Submitted URL: http://www.rocketleaguebetting.com/
Effective URL: https://gg.bet/esports?ref=gg_w20473c27828l1038ggbp179_&affdata%5Bsubdata%5D=80298175bf51671a6accb67886b853f3&a...
Submission: On August 11 via manual from US — Scanned from GB

Summary

This website contacted 12 IPs in 8 countries across 13 domains to perform 27 HTTP transactions. The main IP is 2a07:180:4a1:2cac:8e76:43ad:29a3:e828, located in Belize and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is gg.bet. The Cisco Umbrella rank of the primary domain is 692109.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 13th 2023. Valid for: a year.
This is the only time gg.bet was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 94.136.40.82 20773 (GODADDY)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 4 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a05:7880:5:d... 209242 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 23.109.27.100 7979 (SERVERS-COM)
1 2a05:7880:328... 209242 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2001:4de0:ac1... 20446 (STACKPATH...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
6 2a07:180:4a1:... 209242 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
27 12
Apex Domain
Subdomains
Transfer
6 gg.bet
gg.bet — Cisco Umbrella Rank: 692109 Failed
74 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 54
region1.google-analytics.com — Cisco Umbrella Rank: 2069
21 KB
4 coffee2play.com
coffee2play.com
67 KB
3 ugabartint.net
sat.ugabartint.net
p.ugabartint.net
43 KB
2 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 6372
10 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 65
130 KB
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 114
346 B
1 exoclick.com
a.exoclick.com — Cisco Umbrella Rank: 78774
962 B
1 crwds.net
sat.crwds.net
674 B
1 ggbetpromo.com
ggbetpromo.com
539 B
1 rocketleaguebetting.com
www.rocketleaguebetting.com
216 B
0 ggbets1.net Failed
ggbets1.net Failed
0 gbett1.net Failed
gbett1.net Failed
27 13
Domain Requested by
6 gg.bet coffee2play.com
gg.bet
4 coffee2play.com 1 redirects coffee2play.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 challenges.cloudflare.com gg.bet
challenges.cloudflare.com
2 www.googletagmanager.com coffee2play.com
www.google-analytics.com
2 sat.ugabartint.net coffee2play.com
sat.ugabartint.net
1 region1.google-analytics.com www.googletagmanager.com
1 stats.g.doubleclick.net www.google-analytics.com
1 a.exoclick.com www.googletagmanager.com
1 sat.crwds.net coffee2play.com
1 p.ugabartint.net coffee2play.com
1 ggbetpromo.com 1 redirects
1 www.rocketleaguebetting.com 1 redirects
0 ggbets1.net Failed coffee2play.com
0 gbett1.net Failed coffee2play.com
27 15

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com
Subject Issuer Validity Valid
coffee2play.com
GTS CA 1P5
2023-07-16 -
2023-10-14
3 months crt.sh
sat.ugabartint.net
Cloudflare Inc ECC CA-3
2022-10-23 -
2023-10-23
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-07-17 -
2023-10-09
3 months crt.sh
p.rokeente.net
R3
2023-07-02 -
2023-09-30
3 months crt.sh
sat.crwds.net
Cloudflare Inc ECC CA-3
2022-10-02 -
2023-10-02
a year crt.sh
*.exoclick.com
Go Daddy Secure Certificate Authority - G2
2022-08-03 -
2023-09-04
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-07-17 -
2023-10-09
3 months crt.sh
gg.bet
Cloudflare Inc ECC CA-3
2023-07-13 -
2024-07-12
a year crt.sh
challenges.cloudflare.com
Cloudflare Inc ECC CA-3
2022-09-18 -
2023-09-17
a year crt.sh

This page contains 2 frames:

Primary Page: https://gg.bet/esports?ref=gg_w20473c27828l1038ggbp179_&affdata%5Bsubdata%5D=80298175bf51671a6accb67886b853f3&affdata%5Bgeo%5D=gb&affdata%5Brotator%5D=27828&affdata%5Blanding%5D=1038
Frame ID: F9243015FC2BB694A5DF2F842BC12CA0
Requests: 27 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/kzucw/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Frame ID: 6D4065608BF39618A6A901BB6EE702EC
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Just a moment...

Page URL History Show full URLs

  1. http://www.rocketleaguebetting.com/ HTTP 302
    https://ggbetpromo.com/l/58d03af67fb3bcf99ee6cc00 HTTP 302
    https://coffee2play.com/?s=60&ref=gg_w20473c27828l1038ggbp179_&encoded_url=ZXNwb3J0cw== Page URL
  2. https://coffee2play.com/away.php?visitorId=64d6a4601a46cf64f400ab7f&duration=3&reason=blind&to=aHR0c... HTTP 302
    https://gg.bet/esports?ref=gg_w20473c27828l1038ggbp179_&affdata%5Bsubdata%5D=80298175bf5167... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

27
Requests

85 %
HTTPS

85 %
IPv6

13
Domains

15
Subdomains

12
IPs

8
Countries

346 kB
Transfer

830 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.rocketleaguebetting.com/ HTTP 302
    https://ggbetpromo.com/l/58d03af67fb3bcf99ee6cc00 HTTP 302
    https://coffee2play.com/?s=60&ref=gg_w20473c27828l1038ggbp179_&encoded_url=ZXNwb3J0cw== Page URL
  2. https://coffee2play.com/away.php?visitorId=64d6a4601a46cf64f400ab7f&duration=3&reason=blind&to=aHR0cHM6Ly9nZy5iZXQvZXNwb3J0cz9yZWY9Z2dfdzIwNDczYzI3ODI4bDEwMzhnZ2JwMTc5XyZhZmZkYXRhJTVCc3ViZGF0YSU1RD04MDI5ODE3NWJmNTE2NzFhNmFjY2I2Nzg4NmI4NTNmMyZhZmZkYXRhJTVCZ2VvJTVEPWdiJmFmZmRhdGElNUJyb3RhdG9yJTVEPTI3ODI4JmFmZmRhdGElNUJsYW5kaW5nJTVEPTEwMzg%3D HTTP 302
    https://gg.bet/esports?ref=gg_w20473c27828l1038ggbp179_&affdata%5Bsubdata%5D=80298175bf51671a6accb67886b853f3&affdata%5Bgeo%5D=gb&affdata%5Brotator%5D=27828&affdata%5Blanding%5D=1038 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://www.rocketleaguebetting.com/ HTTP 302
  • https://ggbetpromo.com/l/58d03af67fb3bcf99ee6cc00 HTTP 302
  • https://coffee2play.com/?s=60&ref=gg_w20473c27828l1038ggbp179_&encoded_url=ZXNwb3J0cw==

27 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
coffee2play.com/
Redirect Chain
  • http://www.rocketleaguebetting.com/
  • https://ggbetpromo.com/l/58d03af67fb3bcf99ee6cc00
  • https://coffee2play.com/?s=60&ref=gg_w20473c27828l1038ggbp179_&encoded_url=ZXNwb3J0cw==
13 KB
5 KB
Document
General
Full URL
https://coffee2play.com/?s=60&ref=gg_w20473c27828l1038ggbp179_&encoded_url=ZXNwb3J0cw==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:a32f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1432f3b76ed0604fb73b05bd8bc13442da0acf590c624c73b7fe66b189bb1d71
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains;
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7f537af9cc0b7689-LHR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 11 Aug 2023 21:13:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GDWpA5GmqXoPNeZgoX6GJmn0k%2Fm28CqVAGvqz0aNmDerUCOF46tRbzT%2B8Sq92F2p0LFZgzXLUb7dTxYjAMrszkyKG2epC1dvdJF0FOwM8ey7485T%2FSMFucKvX80Yd7Btm7q%2B5hfvNdadZGZ7lG4%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=300; includeSubDomains;
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7f537af8cd2f71cf-LHR
content-type
text/html; charset=UTF-8
date
Fri, 11 Aug 2023 21:13:04 GMT
location
https://coffee2play.com/?s=60&ref=gg_w20473c27828l1038ggbp179_&encoded_url=ZXNwb3J0cw==
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HT%2Bp8nWJBr9NNHbSq64zWdd6JTmhxnhUZ95PyJkOZRKz5uhejVcNiy1NRf578LiRt2egZNN59Vg6lM2jU4V7ERogwIfuy0basgM9CjkDS8H2eSZBZ5Zj9iMukwrpy6vfEWaGcWIFyyj1%2By40vw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=300; includeSubDomains;
x-xss-protection
1; mode=block
script.min.js
sat.ugabartint.net/gnt908wk0bl6xyll5bj94zafs74gwo53/
125 KB
42 KB
Script
General
Full URL
https://sat.ugabartint.net/gnt908wk0bl6xyll5bj94zafs74gwo53/script.min.js?sub_1=gg_w20473c27828l1038ggbp179_&visitorId=64d6a4601a46cf64f400ab7f
Requested by
Host: coffee2play.com
URL: https://coffee2play.com/?s=60&ref=gg_w20473c27828l1038ggbp179_&encoded_url=ZXNwb3J0cw==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:7880:5:dc5f:dd96:272:e748:138a , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7de2f50acda08aac02553ce9b5a02eddbb9cc2ad64aa067f9537c0131664a509

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://coffee2play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 21:13:04 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Fri, 11 Aug 2023 21:13:04 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
cache-control
must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
cf-ray
7f537afaeb164133-LHR
001.gif
coffee2play.com/static/template/60/img/
61 KB
61 KB
Image
General
Full URL
https://coffee2play.com/static/template/60/img/001.gif
Requested by
Host: coffee2play.com
URL: https://coffee2play.com/?s=60&ref=gg_w20473c27828l1038ggbp179_&encoded_url=ZXNwb3J0cw==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:a32f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd21f8b1e1c7e57310678f7a68da26bc8a8989774ffe9ae9bbc82e64d6532766
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains;
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://coffee2play.com/?s=60&ref=gg_w20473c27828l1038ggbp179_&encoded_url=ZXNwb3J0cw==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 21:13:04 GMT
strict-transport-security
max-age=300; includeSubDomains;
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
62206
x-xss-protection
1; mode=block
last-modified
Thu, 03 Aug 2023 07:56:55 GMT
server
cloudflare
etag
"64cb5dc7-f2fe"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=htUyyumVGHOKdv0T73imNVcleEEUzl3P08VGs48WGwS8PXZmp%2F7yZLTDw5IC1EIxH6r9S1xYnNjCVGTl51oZfuv3wZuHQbbXJclwdjC%2FX%2FY1c4Y7fxhau%2BX%2FQ8lA%2F3PmV6YtgWGql1EI3FPnBRA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
public, no-cache
accept-ranges
bytes
cf-ray
7f537afa4c8e7689-LHR
blank.gif
gbett1.net/
0
0

blank.gif
ggbets1.net/
0
0

blank.gif
gg.bet/
0
0

gtm.js
www.googletagmanager.com/
129 KB
50 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5RMQ4SV
Requested by
Host: coffee2play.com
URL: https://coffee2play.com/?s=60&ref=gg_w20473c27828l1038ggbp179_&encoded_url=ZXNwb3J0cw==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5a43f7d49d8172f43b8439aaafd5488b37b59033aeb556d601f3d99588565735
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://coffee2play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 21:13:04 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
50572
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 11 Aug 2023 21:13:04 GMT
ping.php
p.ugabartint.net/
0
200 B
Image
General
Full URL
https://p.ugabartint.net:9999/ping.php?s=80298175bf51671a6accb67886b853f3
Requested by
Host: coffee2play.com
URL: https://coffee2play.com/?s=60&ref=gg_w20473c27828l1038ggbp179_&encoded_url=ZXNwb3J0cw==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.109.27.100 Dnipro, Ukraine, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://coffee2play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 11 Aug 2023 21:13:04 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
80298175bf51671a6accb67886b853f3.jpg
sat.crwds.net/p/gnt908wk0bl6xyll5bj94zafs74gwo53/
0
674 B
Image
General
Full URL
https://sat.crwds.net/p/gnt908wk0bl6xyll5bj94zafs74gwo53/80298175bf51671a6accb67886b853f3.jpg
Requested by
Host: coffee2play.com
URL: https://coffee2play.com/?s=60&ref=gg_w20473c27828l1038ggbp179_&encoded_url=ZXNwb3J0cw==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:7880:328:c667:efff:fa09:4c24:22f , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://coffee2play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 21:13:04 GMT
cache-control
no-cache, private
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7f537afcab5bdc4d-LHR
content-type
image/jpeg
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5RMQ4SV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://coffee2play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 11 Aug 2023 19:44:23 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
5321
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 11 Aug 2023 21:44:23 GMT
tag_gen.js
a.exoclick.com/
899 B
962 B
Script
General
Full URL
https://a.exoclick.com/tag_gen.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5RMQ4SV
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
6a008be34474b15708bb82a3841c7cf42b0b08c9432ad8aaf3ea9242ea1b1499

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://coffee2play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Fri, 11 Aug 2023 21:13:04 GMT
Content-Encoding
gzip
Accept-CH
Server
nginx
etag
W/"0e41165f1379ea5f6c348639d43"
X-HW
1691788384.dop238.lo4.t,1691788384.cds209.lo4.shn,1691788384.dop238.lo4.t,1691788384.cds254.lo4.c
Content-Type
application/javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=10800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
511
80298175bf51671a6accb67886b853f3
sat.ugabartint.net/ie/js/
12 B
228 B
XHR
General
Full URL
https://sat.ugabartint.net/ie/js/80298175bf51671a6accb67886b853f3
Requested by
Host: sat.ugabartint.net
URL: https://sat.ugabartint.net/gnt908wk0bl6xyll5bj94zafs74gwo53/script.min.js?sub_1=gg_w20473c27828l1038ggbp179_&visitorId=64d6a4601a46cf64f400ab7f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:7880:5:dc5f:dd96:272:e748:138a , Cyprus, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
587fa9763e3d74ded3b64a843905f5541690582aad4976207e03743a7fb5f70e

Request headers

Referer
https://coffee2play.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 11 Aug 2023 21:13:04 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT, PATCH
content-type
application/json
access-control-allow-origin
https://coffee2play.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
7f537afd6f464133-LHR
collect
www.google-analytics.com/j/
16 B
222 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=531610336&t=pageview&_s=1&dl=https%3A%2F%2Fcoffee2play.com%2F%3Fs%3D60%26ref%3Dgg_w20473c27828l1038ggbp179_%26encoded_url%3DZXNwb3J0cw%3D%3D&ul=en-us&de=UTF-8&dt=GG.BET%20Loading...&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=511021271&gjid=1657571525&cid=189795133.1691788385&tid=UA-156256613-1&_gid=1690329819.1691788385&_r=1&_slc=1&gtm=45He3890n815RMQ4SV&z=1413486246
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3220a4fa947ed3905b76507c4a595ec88b2c96ae80958c63887fcf69e404fdae
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://coffee2play.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 11 Aug 2023 21:13:05 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://coffee2play.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
132 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=531610336&t=timing&_s=2&dl=https%3A%2F%2Fcoffee2play.com%2F%3Fs%3D60%26ref%3Dgg_w20473c27828l1038ggbp179_%26encoded_url%3DZXNwb3J0cw%3D%3D&ul=en-us&de=UTF-8&dt=GG.BET%20Loading...&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=1053&pdt=1&dns=9&rrt=265&srt=71&tcp=69&dit=440&clt=440&_gst=894&_gbt=1044&_u=YEBAAAABAAAAAC~&jid=&gjid=&cid=189795133.1691788385&tid=UA-156256613-1&_gid=1690329819.1691788385&gtm=45He3890n815RMQ4SV&z=1377462184
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://coffee2play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Aug 2023 23:26:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
78408
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
1 B
346 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-156256613-1&cid=189795133.1691788385&jid=511021271&gjid=1657571525&_gid=1690329819.1691788385&_u=YEBAAAAAAAAAAC~&z=582165436
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://coffee2play.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 11 Aug 2023 21:13:05 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://coffee2play.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/
231 KB
81 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-C20DZ2NS21&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bb2e9574dd9773b4846407b0eee43044672b970584825ae32eb3690a0dbdd339
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://coffee2play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 21:13:05 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
82491
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 11 Aug 2023 21:13:05 GMT
collect
region1.google-analytics.com/g/
0
254 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-C20DZ2NS21&gtm=45je3890&_p=531610336&ul=en-us&sr=1600x1200&cid=189795133.1691788385&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fcoffee2play.com%2F%3Fs%3D60%26ref%3Dgg_w20473c27828l1038ggbp179_%26encoded_url%3DZXNwb3J0cw%3D%3D&dt=GG.BET%20Loading...&sid=1691788385&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C20DZ2NS21&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://coffee2play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Aug 2023 21:13:05 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://coffee2play.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
update_statistic.php
coffee2play.com/
0
482 B
XHR
General
Full URL
https://coffee2play.com/update_statistic.php?wpSiteId=60&ref=gg_w20473c27828l1038ggbp179_&visitorId=64d6a4601a46cf64f400ab7f&ping_results[3932]=0&ping_results[3933]=0&ping_results[4294]=0
Requested by
Host: coffee2play.com
URL: https://coffee2play.com/?s=60&ref=gg_w20473c27828l1038ggbp179_&encoded_url=ZXNwb3J0cw==
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:a32f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains;
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://coffee2play.com/?s=60&ref=gg_w20473c27828l1038ggbp179_&encoded_url=ZXNwb3J0cw==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 21:13:07 GMT
strict-transport-security
max-age=300; includeSubDomains;
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DiYH1XwUaGyX%2BscFeD%2BDdIAax1UlfV2gw7C%2Ftx%2FsxiYsYqziQhskOUP31QWqHMx3j3dgaJ7efSY%2BCi4HANYwhQjg0s59z3pGV5QFmL8WTYThpsrmc4YVC9jM8DUa5UkwUPSjipbsf4yq4SkgF9Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
7f537b0d1ab58892-LHR
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
Primary Request esports
gg.bet/
Redirect Chain
  • https://coffee2play.com/away.php?visitorId=64d6a4601a46cf64f400ab7f&duration=3&reason=blind&to=aHR0cHM6Ly9nZy5iZXQvZXNwb3J0cz9yZWY9Z2dfdzIwNDczYzI3ODI4bDEwMzhnZ2JwMTc5XyZhZmZkYXRhJTVCc3ViZGF0YSU1RD...
  • https://gg.bet/esports?ref=gg_w20473c27828l1038ggbp179_&affdata%5Bsubdata%5D=80298175bf51671a6accb67886b853f3&affdata%5Bgeo%5D=gb&affdata%5Brotator%5D=27828&affdata%5Blanding%5D=1038
7 KB
4 KB
Document
General
Full URL
https://gg.bet/esports?ref=gg_w20473c27828l1038ggbp179_&affdata%5Bsubdata%5D=80298175bf51671a6accb67886b853f3&affdata%5Bgeo%5D=gb&affdata%5Brotator%5D=27828&affdata%5Blanding%5D=1038
Requested by
Host: coffee2play.com
URL: https://coffee2play.com/?s=60&ref=gg_w20473c27828l1038ggbp179_&encoded_url=ZXNwb3J0cw==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:180:4a1:2cac:8e76:43ad:29a3:e828 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
53d93a3dba9fedad50dde043d36238e2b022160b1b10c78af57927dce483885b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://coffee2play.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-chl-bypass
1
cf-mitigated
challenge
cf-ray
7f537b0feb7add1f-LHR
content-encoding
gzip
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Fri, 11 Aug 2023 21:13:07 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7f537b0f9f4a8892-LHR
content-type
text/html; charset=UTF-8
date
Fri, 11 Aug 2023 21:13:07 GMT
location
https://gg.bet/esports?ref=gg_w20473c27828l1038ggbp179_&affdata%5Bsubdata%5D=80298175bf51671a6accb67886b853f3&affdata%5Bgeo%5D=gb&affdata%5Brotator%5D=27828&affdata%5Blanding%5D=1038
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x0613wlfXP8%2BYtjzvCEtx44ASzPcEuKVfWb5iBA8LcvhgFzCYpUHDjZccQz0oacdLFX0ymwsJ%2BX0c6Hjt1H6WC2WBYssdsu1WknLcJTGuaJ2CJZWvPRAzbXYa%2BaM%2BIlfM4dOjblZQxlOtvhDxN0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=300; includeSubDomains;
x-xss-protection
1; mode=block
challenges.css
gg.bet/cdn-cgi/styles/
6 KB
3 KB
Stylesheet
General
Full URL
https://gg.bet/cdn-cgi/styles/challenges.css
Requested by
Host: gg.bet
URL: https://gg.bet/esports?ref=gg_w20473c27828l1038ggbp179_&affdata%5Bsubdata%5D=80298175bf51671a6accb67886b853f3&affdata%5Bgeo%5D=gb&affdata%5Brotator%5D=27828&affdata%5Blanding%5D=1038
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a07:180:4a1:2cac:8e76:43ad:29a3:e828 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://gg.bet/esports?ref=gg_w20473c27828l1038ggbp179_&affdata%5Bsubdata%5D=80298175bf51671a6accb67886b853f3&affdata%5Bgeo%5D=gb&affdata%5Brotator%5D=27828&affdata%5Blanding%5D=1038
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 21:13:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 07 Aug 2023 18:20:33 GMT
server
cloudflare
etag
W/"64d135f1-19c8"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=7200, public
cf-ray
7f537b104ec97761-LHR
expires
Fri, 11 Aug 2023 23:13:07 GMT
v1
gg.bet/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/
165 KB
55 KB
Script
General
Full URL
https://gg.bet/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=7f537b0feb7add1f
Requested by
Host: gg.bet
URL: https://gg.bet/esports?ref=gg_w20473c27828l1038ggbp179_&affdata%5Bsubdata%5D=80298175bf51671a6accb67886b853f3&affdata%5Bgeo%5D=gb&affdata%5Brotator%5D=27828&affdata%5Blanding%5D=1038
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a07:180:4a1:2cac:8e76:43ad:29a3:e828 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e739e85a7c2fbf3b4b6f12e86ec4ec0ae7183e33719b7e8e716aef3c4f8e5a23

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://gg.bet/esports?ref=gg_w20473c27828l1038ggbp179_&affdata%5Bsubdata%5D=80298175bf51671a6accb67886b853f3&affdata%5Bgeo%5D=gb&affdata%5Brotator%5D=27828&affdata%5Blanding%5D=1038&__cf_chl_rt_tk=3xT2okez6bFcp4cRkT2.GJ_phs4ktNOAKGQNETWifeU-1691788387-0-gaNycGzNC7s
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 21:13:07 GMT
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
gzip
server
cloudflare
cf-ray
7f537b107f237761-LHR
alt-svc
h3=":443"; ma=86400
content-type
application/javascript; charset=UTF-8
api.js
challenges.cloudflare.com/turnstile/v0/b/7186c00a/
27 KB
10 KB
Script
General
Full URL
https://challenges.cloudflare.com/turnstile/v0/b/7186c00a/api.js?onload=zE2&render=explicit
Requested by
Host: gg.bet
URL: https://gg.bet/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=7f537b0feb7add1f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27cf9c50f0d7817a79937d0115486db7debe659260a7a3b584a172cc0908d8b2

Request headers

Referer
Origin
https://gg.bet
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 21:13:08 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
7f537b11ab7206e5-LHR
alt-svc
h3=":443"; ma=86400
favicon.ico
gg.bet/
2 KB
2 KB
Image
General
Full URL
https://gg.bet/favicon.ico
Requested by
Host: gg.bet
URL: https://gg.bet/esports?ref=gg_w20473c27828l1038ggbp179_&affdata%5Bsubdata%5D=80298175bf51671a6accb67886b853f3&affdata%5Bgeo%5D=gb&affdata%5Brotator%5D=27828&affdata%5Blanding%5D=1038
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a07:180:4a1:2cac:8e76:43ad:29a3:e828 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e243a56fe5d553e4ccf34d0c1d7d8e80a4db8329620fa7b3b9d37551cdbfb8af
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://gg.bet/esports?ref=gg_w20473c27828l1038ggbp179_&affdata%5Bsubdata%5D=80298175bf51671a6accb67886b853f3&affdata%5Bgeo%5D=gb&affdata%5Brotator%5D=27828&affdata%5Blanding%5D=1038
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 21:13:08 GMT
content-encoding
gzip
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=86400
referrer-policy
same-origin
server
cloudflare
cross-origin-opener-policy
same-origin
cf-mitigated
challenge
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
origin-agent-cluster
?1
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cf-ray
7f537b1148917761-LHR
cf-chl-bypass
1
expires
Thu, 01 Jan 1970 00:00:01 GMT
truncated
/
586 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/png
13a2f714-7404-4ac8-8009-511f56fd77d8
https://gg.bet/
13 B
0
Other
General
Full URL
blob:https://gg.bet/13a2f714-7404-4ac8-8009-511f56fd77d8
Requested by
Host: gg.bet
URL: https://gg.bet/esports?ref=gg_w20473c27828l1038ggbp179_&affdata%5Bsubdata%5D=80298175bf51671a6accb67886b853f3&affdata%5Bgeo%5D=gb&affdata%5Brotator%5D=27828&affdata%5Blanding%5D=1038
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://gg.bet/esports?ref=gg_w20473c27828l1038ggbp179_&affdata%5Bsubdata%5D=80298175bf51671a6accb67886b853f3&affdata%5Bgeo%5D=gb&affdata%5Brotator%5D=27828&affdata%5Blanding%5D=1038
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Length
13
Content-Type
text/javascript
8a36a8de9f948d7
gg.bet/cdn-cgi/challenge-platform/h/b/flow/ov1/1474653369:1691784477:77cD88BC1W9sZhKaSdHxVxJ1gVQJsQNecvi4aq-f3Jo/7f537b0feb7add1f/
10 KB
7 KB
XHR
General
Full URL
https://gg.bet/cdn-cgi/challenge-platform/h/b/flow/ov1/1474653369:1691784477:77cD88BC1W9sZhKaSdHxVxJ1gVQJsQNecvi4aq-f3Jo/7f537b0feb7add1f/8a36a8de9f948d7
Requested by
Host: gg.bet
URL: https://gg.bet/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=7f537b0feb7add1f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a07:180:4a1:2cac:8e76:43ad:29a3:e828 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdb43dff8ffefd3022188e044d22f753873e280223890c47e4c8922fd4b623a8

Request headers

Referer
https://gg.bet/esports?ref=gg_w20473c27828l1038ggbp179_&affdata%5Bsubdata%5D=80298175bf51671a6accb67886b853f3&affdata%5Bgeo%5D=gb&affdata%5Brotator%5D=27828&affdata%5Blanding%5D=1038
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
CF-Challenge
8a36a8de9f948d7
Content-type
application/x-www-form-urlencoded

Response headers

cf-chl-gen
Glz9pE40HseEzh7jC6GL0xy/iN2vx+3gP8UczWBBPoSmvgpZUhV8PYA13BbJuUuW$sPAiS6e5CPAV9pEEeeUW3g==
date
Fri, 11 Aug 2023 21:13:08 GMT
content-encoding
gzip
server
cloudflare
cf-ray
7f537b11fa087761-LHR
alt-svc
h3=":443"; ma=86400
content-type
text/plain; charset=UTF-8
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/kzucw/0x4AAAAAAAAjq6WYeRDKmebM/light/ Frame 6D40
0
0
Document
General
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/kzucw/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/b/7186c00a/api.js?onload=zE2&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
7f537b12b89906d9-LHR
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Fri, 11 Aug 2023 21:13:08 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
8a36a8de9f948d7
gg.bet/cdn-cgi/challenge-platform/h/b/flow/ov1/1474653369:1691784477:77cD88BC1W9sZhKaSdHxVxJ1gVQJsQNecvi4aq-f3Jo/7f537b0feb7add1f/
2 KB
2 KB
XHR
General
Full URL
https://gg.bet/cdn-cgi/challenge-platform/h/b/flow/ov1/1474653369:1691784477:77cD88BC1W9sZhKaSdHxVxJ1gVQJsQNecvi4aq-f3Jo/7f537b0feb7add1f/8a36a8de9f948d7
Requested by
Host: gg.bet
URL: https://gg.bet/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=7f537b0feb7add1f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a07:180:4a1:2cac:8e76:43ad:29a3:e828 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
75c2c1c413af6a0970d38aa47b92fbd3f613e6ca2534fed2bd69f28448c4cb2d

Request headers

Referer
https://gg.bet/esports?ref=gg_w20473c27828l1038ggbp179_&affdata%5Bsubdata%5D=80298175bf51671a6accb67886b853f3&affdata%5Bgeo%5D=gb&affdata%5Brotator%5D=27828&affdata%5Blanding%5D=1038
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
CF-Challenge
8a36a8de9f948d7
Content-type
application/x-www-form-urlencoded

Response headers

cf-chl-out
Phe29WRIXWdrKintRd+afyBjH5PCHbRaWmUeDQSdGHcv7rYK/WCmYFyYzWqn66cjRIcfCWiuy+/ww09CIBKQ29I7okksy/KyEh47Uwm9yTU=$wcSS9GOUxFMMZ3LbM1wxFw==
cf-chl-out-s
OCy324U1pHBQm0oWOnx2arv5/q5875WIdNFLeMhQ46BG01g6z36GvHb3A3VsNT3vEK0rDV/rq6+djGrFjDTI6xmnV6qbjVQfSJSD5zyAKkna9YAtaLV2Y+WhmL9YNDzux/AF2a/VgUZ9dLAwYR7EW6cQ8p7bwtU98Dbx7nWSWc0APluLgh9VQijR39bG1pK9$cXcPz4chky/I0jQvnSlKZw==
date
Fri, 11 Aug 2023 21:13:08 GMT
content-encoding
gzip
server
cloudflare
content-type
text/html; charset=UTF-8
cf-ray
7f537b14ff8f7761-LHR
alt-svc
h3=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
gbett1.net
URL
https://gbett1.net/blank.gif?1691788384364
Domain
ggbets1.net
URL
https://ggbets1.net/blank.gif?1691788384364
Domain
gg.bet
URL
https://gg.bet/blank.gif?1691788384364

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| _cf_chl_opt function| qrlPxtxRzK function| JYZask7 function| ns7 function| MeVM1 function| ML8 object| WsG9 function| zE2 boolean| izk5 function| BrlrPo2 object| OEru7 object| turnstile boolean| rfLBs0 string| tNxrK7

11 Cookies

Domain/Path Name / Value
coffee2play.com/ Name: visitca13d75b95fad69effaf2984081eb0a3
Value: 1
.gbett1.net/ Name: __cf_bm
Value: 7iTc7uN.VwmMKoFABxGpJdQD4brT_WpksG5WbKLbl7Q-1691788384-0-ATTWb+lII5O6zy0dMvYm0uYqM5qsgBUeR2K5dOC+ZqXj4psTQikamjMqFvO7nOUbZJ43WWFEVExN5ev3UixjxJY=
.ggbets1.net/ Name: __cf_bm
Value: 0YTuxunbPF4.O_Jm4CkuXJfGmz.BZKWbgxTDtj7TJdY-1691788384-0-AeEoNGZ7+H0PxGwKZc/L5b5+XSbvFKII30WFoYZ74A5STtj5TJSnsR6lma+qdoWsurzom1HSb0Uh6C6oFHs+XGs=
.gg.bet/ Name: __cf_bm
Value: PDFMaj4kElJVF.y9_QsRByMdZG7qQe_B2U4oQTiRq70-1691788384-0-AfU5R4C8pcPpdovOLMxjR3RphONjpfD/E10k18Ti+lXFuU4gLF3M9Imt++aFRanyCgada5QxM8NN2NFcNV7Vxzo=
.sat.ugabartint.net/ Name: __cf_bm
Value: eHGZdl9fRGT5Ut0J5tzqKY_DMb9lTfxdnegpBnB3ENg-1691788384-0-AfO/fgtcIqaHp1iVcXTQhu8+j925piBihhx/yr8OyuMD8TSDfSNHoaC9RtbA6cvqxa3/td54kTh0XU7b/sk9iHI=
.crwds.net/ Name: _7jt1oxhp4z
Value: eyJpdiI6InhTdHZSV1ljeTZ3ekYxVkh4TEtYUmc9PSIsInZhbHVlIjoibVlXb1ZwYitib2gyTWdJaytJRTJRbkF1cHgxaDhVa1JYQU0ybUxveGVIaHlGMVZuZU9SRGdVN2YzUlc1aThEKzNibEp3RDU2VTVwOXhiNzZvK1Vyd29TVTlzUU5LdzBBOVIrYTVYOFpjVjA9IiwibWFjIjoiOWNiNTIwYTE5Y2Y3NzNmNmNkNzFjY2YwZGRhNTViNTc4Zjc4MTFkZmRiNGVjMmNjM2Q2YWMzNzk5MDJiZjI3MCIsInRhZyI6IiJ9
.sat.crwds.net/ Name: __cf_bm
Value: ERpKHbjMScYNoT.KdNK1gcgl4oBG1yLYzIWl48lgrl4-1691788384-0-ActPbCxYZtrmH5m1lEN+IXw3awUAtLLKh51LbzHCQadL9B+TgXO7d5UcwLgwa0eHbl7EZET/ip7EHHj7OuY0Rmo=
.coffee2play.com/ Name: _ga
Value: GA1.2.189795133.1691788385
.coffee2play.com/ Name: _gid
Value: GA1.2.1690329819.1691788385
.coffee2play.com/ Name: _gat_UA-156256613-1
Value: 1
.coffee2play.com/ Name: _ga_C20DZ2NS21
Value: GS1.2.1691788385.1.0.1691788385.0.0.0

7 Console Messages

Source Level URL
Text
network error URL: https://gbett1.net/blank.gif?1691788384364
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://ggbets1.net/blank.gif?1691788384364
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://gg.bet/blank.gif?1691788384364
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
other warning URL: https://sat.ugabartint.net/gnt908wk0bl6xyll5bj94zafs74gwo53/script.min.js?sub_1=gg_w20473c27828l1038ggbp179_&visitorId=64d6a4601a46cf64f400ab7f
Message:
The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://gg.bet/esports?ref=gg_w20473c27828l1038ggbp179_&affdata%5Bsubdata%5D=80298175bf51671a6accb67886b853f3&affdata%5Bgeo%5D=gb&affdata%5Brotator%5D=27828&affdata%5Blanding%5D=1038
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://gg.bet/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=300; includeSubDomains;
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.exoclick.com
challenges.cloudflare.com
coffee2play.com
gbett1.net
gg.bet
ggbetpromo.com
ggbets1.net
p.ugabartint.net
region1.google-analytics.com
sat.crwds.net
sat.ugabartint.net
stats.g.doubleclick.net
www.google-analytics.com
www.googletagmanager.com
www.rocketleaguebetting.com
gbett1.net
gg.bet
ggbets1.net
2001:4860:4802:34::36
2001:4de0:ac19::1:b:3a
23.109.27.100
2606:4700:3030::ac43:a32f
2606:4700:3036::ac43:b6fc
2606:4700::6811:3b8
2a00:1450:4001:810::200e
2a00:1450:4001:828::2008
2a00:1450:400c:c0c::9d
2a05:7880:328:c667:efff:fa09:4c24:22f
2a05:7880:5:dc5f:dd96:272:e748:138a
2a07:180:4a1:2cac:8e76:43ad:29a3:e828
94.136.40.82
1432f3b76ed0604fb73b05bd8bc13442da0acf590c624c73b7fe66b189bb1d71
27cf9c50f0d7817a79937d0115486db7debe659260a7a3b584a172cc0908d8b2
2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2
3220a4fa947ed3905b76507c4a595ec88b2c96ae80958c63887fcf69e404fdae
53d93a3dba9fedad50dde043d36238e2b022160b1b10c78af57927dce483885b
587fa9763e3d74ded3b64a843905f5541690582aad4976207e03743a7fb5f70e
5a43f7d49d8172f43b8439aaafd5488b37b59033aeb556d601f3d99588565735
6a008be34474b15708bb82a3841c7cf42b0b08c9432ad8aaf3ea9242ea1b1499
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
75c2c1c413af6a0970d38aa47b92fbd3f613e6ca2534fed2bd69f28448c4cb2d
7de2f50acda08aac02553ce9b5a02eddbb9cc2ad64aa067f9537c0131664a509
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04
bb2e9574dd9773b4846407b0eee43044672b970584825ae32eb3690a0dbdd339
bdb43dff8ffefd3022188e044d22f753873e280223890c47e4c8922fd4b623a8
cd21f8b1e1c7e57310678f7a68da26bc8a8989774ffe9ae9bbc82e64d6532766
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e243a56fe5d553e4ccf34d0c1d7d8e80a4db8329620fa7b3b9d37551cdbfb8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e739e85a7c2fbf3b4b6f12e86ec4ec0ae7183e33719b7e8e716aef3c4f8e5a23
fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa