Report - win88bet.app/

Report Overview

Submitted URL
win88bet.app/
IP
160.153.137.128
ASN
#21501 Host Europe GmbH
Submitted
2022-12-25 23:09:17
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
region1.google-analytics.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	754 B	559 B	216.239.34.36
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	61 kB	34.120.237.76
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
ocsp.godaddy.com	698	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	340 B	2.3 kB	192.124.249.36
vjs.zencdn.net	4968	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	741 B	416 kB	151.101.2.217
img1.wsimg.com	9893	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	888 B	23.36.79.43
img6.wsimg.com	15438	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	819 B	20 kB	23.36.79.43
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.9 kB	34.160.144.191
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	32 kB	23.36.77.32
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	382 B	44 kB	142.250.74.40
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	369 B	21 kB	142.250.74.110
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	468 B	746 B	142.250.74.74
win88bet.app	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	45 kB	160.153.137.128
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	4.9 kB	142.250.74.131
ocsp.starfieldtech.com	6616	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	5.2 kB	192.124.249.24
q1f445.n3cdn1.secureserver.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	6.4 kB	427 kB	162.159.136.45
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.9 kB	53 kB	142.250.74.35
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	341 B	797 B	93.184.220.29
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	54.69.181.45
events.api.secureserver.net	125179	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.8 kB	924 B	104.84.152.58
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-25	medium	win88bet.app/	Phishing
2022-12-25	medium	win88bet.app/	Phishing
2022-12-25	medium	win88bet.app/wp-content/themes/flatsome/assets/js/chunk.vendors-slider.f0d2cbc9.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (26)

	URL	Size	First Seen	Last Seen
	q1f445.n3cdn1.secureserver.net/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9&time=1671727847	6.5 kB	2023-03-07	2024-04-19
Pretty URL q1f445.n3cdn1.secureserver.net/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9&time=1671727847 IP 162.159.136.45 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-19 20:39:51 Times Seen15475 Hash 61449413a42d2daaa79dbe7298b40e21 d86c474164c603084397bdc50fb0e469d28b5772 f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a Loading...

	win88bet.app/	510 B	2023-03-12	2023-03-12
Pretty URL win88bet.app/ IP 160.153.137.128 ASN #21501 Host Europe GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 07:49:12 Last Seen2023-03-12 07:49:12 Times Seen1 Hash 99ab7f19ee50ba54ba5bdcef69c916b6 d626c0fe70e4edc01d41284e1650ae714af8af17 ffbf6e1689ec6e9c62a4cb76eca86374a5e9149a0bf08d239eeddafd7c2a1fd9 Loading...

	unknown	0 B	2023-03-07	2024-04-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-20 06:05:10 Times Seen36969751 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	q1f445.n3cdn1.secureserver.net/wp-includes/js/jquery/jquery.min.js?ver=3.6.1&time=1671727847	90 kB	2023-03-08	2024-04-19
Pretty URL q1f445.n3cdn1.secureserver.net/wp-includes/js/jquery/jquery.min.js?ver=3.6.1&time=1671727847 IP 162.159.136.45 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:46 Last Seen2024-04-19 20:39:51 Times Seen31782 Hash 17738318d61d394f1de8890d589afaec f6d0c4dc1399cf02d53f5753ad46573a8bbc2ac3 cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981 Loading...

	win88bet.app/	2.1 kB	2023-03-07	2024-04-19
Pretty URL win88bet.app/ IP 160.153.137.128 ASN #21501 Host Europe GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:09 Last Seen2024-04-19 11:02:50 Times Seen6335 Hash 9cd47ac5a0389a37b4d8e7d194e17c9a 9121da7907e37462c10ce8616f06b5c22f640744 ae37d2523200d80db4a789404c079f2cb1bb172ed526cb27909f929c9d935cda Loading...

	win88bet.app/	464 B	2023-03-12	2023-03-12
Pretty URL win88bet.app/ IP 160.153.137.128 ASN #21501 Host Europe GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 07:49:12 Last Seen2023-03-12 07:49:12 Times Seen1 Hash c9fab23051749f6c3e0ee1eca65f969f 5ddbb75fa4639c803ca5f23377ffa9b0126fecf0 fb11d5e2f7b8f23376f69152d32a3a90a0ce1f01f7ad69b58577c0ccf79e4b2f Loading...

	win88bet.app/	3.4 kB	2023-03-07	2024-04-19
Pretty URL win88bet.app/ IP 160.153.137.128 ASN #21501 Host Europe GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:09 Last Seen2024-04-19 11:02:50 Times Seen6148 Hash a94b76e45c11675df9f26fd25a8e4359 1cd29363bb1b514e6f7ef031f1831008df181f17 4569f5c3704a88394335b0fabccd6460ba5e582c3058f9286f42cc589da02899 Loading...

	win88bet.app/	1.6 kB	2023-03-07	2024-02-28
Pretty URL win88bet.app/ IP 160.153.137.128 ASN #21501 Host Europe GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:11 Last Seen2024-02-28 18:39:21 Times Seen126 Hash 17e7cbe40a32845040c683e20c7c371c 82fc753a6f84bd8d78197b2e372b762a9fc61297 16f3458125ff21d0212219d1a944eadf6fec8ac0f18212456fa47bb7ac7b5187 Loading...

	www.googletagmanager.com/gtag/js?id=UA-233469372-1	112 kB	2023-03-12	2023-03-12
Pretty URL www.googletagmanager.com/gtag/js?id=UA-233469372-1 IP 142.250.74.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 07:49:12 Last Seen2023-03-12 07:49:12 Times Seen1 Hash 41ff74e6844e72ac608b29edd24c0cd8 e7514c94f11f56a456afefcc131f58ee1e5b15e0 25e68506de649805c007db01eb238c4d18ca55d4b12f1960d6aa57b67fb0a2d1 Loading...

	win88bet.app/wp-content/themes/flatsome/assets/js/chunk.vendors-slider.f0d2cbc9.js	50 kB	2023-03-07	2024-04-18
Pretty URL win88bet.app/wp-content/themes/flatsome/assets/js/chunk.vendors-slider.f0d2cbc9.js IP 160.153.137.128 ASN #21501 Host Europe GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:41:09 Last Seen2024-04-18 11:25:16 Times Seen597 Hash 605fc409bf1ea2cc85851c1b6c9ded53 bff6d8038c726160a19474eedee51bdd6a288a05 7ff4c36da2ced48cc30fc8512ca858e878af31a753b0317e8484792992f32b12 Loading...

	www.googletagmanager.com/gtag/js?id=G-GVGSFYH6LM&l=dataLayer&cx=c	182 kB	2023-03-12	2023-03-12
Pretty URL www.googletagmanager.com/gtag/js?id=G-GVGSFYH6LM&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 07:49:12 Last Seen2023-03-12 07:49:12 Times Seen1 Hash fdd234f071d25970abc51c64a7ab5bb6 66d97927babd23a28ea0d6252c2f6ce6b25a2570 ab87e290916e37cc138d555debcaa8ea247cabc79c7ad404e4664bb11ee5375a Loading...

	win88bet.app/	162 B	2023-03-12	2023-03-12
Pretty URL win88bet.app/ IP 160.153.137.128 ASN #21501 Host Europe GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 07:49:12 Last Seen2023-03-12 07:49:12 Times Seen1 Hash ebbcd9b0b07293d3638b25166c6c3505 708d5c151b6b16328c65e749fd4dc8cfa582a874 dc5cd251db58a1821d9dc0360951f01729f6e3516c1503f14988db499e8cca18 Loading...

	win88bet.app/	1.1 kB	2023-03-12	2023-03-12
Pretty URL win88bet.app/ IP 160.153.137.128 ASN #21501 Host Europe GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 07:49:12 Last Seen2023-03-12 07:49:12 Times Seen1 Hash f9eee34564b103a8084281cb6845657d 8c3b0f39c8a13e592e790f5d9f023d8a0ac68b0d 8038045ca5051fda996533f52c997dad9f05cff82b1ac6e2bc9f56b32d4801f0 Loading...

	q1f445.n3cdn1.secureserver.net/wp-content/themes/flatsome/assets/js/flatsome.js?ver=388f0b8795e1ae23b3e106841320e647&time=1671727847	55 kB	2023-03-07	2024-03-27
Pretty URL q1f445.n3cdn1.secureserver.net/wp-content/themes/flatsome/assets/js/flatsome.js?ver=388f0b8795e1ae23b3e106841320e647&time=1671727847 IP 162.159.136.45 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:55:45 Last Seen2024-03-27 05:08:07 Times Seen220 Hash 7f337c4e9614f7e9aa19466a26319a42 26b0941a7908f07d4313de44c1cadc9e4d59f130 bb8f9c0b6f55983a618124de792bbc164246852b4b38fa7681d27d651e24bb8d Loading...

	q1f445.n3cdn1.secureserver.net/wp-includes/js/hoverIntent.min.js?ver=1.10.2&time=1671727847	1.5 kB	2023-03-07	2024-04-19
Pretty URL q1f445.n3cdn1.secureserver.net/wp-includes/js/hoverIntent.min.js?ver=1.10.2&time=1671727847 IP 162.159.136.45 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:10 Last Seen2024-04-19 20:39:52 Times Seen27365 Hash 8c0498e2f1f7a684a8d2a3feb934b64b 76099689ccaee466d4608da621c403b368dcae03 ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40 Loading...

	win88bet.app/	589 B	2023-03-07	2024-04-18
Pretty URL win88bet.app/ IP 160.153.137.128 ASN #21501 Host Europe GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:41 Last Seen2024-04-18 13:38:36 Times Seen339 Hash 3a9846d5452eae5ba3ea77211d93d43e 0865571280ff437d40eacc8b0a2beeefdaaa4db9 107b854fc832809a763ca32c4e379f3da6a9a96fce0152e377972bc5905cb70c Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-19
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.110 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-19 19:03:21 Times Seen1521 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	win88bet.app/	297 B	2023-03-12	2023-03-12
Pretty URL win88bet.app/ IP 160.153.137.128 ASN #21501 Host Europe GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 07:49:12 Last Seen2023-03-12 07:49:12 Times Seen1 Hash f349b0ad6b191e2c0bb392068057fd9f 62c280d0734f697caa5a46b5197a1f3a1da0494e 5004df7ee0cdb04292c8167fba47881fa72c15cf7a34f289ef30a70affcc509b Loading...

	q1f445.n3cdn1.secureserver.net/wp-content/plugins/kk-star-ratings/src/core/public/js/kk-star-ratings.min.js?ver=5.4.2&time=1671727847	1.4 kB	2023-03-07	2024-04-18
Pretty URL q1f445.n3cdn1.secureserver.net/wp-content/plugins/kk-star-ratings/src/core/public/js/kk-star-ratings.min.js?ver=5.4.2&time=1671727847 IP 162.159.136.45 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:48 Last Seen2024-04-18 14:59:39 Times Seen750 Hash f5e63bd61d061e63482b1d4df3768ee4 91df0bce4537e6b65fe380f4f6db9ed9dbe95a41 acdebf935ded5cb063dcca7c46be5bbc503af5e76e295f6d0b7093c4514ed256 Loading...

	q1f445.n3cdn1.secureserver.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2&time=1671727847	11 kB	2023-03-07	2024-04-19
Pretty URL q1f445.n3cdn1.secureserver.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2&time=1671727847 IP 162.159.136.45 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-19 22:30:21 Times Seen68500 Hash 79b4956b7ec478ec10244b5e2d33ac7d a46025b9d05e3df30d610a8aef14f392c7058dc9 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Loading...

	q1f445.n3cdn1.secureserver.net/wp-content/themes/flatsome/inc/extensions/flatsome-live-search/flatsome-live-search.js?ver=3.15.3&time=1671727847	16 kB	2023-03-07	2024-04-18
Pretty URL q1f445.n3cdn1.secureserver.net/wp-content/themes/flatsome/inc/extensions/flatsome-live-search/flatsome-live-search.js?ver=3.15.3&time=1671727847 IP 162.159.136.45 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19:17 Last Seen2024-04-18 07:54:29 Times Seen1225 Hash 28c3a79b698984aeea534457071a9fb2 ee62a28760e7263f10307a988b244f1f0237601a e3d3660aee33ed4ad14e6dadf15503bf26d877be610ff8c69db18653cc8b8915 Loading...

	img1.wsimg.com/traffic-assets/js/tccl-tti.min.js	25 kB	2023-03-07	2024-02-02
Pretty URL img1.wsimg.com/traffic-assets/js/tccl-tti.min.js IP 23.36.79.43 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:41 Last Seen2024-02-02 18:24:37 Times Seen8238 Hash ce554d2333f3801abafb32da18213ff7 ef2b32494849244d9b9d8c23178e082cec9eab7f 6e74c12390bdb48bf5b0bb295ceed4f68add11467d2472d983a42e3023ecf312 Loading...

	img1.wsimg.com/tcc/tcc_l.combined.1.0.6.min.js	46 kB	2023-03-08	2023-10-19
Pretty URL img1.wsimg.com/tcc/tcc_l.combined.1.0.6.min.js IP 23.36.79.43 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:28:04 Last Seen2023-10-19 15:41:33 Times Seen5267 Hash 5c3e20ad749ddb088afc84b1b7ff009e c10abbdda3109549150f58c07f304c1d7f8a8d47 d10c120206d25caa3deafc45a0ed90f2a6ce5290402c4502a68d95bcaeaa898b Loading...

	q1f445.n3cdn1.secureserver.net/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js	8.3 kB	2023-03-07	2024-04-18
Pretty URL q1f445.n3cdn1.secureserver.net/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js IP 162.159.136.45 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:43 Last Seen2024-04-18 22:13:38 Times Seen3067 Hash b00219cb958052cb557115d55f0c8d48 3c55bbf5a8082db61decff924aaf787f4337df86 8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6 Loading...

	q1f445.n3cdn1.secureserver.net/wp-content/themes/flatsome/inc/integrations/wp-rocket/flatsome-wp-rocket.js?ver=3&time=1671727847	364 B	2023-03-07	2024-01-30
Pretty URL q1f445.n3cdn1.secureserver.net/wp-content/themes/flatsome/inc/integrations/wp-rocket/flatsome-wp-rocket.js?ver=3&time=1671727847 IP 162.159.136.45 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:36 Last Seen2024-01-30 11:22:50 Times Seen63 Hash c14f4e125c5794e70db9e9cbcffcb951 9de48f2c6393bd951b23bb0bf51e20aef804577b 99e6d798500852386f57514e9ae9868b32649bccb95398ccff8cd888bf6ee7a6 Loading...

	win88bet.app/	102 B	2023-03-07	2024-04-19
Pretty URL win88bet.app/ IP 160.153.137.128 ASN #21501 Host Europe GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:19 Last Seen2024-04-19 11:02:50 Times Seen6714 Hash 336b4b067dcb50351d5e2d7c92cf1631 9709109f27eaad0c5a1e50facc142f8f197a11b6 ef2f7f28db32250196ae2c8242611a7f7159c2a539dabd40b82071b1c07561c6 Loading...

HTTP Transactions (65)

URL IP Response Size

win88bet.app/

160.153.137.128

308 Permanent Redirect

57 B

URL HTTP/1.1
win88bet.app/
IP
160.153.137.128:0
ASN
#21501 Host Europe GmbH

File type
HTML document, ASCII text
Size
57 B (57 bytes)
Hash
1dd6c4b1b1bc2ea08df4532a898e7a51
fb9dc586c68a630a1567ee9f3856cfdc5b9070e3
10983445417ae3a23650b11189c89e7d0ffb8e1e3453257ce4d250d670aa2cfa

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: win88bet.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 308 Permanent Redirect
Content-Type: text/html; charset=utf-8
Location: https://win88bet.app/
Date: Sun, 25 Dec 2022 23:09:05 GMT
Content-Length: 57

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
96defe1601ba891731eee83f0830649d
ba500679fd337488c3f60543561740ff0dfc1898
d2a320a9feb1a874af3da921db2a8619513968724ef8eb0715c010291c4cf8d9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D2A320A9FEB1A874AF3DA921DB2A8619513968724EF8EB0715C010291C4CF8D9"
Last-Modified: Sun, 25 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5450
Expires: Mon, 26 Dec 2022 00:39:55 GMT
Date: Sun, 25 Dec 2022 23:09:05 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9cce060ddc316540d079e6816a1e7412
709a74969d1996d2b35ef0f7f34ae18455169f1e
6d58b895476c9ab451d8fc51df98809adca445bc6e9d720430e80a0c85242879

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6D58B895476C9AB451D8FC51DF98809ADCA445BC6E9D720430E80A0C85242879"
Last-Modified: Sun, 25 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4029
Expires: Mon, 26 Dec 2022 00:16:14 GMT
Date: Sun, 25 Dec 2022 23:09:05 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Type, Content-Length, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 25 Dec 2022 22:46:26 GMT
content-type: application/json
age: 1359
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6b1d63d9d906daa309dc263b4991bbe9
04680ddd86781d46dfe6a9671571b3ad1f3758f3
46fff7230b88de4cd81dfb0feb783d2dec27e49041f9257d2fb891030781bf6c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "46FFF7230B88DE4CD81DFB0FEB783D2DEC27E49041F9257D2FB891030781BF6C"
Last-Modified: Fri, 23 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12278
Expires: Mon, 26 Dec 2022 02:33:43 GMT
Date: Sun, 25 Dec 2022 23:09:05 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: oSJd+HAXKVvl5IrpFVGCwqXDuFjGP8bImRbOXc4+tHB1TDzgGecsd1NDwnaZG7YpmJ/GJ2mg0ZyQtH/hgjhpOA==
x-amz-request-id: A2H7JC8SC4DWXDB1
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 25 Dec 2022 22:57:11 GMT
age: 714
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 25 Dec 2022 23:09:05 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.godaddy.com/

192.124.249.36

200 OK

1.8 kB

URL HTTP/1.1
ocsp.godaddy.com/
IP
192.124.249.36:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1778 bytes)
Hash
b4428d295c58467bb81ba74d63b3522f
6f09866f74bad9c10214a1e57e30b2f84e2ef23b
9cbcd9d5fe1f05632d68aaeee77736947f4c001868c6e8aa8dcae7e0662e85ed

HTTP Headers

POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sun, 25 Dec 2022 23:09:05 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sun, 25 Dec 2022 20:31:46 GMT
Expires: Mon, 26 Dec 2022 20:31:46 GMT
ETag: "6f09866f74bad9c10214a1e57e30b2f84e2ef23b"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

win88bet.app/

160.153.137.128

200 OK

30 kB

URL HTTP/2
win88bet.app/
IP
160.153.137.128:0
ASN
#21501 Host Europe GmbH

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5965)
Size
30 kB (30075 bytes)
Hash
dc50fc9988d5d2a8cf6ecd0373b7b268
d9a9eb6f84c445d3531c93e91cc1d0cd67175338
acbcb4d51c8a33dff8f03e57ade92b98421973b7961e6f0185ea70f474969ba2

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: win88bet.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
server: openresty
date: Sun, 25 Dec 2022 23:09:06 GMT
content-type: text/html; charset=UTF-8
content-length: 30075
accept-ranges: bytes
age: 279225
cache-control: max-age=2592000
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
expires: Sat, 21 Jan 2023 17:35:19 GMT
last-modified: Thu, 22 Dec 2022 17:35:20 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding, User-Agent
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-fawn-proc-count: 1,0,24
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
508c2c991a10f5f048c213f732698d4c
5a43bb96597ada2c1a16fb35c6cd74529bb306c4
bdf5e18cacb564fe4be4448d268ecee27b7139b91109b6d0727f2b809c6b5f3f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Dec 2022 23:09:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
09e8af46742d0b5be1adedadb11e66af
4813ca0140478abb24c6fa012b4184cb2f3253c9
31d3905131f21b4a8fd8a4764b8dd57b2e994153f511b65a15ce7ecc386040c8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Dec 2022 23:09:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

vjs.zencdn.net/7.11.4/video-js.css

151.101.2.217

200 OK

11 kB

URL HTTP/2
vjs.zencdn.net/7.11.4/video-js.css
IP
151.101.2.217:0
ASN
#54113 FASTLY

File type
Unicode text, UTF-8 text, with very long lines (5844)
Size
11 kB (10745 bytes)
Hash
3fd817fc07f52461f5f7f6e69459f40c
da1a9b7b851c32b1b43f7e6becbf0ffbd32758af
a17514bd5d84a5e6460a4fd12ca61635135b8ca7915ff341fc3d49825b510ab5

HTTP Headers

GET /7.11.4/video-js.css HTTP/1.1
Host: vjs.zencdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://win88bet.app/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Thu, 04 Feb 2021 16:37:52 GMT
etag: "13cc2ed05f4f7b5730bffafc2b2e4eb3"
cache-control: public, max-age=31536000
content-type: text/css; charset=utf-8
content-encoding: gzip
date: Sun, 25 Dec 2022 23:09:06 GMT
x-served-by: cache-bma1669-BMA
x-cache: HIT
x-cache-hits: 7
vary: Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
content-length: 10745
X-Firefox-Spdy: h2

vjs.zencdn.net/7.3.0/video.js

151.101.2.217

200 OK

404 kB

URL HTTP/2
vjs.zencdn.net/7.3.0/video.js
IP
151.101.2.217:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (320)
Size
404 kB (404484 bytes)
Hash
af333d33330756d9a309b2a930134cb4
ee910139d2db44dd6e4ef7e718a1f1203a62430a
89f8f638e237cb778930db0411ab4c37526755f509effc1d7c9f64b2bd9673c6

HTTP Headers

GET /7.3.0/video.js HTTP/1.1
Host: vjs.zencdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://win88bet.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Fri, 26 Oct 2018 18:06:27 GMT
etag: "0972eb437564f4ba43a7adb2d807682a"
cache-control: public, max-age=31536000
content-type: application/javascript; charset=utf-8
content-encoding: gzip
date: Sun, 25 Dec 2022 23:09:06 GMT
x-served-by: cache-bma1669-BMA
x-cache: HIT
x-cache-hits: 1
vary: Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
content-length: 404484
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=UA-233469372-1

142.250.74.40

200 OK

44 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-233469372-1
IP
142.250.74.40:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1921)
Size
44 kB (43631 bytes)
Hash
fde3cf4045611c3f0026c2e264d66427
68ec6ca627210c49671faf32522c875d58353dea
534175b2567403b8e0609348d2947692abf790def3df58c12e3e24706311ff14

HTTP Headers

GET /gtag/js?id=UA-233469372-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://win88bet.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 25 Dec 2022 23:09:06 GMT
expires: Sun, 25 Dec 2022 23:09:06 GMT
cache-control: private, max-age=900
last-modified: Sun, 25 Dec 2022 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43631
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.starfieldtech.com/

192.124.249.24

200 OK

1.8 kB

URL HTTP/1.1
ocsp.starfieldtech.com/
IP
192.124.249.24:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1845 bytes)
Hash
b18dda901ba8e3cbf6b1209ade07d85b
30caeebaa5c165cc4b7b3baa523ed52483257b75
537cd707434eeefa13bce8f612e43a74bebfa1fd6bc8535cc1210c5e59f9dbe6

HTTP Headers

POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sun, 25 Dec 2022 23:09:06 GMT
Content-Type: application/ocsp-response
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sun, 25 Dec 2022 19:05:15 GMT
Expires: Mon, 26 Dec 2022 19:05:15 GMT
ETag: "30caeebaa5c165cc4b7b3baa523ed52483257b75"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

img1.wsimg.com/tcc/tcc_l.combined.1.0.6.min.js

23.36.79.43

302 Found

0 B

URL HTTP/2
img1.wsimg.com/tcc/tcc_l.combined.1.0.6.min.js
IP
23.36.79.43:0
ASN
#20940 Akamai International B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tcc/tcc_l.combined.1.0.6.min.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://win88bet.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
content-length: 0
location: https://img1.wsimg.com/traffic-assets/js/tccl.min.js
cache-control: max-age=1800
expires: Sun, 25 Dec 2022 23:39:06 GMT
date: Sun, 25 Dec 2022 23:09:06 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2

img1.wsimg.com/traffic-assets/js/tccl-tti.min.js

23.36.79.43

302 Found

0 B

URL HTTP/2
img1.wsimg.com/traffic-assets/js/tccl-tti.min.js
IP
23.36.79.43:0
ASN
#20940 Akamai International B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /traffic-assets/js/tccl-tti.min.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://win88bet.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
content-length: 0
location: https://img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js
cache-control: max-age=1800
expires: Sun, 25 Dec 2022 23:39:06 GMT
date: Sun, 25 Dec 2022 23:09:06 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
09e8af46742d0b5be1adedadb11e66af
4813ca0140478abb24c6fa012b4184cb2f3253c9
31d3905131f21b4a8fd8a4764b8dd57b2e994153f511b65a15ce7ecc386040c8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Dec 2022 23:09:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
508c2c991a10f5f048c213f732698d4c
5a43bb96597ada2c1a16fb35c6cd74529bb306c4
bdf5e18cacb564fe4be4448d268ecee27b7139b91109b6d0727f2b809c6b5f3f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Dec 2022 23:09:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

img1.wsimg.com/traffic-assets/js/tccl.min.js

23.36.79.43

302 Found

0 B

URL HTTP/2
img1.wsimg.com/traffic-assets/js/tccl.min.js
IP
23.36.79.43:0
ASN
#20940 Akamai International B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /traffic-assets/js/tccl.min.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://win88bet.app/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
content-length: 0
location: https://img6.wsimg.com/wrhs/5c3e20ad749ddb088afc84b1b7ff009e/tccl.min.js
cache-control: max-age=1800
expires: Sun, 25 Dec 2022 23:39:06 GMT
date: Sun, 25 Dec 2022 23:09:06 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2

img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js

23.36.79.43

200 OK

7.5 kB

URL HTTP/2
img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js
IP
23.36.79.43:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (24676)
Size
7.5 kB (7498 bytes)
Hash
b8a5a228a358454084c34dd1cf431c61
37aa5fe6e083b8147156ca66a1993a7bd74e8a61
06fae5ccf58a27a8e2ae6a0e7722f42db507c1873751f587cddd090810d94492

HTTP Headers

GET /wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js HTTP/1.1
Host: img6.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://win88bet.app/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
accept-ranges: bytes
content-encoding: br
etag: "ce554d2333f3801abafb32da18213ff7"
last-modified: Mon, 17 Jan 2022 17:21:37 GMT
vary: Accept-Encoding
x-edgeconnect-midmile-rtt: 8
x-edgeconnect-origin-mex-latency: 357
x-amz-id-2: nldPfdb2FYbpxPRfMYRSd83AOL7ZmlBdZQSm5hguJELKdfn8+sza0oLEpTYjiKd2JeD3gDplFHw=
x-amz-request-id: RJ3J3PMANG6125DE
x-amz-server-side-encryption: AES256
x-amz-version-id: F4fYptXBkP0fCCCWFLfVGE1HXlZmORny
content-length: 7498
x-edgeconnect-cache-status: 1
cache-control: max-age=31536000
date: Sun, 25 Dec 2022 23:09:06 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2

img6.wsimg.com/wrhs/5c3e20ad749ddb088afc84b1b7ff009e/tccl.min.js

23.36.79.43

200 OK

11 kB

URL HTTP/2
img6.wsimg.com/wrhs/5c3e20ad749ddb088afc84b1b7ff009e/tccl.min.js
IP
23.36.79.43:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (45837)
Size
11 kB (11347 bytes)
Hash
645b88efa25fd10bf181698e5f994175
c702cebb7ad47f0839332bedae7c7913d7113b25
9555a4ec4987438fc2d5ffd29e91bec3e1829e3f765e700f8d8941412e5eb520

HTTP Headers

GET /wrhs/5c3e20ad749ddb088afc84b1b7ff009e/tccl.min.js HTTP/1.1
Host: img6.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://win88bet.app/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
accept-ranges: bytes
content-encoding: br
etag: "5c3e20ad749ddb088afc84b1b7ff009e"
last-modified: Tue, 29 Nov 2022 21:26:18 GMT
vary: Accept-Encoding
x-amz-id-2: vfCRznBpTwUzsQTqqHQrPBdgJL8bd9m6fgJ2RsnQ7TUvg/tSMOpz6ogFdrj21JebiN+bK0g/VZM=
x-amz-request-id: FH0P3E93SF8PA32Y
x-amz-server-side-encryption: AES256
x-amz-version-id: sTnOEJpl_Bn63xNm3Yru0HbQaHbS55CR
content-length: 11347
cache-control: max-age=31536000
date: Sun, 25 Dec 2022 23:09:06 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2

ocsp.starfieldtech.com/

192.124.249.24

200 OK

1.8 kB

URL HTTP/1.1
ocsp.starfieldtech.com/
IP
192.124.249.24:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1845 bytes)
Hash
b18dda901ba8e3cbf6b1209ade07d85b
30caeebaa5c165cc4b7b3baa523ed52483257b75
537cd707434eeefa13bce8f612e43a74bebfa1fd6bc8535cc1210c5e59f9dbe6

HTTP Headers

POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sun, 25 Dec 2022 23:09:06 GMT
Content-Type: application/ocsp-response
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sun, 25 Dec 2022 19:05:15 GMT
Expires: Mon, 26 Dec 2022 19:05:15 GMT
ETag: "30caeebaa5c165cc4b7b3baa523ed52483257b75"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, ETag, Pragma, Last-Modified, Expires, Alert, Content-Type, Retry-After, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 25 Dec 2022 23:08:04 GMT
age: 62
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a4887aa0a07d726c889d8dfbddc359c6
83658ae9db1abb14fb2b869bf451caa97ef58e4d
085603732bde2eb04b81ae99e116350593ad282d21e81bfd624c0f9543247cd9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Dec 2022 23:09:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a4887aa0a07d726c889d8dfbddc359c6
83658ae9db1abb14fb2b869bf451caa97ef58e4d
085603732bde2eb04b81ae99e116350593ad282d21e81bfd624c0f9543247cd9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Dec 2022 23:09:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

q1f445.n3cdn1.secureserver.net/wp-content/themes/flatsome/assets/css/flatsome.css?ver=3.15.3&time=1671727847

162.159.136.45

200 OK

34 kB

URL HTTP/2
q1f445.n3cdn1.secureserver.net/wp-content/themes/flatsome/assets/css/flatsome.css?ver=3.15.3&time=1671727847
IP
162.159.136.45:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65536), with no line terminators
Size
34 kB (34063 bytes)
Hash
b1de55d39c5479a3f4ba8ace7546a4af
11d4a56a49627c9356f8c11c203642be9e4a51fe
ce935dc867bfd8ca0e4eba61d4a2b660eaf4d33f53cc9625a88d9bffd28f6081

HTTP Headers

GET /wp-content/themes/flatsome/assets/css/flatsome.css?ver=3.15.3&time=1671727847 HTTP/1.1
Host: q1f445.n3cdn1.secureserver.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://win88bet.app/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 25 Dec 2022 23:09:06 GMT
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests
expires: Mon, 25 Dec 2023 23:09:06 GMT
last-modified: Wed, 22 Jun 2022 10:46:31 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
cf-cache-status: HIT
server: cloudflare
cf-ray: 77f53e145a90b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

142.250.74.35

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://win88bet.app
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 23 Dec 2022 13:33:13 GMT
expires: Sat, 23 Dec 2023 13:33:13 GMT
cache-control: public, max-age=31536000
age: 207353
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.35

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://win88bet.app
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Dec 2022 19:33:54 GMT
expires: Thu, 21 Dec 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 358512
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

q1f445.n3cdn1.secureserver.net/wp-includes/js/jquery/jquery.min.js?ver=3.6.1&time=1671727847

162.159.136.45

200 OK

44 kB

URL HTTP/2
q1f445.n3cdn1.secureserver.net/wp-includes/js/jquery/jquery.min.js?ver=3.6.1&time=1671727847
IP
162.159.136.45:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65447)
Size
44 kB (43845 bytes)
Hash
5379619269f7f18e48e52b9f7a841549
2f98020c0522701a94abe943f59e22b998531ffc
9697bfe0556331664145ff8cb8fb75f16dd24cf14e4779c28cb4e8c56e740d68

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1&time=1671727847 HTTP/1.1
Host: q1f445.n3cdn1.secureserver.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://win88bet.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 25 Dec 2022 23:09:06 GMT
content-type: application/javascript
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests
expires: Mon, 25 Dec 2023 23:09:06 GMT
last-modified: Fri, 16 Dec 2022 13:08:09 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
cf-cache-status: HIT
server: cloudflare
cf-ray: 77f53e147ab2b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2

142.250.74.35

200 OK

12 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 11824, version 1.0\012- data
Size
12 kB (11824 bytes)
Hash
deb26e9b1a25438118e5d39d741ae6b6
a2801defb4c8bed8e4083dfde0b2a5a9c0537020
fc66f942651a9fe1a598770d3d896529dcd7a03d02f40655451513093103e61b

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://win88bet.app
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11824
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 24 Dec 2022 22:25:27 GMT
expires: Sun, 24 Dec 2023 22:25:27 GMT
cache-control: public, max-age=31536000
age: 89019
last-modified: Wed, 11 May 2022 19:24:43 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a4887aa0a07d726c889d8dfbddc359c6
83658ae9db1abb14fb2b869bf451caa97ef58e4d
085603732bde2eb04b81ae99e116350593ad282d21e81bfd624c0f9543247cd9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Dec 2022 23:09:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2

142.250.74.35

200 OK

5.5 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 5548, version 1.0\012- data
Size
5.5 kB (5548 bytes)
Hash
cdaab83619fcacd4027a77c99dd51e69
9e6eae8554f8cc2309b2dae2d9fa217e34eed6a4
4ec57f2a80b91090971b83970230ca09ab3568c5f5b224896ca9aa6180a76aa9

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://win88bet.app
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5548
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Dec 2022 20:56:07 GMT
expires: Thu, 21 Dec 2023 20:56:07 GMT
cache-control: public, max-age=31536000
age: 353580
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

q1f445.n3cdn1.secureserver.net/wp-content/plugins/kk-star-ratings/src/core/public/css/kk-star-ratings.min.css?ver=5.4.2&time=1671727847

162.159.136.45

200 OK

6.1 kB

URL HTTP/2
q1f445.n3cdn1.secureserver.net/wp-content/plugins/kk-star-ratings/src/core/public/css/kk-star-ratings.min.css?ver=5.4.2&time=1671727847
IP
162.159.136.45:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (2181)
Size
6.1 kB (6117 bytes)
Hash
71d91b05c67e04fbc97ca42b3c5c9a84
267a2b36e428a671f3b21b71aed87ad6175e3392
c0e512e4d1c832cb5eed39e4268f753dc1aad5b31b2769779ead34237b293fba

HTTP Headers

GET /wp-content/plugins/kk-star-ratings/src/core/public/css/kk-star-ratings.min.css?ver=5.4.2&time=1671727847 HTTP/1.1
Host: q1f445.n3cdn1.secureserver.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://win88bet.app/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 25 Dec 2022 23:09:06 GMT
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests
expires: Mon, 25 Dec 2023 23:09:06 GMT
last-modified: Sun, 18 Dec 2022 19:27:04 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
cf-cache-status: HIT
server: cloudflare
cf-ray: 77f53e147ab1b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
bdc6ddd27a64c85bd15f78b39a79874c
965b8f1b763483b4b4dfe35526d27393d1fdf05c
d2f4dee4d920109e0751634731bea278c9ea9e6c0120ac07969eba74ddbfe615

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3351
Cache-Control: max-age=125612
Content-Type: application/ocsp-response
Date: Sun, 25 Dec 2022 23:09:07 GMT
Etag: "63a812a8-1d7"
Expires: Tue, 27 Dec 2022 10:02:39 GMT
Last-Modified: Sun, 25 Dec 2022 09:06:48 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

q1f445.n3cdn1.secureserver.net/wp-content/plugins/kk-star-ratings/src/core/public/js/kk-star-ratings.min.js?ver=5.4.2&time=1671727847

162.159.136.45

200 OK

21 kB

URL HTTP/2
q1f445.n3cdn1.secureserver.net/wp-content/plugins/kk-star-ratings/src/core/public/js/kk-star-ratings.min.js?ver=5.4.2&time=1671727847
IP
162.159.136.45:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (1278)
Size
21 kB (20828 bytes)
Hash
2928f470cba8817cec3988d03cea6ad5
b85bd43f8d26b40d57977bbd5adc2b51472f184a
16c777893441d1f0ced0a8d7ea23186bb4d5b5c8ea955fe502a4d235198f371d

HTTP Headers

GET /wp-content/plugins/kk-star-ratings/src/core/public/js/kk-star-ratings.min.js?ver=5.4.2&time=1671727847 HTTP/1.1
Host: q1f445.n3cdn1.secureserver.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://win88bet.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Dec 2022 23:09:06 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests
expires: Mon, 25 Dec 2023 23:09:06 GMT
last-modified: Sun, 18 Dec 2022 19:27:04 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
cf-cache-status: HIT
server: cloudflare
cf-ray: 77f53e145a93b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

q1f445.n3cdn1.secureserver.net/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9&time=1671727847

162.159.136.45

200 OK

30 kB

URL HTTP/2
q1f445.n3cdn1.secureserver.net/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9&time=1671727847
IP
162.159.136.45:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (6475), with no line terminators
Size
30 kB (29525 bytes)
Hash
3b78a2ab78e300a23752a72a09121bae
d95cc9231d444befcc69657f27ca5e6a7f68287c
0f0400f35bc317372bcefe9c8d6df846542dd7bffa1169be667fcc5d6a661cae

HTTP Headers

GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9&time=1671727847 HTTP/1.1
Host: q1f445.n3cdn1.secureserver.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://win88bet.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Dec 2022 23:09:06 GMT
content-type: application/javascript
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests
expires: Mon, 25 Dec 2023 23:09:06 GMT
last-modified: Fri, 16 Dec 2022 13:08:09 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
cf-cache-status: HIT
server: cloudflare
cf-ray: 77f53e145a95b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

q1f445.n3cdn1.secureserver.net/wp-content/themes/flatsome/inc/extensions/flatsome-live-search/flatsome-live-search.js?ver=3.15.3&time=1671727847

162.159.136.45

200 OK

41 kB

URL HTTP/2
q1f445.n3cdn1.secureserver.net/wp-content/themes/flatsome/inc/extensions/flatsome-live-search/flatsome-live-search.js?ver=3.15.3&time=1671727847
IP
162.159.136.45:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (12801)
Size
41 kB (41107 bytes)
Hash
9756444420112fa03a01fac63f7e94e4
48e8e2ff1c8ce295828cb9cd81518940e2a98263
06154beddc50e421b18e27387b12760746174a1a944b1f12eae5f1f9177098ca

HTTP Headers

GET /wp-content/themes/flatsome/inc/extensions/flatsome-live-search/flatsome-live-search.js?ver=3.15.3&time=1671727847 HTTP/1.1
Host: q1f445.n3cdn1.secureserver.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://win88bet.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Dec 2022 23:09:06 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests
expires: Mon, 25 Dec 2023 23:09:06 GMT
last-modified: Wed, 22 Jun 2022 10:46:22 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
cf-cache-status: HIT
server: cloudflare
cf-ray: 77f53e146aa1b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

q1f445.n3cdn1.secureserver.net/wp-includes/js/hoverIntent.min.js?ver=1.10.2&time=1671727847

162.159.136.45

200 OK

242 kB

URL HTTP/2
q1f445.n3cdn1.secureserver.net/wp-includes/js/hoverIntent.min.js?ver=1.10.2&time=1671727847
IP
162.159.136.45:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (1464)
Size
242 kB (242203 bytes)
Hash
b255445b579eab37acb8b3dfad12c8a3
6ed30e7e7657bfdd6ea2863ca836c436cc013d42
512e91622d5e7df909e2df404f6396cfe251e6d35a12d4641a95f8971a381b81

HTTP Headers

GET /wp-includes/js/hoverIntent.min.js?ver=1.10.2&time=1671727847 HTTP/1.1
Host: q1f445.n3cdn1.secureserver.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://win88bet.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Dec 2022 23:09:06 GMT
content-type: application/javascript
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests
expires: Mon, 25 Dec 2023 23:09:06 GMT
last-modified: Fri, 16 Dec 2022 13:08:09 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
cf-cache-status: HIT
server: cloudflare
cf-ray: 77f53e145a97b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

win88bet.app/wp-content/themes/flatsome/assets/js/chunk.vendors-slider.f0d2cbc9.js

160.153.137.128

200 OK

13 kB

URL HTTP/2
win88bet.app/wp-content/themes/flatsome/assets/js/chunk.vendors-slider.f0d2cbc9.js
IP
160.153.137.128:0
ASN
#21501 Host Europe GmbH

File type
ASCII text, with very long lines (49648), with no line terminators
Size
13 kB (13192 bytes)
Hash
d1c7394d741167cc01f55444ddca9ec2
be930ec43956e499cb0f9541d38765f29a8e21a9
ceab20c2dbc3e746a604aab60f937577615aa8ec27b911470da9f197d531dbbb

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/flatsome/assets/js/chunk.vendors-slider.f0d2cbc9.js HTTP/1.1
Host: win88bet.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://win88bet.app/
Cookie: _tccl_visitor=df861171-1735-5488-b10b-878455789f37; _tccl_visit=df861171-1735-5488-b10b-878455789f37
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: openresty
date: Sun, 25 Dec 2022 23:09:07 GMT
content-type: application/javascript; charset=utf-8
content-length: 13192
accept-ranges: bytes
age: 269444
cache-control: max-age=31536000, public
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
expires: Fri, 22 Dec 2023 20:18:23 GMT
last-modified: Wed, 22 Jun 2022 10:46:30 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

142.250.74.110

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.110:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://win88bet.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sun, 25 Dec 2022 22:41:11 GMT
expires: Mon, 26 Dec 2022 00:41:11 GMT
cache-control: public, max-age=7200
age: 1676
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

push.services.mozilla.com/

54.69.181.45

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.69.181.45:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: L2wqAXMtD9+PnxGHGS43pw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: qmE1heLNPXPrPx+o/wjiDQA85qI=

events.api.secureserver.net/t/1/tl/event?cts=1672009744111&dh=win88bet.app&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&vci=1888183759&cv=2.0.1&z=1797169699&vg=df861171-1735-5488-b10b-878455789f37&vtg=df861171-1735-5488-b10b-878455789f37&dp=%2F&ap=wpaas&trfd=%7B%22ap%22%3A%22wpaas%22%2C%22server%22%3A%225a8f7d4f-8824-313c-0a19-00cee4a7e6d0.secureserver.net%22%2C%22pod%22%3A%22n3nlwppod03%22%2C%22storage%22%3A%22n3cephmah003pod03_data01%22%2C%22xid%22%3A%2244732785%22%2C%22wp%22%3A%226.1.1%22%2C%22php%22%3A%227.4.33%22%2C%22loggedin%22%3A%220%22%2C%22cdn%22%3A%221%22%2C%22builder%22%3A%22wp-classic-editor%22%2C%22theme%22%3A%22flatsome%22%2C%22wds%22%3A%220%22%2C%22wp_alloptions_count%22%3A%22274%22%2C%22wp_alloptions_bytes%22%3A%2297222%22%7D&hit_id=01eb6e85-504f-5989-a25a-59e854e4b59a&ht=pageview

104.84.152.58

200 OK

43 B

URL HTTP/2
events.api.secureserver.net/t/1/tl/event?cts=1672009744111&dh=win88bet.app&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&vci=1888183759&cv=2.0.1&z=1797169699&vg=df861171-1735-5488-b10b-878455789f37&vtg=df861171-1735-5488-b10b-878455789f37&dp=%2F&ap=wpaas&trfd=%7B%22ap%22%3A%22wpaas%22%2C%22server%22%3A%225a8f7d4f-8824-313c-0a19-00cee4a7e6d0.secureserver.net%22%2C%22pod%22%3A%22n3nlwppod03%22%2C%22storage%22%3A%22n3cephmah003pod03_data01%22%2C%22xid%22%3A%2244732785%22%2C%22wp%22%3A%226.1.1%22%2C%22php%22%3A%227.4.33%22%2C%22loggedin%22%3A%220%22%2C%22cdn%22%3A%221%22%2C%22builder%22%3A%22wp-classic-editor%22%2C%22theme%22%3A%22flatsome%22%2C%22wds%22%3A%220%22%2C%22wp_alloptions_count%22%3A%22274%22%2C%22wp_alloptions_bytes%22%3A%2297222%22%7D&hit_id=01eb6e85-504f-5989-a25a-59e854e4b59a&ht=pageview
IP
104.84.152.58:0
ASN
#20940 Akamai International B.V.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

HTTP Headers

GET /t/1/tl/event?cts=1672009744111&dh=win88bet.app&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&vci=1888183759&cv=2.0.1&z=1797169699&vg=df861171-1735-5488-b10b-878455789f37&vtg=df861171-1735-5488-b10b-878455789f37&dp=%2F&ap=wpaas&trfd=%7B%22ap%22%3A%22wpaas%22%2C%22server%22%3A%225a8f7d4f-8824-313c-0a19-00cee4a7e6d0.secureserver.net%22%2C%22pod%22%3A%22n3nlwppod03%22%2C%22storage%22%3A%22n3cephmah003pod03_data01%22%2C%22xid%22%3A%2244732785%22%2C%22wp%22%3A%226.1.1%22%2C%22php%22%3A%227.4.33%22%2C%22loggedin%22%3A%220%22%2C%22cdn%22%3A%221%22%2C%22builder%22%3A%22wp-classic-editor%22%2C%22theme%22%3A%22flatsome%22%2C%22wds%22%3A%220%22%2C%22wp_alloptions_count%22%3A%22274%22%2C%22wp_alloptions_bytes%22%3A%2297222%22%7D&hit_id=01eb6e85-504f-5989-a25a-59e854e4b59a&ht=pageview HTTP/1.1
Host: events.api.secureserver.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://win88bet.app
Connection: keep-alive
Referer: https://win88bet.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/gif
content-length: 43
access-control-allow-origin: https://win88bet.app
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
cache-control: private
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000 ; includeSubDomains
x-frame-options: DENY
date: Sun, 25 Dec 2022 23:09:07 GMT
X-Firefox-Spdy: h2

events.api.secureserver.net/t/1/tl/event?cts=1672009744662&dh=win88bet.app&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&vci=1888183759&cv=2.0.1&z=1173008615&vg=df861171-1735-5488-b10b-878455789f37&vtg=df861171-1735-5488-b10b-878455789f37&dp=%2F&ap=wpaas&trfd=%7B%22ap%22%3A%22wpaas%22%2C%22server%22%3A%225a8f7d4f-8824-313c-0a19-00cee4a7e6d0.secureserver.net%22%2C%22pod%22%3A%22n3nlwppod03%22%2C%22storage%22%3A%22n3cephmah003pod03_data01%22%2C%22xid%22%3A%2244732785%22%2C%22wp%22%3A%226.1.1%22%2C%22php%22%3A%227.4.33%22%2C%22loggedin%22%3A%220%22%2C%22cdn%22%3A%221%22%2C%22builder%22%3A%22wp-classic-editor%22%2C%22theme%22%3A%22flatsome%22%2C%22wds%22%3A%220%22%2C%22wp_alloptions_count%22%3A%22274%22%2C%22wp_alloptions_bytes%22%3A%2297222%22%7D&hit_id=a38a8e4d-2fdd-52df-8e7c-d0d0fa1940a2&ht=perf&tce=1672009743230&tcs=1672009742995&tdc=1672009744653&tdclee=1672009744150&tdcles=1672009744147&tdi=1672009744114&tdl=1672009743299&tdle=1672009742993&tdls=1672009742991&tfs=1672009742985&tns=1672009742731&trqs=1672009743230&tre=1672009743281&trps=1672009743274&tles=1672009744653&tlee=0&nt=navigate&nav_type=hard

104.84.152.58

200 OK

43 B

URL HTTP/2
events.api.secureserver.net/t/1/tl/event?cts=1672009744662&dh=win88bet.app&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&vci=1888183759&cv=2.0.1&z=1173008615&vg=df861171-1735-5488-b10b-878455789f37&vtg=df861171-1735-5488-b10b-878455789f37&dp=%2F&ap=wpaas&trfd=%7B%22ap%22%3A%22wpaas%22%2C%22server%22%3A%225a8f7d4f-8824-313c-0a19-00cee4a7e6d0.secureserver.net%22%2C%22pod%22%3A%22n3nlwppod03%22%2C%22storage%22%3A%22n3cephmah003pod03_data01%22%2C%22xid%22%3A%2244732785%22%2C%22wp%22%3A%226.1.1%22%2C%22php%22%3A%227.4.33%22%2C%22loggedin%22%3A%220%22%2C%22cdn%22%3A%221%22%2C%22builder%22%3A%22wp-classic-editor%22%2C%22theme%22%3A%22flatsome%22%2C%22wds%22%3A%220%22%2C%22wp_alloptions_count%22%3A%22274%22%2C%22wp_alloptions_bytes%22%3A%2297222%22%7D&hit_id=a38a8e4d-2fdd-52df-8e7c-d0d0fa1940a2&ht=perf&tce=1672009743230&tcs=1672009742995&tdc=1672009744653&tdclee=1672009744150&tdcles=1672009744147&tdi=1672009744114&tdl=1672009743299&tdle=1672009742993&tdls=1672009742991&tfs=1672009742985&tns=1672009742731&trqs=1672009743230&tre=1672009743281&trps=1672009743274&tles=1672009744653&tlee=0&nt=navigate&nav_type=hard
IP
104.84.152.58:0
ASN
#20940 Akamai International B.V.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

HTTP Headers

GET /t/1/tl/event?cts=1672009744662&dh=win88bet.app&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&vci=1888183759&cv=2.0.1&z=1173008615&vg=df861171-1735-5488-b10b-878455789f37&vtg=df861171-1735-5488-b10b-878455789f37&dp=%2F&ap=wpaas&trfd=%7B%22ap%22%3A%22wpaas%22%2C%22server%22%3A%225a8f7d4f-8824-313c-0a19-00cee4a7e6d0.secureserver.net%22%2C%22pod%22%3A%22n3nlwppod03%22%2C%22storage%22%3A%22n3cephmah003pod03_data01%22%2C%22xid%22%3A%2244732785%22%2C%22wp%22%3A%226.1.1%22%2C%22php%22%3A%227.4.33%22%2C%22loggedin%22%3A%220%22%2C%22cdn%22%3A%221%22%2C%22builder%22%3A%22wp-classic-editor%22%2C%22theme%22%3A%22flatsome%22%2C%22wds%22%3A%220%22%2C%22wp_alloptions_count%22%3A%22274%22%2C%22wp_alloptions_bytes%22%3A%2297222%22%7D&hit_id=a38a8e4d-2fdd-52df-8e7c-d0d0fa1940a2&ht=perf&tce=1672009743230&tcs=1672009742995&tdc=1672009744653&tdclee=1672009744150&tdcles=1672009744147&tdi=1672009744114&tdl=1672009743299&tdle=1672009742993&tdls=1672009742991&tfs=1672009742985&tns=1672009742731&trqs=1672009743230&tre=1672009743281&trps=1672009743274&tles=1672009744653&tlee=0&nt=navigate&nav_type=hard HTTP/1.1
Host: events.api.secureserver.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://win88bet.app
Connection: keep-alive
Referer: https://win88bet.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/gif
content-length: 43
access-control-allow-origin: https://win88bet.app
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
cache-control: private
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000 ; includeSubDomains
x-frame-options: DENY
date: Sun, 25 Dec 2022 23:09:07 GMT
X-Firefox-Spdy: h2

region1.google-analytics.com/g/collect?v=2&tid=G-GVGSFYH6LM&gtm=2oebu0&_p=2109002039&gdid=dZTNiMT&cid=1401860322.1672009744&ul=en-us&sr=1280x1024&_s=1&sid=1672009744&sct=1&seg=0&dl=https%3A%2F%2Fwin88bet.app%2F&dt=Win88bet%20%7C%20C%E1%BB%95ng%20T%E1%BA%A3i%20Game%20Win88%20Ch%C3%ADnh%20Th%E1%BB%A9c%20T%E1%BA%A1i%20Vi%E1%BB%87t%20Nam&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1

216.239.34.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-GVGSFYH6LM&gtm=2oebu0&_p=2109002039&gdid=dZTNiMT&cid=1401860322.1672009744&ul=en-us&sr=1280x1024&_s=1&sid=1672009744&sct=1&seg=0&dl=https%3A%2F%2Fwin88bet.app%2F&dt=Win88bet%20%7C%20C%E1%BB%95ng%20T%E1%BA%A3i%20Game%20Win88%20Ch%C3%ADnh%20Th%E1%BB%A9c%20T%E1%BA%A1i%20Vi%E1%BB%87t%20Nam&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP
216.239.34.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-GVGSFYH6LM&gtm=2oebu0&_p=2109002039&gdid=dZTNiMT&cid=1401860322.1672009744&ul=en-us&sr=1280x1024&_s=1&sid=1672009744&sct=1&seg=0&dl=https%3A%2F%2Fwin88bet.app%2F&dt=Win88bet%20%7C%20C%E1%BB%95ng%20T%E1%BA%A3i%20Game%20Win88%20Ch%C3%ADnh%20Th%E1%BB%A9c%20T%E1%BA%A1i%20Vi%E1%BB%87t%20Nam&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://win88bet.app
Connection: keep-alive
Referer: https://win88bet.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://win88bet.app
date: Sun, 25 Dec 2022 23:09:08 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5b2790419bb1f19fd29300d548278b98
64671f1c88a1271e9bcda28ac13a01e330a2a07e
1ce1ca2a9d6783fa668b57c8764e8c3a17fde26812161af8ce8096b3691b9279

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1CE1CA2A9D6783FA668B57C8764E8C3A17FDE26812161AF8CE8096B3691B9279"
Last-Modified: Sun, 25 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10989
Expires: Mon, 26 Dec 2022 02:12:17 GMT
Date: Sun, 25 Dec 2022 23:09:08 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

3.8 kB

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
3.8 kB (3844 bytes)
Hash
0713207ec52e53fb0679bfd24849d030
be67f912b68153a2e1fabd24bf9e5891fc64bac9
698cebc897729150c9363c2cde649a65f6e3514192a59c50c213d5b14fb97327

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1CE1CA2A9D6783FA668B57C8764E8C3A17FDE26812161AF8CE8096B3691B9279"
Last-Modified: Sun, 25 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10989
Expires: Mon, 26 Dec 2022 02:12:17 GMT
Date: Sun, 25 Dec 2022 23:09:08 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

7.9 kB

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
7.9 kB (7851 bytes)
Hash
ab3f1a11239c4bbcbbae6761628bdc19
8fbf1bd1e946021766c1d712059a099fc40f9433
2506283195d4f073f92f7c94e88c1aa342a630d8da52bb2ccde0c5ceb5591da4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6881D46EDD3D3730884DA6719176D7D4BC79AA6D05CDA0F4EF97AC10C4591279"
Last-Modified: Sun, 25 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11166
Expires: Mon, 26 Dec 2022 02:15:14 GMT
Date: Sun, 25 Dec 2022 23:09:08 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
796e102a616f07b0de39f5476179ccd5
bf1d8b0944ffa91afc7d31d2ffb3291652f903c3
6881d46edd3d3730884da6719176d7d4bc79aa6d05cda0f4ef97ac10c4591279

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6881D46EDD3D3730884DA6719176D7D4BC79AA6D05CDA0F4EF97AC10C4591279"
Last-Modified: Sun, 25 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11166
Expires: Mon, 26 Dec 2022 02:15:14 GMT
Date: Sun, 25 Dec 2022 23:09:08 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

14 kB

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
14 kB (14294 bytes)
Hash
c007e4030149731aab454409ffe07b85
a551cc0c77d6a75fe2df64ca76e3c780a4f8492f
2b305e681776882726d4a7e7428f3dd5f0563da3d06fccd0aa0a1c273fd4d918

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6881D46EDD3D3730884DA6719176D7D4BC79AA6D05CDA0F4EF97AC10C4591279"
Last-Modified: Sun, 25 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11166
Expires: Mon, 26 Dec 2022 02:15:14 GMT
Date: Sun, 25 Dec 2022 23:09:08 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15ba8929-c657-48a6-a579-360324426927.jpeg

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15ba8929-c657-48a6-a579-360324426927.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11249 bytes)
Hash
8403a671b2c4b3b2ce2f8a9eba9de2c0
5437391241a500b6b0d2118120e835d2673e7d39
1e52a144b08ff6efe2da52dfdfeccbc4cea9270536cf5e7a2a769bbff9cd7d2f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15ba8929-c657-48a6-a579-360324426927.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11249
x-amzn-requestid: 6fdd6489-ffea-400f-9199-a20789160ba8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dlFk6FvuoAMFYcQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a51c85-6805b25c54c3390e5c39c6e1;Sampled=0
x-amzn-remapped-date: Fri, 23 Dec 2022 03:12:05 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 20xO_1YbeDbKjQMmRf8eqDmtHgV5w5xmRhxGdfkOdgOwl8WRh2JaMQ==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Dec 2022 03:18:03 GMT
age: 71465
etag: "5437391241a500b6b0d2118120e835d2673e7d39"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8987286d-0da9-4e2a-a674-43d900e573e4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.8 kB (8848 bytes)
Hash
6e79b945cb70d09691397e022efa506b
ab355a55dadbdb52f57f2179bcb016cd4bbeff48
7d9ef5d21e701e90302a4c195cb84abb4419d2c5fada3878aea00a8fc9675685

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8987286d-0da9-4e2a-a674-43d900e573e4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8848
x-amzn-requestid: 0b602342-cbce-43d0-b9d3-6bd95221fb9b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: duO9oF1ioAMFwUw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a8c523-15e9ffaa144f9e001f19b3f4;Sampled=0
x-amzn-remapped-date: Sun, 25 Dec 2022 21:48:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XfAE8-I8KZDnzcB8lVz2buLE_9_sWPF_NVkt1xl-PNDyfKk_Tn6KFw==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Dec 2022 22:51:05 GMT
age: 1389
etag: "ab355a55dadbdb52f57f2179bcb016cd4bbeff48"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6124150-860a-4b19-b0d3-709cdb8451ef.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.3 kB (4289 bytes)
Hash
285c72f387148c98f89b7aeef0011318
db53cf1870083413ab96a4aa79ad4d2d39a4b0fb
5405f9f56d65b23d38214f286b312ec61e6981ef43e54facca39872c0f641a29

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6124150-860a-4b19-b0d3-709cdb8451ef.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4289
x-amzn-requestid: fc0c647a-aca7-4422-9707-0f955d1a4a0c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: duNcCEtsIAMFVgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a8c2b3-69d573194b74a38c592a8083;Sampled=0
x-amzn-remapped-date: Sun, 25 Dec 2022 21:37:55 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rLy2YUUeXEXsJx9LkgEGOx0KwINx048fIJUI8YkwO3bxdATBP_ldkw==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Dec 2022 22:06:28 GMT
age: 3760
etag: "db53cf1870083413ab96a4aa79ad4d2d39a4b0fb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a394e27-3391-4992-8278-c17b6af6f6e6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
data
Size
6.8 kB (6769 bytes)
Hash
0d96ae614ecbb16e5e74bf696f1a8d48
0cd78232c186104768b62daffa2a568ff55c58fe
f43c0a5bf30c92a77dce466ea055895e9df2254666dc3e3a2ad908479bd6a58c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a394e27-3391-4992-8278-c17b6af6f6e6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5205
x-amzn-requestid: e77f5360-eb30-4e16-b481-e9823a2b94a2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: duMunF_YIAMF_MA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a8c190-5727986253815e4d5fe64ee9;Sampled=0
x-amzn-remapped-date: Sun, 25 Dec 2022 21:33:04 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: hSuINwOLEb9yadXYM8-wjj5s50dflddwYw_WqqNuNiV7fUW0PUvRnw==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Dec 2022 21:51:28 GMT
age: 4660
etag: "db8224a2f6a985ae37c1ba6b7edd669e8fd2b097"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

15 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0de44af9-689c-433b-9291-b5e6c980e352.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
data
Size
15 kB (15078 bytes)
Hash
0c5dc12ca187a9a207d28a7fb95df820
eec13692a8bc7b053131826f1f0bc3de3cdb742f
4d3f3a5f5eebd3fac56c41843212a21b938e8aef16cbdcaa30a711f0c9fc07d9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0de44af9-689c-433b-9291-b5e6c980e352.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10094
x-amzn-requestid: 6937578a-43e6-4c68-a953-5f457b3f70e5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: duNbuEXioAMFV8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a8c2b1-09b3de421c367dbd09f8cf7b;Sampled=0
x-amzn-remapped-date: Sun, 25 Dec 2022 21:37:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: QMPD3U33gWb-LUXYnu6kfmGPFtst_gao0dNc1dvvsliZkTOyCO11tw==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Dec 2022 22:06:44 GMT
age: 3744
etag: "6bdbfc5daa929523a27de45683928e742431d537"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4202e798-ea02-47b7-a60c-abaacf6f94da.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.1 kB (8057 bytes)
Hash
68b2ed84d67beddfef011b88b3dd4815
a2b63df96a7d0e35e5e35b857dc8da2bd4c8c1d5
0f132fdf3778bf91796cd5d0058205e2b205549068238cb9b86ecf3e93f9843d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4202e798-ea02-47b7-a60c-abaacf6f94da.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8057
x-amzn-requestid: 491c7456-b849-4caa-a581-8d3846802f0f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: doXwiEZ1IAMFREA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a66cd0-7ab9dee859483ea1553fb869;Sampled=0
x-amzn-remapped-date: Sat, 24 Dec 2022 03:06:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vQtRvcZig9LvbFs5BnjuCNF3rHzoDIeZjG-wx_LSaX0M5BAzd5xNtg==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Dec 2022 04:13:14 GMT
age: 68154
etag: "a2b63df96a7d0e35e5e35b857dc8da2bd4c8c1d5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

q1f445.n3cdn1.secureserver.net/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0&time=1671727847

162.159.136.45

200 OK

0 B

URL HTTP/2
q1f445.n3cdn1.secureserver.net/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0&time=1671727847
IP
162.159.136.45:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0&time=1671727847 HTTP/1.1
Host: q1f445.n3cdn1.secureserver.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://win88bet.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Dec 2022 23:09:06 GMT
content-type: application/javascript
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests
expires: Mon, 25 Dec 2023 23:09:06 GMT
last-modified: Fri, 16 Dec 2022 13:08:09 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
cf-cache-status: HIT
server: cloudflare
cf-ray: 77f53e145a96b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

q1f445.n3cdn1.secureserver.net/wp-content/themes/flatsome/assets/js/flatsome.js?ver=388f0b8795e1ae23b3e106841320e647&time=1671727847

162.159.136.45

200 OK

0 B

URL HTTP/2
q1f445.n3cdn1.secureserver.net/wp-content/themes/flatsome/assets/js/flatsome.js?ver=388f0b8795e1ae23b3e106841320e647&time=1671727847
IP
162.159.136.45:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/themes/flatsome/assets/js/flatsome.js?ver=388f0b8795e1ae23b3e106841320e647&time=1671727847 HTTP/1.1
Host: q1f445.n3cdn1.secureserver.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://win88bet.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Dec 2022 23:09:06 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests
expires: Mon, 25 Dec 2023 23:09:06 GMT
last-modified: Wed, 22 Jun 2022 10:46:31 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
cf-cache-status: HIT
server: cloudflare
cf-ray: 77f53e145a99b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

q1f445.n3cdn1.secureserver.net/wp-content/themes/flatsome/inc/integrations/wp-rocket/flatsome-wp-rocket.js?ver=3&time=1671727847

162.159.136.45

200 OK

0 B

URL HTTP/2
q1f445.n3cdn1.secureserver.net/wp-content/themes/flatsome/inc/integrations/wp-rocket/flatsome-wp-rocket.js?ver=3&time=1671727847
IP
162.159.136.45:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/themes/flatsome/inc/integrations/wp-rocket/flatsome-wp-rocket.js?ver=3&time=1671727847 HTTP/1.1
Host: q1f445.n3cdn1.secureserver.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://win88bet.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Dec 2022 23:09:06 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests
expires: Mon, 25 Dec 2023 23:09:06 GMT
last-modified: Wed, 22 Jun 2022 10:46:22 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
cf-cache-status: HIT
server: cloudflare
cf-ray: 77f53e146a9fb4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

q1f445.n3cdn1.secureserver.net/wp-includes/css/classic-themes.min.css?ver=1&time=1671727847

162.159.136.45

200 OK

0 B

URL HTTP/2
q1f445.n3cdn1.secureserver.net/wp-includes/css/classic-themes.min.css?ver=1&time=1671727847
IP
162.159.136.45:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-includes/css/classic-themes.min.css?ver=1&time=1671727847 HTTP/1.1
Host: q1f445.n3cdn1.secureserver.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://win88bet.app/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 25 Dec 2022 23:09:06 GMT
content-type: text/css
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests
expires: Mon, 25 Dec 2023 23:09:06 GMT
last-modified: Fri, 16 Dec 2022 13:08:08 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
cf-cache-status: HIT
server: cloudflare
cf-ray: 77f53e147ab8b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

q1f445.n3cdn1.secureserver.net/wp-content/themes/flatsome-child/style.css?ver=3.0&time=1671727847

162.159.136.45

200 OK

0 B

URL HTTP/2
q1f445.n3cdn1.secureserver.net/wp-content/themes/flatsome-child/style.css?ver=3.0&time=1671727847
IP
162.159.136.45:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/themes/flatsome-child/style.css?ver=3.0&time=1671727847 HTTP/1.1
Host: q1f445.n3cdn1.secureserver.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://win88bet.app/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 25 Dec 2022 23:09:06 GMT
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests
expires: Mon, 25 Dec 2023 23:09:06 GMT
last-modified: Mon, 11 Jul 2022 09:21:20 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
cf-cache-status: HIT
server: cloudflare
cf-ray: 77f53e147ab9b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.starfieldtech.com/

192.124.249.24

200 OK

0 B

URL HTTP/1.1
ocsp.starfieldtech.com/
IP
192.124.249.24:0
ASN
#30148 SUCURI-SEC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sun, 25 Dec 2022 23:09:06 GMT
Content-Type: application/ocsp-response
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sun, 25 Dec 2022 19:05:15 GMT
Expires: Mon, 26 Dec 2022 19:05:15 GMT
ETag: "30caeebaa5c165cc4b7b3baa523ed52483257b75"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

fonts.googleapis.com/css?family=Roboto%3Aregular%2C700%2Cregular%2Cregular%7CDancing%20Script%3Aregular%2C400&display=swap

142.250.74.74

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Roboto%3Aregular%2C700%2Cregular%2Cregular%7CDancing%20Script%3Aregular%2C400&display=swap
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Roboto%3Aregular%2C700%2Cregular%2Cregular%7CDancing%20Script%3Aregular%2C400&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://win88bet.app/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 25 Dec 2022 23:09:06 GMT
date: Sun, 25 Dec 2022 23:09:06 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

q1f445.n3cdn1.secureserver.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2&time=1671727847

162.159.136.45

200 OK

0 B

URL HTTP/2
q1f445.n3cdn1.secureserver.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2&time=1671727847
IP
162.159.136.45:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2&time=1671727847 HTTP/1.1
Host: q1f445.n3cdn1.secureserver.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://win88bet.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 25 Dec 2022 23:09:06 GMT
content-type: application/javascript
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests
expires: Mon, 25 Dec 2023 23:09:06 GMT
last-modified: Fri, 16 Dec 2022 13:08:09 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
cf-cache-status: HIT
server: cloudflare
cf-ray: 77f53e146aabb4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

q1f445.n3cdn1.secureserver.net/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js

162.159.136.45

200 OK

0 B

URL HTTP/2
q1f445.n3cdn1.secureserver.net/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js
IP
162.159.136.45:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js HTTP/1.1
Host: q1f445.n3cdn1.secureserver.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://win88bet.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Dec 2022 23:09:06 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests
expires: Mon, 25 Dec 2023 23:09:06 GMT
last-modified: Sun, 03 Jul 2022 04:05:46 GMT
strict-transport-security: max-age=300
vary: Accept-Encoding
x-backend: local
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-php-version: 7.4
x-xss-protection: 1; mode=block
cf-cache-status: HIT
server: cloudflare
cf-ray: 77f53e146aa2b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (26)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP