Report - au3v.org/

Report Overview

Submitted URL
au3v.org/
IP
64.225.91.73
ASN
#14061 DIGITALOCEAN-ASN
Submitted
2023-02-01 11:19:07
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
cdnstatic.cyber.bet	unknown	2021-04-30T21:09:27Z	2023-03-08T06:52:57Z	5.5 kB	176 kB	54.230.111.5
cyber.bet	658696	2019-03-07T04:37:47Z	2023-03-13T06:02:01Z	9.5 kB	466 kB	172.66.43.156
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-13T08:44:36Z	2.4 kB	83 kB	142.250.74.163
notix.io	14765	2020-08-20T15:14:00Z	2023-03-13T08:13:06Z	2.6 kB	29 kB	139.45.240.92
zeniocloud.com	unknown	2022-02-16T16:44:21Z	2023-03-13T06:59:01Z	387 B	167 B	167.114.67.56
cdnjs.cloudflare.com	235	2015-04-17T22:46:33Z	2023-03-13T05:09:21Z	406 B	29 kB	104.17.25.14
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	52.40.156.208
br.betano.com	227158	2020-08-11T14:11:39Z	2023-03-13T06:03:52Z	1.0 kB	1.4 kB	104.17.85.89
au3v.org	unknown	2021-08-27T00:35:07Z	2023-01-31T12:18:49Z	628 B	1.1 kB	64.225.91.73
img.sedoparking.com	54200	2013-04-23T00:23:29Z	2023-03-13T05:39:39Z	315 B	4.8 kB	205.234.175.175
link.affiliates.cyber.bet	unknown	2022-05-23T16:23:27Z	2023-03-13T06:01:56Z	581 B	1.0 kB	172.66.43.156
cdn.jsdelivr.net	439	2012-09-30T02:15:09Z	2023-03-13T06:17:54Z	395 B	15 kB	151.101.65.229
ocsp.globalsign.com	2075	2012-07-20T19:46:16Z	2023-03-13T05:09:19Z	368 B	1.9 kB	104.18.21.226
www.google.no	25607	2016-04-05T21:50:59Z	2023-03-13T06:26:15Z	475 B	578 B	142.250.74.163
adjs.media	unknown	2022-07-29T23:56:23Z	2023-03-10T15:55:14Z	369 B	4.3 kB	104.21.57.187
gml-grp.com	57135	2020-04-03T17:53:54Z	2023-03-13T06:53:41Z	903 B	3.1 kB	188.114.97.1
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	3.7 kB	9.8 kB	23.36.76.226
pj.l.admedo.com	81464	2018-08-31T03:52:54Z	2023-03-13T09:09:05Z	366 B	506 B	54.230.111.20
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	5.5 kB	11 kB	142.250.74.131
backend.cyberbet.academy	unknown	2020-06-11T19:59:41Z	2023-03-07T08:21:53Z	2.4 kB	4.4 kB	34.254.83.154
xml.sedodna.com	278378	2020-10-22T10:18:03Z	2023-03-13T05:42:37Z	399 B	278 B	173.239.53.32
domaincntrol.com	274993	2018-01-06T23:46:59Z	2023-03-13T08:48:52Z	434 B	590 B	172.67.68.176
ajax.googleapis.com	12905	2013-08-16T11:51:31Z	2023-03-13T08:37:09Z	385 B	32 kB	142.250.74.42
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-13T08:28:24Z	375 B	73 kB	142.250.74.168
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
ww2.au3v.org	unknown	2023-01-31T06:05:47Z	2023-01-31T18:36:46Z	2.5 kB	3.8 kB	64.190.63.136
orest-vlv.com	unknown	2023-01-16T11:21:19Z	2023-03-13T02:10:56Z	1.6 kB	3.8 kB	52.7.54.238
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-13T06:00:13Z	2.7 kB	4.6 kB	93.184.220.29
my.rtmark.net	9054	2015-02-04T10:54:57Z	2023-03-13T05:11:40Z	2.5 kB	3.8 kB	139.45.195.8
alexatracker.com	unknown	2020-10-28T19:44:06Z	2023-03-13T06:59:02Z	420 B	984 B	104.21.85.99
static.cyber.bet	unknown	2020-10-09T19:12:55Z	2023-03-07T08:21:53Z	6.0 kB	24 kB	172.66.43.156
pool.admedo.com	4728	2014-03-06T15:36:11Z	2023-03-12T19:51:07Z	750 B	775 B	35.210.53.219
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
ocsp.sca1b.amazontrust.com	1015	2017-03-03T16:20:51Z	2019-03-27T05:05:54Z	1.8 kB	4.7 kB	54.230.245.100
e1.o.lencr.org	6159	2021-08-20T09:36:30Z	2023-03-13T05:21:46Z	1.0 kB	2.2 kB	23.36.76.226
xml-v4.gipostart-2.co	unknown	2023-01-25T14:43:19Z	2023-03-12T01:39:09Z	406 B	268 B	173.239.53.32
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-13T07:36:03Z	366 B	21 kB	142.250.74.110
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-13T08:14:31Z	430 B	1.5 kB	142.250.74.106
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.8 kB	63 kB	34.120.237.76

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-02-01	medium	cyber.bet/land/casino_red_pbn868/img/logo.svg	Malware
2023-02-01	medium	cyber.bet/land/casino_red_pbn868/css/style.css?v=1	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (43)

	URL	Size	First Seen	Last Seen
	cyber.bet/land/casino_red_pbn868/?cid=63da4aa48002f10001b4598a&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_casino&promocode=CYBERMAXCAS&subid2=&subid3=&aff_bnnr=&aff_land=1666276955	739 B	2023-03-10	2024-01-26
Pretty URL cyber.bet/land/casino_red_pbn868/?cid=63da4aa48002f10001b4598a&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_casino&promocode=CYBERMAXCAS&subid2=&subid3=&aff_bnnr=&aff_land=1666276955 IP 172.66.43.156 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 06:49:08 Last Seen2024-01-26 23:34:57 Times Seen39 Hash dda0c4c5c9e00b5c718403e613cf2d57 dad1499931e90b20118a8ec383e109c61e40f207 c1931e011368966ab988daf963cbbbe32251588a274f432406550ea02f781db0 Loading...

	pj.l.admedo.com/admtracker.lib.min.js	5.4 kB	2023-03-10	2023-05-13
Pretty URL pj.l.admedo.com/admtracker.lib.min.js IP 54.230.111.20 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 06:49:08 Last Seen2023-05-13 12:33:22 Times Seen8 Hash 5a420213029638ecea775a40089898aa 17ca797e031f3383df78562421115476d8ffb00a 412c173f93136f00006d6941a755fc6b84e29ea6a772cd274a668deef3e77dd1 Loading...

	orest-vlv.com/zcredirect?visitid=38217d27-a222-11ed-8616-0a0e2c5b0e1d&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false	76 B	2023-03-13	2023-03-13
Pretty URL orest-vlv.com/zcredirect?visitid=38217d27-a222-11ed-8616-0a0e2c5b0e1d&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false IP 52.7.54.238 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:07:50 Last Seen2023-03-13 14:07:50 Times Seen1 Hash 52be0ccbaeec9eab63601dcd41c7a0d2 3e7d874a664815d3a38f3129b8c0674ee6306440 c139e0d86af8ae05bf3bf515e4e1c70d01926a1663efa8facb8e36226bad2dd5 Loading...

	cyber.bet/land/js/locales/base/locales.js	18 kB	2023-03-11	2023-03-13
Pretty URL cyber.bet/land/js/locales/base/locales.js IP 172.66.43.156 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:37:10 Last Seen2023-03-13 20:30:42 Times Seen1 Hash da171d6428ea339c35467233f6059b92 21daf450888f9902edac2386849f1cb2672f52bc 655ab4745a46082bf9d1507abf92be57c1b35be4591a6d1b9fd6fc96f4747c4c Loading...

	cdnstatic.cyber.bet/js/fp.js	533 B	2023-03-10	2023-10-09
Pretty URL cdnstatic.cyber.bet/js/fp.js IP 54.230.111.5 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 06:49:08 Last Seen2023-10-09 15:18:47 Times Seen13 Hash d1abfbe2c5b50e7f427e41c79197dcd3 01f6142a97168fd15da33334c35ce351d676ed08 7266855231eab7a13a11e53e9df50e1c84582649d9708e9a8f72d62e8af8b569 Loading...

	cyber.bet/land/casino_red_pbn868/?cid=63da4aa48002f10001b4598a&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_casino&promocode=CYBERMAXCAS&subid2=&subid3=&aff_bnnr=&aff_land=1666276955	1.6 kB	2023-03-10	2024-01-26
Pretty URL cyber.bet/land/casino_red_pbn868/?cid=63da4aa48002f10001b4598a&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_casino&promocode=CYBERMAXCAS&subid2=&subid3=&aff_bnnr=&aff_land=1666276955 IP 172.66.43.156 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 06:49:08 Last Seen2024-01-26 23:34:57 Times Seen39 Hash 563c19e863e3315d859414dd57018095 8a7bc9fa92864a5d6cbbceaedd1b5692776627fb 5214dde220113de229b3ea10c1ea4afa3dce510dd4c1deee822534bc62166dd1 Loading...

	www.googletagmanager.com/gtag/js?id=G-8FYNJV02NV&l=dataLayer&cx=c	217 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtag/js?id=G-8FYNJV02NV&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:07:50 Last Seen2023-03-13 14:07:50 Times Seen1 Hash 0c4be040dcf241a5924c0d46bcb33865 611a8abb677c47c9be31ac3621da2e87daa98164 42098a645da7cd34c7480c444c098d85e4ecd2310edca1c84dd3edef26f142db Loading...

	my.rtmark.net/p.js?f=sync&lr=1&partner=8e97412bbf131fc32a987c97dde0d541fb4fd37a10ecec825f7a91e7042f6f9f	697 B	2023-03-11	2023-05-22
Pretty URL my.rtmark.net/p.js?f=sync&lr=1&partner=8e97412bbf131fc32a987c97dde0d541fb4fd37a10ecec825f7a91e7042f6f9f IP 139.45.195.8 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:37:10 Last Seen2023-05-22 14:54:42 Times Seen5 Hash 5d4584e4549c2c67b3b1014412127d86 878b05105062900e6df717dba698aab39b9476d8 383fd07eb50f0e9605a08083c372046f06511da2037d6dd5c0301bb8478ec55b Loading...

	notix.io/ent/current/enot.min.js	83 kB	2023-03-13	2023-03-13
Pretty URL notix.io/ent/current/enot.min.js IP 139.45.240.92 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:07:50 Last Seen2023-03-13 14:07:50 Times Seen1 Hash 4e51831970ed056f2f59d5aa5449e8de 125eaea51d69fc7023938acb92557bbe6796419c b6c8bf82c61386f11e6dcf39445d858a8d14b28f504afc968f85254603ac127e Loading...

	cdnstatic.cyber.bet/js/libs/phone/intlTelInput.js	88 kB	2023-03-07	2024-04-23
Pretty URL cdnstatic.cyber.bet/js/libs/phone/intlTelInput.js IP 54.230.111.5 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:38:25 Last Seen2024-04-23 14:42:28 Times Seen89 Hash c73ba86bd67306c5889e9aac41e959e0 fff500c277ef00fd6cfc115b5e94f9281ac8d8cc 9b2b5fa78ba1f9424d7e85b0d2f160a8df6068d911dc1cfe26f78fb78d1d7172 Loading...

	cyber.bet/land/casino_red_pbn868/?cid=63da4aa48002f10001b4598a&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_casino&promocode=CYBERMAXCAS&subid2=&subid3=&aff_bnnr=&aff_land=1666276955	297 B	2023-03-13	2023-03-13
Pretty URL cyber.bet/land/casino_red_pbn868/?cid=63da4aa48002f10001b4598a&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_casino&promocode=CYBERMAXCAS&subid2=&subid3=&aff_bnnr=&aff_land=1666276955 IP 172.66.43.156 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:53:08 Last Seen2023-03-13 14:07:50 Times Seen1 Hash 370140cec0bb00e78ec92d594d6dc932 bcab744171105330217876044595e0268ea2c388 857973432ed5f7fdb43dcc734ddf4dbc46cc9925aa90e7c9eb264cca15c3cd1d Loading...

	my.rtmark.net/p.js?f=sync&lr=1&partner=ba0d5680aec92ed9c5c9da2be8d0e8a3a577866b71c7089a32ed732bc1246910	697 B	2023-03-10	2024-01-26
Pretty URL my.rtmark.net/p.js?f=sync&lr=1&partner=ba0d5680aec92ed9c5c9da2be8d0e8a3a577866b71c7089a32ed732bc1246910 IP 139.45.195.8 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 06:49:08 Last Seen2024-01-26 23:34:58 Times Seen71 Hash bb07e31c2c066db5c4b3259d1f69a442 db79e9d4a817ce703b11b65faf2ba097228063b2 d96b7a3f7fe0803348c6ea7cd2f02b2a3d96feabac2339d2f89033336f6583a8 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-12	2024-04-15
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.110 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:46:21 Last Seen2024-04-15 18:54:35 Times Seen35101 Hash 54e51056211dda674100cc5b323a58ad 26dc5034cb6c7f3bbe061edd37c7fc6006cb835b 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js	90 kB	2023-03-07	2024-04-24
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-24 16:52:09 Times Seen138967 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	au3v.org/	142 B	2023-03-07	2023-03-17
Pretty URL au3v.org/ IP 64.225.91.73 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:05 Last Seen2023-03-17 12:54:28 Times Seen1 Hash 684d594f850e0ad8681baa04fe3e9fbb 44b967e247ad29272305184c4c1536c433fd0f4b a293c4c83524d36d1dbe0da94053a3e4f0fc05479eb9ca1f4652e76373238b21 Loading...

	orest-vlv.com/zcvisitor/38217d27-a222-11ed-8616-0a0e2c5b0e1d/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=382f5fdc-a222-11ed-8616-0a0e2c5b0e1d	849 B	2023-03-13	2023-03-13
Pretty URL orest-vlv.com/zcvisitor/38217d27-a222-11ed-8616-0a0e2c5b0e1d/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=382f5fdc-a222-11ed-8616-0a0e2c5b0e1d IP 52.7.54.238 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:07:50 Last Seen2023-03-13 14:07:50 Times Seen1 Hash f0ec98cb046dc91e1589d6cb9a648392 879ad1f5c50ca732768cbd6a7f47336ee2a63930 8dd380698ffa7da781b54b7bc51bc74569cc898e3e0a01c502512682babe4abe Loading...

	cdnstatic.cyber.bet/js/global.js	71 kB	2023-03-10	2023-03-13
Pretty URL cdnstatic.cyber.bet/js/global.js IP 54.230.111.5 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 06:49:08 Last Seen2023-03-13 15:08:47 Times Seen1 Hash 8943965f22a29b6f800a98e0eaed584f 1cfa4c3d79808cce1785967a637819b88a9d11f5 3655c70a4699f50b8ffedcba2985671c7c8788b6a73e665e45515e6b8e69e3db Loading...

	cyber.bet/land/casino_red_pbn868/?cid=63da4aa48002f10001b4598a&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_casino&promocode=CYBERMAXCAS&subid2=&subid3=&aff_bnnr=&aff_land=1666276955	331 B	2023-03-10	2023-10-09
Pretty URL cyber.bet/land/casino_red_pbn868/?cid=63da4aa48002f10001b4598a&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_casino&promocode=CYBERMAXCAS&subid2=&subid3=&aff_bnnr=&aff_land=1666276955 IP 172.66.43.156 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 06:49:08 Last Seen2023-10-09 15:18:47 Times Seen7 Hash b9c3d6bdb1ffaf083e5e1b6358a294c4 d2ff06cef74700843afc99a78e8bc4703de02ade 62c732a98ac2767df6e93c610f50aa9f95f7d8892da7e3c2811a9f002f4316c8 Loading...

	ww2.au3v.org/	1.1 kB	2023-03-13	2023-03-13
Pretty URL ww2.au3v.org/ IP 64.190.63.136 ASN #47846 SEDO GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:07:50 Last Seen2023-03-13 14:07:50 Times Seen1 Hash 4f20f39abd0bea6efbee0daf12a907fe f0c45e488deb21389d385eadc265618f3442d6af 66f10a33a988e0d3f7cdd4a09dc6291a6c34335432f6a83444581276ee8d525c Loading...

	cyber.bet/land/casino_red_pbn868/?cid=63da4aa48002f10001b4598a&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_casino&promocode=CYBERMAXCAS&subid2=&subid3=&aff_bnnr=&aff_land=1666276955	361 B	2023-03-11	2023-03-13
Pretty URL cyber.bet/land/casino_red_pbn868/?cid=63da4aa48002f10001b4598a&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_casino&promocode=CYBERMAXCAS&subid2=&subid3=&aff_bnnr=&aff_land=1666276955 IP 172.66.43.156 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:37:10 Last Seen2023-03-13 20:30:42 Times Seen1 Hash 3cbf10b07991ac2d8d6a179fb9602a72 8f341726913948dfb589ba214e8b46a08d9726ba 09bebddd017c2158b5815526c65988227cb021c77df3951eb2b12634e404c65c Loading...

	cyber.bet/land/casino_red_pbn868/?cid=63da4aa48002f10001b4598a&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_casino&promocode=CYBERMAXCAS&subid2=&subid3=&aff_bnnr=&aff_land=1666276955	1.1 kB	2023-03-11	2023-03-13
Pretty URL cyber.bet/land/casino_red_pbn868/?cid=63da4aa48002f10001b4598a&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_casino&promocode=CYBERMAXCAS&subid2=&subid3=&aff_bnnr=&aff_land=1666276955 IP 172.66.43.156 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:37:10 Last Seen2023-03-13 14:07:50 Times Seen1 Hash 004161e7cdab126b2367bd36b867988d e847736f0b3b8e02c9ac741f026fc0ec6ab3e8c1 8932151e70d95c79c17aa5ad2a0793ece771573479b7f6a9a2bf8290e5007be7 Loading...

	cdnstatic.cyber.bet/js/geoMapping.js	443 B	2023-03-10	2023-10-09
Pretty URL cdnstatic.cyber.bet/js/geoMapping.js IP 54.230.111.5 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 06:49:08 Last Seen2023-10-09 15:18:47 Times Seen12 Hash 2f6043a16c26cde9a190dbb829b5519c 791479cfced1a000ef6411990f1c4bba615b6b4c f9dfb0c2f94be90f2cdeb66286b36cdeb5d8fb0fbb9f28b1e1d3d99a3780306a Loading...

	cdnstatic.cyber.bet/js/libs/phone/utils.js	245 kB	2023-03-07	2024-04-18
Pretty URL cdnstatic.cyber.bet/js/libs/phone/utils.js IP 54.230.111.5 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:38:25 Last Seen2024-04-18 11:23:34 Times Seen455 Hash 8f3a2154b225b6257161c4dfc9b89c9c 16b798cbb9e22cd4e1d710a8de7b12734551ca00 acaefecc2a438420ae02baa357bb498ac4abec71c80ba9e3c2b7079cacf256c2 Loading...

	cdnstatic.cyber.bet/js/libs/iso3to2.js	4.1 kB	2023-03-10	2023-05-22
Pretty URL cdnstatic.cyber.bet/js/libs/iso3to2.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 06:49:08 Last Seen2023-05-22 14:54:42 Times Seen5 Hash db031116c7888248916813c60a4cce2b 34bf6f00efd8944708b1a819d56cbbbe4715a069 41393b689fa5ab55cc3783118cf6c8eeb8ab4b5972cb4a7736c47837f5b461fd Loading...

	unknown	0 B	2023-03-07	2024-04-24
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-24 17:17:55 Times Seen37041966 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	cdnstatic.cyber.bet/js/payments.js	1.2 kB	2023-03-11	2023-05-19
Pretty URL cdnstatic.cyber.bet/js/payments.js IP 54.230.111.5 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:37:10 Last Seen2023-05-19 19:23:42 Times Seen2 Hash 86e0165b432077320adbf690e339604e 37c74e9724bb46c7596b23bf3df45f64449cb94a f2812c1ded3ff4e7051c5866040b0e90b1dfdf6b3d10588dd200d00199d13ae8 Loading...

	adjs.media/hit/cyberbet.gif?date=1675250362324&page=https%3A%2F%2Fcyber.bet%2Fland%2Fcasino_red_pbn868%2F%3Fcid%3D63da4aa48002f10001b4598a%26pid%3D8425%26subid1%3D%26affs%3D1%26sid%3Daffs%26utm_medium%3Drevshare%26utm_source%3Daffise%26utm_campaign%3D53_casino%26promocode%3DCYBERMAXCAS%26subid2%3D%26subid3%3D%26aff_bnnr%3D%26aff_land%3D1666276955&ref=http%3A%2F%2Forest-vlv.com%2F&tid=tid-2e6f9f091.435933926	74 kB	2023-03-13	2023-03-13
Pretty URL adjs.media/hit/cyberbet.gif?date=1675250362324&page=https%3A%2F%2Fcyber.bet%2Fland%2Fcasino_red_pbn868%2F%3Fcid%3D63da4aa48002f10001b4598a%26pid%3D8425%26subid1%3D%26affs%3D1%26sid%3Daffs%26utm_medium%3Drevshare%26utm_source%3Daffise%26utm_campaign%3D53_casino%26promocode%3DCYBERMAXCAS%26subid2%3D%26subid3%3D%26aff_bnnr%3D%26aff_land%3D1666276955&ref=http%3A%2F%2Forest-vlv.com%2F&tid=tid-2e6f9f091.435933926 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:07:50 Last Seen2023-03-13 14:07:50 Times Seen1 Hash abb0738c44f76edfd3cdaf19507e82e0 7585ba89cb9d412e68ca3f6520f6cd1340453fe2 bc4370a74f5d83396a73340a9c61a414f184f1cae04bf168c97d7673eb8d03ca Loading...

	zeniocloud.com/bQIA.js?prid=63da4aa48002f10001b4598a&sub2=	609 B	2023-03-13	2023-03-13
Pretty URL zeniocloud.com/bQIA.js?prid=63da4aa48002f10001b4598a&sub2= IP 167.114.67.56 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:07:50 Last Seen2023-03-13 14:07:50 Times Seen1 Hash 592c1e2cec6fe8c469ddf2f577e4bb2e 6e7d2deaf890a03d6be4c8a08706d987c0baf0cd f4afbbc51196bb5e26bc9a54500654c4f91db235e66dd7b0b54e2c517042637d Loading...

	adjs.media/resources/content/cyberbet.js	2.9 kB	2023-03-11	2023-03-13
Pretty URL adjs.media/resources/content/cyberbet.js IP 104.21.57.187 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:37:10 Last Seen2023-03-13 14:07:50 Times Seen1 Hash 35f64d84a87e294df06ccb45c66299e9 65b9b05c0e1e883de9c3cc693c8b0bbf6263affe bd06ea929f643a4924378f7eca9deb90338641d78d4f71fe16b0a0f4eeee69ff Loading...

	scripts.prdredir.com/safeframe	3.6 kB	2023-03-07	2023-04-05
Pretty URL scripts.prdredir.com/safeframe IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-04-05 01:45:10 Times Seen18 Hash 94ddf5c543e810ada88812cdb346392a a4414d0d384c7d405d8f23fcaf18ee61d8895cce 513a33d7b370a1a09ffe81463bd0575c9d697b21a4f97ef09d25543ddf3bd1b1 Loading...

	scripts.prdredir.com/safeframe	173 B	2023-03-07	2023-04-05
Pretty URL scripts.prdredir.com/safeframe IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-04-05 01:45:10 Times Seen18 Hash ed2ee4ac79bc7af5967acee3f32c0b7c ce88dc9a9fb3501823b374291671d5016581a8de 975e4354b54fbad37d4342e331a35b41188179551e25da7bd06bda1d5649fb76 Loading...

	www.googletagmanager.com/gtag/destination?id=G-ZK6ZSCE3G7&l=dataLayer&cx=c	223 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtag/destination?id=G-ZK6ZSCE3G7&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:07:50 Last Seen2023-03-13 14:07:50 Times Seen1 Hash 2f1397c5e378671f38d316f40433fe6d d0eeeaf57291529db83c0becc7fb20d3f620e641 b6b83e462582ca2a3dd8a7a1fbcf1c4cbcfc1d5ccbec56ed9e50301ef110be09 Loading...

	cdnstatic.cyber.bet/js/libs/jquery.nice-select.min.js	2.9 kB	2023-03-07	2024-04-18
Pretty URL cdnstatic.cyber.bet/js/libs/jquery.nice-select.min.js IP 54.230.111.5 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01:42 Last Seen2024-04-18 22:13:37 Times Seen748 Hash 4e2def5093eb4c4281624db4a5aa8f9c c3b8e8919f96d8d34594f111b95586ec28545a36 b73acfa96127f9a41a2c76fcf2196d37ff818460d02d48415770979eb59e4f3a Loading...

	cyber.bet/land/casino_red_pbn868/?cid=63da4aa48002f10001b4598a&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_casino&promocode=CYBERMAXCAS&subid2=&subid3=&aff_bnnr=&aff_land=1666276955	565 B	2023-03-11	2023-03-13
Pretty URL cyber.bet/land/casino_red_pbn868/?cid=63da4aa48002f10001b4598a&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_casino&promocode=CYBERMAXCAS&subid2=&subid3=&aff_bnnr=&aff_land=1666276955 IP 172.66.43.156 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:37:10 Last Seen2023-03-13 14:07:50 Times Seen1 Hash a0900c7ddb3264295fcebea2cd040092 33ea5caea85c77c8f166fca31e328e7b8f16fd38 b477476f55641adb36fa66f09bfd40c2436de66dd068612dadf2740517fb3a86 Loading...

	scripts.prdredir.com/scripts/k_cyberbet.js	800 B	2023-03-07	2024-03-04
Pretty URL scripts.prdredir.com/scripts/k_cyberbet.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:16 Last Seen2024-03-04 05:46:49 Times Seen486 Hash 62c934c5559915e05c14fc88e1e24211 5261bbc42669d8dd1f9f90204a350faab0d9098f 95d838de11136e7964ca0eaa375bf294d19a0b15880a014338e0a5d9d8e05385 Loading...

	cdnstatic.cyber.bet/js/currencyMapping.js	16 kB	2023-03-10	2023-03-13
Pretty URL cdnstatic.cyber.bet/js/currencyMapping.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 06:49:08 Last Seen2023-03-13 20:30:42 Times Seen1 Hash 2a3d85d14eaeaac04949a29f3c94c548 8d14a1f32ac11f78446fdfb26d24d0944780b626 af9a360f190345d8781bcd1955ca7d5d40c9e8c95f4e096fef7c825500c9b740 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 1bdddf0717a25257dc9b5f41948293bc	82 B	2023-03-10	2024-01-26
Pretty Observations First Seen2023-03-10 06:49:09 Last Seen2024-01-26 23:34:58 Times Seen38 Hash 1bdddf0717a25257dc9b5f41948293bc 7473e1698e1de047889207ef0e7ead943a438873 5cf62f23df0a9958ae85f7aca4742e41cc2193224a7b240b883442442ba0b62d Loading...

	#2 Eval - c8c66afc783afdaa5ccb23de68b346c3	74 B	2023-03-07	2024-04-10
Pretty Observations First Seen2023-03-07 01:03:02 Last Seen2024-04-10 12:39:55 Times Seen293 Hash c8c66afc783afdaa5ccb23de68b346c3 cb571480a4ffd5ead7677c6e63e5206f6f8d1ee6 a23001dc0a49b03a2c257d85dec6791ab3b81ab3e971cb6e0d38ae1be1473100 Loading...

	#3 Eval - fea868702356dd2f7073216002d4e759	58 B	2023-03-10	2023-10-09
Pretty Observations First Seen2023-03-10 06:49:08 Last Seen2023-10-09 15:18:47 Times Seen7 Hash fea868702356dd2f7073216002d4e759 3625a96c014974f566f41516b38447929dafb5e4 1d9b92eafcbdd9c3b487de09e8e76b0c25552c9d60daf73cde231b16788b0b83 Loading...

	#4 Eval - 0850b953a585b70b1afa351a40444c84	81 B	2023-03-10	2024-01-26
Pretty Observations First Seen2023-03-10 06:49:09 Last Seen2024-01-26 23:34:58 Times Seen39 Hash 0850b953a585b70b1afa351a40444c84 9d81b6cf79a23fafc4f0b5f5077a622fbd88959a 29d16afb11928cf04fe3eb6ec9937a4d7f5321257ce886d2918cb5d09d0cd044 Loading...

	#5 Eval - 14faeed9447073abce7e4bd2df76bd8e	209 B	2023-03-07	2024-04-24
Pretty Observations First Seen2023-03-07 01:32:33 Last Seen2024-04-24 16:00:14 Times Seen283 Hash 14faeed9447073abce7e4bd2df76bd8e b786cd710b75c9d2cd0c54ddfba101030cae0220 0cfc8f57ea174bb9e3a746405077c0156867dc3a2dc5901ae81c4b52e82a80ab Loading...

	#6 Eval - ec5836df6eeba268a0fc3eb8119d3824	65 B	2023-03-10	2024-01-26
Pretty Observations First Seen2023-03-10 06:49:09 Last Seen2024-01-26 23:34:58 Times Seen39 Hash ec5836df6eeba268a0fc3eb8119d3824 df817559287b119c318901c4de5cc04f42c816ef 7c3aab0ec1bedd74fec8eb4338a8ec29d5548db5b99bdc031bcb1b939820711c Loading...

	#7 Eval - 7269d0b2114cacaedb0519b785487922	84 B	2023-03-08	2024-04-24
Pretty Observations First Seen2023-03-08 01:40:31 Last Seen2024-04-24 16:00:14 Times Seen49 Hash 7269d0b2114cacaedb0519b785487922 db531ec467b76eb36dbe13c5a33d7b87099c6107 792f580a888b462212032166a87582b6c764e5a166b54faa0c3fffdfa6a95b1f Loading...

HTTP Transactions (144)

URL IP Response Size

au3v.org/

64.225.91.73

200 OK

329 B

URL HTTP/1.1
au3v.org/
IP
64.225.91.73:0
ASN
#14061 DIGITALOCEAN-ASN

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
329 B (329 bytes)
Hash
ecbcb8bae64098de3e587487b474f8b8
e275409fb40ea27c3826af493f70faf147d0f995
2597a3f2418586d8a9fb0764743a84486ba066c6af3ff194922fb6c65a783688

HTTP Headers

GET / HTTP/1.1
Host: au3v.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 01 Feb 2023 11:18:56 GMT
content-type: text/html
last-modified: Wed, 12 Jan 2022 17:20:45 GMT
etag: W/"61df0ded-1ad"
content-encoding: gzip
transfer-encoding: chunked

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7e05c8461bd2dc5a149f71e2c465ea29
705983959c887e243cb55a8a1796757b579ee977
4d9ea085d5dda9dabed11af9847c2b0aa6182358673b356a4e2bd631e22a9922

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D9EA085D5DDA9DABED11AF9847C2B0AA6182358673B356A4E2BD631E22A9922"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5767
Expires: Wed, 01 Feb 2023 12:55:03 GMT
Date: Wed, 01 Feb 2023 11:18:56 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0c35c3ec659d3a26ea97e68d787bb043
d97e3672244efec5b7814f2d8a734cd1a9387854
4c946a026114ff05316d92277750facf3d5f5d162839149da0b7fb1a4cff6b5e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C946A026114FF05316D92277750FACF3D5F5D162839149DA0B7FB1A4CFF6B5E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11528
Expires: Wed, 01 Feb 2023 14:31:04 GMT
Date: Wed, 01 Feb 2023 11:18:56 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Retry-After, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 01 Feb 2023 10:36:01 GMT
content-type: application/json
age: 2575
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
09ee4b0fe6cf4ca5ed31b24452338d00
7e62b6e20f0d4737f4a8d94f9818a0883027839e
56da08e18a408d7313de4e598984a251a0ecf85bbba98b421be9aebeb98835af

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56DA08E18A408D7313DE4E598984A251A0ECF85BBBA98B421BE9AEBEB98835AF"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3215
Expires: Wed, 01 Feb 2023 12:12:31 GMT
Date: Wed, 01 Feb 2023 11:18:56 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: E5QXmFWJLB5guyoez7GylAwXdOeU1VolxDC17IGf8HWZcKVOTy8DsO6llB1j1/zaJVzzUMYXfyg=
x-amz-request-id: AMJEF5Z65WG9EQAD
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 01 Feb 2023 10:51:32 GMT
age: 1644
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js

104.17.25.14

200 OK

28 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65451)
Size
28 kB (27958 bytes)
Hash
4b5f47439b640180cc3450f7de05d0d8
5a0dc9bcab80ddc409dd35fcb00a88fe6846fee2
1f85e8b327f42c17c025d69849914068536d9aa95412fe473ae90ffb2f4ebd82

HTTP Headers

GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://au3v.org
Connection: keep-alive
Referer: http://au3v.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 01 Feb 2023 11:18:56 GMT
content-type: application/javascript; charset=utf-8
content-length: 27958
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb09ed3-15d84"
last-modified: Mon, 04 May 2020 23:01:39 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1096795
expires: Mon, 22 Jan 2024 11:18:56 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7AVA9x0CDLzJNMGr26NxN6vXk4gO3EId5Q1kxcIsN6I6eHYCTeJVbRsKL5LKVCkz86q%2BJT9oSw3%2BE4DrN0Z7e6W75YI6XB0xnHaT1OwpgkFDleHF%2FUttoIBA%2FDmagbr1ftq%2BtdWX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 792a4a09ba02b4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 11:18:56 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.76.226

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
f3ab7ac3ea01eea8173330d3b18ec0bc
1ac3e96ca2d5a4aece2870640f733fd626cd8118
6c28e8c6433cbc7b8f629b0df31d7a51ad74149740b57b4fd5d37795dbfc4c0c

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "6C28E8C6433CBC7B8F629B0DF31D7A51AD74149740B57B4FD5D37795DBFC4C0C"
Last-Modified: Tue, 31 Jan 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8632
Expires: Wed, 01 Feb 2023 13:42:48 GMT
Date: Wed, 01 Feb 2023 11:18:56 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 01 Feb 2023 10:41:42 GMT
age: 2234
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

au3v.org/favicon.ico

64.225.91.73

200 OK

329 B

URL HTTP/1.1
au3v.org/favicon.ico
IP
64.225.91.73:0
ASN
#14061 DIGITALOCEAN-ASN

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
329 B (329 bytes)
Hash
ecbcb8bae64098de3e587487b474f8b8
e275409fb40ea27c3826af493f70faf147d0f995
2597a3f2418586d8a9fb0764743a84486ba066c6af3ff194922fb6c65a783688

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: au3v.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://au3v.org/

HTTP/1.1 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 01 Feb 2023 11:18:56 GMT
content-type: text/html
last-modified: Wed, 12 Jan 2022 17:20:45 GMT
etag: W/"61df0ded-1ad"
content-encoding: gzip
transfer-encoding: chunked

domaincntrol.com/?orighost=http://au3v.org/

172.67.68.176

200 OK

21 B

URL HTTP/2
domaincntrol.com/?orighost=http://au3v.org/
IP
172.67.68.176:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
21 B (21 bytes)
Hash
7158171c3d9c7acf053e1a9fb17fce78
da21185457e262ced3397af642596d98722c86bf
005e9506124db0d5bd48e2d17bc8b39f722702dc1a29df50f9d35b4f83fac51b

HTTP Headers

GET /?orighost=http://au3v.org/ HTTP/1.1
Host: domaincntrol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://au3v.org
Connection: keep-alive
Referer: http://au3v.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 01 Feb 2023 11:18:56 GMT
content-type: text/javascript;charset=UTF-8
content-length: 21
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k0yhH0Yf0uoE0uIrvtvoJHVrsxSA1a0P4fuiKU1KChRZasDpwRo8cDj%2FOxW8wAR8EbDCQJvrxbPqeGwIYJ%2BAX692t5wuJwPR7BqTJnN6PLze0twnb2mnSvVR%2Benks%2BIykco%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792a4a0ad8630afa-OSL
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5795
Expires: Wed, 01 Feb 2023 12:55:31 GMT
Date: Wed, 01 Feb 2023 11:18:56 GMT
Connection: keep-alive

push.services.mozilla.com/

52.40.156.208

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.40.156.208:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: MLyYaWrfFSv4HNg05tYzng==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: csfGcy4f5X+Pr4g3MDsfZsueOO4=

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11498
Expires: Wed, 01 Feb 2023 14:30:36 GMT
Date: Wed, 01 Feb 2023 11:18:58 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11498
Expires: Wed, 01 Feb 2023 14:30:36 GMT
Date: Wed, 01 Feb 2023 11:18:58 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11498
Expires: Wed, 01 Feb 2023 14:30:36 GMT
Date: Wed, 01 Feb 2023 11:18:58 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49ea501c-c491-40c1-82ec-c750680af9df.jpeg

34.120.237.76

200 OK

9.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49ea501c-c491-40c1-82ec-c750680af9df.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.3 kB (9282 bytes)
Hash
e4354120b504a8b1d1c3f4e206eb4611
ba854dec74347525b20dbf3b4e5c13876d56aa1c
bc921fe78a71864819998207c13b5c3ca7913275a4503119c5d105ad7827c377

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49ea501c-c491-40c1-82ec-c750680af9df.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9282
x-amzn-requestid: f448477b-b445-46fa-8aee-8c5c527ee95b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: feqp8FuToAMFxDw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d5be3f-30fbf0dd70d17878651809a0;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 00:30:55 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XGTtVMp42cyJ-Xmh0D-ECG50tJe_AZWIir602PjdJ1CwsAygJpbJyA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 04:00:34 GMT
age: 26304
etag: "ba854dec74347525b20dbf3b4e5c13876d56aa1c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb48b6dde-a831-4a2a-91f4-75df52be0b31.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.8 kB (6773 bytes)
Hash
d2189ff7eee65e0fde9be79c994b1d1e
c82caabf73415755643b9ab874364162e798f58c
f0d08ab954f728a73a30d22c874019789d55b64a6160d5dafe4d08249f2e9ed4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb48b6dde-a831-4a2a-91f4-75df52be0b31.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6773
x-amzn-requestid: b3b6b388-dd50-4a4d-83e0-219b0d285f4c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: foee_GcdoAMFRWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9aac6-286883827020ff9a1412030c;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 23:56:54 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 59jJ-7FGO_UqZi7pUGx6h9imXp1a5bOeAbKFkDQBC91qQ2lnyyl11w==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 00:13:02 GMT
etag: "c82caabf73415755643b9ab874364162e798f58c"
content-type: image/jpeg
age: 39956
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d72f205-6434-46dc-85c2-d0bf41653e1f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.4 kB (8415 bytes)
Hash
6544847aa1270cea1c780e4ee562f2a2
7be75a9f2e5f9e945f60a20a5da70849ad32f72d
d820b25b833d644358c0d9d5a3dc05817770095c06a098a6fc8ed9b7230c80e3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d72f205-6434-46dc-85c2-d0bf41653e1f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8415
x-amzn-requestid: 0d44aaae-d472-410f-9438-7527da366b10
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ffCuGHRqoAMFxeg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d5e4c0-7e7330ab2de5c1ba3e87df4b;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 03:15:12 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: fr2OB2bcdPtbbHXp2z2l7duVX--MbbazfFJAh_V7qqUMMFEme5bRpw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 06:46:49 GMT
age: 16329
etag: "7be75a9f2e5f9e945f60a20a5da70849ad32f72d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82a4ade3-0c43-4f21-9738-0bc1dbb9a6a6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.6 kB (8597 bytes)
Hash
27e95b7912edc909d6b031e36fe83534
eb27fae0bb17dbe0929a620002195233ef50c1d0
b32e7e1a2eee367c5bf9e99bcb38f4c74c4e9e7bdfe7fb0f8f2a657060c0624c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82a4ade3-0c43-4f21-9738-0bc1dbb9a6a6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8597
x-amzn-requestid: e7bf4ac9-d86d-4ee9-9e10-8a42e5dfe2c6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fcRaNEW4IAMFatA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d4c90d-7731312f630b00ba028836ca;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 07:04:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: z3ZJ7bq6LuJd-9I9D22VIs0avctNGVDKnYmt-fxevCheQibivmUomQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 13:15:35 GMT
age: 79403
etag: "eb27fae0bb17dbe0929a620002195233ef50c1d0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.6 kB (9600 bytes)
Hash
3366ef4f8733cb9c89a5c88f63a0a441
7da46843b6d885f38a4759a08e6c899906ab7b97
7114397ee5c251cc5cb46f3433c2cc17ff68a08e0872e227671198e9b61eba0a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9600
x-amzn-requestid: 48094e1a-d550-4a91-b87c-4a08505f7cce
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVsWcFN7IAMF2pg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d2275c-5ced593a7e2126c9494563df;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 07:10:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: aZOeDFqBJQoGwLpIs-GpPvY0FKGCAOXY6MgzG32qzX-kVzUCKKv-kw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 02:29:58 GMT
age: 31740
etag: "7da46843b6d885f38a4759a08e6c899906ab7b97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc960001-158a-4a74-b6ce-f28cd110ca9c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8735 bytes)
Hash
23db22ce2120fbb0ae6109e1a046062d
2068c8d9a5bc30a17be658e198e26c64a80703cf
f307ba6c4929d9f0c9354334b7baea878da379138489d9689bb777c4da308dab

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc960001-158a-4a74-b6ce-f28cd110ca9c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8735
x-amzn-requestid: f466c962-7b12-4923-a4be-7ff9fce372a0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: foJaWFP_IAMF9wA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9890e-7a8c027d58f5b9132bb68a33;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 21:33:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: XtqfgDxskGIUmZdRj2nrGDpo9KvECk528eLZV29xNx3h7CLOu49mnQ==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 21:42:19 GMT
age: 48999
etag: "2068c8d9a5bc30a17be658e198e26c64a80703cf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ww2.au3v.org/

64.190.63.136

200 OK

1.3 kB

URL HTTP/1.1
ww2.au3v.org/
IP
64.190.63.136:0
ASN
#47846 SEDO GmbH

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (672)
Size
1.3 kB (1282 bytes)
Hash
f187465ce2d1b6205ffd2e6764c27691
6d8a9474996ec975d83f3a005902a3a0d7e76da9
2bfbeadc7376343195f8bf3f8fedd7b589877f13eca1787860bb6673025a54c1

HTTP Headers

GET / HTTP/1.1
Host: ww2.au3v.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://au3v.org/
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
date: Wed, 01 Feb 2023 11:18:59 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
vary: Accept-Encoding
x-powered-by: PHP/8.1.9
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_fg6E6V1KR5oIkAkHcm7jYLwddcTA5EB71LDNZKYEggmqrTAZfXdb/UYPjZiFXgrGOtYwqCT7gEZ7VIZwVDjewQ==
last-modified: Wed, 01 Feb 2023 11:18:57 GMT
x-cache-miss-from: parking-668bc7f5cc-h9jtf
server: NginX
content-encoding: gzip

img.sedoparking.com/images/js_preloader.gif

205.234.175.175

200 OK

4.3 kB

URL HTTP/1.1
img.sedoparking.com/images/js_preloader.gif
IP
205.234.175.175:0
ASN
#30081 CACHENETWORKS

File type
GIF image data, version 89a, 16 x 16\012- data
Size
4.3 kB (4254 bytes)
Hash
90c93102a88c2ab94bff1575b7a6e86e
56d71bf13de464534643db9d127629a0a3bf677a
5f6ad7031600056b578a6e8c6b34bc718d13125cc8256aa4a9050e549576f81a

HTTP Headers

GET /images/js_preloader.gif HTTP/1.1
Host: img.sedoparking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww2.au3v.org/

HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 11:18:59 GMT
Content-Type: image/gif
Content-Length: 4254
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Expires: Wed, 08 Feb 2023 11:18:59 GMT
X-CFHash: "90c93102a88c2ab94bff1575b7a6e86e"
X-CFF: B
Last-Modified: Fri, 15 Mar 2019 12:24:07 GMT
X-CF3: M
CF4Age: 0
x-cf-tsc: 1672141863
CF4ttl: 31536000.000
X-CF2: H
Server: CFS 0215
X-CF-ReqID: f66db6feb9df5aeda593b36db09e9877
X-CF1: 11696:fA.arn1:cf:cacheN.arn1-01:H
Accept-Ranges: bytes

ww2.au3v.org/search/tsc.php?200=NDU4OTYxMTk1&21=OTEuOTAuNDIuMTU0&681=MTY3NTI1MDMzOWIyMDNiYmQ1Nzc1ZTc2YThjMWEyMGI5ZTAwNDVkOGM2&crc=11dad834a0c9b3fd16482169ade8787b2021d44d&cv=1

64.190.63.136

200 OK

0 B

URL HTTP/1.1
ww2.au3v.org/search/tsc.php?200=NDU4OTYxMTk1&21=OTEuOTAuNDIuMTU0&681=MTY3NTI1MDMzOWIyMDNiYmQ1Nzc1ZTc2YThjMWEyMGI5ZTAwNDVkOGM2&crc=11dad834a0c9b3fd16482169ade8787b2021d44d&cv=1
IP
64.190.63.136:0
ASN
#47846 SEDO GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /search/tsc.php?200=NDU4OTYxMTk1&21=OTEuOTAuNDIuMTU0&681=MTY3NTI1MDMzOWIyMDNiYmQ1Nzc1ZTc2YThjMWEyMGI5ZTAwNDVkOGM2&crc=11dad834a0c9b3fd16482169ade8787b2021d44d&cv=1 HTTP/1.1
Host: ww2.au3v.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww2.au3v.org/

HTTP/1.1 200 OK
date: Wed, 01 Feb 2023 11:18:59 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-powered-by: PHP/8.1.9
x-cache-miss-from: parking-668bc7f5cc-5pzkw
server: NginX

ww2.au3v.org/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DARVKVC62Cw4_0&v=ZGJiYTE1MTVlMzJlZTAyNzNmYWE1NTNhNWRkNDhlNjAJMQl3dzIuYXUzdi5vcmc2M2RhNGFhMTE5MjhmOC4xNzQ1MzE0Nwl3dzIuYXUzdi5vcmc2M2RhNGFhMTE5MmI5Ny4wMDgyNzM3OAkxNjc1MjUwMzM5CWFkXzYzXzA=&l=OAk3OGFlOTFhMjFjYWE1NGYyNWMyZWRiM2U0ODRkODFmMQkwCTM1CTAJNDM5MTdmN2YxOTE4NzJlYmU1ODY0ZTAzMGMyNDJhMDAJNDU4OTYxMTk1CWF1M3YJMAk2Mwk2CTIJMTY3NTI1MDMzOQkwLjAwMDM0MQlOCTAJMQk4MzAJMTIwNQkzNzc5NDUxNTEJOTEuOTAuNDIuMTU0CTA%3D

64.190.63.136

302 Found

0 B

URL HTTP/1.1
ww2.au3v.org/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DARVKVC62Cw4_0&v=ZGJiYTE1MTVlMzJlZTAyNzNmYWE1NTNhNWRkNDhlNjAJMQl3dzIuYXUzdi5vcmc2M2RhNGFhMTE5MjhmOC4xNzQ1MzE0Nwl3dzIuYXUzdi5vcmc2M2RhNGFhMTE5MmI5Ny4wMDgyNzM3OAkxNjc1MjUwMzM5CWFkXzYzXzA=&l=OAk3OGFlOTFhMjFjYWE1NGYyNWMyZWRiM2U0ODRkODFmMQkwCTM1CTAJNDM5MTdmN2YxOTE4NzJlYmU1ODY0ZTAzMGMyNDJhMDAJNDU4OTYxMTk1CWF1M3YJMAk2Mwk2CTIJMTY3NTI1MDMzOQkwLjAwMDM0MQlOCTAJMQk4MzAJMTIwNQkzNzc5NDUxNTEJOTEuOTAuNDIuMTU0CTA%3D
IP
64.190.63.136:0
ASN
#47846 SEDO GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DARVKVC62Cw4_0&v=ZGJiYTE1MTVlMzJlZTAyNzNmYWE1NTNhNWRkNDhlNjAJMQl3dzIuYXUzdi5vcmc2M2RhNGFhMTE5MjhmOC4xNzQ1MzE0Nwl3dzIuYXUzdi5vcmc2M2RhNGFhMTE5MmI5Ny4wMDgyNzM3OAkxNjc1MjUwMzM5CWFkXzYzXzA=&l=OAk3OGFlOTFhMjFjYWE1NGYyNWMyZWRiM2U0ODRkODFmMQkwCTM1CTAJNDM5MTdmN2YxOTE4NzJlYmU1ODY0ZTAzMGMyNDJhMDAJNDU4OTYxMTk1CWF1M3YJMAk2Mwk2CTIJMTY3NTI1MDMzOQkwLjAwMDM0MQlOCTAJMQk4MzAJMTIwNQkzNzc5NDUxNTEJOTEuOTAuNDIuMTU0CTA%3D HTTP/1.1
Host: ww2.au3v.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww2.au3v.org/
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
date: Wed, 01 Feb 2023 11:18:59 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-powered-by: PHP/8.1.9
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
last-modified: Wed, 01 Feb 2023 11:18:59 GMT
location: /search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DARVKVC62Cw4_0&v=ZGJiYTE1MTVlMzJlZTAyNzNmYWE1NTNhNWRkNDhlNjAJMQl3dzIuYXUzdi5vcmc2M2RhNGFhMTE5MjhmOC4xNzQ1MzE0Nwl3dzIuYXUzdi5vcmc2M2RhNGFhMTE5MmI5Ny4wMDgyNzM3OAkxNjc1MjUwMzM5CWFkXzYzXzA=&l=OAk3OGFlOTFhMjFjYWE1NGYyNWMyZWRiM2U0ODRkODFmMQkwCTM1CTAJNDM5MTdmN2YxOTE4NzJlYmU1ODY0ZTAzMGMyNDJhMDAJNDU4OTYxMTk1CWF1M3YJMAk2Mwk2CTIJMTY3NTI1MDMzOQkwLjAwMDM0MQlOCTAJMQk4MzAJMTIwNQkzNzc5NDUxNTEJOTEuOTAuNDIuMTU0CTA%3D
x-cache-miss-from: parking-668bc7f5cc-c5kvx
server: NginX

ww2.au3v.org/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DARVKVC62Cw4_0&v=ZGJiYTE1MTVlMzJlZTAyNzNmYWE1NTNhNWRkNDhlNjAJMQl3dzIuYXUzdi5vcmc2M2RhNGFhMTE5MjhmOC4xNzQ1MzE0Nwl3dzIuYXUzdi5vcmc2M2RhNGFhMTE5MmI5Ny4wMDgyNzM3OAkxNjc1MjUwMzM5CWFkXzYzXzA=&l=OAk3OGFlOTFhMjFjYWE1NGYyNWMyZWRiM2U0ODRkODFmMQkwCTM1CTAJNDM5MTdmN2YxOTE4NzJlYmU1ODY0ZTAzMGMyNDJhMDAJNDU4OTYxMTk1CWF1M3YJMAk2Mwk2CTIJMTY3NTI1MDMzOQkwLjAwMDM0MQlOCTAJMQk4MzAJMTIwNQkzNzc5NDUxNTEJOTEuOTAuNDIuMTU0CTA%3D

64.190.63.136

302 Found

311 B

URL HTTP/1.1
ww2.au3v.org/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DARVKVC62Cw4_0&v=ZGJiYTE1MTVlMzJlZTAyNzNmYWE1NTNhNWRkNDhlNjAJMQl3dzIuYXUzdi5vcmc2M2RhNGFhMTE5MjhmOC4xNzQ1MzE0Nwl3dzIuYXUzdi5vcmc2M2RhNGFhMTE5MmI5Ny4wMDgyNzM3OAkxNjc1MjUwMzM5CWFkXzYzXzA=&l=OAk3OGFlOTFhMjFjYWE1NGYyNWMyZWRiM2U0ODRkODFmMQkwCTM1CTAJNDM5MTdmN2YxOTE4NzJlYmU1ODY0ZTAzMGMyNDJhMDAJNDU4OTYxMTk1CWF1M3YJMAk2Mwk2CTIJMTY3NTI1MDMzOQkwLjAwMDM0MQlOCTAJMQk4MzAJMTIwNQkzNzc5NDUxNTEJOTEuOTAuNDIuMTU0CTA%3D
IP
64.190.63.136:0
ASN
#47846 SEDO GmbH

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
311 B (311 bytes)
Hash
1f86a552f1f446a9f6427fe4ca406c70
a20f4c938ea39d779445c82c33e03e88adee21c7
a64456da52a074ad925e3d20c568c4abc9266756ad83b785a61b53b33b15b1f3

HTTP Headers

GET /search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DARVKVC62Cw4_0&v=ZGJiYTE1MTVlMzJlZTAyNzNmYWE1NTNhNWRkNDhlNjAJMQl3dzIuYXUzdi5vcmc2M2RhNGFhMTE5MjhmOC4xNzQ1MzE0Nwl3dzIuYXUzdi5vcmc2M2RhNGFhMTE5MmI5Ny4wMDgyNzM3OAkxNjc1MjUwMzM5CWFkXzYzXzA=&l=OAk3OGFlOTFhMjFjYWE1NGYyNWMyZWRiM2U0ODRkODFmMQkwCTM1CTAJNDM5MTdmN2YxOTE4NzJlYmU1ODY0ZTAzMGMyNDJhMDAJNDU4OTYxMTk1CWF1M3YJMAk2Mwk2CTIJMTY3NTI1MDMzOQkwLjAwMDM0MQlOCTAJMQk4MzAJMTIwNQkzNzc5NDUxNTEJOTEuOTAuNDIuMTU0CTA%3D HTTP/1.1
Host: ww2.au3v.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww2.au3v.org/
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
date: Wed, 01 Feb 2023 11:18:59 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
x-powered-by: PHP/8.1.9
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
last-modified: Wed, 01 Feb 2023 11:18:59 GMT
location: http://xml.sedodna.com/click?i=ARVKVC62Cw4_0
x-cache-miss-from: parking-668bc7f5cc-5pzkw
server: NginX

xml.sedodna.com/click?i=ARVKVC62Cw4_0

173.239.53.32

302 Found

0 B

URL HTTP/1.1
xml.sedodna.com/click?i=ARVKVC62Cw4_0
IP
173.239.53.32:0
ASN
#27257 WEBAIR-INTERNET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /click?i=ARVKVC62Cw4_0 HTTP/1.1
Host: xml.sedodna.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww2.au3v.org/
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Cache-Control: no-store
Content-Length: 0
Age: 0
Connection: keep-alive
Location: http://orest-vlv.com/zcvisitor/38217d27-a222-11ed-8616-0a0e2c5b0e1d/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=382f5fdc-a222-11ed-8616-0a0e2c5b0e1d
Pragma: no-cache

orest-vlv.com/zcvisitor/38217d27-a222-11ed-8616-0a0e2c5b0e1d/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=382f5fdc-a222-11ed-8616-0a0e2c5b0e1d

52.7.54.238

200

1.1 kB

URL HTTP/1.1
orest-vlv.com/zcvisitor/38217d27-a222-11ed-8616-0a0e2c5b0e1d/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=382f5fdc-a222-11ed-8616-0a0e2c5b0e1d
IP
52.7.54.238:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
1.1 kB (1098 bytes)
Hash
da43f24f339ca40d1449174881f42ca9
68fbff456b42f365362b68418379b5ee28aa1927
d485e876b8037e48e47df53e60a298fb824b6f556671b07e0fc0afc06251d01d

HTTP Headers

GET /zcvisitor/38217d27-a222-11ed-8616-0a0e2c5b0e1d/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=382f5fdc-a222-11ed-8616-0a0e2c5b0e1d HTTP/1.1
Host: orest-vlv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww2.au3v.org/
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 
Date: Wed, 01 Feb 2023 11:18:59 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server: jjQnZNtD

orest-vlv.com/zcredirect?visitid=38217d27-a222-11ed-8616-0a0e2c5b0e1d&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false

52.7.54.238

200

282 B

URL HTTP/1.1
orest-vlv.com/zcredirect?visitid=38217d27-a222-11ed-8616-0a0e2c5b0e1d&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
IP
52.7.54.238:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
282 B (282 bytes)
Hash
0668588f1576b3a87ab18bf7e835f38e
a20f683031b37d17a831d50d3d2ccee51a98767a
aa68b4ff32a643005e383d0e2e63fd406690cd077cf0a847269bee206a8cbf96

HTTP Headers

GET /zcredirect?visitid=38217d27-a222-11ed-8616-0a0e2c5b0e1d&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false HTTP/1.1
Host: orest-vlv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://orest-vlv.com/zcvisitor/38217d27-a222-11ed-8616-0a0e2c5b0e1d/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=382f5fdc-a222-11ed-8616-0a0e2c5b0e1d
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 
Date: Wed, 01 Feb 2023 11:18:59 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
Server: JtIMYLRk

orest-vlv.com/favicon.ico

52.7.54.238

404

653 B

URL HTTP/1.1
orest-vlv.com/favicon.ico
IP
52.7.54.238:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (649), with no line terminators
Size
653 B (653 bytes)
Hash
ba2732b1b2fa2626ffaa15f62f9e7d66
203d4e7fbb1d80449d6e4e1f3ae7a9bf8625debe
879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: orest-vlv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://orest-vlv.com/zcredirect?visitid=38217d27-a222-11ed-8616-0a0e2c5b0e1d&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false

HTTP/1.1 404 
Date: Wed, 01 Feb 2023 11:19:00 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 653
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Content-Language: en
Server: pHXNYpAa

xml-v4.gipostart-2.co/click?i=iodcxDa*gmE_0

173.239.53.32

302 Found

0 B

URL HTTP/1.1
xml-v4.gipostart-2.co/click?i=iodcxDa*gmE_0
IP
173.239.53.32:0
ASN
#27257 WEBAIR-INTERNET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /click?i=iodcxDa*gmE_0 HTTP/1.1
Host: xml-v4.gipostart-2.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://orest-vlv.com/
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Cache-Control: no-store
Content-Length: 0
Age: 0
Connection: keep-alive
Location: https://link.affiliates.cyber.bet/click?b=0&pid=8425&offer_id=53&l=1666276955&sub4=CYBERMAXCAS&sub8=_casino&sub6=1666276955&ref_id=Z7I2CLf3VZ4
Pragma: no-cache

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
0c470b2c6a6d6e0ae8981ff565585af4
281b9f337005160bb8e5372ed0580aaf41605063
c399e11efc5307df36aeb02791be06dd34ad65b6eaa26ce49ef5835b779cf314

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1646
Cache-Control: max-age=135182
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 11:19:00 GMT
Etag: "63d9b144-117"
Expires: Fri, 03 Feb 2023 00:52:02 GMT
Last-Modified: Wed, 01 Feb 2023 00:24:36 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 279

link.affiliates.cyber.bet/click?b=0&pid=8425&offer_id=53&l=1666276955&sub4=CYBERMAXCAS&sub8=_casino&sub6=1666276955&ref_id=Z7I2CLf3VZ4

172.66.43.156

302 Found

0 B

URL HTTP/2
link.affiliates.cyber.bet/click?b=0&pid=8425&offer_id=53&l=1666276955&sub4=CYBERMAXCAS&sub8=_casino&sub6=1666276955&ref_id=Z7I2CLf3VZ4
IP
172.66.43.156:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /click?b=0&pid=8425&offer_id=53&l=1666276955&sub4=CYBERMAXCAS&sub8=_casino&sub6=1666276955&ref_id=Z7I2CLf3VZ4 HTTP/1.1
Host: link.affiliates.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://orest-vlv.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Wed, 01 Feb 2023 11:19:00 GMT
content-length: 0
location: https://cyber.bet/land/casino_red_pbn868/?cid=63da4aa48002f10001b4598a&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_casino&promocode=CYBERMAXCAS&subid2=&subid3=&aff_bnnr=&aff_land=1666276955
x-adjust-use-original-forwarded-for: 1
access-control-allow-origin: *
set-cookie: afclick=63da4aa48002f10001b4598a; expires=Thu, 01 Feb 2024 11:19:00 GMT; secure; SameSite=None
afoffers={"53":1675250340}; expires=Thu, 01 Feb 2024 11:19:00 GMT; secure; SameSite=None
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ElI1Kbi%2FJXpfmdXeBe%2BMWXLSAhS%2BIe8VXigvNMcog9MwXqkEzLHOKlo27iSxg%2By5H1D%2BW2hXvhqiJIc6CY1ba3FGC1fwBUxUSOygZQiX8RcMNPzOGyUI2kRrXbL1j6%2BJR%2BB9XWAg6P48OZs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792a4a239c91b4fd-OSL
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
0dea93a9adb1e26a6ebfaf2e12c22cd5
e286810b718e374858f11adf0aae18dc65f27d66
73dafa5cd629cdf850ca05894932507c209713024ef27ce7597cb25365f2150e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 11:19:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
0dea93a9adb1e26a6ebfaf2e12c22cd5
e286810b718e374858f11adf0aae18dc65f27d66
73dafa5cd629cdf850ca05894932507c209713024ef27ce7597cb25365f2150e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 11:19:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

142.250.74.42

200 OK

31 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP
142.250.74.42:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (65451)
Size
31 kB (31021 bytes)
Hash
903bc7a7e510f87aa5d0201eb59a0832
ac9aa4dd94cde1bcba9037e94087138b127e41fc
41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f

HTTP Headers

GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 23:28:56 GMT
expires: Wed, 31 Jan 2024 23:28:56 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
age: 42604
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.76.226

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
8179d438e94b57f316b42eff0bc16d25
14d828fae8cc42cae983f3032ec998cabe68cd6d
cdbf3bcc6c2dee36250054306df4d5298a5f00c2b901615417a83fd328ec8e3a

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "CDBF3BCC6C2DEE36250054306DF4D5298A5F00C2B901615417A83FD328EC8E3A"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9770
Expires: Wed, 01 Feb 2023 14:01:50 GMT
Date: Wed, 01 Feb 2023 11:19:00 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
e395abd9ba7cd2840cd00a3a92c66589
ec7291f28dc95abf40c7571b71a22eb6d4683ab8
67a1c3aa191e033e1e3e7497d4498485a65948132f568b7404bb5495bab94328

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2381
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 11:19:00 GMT
Last-Modified: Wed, 01 Feb 2023 10:39:19 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 280

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e2d2b00ed4a3970f9b7c4561eec1f2ba
5d51d00a750a05bcad6aac56b5dcd410afff7591
20f4ee50766ee62c45e9a18f9646a856c1ae9b702a055c7d9131026dce630c42

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "20F4EE50766EE62C45E9A18F9646A856C1AE9B702A055C7D9131026DCE630C42"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3304
Expires: Wed, 01 Feb 2023 12:14:04 GMT
Date: Wed, 01 Feb 2023 11:19:00 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
0dea93a9adb1e26a6ebfaf2e12c22cd5
e286810b718e374858f11adf0aae18dc65f27d66
73dafa5cd629cdf850ca05894932507c209713024ef27ce7597cb25365f2150e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 11:19:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.sca1b.amazontrust.com/

54.230.245.100

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.100:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
10e7f6603f4a4577e78ec94093b0ba65
e195ac1a56ff314fdacc25611768fdcd35d326ef
0314c415f02fc3f96ba10ce5ea5f5c67bb142b7f7525509fb846736ab7d02515

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 01 Feb 2023 11:19:00 GMT
Last-Modified: Wed, 01 Feb 2023 10:22:56 GMT
Server: ECS (dcb/7EA2)
X-Cache: Miss from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Zt6HYPeszc_33aX7YszQKDcyhin8A-caj4_mMiTegqiMgcB0w3LuJg==
Age: 3364

cdnstatic.cyber.bet/css/payments.css

54.230.111.5

200 OK

699 B

URL HTTP/2
cdnstatic.cyber.bet/css/payments.css
IP
54.230.111.5:0
ASN
#16509 AMAZON-02

File type
ASCII text, with CRLF line terminators
Size
699 B (699 bytes)
Hash
70e2a5d4745300aed2bfccf31551eb7f
c913b11b1f043706b73941110c33543f3c942cfb
f33896366d0d98962fd3e5b79963449dd3c1c3ea48e617e5b6d6bdb46e0c7022

HTTP Headers

GET /css/payments.css HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
content-type: text/css
content-length: 699
last-modified: Tue, 24 Jan 2023 12:10:32 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Wed, 01 Feb 2023 11:18:48 GMT
etag: "70e2a5d4745300aed2bfccf31551eb7f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: etdqjPjFZOPu57MIol8ybJPB9bWFbkhf3ju65a2nIxKrKsSQjC_HfQ==
age: 12
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c004ef398fc2138876eac9e202e6e7c9
9b695108fe043113ee8dc3369be58234f1a73323
ab71d4c6d64f3c7a0114070414615b26843c22de34b0f04c9ad932ca112031c7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 11:19:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

my.rtmark.net/p.js?f=sync&lr=1&partner=8e97412bbf131fc32a987c97dde0d541fb4fd37a10ecec825f7a91e7042f6f9f

139.45.195.8

200 OK

697 B

URL HTTP/2
my.rtmark.net/p.js?f=sync&lr=1&partner=8e97412bbf131fc32a987c97dde0d541fb4fd37a10ecec825f7a91e7042f6f9f
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
ASCII text
Size
697 B (697 bytes)
Hash
5d4584e4549c2c67b3b1014412127d86
878b05105062900e6df717dba698aab39b9476d8
383fd07eb50f0e9605a08083c372046f06511da2037d6dd5c0301bb8478ec55b

HTTP Headers

GET /p.js?f=sync&lr=1&partner=8e97412bbf131fc32a987c97dde0d541fb4fd37a10ecec825f7a91e7042f6f9f HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 11:19:00 GMT
content-type: text/javascript
content-length: 697
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-NR2G4XB

142.250.74.168

200 OK

72 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-NR2G4XB
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
Unicode text, UTF-8 text, with very long lines (15106)
Size
72 kB (72021 bytes)
Hash
a59f34c27860b0399ebb57db013611ed
09203606c96f676090f2847701417be0bd59b2e6
e6b9e09f3ccbf2fde22e8c5e61ff05e2900b6b991e2926fbee9b1367445d5138

HTTP Headers

GET /gtm.js?id=GTM-NR2G4XB HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 01 Feb 2023 11:19:00 GMT
expires: Wed, 01 Feb 2023 11:19:00 GMT
cache-control: private, max-age=900
last-modified: Wed, 01 Feb 2023 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 72021
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

54.230.245.100

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.100:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
0b03afb76529d41add60c5daac95b0e5
8a1635989a4d8f6ade117b2eaa2caf4c738b9b6b
6cb7083dac48fdfd4b053ad9b2120267ccc7fdf8a85839673fbda32d1e5c94f5

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Wed, 01 Feb 2023 11:19:00 GMT
Etag: "63d8f37d-1d7"
Server: ECS (dcb/7F83)
X-Cache: Miss from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ifB9LRCyZwJFWAjOvGcdLI1DrSG9ZKZc1EVRHYrxdWb2RD-htWohkg==

ocsp.sca1b.amazontrust.com/

54.230.245.100

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.100:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
0b03afb76529d41add60c5daac95b0e5
8a1635989a4d8f6ade117b2eaa2caf4c738b9b6b
6cb7083dac48fdfd4b053ad9b2120267ccc7fdf8a85839673fbda32d1e5c94f5

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=171350
Date: Wed, 01 Feb 2023 11:19:00 GMT
Etag: "63da44fa-1d7"
Expires: Fri, 03 Feb 2023 10:54:50 GMT
Last-Modified: Wed, 01 Feb 2023 10:54:50 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: e4Mduu9tikXFB_FmepPh6NgrekCaFy6iY8kSKP5VBTYpO-UbanysrQ==

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c004ef398fc2138876eac9e202e6e7c9
9b695108fe043113ee8dc3369be58234f1a73323
ab71d4c6d64f3c7a0114070414615b26843c22de34b0f04c9ad932ca112031c7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 11:19:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

e1.o.lencr.org/

23.36.76.226

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
8179d438e94b57f316b42eff0bc16d25
14d828fae8cc42cae983f3032ec998cabe68cd6d
cdbf3bcc6c2dee36250054306df4d5298a5f00c2b901615417a83fd328ec8e3a

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "CDBF3BCC6C2DEE36250054306DF4D5298A5F00C2B901615417A83FD328EC8E3A"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9769
Expires: Wed, 01 Feb 2023 14:01:50 GMT
Date: Wed, 01 Feb 2023 11:19:01 GMT
Connection: keep-alive

cdnstatic.cyber.bet/js/global.js

54.230.111.5

200 OK

71 kB

URL HTTP/2
cdnstatic.cyber.bet/js/global.js
IP
54.230.111.5:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text, with very long lines (5000), with CRLF line terminators
Size
71 kB (70834 bytes)
Hash
8943965f22a29b6f800a98e0eaed584f
1cfa4c3d79808cce1785967a637819b88a9d11f5
3655c70a4699f50b8ffedcba2985671c7c8788b6a73e665e45515e6b8e69e3db

HTTP Headers

GET /js/global.js HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
content-type: application/javascript
content-length: 70834
vary: Accept-Encoding
date: Wed, 01 Feb 2023 11:19:01 GMT
last-modified: Tue, 24 Jan 2023 12:10:35 GMT
etag: "8943965f22a29b6f800a98e0eaed584f"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 2-9dJNPB8LyLmkZrPldSOuoqC4ALfQ31kuV_pk2PZbeucUT1rssREA==
cache-control: no-store, no-cache, must-revalidate
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
e395abd9ba7cd2840cd00a3a92c66589
ec7291f28dc95abf40c7571b71a22eb6d4683ab8
67a1c3aa191e033e1e3e7497d4498485a65948132f568b7404bb5495bab94328

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2382
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 11:19:01 GMT
Last-Modified: Wed, 01 Feb 2023 10:39:19 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 280

cdnstatic.cyber.bet/css/global.css

54.230.111.5

200 OK

4.7 kB

URL HTTP/2
cdnstatic.cyber.bet/css/global.css
IP
54.230.111.5:0
ASN
#16509 AMAZON-02

File type
ASCII text, with CRLF line terminators
Size
4.7 kB (4746 bytes)
Hash
1d710fedcd0ddfd6744b7011d3261d07
884abf5c059be6ddcdd9067c24c55f744d6df31f
47db4a55aeef076b5cc2c69bb230028feb69a8575b5a9651a1fa79e51990edb9

HTTP Headers

GET /css/global.css HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
content-type: text/css
content-length: 4746
vary: Accept-Encoding
date: Wed, 01 Feb 2023 11:19:02 GMT
last-modified: Tue, 24 Jan 2023 12:10:32 GMT
etag: "1d710fedcd0ddfd6744b7011d3261d07"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Dhdg3j96WRHuToq_gI2-mcIELL6IXqcjnBQ5ZVyiauD6d9fuw4zv_g==
cache-control: no-store, no-cache, must-revalidate
X-Firefox-Spdy: h2

cyber.bet/land/casino_red_pbn868/img/bg.jpg

172.66.43.156

200 OK

85 kB

URL HTTP/2
cyber.bet/land/casino_red_pbn868/img/bg.jpg
IP
172.66.43.156:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x939, components 3\012- data
Size
85 kB (84557 bytes)
Hash
98ba8ffcbd9e5560948fced0272a2f75
64d51f93a51c26638a66468801643e9edd8935c8
c2635b22ca2e9b3d82330a2bc4c6688f2e0a8901f12baaaa321182cb0bba2912

HTTP Headers

GET /land/casino_red_pbn868/img/bg.jpg HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_red_pbn868/css/style.css?v=1
Cookie: _ga_8FYNJV02NV=GS1.1.1675250362.1.0.1675250362.60.0.0; _ga=GA1.1.188777560.1675250362; __adm_tid=tid-2e6f9f091.435933926
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 01 Feb 2023 11:19:01 GMT
content-type: image/jpeg
content-length: 84557
cf-bgj: h2pri
etag: "63502f95-14a4d"
last-modified: Wed, 19 Oct 2022 17:10:45 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 7176
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O038e1yEnrVWnWHbxNny1Vl5X8sGudosEW5MuHm%2FaoJHY9jIQYlK9uoIV6GmskVJDyGAvY3fARL87RvqZOS8Y4qCC3QsZromkRLTOgkprWpVn6IkyXk%2F8f65Hw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792a4a285beab4fd-OSL
X-Firefox-Spdy: h2

cyber.bet/land/casino_red_pbn868/img/right.png

172.66.43.156

200 OK

121 kB

URL HTTP/2
cyber.bet/land/casino_red_pbn868/img/right.png
IP
172.66.43.156:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 1122 x 1045, 8-bit colormap, non-interlaced\012- data
Size
121 kB (121073 bytes)
Hash
1259004f61333ce5779efb3823458094
cc58a5562320e0dd696765532a5a910c51a6eee1
3b65805319f0f56c6ada3b09a76162b8293682d2e5a0fb2ba00a395dadbf36fc

HTTP Headers

GET /land/casino_red_pbn868/img/right.png HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_red_pbn868/css/style.css?v=1
Cookie: _ga_8FYNJV02NV=GS1.1.1675250362.1.0.1675250362.60.0.0; _ga=GA1.1.188777560.1675250362; __adm_tid=tid-2e6f9f091.435933926
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 01 Feb 2023 11:19:01 GMT
content-type: image/png
content-length: 121073
last-modified: Wed, 19 Oct 2022 17:10:45 GMT
etag: "63502f95-1d8f1"
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6971
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iatGV9t%2BEs4EZYhtvhLACqJ7LhM6pwHTDpZn10Zjnj1YD42Ps4u5o5HgGDur8MgfffkXKPyLVsmO3ZdnxFRX%2BC4ed29fa1iqORX97nF5YeV%2BUBmeBYLrUeDWig%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792a4a285bf3b4fd-OSL
X-Firefox-Spdy: h2

cyber.bet/land/casino_red_pbn868/img/input.png

172.66.43.156

200 OK

10 kB

URL HTTP/2
cyber.bet/land/casino_red_pbn868/img/input.png
IP
172.66.43.156:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 684 x 134, 8-bit/color RGBA, non-interlaced\012- data
Size
10 kB (10123 bytes)
Hash
029eb00d46a95ea9be209224c3d913db
6437f53a0ac6d920ce054424e379bc4035890d9f
2edf7d5caba07cf65cf390191d6e21b25a0510b09ea2809df2630515e7bccb7f

HTTP Headers

GET /land/casino_red_pbn868/img/input.png HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_red_pbn868/css/form.css
Cookie: _ga_8FYNJV02NV=GS1.1.1675250362.1.0.1675250362.60.0.0; _ga=GA1.1.188777560.1675250362; __adm_tid=tid-2e6f9f091.435933926
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 01 Feb 2023 11:19:01 GMT
content-type: image/png
content-length: 10123
last-modified: Wed, 19 Oct 2022 17:10:45 GMT
etag: "63502f95-278b"
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 7176
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kt4r%2FwYXfn%2FAqFd55kve7ifIZ12wolC%2FswUFM6YrpBmeNidRGWBqfUezxYPlEyGJAh%2B%2BGmeFe3cUH%2FiGESh97h39O2UBSeLxvtdHvT%2FIV3axqI82caSkweOwXg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792a4a285bfab4fd-OSL
X-Firefox-Spdy: h2

cyber.bet/land/casino_red_pbn868/img/left.png

172.66.43.156

200 OK

110 kB

URL HTTP/2
cyber.bet/land/casino_red_pbn868/img/left.png
IP
172.66.43.156:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 989 x 972, 8-bit colormap, non-interlaced\012- data
Size
110 kB (110461 bytes)
Hash
d6890ff06451abd5164dad583ab8383c
0391a449f196bf9ad13d577c5f390d2767ccd182
60c8d0be6f5252f41ebf504c5c4597fd460f31bd2b695884f69cc789168821cb

HTTP Headers

GET /land/casino_red_pbn868/img/left.png HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_red_pbn868/css/style.css?v=1
Cookie: _ga_8FYNJV02NV=GS1.1.1675250362.1.0.1675250362.60.0.0; _ga=GA1.1.188777560.1675250362; __adm_tid=tid-2e6f9f091.435933926
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 01 Feb 2023 11:19:01 GMT
content-type: image/png
content-length: 110461
last-modified: Wed, 19 Oct 2022 17:10:45 GMT
etag: "63502f95-1af7d"
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6971
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QU2tmvtXZNcJxcWHT6MYgBWlpcqAqMiKeRdi3LvBLX%2BnPNb%2Ff65gvcIcZfBhCg0LqfhyWqXuIAgW5s%2BntJNvtPHWLkR0ePlNF9yFotdW%2BXI6sRk0hNYUeC%2B1VA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792a4a285bf1b4fd-OSL
X-Firefox-Spdy: h2

cyber.bet/land/casino_red_pbn868/img/cb_picked.png

172.66.43.156

200 OK

3.2 kB

URL HTTP/2
cyber.bet/land/casino_red_pbn868/img/cb_picked.png
IP
172.66.43.156:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 82 x 80, 8-bit/color RGBA, non-interlaced\012- data
Size
3.2 kB (3193 bytes)
Hash
774fc89cb9c8f999121c719e5f9f29df
d7d8ce07db925dc13908ea8c2c587fbb597c9eef
b1dd144f891842f0c1f19fff5c6ee14e4ab6ae491c7cac4aa2c2d7f156885bcb

HTTP Headers

GET /land/casino_red_pbn868/img/cb_picked.png HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_red_pbn868/css/form.css
Cookie: _ga_8FYNJV02NV=GS1.1.1675250362.1.0.1675250362.60.0.0; _ga=GA1.1.188777560.1675250362; __adm_tid=tid-2e6f9f091.435933926
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 01 Feb 2023 11:19:01 GMT
content-type: image/png
content-length: 3193
last-modified: Wed, 19 Oct 2022 17:10:45 GMT
etag: "63502f95-c79"
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 7176
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4z7hscAEMaMpUZpJSFXHaAVjF1AfBJG6JkPeG4E2S1pRIuV%2B0NpVIjgTgpQsnL%2FPFcrPFw7HIvhC34n0z3vjAgmUqA8%2BmfhUXBuj7uOiUOhR1UbACeAdA%2BmPRw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792a4a286c01b4fd-OSL
X-Firefox-Spdy: h2

cyber.bet/land/casino_red_pbn868/img/promo.png

172.66.43.156

200 OK

13 kB

URL HTTP/2
cyber.bet/land/casino_red_pbn868/img/promo.png
IP
172.66.43.156:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 684 x 134, 8-bit/color RGBA, non-interlaced\012- data
Size
13 kB (13216 bytes)
Hash
5798187ffb0edc7c4525a1415d9e03db
240b77c6c3c8c2a75d133c14907805d85def5588
93a1d190fd9a50423a0f7518a9147a2ef4cf969478056c6001c1124a0a1fe830

HTTP Headers

GET /land/casino_red_pbn868/img/promo.png HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_red_pbn868/css/form.css
Cookie: _ga_8FYNJV02NV=GS1.1.1675250362.1.0.1675250362.60.0.0; _ga=GA1.1.188777560.1675250362; __adm_tid=tid-2e6f9f091.435933926
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 01 Feb 2023 11:19:01 GMT
content-type: image/png
content-length: 13216
last-modified: Wed, 19 Oct 2022 17:10:45 GMT
etag: "63502f95-33a0"
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 7176
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G17mX9It481ptD3if%2FCDHOLsllCBgFZrx8KT8%2BQr%2FBBmisynk7Elfpwk98sALGr5VggeZGY4DX3MGlngWcdBPo2R9hL4%2BJ64Vw5%2BFViyCvcMAhtjDfF8B7tkcg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792a4a286bfdb4fd-OSL
X-Firefox-Spdy: h2

cyber.bet/land/casino_red_pbn868/img/cta.png

172.66.43.156

200 OK

99 kB

URL HTTP/2
cyber.bet/land/casino_red_pbn868/img/cta.png
IP
172.66.43.156:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 1076 x 266, 8-bit/color RGBA, non-interlaced\012- data
Size
99 kB (98590 bytes)
Hash
6af15da4b150dd671aa73c54a5d000b2
1292d7e77d7ea538594b8f43527c1464a73e3ac6
383559b3e7496fbf5f0d7ebf89bb9fd90e149fee99bca2a0007224fed63ca51b

HTTP Headers

GET /land/casino_red_pbn868/img/cta.png HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_red_pbn868/css/form.css
Cookie: _ga_8FYNJV02NV=GS1.1.1675250362.1.0.1675250362.60.0.0; _ga=GA1.1.188777560.1675250362; __adm_tid=tid-2e6f9f091.435933926
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 01 Feb 2023 11:19:01 GMT
content-type: image/png
content-length: 98590
last-modified: Wed, 19 Oct 2022 17:10:45 GMT
etag: "63502f95-1811e"
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 7176
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d2F1wAf5%2F6ymptX%2FrN9XZrVdkxSHAN5BUkRtk1eF7bUN1ICgSYhNIhN%2F1o5DI4Qq9yr36czg5U7FmFBdTtr94ZiRXyqCPe2qr2fiiCszwe4k2clUSKZHuJF08g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792a4a286c10b4fd-OSL
X-Firefox-Spdy: h2

cdnstatic.cyber.bet/js/fp.js

54.230.111.5

200 OK

533 B

URL HTTP/2
cdnstatic.cyber.bet/js/fp.js
IP
54.230.111.5:0
ASN
#16509 AMAZON-02

File type
ASCII text, with CRLF line terminators
Size
533 B (533 bytes)
Hash
d1abfbe2c5b50e7f427e41c79197dcd3
01f6142a97168fd15da33334c35ce351d676ed08
7266855231eab7a13a11e53e9df50e1c84582649d9708e9a8f72d62e8af8b569

HTTP Headers

GET /js/fp.js HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1675250362.1.0.1675250362.60.0.0; _ga=GA1.1.188777560.1675250362
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 533
last-modified: Tue, 24 Jan 2023 12:10:35 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Wed, 01 Feb 2023 11:18:49 GMT
etag: "d1abfbe2c5b50e7f427e41c79197dcd3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: CoqYh3plDqVM-7pREgmMvyQ760HkIe5hKvVjC0BOi5zRPTW4vvKDMw==
age: 24
X-Firefox-Spdy: h2

cdnstatic.cyber.bet/js/geoMapping.js

54.230.111.5

200 OK

443 B

URL HTTP/2
cdnstatic.cyber.bet/js/geoMapping.js
IP
54.230.111.5:0
ASN
#16509 AMAZON-02

File type
ASCII text, with CRLF line terminators
Size
443 B (443 bytes)
Hash
2f6043a16c26cde9a190dbb829b5519c
791479cfced1a000ef6411990f1c4bba615b6b4c
f9dfb0c2f94be90f2cdeb66286b36cdeb5d8fb0fbb9f28b1e1d3d99a3780306a

HTTP Headers

GET /js/geoMapping.js HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1675250362.1.0.1675250362.60.0.0; _ga=GA1.1.188777560.1675250362
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 443
last-modified: Tue, 24 Jan 2023 12:10:35 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Wed, 01 Feb 2023 11:18:50 GMT
etag: "2f6043a16c26cde9a190dbb829b5519c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: fnu5hktW5mTiwQeignxz2ZP1fDvF3vy6tGDZq_svv8Rxy1DkKgGVZA==
age: 12
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
789b41f1f8027d4275a66ac9cb2f124d
c5eff6750f9a50fc52a7a6ec6e30a7afaf28fc79
e053b0b29fc44721473ed39ddfe41064f09b56b3531c765228fa322d599e770f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 11:19:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
789b41f1f8027d4275a66ac9cb2f124d
c5eff6750f9a50fc52a7a6ec6e30a7afaf28fc79
e053b0b29fc44721473ed39ddfe41064f09b56b3531c765228fa322d599e770f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 11:19:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

142.250.74.163

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15752, version 1.0\012- data
Size
16 kB (15752 bytes)
Hash
b20371a6daf29d4a1f2e85dbbf40fb20
0355a01c1ccb45cb728e7e07c41c8ebf456f70bb
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cyber.bet
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15752
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 12:46:53 GMT
expires: Wed, 31 Jan 2024 12:46:53 GMT
cache-control: public, max-age=31536000
age: 81128
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
789b41f1f8027d4275a66ac9cb2f124d
c5eff6750f9a50fc52a7a6ec6e30a7afaf28fc79
e053b0b29fc44721473ed39ddfe41064f09b56b3531c765228fa322d599e770f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 11:19:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
789b41f1f8027d4275a66ac9cb2f124d
c5eff6750f9a50fc52a7a6ec6e30a7afaf28fc79
e053b0b29fc44721473ed39ddfe41064f09b56b3531c765228fa322d599e770f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 11:19:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
789b41f1f8027d4275a66ac9cb2f124d
c5eff6750f9a50fc52a7a6ec6e30a7afaf28fc79
e053b0b29fc44721473ed39ddfe41064f09b56b3531c765228fa322d599e770f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 11:19:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.163

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cyber.bet
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 03:13:04 GMT
expires: Fri, 26 Jan 2024 03:13:04 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 547557
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

142.250.74.163

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cyber.bet
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 12:46:12 GMT
expires: Mon, 29 Jan 2024 12:46:12 GMT
cache-control: public, max-age=31536000
age: 253969
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f3ab2abde49bc0a3438f7ca4e56dd50f
688e824a4a83e5e90fe18f40f9052abfd167e7cd
5352452226490c941d97ac6a1bb67954eb2ffd4e2efd6599e76fc1ee25bf866b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5352452226490C941D97AC6A1BB67954EB2FFD4E2EFD6599E76FC1EE25BF866B"
Last-Modified: Sun, 29 Jan 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16334
Expires: Wed, 01 Feb 2023 15:51:15 GMT
Date: Wed, 01 Feb 2023 11:19:01 GMT
Connection: keep-alive

my.rtmark.net/p.js?f=sync&lr=1&partner=ba0d5680aec92ed9c5c9da2be8d0e8a3a577866b71c7089a32ed732bc1246910

139.45.195.8

200 OK

697 B

URL HTTP/2
my.rtmark.net/p.js?f=sync&lr=1&partner=ba0d5680aec92ed9c5c9da2be8d0e8a3a577866b71c7089a32ed732bc1246910
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
ASCII text
Size
697 B (697 bytes)
Hash
bb07e31c2c066db5c4b3259d1f69a442
db79e9d4a817ce703b11b65faf2ba097228063b2
d96b7a3f7fe0803348c6ea7cd2f02b2a3d96feabac2339d2f89033336f6583a8

HTTP Headers

GET /p.js?f=sync&lr=1&partner=ba0d5680aec92ed9c5c9da2be8d0e8a3a577866b71c7089a32ed732bc1246910 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 11:19:01 GMT
content-type: text/javascript
content-length: 697
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

142.250.74.163

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Size
16 kB (15740 bytes)
Hash
b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cyber.bet
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 19:34:21 GMT
expires: Thu, 25 Jan 2024 19:34:21 GMT
cache-control: public, max-age=31536000
age: 575080
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

142.250.74.163

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Size
16 kB (15920 bytes)
Hash
3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cyber.bet
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 14:07:32 GMT
expires: Thu, 25 Jan 2024 14:07:32 GMT
cache-control: public, max-age=31536000
age: 594689
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/@fingerprintjs/fingerprintjs@3/dist/fp.min.js

151.101.65.229

200 OK

14 kB

URL HTTP/2
cdn.jsdelivr.net/npm/@fingerprintjs/fingerprintjs@3/dist/fp.min.js
IP
151.101.65.229:0
ASN
#54113 FASTLY

File type
Unicode text, UTF-8 text, with very long lines (34150)
Size
14 kB (14453 bytes)
Hash
992ef8564e775838114b9722cfaca166
d695319ec9e83f5a2ed894ecff5e7497f0bb9fa7
974c0527a326c8a38b0a5475d5a9d159e3a1a4a4a0688888d9d525b74ebc3930

HTTP Headers

GET /npm/@fingerprintjs/fingerprintjs@3/dist/fp.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 3.4.0
x-jsd-version-type: version
etag: W/"86b4-0dT4vbRAvda9ZROiHYU1ptjFWSM"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 01 Feb 2023 11:19:01 GMT
age: 31383
x-served-by: cache-fra-eddf8230075-FRA, cache-bma1667-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 14453
X-Firefox-Spdy: h2

cyber.bet/land/casino_red_pbn868/img/logo.svg

172.66.43.156

200 OK

5.4 kB

URL HTTP/2
cyber.bet/land/casino_red_pbn868/img/logo.svg
IP
172.66.43.156:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1777), with CRLF line terminators
Size
5.4 kB (5357 bytes)
Hash
e3cac19f4cffe8b0d6a7d574fabf80a3
1f7e8f0dcb02e9cf447919f04ece346edb1a3b6f
8d79659ce5fde8316fc55d880ed86d5862d19cca436af0d2a8598766a8304dc8

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /land/casino_red_pbn868/img/logo.svg HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_red_pbn868/css/common.css
Cookie: _ga_8FYNJV02NV=GS1.1.1675250362.1.0.1675250362.60.0.0; _ga=GA1.1.188777560.1675250362; __adm_tid=tid-2e6f9f091.435933926
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 01 Feb 2023 11:19:01 GMT
content-type: image/svg+xml
last-modified: Wed, 19 Oct 2022 17:10:45 GMT
etag: W/"63502f95-b67"
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 7176
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gffevt%2FaGItW6vgxk%2FmsR0%2B1sXB2FXRDKGcfYpHPQQam5rKBKWyaV0tNKdSP4%2FoU6T3VzsJKMpSjh6pRcn2X%2Fbne2G8oq48BKZhKsDrDdyI%2BZnsvpZAnSO6bIA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792a4a285bf6b4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2

ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4

104.18.21.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1462 bytes)
Hash
dfae63935238ce8b1aea007517061fb4
02d8ae5d2c9f21fdd5c174de5dc49b5f15b0469d
3480a831d72a623801317199fbf00ce363647b6f169d34ce60b6ed69afde23d6

HTTP Headers

POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 11:19:01 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "1B7757C5203E7BC9FD1AAF74713CED067D625665"
Expires: Wed, 01 Feb 2023 22:00:00 GMT
Last-Modified: Wed, 01 Feb 2023 10:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1309
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 792a4a29bf8eb518-OSL

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fc7341b2b3c07810dbda66c8db53fad3
962ea79919c530657a68db6877f1b95b9705e59e
b2f9d21c9564bf36bb789da7a27c3a1336651443741c926ec5d36d4ad2abc45c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B2F9D21C9564BF36BB789DA7A27C3A1336651443741C926EC5D36D4AD2ABC45C"
Last-Modified: Tue, 31 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11242
Expires: Wed, 01 Feb 2023 14:26:23 GMT
Date: Wed, 01 Feb 2023 11:19:01 GMT
Connection: keep-alive

www.google-analytics.com/analytics.js

142.250.74.110

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.110:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1490)
Size
20 kB (20085 bytes)
Hash
ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Wed, 01 Feb 2023 09:46:59 GMT
expires: Wed, 01 Feb 2023 11:46:59 GMT
cache-control: public, max-age=7200
age: 5522
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cyber.bet/land/casino_red_pbn868/css/style.css?v=1

172.66.43.156

200 OK

1.4 kB

URL HTTP/2
cyber.bet/land/casino_red_pbn868/css/style.css?v=1
IP
172.66.43.156:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (3797), with no line terminators
Size
1.4 kB (1441 bytes)
Hash
500552ae564a362a7168501f9ba45077
cf7b6ef9e567359cb668a816cfa8aa60453e2ea7
b2048963bf6126626c6859f0a679377d9f906f7ca73b2dba7cbe6190b9c7b13c

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /land/casino_red_pbn868/css/style.css?v=1 HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_red_pbn868/?cid=63da4aa48002f10001b4598a&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_casino&promocode=CYBERMAXCAS&subid2=&subid3=&aff_bnnr=&aff_land=1666276955
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 01 Feb 2023 11:19:00 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=6020
etag: W/"63502f95-1784"
last-modified: Wed, 19 Oct 2022 17:10:45 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 7176
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HNlWzi%2BBFF7%2BlsXVK6HinCCzbI2EvAioNtUmFsBVEHFtBYilzSsCqvpmcHkbSY7iudBKFOHuTHVo%2FVzaJNae1LHDpbBF3hG3sfKUadcc5LCiHDRtTo2fG2rkEA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792a4a24fee2b4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2

my.rtmark.net/img.gif?f=sync&partner=8e97412bbf131fc32a987c97dde0d541fb4fd37a10ecec825f7a91e7042f6f9f&ttl=&rurl=https%3A%2F%2Fcyber.bet%2Fland%2Fcasino_red_pbn868%2F%3Fcid%3D63da4aa48002f10001b4598a%26pid%3D8425%26subid1%3D%26affs%3D1%26sid%3Daffs%26utm_medium%3Drevshare%26utm_source%3Daffise%26utm_campaign%3D53_casino%26promocode%3DCYBERMAXCAS%26subid2%3D%26subid3%3D%26aff_bnnr%3D%26aff_land%3D1666276955

139.45.195.8

200 OK

43 B

URL HTTP/2
my.rtmark.net/img.gif?f=sync&partner=8e97412bbf131fc32a987c97dde0d541fb4fd37a10ecec825f7a91e7042f6f9f&ttl=&rurl=https%3A%2F%2Fcyber.bet%2Fland%2Fcasino_red_pbn868%2F%3Fcid%3D63da4aa48002f10001b4598a%26pid%3D8425%26subid1%3D%26affs%3D1%26sid%3Daffs%26utm_medium%3Drevshare%26utm_source%3Daffise%26utm_campaign%3D53_casino%26promocode%3DCYBERMAXCAS%26subid2%3D%26subid3%3D%26aff_bnnr%3D%26aff_land%3D1666276955
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

HTTP Headers

GET /img.gif?f=sync&partner=8e97412bbf131fc32a987c97dde0d541fb4fd37a10ecec825f7a91e7042f6f9f&ttl=&rurl=https%3A%2F%2Fcyber.bet%2Fland%2Fcasino_red_pbn868%2F%3Fcid%3D63da4aa48002f10001b4598a%26pid%3D8425%26subid1%3D%26affs%3D1%26sid%3Daffs%26utm_medium%3Drevshare%26utm_source%3Daffise%26utm_campaign%3D53_casino%26promocode%3DCYBERMAXCAS%26subid2%3D%26subid3%3D%26aff_bnnr%3D%26aff_land%3D1666276955 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 11:19:01 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=42b57cc960974c589c2a058483412bde; expires=Thu, 01 Feb 2024 11:19:01 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8FYNJV02NV&cid=188777560.1675250362&gtm=2oe1u0&aip=1&z=1696818530

142.250.74.163

200 OK

42 B

URL HTTP/2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8FYNJV02NV&cid=188777560.1675250362&gtm=2oe1u0&aip=1&z=1696818530
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8FYNJV02NV&cid=188777560.1675250362&gtm=2oe1u0&aip=1&z=1696818530 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 01 Feb 2023 11:19:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

notix.io/event

139.45.240.92

200 OK

26 kB

URL HTTP/2
notix.io/event
IP
139.45.240.92:0
ASN
#9002 RETN Limited

File type
data
Size
26 kB (26100 bytes)
Hash
8568ee7c88c8f85cd325bcc86baefe71
6956eebe60105213a12ebd7fb358fdb64320f7f6
4414db4113ba8e20a36e2e14bc927f297167162184874ecf7c25489dd9ae67f8

HTTP Headers

OPTIONS /event HTTP/1.1
Host: notix.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://cyber.bet/
Origin: https://cyber.bet
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 11:18:56 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://cyber.bet
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

54.230.245.100

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.100:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
4a1c315f637e41293820773d650c12f3
f28e2314c4888386cb8ce3c4e2fba928b999f134
b2a81e11574f61804cf613a15225cc32f10aec859b5ee9af3ef0ae421f81c30f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 01 Feb 2023 11:19:01 GMT
Last-Modified: Wed, 01 Feb 2023 09:50:54 GMT
Server: ECS (nyb/1D29)
X-Cache: Miss from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: cF1X8wGJ4DURIi0NCfU3IdgCCWIkOZLx2JCmIa1y_t0C1gucVocsAg==
Age: 5287

notix.io/event

139.45.240.92

200 OK

0 B

URL HTTP/2
notix.io/event
IP
139.45.240.92:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /event HTTP/1.1
Host: notix.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://cyber.bet/
Origin: https://cyber.bet
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 11:18:56 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://cyber.bet
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b4c9a8ce96aa57d27a6bd55df00f08ac
180302ed4863fb5b22b45ab0cc7c770a12a8c63d
3707163ad693f536f95ed3331f045060ad51b12e95d55690d341a4a93e7f1d12

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 11:19:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

notix.io/event

139.45.240.92

200 OK

0 B

URL HTTP/2
notix.io/event
IP
139.45.240.92:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /event HTTP/1.1
Host: notix.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://cyber.bet/
Origin: https://cyber.bet
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 11:18:56 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://cyber.bet
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2

notix.io/event

139.45.240.92

200 OK

15 B

URL HTTP/2
notix.io/event
IP
139.45.240.92:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text, with no line terminators
Size
15 B (15 bytes)
Hash
28ec1eee5f4049e3c4f2135069c1d2c8
3505519507ca1c2a089c46e100b80408ca278421
edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b

HTTP Headers

POST /event HTTP/1.1
Host: notix.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 80
Origin: https://cyber.bet
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 11:18:55 GMT
content-type: application/json; charset=utf-8
content-length: 15
access-control-allow-origin: https://cyber.bet
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto:100,200,300,400,500,600,700,800,900&display=swap

142.250.74.106

200 OK

822 B

URL HTTP/2
fonts.googleapis.com/css?family=Roboto:100,200,300,400,500,600,700,800,900&display=swap
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
ASCII text
Size
822 B (822 bytes)
Hash
c2ef05aa01837b552a8e8b06199d855b
c142c889cc7299823591a9d40f4fbe80cd0c411f
d1cf22e5ff02ea082c4d9f599ac35d1241c868aad6f460c0e6f9851704f96140

HTTP Headers

GET /css?family=Roboto:100,200,300,400,500,600,700,800,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 01 Feb 2023 11:19:00 GMT
date: Wed, 01 Feb 2023 11:19:00 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

notix.io/event

139.45.240.92

200 OK

15 B

URL HTTP/2
notix.io/event
IP
139.45.240.92:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text, with no line terminators
Size
15 B (15 bytes)
Hash
28ec1eee5f4049e3c4f2135069c1d2c8
3505519507ca1c2a089c46e100b80408ca278421
edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b

HTTP Headers

POST /event HTTP/1.1
Host: notix.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 63
Origin: https://cyber.bet
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 11:18:55 GMT
content-type: application/json; charset=utf-8
content-length: 15
access-control-allow-origin: https://cyber.bet
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
46e2bec06a11406d5cdcec9c0e76911d
edc777878dca7029c70577edae741264a22ab010
21f7443ebf888a28fb0f0010d1c83ca833b42c06f7d2c755f83a4b418de96854

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 11:19:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cyber.bet/graphql/v2

172.66.43.156

200 OK

87 B

URL HTTP/2
cyber.bet/graphql/v2
IP
172.66.43.156:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with no line terminators
Size
87 B (87 bytes)
Hash
ff330e32d87218c222d8fd239067d320
8155d995d438360d36e7915eea9e3e0a48a1223b
c0a1e58590ba43a7b34e4e3596946a03ee7dfa546b9c6ddf22757f0a9645c3be

HTTP Headers

POST /graphql/v2 HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cyber.bet/land/casino_red_pbn868/?cid=63da4aa48002f10001b4598a&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_casino&promocode=CYBERMAXCAS&subid2=&subid3=&aff_bnnr=&aff_land=1666276955
Content-Type: application/json;charset=utf-8
Origin: https://cyber.bet
Content-Length: 51
Connection: keep-alive
Cookie: _ga_8FYNJV02NV=GS1.1.1675250362.1.0.1675250362.60.0.0; _ga=GA1.1.188777560.1675250362; __adm_tid=tid-2e6f9f091.435933926
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 01 Feb 2023 11:19:01 GMT
content-type: application/json
strict-transport-security: max-age=15724800; includeSubDomains
cb-blocked: no
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ofOxA%2B2XJTL7OLlJfAMuayYNq3g4Z3TFwQB7wfPb2i9sYOumOEaXdJqYGZ%2FXyiQfhMWYJOOpnrlqe%2BmWrdkOwNvwA1qw3WNimlrmEWH5UplReWpuzxks3RCFVg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792a4a293d54b4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2

cyber.bet/land/js/locales/base/locales.js

172.66.43.156

200 OK

5.2 kB

URL HTTP/2
cyber.bet/land/js/locales/base/locales.js
IP
172.66.43.156:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (16549), with no line terminators
Size
5.2 kB (5155 bytes)
Hash
14b9ea1691074e99a967741c2699b6e3
eebd1ee7a1f48c6144508fb71bb91184072dd7f0
2815eea8a002a580c0ca68fc6df4728e6b20720b0f208750bd664f1535c7747a

HTTP Headers

GET /land/js/locales/base/locales.js HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_red_pbn868/?cid=63da4aa48002f10001b4598a&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_casino&promocode=CYBERMAXCAS&subid2=&subid3=&aff_bnnr=&aff_land=1666276955
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 01 Feb 2023 11:19:00 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=22124
etag: W/"636c24bc-566c"
last-modified: Wed, 09 Nov 2022 22:07:56 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 7176
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vKEUvMIyK4bbQvnqF1zJS2ld%2B1fFLobnHfAOsLBE4lFmP6rKA5YOc8BVtQnGFK92JKo5gkcvplM%2F4OaWCzaLbpSXaoNehh0wQFgEGYW6vWaBtxOq90EDjcvjlA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792a4a24fee5b4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
46e2bec06a11406d5cdcec9c0e76911d
edc777878dca7029c70577edae741264a22ab010
21f7443ebf888a28fb0f0010d1c83ca833b42c06f7d2c755f83a4b418de96854

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 11:19:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

my.rtmark.net/img.gif?f=sync&partner=ba0d5680aec92ed9c5c9da2be8d0e8a3a577866b71c7089a32ed732bc1246910&ttl=&rurl=https%3A%2F%2Fcyber.bet%2Fland%2Fcasino_red_pbn868%2F%3Fcid%3D63da4aa48002f10001b4598a%26pid%3D8425%26subid1%3D%26affs%3D1%26sid%3Daffs%26utm_medium%3Drevshare%26utm_source%3Daffise%26utm_campaign%3D53_casino%26promocode%3DCYBERMAXCAS%26subid2%3D%26subid3%3D%26aff_bnnr%3D%26aff_land%3D1666276955

139.45.195.8

200 OK

43 B

URL HTTP/2
my.rtmark.net/img.gif?f=sync&partner=ba0d5680aec92ed9c5c9da2be8d0e8a3a577866b71c7089a32ed732bc1246910&ttl=&rurl=https%3A%2F%2Fcyber.bet%2Fland%2Fcasino_red_pbn868%2F%3Fcid%3D63da4aa48002f10001b4598a%26pid%3D8425%26subid1%3D%26affs%3D1%26sid%3Daffs%26utm_medium%3Drevshare%26utm_source%3Daffise%26utm_campaign%3D53_casino%26promocode%3DCYBERMAXCAS%26subid2%3D%26subid3%3D%26aff_bnnr%3D%26aff_land%3D1666276955
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

HTTP Headers

GET /img.gif?f=sync&partner=ba0d5680aec92ed9c5c9da2be8d0e8a3a577866b71c7089a32ed732bc1246910&ttl=&rurl=https%3A%2F%2Fcyber.bet%2Fland%2Fcasino_red_pbn868%2F%3Fcid%3D63da4aa48002f10001b4598a%26pid%3D8425%26subid1%3D%26affs%3D1%26sid%3Daffs%26utm_medium%3Drevshare%26utm_source%3Daffise%26utm_campaign%3D53_casino%26promocode%3DCYBERMAXCAS%26subid2%3D%26subid3%3D%26aff_bnnr%3D%26aff_land%3D1666276955 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: ID=42b57cc960974c589c2a058483412bde
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 11:19:01 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=42b57cc960974c589c2a058483412bde; expires=Thu, 01 Feb 2024 11:19:01 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

cyber.bet/land/casino_red_pbn868/favicon.ico

172.66.43.156

200 OK

2.1 kB

URL HTTP/2
cyber.bet/land/casino_red_pbn868/favicon.ico
IP
172.66.43.156:0
ASN
#13335 CLOUDFLARENET

File type
MS Windows icon resource - 3 icons, 48x48, 8 bits/pixel, 32x32, 8 bits/pixel\012- data
Size
2.1 kB (2110 bytes)
Hash
25497e49230376d3f2788997164abbaf
8eca1c7e35e6fb2b43fe55d23f9256a3065e7bca
b21e9914a29270cbd3f81d946806f6fc44ed4a9367cbe8b2546ca1c56b4aebca

HTTP Headers

GET /land/casino_red_pbn868/favicon.ico HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_red_pbn868/?cid=63da4aa48002f10001b4598a&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_casino&promocode=CYBERMAXCAS&subid2=&subid3=&aff_bnnr=&aff_land=1666276955
Cookie: _ga_8FYNJV02NV=GS1.1.1675250362.1.0.1675250362.60.0.0; _ga=GA1.1.188777560.1675250362; __adm_tid=tid-2e6f9f091.435933926; _uc_referrer=http://orest-vlv.com/; _uc_utm_source=affise; _uc_utm_medium=revshare; _uc_utm_campaign=53_casino; _uc_utm_term=; _uc_utm_content=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 01 Feb 2023 11:19:01 GMT
content-type: image/x-icon
last-modified: Wed, 19 Oct 2022 17:10:45 GMT
etag: W/"63502f95-1cee"
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 7171
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FqlrPB7V2CSfZMvKdnRzlDzRIktZ3XrrsJl6qzKGJPosgsK2jvwh23HThq1bCexAgZa%2FHhen%2FX4iD32JyQazIz4a8%2F%2FSOmjfgSN0DHWJGMvCD7hAQzXrjHGGpw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792a4a2b4870b4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
991dde88c08b8d3c16bd3afac119bafb
171bc1de8418aaa736da9b6cf6001568c7938936
ef525faa5ae17cd14d8e59a409ce70fb6016922d7f388f32249a9d0c44175d50

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF525FAA5AE17CD14D8E59A409CE70FB6016922D7F388F32249A9D0C44175D50"
Last-Modified: Wed, 01 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13900
Expires: Wed, 01 Feb 2023 15:10:41 GMT
Date: Wed, 01 Feb 2023 11:19:01 GMT
Connection: keep-alive

backend.cyberbet.academy/api/gql/send?ttl=86400

34.254.83.154

200 OK

4 B

URL HTTP/2
backend.cyberbet.academy/api/gql/send?ttl=86400
IP
34.254.83.154:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
5b3abf9c1aa7556c3a36fea4e695c5d2
3fd967d09a748e1f2b26d6fe562e7155aa87e9de
98c4922bb641c65c7a30b7bcafdf230b9b00b6693631c56146ab25b2786ee4a3

HTTP Headers

OPTIONS /api/gql/send?ttl=86400 HTTP/1.1
Host: backend.cyberbet.academy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://cyber.bet/
Origin: https://cyber.bet
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 01 Feb 2023 11:19:01 GMT
content-type: application/json; charset=utf-8
content-length: 4
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-headers: origin, content-type, accept
etag: W/"4-P9ln0Jp0jh8rJtb+Vi5xVaqH6d4"
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2

backend.cyberbet.academy/api/gql/send?ttl=86400

34.254.83.154

200 OK

1.7 kB

URL HTTP/2
backend.cyberbet.academy/api/gql/send?ttl=86400
IP
34.254.83.154:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (1732), with no line terminators
Size
1.7 kB (1732 bytes)
Hash
7d262be351a12c20d4e65ce60529f9fc
8081b04642d8b42d8af4fe92cf2e496ed15eaca5
a9d1bfc8e3fcf82bc6d372d278866fb7cc002c158e1ed329bd4f94a70a965241

HTTP Headers

POST /api/gql/send?ttl=86400 HTTP/1.1
Host: backend.cyberbet.academy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cyber.bet/
Content-Type: application/json;charset=utf-8
Origin: https://cyber.bet
Content-Length: 359
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 01 Feb 2023 11:19:02 GMT
content-type: application/json; charset=utf-8
content-length: 1732
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-headers: origin, content-type, accept
etag: W/"6c4-gIGwRkLYtC2K9P6Szy5JbtFerKU"
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2

alexatracker.com/jscode/bQIA.js?sub1=&sub2=&sub3=&sub4=&sub5=&prid=63da4aa48002f10001b4598a

104.21.85.99

200 OK

0 B

URL HTTP/2
alexatracker.com/jscode/bQIA.js?sub1=&sub2=&sub3=&sub4=&sub5=&prid=63da4aa48002f10001b4598a
IP
104.21.85.99:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /jscode/bQIA.js?sub1=&sub2=&sub3=&sub4=&sub5=&prid=63da4aa48002f10001b4598a HTTP/1.1
Host: alexatracker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 01 Feb 2023 11:19:02 GMT
content-type: application/json; charset=UTF-8
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
cf-cache-status: BYPASS
set-cookie: trbarid=45a904a060a64ced7e34b492d3ef7af2c1c3eea45df98c8e6911b4bf3fbe7042a%3A2%3A%7Bi%3A0%3Bs%3A7%3A%22trbarid%22%3Bi%3A1%3Bi%3A777265004941036197%3B%7D; expires=Wed, 05-Feb-2025 11:19:01 GMT; Max-Age=63503999; path=/; secure; HttpOnly; SameSite=None
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i%2BOwQ46MFZhMlwq9Hk1ZKk%2FnwjnsrFD2cHWdcuYP9qBKENwSnGTzVaRo60dqTEt4o96eJTfYTwgLhUOlz5tfljwGmtAoKW9i703IDj9AHIajcgBT%2BzoO7%2BLgzh%2FyylPoYDzF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792a4a2c78cab511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnstatic.cyber.bet/img/input.png

54.230.111.5

200 OK

10 kB

URL HTTP/2
cdnstatic.cyber.bet/img/input.png
IP
54.230.111.5:0
ASN
#16509 AMAZON-02

File type
PNG image data, 684 x 134, 8-bit/color RGBA, non-interlaced\012- data
Size
10 kB (10123 bytes)
Hash
029eb00d46a95ea9be209224c3d913db
6437f53a0ac6d920ce054424e379bc4035890d9f
2edf7d5caba07cf65cf390191d6e21b25a0510b09ea2809df2630515e7bccb7f

HTTP Headers

GET /img/input.png HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdnstatic.cyber.bet/css/global.css
Cookie: _ga_8FYNJV02NV=GS1.1.1675250362.1.0.1675250362.60.0.0; _ga=GA1.2.188777560.1675250362; _gid=GA1.2.883688926.1675250363; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 10123
last-modified: Thu, 07 Apr 2022 09:30:15 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Wed, 01 Feb 2023 11:18:51 GMT
etag: "029eb00d46a95ea9be209224c3d913db"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: IZ5X0RVcPEJ3V6Lxv0__QxQgCDjEECK1scMgybSKQVpveobjJwkDJg==
age: 23
X-Firefox-Spdy: h2

backend.cyberbet.academy/api/affise/land_promocode?promocode=CYBERMAXCAS

34.254.83.154

200 OK

712 B

URL HTTP/2
backend.cyberbet.academy/api/affise/land_promocode?promocode=CYBERMAXCAS
IP
34.254.83.154:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (710), with no line terminators
Size
712 B (712 bytes)
Hash
cc9dc856478b719988e30efd9922fccb
caa7f35d151bb6293d48255d7e2b6404ab764159
2096f5d36301d0c98e66c6e3dacb312e6674370399b5f6a4ee93ec143d0e665d

HTTP Headers

GET /api/affise/land_promocode?promocode=CYBERMAXCAS HTTP/1.1
Host: backend.cyberbet.academy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cyber.bet/
Origin: https://cyber.bet
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 01 Feb 2023 11:19:02 GMT
content-type: application/json; charset=utf-8
content-length: 712
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-headers: origin, content-type, accept
etag: W/"2c8-yqfzXRUbtik9SCVdfitkBKt2QVk"
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2

static.cyber.bet//xb/uj/c55700c6-fd25-4428-ab94-d164b9de3298.svg

172.66.43.156

200 OK

5.2 kB

URL HTTP/2
static.cyber.bet//xb/uj/c55700c6-fd25-4428-ab94-d164b9de3298.svg
IP
172.66.43.156:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (9515)
Size
5.2 kB (5195 bytes)
Hash
320e9262f009dd4b52b89ff6b8d42f4f
bdc6596d0f25efed9d06da45bf3e556f77ee810a
0f90e997bfc1b589824b4d06b6ba46ef631a090c454b320c6dd062ba2d5bc29d

HTTP Headers

GET //xb/uj/c55700c6-fd25-4428-ab94-d164b9de3298.svg HTTP/1.1
Host: static.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1675250362.1.0.1675250362.60.0.0; _ga=GA1.2.188777560.1675250362; _gid=GA1.2.883688926.1675250363; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Wed, 01 Feb 2023 11:19:02 GMT
content-type: image/svg+xml
cache-control: public, max-age=31536000
last-modified: Tue, 30 Aug 2022 12:06:01 GMT
x-imgix-id: 9bdf3c27132191386bea4ec4bc43098d462dc9fd
x-imgix-render-farm: 02.552
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10022-SJC, cache-bma1631-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1197467
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ev9uIfr%2FPgq6iQ9jC1fHyvaju3aGdjQKL6Ewz0%2BuT949QLBXdgZ%2BKRkHHqhe4t9aluD5MPVhd%2FLSpIe70h98tBP2R3HgfjzENmD%2BZ8fy2MEX6%2Bchh212FhrKw5KU8ihDc%2B0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792a4a2e5d9cb4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2

static.cyber.bet//nj/mq/749129a1-2b84-46a8-bfc2-36c7fb837f56.svg

172.66.43.156

200 OK

4.2 kB

URL HTTP/2
static.cyber.bet//nj/mq/749129a1-2b84-46a8-bfc2-36c7fb837f56.svg
IP
172.66.43.156:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1143)
Size
4.2 kB (4204 bytes)
Hash
c0213f8fdbc5436a6ef035c1677448c4
c4f6851aa05b121cc361df7a315a0c481a372c7d
69d50e3b73c9f5f69f8d3e9f9e2ad09703a0b7163aadc668e05b70c6dca4f1d5

HTTP Headers

GET //nj/mq/749129a1-2b84-46a8-bfc2-36c7fb837f56.svg HTTP/1.1
Host: static.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1675250362.1.0.1675250362.60.0.0; _ga=GA1.2.188777560.1675250362; _gid=GA1.2.883688926.1675250363; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Wed, 01 Feb 2023 11:19:02 GMT
content-type: image/svg+xml
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 04:06:38 GMT
x-imgix-id: 58d927587a2791fa5ee8dc913a6ff0f83e28f73b
x-imgix-render-farm: 02.552
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10051-SJC, cache-bma1681-BMA
x-cache: MISS, HIT
vary: Accept-Encoding
cf-cache-status: HIT
age: 514984
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=icaYhKh16VIfejGmCZWLOrca%2Bkzt55S0nKm%2BJU3zgwSJ7t3UNi%2BXnsMb6HAlN6kwHqA1tnhR108a5o%2BfM8m9aj0aGAuL8YmsrZrBK6tjhYxabauQ9bVKp2odJuBQ254MSVE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792a4a2e5da0b4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2

cdnstatic.cyber.bet/js/payments.js

54.230.111.5

200 OK

75 kB

URL HTTP/2
cdnstatic.cyber.bet/js/payments.js
IP
54.230.111.5:0
ASN
#16509 AMAZON-02

File type
data
Size
75 kB (74831 bytes)
Hash
6194e6652b79f15dfd67fcc240b27381
49b0ed89740c8d11f43f7a591c695d3549362bed
0c9aa2293917868ae9c74b36c1b86cecf269b4cf1ee3cdd57ba535e39207fed6

HTTP Headers

GET /js/payments.js HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 24 Jan 2023 12:10:36 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Wed, 01 Feb 2023 11:18:48 GMT
etag: W/"86e0165b432077320adbf690e339604e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ph5SFk9jwl26DZ6yFRaIr8QAVj8J7M1Uq-b_a1Lhf1N4-fwZkV4wsQ==
age: 26
X-Firefox-Spdy: h2

static.cyber.bet//rz/ah/a55f56cd-663f-4587-9ba0-7780f4fffe06.svg

172.66.43.156

200 OK

2.3 kB

URL HTTP/2
static.cyber.bet//rz/ah/a55f56cd-663f-4587-9ba0-7780f4fffe06.svg
IP
172.66.43.156:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
2.3 kB (2293 bytes)
Hash
de44c682b3eebfe4db9f76a577096c85
fee90dd480ebedbdea2e6ff79c8bfe7a1f6ce8a8
e69e2971aa1952f41ecc86a5c912a85b9997138ba9f557b28c14e97a3f265eab

HTTP Headers

GET //rz/ah/a55f56cd-663f-4587-9ba0-7780f4fffe06.svg HTTP/1.1
Host: static.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1675250362.1.0.1675250362.60.0.0; _ga=GA1.2.188777560.1675250362; _gid=GA1.2.883688926.1675250363; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Wed, 01 Feb 2023 11:19:02 GMT
content-type: image/svg+xml
cache-control: public, max-age=31536000
last-modified: Tue, 15 Feb 2022 14:00:23 GMT
x-imgix-id: 124d84afd81dd36ff5dd18c8efb73ffa18bdb828
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10066-SJC, cache-maa10232-MAA
x-cache: HIT, HIT
vary: Accept-Encoding
cf-cache-status: HIT
age: 647400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hLAgOUUE7BGirB72GvxEXgaNSiWjfhbaU%2BoCGwtJ1Lslms304ZvYLIWcGB8hDh4hXoqL34VfTy7TSLZm2psD2wEYT3t6ULY2PkkJFunjlh17BLYIbIat9GzJfaEkJUPFO64%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792a4a2e5da3b4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2

cdnstatic.cyber.bet/js/libs/jquery.nice-select.min.js

54.230.111.5

200 OK

4.5 kB

URL HTTP/2
cdnstatic.cyber.bet/js/libs/jquery.nice-select.min.js
IP
54.230.111.5:0
ASN
#16509 AMAZON-02

File type
data
Size
4.5 kB (4463 bytes)
Hash
8c9ab6f39f9b12ce59bb004edc54d360
11c5fe6f2725727c0d1c80206c2a0c570257a7bc
c66ba57e53cc6eadb9597497b1d8abfc816ab6a5231245b81b05b246c28dadb2

HTTP Headers

GET /js/libs/jquery.nice-select.min.js HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 24 Jan 2023 12:10:35 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Wed, 01 Feb 2023 11:19:00 GMT
etag: W/"4e2def5093eb4c4281624db4a5aa8f9c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: qwK2zyfiuHmRdS545fISADOPkP4bHeakXb3RcOsYw9LZdpz-ot8WXA==
age: 3
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
597b80b9b677a90b26e577958566b92c
11d3c076a1eeeacdef203f0385d0786d08f6ad9c
408a21c9450492b13a0c2a10950f837910b996a6fb81c0162bd07fad042a71c7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6062
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 11:19:02 GMT
Etag: "63d9b43d-116"
Last-Modified: Wed, 01 Feb 2023 09:38:00 GMT
Server: ECS (amb/6BC8)
X-Cache: HIT
Content-Length: 278

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a327176edf538c07784f9b0da660c22d
4a56cfcac291dfe1cc177bd3eff976f106731834
aae92a95f747be0bca6982ed7e3e58af8ac74ff69c799b55046ab38474e149dd

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 11:19:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a327176edf538c07784f9b0da660c22d
4a56cfcac291dfe1cc177bd3eff976f106731834
aae92a95f747be0bca6982ed7e3e58af8ac74ff69c799b55046ab38474e149dd

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 11:19:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

backend.cyberbet.academy/api/land_regs/session

34.254.83.154

200 OK

2 B

URL HTTP/2
backend.cyberbet.academy/api/land_regs/session
IP
34.254.83.154:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

HTTP Headers

OPTIONS /api/land_regs/session HTTP/1.1
Host: backend.cyberbet.academy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://cyber.bet/
Origin: https://cyber.bet
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 01 Feb 2023 11:19:02 GMT
content-type: text/html; charset=utf-8
content-length: 2
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-headers: origin, content-type, accept
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2

static.cyber.bet//vw/ul/f38ce5a4-5465-4e1b-9b88-e542693f572d.svg

172.66.43.156

200 OK

2.7 kB

URL HTTP/2
static.cyber.bet//vw/ul/f38ce5a4-5465-4e1b-9b88-e542693f572d.svg
IP
172.66.43.156:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1100)
Size
2.7 kB (2740 bytes)
Hash
0cb926e3e9e2b0035dbf5458b5c54e57
30728e1c80e9bda968c2e434cf1f5e966fa854bb
803729400d7c15d4f2d2ba884c82142aa4084aedb3562ebc4c156555b890dbee

HTTP Headers

GET //vw/ul/f38ce5a4-5465-4e1b-9b88-e542693f572d.svg HTTP/1.1
Host: static.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1675250362.1.0.1675250362.60.0.0; _ga=GA1.2.188777560.1675250362; _gid=GA1.2.883688926.1675250363; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Wed, 01 Feb 2023 11:19:02 GMT
content-type: image/svg+xml
cache-control: public, max-age=31536000
last-modified: Tue, 15 Feb 2022 14:02:28 GMT
x-imgix-id: be499ee77bb9f13f4e61b37ea512299d94aa8c27
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10068-SJC, cache-maa10242-MAA
x-cache: HIT, MISS
vary: Accept-Encoding
cf-cache-status: HIT
age: 1007771
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sngzvh6fQiZxxciedaGwG0%2BjFp923yju37%2FVwQoaSnmM%2FJZyeE66BtwUtb9yhIlbbi%2FYgn1eQUr4C%2B7R8zqqBC5f9CyOHPmG98t1k7FJLDOXdT%2BtRniUb%2B0aRwoZJvTVNb0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792a4a2e6daab4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2

adjs.media/resources/content/cyberbet.js

104.21.57.187

200 OK

3.4 kB

URL HTTP/2
adjs.media/resources/content/cyberbet.js
IP
104.21.57.187:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (2884)
Size
3.4 kB (3362 bytes)
Hash
cb6805c7c59e8817045f1586c43d0eac
3ed1cd5762fcefe0caf6064714c30f0076821bd6
73e1838d82552807dac6d07debd6521a4fb210cabc275c302437dc4d977fc323

HTTP Headers

GET /resources/content/cyberbet.js HTTP/1.1
Host: adjs.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 01 Feb 2023 11:19:01 GMT
content-type: text/javascript; charset=utf-8
status: 200 OK
cache-control: no-cache
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 7b3b4237-674a-4bde-bc87-ff9bf78e0122
x-download-options: noopen
etag: W/"bd06ea929f643a4924378f7eca9deb90"
x-runtime: 0.002299
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PZf9FPCGo1zwyI4oKcLpVuRwR3euJJcVgWMXEIfCcBc1JPTnyjEpQnzaxP9r%2FCf0IW5peSjjhTR%2BRGcQe0bjySlb1Y2RRFjOPL1edxLcLlXHZiW59BK3FooCUuPE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792a4a261b5cb506-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e0bc98d03057dabba1334b62bea0975b
b358a8123908fe4b1c94a1273cac45c4e23b212e
10ef320ba825ca0e17d039b66fd2f321f4d2c687a8734d226fa25e9b45e109d9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 11:19:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

backend.cyberbet.academy/api/land_regs/session

34.254.83.154

200 OK

8 B

URL HTTP/2
backend.cyberbet.academy/api/land_regs/session
IP
34.254.83.154:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
8 B (8 bytes)
Hash
758d03240938c9a7a4709e26a48a385e
074a01d890236171824843af0482dc38050d0fc7
c852c2aa5cabf215aba5ff49e32623938e1185ee17817b9e797d3f0452da27db

HTTP Headers

POST /api/land_regs/session HTTP/1.1
Host: backend.cyberbet.academy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cyber.bet/
Content-Type: application/json;charset=utf-8
Origin: https://cyber.bet
Content-Length: 255
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 01 Feb 2023 11:19:02 GMT
content-type: application/json; charset=utf-8
content-length: 8
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-headers: origin, content-type, accept
etag: W/"8-B0oB2JAjYXGCSEOvBILcOAUND8c"
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
597b80b9b677a90b26e577958566b92c
11d3c076a1eeeacdef203f0385d0786d08f6ad9c
408a21c9450492b13a0c2a10950f837910b996a6fb81c0162bd07fad042a71c7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6062
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 11:19:02 GMT
Last-Modified: Wed, 01 Feb 2023 09:38:00 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 278

ocsp.sca1b.amazontrust.com/

54.230.245.100

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.100:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
199bb3686e2305492a8e928b187b107a
ab037860b21a7d474e2031d3cfe0c64b7081ac50
f168ac90c2d2d9f55f3589842036633df71aafd87b686a6f91b1a676faab63a1

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=131046
Date: Wed, 01 Feb 2023 11:19:02 GMT
Etag: "63d9a78c-1d7"
Expires: Thu, 02 Feb 2023 23:43:08 GMT
Last-Modified: Tue, 31 Jan 2023 23:43:08 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 3JzZTSI6-rkd3aXVf7N6GnSlj6v7hZUuSLX6gyl2Lf2J5lj-EwoHJQ==

cdnstatic.cyber.bet/css/iti/intlTelInput.css

54.230.111.5

200 OK

3.2 kB

URL HTTP/2
cdnstatic.cyber.bet/css/iti/intlTelInput.css
IP
54.230.111.5:0
ASN
#16509 AMAZON-02

File type
data
Size
3.2 kB (3236 bytes)
Hash
a1ac08ac08b191f6a6b6f5a301ad1871
4d0cbebe67fc46e03766fefc69e0c9c4bba20aa5
5fdc235e9df5d6588b96d1debf0e9ef7e8da9bb5ce1a4c3d195ca4e0b86132de

HTTP Headers

GET /css/iti/intlTelInput.css HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1675250362.1.0.1675250362.60.0.0; _ga=GA1.2.188777560.1675250362; _gid=GA1.2.883688926.1675250363; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
content-type: text/css
last-modified: Tue, 24 Jan 2023 12:10:32 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Wed, 01 Feb 2023 11:18:51 GMT
etag: W/"a69aa970266649e0b08c2cb4bc166568"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: apGXf7uQGov3Er8gcQQ7unlEGWaAjVGOzZ5cGGy8w_lZx5rBQMImGg==
age: 16
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
c777675e41e9045ce88ced5783717ae7
4f86fa976ada60cd81fdad71213e80f47b3f4d9d
1df71004b318cee0b1c86ee9f76b8b4d25723d512af9a7443e69a4d69c6ef329

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2983
Cache-Control: max-age=159573
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 11:19:02 GMT
Etag: "63da0b54-116"
Expires: Fri, 03 Feb 2023 07:38:35 GMT
Last-Modified: Wed, 01 Feb 2023 06:48:52 GMT
Server: ECS (amb/6BC0)
X-Cache: HIT
Content-Length: 278

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
c777675e41e9045ce88ced5783717ae7
4f86fa976ada60cd81fdad71213e80f47b3f4d9d
1df71004b318cee0b1c86ee9f76b8b4d25723d512af9a7443e69a4d69c6ef329

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2983
Cache-Control: max-age=159573
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 11:19:02 GMT
Etag: "63da0b54-116"
Expires: Fri, 03 Feb 2023 07:38:35 GMT
Last-Modified: Wed, 01 Feb 2023 06:48:52 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 278

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
e4d70e712631ab396e01046bc154b92a
e50dc9f7405b4a90213851bb03b06d63ba666c6c
62e3a9d11a4cde244300ec267387d299e457098d331ef7570d127ef117c3b188

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5050
Cache-Control: max-age=100795
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 11:19:02 GMT
Etag: "63d91da7-117"
Expires: Thu, 02 Feb 2023 15:18:57 GMT
Last-Modified: Tue, 31 Jan 2023 13:54:47 GMT
Server: ECS (amb/6BC0)
X-Cache: HIT
Content-Length: 279

br.betano.com/?btag=a_19851b_2181c_[CustomMergeFields]&siteid=19851

104.17.85.89

302 Found

0 B

URL HTTP/2
br.betano.com/?btag=a_19851b_2181c_[CustomMergeFields]&siteid=19851
IP
104.17.85.89:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?btag=a_19851b_2181c_[CustomMergeFields]&siteid=19851 HTTP/1.1
Host: br.betano.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://adtraffic.agency/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Wed, 01 Feb 2023 11:19:02 GMT
content-length: 0
location: /myaccount/ban/country-341629?alt=true
x-farm: 12
x-cacheable-status: 302
age: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-store
cf-cache-status: DYNAMIC
set-cookie: sticky=stx56.599
__cf_bm=c5Rjq2DIENWJwisRBPFSPVzJz2rz6TeWFrKtJb4LSjQ-1675250342-0-AbfQ75fo5JP3HNdzVAWMAoirW8w+mr7+nHnbIwltQb5keNkBancO0hB/u+cJOgCvCkpTJ8EZL6Q+eSsY7qcHVp0=; path=/; expires=Wed, 01-Feb-23 11:49:02 GMT; domain=.betano.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 792a4a327fd4b50f-OSL
X-Firefox-Spdy: h2

gml-grp.com/C.ashx?btag=a_19851b_2181c_&affid=5253&siteid=19851&adid=2181&c=&AutoR=1

188.114.97.1

302 Found

666 B

URL HTTP/2
gml-grp.com/C.ashx?btag=a_19851b_2181c_&affid=5253&siteid=19851&adid=2181&c=&AutoR=1
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
666 B (666 bytes)
Hash
d29ce24a18ea346c5e08826931918eb7
d6224dc32803fa6c0d827e6a983494eed26e1108
9bac936764c6afa3a775af0249df9f8649ea21df2bf24dc57d3797fff6f3e6ae

HTTP Headers

GET /C.ashx?btag=a_19851b_2181c_&affid=5253&siteid=19851&adid=2181&c=&AutoR=1 HTTP/1.1
Host: gml-grp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://adtraffic.agency/
Connection: keep-alive
Cookie: CEK=a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
date: Wed, 01 Feb 2023 11:19:02 GMT
content-type: text/html; charset=utf-8
location: https://br.betano.com?btag=a_19851b_2181c_[CustomMergeFields]&siteid=19851
cache-control: private
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
x-aspnet-version: 4.0.30319
set-cookie: XYZ=3&1&148&&&&0&1&&b4aa6056-83f6-4154-8b83-34294b51e5ca&&a_19851b_2181&; expires=Tue, 02-May-2023 11:19:02 GMT; path=/; SameSite=None; Secure
A_2181=a=2181&r=0&fv=0&lv=0&vc=0&fc=20230201&lc=20230201111902&cc=1; expires=Tue, 02-May-2023 11:19:02 GMT; path=/; SameSite=None; Secure
PM_20=c=&s=19851&ad=2181&md=0&pm=20&d=20230201111902&ip=2728320643&r=0&ref=https://adtraffic.agency/&RedirectParams=btag%3da_19851b_2181c_%5bCustomMergeFields%5d%26siteid%3d19851; expires=Tue, 02-May-2023 11:19:02 GMT; path=/; SameSite=None; Secure
CEK=a; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; SameSite=None; Secure
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u9mt%2FOzHvmII%2F%2BmDCgr%2FklXBzvdvhXhAh%2FDujFBtFHpQK8tu1lb2HnizVhbhE5mzoQ8l41FLA3FL9o7Uvt8sIlC1oGB9EIO9OPUKNRb0d%2BmSbpIrqT9WFgzrcLEaVg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792a4a319b03b4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

pool.admedo.com/pixel?id=148776&t=js

35.210.53.219

302 Found

0 B

URL HTTP/2
pool.admedo.com/pixel?id=148776&t=js
IP
35.210.53.219:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pixel?id=148776&t=js HTTP/1.1
Host: pool.admedo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Wed, 01 Feb 2023 11:19:03 GMT
location: https://pool.admedo.com/ul_cb/pixel?id=148776&t=js
set-cookie: tuuid=340c3336-e63a-415d-9156-5070a312d955; path=/; expires=Thu, 01-Feb-2024 11:19:03 GMT
c=1675250343; path=/; expires=Thu, 01-Feb-2024 11:19:03 GMT
tuuid_lu=1675250343; path=/; expires=Thu, 01-Feb-2024 11:19:03 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

pool.admedo.com/ul_cb/pixel?id=148776&t=js

35.210.53.219

200 OK

0 B

URL HTTP/2
pool.admedo.com/ul_cb/pixel?id=148776&t=js
IP
35.210.53.219:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ul_cb/pixel?id=148776&t=js HTTP/1.1
Host: pool.admedo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cyber.bet/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-length: 0
content-type: text/javascript; charset=UTF-8
date: Wed, 01 Feb 2023 11:19:03 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57810a89-c2fa-4da6-8c38-d7ab4682343c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.6 kB (4588 bytes)
Hash
23fba3309226071f6f44081c3a92bc0b
21119ea71d26ab157ec491f9cf68918d63310fb4
b29c1f3f6966e08bd3954275c8d2a3ae44a352b41e5d3f04203b55f65708fafc

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57810a89-c2fa-4da6-8c38-d7ab4682343c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 4588
x-amzn-requestid: 1d726cce-35c6-42d7-a592-8f22f1bd310a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmJr4GXvoAMFXvA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8bcb2-71af755c24ba2e9a39f17451;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:01:06 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: DzgQlPECoiRf-pZjVVk-EsjIl0kVj0b-BfiWBgUEFamma1pYDUMP6A==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 14:29:26 GMT
age: 74979
etag: "21119ea71d26ab157ec491f9cf68918d63310fb4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

cdnstatic.cyber.bet/js/libs/phone/utils.js

54.230.111.5

200 OK

0 B

URL HTTP/2
cdnstatic.cyber.bet/js/libs/phone/utils.js
IP
54.230.111.5:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js/libs/phone/utils.js HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1675250362.1.0.1675250362.60.0.0; _ga=GA1.2.188777560.1675250362; _gid=GA1.2.883688926.1675250363; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 24 Jan 2023 12:10:35 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Wed, 01 Feb 2023 11:18:14 GMT
etag: W/"8f3a2154b225b6257161c4dfc9b89c9c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: qNFxSZk-2laK-QILsN_7W48cQZjIRcQPDZ_tEJr4U96ubq7XGz8Dvw==
age: 59
X-Firefox-Spdy: h2

zeniocloud.com/bQIA.js?prid=63da4aa48002f10001b4598a&sub2=

167.114.67.56

200 OK

0 B

URL HTTP/2
zeniocloud.com/bQIA.js?prid=63da4aa48002f10001b4598a&sub2=
IP
167.114.67.56:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /bQIA.js?prid=63da4aa48002f10001b4598a&sub2= HTTP/1.1
Host: zeniocloud.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 01 Feb 2023 11:19:01 GMT
content-type: text/html; charset=UTF-8
content-encoding: gzip
X-Firefox-Spdy: h2

static.cyber.bet//wt/ry/aa27642b-8721-4fd0-8c84-c3e841f603b4.svg

172.66.43.156

200 OK

0 B

URL HTTP/2
static.cyber.bet//wt/ry/aa27642b-8721-4fd0-8c84-c3e841f603b4.svg
IP
172.66.43.156:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET //wt/ry/aa27642b-8721-4fd0-8c84-c3e841f603b4.svg HTTP/1.1
Host: static.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1675250362.1.0.1675250362.60.0.0; _ga=GA1.2.188777560.1675250362; _gid=GA1.2.883688926.1675250363; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Wed, 01 Feb 2023 11:19:02 GMT
content-type: image/svg+xml
cache-control: public, max-age=31536000
last-modified: Sun, 27 Nov 2022 13:15:26 GMT
x-imgix-id: befd1e5b23a603e2ad9e7e0e220abae092937310
x-imgix-render-farm: 02.552
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10033-SJC, cache-bma1648-BMA
x-cache: HIT, MISS
vary: Accept-Encoding
cf-cache-status: HIT
age: 1197467
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QdobOr9neMvxbGm4K5R6QC8lx4xvSsq4YT2KhWkIo1f8IK6%2BbBA3DDqWLuzkadr%2FNjizQeLivN4Nr5u%2BkcmF%2BEtUoxxpsaq7pouQQl044SpgkcTFhoeOGZgF5khkM9jcxeE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792a4a2e5da2b4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2

cyber.bet/land/casino_red_pbn868/css/form.css

172.66.43.156

200 OK

0 B

URL HTTP/2
cyber.bet/land/casino_red_pbn868/css/form.css
IP
172.66.43.156:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /land/casino_red_pbn868/css/form.css HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_red_pbn868/?cid=63da4aa48002f10001b4598a&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_casino&promocode=CYBERMAXCAS&subid2=&subid3=&aff_bnnr=&aff_land=1666276955
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 01 Feb 2023 11:19:00 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=9305
etag: W/"63502f95-2459"
last-modified: Wed, 19 Oct 2022 17:10:45 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 7176
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D%2FwCvcfFK3J45PIZ9sQV6TjHkYSahjTHMvx5jgR8bXufb7KRiOgxnkUxBWB6GNVW5ZKb%2B29fzQ4irotLButPYGJ5ykPyTxvyIAUsHjERzoY2de2l25Ij1mRoug%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792a4a24fee3b4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2

br.betano.com/myaccount/ban/country-341629?alt=true

104.17.85.89

200 OK

0 B

URL HTTP/2
br.betano.com/myaccount/ban/country-341629?alt=true
IP
104.17.85.89:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /myaccount/ban/country-341629?alt=true HTTP/1.1
Host: br.betano.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://adtraffic.agency/
Connection: keep-alive
Cookie: __cf_bm=c5Rjq2DIENWJwisRBPFSPVzJz2rz6TeWFrKtJb4LSjQ-1675250342-0-AbfQ75fo5JP3HNdzVAWMAoirW8w+mr7+nHnbIwltQb5keNkBancO0hB/u+cJOgCvCkpTJ8EZL6Q+eSsY7qcHVp0=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 01 Feb 2023 11:19:02 GMT
content-type: text/html; charset=utf-8
content-security-policy: frame-ancestors https://*.betano.com:*
x-farm: BR-MYACCOUNT11
age: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-store
set-cookie: __RequestVerificationToken=q360ylgU7cXIcNc9RCgQhF9xAMRmUWX6uqj4e6IKeLzxaPRpyMTwiEwveDigpuMtYlVBS0q9NNL-EpIXGey9KzVvb0066ymuMcS1LHunhBM1; path=/; secure; HttpOnly
sticky=stx4.881
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 792a4a32f8a7b50f-OSL
content-encoding: br
X-Firefox-Spdy: h2

static.cyber.bet//fw/ex/770b02e2-890b-47f9-9097-5ce9131c6dae.svg

172.66.43.156

200 OK

0 B

URL HTTP/2
static.cyber.bet//fw/ex/770b02e2-890b-47f9-9097-5ce9131c6dae.svg
IP
172.66.43.156:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET //fw/ex/770b02e2-890b-47f9-9097-5ce9131c6dae.svg HTTP/1.1
Host: static.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1675250362.1.0.1675250362.60.0.0; _ga=GA1.2.188777560.1675250362; _gid=GA1.2.883688926.1675250363; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Wed, 01 Feb 2023 11:19:02 GMT
content-type: image/svg+xml
cache-control: public, max-age=31536000
last-modified: Tue, 15 Feb 2022 13:53:49 GMT
x-imgix-id: 3071167306fd7e404ce6c9d0b6695258dcb9f78c
x-imgix-render-farm: 02.552
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10063-SJC, cache-bma1621-BMA
x-cache: HIT, MISS
vary: Accept-Encoding
cf-cache-status: HIT
age: 514984
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mr%2FlUIkjTV3dUSzkWllbEFR6PhzecG6E9UMQfzIj%2B5CAjQc4CtfyrQQJuc9XuD34uw4bU%2FdQbjj4cLxZkZKwdar10v8pjZikycQWz8DprDWljOYYzzaKxsd8%2BOcZW0aC5Nk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792a4a2e6da8b4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2

static.cyber.bet//hi/an/6ce04cc3-d308-42ee-8f2d-04e0a81e7319.svg

172.66.43.156

200 OK

0 B

URL HTTP/2
static.cyber.bet//hi/an/6ce04cc3-d308-42ee-8f2d-04e0a81e7319.svg
IP
172.66.43.156:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET //hi/an/6ce04cc3-d308-42ee-8f2d-04e0a81e7319.svg HTTP/1.1
Host: static.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1675250362.1.0.1675250362.60.0.0; _ga=GA1.2.188777560.1675250362; _gid=GA1.2.883688926.1675250363; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Wed, 01 Feb 2023 11:19:02 GMT
content-type: image/svg+xml
cache-control: public, max-age=31536000
last-modified: Fri, 13 May 2022 15:59:53 GMT
x-imgix-id: 0d9a0eb61d73b4e7f1e6f9d63934aa27a4dabba7
x-imgix-render-farm: 02.552
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10077-SJC, cache-bma1665-BMA
x-cache: HIT, MISS
vary: Accept-Encoding
cf-cache-status: HIT
age: 647400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NBvyhTQX6l3Py%2B%2BLrFDJw4vf8XZ5vjUJFKk%2BNQ7JcFU2ww5hEfT%2BGPEKa%2BlSnlDd%2FRAj9YsqXTVdJdWePb4hlJi8dgDMgkAbo7dr2D0q2pjKJLc1YAzh9TIic94m3HRpIsA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792a4a2e5d9eb4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2

cyber.bet/land/casino_red_pbn868/css/common.css

172.66.43.156

200 OK

0 B

URL HTTP/2
cyber.bet/land/casino_red_pbn868/css/common.css
IP
172.66.43.156:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /land/casino_red_pbn868/css/common.css HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_red_pbn868/?cid=63da4aa48002f10001b4598a&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_casino&promocode=CYBERMAXCAS&subid2=&subid3=&aff_bnnr=&aff_land=1666276955
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 01 Feb 2023 11:19:00 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=2676
etag: W/"63502f95-a74"
last-modified: Wed, 19 Oct 2022 17:10:45 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 7176
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rAjrKDfcsq%2BmzUlVVCdteX6Y9Wl6Vn8Wxm9tdr9KuJR6HN0IEx8WpZ8m5MixuepJ7DgqCNXJweh5aPH4%2Bc3g3J0Xey6tKf%2BqkTzonZYk3BwuOoHxLHHs7zzN3g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792a4a24fedfb4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2

static.cyber.bet//fs/kc/17bc1130-a40d-4486-8805-8edc5e3ab5e0.svg

172.66.43.156

200 OK

0 B

URL HTTP/2
static.cyber.bet//fs/kc/17bc1130-a40d-4486-8805-8edc5e3ab5e0.svg
IP
172.66.43.156:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET //fs/kc/17bc1130-a40d-4486-8805-8edc5e3ab5e0.svg HTTP/1.1
Host: static.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1675250362.1.0.1675250362.60.0.0; _ga=GA1.2.188777560.1675250362; _gid=GA1.2.883688926.1675250363; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Wed, 01 Feb 2023 11:19:02 GMT
content-type: image/svg+xml
cache-control: public, max-age=31536000
last-modified: Sat, 26 Nov 2022 04:32:34 GMT
x-imgix-id: eaa9a5ceb4ef9ff91d93849720aab7cfa394d578
x-imgix-render-farm: 02.552
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10054-SJC, cache-bma1648-BMA
x-cache: HIT, MISS
vary: Accept-Encoding
cf-cache-status: HIT
age: 647400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zwYQMfxomIDeZkUBILBkO61vxiK9srZbWorBbcBqtZkQihv5lQKHNpklNOFRmqOr%2FlcrQoG4fmHzGBcHmGSipvIx65Qr8OC0i3aaFbjdLeCNk7FUm4hwaju9Iq%2BfZY9w%2BlM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792a4a2e7dcdb4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2

cdnstatic.cyber.bet/js/libs/phone/intlTelInput.js

54.230.111.5

200 OK

0 B

URL HTTP/2
cdnstatic.cyber.bet/js/libs/phone/intlTelInput.js
IP
54.230.111.5:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js/libs/phone/intlTelInput.js HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1675250362.1.0.1675250362.60.0.0; _ga=GA1.2.188777560.1675250362; _gid=GA1.2.883688926.1675250363; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 24 Jan 2023 12:10:35 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Wed, 01 Feb 2023 11:18:51 GMT
etag: W/"c73ba86bd67306c5889e9aac41e959e0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: QDeYmqspHZK4hlQAdwoJT3WKt0Eb-4oOxgDUq9sL9HV6NkeBESlidg==
age: 15
X-Firefox-Spdy: h2

cyber.bet/land/casino_red_pbn868/?cid=63da4aa48002f10001b4598a&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_casino&promocode=CYBERMAXCAS&subid2=&subid3=&aff_bnnr=&aff_land=1666276955

172.66.43.156

200 OK

0 B

URL HTTP/2
cyber.bet/land/casino_red_pbn868/?cid=63da4aa48002f10001b4598a&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_casino&promocode=CYBERMAXCAS&subid2=&subid3=&aff_bnnr=&aff_land=1666276955
IP
172.66.43.156:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /land/casino_red_pbn868/?cid=63da4aa48002f10001b4598a&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_casino&promocode=CYBERMAXCAS&subid2=&subid3=&aff_bnnr=&aff_land=1666276955 HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://orest-vlv.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 01 Feb 2023 11:19:00 GMT
content-type: text/html
last-modified: Fri, 04 Nov 2022 16:57:42 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QMNrP7gBtv5fWtRCwMbFXKE1u%2BVeBPVEzH6UiI3LsvCoo7aux5Je2sLvj3sFpNVQaQCQdmqZl2SwD1St6ZXKrWnR0m5hn2G6esbz9lS7MZERZJAq2vJ%2FmNN8Xg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792a4a242d7bb4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2

cdnstatic.cyber.bet/css/libs/nice-select.css

54.230.111.5

200 OK

0 B

URL HTTP/2
cdnstatic.cyber.bet/css/libs/nice-select.css
IP
54.230.111.5:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css/libs/nice-select.css HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
content-type: text/css
last-modified: Tue, 24 Jan 2023 12:10:32 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Wed, 01 Feb 2023 11:18:26 GMT
etag: W/"b83506d101e8a03948d5c01e83da2b8e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: om-PmFoIw1kE5VaH1cYZIGmcQSqy1mtUcihm1rvE1RBciNW1RBIFsQ==
age: 35
X-Firefox-Spdy: h2

notix.io/ent/current/enot.min.js

139.45.240.92

200 OK

0 B

URL HTTP/2
notix.io/ent/current/enot.min.js
IP
139.45.240.92:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /ent/current/enot.min.js HTTP/1.1
Host: notix.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 11:18:55 GMT
content-type: application/javascript
last-modified: Wed, 01 Feb 2023 09:48:32 GMT
etag: W/"63da3570-14283"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

pj.l.admedo.com/admtracker.lib.min.js

54.230.111.20

200 OK

0 B

URL HTTP/2
pj.l.admedo.com/admtracker.lib.min.js
IP
54.230.111.20:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /admtracker.lib.min.js HTTP/1.1
Host: pj.l.admedo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 25 Aug 2020 14:10:14 GMT
server: AmazonS3
content-encoding: gzip
date: Wed, 01 Feb 2023 11:16:45 GMT
cache-control: public,max-age=900
etag: W/"5a420213029638ecea775a40089898aa"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: YeyRl0PBg5XvWHAmBh7qc8U5vmUknn4PjXB1WHivsxenBzCo2cF4eg==
age: 140
X-Firefox-Spdy: h2

static.cyber.bet//us/va/9e380f15-f52c-4b37-9e1a-ee1e29eda72f.svg

172.66.43.156

200 OK

0 B

URL HTTP/2
static.cyber.bet//us/va/9e380f15-f52c-4b37-9e1a-ee1e29eda72f.svg
IP
172.66.43.156:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET //us/va/9e380f15-f52c-4b37-9e1a-ee1e29eda72f.svg HTTP/1.1
Host: static.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1675250362.1.0.1675250362.60.0.0; _ga=GA1.2.188777560.1675250362; _gid=GA1.2.883688926.1675250363; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Wed, 01 Feb 2023 11:19:02 GMT
content-type: image/svg+xml
cache-control: public, max-age=31536000
last-modified: Tue, 15 Feb 2022 14:01:52 GMT
x-imgix-id: 5009dab7bf9c2c57dfc23b32759803b69d7d3cb3
x-imgix-render-farm: 01.1064
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10049-SJC, cache-bma1666-BMA
x-cache: HIT, MISS
vary: Accept-Encoding
cf-cache-status: HIT
age: 647400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oqbL0BLWPO4Fj23B9NUvO5n0ZFq445Fbexv34YzKobTQVP6FM5guwpRwDjxnYZF1AC%2BQPsszTLma8dLooLSEtbGE6p0vADL%2BUKMoZGb%2F%2BqSa4F0b9tcunAXu7oJKjECymsA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792a4a2e5da4b4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2

static.cyber.bet//rp/gc/3a3b6125-5608-486b-8f79-4497ca3badfe.svg

172.66.43.156

200 OK

0 B

URL HTTP/2
static.cyber.bet//rp/gc/3a3b6125-5608-486b-8f79-4497ca3badfe.svg
IP
172.66.43.156:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET //rp/gc/3a3b6125-5608-486b-8f79-4497ca3badfe.svg HTTP/1.1
Host: static.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1675250362.1.0.1675250362.60.0.0; _ga=GA1.2.188777560.1675250362; _gid=GA1.2.883688926.1675250363; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Wed, 01 Feb 2023 11:19:02 GMT
content-type: image/svg+xml
cache-control: public, max-age=31536000
last-modified: Tue, 15 Feb 2022 14:00:10 GMT
x-imgix-id: 854adac84f9266f0b69e2c7ea9353daa4bedcf8d
x-imgix-render-farm: 02.552
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10068-SJC, cache-bma1650-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
cf-cache-status: HIT
age: 514984
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ayz%2FdObEJDAL2YxKV7x5iodm%2FI04O5U53%2BF8dBRoWgMELqjtYxGtbvsASkceQ5Hd%2Fom7voxxFrFH9mPnZHzAlK9OpWSJ0LyNgJTN4%2B7%2FYL0PmWufkpaHV90qww1IsJ4On%2B8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792a4a2e6da6b4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2

gml-grp.com/C.ashx?btag=a_19851b_2181c_&affid=5253&siteid=19851&adid=2181&c=

188.114.97.1

302 Found

0 B

URL HTTP/2
gml-grp.com/C.ashx?btag=a_19851b_2181c_&affid=5253&siteid=19851&adid=2181&c=
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /C.ashx?btag=a_19851b_2181c_&affid=5253&siteid=19851&adid=2181&c= HTTP/1.1
Host: gml-grp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://adtraffic.agency/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Wed, 01 Feb 2023 11:19:02 GMT
content-type: text/html; charset=utf-8
cache-control: private
location: //gml-grp.com/C.ashx?btag=a_19851b_2181c_&affid=5253&siteid=19851&adid=2181&c=&AutoR=1
x-aspnet-version: 4.0.30319
set-cookie: CEK=a; expires=Tue, 02-May-2023 11:19:02 GMT; path=/; SameSite=None; Secure
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OhO%2FF%2BKXGm6BfnBMpUD9BzIJDTxMraN%2BQcDdGwFrmgongzFve%2BirKJ6gDAN2esQ43ifoMVySJ%2FpJMw5WwBN8mxzLyABjRTREz7uAvWHFNiPFO7jS9zt%2FdTpNyUQA5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792a4a313a78b4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (43)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML