Report - 41000.bet/

Report Overview

Submitted URL
41000.bet/
IP
20.222.61.39
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Submitted
2022-12-02 05:14:57
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
41000.bet	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.3 kB	275 kB	20.213.27.188
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	54.70.68.230
www.41c39.bet	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	802 B	690 B	20.187.117.211
www.41c18.bet	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	802 B	690 B	20.222.61.39
41c92.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	367 B	345 B	20.222.61.39
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682 B	1.6 kB	93.184.220.29
zerossl.ocsp.sectigo.com	4049	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	348 B	1.2 kB	172.64.155.188
www.41c8.bet	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	370 B	1.6 kB	20.222.61.39
41c90.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	367 B	345 B	20.187.117.211
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	44 kB	34.120.237.76
41c93.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	367 B	345 B	20.187.117.211
41c405.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	368 B	345 B	20.187.117.211
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.4 kB	8.9 kB	184.51.252.197
16.163.8.156	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	842 B	1.8 kB	16.163.8.156

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-12-02	medium	16.163.8.156	Sinkholed
2022-12-02	medium	16.163.8.156	Sinkholed

JavaScript (3)

	URL	Size	First Seen	Last Seen
	41000.bet/js/jquey.js	90 kB	2023-03-07	2024-04-18
Pretty URL 41000.bet/js/jquey.js IP 20.213.27.188 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:57:17 Last Seen2024-04-18 10:44:03 Times Seen506 Hash f9bdfd807c7561b5a4eb97516f348321 0fa72756e48c33a6feeace1ffa5d790d58b53729 131c0d82967fed05e1920e519e0ea6ec91ab97b7c40480f72f8af8680bba1f0a Loading...

	41000.bet/js/index.js	1.7 kB	2023-03-08	2023-03-08
Pretty URL 41000.bet/js/index.js IP 20.213.27.188 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:30:21 Last Seen2023-03-08 14:30:21 Times Seen1 Hash 63338cfe8ddf725ffac70e1476afc68f 22bb4b094585b85eb8a36197f4f0eb37c9df8aa3 38b067f49cebd0a5a5676273d725a66b4a28279fd43926a93793a362011cdadd Loading...

	41c405.com/Z2nNWtAV?callback=jQuery361004263069232693939_1669958014097&_=1669958014098	1.3 kB	2023-03-08	2023-03-08
Pretty URL 41c405.com/Z2nNWtAV?callback=jQuery361004263069232693939_1669958014097&_=1669958014098 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:30:21 Last Seen2023-03-08 14:30:21 Times Seen1 Hash f86f83f9a6f65951eb01f466b83b2202 bcc75f5172df742b207c349d4b3ae2adc5ad0d93 b8c85cea0d0e6c53ca44e305f6f373ae78a9edb4bc84b2ea2f27b7e7e1c7333f Loading...

HTTP Transactions (46)

URL IP Response Size

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
0c748388899e8a8d3680355da2ea5020
903c620cd137613daafb0da0508c37b2f4a67212
39eab80e022a9a1732872d9926b0ace80f818ec5c535e36a18b539ea63786fb2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4285
Cache-Control: max-age=109743
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 05:13:34 GMT
Etag: "63888270-1d7"
Expires: Sat, 03 Dec 2022 11:42:37 GMT
Last-Modified: Thu, 01 Dec 2022 10:31:12 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

184.51.252.197

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
184.51.252.197:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11661
Expires: Fri, 02 Dec 2022 08:27:55 GMT
Date: Fri, 02 Dec 2022 05:13:34 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 02 Dec 2022 04:19:50 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3224
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

184.51.252.197

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
184.51.252.197:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8692
Expires: Fri, 02 Dec 2022 07:38:26 GMT
Date: Fri, 02 Dec 2022 05:13:34 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 8KwTON6t6j/x6gEy3RRu0GPwbRHbwAdqdmgAyPtm+SyAltCc87kZ2LjV/A07EuALUI5J627cNps=
x-amz-request-id: 059N1NBDV9W536P0
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 02 Dec 2022 04:45:58 GMT
age: 1656
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 05:13:34 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

41000.bet/

20.213.27.188

200 OK

1.1 kB

URL HTTP/1.1
41000.bet/
IP
20.213.27.188:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
1.1 kB (1137 bytes)
Hash
adbf0adec95c8aacb286eff94895065f
acd45583443049df198f28c6608ea765ddd39497
e20135f04e1f57c66e604561c244d0a18e668d05e4ef14d8372be339693dd89d

HTTP Headers

GET / HTTP/1.1
Host: 41000.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:13:34 GMT
Content-Type: text/html
Content-Length: 1137
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Mon, 28 Nov 2022 02:57:20 GMT
Accept-Ranges: bytes
ETag: "5af4e321d52d91:0"
Vary: Accept-Encoding
Server: WAF/2.4-12.1
X-Cache-Status: MISS

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 02 Dec 2022 05:08:57 GMT
cache-control: public,max-age=3600
age: 278
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
1f88399f3fdd89dbb9ca1229cb67143a
325c9dbfd932cf9a6fb9fab2dd8e27083f55a9a3
831ecd45dcd2d5ae2ae86cd63ea5e94ecd85281b7e51054af5df9a6386fb8d79

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4291
Cache-Control: max-age=104685
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 05:13:35 GMT
Etag: "63886ea9-1d7"
Expires: Sat, 03 Dec 2022 10:18:20 GMT
Last-Modified: Thu, 01 Dec 2022 09:06:49 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

54.70.68.230

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.70.68.230:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: vnjMeP+xXdSCciNtq9SsYA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: JahRJk/0Skv+XFx8fFrTmibcA20=

41000.bet/css/css.css

20.213.27.188

200 OK

1.2 kB

URL HTTP/1.1
41000.bet/css/css.css
IP
20.213.27.188:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 text, with CRLF, LF line terminators
Size
1.2 kB (1216 bytes)
Hash
c3245e41c1f430f1dc3561433d4b7e74
165482f790c54c1b00d3b3d543c7ef623a187e21
a4513d614f9c9bb021ca8d1b463d027e15a9cbe6421f0a1a8cf8edb5ca255c95

HTTP Headers

GET /css/css.css HTTP/1.1
Host: 41000.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://41000.bet/

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:13:35 GMT
Content-Type: text/css
Content-Length: 1216
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Thu, 29 Sep 2022 03:08:44 GMT
ETag: "0c68fc8b0d3d81:0"
Vary: Accept-Encoding
Server: WAF/2.4-12.1
X-Cache-Status: MISS
Accept-Ranges: bytes

41000.bet/js/jquey.js

20.213.27.188

200 OK

31 kB

URL HTTP/1.1
41000.bet/js/jquey.js
IP
20.213.27.188:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (65447)
Size
31 kB (31057 bytes)
Hash
26b4eb96452dfd8412807e6c16bacdfa
810a455a8d85d36ab3fbe6706d26eb4ec2cb5cf2
b9743f782183204e7d203c42e06d64ed08a23893fe3414c11fba096560cfe1de

HTTP Headers

GET /js/jquey.js HTTP/1.1
Host: 41000.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://41000.bet/

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:13:35 GMT
Content-Type: application/javascript
Content-Length: 31057
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Fri, 16 Sep 2022 03:11:58 GMT
ETag: "013d3147ac9d81:0"
Vary: Accept-Encoding
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Accept-Ranges: bytes

41000.bet/js/index.js

20.213.27.188

200 OK

843 B

URL HTTP/1.1
41000.bet/js/index.js
IP
20.213.27.188:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 text, with CRLF, LF line terminators
Size
843 B (843 bytes)
Hash
ebcb4f6f57b60aa255f72c137f2222aa
536a14c5bce7d431c7bcd83231339e6b108aa15c
8e01bf85559a4c3810f7ac9c7cca8efa28f76ecbd5758619afa177b131c3c419

HTTP Headers

GET /js/index.js HTTP/1.1
Host: 41000.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://41000.bet/

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:13:35 GMT
Content-Type: application/javascript
Content-Length: 843
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Fri, 30 Sep 2022 06:43:42 GMT
ETag: "023c8fa97d4d81:0"
Vary: Accept-Encoding
Server: WAF/2.4-12.1
X-Cache-Status: MISS
Accept-Ranges: bytes

41000.bet/images/reset.png

20.213.27.188

200 OK

208 B

URL HTTP/1.1
41000.bet/images/reset.png
IP
20.213.27.188:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced\012- data
Size
208 B (208 bytes)
Hash
289f5606fb50429ddd3d689d7d73de10
ed4b0266c78d67163ba903d8521ea5b11e4e1c5b
3ffa552ffaa392ab88e0f3287fbb4a4572ca2ecffa5c7cc8e141a36b9ecb9715

HTTP Headers

GET /images/reset.png HTTP/1.1
Host: 41000.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://41000.bet/

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:13:35 GMT
Content-Type: image/png
Content-Length: 208
Connection: keep-alive
Last-Modified: Wed, 28 Sep 2022 00:37:10 GMT
ETag: "0bfb371d2d2d81:0"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Accept-Ranges: bytes

41000.bet/images/logo.png

20.213.27.188

200 OK

22 kB

URL HTTP/1.1
41000.bet/images/logo.png
IP
20.213.27.188:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 250 x 78, 8-bit/color RGBA, non-interlaced\012- data
Size
22 kB (22093 bytes)
Hash
4b7dca7856f0a7acd3c65da551a793d5
a93e74db375d34b06f78bbd4d9e51d83708fa5af
aa3c7c9a3c461be269b815373e566ea89170529787e9ba7ed462a38f1ae6f4fc

HTTP Headers

GET /images/logo.png HTTP/1.1
Host: 41000.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://41000.bet/

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:13:35 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 27 Sep 2022 06:39:38 GMT
ETag: W/"0711bea3bd2d81:0"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip

41000.bet/images/time.svg

20.213.27.188

200 OK

621 B

URL HTTP/1.1
41000.bet/images/time.svg
IP
20.213.27.188:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
SVG Scalable Vector Graphics image\012- , Unicode text, UTF-8 text
Size
621 B (621 bytes)
Hash
a6d5905eb0c3c147e6a98d07b51ffaca
189ca702edb73290989f27fb2fae0456c944cb5a
8308d4ca08db8fbed38353ee4b31b03f1ab5c38e159e6b4bc7bea2fcbd683e6a

HTTP Headers

GET /images/time.svg HTTP/1.1
Host: 41000.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://41000.bet/css/css.css

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:13:36 GMT
Content-Type: image/svg+xml
Content-Length: 621
Connection: keep-alive
Last-Modified: Thu, 15 Sep 2022 08:41:58 GMT
Accept-Ranges: bytes
ETag: "08f214dfc8d81:0"
Server: WAF/2.4-12.1
X-Cache-Status: MISS

41000.bet/images/server.png

20.213.27.188

200 OK

46 kB

URL HTTP/1.1
41000.bet/images/server.png
IP
20.213.27.188:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 776 x 320, 8-bit colormap, non-interlaced\012- data
Size
46 kB (45571 bytes)
Hash
eaf59c6db47af886d2d866d5d2fdb847
2d715427b662d2be38fb1ecf42431ea69ef00df6
01cda38f025358625fa9b3ff1d94fca1b6e9b9d6b3b2874bd287d8d5dac340ab

HTTP Headers

GET /images/server.png HTTP/1.1
Host: 41000.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://41000.bet/

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:13:35 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 27 Sep 2022 06:24:10 GMT
ETag: W/"0e1f9c039d2d81:0"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip

zerossl.ocsp.sectigo.com/

172.64.155.188

200 OK

727 B

URL HTTP/1.1
zerossl.ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
727 B (727 bytes)
Hash
8aca0500861af463be930b9e61229586
821b2bb5d17020f592eb298387ceb19eefff8799
563b3d5045910f009e48ec596a250fc49bd3f2c5b772e8d21da75557734c2cdb

HTTP Headers

POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:13:36 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 23:16:35 GMT
Expires: Tue, 06 Dec 2022 23:16:34 GMT
Etag: "821b2bb5d17020f592eb298387ceb19eefff8799"
Cache-Control: max-age=409977,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 773193038eb1b4ee-OSL

r3.o.lencr.org/

184.51.252.197

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
184.51.252.197:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0211fbb2b29f0d47eaecdfcee9249043
932a54ea5c2af9dede8a0bab86754e8697fc1cf9
64d34d7d2987f15c31010cd0ccdfd08c05b7cd3c8dad1a12407cff878b2c7a78

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "64D34D7D2987F15C31010CD0CCDFD08C05B7CD3C8DAD1A12407CFF878B2C7A78"
Last-Modified: Thu, 01 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21543
Expires: Fri, 02 Dec 2022 11:12:39 GMT
Date: Fri, 02 Dec 2022 05:13:36 GMT
Connection: keep-alive

r3.o.lencr.org/

184.51.252.197

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
184.51.252.197:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0c6d738def240c8448994f39e084401c
fdceaf7416594fb0f1e8cebded2bebca7b36c6fe
8eb8d39e0990bfaeb94294461f8bcb7c1cfabd7820a36d6a095a666a38b1ad26

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8EB8D39E0990BFAEB94294461F8BCB7C1CFABD7820A36D6A095A666A38B1AD26"
Last-Modified: Thu, 01 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Fri, 02 Dec 2022 11:13:36 GMT
Date: Fri, 02 Dec 2022 05:13:36 GMT
Connection: keep-alive

r3.o.lencr.org/

184.51.252.197

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
184.51.252.197:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10528
Expires: Fri, 02 Dec 2022 08:09:04 GMT
Date: Fri, 02 Dec 2022 05:13:36 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg

34.120.237.76

200 OK

6.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.2 kB (6174 bytes)
Hash
b986f9fcbeca91ed5c8d58fbfaf47d19
6e6c8bd2bce144cc4da1cd7be375b046b60dca79
07a8938d2841f8c13bd646f4e79e41e46acd6463aa019cd70871b3741f12bb4f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6174
x-amzn-requestid: f78f1e9d-8c0c-495d-a862-61838f8297e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZ0iyH2WoAMFQdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63870144-45442a8544259930564f685b;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QIOz71_Kr08pIIwOm2GUkWr421fO7-UyUI7LYld0JBaGnYQ0j3IDFg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 07:20:09 GMT
age: 78807
etag: "6e6c8bd2bce144cc4da1cd7be375b046b60dca79"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

2.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
2.9 kB (2942 bytes)
Hash
b47431190f34eccf0a6efb98e2a32b7d
9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704
08d3b6be354cafb70c20e6865788cb375adbf88d47711651fe1a3b855094daf2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 2942
x-amzn-requestid: ed26679f-cd56-477f-9914-f9afbcaaeea6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoGFYoAMFWgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-4ec6bebe21656d5026456994;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Fw6nrporwF27NW0-vXpaolW79nDXLF2RyS-lqhhp1osHt7q98VpI3g==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:49:56 GMT
age: 26620
etag: "9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe82fdd03-be1f-4def-adb8-61eefd79def6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.7 kB (9719 bytes)
Hash
6e65083422468e512aa73eb68f20b2ec
73884daab5e71e4917637b3679c0bb5a1f0447de
f0d97bb9e3f01bbdbe91ba1f9b6ea0f649c66192383c51fe5c7ca9ac2a38ebdb

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe82fdd03-be1f-4def-adb8-61eefd79def6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9719
x-amzn-requestid: c4ba3502-e191-40fa-8ae0-71dc6f733db4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPjhHE8woAMFyKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382e606-70ab0e5523c91e5420efec78;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 04:22:30 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oBn917CDV6DjSs9TAL2iBU0Rn8_f8ny1rAVXrbI9KML2P7pxusbdjA==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 03:43:52 GMT
age: 5384
etag: "73884daab5e71e4917637b3679c0bb5a1f0447de"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb30f254-1327-487b-a297-00361bfd5c02.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.7 kB (7722 bytes)
Hash
cd78aa69439c995167f32b8a41a1f4f6
d07d6145182f312f3ed86ecf96b4ffa175416fa0
3b08cf3fad31ee0cf3ee25abc2484fb4283543865a42dfc568b14f9856fd3bb5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb30f254-1327-487b-a297-00361bfd5c02.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7722
x-amzn-requestid: 8d7c4800-6c06-43ed-afa1-94840d42f591
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGy2Gr1IAMFWeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e78-429ae3135d47e3b020c4c7a1;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:36:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Z8thSamrCRejcAcQEGAp4WpSMzMEvstuZtVpKAjiCH4dyJyf1yihBA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:50:11 GMT
age: 26605
etag: "d07d6145182f312f3ed86ecf96b4ffa175416fa0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1250c1e7-37f4-4697-8233-d05f398cb066.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.8 kB (6752 bytes)
Hash
f0fc684e61682c4078a82ee3d901ae52
ea65ad98933ec58afa3fa5c7642491d77db7e6c2
5e953012dba2b85cfda5befe2448ab87fbc2432a071e11a33b44be4f5148a4a4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1250c1e7-37f4-4697-8233-d05f398cb066.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6752
x-amzn-requestid: f398ce98-353e-4783-aa42-dbf1ad036ab7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGepE6roAMF4zw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-0753d209291e197e7c6422a6;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: yQ2Oc2viJ7EoRW4QSMG30tsGK73zxYQsXKKcWP3vleI0CTBVRfB1Fg==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 22:31:16 GMT
age: 24140
etag: "ea65ad98933ec58afa3fa5c7642491d77db7e6c2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5183c67-4568-43c8-a2e7-7b41f5ca064b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.8 kB (4834 bytes)
Hash
cd8ad22c2eb1eb91c76970fa449f1bc4
0de97f3a4964038222bd751e043e413113e6db9d
668f805815aede3bc04f8564bd6aefd56029362bb0aa8a794673eb78ab2d4643

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5183c67-4568-43c8-a2e7-7b41f5ca064b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4834
x-amzn-requestid: 63a0b8b5-5cb3-4a1f-aa46-47c84abe726f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZQrjEeAIAMF3sw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6386c7e3-0032799009f893ba79f314db;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 03:02:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 02EF3QEVKmEB2ikbGk9gzQq7_VMi00ufHUNRFTL8MpwJKaXQwdT8HA==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 03:42:27 GMT
age: 5469
etag: "0de97f3a4964038222bd751e043e413113e6db9d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

184.51.252.197

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
184.51.252.197:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
734ae2132abb8a7a56a0dc04e93a8b7c
265831fdb7b8d817be05da157ec95dfc782e943c
068abf6d1f0cdc499e77860ad3782630e83839ca62f23931571cd111ed8d974a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "068ABF6D1F0CDC499E77860AD3782630E83839CA62F23931571CD111ED8D974A"
Last-Modified: Thu, 01 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21597
Expires: Fri, 02 Dec 2022 11:13:34 GMT
Date: Fri, 02 Dec 2022 05:13:37 GMT
Connection: keep-alive

r3.o.lencr.org/

184.51.252.197

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
184.51.252.197:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bdf3624522986a0a3dc049fce14cee42
87d96b780f9e61d9f238f3e45510853dad55fb4b
399639dbedfd733b805473a17a62e1e3b2bfbcb7ffc95a2e7f7c7ddade2cf3c8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "399639DBEDFD733B805473A17A62E1E3B2BFBCB7FFC95A2E7F7C7DDADE2CF3C8"
Last-Modified: Thu, 01 Dec 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21541
Expires: Fri, 02 Dec 2022 11:12:38 GMT
Date: Fri, 02 Dec 2022 05:13:37 GMT
Connection: keep-alive

r3.o.lencr.org/

184.51.252.197

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
184.51.252.197:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7058a027c5487d5f78f0a931d1cbed2d
cb47a6dd11159b56055cde72000fa31003a3e415
f0b3508d0576e8d7c8f5f0e1e7b97e2aa69d3a93c74afd2068d7877ca54ae21c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F0B3508D0576E8D7C8F5F0E1E7B97E2AA69D3A93C74AFD2068D7877CA54AE21C"
Last-Modified: Thu, 01 Dec 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Fri, 02 Dec 2022 11:13:37 GMT
Date: Fri, 02 Dec 2022 05:13:37 GMT
Connection: keep-alive

16.163.8.156/%E5%9B%9B%E4%BA%BF%E5%BD%A9%E7%A5%A8

16.163.8.156

200 OK

573 B

URL HTTP/1.1
16.163.8.156/%E5%9B%9B%E4%BA%BF%E5%BD%A9%E7%A5%A8
IP
16.163.8.156:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (842)
Size
573 B (573 bytes)
Hash
b53b2d02539599bf354d533bf4918aa2
4722c62e3f811b28661a0eb350a4694060a92ba8
c97cd0c023e54390772efd8ef3e64fb381c31e1d75f4e65c9c02057ff2d1fc26

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /%E5%9B%9B%E4%BA%BF%E5%BD%A9%E7%A5%A8 HTTP/1.1
Host: 16.163.8.156
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://41000.bet/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 05:13:36 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 13 Oct 2022 07:14:38 GMT
ETag: W/"036a74d3ded81:0"
X-Powered-By: ASP.NET
Content-Encoding: gzip

r3.o.lencr.org/

184.51.252.197

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
184.51.252.197:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d015ff837a71bfb04c6243b2fe4ce2d3
87511f689b41fd7e72811ebc2ba19504986f319d
e2b62ee55b2541d71f2ffdda897ccfa73ae8ba4cf370963880350acec124fe59

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E2B62EE55B2541D71F2FFDDA897CCFA73AE8BA4CF370963880350ACEC124FE59"
Last-Modified: Thu, 01 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Fri, 02 Dec 2022 11:13:37 GMT
Date: Fri, 02 Dec 2022 05:13:37 GMT
Connection: keep-alive

r3.o.lencr.org/

184.51.252.197

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
184.51.252.197:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8ea7fef22228749e23d2a5297dbaea87
f3f8ead65f063730f3f3c64b9ed146fceb5d2e2f
44efcc4bec015fc85be2a8fe51dad97404d70f4a5daf1ac96dfc10e52be23b34

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "44EFCC4BEC015FC85BE2A8FE51DAD97404D70F4A5DAF1AC96DFC10E52BE23B34"
Last-Modified: Thu, 01 Dec 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21596
Expires: Fri, 02 Dec 2022 11:13:33 GMT
Date: Fri, 02 Dec 2022 05:13:37 GMT
Connection: keep-alive

16.163.8.156/%E5%9B%9B%E4%BA%BF%E5%BD%A9%E7%A5%A8?callback=jQuery361004263069232693939_1669958014099&_=1669958014100

16.163.8.156

200 OK

573 B

URL HTTP/1.1
16.163.8.156/%E5%9B%9B%E4%BA%BF%E5%BD%A9%E7%A5%A8?callback=jQuery361004263069232693939_1669958014099&_=1669958014100
IP
16.163.8.156:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (842)
Size
573 B (573 bytes)
Hash
b53b2d02539599bf354d533bf4918aa2
4722c62e3f811b28661a0eb350a4694060a92ba8
c97cd0c023e54390772efd8ef3e64fb381c31e1d75f4e65c9c02057ff2d1fc26

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /%E5%9B%9B%E4%BA%BF%E5%BD%A9%E7%A5%A8?callback=jQuery361004263069232693939_1669958014099&_=1669958014100 HTTP/1.1
Host: 16.163.8.156
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://41000.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 02 Dec 2022 05:13:37 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 13 Oct 2022 07:14:38 GMT
ETag: W/"036a74d3ded81:0"
X-Powered-By: ASP.NET
Content-Encoding: gzip

41000.bet/images/bg.png

20.213.27.188

200 OK

167 kB

URL HTTP/1.1
41000.bet/images/bg.png
IP
20.213.27.188:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 428 x 781, 8-bit/color RGBA, non-interlaced\012- data
Size
167 kB (167086 bytes)
Hash
6958aa693fe3cb928f7703dc5817008c
c7a0c39d03ca7cd0c70ea879b0e0ffe5d1a2a6d2
68a2ada96de07b149fbc6b487f504a1324b9e18232d439fe03403e9042069479

HTTP Headers

GET /images/bg.png HTTP/1.1
Host: 41000.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://41000.bet/css/css.css

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:13:36 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 15 Sep 2022 08:18:52 GMT
ETag: W/"0be2cadbc8d81:0"
Server: WAF/2.4-12.1
X-Cache-Status: MISS
Content-Encoding: gzip

41000.bet/images/time_w.png

20.213.27.188

200 OK

1.2 kB

URL HTTP/1.1
41000.bet/images/time_w.png
IP
20.213.27.188:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 52 x 52, 8-bit/color RGBA, non-interlaced\012- data
Size
1.2 kB (1193 bytes)
Hash
d493eca03f8a3166ee4273472c06676b
92f8846c34a27ecd38b81b16b9923a9757bb7910
3784361717a48d165af71f3cc9a80a586bf4f3a2cefe3f99966a80c8d6caade1

HTTP Headers

GET /images/time_w.png HTTP/1.1
Host: 41000.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://41000.bet/css/css.css

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:13:37 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 29 Sep 2022 03:03:26 GMT
ETag: W/"0d34bb0d3d81:0"
Server: WAF/2.4-12.1
X-Cache-Status: MISS
Content-Encoding: gzip

41000.bet/images/flash.png

20.213.27.188

200 OK

922 B

URL HTTP/1.1
41000.bet/images/flash.png
IP
20.213.27.188:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced\012- data
Size
922 B (922 bytes)
Hash
c538bad39a521b2ccafba0a072af7cfc
42b72c15a70b86496e6e6bfceb3fea6d5e14a370
bd88ee6826e483c4770e07f71c875c6c1180004b61794f80aaf5ad9b8cc11b67

HTTP Headers

GET /images/flash.png HTTP/1.1
Host: 41000.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://41000.bet/css/css.css

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 05:13:37 GMT
Content-Type: image/png
Content-Length: 922
Connection: keep-alive
Last-Modified: Thu, 29 Sep 2022 02:52:50 GMT
ETag: "0edee8faed3d81:0"
Server: WAF/2.4-12.1
X-Cache-Status: MISS
Accept-Ranges: bytes

www.41c8.bet/Z2nNWtAV

20.222.61.39

200 OK

1.3 kB

URL HTTP/2
www.41c8.bet/Z2nNWtAV
IP
20.222.61.39:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Non-ISO extended-ASCII text, with very long lines (848), with CRLF, LF line terminators
Size
1.3 kB (1282 bytes)
Hash
266062870ce897657361c3114b513489
8e689c9e8261b583f625ebf61919300d757a19be
6913648fbfab80bc153c997f488ace9d4e8094bebeda25588d117595c4639f3d

HTTP Headers

GET /Z2nNWtAV HTTP/1.1
Host: www.41c8.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://41000.bet/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 02 Dec 2022 05:13:37 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 13 Oct 2022 07:14:38 GMT
etag: W/"036a74d3ded81:0"
x-powered-by: ASP.NET
content-encoding: gzip
server: WAF/2.4-12.1
strict-transport-security: max-age=31536000;
x-cache-status: MISS
X-Firefox-Spdy: h2

www.41c39.bet/Z2nNWtAV?callback=jQuery361004263069232693939_1669958014104&_=1669958014105

20.187.117.211

200 OK

0 B

URL HTTP/2
www.41c39.bet/Z2nNWtAV?callback=jQuery361004263069232693939_1669958014104&_=1669958014105
IP
20.187.117.211:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /Z2nNWtAV?callback=jQuery361004263069232693939_1669958014104&_=1669958014105 HTTP/1.1
Host: www.41c39.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://41000.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 02 Dec 2022 05:13:37 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 13 Oct 2022 07:14:38 GMT
etag: W/"036a74d3ded81:0"
x-powered-by: ASP.NET
content-encoding: gzip
server: WAF/2.4-12.1
strict-transport-security: max-age=31536000;
x-cache-status: MISS
X-Firefox-Spdy: h2

41c90.com/Z2nNWtAV

20.187.117.211

200 OK

0 B

URL HTTP/2
41c90.com/Z2nNWtAV
IP
20.187.117.211:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /Z2nNWtAV HTTP/1.1
Host: 41c90.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://41000.bet/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 02 Dec 2022 05:13:37 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 13 Oct 2022 07:14:38 GMT
etag: W/"036a74d3ded81:0"
x-powered-by: ASP.NET
content-encoding: gzip
server: WAF/2.4-12.1
strict-transport-security: max-age=31536000;
x-cache-status: MISS
X-Firefox-Spdy: h2

41c93.com/Z2nNWtAV

20.187.117.211

200 OK

0 B

URL HTTP/2
41c93.com/Z2nNWtAV
IP
20.187.117.211:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /Z2nNWtAV HTTP/1.1
Host: 41c93.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://41000.bet/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 02 Dec 2022 05:13:37 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 13 Oct 2022 07:14:38 GMT
etag: W/"036a74d3ded81:0"
x-powered-by: ASP.NET
content-encoding: gzip
server: WAF/2.4-12.1
strict-transport-security: max-age=31536000;
x-cache-status: MISS
X-Firefox-Spdy: h2

www.41c18.bet/Z2nNWtAV

20.222.61.39

200 OK

0 B

URL HTTP/2
www.41c18.bet/Z2nNWtAV
IP
20.222.61.39:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /Z2nNWtAV HTTP/1.1
Host: www.41c18.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://41000.bet/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 02 Dec 2022 05:13:37 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 13 Oct 2022 07:14:38 GMT
etag: W/"036a74d3ded81:0"
x-powered-by: ASP.NET
content-encoding: gzip
server: WAF/2.4-12.1
strict-transport-security: max-age=31536000;
x-cache-status: MISS
X-Firefox-Spdy: h2

41c92.com/Z2nNWtAV

20.222.61.39

200 OK

0 B

URL HTTP/2
41c92.com/Z2nNWtAV
IP
20.222.61.39:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /Z2nNWtAV HTTP/1.1
Host: 41c92.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://41000.bet/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 02 Dec 2022 05:13:37 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 13 Oct 2022 07:14:38 GMT
etag: W/"036a74d3ded81:0"
x-powered-by: ASP.NET
content-encoding: gzip
server: WAF/2.4-12.1
strict-transport-security: max-age=31536000;
x-cache-status: MISS
X-Firefox-Spdy: h2

41c405.com/Z2nNWtAV

20.187.117.211

200 OK

0 B

URL HTTP/2
41c405.com/Z2nNWtAV
IP
20.187.117.211:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /Z2nNWtAV HTTP/1.1
Host: 41c405.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://41000.bet/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 02 Dec 2022 05:13:36 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 13 Oct 2022 07:14:38 GMT
etag: W/"036a74d3ded81:0"
x-powered-by: ASP.NET
content-encoding: gzip
server: WAF/2.4-12.1
strict-transport-security: max-age=31536000;
x-cache-status: MISS
X-Firefox-Spdy: h2

www.41c39.bet/Z2nNWtAV

20.187.117.211

200 OK

0 B

URL HTTP/2
www.41c39.bet/Z2nNWtAV
IP
20.187.117.211:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /Z2nNWtAV HTTP/1.1
Host: www.41c39.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://41000.bet/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 02 Dec 2022 05:13:37 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 13 Oct 2022 07:14:38 GMT
etag: W/"036a74d3ded81:0"
x-powered-by: ASP.NET
content-encoding: gzip
server: WAF/2.4-12.1
strict-transport-security: max-age=31536000;
x-cache-status: MISS
X-Firefox-Spdy: h2

www.41c18.bet/Z2nNWtAV?callback=jQuery361004263069232693939_1669958014101&_=1669958014106

20.222.61.39

200 OK

0 B

URL HTTP/2
www.41c18.bet/Z2nNWtAV?callback=jQuery361004263069232693939_1669958014101&_=1669958014106
IP
20.222.61.39:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /Z2nNWtAV?callback=jQuery361004263069232693939_1669958014101&_=1669958014106 HTTP/1.1
Host: www.41c18.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://41000.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 02 Dec 2022 05:13:37 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 13 Oct 2022 07:14:38 GMT
etag: W/"036a74d3ded81:0"
x-powered-by: ASP.NET
content-encoding: gzip
server: WAF/2.4-12.1
strict-transport-security: max-age=31536000;
x-cache-status: MISS
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (3)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (46)

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

File type

Size