Report - mvasdigitalmarketing.com/panel/smartlink?zid=665&ops=1&click

Report Overview

Visited public
2025-04-06 03:10:14
Tags
URL
mvasdigitalmarketing.com/panel/smartlink?zid=665&ops=1&click_id=c1555c3acb684819a7d7cfc394690dd7
Finishing URL
dz-oo.battleplusliveonline.com/battleplusdz.08.games.pin.html?r2.tx=eb798ca3-dda0-4ecc-ad4e-97e4625ac87c&utm_source=218-224&utm_campaign=hand&sw=Bm1KTesAAAGWCRN6igAAAFwAAADaAAAAAAAAAAB6AAAAAuY&he_done=true&mx=
IP / ASN
159.89.163.174
#14061 DIGITALOCEAN-ASN
Title
BattlePlus Algeria

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
dz-oo.battleplusliveonline.com	unknown	2022-09-13	2025-02-23	2025-03-24	6.6 kB	312 kB	54.240.174.60
ws.dcbprotect.com	384391	2017-09-27	2021-09-01	2025-03-28	614 B	252 B	54.73.24.130
www.googletagmanager.com	75	2011-11-11	2012-10-04	2025-04-02	1.1 kB	663 kB	142.250.74.136
unpkg.com	11693	2016-01-06	2016-01-07	2025-04-02	437 B	125 kB	104.17.248.203
mvasdigitalmarketing.com	unknown	2024-11-06	2024-11-07	2025-04-03	564 B	600 B	159.89.163.174
fonts.gstatic.com	unknown	2008-02-11	2014-04-02	2025-04-02	1.7 kB	87 kB	142.250.74.35
fonts.googleapis.com	8877	2005-01-25	2012-05-23	2025-04-02	505 B	14 kB	142.250.74.10
notify.dcbprotect.com	112896	2017-09-27	2018-06-06	2025-04-05	589 B	258 B	54.75.211.52
track.sparklemob.com	920714	2016-03-14	2016-04-08	2025-04-05	458 B	906 B	43.158.121.234
digi.smartstalk.com	unknown	2018-09-26	2018-12-23	2025-04-05	557 B	267 B	139.84.167.179
cdnjs.cloudflare.com	235	2009-02-17	2012-05-23	2025-04-02	480 B	59 kB	104.17.25.14
ooredoo-alg.telenity.com	unknown	2000-12-15	2024-05-29	2025-04-06	1.0 kB	294 kB	16.171.98.10
trckmobile.trckswrm.com	unknown	2020-11-16	2023-09-04	2025-03-22	578 B	363 B	168.119.211.149

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2025-04-06 03:09:59	low	Client IP	74.125.250.129	ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)
2025-04-06 03:09:59	low	Client IP	74.125.250.129	ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (7)

	URL	From	Size	First Seen	Last Seen
	dz-oo.battleplusliveonline.com/battleplusdz.08.games.pin.html?r2.tx=eb798ca3-dda0-4ecc-ad4e-97e4625ac87c&utm_source=218-224&utm_campaign=hand&sw=Bm1KTesAAAGWCRN6igAAAFwAAADaAAAAAAAAAAB6AAAAAuY&he_done=true&mx=	ScriptElement	358 B	2025-02-23	2025-05-28
Pretty URL dz-oo.battleplusliveonline.com/battleplusdz.08.games.pin.html?r2.tx=eb798ca3-dda0-4ecc-ad4e-97e4625ac87c&utm_source=218-224&utm_campaign=hand&sw=Bm1KTesAAAGWCRN6igAAAFwAAADaAAAAAAAAAAB6AAAAAuY&he_done=true&mx= IP 54.240.174.60 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2025-02-23 07:59 Last Seen2025-05-28 00:35 Times Seen55 Hash 4e2df2324dad178b545161497a2481c7 fb5973d017093fe52662880d2998425e005fe257 c58ed992bd1c2b66e529fd99d995afd2b0ccb2d670a8d3bc5446108eb98246a1 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-NLX8RRTB	ScriptElement	288 kB	2025-04-06	2025-04-06
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-NLX8RRTB IP 142.250.74.136 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-06 03:10 Last Seen2025-04-06 03:10 Times Seen1 Hash 552befd19c502977450f7bd3e374d4dd 08a47dbccb5f2c11a88126aa29585ff2a45446d1 49b9cdf4f7673afb5bdfdae4df8aba3ac2beea1215ff22261f5a46f36f5701ad Loading...

	www.googletagmanager.com/gtag/js?id=G-B46VFQJ05M&l=dataLayer&cx=c&gtm=45He5421v9202480111za200&tag_exp=102015666~102509682~102788824~102803279~102813109~102887800~102926062~102975949~103016951~103021830~103027016	ScriptElement	373 kB	2025-04-06	2025-04-06
Pretty URL www.googletagmanager.com/gtag/js?id=G-B46VFQJ05M&l=dataLayer&cx=c&gtm=45He5421v9202480111za200&tag_exp=102015666~102509682~102788824~102803279~102813109~102887800~102926062~102975949~103016951~103021830~103027016 IP 142.250.74.136 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-06 03:10 Last Seen2025-04-06 03:10 Times Seen1 Hash dba86444c573a1846035a2e27bd9da6c 0495b91b626bd4195993968086ae5f8dd522040f f23382b432f1d7664e059fa082c5b64a96a509f1208f105d161c154dccd11e15 Loading...

	dz-oo.battleplusliveonline.com/battleplusdz.08.games.pin.html?r2.tx=eb798ca3-dda0-4ecc-ad4e-97e4625ac87c&utm_source=218-224&utm_campaign=hand&sw=Bm1KTesAAAGWCRN6igAAAFwAAADaAAAAAAAAAAB6AAAAAuY&he_done=true&mx=	ScriptElement	130 kB	2025-04-06	2025-04-06
Pretty URL dz-oo.battleplusliveonline.com/battleplusdz.08.games.pin.html?r2.tx=eb798ca3-dda0-4ecc-ad4e-97e4625ac87c&utm_source=218-224&utm_campaign=hand&sw=Bm1KTesAAAGWCRN6igAAAFwAAADaAAAAAAAAAAB6AAAAAuY&he_done=true&mx= IP 54.240.174.60 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2025-04-06 03:10 Last Seen2025-04-06 03:10 Times Seen1 Hash a521f0ee586b783899da09e86b3c2c14 81f7d837be423d391a5d9ad518f3f3a7ab4724fe ec038fa7a92dbe9a68ac1be948538fc8e148febec3c62d41f60428e237a23c8c Loading...

	dz-oo.battleplusliveonline.com/battleplusdz.08.games.pin.html?r2.tx=eb798ca3-dda0-4ecc-ad4e-97e4625ac87c&utm_source=218-224&utm_campaign=hand&sw=Bm1KTesAAAGWCRN6igAAAFwAAADaAAAAAAAAAAB6AAAAAuY&he_done=true&mx=	ScriptElement	6.5 kB	2025-04-06	2025-04-06
Pretty URL dz-oo.battleplusliveonline.com/battleplusdz.08.games.pin.html?r2.tx=eb798ca3-dda0-4ecc-ad4e-97e4625ac87c&utm_source=218-224&utm_campaign=hand&sw=Bm1KTesAAAGWCRN6igAAAFwAAADaAAAAAAAAAAB6AAAAAuY&he_done=true&mx= IP 54.240.174.60 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2025-04-06 03:10 Last Seen2025-04-06 03:10 Times Seen1 Hash 550d3a0da1d75456b0b0cd6c1226f87a 6974eb5d65f12f9ed553649c8ac8f2fbd619e10f 4360f0c0c5961c124d3fa1e0827c72a70c3c8238a4488af99e4a3bb675594bfe Loading...

	dz-oo.battleplusliveonline.com/js/page.cookies.js	ScriptElement	16 kB	2025-02-23	2025-05-28
Pretty URL dz-oo.battleplusliveonline.com/js/page.cookies.js IP 54.240.174.60 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2025-02-23 07:59 Last Seen2025-05-28 00:35 Times Seen55 Hash 3072e2d4fa1abfc348120d825ff63dd0 9dd2de5af733f421a06480b7fa9a3899908a2e8a ab0cccf81213651243f8d54129f3f0a01ba91dfaf3abc90db25b339a8b43a071 Loading...

	unpkg.com/imask@7.6.1/dist/imask.js	ScriptElement	124 kB	2024-05-23	2025-05-28
Pretty URL unpkg.com/imask@7.6.1/dist/imask.js IP 104.17.248.203 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-23 23:10 Last Seen2025-05-28 00:35 Times Seen175 Hash 2c87e2f35ea8ab00ea8158b106549788 154cf5157119e081354560fe6d4cae04174c75e5 90b57afbd3c669438d15eb8b3e65cdea42685ca6d1beed64e781f1f99fca5492 Loading...

HTTP Transactions (27)

	URL	IP	Response	Size
	track.sparklemob.com/tl?a=224&o=21602&s2=A11311134202504060839539MIUkGgyHD	43.158.121.234	302 Found	0 B
URL User Request GET track.sparklemob.com/tl?a=224&o=21602&s2=A11311134202504060839539MIUkGgyHD IP 43.158.121.234:80 ASN #132203 Tencent Building, Kejizhongyi Avenue File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /tl?a=224&o=21602&s2=A11311134202504060839539MIUkGgyHD HTTP/1.1 Host: track.sparklemob.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 302 Found Date: Sun, 06 Apr 2025 03:09:53 GMT Content-Type: text/html; charset=utf-8 Content-Length: 299 Connection: keep-alive Server: nginx Location: https://trckmobile.trckswrm.com/click?offer_id=92&pub_id=218&pub_sub_id=224&pub_click_id=029125B5A2A9A1743908993520896 Cache-Control: no-cache, no-store, must-revalidate Expires: Sun, 06 Nov 1994 08:49:37 GMT P3P: CP="NOI CUR OUR NOR INT" Pragma: no-cache X-Robots-Tag: noindex, nofollow set-cookie: tid_21602=029125B5A2A9A1743908993520896; Max-Age=1209600; Expires=Sun, 20 Apr 2025 03:09:53 GMT; Path=/; SameSite=None track_flag_2912=503; Max-Age=86400; Expires=Mon, 7 Apr 2025 03:09:53 GMT; Path=/; SameSite=None tid_21602=029125B5A2A9A1743908993520896; Max-Age=1209600; Expires=Sun, 20 Apr 2025 03:09:53 GMT; Path=/; SameSite=None track_flag_2912=503; Max-Age=86400; Expires=Mon, 7 Apr 2025 03:09:53 GMT; Path=/; SameSite=None

	dz-oo.battleplusliveonline.com/templates/generic/images/logo.png	54.240.174.60	200 OK	3.4 kB
URL GET dz-oo.battleplusliveonline.com/templates/generic/images/logo.png IP 54.240.174.60:80 ASN #16509 AMAZON-02 Requested by http://dz-oo.battleplusliveonline.com/battleplusdz.08.games.pin.html?r2.tx=eb798ca3-dda0-4ecc-ad4e-97e4625ac87c&utm_source=218-224&utm_campaign=hand&sw=Bm1KTesAAAGWCRN6igAAAFwAAADaAAAAAAAAAAB6AAAAAuY&he_done=true&mx= File type PNG image data, 194 x 36, 8-bit/color RGBA, non-interlaced Size 3.4 kB (3383 bytes) Hash da5297c66a9fd9358af51a371cd1c38c f7e7888ee4089e145bf4c0e60e34594f2eaad2f3 9f8cf16b7f9c9fd1d4f49100433118b5d783eaba37ae7c2af4814757b8a5ecb8 HTTP Headers GET /templates/generic/images/logo.png HTTP/1.1 Host: dz-oo.battleplusliveonline.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://dz-oo.battleplusliveonline.com/battleplusdz.08.games.pin.html?r2.tx=eb798ca3-dda0-4ecc-ad4e-97e4625ac87c&utm_source=218-224&utm_campaign=hand&sw=Bm1KTesAAAGWCRN6igAAAFwAAADaAAAAAAAAAAB6AAAAAuY&he_done=true&mx= DNT: 1 Connection: keep-alive Cookie: r2.client_id=0413dc93-a9be-432a-b633-86ed595f5824 Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Content-Type: image/png Content-Length: 3383 Connection: keep-alive Date: Sat, 05 Apr 2025 09:42:15 GMT Last-Modified: Mon, 31 Mar 2025 08:31:04 GMT ETag: "da5297c66a9fd9358af51a371cd1c38c" x-amz-server-side-encryption: AES256 Accept-Ranges: bytes Server: AmazonS3 X-Cache: Hit from cloudfront Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: ZW90j4G_j5KDDfhI7yhuyIWGYkxsgAOWdGWQBVduTi0eO34gPD5BfA== Age: 62863`

	wss://ws.dcbprotect.com:8080/	54.73.24.130	101 Switching Protocols	0 B
URL GET wss://ws.dcbprotect.com:8080/ IP 54.73.24.130:8080 ASN #16509 AMAZON-02 Requested by http://dz-oo.battleplusliveonline.com/battleplusdz.08.games.pin.html?r2.tx=eb798ca3-dda0-4ecc-ad4e-97e4625ac87c&utm_source=218-224&utm_campaign=hand&sw=Bm1KTesAAAGWCRN6igAAAFwAAADaAAAAAAAAAAB6AAAAAuY&he_done=true&mx= Certificate IssuerAmazon Subject.dcbprotect.com FingerprintBD:E8:D4:76:C9:48:51:5A:DA:83:97:AF:BC:4D:36:03:36:29:53:10 ValidityFri, 01 Nov 2024 00:00:00 GMT - Sat, 29 Nov 2025 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET / HTTP/1.1 Host: ws.dcbprotect.com:8080 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: http://dz-oo.battleplusliveonline.com Sec-WebSocket-Protocol: echo-protocol Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: uGpGSxTfFc1N++YjPauIuw== DNT: 1 Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols upgrade: websocket connection: Upgrade sec-websocket-accept: ni2hD86rMDqmB3L0cghP9qCTJqA= sec-websocket-protocol: echo-protocol origin: http://dz-oo.battleplusliveonline.com date: Sun, 06 Apr 2025 03:09:58 GMT`

	dz-oo.battleplusliveonline.com/templates/generic/fonts/supply/supply-regular-webfont.woff2	54.240.174.60	200 OK	13 kB
URL GET dz-oo.battleplusliveonline.com/templates/generic/fonts/supply/supply-regular-webfont.woff2 IP 54.240.174.60:80 ASN #16509 AMAZON-02 Requested by http://dz-oo.battleplusliveonline.com/battleplusdz.08.games.pin.html?r2.tx=eb798ca3-dda0-4ecc-ad4e-97e4625ac87c&utm_source=218-224&utm_campaign=hand&sw=Bm1KTesAAAGWCRN6igAAAFwAAADaAAAAAAAAAAB6AAAAAuY&he_done=true&mx= File type Web Open Font Format (Version 2), TrueType, length 12824, version 1.0 Size 13 kB (12824 bytes) Hash 191d11eec953379af417ca537e597eb0 879976c48a560dc9ec7ea51f71eaf9d3d23e665f 0f4833a6e71838f97ea2f983572cb72e4ebcf5211e7a18ae89b775e64316686e HTTP Headers GET /templates/generic/fonts/supply/supply-regular-webfont.woff2 HTTP/1.1 Host: dz-oo.battleplusliveonline.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity DNT: 1 Connection: keep-alive Referer: http://dz-oo.battleplusliveonline.com/templates/generic/css/generic.css Cookie: r2.client_id=0413dc93-a9be-432a-b633-86ed595f5824 Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Content-Type: binary/octet-stream Content-Length: 12824 Connection: keep-alive Date: Sat, 05 Apr 2025 09:42:15 GMT Last-Modified: Mon, 31 Mar 2025 08:30:44 GMT ETag: "191d11eec953379af417ca537e597eb0" x-amz-server-side-encryption: AES256 Accept-Ranges: bytes Server: AmazonS3 X-Cache: Hit from cloudfront Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: IYHra6nHGsCrS5vc_5L4DHe9yTOcel1uCluUfacJME3igd-DXgZhuw== Age: 62864`

	digi.smartstalk.com/redirect/redirect.aspx?offerid=11318&pid=330&sub1=665_913765796&sub2=	139.84.167.179	302 Found	0 B
URL User Request GET digi.smartstalk.com/redirect/redirect.aspx?offerid=11318&pid=330&sub1=665_913765796&sub2= IP 139.84.167.179:443 ASN #20473 AS-VULTR Certificate IssuerCertera Subject.smartstalk.com FingerprintFB:9E:CF:5B:BC:02:42:E9:CB:62:32:74:AA:E6:34:12:A3:BC:77:84 ValiditySun, 22 Sep 2024 00:00:00 GMT - Mon, 22 Sep 2025 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /redirect/redirect.aspx?offerid=11318&pid=330&sub1=665_913765796&sub2= HTTP/1.1 Host: digi.smartstalk.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 302 Found server: nginx date: Sun, 06 Apr 2025 03:09:53 GMT content-type: text/html; charset=UTF-8 transfer-encoding: chunked location: http://track.sparklemob.com/tl?a=224&o=21602&s2=A11311134202504060839539MIUkGgyHD access-control-allow-origin: `

	cdnjs.cloudflare.com/ajax/libs/animate.css/3.7.2/animate.min.css	104.17.25.14	200 OK	58 kB
URL GET cdnjs.cloudflare.com/ajax/libs/animate.css/3.7.2/animate.min.css IP 104.17.25.14:443 ASN #13335 CLOUDFLARENET Requested by http://dz-oo.battleplusliveonline.com/battleplusdz.08.games.pin.html?r2.tx=eb798ca3-dda0-4ecc-ad4e-97e4625ac87c&utm_source=218-224&utm_campaign=hand&sw=Bm1KTesAAAGWCRN6igAAAFwAAADaAAAAAAAAAAB6AAAAAuY&he_done=true&mx= Certificate IssuerGoogle Trust Services Subjectcdnjs.cloudflare.com Fingerprint5D:9B:5B:BE:24:B7:4B:CA:F3:05:47:2F:AB:3F:3C:F7:4E:C3:4D:BC ValidityMon, 24 Mar 2025 12:00:12 GMT - Sun, 22 Jun 2025 13:00:01 GMT File type ASCII text, with very long lines (57919) Size 58 kB (58129 bytes) Hash bc1a6a99c43f5ccc97d2d350bde13f74 29a6f54569c193ffd6116f03be3eb42359c60eb7 3c770e90f98eb21b0c042fafb49755af93306fbaf42e449524f94fae9fc83295 HTTP Headers `GET /ajax/libs/animate.css/3.7.2/animate.min.css HTTP/1.1 Host: cdnjs.cloudflare.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: http://dz-oo.battleplusliveonline.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Sun, 06 Apr 2025 03:09:57 GMT content-type: text/css; charset=utf-8 content-length: 3511 cf-ray: 92be16e17f5b56b5-OSL server: cloudflare access-control-allow-origin: * cache-control: public, max-age=30672000 content-encoding: br etag: "5eb03d2a-e311" last-modified: Mon, 04 May 2020 16:04:58 GMT cf-cdnjs-via: cfworker/kv cross-origin-resource-policy: cross-origin timing-allow-origin: * x-content-type-options: nosniff vary: Accept-Encoding cf-cache-status: HIT age: 106160 expires: Fri, 27 Mar 2026 03:09:57 GMT accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zJ%2FZHlLojibTvqOVck7vUeUt0siTTg3Mkph%2BNB26UnrZ0pTVub8K1IT3pXK2ZmA%2FNPzeJueYGu8XegbQbhBgSALzD3bWbOKatL1HHpYJZVnHjBCHJZ34AZClKm95R1QTBTThb8f8"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security: max-age=15780000 alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	dz-oo.battleplusliveonline.com/templates/generic/images/blur.png	54.240.174.60	200 OK	5.8 kB
URL GET dz-oo.battleplusliveonline.com/templates/generic/images/blur.png IP 54.240.174.60:80 ASN #16509 AMAZON-02 Requested by http://dz-oo.battleplusliveonline.com/battleplusdz.08.games.pin.html?r2.tx=eb798ca3-dda0-4ecc-ad4e-97e4625ac87c&utm_source=218-224&utm_campaign=hand&sw=Bm1KTesAAAGWCRN6igAAAFwAAADaAAAAAAAAAAB6AAAAAuY&he_done=true&mx= File type PNG image data, 41 x 210, 8-bit/color RGBA, non-interlaced Size 5.8 kB (5781 bytes) Hash 3fcdcb6fd4e5403b3ab319d06707e18b 2b442ee1b3dd28e70322ac8ef882fa4a58561845 55c287eafc84d0e075b66e08195727fa060f8740c1bd4b75346a17dbce5ffb4a HTTP Headers GET /templates/generic/images/blur.png HTTP/1.1 Host: dz-oo.battleplusliveonline.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://dz-oo.battleplusliveonline.com/battleplusdz.08.games.pin.html?r2.tx=eb798ca3-dda0-4ecc-ad4e-97e4625ac87c&utm_source=218-224&utm_campaign=hand&sw=Bm1KTesAAAGWCRN6igAAAFwAAADaAAAAAAAAAAB6AAAAAuY&he_done=true&mx= DNT: 1 Connection: keep-alive Cookie: r2.client_id=0413dc93-a9be-432a-b633-86ed595f5824 Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Content-Type: image/png Content-Length: 5781 Connection: keep-alive Date: Sat, 05 Apr 2025 09:42:15 GMT Last-Modified: Mon, 31 Mar 2025 08:31:03 GMT ETag: "3fcdcb6fd4e5403b3ab319d06707e18b" x-amz-server-side-encryption: AES256 Accept-Ranges: bytes Server: AmazonS3 X-Cache: Hit from cloudfront Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: i2Ouqxap64l6UcxllNo5eyIDD4ps9SQtaim7wouuNb0c6NUVa4Wl5A== Age: 62863`

	dz-oo.battleplusliveonline.com/templates/generic/images/creativity.jpg	54.240.174.60	200 OK	81 kB
URL GET dz-oo.battleplusliveonline.com/templates/generic/images/creativity.jpg IP 54.240.174.60:80 ASN #16509 AMAZON-02 Requested by http://dz-oo.battleplusliveonline.com/battleplusdz.08.games.pin.html?r2.tx=eb798ca3-dda0-4ecc-ad4e-97e4625ac87c&utm_source=218-224&utm_campaign=hand&sw=Bm1KTesAAAGWCRN6igAAAFwAAADaAAAAAAAAAAB6AAAAAuY&he_done=true&mx= File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1280x663, components 3 Size 81 kB (81227 bytes) Hash 603cd714dfbbf5eee0a84a21997c3523 78c6d4b224f5882bded23fde57c1709d83c1ce68 4a6611543268b4cae60f3f20265fadceeeedf124c35169a5fbcebf29df2c467a HTTP Headers `GET /templates/generic/images/creativity.jpg HTTP/1.1 Host: dz-oo.battleplusliveonline.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Referer: http://dz-oo.battleplusliveonline.com/templates/generic/css/generic.css Cookie: r2.client_id=0413dc93-a9be-432a-b633-86ed595f5824 Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: image/jpeg Content-Length: 81227 Connection: keep-alive Date: Sat, 05 Apr 2025 09:42:15 GMT Last-Modified: Mon, 31 Mar 2025 08:31:04 GMT ETag: "603cd714dfbbf5eee0a84a21997c3523" x-amz-server-side-encryption: AES256 Accept-Ranges: bytes Server: AmazonS3 X-Cache: Hit from cloudfront Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: Me99b0Xqzl6fiDYK4WHosJla344G6Te8zv1nvJ6FX9Uh9kbkqP-_Qw== Age: 62864`

	dz-oo.battleplusliveonline.com/favicon.ico	54.240.174.60	200 OK	15 kB
URL GET dz-oo.battleplusliveonline.com/favicon.ico IP 54.240.174.60:80 ASN #16509 AMAZON-02 Requested by http://dz-oo.battleplusliveonline.com/battleplusdz.08.games.pin.html?r2.tx=eb798ca3-dda0-4ecc-ad4e-97e4625ac87c&utm_source=218-224&utm_campaign=hand&sw=Bm1KTesAAAGWCRN6igAAAFwAAADaAAAAAAAAAAB6AAAAAuY&he_done=true&mx= File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced Size 15 kB (15215 bytes) Hash 359859300f0a9cbc1ea488e6808a314c a643a03aac0d320a2c5019e1dfa98192dbeae6ce 823b136e640821d0c6f2ae8242e8724d04cfc9064fd9852382102b0c3ad89959 HTTP Headers GET /favicon.ico HTTP/1.1 Host: dz-oo.battleplusliveonline.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://dz-oo.battleplusliveonline.com/battleplusdz.08.games.pin.html?r2.tx=eb798ca3-dda0-4ecc-ad4e-97e4625ac87c&utm_source=218-224&utm_campaign=hand&sw=Bm1KTesAAAGWCRN6igAAAFwAAADaAAAAAAAAAAB6AAAAAuY&he_done=true&mx= DNT: 1 Connection: keep-alive Cookie: r2.client_id=0413dc93-a9be-432a-b633-86ed595f5824 Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Content-Type: image/x-icon Content-Length: 15215 Connection: keep-alive Date: Sat, 05 Apr 2025 09:42:16 GMT Last-Modified: Tue, 28 Jan 2025 12:12:27 GMT ETag: "359859300f0a9cbc1ea488e6808a314c" x-amz-server-side-encryption: AES256 Accept-Ranges: bytes Server: AmazonS3 X-Cache: Hit from cloudfront Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: wLdxY8-NKT7uuXq0IX5YBgTHLMyJs8twjuPQ7JzUEzybHintGFlUjQ== Age: 62863`

	www.googletagmanager.com/gtag/js?id=G-B46VFQJ05M&l=dataLayer&cx=c&gtm=45He5421v9202480111za200&tag_exp=102015666~102509682~102788824~102803279~102813109~102887800~102926062~102975949~103016951~103021830~103027016	142.250.74.136	200 OK	373 kB
URL GET www.googletagmanager.com/gtag/js?id=G-B46VFQJ05M&l=dataLayer&cx=c&gtm=45He5421v9202480111za200&tag_exp=102015666~102509682~102788824~102803279~102813109~102887800~102926062~102975949~103016951~103021830~103027016 IP 142.250.74.136:443 ASN #15169 GOOGLE Requested by http://dz-oo.battleplusliveonline.com/battleplusdz.08.games.pin.html?r2.tx=eb798ca3-dda0-4ecc-ad4e-97e4625ac87c&utm_source=218-224&utm_campaign=hand&sw=Bm1KTesAAAGWCRN6igAAAFwAAADaAAAAAAAAAAB6AAAAAuY&he_done=true&mx= Certificate IssuerGoogle Trust Services Subject.google-analytics.com Fingerprint88:85:26:A3:0A:0B:44:C6:92:DD:7B:0B:D1:14:38:BA:26:B9:EF:D9 ValidityThu, 20 Mar 2025 11:18:39 GMT - Thu, 12 Jun 2025 11:18:38 GMT File type JavaScript source, ASCII text, with very long lines (6129) Size 373 kB (372918 bytes) Hash dba86444c573a1846035a2e27bd9da6c 0495b91b626bd4195993968086ae5f8dd522040f f23382b432f1d7664e059fa082c5b64a96a509f1208f105d161c154dccd11e15 HTTP Headers GET /gtag/js?id=G-B46VFQJ05M&l=dataLayer&cx=c&gtm=45He5421v9202480111za200&tag_exp=102015666~102509682~102788824~102803279~102813109~102887800~102926062~102975949~103016951~103021830~103027016 HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: http://dz-oo.battleplusliveonline.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Sun, 06 Apr 2025 03:09:59 GMT expires: Sun, 06 Apr 2025 03:09:59 GMT cache-control: private, max-age=900 strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1020:0 cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1020:0 report-to: {"group":"ascgcycc:1020:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1020:0"}],} server: Google Tag Manager content-length: 124480 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	ooredoo-alg.telenity.com/landing/Trendy?request_id=67f1f0834796198f06fa9ca9	16.171.98.10	301 Moved Permanently	146 kB
URL User Request GET ooredoo-alg.telenity.com/landing/Trendy?request_id=67f1f0834796198f06fa9ca9 IP 16.171.98.10:443 ASN #16509 AMAZON-02 Certificate IssuerSectigo Limited Subject.telenity.com Fingerprint57:15:49:EA:3E:A3:7A:12:50:C3:EC:DB:0E:E7:A0:D2:E6:7F:6B:75 ValidityTue, 25 Mar 2025 00:00:00 GMT - Wed, 25 Mar 2026 23:59:59 GMT File type Size 146 kB (146154 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /landing/Trendy?request_id=67f1f0834796198f06fa9ca9 HTTP/1.1 Host: ooredoo-alg.telenity.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 301 Moved Permanently date: Sun, 06 Apr 2025 03:09:55 GMT content-type: text/html content-length: 178 location: http://ooredoo-alg.telenity.com/landing/Trendy?request_id=67f1f0834796198f06fa9ca9 server: nginx x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff X-Firefox-Spdy: h2`

	dz-oo.battleplusliveonline.com/templates/generic/css/generic.css	54.240.174.60	200 OK	10 kB
URL GET dz-oo.battleplusliveonline.com/templates/generic/css/generic.css IP 54.240.174.60:80 ASN #16509 AMAZON-02 Requested by http://dz-oo.battleplusliveonline.com/battleplusdz.08.games.pin.html?r2.tx=eb798ca3-dda0-4ecc-ad4e-97e4625ac87c&utm_source=218-224&utm_campaign=hand&sw=Bm1KTesAAAGWCRN6igAAAFwAAADaAAAAAAAAAAB6AAAAAuY&he_done=true&mx= File type ASCII text Size 10 kB (10364 bytes) Hash c246baae4ffeef4e9143228b1a5a5f79 05a184c55a7346968cbdfaacfb09293d9cfea564 79f0eca6fa42cdd5165528c8f4059e518780cec5ce3bc0e34c5e0217bfd91ddb HTTP Headers GET /templates/generic/css/generic.css HTTP/1.1 Host: dz-oo.battleplusliveonline.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://dz-oo.battleplusliveonline.com/battleplusdz.08.games.pin.html?r2.tx=eb798ca3-dda0-4ecc-ad4e-97e4625ac87c&utm_source=218-224&utm_campaign=hand&sw=Bm1KTesAAAGWCRN6igAAAFwAAADaAAAAAAAAAAB6AAAAAuY&he_done=true&mx= DNT: 1 Connection: keep-alive Cookie: r2.client_id=0413dc93-a9be-432a-b633-86ed595f5824 Pragma: no-cache Cache-Control: no-cache HTTP/1.1 200 OK Content-Type: text/css Transfer-Encoding: chunked Connection: keep-alive Date: Sat, 05 Apr 2025 09:42:14 GMT Last-Modified: Mon, 31 Mar 2025 08:31:03 GMT Content-Encoding: gzip x-amz-server-side-encryption: AES256 Server: AmazonS3 ETag: W/"c246baae4ffeef4e9143228b1a5a5f79" Vary: accept-encoding X-Cache: Hit from cloudfront Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: cON1O1PDFr3_0z0LDVKW_pS7w_kWShYVJgXhlLm5sx94KVpUXvDvmg== Age: 62864

	dz-oo.battleplusliveonline.com/js/page.cookies.js	54.240.174.60	200 OK	16 kB
URL GET dz-oo.battleplusliveonline.com/js/page.cookies.js IP 54.240.174.60:80 ASN #16509 AMAZON-02 Requested by http://dz-oo.battleplusliveonline.com/battleplusdz.08.games.pin.html?r2.tx=eb798ca3-dda0-4ecc-ad4e-97e4625ac87c&utm_source=218-224&utm_campaign=hand&sw=Bm1KTesAAAGWCRN6igAAAFwAAADaAAAAAAAAAAB6AAAAAuY&he_done=true&mx= File type ASCII text Size 16 kB (15873 bytes) Hash 3072e2d4fa1abfc348120d825ff63dd0 9dd2de5af733f421a06480b7fa9a3899908a2e8a ab0cccf81213651243f8d54129f3f0a01ba91dfaf3abc90db25b339a8b43a071 HTTP Headers GET /js/page.cookies.js HTTP/1.1 Host: dz-oo.battleplusliveonline.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://dz-oo.battleplusliveonline.com/battleplusdz.08.games.pin.html?r2.tx=eb798ca3-dda0-4ecc-ad4e-97e4625ac87c&utm_source=218-224&utm_campaign=hand&sw=Bm1KTesAAAGWCRN6igAAAFwAAADaAAAAAAAAAAB6AAAAAuY&he_done=true&mx= DNT: 1 Connection: keep-alive Cookie: r2.client_id=0413dc93-a9be-432a-b633-86ed595f5824 Pragma: no-cache Cache-Control: no-cache HTTP/1.1 200 OK Content-Type: application/javascript Transfer-Encoding: chunked Connection: keep-alive Date: Sat, 05 Apr 2025 09:42:14 GMT Last-Modified: Tue, 28 Jan 2025 13:24:24 GMT Content-Encoding: gzip x-amz-server-side-encryption: AES256 Server: AmazonS3 ETag: W/"3072e2d4fa1abfc348120d825ff63dd0" Vary: accept-encoding X-Cache: Hit from cloudfront Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: 5prV_TdwSicqc_RaX3TSty5Ux4hto_02m-_y4ZCMLWN2_6DcTW_oPQ== Age: 62864

	mvasdigitalmarketing.com/panel/smartlink?zid=665&ops=1&click_id=c1555c3acb684819a7d7cfc394690dd7	159.89.163.174	302 Found	0 B
URL User Request GET mvasdigitalmarketing.com/panel/smartlink?zid=665&ops=1&click_id=c1555c3acb684819a7d7cfc394690dd7 IP 159.89.163.174:443 ASN #14061 DIGITALOCEAN-ASN Certificate IssuerGoDaddy.com, Inc. Subjectmvasdigitalmarketing.com FingerprintBE:E3:7D:2E:D5:B4:C4:46:FA:B9:B9:34:EA:E2:B8:EE:C7:3B:02:11 ValidityWed, 06 Nov 2024 11:51:25 GMT - Thu, 06 Nov 2025 11:51:25 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /panel/smartlink?zid=665&ops=1&click_id=c1555c3acb684819a7d7cfc394690dd7 HTTP/1.1 Host: mvasdigitalmarketing.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Date: Sun, 06 Apr 2025 03:09:51 GMT Server: Apache/2.4.57 (CentOS Stream) OpenSSL/3.0.7 X-Powered-By: PHP/8.0.30 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Set-Cookie: ci_session=i1r1u92suptmoip6muqc3cligtfhjg2b; expires=Sun, 06-Apr-2025 05:09:51 GMT; Max-Age=7200; path=/; HttpOnly location: https://digi.smartstalk.com/redirect/redirect.aspx?offerid=11318&pid=330&sub1=665_913765796&sub2= Content-Length: 0 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8

	fonts.gstatic.com/s/roboto/v47/KFOMCnqEu92Fr1ME7kSn66aGLdTylUAMQXC89YmC2DPNWubEbVmUiAo.woff2	142.250.74.35	200 OK	21 kB
URL GET fonts.gstatic.com/s/roboto/v47/KFOMCnqEu92Fr1ME7kSn66aGLdTylUAMQXC89YmC2DPNWubEbVmUiAo.woff2 IP 142.250.74.35:443 ASN #15169 GOOGLE Requested by http://dz-oo.battleplusliveonline.com/battleplusdz.08.games.pin.html?r2.tx=eb798ca3-dda0-4ecc-ad4e-97e4625ac87c&utm_source=218-224&utm_campaign=hand&sw=Bm1KTesAAAGWCRN6igAAAFwAAADaAAAAAAAAAAB6AAAAAuY&he_done=true&mx= Certificate IssuerGoogle Trust Services Subject.gstatic.com Fingerprint04:FF:92:E7:16:B0:49:91:8B:B7:8D:C6:93:B9:20:B4:2A:33:9F:A8 ValidityThu, 20 Mar 2025 11:19:45 GMT - Thu, 12 Jun 2025 11:19:44 GMT File type Web Open Font Format (Version 2), TrueType, length 20612, version 1.0 Size 21 kB (20612 bytes) Hash b07da7aa3e4f363c5cdbc11312239e8c 47bf5b2f24ea4a4caafccc89b9d2a6677ef9e3b8 e44c11f4834bdd4d6b6da7b8ee5eaebc8acb41250cd6bce5cc82ea8262140eaa HTTP Headers GET /s/roboto/v47/KFOMCnqEu92Fr1ME7kSn66aGLdTylUAMQXC89YmC2DPNWubEbVmUiAo.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: http://dz-oo.battleplusliveonline.com DNT: 1 Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 20612 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 03 Apr 2025 09:13:18 GMT expires: Fri, 03 Apr 2026 09:13:18 GMT cache-control: public, max-age=31536000 age: 237400 last-modified: Wed, 08 Jan 2025 18:23:11 GMT content-type: font/woff2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	dz-oo.battleplusliveonline.com/battleplusdz.08.games.lander.html?utm_source=218-224&utm_campaign=hand&sw=Bm1KTesAAAGWCRN6igAAAFwAAADaAAAAAAAAAAB6AAAAAuY	54.240.174.60	200 OK	325 B
URL User Request GET dz-oo.battleplusliveonline.com/battleplusdz.08.games.lander.html?utm_source=218-224&utm_campaign=hand&sw=Bm1KTesAAAGWCRN6igAAAFwAAADaAAAAAAAAAAB6AAAAAuY IP 54.240.174.60:80 ASN #16509 AMAZON-02 File type HTML document, ASCII text, with very long lines (348), with no line terminators Size 325 B (325 bytes) Hash c7c86d2ff2b1bd8f7f8bd3bcdfa81246 8bb11e9fa31e33d7ead5118ba91ee5ce4dd7ecb5 8d269da7b1548edb7cb9ee161b5ab7466ad4e4521116d9c6fe91a7a9b81589e1 HTTP Headers GET /battleplusdz.08.games.lander.html?utm_source=218-224&utm_campaign=hand&sw=Bm1KTesAAAGWCRN6igAAAFwAAADaAAAAAAAAAAB6AAAAAuY HTTP/1.1 Host: dz-oo.battleplusliveonline.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Content-Type: text/html Content-Length: 325 Connection: keep-alive Server: CloudFront Date: Sun, 06 Apr 2025 03:09:55 GMT Set-Cookie: r2.client_id=0413dc93-a9be-432a-b633-86ed595f5824 Cache-Control: no-cache, no-store, must-revalidate X-Cache: Miss from cloudfront Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: 0fwyuKn43ePKgkgiVngvw4EwtvYMgEDP_GYzN6vUJe7zbTyvl5Y0XQ==`

	ooredoo-alg.telenity.com/landing/Trendy?request_id=67f1f0834796198f06fa9ca9	16.16.86.84	301 Moved Permanently	146 kB
URL User Request GET ooredoo-alg.telenity.com/landing/Trendy?request_id=67f1f0834796198f06fa9ca9 IP 16.16.86.84:80 ASN #16509 AMAZON-02 File type Size 146 kB (146154 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /landing/Trendy?request_id=67f1f0834796198f06fa9ca9 HTTP/1.1 Host: ooredoo-alg.telenity.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 301 Moved Permanently Date: Sun, 06 Apr 2025 03:09:55 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Server: nginx Set-Cookie: PHPSESSID=rf0qqrbachails0domit6kmds7; expires=Mon, 07-Apr-2025 03:09:55 GMT; Max-Age=86400; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Location: http://dz-oo.battleplusliveonline.com/battleplusdz.08.games.pin.html?r2.tx=eb798ca3-dda0-4ecc-ad4e-97e4625ac87c&utm_source=218-224&utm_campaign=hand&sw=Bm1KTesAAAGWCRN6igAAAFwAAADaAAAAAAAAAAB6AAAAAuY&he_done=true&mx= X-SERVE: Tapp01 cf-cache-status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3X0ua1VfPJtH4IR6fIoiA8EUOME3yU3UMtUjzCsKJZHBMdqyK1tmSEsR%2FJG2sTdNQbbuscV5wuZKao6ZesBXjHd7cbLc1wC68GkiuffoEdyRXxBvJkGOhxHJv2%2FD7sEvhwks"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} CF-RAY: 92be16d639082d95-ARN server-timing: cfL4;desc="?proto=TCP&rtt=3999&min_rtt=3999&rtt_var=1999&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=616&delivery_rate=0&cwnd=230&unsent_bytes=0&cid=0000000000000000&ts=0&x=0" X-Frame-Options: SAMEORIGIN Strict-Transport-Security: max-age=31536000; includeSubdomains; preload X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff Access-Control-Allow-Methods: GET, HEAD Access-Control-Allow-Headers: Msisdn, msisdn, X-Custom-Software, X-My-Custom Access-Control-Expose-Headers: Origin Access-Control-Allow-Credentials: true

	unpkg.com/imask@7.6.1/dist/imask.js	104.17.248.203	200 OK	124 kB
URL GET unpkg.com/imask@7.6.1/dist/imask.js IP 104.17.248.203:443 ASN #13335 CLOUDFLARENET Requested by http://dz-oo.battleplusliveonline.com/battleplusdz.08.games.pin.html?r2.tx=eb798ca3-dda0-4ecc-ad4e-97e4625ac87c&utm_source=218-224&utm_campaign=hand&sw=Bm1KTesAAAGWCRN6igAAAFwAAADaAAAAAAAAAAB6AAAAAuY&he_done=true&mx= Certificate IssuerGoogle Trust Services Subjectunpkg.com FingerprintD9:8C:AA:B3:FA:58:5C:51:D2:D2:A6:73:07:D2:24:89:C8:98:FC:43 ValidityFri, 04 Apr 2025 18:35:52 GMT - Thu, 03 Jul 2025 19:35:49 GMT File type JavaScript source, ASCII text, with very long lines (2154) Size 124 kB (124186 bytes) Hash 2c87e2f35ea8ab00ea8158b106549788 154cf5157119e081354560fe6d4cae04174c75e5 90b57afbd3c669438d15eb8b3e65cdea42685ca6d1beed64e781f1f99fca5492 HTTP Headers `GET /imask@7.6.1/dist/imask.js HTTP/1.1 Host: unpkg.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: http://dz-oo.battleplusliveonline.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Sun, 06 Apr 2025 03:09:57 GMT content-type: text/javascript; charset=utf-8 cf-ray: 92be16e199e0712f-OSL cf-cache-status: HIT access-control-allow-origin: * age: 986514 cache-control: public, max-age=31536000 last-modified: Tue, 25 Mar 2025 17:08:03 GMT strict-transport-security: max-age=31536000; includeSubDomains; preload vary: Accept-Encoding access-control-expose-headers: * content-digest: sha256=:kLV6+9PGaUONFeuLPmXN6kJoXKbRvu1k54Hx+Z/KVJI=: cross-origin-resource-policy: cross-origin x-content-type-options: nosniff server: cloudflare content-encoding: br alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	fonts.googleapis.com/css2?family=Cairo:wght@200..1000&family=Roboto:ital@0;1&display=swap	142.250.74.10	200 OK	13 kB
URL GET fonts.googleapis.com/css2?family=Cairo:wght@200..1000&family=Roboto:ital@0;1&display=swap IP 142.250.74.10:443 ASN #15169 GOOGLE Requested by http://dz-oo.battleplusliveonline.com/battleplusdz.08.games.pin.html?r2.tx=eb798ca3-dda0-4ecc-ad4e-97e4625ac87c&utm_source=218-224&utm_campaign=hand&sw=Bm1KTesAAAGWCRN6igAAAFwAAADaAAAAAAAAAAB6AAAAAuY&he_done=true&mx= Certificate IssuerGoogle Trust Services Subjectupload.video.google.com Fingerprint3C:2E:67:30:A6:95:F3:D3:61:49:AB:AC:BC:D1:CF:77:3E:33:8F:B7 ValidityThu, 20 Mar 2025 11:19:46 GMT - Thu, 12 Jun 2025 11:19:45 GMT File type ASCII text, with very long lines (1572) Size 13 kB (13288 bytes) Hash 973a7ec9ad8e45fae89a2a6db37fe6d7 ff6f3e54a2cc54e6f4d2450683c49f27a1fe1859 fbcd7188a43083ca1c22a2bc08b9af1189adb56c5fc12a226033cd6d85756e9a HTTP Headers `GET /css2?family=Cairo:wght@200..1000&family=Roboto:ital@0;1&display=swap HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: http://dz-oo.battleplusliveonline.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: text/css; charset=utf-8 vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Sun, 06 Apr 2025 03:09:57 GMT date: Sun, 06 Apr 2025 03:09:57 GMT cache-control: private, max-age=86400 cross-origin-opener-policy: same-origin-allow-popups cross-origin-resource-policy: cross-origin content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	www.googletagmanager.com/gtm.js?id=GTM-NLX8RRTB	142.250.74.136	200 OK	288 kB
URL GET www.googletagmanager.com/gtm.js?id=GTM-NLX8RRTB IP 142.250.74.136:443 ASN #15169 GOOGLE Requested by http://dz-oo.battleplusliveonline.com/battleplusdz.08.games.pin.html?r2.tx=eb798ca3-dda0-4ecc-ad4e-97e4625ac87c&utm_source=218-224&utm_campaign=hand&sw=Bm1KTesAAAGWCRN6igAAAFwAAADaAAAAAAAAAAB6AAAAAuY&he_done=true&mx= Certificate IssuerGoogle Trust Services Subject.google-analytics.com Fingerprint88:85:26:A3:0A:0B:44:C6:92:DD:7B:0B:D1:14:38:BA:26:B9:EF:D9 ValidityThu, 20 Mar 2025 11:18:39 GMT - Thu, 12 Jun 2025 11:18:38 GMT File type JavaScript source, ASCII text, with very long lines (11738) Size 288 kB (287798 bytes) Hash 552befd19c502977450f7bd3e374d4dd 08a47dbccb5f2c11a88126aa29585ff2a45446d1 49b9cdf4f7673afb5bdfdae4df8aba3ac2beea1215ff22261f5a46f36f5701ad HTTP Headers `GET /gtm.js?id=GTM-NLX8RRTB HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: http://dz-oo.battleplusliveonline.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Sun, 06 Apr 2025 03:09:57 GMT expires: Sun, 06 Apr 2025 03:09:57 GMT cache-control: private, max-age=900 strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1262:0 cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1262:0 report-to: {"group":"ascgcycc:1262:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1262:0"}],} server: Google Tag Manager content-length: 93698 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	notify.dcbprotect.com/A400479877507743842426820864828404604446260268602	54.75.211.52	200 OK	0 B
URL POST notify.dcbprotect.com/A400479877507743842426820864828404604446260268602 IP 54.75.211.52:443 ASN #16509 AMAZON-02 Requested by http://dz-oo.battleplusliveonline.com/battleplusdz.08.games.pin.html?r2.tx=eb798ca3-dda0-4ecc-ad4e-97e4625ac87c&utm_source=218-224&utm_campaign=hand&sw=Bm1KTesAAAGWCRN6igAAAFwAAADaAAAAAAAAAAB6AAAAAuY&he_done=true&mx= Certificate IssuerAmazon Subject.dcbprotect.com FingerprintBD:E8:D4:76:C9:48:51:5A:DA:83:97:AF:BC:4D:36:03:36:29:53:10 ValidityFri, 01 Nov 2024 00:00:00 GMT - Sat, 29 Nov 2025 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers POST /A400479877507743842426820864828404604446260268602 HTTP/1.1 Host: notify.dcbprotect.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-type: application/x-www-form-urlencoded Content-Length: 11717 Origin: http://dz-oo.battleplusliveonline.com DNT: 1 Connection: keep-alive Referer: http://dz-oo.battleplusliveonline.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK date: Sun, 06 Apr 2025 03:10:00 GMT content-type: text/html; charset=UTF-8 access-control-allow-origin: * access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept content-encoding: gzip transfer-encoding: chunked`

	trckmobile.trckswrm.com/click?offer_id=92&pub_id=218&pub_sub_id=224&pub_click_id=029125B5A2A9A1743908993520896	168.119.211.149	302 Found	0 B
URL User Request GET trckmobile.trckswrm.com/click?offer_id=92&pub_id=218&pub_sub_id=224&pub_click_id=029125B5A2A9A1743908993520896 IP 168.119.211.149:443 ASN #24940 Hetzner Online GmbH Certificate IssuerZeroSSL Subjecttrckmobile.trckswrm.com Fingerprint81:81:FF:4E:63:3E:1D:A4:C1:31:B5:B2:3D:1D:51:3F:F1:6F:63:B1 ValidityThu, 20 Feb 2025 00:00:00 GMT - Wed, 21 May 2025 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /click?offer_id=92&pub_id=218&pub_sub_id=224&pub_click_id=029125B5A2A9A1743908993520896 HTTP/1.1 Host: trckmobile.trckswrm.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 302 Found access-control-allow-origin: * location: https://dz-oo.battleplusliveonline.com/battleplusdz.08.games.lander.html?utm_source=218-224&utm_campaign=hand&sw=Bm1KTesAAAGWCRN6igAAAFwAAADaAAAAAAAAAAB6AAAAAuY referrer-policy: no-referrer content-length: 0 access-control-allow-methods: * date: Sun, 06 Apr 2025 03:09:53 GMT X-Firefox-Spdy: h2`

	dz-oo.battleplusliveonline.com/battleplusdz.08.games.lander.html?utm_source=218-224&utm_campaign=hand&sw=Bm1KTesAAAGWCRN6igAAAFwAAADaAAAAAAAAAAB6AAAAAuY	0.0.0.0		0 B
URL User Request GET dz-oo.battleplusliveonline.com/battleplusdz.08.games.lander.html?utm_source=218-224&utm_campaign=hand&sw=Bm1KTesAAAGWCRN6igAAAFwAAADaAAAAAAAAAAB6AAAAAuY IP 0.0.0.0:0 ASN #0 Certificate IssuerAmazon Subjectmybattlepluslive.com Fingerprint64:32:40:8A:10:EB:7A:25:D1:EA:88:55:4E:21:B9:1E:7A:12:2A:18 ValidityMon, 15 Jul 2024 00:00:00 GMT - Thu, 14 Aug 2025 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /battleplusdz.08.games.lander.html?utm_source=218-224&utm_campaign=hand&sw=Bm1KTesAAAGWCRN6igAAAFwAAADaAAAAAAAAAAB6AAAAAuY HTTP/1.1 Host: dz-oo.battleplusliveonline.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache

	dz-oo.battleplusliveonline.com/battleplusdz.08.games.pin.html?r2.tx=eb798ca3-dda0-4ecc-ad4e-97e4625ac87c&utm_source=218-224&utm_campaign=hand&sw=Bm1KTesAAAGWCRN6igAAAFwAAADaAAAAAAAAAAB6AAAAAuY&he_done=true&mx=	54.240.174.60	200 OK	146 kB
URL User Request GET dz-oo.battleplusliveonline.com/battleplusdz.08.games.pin.html?r2.tx=eb798ca3-dda0-4ecc-ad4e-97e4625ac87c&utm_source=218-224&utm_campaign=hand&sw=Bm1KTesAAAGWCRN6igAAAFwAAADaAAAAAAAAAAB6AAAAAuY&he_done=true&mx= IP 54.240.174.60:80 ASN #16509 AMAZON-02 File type Size 146 kB (146154 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /battleplusdz.08.games.pin.html?r2.tx=eb798ca3-dda0-4ecc-ad4e-97e4625ac87c&utm_source=218-224&utm_campaign=hand&sw=Bm1KTesAAAGWCRN6igAAAFwAAADaAAAAAAAAAAB6AAAAAuY&he_done=true&mx= HTTP/1.1 Host: dz-oo.battleplusliveonline.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Cookie: r2.client_id=0413dc93-a9be-432a-b633-86ed595f5824 Upgrade-Insecure-Requests: 1 Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Content-Type: text/html Transfer-Encoding: chunked Connection: keep-alive Server: CloudFront Date: Sun, 06 Apr 2025 03:09:57 GMT Vary: Accept-Encoding Set-Cookie: r2.client_id=0413dc93-a9be-432a-b633-86ed595f5824 Cache-Control: no-cache, no-store, must-revalidate Content-Encoding: gzip X-Cache: Miss from cloudfront Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: JU1hStPauWE-5Vxacv7cjYGurrBIJ7krgT3ZQTC05YGCZDs8VRQ3KQ==`

	fonts.gstatic.com/s/cairo/v28/SLXVc1nY6HkvangtZmpQdkhzfH5lkSscRiyS8pg_RWH1.woff2	142.250.74.35	200 OK	34 kB
URL GET fonts.gstatic.com/s/cairo/v28/SLXVc1nY6HkvangtZmpQdkhzfH5lkSscRiyS8pg_RWH1.woff2 IP 142.250.74.35:443 ASN #15169 GOOGLE Requested by http://dz-oo.battleplusliveonline.com/battleplusdz.08.games.pin.html?r2.tx=eb798ca3-dda0-4ecc-ad4e-97e4625ac87c&utm_source=218-224&utm_campaign=hand&sw=Bm1KTesAAAGWCRN6igAAAFwAAADaAAAAAAAAAAB6AAAAAuY&he_done=true&mx= Certificate IssuerGoogle Trust Services Subject.gstatic.com Fingerprint04:FF:92:E7:16:B0:49:91:8B:B7:8D:C6:93:B9:20:B4:2A:33:9F:A8 ValidityThu, 20 Mar 2025 11:19:45 GMT - Thu, 12 Jun 2025 11:19:44 GMT File type Web Open Font Format (Version 2), TrueType, length 33588, version 1.0 Size 34 kB (33588 bytes) Hash ead8e97c01f0448365969c144c8c5fe8 4ff4d355eeaace00eeaf2ae15cc50d01ac2bfa98 1355605c748ba06b91514ca27feaa9c0c97ac33eb32fed979fc9fabb623d9023 HTTP Headers GET /s/cairo/v28/SLXVc1nY6HkvangtZmpQdkhzfH5lkSscRiyS8pg_RWH1.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: http://dz-oo.battleplusliveonline.com DNT: 1 Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 33588 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 03 Apr 2025 18:20:12 GMT expires: Fri, 03 Apr 2026 18:20:12 GMT cache-control: public, max-age=31536000 age: 204586 last-modified: Tue, 02 May 2023 14:51:32 GMT content-type: font/woff2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	dz-oo.battleplusliveonline.com/templates/generic/fonts/rifton/rifton-regular-webfont.woff2	54.240.174.60	200 OK	15 kB
URL GET dz-oo.battleplusliveonline.com/templates/generic/fonts/rifton/rifton-regular-webfont.woff2 IP 54.240.174.60:80 ASN #16509 AMAZON-02 Requested by http://dz-oo.battleplusliveonline.com/battleplusdz.08.games.pin.html?r2.tx=eb798ca3-dda0-4ecc-ad4e-97e4625ac87c&utm_source=218-224&utm_campaign=hand&sw=Bm1KTesAAAGWCRN6igAAAFwAAADaAAAAAAAAAAB6AAAAAuY&he_done=true&mx= File type Web Open Font Format (Version 2), TrueType, length 15336, version 1.0 Size 15 kB (15336 bytes) Hash ffd06686b542f6cb448f3f9b03930602 781b68ed798c2510f2ee4440ff09fcb08149dce5 4749b2a7a3fc868e1bd25b8767b06017cacb1484829b9c21d55ec136d2a15847 HTTP Headers GET /templates/generic/fonts/rifton/rifton-regular-webfont.woff2 HTTP/1.1 Host: dz-oo.battleplusliveonline.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity DNT: 1 Connection: keep-alive Referer: http://dz-oo.battleplusliveonline.com/templates/generic/css/generic.css Cookie: r2.client_id=0413dc93-a9be-432a-b633-86ed595f5824 Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Content-Type: binary/octet-stream Content-Length: 15336 Connection: keep-alive Date: Sat, 05 Apr 2025 09:42:15 GMT Last-Modified: Mon, 31 Mar 2025 08:30:45 GMT ETag: "ffd06686b542f6cb448f3f9b03930602" x-amz-server-side-encryption: AES256 Accept-Ranges: bytes Server: AmazonS3 X-Cache: Hit from cloudfront Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: I25KuICmRrlH3uP--MjKLayuGYSKgC4iXkf13zciWl84-pgGrgFITg== Age: 62864`

	fonts.gstatic.com/s/cairo/v28/SLXVc1nY6HkvangtZmpQdkhzfH5lkSscQyyS8pg_RWH1vCk.woff2	142.250.74.35	200 OK	31 kB
URL GET fonts.gstatic.com/s/cairo/v28/SLXVc1nY6HkvangtZmpQdkhzfH5lkSscQyyS8pg_RWH1vCk.woff2 IP 142.250.74.35:443 ASN #15169 GOOGLE Requested by http://dz-oo.battleplusliveonline.com/battleplusdz.08.games.pin.html?r2.tx=eb798ca3-dda0-4ecc-ad4e-97e4625ac87c&utm_source=218-224&utm_campaign=hand&sw=Bm1KTesAAAGWCRN6igAAAFwAAADaAAAAAAAAAAB6AAAAAuY&he_done=true&mx= Certificate IssuerGoogle Trust Services Subject.gstatic.com Fingerprint04:FF:92:E7:16:B0:49:91:8B:B7:8D:C6:93:B9:20:B4:2A:33:9F:A8 ValidityThu, 20 Mar 2025 11:19:45 GMT - Thu, 12 Jun 2025 11:19:44 GMT File type Web Open Font Format (Version 2), TrueType, length 30596, version 1.0 Size 31 kB (30596 bytes) Hash cdfdf6997ccfea7171e17593b08e3dbd 8bcfc0fb78306b10459da6670d17221fd1a0132d 60d51fea6669a866e3dce8a8583978127ef1808feb14c073b2f5c2a05a45908c HTTP Headers GET /s/cairo/v28/SLXVc1nY6HkvangtZmpQdkhzfH5lkSscQyyS8pg_RWH1vCk.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: http://dz-oo.battleplusliveonline.com DNT: 1 Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 30596 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 03 Apr 2025 18:19:02 GMT expires: Fri, 03 Apr 2026 18:19:02 GMT cache-control: public, max-age=31536000 age: 204657 last-modified: Tue, 02 May 2023 14:51:33 GMT content-type: font/woff2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (7)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (27)

URL User Request GET

IP

ASN

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN