Report - ww1.yokkasoft.net/

Report Overview

Submitted URL
ww1.yokkasoft.net/
IP
64.190.63.136
ASN
#47846 SEDO GmbH
Submitted
2023-01-26 23:38:08
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
notix.io	14765	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.0 kB	46 kB	139.45.240.92
zeniocloud.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	387 B	167 B	167.114.67.56
link.affiliates.cyber.bet	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	585 B	1.0 kB	172.66.40.100
my.rtmark.net	9054	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.5 kB	3.8 kB	139.45.195.8
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	511 B	694 B	216.58.207.228
gml-grp.com	57135	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	433 B	889 B	188.114.97.1
adjs.media	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	369 B	966 B	188.114.96.1
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
e1.o.lencr.org	6159	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	676 B	1.5 kB	23.36.77.32
cdn.jsdelivr.net	439	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	395 B	15 kB	151.101.65.229
backend.cyberbet.academy	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	4.4 kB	54.246.139.70
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.1 kB	11 kB	23.36.76.226
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.5 kB	9.1 kB	142.250.74.131
www.google.no	25607	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	474 B	694 B	142.250.74.163
alexatracker.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	420 B	981 B	172.67.204.112
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	350 B	965 B	54.230.245.118
adtraffic.agency	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	493 B	918 B	172.67.133.173
ww1.yokkasoft.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.5 kB	3.8 kB	64.190.63.136
static.cyber.bet	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	7.8 kB	65 kB	172.66.40.100
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
xml.sedodna.com	278378	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	404 B	268 B	173.239.53.32
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.8 kB	70 kB	34.120.237.76
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	430 B	74 kB	142.250.74.106
ocsp.globalsign.com	2075	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	368 B	1.9 kB	104.18.20.226
pool.admedo.com	4728	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	750 B	775 B	35.210.53.219
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	54.184.253.181
cyber.bet	658696	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	8.6 kB	460 kB	172.66.40.100
ajax.googleapis.com	12905	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	385 B	32 kB	142.250.74.74
cdnstatic.cyber.bet	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.8 kB	241 kB	54.230.111.100
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	3.1 kB	93.184.220.29
img.sedoparking.com	54200	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	320 B	4.8 kB	205.234.175.175
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.9 kB	67 kB	142.250.74.35
scripts.prdredir.com	84465	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	857 B	5.4 kB	172.64.135.33
region1.analytics.google.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	987 B	440 B	216.239.34.36

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-01-26	medium	cyber.bet/land/casino_red_pbn868/css/style.css?v=1	Malware
2023-01-26	medium	cyber.bet/land/casino_red_pbn868/img/logo.svg	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (40)

	URL	Size	First Seen	Last Seen
	ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js	90 kB	2023-03-07	2024-05-10
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js IP 142.250.74.74 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-05-10 21:23:03 Times Seen143236 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	cyber.bet/land/casino_red_pbn868/?cid=63d30ed64ea1cd00010fa3d7&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_casino&promocode=CYBERMAXCAS&subid2=&subid3=&aff_bnnr=&aff_land=1666276955	1.6 kB	2023-03-10	2024-01-26
Pretty URL cyber.bet/land/casino_red_pbn868/?cid=63d30ed64ea1cd00010fa3d7&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_casino&promocode=CYBERMAXCAS&subid2=&subid3=&aff_bnnr=&aff_land=1666276955 IP 172.66.40.100 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 06:49:08 Last Seen2024-01-26 23:34:57 Times Seen39 Hash 563c19e863e3315d859414dd57018095 8a7bc9fa92864a5d6cbbceaedd1b5692776627fb 5214dde220113de229b3ea10c1ea4afa3dce510dd4c1deee822534bc62166dd1 Loading...

	adjs.media/hit/cyberbet.gif?date=1674776279310&page=https%3A%2F%2Fcyber.bet%2Fland%2Fcasino_red_pbn868%2F%3Fcid%3D63d30ed64ea1cd00010fa3d7%26pid%3D8425%26subid1%3D%26affs%3D1%26sid%3Daffs%26utm_medium%3Drevshare%26utm_source%3Daffise%26utm_campaign%3D53_casino%26promocode%3DCYBERMAXCAS%26subid2%3D%26subid3%3D%26aff_bnnr%3D%26aff_land%3D1666276955&ref=http%3A%2F%2Fww1.yokkasoft.net%2F&tid=tid-2cfd8c5eb.2be193eea	74 kB	2023-03-13	2023-03-13
Pretty URL adjs.media/hit/cyberbet.gif?date=1674776279310&page=https%3A%2F%2Fcyber.bet%2Fland%2Fcasino_red_pbn868%2F%3Fcid%3D63d30ed64ea1cd00010fa3d7%26pid%3D8425%26subid1%3D%26affs%3D1%26sid%3Daffs%26utm_medium%3Drevshare%26utm_source%3Daffise%26utm_campaign%3D53_casino%26promocode%3DCYBERMAXCAS%26subid2%3D%26subid3%3D%26aff_bnnr%3D%26aff_land%3D1666276955&ref=http%3A%2F%2Fww1.yokkasoft.net%2F&tid=tid-2cfd8c5eb.2be193eea IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:53:08 Last Seen2023-03-13 07:53:08 Times Seen1 Hash 00e6f710b3c3e367baac98fbcecc4f6f b3ed261f84b52ea237979eed0bb5081159df1cd1 79e4f098b06783b86aae8b57c1fcedd2cef262577ffb18c00f68dc4abb736479 Loading...

	zeniocloud.com/bQIA.js?prid=63d30ed64ea1cd00010fa3d7&sub2=	609 B	2023-03-13	2023-03-13
Pretty URL zeniocloud.com/bQIA.js?prid=63d30ed64ea1cd00010fa3d7&sub2= IP 167.114.67.56 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:53:08 Last Seen2023-03-13 07:53:08 Times Seen1 Hash 8cc6bcc96e71ff0c90b5b5594d75357f 9a037925e257135b009103ba32e4356d18d7fe2e 1af73861092769cd23f0043a4ffc0782c06724f477879b44ac46362b015311a9 Loading...

	ww1.yokkasoft.net/	1.1 kB	2023-03-13	2023-03-13
Pretty URL ww1.yokkasoft.net/ IP 64.190.63.136 ASN #47846 SEDO GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:53:08 Last Seen2023-03-13 07:53:08 Times Seen1 Hash 96e63df742cd853a034a3d31414bd0a8 78a7b92b477581a7435ce268b77fb0f5040f387c a2a66fb0ec56752e49f159dbfc6750c6e2081943f2e05059467e9f7ba5d01a50 Loading...

	cyber.bet/land/casino_red_pbn868/?cid=63d30ed64ea1cd00010fa3d7&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_casino&promocode=CYBERMAXCAS&subid2=&subid3=&aff_bnnr=&aff_land=1666276955	331 B	2023-03-10	2023-10-09
Pretty URL cyber.bet/land/casino_red_pbn868/?cid=63d30ed64ea1cd00010fa3d7&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_casino&promocode=CYBERMAXCAS&subid2=&subid3=&aff_bnnr=&aff_land=1666276955 IP 172.66.40.100 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 06:49:08 Last Seen2023-10-09 15:18:47 Times Seen7 Hash b9c3d6bdb1ffaf083e5e1b6358a294c4 d2ff06cef74700843afc99a78e8bc4703de02ade 62c732a98ac2767df6e93c610f50aa9f95f7d8892da7e3c2811a9f002f4316c8 Loading...

	cdnstatic.cyber.bet/js/libs/iso3to2.js	4.1 kB	2023-03-10	2023-05-22
Pretty URL cdnstatic.cyber.bet/js/libs/iso3to2.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 06:49:08 Last Seen2023-05-22 14:54:42 Times Seen5 Hash db031116c7888248916813c60a4cce2b 34bf6f00efd8944708b1a819d56cbbbe4715a069 41393b689fa5ab55cc3783118cf6c8eeb8ab4b5972cb4a7736c47837f5b461fd Loading...

	www.googletagmanager.com/gtm.js?id=GTM-NR2G4XB	202 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-NR2G4XB IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:53:08 Last Seen2023-03-13 07:53:08 Times Seen1 Hash b61cdab75df89108bc2b5115ddef595f c14d112ca94e5cc98ad5cf26836278e087341118 db50f5e468299bea156116544eda66ef11e014954216aaa19551d7e9c4171009 Loading...

	cyber.bet/land/casino_red_pbn868/?cid=63d30ed64ea1cd00010fa3d7&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_casino&promocode=CYBERMAXCAS&subid2=&subid3=&aff_bnnr=&aff_land=1666276955	297 B	2023-03-13	2023-03-13
Pretty URL cyber.bet/land/casino_red_pbn868/?cid=63d30ed64ea1cd00010fa3d7&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_casino&promocode=CYBERMAXCAS&subid2=&subid3=&aff_bnnr=&aff_land=1666276955 IP 172.66.40.100 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:53:08 Last Seen2023-03-13 14:07:50 Times Seen1 Hash 370140cec0bb00e78ec92d594d6dc932 bcab744171105330217876044595e0268ea2c388 857973432ed5f7fdb43dcc734ddf4dbc46cc9925aa90e7c9eb264cca15c3cd1d Loading...

	my.rtmark.net/p.js?f=sync&lr=1&partner=8e97412bbf131fc32a987c97dde0d541fb4fd37a10ecec825f7a91e7042f6f9f	697 B	2023-03-11	2023-05-22
Pretty URL my.rtmark.net/p.js?f=sync&lr=1&partner=8e97412bbf131fc32a987c97dde0d541fb4fd37a10ecec825f7a91e7042f6f9f IP 139.45.195.8 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:37:10 Last Seen2023-05-22 14:54:42 Times Seen5 Hash 5d4584e4549c2c67b3b1014412127d86 878b05105062900e6df717dba698aab39b9476d8 383fd07eb50f0e9605a08083c372046f06511da2037d6dd5c0301bb8478ec55b Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-12	2024-04-15
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:46:21 Last Seen2024-04-15 18:54:35 Times Seen35101 Hash 54e51056211dda674100cc5b323a58ad 26dc5034cb6c7f3bbe061edd37c7fc6006cb835b 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Loading...

	cdnstatic.cyber.bet/js/libs/phone/intlTelInput.js	88 kB	2023-03-07	2024-04-23
Pretty URL cdnstatic.cyber.bet/js/libs/phone/intlTelInput.js IP 54.230.111.100 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:38:25 Last Seen2024-04-23 14:42:28 Times Seen89 Hash c73ba86bd67306c5889e9aac41e959e0 fff500c277ef00fd6cfc115b5e94f9281ac8d8cc 9b2b5fa78ba1f9424d7e85b0d2f160a8df6068d911dc1cfe26f78fb78d1d7172 Loading...

	cyber.bet/land/js/locales/base/locales.js	18 kB	2023-03-11	2023-03-13
Pretty URL cyber.bet/land/js/locales/base/locales.js IP 172.66.40.100 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:37:10 Last Seen2023-03-13 20:30:42 Times Seen1 Hash da171d6428ea339c35467233f6059b92 21daf450888f9902edac2386849f1cb2672f52bc 655ab4745a46082bf9d1507abf92be57c1b35be4591a6d1b9fd6fc96f4747c4c Loading...

	cyber.bet/land/casino_red_pbn868/?cid=63d30ed64ea1cd00010fa3d7&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_casino&promocode=CYBERMAXCAS&subid2=&subid3=&aff_bnnr=&aff_land=1666276955	1.1 kB	2023-03-11	2023-03-13
Pretty URL cyber.bet/land/casino_red_pbn868/?cid=63d30ed64ea1cd00010fa3d7&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_casino&promocode=CYBERMAXCAS&subid2=&subid3=&aff_bnnr=&aff_land=1666276955 IP 172.66.40.100 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:37:10 Last Seen2023-03-13 14:07:50 Times Seen1 Hash 004161e7cdab126b2367bd36b867988d e847736f0b3b8e02c9ac741f026fc0ec6ab3e8c1 8932151e70d95c79c17aa5ad2a0793ece771573479b7f6a9a2bf8290e5007be7 Loading...

	adjs.media/resources/content/cyberbet.js	2.9 kB	2023-03-11	2023-03-13
Pretty URL adjs.media/resources/content/cyberbet.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:37:10 Last Seen2023-03-13 14:07:50 Times Seen1 Hash 35f64d84a87e294df06ccb45c66299e9 65b9b05c0e1e883de9c3cc693c8b0bbf6263affe bd06ea929f643a4924378f7eca9deb90338641d78d4f71fe16b0a0f4eeee69ff Loading...

	unknown	0 B	2023-03-07	2024-05-10
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-10 21:32:49 Times Seen37524839 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	cdnstatic.cyber.bet/js/fp.js	533 B	2023-03-10	2023-10-09
Pretty URL cdnstatic.cyber.bet/js/fp.js IP 54.230.111.100 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 06:49:08 Last Seen2023-10-09 15:18:47 Times Seen13 Hash d1abfbe2c5b50e7f427e41c79197dcd3 01f6142a97168fd15da33334c35ce351d676ed08 7266855231eab7a13a11e53e9df50e1c84582649d9708e9a8f72d62e8af8b569 Loading...

	pj.l.admedo.com/admtracker.lib.min.js	5.4 kB	2023-03-10	2023-05-13
Pretty URL pj.l.admedo.com/admtracker.lib.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 06:49:08 Last Seen2023-05-13 12:33:22 Times Seen8 Hash 5a420213029638ecea775a40089898aa 17ca797e031f3383df78562421115476d8ffb00a 412c173f93136f00006d6941a755fc6b84e29ea6a772cd274a668deef3e77dd1 Loading...

	cdnstatic.cyber.bet/js/libs/phone/utils.js	245 kB	2023-03-07	2024-04-25
Pretty URL cdnstatic.cyber.bet/js/libs/phone/utils.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:38:25 Last Seen2024-04-25 10:18:28 Times Seen457 Hash 8f3a2154b225b6257161c4dfc9b89c9c 16b798cbb9e22cd4e1d710a8de7b12734551ca00 acaefecc2a438420ae02baa357bb498ac4abec71c80ba9e3c2b7079cacf256c2 Loading...

	cyber.bet/land/casino_red_pbn868/?cid=63d30ed64ea1cd00010fa3d7&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_casino&promocode=CYBERMAXCAS&subid2=&subid3=&aff_bnnr=&aff_land=1666276955	361 B	2023-03-11	2023-03-13
Pretty URL cyber.bet/land/casino_red_pbn868/?cid=63d30ed64ea1cd00010fa3d7&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_casino&promocode=CYBERMAXCAS&subid2=&subid3=&aff_bnnr=&aff_land=1666276955 IP 172.66.40.100 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:37:10 Last Seen2023-03-13 20:30:42 Times Seen1 Hash 3cbf10b07991ac2d8d6a179fb9602a72 8f341726913948dfb589ba214e8b46a08d9726ba 09bebddd017c2158b5815526c65988227cb021c77df3951eb2b12634e404c65c Loading...

	scripts.prdredir.com/scripts/k_cyberbet.js	800 B	2023-03-07	2024-05-10
Pretty URL scripts.prdredir.com/scripts/k_cyberbet.js IP 172.64.135.33 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:16 Last Seen2024-05-10 07:00:42 Times Seen488 Hash 62c934c5559915e05c14fc88e1e24211 5261bbc42669d8dd1f9f90204a350faab0d9098f 95d838de11136e7964ca0eaa375bf294d19a0b15880a014338e0a5d9d8e05385 Loading...

	cdnstatic.cyber.bet/js/currencyMapping.js	16 kB	2023-03-10	2023-03-13
Pretty URL cdnstatic.cyber.bet/js/currencyMapping.js IP 54.230.111.100 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 06:49:08 Last Seen2023-03-13 20:30:42 Times Seen1 Hash 2a3d85d14eaeaac04949a29f3c94c548 8d14a1f32ac11f78446fdfb26d24d0944780b626 af9a360f190345d8781bcd1955ca7d5d40c9e8c95f4e096fef7c825500c9b740 Loading...

	scripts.prdredir.com/safeframe	173 B	2023-03-07	2023-04-05
Pretty URL scripts.prdredir.com/safeframe IP 172.64.135.33 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-04-05 01:45:10 Times Seen18 Hash ed2ee4ac79bc7af5967acee3f32c0b7c ce88dc9a9fb3501823b374291671d5016581a8de 975e4354b54fbad37d4342e331a35b41188179551e25da7bd06bda1d5649fb76 Loading...

	notix.io/ent/current/enot.min.js	78 kB	2023-03-13	2023-03-13
Pretty URL notix.io/ent/current/enot.min.js IP 139.45.240.92 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 06:52:28 Last Seen2023-03-13 07:53:08 Times Seen1 Hash ed86fa3da1946b7694e355340f420a2a cad8ee122881b7ea93e97bd73df58bae08e65dd2 26315a2d5e57d3363735a5a5bc7183a8fd20ac9860eb56545c588fe388c40803 Loading...

	cyber.bet/land/casino_red_pbn868/?cid=63d30ed64ea1cd00010fa3d7&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_casino&promocode=CYBERMAXCAS&subid2=&subid3=&aff_bnnr=&aff_land=1666276955	739 B	2023-03-10	2024-01-26
Pretty URL cyber.bet/land/casino_red_pbn868/?cid=63d30ed64ea1cd00010fa3d7&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_casino&promocode=CYBERMAXCAS&subid2=&subid3=&aff_bnnr=&aff_land=1666276955 IP 172.66.40.100 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 06:49:08 Last Seen2024-01-26 23:34:57 Times Seen39 Hash dda0c4c5c9e00b5c718403e613cf2d57 dad1499931e90b20118a8ec383e109c61e40f207 c1931e011368966ab988daf963cbbbe32251588a274f432406550ea02f781db0 Loading...

	cdnstatic.cyber.bet/js/global.js	71 kB	2023-03-10	2023-03-13
Pretty URL cdnstatic.cyber.bet/js/global.js IP 54.230.111.100 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 06:49:08 Last Seen2023-03-13 15:08:47 Times Seen1 Hash 8943965f22a29b6f800a98e0eaed584f 1cfa4c3d79808cce1785967a637819b88a9d11f5 3655c70a4699f50b8ffedcba2985671c7c8788b6a73e665e45515e6b8e69e3db Loading...

	cdnstatic.cyber.bet/js/libs/jquery.nice-select.min.js	2.9 kB	2023-03-07	2024-05-10
Pretty URL cdnstatic.cyber.bet/js/libs/jquery.nice-select.min.js IP 54.230.111.100 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01:42 Last Seen2024-05-10 20:52:42 Times Seen772 Hash 4e2def5093eb4c4281624db4a5aa8f9c c3b8e8919f96d8d34594f111b95586ec28545a36 b73acfa96127f9a41a2c76fcf2196d37ff818460d02d48415770979eb59e4f3a Loading...

	cyber.bet/land/casino_red_pbn868/?cid=63d30ed64ea1cd00010fa3d7&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_casino&promocode=CYBERMAXCAS&subid2=&subid3=&aff_bnnr=&aff_land=1666276955	565 B	2023-03-11	2023-03-13
Pretty URL cyber.bet/land/casino_red_pbn868/?cid=63d30ed64ea1cd00010fa3d7&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_casino&promocode=CYBERMAXCAS&subid2=&subid3=&aff_bnnr=&aff_land=1666276955 IP 172.66.40.100 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:37:10 Last Seen2023-03-13 14:07:50 Times Seen1 Hash a0900c7ddb3264295fcebea2cd040092 33ea5caea85c77c8f166fca31e328e7b8f16fd38 b477476f55641adb36fa66f09bfd40c2436de66dd068612dadf2740517fb3a86 Loading...

	scripts.prdredir.com/safeframe	3.6 kB	2023-03-07	2023-04-05
Pretty URL scripts.prdredir.com/safeframe IP 172.64.135.33 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:38 Last Seen2023-04-05 01:45:10 Times Seen18 Hash 94ddf5c543e810ada88812cdb346392a a4414d0d384c7d405d8f23fcaf18ee61d8895cce 513a33d7b370a1a09ffe81463bd0575c9d697b21a4f97ef09d25543ddf3bd1b1 Loading...

	www.googletagmanager.com/gtag/destination?id=G-ZK6ZSCE3G7&l=dataLayer&cx=c	223 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtag/destination?id=G-ZK6ZSCE3G7&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:53:08 Last Seen2023-03-13 07:53:08 Times Seen1 Hash 4026332f8c6f3df207a5ab8b1ea73ff9 0cefa6d84f9e8854c5426cf3b3eb3332c28b30d2 d777a056401f16aba12136e4b7e03cfde31dcc121f3b9c9232c53e1f819ba28b Loading...

	cdnstatic.cyber.bet/js/payments.js	1.2 kB	2023-03-11	2023-05-19
Pretty URL cdnstatic.cyber.bet/js/payments.js IP 54.230.111.100 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:37:10 Last Seen2023-05-19 19:23:42 Times Seen2 Hash 86e0165b432077320adbf690e339604e 37c74e9724bb46c7596b23bf3df45f64449cb94a f2812c1ded3ff4e7051c5866040b0e90b1dfdf6b3d10588dd200d00199d13ae8 Loading...

	my.rtmark.net/p.js?f=sync&lr=1&partner=ba0d5680aec92ed9c5c9da2be8d0e8a3a577866b71c7089a32ed732bc1246910	697 B	2023-03-10	2024-01-26
Pretty URL my.rtmark.net/p.js?f=sync&lr=1&partner=ba0d5680aec92ed9c5c9da2be8d0e8a3a577866b71c7089a32ed732bc1246910 IP 139.45.195.8 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 06:49:08 Last Seen2024-01-26 23:34:58 Times Seen71 Hash bb07e31c2c066db5c4b3259d1f69a442 db79e9d4a817ce703b11b65faf2ba097228063b2 d96b7a3f7fe0803348c6ea7cd2f02b2a3d96feabac2339d2f89033336f6583a8 Loading...

	cdnstatic.cyber.bet/js/geoMapping.js	443 B	2023-03-10	2023-10-09
Pretty URL cdnstatic.cyber.bet/js/geoMapping.js IP 54.230.111.100 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 06:49:08 Last Seen2023-10-09 15:18:47 Times Seen12 Hash 2f6043a16c26cde9a190dbb829b5519c 791479cfced1a000ef6411990f1c4bba615b6b4c f9dfb0c2f94be90f2cdeb66286b36cdeb5d8fb0fbb9f28b1e1d3d99a3780306a Loading...

		Size	First Seen	Last Seen
	#1 Eval - ec5836df6eeba268a0fc3eb8119d3824	65 B	2023-03-10	2024-01-26
Pretty Observations First Seen2023-03-10 06:49:09 Last Seen2024-01-26 23:34:58 Times Seen39 Hash ec5836df6eeba268a0fc3eb8119d3824 df817559287b119c318901c4de5cc04f42c816ef 7c3aab0ec1bedd74fec8eb4338a8ec29d5548db5b99bdc031bcb1b939820711c Loading...

	#2 Eval - 1bdddf0717a25257dc9b5f41948293bc	82 B	2023-03-10	2024-01-26
Pretty Observations First Seen2023-03-10 06:49:09 Last Seen2024-01-26 23:34:58 Times Seen38 Hash 1bdddf0717a25257dc9b5f41948293bc 7473e1698e1de047889207ef0e7ead943a438873 5cf62f23df0a9958ae85f7aca4742e41cc2193224a7b240b883442442ba0b62d Loading...

	#3 Eval - 7269d0b2114cacaedb0519b785487922	84 B	2023-03-08	2024-05-09
Pretty Observations First Seen2023-03-08 01:40:31 Last Seen2024-05-09 09:37:33 Times Seen98 Hash 7269d0b2114cacaedb0519b785487922 db531ec467b76eb36dbe13c5a33d7b87099c6107 792f580a888b462212032166a87582b6c764e5a166b54faa0c3fffdfa6a95b1f Loading...

	#4 Eval - fea868702356dd2f7073216002d4e759	58 B	2023-03-10	2023-10-09
Pretty Observations First Seen2023-03-10 06:49:08 Last Seen2023-10-09 15:18:47 Times Seen7 Hash fea868702356dd2f7073216002d4e759 3625a96c014974f566f41516b38447929dafb5e4 1d9b92eafcbdd9c3b487de09e8e76b0c25552c9d60daf73cde231b16788b0b83 Loading...

	#5 Eval - 0850b953a585b70b1afa351a40444c84	81 B	2023-03-10	2024-01-26
Pretty Observations First Seen2023-03-10 06:49:09 Last Seen2024-01-26 23:34:58 Times Seen39 Hash 0850b953a585b70b1afa351a40444c84 9d81b6cf79a23fafc4f0b5f5077a622fbd88959a 29d16afb11928cf04fe3eb6ec9937a4d7f5321257ce886d2918cb5d09d0cd044 Loading...

	#6 Eval - 14faeed9447073abce7e4bd2df76bd8e	209 B	2023-03-07	2024-05-09
Pretty Observations First Seen2023-03-07 01:32:33 Last Seen2024-05-09 09:37:33 Times Seen332 Hash 14faeed9447073abce7e4bd2df76bd8e b786cd710b75c9d2cd0c54ddfba101030cae0220 0cfc8f57ea174bb9e3a746405077c0156867dc3a2dc5901ae81c4b52e82a80ab Loading...

	#7 Eval - c8c66afc783afdaa5ccb23de68b346c3	74 B	2023-03-07	2024-04-10
Pretty Observations First Seen2023-03-07 01:03:02 Last Seen2024-04-10 12:39:55 Times Seen293 Hash c8c66afc783afdaa5ccb23de68b346c3 cb571480a4ffd5ead7677c6e63e5206f6f8d1ee6 a23001dc0a49b03a2c257d85dec6791ab3b81ab3e971cb6e0d38ae1be1473100 Loading...

HTTP Transactions (129)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9fbe85f42e8ae8ae41cc12df5f98b141
949fa36ff0f22f72565fd584bef094dd4de23037
184d3e4df4bce559b4d7c4836372f5fd2de9782a96b04d364230b7d695d737d8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "184D3E4DF4BCE559B4D7C4836372F5FD2DE9782A96B04D364230B7D695D737D8"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12411
Expires: Fri, 27 Jan 2023 03:04:47 GMT
Date: Thu, 26 Jan 2023 23:37:56 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2405562765b49b2782ebd2e2994851d5
be7ac8e558f7875bb1fb86ab5ec674424a5ff269
422cfa907461cb7b93b9089d600052f9e94951e5e0c93d97651905002e48ad3e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "422CFA907461CB7B93B9089D600052F9E94951E5E0C93D97651905002E48AD3E"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14308
Expires: Fri, 27 Jan 2023 03:36:24 GMT
Date: Thu, 26 Jan 2023 23:37:56 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
69f73ac59327cd9ad7d99816ccfcc03e
c54844f82dbee0d5ee4c8ce344eb0139373e6c6b
e81c685b2d8f0e31b89e5cfc911a2c5a99a556646830ac5a8468d991b5e871a3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E81C685B2D8F0E31B89E5CFC911A2C5A99A556646830AC5A8468D991B5E871A3"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7100
Expires: Fri, 27 Jan 2023 01:36:17 GMT
Date: Thu, 26 Jan 2023 23:37:57 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 26 Jan 2023 23:35:18 GMT
content-type: application/json
age: 159
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 2esJScy5Uv3ccIL2oa0bDkDPXm9wqENIB5mATeXMCDGkOS/bx8BURnhI3U78Y6nF4WUwCDl48zk=
x-amz-request-id: 644NGP3AXJBYN8H4
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 26 Jan 2023 23:20:18 GMT
age: 1059
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 23:37:57 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 26 Jan 2023 23:24:53 GMT
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
age: 784
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c398b6b39d11d25b8ae9bc5cd94a1c98
640aa8c399ced71d0c2a9f5a90fbaf091b01d642
a6f07f7c6a4746acc25457c726701df33120628dfb578bc4982448d8efee5855

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A6F07F7C6A4746ACC25457C726701DF33120628DFB578BC4982448D8EFEE5855"
Last-Modified: Tue, 24 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8743
Expires: Fri, 27 Jan 2023 02:03:40 GMT
Date: Thu, 26 Jan 2023 23:37:57 GMT
Connection: keep-alive

push.services.mozilla.com/

54.184.253.181

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.184.253.181:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 1yRoClWy6Xo+Hsq7Oj87Ww==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: q/2Exx33TVj4zaSDXvVB6zQXgOs=

ww1.yokkasoft.net/

64.190.63.136

200 OK

1.3 kB

URL HTTP/1.1
ww1.yokkasoft.net/
IP
64.190.63.136:0
ASN
#47846 SEDO GmbH

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (692)
Size
1.3 kB (1316 bytes)
Hash
1783ab4251f909ad3a57757f86d84fd9
2c8660b467fee24b7b38d4a57ad400c06500473a
2025094ad3c3ea820b55e5211ffcc1c0855901d69d8763eed51dc6830d9a9aaf

HTTP Headers

GET / HTTP/1.1
Host: ww1.yokkasoft.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
date: Thu, 26 Jan 2023 23:37:58 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
vary: Accept-Encoding
x-powered-by: PHP/8.1.9
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_Byime2k5H75LO09hEuH1xhqkR+IbC5co+0D4GG3Y9Nw2svMn4jAueS1tjbk/Z5UkFKsDWhn+UHZcfF1PBHcu9w==
last-modified: Thu, 26 Jan 2023 23:37:57 GMT
x-cache-miss-from: parking-7649dfd87f-bmljp
server: NginX
content-encoding: gzip

img.sedoparking.com/images/js_preloader.gif

205.234.175.175

200 OK

4.3 kB

URL HTTP/1.1
img.sedoparking.com/images/js_preloader.gif
IP
205.234.175.175:0
ASN
#30081 CACHENETWORKS

File type
GIF image data, version 89a, 16 x 16\012- data
Size
4.3 kB (4254 bytes)
Hash
90c93102a88c2ab94bff1575b7a6e86e
56d71bf13de464534643db9d127629a0a3bf677a
5f6ad7031600056b578a6e8c6b34bc718d13125cc8256aa4a9050e549576f81a

HTTP Headers

GET /images/js_preloader.gif HTTP/1.1
Host: img.sedoparking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww1.yokkasoft.net/

HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 23:37:58 GMT
Content-Type: image/gif
Content-Length: 4254
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Expires: Thu, 02 Feb 2023 23:37:58 GMT
X-CFHash: "90c93102a88c2ab94bff1575b7a6e86e"
X-CFF: B
Last-Modified: Fri, 15 Mar 2019 12:24:07 GMT
X-CF3: M
CF4Age: 0
x-cf-tsc: 1672141863
CF4ttl: 31536000.000
X-CF2: H
Server: CFS 0215
X-CF-ReqID: 7e3c7529e030564f9fad0bdcb9c27c24
X-CF1: 11696:fA.arn1:cf:cacheN.arn1-01:H
Accept-Ranges: bytes

ww1.yokkasoft.net/search/tsc.php?200=NDU1ODQ5NDAy&21=OTEuOTAuNDIuMTU0&681=MTY3NDc3NjI3OGZhY2Q3OWU1NWYwZGFhNmQ1Njc2NThhYzQ4Njc5NDU4&crc=7e440a36ef19cd002e971b7a23d6e1cdd3b00dce&cv=1

64.190.63.136

200 OK

0 B

URL HTTP/1.1
ww1.yokkasoft.net/search/tsc.php?200=NDU1ODQ5NDAy&21=OTEuOTAuNDIuMTU0&681=MTY3NDc3NjI3OGZhY2Q3OWU1NWYwZGFhNmQ1Njc2NThhYzQ4Njc5NDU4&crc=7e440a36ef19cd002e971b7a23d6e1cdd3b00dce&cv=1
IP
64.190.63.136:0
ASN
#47846 SEDO GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /search/tsc.php?200=NDU1ODQ5NDAy&21=OTEuOTAuNDIuMTU0&681=MTY3NDc3NjI3OGZhY2Q3OWU1NWYwZGFhNmQ1Njc2NThhYzQ4Njc5NDU4&crc=7e440a36ef19cd002e971b7a23d6e1cdd3b00dce&cv=1 HTTP/1.1
Host: ww1.yokkasoft.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww1.yokkasoft.net/

HTTP/1.1 200 OK
date: Thu, 26 Jan 2023 23:37:58 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-powered-by: PHP/8.1.9
x-cache-miss-from: parking-7649dfd87f-24nt6
server: NginX

ww1.yokkasoft.net/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D5UJA%2A%2AVYS8g_0&v=Y2FhYjc0MjRiNzUwNDMyMWM2NzEzM2Y2OWMwMmJjMzEJMQl3dzEueW9ra2Fzb2Z0Lm5ldDYzZDMwZWQ1MjU0NGQyLjE4NjkzMTEzCXd3MS55b2trYXNvZnQubmV0NjNkMzBlZDUyNTQ5ZTguMzQ5MDQzODgJMTY3NDc3NjI3OAlhZF82M18w&l=OAkxNTlkMzU5MzEzNThiYmFlZjI0MDA5YzFiMzdjZGEwZgkwCTM1CTAJYTYzYjEzYjUyNGIwNjNiZDc2YzM2ZmEwODQ4ZDZkMjAJNDU1ODQ5NDAyCXlva2thc29mdAkwCTYzCTYJMgkxNjc0Nzc2Mjc4CTAuMDAwNTUyCU4JMAkwCTAJMTIwNQk0MzgyMjg0MzgJOTEuOTAuNDIuMTU0CTA%3D

64.190.63.136

302 Found

0 B

URL HTTP/1.1
ww1.yokkasoft.net/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D5UJA%2A%2AVYS8g_0&v=Y2FhYjc0MjRiNzUwNDMyMWM2NzEzM2Y2OWMwMmJjMzEJMQl3dzEueW9ra2Fzb2Z0Lm5ldDYzZDMwZWQ1MjU0NGQyLjE4NjkzMTEzCXd3MS55b2trYXNvZnQubmV0NjNkMzBlZDUyNTQ5ZTguMzQ5MDQzODgJMTY3NDc3NjI3OAlhZF82M18w&l=OAkxNTlkMzU5MzEzNThiYmFlZjI0MDA5YzFiMzdjZGEwZgkwCTM1CTAJYTYzYjEzYjUyNGIwNjNiZDc2YzM2ZmEwODQ4ZDZkMjAJNDU1ODQ5NDAyCXlva2thc29mdAkwCTYzCTYJMgkxNjc0Nzc2Mjc4CTAuMDAwNTUyCU4JMAkwCTAJMTIwNQk0MzgyMjg0MzgJOTEuOTAuNDIuMTU0CTA%3D
IP
64.190.63.136:0
ASN
#47846 SEDO GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D5UJA%2A%2AVYS8g_0&v=Y2FhYjc0MjRiNzUwNDMyMWM2NzEzM2Y2OWMwMmJjMzEJMQl3dzEueW9ra2Fzb2Z0Lm5ldDYzZDMwZWQ1MjU0NGQyLjE4NjkzMTEzCXd3MS55b2trYXNvZnQubmV0NjNkMzBlZDUyNTQ5ZTguMzQ5MDQzODgJMTY3NDc3NjI3OAlhZF82M18w&l=OAkxNTlkMzU5MzEzNThiYmFlZjI0MDA5YzFiMzdjZGEwZgkwCTM1CTAJYTYzYjEzYjUyNGIwNjNiZDc2YzM2ZmEwODQ4ZDZkMjAJNDU1ODQ5NDAyCXlva2thc29mdAkwCTYzCTYJMgkxNjc0Nzc2Mjc4CTAuMDAwNTUyCU4JMAkwCTAJMTIwNQk0MzgyMjg0MzgJOTEuOTAuNDIuMTU0CTA%3D HTTP/1.1
Host: ww1.yokkasoft.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww1.yokkasoft.net/
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
date: Thu, 26 Jan 2023 23:37:58 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-powered-by: PHP/8.1.9
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
last-modified: Thu, 26 Jan 2023 23:37:58 GMT
location: /search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D5UJA%2A%2AVYS8g_0&v=Y2FhYjc0MjRiNzUwNDMyMWM2NzEzM2Y2OWMwMmJjMzEJMQl3dzEueW9ra2Fzb2Z0Lm5ldDYzZDMwZWQ1MjU0NGQyLjE4NjkzMTEzCXd3MS55b2trYXNvZnQubmV0NjNkMzBlZDUyNTQ5ZTguMzQ5MDQzODgJMTY3NDc3NjI3OAlhZF82M18w&l=OAkxNTlkMzU5MzEzNThiYmFlZjI0MDA5YzFiMzdjZGEwZgkwCTM1CTAJYTYzYjEzYjUyNGIwNjNiZDc2YzM2ZmEwODQ4ZDZkMjAJNDU1ODQ5NDAyCXlva2thc29mdAkwCTYzCTYJMgkxNjc0Nzc2Mjc4CTAuMDAwNTUyCU4JMAkwCTAJMTIwNQk0MzgyMjg0MzgJOTEuOTAuNDIuMTU0CTA%3D
x-cache-miss-from: parking-7649dfd87f-fkmp4
server: NginX

ww1.yokkasoft.net/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D5UJA%2A%2AVYS8g_0&v=Y2FhYjc0MjRiNzUwNDMyMWM2NzEzM2Y2OWMwMmJjMzEJMQl3dzEueW9ra2Fzb2Z0Lm5ldDYzZDMwZWQ1MjU0NGQyLjE4NjkzMTEzCXd3MS55b2trYXNvZnQubmV0NjNkMzBlZDUyNTQ5ZTguMzQ5MDQzODgJMTY3NDc3NjI3OAlhZF82M18w&l=OAkxNTlkMzU5MzEzNThiYmFlZjI0MDA5YzFiMzdjZGEwZgkwCTM1CTAJYTYzYjEzYjUyNGIwNjNiZDc2YzM2ZmEwODQ4ZDZkMjAJNDU1ODQ5NDAyCXlva2thc29mdAkwCTYzCTYJMgkxNjc0Nzc2Mjc4CTAuMDAwNTUyCU4JMAkwCTAJMTIwNQk0MzgyMjg0MzgJOTEuOTAuNDIuMTU0CTA%3D

64.190.63.136

302 Found

311 B

URL HTTP/1.1
ww1.yokkasoft.net/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D5UJA%2A%2AVYS8g_0&v=Y2FhYjc0MjRiNzUwNDMyMWM2NzEzM2Y2OWMwMmJjMzEJMQl3dzEueW9ra2Fzb2Z0Lm5ldDYzZDMwZWQ1MjU0NGQyLjE4NjkzMTEzCXd3MS55b2trYXNvZnQubmV0NjNkMzBlZDUyNTQ5ZTguMzQ5MDQzODgJMTY3NDc3NjI3OAlhZF82M18w&l=OAkxNTlkMzU5MzEzNThiYmFlZjI0MDA5YzFiMzdjZGEwZgkwCTM1CTAJYTYzYjEzYjUyNGIwNjNiZDc2YzM2ZmEwODQ4ZDZkMjAJNDU1ODQ5NDAyCXlva2thc29mdAkwCTYzCTYJMgkxNjc0Nzc2Mjc4CTAuMDAwNTUyCU4JMAkwCTAJMTIwNQk0MzgyMjg0MzgJOTEuOTAuNDIuMTU0CTA%3D
IP
64.190.63.136:0
ASN
#47846 SEDO GmbH

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
311 B (311 bytes)
Hash
d2f061da5d38ffc366a277df8e221640
e86c4fab53e105b5fd65aa8c346c2a4642809d12
3ded19ca76cec632933e1c62ab752650445c00540d8588028f92972bbe7a6fb7

HTTP Headers

GET /search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D5UJA%2A%2AVYS8g_0&v=Y2FhYjc0MjRiNzUwNDMyMWM2NzEzM2Y2OWMwMmJjMzEJMQl3dzEueW9ra2Fzb2Z0Lm5ldDYzZDMwZWQ1MjU0NGQyLjE4NjkzMTEzCXd3MS55b2trYXNvZnQubmV0NjNkMzBlZDUyNTQ5ZTguMzQ5MDQzODgJMTY3NDc3NjI3OAlhZF82M18w&l=OAkxNTlkMzU5MzEzNThiYmFlZjI0MDA5YzFiMzdjZGEwZgkwCTM1CTAJYTYzYjEzYjUyNGIwNjNiZDc2YzM2ZmEwODQ4ZDZkMjAJNDU1ODQ5NDAyCXlva2thc29mdAkwCTYzCTYJMgkxNjc0Nzc2Mjc4CTAuMDAwNTUyCU4JMAkwCTAJMTIwNQk0MzgyMjg0MzgJOTEuOTAuNDIuMTU0CTA%3D HTTP/1.1
Host: ww1.yokkasoft.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww1.yokkasoft.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
date: Thu, 26 Jan 2023 23:37:58 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
x-powered-by: PHP/8.1.9
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
last-modified: Thu, 26 Jan 2023 23:37:58 GMT
location: http://xml.sedodna.com/click?i=5UJA**VYS8g_0
x-cache-miss-from: parking-7649dfd87f-8jz64
server: NginX

xml.sedodna.com/click?i=5UJA**VYS8g_0

173.239.53.32

302 Found

0 B

URL HTTP/1.1
xml.sedodna.com/click?i=5UJA**VYS8g_0
IP
173.239.53.32:0
ASN
#27257 WEBAIR-INTERNET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /click?i=5UJA**VYS8g_0 HTTP/1.1
Host: xml.sedodna.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww1.yokkasoft.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Cache-Control: no-store
Content-Length: 0
Age: 0
Connection: keep-alive
Location: https://link.affiliates.cyber.bet/click?b=0&pid=8425&offer_id=53&l=1666276955&sub4=CYBERMAXCAS&sub8=_casino&sub6=1666276955&ref_id=2o043B6WGrI
Pragma: no-cache

link.affiliates.cyber.bet/click?b=0&pid=8425&offer_id=53&l=1666276955&sub4=CYBERMAXCAS&sub8=_casino&sub6=1666276955&ref_id=2o043B6WGrI

172.66.40.100

302 Found

0 B

URL HTTP/2
link.affiliates.cyber.bet/click?b=0&pid=8425&offer_id=53&l=1666276955&sub4=CYBERMAXCAS&sub8=_casino&sub6=1666276955&ref_id=2o043B6WGrI
IP
172.66.40.100:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /click?b=0&pid=8425&offer_id=53&l=1666276955&sub4=CYBERMAXCAS&sub8=_casino&sub6=1666276955&ref_id=2o043B6WGrI HTTP/1.1
Host: link.affiliates.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ww1.yokkasoft.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Thu, 26 Jan 2023 23:37:58 GMT
content-length: 0
location: https://cyber.bet/land/casino_red_pbn868/?cid=63d30ed64ea1cd00010fa3d7&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_casino&promocode=CYBERMAXCAS&subid2=&subid3=&aff_bnnr=&aff_land=1666276955
x-adjust-use-original-forwarded-for: 1
access-control-allow-origin: *
set-cookie: afclick=63d30ed64ea1cd00010fa3d7; expires=Fri, 26 Jan 2024 23:37:58 GMT; secure; SameSite=None
afoffers={"53":1674776278}; expires=Fri, 26 Jan 2024 23:37:58 GMT; secure; SameSite=None
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EomIYGF%2B5ycbwMj%2FxEA8aZRd7C6MzaD%2BxmWylOTfxpwTXdwhucI2H4hXtNOKE52nWHEJOPJZ35npuJVxhc4jFLmaktDh2xIWb9scbtlJSuFzyIj6w0%2F%2FRCUV0dBRAUEesOZEA0aXTmmvyNk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78fd145e0d8db4eb-OSL
X-Firefox-Spdy: h2

cyber.bet/land/casino_red_pbn868/css/style.css?v=1

172.66.40.100

200 OK

1.4 kB

URL HTTP/2
cyber.bet/land/casino_red_pbn868/css/style.css?v=1
IP
172.66.40.100:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (3797), with no line terminators
Size
1.4 kB (1442 bytes)
Hash
74bb1d5bdfa241f268aee9a06d9e6ee7
6217b14c5e2af63356159ddf1fbf7980684f0ba7
27fa22116f7098d0e0440d057b84583d17a670a0bdcab5a48ed810b42923ca06

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /land/casino_red_pbn868/css/style.css?v=1 HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_red_pbn868/?cid=63d30ed64ea1cd00010fa3d7&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_casino&promocode=CYBERMAXCAS&subid2=&subid3=&aff_bnnr=&aff_land=1666276955
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:37:58 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=6020
etag: W/"63502f95-1784"
last-modified: Wed, 19 Oct 2022 17:10:45 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4740
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sRirzKWd9%2F%2BpJX9B4Rn3%2FRJfkGKKECRFe7mU2gH%2BpBC%2FwGXHBD7wlEN0%2F%2BCnOex6PGyDrHS7qWR9f9VgI%2BPXzDJ16kJpFJ3NGsS%2FQX7hPqd6MEoiFQMQU4ZHhA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fd145f6eafb4eb-OSL
content-encoding: br
X-Firefox-Spdy: h2

cyber.bet/land/casino_red_pbn868/css/form.css

172.66.40.100

200 OK

2.0 kB

URL HTTP/2
cyber.bet/land/casino_red_pbn868/css/form.css
IP
172.66.40.100:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (6780), with no line terminators
Size
2.0 kB (2040 bytes)
Hash
2f35fd6bc3f771c506256a8df6987be8
96397c9f2de2336adb6afc3122aafa0f4a693f89
143c59d54b473e682f0bff58a0bf15d1871e90ccd8e7ba73e8071d428a37a119

HTTP Headers

GET /land/casino_red_pbn868/css/form.css HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_red_pbn868/?cid=63d30ed64ea1cd00010fa3d7&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_casino&promocode=CYBERMAXCAS&subid2=&subid3=&aff_bnnr=&aff_land=1666276955
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:37:58 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=9305
etag: W/"63502f95-2459"
last-modified: Wed, 19 Oct 2022 17:10:45 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4740
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1wIxGRHcwgGkHwciO1KZfEDwRa0tTORfI1hEyXcQPPbS1V%2FpUZOSJ3W%2FjJrkTlGg6ysqPSK7N%2BqLT1vVDTfcczz3CF100LLV7lJ6AFcCr6O0FXqiw5IAPq4G%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fd145f6eb2b4eb-OSL
content-encoding: br
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2fd3b5487710791cafa87110d681647a
6f3de59c79cf8f93c3312d917e9bb225a8bb25f9
35c24aa8f70e97185a0a18761f04b283cefecdce3abcd2261ccc6377077730c5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35C24AA8F70E97185A0A18761F04B283CEFECDCE3ABCD2261CCC6377077730C5"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11817
Expires: Fri, 27 Jan 2023 02:54:56 GMT
Date: Thu, 26 Jan 2023 23:37:59 GMT
Connection: keep-alive

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
c5c753e9f57be16e80f9d89df98d1818
9d4a172cc16beb64439ed3600377baad217be967
b00339d8e7490d7140522fdde843e0b168d3e19a624665dbd516da0425f32655

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "B00339D8E7490D7140522FDDE843E0B168D3E19A624665DBD516DA0425F32655"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3866
Expires: Fri, 27 Jan 2023 00:42:25 GMT
Date: Thu, 26 Jan 2023 23:37:59 GMT
Connection: keep-alive

ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

142.250.74.74

200 OK

31 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (65451)
Size
31 kB (31021 bytes)
Hash
903bc7a7e510f87aa5d0201eb59a0832
ac9aa4dd94cde1bcba9037e94087138b127e41fc
41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f

HTTP Headers

GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 21 Jan 2023 15:00:01 GMT
expires: Sun, 21 Jan 2024 15:00:01 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 463078
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

cdnstatic.cyber.bet/css/payments.css

54.230.111.100

200 OK

699 B

URL HTTP/2
cdnstatic.cyber.bet/css/payments.css
IP
54.230.111.100:0
ASN
#16509 AMAZON-02

File type
ASCII text, with CRLF line terminators
Size
699 B (699 bytes)
Hash
70e2a5d4745300aed2bfccf31551eb7f
c913b11b1f043706b73941110c33543f3c942cfb
f33896366d0d98962fd3e5b79963449dd3c1c3ea48e617e5b6d6bdb46e0c7022

HTTP Headers

GET /css/payments.css HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
content-type: text/css
content-length: 699
last-modified: Tue, 24 Jan 2023 12:10:32 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Thu, 26 Jan 2023 23:37:59 GMT
etag: "70e2a5d4745300aed2bfccf31551eb7f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: VYkK_L-zcxWc8MIvzSbCDmwZQTDj_Yco7RtzdM-RFeYOWTxp-MT9Zg==
age: 12
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2ebcc7cd4c50e87a984668828c1e612e
f693d36335f333e3647f9fb2460e34dd73e17421
27f1d63422ccd02a6af514c2c0a36ac6f4e0d6f74ad6d9fc8c32e8ea487ffe15

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 23:37:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

my.rtmark.net/p.js?f=sync&lr=1&partner=8e97412bbf131fc32a987c97dde0d541fb4fd37a10ecec825f7a91e7042f6f9f

139.45.195.8

200 OK

697 B

URL HTTP/2
my.rtmark.net/p.js?f=sync&lr=1&partner=8e97412bbf131fc32a987c97dde0d541fb4fd37a10ecec825f7a91e7042f6f9f
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
ASCII text
Size
697 B (697 bytes)
Hash
5d4584e4549c2c67b3b1014412127d86
878b05105062900e6df717dba698aab39b9476d8
383fd07eb50f0e9605a08083c372046f06511da2037d6dd5c0301bb8478ec55b

HTTP Headers

GET /p.js?f=sync&lr=1&partner=8e97412bbf131fc32a987c97dde0d541fb4fd37a10ecec825f7a91e7042f6f9f HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 23:37:59 GMT
content-type: text/javascript
content-length: 697
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2ebcc7cd4c50e87a984668828c1e612e
f693d36335f333e3647f9fb2460e34dd73e17421
27f1d63422ccd02a6af514c2c0a36ac6f4e0d6f74ad6d9fc8c32e8ea487ffe15

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 23:37:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
82e3abc4a7b17efedca67cf215f4bb60
e20e55d87591af7db3a4bcfc429048f85e389b85
df8901d4d87686fb11e17986f5d53cf513f675b4dd71f0a2e35c7ffbefa7fb9e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 23:37:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9002
Expires: Fri, 27 Jan 2023 02:08:01 GMT
Date: Thu, 26 Jan 2023 23:37:59 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9002
Expires: Fri, 27 Jan 2023 02:08:01 GMT
Date: Thu, 26 Jan 2023 23:37:59 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9002
Expires: Fri, 27 Jan 2023 02:08:01 GMT
Date: Thu, 26 Jan 2023 23:37:59 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9002
Expires: Fri, 27 Jan 2023 02:08:01 GMT
Date: Thu, 26 Jan 2023 23:37:59 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11568 bytes)
Hash
b7a0759c043594fbe85af422b59b8227
a05cfaad16078f42218dae233da38f6f5dff8487
e898d6ef1b3998fb9322a8fc190069ec5f7b3582bfe8397a2367497d84a27549

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11568
x-amzn-requestid: 79b70f1f-a157-4dd4-8743-825714195b3c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e9T3UGA3oAMFSlQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c86695-36e60aba09c152c73b8aefcb;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 21:37:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: zt4bgV2C6Wb_Ufa5mZ7-UDTfCvhXJggPJw9668v5DEmyBnWZ-aNrCg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 23:01:22 GMT
age: 2197
etag: "a05cfaad16078f42218dae233da38f6f5dff8487"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5623b111-3a93-4843-8a40-550089a3d3eb.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.8 kB (7804 bytes)
Hash
a5de6b54196befa95e9291a051c645d0
e3100707a4e9b1d5c30223d31f58cd6ee8ad010b
5bcc3dd7011df4e17d7ef86d892fedeca14b0d0eabbe782fecf35c9a82b25e40

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5623b111-3a93-4843-8a40-550089a3d3eb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7804
x-amzn-requestid: 4cd6ed50-202c-4e57-94db-cc6585dca5b1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fLQWuH20oAMFxzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cdfa91-05441777646d154650c97512;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 03:10:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: D6nD7sD6FQavjUir9rxJlh9U2reSno5qNQ0qQdG4iS6hscVfSHdBCQ==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 22:01:13 GMT
age: 5806
etag: "e3100707a4e9b1d5c30223d31f58cd6ee8ad010b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23169a26-33f3-4f92-9612-02bf2555d37c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.3 kB (5263 bytes)
Hash
7d2506ac511dfbea29e29ab14ba10f85
b2e2972ffa82b103c62ffde0fca99454e12d95e6
fbe6f833114208d84033ba691a74da18d641e38f0f327c752333a339f1baae34

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23169a26-33f3-4f92-9612-02bf2555d37c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5263
x-amzn-requestid: ea2f25ff-f62a-4850-a9d1-72f26d817faf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fLzOkGtWoAMFV0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ce325d-39e5ed054ead447d3cedf047;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 07:08:13 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: BcMB1y0etnIGvZr54EllkdEOlahZGTjgrw2-3FYu3WET2f5lDLV1dw==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 21:24:02 GMT
age: 8037
etag: "b2e2972ffa82b103c62ffde0fca99454e12d95e6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47dfbf8f-d762-4550-83d7-2992a8c8fe66.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12508 bytes)
Hash
bad60daf652c598a06510ff955137b69
235bf4642e726bb6a303fe1b69238e2e973414cb
d655c5ac17274a30a89c31674e14dc9c1b6bc39bfff94db1c9ff0d8006bb673b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47dfbf8f-d762-4550-83d7-2992a8c8fe66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12508
x-amzn-requestid: 68787c38-72fe-4d8a-9521-aeb9efa56b05
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fBYWyGIHoAMF-LQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ca075e-1ee9488d2dd0437728beac94;Sampled=0
x-amzn-remapped-date: Fri, 20 Jan 2023 03:15:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 2RZzMCqjRpKbm-g_6vAq1YV4LQ5RAB9HrkKCQx_ah4C6PnAzHZpKCg==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 18:49:04 GMT
age: 17335
etag: "235bf4642e726bb6a303fe1b69238e2e973414cb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd33883a9-7857-4110-892f-73f67db692bc.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.5 kB (9482 bytes)
Hash
a85badd84c0542610b94f22c4f265511
5b490095b5e02d9fef4b762888353998b645dfc9
23d6d9848caf36f0556438c371f112b40dcbf9b08b8b27bd37d4d73960c701c1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd33883a9-7857-4110-892f-73f67db692bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9482
x-amzn-requestid: 825c5e6b-8fda-445e-9ed3-f5d634943c00
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fIZd0HqkIAMFn7g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ccd5f1-2b31fe3001a1b04a406ff7ff;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 06:21:37 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: i5KrM3iFZQcfmxq0qPhIUYRIqfWbEF8k9qmZAq8Fq_MTRX34HKiU8w==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 05:18:54 GMT
age: 65945
etag: "5b490095b5e02d9fef4b762888353998b645dfc9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbccadbe9-ae35-4a03-bf17-9342e0629c81.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.3 kB (4272 bytes)
Hash
6e96f3ea585b5fa8ed6446ed16e2b4b2
f90c205f370a2426dffe3c21b24bfa551b385556
6967ba25887f87200fcb39a3e6f065fd27596b2ebcf0d33a2751c655d6e724f2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbccadbe9-ae35-4a03-bf17-9342e0629c81.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4272
x-amzn-requestid: e051c22b-c2ec-4e59-b29b-ba1464d8015b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fRz28G13oAMFeeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d099c5-48b013ff34b9702a6d2fd560;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 02:53:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: X4SfAYS0JvW4sUNqSuBERNBwaI_xgKugxZ76_fsih_LSnImMC7Pnzg==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 12:54:20 GMT
age: 38619
etag: "f90c205f370a2426dffe3c21b24bfa551b385556"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto:100,200,300,400,500,600,700,800,900&display=swap

142.250.74.106

200 OK

73 kB

URL HTTP/2
fonts.googleapis.com/css?family=Roboto:100,200,300,400,500,600,700,800,900&display=swap
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
data
Size
73 kB (72964 bytes)
Hash
405a1d66352c50de55d265f304aa76e6
d3be29500271c6568e03b7eb76283bc5249af75c
e6feb798bf5c654da313af9b70c5332e055627355ac51b4fa1c6b30bc550d212

HTTP Headers

GET /css?family=Roboto:100,200,300,400,500,600,700,800,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 26 Jan 2023 23:37:59 GMT
date: Thu, 26 Jan 2023 23:37:59 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

cdnstatic.cyber.bet/css/global.css

54.230.111.100

200 OK

4.7 kB

URL HTTP/2
cdnstatic.cyber.bet/css/global.css
IP
54.230.111.100:0
ASN
#16509 AMAZON-02

File type
ASCII text, with CRLF line terminators
Size
4.7 kB (4746 bytes)
Hash
1d710fedcd0ddfd6744b7011d3261d07
884abf5c059be6ddcdd9067c24c55f744d6df31f
47db4a55aeef076b5cc2c69bb230028feb69a8575b5a9651a1fa79e51990edb9

HTTP Headers

GET /css/global.css HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
content-type: text/css
content-length: 4746
vary: Accept-Encoding
date: Thu, 26 Jan 2023 23:38:00 GMT
last-modified: Tue, 24 Jan 2023 12:10:32 GMT
etag: "1d710fedcd0ddfd6744b7011d3261d07"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: m0mqdJJbRbO49QJiEZ1SViDtinV-qAFBBp3tvY5ikt2jvi7K-MhW1Q==
cache-control: no-store, no-cache, must-revalidate
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
82e3abc4a7b17efedca67cf215f4bb60
e20e55d87591af7db3a4bcfc429048f85e389b85
df8901d4d87686fb11e17986f5d53cf513f675b4dd71f0a2e35c7ffbefa7fb9e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 23:37:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cyber.bet/land/casino_red_pbn868/img/bg.jpg

172.66.40.100

200 OK

85 kB

URL HTTP/2
cyber.bet/land/casino_red_pbn868/img/bg.jpg
IP
172.66.40.100:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x939, components 3\012- data
Size
85 kB (84557 bytes)
Hash
98ba8ffcbd9e5560948fced0272a2f75
64d51f93a51c26638a66468801643e9edd8935c8
c2635b22ca2e9b3d82330a2bc4c6688f2e0a8901f12baaaa321182cb0bba2912

HTTP Headers

GET /land/casino_red_pbn868/img/bg.jpg HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_red_pbn868/css/style.css?v=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:37:59 GMT
content-type: image/jpeg
content-length: 84557
cf-bgj: h2pri
etag: "63502f95-14a4d"
last-modified: Wed, 19 Oct 2022 17:10:45 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4741
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Yep9D0eHwnI7hrMZ%2FNgG1engPkEjInvNIibTZ4%2FsCmFURfHLwm6u4zoe9Q92XoypmoWzfeydosHfOWRWzTZwd0s9joRa0cpqSoc9jNkpEbN1P56ZA5yC7n5%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fd1461984eb4eb-OSL
X-Firefox-Spdy: h2

cyber.bet/land/casino_red_pbn868/img/input.png

172.66.40.100

200 OK

10 kB

URL HTTP/2
cyber.bet/land/casino_red_pbn868/img/input.png
IP
172.66.40.100:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 684 x 134, 8-bit/color RGBA, non-interlaced\012- data
Size
10 kB (10123 bytes)
Hash
029eb00d46a95ea9be209224c3d913db
6437f53a0ac6d920ce054424e379bc4035890d9f
2edf7d5caba07cf65cf390191d6e21b25a0510b09ea2809df2630515e7bccb7f

HTTP Headers

GET /land/casino_red_pbn868/img/input.png HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_red_pbn868/css/form.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:37:59 GMT
content-type: image/png
content-length: 10123
last-modified: Wed, 19 Oct 2022 17:10:45 GMT
etag: "63502f95-278b"
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4741
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZuYeUDeZjeM6TkdlMU2bVL4xNvaR7vasGZwUtftt72c40vxqVF3qHetx%2F4VlQjvFdYVITRTL5iWg0h0VeXpWQ7Zx7e1JnSvC%2FI1dHH6zx6H8ErMqzFggB9cNrA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fd1461a85ab4eb-OSL
X-Firefox-Spdy: h2

cyber.bet/land/casino_red_pbn868/img/left.png

172.66.40.100

200 OK

110 kB

URL HTTP/2
cyber.bet/land/casino_red_pbn868/img/left.png
IP
172.66.40.100:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 989 x 972, 8-bit colormap, non-interlaced\012- data
Size
110 kB (110461 bytes)
Hash
d6890ff06451abd5164dad583ab8383c
0391a449f196bf9ad13d577c5f390d2767ccd182
60c8d0be6f5252f41ebf504c5c4597fd460f31bd2b695884f69cc789168821cb

HTTP Headers

GET /land/casino_red_pbn868/img/left.png HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_red_pbn868/css/style.css?v=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:37:59 GMT
content-type: image/png
content-length: 110461
last-modified: Wed, 19 Oct 2022 17:10:45 GMT
etag: "63502f95-1af7d"
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3230
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uEtHwFmPSNzb6M%2B9miuON5F80qrXRvK18g%2BpL8E5rNdQx7uREQJpgXNjMnLOrgnZjGR991cp%2FpCTiK4RyGJK7eAstk%2F0P3tf6VITHq62SbjsskfWj4TKiUfO3A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fd14619850b4eb-OSL
X-Firefox-Spdy: h2

cyber.bet/land/casino_red_pbn868/img/right.png

172.66.40.100

200 OK

121 kB

URL HTTP/2
cyber.bet/land/casino_red_pbn868/img/right.png
IP
172.66.40.100:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 1122 x 1045, 8-bit colormap, non-interlaced\012- data
Size
121 kB (121073 bytes)
Hash
1259004f61333ce5779efb3823458094
cc58a5562320e0dd696765532a5a910c51a6eee1
3b65805319f0f56c6ada3b09a76162b8293682d2e5a0fb2ba00a395dadbf36fc

HTTP Headers

GET /land/casino_red_pbn868/img/right.png HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_red_pbn868/css/style.css?v=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:37:59 GMT
content-type: image/png
content-length: 121073
last-modified: Wed, 19 Oct 2022 17:10:45 GMT
etag: "63502f95-1d8f1"
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3230
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4dwFc3hUEJv1iwXPDpu4Ty5ELywMNSDdYVVOdaZ3I5b5HOIiOqyRFXvlqstLI41dcODvY2iYt0CRWx1QzTECw9r%2F6NSMA8z42Dwe%2FNU9IInzH0wEw4C0mQ7%2Bag%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fd1461a856b4eb-OSL
X-Firefox-Spdy: h2

cyber.bet/land/casino_red_pbn868/img/promo.png

172.66.40.100

200 OK

13 kB

URL HTTP/2
cyber.bet/land/casino_red_pbn868/img/promo.png
IP
172.66.40.100:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 684 x 134, 8-bit/color RGBA, non-interlaced\012- data
Size
13 kB (13216 bytes)
Hash
5798187ffb0edc7c4525a1415d9e03db
240b77c6c3c8c2a75d133c14907805d85def5588
93a1d190fd9a50423a0f7518a9147a2ef4cf969478056c6001c1124a0a1fe830

HTTP Headers

GET /land/casino_red_pbn868/img/promo.png HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_red_pbn868/css/form.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:37:59 GMT
content-type: image/png
content-length: 13216
last-modified: Wed, 19 Oct 2022 17:10:45 GMT
etag: "63502f95-33a0"
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4741
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UTt0B3txYOqsmoY5o5s%2BKE4dsRK0NDgsZNA4zUVYmnaRigifPdlYh4BOKiCbPkVHTCIXqw3w9AnjFFb38oTuwqPyS%2FYmebiY%2Fak8MelSM8edqwKy4c4Kpsg8PQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fd1461a861b4eb-OSL
X-Firefox-Spdy: h2

cdnstatic.cyber.bet/js/global.js

54.230.111.100

200 OK

71 kB

URL HTTP/2
cdnstatic.cyber.bet/js/global.js
IP
54.230.111.100:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text, with very long lines (5000), with CRLF line terminators
Size
71 kB (70834 bytes)
Hash
8943965f22a29b6f800a98e0eaed584f
1cfa4c3d79808cce1785967a637819b88a9d11f5
3655c70a4699f50b8ffedcba2985671c7c8788b6a73e665e45515e6b8e69e3db

HTTP Headers

GET /js/global.js HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
content-type: application/javascript
content-length: 70834
vary: Accept-Encoding
date: Thu, 26 Jan 2023 23:38:00 GMT
last-modified: Tue, 24 Jan 2023 12:10:35 GMT
etag: "8943965f22a29b6f800a98e0eaed584f"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: oriap_1t1hr5ntzeOFw664WR6XnQw5G6B1dRGI_cCNdBUpJk5qynOA==
cache-control: no-store, no-cache, must-revalidate
X-Firefox-Spdy: h2

cyber.bet/land/casino_red_pbn868/img/cb_picked.png

172.66.40.100

200 OK

3.2 kB

URL HTTP/2
cyber.bet/land/casino_red_pbn868/img/cb_picked.png
IP
172.66.40.100:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 82 x 80, 8-bit/color RGBA, non-interlaced\012- data
Size
3.2 kB (3193 bytes)
Hash
774fc89cb9c8f999121c719e5f9f29df
d7d8ce07db925dc13908ea8c2c587fbb597c9eef
b1dd144f891842f0c1f19fff5c6ee14e4ab6ae491c7cac4aa2c2d7f156885bcb

HTTP Headers

GET /land/casino_red_pbn868/img/cb_picked.png HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_red_pbn868/css/form.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:37:59 GMT
content-type: image/png
content-length: 3193
last-modified: Wed, 19 Oct 2022 17:10:45 GMT
etag: "63502f95-c79"
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4741
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=niZJXsojKK0f2iWhm5%2FjKu49te%2BiaqTFn7cQV0oO%2FguQV7X8ehnbGdpxS2IPA4cuh2mLf4is2y5qJVkWL0J2i6%2Fo9WDnB0f%2BXoTqYZkIdpbLEW%2BFQS%2BQ6KQyUA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fd1461b873b4eb-OSL
X-Firefox-Spdy: h2

cyber.bet/land/casino_red_pbn868/img/cta.png

172.66.40.100

200 OK

99 kB

URL HTTP/2
cyber.bet/land/casino_red_pbn868/img/cta.png
IP
172.66.40.100:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 1076 x 266, 8-bit/color RGBA, non-interlaced\012- data
Size
99 kB (98590 bytes)
Hash
6af15da4b150dd671aa73c54a5d000b2
1292d7e77d7ea538594b8f43527c1464a73e3ac6
383559b3e7496fbf5f0d7ebf89bb9fd90e149fee99bca2a0007224fed63ca51b

HTTP Headers

GET /land/casino_red_pbn868/img/cta.png HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_red_pbn868/css/form.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:37:59 GMT
content-type: image/png
content-length: 98590
last-modified: Wed, 19 Oct 2022 17:10:45 GMT
etag: "63502f95-1811e"
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4741
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BQehg4kpRm%2FurMEIF6QfFKzpyhHtATgE%2B%2BQkl%2FisYHdBY5T%2FCRYUK3%2FiXaUp52cfgXfy28MBBHwqRzLwU2xwMXAQb3LjWa0sacsnNDWvWsyBjzsE35UbEqCJRA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fd1461d882b4eb-OSL
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
c5c753e9f57be16e80f9d89df98d1818
9d4a172cc16beb64439ed3600377baad217be967
b00339d8e7490d7140522fdde843e0b168d3e19a624665dbd516da0425f32655

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "B00339D8E7490D7140522FDDE843E0B168D3E19A624665DBD516DA0425F32655"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3866
Expires: Fri, 27 Jan 2023 00:42:25 GMT
Date: Thu, 26 Jan 2023 23:37:59 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d9bf2793558044193d7e5d27708a9144
5a8f73462cfda6544cc3efe488854c3cd80bb0a7
e1db5ce5f130aa6d6a1bf18da60fee5c6bb76625a26aef0fee67702e7209ef7e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 23:37:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d9bf2793558044193d7e5d27708a9144
5a8f73462cfda6544cc3efe488854c3cd80bb0a7
e1db5ce5f130aa6d6a1bf18da60fee5c6bb76625a26aef0fee67702e7209ef7e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 23:37:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cyber.bet/land/casino_red_pbn868/css/common.css

172.66.40.100

200 OK

1.1 kB

URL HTTP/2
cyber.bet/land/casino_red_pbn868/css/common.css
IP
172.66.40.100:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (1985), with no line terminators
Size
1.1 kB (1140 bytes)
Hash
7e09ea33c7fda42db32e0ced9feb3073
0da1de2c2eab69a7a59a65605b82d55de775b2ba
91a5b9ccd16192fdc7899a01affd2e8d08586312b4c7767d376197b8f760269d

HTTP Headers

GET /land/casino_red_pbn868/css/common.css HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_red_pbn868/?cid=63d30ed64ea1cd00010fa3d7&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_casino&promocode=CYBERMAXCAS&subid2=&subid3=&aff_bnnr=&aff_land=1666276955
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:37:58 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=2676
etag: W/"63502f95-a74"
last-modified: Wed, 19 Oct 2022 17:10:45 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4740
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GD7UerqB0wHU2%2BQ8yOkMzPC8VT%2FtPGAfAt2VqtT3ENJRe6NS5m6B3yxeUvmOgBiHWjMvRBazrnV8vhQB0YyZLlWjqEwKgpicgxmGNvDPRsv9GZQX3etqDRWxgA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fd145f6eaeb4eb-OSL
content-encoding: br
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d9bf2793558044193d7e5d27708a9144
5a8f73462cfda6544cc3efe488854c3cd80bb0a7
e1db5ce5f130aa6d6a1bf18da60fee5c6bb76625a26aef0fee67702e7209ef7e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 23:37:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cyber.bet/land/casino_red_pbn868/img/logo.svg

172.66.40.100

200 OK

1.8 kB

URL HTTP/2
cyber.bet/land/casino_red_pbn868/img/logo.svg
IP
172.66.40.100:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1777), with CRLF line terminators
Size
1.8 kB (1823 bytes)
Hash
61dc6fe3d6df31c5acb08905b7d154f0
262b74440f89cc431c881fef72e71bc20bdaa5e2
8f35d99924dd4fd67a4eaba92f204fa2280273d1b33b0c60a4facdf3c645c3ba

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /land/casino_red_pbn868/img/logo.svg HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_red_pbn868/css/common.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:37:59 GMT
content-type: image/svg+xml
last-modified: Wed, 19 Oct 2022 17:10:45 GMT
etag: W/"63502f95-b67"
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4741
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mlWm%2B44SMWr0PvOHutLkURh%2F4NEfhclONpyil8IFPQEp9eU219Myl%2BRODq4BwFZTk9%2BazxsBr3NteA1g5ihLwslJrSHxlOqzT8e5ONaGtx5VUqXfMnYzxqdhDA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fd1461a857b4eb-OSL
content-encoding: br
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.35

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cyber.bet
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 19:33:54 GMT
expires: Thu, 25 Jan 2024 19:33:54 GMT
cache-control: public, max-age=31536000
age: 101045
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

my.rtmark.net/p.js?f=sync&lr=1&partner=ba0d5680aec92ed9c5c9da2be8d0e8a3a577866b71c7089a32ed732bc1246910

139.45.195.8

200 OK

697 B

URL HTTP/2
my.rtmark.net/p.js?f=sync&lr=1&partner=ba0d5680aec92ed9c5c9da2be8d0e8a3a577866b71c7089a32ed732bc1246910
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
ASCII text
Size
697 B (697 bytes)
Hash
bb07e31c2c066db5c4b3259d1f69a442
db79e9d4a817ce703b11b65faf2ba097228063b2
d96b7a3f7fe0803348c6ea7cd2f02b2a3d96feabac2339d2f89033336f6583a8

HTTP Headers

GET /p.js?f=sync&lr=1&partner=ba0d5680aec92ed9c5c9da2be8d0e8a3a577866b71c7089a32ed732bc1246910 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 23:37:59 GMT
content-type: text/javascript
content-length: 697
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

142.250.74.35

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15752, version 1.0\012- data
Size
16 kB (15752 bytes)
Hash
b20371a6daf29d4a1f2e85dbbf40fb20
0355a01c1ccb45cb728e7e07c41c8ebf456f70bb
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cyber.bet
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15752
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 20 Jan 2023 01:49:59 GMT
expires: Sat, 20 Jan 2024 01:49:59 GMT
cache-control: public, max-age=31536000
age: 596880
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

142.250.74.35

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cyber.bet
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 24 Jan 2023 13:09:06 GMT
expires: Wed, 24 Jan 2024 13:09:06 GMT
cache-control: public, max-age=31536000
age: 210533
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

142.250.74.35

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Size
16 kB (15920 bytes)
Hash
3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cyber.bet
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 07:51:59 GMT
expires: Thu, 25 Jan 2024 07:51:59 GMT
cache-control: public, max-age=31536000
age: 143160
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

cdnstatic.cyber.bet/js/fp.js

54.230.111.100

200 OK

533 B

URL HTTP/2
cdnstatic.cyber.bet/js/fp.js
IP
54.230.111.100:0
ASN
#16509 AMAZON-02

File type
ASCII text, with CRLF line terminators
Size
533 B (533 bytes)
Hash
d1abfbe2c5b50e7f427e41c79197dcd3
01f6142a97168fd15da33334c35ce351d676ed08
7266855231eab7a13a11e53e9df50e1c84582649d9708e9a8f72d62e8af8b569

HTTP Headers

GET /js/fp.js HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 533
last-modified: Tue, 24 Jan 2023 12:10:35 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Thu, 26 Jan 2023 23:37:44 GMT
etag: "d1abfbe2c5b50e7f427e41c79197dcd3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 52yDdlZKaGCUmpMgicF6dwGJ22KL9ZqzLJo3LQewPDY4nREF70M-7A==
age: 18
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ab1f619b339f20e3cf015bbd0852bfc4
fe6276a4b15d53fa73c9f3d10917f7b5f7f78a3e
a76a0883d555c365d4f52b7445fd0c051512d0a920c065e265cf0e59c8370498

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A76A0883D555C365D4F52B7445FD0C051512D0A920C065E265CF0E59C8370498"
Last-Modified: Tue, 24 Jan 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7850
Expires: Fri, 27 Jan 2023 01:48:49 GMT
Date: Thu, 26 Jan 2023 23:37:59 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d9bf2793558044193d7e5d27708a9144
5a8f73462cfda6544cc3efe488854c3cd80bb0a7
e1db5ce5f130aa6d6a1bf18da60fee5c6bb76625a26aef0fee67702e7209ef7e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 23:37:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdnstatic.cyber.bet/js/geoMapping.js

54.230.111.100

200 OK

443 B

URL HTTP/2
cdnstatic.cyber.bet/js/geoMapping.js
IP
54.230.111.100:0
ASN
#16509 AMAZON-02

File type
ASCII text, with CRLF line terminators
Size
443 B (443 bytes)
Hash
2f6043a16c26cde9a190dbb829b5519c
791479cfced1a000ef6411990f1c4bba615b6b4c
f9dfb0c2f94be90f2cdeb66286b36cdeb5d8fb0fbb9f28b1e1d3d99a3780306a

HTTP Headers

GET /js/geoMapping.js HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1674776279.1.0.1674776279.60.0.0; _ga=GA1.1.921309120.1674776279
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 443
last-modified: Tue, 24 Jan 2023 12:10:35 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Thu, 26 Jan 2023 23:37:10 GMT
etag: "2f6043a16c26cde9a190dbb829b5519c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Pe5go4EcEidlh5U2L7rXocKqE7qlNePPdW742Lgs-yTA8UVub8TwxA==
age: 53
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/@fingerprintjs/fingerprintjs@3/dist/fp.min.js

151.101.65.229

200 OK

14 kB

URL HTTP/2
cdn.jsdelivr.net/npm/@fingerprintjs/fingerprintjs@3/dist/fp.min.js
IP
151.101.65.229:0
ASN
#54113 FASTLY

File type
Unicode text, UTF-8 text, with very long lines (34150)
Size
14 kB (14453 bytes)
Hash
992ef8564e775838114b9722cfaca166
d695319ec9e83f5a2ed894ecff5e7497f0bb9fa7
974c0527a326c8a38b0a5475d5a9d159e3a1a4a4a0688888d9d525b74ebc3930

HTTP Headers

GET /npm/@fingerprintjs/fingerprintjs@3/dist/fp.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 3.4.0
x-jsd-version-type: version
etag: W/"86b4-0dT4vbRAvda9ZROiHYU1ptjFWSM"
content-encoding: gzip
accept-ranges: bytes
date: Thu, 26 Jan 2023 23:37:59 GMT
age: 32539
x-served-by: cache-fra-eddf8230075-FRA, cache-bma1648-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 14453
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6c8342bd4fcc0db7060b187118f686de
7f2a458bd4b51bef290206cfcef7989190885334
5e504c57fc750b802d5706b163f50b9bd853de71bd77414f06612c1100c82223

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5E504C57FC750B802D5706B163F50B9BD853DE71BD77414F06612C1100C82223"
Last-Modified: Thu, 26 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6042
Expires: Fri, 27 Jan 2023 01:18:41 GMT
Date: Thu, 26 Jan 2023 23:37:59 GMT
Connection: keep-alive

ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4

104.18.20.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1462 bytes)
Hash
3e77ae320e165f5d95ceb2c8c9a34a1b
6ab085926ff3001bdcbdcf0a5e2ebc00261f244c
1c49aca6f49a4a7f3ffa376b6daac8e9610c14735754f63a8e9f25a1ebc2429c

HTTP Headers

POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 23:37:59 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "1F968C5AE9318D9AA61B735B12F0409BCC827A6C"
Expires: Fri, 27 Jan 2023 10:00:00 GMT
Last-Modified: Thu, 26 Jan 2023 22:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 3435
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78fd1463ed7ab500-OSL

notix.io/ent/current/enot.min.js

139.45.240.92

200 OK

43 kB

URL HTTP/2
notix.io/ent/current/enot.min.js
IP
139.45.240.92:0
ASN
#9002 RETN Limited

File type
ASCII text, with very long lines (65536), with no line terminators
Size
43 kB (43235 bytes)
Hash
7617b4607a99d793bbc68015674baa9a
264e16f829e53469168b38966789b3b1d78f0359
fc7026a10d6c9834ddec96a97bbdf04fa0fac28a084fbc8a6835e36ee4f4bbe2

HTTP Headers

GET /ent/current/enot.min.js HTTP/1.1
Host: notix.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 23:37:51 GMT
content-type: application/javascript
last-modified: Mon, 23 Jan 2023 08:06:44 GMT
etag: W/"63ce4014-1324f"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

scripts.prdredir.com/safeframe

172.64.135.33

200 OK

3.7 kB

URL HTTP/2
scripts.prdredir.com/safeframe
IP
172.64.135.33:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
3.7 kB (3672 bytes)
Hash
a3ba29b469f0f0f7c7e9a3f62da06e21
9d8fa9f4fe308da30907c7443bc9506371f80250
8e0fc1225febcbbf7df5a169ff026318dab145e5bdee23c6b0dc57b606170a2b

HTTP Headers

GET /safeframe HTTP/1.1
Host: scripts.prdredir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:37:59 GMT
content-type: text/html; charset=utf-8
status: 200 OK
cache-control: no-cache
referrer-policy: strict-origin-when-cross-origin
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 7d26935d-d2df-4fd3-9dbf-d902f9467348
x-download-options: noopen
x-runtime: 0.002384
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LITIIpdkkPKYnxowRoKbtdEvTeq8%2BgNBz7ErLdPjs2wqOK57xVzgTqaYuXHXQKDuk%2FawlfMXVHkcOVKn7Qf8jdkOrSCYp%2BHisIaZqoSs8FNelcTAEgds7D1qxW687hdlZc1%2FObiNjw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78fd14629cc1f3f3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

notix.io/event

139.45.240.92

200 OK

0 B

URL HTTP/2
notix.io/event
IP
139.45.240.92:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /event HTTP/1.1
Host: notix.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://cyber.bet/
Origin: https://cyber.bet
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 23:37:52 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://cyber.bet
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2

my.rtmark.net/img.gif?f=sync&partner=8e97412bbf131fc32a987c97dde0d541fb4fd37a10ecec825f7a91e7042f6f9f&ttl=&rurl=https%3A%2F%2Fcyber.bet%2Fland%2Fcasino_red_pbn868%2F%3Fcid%3D63d30ed64ea1cd00010fa3d7%26pid%3D8425%26subid1%3D%26affs%3D1%26sid%3Daffs%26utm_medium%3Drevshare%26utm_source%3Daffise%26utm_campaign%3D53_casino%26promocode%3DCYBERMAXCAS%26subid2%3D%26subid3%3D%26aff_bnnr%3D%26aff_land%3D1666276955

139.45.195.8

200 OK

43 B

URL HTTP/2
my.rtmark.net/img.gif?f=sync&partner=8e97412bbf131fc32a987c97dde0d541fb4fd37a10ecec825f7a91e7042f6f9f&ttl=&rurl=https%3A%2F%2Fcyber.bet%2Fland%2Fcasino_red_pbn868%2F%3Fcid%3D63d30ed64ea1cd00010fa3d7%26pid%3D8425%26subid1%3D%26affs%3D1%26sid%3Daffs%26utm_medium%3Drevshare%26utm_source%3Daffise%26utm_campaign%3D53_casino%26promocode%3DCYBERMAXCAS%26subid2%3D%26subid3%3D%26aff_bnnr%3D%26aff_land%3D1666276955
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

HTTP Headers

GET /img.gif?f=sync&partner=8e97412bbf131fc32a987c97dde0d541fb4fd37a10ecec825f7a91e7042f6f9f&ttl=&rurl=https%3A%2F%2Fcyber.bet%2Fland%2Fcasino_red_pbn868%2F%3Fcid%3D63d30ed64ea1cd00010fa3d7%26pid%3D8425%26subid1%3D%26affs%3D1%26sid%3Daffs%26utm_medium%3Drevshare%26utm_source%3Daffise%26utm_campaign%3D53_casino%26promocode%3DCYBERMAXCAS%26subid2%3D%26subid3%3D%26aff_bnnr%3D%26aff_land%3D1666276955 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 23:37:59 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=8a8131482f5b45998a1525161bab631a; expires=Fri, 26 Jan 2024 23:37:59 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

notix.io/event

139.45.240.92

200 OK

0 B

URL HTTP/2
notix.io/event
IP
139.45.240.92:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /event HTTP/1.1
Host: notix.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://cyber.bet/
Origin: https://cyber.bet
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 23:37:52 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://cyber.bet
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2

notix.io/event

139.45.240.92

200 OK

0 B

URL HTTP/2
notix.io/event
IP
139.45.240.92:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /event HTTP/1.1
Host: notix.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://cyber.bet/
Origin: https://cyber.bet
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 23:37:52 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://cyber.bet
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8FYNJV02NV&cid=921309120.1674776279&gtm=2oe1p0&aip=1&z=570659833

142.250.74.163

200 OK

42 B

URL HTTP/2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8FYNJV02NV&cid=921309120.1674776279&gtm=2oe1p0&aip=1&z=570659833
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8FYNJV02NV&cid=921309120.1674776279&gtm=2oe1p0&aip=1&z=570659833 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 26 Jan 2023 23:37:59 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

notix.io/event

139.45.240.92

200 OK

15 B

URL HTTP/2
notix.io/event
IP
139.45.240.92:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text, with no line terminators
Size
15 B (15 bytes)
Hash
28ec1eee5f4049e3c4f2135069c1d2c8
3505519507ca1c2a089c46e100b80408ca278421
edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b

HTTP Headers

POST /event HTTP/1.1
Host: notix.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 63
Origin: https://cyber.bet
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 23:37:52 GMT
content-type: application/json; charset=utf-8
content-length: 15
access-control-allow-origin: https://cyber.bet
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

notix.io/event

139.45.240.92

200 OK

15 B

URL HTTP/2
notix.io/event
IP
139.45.240.92:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text, with no line terminators
Size
15 B (15 bytes)
Hash
28ec1eee5f4049e3c4f2135069c1d2c8
3505519507ca1c2a089c46e100b80408ca278421
edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b

HTTP Headers

POST /event HTTP/1.1
Host: notix.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 80
Origin: https://cyber.bet
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 23:37:52 GMT
content-type: application/json; charset=utf-8
content-length: 15
access-control-allow-origin: https://cyber.bet
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

notix.io/event

139.45.240.92

200 OK

15 B

URL HTTP/2
notix.io/event
IP
139.45.240.92:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text, with no line terminators
Size
15 B (15 bytes)
Hash
28ec1eee5f4049e3c4f2135069c1d2c8
3505519507ca1c2a089c46e100b80408ca278421
edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b

HTTP Headers

POST /event HTTP/1.1
Host: notix.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 1408
Origin: https://cyber.bet
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 23:37:52 GMT
content-type: application/json; charset=utf-8
content-length: 15
access-control-allow-origin: https://cyber.bet
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b3a61265429c61d8343295d26772452c
1364508102e65eeccdf0a50492cf7a6100089334
614b51d326842e8d5d6b2a7661c429bb4d0d7e2f42df3f4fbbb8814fa7172b59

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "614B51D326842E8D5D6B2A7661C429BB4D0D7E2F42DF3F4FBBB8814FA7172B59"
Last-Modified: Thu, 26 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5012
Expires: Fri, 27 Jan 2023 01:01:32 GMT
Date: Thu, 26 Jan 2023 23:38:00 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c8a0d6bc80301700d6fb1d520beb8b49
f33a1a1e491fcd6ca31360b28b092457a2d48f23
ef0535b52ccb717c1200d5974ea8841b92f655234d67ace0e71c1ec7f5fbb3f4

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 23:38:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

my.rtmark.net/img.gif?f=sync&partner=ba0d5680aec92ed9c5c9da2be8d0e8a3a577866b71c7089a32ed732bc1246910&ttl=&rurl=https%3A%2F%2Fcyber.bet%2Fland%2Fcasino_red_pbn868%2F%3Fcid%3D63d30ed64ea1cd00010fa3d7%26pid%3D8425%26subid1%3D%26affs%3D1%26sid%3Daffs%26utm_medium%3Drevshare%26utm_source%3Daffise%26utm_campaign%3D53_casino%26promocode%3DCYBERMAXCAS%26subid2%3D%26subid3%3D%26aff_bnnr%3D%26aff_land%3D1666276955

139.45.195.8

200 OK

43 B

URL HTTP/2
my.rtmark.net/img.gif?f=sync&partner=ba0d5680aec92ed9c5c9da2be8d0e8a3a577866b71c7089a32ed732bc1246910&ttl=&rurl=https%3A%2F%2Fcyber.bet%2Fland%2Fcasino_red_pbn868%2F%3Fcid%3D63d30ed64ea1cd00010fa3d7%26pid%3D8425%26subid1%3D%26affs%3D1%26sid%3Daffs%26utm_medium%3Drevshare%26utm_source%3Daffise%26utm_campaign%3D53_casino%26promocode%3DCYBERMAXCAS%26subid2%3D%26subid3%3D%26aff_bnnr%3D%26aff_land%3D1666276955
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

HTTP Headers

GET /img.gif?f=sync&partner=ba0d5680aec92ed9c5c9da2be8d0e8a3a577866b71c7089a32ed732bc1246910&ttl=&rurl=https%3A%2F%2Fcyber.bet%2Fland%2Fcasino_red_pbn868%2F%3Fcid%3D63d30ed64ea1cd00010fa3d7%26pid%3D8425%26subid1%3D%26affs%3D1%26sid%3Daffs%26utm_medium%3Drevshare%26utm_source%3Daffise%26utm_campaign%3D53_casino%26promocode%3DCYBERMAXCAS%26subid2%3D%26subid3%3D%26aff_bnnr%3D%26aff_land%3D1666276955 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: ID=8a8131482f5b45998a1525161bab631a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 23:38:00 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=8a8131482f5b45998a1525161bab631a; expires=Fri, 26 Jan 2024 23:38:00 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

backend.cyberbet.academy/api/gql/send?ttl=86400

54.246.139.70

200 OK

4 B

URL HTTP/2
backend.cyberbet.academy/api/gql/send?ttl=86400
IP
54.246.139.70:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
5b3abf9c1aa7556c3a36fea4e695c5d2
3fd967d09a748e1f2b26d6fe562e7155aa87e9de
98c4922bb641c65c7a30b7bcafdf230b9b00b6693631c56146ab25b2786ee4a3

HTTP Headers

OPTIONS /api/gql/send?ttl=86400 HTTP/1.1
Host: backend.cyberbet.academy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://cyber.bet/
Origin: https://cyber.bet
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:38:00 GMT
content-type: application/json; charset=utf-8
content-length: 4
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-headers: origin, content-type, accept
etag: W/"4-P9ln0Jp0jh8rJtb+Vi5xVaqH6d4"
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2

backend.cyberbet.academy/api/gql/send?ttl=86400

54.246.139.70

200 OK

1.7 kB

URL HTTP/2
backend.cyberbet.academy/api/gql/send?ttl=86400
IP
54.246.139.70:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (1732), with no line terminators
Size
1.7 kB (1732 bytes)
Hash
7d262be351a12c20d4e65ce60529f9fc
8081b04642d8b42d8af4fe92cf2e496ed15eaca5
a9d1bfc8e3fcf82bc6d372d278866fb7cc002c158e1ed329bd4f94a70a965241

HTTP Headers

POST /api/gql/send?ttl=86400 HTTP/1.1
Host: backend.cyberbet.academy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cyber.bet/
Content-Type: application/json;charset=utf-8
Origin: https://cyber.bet
Content-Length: 359
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:38:00 GMT
content-type: application/json; charset=utf-8
content-length: 1732
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-headers: origin, content-type, accept
etag: W/"6c4-gIGwRkLYtC2K9P6Szy5JbtFerKU"
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1p5/Ixty6-fFKeo

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/Ixty6-fFKeo
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
26fb57737bd90e0f558411eaa55a026c
c9b93dedea9cf70455316c2eca83aa7a2dad5f9f
60afa7214ad6a089e3f56de9c370ee2e634bea291c15c5c08b5abb4eeca6b946

HTTP Headers

POST /s/gts1p5/Ixty6-fFKeo HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 23:38:00 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

region1.analytics.google.com/g/collect?v=2&tid=G-8FYNJV02NV&gtm=2oe1p0&_p=970265425&_gaz=1&cid=921309120.1674776279&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674776279&sct=1&seg=0&dl=https%3A%2F%2Fcyber.bet%2Fland%2Fcasino_red_pbn868%2F%3Fcid%3D63d30ed64ea1cd00010fa3d7%26pid%3D8425%26subid1%3D%26affs%3D1%26sid%3Daffs%26utm_medium%3Drevshare%26utm_source%3Daffise%26utm_campaign%3D53_casino%26promocode%3DCYBERMAXCAS%26subid2%3D%26subid3%3D%26aff_bnnr%3D%26aff_land%3D1666276955&dr=http%3A%2F%2Fww1.yokkasoft.net%2F&dt=Casino%20Games%20on%20Cyber.Bet&en=page_view&_fv=2&_nsi=1&_ss=2&up.ip=&up.anon_id=&up.score_bot=

216.239.34.36

204 No Content

0 B

URL HTTP/2
region1.analytics.google.com/g/collect?v=2&tid=G-8FYNJV02NV&gtm=2oe1p0&_p=970265425&_gaz=1&cid=921309120.1674776279&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674776279&sct=1&seg=0&dl=https%3A%2F%2Fcyber.bet%2Fland%2Fcasino_red_pbn868%2F%3Fcid%3D63d30ed64ea1cd00010fa3d7%26pid%3D8425%26subid1%3D%26affs%3D1%26sid%3Daffs%26utm_medium%3Drevshare%26utm_source%3Daffise%26utm_campaign%3D53_casino%26promocode%3DCYBERMAXCAS%26subid2%3D%26subid3%3D%26aff_bnnr%3D%26aff_land%3D1666276955&dr=http%3A%2F%2Fww1.yokkasoft.net%2F&dt=Casino%20Games%20on%20Cyber.Bet&en=page_view&_fv=2&_nsi=1&_ss=2&up.ip=&up.anon_id=&up.score_bot=
IP
216.239.34.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-8FYNJV02NV&gtm=2oe1p0&_p=970265425&_gaz=1&cid=921309120.1674776279&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674776279&sct=1&seg=0&dl=https%3A%2F%2Fcyber.bet%2Fland%2Fcasino_red_pbn868%2F%3Fcid%3D63d30ed64ea1cd00010fa3d7%26pid%3D8425%26subid1%3D%26affs%3D1%26sid%3Daffs%26utm_medium%3Drevshare%26utm_source%3Daffise%26utm_campaign%3D53_casino%26promocode%3DCYBERMAXCAS%26subid2%3D%26subid3%3D%26aff_bnnr%3D%26aff_land%3D1666276955&dr=http%3A%2F%2Fww1.yokkasoft.net%2F&dt=Casino%20Games%20on%20Cyber.Bet&en=page_view&_fv=2&_nsi=1&_ss=2&up.ip=&up.anon_id=&up.score_bot= HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cyber.bet
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://cyber.bet
date: Thu, 26 Jan 2023 23:38:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
1f4c8e17a668764556ab61c7c31e53c7
ada5ee5917ab9faf3d55a6da1d5bfc3077e42de2
8ac89ed8b6650ea140c2eac1b1dd61f8498e97e278e6bd6debfd803a588e2468

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 23:38:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cyber.bet/land/casino_red_pbn868/favicon.ico

172.66.40.100

200 OK

1.6 kB

URL HTTP/2
cyber.bet/land/casino_red_pbn868/favicon.ico
IP
172.66.40.100:0
ASN
#13335 CLOUDFLARENET

File type
MS Windows icon resource - 3 icons, 48x48, 8 bits/pixel, 32x32, 8 bits/pixel\012- data
Size
1.6 kB (1607 bytes)
Hash
17a799a063ba59bdb49052df98bdbf0f
b4d7962428eb5bcdf840b5324c7fba217887a205
1517466775ffd844bbae0c0ddca9c5360446581544c2667b17a94119c707a665

HTTP Headers

GET /land/casino_red_pbn868/favicon.ico HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_red_pbn868/?cid=63d30ed64ea1cd00010fa3d7&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_casino&promocode=CYBERMAXCAS&subid2=&subid3=&aff_bnnr=&aff_land=1666276955
Cookie: _uc_referrer=http://ww1.yokkasoft.net/; _uc_utm_source=affise; _uc_utm_medium=revshare; _uc_utm_campaign=53_casino; _uc_utm_term=; _uc_utm_content=; __adm_tid=tid-2cfd8c5eb.2be193eea; _ga_8FYNJV02NV=GS1.1.1674776279.1.0.1674776279.60.0.0; _ga=GA1.1.921309120.1674776279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:37:59 GMT
content-type: image/x-icon
last-modified: Wed, 19 Oct 2022 17:10:45 GMT
etag: W/"63502f95-1cee"
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3362
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gmlvgs%2F7XF1nhbL1qSZ8LYo98ke4zXRUOVkrehT1PHOS6EUfEJ6DfcabBsPJWYuSEhWcie2b37Xnw2SiPB7D9B%2B1k55g6XXGn%2B134lQtNvDSZie8Tg%2FuiFHOtg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fd14654ac1b4eb-OSL
content-encoding: br
X-Firefox-Spdy: h2

cdnstatic.cyber.bet/img/input.png

54.230.111.100

200 OK

10 kB

URL HTTP/2
cdnstatic.cyber.bet/img/input.png
IP
54.230.111.100:0
ASN
#16509 AMAZON-02

File type
PNG image data, 684 x 134, 8-bit/color RGBA, non-interlaced\012- data
Size
10 kB (10123 bytes)
Hash
029eb00d46a95ea9be209224c3d913db
6437f53a0ac6d920ce054424e379bc4035890d9f
2edf7d5caba07cf65cf390191d6e21b25a0510b09ea2809df2630515e7bccb7f

HTTP Headers

GET /img/input.png HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdnstatic.cyber.bet/css/global.css
Cookie: _ga_8FYNJV02NV=GS1.1.1674776279.1.0.1674776279.60.0.0; _ga=GA1.2.921309120.1674776279; _gid=GA1.2.1865623238.1674776280; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 10123
last-modified: Thu, 07 Apr 2022 09:30:15 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Thu, 26 Jan 2023 23:37:21 GMT
etag: "029eb00d46a95ea9be209224c3d913db"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: PHFrWVHhGoqYJGWyxFuSYNTNk6nFmQnuT3DcfZWdjjiw4QB0AQpTYA==
age: 50
X-Firefox-Spdy: h2

backend.cyberbet.academy/api/affise/land_promocode?promocode=CYBERMAXCAS

54.246.139.70

200 OK

712 B

URL HTTP/2
backend.cyberbet.academy/api/affise/land_promocode?promocode=CYBERMAXCAS
IP
54.246.139.70:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (710), with no line terminators
Size
712 B (712 bytes)
Hash
cc9dc856478b719988e30efd9922fccb
caa7f35d151bb6293d48255d7e2b6404ab764159
2096f5d36301d0c98e66c6e3dacb312e6674370399b5f6a4ee93ec143d0e665d

HTTP Headers

GET /api/affise/land_promocode?promocode=CYBERMAXCAS HTTP/1.1
Host: backend.cyberbet.academy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cyber.bet/
Origin: https://cyber.bet
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:38:00 GMT
content-type: application/json; charset=utf-8
content-length: 712
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-headers: origin, content-type, accept
etag: W/"2c8-yqfzXRUbtik9SCVdfitkBKt2QVk"
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
1f4c8e17a668764556ab61c7c31e53c7
ada5ee5917ab9faf3d55a6da1d5bfc3077e42de2
8ac89ed8b6650ea140c2eac1b1dd61f8498e97e278e6bd6debfd803a588e2468

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 23:38:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

alexatracker.com/jscode/bQIA.js?sub1=&sub2=&sub3=&sub4=&sub5=&prid=63d30ed64ea1cd00010fa3d7

172.67.204.112

200 OK

0 B

URL HTTP/2
alexatracker.com/jscode/bQIA.js?sub1=&sub2=&sub3=&sub4=&sub5=&prid=63d30ed64ea1cd00010fa3d7
IP
172.67.204.112:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /jscode/bQIA.js?sub1=&sub2=&sub3=&sub4=&sub5=&prid=63d30ed64ea1cd00010fa3d7 HTTP/1.1
Host: alexatracker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:38:00 GMT
content-type: application/json; charset=UTF-8
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
cf-cache-status: BYPASS
set-cookie: trbarid=2ca5edf579c7ba7ff2c4955da03e226d2755e9c25a9fc2c4acca7b62179c24faa%3A2%3A%7Bi%3A0%3Bs%3A7%3A%22trbarid%22%3Bi%3A1%3Bi%3A2628718994136436440%3B%7D; expires=Thu, 30-Jan-2025 23:38:00 GMT; Max-Age=63504000; path=/; secure; HttpOnly; SameSite=None
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G05tqd1m49ASdwRfk0zojEkbmIEdQK55gORg6bAszPuIuaWaSEOMintTt9Tf5mWTYUbHolOLooF%2B8T1TsxwTeLsyG8B%2F9gMaNAs7PYgim1Qzh4iFzo10mhre5LSK%2B5elSSBz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fd14676c721bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnstatic.cyber.bet/css/img/flags.png

54.230.111.100

200 OK

71 kB

URL HTTP/2
cdnstatic.cyber.bet/css/img/flags.png
IP
54.230.111.100:0
ASN
#16509 AMAZON-02

File type
PNG image data, 5652 x 15, 8-bit/color RGBA, non-interlaced\012- data
Size
71 kB (70857 bytes)
Hash
416250f60d785a2e02f17e054d2e4e44
21572c9751e5a3dc20395befa0fcb349c32c4811
0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55

HTTP Headers

GET /css/img/flags.png HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdnstatic.cyber.bet/css/iti/intlTelInput.css
Cookie: _ga_8FYNJV02NV=GS1.1.1674776279.1.0.1674776279.60.0.0; _ga=GA1.2.921309120.1674776279; _gid=GA1.2.1865623238.1674776280; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 70857
last-modified: Fri, 20 Jan 2023 12:33:46 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Thu, 26 Jan 2023 23:38:00 GMT
etag: "416250f60d785a2e02f17e054d2e4e44"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: fSaJ6fSWzWbgr4AOgw5_Pmdz9wdpAS7YhcfXtwZIR7-nset0b1kQHw==
age: 26
X-Firefox-Spdy: h2

static.cyber.bet//wt/ry/aa27642b-8721-4fd0-8c84-c3e841f603b4.svg

172.66.40.100

200 OK

3.5 kB

URL HTTP/2
static.cyber.bet//wt/ry/aa27642b-8721-4fd0-8c84-c3e841f603b4.svg
IP
172.66.40.100:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1498)
Size
3.5 kB (3479 bytes)
Hash
564f30d71caa4f20ef5b194d9561cc14
1c409d040de03336b35593ac305ea5eea3394c32
423e88929ae4b13879234acb4113bcc62a0540451ba536bd86417d569d56188c

HTTP Headers

GET //wt/ry/aa27642b-8721-4fd0-8c84-c3e841f603b4.svg HTTP/1.1
Host: static.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1674776279.1.0.1674776279.60.0.0; _ga=GA1.2.921309120.1674776279; _gid=GA1.2.1865623238.1674776280; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:38:00 GMT
content-type: image/svg+xml
cache-control: public, max-age=31536000
last-modified: Sun, 27 Nov 2022 13:15:26 GMT
x-imgix-id: befd1e5b23a603e2ad9e7e0e220abae092937310
x-imgix-render-farm: 02.552
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10033-SJC, cache-bma1648-BMA
x-cache: HIT, MISS
vary: Accept-Encoding
cf-cache-status: HIT
age: 723405
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rGGZsMUrnc6gJm6VBl2ETT%2Fwd3tDYOJg7y1S5nsVm1pfTWEFPpJg%2BsPFGsqF38ks5Sg%2FzLfLqUdaaVuE9at7KCJD1AXQiEegxIC2OVu%2FF6Kta6lj1iRjNOnla28QIDHsx%2B0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78fd1467eca5b4eb-OSL
content-encoding: br
X-Firefox-Spdy: h2

static.cyber.bet//rp/gc/3a3b6125-5608-486b-8f79-4497ca3badfe.svg

172.66.40.100

200 OK

37 kB

URL HTTP/2
static.cyber.bet//rp/gc/3a3b6125-5608-486b-8f79-4497ca3badfe.svg
IP
172.66.40.100:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (4530)
Size
37 kB (36975 bytes)
Hash
437659891dd715fb09b271551adf5340
b384845b91398bc9770b60406b396dace05512ee
3cf8b43438c354aea71f40b37234eb4a46f290009f3e4f70e83022062f9d350d

HTTP Headers

GET //rp/gc/3a3b6125-5608-486b-8f79-4497ca3badfe.svg HTTP/1.1
Host: static.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1674776279.1.0.1674776279.60.0.0; _ga=GA1.2.921309120.1674776279; _gid=GA1.2.1865623238.1674776280; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:38:00 GMT
content-type: image/svg+xml
cache-control: public, max-age=31536000
last-modified: Tue, 15 Feb 2022 14:00:10 GMT
x-imgix-id: 854adac84f9266f0b69e2c7ea9353daa4bedcf8d
x-imgix-render-farm: 02.552
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10068-SJC, cache-bma1650-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
cf-cache-status: HIT
age: 40922
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ewdnFwM9rrBNhDes9JcnesT8nL7Ls0id1HVCxj6UcIiRToXbBDmPtWqN4q0jaZ%2BlgvGoPSBult2aM8N%2Fl7uKG33r0OGvcTZyWQEHQUjlZvH5NaCSASEJtG2rjxscDftcoI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78fd1467ecabb4eb-OSL
content-encoding: br
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3ebf9d7211aba4c70b84fb470a61b414
28fe29a24e47d6abda88eeeb5e22eddda03c7fca
a8276e099d9d8452b65b70d161a459fae25afb37cea7eff9cc5563b7de972acc

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 23:38:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

static.cyber.bet//fw/ex/770b02e2-890b-47f9-9097-5ce9131c6dae.svg

172.66.40.100

200 OK

4.4 kB

URL HTTP/2
static.cyber.bet//fw/ex/770b02e2-890b-47f9-9097-5ce9131c6dae.svg
IP
172.66.40.100:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (8222)
Size
4.4 kB (4366 bytes)
Hash
a9b55fb5ef1436a2e38ed50b040a0fe7
85bc2b49eed920747900c619121ed0f82c5eb761
885584166bb2e752befccca1dc5a15723d4738546053d1cb05fc8f6f5a988619

HTTP Headers

GET //fw/ex/770b02e2-890b-47f9-9097-5ce9131c6dae.svg HTTP/1.1
Host: static.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1674776279.1.0.1674776279.60.0.0; _ga=GA1.2.921309120.1674776279; _gid=GA1.2.1865623238.1674776280; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:38:00 GMT
content-type: image/svg+xml
cache-control: public, max-age=31536000
last-modified: Tue, 15 Feb 2022 13:53:49 GMT
x-imgix-id: 3071167306fd7e404ce6c9d0b6695258dcb9f78c
x-imgix-render-farm: 02.552
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10063-SJC, cache-bma1621-BMA
x-cache: HIT, MISS
vary: Accept-Encoding
cf-cache-status: HIT
age: 40922
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=keNa5AjeJVIW5oFkyn%2FqCxBGGb4LLXkLUj3yi%2BT3us7CpYBEuIqs6AMr4p1%2ByBWjlcIVVaoe7f26Wa%2FmTXCATgwFqedEeYtUhIuxGozZe%2BRGfdOTmpyAas4TF9jFmZ4eyF4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78fd1467ecafb4eb-OSL
content-encoding: br
X-Firefox-Spdy: h2

static.cyber.bet//vw/ul/f38ce5a4-5465-4e1b-9b88-e542693f572d.svg

172.66.40.100

200 OK

2.7 kB

URL HTTP/2
static.cyber.bet//vw/ul/f38ce5a4-5465-4e1b-9b88-e542693f572d.svg
IP
172.66.40.100:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1100)
Size
2.7 kB (2740 bytes)
Hash
0cb926e3e9e2b0035dbf5458b5c54e57
30728e1c80e9bda968c2e434cf1f5e966fa854bb
803729400d7c15d4f2d2ba884c82142aa4084aedb3562ebc4c156555b890dbee

HTTP Headers

GET //vw/ul/f38ce5a4-5465-4e1b-9b88-e542693f572d.svg HTTP/1.1
Host: static.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1674776279.1.0.1674776279.60.0.0; _ga=GA1.2.921309120.1674776279; _gid=GA1.2.1865623238.1674776280; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:38:00 GMT
content-type: image/svg+xml
cache-control: public, max-age=31536000
last-modified: Tue, 15 Feb 2022 14:02:28 GMT
x-imgix-id: be499ee77bb9f13f4e61b37ea512299d94aa8c27
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10068-SJC, cache-maa10242-MAA
x-cache: HIT, MISS
vary: Accept-Encoding
cf-cache-status: HIT
age: 533709
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ATTDfYpN0n9rSqeEFI11dfOQC9gOuFsEt52Ga4TBjXFKOAXlSlVkFPHJRZuAFGSURnBcsuYOpJ3EP0C7kDgsM9wqBVcBArp45q%2FkLIL88wcwWT%2F%2BVOu8k%2F9oaX3H3f5TrCU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78fd1467fcbdb4eb-OSL
content-encoding: br
X-Firefox-Spdy: h2

static.cyber.bet//ct/pt/c85e2438-91ec-44f1-86b9-a8968e2be0a4.svg

172.66.40.100

200 OK

2.1 kB

URL HTTP/2
static.cyber.bet//ct/pt/c85e2438-91ec-44f1-86b9-a8968e2be0a4.svg
IP
172.66.40.100:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (869)
Size
2.1 kB (2077 bytes)
Hash
b3e05fef0289e3cfcd7532e64148d11f
bc3bc8ceec1074d02b034fc8a413f3031d9cb0b3
a5828e3937ccf24d0210849b945aad580a3f3eab96f5a57a1d41c1573f4fa4ac

HTTP Headers

GET //ct/pt/c85e2438-91ec-44f1-86b9-a8968e2be0a4.svg HTTP/1.1
Host: static.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1674776279.1.0.1674776279.60.0.0; _ga=GA1.2.921309120.1674776279; _gid=GA1.2.1865623238.1674776280; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:38:00 GMT
content-type: image/svg+xml
cache-control: public, max-age=31536000
last-modified: Tue, 15 Feb 2022 13:52:12 GMT
x-imgix-features: {"linux_painter":"0","tannhauser_routing":"0","tannhauser_shield":"0"}
x-imgix-id: a52b6d3a19f01fc91c01ef38ea74345ce0cc3d68
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10055-SJC, cache-hel1410027-HEL
x-cache: MISS, HIT
vary: Accept-Encoding
cf-cache-status: HIT
age: 40922
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k3rChboVFmrYdTXcfyFrC%2FRHijLFJH4bXA39B98rkJJsQ%2BJyTpPvFsoDZRu5G%2F0aWhj83j2kCzR6z%2Flg2%2FPSKuYpuVNRW5lTSUy1f9qlPRBuXswiwFvKdaywK9lo1HiYo4g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78fd1467ecb0b4eb-OSL
content-encoding: br
X-Firefox-Spdy: h2

www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-113371679-5&cid=921309120.1674776279&jid=1868619074&_u=YCDACEABBAAAACAFK~&z=1158234871

216.58.207.228

200 OK

42 B

URL HTTP/2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-113371679-5&cid=921309120.1674776279&jid=1868619074&_u=YCDACEABBAAAACAFK~&z=1158234871
IP
216.58.207.228:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-113371679-5&cid=921309120.1674776279&jid=1868619074&_u=YCDACEABBAAAACAFK~&z=1158234871 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 26 Jan 2023 23:38:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

backend.cyberbet.academy/api/land_regs/session

54.246.139.70

200 OK

2 B

URL HTTP/2
backend.cyberbet.academy/api/land_regs/session
IP
54.246.139.70:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

HTTP Headers

OPTIONS /api/land_regs/session HTTP/1.1
Host: backend.cyberbet.academy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://cyber.bet/
Origin: https://cyber.bet
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:38:00 GMT
content-type: text/html; charset=utf-8
content-length: 2
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-headers: origin, content-type, accept
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2

static.cyber.bet//rg/xl/324c146b-3f35-4a0f-88ce-5f2b13d51113.svg

172.66.40.100

200 OK

3.8 kB

URL HTTP/2
static.cyber.bet//rg/xl/324c146b-3f35-4a0f-88ce-5f2b13d51113.svg
IP
172.66.40.100:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (7079)
Size
3.8 kB (3771 bytes)
Hash
aa55e340b9e43eef50a44fd2a7cc87af
4c84f2ed1827bb57b4e5f5e9d3968c56d7887963
9918d9f56b40f59fed251707d210a25a59f1c811da62328165c42298c2f1faf6

HTTP Headers

GET //rg/xl/324c146b-3f35-4a0f-88ce-5f2b13d51113.svg HTTP/1.1
Host: static.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1674776279.1.0.1674776279.60.0.0; _ga=GA1.2.921309120.1674776279; _gid=GA1.2.1865623238.1674776280; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:38:00 GMT
content-type: image/svg+xml
cache-control: public, max-age=31536000
last-modified: Tue, 15 Feb 2022 13:59:51 GMT
x-imgix-id: c912ac4741157f0c624624a3b61b365f5d2f134f
x-imgix-render-farm: 01.1064
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10082-SJC, cache-bma1655-BMA
x-cache: HIT, MISS
vary: Accept-Encoding
cf-cache-status: HIT
age: 723405
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cwre9vVfKVPwimu87fmMHXQH%2FcrkV00cFAX24UVVcMCfUKUp%2FLkqDsegzCZwi0tau%2BjilM23OBQZ7tndR988x0LoYZkVpuWIlIljQsrcYm%2B2h7zDeV7LsQXlwVreK8Sq%2F%2FA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78fd1467ecacb4eb-OSL
content-encoding: br
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

54.230.245.118

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.118:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
11b11a34f7de8e82aed9ce9aa61a948d
8062b890e99fbdaf23dca1504fc69be6e342aecb
74953ce419e3c98e4940faff47764c52aa45d37d085a776af5928d7343f90aa7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 26 Jan 2023 23:38:00 GMT
Etag: "63d1be8c-1d7"
Last-Modified: Thu, 26 Jan 2023 23:28:27 GMT
Server: ECS (dcb/7F5B)
X-Cache: Miss from cloudfront
Via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: mrezys4MAB5wvTko5GCFKQHike3HMXGWv3o7C2Kz4KpHCmgb8h5aBA==
Age: 573

cdnstatic.cyber.bet/js/libs/phone/intlTelInput.js

54.230.111.100

200 OK

76 kB

URL HTTP/2
cdnstatic.cyber.bet/js/libs/phone/intlTelInput.js
IP
54.230.111.100:0
ASN
#16509 AMAZON-02

File type
data
Size
76 kB (75631 bytes)
Hash
a546b5f03d6aa04e754695fcc9d4b33e
4574644a9af33c86749b3d117e4f36982f4caf1d
f18f21a534220984c6152de7def4a0b59668aa2fdd81786f808fab485befc965

HTTP Headers

GET /js/libs/phone/intlTelInput.js HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1674776279.1.0.1674776279.60.0.0; _ga=GA1.2.921309120.1674776279; _gid=GA1.2.1865623238.1674776280; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 24 Jan 2023 12:10:35 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Thu, 26 Jan 2023 23:37:47 GMT
etag: W/"c73ba86bd67306c5889e9aac41e959e0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: O0XNW9E1my3skx16Xmnc0PvyC9B2FHcaRp2P81O8CG8qudNZtSZNtQ==
age: 25
X-Firefox-Spdy: h2

backend.cyberbet.academy/api/land_regs/session

54.246.139.70

200 OK

7 B

URL HTTP/2
backend.cyberbet.academy/api/land_regs/session
IP
54.246.139.70:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
d9310a44e73e68b31ea56f89682b6745
9b0b560ffc34cf165b5175f9bff653b04b2ba96d
a1cdc9bf42cdb955cabb49bda3c8831f008e453dd66ca4a9ae572d309f9187db

HTTP Headers

POST /api/land_regs/session HTTP/1.1
Host: backend.cyberbet.academy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cyber.bet/
Content-Type: application/json;charset=utf-8
Origin: https://cyber.bet
Content-Length: 255
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:38:00 GMT
content-type: application/json; charset=utf-8
content-length: 7
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-headers: origin, content-type, accept
etag: W/"7-mwtWD/w0zxZbUXX5v/ZTsEsrqW0"
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
1ca3538a32a8fde407c95ce889bf3c61
3cf974da1b67520ed2cc2063856205e6e23ce4f4
7e60775bfea1a4e8f4461e4eb33d2976d6d34a20eba7a026e6875b8ebde3ad51

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=89959
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 23:38:00 GMT
Etag: "63d1cb3f-116"
Expires: Sat, 28 Jan 2023 00:37:19 GMT
Last-Modified: Thu, 26 Jan 2023 00:37:19 GMT
Server: nginx
Content-Length: 278

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
7dadb09e9141bcf0df8ea89fc6a61354
7063ed393e240a7cd97a3a312927235d0f14568e
7d30c6c36b852938dc7127bca46aafe9bcc9459cbfa4af5ca32295b19dfdb252

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5465
Cache-Control: max-age=112686
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 23:38:00 GMT
Etag: "63d20ead-1d7"
Expires: Sat, 28 Jan 2023 06:56:06 GMT
Last-Modified: Thu, 26 Jan 2023 05:25:01 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471

pool.admedo.com/pixel?id=148776&t=js

35.210.53.219

302 Found

0 B

URL HTTP/2
pool.admedo.com/pixel?id=148776&t=js
IP
35.210.53.219:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pixel?id=148776&t=js HTTP/1.1
Host: pool.admedo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Thu, 26 Jan 2023 23:38:00 GMT
location: https://pool.admedo.com/ul_cb/pixel?id=148776&t=js
set-cookie: tuuid=198148bf-67b4-47d5-b77c-9c0155d73776; path=/; expires=Fri, 26-Jan-2024 23:38:00 GMT
c=1674776280; path=/; expires=Fri, 26-Jan-2024 23:38:00 GMT
tuuid_lu=1674776280; path=/; expires=Fri, 26-Jan-2024 23:38:00 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

pool.admedo.com/ul_cb/pixel?id=148776&t=js

35.210.53.219

200 OK

0 B

URL HTTP/2
pool.admedo.com/ul_cb/pixel?id=148776&t=js
IP
35.210.53.219:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ul_cb/pixel?id=148776&t=js HTTP/1.1
Host: pool.admedo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cyber.bet/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-length: 0
content-type: text/javascript; charset=UTF-8
date: Thu, 26 Jan 2023 23:38:00 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
1ca3538a32a8fde407c95ce889bf3c61
3cf974da1b67520ed2cc2063856205e6e23ce4f4
7e60775bfea1a4e8f4461e4eb33d2976d6d34a20eba7a026e6875b8ebde3ad51

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=89959
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 23:38:01 GMT
Etag: "63d1cb3f-116"
Expires: Sat, 28 Jan 2023 00:37:20 GMT
Last-Modified: Thu, 26 Jan 2023 00:37:19 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 278

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
77ee11fc32a54a6d1f919ccd7ef00c8d
3391dbe1835e7fc0a85d3cc3f190b11639d7bf35
9a75fea2800f0365dc548a49dc56652d68112ff2415260854e994f23b1d759fa

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1344
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 23:38:01 GMT
Last-Modified: Thu, 26 Jan 2023 23:15:37 GMT
Server: ECS (amb/6BA4)
X-Cache: HIT
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
77ee11fc32a54a6d1f919ccd7ef00c8d
3391dbe1835e7fc0a85d3cc3f190b11639d7bf35
9a75fea2800f0365dc548a49dc56652d68112ff2415260854e994f23b1d759fa

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1344
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 23:38:01 GMT
Last-Modified: Thu, 26 Jan 2023 23:15:37 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 279

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81aa4520-e26c-4be4-877f-1d3af6c27241.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11372 bytes)
Hash
ed3df3868d4a13270faf944f911637a7
1b69b2433956c79510bc4a013648a5fb12882884
e13e2ca5d6552a96eb972936f553937a5aff566eb37f39b0928f15d3eeab617f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81aa4520-e26c-4be4-877f-1d3af6c27241.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 11372
x-amzn-requestid: d50f0c0e-a383-419a-a3ca-630d5fd32821
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPAw_E_rIAMF0hQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf7b39-64abe6b72176db7d7b67f315;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 06:31:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: P--KVawXg_IYJa8S3gcxIL5XZZGwRbhclRRRMUFlWmMAqzVus7RdnA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 21:47:08 GMT
age: 6657
etag: "1b69b2433956c79510bc4a013648a5fb12882884"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

gml-grp.com/C.ashx?btag=a_19851b_2181c_&affid=5253&siteid=19851&adid=2181&c=

188.114.97.1

302 Found

0 B

URL HTTP/2
gml-grp.com/C.ashx?btag=a_19851b_2181c_&affid=5253&siteid=19851&adid=2181&c=
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /C.ashx?btag=a_19851b_2181c_&affid=5253&siteid=19851&adid=2181&c= HTTP/1.1
Host: gml-grp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://adtraffic.agency/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Thu, 26 Jan 2023 23:38:01 GMT
content-type: text/html; charset=utf-8
cache-control: private
location: //gml-grp.com/C.ashx?btag=a_19851b_2181c_&affid=5253&siteid=19851&adid=2181&c=&AutoR=1
x-aspnet-version: 4.0.30319
set-cookie: CEK=a; expires=Wed, 26-Apr-2023 23:38:01 GMT; path=/; SameSite=None; Secure
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CynRK%2BBLJM3TGOLdZEb18fP6v7ZrR88fYuVBAdRuq0fj5%2BVl3WVJChV5e5TvU%2FWsqiDYOMe5rtk5QxE0HofgpFhqDvPhkkXgoOY511f3wVJJBHlTr%2B37QbWSvp9DIg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78fd146cea67b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

zeniocloud.com/bQIA.js?prid=63d30ed64ea1cd00010fa3d7&sub2=

167.114.67.56

200 OK

0 B

URL HTTP/2
zeniocloud.com/bQIA.js?prid=63d30ed64ea1cd00010fa3d7&sub2=
IP
167.114.67.56:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /bQIA.js?prid=63d30ed64ea1cd00010fa3d7&sub2= HTTP/1.1
Host: zeniocloud.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 26 Jan 2023 23:38:00 GMT
content-type: text/html; charset=UTF-8
content-encoding: gzip
X-Firefox-Spdy: h2

cdnstatic.cyber.bet/css/libs/nice-select.css

54.230.111.100

200 OK

0 B

URL HTTP/2
cdnstatic.cyber.bet/css/libs/nice-select.css
IP
54.230.111.100:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css/libs/nice-select.css HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
content-type: text/css
last-modified: Tue, 24 Jan 2023 12:10:32 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Thu, 26 Jan 2023 23:37:59 GMT
etag: W/"b83506d101e8a03948d5c01e83da2b8e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ioSNQ4u-Wa4z4cZEJNnDrwpNIZpiCFR42aZl34TVtGWv-FIv9j8HNQ==
age: 26
X-Firefox-Spdy: h2

cdnstatic.cyber.bet/js/payments.js

54.230.111.100

200 OK

0 B

URL HTTP/2
cdnstatic.cyber.bet/js/payments.js
IP
54.230.111.100:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js/payments.js HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 24 Jan 2023 12:10:36 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Thu, 26 Jan 2023 23:37:59 GMT
etag: W/"86e0165b432077320adbf690e339604e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: OTortTWyVNRtDUp0lvSxxaPaB8DYZnmY4nBeRJzfccpiFRaDCq6cXw==
age: 12
X-Firefox-Spdy: h2

cyber.bet/graphql/v2

172.66.40.100

200 OK

0 B

URL HTTP/2
cyber.bet/graphql/v2
IP
172.66.40.100:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /graphql/v2 HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cyber.bet/land/casino_red_pbn868/?cid=63d30ed64ea1cd00010fa3d7&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_casino&promocode=CYBERMAXCAS&subid2=&subid3=&aff_bnnr=&aff_land=1666276955
Content-Type: application/json;charset=utf-8
Origin: https://cyber.bet
Content-Length: 51
Connection: keep-alive
Cookie: _uc_referrer=http://ww1.yokkasoft.net/; _uc_utm_source=affise; _uc_utm_medium=revshare; _uc_utm_campaign=53_casino; _uc_utm_term=; _uc_utm_content=; __adm_tid=tid-2cfd8c5eb.2be193eea; _ga_8FYNJV02NV=GS1.1.1674776279.1.0.1674776279.60.0.0; _ga=GA1.1.921309120.1674776279
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:37:59 GMT
content-type: application/json
strict-transport-security: max-age=15724800; includeSubDomains
cb-blocked: no
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XLg4nHrJwzucjqXKWdrYcu4SDntB3snwBLsTP%2BsVYahKYxQ8HvOAUuMuTDNnVBDJAo4EqpFY%2FT8nl7x4QJO4Tc65lZli18Mq2QfIdtpjFJq3alwc8gtdEIPeCg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78fd14639999b4eb-OSL
content-encoding: br
X-Firefox-Spdy: h2

static.cyber.bet//nj/mq/749129a1-2b84-46a8-bfc2-36c7fb837f56.svg

172.66.40.100

200 OK

0 B

URL HTTP/2
static.cyber.bet//nj/mq/749129a1-2b84-46a8-bfc2-36c7fb837f56.svg
IP
172.66.40.100:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET //nj/mq/749129a1-2b84-46a8-bfc2-36c7fb837f56.svg HTTP/1.1
Host: static.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1674776279.1.0.1674776279.60.0.0; _ga=GA1.2.921309120.1674776279; _gid=GA1.2.1865623238.1674776280; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:38:00 GMT
content-type: image/svg+xml
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 04:06:38 GMT
x-imgix-id: 58d927587a2791fa5ee8dc913a6ff0f83e28f73b
x-imgix-render-farm: 02.552
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10051-SJC, cache-bma1681-BMA
x-cache: MISS, HIT
vary: Accept-Encoding
cf-cache-status: HIT
age: 40922
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IlkABHe%2BloEtvVv%2Fjq8QzL%2F7Qu4YMbh%2Fn5bsSL%2BZ8LTCVjxq2TmRLbmnRSCKspX%2FEIkc1njX4P4bulrvOhIhs6gOTbLPCoHF%2Bri7Bs4a6Ahz6PrQ8mmYiU1gluxrm9Dejjo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78fd1467ec9bb4eb-OSL
content-encoding: br
X-Firefox-Spdy: h2

static.cyber.bet//hi/an/6ce04cc3-d308-42ee-8f2d-04e0a81e7319.svg

172.66.40.100

200 OK

0 B

URL HTTP/2
static.cyber.bet//hi/an/6ce04cc3-d308-42ee-8f2d-04e0a81e7319.svg
IP
172.66.40.100:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET //hi/an/6ce04cc3-d308-42ee-8f2d-04e0a81e7319.svg HTTP/1.1
Host: static.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1674776279.1.0.1674776279.60.0.0; _ga=GA1.2.921309120.1674776279; _gid=GA1.2.1865623238.1674776280; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:38:00 GMT
content-type: image/svg+xml
cache-control: public, max-age=31536000
last-modified: Fri, 13 May 2022 15:59:53 GMT
x-imgix-id: 0d9a0eb61d73b4e7f1e6f9d63934aa27a4dabba7
x-imgix-render-farm: 02.552
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10077-SJC, cache-bma1665-BMA
x-cache: HIT, MISS
vary: Accept-Encoding
cf-cache-status: HIT
age: 173338
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uSFToFb94q6XQ6hs9N6RlCdkz0wmEILGCG8Qo2rZMgXC4drvFcDNuW2%2BP%2B2Vsl0c1oCBy93HF13uy1q7utoC82Rxed9UDk2g59Uywu5zY5A9TU%2BsgnF%2F4s%2Bb5u7ccMhBPQI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78fd1467ec98b4eb-OSL
content-encoding: br
X-Firefox-Spdy: h2

static.cyber.bet//rz/ah/a55f56cd-663f-4587-9ba0-7780f4fffe06.svg

172.66.40.100

200 OK

0 B

URL HTTP/2
static.cyber.bet//rz/ah/a55f56cd-663f-4587-9ba0-7780f4fffe06.svg
IP
172.66.40.100:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET //rz/ah/a55f56cd-663f-4587-9ba0-7780f4fffe06.svg HTTP/1.1
Host: static.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1674776279.1.0.1674776279.60.0.0; _ga=GA1.2.921309120.1674776279; _gid=GA1.2.1865623238.1674776280; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:38:00 GMT
content-type: image/svg+xml
cache-control: public, max-age=31536000
last-modified: Tue, 15 Feb 2022 14:00:23 GMT
x-imgix-id: 124d84afd81dd36ff5dd18c8efb73ffa18bdb828
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10066-SJC, cache-maa10232-MAA
x-cache: HIT, HIT
vary: Accept-Encoding
cf-cache-status: HIT
age: 173338
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BqML6U4yelYqgadfPKsA2UxlJx82R0KkAhRIe9%2Bo48md9d6Ci3ATmv60mPQfkPvPM3a8iGR6r2vaMSyJNMCRiHCa9kkrFmjdUXhR6IajEnA%2B3OFgDdBhhUXrmtdLzhqz4x8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78fd1467eca6b4eb-OSL
content-encoding: br
X-Firefox-Spdy: h2

cdnstatic.cyber.bet/js/libs/jquery.nice-select.min.js

54.230.111.100

200 OK

0 B

URL HTTP/2
cdnstatic.cyber.bet/js/libs/jquery.nice-select.min.js
IP
54.230.111.100:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js/libs/jquery.nice-select.min.js HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 24 Jan 2023 12:10:35 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Thu, 26 Jan 2023 23:37:10 GMT
etag: W/"4e2def5093eb4c4281624db4a5aa8f9c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 1DNCm5wBoZcLEd39lT1gy4p9GzmG2TCKCYvCz12MI2zPwcsV05ZLOw==
age: 59
X-Firefox-Spdy: h2

adjs.media/resources/content/cyberbet.js

188.114.96.1

200 OK

0 B

URL HTTP/2
adjs.media/resources/content/cyberbet.js
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /resources/content/cyberbet.js HTTP/1.1
Host: adjs.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:37:59 GMT
content-type: text/javascript; charset=utf-8
status: 200 OK
cache-control: no-cache
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 3d39c306-725a-4f92-afb1-621dd3306b91
x-download-options: noopen
etag: W/"bd06ea929f643a4924378f7eca9deb90"
x-runtime: 0.003021
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gEmrs5%2BNyKrga6VJfL1pgB6Rih15%2FAQUcbzVQ5fnY2VWJVAr1k4a%2BuHnHGSVXMP94mrQS%2FaL%2B4cjuaUVDoExm%2FzDLaKO9mxKu4cQvPp2w7vlf6AYEOuTWyqFm2i2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78fd145fca7bb518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnstatic.cyber.bet/js/currencyMapping.js

54.230.111.100

200 OK

0 B

URL HTTP/2
cdnstatic.cyber.bet/js/currencyMapping.js
IP
54.230.111.100:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js/currencyMapping.js HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 24 Jan 2023 12:10:35 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Thu, 26 Jan 2023 23:37:59 GMT
etag: W/"2a3d85d14eaeaac04949a29f3c94c548"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ibj9OurYRDaPBZ-aT1_kMnfAVFSeKGJ97X7l03zizmpaiG25F5-s9A==
age: 7
X-Firefox-Spdy: h2

cyber.bet/land/js/locales/base/locales.js

172.66.40.100

200 OK

0 B

URL HTTP/2
cyber.bet/land/js/locales/base/locales.js
IP
172.66.40.100:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /land/js/locales/base/locales.js HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_red_pbn868/?cid=63d30ed64ea1cd00010fa3d7&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_casino&promocode=CYBERMAXCAS&subid2=&subid3=&aff_bnnr=&aff_land=1666276955
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:37:58 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=22124
etag: W/"636c24bc-566c"
last-modified: Wed, 09 Nov 2022 22:07:56 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4775
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HPrmrVCFxdOp5V7%2BUMOu4PtsVaDvcnLYeyBjq2ez4t%2FFcxviZ5GyAVRBGMCRZCKUrNn%2BRn1zWgNCGSo0MqyI9e083DaxRLKZ0E5bcU%2FNmTQNdcUklQ1zsF9Gpg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fd145f6eb4b4eb-OSL
content-encoding: br
X-Firefox-Spdy: h2

cdnstatic.cyber.bet/css/iti/intlTelInput.css

54.230.111.100

200 OK

0 B

URL HTTP/2
cdnstatic.cyber.bet/css/iti/intlTelInput.css
IP
54.230.111.100:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css/iti/intlTelInput.css HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1674776279.1.0.1674776279.60.0.0; _ga=GA1.2.921309120.1674776279; _gid=GA1.2.1865623238.1674776280; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
content-type: text/css
last-modified: Tue, 24 Jan 2023 12:10:32 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Thu, 26 Jan 2023 23:37:47 GMT
etag: W/"a69aa970266649e0b08c2cb4bc166568"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: L15PWiA665GQJV0YDrBchVq6g0hWMvuTV4OV3vt01vMTXdWDkTW16g==
age: 22
X-Firefox-Spdy: h2

static.cyber.bet//xb/uj/c55700c6-fd25-4428-ab94-d164b9de3298.svg

172.66.40.100

200 OK

0 B

URL HTTP/2
static.cyber.bet//xb/uj/c55700c6-fd25-4428-ab94-d164b9de3298.svg
IP
172.66.40.100:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET //xb/uj/c55700c6-fd25-4428-ab94-d164b9de3298.svg HTTP/1.1
Host: static.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1674776279.1.0.1674776279.60.0.0; _ga=GA1.2.921309120.1674776279; _gid=GA1.2.1865623238.1674776280; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:38:00 GMT
content-type: image/svg+xml
cache-control: public, max-age=31536000
last-modified: Tue, 30 Aug 2022 12:06:01 GMT
x-imgix-id: 9bdf3c27132191386bea4ec4bc43098d462dc9fd
x-imgix-render-farm: 02.552
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10022-SJC, cache-bma1631-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
cf-cache-status: HIT
age: 723405
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J1Nlj1TQMmmTGt33X84jRTNrZBkIic7BFxaMMY7096pqU5KNg2AmDpYfnsAtlfq9Q8SmDaNAma0oh1uX4Mf%2BIpL89SXWPtXn7EiMcyXsbQINUzbk7kou9uUtQEXoSASC3Fs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78fd1467ec94b4eb-OSL
content-encoding: br
X-Firefox-Spdy: h2

static.cyber.bet//wf/sp/611bc275-0144-4101-8422-c5e1f672bc87.svg

172.66.40.100

200 OK

0 B

URL HTTP/2
static.cyber.bet//wf/sp/611bc275-0144-4101-8422-c5e1f672bc87.svg
IP
172.66.40.100:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET //wf/sp/611bc275-0144-4101-8422-c5e1f672bc87.svg HTTP/1.1
Host: static.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1674776279.1.0.1674776279.60.0.0; _ga=GA1.2.921309120.1674776279; _gid=GA1.2.1865623238.1674776280; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:38:00 GMT
content-type: image/svg+xml
cache-control: public, max-age=31536000
last-modified: Tue, 15 Feb 2022 14:02:39 GMT
x-imgix-id: 75c58e24d4ac8f5051021d0ef9be81344e6a26d6
x-imgix-render-farm: 01.1064
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10029-SJC, cache-bma1653-BMA
x-cache: HIT, MISS
vary: Accept-Encoding
cf-cache-status: HIT
age: 723405
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aQJInyudeHkAUGjvxRTb%2BqpXSwSX2JG3bkGhF2C7Maw%2Fkd4g3FYNsG8AQ8Mf0abwK5DYs%2B8QUraXm70oBnyb8XJpYSzb4Tl7xaGekDO4jBgxYBFPV1isznsv%2BGYJZGbj%2B1Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78fd1467fcbeb4eb-OSL
content-encoding: br
X-Firefox-Spdy: h2

adtraffic.agency/redirect?click_id=LjfPBfudAf95ZHJV

172.67.133.173

200 OK

0 B

URL HTTP/2
adtraffic.agency/redirect?click_id=LjfPBfudAf95ZHJV
IP
172.67.133.173:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /redirect?click_id=LjfPBfudAf95ZHJV HTTP/1.1
Host: adtraffic.agency
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:38:01 GMT
content-type: text/html; charset=utf-8
status: 200 OK
cache-control: no-cache
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 169ba863-3313-4a7a-b4d3-a16cbfdf3229
x-download-options: noopen
x-runtime: 0.007108
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UI2f%2BA8YOGoIA2clKj9GQjp7v5c5FtTTO9HpYB1VpWL%2B8AEx8rSkcAcnGxZXRpV21ZBtkXsFutYooEpNceAZmQlyBGvWIEQqps5QeVGAl7cziMVfTFWz%2F3hFMCg3zhQSwakL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78fd146ad92c0b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cyber.bet/land/casino_red_pbn868/?cid=63d30ed64ea1cd00010fa3d7&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_casino&promocode=CYBERMAXCAS&subid2=&subid3=&aff_bnnr=&aff_land=1666276955

172.66.40.100

200 OK

0 B

URL HTTP/2
cyber.bet/land/casino_red_pbn868/?cid=63d30ed64ea1cd00010fa3d7&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_casino&promocode=CYBERMAXCAS&subid2=&subid3=&aff_bnnr=&aff_land=1666276955
IP
172.66.40.100:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /land/casino_red_pbn868/?cid=63d30ed64ea1cd00010fa3d7&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_casino&promocode=CYBERMAXCAS&subid2=&subid3=&aff_bnnr=&aff_land=1666276955 HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ww1.yokkasoft.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:37:58 GMT
content-type: text/html
last-modified: Fri, 04 Nov 2022 16:57:42 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ow3%2BFpKM3cgdOSGMfg3qOWAHQizoyY98GlTwU7oV8vdPJyLeRpz%2Bu9ZCMMT46gb2eDUUG4B0dbGdtT2ZCUMw9qmLqK45ArGiESmh5FDXEFEb0R3qMHCdkTmo%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78fd145e8e18b4eb-OSL
content-encoding: br
X-Firefox-Spdy: h2

scripts.prdredir.com/scripts/k_cyberbet.js

172.64.135.33

200 OK

0 B

URL HTTP/2
scripts.prdredir.com/scripts/k_cyberbet.js
IP
172.64.135.33:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /scripts/k_cyberbet.js HTTP/1.1
Host: scripts.prdredir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:37:59 GMT
content-type: text/javascript; charset=utf-8
status: 200 OK
cache-control: no-cache
access-control-allow-origin: *
x-request-id: 2c920f5f-ad0a-4a0f-9694-44cc8f0d7789
etag: W/"95d838de11136e7964ca0eaa375bf294"
x-runtime: 0.008109
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5TtR3PleMBfe2bwHoxjnzgXJGGd8%2FwfiDxffmy%2FAayMdy6OGvHJSJkK3gV3wfO2rY9TwxWeUQHR5fs%2F2S4Oxkrdpwn%2BEQUQudvvmpNTaxlw0q%2F0QI6fapsRNY5uYbGhyrs6Slabv3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78fd14608bcaf3f3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

static.cyber.bet//us/va/9e380f15-f52c-4b37-9e1a-ee1e29eda72f.svg

172.66.40.100

200 OK

0 B

URL HTTP/2
static.cyber.bet//us/va/9e380f15-f52c-4b37-9e1a-ee1e29eda72f.svg
IP
172.66.40.100:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET //us/va/9e380f15-f52c-4b37-9e1a-ee1e29eda72f.svg HTTP/1.1
Host: static.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1674776279.1.0.1674776279.60.0.0; _ga=GA1.2.921309120.1674776279; _gid=GA1.2.1865623238.1674776280; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:38:00 GMT
content-type: image/svg+xml
cache-control: public, max-age=31536000
last-modified: Tue, 15 Feb 2022 14:01:52 GMT
x-imgix-id: 5009dab7bf9c2c57dfc23b32759803b69d7d3cb3
x-imgix-render-farm: 01.1064
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10049-SJC, cache-bma1666-BMA
x-cache: HIT, MISS
vary: Accept-Encoding
cf-cache-status: HIT
age: 173338
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yVQofD7xfNgBKCc6EY%2BMoEoHSgDCYgaUOMoDc3U0sfHowk2oUbD%2FkK%2Bpfr6FjDoWwZ1J4O6MeMWfx71jbx8Dm6FK2eDCBInt0jL5g%2B3YCdZE3Yiyjr9GdgLO5jpftJBl%2BDI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78fd1467eca8b4eb-OSL
content-encoding: br
X-Firefox-Spdy: h2

static.cyber.bet//fs/kc/17bc1130-a40d-4486-8805-8edc5e3ab5e0.svg

172.66.40.100

200 OK

0 B

URL HTTP/2
static.cyber.bet//fs/kc/17bc1130-a40d-4486-8805-8edc5e3ab5e0.svg
IP
172.66.40.100:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET //fs/kc/17bc1130-a40d-4486-8805-8edc5e3ab5e0.svg HTTP/1.1
Host: static.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1674776279.1.0.1674776279.60.0.0; _ga=GA1.2.921309120.1674776279; _gid=GA1.2.1865623238.1674776280; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:38:00 GMT
content-type: image/svg+xml
cache-control: public, max-age=31536000
last-modified: Sat, 26 Nov 2022 04:32:34 GMT
x-imgix-id: eaa9a5ceb4ef9ff91d93849720aab7cfa394d578
x-imgix-render-farm: 02.552
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10054-SJC, cache-bma1648-BMA
x-cache: HIT, MISS
vary: Accept-Encoding
cf-cache-status: HIT
age: 173338
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Au0soJ0GEM5PKiEspBljxmWVczHy49rSGKK36s%2BCGQScMEEqU5ia7ZuMMA7LzPBsfSKMl6Bs1K822ncKhwpVUGvWcpY4LsypVIp1GtAxPseNTH79xtKnSRVHDjJQyjuCwxc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78fd1467fcc1b4eb-OSL
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (40)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML