qLxw4yrB9qMvz8omtW_d7_dh6Og; Max-Age=86400; Expires=Wed, 08-May-2024 21:44:30 GMT; Domain=millinschioner.com; Path=/; Secure; HttpOnly;SameSite=None
voluum-cid-v4=%7B%22cid%22%3A%22w0a175f2ff2t1l41jh45hm44%22%2C%22caid%22%3A%22cac6f840-a47c-4cc3-bd0f-02a6f8972f0d%22%7D; Max-Age=31536000; Expires=Wed, 07-May-2025 21:44:30 GMT; Domain=millinschioner.com; Path=/; Secure; HttpOnly;SameSite=None
server: nginx
x-cache: Miss from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: KLoClOSOhzCIIfjj6VBuiGZaVdb6BRFbbYU8JcstiwAukscTCy3yIg==
X-Firefox-Spdy: h2
|
|
| game2.betgames.tv/design/client/js/betgames.js | 104.22.9.110 | 200 OK | 7.7 kB |
URL GET HTTP/2game2.betgames.tv/design/client/js/betgames.js IP104.22.9.110:443
Requested byhttps://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w0a175f2ff2t1l41jh45hm44 CertificateIssuerLet's Encrypt Subjectbetgames.tv FingerprintEB:6D:BF:4F:D4:6D:8A:9F:6F:6A:8C:82:FB:F3:57:DD:D6:A0:60:22 ValidityFri, 29 Mar 2024 23:11:11 GMT - Thu, 27 Jun 2024 23:11:10 GMT
File typeJavaScript source, ASCII text, with very long lines (22948) Hash8182cf2fbe5d5b58e14579040d91eb2d 5b95855cce7900400f07b5063f56d78b04db4500 72fef9f42edc4827834657d137e2a979817b7bfdbcdf097d3b4dcb24a22c0e4e
GET /design/client/js/betgames.js HTTP/1.1
Host: game2.betgames.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 21:44:32 GMT
content-type: application/javascript
content-length: 7659
last-modified: Tue, 07 May 2024 13:38:18 GMT
vary: Accept-Encoding
etag: W/"663a2eca-59c9"
expires: Tue, 07 May 2024 21:44:31 GMT
cache-control: no-cache
content-encoding: gzip
x-ttl: 0.000
x-cache: M
cf-cache-status: REVALIDATED
accept-ranges: bytes
strict-transport-security: max-age=0; includeSubDomains
server: cloudflare
cf-ray: 880464543aa90b3d-OSL
X-Firefox-Spdy: h2
|
|
| cdn.onesignal.com/sdks/web/v16/OneSignalSDK.page.js | 104.16.160.145 | | 1.3 kB |
URL cdn.onesignal.com/sdks/web/v16/OneSignalSDK.page.js IP104.16.160.145:0
File typeJavaScript source, ASCII text, with very long lines (1695) Hashe97acd0bc7104d45af67c0c1d883418e 0deae2a69922785d45b51d53c4e6fce053631742 d1cc8e2214a41a9230081c383912319694ad158fac9483a22ec3f6230af88826
GET /sdks/web/v16/OneSignalSDK.page.js HTTP/1.1
Host: cdn.onesignal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 21:44:32 GMT
content-type: application/javascript
etag: W/"e97acd0bc7104d45af67c0c1d883418e"
access-control-allow-headers: OneSignal-Subscription-Id
via: 1.1 google
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 158
expires: Fri, 10 May 2024 21:44:32 GMT
cache-control: public, max-age=259200
set-cookie: __cf_bm=EHe55MVgmBqtj89zpE6U.EmX.Rr.TobeA4Hs98PyApk-1715118272-1.0.1.1-a7rDn15peX41XJZR93i9ZJhj7EasbiOyU36pF9l4mjHKdBkKj8opTT1giClZJmvSPECrDIhWxTtKufgS6EyGPA; path=/; expires=Tue, 07-May-24 22:14:32 GMT; domain=.onesignal.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
cf-ray: 880464541d5c56b4-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w0a175f2ff2t1l41jh45hm44 | 104.21.11.147 | 200 OK | 1.2 MB |
URL User Request GET HTTP/2alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w0a175f2ff2t1l41jh45hm44 IP104.21.11.147:443
CertificateIssuerGoogle Trust Services LLC Subjectalphabookbet.com Fingerprint24:32:C4:83:7D:C1:33:4D:0D:18:31:71:12:62:C6:5F:4E:76:A2:88 ValidityTue, 16 Apr 2024 09:14:41 GMT - Mon, 15 Jul 2024 09:14:40 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (28166) Size1.2 MB (1235182 bytes) Hashf3753b6b11f267ef69ea91e72f5ec080 12160c0337b03f8f3f2b13dfeb13821e0d3a7b53 5afdf9fa0f862066421f79109e3b96f30483027c7e618e7c50c7dc7996e6d7ad
GET /en/games?partner=p55317p55622p2ac1&subid=w0a175f2ff2t1l41jh45hm44 HTTP/1.1
Host: alphabookbet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 21:44:31 GMT
content-type: text/html
content-security-policy: frame-ancestors 'self' alphabookbet101.com alphabookbet.com
set-cookie: locale=en; Max-Age=31536000; Domain=.alphabookbet.com; Path=/; Expires=Wed, 07 May 2025 21:44:30 GMT
deviceType=desktop; Max-Age=2592000; Domain=.alphabookbet.com; Path=/; Expires=Thu, 06 Jun 2024 21:44:30 GMT
isPwa=false; Max-Age=2592000; Domain=.alphabookbet.com; Path=/; Expires=Thu, 06 Jun 2024 21:44:30 GMT
userTrackingCodes=%7B%22btag%22%3A%22p55317p55622p2ac1%26subid%3Dw0a175f2ff2t1l41jh45hm44%22%7D; Max-Age=2592000; Domain=.alphabookbet.com; Path=/; Expires=Thu, 06 Jun 2024 21:44:30 GMT
connect.sid=s%3AWpglnwRIHN7t2D-25pqN5s63FUYywB8D.FAbg8cu1wc4b9gqGFbLM%2FXGgwIhrAUSs5nsuZkShLus; Path=/; Expires=Tue, 07 May 2024 21:45:31 GMT; HttpOnly
x-pool-number: 1
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yaQuyCWuWQRyZmSHrGvX9mxr%2FSvPi03zilHVrRHkuiftRouspbGyE2GT8BSYcv9wVVcly1JkSbZVujfX1wn%2Byws75QA6nAKNolPAWc9Up7RITcmJP2hlrl8fVYJkM5qP7ndW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880464454d800afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-LWDH4XKP02 | 142.250.74.168 | 200 OK | 102 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=G-LWDH4XKP02 IP142.250.74.168:443
Requested byhttps://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w0a175f2ff2t1l41jh45hm44 CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (5955) Size102 kB (101590 bytes) Hash3550c607ad051317f28e17af33dca4ba 658c3d5324ffb57ddd9ff22a1682075f6fe9d90b 54e7bfa89269734a63b400d9ad65036c08b6e0e654b580d52ba1d63eeabb6284
GET /gtag/js?id=G-LWDH4XKP02 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 07 May 2024 21:44:32 GMT
expires: Tue, 07 May 2024 21:44:32 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 101590
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| gzeao.check-tl-ver-154-1.com/allow-button/assets/style.css | 188.114.97.1 | | 49 kB |
URL gzeao.check-tl-ver-154-1.com/allow-button/assets/style.css IP188.114.97.1:0
File typeASCII text, with CRLF line terminators Hash30d80b4eb5d929d058548bf104eadf4a a73cd37a03442a044821fd15d89f70e565f43c9d e992932bc74e41cb59108c3700c7bd98f941c475ac2a19d2c0b48964551901f2
GET /allow-button/assets/style.css HTTP/1.1
Host: gzeao.check-tl-ver-154-1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gzeao.check-tl-ver-154-1.com/allow-button/?pl=dR1J35fCDkibR45g1XXjgg&sm=allow-button&click_id=8b3e9usbzfvdvwf85b&sub_id=23070551&nrid=5a630eee73ca424ca7bf46d6924e2022&hash=gHyIUQb6z-cZDmLSwRLkSg&exp=1715118568
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 21:44:28 GMT
content-type: text/css
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: W/"6627c958-253"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BROhg%2FilQRH4Zb1xTzyyMVaHg7g3F8DwHLF72XHfj8N1Zkd%2BvCjI%2Bpc3T5oHz3ww2MWzX2nJ65HwXv75OHsdOx6jLoardjrYlVMxqYLtbsXpPNjNTlaW7Wjhks0Scxg0HIXHvwd7Xde%2B1CGXcdLS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88046439bab3b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| alphabookbet.com/assets/public/producers-icon/spinomenal-small.png | 104.21.11.147 | | 44 kB |
URL alphabookbet.com/assets/public/producers-icon/spinomenal-small.png IP104.21.11.147:0
CertificateIssuerGoogle Trust Services LLC Subjectalphabookbet.com Fingerprint24:32:C4:83:7D:C1:33:4D:0D:18:31:71:12:62:C6:5F:4E:76:A2:88 ValidityTue, 16 Apr 2024 09:14:41 GMT - Mon, 15 Jul 2024 09:14:40 GMT
File typePNG image data, 72 x 72, 8-bit/color RGBA, non-interlaced Hashfd5f5a0cab35e1d2767a8fd191d42003 e5b0f012c0836257c20690df5dd8095ef541a931 14e3944d71127fe868507ef1789f81ede789d1e1b775ac182fbce7e271a81593
GET /assets/public/producers-icon/spinomenal-small.png HTTP/1.1
Host: alphabookbet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w0a175f2ff2t1l41jh45hm44
Cookie: locale=en; deviceType=desktop; isPwa=false; userTrackingCodes=%7B%22btag%22%3A%22p55317p55622p2ac1%26subid%3Dw0a175f2ff2t1l41jh45hm44%22%7D; connect.sid=s%3AWpglnwRIHN7t2D-25pqN5s63FUYywB8D.FAbg8cu1wc4b9gqGFbLM%2FXGgwIhrAUSs5nsuZkShLus
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 21:44:32 GMT
content-type: image/png
last-modified: Thu, 02 May 2024 08:08:51 GMT
etag: W/"66334a13-b4e"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5997
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FBm8dLXTPsaVQcNkb0FWPjxIj376PWaz0%2BvSilVHmaF%2F0ar%2Fs%2FZI0exEKaIKCyndLVdGdYYlljPBEf7Gc71VIAcxDiVj88m2W68bHkNhbhbBz4V24YdjvBFKLagcDzUxqqcn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88046453ad59b51d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| alphabookbet.com/assets/public/producers-icon/game-corps.png | 104.21.11.147 | | 42 kB |
URL alphabookbet.com/assets/public/producers-icon/game-corps.png IP104.21.11.147:0
CertificateIssuerGoogle Trust Services LLC Subjectalphabookbet.com Fingerprint24:32:C4:83:7D:C1:33:4D:0D:18:31:71:12:62:C6:5F:4E:76:A2:88 ValidityTue, 16 Apr 2024 09:14:41 GMT - Mon, 15 Jul 2024 09:14:40 GMT
File typePNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced Hash748be780d7ff9c4c51137487a98b60ea dd143f656a2c9742d18d1bba08496761437dcc85 0e862a5bb73200de6c3737357ba183856b88b2609e4053db89c3374e4de902c9
GET /assets/public/producers-icon/game-corps.png HTTP/1.1
Host: alphabookbet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w0a175f2ff2t1l41jh45hm44
Cookie: locale=en; deviceType=desktop; isPwa=false; userTrackingCodes=%7B%22btag%22%3A%22p55317p55622p2ac1%26subid%3Dw0a175f2ff2t1l41jh45hm44%22%7D; connect.sid=s%3AWpglnwRIHN7t2D-25pqN5s63FUYywB8D.FAbg8cu1wc4b9gqGFbLM%2FXGgwIhrAUSs5nsuZkShLus
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 21:44:32 GMT
content-type: image/png
last-modified: Thu, 02 May 2024 08:08:51 GMT
etag: W/"66334a13-a66"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5708
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bs7zx9lYWBT1zfqhqd1rKtGwCGHHcHC352bPr9dBShQvoSyLVH42EgYqwMMMlv2NBZFJfcOp%2Fngap8snlJw9uSLcKh8rzrIx4MosLd6iJTF%2BFuL1URsWmn%2BTsSqtJfOx4%2F4H"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88046453bd8db51d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| alphabookbet.com/assets/public/fonts/mori/PPMori-Regular.woff2 | 104.21.11.147 | 200 OK | 37 kB |
URL GET HTTP/3alphabookbet.com/assets/public/fonts/mori/PPMori-Regular.woff2 IP104.21.11.147:443
Requested byhttps://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w0a175f2ff2t1l41jh45hm44 CertificateIssuerGoogle Trust Services LLC Subjectalphabookbet.com Fingerprint24:32:C4:83:7D:C1:33:4D:0D:18:31:71:12:62:C6:5F:4E:76:A2:88 ValidityTue, 16 Apr 2024 09:14:41 GMT - Mon, 15 Jul 2024 09:14:40 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 36944, version 1.0 Hash167e1cf5fed6b58439cac0f8cbc8b112 6257b8db5be9b64ac8df883bd15f93549bc5fd3a 87a8c06a966031596415b7d116bcdad5fc51e32b613b386491094a87a0e36714
GET /assets/public/fonts/mori/PPMori-Regular.woff2 HTTP/1.1
Host: alphabookbet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/assets/theme.31e3a9f5096fcfb21796.css
Cookie: locale=en; deviceType=desktop; isPwa=false; userTrackingCodes=%7B%22btag%22%3A%22p55317p55622p2ac1%26subid%3Dw0a175f2ff2t1l41jh45hm44%22%7D; connect.sid=s%3AWpglnwRIHN7t2D-25pqN5s63FUYywB8D.FAbg8cu1wc4b9gqGFbLM%2FXGgwIhrAUSs5nsuZkShLus
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 21:44:35 GMT
content-type: application/octet-stream
content-length: 36944
last-modified: Thu, 02 May 2024 08:08:51 GMT
etag: "66334a13-9050"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6410
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qv%2FW4%2Fgs%2FUOOCyIQ2%2Fn%2FBkCaI6C7YyilPy%2FmhzNjoabjC5sd2y08%2F3%2BmrJYQFo6ZaMlwgPzMvzkApU8Z4Iyv7JetDM9oQxBbwG8ty2WG5pcF46eerSoTK%2BNw9QWuuqy%2FV3Vx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880464644deab51d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| alphabookbet.com/assets/public/fonts/mori/PPMori-SemiBold.woff2 | 104.21.11.147 | | 39 kB |
URL alphabookbet.com/assets/public/fonts/mori/PPMori-SemiBold.woff2 IP104.21.11.147:0
CertificateIssuerGoogle Trust Services LLC Subjectalphabookbet.com Fingerprint24:32:C4:83:7D:C1:33:4D:0D:18:31:71:12:62:C6:5F:4E:76:A2:88 ValidityTue, 16 Apr 2024 09:14:41 GMT - Mon, 15 Jul 2024 09:14:40 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 39232, version 1.0 Hashaeaeff9cb640c265ebcf5beeb9a597f0 72b5f06ea439ef489343d58f31c1d1a27820c441 ae7907fb3dd3338d731906393f793e9d14e6a74c3e557866ce77a1ef99cd7d15
GET /assets/public/fonts/mori/PPMori-SemiBold.woff2 HTTP/1.1
Host: alphabookbet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/assets/theme.31e3a9f5096fcfb21796.css
Cookie: locale=en; deviceType=desktop; isPwa=false; userTrackingCodes=%7B%22btag%22%3A%22p55317p55622p2ac1%26subid%3Dw0a175f2ff2t1l41jh45hm44%22%7D; connect.sid=s%3AWpglnwRIHN7t2D-25pqN5s63FUYywB8D.FAbg8cu1wc4b9gqGFbLM%2FXGgwIhrAUSs5nsuZkShLus
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 21:44:35 GMT
content-type: application/octet-stream
content-length: 39232
last-modified: Thu, 02 May 2024 08:08:51 GMT
etag: "66334a13-9940"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6410
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C%2F2R0Lzj8ImJxSukNeucpzHmx1MxZFIYQlwoO8PqWhlguCttqzh6BKbTzmBEz%2FJjOPBI52ydfHP56%2Fsyqe%2FesTDQkwem9TQ2r%2FHHe81MoyiPdCSTGWs%2FQTOIVY%2FTfdm9rEQr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880464644df1b51d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| alphabookbet.com/assets/public/fonts/mori/PPMori-Bold.woff2 | 104.21.11.147 | | 41 kB |
URL alphabookbet.com/assets/public/fonts/mori/PPMori-Bold.woff2 IP104.21.11.147:0
CertificateIssuerGoogle Trust Services LLC Subjectalphabookbet.com Fingerprint24:32:C4:83:7D:C1:33:4D:0D:18:31:71:12:62:C6:5F:4E:76:A2:88 ValidityTue, 16 Apr 2024 09:14:41 GMT - Mon, 15 Jul 2024 09:14:40 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 41268, version 1.0 Hashb9eb4972777f0182fe841bbc280e5cde edc69b1aa4b56048ea6b5c0217dabe8144036e25 d37ab938d33fe41fec69cc38c301a5ab7cb5ab928dba29d9e9407582e08d3d24
GET /assets/public/fonts/mori/PPMori-Bold.woff2 HTTP/1.1
Host: alphabookbet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/assets/theme.31e3a9f5096fcfb21796.css
Cookie: locale=en; deviceType=desktop; isPwa=false; userTrackingCodes=%7B%22btag%22%3A%22p55317p55622p2ac1%26subid%3Dw0a175f2ff2t1l41jh45hm44%22%7D; connect.sid=s%3AWpglnwRIHN7t2D-25pqN5s63FUYywB8D.FAbg8cu1wc4b9gqGFbLM%2FXGgwIhrAUSs5nsuZkShLus
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 21:44:35 GMT
content-type: application/octet-stream
content-length: 41268
last-modified: Thu, 02 May 2024 08:08:51 GMT
etag: "66334a13-a134"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6410
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HMd77dEXyvfYbXYaocHy%2BI1gStXrfLdOD72FoSnsAamDmP8NjtCAeuMAD3fZfYV9AcqxiOJ0PYrc%2FlUZHVLNF6gm3L5PvXc0gTd92XPu%2FVP%2BA%2Bdrg7lIK%2F0ev66NDktoJcwS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880464644df4b51d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| alphabookbet.com/assets/theme.31e3a9f5096fcfb21796.css | 104.21.11.147 | | 92 kB |
URL alphabookbet.com/assets/theme.31e3a9f5096fcfb21796.css IP104.21.11.147:0
CertificateIssuerGoogle Trust Services LLC Subjectalphabookbet.com Fingerprint24:32:C4:83:7D:C1:33:4D:0D:18:31:71:12:62:C6:5F:4E:76:A2:88 ValidityTue, 16 Apr 2024 09:14:41 GMT - Mon, 15 Jul 2024 09:14:40 GMT
File typeASCII text, with very long lines (65536), with no line terminators Hash9e3d97082252b00b8a10c29613d380b6 9a55a663e6e245ffd5e78b1d93fc8966a0ab62c1 08ffc785f99054ed11e44f47a3261e5df269bfecf8c9f58fbc02f033006dc90a
GET /assets/theme.31e3a9f5096fcfb21796.css HTTP/1.1
Host: alphabookbet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w0a175f2ff2t1l41jh45hm44
Cookie: locale=en; deviceType=desktop; isPwa=false; userTrackingCodes=%7B%22btag%22%3A%22p55317p55622p2ac1%26subid%3Dw0a175f2ff2t1l41jh45hm44%22%7D; connect.sid=s%3AWpglnwRIHN7t2D-25pqN5s63FUYywB8D.FAbg8cu1wc4b9gqGFbLM%2FXGgwIhrAUSs5nsuZkShLus
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 21:44:32 GMT
content-type: text/css
last-modified: Thu, 02 May 2024 08:08:51 GMT
etag: W/"66334a13-b2ae9"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1998
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cIFS5EbLrf4AR9kld2xc8yJ4Kks620%2B6ypcC4ZX8WBCe%2BKKdr8bp7jy8LVNNTc70bIfvKSmotCdssULL6NLBd6xdv2fQj96QqMJpNubnG1iY1R3xUZiymy7jbNVUdoZnRjjc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880464539d47b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| alphabookbet.com/assets/public/fonts/mori/PPMori-Regular.woff2 | 104.21.11.147 | 200 OK | 37 kB |
URL GET HTTP/3alphabookbet.com/assets/public/fonts/mori/PPMori-Regular.woff2 IP104.21.11.147:443
Requested byhttps://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w0a175f2ff2t1l41jh45hm44 CertificateIssuerGoogle Trust Services LLC Subjectalphabookbet.com Fingerprint24:32:C4:83:7D:C1:33:4D:0D:18:31:71:12:62:C6:5F:4E:76:A2:88 ValidityTue, 16 Apr 2024 09:14:41 GMT - Mon, 15 Jul 2024 09:14:40 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 36944, version 1.0 Hash167e1cf5fed6b58439cac0f8cbc8b112 6257b8db5be9b64ac8df883bd15f93549bc5fd3a 87a8c06a966031596415b7d116bcdad5fc51e32b613b386491094a87a0e36714
GET /assets/public/fonts/mori/PPMori-Regular.woff2 HTTP/1.1
Host: alphabookbet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/assets/theme.31e3a9f5096fcfb21796.css
Cookie: locale=en; deviceType=desktop; isPwa=false; userTrackingCodes=%7B%22btag%22%3A%22p55317p55622p2ac1%26subid%3Dw0a175f2ff2t1l41jh45hm44%22%7D; connect.sid=s%3AWpglnwRIHN7t2D-25pqN5s63FUYywB8D.FAbg8cu1wc4b9gqGFbLM%2FXGgwIhrAUSs5nsuZkShLus
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 21:44:35 GMT
content-type: application/octet-stream
content-length: 36944
last-modified: Thu, 02 May 2024 08:08:51 GMT
etag: "66334a13-9050"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6410
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v%2F%2BC7JUkM2ze7APa8byc%2Bw69%2FLeYcReeM%2F%2Fe7Foen2AyUS%2B23b4k2n2rUGP86s4hmO4H4TL%2BP2Vf0PK4KQPAb63QnalfbOqSoVtSH9zmHdbHLlk28b4D74kAefc1pqPg%2Bm4Z"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880464644df5b51d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| licensing.gaming-curacao.com/images/gc-logo.png | 172.67.20.245 | 200 OK | 23 kB |
URL GET HTTP/2licensing.gaming-curacao.com/images/gc-logo.png IP172.67.20.245:443
Requested byhttps://licensing.gaming-curacao.com/validator/?lh=ef5d00f94b7d7146760f228013c4867a&template=tseal CertificateIssuerLet's Encrypt Subjectgaming-curacao.com Fingerprint44:CF:7C:81:A0:6F:EE:C8:08:34:16:FE:D7:77:43:F2:08:68:DC:44 ValidityMon, 08 Apr 2024 03:14:27 GMT - Sun, 07 Jul 2024 03:14:26 GMT
File typePNG image data, 467 x 153, 8-bit/color RGBA, non-interlaced Hash345b8202717ca046a3a42458c4195889 8191ac7afafd013f5c6202cd8fc0cb9bfe47ae19 1fe41354b33c5e3476dd644b879cb89bf596193b46b036ce3a3b6c097a21ca53
GET /images/gc-logo.png HTTP/1.1
Host: licensing.gaming-curacao.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://licensing.gaming-curacao.com/validator/?lh=ef5d00f94b7d7146760f228013c4867a&template=tseal
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 21:44:36 GMT
content-type: image/png
content-length: 23156
last-modified: Fri, 12 Oct 2018 11:28:23 GMT
etag: "5a74-57806629ac3c0"
cache-control: max-age=14400
cf-cache-status: HIT
age: 413
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 88046469e9425699-OSL
X-Firefox-Spdy: h2
|
|
| na.check-tl-ver-154-1.com/allow-button/assets/style.css | 188.114.97.1 | | 16 kB |
URL na.check-tl-ver-154-1.com/allow-button/assets/style.css IP188.114.97.1:0
File typeASCII text, with CRLF line terminators Hash30d80b4eb5d929d058548bf104eadf4a a73cd37a03442a044821fd15d89f70e565f43c9d e992932bc74e41cb59108c3700c7bd98f941c475ac2a19d2c0b48964551901f2
GET /allow-button/assets/style.css HTTP/1.1
Host: na.check-tl-ver-154-1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://na.check-tl-ver-154-1.com/allow-button/?pl=dR1J35fCDkibR45g1XXjgg&sm=allow-button&click_id=8b3e9usbzfvdvwf85b&sub_id=23070551&nrid=5a630eee73ca424ca7bf46d6924e2022&hash=gHyIUQb6z-cZDmLSwRLkSg&exp=1715118568
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 21:44:29 GMT
content-type: text/css
last-modified: Tue, 23 Apr 2024 14:44:40 GMT
etag: W/"6627c958-253"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qk9G%2BLXZ4KDXwDi6ZYBDhP8eF1pUojdE00hw0J2OnTF8H5lRx30XHNQePOhtsZn4UcZCu5Afo6ucb%2F9VX6NlYqCeC2Y0nblCUM6sP5gw8xVe4LF4fzoKw2QHMbiqdcLp7DRgVNIBlbaZIYQ4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8804643d5eb6b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| licensing.gaming-curacao.com/validator/images/gotham-book.woff | 172.67.20.245 | 200 OK | 21 kB |
URL GET HTTP/2licensing.gaming-curacao.com/validator/images/gotham-book.woff IP172.67.20.245:443
Requested byhttps://licensing.gaming-curacao.com/validator/?lh=ef5d00f94b7d7146760f228013c4867a&template=tseal CertificateIssuerLet's Encrypt Subjectgaming-curacao.com Fingerprint44:CF:7C:81:A0:6F:EE:C8:08:34:16:FE:D7:77:43:F2:08:68:DC:44 ValidityMon, 08 Apr 2024 03:14:27 GMT - Sun, 07 Jul 2024 03:14:26 GMT
File typeWeb Open Font Format, TrueType, length 21040, version 1.200 Hashef0c0d54bf76955e1c3687490d73a0ad 8c314ebc4c3d8a7ca1ef84f8dfb1935b33e46888 c6fad3d6fb62f82aebd05c60800e16b3f7e878d468bbbe7ae4af0c35a9579aff
GET /validator/images/gotham-book.woff HTTP/1.1
Host: licensing.gaming-curacao.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://licensing.gaming-curacao.com/validator/images/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 21:44:36 GMT
content-type: application/font-woff
content-length: 21040
last-modified: Fri, 12 Oct 2018 14:49:29 GMT
etag: "5230-5780931cb5040"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4437
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8804646a297e5699-OSL
X-Firefox-Spdy: h2
|
|
| alphabookbet.com/assets/public/producers-icon/ruby-play-small.png | 104.21.11.147 | | 957 kB |
URL alphabookbet.com/assets/public/producers-icon/ruby-play-small.png IP104.21.11.147:0
CertificateIssuerGoogle Trust Services LLC Subjectalphabookbet.com Fingerprint24:32:C4:83:7D:C1:33:4D:0D:18:31:71:12:62:C6:5F:4E:76:A2:88 ValidityTue, 16 Apr 2024 09:14:41 GMT - Mon, 15 Jul 2024 09:14:40 GMT
File typePNG image data, 73 x 72, 8-bit/color RGBA, non-interlaced Size957 kB (957291 bytes) Hash5a7003fbdce223e42bf2eb6e9b1d69f4 cde9fd886b8b29402c7d45490c08c8a79de49e7f c4622c2993ed52e2fc2cbe17caf3f0c9573254dc754802ba63872ba76f39fa60
GET /assets/public/producers-icon/ruby-play-small.png HTTP/1.1
Host: alphabookbet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w0a175f2ff2t1l41jh45hm44
Cookie: locale=en; deviceType=desktop; isPwa=false; userTrackingCodes=%7B%22btag%22%3A%22p55317p55622p2ac1%26subid%3Dw0a175f2ff2t1l41jh45hm44%22%7D; connect.sid=s%3AWpglnwRIHN7t2D-25pqN5s63FUYywB8D.FAbg8cu1wc4b9gqGFbLM%2FXGgwIhrAUSs5nsuZkShLus
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 21:44:32 GMT
content-type: image/png
last-modified: Thu, 02 May 2024 08:08:51 GMT
etag: W/"66334a13-c97"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6071
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R%2BSze779KBtv1L%2FAtGO4KSvjPLfFckad8lfBLCirrebD3r2wKr1C0bBimj1%2Be9rzbE%2BV6RPQbM09OkFjzMOFQtwIPn%2FNpZSJEyKm0eqKitUFjW7UQLHRaUq7ETd8ByCUnCHy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88046453ad64b51d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| alphabookbet.com/assets/public/producers-icon/golden-hero-small.png | 104.21.11.147 | 200 OK | 33 kB |
URL GET HTTP/3alphabookbet.com/assets/public/producers-icon/golden-hero-small.png IP104.21.11.147:443
Requested byhttps://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w0a175f2ff2t1l41jh45hm44 CertificateIssuerGoogle Trust Services LLC Subjectalphabookbet.com Fingerprint24:32:C4:83:7D:C1:33:4D:0D:18:31:71:12:62:C6:5F:4E:76:A2:88 ValidityTue, 16 Apr 2024 09:14:41 GMT - Mon, 15 Jul 2024 09:14:40 GMT
File typePNG image data, 72 x 54, 8-bit/color RGBA, non-interlaced Hash4ee1bab60012095e1f10a69068caacc6 6a3fcf4818c853564c05a43493a29603a877458c fdc13ad749201263d09f0f03dd5783a426c1261393d624f67dbee8e0f87c4708
GET /assets/public/producers-icon/golden-hero-small.png HTTP/1.1
Host: alphabookbet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w0a175f2ff2t1l41jh45hm44
Cookie: locale=en; deviceType=desktop; isPwa=false; userTrackingCodes=%7B%22btag%22%3A%22p55317p55622p2ac1%26subid%3Dw0a175f2ff2t1l41jh45hm44%22%7D; connect.sid=s%3AWpglnwRIHN7t2D-25pqN5s63FUYywB8D.FAbg8cu1wc4b9gqGFbLM%2FXGgwIhrAUSs5nsuZkShLus
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 21:44:32 GMT
content-type: image/png
last-modified: Thu, 02 May 2024 08:08:51 GMT
etag: W/"66334a13-2311"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5708
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yfU0ZCfgLgTFM6rFPN5w13V1uePofVNAUOS4xA04LFAAxgU8dOS4hvvtjCa3aVq2JmWkDBLPFP3wAm7q%2Bk3%2BzeLmXe4uZZ3xHV%2BXg9Hb7in2k1%2B2tsNjLUwUmDvAk%2FjiFDYg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88046453fdc1b51d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| alphabook-static.ams3.cdn.digitaloceanspaces.com/images/games/play'n_go_legacy_of_dead_thumb.jpg | 172.64.145.29 | | 28 kB |
URL alphabook-static.ams3.cdn.digitaloceanspaces.com/images/games/play'n_go_legacy_of_dead_thumb.jpg IP172.64.145.29:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 360x260, components 3 Hashf6e77c2b85f69a50d7c67f46bfe8f3d8 1dc7b2d4fa58f705dddf17560d1efa73364eb890 4310f13bde40d680c0a93340395996ac8d686a4d1fc4e3f4bbf0e3b64864b3f4
GET /images/games/play'n_go_legacy_of_dead_thumb.jpg HTTP/1.1
Host: alphabook-static.ams3.cdn.digitaloceanspaces.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 21:44:38 GMT
content-type: image/jpeg
content-length: 28536
cache-control: max-age=3600
cf-bgj: h2pri
etag: "f6e77c2b85f69a50d7c67f46bfe8f3d8"
last-modified: Wed, 12 Apr 2023 11:16:54 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-meta-mtime: 1638370274
x-amz-request-id: tx000002c2cf28cc51cb2b8-0065fc8c0a-535fa4dc-ams3c
x-do-cdn-uuid: 13675b4a-88fe-453f-b127-1cc8b20ab375
x-envoy-upstream-healthchecked-cluster:
x-rgw-object-type: Normal
cf-cache-status: HIT
age: 2425
accept-ranges: bytes
set-cookie: __cf_bm=ItvI.DIrXr92puXyj8qRuDI7XmS31.SNmrlxY6g21Gs-1715118278-1.0.1.1-aHMWt5Sa52ILZAWpvPWa2B8EAIO38Sbw8k8LLSJ6Iy1aryRZ4RwNGPZMA6S6e4LZkdxg9aXxLvDcoZBcrqjQJA; path=/; expires=Tue, 07-May-24 22:14:38 GMT; domain=.digitaloceanspaces.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 88046477bbf7b503-OSL
X-Firefox-Spdy: h2
|
|
| alphabook-static.ams3.cdn.digitaloceanspaces.com/images/games/GatesofOlympus360x260b94e39e0c33a686a.gif | 172.64.145.29 | 200 OK | 260 kB |
URL GET HTTP/2alphabook-static.ams3.cdn.digitaloceanspaces.com/images/games/GatesofOlympus360x260b94e39e0c33a686a.gif IP172.64.145.29:443
Requested byhttps://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w0a175f2ff2t1l41jh45hm44 CertificateIssuerDigiCert Inc Subject*.ams3.cdn.digitaloceanspaces.com Fingerprint9A:82:28:72:94:55:AD:99:B2:AE:0E:96:16:F8:70:CA:8E:94:FD:A3 ValidityFri, 19 Apr 2024 00:00:00 GMT - Wed, 07 May 2025 23:59:59 GMT
File typeGIF image data, version 89a, 360 x 260 Size260 kB (259688 bytes) Hashe1a132e21e50d7f963fa4f7880b3a21d 784571af9d8e1c3fe92e5faf04881c065bdc2497 06d066df651a57739dd035a4ad2ff69680e5df5e83e8dc14b6846969dd661718
GET /images/games/GatesofOlympus360x260b94e39e0c33a686a.gif HTTP/1.1
Host: alphabook-static.ams3.cdn.digitaloceanspaces.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 21:44:38 GMT
content-type: image/gif
content-length: 259688
last-modified: Tue, 07 May 2024 09:07:28 GMT
x-rgw-object-type: Normal
etag: "e1a132e21e50d7f963fa4f7880b3a21d"
x-amz-request-id: tx0000086dc4d05371a2851-006639f009-5a86340e-ams3c
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: 13675b4a-88fe-453f-b127-1cc8b20ab375
cache-control: max-age=3600
x-envoy-upstream-healthchecked-cluster:
cf-cache-status: HIT
age: 1562
accept-ranges: bytes
set-cookie: __cf_bm=TMAeNQbgxzYDqPRW56RWz54rqioqvFg7tNnUPTwxhHU-1715118278-1.0.1.1-xWEPnuLtdw8BCHxx6AeIY4avztm.HUEWO0eYjiwZY4I2OEoEggV1mk0TIv6.eFD37OxDEeXZnmxooALp6DvVWA; path=/; expires=Tue, 07-May-24 22:14:38 GMT; domain=.digitaloceanspaces.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 88046477bbffb503-OSL
X-Firefox-Spdy: h2
|
|
| alphabook-static.ams3.cdn.digitaloceanspaces.com/images/games/play'n_go_book_of_dead_thumb.jpg | 172.64.145.29 | 200 OK | 34 kB |
URL GET HTTP/2alphabook-static.ams3.cdn.digitaloceanspaces.com/images/games/play'n_go_book_of_dead_thumb.jpg IP172.64.145.29:443
Requested byhttps://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w0a175f2ff2t1l41jh45hm44 CertificateIssuerDigiCert Inc Subject*.ams3.cdn.digitaloceanspaces.com Fingerprint9A:82:28:72:94:55:AD:99:B2:AE:0E:96:16:F8:70:CA:8E:94:FD:A3 ValidityFri, 19 Apr 2024 00:00:00 GMT - Wed, 07 May 2025 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 360x260, components 3 Hash6216a705ababfffc4e57c802782ce8f1 73f47e766455e0b5b181863372332b15fd68ecad bbcd4031d8f7201c7a0fee3d03beedf1c439c56d602b7c49bb014fa411004824
GET /images/games/play'n_go_book_of_dead_thumb.jpg HTTP/1.1
Host: alphabook-static.ams3.cdn.digitaloceanspaces.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 21:44:38 GMT
content-type: image/jpeg
content-length: 34216
cache-control: max-age=3600
cf-bgj: h2pri
etag: "6216a705ababfffc4e57c802782ce8f1"
last-modified: Wed, 12 Apr 2023 11:16:38 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-meta-mtime: 1638370273
x-amz-request-id: tx00000d7bc8be158184176-0065f1f329-5280ad0f-ams3c
x-do-cdn-uuid: 13675b4a-88fe-453f-b127-1cc8b20ab375
x-envoy-upstream-healthchecked-cluster:
x-rgw-object-type: Normal
cf-cache-status: HIT
age: 2425
accept-ranges: bytes
set-cookie: __cf_bm=uW1J1Llgrr9uSYk43CXDDzIQjJvYrUjULDic8dVV9ao-1715118278-1.0.1.1-GU93IvL4cgBJHrcrtw21Gmbl5WNptbXn_sqqtHyReALTv8KDwlOivMxRgauHGWaqzWhUTwpeiBtJRcO8Iwu_UQ; path=/; expires=Tue, 07-May-24 22:14:38 GMT; domain=.digitaloceanspaces.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 88046477bbfdb503-OSL
X-Firefox-Spdy: h2
|
|
| www.google.com/recaptcha/api.js?render=6Ldhc0AlAAAAAJUY_BS5coGTzfWcigG8Ffq24P4i | 142.250.74.132 | | 207 kB |
URL www.google.com/recaptcha/api.js?render=6Ldhc0AlAAAAAJUY_BS5coGTzfWcigG8Ffq24P4i IP142.250.74.132:0
Size207 kB (207022 bytes) Hashdaf5783b7e28cdf9c7c2b0ebb8b69bda 412b0c29abc11151ef7da71856a86541d2e34723 3acc8f56b8c9ee253d9a2c7d89f734ce4b92c6b767b9ef2280889b6c11f86df0
GET /recaptcha/api.js?render=6Ldhc0AlAAAAAJUY_BS5coGTzfWcigG8Ffq24P4i HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
expires: Tue, 07 May 2024 21:44:38 GMT
date: Tue, 07 May 2024 21:44:38 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldhc0AlAAAAAJUY_BS5coGTzfWcigG8Ffq24P4i&co=aHR0cHM6Ly9hbHBoYWJvb2tiZXQuY29tOjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=9rjsjj92rqqt | 142.250.74.132 | | 53 kB |
URL www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldhc0AlAAAAAJUY_BS5coGTzfWcigG8Ffq24P4i&co=aHR0cHM6Ly9hbHBoYWJvb2tiZXQuY29tOjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=9rjsjj92rqqt IP142.250.74.132:0
File typeHTML document, ASCII text, with very long lines (36436) Hash8133a1f9561044c9d62cba025448c171 030f0cc2eae362d2a0700f05c475c0ca7194ee05 11698269553af38fa561bedd78dfa0d321dbbc05b6da12e67f188fc260bc2dc2
GET /recaptcha/api2/anchor?ar=1&k=6Ldhc0AlAAAAAJUY_BS5coGTzfWcigG8Ffq24P4i&co=aHR0cHM6Ly9hbHBoYWJvb2tiZXQuY29tOjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=9rjsjj92rqqt HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 07 May 2024 21:44:39 GMT
content-security-policy: script-src 'nonce-sK1YgwUJsJYyG76b5O8gZg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js | 142.250.74.99 | 200 OK | 206 kB |
URL GET HTTP/3www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js IP142.250.74.99:443
Requested byhttps://www.google.com/recaptcha/api2/webworker.js?hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeJavaScript source, ASCII text, with very long lines (631) Size206 kB (205803 bytes) Hashe2e79d6b927169d9e0e57e3baecc0993 1299473950b2999ba0b7f39bd5e4a60eafd1819d 231336ed913a5ebd4445b85486e053caf2b81cab91318241375f3f7a245b6c6b
GET /recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 205803
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 May 2024 13:33:10 GMT
expires: Wed, 07 May 2025 13:33:10 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 Apr 2024 21:03:35 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 29489
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 | 142.250.74.67 | 200 OK | 15 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 IP142.250.74.67:443
Requested byhttps://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldhc0AlAAAAAJUY_BS5coGTzfWcigG8Ffq24P4i&co=aHR0cHM6Ly9hbHBoYWJvb2tiZXQuY29tOjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=9rjsjj92rqqt CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15344, version 1.0 Hash5d4aeb4e5f5ef754e307d7ffaef688bd 06db651cdf354c64a7383ea9c77024ef4fb4cef8 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 16:31:04 GMT
expires: Sat, 03 May 2025 16:31:04 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
age: 364415
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 | 142.250.74.67 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 IP142.250.74.67:443
Requested byhttps://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldhc0AlAAAAAJUY_BS5coGTzfWcigG8Ffq24P4i&co=aHR0cHM6Ly9hbHBoYWJvb2tiZXQuY29tOjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=9rjsjj92rqqt CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15552, version 1.0 Hash285467176f7fe6bb6a9c6873b3dad2cc ea04e4ff5142ddd69307c183def721a160e0a64e 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:50:52 GMT
expires: Fri, 02 May 2025 01:50:52 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
age: 503627
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js | 142.250.74.99 | 200 OK | 206 kB |
URL GET HTTP/3www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js IP142.250.74.99:443
Requested byhttps://www.google.com/recaptcha/api2/webworker.js?hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeJavaScript source, ASCII text, with very long lines (631) Size206 kB (205803 bytes) Hashe2e79d6b927169d9e0e57e3baecc0993 1299473950b2999ba0b7f39bd5e4a60eafd1819d 231336ed913a5ebd4445b85486e053caf2b81cab91318241375f3f7a245b6c6b
GET /recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 205803
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 May 2024 13:33:10 GMT
expires: Wed, 07 May 2025 13:33:10 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 Apr 2024 21:03:35 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 29489
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.google.com/js/bg/pAY4Jgi82uSAEr2jIgpI2fcbEoZ0MRbNANtMr9BudIc.js | 142.250.74.132 | | 7.5 kB |
URL www.google.com/js/bg/pAY4Jgi82uSAEr2jIgpI2fcbEoZ0MRbNANtMr9BudIc.js IP142.250.74.132:0
File typeJavaScript source, ASCII text, with very long lines (17588) Hash81965d03d416a0601f29281d353056f3 e3d92db7e0287b8cc16ef71877d276e7ee0030d6 a406382608bcdae48012bda3220a48d9f71b1286743116cd00db4cafd06e7487
GET /js/bg/pAY4Jgi82uSAEr2jIgpI2fcbEoZ0MRbNANtMr9BudIc.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldhc0AlAAAAAJUY_BS5coGTzfWcigG8Ffq24P4i&co=aHR0cHM6Ly9hbHBoYWJvb2tiZXQuY29tOjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=9rjsjj92rqqt
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 7452
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:15:50 GMT
expires: Fri, 02 May 2025 02:15:50 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 29 Apr 2024 11:30:00 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 502129
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.gstatic.com/recaptcha/api2/logo_48.png | 142.250.74.99 | | 2.2 kB |
URL www.gstatic.com/recaptcha/api2/logo_48.png IP142.250.74.99:0
File typePNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced Hashef9941290c50cd3866e2ba6b793f010d 4736508c795667dcea21f8d864233031223b7832 1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 00:37:29 GMT
expires: Fri, 10 May 2024 00:37:29 GMT
cache-control: public, max-age=604800
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
age: 421630
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| licensing.gaming-curacao.com/validator/?lh=ef5d00f94b7d7146760f228013c4867a&template=tseal | 172.67.20.245 | | 6.9 kB |
URL licensing.gaming-curacao.com/validator/?lh=ef5d00f94b7d7146760f228013c4867a&template=tseal IP172.67.20.245:0
CertificateIssuerLet's Encrypt Subjectgaming-curacao.com Fingerprint44:CF:7C:81:A0:6F:EE:C8:08:34:16:FE:D7:77:43:F2:08:68:DC:44 ValidityMon, 08 Apr 2024 03:14:27 GMT - Sun, 07 Jul 2024 03:14:26 GMT
File typegzip compressed data, from Unix Hashb6d494a4bcab438e11d13605749134a9 77f6f81a297ddaa5dfac64a5eb56c6d05ea26390 83746539fc25dc5e6650096d485cd70e2ca77723b4caaa99607fc0d26ce63afe
GET /validator/?lh=ef5d00f94b7d7146760f228013c4867a&template=tseal HTTP/1.1
Host: licensing.gaming-curacao.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 21:44:36 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/5.4.16
set-cookie: PHPSESSID=2sh3pjhulpgo1u03c5dg26no31; path=/; HttpOnly
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: private
pragma: no-cache
x-robots-tag: noindex
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 88046465bccd5699-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| alphabook-static.ams3.digitaloceanspaces.com/images/banners-new/image13def9c9f44ccf72.webp | 5.101.110.225 | | 52 kB |
URL alphabook-static.ams3.digitaloceanspaces.com/images/banners-new/image13def9c9f44ccf72.webp IP5.101.110.225:0 ASN#14061 DIGITALOCEAN-ASN
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 1361x432, Scaling: [none]x[none], YUV color, decoders should clamp Hash214b5a2846419b7d863ca3e2546b7796 3e67ae9015cce3047a679036e9f69bba7f86208f 2017341cc24303f402410181495393b93c53a243f517612e415ebcf3957520f8
GET /images/banners-new/image13def9c9f44ccf72.webp HTTP/1.1
Host: alphabook-static.ams3.digitaloceanspaces.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 51760
accept-ranges: bytes
last-modified: Tue, 16 Apr 2024 11:52:48 GMT
x-rgw-object-type: Normal
etag: "214b5a2846419b7d863ca3e2546b7796"
x-amz-request-id: tx00000ee702a2952033335-00663aa0c8-5ab63a19-ams3c
content-type: image/jpeg
date: Tue, 07 May 2024 21:44:40 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-envoy-upstream-healthchecked-cluster:
X-Firefox-Spdy: h2
|
|
| alphabook-static.ams3.digitaloceanspaces.com/images/banners-new/image3f622c1597d5999f.webp | 5.101.110.225 | 200 OK | 49 kB |
URL GET HTTP/2alphabook-static.ams3.digitaloceanspaces.com/images/banners-new/image3f622c1597d5999f.webp IP5.101.110.225:443 ASN#14061 DIGITALOCEAN-ASN
Requested byhttps://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w0a175f2ff2t1l41jh45hm44 CertificateIssuerDigiCert Inc Subject*.ams3.digitaloceanspaces.com Fingerprint74:0E:28:77:1B:40:9C:2E:63:02:BE:C3:BA:F6:2F:5F:42:1D:49:A0 ValidityMon, 27 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 1361x432, Scaling: [none]x[none], YUV color, decoders should clamp Hash43bead5a5ce5501ce839887946adc97d 03d0c02fe96a549fff9668355e1341cf76af6aa8 dc5d412668c452d520eca7e09e0fcdbf25ea4dc68cc64aa1b1fcd158658cb49d
GET /images/banners-new/image3f622c1597d5999f.webp HTTP/1.1
Host: alphabook-static.ams3.digitaloceanspaces.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 49352
accept-ranges: bytes
last-modified: Tue, 16 Apr 2024 10:14:39 GMT
x-rgw-object-type: Normal
etag: "43bead5a5ce5501ce839887946adc97d"
x-amz-request-id: tx00000a062a4b956d0fa2d-00663aa0c9-5ab63a19-ams3c
content-type: image/jpeg
date: Tue, 07 May 2024 21:44:41 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-envoy-upstream-healthchecked-cluster:
X-Firefox-Spdy: h2
|
|
| alphabook-static.ams3.digitaloceanspaces.com/images/banners-new/imagec0cfb606153a3acb.webp | 5.101.110.225 | 200 OK | 34 kB |
URL GET HTTP/2alphabook-static.ams3.digitaloceanspaces.com/images/banners-new/imagec0cfb606153a3acb.webp IP5.101.110.225:443 ASN#14061 DIGITALOCEAN-ASN
Requested byhttps://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w0a175f2ff2t1l41jh45hm44 CertificateIssuerDigiCert Inc Subject*.ams3.digitaloceanspaces.com Fingerprint74:0E:28:77:1B:40:9C:2E:63:02:BE:C3:BA:F6:2F:5F:42:1D:49:A0 ValidityMon, 27 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 1361x432, Scaling: [none]x[none], YUV color, decoders should clamp Hash15ead8bb6f02bd3a2b51a31b37ea7a98 3bf41445848e36ccb05f744967864bf1945e97f7 78e28b9da813ead4ea4a90c48bf4a49428e0f9d8c6d694ad7b9f1113c96be93a
GET /images/banners-new/imagec0cfb606153a3acb.webp HTTP/1.1
Host: alphabook-static.ams3.digitaloceanspaces.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 34264
accept-ranges: bytes
last-modified: Mon, 22 Apr 2024 12:00:21 GMT
x-rgw-object-type: Normal
etag: "15ead8bb6f02bd3a2b51a31b37ea7a98"
x-amz-request-id: tx00000e1899f721e63266e-00663aa0ca-5ab63a41-ams3c
content-type: image/jpeg
date: Tue, 07 May 2024 21:44:42 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-envoy-upstream-healthchecked-cluster:
X-Firefox-Spdy: h2
|
|
| static.zdassets.com/web_widget/messenger/latest/web-widget-15178-2c036c6.js | 104.18.72.113 | 200 OK | 53 kB |
URL GET HTTP/2static.zdassets.com/web_widget/messenger/latest/web-widget-15178-2c036c6.js IP104.18.72.113:443
Requested byhttps://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w0a175f2ff2t1l41jh45hm44 CertificateIssuerLet's Encrypt Subjectzdassets.com Fingerprint91:4E:55:88:20:64:B8:AA:0E:42:DA:60:4E:C8:0C:21:93:4F:B1:F7 ValidityWed, 01 May 2024 21:55:19 GMT - Tue, 30 Jul 2024 21:55:18 GMT
File typeJavaScript source, ASCII text, with very long lines (12531), with no line terminators Hash30cd804708caa9949248913ba8f11137 1f10d46d82f94b20609cfd955f2ddd6236d21420 e6d6b877a6e65b87c7eaada4f2e8ee780d5749e21a0b31a42dd843f50b74cf03
GET /web_widget/messenger/latest/web-widget-15178-2c036c6.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 21:44:41 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: 8WINwYwHZoe/Au2hiLBdGn01hUsdWoKhHIl4HhB6xYw9voZHvmbV2D7tSZ6RD+8Kb6hobHnHGww=
x-amz-request-id: ZKNQ4K09ARD5TV78
x-amz-replication-status: COMPLETED
last-modified: Wed, 17 Apr 2024 07:26:16 GMT
etag: W/"30cd804708caa9949248913ba8f11137"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Thu, 17 Apr 2025 07:26:15 GMT
x-amz-version-id: 5MQYkcBwXxZ5dABNKLVTPMBNDJSPj4Kf
cf-cache-status: HIT
age: 37438
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=whY5OVGTGOWhXvuZQ91CCLaZYNmY%2FVKXXNBWFxbjS%2BuLjx4Ze5T7TjCufi9CImXrBv5sxHN2wvGKIgVAKzQRyYcv0ZifnSgRicjp%2BaO%2FTcFpBvqVZ4TrjCB742vCOv5xqTQald8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-max-age: 0
server: cloudflare
cf-ray: 880464887c441c16-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| alphabookbet.com/assets/public/pwa/icons/icon-152x152-safari.png | 104.21.11.147 | 200 OK | 31 kB |
URL GET HTTP/3alphabookbet.com/assets/public/pwa/icons/icon-152x152-safari.png IP104.21.11.147:443
Requested byhttps://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w0a175f2ff2t1l41jh45hm44 CertificateIssuerGoogle Trust Services LLC Subjectalphabookbet.com Fingerprint24:32:C4:83:7D:C1:33:4D:0D:18:31:71:12:62:C6:5F:4E:76:A2:88 ValidityTue, 16 Apr 2024 09:14:41 GMT - Mon, 15 Jul 2024 09:14:40 GMT
File typePNG image data, 152 x 152, 8-bit colormap, non-interlaced Hash381c8413b81e258c1c7f6a98eb2f34f9 e974a973deeeff84f0109ffaead9f0b556061d3e 3a6597b30b7e401713977317fbcc0e5fb6be52a13a96361f405e0f2c46094652
GET /assets/public/pwa/icons/icon-152x152-safari.png HTTP/1.1
Host: alphabookbet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w0a175f2ff2t1l41jh45hm44
Cookie: locale=en; deviceType=desktop; isPwa=false; userTrackingCodes=%7B%22btag%22%3A%22p55317p55622p2ac1%26subid%3Dw0a175f2ff2t1l41jh45hm44%22%7D; connect.sid=s%3AWpglnwRIHN7t2D-25pqN5s63FUYywB8D.FAbg8cu1wc4b9gqGFbLM%2FXGgwIhrAUSs5nsuZkShLus
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 21:44:35 GMT
content-type: image/png
last-modified: Thu, 02 May 2024 08:08:51 GMT
etag: W/"66334a13-8db"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5763
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5FkfvFtYsSh0aGal5uFdcMN8joGvQscrogXRHwAY2r%2BzljoGjm8Ett5WxcTed%2BT9XskmfO4%2FXNiWOH44bHI8P25nbL2w20ZXFNZkTadCuUSHFW%2BMjI8VFXB0%2Bs65Qj6yfXX0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88046466d87eb51d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| alphabook-static.ams3.digitaloceanspaces.com/images/banners-new/imagedf8cf60db7ee75bd.webp | 5.101.110.225 | | 27 kB |
URL alphabook-static.ams3.digitaloceanspaces.com/images/banners-new/imagedf8cf60db7ee75bd.webp IP5.101.110.225:0 ASN#14061 DIGITALOCEAN-ASN
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 1361x432, Scaling: [none]x[none], YUV color, decoders should clamp Hash81ebbb68f05575efd73b834d409dc973 5d6ffab9d3db86e68c2a330186e3959f410b6312 d91f0bee20240ef2a913692d714554570da58a712d67306b6a0130db5ab0e9c6
GET /images/banners-new/imagedf8cf60db7ee75bd.webp HTTP/1.1
Host: alphabook-static.ams3.digitaloceanspaces.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 27128
accept-ranges: bytes
last-modified: Mon, 22 Apr 2024 12:36:25 GMT
x-rgw-object-type: Normal
etag: "81ebbb68f05575efd73b834d409dc973"
x-amz-request-id: tx0000081c8fc475d339230-00663aa0cd-5ab63a41-ams3c
content-type: image/jpeg
date: Tue, 07 May 2024 21:44:45 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-envoy-upstream-healthchecked-cluster:
X-Firefox-Spdy: h2
|
|
| static.zdassets.com/web_widget/messenger/latest/web-widget-59535-2c036c6.js | 104.18.72.113 | | 30 kB |
URL static.zdassets.com/web_widget/messenger/latest/web-widget-59535-2c036c6.js IP104.18.72.113:0
CertificateIssuerLet's Encrypt Subjectzdassets.com Fingerprint91:4E:55:88:20:64:B8:AA:0E:42:DA:60:4E:C8:0C:21:93:4F:B1:F7 ValidityWed, 01 May 2024 21:55:19 GMT - Tue, 30 Jul 2024 21:55:18 GMT
File typeJavaScript source, ASCII text, with very long lines (15491), with no line terminators Hashd872b805dfde20482fe32889700afdc1 47af461c71ba00585398da25bbdd3067f207572f 49c6b066c7794e32489b24de0b9269cdbd3a18ad9cb32552cb60f25d3123c972
GET /web_widget/messenger/latest/web-widget-59535-2c036c6.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 21:44:41 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: ujG1j7W15UMdRZwUjhiQUzZl/hckhI3YfsUkEpgZX5DtMLe1F8rjNWdiQx+saEBOz52vG4SzqhY=
x-amz-request-id: ZKNPE9SWPNWDTXQK
x-amz-replication-status: COMPLETED
last-modified: Wed, 17 Apr 2024 07:26:20 GMT
etag: W/"d872b805dfde20482fe32889700afdc1"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Thu, 17 Apr 2025 07:26:19 GMT
x-amz-version-id: iwk5TUt1l6g_5iiKsnSUNvmCwEztbMSl
cf-cache-status: HIT
age: 37438
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XQhCdzfVu1wNZ%2BlHrDD%2FzmsTDvj2gkj%2F9VJyaWzQw%2Fq5J3IPm7PAPIKHlYKcQmvjDYBPwA7vixjfYhEPigUEGn8sWS2U8EPizjjiz3ecdpDWugQe814xY%2By4t3I6lioQHUJM3uY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-max-age: 0
server: cloudflare
cf-ray: 880464887c471c16-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| alphabook-static.ams3.digitaloceanspaces.com/images/banners-new/image744df30b9195e18a.webp | 5.101.110.225 | | 32 kB |
URL alphabook-static.ams3.digitaloceanspaces.com/images/banners-new/image744df30b9195e18a.webp IP5.101.110.225:0 ASN#14061 DIGITALOCEAN-ASN
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 1361x420, Scaling: [none]x[none], YUV color, decoders should clamp Hashcf01d60bb8cbd57180e16004c707293a 1f13284d0f2a32a9a618b4f8fae247faffbb679a 9568e9100fff3f860cefdfb90e76303b10d832ed5bcf7b3b82335bda7fa14bf1
GET /images/banners-new/image744df30b9195e18a.webp HTTP/1.1
Host: alphabook-static.ams3.digitaloceanspaces.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 32508
accept-ranges: bytes
last-modified: Tue, 23 Apr 2024 08:55:51 GMT
x-rgw-object-type: Normal
etag: "cf01d60bb8cbd57180e16004c707293a"
x-amz-request-id: tx00000f45739cc43ce2761-00663aa0d0-5ab3b6b9-ams3c
content-type: image/jpeg
date: Tue, 07 May 2024 21:44:48 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-envoy-upstream-healthchecked-cluster:
X-Firefox-Spdy: h2
|
|
| alphabook-static.ams3.digitaloceanspaces.com/images/banners-new/image0f2b87a11daf114e.webp | 5.101.110.225 | | 82 kB |
URL alphabook-static.ams3.digitaloceanspaces.com/images/banners-new/image0f2b87a11daf114e.webp IP5.101.110.225:0 ASN#14061 DIGITALOCEAN-ASN
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 1361x432, Scaling: [none]x[none], YUV color, decoders should clamp Hash5a13a09df5094cc7b2b44781cf4f7dc6 4aff6ce7d4d926e6d357fdbb8873c33a403c0426 5b35dd36cabd845229357dc9bc7fec3376d31c37775a2e177f747a6be725e5a8
GET /images/banners-new/image0f2b87a11daf114e.webp HTTP/1.1
Host: alphabook-static.ams3.digitaloceanspaces.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 81926
accept-ranges: bytes
last-modified: Tue, 07 May 2024 16:50:03 GMT
x-rgw-object-type: Normal
etag: "5a13a09df5094cc7b2b44781cf4f7dc6"
x-amz-request-id: tx0000058271c617ed579b3-00663aa0d1-5ab63a50-ams3c
content-type: image/jpeg
date: Tue, 07 May 2024 21:44:49 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-envoy-upstream-healthchecked-cluster:
X-Firefox-Spdy: h2
|
|
| alphabook-static.ams3.digitaloceanspaces.com/images/banners-new/character_1698760097539.png | 5.101.110.225 | | 1.4 kB |
URL alphabook-static.ams3.digitaloceanspaces.com/images/banners-new/character_1698760097539.png IP5.101.110.225:0 ASN#14061 DIGITALOCEAN-ASN
File typePNG image data, 780 x 432, 8-bit/color RGBA, non-interlaced Hash74c3d77052575a1c0060032e82cc877a 7a42b32992e105c579fb66f45e05f37e24f11f4e cd4a96bccd1752ebf29e525a2e9df02d9d18031e287349ce1e69f3025cd55f07
GET /images/banners-new/character_1698760097539.png HTTP/1.1
Host: alphabook-static.ams3.digitaloceanspaces.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 1386
accept-ranges: bytes
last-modified: Tue, 31 Oct 2023 13:48:22 GMT
x-rgw-object-type: Normal
etag: "74c3d77052575a1c0060032e82cc877a"
x-amz-request-id: tx00000f6a90a94cd4b1d37-00663aa0d1-5ab63a41-ams3c
content-type: image/png
date: Tue, 07 May 2024 21:44:49 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-envoy-upstream-healthchecked-cluster:
X-Firefox-Spdy: h2
|
|
| alphabookbet.com/assets/public/producers-icon/playn-go-small.png | 104.21.11.147 | 200 OK | 3.8 kB |
URL GET HTTP/3alphabookbet.com/assets/public/producers-icon/playn-go-small.png IP104.21.11.147:443
Requested byhttps://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w0a175f2ff2t1l41jh45hm44 CertificateIssuerGoogle Trust Services LLC Subjectalphabookbet.com Fingerprint24:32:C4:83:7D:C1:33:4D:0D:18:31:71:12:62:C6:5F:4E:76:A2:88 ValidityTue, 16 Apr 2024 09:14:41 GMT - Mon, 15 Jul 2024 09:14:40 GMT
File typePNG image data, 72 x 48, 8-bit/color RGBA, non-interlaced Hash603c4fa6de8d9622e1192419b661afc9 f59c36ec9ab64e339b684a2c45229593477733b9 264476099e21ce9ccb9eb84d843041d3f54744b0bd16d3a7e59cf25da6a3d60a
GET /assets/public/producers-icon/playn-go-small.png HTTP/1.1
Host: alphabookbet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/assets/14.eaec9aaa818168eb55ed.css
Cookie: locale=en; deviceType=desktop; isPwa=false; userTrackingCodes=%7B%22btag%22%3A%22p55317p55622p2ac1%26subid%3Dw0a175f2ff2t1l41jh45hm44%22%7D; connect.sid=s%3AWpglnwRIHN7t2D-25pqN5s63FUYywB8D.FAbg8cu1wc4b9gqGFbLM%2FXGgwIhrAUSs5nsuZkShLus
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 21:44:35 GMT
content-type: image/png
last-modified: Thu, 02 May 2024 08:08:51 GMT
etag: W/"66334a13-ea8"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5709
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DsTYDokOBQvCILztBRD1MyW%2Bho5uCR0xOoMObXut4tGHFJP2k%2FMiEX7OBEPPT3o6ZcO19dfmggG42%2FUY%2ByQNeAOiWqYP5nF9zp6CwsLCFjQU%2B%2F0eZSOJqdEDvgN9vSW1Ycoj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880464644deeb51d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| alphabookbet.com/assets/public/images/footer-social/facebook.png | 104.21.11.147 | 200 OK | 615 B |
URL GET HTTP/3alphabookbet.com/assets/public/images/footer-social/facebook.png IP104.21.11.147:443
Requested byhttps://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w0a175f2ff2t1l41jh45hm44 CertificateIssuerGoogle Trust Services LLC Subjectalphabookbet.com Fingerprint24:32:C4:83:7D:C1:33:4D:0D:18:31:71:12:62:C6:5F:4E:76:A2:88 ValidityTue, 16 Apr 2024 09:14:41 GMT - Mon, 15 Jul 2024 09:14:40 GMT
File typePNG image data, 72 x 72, 8-bit colormap, non-interlaced Hash18aa5ca001581e88c8a2b2a58a9159ce 677900eeba47ef77d3f49f9f53cc2ed40e030192 6efbb1d2b91db7f1edd5e3e12d5a40eba17bd25d97e968560e2e67da3b4275e4
GET /assets/public/images/footer-social/facebook.png HTTP/1.1
Host: alphabookbet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w0a175f2ff2t1l41jh45hm44
Cookie: locale=en; deviceType=desktop; isPwa=false; userTrackingCodes=%7B%22btag%22%3A%22p55317p55622p2ac1%26subid%3Dw0a175f2ff2t1l41jh45hm44%22%7D; connect.sid=s%3AWpglnwRIHN7t2D-25pqN5s63FUYywB8D.FAbg8cu1wc4b9gqGFbLM%2FXGgwIhrAUSs5nsuZkShLus
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 21:44:32 GMT
content-type: image/png
last-modified: Thu, 02 May 2024 08:08:51 GMT
etag: W/"66334a13-267"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5706
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O1X1j9sQr0RToqsVKPNWFdc2d5QiFk9GfZELe7naqUrzxPyAixkq3WMt1rDqCcVTmhLoGO8hBsf6lJPfdybVcX%2F0nSZ3uYsc9kHKtNASWig6TDxDc7ME4JbVe09lw4viHhKQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880464540dd2b51d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/styles__ltr.css | 142.250.74.99 | 200 OK | 56 kB |
URL GET HTTP/3www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/styles__ltr.css IP142.250.74.99:443
Requested byhttps://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldhc0AlAAAAAJUY_BS5coGTzfWcigG8Ffq24P4i&co=aHR0cHM6Ly9hbHBoYWJvb2tiZXQuY29tOjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=9rjsjj92rqqt CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeASCII text, with very long lines (56412), with no line terminators Hash2c00b9f417b688224937053cd0c284a5 17b4c18ebc129055dd25f214c3f11e03e9df2d82 1e754b107428162c65a26d399b66db3daaea09616bf8620d9de4bc689ce48eed
GET /recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24617
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 May 2024 15:37:51 GMT
expires: Tue, 06 May 2025 15:37:51 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 Apr 2024 21:03:35 GMT
content-type: text/css
vary: Accept-Encoding
age: 108408
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| alphabookbet.com/assets/14.ba5be7efef44763ec7f6.js | 104.21.11.147 | 200 OK | 123 kB |
URL GET HTTP/3alphabookbet.com/assets/14.ba5be7efef44763ec7f6.js IP104.21.11.147:443
Requested byhttps://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w0a175f2ff2t1l41jh45hm44 CertificateIssuerGoogle Trust Services LLC Subjectalphabookbet.com Fingerprint24:32:C4:83:7D:C1:33:4D:0D:18:31:71:12:62:C6:5F:4E:76:A2:88 ValidityTue, 16 Apr 2024 09:14:41 GMT - Mon, 15 Jul 2024 09:14:40 GMT
Size123 kB (123027 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /assets/14.ba5be7efef44763ec7f6.js HTTP/1.1
Host: alphabookbet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w0a175f2ff2t1l41jh45hm44
Cookie: locale=en; deviceType=desktop; isPwa=false; userTrackingCodes=%7B%22btag%22%3A%22p55317p55622p2ac1%26subid%3Dw0a175f2ff2t1l41jh45hm44%22%7D; connect.sid=s%3AWpglnwRIHN7t2D-25pqN5s63FUYywB8D.FAbg8cu1wc4b9gqGFbLM%2FXGgwIhrAUSs5nsuZkShLus
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 21:44:32 GMT
content-type: application/javascript
last-modified: Thu, 02 May 2024 08:08:51 GMT
etag: W/"66334a13-1e093"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5712
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uzOHZi6C3%2Ba2ml7NJzarEyjse%2BIBykvPOKz%2FMsLSwKZOhmY8fwDLdkuBPcbLjdOJaNWD1Ki9Nbb8F6LjU8U0hoAGt2j8RRDAQvt4Cu7kbipCexMfcE%2F13Fjmbu2sC5zpmqSE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880464548e59b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| alphabook-static.ams3.digitaloceanspaces.com/images/banners-new/image59aa9795f9bba97f.webp | 5.101.110.225 | 200 OK | 26 kB |
URL GET HTTP/2alphabook-static.ams3.digitaloceanspaces.com/images/banners-new/image59aa9795f9bba97f.webp IP5.101.110.225:443 ASN#14061 DIGITALOCEAN-ASN
Requested byhttps://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w0a175f2ff2t1l41jh45hm44 CertificateIssuerDigiCert Inc Subject*.ams3.digitaloceanspaces.com Fingerprint74:0E:28:77:1B:40:9C:2E:63:02:BE:C3:BA:F6:2F:5F:42:1D:49:A0 ValidityMon, 27 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 1361x432, Scaling: [none]x[none], YUV color, decoders should clamp Hash7f5da4504be74ff79c2a5c9564e1f8ac abeffd5965c1c7919e93d62ac708699413f70892 f84bb8dcab5e11b1438f8237aa81f4f19aeb60e5ac0e0189c206091284ba93be
GET /images/banners-new/image59aa9795f9bba97f.webp HTTP/1.1
Host: alphabook-static.ams3.digitaloceanspaces.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 25752
accept-ranges: bytes
last-modified: Wed, 17 Apr 2024 11:16:45 GMT
x-rgw-object-type: Normal
etag: "7f5da4504be74ff79c2a5c9564e1f8ac"
x-amz-request-id: tx00000bd6381f8aa48cc6e-00663aa0cc-5ab3b6b9-ams3c
content-type: image/jpeg
date: Tue, 07 May 2024 21:44:44 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-envoy-upstream-healthchecked-cluster:
X-Firefox-Spdy: h2
|
|
| alphabookbet.com/assets/1.cb6e26504a5645960548.js | 104.21.11.147 | 200 OK | 15 kB |
URL GET HTTP/3alphabookbet.com/assets/1.cb6e26504a5645960548.js IP104.21.11.147:443
Requested byhttps://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w0a175f2ff2t1l41jh45hm44 CertificateIssuerGoogle Trust Services LLC Subjectalphabookbet.com Fingerprint24:32:C4:83:7D:C1:33:4D:0D:18:31:71:12:62:C6:5F:4E:76:A2:88 ValidityTue, 16 Apr 2024 09:14:41 GMT - Mon, 15 Jul 2024 09:14:40 GMT
File typeJavaScript source, ASCII text, with very long lines (15245) Hashddda628fadd504b0c496525b9f47d9aa 8f2b539179bcdff777b11f7c3e64944814332886 05cc1faa72690b5f99e62e883e390562bee5d2a22a7a5b27a12af26f071688cb
GET /assets/1.cb6e26504a5645960548.js HTTP/1.1
Host: alphabookbet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w0a175f2ff2t1l41jh45hm44
Cookie: locale=en; deviceType=desktop; isPwa=false; userTrackingCodes=%7B%22btag%22%3A%22p55317p55622p2ac1%26subid%3Dw0a175f2ff2t1l41jh45hm44%22%7D; connect.sid=s%3AWpglnwRIHN7t2D-25pqN5s63FUYywB8D.FAbg8cu1wc4b9gqGFbLM%2FXGgwIhrAUSs5nsuZkShLus
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 21:44:32 GMT
content-type: application/javascript
last-modified: Thu, 02 May 2024 08:08:51 GMT
etag: W/"66334a13-3bc0"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5712
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tLcqq1LCF%2FXwmRVqr%2BQRM%2FNlTEHvS0fi5IbLAiy%2BhIEgEXwM%2F5Ar9Ya8qAk4c65hwNNS5tBQcWynXVK3Zqxyf6OCWFlc7TzuFggpeZhAHYZFFHV93gea72phYgfWX9ml2jyY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880464548e55b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| affiliate-api.income.partners/?project=alphabook&refcode=partner%3Dp55317p55622p2ac1%26subid%3Dw0a175f2ff2t1l41jh45hm44 | 0.0.0.0 | | 0 B |
URL GET affiliate-api.income.partners/?project=alphabook&refcode=partner%3Dp55317p55622p2ac1%26subid%3Dw0a175f2ff2t1l41jh45hm44 IP0.0.0.0:0
Requested byhttps://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w0a175f2ff2t1l41jh45hm44
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?project=alphabook&refcode=partner%3Dp55317p55622p2ac1%26subid%3Dw0a175f2ff2t1l41jh45hm44 HTTP/1.1
Host: affiliate-api.income.partners
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| alphabook-static.ams3.cdn.digitaloceanspaces.com/images/games/BigBassBonanzaTH_47082f3cb6afb707.jpg | 172.64.145.29 | 200 OK | 24 kB |
URL GET HTTP/2alphabook-static.ams3.cdn.digitaloceanspaces.com/images/games/BigBassBonanzaTH_47082f3cb6afb707.jpg IP172.64.145.29:443
Requested byhttps://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w0a175f2ff2t1l41jh45hm44 CertificateIssuerDigiCert Inc Subject*.ams3.cdn.digitaloceanspaces.com Fingerprint9A:82:28:72:94:55:AD:99:B2:AE:0E:96:16:F8:70:CA:8E:94:FD:A3 ValidityFri, 19 Apr 2024 00:00:00 GMT - Wed, 07 May 2025 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 360x260, components 3 Hashac7fa2668fd42c49e6fd54455d86a7a8 f6e0454c64da78d24c108989623607ce7f5a8d1e 6eb6e3a7e71b4f4c5b1959b98844c8cbb17b7d5f961f6c9aa05d77ef26f26536
GET /images/games/BigBassBonanzaTH_47082f3cb6afb707.jpg HTTP/1.1
Host: alphabook-static.ams3.cdn.digitaloceanspaces.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 21:44:38 GMT
content-type: image/jpeg
content-length: 24418
cache-control: max-age=3600
cf-bgj: h2pri
etag: "ac7fa2668fd42c49e6fd54455d86a7a8"
last-modified: Wed, 12 Apr 2023 10:57:27 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-meta-mtime: 1680084860
x-amz-request-id: tx00000dbe7483a6ad44276-0065dd152a-471ab797-ams3c
x-do-cdn-uuid: 13675b4a-88fe-453f-b127-1cc8b20ab375
x-envoy-upstream-healthchecked-cluster:
x-rgw-object-type: Normal
cf-cache-status: HIT
age: 1562
accept-ranges: bytes
set-cookie: __cf_bm=eY8KNaJn6PWcvgvOV59DcBAGjUxZXmAU13Pu.T6mnNQ-1715118278-1.0.1.1-IYcFesmij__7WHOVZnahGk5M.9v7URfPC.CeNRnAfPdoIiRr9SiELF8XL2kGmmmN26lRcR80cZ0QHXzLRlwC.w; path=/; expires=Tue, 07-May-24 22:14:38 GMT; domain=.digitaloceanspaces.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 88046477abf2b503-OSL
X-Firefox-Spdy: h2
|
|
| assets.customer.io/assets/track.js | 54.230.111.127 | 200 OK | 6.8 kB |
URL GET HTTP/2assets.customer.io/assets/track.js IP54.230.111.127:443
Requested byhttps://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w0a175f2ff2t1l41jh45hm44 CertificateIssuerAmazon Subject*.customer.io Fingerprint14:0F:58:A3:B8:6F:7D:56:35:72:0F:D3:A7:0E:62:05:C5:9A:09:FC ValidityThu, 19 Oct 2023 00:00:00 GMT - Fri, 15 Nov 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (7014), with no line terminators Hash0bad357ede7923886a1f27791c8965f5 720844548f6febbea89f8733cfe2cf1b8fc4c8fb efdbf87a544b53e2e9af444b70f26cc0babf1079ae1de6cf9f4fa8af8dac3123
GET /assets/track.js HTTP/1.1
Host: assets.customer.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Mon, 15 Apr 2024 20:40:41 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: odzkoRMkQKzm9Qvmhal1oizSy3Yx3GJd
server: AmazonS3
content-encoding: gzip
date: Tue, 07 May 2024 04:42:52 GMT
etag: W/"32a8226512dd2cca5956cdb283e5bdfe"
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: lmNsWal4EnFmLk5REvjFMNNdsuG-sAxjTeG2lbDu-gm3fqbuTZLRQQ==
age: 61304
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
|
|
| static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/en-us-json-2c036c6.js | 104.18.72.113 | 200 OK | 18 kB |
URL GET HTTP/2static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/en-us-json-2c036c6.js IP104.18.72.113:443
Requested byhttps://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w0a175f2ff2t1l41jh45hm44 CertificateIssuerLet's Encrypt Subjectzdassets.com Fingerprint91:4E:55:88:20:64:B8:AA:0E:42:DA:60:4E:C8:0C:21:93:4F:B1:F7 ValidityWed, 01 May 2024 21:55:19 GMT - Tue, 30 Jul 2024 21:55:18 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /web_widget/messenger/latest/web-widget-locales/messenger/en-us-json-2c036c6.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 21:44:41 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: 8TrcB0o7gdNY2d/nv4+0MqpOQ2JmSo8z0YYKMP7plsjKuVSv0Jtj/yMxTOXeajPlp6HluUKVeF4=
x-amz-request-id: ZKNWP4HPNEMZF3PG
x-amz-replication-status: COMPLETED
last-modified: Wed, 17 Apr 2024 07:26:26 GMT
etag: W/"c138cda822782aae92a91e1f8c39fc32"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Thu, 17 Apr 2025 07:26:25 GMT
x-amz-version-id: dF1emRoZzP7OFVlBDHJaGVRRzy_B64K9
cf-cache-status: HIT
age: 37432
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X3kS3bCFMqTy9st7xqrYrWy6q9JQzFPErnlFVllUgUr8ryqMO%2FzQ8OpZ5gv70F0gt2Jzru5thO2z41dn8FPCfcbdlz2zitpqKKMPJynzT%2F3jnObPCbEeUTzOQViXhIB2JJ25Whg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-max-age: 0
server: cloudflare
cf-ray: 880464885c2f1c16-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| alphabookbet.com/assets/0.3f3ebced562425f1977c.js | 104.21.11.147 | 200 OK | 19 kB |
URL GET HTTP/3alphabookbet.com/assets/0.3f3ebced562425f1977c.js IP104.21.11.147:443
Requested byhttps://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w0a175f2ff2t1l41jh45hm44 CertificateIssuerGoogle Trust Services LLC Subjectalphabookbet.com Fingerprint24:32:C4:83:7D:C1:33:4D:0D:18:31:71:12:62:C6:5F:4E:76:A2:88 ValidityTue, 16 Apr 2024 09:14:41 GMT - Mon, 15 Jul 2024 09:14:40 GMT
File typeJavaScript source, ASCII text, with very long lines (18912) Hash8dd0657d7d425f8efa3b46796b1b09d7 ee860bba69dd136151586c63b40d2492afad209f a3985feaa01429322ae889b54857d48f4a7ba2abc7675b86c3918a7b64371e07
GET /assets/0.3f3ebced562425f1977c.js HTTP/1.1
Host: alphabookbet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w0a175f2ff2t1l41jh45hm44
Cookie: locale=en; deviceType=desktop; isPwa=false; userTrackingCodes=%7B%22btag%22%3A%22p55317p55622p2ac1%26subid%3Dw0a175f2ff2t1l41jh45hm44%22%7D; connect.sid=s%3AWpglnwRIHN7t2D-25pqN5s63FUYywB8D.FAbg8cu1wc4b9gqGFbLM%2FXGgwIhrAUSs5nsuZkShLus
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 21:44:32 GMT
content-type: application/javascript
last-modified: Thu, 02 May 2024 08:08:51 GMT
etag: W/"66334a13-4a13"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1982
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YdSJ%2FCD7OpcMt3Jln4ltJdPNatF2j7p7Se9kOyadFC78JZoOtK0XogBQ%2BQ0cwSvmvjnvXYqC3jbncdLhQuUZdeXEEJQ%2BmboevDdvN0AgiPnMxIjws10U3BWFWo9And6yqGLz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880464548e53b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.google.com/recaptcha/api2/webworker.js?hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m | 142.250.74.132 | 200 OK | 102 B |
URL GET HTTP/3www.google.com/recaptcha/api2/webworker.js?hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m IP142.250.74.132:443
Requested byhttps://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldhc0AlAAAAAJUY_BS5coGTzfWcigG8Ffq24P4i&co=aHR0cHM6Ly9hbHBoYWJvb2tiZXQuY29tOjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=9rjsjj92rqqt CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
File typeASCII text, with no line terminators Hash284b36421a1cf446f32cb8f7987b1091 eb14d6298c9da3fb26d75b54c087ea2df9f3f05f 94ab2be973685680d0be9c08d4e1a7465f3c09053cf631126bd33f49cc2f939b
GET /recaptcha/api2/webworker.js?hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldhc0AlAAAAAJUY_BS5coGTzfWcigG8Ffq24P4i&co=aHR0cHM6Ly9hbHBoYWJvb2tiZXQuY29tOjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=9rjsjj92rqqt
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/javascript; charset=utf-8
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 07 May 2024 21:44:39 GMT
date: Tue, 07 May 2024 21:44:39 GMT
cache-control: private, max-age=300
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| alphabookbet.com/assets/main.3cfe049b9baf815f4988.css | 104.21.11.147 | 200 OK | 111 kB |
URL GET HTTP/3alphabookbet.com/assets/main.3cfe049b9baf815f4988.css IP104.21.11.147:443
Requested byhttps://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w0a175f2ff2t1l41jh45hm44 CertificateIssuerGoogle Trust Services LLC Subjectalphabookbet.com Fingerprint24:32:C4:83:7D:C1:33:4D:0D:18:31:71:12:62:C6:5F:4E:76:A2:88 ValidityTue, 16 Apr 2024 09:14:41 GMT - Mon, 15 Jul 2024 09:14:40 GMT
Size111 kB (110724 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /assets/main.3cfe049b9baf815f4988.css HTTP/1.1
Host: alphabookbet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w0a175f2ff2t1l41jh45hm44
Cookie: locale=en; deviceType=desktop; isPwa=false; userTrackingCodes=%7B%22btag%22%3A%22p55317p55622p2ac1%26subid%3Dw0a175f2ff2t1l41jh45hm44%22%7D; connect.sid=s%3AWpglnwRIHN7t2D-25pqN5s63FUYywB8D.FAbg8cu1wc4b9gqGFbLM%2FXGgwIhrAUSs5nsuZkShLus
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 21:44:32 GMT
content-type: text/css
last-modified: Thu, 02 May 2024 08:08:51 GMT
etag: W/"66334a13-1b084"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1998
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B1SBUba%2FB8%2B37Hss78ck3oPbARekC%2B%2FAOUusEPhK4aHqsfKZMKX%2BuFWONAgAv9Yo3bED0HOyL88%2FrLAuyWkZreo9uAY8o6cIuqbGKSJgr3CXHu6y8Uh%2FXP73fPSk%2BcBmZVFV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880464539d40b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ekr.zdassets.com/compose/78a84f04-0f2c-44f9-9c19-d4e3dd5a5974 | 104.18.70.113 | 200 OK | 1.2 kB |
URL GET HTTP/2ekr.zdassets.com/compose/78a84f04-0f2c-44f9-9c19-d4e3dd5a5974 IP104.18.70.113:443
Requested byhttps://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w0a175f2ff2t1l41jh45hm44 CertificateIssuerLet's Encrypt Subjectzdassets.com Fingerprint91:4E:55:88:20:64:B8:AA:0E:42:DA:60:4E:C8:0C:21:93:4F:B1:F7 ValidityWed, 01 May 2024 21:55:19 GMT - Tue, 30 Jul 2024 21:55:18 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (1301), with no line terminators Hashc8b1a060cd402f48315a4be2ad02eb28 53869f14ed7489ead8a4f4e44f7188dcaea18bae 8dc3d242ca7fbe2ad67d37e2414e93bfe388fa39f115dc21578e30e764876086
GET /compose/78a84f04-0f2c-44f9-9c19-d4e3dd5a5974 HTTP/1.1
Host: ekr.zdassets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alphabookbet.com/
Origin: https://alphabookbet.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 21:44:38 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-expose-headers:
access-control-max-age: 7200
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cdn-cache-control: max-age=60
vary: Accept, Origin, Accept-Encoding
cache-control: max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
etag: W/"1a5e1d63ab8087fc1adc34b5ea3de993"
x-request-id: 8800d3ca89900315-SEA, 8800d3ca89900315-SEA
x-runtime: 0.011406
x-zendesk-zorg: yes
cf-cache-status: HIT
age: 23
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HAHVYjPzbSgt5zPSeaabnlT60nbzormuIt9xVn%2FQ3p%2BPhCinjOhFB2BUMGb2kvRHZovZsIoKsKwGUeozI1A4fcZwN1031IaGRRgUM3Fn1PdUT%2Byu8tTBVJxN%2BOyjQu1P8qU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 8804647aab56569c-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| alphabookbet.com/assets/public/images/transparent-pixel.png | 104.21.11.147 | 200 OK | 68 B |
URL GET HTTP/3alphabookbet.com/assets/public/images/transparent-pixel.png IP104.21.11.147:443
Requested byhttps://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w0a175f2ff2t1l41jh45hm44 CertificateIssuerGoogle Trust Services LLC Subjectalphabookbet.com Fingerprint24:32:C4:83:7D:C1:33:4D:0D:18:31:71:12:62:C6:5F:4E:76:A2:88 ValidityTue, 16 Apr 2024 09:14:41 GMT - Mon, 15 Jul 2024 09:14:40 GMT
File typePNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced Hash978c1bee49d7ad5fc1a4d81099b13e18 afcb011cfe6b924f202ee9544f17f631b32a01b1 93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
GET /assets/public/images/transparent-pixel.png HTTP/1.1
Host: alphabookbet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w0a175f2ff2t1l41jh45hm44
Cookie: locale=en; deviceType=desktop; isPwa=false; userTrackingCodes=%7B%22btag%22%3A%22p55317p55622p2ac1%26subid%3Dw0a175f2ff2t1l41jh45hm44%22%7D; connect.sid=s%3AWpglnwRIHN7t2D-25pqN5s63FUYywB8D.FAbg8cu1wc4b9gqGFbLM%2FXGgwIhrAUSs5nsuZkShLus
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 21:44:35 GMT
content-type: image/png
last-modified: Thu, 02 May 2024 08:08:51 GMT
etag: W/"66334a13-44"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6071
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jw3k4AZM2KeqaGP1jOMsl%2BbACzvcYK6fwsv17YEOJ8tNZz77Bvb42ZDovp%2Bo5ZWQ9YYnbzMP38mvShnwzJfqdj2MgUqAjx%2FesQ3bwDZIrryxRAPDAo7nP0vqCcpwThSaQmot"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880464644defb51d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| alphabookbet.com/assets/public/images/footer-social/instagram.png | 104.21.11.147 | 200 OK | 2.7 kB |
URL GET HTTP/3alphabookbet.com/assets/public/images/footer-social/instagram.png IP104.21.11.147:443
Requested byhttps://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w0a175f2ff2t1l41jh45hm44 CertificateIssuerGoogle Trust Services LLC Subjectalphabookbet.com Fingerprint24:32:C4:83:7D:C1:33:4D:0D:18:31:71:12:62:C6:5F:4E:76:A2:88 ValidityTue, 16 Apr 2024 09:14:41 GMT - Mon, 15 Jul 2024 09:14:40 GMT
File typePNG image data, 64 x 64, 8-bit colormap, non-interlaced Hash7056802adf484911665fcd12d1e06a45 703455ae6072f8602aad02db350a2ac9af1dd0a5 f3ace30a9594df8d18e1dd8d06e371a8f624a16dc149bb04c3fdcef9d8a2c26b
GET /assets/public/images/footer-social/instagram.png HTTP/1.1
Host: alphabookbet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alphabookbet.com/en/games?partner=p55317p55622p2ac1&subid=w0a175f2ff2t1l41jh45hm44
Cookie: locale=en; deviceType=desktop; isPwa=false; userTrackingCodes=%7B%22btag%22%3A%22p55317p55622p2ac1%26subid%3Dw0a175f2ff2t1l41jh45hm44%22%7D; connect.sid=s%3AWpglnwRIHN7t2D-25pqN5s63FUYywB8D.FAbg8cu1wc4b9gqGFbLM%2FXGgwIhrAUSs5nsuZkShLus
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 21:44:32 GMT
content-type: image/png
last-modified: Thu, 02 May 2024 08:08:51 GMT
etag: W/"66334a13-aa9"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5706
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TTGpaJthYfc8CKC%2F85WSllp1tQGcXLGYeee041MXwQKIwEOszMr1CS4PLMOj2XehS2zBzWmOwptd6r92jLtiZbunS%2FXJy%2BRjlbHH1oSDhrg2IeekvSNlgvVpdtL%2BAkymuxg0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880464540dd0b51d-OSL
alt-svc: h3=":443"; ma=86400
|
|