mkkuei4kdsz.com/855/917.html
64.225.91.73200 OK 329 B URL HTTP/1.1 mkkuei4kdsz.com/855/917.html
IP 64.225.91.73:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash ecbcb8bae64098de3e587487b474f8b8
e275409fb40ea27c3826af493f70faf147d0f995
2597a3f2418586d8a9fb0764743a84486ba066c6af3ff194922fb6c65a783688
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /855/917.html HTTP/1.1
Host: mkkuei4kdsz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sun, 29 Jan 2023 17:01:26 GMT
content-type: text/html
last-modified: Wed, 12 Jan 2022 17:20:45 GMT
etag: W/"61df0ded-1ad"
content-encoding: gzip
transfer-encoding: chunked
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 5eb7c9bc996a0ff420e58af45526f053
8c2614832b8efe1c9da0bbd465d6f3f172d95a9e
c085cf277dd0429fe15e4a4bce5595636e9f2204d5a8e77220f8bf88adf4068f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C085CF277DD0429FE15E4A4BCE5595636E9F2204D5A8E77220F8BF88ADF4068F"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10365
Expires: Sun, 29 Jan 2023 19:54:11 GMT
Date: Sun, 29 Jan 2023 17:01:26 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 3eb88dea4fe00db1182370e72683c3ab
ca520abf1e91bfd2aef40c6a1270a911071e8922
d8083ee567c7b3023111dc30f32c94237df7db30d4d2daaea0a569e8a3069ad7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8083EE567C7B3023111DC30F32C94237DF7DB30D4D2DAAEA0A569E8A3069AD7"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12592
Expires: Sun, 29 Jan 2023 20:31:18 GMT
Date: Sun, 29 Jan 2023 17:01:26 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 29 Jan 2023 16:35:38 GMT
content-type: application/json
age: 1548
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 302c7548412192add063ad6c8b99cf3b
e5d178931a27db036ce8daae302594d3ff7050b8
fc2bd9091006189e67e8074093805ee5492ce16e1dbfba32e083abeeae34969d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC2BD9091006189E67E8074093805EE5492CE16E1DBFBA32E083ABEEAE34969D"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14324
Expires: Sun, 29 Jan 2023 21:00:10 GMT
Date: Sun, 29 Jan 2023 17:01:26 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: rJcQVFRFGXPTZ3cxuLiGyPCMrjKoPveHHNgnml+oQI/x5oNmylFTywqAFJHI54RPteNEBX7z1JA=
x-amz-request-id: 29NGM2VWPBXFT1HT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 29 Jan 2023 16:21:27 GMT
age: 2399
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 17:01:26 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
104.17.25.14200 OK 28 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (65451)
Hash 4b5f47439b640180cc3450f7de05d0d8
5a0dc9bcab80ddc409dd35fcb00a88fe6846fee2
1f85e8b327f42c17c025d69849914068536d9aa95412fe473ae90ffb2f4ebd82
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://mkkuei4kdsz.com
Connection: keep-alive
Referer: http://mkkuei4kdsz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 17:01:26 GMT
content-type: application/javascript; charset=utf-8
content-length: 27958
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb09ed3-15d84"
last-modified: Mon, 04 May 2020 23:01:39 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 858145
expires: Fri, 19 Jan 2024 17:01:26 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q3Q2bObORhBy5PZL5zgnDK88tneBQT0KpsuKXhwubFU9m2cN%2FO3cE12Kl2NnVwgnWSlQMB3SL%2Bdo2tHNCvEuI7TVOCmTa9sad7uY9ySo0b8EkhnJzgQM2%2Bzly%2BMY4FH9AplSKW6t"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 791387a09cb20b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.33.119.27200 OK 345 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 7606335b395869127492388d1ef407a0
94ced6cbf710bac4b73cd79a95894098e859ff88
7dd5743ffb450380aa49f90d6815cd7d7b149881d887fb49162416c774af193e
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "7DD5743FFB450380AA49F90D6815CD7D7B149881D887FB49162416C774AF193E"
Last-Modified: Sat, 28 Jan 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12184
Expires: Sun, 29 Jan 2023 20:24:30 GMT
Date: Sun, 29 Jan 2023 17:01:26 GMT
Connection: keep-alive
mkkuei4kdsz.com/favicon.ico
64.225.91.73200 OK 329 B URL HTTP/1.1 mkkuei4kdsz.com/favicon.ico
IP 64.225.91.73:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash ecbcb8bae64098de3e587487b474f8b8
e275409fb40ea27c3826af493f70faf147d0f995
2597a3f2418586d8a9fb0764743a84486ba066c6af3ff194922fb6c65a783688
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: mkkuei4kdsz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mkkuei4kdsz.com/855/917.html
HTTP/1.1 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sun, 29 Jan 2023 17:01:26 GMT
content-type: text/html
last-modified: Wed, 12 Jan 2022 17:20:45 GMT
etag: W/"61df0ded-1ad"
content-encoding: gzip
transfer-encoding: chunked
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Last-Modified, ETag, Content-Length, Expires, Cache-Control, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 29 Jan 2023 16:41:41 GMT
age: 1185
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
domaincntrol.com/?orighost=http://mkkuei4kdsz.com/855/917.html
172.67.68.176200 OK 28 B URL HTTP/2 domaincntrol.com/?orighost=http://mkkuei4kdsz.com/855/917.html
IP 172.67.68.176:0
File type ASCII text, with no line terminators
Hash 7aae16ed70d2e07943585bbb1cd02b55
3209123510c034e6e38ca45edf14307f1375a8f5
51bfb53a70df6adc48f0670be59a16a657ab5a2bafc176973a32d5c36a4fc5d3
GET /?orighost=http://mkkuei4kdsz.com/855/917.html HTTP/1.1
Host: domaincntrol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://mkkuei4kdsz.com
Connection: keep-alive
Referer: http://mkkuei4kdsz.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 17:01:27 GMT
content-type: text/javascript;charset=UTF-8
content-length: 28
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XgAGnUX089gtGOm8tJ4PQKwJ4DHnHpuKhFeLLjO8Eo9OPhH82UJfBJs7TdUEYFdUdTxNjxk7JuumRKzGaWw%2Bl%2Bf2C4kPQh48BGzAZeQuneTY3U8QuuzzzzzRTmWqoS7X17A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791387a22a410b65-OSL
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 16a7b6a7128312e2f985d30df18c4487
6017bff79ffb525d9c7f9f32b999b74b5dc69602
663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16"
Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11184
Expires: Sun, 29 Jan 2023 20:07:51 GMT
Date: Sun, 29 Jan 2023 17:01:27 GMT
Connection: keep-alive
push.services.mozilla.com/
54.149.71.248101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.149.71.248:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: SZ6Xu6Rgwf1tn+yg9GFTwA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 7JUaS2rnB37H7XMTFFrovotTub0=
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7212
Expires: Sun, 29 Jan 2023 19:01:40 GMT
Date: Sun, 29 Jan 2023 17:01:28 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7212
Expires: Sun, 29 Jan 2023 19:01:40 GMT
Date: Sun, 29 Jan 2023 17:01:28 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7212
Expires: Sun, 29 Jan 2023 19:01:40 GMT
Date: Sun, 29 Jan 2023 17:01:28 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce27f1aa-8d31-4110-a47f-73de0b95926d.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce27f1aa-8d31-4110-a47f-73de0b95926d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 10a6491e2c1dfde68c7cd7297e70700f
d0f195319825a6d3e5e50ad15b2fcab27cb65896
4d9353d5874e5ea03c25e1562db5f479c222a48db526fdd10ede7c2e6a4dd874
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce27f1aa-8d31-4110-a47f-73de0b95926d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11470
x-amzn-requestid: 62d61967-9380-4ca9-b11a-531425dbd2ae
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fIf6WFgAIAMF6gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cce042-6d9fe51029094b7f37c0a648;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 07:05:38 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rUIvvkZQ028ey3klplI-x9oZFugon5HsAWT-SN2GQo5hBeBJWqoMAg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 23:12:28 GMT
age: 64140
etag: "d0f195319825a6d3e5e50ad15b2fcab27cb65896"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf6aeac1-fd74-4724-86b5-f0e86d98c915.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf6aeac1-fd74-4724-86b5-f0e86d98c915.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 43c4a8e963936a8064dbd2bd3c67b905
8508727c97127c98b886833af28b3470306216c2
070c29fe7c0a227029483d675eac863904ab6b291467acdf62167f4845699c21
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf6aeac1-fd74-4724-86b5-f0e86d98c915.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8652
x-amzn-requestid: 5a5a883e-d7d4-4fc5-925a-3a95830c504e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVguyG7BIAMFm8g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d214c4-390b59a32060e41203533c58;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 05:51:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ewSsCY4u9DwRtaj00U9JCim9tYeCgHRuIQFpdHm4ttI6L02-e44iDQ==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 23:11:24 GMT
age: 64204
etag: "8508727c97127c98b886833af28b3470306216c2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4c77437e3a7361861aed8bfecbfe6bd6
fefd238c13c0fdfb7d964c90fcc8a8cbbf953034
282d15c443cb6232ae0a30046a0dc24360617355a4651cdba59b11e6f7313d8a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5594
x-amzn-requestid: d56c9b84-dc1f-4d5c-91bf-7db55058bf67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fLyeEGOloAMFpzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ce3126-5013a6b971d6800c5c85a4eb;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 07:03:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: D2ZAelkDgsd0wjoOSoPRwTzhozs84_aIcgwU-QmbDrTnHztVD0VL_A==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 05:26:16 GMT
age: 41712
etag: "fefd238c13c0fdfb7d964c90fcc8a8cbbf953034"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4205d8106659e00fff1cbe9262918b8c
ab4f6528594a1725934727dc7d834c028a79c609
31f1a28602a194bd0856495d4d81d5c72cd7ff4e5bad6bdd1a31ec3041f4a2cc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4475
x-amzn-requestid: b7b272d6-3089-4f33-89b5-5cb388640e10
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_e6HsaIAMF5Lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d445f8-1789f7f4264270916da323db;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:45:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 4jPbm4WufkUKm7ljLvpHrJUFhr-JQ_nl3iYfI5S8nTqEszFdUtz9EQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 05:24:09 GMT
etag: "ab4f6528594a1725934727dc7d834c028a79c609"
content-type: image/jpeg
age: 41839
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3be81f83687ddb6c93d3ff3c09a9dba2
50a48e737310d3f31840db4301b25927fbcc12c5
e78c909e2381898e7f546183784a05dff47c31734c95358aaada8c2777ad47be
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9167
x-amzn-requestid: e6e0789c-a4a9-4ffa-a0ae-691770d1035b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPF9YEBmIAMF0kQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf8388-01d2093432d3959903671a69;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:06:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: awfNeaKbFw2bjiTGwUrwUTxU-qbVS2eTjn948H8kn1hy7pi_DwLMlQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 17:35:56 GMT
age: 84332
etag: "50a48e737310d3f31840db4301b25927fbcc12c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7f9ffe5-495a-4f90-a1f3-01e6bafe9287.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7f9ffe5-495a-4f90-a1f3-01e6bafe9287.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d8744995437fb5a3fa77a14c2e72ac6f
f8ad682561dd204e1193bd6ea1fb7e8eccd51610
76445eced51bce8532ffd0ef6131b5c6d8f38a15267bcad99767795f9191efd9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7f9ffe5-495a-4f90-a1f3-01e6bafe9287.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10213
x-amzn-requestid: f95cebd1-4305-4dda-b750-4801a441a6a5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_vkFR5oAMFQQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d44663-59ba391e439557731d323660;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:47:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XR5NrPkuizerZFKPiaAF9TWk8RNPKJIwymg928epIbo3kaTvPj_Lmg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 22:05:06 GMT
age: 68182
etag: "f8ad682561dd204e1193bd6ea1fb7e8eccd51610"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ww2.mkkuei4kdsz.com/
64.190.63.136200 OK 1.3 kB IP 64.190.63.136:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (700)
Hash f127bd2c299b75b0302b942d0e209683
7db66125c32f4523e45e6be1ddf0aa230d60b63f
be7bf5424323b42160ce06812c534e727e822c1e13c0c71726ffdd2a9e66cdb9
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET / HTTP/1.1
Host: ww2.mkkuei4kdsz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mkkuei4kdsz.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
date: Sun, 29 Jan 2023 17:01:29 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
vary: Accept-Encoding
x-powered-by: PHP/8.1.9
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_zfi2IAQMFhbeJz7TohoVHVtJWU2hwm7Lrp9mU2CS1tg8fh6Um4KcOzzYJ6LQkNLWAjiGBQP1WU+h5qP7TrTizQ==
last-modified: Sun, 29 Jan 2023 17:01:27 GMT
x-cache-miss-from: parking-7649dfd87f-d57kf
server: NginX
content-encoding: gzip
img.sedoparking.com/images/js_preloader.gif
205.234.175.175200 OK 4.3 kB URL HTTP/1.1 img.sedoparking.com/images/js_preloader.gif
IP 205.234.175.175:0
File type GIF image data, version 89a, 16 x 16\012- data
Hash 90c93102a88c2ab94bff1575b7a6e86e
56d71bf13de464534643db9d127629a0a3bf677a
5f6ad7031600056b578a6e8c6b34bc718d13125cc8256aa4a9050e549576f81a
GET /images/js_preloader.gif HTTP/1.1
Host: img.sedoparking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww2.mkkuei4kdsz.com/
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 17:01:29 GMT
Content-Type: image/gif
Content-Length: 4254
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Expires: Sun, 05 Feb 2023 17:01:29 GMT
X-CFHash: "90c93102a88c2ab94bff1575b7a6e86e"
X-CFF: B
Last-Modified: Fri, 15 Mar 2019 12:24:07 GMT
X-CF3: M
CF4Age: 0
x-cf-tsc: 1672141863
CF4ttl: 31536000.000
X-CF2: H
Server: CFS 0215
X-CF-ReqID: 7ed14e6018889d207fafaaa0c5a4bc8e
X-CF1: 11696:fA.arn1:cf:cacheN.arn1-01:H
Accept-Ranges: bytes
ww2.mkkuei4kdsz.com/search/tsc.php?200=MzgzNDQ1ODM3&21=OTEuOTAuNDIuMTU0&681=MTY3NTAxMTY4OWY4OTRhNjljNDI2Yjg3Zjk3ZmMxMGY5ZWU0ODhmN2Ux&crc=e0c8b625b446f3b7a813017adbae9bf2ec4c41b7&cv=1
64.190.63.136200 OK 0 B URL HTTP/1.1 ww2.mkkuei4kdsz.com/search/tsc.php?200=MzgzNDQ1ODM3&21=OTEuOTAuNDIuMTU0&681=MTY3NTAxMTY4OWY4OTRhNjljNDI2Yjg3Zjk3ZmMxMGY5ZWU0ODhmN2Ux&crc=e0c8b625b446f3b7a813017adbae9bf2ec4c41b7&cv=1
IP 64.190.63.136:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /search/tsc.php?200=MzgzNDQ1ODM3&21=OTEuOTAuNDIuMTU0&681=MTY3NTAxMTY4OWY4OTRhNjljNDI2Yjg3Zjk3ZmMxMGY5ZWU0ODhmN2Ux&crc=e0c8b625b446f3b7a813017adbae9bf2ec4c41b7&cv=1 HTTP/1.1
Host: ww2.mkkuei4kdsz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww2.mkkuei4kdsz.com/
HTTP/1.1 200 OK
date: Sun, 29 Jan 2023 17:01:29 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-powered-by: PHP/8.1.9
x-cache-miss-from: parking-7649dfd87f-8jz64
server: NginX
ww2.mkkuei4kdsz.com/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DxIyEALMi3u4_0&v=ODc0NDJmY2JhYzY1YWNhNWE5YTUzMTVlNzE4OGQ4NGEJMQl3dzIubWtrdWVpNGtkc3ouY29tNjNkNmE2Njc2YmYzMjMuNzE5ODc5NzkJd3cyLm1ra3VlaTRrZHN6LmNvbTYzZDZhNjY3NmJmOTIxLjIyNzc4MjIwCTE2NzUwMTE2ODkJYWRfNjNfMA==&l=OAk5YmExZDM2Nzg2MTViOGJiYjQxOWU0NjNjYzFkNDAxOQkwCTM1CTAJZWY3ZjY4YmY1YzRjMTcyNjQ0NzVmNDI1Y2VkYTZlMzUJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE2NzUwMTE2ODkJMC4wMDAzMjMJTgkwCTEJODMwCTEyMDUJMTk0MDQzMTQyCTkxLjkwLjQyLjE1NAkw
64.190.63.136302 Found 0 B URL HTTP/1.1 ww2.mkkuei4kdsz.com/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DxIyEALMi3u4_0&v=ODc0NDJmY2JhYzY1YWNhNWE5YTUzMTVlNzE4OGQ4NGEJMQl3dzIubWtrdWVpNGtkc3ouY29tNjNkNmE2Njc2YmYzMjMuNzE5ODc5NzkJd3cyLm1ra3VlaTRrZHN6LmNvbTYzZDZhNjY3NmJmOTIxLjIyNzc4MjIwCTE2NzUwMTE2ODkJYWRfNjNfMA==&l=OAk5YmExZDM2Nzg2MTViOGJiYjQxOWU0NjNjYzFkNDAxOQkwCTM1CTAJZWY3ZjY4YmY1YzRjMTcyNjQ0NzVmNDI1Y2VkYTZlMzUJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE2NzUwMTE2ODkJMC4wMDAzMjMJTgkwCTEJODMwCTEyMDUJMTk0MDQzMTQyCTkxLjkwLjQyLjE1NAkw
IP 64.190.63.136:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DxIyEALMi3u4_0&v=ODc0NDJmY2JhYzY1YWNhNWE5YTUzMTVlNzE4OGQ4NGEJMQl3dzIubWtrdWVpNGtkc3ouY29tNjNkNmE2Njc2YmYzMjMuNzE5ODc5NzkJd3cyLm1ra3VlaTRrZHN6LmNvbTYzZDZhNjY3NmJmOTIxLjIyNzc4MjIwCTE2NzUwMTE2ODkJYWRfNjNfMA==&l=OAk5YmExZDM2Nzg2MTViOGJiYjQxOWU0NjNjYzFkNDAxOQkwCTM1CTAJZWY3ZjY4YmY1YzRjMTcyNjQ0NzVmNDI1Y2VkYTZlMzUJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE2NzUwMTE2ODkJMC4wMDAzMjMJTgkwCTEJODMwCTEyMDUJMTk0MDQzMTQyCTkxLjkwLjQyLjE1NAkw HTTP/1.1
Host: ww2.mkkuei4kdsz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww2.mkkuei4kdsz.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
date: Sun, 29 Jan 2023 17:01:29 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-powered-by: PHP/8.1.9
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
last-modified: Sun, 29 Jan 2023 17:01:29 GMT
location: /search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DxIyEALMi3u4_0&v=ODc0NDJmY2JhYzY1YWNhNWE5YTUzMTVlNzE4OGQ4NGEJMQl3dzIubWtrdWVpNGtkc3ouY29tNjNkNmE2Njc2YmYzMjMuNzE5ODc5NzkJd3cyLm1ra3VlaTRrZHN6LmNvbTYzZDZhNjY3NmJmOTIxLjIyNzc4MjIwCTE2NzUwMTE2ODkJYWRfNjNfMA==&l=OAk5YmExZDM2Nzg2MTViOGJiYjQxOWU0NjNjYzFkNDAxOQkwCTM1CTAJZWY3ZjY4YmY1YzRjMTcyNjQ0NzVmNDI1Y2VkYTZlMzUJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE2NzUwMTE2ODkJMC4wMDAzMjMJTgkwCTEJODMwCTEyMDUJMTk0MDQzMTQyCTkxLjkwLjQyLjE1NAkw
x-cache-miss-from: parking-7649dfd87f-txn6x
server: NginX
ww2.mkkuei4kdsz.com/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DxIyEALMi3u4_0&v=ODc0NDJmY2JhYzY1YWNhNWE5YTUzMTVlNzE4OGQ4NGEJMQl3dzIubWtrdWVpNGtkc3ouY29tNjNkNmE2Njc2YmYzMjMuNzE5ODc5NzkJd3cyLm1ra3VlaTRrZHN6LmNvbTYzZDZhNjY3NmJmOTIxLjIyNzc4MjIwCTE2NzUwMTE2ODkJYWRfNjNfMA==&l=OAk5YmExZDM2Nzg2MTViOGJiYjQxOWU0NjNjYzFkNDAxOQkwCTM1CTAJZWY3ZjY4YmY1YzRjMTcyNjQ0NzVmNDI1Y2VkYTZlMzUJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE2NzUwMTE2ODkJMC4wMDAzMjMJTgkwCTEJODMwCTEyMDUJMTk0MDQzMTQyCTkxLjkwLjQyLjE1NAkw
64.190.63.136302 Found 311 B URL HTTP/1.1 ww2.mkkuei4kdsz.com/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DxIyEALMi3u4_0&v=ODc0NDJmY2JhYzY1YWNhNWE5YTUzMTVlNzE4OGQ4NGEJMQl3dzIubWtrdWVpNGtkc3ouY29tNjNkNmE2Njc2YmYzMjMuNzE5ODc5NzkJd3cyLm1ra3VlaTRrZHN6LmNvbTYzZDZhNjY3NmJmOTIxLjIyNzc4MjIwCTE2NzUwMTE2ODkJYWRfNjNfMA==&l=OAk5YmExZDM2Nzg2MTViOGJiYjQxOWU0NjNjYzFkNDAxOQkwCTM1CTAJZWY3ZjY4YmY1YzRjMTcyNjQ0NzVmNDI1Y2VkYTZlMzUJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE2NzUwMTE2ODkJMC4wMDAzMjMJTgkwCTEJODMwCTEyMDUJMTk0MDQzMTQyCTkxLjkwLjQyLjE1NAkw
IP 64.190.63.136:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 315b4da648ca82988fbe1aa5fedfcf8f
dff98ffb888edf54f9b68e23d566351ea348311d
3974290ed3ce999012625192e8c0a469ee6d502d79a7dd31653c27896ebe4c56
Analyzer Verdict Alert quad9 Sinkholed
GET /search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DxIyEALMi3u4_0&v=ODc0NDJmY2JhYzY1YWNhNWE5YTUzMTVlNzE4OGQ4NGEJMQl3dzIubWtrdWVpNGtkc3ouY29tNjNkNmE2Njc2YmYzMjMuNzE5ODc5NzkJd3cyLm1ra3VlaTRrZHN6LmNvbTYzZDZhNjY3NmJmOTIxLjIyNzc4MjIwCTE2NzUwMTE2ODkJYWRfNjNfMA==&l=OAk5YmExZDM2Nzg2MTViOGJiYjQxOWU0NjNjYzFkNDAxOQkwCTM1CTAJZWY3ZjY4YmY1YzRjMTcyNjQ0NzVmNDI1Y2VkYTZlMzUJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE2NzUwMTE2ODkJMC4wMDAzMjMJTgkwCTEJODMwCTEyMDUJMTk0MDQzMTQyCTkxLjkwLjQyLjE1NAkw HTTP/1.1
Host: ww2.mkkuei4kdsz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww2.mkkuei4kdsz.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
date: Sun, 29 Jan 2023 17:01:29 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
x-powered-by: PHP/8.1.9
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
last-modified: Sun, 29 Jan 2023 17:01:29 GMT
location: http://xml.sedodna.com/click?i=xIyEALMi3u4_0
x-cache-miss-from: parking-7649dfd87f-d57kf
server: NginX
xml.sedodna.com/click?i=xIyEALMi3u4_0
173.239.53.32302 Found 0 B URL HTTP/1.1 xml.sedodna.com/click?i=xIyEALMi3u4_0
IP 173.239.53.32:0
ASN #27257 WEBAIR-INTERNET
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?i=xIyEALMi3u4_0 HTTP/1.1
Host: xml.sedodna.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww2.mkkuei4kdsz.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Cache-Control: no-store
Content-Length: 0
Age: 0
Connection: keep-alive
Location: http://orest-vlv.com/zcvisitor/91df5fe3-9ff6-11ed-b59a-0a4fc52141e9/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=91f42064-9ff6-11ed-b59a-0a4fc52141e9
Pragma: no-cache
orest-vlv.com/zcvisitor/91df5fe3-9ff6-11ed-b59a-0a4fc52141e9/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=91f42064-9ff6-11ed-b59a-0a4fc52141e9
52.7.54.238200 1.1 kB URL HTTP/1.1 orest-vlv.com/zcvisitor/91df5fe3-9ff6-11ed-b59a-0a4fc52141e9/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=91f42064-9ff6-11ed-b59a-0a4fc52141e9
IP 52.7.54.238:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 04933e465d3a0fb6861cac1535c40855
d63820444b13f5e824f613e4218c52cf751589ab
4302e14260555a4a057801fd018787cca42d4efd6f53e60fa9be71f8266d2efc
GET /zcvisitor/91df5fe3-9ff6-11ed-b59a-0a4fc52141e9/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=91f42064-9ff6-11ed-b59a-0a4fc52141e9 HTTP/1.1
Host: orest-vlv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww2.mkkuei4kdsz.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Date: Sun, 29 Jan 2023 17:01:30 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server: GIHKdhEh
orest-vlv.com/zcredirect?visitid=91df5fe3-9ff6-11ed-b59a-0a4fc52141e9&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
52.7.54.238200 282 B URL HTTP/1.1 orest-vlv.com/zcredirect?visitid=91df5fe3-9ff6-11ed-b59a-0a4fc52141e9&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
IP 52.7.54.238:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 378f4c73fda3078c996cd0ed958b947e
a270e94b44766c47b858f92e28ef5e2151f90609
5a2606e2ebe6f0340be218d07e17be7f7f259b02121e8f1cf2e89c3ad7bf041b
GET /zcredirect?visitid=91df5fe3-9ff6-11ed-b59a-0a4fc52141e9&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false HTTP/1.1
Host: orest-vlv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://orest-vlv.com/zcvisitor/91df5fe3-9ff6-11ed-b59a-0a4fc52141e9/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=91f42064-9ff6-11ed-b59a-0a4fc52141e9
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Date: Sun, 29 Jan 2023 17:01:30 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
Server: VwBTVyiX
orest-vlv.com/favicon.ico
52.7.54.238404 653 B URL HTTP/1.1 orest-vlv.com/favicon.ico
IP 52.7.54.238:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (649), with no line terminators
Hash ba2732b1b2fa2626ffaa15f62f9e7d66
203d4e7fbb1d80449d6e4e1f3ae7a9bf8625debe
879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8
GET /favicon.ico HTTP/1.1
Host: orest-vlv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://orest-vlv.com/zcredirect?visitid=91df5fe3-9ff6-11ed-b59a-0a4fc52141e9&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
HTTP/1.1 404
Date: Sun, 29 Jan 2023 17:01:30 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 653
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Content-Language: en
Server: WAghKsca
xml-v4.gipostart-2.co/click?i=C0UF1IW-D7o_0
173.239.53.32302 Found 0 B URL HTTP/1.1 xml-v4.gipostart-2.co/click?i=C0UF1IW-D7o_0
IP 173.239.53.32:0
ASN #27257 WEBAIR-INTERNET
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?i=C0UF1IW-D7o_0 HTTP/1.1
Host: xml-v4.gipostart-2.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://orest-vlv.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Cache-Control: no-store
Content-Length: 0
Age: 0
Connection: keep-alive
Location: https://link.affiliates.cyber.bet/click?b=0&pid=8425&offer_id=53&l=1616692149&sub4=CYBERMAX300&sub8=_betting&sub6=1616692149&ref_id=st1drnhdWlQ
Pragma: no-cache
link.affiliates.cyber.bet/click?b=0&pid=8425&offer_id=53&l=1616692149&sub4=CYBERMAX300&sub8=_betting&sub6=1616692149&ref_id=st1drnhdWlQ
172.66.43.156302 Found 0 B URL HTTP/2 link.affiliates.cyber.bet/click?b=0&pid=8425&offer_id=53&l=1616692149&sub4=CYBERMAX300&sub8=_betting&sub6=1616692149&ref_id=st1drnhdWlQ
IP 172.66.43.156:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?b=0&pid=8425&offer_id=53&l=1616692149&sub4=CYBERMAX300&sub8=_betting&sub6=1616692149&ref_id=st1drnhdWlQ HTTP/1.1
Host: link.affiliates.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://orest-vlv.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 29 Jan 2023 17:01:30 GMT
content-length: 0
location: https://cyber.bet/land/gold_football/?cid=63d6a66a1d24f00001e96706&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_betting&promocode=CYBERMAX300&subid2=&subid3=&aff_bnnr=&aff_land=1616692149
x-adjust-use-original-forwarded-for: 1
access-control-allow-origin: *
set-cookie: afclick=63d6a66a1d24f00001e96706; expires=Mon, 29 Jan 2024 17:01:30 GMT; secure; SameSite=None
afoffers={"53":1675011690}; expires=Mon, 29 Jan 2024 17:01:30 GMT; secure; SameSite=None
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6W5VUqQohoP%2Bn4ZI%2FYikfJWQsbrdozvIqFm0gMOOGOy7AUHIQ37bq0YQlBYSlmwUuSNiHL5k3OglBKImNxxzCsKZ%2B0H2gdZWgpoP5GS7yugGteGAO3I9fOreAD26PCxLY%2BLlhgx5LbUPLn4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791387ba0f730b31-OSL
X-Firefox-Spdy: h2
cdnstatic.cyber.bet/css/payments.css
54.230.111.71200 OK 699 B URL HTTP/2 cdnstatic.cyber.bet/css/payments.css
IP 54.230.111.71:0
File type ASCII text, with CRLF line terminators
Hash 70e2a5d4745300aed2bfccf31551eb7f
c913b11b1f043706b73941110c33543f3c942cfb
f33896366d0d98962fd3e5b79963449dd3c1c3ea48e617e5b6d6bdb46e0c7022
GET /css/payments.css HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: text/css
content-length: 699
last-modified: Tue, 24 Jan 2023 12:10:32 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Sun, 29 Jan 2023 17:00:49 GMT
etag: "70e2a5d4745300aed2bfccf31551eb7f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rcO0l_11cCY5HeLz6MxPOk8Q6tzahC__hjO5Wca3LQG-lxS7KkbGLQ==
age: 44
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 8c630e9bbc930d1c367efa81b67be3f7
ec536695531d40a813d99a06271c7c2d698d51d3
39ca0a60c3e2e85712757ead0830d0da82beac1e4f44b6e90243e5ca9326bf4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 17:01:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 8c630e9bbc930d1c367efa81b67be3f7
ec536695531d40a813d99a06271c7c2d698d51d3
39ca0a60c3e2e85712757ead0830d0da82beac1e4f44b6e90243e5ca9326bf4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 17:01:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
142.250.74.42200 OK 31 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP 142.250.74.42:0
File type ASCII text, with very long lines (65451)
Hash 903bc7a7e510f87aa5d0201eb59a0832
ac9aa4dd94cde1bcba9037e94087138b127e41fc
41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 09:52:09 GMT
expires: Sat, 27 Jan 2024 09:52:09 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
age: 198561
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 75bf326700e29b1b06e57fb96ee2b064
4f979f28905b65637a058cd44be6c25bb51a42e4
385f7a9c4112c4d674264d02229719e7f82e7039e681db8aaa6685ebab2be0c1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 17:01:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 8c630e9bbc930d1c367efa81b67be3f7
ec536695531d40a813d99a06271c7c2d698d51d3
39ca0a60c3e2e85712757ead0830d0da82beac1e4f44b6e90243e5ca9326bf4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 17:01:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash aeb6965f65188062c56e244577fdafaa
8db65de204963a6228b1d09e01226e89d6639419
29c5e41dc1af0854a34adc9eb32815aec81fb3dbc2b800dcc82f24ce26262d1e
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=150806
Date: Sun, 29 Jan 2023 17:01:30 GMT
Etag: "63d65080-1d7"
Expires: Tue, 31 Jan 2023 10:54:56 GMT
Last-Modified: Sun, 29 Jan 2023 10:54:56 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: r6aTvF0gDdIkIUxHJpcxVmPENaLc0ULu_SkbjOcUwtzScdAllQWSzQ==
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash bab8a4c1e6bb2e6c9cc00222eef1235d
1a5dd108e9f9aaf33bc048b0097a9f510d295cad
fd182297a143655a9142e3ee5bbafefd76ca974094f43fb695611f6876f3ab63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 17:01:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-NR2G4XB
142.250.74.40200 OK 72 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-NR2G4XB
IP 142.250.74.40:0
File type Unicode text, UTF-8 text, with very long lines (15106)
Hash 42b26d6b5594d0e7a4bc04718f08ce6b
3928c07800b7462e053a898c7325b7ba01025f1a
a7008bf94c8cc4589d59c4a2544b23eda08a21f578e31444c38a537fc0a02df4
GET /gtm.js?id=GTM-NR2G4XB HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 29 Jan 2023 17:01:31 GMT
expires: Sun, 29 Jan 2023 17:01:31 GMT
cache-control: private, max-age=900
last-modified: Sun, 29 Jan 2023 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 72141
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash bab8a4c1e6bb2e6c9cc00222eef1235d
1a5dd108e9f9aaf33bc048b0097a9f510d295cad
fd182297a143655a9142e3ee5bbafefd76ca974094f43fb695611f6876f3ab63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 17:01:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdnstatic.cyber.bet/js/global.js
54.230.111.71200 OK 71 kB URL HTTP/2 cdnstatic.cyber.bet/js/global.js
IP 54.230.111.71:0
File type Unicode text, UTF-8 text, with very long lines (5000), with CRLF line terminators
Hash 8943965f22a29b6f800a98e0eaed584f
1cfa4c3d79808cce1785967a637819b88a9d11f5
3655c70a4699f50b8ffedcba2985671c7c8788b6a73e665e45515e6b8e69e3db
GET /js/global.js HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 70834
vary: Accept-Encoding
date: Sun, 29 Jan 2023 17:01:32 GMT
last-modified: Tue, 24 Jan 2023 12:10:35 GMT
etag: "8943965f22a29b6f800a98e0eaed584f"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: pZKLrAyIedAN81VlzVHKgzbE3_z3HPYmPm89J_zHAPuTalbKeLm6FQ==
cache-control: no-store, no-cache, must-revalidate
X-Firefox-Spdy: h2
cdnstatic.cyber.bet/css/global.css
54.230.111.71200 OK 4.7 kB URL HTTP/2 cdnstatic.cyber.bet/css/global.css
IP 54.230.111.71:0
File type ASCII text, with CRLF line terminators
Hash 1d710fedcd0ddfd6744b7011d3261d07
884abf5c059be6ddcdd9067c24c55f744d6df31f
47db4a55aeef076b5cc2c69bb230028feb69a8575b5a9651a1fa79e51990edb9
GET /css/global.css HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: text/css
content-length: 4746
vary: Accept-Encoding
date: Sun, 29 Jan 2023 17:01:32 GMT
last-modified: Tue, 24 Jan 2023 12:10:32 GMT
etag: "1d710fedcd0ddfd6744b7011d3261d07"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rrHPXLkUWgQyS32drp5V2dMrmZzOlC_XaFq2qIkLqhEPpk3s1jDfZQ==
cache-control: no-store, no-cache, must-revalidate
X-Firefox-Spdy: h2
cyber.bet/land/gold_football/img/input.png
172.66.43.156200 OK 10 kB URL HTTP/2 cyber.bet/land/gold_football/img/input.png
IP 172.66.43.156:0
File type PNG image data, 684 x 134, 8-bit/color RGBA, non-interlaced\012- data
Hash 029eb00d46a95ea9be209224c3d913db
6437f53a0ac6d920ce054424e379bc4035890d9f
2edf7d5caba07cf65cf390191d6e21b25a0510b09ea2809df2630515e7bccb7f
GET /land/gold_football/img/input.png HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/gold_football/css/form.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 17:01:31 GMT
content-type: image/png
content-length: 10123
last-modified: Mon, 28 Dec 2020 16:41:37 GMT
etag: "5fea0ac1-278b"
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6673
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BlcfHqG%2FjZztD3q6z2SlnF6Qk02lgwkEU9v47gVaHCLRAIqKWZvYinPbTs9IDhnnYFIo4t7n2c0fPMKspMWr%2FYZB5SMK%2BqGVg%2BUNj2YZk3uPtdh2eA%2FpSg10iA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791387be4c980b31-OSL
X-Firefox-Spdy: h2
cyber.bet/land/gold_football/img/cb_picked.png
172.66.43.156200 OK 3.2 kB URL HTTP/2 cyber.bet/land/gold_football/img/cb_picked.png
IP 172.66.43.156:0
File type PNG image data, 82 x 80, 8-bit/color RGBA, non-interlaced\012- data
Hash 774fc89cb9c8f999121c719e5f9f29df
d7d8ce07db925dc13908ea8c2c587fbb597c9eef
b1dd144f891842f0c1f19fff5c6ee14e4ab6ae491c7cac4aa2c2d7f156885bcb
GET /land/gold_football/img/cb_picked.png HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/gold_football/css/form.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 17:01:31 GMT
content-type: image/png
content-length: 3193
last-modified: Mon, 28 Dec 2020 16:41:37 GMT
etag: "5fea0ac1-c79"
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6673
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sxDtP2xjouHUnlQd%2BIEqcRgO9%2FoEG%2F5vZeOGuCR0T%2BdMWm6Y7qFCjYmnI6u6N2RU%2BFT6EA7bg2CrPN%2FMYARocsaGnF%2FDNhEJWFcsk%2FmAD413Qvq9UvU8Wmn6Zg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791387be5c9c0b31-OSL
X-Firefox-Spdy: h2
cyber.bet/land/gold_football/img/promo.png
172.66.43.156200 OK 13 kB URL HTTP/2 cyber.bet/land/gold_football/img/promo.png
IP 172.66.43.156:0
File type PNG image data, 684 x 134, 8-bit/color RGBA, non-interlaced\012- data
Hash 5798187ffb0edc7c4525a1415d9e03db
240b77c6c3c8c2a75d133c14907805d85def5588
93a1d190fd9a50423a0f7518a9147a2ef4cf969478056c6001c1124a0a1fe830
GET /land/gold_football/img/promo.png HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/gold_football/css/form.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 17:01:31 GMT
content-type: image/png
content-length: 13216
last-modified: Mon, 28 Dec 2020 16:41:37 GMT
etag: "5fea0ac1-33a0"
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6673
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aDJVwK4Ze99xPoWiQ67nJs%2BvlpIVDCMA%2BQ5nAcCJbxixknyF7KNRaq40N9Lzjc9E7fR0cX8Ib5HptPPOqSx8%2BnXecNSM%2BLzNJQx9vxiSTVisSmEHp1FDjvXReA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791387be4c990b31-OSL
X-Firefox-Spdy: h2
cyber.bet/land/gold_football/img/bg.jpg
172.66.43.156200 OK 156 kB URL HTTP/2 cyber.bet/land/gold_football/img/bg.jpg
IP 172.66.43.156:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 3840x1920, components 3\012- data
Size 156 kB (156361 bytes)
Hash 99c31d6b59863498102fbe5c4b996372
a9021e63249c09a63b5f8697aa35f481679c9e55
02731f701c8f844ccc4ce0eb8b48db077aa17d878acb98935b8d85cd52f643fc
GET /land/gold_football/img/bg.jpg HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/gold_football/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 17:01:31 GMT
content-type: image/jpeg
content-length: 156361
cf-bgj: h2pri
etag: "601aaeac-262c9"
last-modified: Wed, 03 Feb 2021 14:09:48 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6673
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1cPOwmTEyGLV41LN21JI%2BNIrsnZb2JM2X%2FtnZUJEhv3A7nH59ywkCtuQd3aMoj8U%2FgNk53uOQfcL84p8cXbdBRd6cJFDgilQmP592WG6IbaZpkCUCw5wOffbsA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791387be4c900b31-OSL
X-Firefox-Spdy: h2
cyber.bet/land/gold_football/img/right.png
172.66.43.156200 OK 161 kB URL HTTP/2 cyber.bet/land/gold_football/img/right.png
IP 172.66.43.156:0
File type PNG image data, 1148 x 1011, 8-bit colormap, non-interlaced\012- data
Size 161 kB (161228 bytes)
Hash 868616a393080ccaabef8c8104d3b1a0
31c2ed6aa818e92e7da23816c66f3d5936d87167
3c2a56ff51a274511266e19c00e0f077c1f2d7f7ba9207ae08789332e06f4c36
GET /land/gold_football/img/right.png HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/gold_football/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 17:01:31 GMT
content-type: image/png
content-length: 161228
last-modified: Wed, 03 Feb 2021 14:09:48 GMT
etag: "601aaeac-275cc"
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5688
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cx9HeeBT%2BfWtKraLgmWT8eAljdUVreVDQcdcPAH%2B4USkRM7Oczrb7wN%2BkFDBxD7Ph5iqjDDi%2FlyCejFe2x%2Bv7z9ChNnXud%2F1M9ODPBN5ya8F3s4UAkT8pYYlQw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791387be4c940b31-OSL
X-Firefox-Spdy: h2
cyber.bet/land/gold_football/img/cta.png
172.66.43.156200 OK 99 kB URL HTTP/2 cyber.bet/land/gold_football/img/cta.png
IP 172.66.43.156:0
File type PNG image data, 1076 x 266, 8-bit/color RGBA, non-interlaced\012- data
Hash 6af15da4b150dd671aa73c54a5d000b2
1292d7e77d7ea538594b8f43527c1464a73e3ac6
383559b3e7496fbf5f0d7ebf89bb9fd90e149fee99bca2a0007224fed63ca51b
GET /land/gold_football/img/cta.png HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/gold_football/css/form.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 17:01:31 GMT
content-type: image/png
content-length: 98590
last-modified: Mon, 28 Dec 2020 16:41:37 GMT
etag: "5fea0ac1-1811e"
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6673
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Iiqcjuvr8TO9zYhWgqrEQ2IDThXLwx1eps8X1ng9qKo43s5wlOPuUXRSmjXWMlYxYJiE%2F0C%2FvmE93ut%2Fck8MqrQJbBEhg2zpl39dHaHq985Ni2dboOuqzR08g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791387be5ca00b31-OSL
X-Firefox-Spdy: h2
cyber.bet/land/gold_football/img/left.png
172.66.43.156200 OK 164 kB URL HTTP/2 cyber.bet/land/gold_football/img/left.png
IP 172.66.43.156:0
File type PNG image data, 1192 x 1181, 8-bit colormap, non-interlaced\012- data
Size 164 kB (163919 bytes)
Hash fc9c2a3760148ae23e2b1182f308a84b
63d0d68f5737f3b86b8262503bf78295cb082637
4459f9d27eacbd75068d51b041786be1bb27b46350c67aca8734997e3543d583
GET /land/gold_football/img/left.png HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/gold_football/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 17:01:31 GMT
content-type: image/png
content-length: 163919
last-modified: Wed, 03 Feb 2021 14:09:46 GMT
etag: "601aaeaa-2804f"
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5688
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kGJS6ziv4cDU8VDdFswfmlqqwUy4Spci8%2FsXsJrNr0%2FIABhpN%2BqQL45evmHc9arh1a3C4RT554D7pBpCG08uxNkVGdmno%2FTp%2F9xyj8%2Bj7JOtf6F2z0iEyOc%2BGw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791387be4c930b31-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 8cf65fcdafa84b63cf7005fe57927fcb
3f7d163a96e7f00eb2de9828624ec46e22b4b40a
dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 17:01:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 8cf65fcdafa84b63cf7005fe57927fcb
3f7d163a96e7f00eb2de9828624ec46e22b4b40a
dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 17:01:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash db3290a85d0ba4da27406ae9636aa618
4c69da45eddd66a1e26fce5562fc45eda7005309
19db4d0cc84bff9586883a5fa69c426af0b5fc1c2760ee7c259b0307c8afa6b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 17:01:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash db3290a85d0ba4da27406ae9636aa618
4c69da45eddd66a1e26fce5562fc45eda7005309
19db4d0cc84bff9586883a5fa69c426af0b5fc1c2760ee7c259b0307c8afa6b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 17:01:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cyber.bet/land/js/locales/base/locales.js
172.66.43.156200 OK 5.6 kB URL HTTP/2 cyber.bet/land/js/locales/base/locales.js
IP 172.66.43.156:0
File type Unicode text, UTF-8 text, with very long lines (16549), with no line terminators
Hash 689edbeb85a52ed7249dfdda92adfddc
0ea4bf012954b963a5a0e25027211d921e6bedeb
433dd8fb8eb9854d428d0e484853230c53559b11f598096525601ebac505badc
GET /land/js/locales/base/locales.js HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/gold_football/?cid=63d6a66a1d24f00001e96706&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_betting&promocode=CYBERMAX300&subid2=&subid3=&aff_bnnr=&aff_land=1616692149
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 17:01:30 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=22124
etag: W/"636c24bc-566c"
last-modified: Wed, 09 Nov 2022 22:07:56 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6708
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X6S%2BOmA9hC%2B5iPvhq9rlUCLtwXwIrvOWPDq%2BA4ZM8NnYFhJZgcI5cW8avDNR%2BbXz1Dv7DJ%2BjDT12HxwKLvlxZq44GW7RpZXSZCNGwtW4YtfU58T1LaJetATcCg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791387bb99660b31-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15752, version 1.0\012- data
Hash b20371a6daf29d4a1f2e85dbbf40fb20
0355a01c1ccb45cb728e7e07c41c8ebf456f70bb
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cyber.bet
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15752
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 01:49:59 GMT
expires: Sat, 27 Jan 2024 01:49:59 GMT
cache-control: public, max-age=31536000
age: 227492
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cyber.bet
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 19:33:54 GMT
expires: Thu, 25 Jan 2024 19:33:54 GMT
cache-control: public, max-age=31536000
age: 336457
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cyber.bet/land/gold_football/css/style.css
172.66.43.156200 OK 17 kB URL HTTP/2 cyber.bet/land/gold_football/css/style.css
IP 172.66.43.156:0
File type ASCII text, with very long lines (2573), with no line terminators
Hash 0bc0ea1a1119022b5567c243680910b8
46ba56d53cee2014e492b8faca3f7f61257d14b1
927ad84ee3a11b600b9c88278d8b70141244137f5d8a468317678be5ee76e611
GET /land/gold_football/css/style.css HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/gold_football/?cid=63d6a66a1d24f00001e96706&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_betting&promocode=CYBERMAX300&subid2=&subid3=&aff_bnnr=&aff_land=1616692149
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 17:01:30 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=3754
etag: W/"605e02e5-eaa"
last-modified: Fri, 26 Mar 2021 15:51:01 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3404
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vm1ht2Ag5TO4TjCE242BlkWESg%2FHrabWOGC2Gk8LJuG95pe8DrAX7Y6cRWNHWfx9hM0ELAKb%2BExX0UmEEVq2DTMB%2BWfANmn1LGWn3e%2FGl3iP6u%2FgRhnC%2F285cQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791387bb99620b31-OSL
content-encoding: br
X-Firefox-Spdy: h2
cyber.bet/land/gold_football/img/logo.svg
172.66.43.156200 OK 17 kB URL HTTP/2 cyber.bet/land/gold_football/img/logo.svg
IP 172.66.43.156:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1777), with CRLF line terminators
Hash 7d65885db008bff4ca9de6648fc1e20a
b7ae6132404f52c28ffdf8a255ec9089677bb9b9
89cb7d004aedc557697463171650f314144e6c45ad85b2ac46184df2b38dfc2e
GET /land/gold_football/img/logo.svg HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/gold_football/css/common.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 17:01:31 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Dec 2020 16:41:37 GMT
etag: W/"5fea0ac1-b67"
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6673
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=81Y0W%2B1hTQmiAeykoPZZ8qCwjVK4cYkfdIyNUhpDv1hHyeOEamapsKyY7fj0QRPvult08I4b%2BpQhGPS6HiicRAYi88016iwjDmCVMn2wILAwX1%2FrKFvp2ilY%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791387be4c960b31-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cyber.bet
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 28 Jan 2023 10:26:49 GMT
expires: Sun, 28 Jan 2024 10:26:49 GMT
cache-control: public, max-age=31536000
age: 110082
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cyber.bet/land/gold_football/favicon.ico
172.66.43.156200 OK 2.1 kB URL HTTP/2 cyber.bet/land/gold_football/favicon.ico
IP 172.66.43.156:0
File type MS Windows icon resource - 3 icons, 48x48, 8 bits/pixel, 32x32, 8 bits/pixel\012- data
Hash d9fed1f2593550b7b8441dc4b2c587b8
0552c4c0718db4022ab4e7862066432d80d71313
9a22b8e440f4c22c107cf3458103f12c4c38d95fe836b2503af043bfe1ca73e0
GET /land/gold_football/favicon.ico HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/gold_football/?cid=63d6a66a1d24f00001e96706&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_betting&promocode=CYBERMAX300&subid2=&subid3=&aff_bnnr=&aff_land=1616692149
Cookie: _ga_8FYNJV02NV=GS1.1.1675011699.1.0.1675011699.60.0.0; _ga=GA1.1.1494117069.1675011699
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 17:01:31 GMT
content-type: image/x-icon
last-modified: Mon, 28 Dec 2020 16:41:37 GMT
etag: W/"5fea0ac1-1cee"
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5422
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iCCPzYVg9jkLqakuag0f8pBF74qrAJhU3lnrlysX%2FsWbkezJN%2BMrUXfixrQwmvK9EwCVOm9YkDzNl9zP%2BmO3RtvHexzjVkB081tdW7SAbEBTX2lUZ1RVkkSMcw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791387bf2d9a0b31-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
216.239.36.178200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 216.239.36.178:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Sun, 29 Jan 2023 15:45:20 GMT
expires: Sun, 29 Jan 2023 17:45:20 GMT
cache-control: public, max-age=7200
age: 4571
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash b7da7d1d3e5880d5d4e313ac7fcf2a83
60a1e887ccb7c7cdae0035c65ef7df9908547fef
af17efcd17df50324c29cff05cea79f18cba79f6b1134ec0e6d1637759b5e895
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 17:01:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdnstatic.cyber.bet/js/fp.js
54.230.111.71200 OK 533 B URL HTTP/2 cdnstatic.cyber.bet/js/fp.js
IP 54.230.111.71:0
File type ASCII text, with CRLF line terminators
Hash d1abfbe2c5b50e7f427e41c79197dcd3
01f6142a97168fd15da33334c35ce351d676ed08
7266855231eab7a13a11e53e9df50e1c84582649d9708e9a8f72d62e8af8b569
GET /js/fp.js HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1675011699.1.0.1675011699.60.0.0; _ga=GA1.1.1494117069.1675011699
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 533
last-modified: Tue, 24 Jan 2023 12:10:35 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Sun, 29 Jan 2023 17:00:55 GMT
etag: "d1abfbe2c5b50e7f427e41c79197dcd3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: JsKRZUfEdi5r4youyfZg0QDAp7SIrQsPHl2W22rAl-_9T8Hsu_XJuQ==
age: 42
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8FYNJV02NV&cid=1494117069.1675011699>m=2oe1p0&aip=1&z=1929443799
142.250.74.67200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8FYNJV02NV&cid=1494117069.1675011699>m=2oe1p0&aip=1&z=1929443799
IP 142.250.74.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8FYNJV02NV&cid=1494117069.1675011699>m=2oe1p0&aip=1&z=1929443799 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 17:01:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdnstatic.cyber.bet/js/geoMapping.js
54.230.111.71200 OK 443 B URL HTTP/2 cdnstatic.cyber.bet/js/geoMapping.js
IP 54.230.111.71:0
File type ASCII text, with CRLF line terminators
Hash 2f6043a16c26cde9a190dbb829b5519c
791479cfced1a000ef6411990f1c4bba615b6b4c
f9dfb0c2f94be90f2cdeb66286b36cdeb5d8fb0fbb9f28b1e1d3d99a3780306a
GET /js/geoMapping.js HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1675011699.1.0.1675011699.60.0.0; _ga=GA1.2.1494117069.1675011699; _gid=GA1.2.1432588000.1675011700; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 443
last-modified: Tue, 24 Jan 2023 12:10:35 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Sun, 29 Jan 2023 17:00:55 GMT
etag: "2f6043a16c26cde9a190dbb829b5519c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9EywILSj6IOblfRpnCdOnWov4p_U3-86V_JWxxO8hvScHBVJlPV_zw==
age: 40
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash c3fa8c0d3d9045fff6a6da164946a6b2
3f49c2ca05a7a78f25950345231980b544a790e1
82258db78bc0594ae354753c0933d4defdd28c88d5f134635b888f3ca68d2f72
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4641
Cache-Control: max-age=92793
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 17:01:31 GMT
Etag: "63d55bc3-117"
Expires: Mon, 30 Jan 2023 18:48:04 GMT
Last-Modified: Sat, 28 Jan 2023 17:30:43 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 279
cdnstatic.cyber.bet/css/libs/nice-select.css
54.230.111.71200 OK 1.6 kB URL HTTP/2 cdnstatic.cyber.bet/css/libs/nice-select.css
IP 54.230.111.71:0
Hash 3725ea628c9b1861991011650a096a4b
95a48fd67d20a2891ea9dcb1ec0eac45a56d3d8f
e17ce3aa6cdb452dd1908313474ccee4ceaeab54a60f0cb11c8df549524eb334
GET /css/libs/nice-select.css HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: text/css
last-modified: Tue, 24 Jan 2023 12:10:32 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Sun, 29 Jan 2023 17:01:00 GMT
etag: W/"b83506d101e8a03948d5c01e83da2b8e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: e214oXxQbhtZAY7UOeMJ6DfmgOXUfelQiQAb4ob6oJ0SoKM5GbiJ9A==
age: 35
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/@fingerprintjs/fingerprintjs@3/dist/fp.min.js
104.16.88.20200 OK 15 kB URL HTTP/2 cdn.jsdelivr.net/npm/@fingerprintjs/fingerprintjs@3/dist/fp.min.js
IP 104.16.88.20:0
File type Unicode text, UTF-8 text, with very long lines (34150)
Hash 5bec71d8d81aa064688711c2abeadefc
793a9cc2704d4aec9035c1a1461404eb6b9feb1e
f5698d59e503a98e070c97a8fbb8b6bf7992910837ca1c9f0815666cf8ffda16
GET /npm/@fingerprintjs/fingerprintjs@3/dist/fp.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 17:01:31 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 3.4.0
x-jsd-version-type: version
etag: W/"86b4-0dT4vbRAvda9ZROiHYU1ptjFWSM"
x-served-by: cache-fra-eddf8230075-FRA, cache-yyz4566-YYZ
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 40550
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F4yeHwR4Oykn13gbR3%2F29eHq2ctbrkrf1yE9eMuhD5KSJTmo%2FxM0Cog1V5%2FUXGBIUBJp%2BkW2cl2sGiBJ99WIFEUcwdyMqDoROGN3nTeUHRicPP9ItF8%2FiveTo%2BXT7LVnbvA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791387bfdbbc0b45-OSL
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 2c4380697a101b67d9f8edb80bbe917c
d031ccb76ff8aeef9f80594b3ac3a7117e1ad05d
92fcb57afd01dbdc56cdd37ff2ebfb8807a286936093b1a863d334a3826aceb3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "92FCB57AFD01DBDC56CDD37FF2EBFB8807A286936093B1A863D334A3826ACEB3"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8138
Expires: Sun, 29 Jan 2023 19:17:09 GMT
Date: Sun, 29 Jan 2023 17:01:31 GMT
Connection: keep-alive
cdnstatic.cyber.bet/js/currencyMapping.js
54.230.111.71200 OK 3.6 kB URL HTTP/2 cdnstatic.cyber.bet/js/currencyMapping.js
IP 54.230.111.71:0
Hash 6288997615178d923d132c2ccc75992e
b3571c8965637652d581079586c924916e78d1fa
fd449ed0d946f76fd87d0950a415adb77c8c84eb40d5811df870b41b20d412f4
GET /js/currencyMapping.js HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1675011699.1.0.1675011699.60.0.0; _ga=GA1.1.1494117069.1675011699
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 24 Jan 2023 12:10:35 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Sun, 29 Jan 2023 17:00:55 GMT
etag: W/"2a3d85d14eaeaac04949a29f3c94c548"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: hfhz2YNCr0sEjflVeZ6lIchow2Em64C0pak0BxLpQ2YRy_Qq8GtFtw==
age: 49
X-Firefox-Spdy: h2
cdnstatic.cyber.bet/js/payments.js
54.230.111.71200 OK 641 B URL HTTP/2 cdnstatic.cyber.bet/js/payments.js
IP 54.230.111.71:0
Hash 5dfc15922ae2776d11df25fffbafbbb7
8238d0b459fbb937310d59d6dcd7b99ce7b9e497
1917d4e269d042cd66d567da6c3e34e0aef4ebfe7d8c764a8e141f6f680517dd
GET /js/payments.js HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 24 Jan 2023 12:10:36 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Sun, 29 Jan 2023 17:00:49 GMT
etag: W/"86e0165b432077320adbf690e339604e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: lmrvADvDI5Vm1nuIpwlF13C8M7PKxerp6-DI8vxmsyjd6_l3eWrXAQ==
age: 50
X-Firefox-Spdy: h2
my.rtmark.net/p.js?f=sync&lr=1&partner=ba0d5680aec92ed9c5c9da2be8d0e8a3a577866b71c7089a32ed732bc1246910
139.45.195.8200 OK 697 B URL HTTP/2 my.rtmark.net/p.js?f=sync&lr=1&partner=ba0d5680aec92ed9c5c9da2be8d0e8a3a577866b71c7089a32ed732bc1246910
IP 139.45.195.8:0
Hash bb07e31c2c066db5c4b3259d1f69a442
db79e9d4a817ce703b11b65faf2ba097228063b2
d96b7a3f7fe0803348c6ea7cd2f02b2a3d96feabac2339d2f89033336f6583a8
GET /p.js?f=sync&lr=1&partner=ba0d5680aec92ed9c5c9da2be8d0e8a3a577866b71c7089a32ed732bc1246910 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 17:01:31 GMT
content-type: text/javascript
content-length: 697
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 6cb2bc0b7d239f8262a3853e8966603e
69c153f69571171ab45b77b7843b533dd2054a30
61a1ece1823a63c25d72a1250dd74a5d9b82e8798879899ce8914430f736e5f0
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 29 Jan 2023 17:01:31 GMT
Last-Modified: Sun, 29 Jan 2023 16:22:24 GMT
Server: ECS (dcb/7F60)
X-Cache: Miss from cloudfront
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: lqoADf1rsEebOnk76erK3JovrropUJGqFLIyro5XhPPQ6rHtN_8v0w==
Age: 2347
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash ed8a8c45dceab588456b222e04775919
0242859712655caa3c3e9b936878c7c7874b7b5a
669f0691b8bf32a10fb219ce47ad69495e5cd2a11317b672aecca53f50b51de3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 17:01:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash ed8a8c45dceab588456b222e04775919
0242859712655caa3c3e9b936878c7c7874b7b5a
669f0691b8bf32a10fb219ce47ad69495e5cd2a11317b672aecca53f50b51de3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 17:01:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pj.l.admedo.com/admtracker.lib.min.js
54.230.111.48200 OK 2.0 kB URL HTTP/2 pj.l.admedo.com/admtracker.lib.min.js
IP 54.230.111.48:0
Hash e0bc4286859cab2943b2c73eecd1fd82
7bf8aa80a5e27f4975992e1408ad589e45b54658
dfe0fdf7b9345166833c80f64b497f08c84cdaea1a414b1cbcad956942a4ed37
GET /admtracker.lib.min.js HTTP/1.1
Host: pj.l.admedo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 25 Aug 2020 14:10:14 GMT
server: AmazonS3
content-encoding: gzip
date: Sun, 29 Jan 2023 16:55:54 GMT
cache-control: public,max-age=900
etag: W/"5a420213029638ecea775a40089898aa"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 83II-m2EFA_45VaiV1YX41vPQS6djNQZmYxhe20f709uJYikvWjtPQ==
age: 340
X-Firefox-Spdy: h2
stats.g.doubleclick.net/g/collect?v=2&tid=G-8FYNJV02NV&cid=1494117069.1675011699>m=2oe1p0&aip=1
173.194.221.155204 No Content 0 B URL HTTP/2 stats.g.doubleclick.net/g/collect?v=2&tid=G-8FYNJV02NV&cid=1494117069.1675011699>m=2oe1p0&aip=1
IP 173.194.221.155:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-8FYNJV02NV&cid=1494117069.1675011699>m=2oe1p0&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cyber.bet
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
access-control-allow-origin: https://cyber.bet
date: Sun, 29 Jan 2023 17:01:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-113371679-5&cid=1494117069.1675011699&jid=281395997&gjid=920852931&_gid=1432588000.1675011700&_u=YCDACEABBAAAACAFK~&z=913053101
173.194.221.155200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-113371679-5&cid=1494117069.1675011699&jid=281395997&gjid=920852931&_gid=1432588000.1675011700&_u=YCDACEABBAAAACAFK~&z=913053101
IP 173.194.221.155:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-113371679-5&cid=1494117069.1675011699&jid=281395997&gjid=920852931&_gid=1432588000.1675011700&_u=YCDACEABBAAAACAFK~&z=913053101 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://cyber.bet
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://cyber.bet
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 29 Jan 2023 17:01:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 35112889038daf39a2fd0a0bd85546e9
fd9b12ade2568f76aa570d9402f25f2f30d7bc73
24f35ecf77dfab6976210efe89bf26464e812e00efae1675593014b8e252adec
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "24F35ECF77DFAB6976210EFE89BF26464E812E00EFAE1675593014B8E252ADEC"
Last-Modified: Sun, 29 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8180
Expires: Sun, 29 Jan 2023 19:17:51 GMT
Date: Sun, 29 Jan 2023 17:01:31 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 35112889038daf39a2fd0a0bd85546e9
fd9b12ade2568f76aa570d9402f25f2f30d7bc73
24f35ecf77dfab6976210efe89bf26464e812e00efae1675593014b8e252adec
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "24F35ECF77DFAB6976210EFE89BF26464E812E00EFAE1675593014B8E252ADEC"
Last-Modified: Sun, 29 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8180
Expires: Sun, 29 Jan 2023 19:17:51 GMT
Date: Sun, 29 Jan 2023 17:01:31 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash ed8a8c45dceab588456b222e04775919
0242859712655caa3c3e9b936878c7c7874b7b5a
669f0691b8bf32a10fb219ce47ad69495e5cd2a11317b672aecca53f50b51de3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 17:01:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
region1.analytics.google.com/g/collect?v=2&tid=G-8FYNJV02NV>m=2oe1p0&_p=902436792&_gaz=1&cid=1494117069.1675011699&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675011699&sct=1&seg=0&dl=https%3A%2F%2Fcyber.bet%2Fland%2Fgold_football%2F%3Fcid%3D63d6a66a1d24f00001e96706%26pid%3D8425%26subid1%3D%26affs%3D1%26sid%3Daffs%26utm_medium%3Drevshare%26utm_source%3Daffise%26utm_campaign%3D53_betting%26promocode%3DCYBERMAX300%26subid2%3D%26subid3%3D%26aff_bnnr%3D%26aff_land%3D1616692149&dr=http%3A%2F%2Forest-vlv.com%2F&dt=Bets%20on%20Football%20Matches%20%7C%20Cyber.Bet&en=page_view&_fv=2&_nsi=1&_ss=2&up.ip=&up.anon_id=&up.score_bot=
216.239.34.36204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-8FYNJV02NV>m=2oe1p0&_p=902436792&_gaz=1&cid=1494117069.1675011699&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675011699&sct=1&seg=0&dl=https%3A%2F%2Fcyber.bet%2Fland%2Fgold_football%2F%3Fcid%3D63d6a66a1d24f00001e96706%26pid%3D8425%26subid1%3D%26affs%3D1%26sid%3Daffs%26utm_medium%3Drevshare%26utm_source%3Daffise%26utm_campaign%3D53_betting%26promocode%3DCYBERMAX300%26subid2%3D%26subid3%3D%26aff_bnnr%3D%26aff_land%3D1616692149&dr=http%3A%2F%2Forest-vlv.com%2F&dt=Bets%20on%20Football%20Matches%20%7C%20Cyber.Bet&en=page_view&_fv=2&_nsi=1&_ss=2&up.ip=&up.anon_id=&up.score_bot=
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-8FYNJV02NV>m=2oe1p0&_p=902436792&_gaz=1&cid=1494117069.1675011699&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675011699&sct=1&seg=0&dl=https%3A%2F%2Fcyber.bet%2Fland%2Fgold_football%2F%3Fcid%3D63d6a66a1d24f00001e96706%26pid%3D8425%26subid1%3D%26affs%3D1%26sid%3Daffs%26utm_medium%3Drevshare%26utm_source%3Daffise%26utm_campaign%3D53_betting%26promocode%3DCYBERMAX300%26subid2%3D%26subid3%3D%26aff_bnnr%3D%26aff_land%3D1616692149&dr=http%3A%2F%2Forest-vlv.com%2F&dt=Bets%20on%20Football%20Matches%20%7C%20Cyber.Bet&en=page_view&_fv=2&_nsi=1&_ss=2&up.ip=&up.anon_id=&up.score_bot= HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cyber.bet
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://cyber.bet
date: Sun, 29 Jan 2023 17:01:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
backend.cyberbet.academy/api/gql/send?ttl=86400
34.254.83.154200 OK 4 B URL HTTP/2 backend.cyberbet.academy/api/gql/send?ttl=86400
IP 34.254.83.154:0
File type ASCII text, with no line terminators
Hash 5b3abf9c1aa7556c3a36fea4e695c5d2
3fd967d09a748e1f2b26d6fe562e7155aa87e9de
98c4922bb641c65c7a30b7bcafdf230b9b00b6693631c56146ab25b2786ee4a3
OPTIONS /api/gql/send?ttl=86400 HTTP/1.1
Host: backend.cyberbet.academy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://cyber.bet/
Origin: https://cyber.bet
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 17:01:31 GMT
content-type: application/json; charset=utf-8
content-length: 4
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-headers: origin, content-type, accept
etag: W/"4-P9ln0Jp0jh8rJtb+Vi5xVaqH6d4"
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
backend.cyberbet.academy/api/gql/send?ttl=86400
34.254.83.154200 OK 1.7 kB URL HTTP/2 backend.cyberbet.academy/api/gql/send?ttl=86400
IP 34.254.83.154:0
File type JSON data\012- , ASCII text, with very long lines (1732), with no line terminators
Hash 7d262be351a12c20d4e65ce60529f9fc
8081b04642d8b42d8af4fe92cf2e496ed15eaca5
a9d1bfc8e3fcf82bc6d372d278866fb7cc002c158e1ed329bd4f94a70a965241
POST /api/gql/send?ttl=86400 HTTP/1.1
Host: backend.cyberbet.academy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cyber.bet/
Content-Type: application/json;charset=utf-8
Origin: https://cyber.bet
Content-Length: 359
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 17:01:32 GMT
content-type: application/json; charset=utf-8
content-length: 1732
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-headers: origin, content-type, accept
etag: W/"6c4-gIGwRkLYtC2K9P6Szy5JbtFerKU"
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
cdnstatic.cyber.bet/img/input.png
54.230.111.71200 OK 10 kB URL HTTP/2 cdnstatic.cyber.bet/img/input.png
IP 54.230.111.71:0
File type PNG image data, 684 x 134, 8-bit/color RGBA, non-interlaced\012- data
Hash 029eb00d46a95ea9be209224c3d913db
6437f53a0ac6d920ce054424e379bc4035890d9f
2edf7d5caba07cf65cf390191d6e21b25a0510b09ea2809df2630515e7bccb7f
GET /img/input.png HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdnstatic.cyber.bet/css/global.css
Cookie: _ga_8FYNJV02NV=GS1.1.1675011699.1.0.1675011699.60.0.0; _ga=GA1.2.1494117069.1675011699; _gid=GA1.2.1432588000.1675011700; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 10123
last-modified: Thu, 07 Apr 2022 09:30:15 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Sun, 29 Jan 2023 17:01:02 GMT
etag: "029eb00d46a95ea9be209224c3d913db"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: SCCjxDgMOJuXnKRDWNmzphCH8gqEggTassb3CLPNnqSzV7lRQiWa9g==
age: 31
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 86352d15c37831cf9bf1e41325029224
ac8b28bcc1e6dd026e1f62d1ef8b9f80a42eee21
154f5f5e116df41f5d3bd414c671138b2afc198071529a0f3573109277566cd8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 17:01:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
backend.cyberbet.academy/api/affise/land_promocode?promocode=CYBERMAX300
34.254.83.154200 OK 728 B URL HTTP/2 backend.cyberbet.academy/api/affise/land_promocode?promocode=CYBERMAX300
IP 34.254.83.154:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (724), with no line terminators
Hash 4bfd4b30ef9033553e00792bd3938e29
dc712b27d1b73701adcda989f9da1c23128bba31
6956ba998ac2794a1286eaf1fbc2283e127c4044f76ac0aa28c8974aae8635d1
GET /api/affise/land_promocode?promocode=CYBERMAX300 HTTP/1.1
Host: backend.cyberbet.academy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cyber.bet/
Origin: https://cyber.bet
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 17:01:32 GMT
content-type: application/json; charset=utf-8
content-length: 728
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-headers: origin, content-type, accept
etag: W/"2d8-3HErJ9G3NwGtzamJ+docIxKLujE"
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash b67335a8e235eacf68e4b7f98cc5dc40
887a9b34cf2ba9371bbe8c93e362c174668cf812
1ad2f6328af6d819acd85f4e4646afcafd945e17e555d5eeb54244db83cd48fa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 17:01:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-113371679-5&cid=1494117069.1675011699&jid=281395997&_u=YCDACEABBAAAACAFK~&z=1663412868
216.58.207.228200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-113371679-5&cid=1494117069.1675011699&jid=281395997&_u=YCDACEABBAAAACAFK~&z=1663412868
IP 216.58.207.228:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-113371679-5&cid=1494117069.1675011699&jid=281395997&_u=YCDACEABBAAAACAFK~&z=1663412868 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 17:01:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-113371679-3&cid=1494117069.1675011699&jid=1092184661&_u=YCDACEAABAAAACABI~&z=1696788008
216.58.207.228200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-113371679-3&cid=1494117069.1675011699&jid=1092184661&_u=YCDACEAABAAAACABI~&z=1696788008
IP 216.58.207.228:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-113371679-3&cid=1494117069.1675011699&jid=1092184661&_u=YCDACEAABAAAACABI~&z=1696788008 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 17:01:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash f1547d6bc72caa7f859546cd95874e5a
a06beffcf17fe63f5835cf3b5b38fd210e29fbbf
a983f9c7045e1d0b4f37f7a1ce8a331463f1737782f2dc4c44217197c3bc5b46
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=111642
Date: Sun, 29 Jan 2023 17:01:32 GMT
Etag: "63d5b30c-1d7"
Expires: Tue, 31 Jan 2023 00:02:14 GMT
Last-Modified: Sat, 28 Jan 2023 23:43:08 GMT
Server: ECS (nyb/1D1C)
X-Cache: Miss from cloudfront
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 7_ouIb_p1WVbAemOkOkIB3vnrqFId21FQegHXhTBj73DLa2B6o-nYg==
Age: 1147
ps.l.admedo.com/c819e718-9a80-40f1-b954-13f8b6dff8ac.json
54.230.111.97200 OK 54 B URL HTTP/2 ps.l.admedo.com/c819e718-9a80-40f1-b954-13f8b6dff8ac.json
IP 54.230.111.97:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 1868a00f61221a8d1874ceda2b815caf
cfea9926b0c325482e74961fa182b98ccb400852
2251c54ec6d6a304338dd54e64f058fdd0226017b1a43e4b53deb1f7bf26c313
GET /c819e718-9a80-40f1-b954-13f8b6dff8ac.json HTTP/1.1
Host: ps.l.admedo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cyber.bet
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
content-length: 54
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 01 Feb 2022 13:20:13 GMT
accept-ranges: bytes
server: AmazonS3
date: Sun, 29 Jan 2023 16:50:05 GMT
cache-control: public,max-age=900
etag: "1868a00f61221a8d1874ceda2b815caf"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: YdHs8tMFcZSRWeSAv1W_7AFTYCYYGcN7OcrZeJajG_Ik9HboaQUApw==
age: 688
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash ef589be52a3e55b643978f17949a73da
74545de6f144282252ff92c751f97cc835c80341
7bfa68c43e60a2627770163b5c1b96fbd7e4843984ad5ff6225c5490b8073b26
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 17:01:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdnstatic.cyber.bet/js/libs/phone/utils.js
54.230.111.71200 OK 55 kB URL HTTP/2 cdnstatic.cyber.bet/js/libs/phone/utils.js
IP 54.230.111.71:0
Hash de91f2cf069ef9b3db327cd2661893f2
146a0aebda3925681eb67841f168286e11c303c8
c16001cdf902ddecc53920c20ed67778f7fdd2383038990f69ed76747be30354
GET /js/libs/phone/utils.js HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1675011699.1.0.1675011699.60.0.0; _ga=GA1.2.1494117069.1675011699; _gid=GA1.2.1432588000.1675011700; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 24 Jan 2023 12:10:35 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Sun, 29 Jan 2023 17:00:55 GMT
etag: W/"8f3a2154b225b6257161c4dfc9b89c9c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: YB0_WW7gaRBFRu6VnV7DHX0Srt-aTwbNRVazk64L2B3oTxUKdAXIvQ==
age: 39
X-Firefox-Spdy: h2
cdnstatic.cyber.bet/css/img/flags.png
54.230.111.71200 OK 71 kB URL HTTP/2 cdnstatic.cyber.bet/css/img/flags.png
IP 54.230.111.71:0
File type PNG image data, 5652 x 15, 8-bit/color RGBA, non-interlaced\012- data
Hash 416250f60d785a2e02f17e054d2e4e44
21572c9751e5a3dc20395befa0fcb349c32c4811
0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55
GET /css/img/flags.png HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdnstatic.cyber.bet/css/iti/intlTelInput.css
Cookie: _ga_8FYNJV02NV=GS1.1.1675011699.1.0.1675011699.60.0.0; _ga=GA1.2.1494117069.1675011699; _gid=GA1.2.1432588000.1675011700; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 70857
last-modified: Tue, 24 Jan 2023 12:10:32 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Sun, 29 Jan 2023 17:01:32 GMT
etag: "416250f60d785a2e02f17e054d2e4e44"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: wfI4v5NLw-7n6xeZXY2K3veTAPGD8Flzk9tbpX1xteYTkQRG3_4JlA==
age: 25
X-Firefox-Spdy: h2
backend.cyberbet.academy/api/land_regs/session
34.254.83.154200 OK 8 B URL HTTP/2 backend.cyberbet.academy/api/land_regs/session
IP 34.254.83.154:0
File type ASCII text, with no line terminators
Hash 758d03240938c9a7a4709e26a48a385e
074a01d890236171824843af0482dc38050d0fc7
c852c2aa5cabf215aba5ff49e32623938e1185ee17817b9e797d3f0452da27db
POST /api/land_regs/session HTTP/1.1
Host: backend.cyberbet.academy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cyber.bet/
Content-Type: application/json;charset=utf-8
Origin: https://cyber.bet
Content-Length: 252
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 17:01:32 GMT
content-type: application/json; charset=utf-8
content-length: 8
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-headers: origin, content-type, accept
etag: W/"8-B0oB2JAjYXGCSEOvBILcOAUND8c"
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
my.rtmark.net/img.gif?f=sync&partner=ba0d5680aec92ed9c5c9da2be8d0e8a3a577866b71c7089a32ed732bc1246910&ttl=&rurl=https%3A%2F%2Fcyber.bet%2Fland%2Fgold_football%2F%3Fcid%3D63d6a66a1d24f00001e96706%26pid%3D8425%26subid1%3D%26affs%3D1%26sid%3Daffs%26utm_medium%3Drevshare%26utm_source%3Daffise%26utm_campaign%3D53_betting%26promocode%3DCYBERMAX300%26subid2%3D%26subid3%3D%26aff_bnnr%3D%26aff_land%3D1616692149
139.45.195.8200 OK 43 B URL HTTP/2 my.rtmark.net/img.gif?f=sync&partner=ba0d5680aec92ed9c5c9da2be8d0e8a3a577866b71c7089a32ed732bc1246910&ttl=&rurl=https%3A%2F%2Fcyber.bet%2Fland%2Fgold_football%2F%3Fcid%3D63d6a66a1d24f00001e96706%26pid%3D8425%26subid1%3D%26affs%3D1%26sid%3Daffs%26utm_medium%3Drevshare%26utm_source%3Daffise%26utm_campaign%3D53_betting%26promocode%3DCYBERMAX300%26subid2%3D%26subid3%3D%26aff_bnnr%3D%26aff_land%3D1616692149
IP 139.45.195.8:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /img.gif?f=sync&partner=ba0d5680aec92ed9c5c9da2be8d0e8a3a577866b71c7089a32ed732bc1246910&ttl=&rurl=https%3A%2F%2Fcyber.bet%2Fland%2Fgold_football%2F%3Fcid%3D63d6a66a1d24f00001e96706%26pid%3D8425%26subid1%3D%26affs%3D1%26sid%3Daffs%26utm_medium%3Drevshare%26utm_source%3Daffise%26utm_campaign%3D53_betting%26promocode%3DCYBERMAX300%26subid2%3D%26subid3%3D%26aff_bnnr%3D%26aff_land%3D1616692149 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 17:01:32 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=4b509008bb0a48e8a56c0406348121b9; expires=Mon, 29 Jan 2024 17:01:32 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 25d021b0062a425a334d5a5092944e41
3a501eb49d697b5e01fdd31445e051ceb3a080b2
2d6a16e9cfebaa065ddcf435cffb59c4a5cec0ba864c15eaa59fe89dfefd4235
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 640
Cache-Control: max-age=131642
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 17:01:32 GMT
Etag: "63d60326-1d7"
Expires: Tue, 31 Jan 2023 05:35:34 GMT
Last-Modified: Sun, 29 Jan 2023 05:24:54 GMT
Server: ECS (amb/6B96)
X-Cache: HIT
Content-Length: 471
pool.admedo.com/pixel?id=148776&t=js
35.210.53.219302 Found 0 B URL HTTP/2 pool.admedo.com/pixel?id=148776&t=js
IP 35.210.53.219:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel?id=148776&t=js HTTP/1.1
Host: pool.admedo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Sun, 29 Jan 2023 17:01:32 GMT
location: https://pool.admedo.com/ul_cb/pixel?id=148776&t=js
set-cookie: tuuid=9d1eaf5e-f27a-472f-8a64-3a18142e85c2; path=/; expires=Mon, 29-Jan-2024 17:01:32 GMT
c=1675011692; path=/; expires=Mon, 29-Jan-2024 17:01:32 GMT
tuuid_lu=1675011692; path=/; expires=Mon, 29-Jan-2024 17:01:32 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pool.admedo.com/ul_cb/pixel?id=148776&t=js
35.210.53.219200 OK 0 B URL HTTP/2 pool.admedo.com/ul_cb/pixel?id=148776&t=js
IP 35.210.53.219:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ul_cb/pixel?id=148776&t=js HTTP/1.1
Host: pool.admedo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cyber.bet/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-length: 0
content-type: text/javascript; charset=UTF-8
date: Sun, 29 Jan 2023 17:01:32 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cyber.bet/graphql/v2
172.66.43.156200 OK 0 B IP 172.66.43.156:0
POST /graphql/v2 HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cyber.bet/land/gold_football/?cid=63d6a66a1d24f00001e96706&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_betting&promocode=CYBERMAX300&subid2=&subid3=&aff_bnnr=&aff_land=1616692149
Content-Type: application/json;charset=utf-8
Origin: https://cyber.bet
Content-Length: 51
Connection: keep-alive
Cookie: _ga_8FYNJV02NV=GS1.1.1675011699.1.0.1675011699.60.0.0; _ga=GA1.2.1494117069.1675011699; _gid=GA1.2.1432588000.1675011700; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 17:01:31 GMT
content-type: application/json
strict-transport-security: max-age=15724800; includeSubDomains
cb-blocked: no
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MPHDmVARurDGrmCTdiF9OqlEHyLcnNXfpJwjEC%2B39NT%2FbzPedv60FXLcWiLkhJkbedWWS3GVLbPKGlgGKWKsVapFuurYSCtrjicUvBS%2BkzdR%2BPqRadKousRQDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791387bfce550b31-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdnstatic.cyber.bet/js/libs/phone/intlTelInput.js
54.230.111.71200 OK 0 B URL HTTP/2 cdnstatic.cyber.bet/js/libs/phone/intlTelInput.js
IP 54.230.111.71:0
GET /js/libs/phone/intlTelInput.js HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1675011699.1.0.1675011699.60.0.0; _ga=GA1.2.1494117069.1675011699; _gid=GA1.2.1432588000.1675011700; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 24 Jan 2023 12:10:35 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Sun, 29 Jan 2023 17:00:55 GMT
etag: W/"c73ba86bd67306c5889e9aac41e959e0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7jSiZ6rgJinVAlneRojr8I43oX-Unz8HX2o4Tt8_yPqeyXHsWj-AYw==
age: 39
X-Firefox-Spdy: h2
static.cyber.bet//hi/an/6ce04cc3-d308-42ee-8f2d-04e0a81e7319.svg
172.66.43.156200 OK 0 B URL HTTP/2 static.cyber.bet//hi/an/6ce04cc3-d308-42ee-8f2d-04e0a81e7319.svg
IP 172.66.43.156:0
GET //hi/an/6ce04cc3-d308-42ee-8f2d-04e0a81e7319.svg HTTP/1.1
Host: static.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1675011699.1.0.1675011699.60.0.0; _ga=GA1.2.1494117069.1675011699; _gid=GA1.2.1432588000.1675011700; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 17:01:32 GMT
content-type: image/svg+xml
cache-control: public, max-age=31536000
last-modified: Fri, 13 May 2022 15:59:53 GMT
x-imgix-id: 0d9a0eb61d73b4e7f1e6f9d63934aa27a4dabba7
x-imgix-render-farm: 02.552
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10077-SJC, cache-bma1665-BMA
x-cache: HIT, MISS
vary: Accept-Encoding
cf-cache-status: HIT
age: 408750
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dyUg6D2%2FKqaa87nwGNZmUMxvPRbSybQ%2FAL5VT4AWVQegDxHnL0j6Pp%2Bf4FOyhGdj6zbqSnM1QDwfQWWXpHVVbYUGh5NPbGvTgIuvqoFmZ35qRQ2d4gfJAJufbduL3IeEomg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791387c3ac040b31-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.cyber.bet//rz/ah/a55f56cd-663f-4587-9ba0-7780f4fffe06.svg
172.66.43.156200 OK 0 B URL HTTP/2 static.cyber.bet//rz/ah/a55f56cd-663f-4587-9ba0-7780f4fffe06.svg
IP 172.66.43.156:0
GET //rz/ah/a55f56cd-663f-4587-9ba0-7780f4fffe06.svg HTTP/1.1
Host: static.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1675011699.1.0.1675011699.60.0.0; _ga=GA1.2.1494117069.1675011699; _gid=GA1.2.1432588000.1675011700; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 17:01:32 GMT
content-type: image/svg+xml
cache-control: public, max-age=31536000
last-modified: Tue, 15 Feb 2022 14:00:23 GMT
x-imgix-id: 124d84afd81dd36ff5dd18c8efb73ffa18bdb828
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10066-SJC, cache-maa10232-MAA
x-cache: HIT, HIT
vary: Accept-Encoding
cf-cache-status: HIT
age: 408750
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VFx6kUyFXL4AELedvO2%2F7IcgNRGI%2BOukoMjIXJSS%2FTXT9zAAZAa9Ar2YQXMFlOLS3xtwLMJnlVuRcip9i8sTeuhRNG2c0wtFJUlu7NH%2BAinw0KFuRaiKOTp3vnSzg1d5cuE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791387c3ac080b31-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.cyber.bet//us/va/9e380f15-f52c-4b37-9e1a-ee1e29eda72f.svg
172.66.43.156200 OK 0 B URL HTTP/2 static.cyber.bet//us/va/9e380f15-f52c-4b37-9e1a-ee1e29eda72f.svg
IP 172.66.43.156:0
GET //us/va/9e380f15-f52c-4b37-9e1a-ee1e29eda72f.svg HTTP/1.1
Host: static.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1675011699.1.0.1675011699.60.0.0; _ga=GA1.2.1494117069.1675011699; _gid=GA1.2.1432588000.1675011700; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 17:01:32 GMT
content-type: image/svg+xml
cache-control: public, max-age=31536000
last-modified: Tue, 15 Feb 2022 14:01:52 GMT
x-imgix-id: 5009dab7bf9c2c57dfc23b32759803b69d7d3cb3
x-imgix-render-farm: 01.1064
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10049-SJC, cache-bma1666-BMA
x-cache: HIT, MISS
vary: Accept-Encoding
cf-cache-status: HIT
age: 408750
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sgx0%2Bw129RER%2Fbbl1oBiCuaDTsRc9Pl5Cqju77cpPbWOO07Mn1ss1xtEEWZQWqrLO9gLJimpQrMr6JNl6UbWH%2B9879VZ5nE8hXfv9O%2FNkyl1oy71sPel4geFQowmdzWAQc8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791387c3ac0a0b31-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.cyber.bet//wt/ry/aa27642b-8721-4fd0-8c84-c3e841f603b4.svg
172.66.43.156200 OK 0 B URL HTTP/2 static.cyber.bet//wt/ry/aa27642b-8721-4fd0-8c84-c3e841f603b4.svg
IP 172.66.43.156:0
GET //wt/ry/aa27642b-8721-4fd0-8c84-c3e841f603b4.svg HTTP/1.1
Host: static.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1675011699.1.0.1675011699.60.0.0; _ga=GA1.2.1494117069.1675011699; _gid=GA1.2.1432588000.1675011700; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 17:01:32 GMT
content-type: image/svg+xml
cache-control: public, max-age=31536000
last-modified: Sun, 27 Nov 2022 13:15:26 GMT
x-imgix-id: befd1e5b23a603e2ad9e7e0e220abae092937310
x-imgix-render-farm: 02.552
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10033-SJC, cache-bma1648-BMA
x-cache: HIT, MISS
vary: Accept-Encoding
cf-cache-status: HIT
age: 958817
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7snWlA%2FQVCsDyWeCac5G4f53mIO3crV%2BZPqWFpJ1657R8q5IWaswz7oz64LMuX5%2BWAyHRc2VdMjuuW%2BPtM3i0NYLi14M0bjPYRKeIHw%2BVfysnzxA3OdmgGoSqp1iE4bjXY0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791387c3ac060b31-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.cyber.bet//wf/sp/611bc275-0144-4101-8422-c5e1f672bc87.svg
172.66.43.156200 OK 0 B URL HTTP/2 static.cyber.bet//wf/sp/611bc275-0144-4101-8422-c5e1f672bc87.svg
IP 172.66.43.156:0
GET //wf/sp/611bc275-0144-4101-8422-c5e1f672bc87.svg HTTP/1.1
Host: static.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1675011699.1.0.1675011699.60.0.0; _ga=GA1.2.1494117069.1675011699; _gid=GA1.2.1432588000.1675011700; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 17:01:32 GMT
content-type: image/svg+xml
cache-control: public, max-age=31536000
last-modified: Tue, 15 Feb 2022 14:02:39 GMT
x-imgix-id: 75c58e24d4ac8f5051021d0ef9be81344e6a26d6
x-imgix-render-farm: 01.1064
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10029-SJC, cache-bma1653-BMA
x-cache: HIT, MISS
vary: Accept-Encoding
cf-cache-status: HIT
age: 958817
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rfT%2BjSB594yTXkbj8DgZ6eyeaWLB1gN%2F8WCOt9bpzVatbRkfmJHoDzJSRSRnnlRBEKLUNaCKI5rSzlfrOde8J6kAXK6HQsU7jyvJLlIIDh8LISxQGvSQ7X%2FOluQ0aqZjCAc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791387c3ac110b31-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:100,200,300,400,500,600,700,800,900&display=swap
142.250.74.138200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:100,200,300,400,500,600,700,800,900&display=swap
IP 142.250.74.138:0
GET /css?family=Roboto:100,200,300,400,500,600,700,800,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 29 Jan 2023 17:01:30 GMT
date: Sun, 29 Jan 2023 17:01:30 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
static.cyber.bet//fw/ex/770b02e2-890b-47f9-9097-5ce9131c6dae.svg
172.66.43.156200 OK 0 B URL HTTP/2 static.cyber.bet//fw/ex/770b02e2-890b-47f9-9097-5ce9131c6dae.svg
IP 172.66.43.156:0
GET //fw/ex/770b02e2-890b-47f9-9097-5ce9131c6dae.svg HTTP/1.1
Host: static.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1675011699.1.0.1675011699.60.0.0; _ga=GA1.2.1494117069.1675011699; _gid=GA1.2.1432588000.1675011700; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 17:01:32 GMT
content-type: image/svg+xml
cache-control: public, max-age=31536000
last-modified: Tue, 15 Feb 2022 13:53:49 GMT
x-imgix-id: 3071167306fd7e404ce6c9d0b6695258dcb9f78c
x-imgix-render-farm: 02.552
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10063-SJC, cache-bma1621-BMA
x-cache: HIT, MISS
vary: Accept-Encoding
cf-cache-status: HIT
age: 276334
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=79yTNiMwo8z3ZSmmcUpQY%2B%2BQ7oo8rz4HXaoHRSl7V%2BbZlVKJfq4f%2FRpjQowDQ1ZLN8g4eQr%2F7QkzAjxXdfH7G6grLgwpZ%2BUvYMEIsRAMzA5sB126Ta2dIcNgaNQHKget6bQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791387c3ac0e0b31-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.cyber.bet//vw/ul/f38ce5a4-5465-4e1b-9b88-e542693f572d.svg
172.66.43.156200 OK 0 B URL HTTP/2 static.cyber.bet//vw/ul/f38ce5a4-5465-4e1b-9b88-e542693f572d.svg
IP 172.66.43.156:0
GET //vw/ul/f38ce5a4-5465-4e1b-9b88-e542693f572d.svg HTTP/1.1
Host: static.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1675011699.1.0.1675011699.60.0.0; _ga=GA1.2.1494117069.1675011699; _gid=GA1.2.1432588000.1675011700; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 17:01:32 GMT
content-type: image/svg+xml
cache-control: public, max-age=31536000
last-modified: Tue, 15 Feb 2022 14:02:28 GMT
x-imgix-id: be499ee77bb9f13f4e61b37ea512299d94aa8c27
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10068-SJC, cache-maa10242-MAA
x-cache: HIT, MISS
vary: Accept-Encoding
cf-cache-status: HIT
age: 769121
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B0m6xdFl9IZ2o6dttzrA4j8Bjq0ZD2KQTzDxg%2F5yGMvqxPJq5i3pdbo0q9SujjoQlxBw3mRWNcEqmRunfXw19F35B6EHKXGhYppO7SHSe%2BVZs5GvlUSe%2BdQj9FRMsrkgD20%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791387c3ac100b31-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.cyber.bet//ct/pt/c85e2438-91ec-44f1-86b9-a8968e2be0a4.svg
172.66.43.156200 OK 0 B URL HTTP/2 static.cyber.bet//ct/pt/c85e2438-91ec-44f1-86b9-a8968e2be0a4.svg
IP 172.66.43.156:0
GET //ct/pt/c85e2438-91ec-44f1-86b9-a8968e2be0a4.svg HTTP/1.1
Host: static.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1675011699.1.0.1675011699.60.0.0; _ga=GA1.2.1494117069.1675011699; _gid=GA1.2.1432588000.1675011700; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 17:01:32 GMT
content-type: image/svg+xml
cache-control: public, max-age=31536000
last-modified: Tue, 15 Feb 2022 13:52:12 GMT
x-imgix-features: {"linux_painter":"0","tannhauser_routing":"0","tannhauser_shield":"0"}
x-imgix-id: a52b6d3a19f01fc91c01ef38ea74345ce0cc3d68
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10055-SJC, cache-hel1410027-HEL
x-cache: MISS, HIT
vary: Accept-Encoding
cf-cache-status: HIT
age: 276334
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3fnFr3o38tRZ6Vp31ASgPy9jpCWNn4Kqlptc3ykIemMBdNW0vU677VGE2rO%2FVGma9haUT6oJHKeBVHoMuKcfaEzT5j73qrT%2BCGZV4Bf7I5yZ2vxMm2iYNvaixGVw9FLXt%2BM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791387c3ac0f0b31-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdnstatic.cyber.bet/js/libs/iso3to2.js
54.230.111.71200 OK 0 B URL HTTP/2 cdnstatic.cyber.bet/js/libs/iso3to2.js
IP 54.230.111.71:0
GET /js/libs/iso3to2.js HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1675011699.1.0.1675011699.60.0.0; _ga=GA1.2.1494117069.1675011699; _gid=GA1.2.1432588000.1675011700; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 24 Jan 2023 12:10:35 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Sun, 29 Jan 2023 17:00:56 GMT
etag: W/"db031116c7888248916813c60a4cce2b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: JY5nTVZeqzW7hdQdzoKH_AYktD0bDfdm7SIyHeXKiD13tSkq4XEAjA==
age: 38
X-Firefox-Spdy: h2
cdnstatic.cyber.bet/css/iti/intlTelInput.css
54.230.111.71200 OK 0 B URL HTTP/2 cdnstatic.cyber.bet/css/iti/intlTelInput.css
IP 54.230.111.71:0
GET /css/iti/intlTelInput.css HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1675011699.1.0.1675011699.60.0.0; _ga=GA1.2.1494117069.1675011699; _gid=GA1.2.1432588000.1675011700; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Tue, 24 Jan 2023 12:10:32 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Sun, 29 Jan 2023 17:00:55 GMT
etag: W/"a69aa970266649e0b08c2cb4bc166568"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: EwRWjOGqA76lRwB637sCV77qIUrMoP9x5MQtq99FYdMORwVyqmAhJw==
age: 40
X-Firefox-Spdy: h2
static.cyber.bet//fs/kc/17bc1130-a40d-4486-8805-8edc5e3ab5e0.svg
172.66.43.156200 OK 0 B URL HTTP/2 static.cyber.bet//fs/kc/17bc1130-a40d-4486-8805-8edc5e3ab5e0.svg
IP 172.66.43.156:0
GET //fs/kc/17bc1130-a40d-4486-8805-8edc5e3ab5e0.svg HTTP/1.1
Host: static.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1675011699.1.0.1675011699.60.0.0; _ga=GA1.2.1494117069.1675011699; _gid=GA1.2.1432588000.1675011700; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 17:01:32 GMT
content-type: image/svg+xml
cache-control: public, max-age=31536000
last-modified: Sat, 26 Nov 2022 04:32:34 GMT
x-imgix-id: eaa9a5ceb4ef9ff91d93849720aab7cfa394d578
x-imgix-render-farm: 02.552
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10054-SJC, cache-bma1648-BMA
x-cache: HIT, MISS
vary: Accept-Encoding
cf-cache-status: HIT
age: 408750
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h%2FgtX8jLbYrqOgOURGVSApj%2FTjQNqAhR6nKaeDWWKyO9OC2AQCxzs8ZIpzMmOcuOdEby9uYRFvIjE%2F0g2KfItpW%2Fw9VIl%2FYDKQdnuBL4ddovHhf%2Bm9ahoaF%2FnsgCQoSuxV0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791387c3ac120b31-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.cyber.bet//rp/gc/3a3b6125-5608-486b-8f79-4497ca3badfe.svg
172.66.43.156200 OK 0 B URL HTTP/2 static.cyber.bet//rp/gc/3a3b6125-5608-486b-8f79-4497ca3badfe.svg
IP 172.66.43.156:0
GET //rp/gc/3a3b6125-5608-486b-8f79-4497ca3badfe.svg HTTP/1.1
Host: static.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1675011699.1.0.1675011699.60.0.0; _ga=GA1.2.1494117069.1675011699; _gid=GA1.2.1432588000.1675011700; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 17:01:32 GMT
content-type: image/svg+xml
cache-control: public, max-age=31536000
last-modified: Tue, 15 Feb 2022 14:00:10 GMT
x-imgix-id: 854adac84f9266f0b69e2c7ea9353daa4bedcf8d
x-imgix-render-farm: 02.552
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10068-SJC, cache-bma1650-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
cf-cache-status: HIT
age: 276334
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QH4dsgR%2BCPC3THHrIxNGyRwJzorBea0Zb7NdMy1QqQNLuz3yGIKOVgBt6KBiGz7qsdbDLS6JOqOb8AGAFD9BlPsRzwhMwJAx9NxqYVlsPFAW%2FX1LHp%2Fx9ub34TAuIEfJ624%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791387c3ac0c0b31-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdnstatic.cyber.bet/js/libs/jquery.nice-select.min.js
54.230.111.71200 OK 0 B URL HTTP/2 cdnstatic.cyber.bet/js/libs/jquery.nice-select.min.js
IP 54.230.111.71:0
GET /js/libs/jquery.nice-select.min.js HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 24 Jan 2023 12:10:35 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Sun, 29 Jan 2023 17:00:54 GMT
etag: W/"4e2def5093eb4c4281624db4a5aa8f9c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: M_vCIGmU_SgIwyX-Gdr_cYRiLTd5mtzdA4KeGOhxwbvt_j7VkaqP6g==
age: 40
X-Firefox-Spdy: h2
cyber.bet/land/gold_football/css/form.css
172.66.43.156200 OK 0 B URL HTTP/2 cyber.bet/land/gold_football/css/form.css
IP 172.66.43.156:0
GET /land/gold_football/css/form.css HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/gold_football/?cid=63d6a66a1d24f00001e96706&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_betting&promocode=CYBERMAX300&subid2=&subid3=&aff_bnnr=&aff_land=1616692149
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 17:01:30 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=9305
etag: W/"5feaf99b-2459"
last-modified: Tue, 29 Dec 2020 09:40:43 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3404
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rQqaYKyKUwC2T%2F%2B%2BH%2BDglfKxh4WJ3wXVrFOCNhUSSMFJr89n7g4DgkrfuDrVv1a6pNOsOugnc0dWQhWDUo4BPS5q6%2Bz5PK7nC1LhU8mfVYv7ELhlelPksz9KSA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791387bb99630b31-OSL
content-encoding: br
X-Firefox-Spdy: h2
cyber.bet/land/gold_football/css/common.css
172.66.43.156200 OK 0 B URL HTTP/2 cyber.bet/land/gold_football/css/common.css
IP 172.66.43.156:0
GET /land/gold_football/css/common.css HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/gold_football/?cid=63d6a66a1d24f00001e96706&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_betting&promocode=CYBERMAX300&subid2=&subid3=&aff_bnnr=&aff_land=1616692149
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 17:01:30 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=2676
etag: W/"5fea0ac1-a74"
last-modified: Mon, 28 Dec 2020 16:41:37 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3404
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RM392PXwizUEQ0Zk74xuy%2FZKR60agUHvbVErQNrKhuUuco7Qnm0BDEuZ75vC4klnP8wb3Ow2a9TP%2BThTCXwcyaOcTed91L4OalHZ2uPGK3LaRgJI7PbJKXPIDw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791387bb99600b31-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.cyber.bet//xb/uj/c55700c6-fd25-4428-ab94-d164b9de3298.svg
172.66.43.156200 OK 0 B URL HTTP/2 static.cyber.bet//xb/uj/c55700c6-fd25-4428-ab94-d164b9de3298.svg
IP 172.66.43.156:0
GET //xb/uj/c55700c6-fd25-4428-ab94-d164b9de3298.svg HTTP/1.1
Host: static.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1675011699.1.0.1675011699.60.0.0; _ga=GA1.2.1494117069.1675011699; _gid=GA1.2.1432588000.1675011700; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 17:01:32 GMT
content-type: image/svg+xml
cache-control: public, max-age=31536000
last-modified: Tue, 30 Aug 2022 12:06:01 GMT
x-imgix-id: 9bdf3c27132191386bea4ec4bc43098d462dc9fd
x-imgix-render-farm: 02.552
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10022-SJC, cache-bma1631-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
cf-cache-status: HIT
age: 958817
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sf32Vfb5W6R%2Fdh9gl4KG%2BmgF%2FBLB9vQxh1ApsHHmqOoziPN5xmU87804kPQzYzx7IOJNB7n596TYWlrUSMhGaX6CVNP683JnS9ClWurGgw0oF8%2FT6XfOcCuthttHOLQtCSw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791387c3ac030b31-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.cyber.bet//nj/mq/749129a1-2b84-46a8-bfc2-36c7fb837f56.svg
172.66.43.156200 OK 0 B URL HTTP/2 static.cyber.bet//nj/mq/749129a1-2b84-46a8-bfc2-36c7fb837f56.svg
IP 172.66.43.156:0
GET //nj/mq/749129a1-2b84-46a8-bfc2-36c7fb837f56.svg HTTP/1.1
Host: static.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1675011699.1.0.1675011699.60.0.0; _ga=GA1.2.1494117069.1675011699; _gid=GA1.2.1432588000.1675011700; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 17:01:32 GMT
content-type: image/svg+xml
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 04:06:38 GMT
x-imgix-id: 58d927587a2791fa5ee8dc913a6ff0f83e28f73b
x-imgix-render-farm: 02.552
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10051-SJC, cache-bma1681-BMA
x-cache: MISS, HIT
vary: Accept-Encoding
cf-cache-status: HIT
age: 276334
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WLsfhdlWTCiAAFx4dJhd6aw5gStuWvMn1kfRFX803A7X26qh2SUGIXYJ7dXBiepU%2F%2BosDSywtC3h2V116%2BPZSsgPfWg0QzXNNc0kAp6d0qkQ940XE%2B1cka9svSASx8WrXyA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791387c3ac050b31-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.cyber.bet//rg/xl/324c146b-3f35-4a0f-88ce-5f2b13d51113.svg
172.66.43.156200 OK 0 B URL HTTP/2 static.cyber.bet//rg/xl/324c146b-3f35-4a0f-88ce-5f2b13d51113.svg
IP 172.66.43.156:0
GET //rg/xl/324c146b-3f35-4a0f-88ce-5f2b13d51113.svg HTTP/1.1
Host: static.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1675011699.1.0.1675011699.60.0.0; _ga=GA1.2.1494117069.1675011699; _gid=GA1.2.1432588000.1675011700; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 17:01:32 GMT
content-type: image/svg+xml
cache-control: public, max-age=31536000
last-modified: Tue, 15 Feb 2022 13:59:51 GMT
x-imgix-id: c912ac4741157f0c624624a3b61b365f5d2f134f
x-imgix-render-farm: 01.1064
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10082-SJC, cache-bma1655-BMA
x-cache: HIT, MISS
vary: Accept-Encoding
cf-cache-status: HIT
age: 958817
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7ztkGas2UEBidxNP7Y1oVBX8rBHrPwF0xf%2Bi6Ew6CHJDSJjyeauIa7ZqbtA5YSO8gC9aOkgebtG1QcAveWmZZq1ks5A160uBFwpIwTffoMWN7jcbzcMjs%2BPWYSq%2FNm9rCoI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791387c3ac0d0b31-OSL
content-encoding: br
X-Firefox-Spdy: h2
cyber.bet/land/gold_football/?cid=63d6a66a1d24f00001e96706&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_betting&promocode=CYBERMAX300&subid2=&subid3=&aff_bnnr=&aff_land=1616692149
172.66.43.156200 OK 0 B URL HTTP/2 cyber.bet/land/gold_football/?cid=63d6a66a1d24f00001e96706&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_betting&promocode=CYBERMAX300&subid2=&subid3=&aff_bnnr=&aff_land=1616692149
IP 172.66.43.156:0
GET /land/gold_football/?cid=63d6a66a1d24f00001e96706&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_betting&promocode=CYBERMAX300&subid2=&subid3=&aff_bnnr=&aff_land=1616692149 HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://orest-vlv.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 17:01:30 GMT
content-type: text/html
last-modified: Tue, 22 Mar 2022 09:45:58 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wk5ekRTibE1E32I8Ky8TP1AW8%2BKN4r9WL6nsIFKry%2F7K8Ok7luInTR3BYZNVOKyofCFXgeJesqdUewWpVOC87Pa3TAO8h%2FawBEr19kiDpCsXWj2zi4REE4HThQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791387ba88080b31-OSL
content-encoding: br
X-Firefox-Spdy: h2