Report - luckyexit.xyz/track/bland?data=aHR0cHM6Ly93d3cucGFsbXNiZXQuY29tL2FmZmlsaWF0ZS8/bWFya2V0aW5nQ29kZT1QQi0wMzk1JmJhbklEPSZicmFuZD1lY2FzaW5vJm5zPSZjbGlja2lkPXo4MzFkMWNnOXBsZnUzMGdjcCZwYWdlcz1uZXctZnJlZS1zcGlucy1ldmVyeWRheQ==

Report Overview

Submitted URL
luckyexit.xyz/track/bland?data=aHR0cHM6Ly93d3cucGFsbXNiZXQuY29tL2FmZmlsaWF0ZS8/bWFya2V0aW5nQ29kZT1QQi0wMzk1JmJhbklEPSZicmFuZD1lY2FzaW5vJm5zPSZjbGlja2lkPXo4MzFkMWNnOXBsZnUzMGdjcCZwYWdlcz1uZXctZnJlZS1zcGlucy1ldmVyeWRheQ==
IP
104.21.71.176
ASN
#13335 CLOUDFLARENET
Submitted
2023-03-29 19:30:55
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
1
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-31T18:12:04Z	3.0 kB	42 kB	23.36.77.32
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-31T18:12:09Z	333 B	391 B	34.117.237.239
support.palmsbet.com	390324	2021-07-14T14:00:22Z	2023-04-01T05:56:56Z	593 B	1.5 kB	78.128.60.140
sdkuaservice.optimove.net	38822	2018-09-05T11:30:45Z	2023-03-31T13:05:01Z	455 B	615 B	34.102.240.186
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-31T18:12:03Z	6.3 kB	13 kB	142.250.74.131
adservice.google.no	96969	2018-06-20T01:38:38Z	2023-03-31T18:12:12Z	740 B	724 B	142.250.74.66
stats.g.doubleclick.net	96	2013-06-10T22:21:11Z	2023-03-31T18:42:09Z	605 B	595 B	64.233.161.157
s2.adform.net	4693	2013-04-18T13:49:52Z	2023-03-31T15:14:45Z	388 B	32 kB	37.157.6.236
www.google.no	25607	2016-04-05T21:50:59Z	2023-03-31T22:08:04Z	515 B	578 B	142.250.74.163
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-31T18:18:04Z	413 B	5.9 kB	34.160.144.191
tgtag.io	35595	2020-03-11T14:37:01Z	2023-03-31T11:54:33Z	370 B	33 kB	34.120.230.83
adservice.google.com	76	2021-02-20T17:10:48Z	2023-04-01T00:00:25Z	750 B	883 B	142.250.74.130
ocsp.sectigo.com	487	2019-11-29T12:50:24Z	2023-03-31T23:45:41Z	680 B	1.9 kB	172.64.155.188
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-31T18:14:44Z	782 B	2.4 kB	35.241.9.150
iwonit.xyz	206266	2022-02-05T15:51:38Z	2023-04-01T09:43:50Z	558 B	713 B	172.67.166.243
www.google.com	7	2015-05-10T13:11:19Z	2023-03-31T20:35:26Z	516 B	111 kB	216.58.211.4
sdk-cdn.optimove.net	23584	2017-10-25T13:31:56Z	2023-03-31T17:45:08Z	815 B	26 kB	35.201.79.141
stream-683.optimove.net	unknown	2021-12-31T14:43:00Z	2023-03-29T21:30:48Z	1.5 kB	2.2 kB	107.154.132.121
512974245.fls.doubleclick.net	unknown	2020-07-23T16:36:39Z	2023-03-29T21:30:46Z	747 B	1.3 kB	142.250.74.70
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-31T18:13:52Z	606 B	127 B	35.80.203.55
luckyexit.xyz	unknown	2022-02-05T15:51:18Z	2023-04-01T09:22:48Z	550 B	808 B	172.67.171.24
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-31T22:03:32Z	382 B	75 kB	142.250.74.168
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-31T20:23:24Z	419 B	1.8 kB	142.250.74.138
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-31T07:51:33Z	3.2 kB	86 kB	34.120.237.76
api.trafficguard.ai	35142	2019-03-12T09:50:04Z	2023-03-31T11:54:34Z	521 B	1.1 kB	34.120.121.20
www.palmsbet.com	205486	2019-05-01T02:44:30Z	2023-03-31T05:18:48Z	560 B	960 B	104.26.7.160
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-31T21:56:16Z	1.0 kB	2.3 kB	192.229.221.95
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-31T21:42:43Z	373 B	21 kB	142.250.74.110
connect.facebook.net	139	2012-05-22T04:51:28Z	2023-03-31T18:12:05Z	374 B	29 kB	31.13.72.12
www.palmsbet.top	unknown	2019-07-07T07:05:15Z	2023-03-29T21:30:46Z	406 B	308 kB	78.128.8.67
track.adform.net	3564	2012-05-21T09:01:21Z	2023-03-31T18:12:47Z	1.1 kB	1.9 kB	37.157.6.233
www.facebook.com	99	2012-05-21T02:23:41Z	2021-02-04T00:31:35Z	769 B	349 B	31.13.72.36

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-03-29 19:31:09	medium	Client IP	Internal IP	ET DNS Query to a *.top domain - Likely Hostile

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (26)

	URL	Size	First Seen	Last Seen
	connect.facebook.net/signals/config/1297212827064514?v=2.9.100&r=stable	387 kB	2023-03-13	2023-04-19
Pretty URL connect.facebook.net/signals/config/1297212827064514?v=2.9.100&r=stable IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:26:34 Last Seen2023-04-19 19:56:29 Times Seen51 Hash 46346d14732c61b8459d90ef1c171114 c8212463a7c51dd5290ed9e6dbeb7a090258c834 2fcbd1fb6717d328cb599e22e8b60114c4a197b3d18198972a5ecc47a815826a Loading...

	sdk-cdn.optimove.net/webconfig/f6a9d2d8264c44578514f5b495966bf8/web-configuration.1.0.0.js	110 kB	2023-03-13	2023-09-17
Pretty URL sdk-cdn.optimove.net/webconfig/f6a9d2d8264c44578514f5b495966bf8/web-configuration.1.0.0.js IP 35.201.79.141 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 02:23:35 Last Seen2023-09-17 09:14:06 Times Seen172 Hash 842dbd11eeb55dfdff0377f86937faab db6602ac2ebdfa23fde2da04954c6bcd65211770 73a2224ce42432b8960989d432867929b82993a44cd23c2f5ae1a4d7ca06e0c3 Loading...

	www.palmsbet.com/scripts/tab-changes.js?v=1680118272042	2.3 kB	2023-03-07	2023-09-17
Pretty URL www.palmsbet.com/scripts/tab-changes.js?v=1680118272042 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59:42 Last Seen2023-09-17 09:14:05 Times Seen114 Hash ba13a046eb6675504d302089ca3da833 57c98951979844da1387df31a1a6b010fde86a3f 9db56cd2ede27233110647b8b4e459e90f00210012c4f5373fc894daf8bc9aa2 Loading...

	http:blank	600 B	2023-03-26	2023-04-17
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 08:46:35 Last Seen2023-04-17 21:29:13 Times Seen11 Hash 0d6b360bc26a9c89eaadbf2a88c18f61 d9b821c62fca0562b6a63de10362fdf04e0567ca eb405fe0e649e7fc7d752c26b82494ab961100f723242ec54b4e9423e0616c27 Loading...

	www.palmsbet.com/bg/pages/new-free-spins-everyday/?marketingCode=PB-0395&tgclid=03010033-1ff1-4b19-9e00-11f8642491e5	486 B	2023-03-07	2023-09-17
Pretty URL www.palmsbet.com/bg/pages/new-free-spins-everyday/?marketingCode=PB-0395&tgclid=03010033-1ff1-4b19-9e00-11f8642491e5 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59:42 Last Seen2023-09-17 09:14:05 Times Seen102 Hash 4bf0aa2f78f73e506c9c41e11b2ed668 765f0150868fd4bf93e9dd5aa08120deea76d17f fed9a303461e7fb3eb2dcdd78d767d0e1a2b74269040d3600801a8ee48430df1 Loading...

	track.adform.net/serving/scripts/trackpoint/async/	80 kB	2023-03-08	2023-08-22
Pretty URL track.adform.net/serving/scripts/trackpoint/async/ IP 37.157.6.233 ASN #198622 Adform A/S Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:31:25 Last Seen2023-08-22 11:18:40 Times Seen317 Hash 83eb5fafaa212c785f7393188ff817aa b5a60e05523c4f55e93610169b2c6da627553fc6 45d4d6fe0a9cae467c6d81caef5edd008c13b70ba403979f979fb86d400378c7 Loading...

	sdk-cdn.optimove.net/websdk/sdk-v2.0.js	49 kB	2023-03-13	2023-05-18
Pretty URL sdk-cdn.optimove.net/websdk/sdk-v2.0.js IP 35.201.79.141 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 10:20:09 Last Seen2023-05-18 15:24:55 Times Seen114 Hash 6534dac28bf363e64fbe3c20f01e1ef5 97f931db60a53efe35467db26cd0cf19a0ef794b 492ade39fca6ef3911968569dc4d962f3d3e880210259da57d9e2ee5d9b449b7 Loading...

	www.palmsbet.com/scripts/banner-default.js?v=960.1.1?v=1680118272040	9.7 kB	2023-03-07	2023-09-17
Pretty URL www.palmsbet.com/scripts/banner-default.js?v=960.1.1?v=1680118272040 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59:42 Last Seen2023-09-17 09:14:05 Times Seen111 Hash c2445e7c5b2725bd4a0a7bf9d4b47a42 5cb511abcefb3afb4352edb712b70c49b967bf9c 8f44a77c10b749fc6176d074eb2760aae3e945225264878bb95615cc3b7becbb Loading...

	www.palmsbet.com/affiliate/?marketingCode=PB-0395&banID=&brand=ecasino&ns=&clickid=z831d1cg9plfu30gcp&pages=new-free-spins-everyday	141 B	2023-03-07	2023-04-05
Pretty URL www.palmsbet.com/affiliate/?marketingCode=PB-0395&banID=&brand=ecasino&ns=&clickid=z831d1cg9plfu30gcp&pages=new-free-spins-everyday IP 104.26.7.160 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59:42 Last Seen2023-04-05 01:52:35 Times Seen20 Hash 8cf0d2fe46ea3e75d1aea4708a499488 a37f980aa8b855df6489ca02e5af5dddddf81f9a a1a8f8141097ad0e2373121faf95e8fbbe5411b87c422ade042f84bc3daeac21 Loading...

	www.palmsbet.com/bg/pages/new-free-spins-everyday/?marketingCode=PB-0395&tgclid=03010033-1ff1-4b19-9e00-11f8642491e5	341 B	2023-03-07	2023-09-17
Pretty URL www.palmsbet.com/bg/pages/new-free-spins-everyday/?marketingCode=PB-0395&tgclid=03010033-1ff1-4b19-9e00-11f8642491e5 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59:42 Last Seen2023-09-17 09:14:05 Times Seen106 Hash 5e9ed7a18696f9b7182fb8f1c08be46b 1a24b49762f246a4a2c7e73cf1e3ccb971f25bbd 1e9823d571bcd1138a9dae0664827fcb816c423d1cb6941389c74d7e711bb516 Loading...

	www.palmsbet.com/bg/pages/new-free-spins-everyday/?marketingCode=PB-0395&tgclid=03010033-1ff1-4b19-9e00-11f8642491e5	1.4 kB	2023-03-26	2023-04-17
Pretty URL www.palmsbet.com/bg/pages/new-free-spins-everyday/?marketingCode=PB-0395&tgclid=03010033-1ff1-4b19-9e00-11f8642491e5 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 08:46:35 Last Seen2023-04-17 21:29:13 Times Seen14 Hash 66ef4ac54c33b1e3a890aaa21e9a8366 cecfa78ae30afd57b7310cf54ec76535b4c1173d 08e50d6ba2afec2b1f2dda04918dc4951e14a2b53d9f321d7a94ce0ce9244edb Loading...

	www.palmsbet.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1680105600	26 kB	2023-04-01	2023-04-01
Pretty URL www.palmsbet.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1680105600 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-01 10:23:44 Last Seen2023-04-01 10:23:44 Times Seen1 Hash c4e30b86ab61efda1a3be3a2976c9832 0e41a4612edacb88de03bdb4a5318d5a51a514b5 f68ca479f4450406d4c2bb60e41eb6a747dd96fa21eb193b7ff2ea3c5f6e627f Loading...

	www.palmsbet.com/scripts/init.min.js?v=13.2.5.5	12 kB	2023-03-07	2023-09-17
Pretty URL www.palmsbet.com/scripts/init.min.js?v=13.2.5.5 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59:42 Last Seen2023-09-17 09:14:06 Times Seen182 Hash ca334ff65b6a9b901c3cced53c428859 03958d996ef9d273213c06c1426a644614afd225 10cd77a8fc1a1c097181884ec32999c90ede84ca0f659be37dbd1d60548f24c4 Loading...

	www.googletagmanager.com/gtag/js?id=G-JRG87C8CG6&l=dataLayer&cx=c	244 kB	2023-04-01	2023-04-01
Pretty URL www.googletagmanager.com/gtag/js?id=G-JRG87C8CG6&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-01 10:23:44 Last Seen2023-04-01 10:23:44 Times Seen1 Hash a012a0538602fee376998773c9865253 506152e94a699142d101884a15d59a8d2cfdf8e8 4650cf7a58c28944e7b7cfedfe7305c19331a3c7c36c7ed99657bc47ea4cf745 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-12	2024-04-15
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.110 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:46:21 Last Seen2024-04-15 18:54:35 Times Seen35101 Hash 54e51056211dda674100cc5b323a58ad 26dc5034cb6c7f3bbe061edd37c7fc6006cb835b 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Loading...

	www.palmsbet.com/bg/pages/new-free-spins-everyday/?marketingCode=PB-0395&tgclid=03010033-1ff1-4b19-9e00-11f8642491e5	398 B	2023-03-07	2023-09-17
Pretty URL www.palmsbet.com/bg/pages/new-free-spins-everyday/?marketingCode=PB-0395&tgclid=03010033-1ff1-4b19-9e00-11f8642491e5 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59:42 Last Seen2023-09-17 09:14:05 Times Seen106 Hash 251a94ead46a2087e9b63b61610e48e4 f5c3b3f68055117c6be373bc58a20bc6cb11fe70 b7a2547e06d5ad19132f839bbad92fb9319dec4f287af0adedf16a996a6bbff2 Loading...

	www.palmsbet.com/bg/pages/new-free-spins-everyday/?marketingCode=PB-0395&tgclid=03010033-1ff1-4b19-9e00-11f8642491e5	1.6 kB	2023-04-01	2023-04-01
Pretty URL www.palmsbet.com/bg/pages/new-free-spins-everyday/?marketingCode=PB-0395&tgclid=03010033-1ff1-4b19-9e00-11f8642491e5 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-01 10:23:44 Last Seen2023-04-01 10:23:44 Times Seen1 Hash 0a8ca01066668229bd6e82d8ba2fe8ac a8e305c457b2fceaefb21a6a3d0c9c60ebcacef0 0a4ea0d053db4172e87c7be79859c01536a0a357d1204adf12f5ca58edfc62c9 Loading...

	http:blank	708 B	2023-04-01	2023-04-01
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-01 10:23:44 Last Seen2023-04-01 10:23:44 Times Seen1 Hash c4f86a4002f6577cd1ee26224265d094 4b78025ed843239037dd6a2760848d1ef0d0ecd5 d10fc509677f35a43816fcf7f0e96e36a8ffefaa827129d9eb22d041abcc6914 Loading...

	www.palmsbet.com/bg/pages/new-free-spins-everyday/?marketingCode=PB-0395&tgclid=03010033-1ff1-4b19-9e00-11f8642491e5	831 B	2023-03-07	2023-09-17
Pretty URL www.palmsbet.com/bg/pages/new-free-spins-everyday/?marketingCode=PB-0395&tgclid=03010033-1ff1-4b19-9e00-11f8642491e5 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59:42 Last Seen2023-09-17 09:14:05 Times Seen106 Hash 560bac8e455828b0dc18867c6cd9da8b e2a4b0d6a4311c0e34e6233fc6b19b31e5f3172e 3ed5000e5dd3b1a4c8b0da26e131122d6cf65cf1b5ca3f0fb68f85923b512caa Loading...

	www.palmsbet.com/scripts/jquery.ctdata.js?v=1.635821123.1.1	16 kB	2023-03-12	2023-04-19
Pretty URL www.palmsbet.com/scripts/jquery.ctdata.js?v=1.635821123.1.1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 23:25:37 Last Seen2023-04-19 19:56:29 Times Seen41 Hash c0d30b2cac7ae1436aef5f7e4547dc58 7586f67b3bdc6c597024552e03e8416a51d76210 4053cca5c2e7118d5b5df7714e5e9f3723cc6f7b6a378e146c71a67a4dfc5e87 Loading...

	www.palmsbet.com/scripts/custom.min.js?ver=1680118271590	110 kB	2023-04-01	2023-04-01
Pretty URL www.palmsbet.com/scripts/custom.min.js?ver=1680118271590 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-01 10:23:22 Last Seen2023-04-01 10:23:44 Times Seen2 Hash 37c2c0bbcaeb8d68e75607f6beae668d 7a02a4ea62d21a6fb42fcbe492cf6555abaf58c6 83bed854664dce05dc7f8de1c501f499aa3063f4cf07312cdb7f414ceb28e366 Loading...

	www.palmsbet.com/scripts/jquery.touchSwipe.min.js	20 kB	2023-03-07	2024-04-19
Pretty URL www.palmsbet.com/scripts/jquery.touchSwipe.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2024-04-19 11:28:16 Times Seen1349 Hash f60ff05469d1757996d85f4172d4ff4d 69c8c9f0e0fbd9bd9fd1df6c1a18067256d46c73 a10d7edb8fd307f469beaaa75a725e4bdae24a1b867f5bc7960f01e25c99d8e1 Loading...

	connect.facebook.net/en_US/fbevents.js	110 kB	2023-03-29	2024-01-01
Pretty URL connect.facebook.net/en_US/fbevents.js IP 31.13.72.12 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 23:21:14 Last Seen2024-01-01 20:32:51 Times Seen5908 Hash 16a85e90ff4a7f49fb83743f7e338b4f c6ef02e6771407f89b4eb7efccf9efc08b4ca242 dbf060c555e91a539d9cb849f4aa0c656db9b0a1da32c99aafb12d7c508c6849 Loading...

	track.adform.net/Serving/TrackPoint/?pm=2130909&ADFPageName=WebsiteName%7CSectionName%7CSubSection%7CPageName&ADFdivider=%7C&ord=617374211136&ADFtpmode=2&loc=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fnew-free-spins-everyday%2F%3FmarketingCode%3DPB-0395%26tgclid%3D03010033-1ff1-4b19-9e00-11f8642491e5&CPref=https%3A%2F%2Fwww.palmsbet.com%2F&Set1=en-US%7Cen-US%7C1280x1024%7C24	143 B	2023-03-07	2023-04-05
Pretty URL track.adform.net/Serving/TrackPoint/?pm=2130909&ADFPageName=WebsiteName%7CSectionName%7CSubSection%7CPageName&ADFdivider=%7C&ord=617374211136&ADFtpmode=2&loc=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fnew-free-spins-everyday%2F%3FmarketingCode%3DPB-0395%26tgclid%3D03010033-1ff1-4b19-9e00-11f8642491e5&CPref=https%3A%2F%2Fwww.palmsbet.com%2F&Set1=en-US%7Cen-US%7C1280x1024%7C24 IP 37.157.6.233 ASN #198622 Adform A/S Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59:42 Last Seen2023-04-05 01:52:35 Times Seen29 Hash ac85d2c997b3f5e1e7ef149366314ae6 0dc97a787c9e8cc8a20fa1ceacc3cad6c1813117 2cb28c9975c6810c04af98601f68a5464fe4929be832e4ba3866e367777155eb Loading...

	www.palmsbet.com/scripts/jquery-3.6.0.min.js	90 kB	2023-03-07	2024-04-26
Pretty URL www.palmsbet.com/scripts/jquery-3.6.0.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:13 Last Seen2024-04-26 22:07:03 Times Seen261791 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

	www.palmsbet.com/bg/pages/new-free-spins-everyday/?marketingCode=PB-0395&tgclid=03010033-1ff1-4b19-9e00-11f8642491e5	482 B	2023-03-07	2023-09-17
Pretty URL www.palmsbet.com/bg/pages/new-free-spins-everyday/?marketingCode=PB-0395&tgclid=03010033-1ff1-4b19-9e00-11f8642491e5 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59:42 Last Seen2023-09-17 09:14:05 Times Seen102 Hash fe73caa22b8f6c03742a7ffc028a58ff e60417d12e8953b2b85256bcafa881297160fe36 17bc2ec491a3a53968625e018de6dfb9d3d96c441ce67578c843383f1aeafe6c Loading...

HTTP Transactions (70)

	URL	IP	Response	Size
	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 93f633ce30c038eb581544323c5a971e 2f60526cb750c6babccc207f75fb5a8ae6f7598b 0ff6df80a892199848fb943af78541b66efc09a7ab70d4b169906fdbac1eabf8 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "0FF6DF80A892199848FB943AF78541B66EFC09A7AB70D4B169906FDBAC1EABF8" Last-Modified: Mon, 27 Mar 2023 14:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4016 Expires: Wed, 29 Mar 2023 20:37:39 GMT Date: Wed, 29 Mar 2023 19:30:43 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash c83d39f350161ed2f5d20dcd68e47c92 2695a888e652cb314f8094cc6073c3364336d272 62e5cc6aea61c3c32acd964d4bbe143806416008181eebc4451a8f035b69a0bc HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "62E5CC6AEA61C3C32ACD964D4BBE143806416008181EEBC4451A8F035B69A0BC" Last-Modified: Mon, 27 Mar 2023 06:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5682 Expires: Wed, 29 Mar 2023 21:05:25 GMT Date: Wed, 29 Mar 2023 19:30:43 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/	35.241.9.150	200 OK	939 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/ IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size 939 B (939 bytes) Hash 4ad6984a756720fbfff47b37a75513a2 355e35258114452af8b9638985ed9d8ef3bf0aca 43181fccb10652c68cae86e5e32b4e8f426fb5ad49d8125cb99e072cff573cf5 HTTP Headers `GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Type, Content-Length, Retry-After, Alert, Backoff content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Wed, 29 Mar 2023 19:28:11 GMT content-type: application/json age: 152 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash c0d9353dc46e88bf564ed464b0b073c7 0b5ce170e7db24267a3ba5b79a48548b1acd2e5b 7c7ef189b14109b44aa96454ea1b94bcbd3d69599cc7ba429f8234f6acd88a9b HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "7C7EF189B14109B44AA96454EA1B94BCBD3D69599CC7BA429F8234F6ACD88A9B" Last-Modified: Mon, 27 Mar 2023 19:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4334 Expires: Wed, 29 Mar 2023 20:42:57 GMT Date: Wed, 29 Mar 2023 19:30:43 GMT Connection: keep-alive`

	luckyexit.xyz/track/bland?data=aHR0cHM6Ly93d3cucGFsbXNiZXQuY29tL2FmZmlsaWF0ZS8/bWFya2V0aW5nQ29kZT1QQi0wMzk1JmJhbklEPSZicmFuZD1lY2FzaW5vJm5zPSZjbGlja2lkPXo4MzFkMWNnOXBsZnUzMGdjcCZwYWdlcz1uZXctZnJlZS1zcGlucy1ldmVyeWRheQ==	172.67.171.24	301 Moved Permanently	0 B
URL HTTP/1.1 luckyexit.xyz/track/bland?data=aHR0cHM6Ly93d3cucGFsbXNiZXQuY29tL2FmZmlsaWF0ZS8/bWFya2V0aW5nQ29kZT1QQi0wMzk1JmJhbklEPSZicmFuZD1lY2FzaW5vJm5zPSZjbGlja2lkPXo4MzFkMWNnOXBsZnUzMGdjcCZwYWdlcz1uZXctZnJlZS1zcGlucy1ldmVyeWRheQ== IP 172.67.171.24:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /track/bland?data=aHR0cHM6Ly93d3cucGFsbXNiZXQuY29tL2FmZmlsaWF0ZS8/bWFya2V0aW5nQ29kZT1QQi0wMzk1JmJhbklEPSZicmFuZD1lY2FzaW5vJm5zPSZjbGlja2lkPXo4MzFkMWNnOXBsZnUzMGdjcCZwYWdlcz1uZXctZnJlZS1zcGlucy1ldmVyeWRheQ== HTTP/1.1 Host: luckyexit.xyz User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1 HTTP/1.1 301 Moved Permanently Date: Wed, 29 Mar 2023 19:30:43 GMT Content-Length: 0 Connection: keep-alive location: http://iwonit.xyz/track/bland?data=aHR0cHM6Ly93d3cucGFsbXNiZXQuY29tL2FmZmlsaWF0ZS8/bWFya2V0aW5nQ29kZT1QQi0wMzk1JmJhbklEPSZicmFuZD1lY2FzaW5vJm5zPSZjbGlja2lkPXo4MzFkMWNnOXBsZnUzMGdjcCZwYWdlcz1uZXctZnJlZS1zcGlucy1ldmVyeWRheQ==&final=true referrer-policy: no-referrer CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OpUYIp48KUn9nOdhXqrrU4%2BajhdKEVPtqloVv8jG%2BpVwkBy60cFktBdGmg6kaJ3FUeNDqbv6e7vayHxvhdMXlkggagjoxzcJw7VyVsjcSPiQm89wQ7rRiFElhOuGmF3b"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 7afa876e4e71b4f4-OSL alt-svc: h2=":443"; ma=60

	content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain	34.160.144.191	200 OK	5.3 kB
URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain IP 34.160.144.191:0 ASN #15169 GOOGLE File type PEM certificate\012- , ASCII text Size 5.3 kB (5348 bytes) Hash e7bace7c1e04d44012e37ddffe36e5d5 3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2 6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2 HTTP Headers `GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK x-amz-id-2: bBnZ4MLRnFaWaLRzGzTG8KmJjxrEfmRq2MueCAQTfP/xBCUKHQGmIWV3LAkvP1U+juwRG0JGJGDqA1010V3qjg== x-amz-request-id: BFKNB2YE2MWY7HA5 x-amz-server-side-encryption: AES256 content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Wed, 29 Mar 2023 18:56:44 GMT age: 2039 last-modified: Sat, 11 Mar 2023 16:53:15 GMT etag: "e7bace7c1e04d44012e37ddffe36e5d5" content-type: binary/octet-stream cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2

	contile.services.mozilla.com/v1/tiles	34.117.237.239	200 OK	12 B
URL HTTP/2 contile.services.mozilla.com/v1/tiles IP 34.117.237.239:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with no line terminators Size 12 B (12 bytes) Hash 23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 HTTP Headers `GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Wed, 29 Mar 2023 19:30:43 GMT content-type: application/json content-length: 12 access-control-allow-credentials: true vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-expose-headers: content-type strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2`

	iwonit.xyz/track/bland?data=aHR0cHM6Ly93d3cucGFsbXNiZXQuY29tL2FmZmlsaWF0ZS8/bWFya2V0aW5nQ29kZT1QQi0wMzk1JmJhbklEPSZicmFuZD1lY2FzaW5vJm5zPSZjbGlja2lkPXo4MzFkMWNnOXBsZnUzMGdjcCZwYWdlcz1uZXctZnJlZS1zcGlucy1ldmVyeWRheQ==&final=true	172.67.166.243	301 Moved Permanently	0 B
URL HTTP/1.1 iwonit.xyz/track/bland?data=aHR0cHM6Ly93d3cucGFsbXNiZXQuY29tL2FmZmlsaWF0ZS8/bWFya2V0aW5nQ29kZT1QQi0wMzk1JmJhbklEPSZicmFuZD1lY2FzaW5vJm5zPSZjbGlja2lkPXo4MzFkMWNnOXBsZnUzMGdjcCZwYWdlcz1uZXctZnJlZS1zcGlucy1ldmVyeWRheQ==&final=true IP 172.67.166.243:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /track/bland?data=aHR0cHM6Ly93d3cucGFsbXNiZXQuY29tL2FmZmlsaWF0ZS8/bWFya2V0aW5nQ29kZT1QQi0wMzk1JmJhbklEPSZicmFuZD1lY2FzaW5vJm5zPSZjbGlja2lkPXo4MzFkMWNnOXBsZnUzMGdjcCZwYWdlcz1uZXctZnJlZS1zcGlucy1ldmVyeWRheQ==&final=true HTTP/1.1 Host: iwonit.xyz User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1 HTTP/1.1 301 Moved Permanently Date: Wed, 29 Mar 2023 19:30:44 GMT Content-Length: 0 Connection: keep-alive location: https://www.palmsbet.com/affiliate/?marketingCode=PB-0395&banID=&brand=ecasino&ns=&clickid=z831d1cg9plfu30gcp&pages=new-free-spins-everyday referrer-policy: no-referrer CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fH0tt2YPDaCJM2IwupRlrPoZ%2BLXGDjG%2Bl0MdJe75OXfKy3yqD6xfgO%2FRY3tGbeCiOiLXy5tcAVtqBtFbSpWoQnJe9XIv3HEjIhG7T9Ccia%2By7WCvouFyC8jy8Fmx"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 7afa87708815b4f7-OSL alt-svc: h2=":443"; ma=60

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US	35.241.9.150	200 OK	329 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size 329 B (329 bytes) Hash 0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 HTTP Headers `GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Backoff, ETag, Expires, Alert, Pragma, Content-Type, Retry-After, Last-Modified, Content-Length, Cache-Control content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Wed, 29 Mar 2023 19:14:36 GMT age: 968 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash da5340ee69a1000f751686df9e716663 a5da880a61ed119790a7990bbdcc0c97eecf04f2 d1ff10bfe40f290935abe1feeb975a6af8cf310f9ce9d45bbf482a604da73560 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "D1FF10BFE40F290935ABE1FEEB975A6AF8CF310F9CE9D45BBF482A604DA73560" Last-Modified: Mon, 27 Mar 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6372 Expires: Wed, 29 Mar 2023 21:16:56 GMT Date: Wed, 29 Mar 2023 19:30:44 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 9047367f7fcdbb6ca9281fa2b4b7ed54 03fcc09666a179476034b4f8ecb7d10d737483ad cda1ae2d0796d264230fc4e0e6e13b8c5e1faa3174217e22b85cb784a44f2600 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "CDA1AE2D0796D264230FC4E0E6E13B8C5E1FAA3174217E22B85CB784A44F2600" Last-Modified: Wed, 29 Mar 2023 13:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=15898 Expires: Wed, 29 Mar 2023 23:55:42 GMT Date: Wed, 29 Mar 2023 19:30:44 GMT Connection: keep-alive`

	push.services.mozilla.com/	35.80.203.55	101 Switching Protocols	0 B
URL HTTP/1.1 push.services.mozilla.com/ IP 35.80.203.55:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: OLLdHvv1RoIW4wT6oQ9iNA== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: 18SztTySUCabtZSTUgxMXUbZeVg=`

	ocsp.pki.goog/s/gts1d4/qaZiQtEOVVA	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/qaZiQtEOVVA IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 6bbfde39b884d4d3bdc362a319babd8c a84b6ce9d9050df47a9b72c100c88c4c563c0502 4e9661a2dd48de8028c3a21aa36e4cde4f805322166c010f1bb280aff1fa900a HTTP Headers `POST /s/gts1d4/qaZiQtEOVVA HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 29 Mar 2023 19:30:45 GMT Cache-Control: public, max-age=14400 Server: scaffolding on HTTPServer2 Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	support.palmsbet.com/affiliate/?marketingCode=PB-0395&banID=&brand=ecasino&ns=&clickid=z831d1cg9plfu30gcp&pages=new-free-spins-everyday&or_ref=	78.128.60.140	302 Found	631 B
URL HTTP/2 support.palmsbet.com/affiliate/?marketingCode=PB-0395&banID=&brand=ecasino&ns=&clickid=z831d1cg9plfu30gcp&pages=new-free-spins-everyday&or_ref= IP 78.128.60.140:0 ASN #31083 Telepoint Ltd File type data Size 631 B (631 bytes) Hash f3fa9deb596f4f84801616777de837ba 801d66aee43afb68955204fb30dd2a403721e199 9798cce9535b8a9e4af7a8ca26ab3c2ea352890563bb1ace1f9e1fc58ac12b87 HTTP Headers GET /affiliate/?marketingCode=PB-0395&banID=&brand=ecasino&ns=&clickid=z831d1cg9plfu30gcp&pages=new-free-spins-everyday&or_ref= HTTP/1.1 Host: support.palmsbet.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.palmsbet.com/ Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-site HTTP/2 302 Found content-encoding: gzip vary: Accept-Encoding,Origin set-cookie: affClick=%7B%22marketingCode%22%3A%22PB-0395%22%2C%22banID%22%3A%22%22%2C%22clickid%22%3A%22z831d1cg9plfu30gcp%22%2C%22ns%22%3A%22%22%7D; expires=Fri, 28-Apr-2023 19:30:45 GMT; Max-Age=2592000; path=/; domain=palmsbet.com marketingCode=PB-0395; expires=Fri, 28-Apr-2023 19:30:45 GMT; Max-Age=2592000; path=/; domain=palmsbet.com location: https://click.trafficguard.ai/?organisation_id=palmsbet_affiliate&property_id=tg-007126-001&source_id=PB-0395&campaign_id=&site_id=&partner_click_id=z831d1cg9plfu30gcp&keyword=&click_time=2023-03-29 22-30-45&destination_url=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fnew-free-spins-everyday%2F%3FmarketingCode%3DPB-0395 content-type: text/html; charset=UTF-8 date: Wed, 29 Mar 2023 19:30:45 GMT server: Apache X-Firefox-Spdy: h2

	ocsp.pki.goog/s/gts1d4/qaZiQtEOVVA	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/qaZiQtEOVVA IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 6bbfde39b884d4d3bdc362a319babd8c a84b6ce9d9050df47a9b72c100c88c4c563c0502 4e9661a2dd48de8028c3a21aa36e4cde4f805322166c010f1bb280aff1fa900a HTTP Headers `POST /s/gts1d4/qaZiQtEOVVA HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 29 Mar 2023 19:30:45 GMT Cache-Control: public, max-age=14400 Server: scaffolding on HTTPServer2 Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash f6b3bb903e6f7394985c0ae662919208 ee3cb0fbd0017ed3a001ce195bc0cfa386979567 c6b84721f8ea52808c9884b612ffeaa16fe1e14345d9561135fbcf738a56dd2b HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 29 Mar 2023 19:30:45 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash d4fd78e1925a923742815feb55c9dab0 1b9fb6bb01a275ea7a74aa4185f39e4640a2c5eb 88bc292164002e5b8c4ea4dd317ff1116051a581997bd74b06d0fb231ea15b0c HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 29 Mar 2023 19:30:45 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	www.googletagmanager.com/gtm.js?id=GTM-W23TMFB	142.250.74.168	200 OK	74 kB
URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-W23TMFB IP 142.250.74.168:0 ASN #15169 GOOGLE File type Unicode text, UTF-8 text, with very long lines (8066) Size 74 kB (74029 bytes) Hash 3bfe14e85f4da4da83351722e7963511 f87c010798e31e9d55d24d724273a4b5f0cf5684 78d18d68da8da4d53b020b1e92685f6a647161f34929689af5a290c83c4186db HTTP Headers `GET /gtm.js?id=GTM-W23TMFB HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.palmsbet.com/ Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Wed, 29 Mar 2023 19:30:45 GMT expires: Wed, 29 Mar 2023 19:30:45 GMT cache-control: private, max-age=900 last-modified: Wed, 29 Mar 2023 19:11:18 GMT strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin server: Google Tag Manager content-length: 74029 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap	142.250.74.138	200 OK	1.1 kB
URL HTTP/2 fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap IP 142.250.74.138:0 ASN #15169 GOOGLE File type data Size 1.1 kB (1129 bytes) Hash 6daf71b3aac055ce1f810a5b3cffc65c 0e86d72ca6f072140ebc47de7864b28ac6279d28 7f386e2f0004333f8458c4ec164aa23e95c820b7936256afc89c9e9b9d86d2a3 HTTP Headers `GET /css2?family=Roboto:wght@400;500;700&display=swap HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.palmsbet.com/ Connection: keep-alive Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Wed, 29 Mar 2023 19:30:45 GMT date: Wed, 29 Mar 2023 19:30:45 GMT cache-control: private, max-age=86400 cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	628 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 628 B (628 bytes) Hash 75dc5e3c83aca1b7d06cf45209a30e1b fc481e58e7da1319c7810e2a10b514da6656fc0e edfdc170286557248d943032b3b49e01204c90613b2967dce2a355935488fd71 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 29 Mar 2023 19:30:45 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/s/gts1d4/E1c_Kpl_syM	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/E1c_Kpl_syM IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 9a27a6be027edbe02efb423161656684 ceb01028afdfc11b119489be91aa4df5037020cb 2e1a78f71c1c4b46de8ec9abbceefa215b65c32bab6b62a40777ccd7864c868a HTTP Headers `POST /s/gts1d4/E1c_Kpl_syM HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 29 Mar 2023 19:30:46 GMT Cache-Control: public, max-age=14400 Server: scaffolding on HTTPServer2 Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	tgtag.io/tg.js?pid=tg-g-007125-001	34.120.230.83	200 OK	32 kB
URL HTTP/2 tgtag.io/tg.js?pid=tg-g-007125-001 IP 34.120.230.83:0 ASN #15169 GOOGLE File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators Size 32 kB (32088 bytes) Hash 4c66aa306a70777aff929a9feb617c0b a49d86c14a56772188b9c70241903f670ffa4f96 45a9ac978ff4c4129f708f4ce497cebf8c8cb9e1d6b0529beedac020970d3f8b HTTP Headers `GET /tg.js?pid=tg-g-007125-001 HTTP/1.1 Host: tgtag.io User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.palmsbet.com/ Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK x-guploader-uploadid: ADPycdvAnc3fwmhwtnZpxAeug2QBSbNyJfhG6jYDc1M-qVm682C5yNOhR3EtoA0B2dUgCAsx8TpRPhrIKm_jQ3kHjXeRqrddWyhi x-goog-generation: 1678364290895724 x-goog-metageneration: 1 x-goog-stored-content-encoding: gzip x-goog-stored-content-length: 32088 content-encoding: gzip x-goog-hash: crc32c=i1Dhig==, md5=TGaqMGpwd3r/kpqf62F8Cw== x-goog-storage-class: MULTI_REGIONAL accept-ranges: bytes content-length: 32088 access-control-allow-origin: * access-control-expose-headers: Content-Type, Access-Control-Allow-Origin server: UploadServer date: Wed, 29 Mar 2023 11:59:27 GMT expires: Thu, 30 Mar 2023 11:59:27 GMT cache-control: public, no-transform, max-age=86400, s-maxage=86400 age: 27079 last-modified: Thu, 09 Mar 2023 12:18:10 GMT etag: "4c66aa306a70777aff929a9feb617c0b" content-type: application/javascript alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	r3.o.lencr.org/	23.36.77.32	200 OK	4.3 kB
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 4.3 kB (4339 bytes) Hash 1f9b43eaf6533380164728f610ec3485 9fd2668b52f09c2900f4bd63ad0f8ea577e67ece 02f24296ec7c572001797345ac50988ca971ef9ac1ce4c3061f63ca242499442 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B" Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11972 Expires: Wed, 29 Mar 2023 22:50:18 GMT Date: Wed, 29 Mar 2023 19:30:46 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	30 kB
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 30 kB (30531 bytes) Hash d15b198f0ac4be187897f05ec7a5496d 8e3abb042b983b8bf0382bca12dfd4ad3ec59ba8 a1109b0643cd3e8a08f40860df86a3982fa8e0088a4814c854f9acf26bf50348 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B" Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11972 Expires: Wed, 29 Mar 2023 22:50:18 GMT Date: Wed, 29 Mar 2023 19:30:46 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 195589ff3c6c50463257f10da16de114 7119aeba010d5c5c224fa544feff6f1761739929 dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B" Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11972 Expires: Wed, 29 Mar 2023 22:50:18 GMT Date: Wed, 29 Mar 2023 19:30:46 GMT Connection: keep-alive`

	ocsp.pki.goog/s/gts1d4/E1c_Kpl_syM	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/E1c_Kpl_syM IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 9a27a6be027edbe02efb423161656684 ceb01028afdfc11b119489be91aa4df5037020cb 2e1a78f71c1c4b46de8ec9abbceefa215b65c32bab6b62a40777ccd7864c868a HTTP Headers `POST /s/gts1d4/E1c_Kpl_syM HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 29 Mar 2023 19:30:46 GMT Cache-Control: public, max-age=14400 Server: scaffolding on HTTPServer2 Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 195589ff3c6c50463257f10da16de114 7119aeba010d5c5c224fa544feff6f1761739929 dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B" Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11972 Expires: Wed, 29 Mar 2023 22:50:18 GMT Date: Wed, 29 Mar 2023 19:30:46 GMT Connection: keep-alive`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0794d5a0-7014-425b-9ea0-5dca44ddb4dd.jpeg	34.120.237.76	200 OK	8.7 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0794d5a0-7014-425b-9ea0-5dca44ddb4dd.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 8.7 kB (8745 bytes) Hash ef54a1ed997cc09495edb102ccdf6803 f5637efb37b5eecff77e60e6bcf5f599991f334f fa76d7a82dc15baf02b207cea874d1332c20a0ebe1eea99929a6f2746608412c HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0794d5a0-7014-425b-9ea0-5dca44ddb4dd.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 8745 x-amzn-requestid: e1d8dab6-4c15-4752-b528-21854c93a11c x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CguJ5Hy5oAMFyAg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-64235d72-4bd62c8472f7257a155b2a80;Sampled=0 x-amzn-remapped-date: Tue, 28 Mar 2023 21:34:42 GMT x-amz-cf-pop: HIO52-P1, SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: FHONNj6M7I5oVTKAKYspq0ZAJMYohURXs5ufSL-r--zCSdjuSvrpSA== via: 1.1 8f251d23da31b683c3c9d6fad6ca944c.cloudfront.net (CloudFront), 1.1 49cdeca097624936e070b73619df7da8.cloudfront.net (CloudFront), 1.1 google date: Tue, 28 Mar 2023 21:51:37 GMT age: 77949 etag: "f5637efb37b5eecff77e60e6bcf5f599991f334f" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85885238-8732-476a-b37c-1eac5dbc3e90.jpeg	34.120.237.76	200 OK	38 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85885238-8732-476a-b37c-1eac5dbc3e90.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type data Size 38 kB (38001 bytes) Hash b2d0ba8794eb619370289025563983de 3f0884d0520c2392c3f015f50a13936534e2bea0 1961ee4518f331c1743b9b52a739756321b1d69c7dbfbc2231e370a3443393b1 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85885238-8732-476a-b37c-1eac5dbc3e90.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 6049 x-amzn-requestid: 2d1a2a66-8b63-44f0-83ec-10628a5fcac6 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CgvBFFMGIAMFhCg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-64235ed3-2a90bf0365925acb3b348489;Sampled=0 x-amzn-remapped-date: Tue, 28 Mar 2023 21:40:35 GMT x-amz-cf-pop: HIO52-P1, SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: -XwoHom5AT8j5yHNvfnYQ-9xIqVpsyDffwFM0d_ESJicJvL8pTcABg== via: 1.1 c28e01aa413e9ea602538ccda1511062.cloudfront.net (CloudFront), 1.1 536063cb28bfc05fcb7a78183dd89b72.cloudfront.net (CloudFront), 1.1 google date: Tue, 28 Mar 2023 21:50:28 GMT age: 78018 etag: "e29478b866f90402b48d2b516d01d60a863c9cf9" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67889522-c6ea-4b17-93f3-ac6e2b4777c1.webp	34.120.237.76	200 OK	6.7 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67889522-c6ea-4b17-93f3-ac6e2b4777c1.webp IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 6.7 kB (6722 bytes) Hash d0a85ec27ed4f7910e26b4ff023ab1fb f35a6c0c18a7c25a5f644ed9bebef0d38f8c6ac0 fc31409ba6db565d4861a35ee6f74b7436eea5e5169bc1283f63cf6dfdb03764 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67889522-c6ea-4b17-93f3-ac6e2b4777c1.webp HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 6722 x-amzn-requestid: a6de82bd-5b03-4ffd-90dd-9bd03331d123 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CguY8GG2IAMFuzQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-64235dd2-7cb1c8187fe3d2b0283fb3a0;Sampled=0 x-amzn-remapped-date: Tue, 28 Mar 2023 21:36:18 GMT x-amz-cf-pop: HIO52-P1, SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: y5vKgCZTlgD6ji-loyjRA9cPpJWpdR7yDH60LL0bRa1b8DtG4WsX9g== via: 1.1 773bf3616e85ce2b187fa78710a6beb2.cloudfront.net (CloudFront), 1.1 331202b5b8aab67acbf389883133f256.cloudfront.net (CloudFront), 1.1 google date: Tue, 28 Mar 2023 21:51:37 GMT age: 77949 etag: "f35a6c0c18a7c25a5f644ed9bebef0d38f8c6ac0" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6469f625-03ad-45a7-a918-5f220169711a.png	34.120.237.76	200 OK	8.6 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6469f625-03ad-45a7-a918-5f220169711a.png IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 8.6 kB (8553 bytes) Hash e828b7227de7aa7a7b7c54c96e0cef9a 9a717142ab25dabf9123485ef51ed586662d2a71 0390f8771432de010cc11e11be2e2dfa7c303664858a5b066e66a628a1f3dd66 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6469f625-03ad-45a7-a918-5f220169711a.png HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 8553 x-amzn-requestid: 05cb5115-a27b-485a-89fd-670bdb5bb06f x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CdbofHHPIAMFkQA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-64220c9c-774bb5d725336b35088e2527;Sampled=0 x-amzn-remapped-date: Mon, 27 Mar 2023 21:37:32 GMT x-amz-cf-pop: SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: NcKs_URb5dFDbkEoCqy2_fjKWneX7mifmEbd5MA5unqkhiPAIH9GPg== via: 1.1 22ea0ab0881473261b786ecbb5e00f54.cloudfront.net (CloudFront), 1.1 aa623e134417515bd2496cb01d5e5626.cloudfront.net (CloudFront), 1.1 google date: Tue, 28 Mar 2023 21:53:29 GMT age: 77837 etag: "9a717142ab25dabf9123485ef51ed586662d2a71" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d713593-a582-498a-b202-20cddce4f8c4.jpeg	34.120.237.76	200 OK	7.6 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d713593-a582-498a-b202-20cddce4f8c4.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 7.6 kB (7605 bytes) Hash fd1bc71c7e9eed7c086d752ea8b4b992 02a74cf88501d65b3dfcceb5adc79fd93ce785ed a9a423d347533322d4d3ba90ee5fca5ca32f8d540f744ea2621deeda46df89f3 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d713593-a582-498a-b202-20cddce4f8c4.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 7605 x-amzn-requestid: b7628073-4eb3-4ef6-b7d0-0224e0a75601 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CguY8GFPoAMFebQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-64235dd2-445041c74356c54053f772a1;Sampled=0 x-amzn-remapped-date: Tue, 28 Mar 2023 21:36:18 GMT x-amz-cf-pop: HIO52-P1, SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: 2LLHDcPZsSP1XPxH7agC7FhVwQQXfrWq3CEOSz0mBTjGykXxNQIq9Q== via: 1.1 ffc1e24c06bfbb135c0a4d240b382048.cloudfront.net (CloudFront), 1.1 536063cb28bfc05fcb7a78183dd89b72.cloudfront.net (CloudFront), 1.1 google date: Tue, 28 Mar 2023 21:56:00 GMT age: 77686 etag: "02a74cf88501d65b3dfcceb5adc79fd93ce785ed" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8fbdd640-8a87-474c-a4d5-f25e31609f46.jpeg	34.120.237.76	200 OK	9.5 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8fbdd640-8a87-474c-a4d5-f25e31609f46.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 9.5 kB (9501 bytes) Hash 5d389dd69e54e5d7b547a425f9b22ebf 604a65cfc5572c5da9d3fdea795be3942b8d14cb 5beda50c5f20633003e1f939673a6005eca314372e7f8fe0a1d4bb5702ae1712 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8fbdd640-8a87-474c-a4d5-f25e31609f46.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 9501 x-amzn-requestid: f073f55c-fd49-4b8b-8b9c-026f6a546378 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CdbunG2VIAMFnQg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-64220cc3-32af7701763d0f734f09a05d;Sampled=0 x-amzn-remapped-date: Mon, 27 Mar 2023 21:38:11 GMT x-amz-cf-pop: SEA19-C1 x-cache: Miss from cloudfront x-amz-cf-id: wyrl1rguCM5LrsEN49aH42bNWc7ht0Je1UeO-dAx6Ujj1kjQgdfGEQ== via: 1.1 773bf3616e85ce2b187fa78710a6beb2.cloudfront.net (CloudFront), 1.1 0cf6c59c77f0fff670ae085179adc458.cloudfront.net (CloudFront), 1.1 google date: Wed, 29 Mar 2023 11:55:27 GMT age: 27319 etag: "604a65cfc5572c5da9d3fdea795be3942b8d14cb" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash a92794d4ab181fd340bf04cb81f1fae3 08a1bf8fdf8a30d5286aa515383a82c50c1af195 33f302c09d765b0496306dcfe6c1647fd6de1aaf86f7513a48515ea3c2575529 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 29 Mar 2023 19:30:46 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	512974245.fls.doubleclick.net/activityi;src=512974245;type=invmedia;cat=allvi0;ord=1;num=7481812105124;gtm=45He33r0;auiddc=1672259320.1680118270;~oref=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fnew-free-spins-everyday%2F%3FmarketingCode%3DPB-0395%26tgclid%3D03010033-1ff1-4b19-9e00-11f8642491e5?	142.250.74.70	200 OK	528 B
URL HTTP/2 512974245.fls.doubleclick.net/activityi;src=512974245;type=invmedia;cat=allvi0;ord=1;num=7481812105124;gtm=45He33r0;auiddc=1672259320.1680118270;~oref=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fnew-free-spins-everyday%2F%3FmarketingCode%3DPB-0395%26tgclid%3D03010033-1ff1-4b19-9e00-11f8642491e5? IP 142.250.74.70:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with no line terminators Size 528 B (528 bytes) Hash 1e5ac66d1afd43b60f95c83cf27073df fdb97f4925bd1ac140f165814c1b62eaacc8e98b b1cd1584afb95ca9b06a0e57ab35050d664bb0c0060bbe4230d22142b6427f8d HTTP Headers GET /activityi;src=512974245;type=invmedia;cat=allvi0;ord=1;num=7481812105124;gtm=45He33r0;auiddc=1672259320.1680118270;~oref=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fnew-free-spins-everyday%2F%3FmarketingCode%3DPB-0395%26tgclid%3D03010033-1ff1-4b19-9e00-11f8642491e5? HTTP/1.1 Host: 512974245.fls.doubleclick.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.palmsbet.com/ Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site HTTP/2 200 OK p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin: * cross-origin-resource-policy: cross-origin date: Wed, 29 Mar 2023 19:30:46 GMT expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, must-revalidate content-type: text/html; charset=UTF-8 pragma: no-cache x-content-type-options: nosniff content-encoding: br server: cafe content-length: 318 x-xss-protection: 0 set-cookie: test_cookie=CheckForPermission; expires=Wed, 29-Mar-2023 19:45:46 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.digicert.com/	192.229.221.95	200 OK	471 B
URL HTTP/1.1 ocsp.digicert.com/ IP 192.229.221.95:0 ASN #15133 EDGECAST File type data Size 471 B (471 bytes) Hash 77328ed8e02ac9cae0792f75595372ef 460d27de6dbe3be07e58336653bdaffd00fb4cd5 da423027e66ef28680522c9e325852f1c0d05c1e18e26c2265a29e6bdf02ad00 HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 5195 Cache-Control: 'max-age=158059' Content-Type: application/ocsp-response Date: Wed, 29 Mar 2023 19:30:46 GMT Last-Modified: Wed, 29 Mar 2023 18:04:11 GMT Server: ECAcc (ska/F6D2) X-Cache: HIT Content-Length: 471`

	www.google-analytics.com/analytics.js	142.250.74.110	200 OK	20 kB
URL HTTP/2 www.google-analytics.com/analytics.js IP 142.250.74.110:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (1490) Size 20 kB (20085 bytes) Hash ca7fbbfd120e3e329633044190bbf134 d17f81e03dd827554ddd207ea081fb46b3415445 847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db HTTP Headers `GET /analytics.js HTTP/1.1 Host: www.google-analytics.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.palmsbet.com/ Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK strict-transport-security: max-age=10886400; includeSubDomains; preload x-content-type-options: nosniff content-encoding: gzip cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 20085 date: Wed, 29 Mar 2023 18:05:11 GMT expires: Wed, 29 Mar 2023 20:05:11 GMT cache-control: public, max-age=7200 age: 5135 last-modified: Tue, 10 Jan 2023 21:29:14 GMT content-type: text/javascript vary: Accept-Encoding alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	858 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 858 B (858 bytes) Hash 8dd63f2268e315063c6ef467bd857de4 eb827b880f27523011b7284891d8e0594200ca13 f632659e0a0a5e5071a6d0e8a0ac415ca7a832b991b6535ea83223065d1979b9 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 29 Mar 2023 19:30:46 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	connect.facebook.net/en_US/fbevents.js	31.13.72.12	200 OK	28 kB
URL HTTP/2 connect.facebook.net/en_US/fbevents.js IP 31.13.72.12:0 ASN #32934 FACEBOOK File type ASCII text, with very long lines (64347) Size 28 kB (27909 bytes) Hash 7716e124e19760049484d1bcde4a8af2 51d50c9e9b7fc658c1316d1844418cee0baffa2a fa7968a9a888e1a6dc6ac6126b8edd6e73974c2b0629f669bfb74916f0e7d534 HTTP Headers `GET /en_US/fbevents.js HTTP/1.1 Host: connect.facebook.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.palmsbet.com/ Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK vary: Accept-Encoding content-encoding: gzip content-type: application/x-javascript; charset=utf-8 report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-security-policy: default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; x-fb-rlafr: 0 document-policy: force-load-at-top cross-origin-resource-policy: cross-origin cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report" cross-origin-opener-policy: same-origin-allow-popups pragma: public cache-control: public, max-age=1200 expires: Sat, 01 Jan 2000 00:00:00 GMT x-content-type-options: nosniff x-xss-protection: 0 x-frame-options: DENY origin-agent-cluster: ?0 strict-transport-security: max-age=31536000; preload; includeSubDomains x-fb-debug: kn6xri4OXndH8Ji+xDuBAfI8zeKQED5h4DZ8m9wZQO28bDFLmeLJhEJPOJFullmrAwTV8gw55fkIVnswnw3Xeg== content-length: 27909 x-fb-trip-id: 1904183273 date: Wed, 29 Mar 2023 19:30:46 GMT alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	ocsp.digicert.com/	192.229.221.95	200 OK	471 B
URL HTTP/1.1 ocsp.digicert.com/ IP 192.229.221.95:0 ASN #15133 EDGECAST File type data Size 471 B (471 bytes) Hash 77328ed8e02ac9cae0792f75595372ef 460d27de6dbe3be07e58336653bdaffd00fb4cd5 da423027e66ef28680522c9e325852f1c0d05c1e18e26c2265a29e6bdf02ad00 HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 5241 Cache-Control: max-age=101754 Content-Type: application/ocsp-response Date: Wed, 29 Mar 2023 19:30:46 GMT Etag: "642367e7-1d7" Expires: Thu, 30 Mar 2023 23:46:40 GMT Last-Modified: Tue, 28 Mar 2023 22:19:19 GMT Server: ECAcc (ska/F756) X-Cache: HIT Content-Length: 471`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash dc0cf0275c44e5495e8f323c00b9d588 f7f19e521a439f85915f7582797a060629b879c6 abc856a823e0d89a87f6a4d3b2a48f5dcb99cdd94ce5d3b8cb8d51e665a74c4e HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 29 Mar 2023 19:30:46 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	adservice.google.com/ddm/fls/i/src=512974245;type=invmedia;cat=allvi0;ord=1;num=7481812105124;gtm=45He33r0;auiddc=1672259320.1680118270;~oref=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fnew-free-spins-everyday%2F%3FmarketingCode%3DPB-0395%26tgclid%3D03010033-1ff1-4b19-9e00-11f8642491e5	142.250.74.130	200 OK	319 B
URL HTTP/2 adservice.google.com/ddm/fls/i/src=512974245;type=invmedia;cat=allvi0;ord=1;num=7481812105124;gtm=45He33r0;auiddc=1672259320.1680118270;~oref=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fnew-free-spins-everyday%2F%3FmarketingCode%3DPB-0395%26tgclid%3D03010033-1ff1-4b19-9e00-11f8642491e5 IP 142.250.74.130:0 ASN #15169 GOOGLE File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (571), with no line terminators Size 319 B (319 bytes) Hash b1377fd2d6dc4c867aa906bbce05df9f 8b09f3baa8e8ee508808aba171b0eee87c033530 ac4b68fdbf3fce7e0d9a77a44b22875820f9920a60b5ace80a918001a6d1a498 HTTP Headers GET /ddm/fls/i/src=512974245;type=invmedia;cat=allvi0;ord=1;num=7481812105124;gtm=45He33r0;auiddc=1672259320.1680118270;~oref=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fnew-free-spins-everyday%2F%3FmarketingCode%3DPB-0395%26tgclid%3D03010033-1ff1-4b19-9e00-11f8642491e5 HTTP/1.1 Host: adservice.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://512974245.fls.doubleclick.net/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site HTTP/2 200 OK p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin: * cross-origin-resource-policy: cross-origin date: Wed, 29 Mar 2023 19:30:46 GMT expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, must-revalidate content-type: text/html; charset=UTF-8 pragma: no-cache x-content-type-options: nosniff content-encoding: br server: cafe content-length: 319 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.digicert.com/	192.229.221.95	200 OK	471 B
URL HTTP/1.1 ocsp.digicert.com/ IP 192.229.221.95:0 ASN #15133 EDGECAST File type data Size 471 B (471 bytes) Hash 736b4c569a1291f16628b20e485ee22e 2a65a2c61665cdf70fc8f82e4213f15ad7d98557 262bf27935bf1865b6160ff026fdf9972f18c2e0e5de54f4588ff295d53d10e4 HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 6041 Cache-Control: max-age=89921 Content-Type: application/ocsp-response Date: Wed, 29 Mar 2023 19:30:46 GMT Etag: "6423368e-1d7" Expires: Thu, 30 Mar 2023 20:29:27 GMT Last-Modified: Tue, 28 Mar 2023 18:48:46 GMT Server: ECAcc (ska/F6AF) X-Cache: HIT Content-Length: 471`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash dc0cf0275c44e5495e8f323c00b9d588 f7f19e521a439f85915f7582797a060629b879c6 abc856a823e0d89a87f6a4d3b2a48f5dcb99cdd94ce5d3b8cb8d51e665a74c4e HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 29 Mar 2023 19:30:46 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash f161a33a46c303fe6941d93b84aa0db4 44f5db5883e92d3ced3250ef1af279ca6cd21ef6 106c024af015f65e48565d3dccc95942ce222f4a7e02de0966751ad6ff129129 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 29 Mar 2023 19:30:46 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 1dae5c4411aebbdbe55cc5627e9e14eb b2f7c6416ab8ccbbab2ba595b1d73a261b15662b 25232ccee86630750360241c79083208b8cc72c492c018015e63ef535b86aa8b HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 29 Mar 2023 19:30:46 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	www.palmsbet.top/uploads/40-100FS_1920x600_bg.jpg	78.128.8.67	200 OK	308 kB
URL HTTP/2 www.palmsbet.top/uploads/40-100FS_1920x600_bg.jpg IP 78.128.8.67:0 ASN #31083 Telepoint Ltd File type JPEG image data, progressive, precision 8, 1920x600, components 3\012- data Size 308 kB (308032 bytes) Hash 55736382775243c5e481ef7b6d1c4b46 eb3106bb4a63e4af01701a427e528d80720c1262 7b9c4d4cce3c3fd971c463dd43891f945f60b59b5b51fe1ea0885e663ff6c2ee HTTP Headers `GET /uploads/40-100FS_1920x600_bg.jpg HTTP/1.1 Host: www.palmsbet.top User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.palmsbet.com/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK cache-control: public, max-age=604800 expires: Wed, 05 Apr 2023 19:30:47 GMT content-type: image/jpeg last-modified: Mon, 17 Oct 2022 06:53:42 GMT accept-ranges: bytes content-length: 308032 date: Wed, 29 Mar 2023 19:30:47 GMT server: LiteSpeed access-control-allow-origin: * alt-svc: quic=":443"; ma=2592000; v="39,43,46", h3-Q039=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-23=":443"; ma=2592000 X-Firefox-Spdy: h2`

	adservice.google.no/ddm/fls/i/src=512974245;type=invmedia;cat=allvi0;ord=1;num=7481812105124;gtm=45He33r0;auiddc=1672259320.1680118270;~oref=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fnew-free-spins-everyday%2F%3FmarketingCode%3DPB-0395%26tgclid%3D03010033-1ff1-4b19-9e00-11f8642491e5	142.250.74.66	200 OK	85 B
URL HTTP/2 adservice.google.no/ddm/fls/i/src=512974245;type=invmedia;cat=allvi0;ord=1;num=7481812105124;gtm=45He33r0;auiddc=1672259320.1680118270;~oref=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fnew-free-spins-everyday%2F%3FmarketingCode%3DPB-0395%26tgclid%3D03010033-1ff1-4b19-9e00-11f8642491e5 IP 142.250.74.66:0 ASN #15169 GOOGLE File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators Size 85 B (85 bytes) Hash 4a3b3637744caa4a0b08fabbd76cc830 755e5626762ecf38f55012da892a227bf50f15f1 6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb HTTP Headers GET /ddm/fls/i/src=512974245;type=invmedia;cat=allvi0;ord=1;num=7481812105124;gtm=45He33r0;auiddc=1672259320.1680118270;~oref=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fnew-free-spins-everyday%2F%3FmarketingCode%3DPB-0395%26tgclid%3D03010033-1ff1-4b19-9e00-11f8642491e5 HTTP/1.1 Host: adservice.google.no User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://adservice.google.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site HTTP/2 200 OK p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin: * cross-origin-resource-policy: cross-origin date: Wed, 29 Mar 2023 19:30:46 GMT expires: Wed, 29 Mar 2023 19:30:46 GMT cache-control: private, max-age=0 content-type: text/html; charset=UTF-8 x-content-type-options: nosniff content-encoding: br server: cafe content-length: 85 x-xss-protection: 0 alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-99030406-1&cid=375974210.1680118270&jid=357732380&gjid=1607753182&_gid=270901295.1680118270&_u=YCDAgEABAAAAAEAAI~&z=997574139	64.233.161.157	200 OK	4 B
URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-99030406-1&cid=375974210.1680118270&jid=357732380&gjid=1607753182&_gid=270901295.1680118270&_u=YCDAgEABAAAAAEAAI~&z=997574139 IP 64.233.161.157:0 ASN #15169 GOOGLE File type ASCII text, with no line terminators Size 4 B (4 bytes) Hash 48c0473b7821185d937e685216e2168b 3743e47f8a429a5e87b86cb582d78940733d9d2e 570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a HTTP Headers POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-99030406-1&cid=375974210.1680118270&jid=357732380&gjid=1607753182&_gid=270901295.1680118270&_u=YCDAgEABAAAAAEAAI~&z=997574139 HTTP/1.1 Host: stats.g.doubleclick.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.palmsbet.com/ Content-Type: text/plain Content-Length: 0 Origin: https://www.palmsbet.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK access-control-allow-origin: https://www.palmsbet.com strict-transport-security: max-age=10886400; includeSubDomains; preload date: Wed, 29 Mar 2023 19:30:46 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate last-modified: Sun, 17 May 1998 03:00:00 GMT access-control-allow-credentials: true x-content-type-options: nosniff content-type: text/plain cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 4 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash f161a33a46c303fe6941d93b84aa0db4 44f5db5883e92d3ced3250ef1af279ca6cd21ef6 106c024af015f65e48565d3dccc95942ce222f4a7e02de0966751ad6ff129129 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 29 Mar 2023 19:30:46 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 1dae5c4411aebbdbe55cc5627e9e14eb b2f7c6416ab8ccbbab2ba595b1d73a261b15662b 25232ccee86630750360241c79083208b8cc72c492c018015e63ef535b86aa8b HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 29 Mar 2023 19:30:46 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	s2.adform.net/banners/scripts/st/trackpoint-async.js	37.157.6.236	200 OK	31 kB
URL HTTP/2 s2.adform.net/banners/scripts/st/trackpoint-async.js IP 37.157.6.236:0 ASN #198622 Adform A/S File type ASCII text, with very long lines (992) Size 31 kB (31054 bytes) Hash 7b9061617b9357199b76e7f9cf5d72a9 2566c39df7553bd20b817f02386bd787e1315fe2 18f225372961d0aae05d3ef1b018e72d9676ff3907ab4f292d07b2a9cbd23a5d HTTP Headers `GET /banners/scripts/st/trackpoint-async.js HTTP/1.1 Host: s2.adform.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.palmsbet.com/ Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Wed, 29 Mar 2023 19:30:46 GMT content-type: application/javascript vary: Accept-Encoding last-modified: Tue, 29 Nov 2022 10:23:25 GMT x-rgw-object-type: Normal etag: W/"83eb5fafaa212c785f7393188ff817aa" x-amz-request-id: tx000004b52a83511f9122d-006385e0d4-32940f80-default access-control-allow-origin: * cache-control: public, max-age=604800 x-cache-status: HIT content-encoding: gzip X-Firefox-Spdy: h2`

	track.adform.net/Serving/TrackPoint/?pm=2130909&ADFPageName=WebsiteName%7CSectionName%7CSubSection%7CPageName&ADFdivider=%7C&ord=617374211136&ADFtpmode=2&loc=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fnew-free-spins-everyday%2F%3FmarketingCode%3DPB-0395%26tgclid%3D03010033-1ff1-4b19-9e00-11f8642491e5&CPref=https%3A%2F%2Fwww.palmsbet.com%2F&Set1=en-US%7Cen-US%7C1280x1024%7C24	37.157.6.233	302 Found	542 B
URL HTTP/2 track.adform.net/Serving/TrackPoint/?pm=2130909&ADFPageName=WebsiteName%7CSectionName%7CSubSection%7CPageName&ADFdivider=%7C&ord=617374211136&ADFtpmode=2&loc=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fnew-free-spins-everyday%2F%3FmarketingCode%3DPB-0395%26tgclid%3D03010033-1ff1-4b19-9e00-11f8642491e5&CPref=https%3A%2F%2Fwww.palmsbet.com%2F&Set1=en-US%7Cen-US%7C1280x1024%7C24 IP 37.157.6.233:0 ASN #198622 Adform A/S File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (470), with CRLF line terminators Size 542 B (542 bytes) Hash 12f8e02acc45793c05d3501828ddadad 2270eb669977d9fe62b79072356ba8122b981180 387dbea94fdc6f5e56b802f26a74744ec7542911808479cac49d833cd88d9dd0 HTTP Headers GET /Serving/TrackPoint/?pm=2130909&ADFPageName=WebsiteName%7CSectionName%7CSubSection%7CPageName&ADFdivider=%7C&ord=617374211136&ADFtpmode=2&loc=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fnew-free-spins-everyday%2F%3FmarketingCode%3DPB-0395%26tgclid%3D03010033-1ff1-4b19-9e00-11f8642491e5&CPref=https%3A%2F%2Fwww.palmsbet.com%2F&Set1=en-US%7Cen-US%7C1280x1024%7C24 HTTP/1.1 Host: track.adform.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.palmsbet.com/ Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers HTTP/2 302 Found server: nginx date: Wed, 29 Mar 2023 19:30:46 GMT content-type: text/html; charset=utf-8 location: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2130909&ADFPageName=WebsiteName%7CSectionName%7CSubSection%7CPageName&ADFdivider=%7C&ord=617374211136&ADFtpmode=2&loc=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fnew-free-spins-everyday%2F%3FmarketingCode%3DPB-0395%26tgclid%3D03010033-1ff1-4b19-9e00-11f8642491e5&CPref=https%3A%2F%2Fwww.palmsbet.com%2F&Set1=en-US%7Cen-US%7C1280x1024%7C24 cache-control: no-cache, no-store, must-revalidate, no-transform pragma: no-cache expires: -1 access-control-allow-origin: * accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version set-cookie: C=1; domain=adform.net; expires=Sat, 29-Apr-2023 19:30:46 GMT; path=/ p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" strict-transport-security: max-age=31536000; includeSubDomains X-Firefox-Spdy: h2

	www.facebook.com/tr/?id=1297212827064514&ev=PageView&dl=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fnew-free-spins-everyday%2F%3FmarketingCode%3DPB-0395%26tgclid%3D03010033-1ff1-4b19-9e00-11f8642491e5&rl=https%3A%2F%2Fwww.palmsbet.com%2F&if=false&ts=1680118270912&sw=1280&sh=1024&v=2.9.100&r=stable&a=tmgoogletagmanager&ec=0&o=30&cs_est=true&fbp=fb.1.1680118270912.1379380090&it=1680118270308&coo=false&rqm=GET	31.13.72.36	200 OK	0 B
URL HTTP/2 www.facebook.com/tr/?id=1297212827064514&ev=PageView&dl=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fnew-free-spins-everyday%2F%3FmarketingCode%3DPB-0395%26tgclid%3D03010033-1ff1-4b19-9e00-11f8642491e5&rl=https%3A%2F%2Fwww.palmsbet.com%2F&if=false&ts=1680118270912&sw=1280&sh=1024&v=2.9.100&r=stable&a=tmgoogletagmanager&ec=0&o=30&cs_est=true&fbp=fb.1.1680118270912.1379380090&it=1680118270308&coo=false&rqm=GET IP 31.13.72.36:0 ASN #32934 FACEBOOK File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tr/?id=1297212827064514&ev=PageView&dl=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fnew-free-spins-everyday%2F%3FmarketingCode%3DPB-0395%26tgclid%3D03010033-1ff1-4b19-9e00-11f8642491e5&rl=https%3A%2F%2Fwww.palmsbet.com%2F&if=false&ts=1680118270912&sw=1280&sh=1024&v=2.9.100&r=stable&a=tmgoogletagmanager&ec=0&o=30&cs_est=true&fbp=fb.1.1680118270912.1379380090&it=1680118270308&coo=false&rqm=GET HTTP/1.1 Host: www.facebook.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.palmsbet.com/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site `HTTP/2 200 OK content-type: text/plain access-control-allow-origin: access-control-allow-credentials: true strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin content-length: 0 server: proxygen-bolt alt-svc: h3=":443"; ma=86400 date: Wed, 29 Mar 2023 19:30:47 GMT X-Firefox-Spdy: h2`

	ocsp.pki.goog/s/gts1d4/4hZIA1P-PfE	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/4hZIA1P-PfE IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 56ec47c5e41d945bcfea0f4af9463d6e 6b60a97eb0d7ccb4beef5044cd82d145992b4527 4140b4d904e6f5a14eda4900bf002ee8bde5d6cc17d8a7ab5a4ad0c6dddabe93 HTTP Headers `POST /s/gts1d4/4hZIA1P-PfE HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 29 Mar 2023 19:30:47 GMT Cache-Control: public, max-age=14400 Server: scaffolding on HTTPServer2 Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	api.trafficguard.ai/tg-g-007125-001/api/v4/client-side/validate/event	34.120.121.20	200 OK	61 B
URL HTTP/2 api.trafficguard.ai/tg-g-007125-001/api/v4/client-side/validate/event IP 34.120.121.20:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with no line terminators Size 61 B (61 bytes) Hash 63a36e9cfde8dd520ca895f7574ab879 9c88e7070a421cc668bd377c0e23123566d2d4be 8592a80b52ffc3cebf2cfaad26df05d3220b908b9887664de79a5f6a395aa4b3 HTTP Headers POST /tg-g-007125-001/api/v4/client-side/validate/event HTTP/1.1 Host: api.trafficguard.ai User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.palmsbet.com/ Content-Type: application/x-www-form-urlencoded;charset=UTF-8 Content-Length: 2330 Origin: https://www.palmsbet.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK expect-ct: max-age=0, report-uri="https://trafficguard.report-uri.com/r/d/ct/reportOnly" x-xss-protection: 0 x-content-type-options: nosniff access-control-allow-origin: https://www.palmsbet.com access-control-allow-credentials: true access-control-allow-methods: GET, POST, OPTIONS access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Requested-With, Access-Control-Allow-Origin, Access-Control-Allow-Credentials set-cookie: geid=03010023-3845-431e-9000-14d0642491e7; Domain=.trafficguard.ai; Path=/; Expires=Thu, 28 Mar 2024 19:30:47 GMT; HttpOnly; Secure; SameSite=None geid-legacy=03010023-3845-431e-9000-14d0642491e7; Domain=.trafficguard.ai; Path=/; Expires=Thu, 28 Mar 2024 19:30:47 GMT; HttpOnly content-type: application/json; charset=utf-8 content-length: 61 etag: W/"3d-nIjnBwpCHMZovTd8DiMSNWbS1L4" date: Wed, 29 Mar 2023 19:30:47 GMT via: 1.1 google alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/s/gts1d4/4hZIA1P-PfE	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/4hZIA1P-PfE IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 56ec47c5e41d945bcfea0f4af9463d6e 6b60a97eb0d7ccb4beef5044cd82d145992b4527 4140b4d904e6f5a14eda4900bf002ee8bde5d6cc17d8a7ab5a4ad0c6dddabe93 HTTP Headers `POST /s/gts1d4/4hZIA1P-PfE HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 29 Mar 2023 19:30:47 GMT Cache-Control: public, max-age=14400 Server: scaffolding on HTTPServer2 Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 9f52e1a56e3580c1bf81562a9df645f8 7c0b65f04f7c1ce3cc65f0ab3207d8d18ba5350b 28f16d1df407bb8bf6b28d978c94a40ea1f151dbc9e4e73493c999d881c3dc25 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 29 Mar 2023 19:30:47 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-99030406-1&cid=375974210.1680118270&jid=357732380&_u=YCDAgEABAAAAAEAAI~&z=1844886877	142.250.74.163	200 OK	42 B
URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-99030406-1&cid=375974210.1680118270&jid=357732380&_u=YCDAgEABAAAAAEAAI~&z=1844886877 IP 142.250.74.163:0 ASN #15169 GOOGLE File type GIF image data, version 89a, 1 x 1\012- data Size 42 B (42 bytes) Hash d89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 HTTP Headers GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-99030406-1&cid=375974210.1680118270&jid=357732380&_u=YCDAgEABAAAAAEAAI~&z=1844886877 HTTP/1.1 Host: www.google.no User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.palmsbet.com/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site HTTP/2 200 OK p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin: * cross-origin-resource-policy: cross-origin date: Wed, 29 Mar 2023 19:30:47 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate content-type: image/gif x-content-type-options: nosniff server: cafe content-length: 42 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-99030406-1&cid=375974210.1680118270&jid=357732380&_u=YCDAgEABAAAAAEAAI~&z=1844886877	216.58.211.4	200 OK	110 kB
URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-99030406-1&cid=375974210.1680118270&jid=357732380&_u=YCDAgEABAAAAAEAAI~&z=1844886877 IP 216.58.211.4:0 ASN #15169 GOOGLE File type gzip compressed data, from Unix\012- data Size 110 kB (110464 bytes) Hash fc9acf0b0429843db0ff7c97966d4cf4 38036caeb2fada9830152bde931111926e793a6c b3eb042d40cc74e57983fb4dc04067fe8f0e9c7cecfa3f9db0364c0e683afb67 HTTP Headers GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-99030406-1&cid=375974210.1680118270&jid=357732380&_u=YCDAgEABAAAAAEAAI~&z=1844886877 HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.palmsbet.com/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site HTTP/2 200 OK p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin: * cross-origin-resource-policy: cross-origin date: Wed, 29 Mar 2023 19:30:47 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate content-type: image/gif x-content-type-options: nosniff server: cafe content-length: 42 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.sectigo.com/	172.64.155.188	200 OK	472 B
URL HTTP/1.1 ocsp.sectigo.com/ IP 172.64.155.188:0 ASN #13335 CLOUDFLARENET File type data Size 472 B (472 bytes) Hash b76a71a101505a5dfa3747b487357d1e 6a6d07576b4d48a418693ae1ebc841354baf20bc 6f02b10723d2321c72858e4f7b69ba5de6b00fb653cb72457b063c8fd95fc5bf HTTP Headers `POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Wed, 29 Mar 2023 19:30:48 GMT Content-Type: application/ocsp-response Content-Length: 472 Connection: keep-alive Last-Modified: Sun, 26 Mar 2023 11:03:27 GMT Expires: Sun, 02 Apr 2023 11:03:26 GMT Etag: "6a6d07576b4d48a418693ae1ebc841354baf20bc" Cache-Control: max-age=314557,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb1 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 7afa878bfa14b521-OSL`

	sdk-cdn.optimove.net/websdk/sdk-v2.0.js	35.201.79.141	200 OK	17 kB
URL HTTP/2 sdk-cdn.optimove.net/websdk/sdk-v2.0.js IP 35.201.79.141:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (48711) Size 17 kB (16643 bytes) Hash c64955f068a5d896417cb0ce95ac8453 aff5c079745b20a514592ccba0b8a09197d524f1 183ba3d31307b8f69cc6fd295070d5883bdaec0e414661a856747d705029d443 HTTP Headers `GET /websdk/sdk-v2.0.js HTTP/1.1 Host: sdk-cdn.optimove.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.palmsbet.com/ Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK x-guploader-uploadid: ADPycduc630-Zk_QHF19SlweNDt4vg50X7llDj9Y81l-Vd5UdsN5CVpHP2P_dGj1f4FWntfz8gGCHL8oXcw7hDXNWcHSF70nl1zB x-goog-generation: 1674476899204117 x-goog-metageneration: 1 x-goog-stored-content-encoding: gzip x-goog-stored-content-length: 16643 content-encoding: gzip x-goog-hash: crc32c=LDag5A==, md5=xklV8Gil2JZBfLDOlayEUw== x-goog-storage-class: MULTI_REGIONAL accept-ranges: bytes content-length: 16643 server: UploadServer date: Wed, 29 Mar 2023 01:59:16 GMT age: 63092 last-modified: Mon, 23 Jan 2023 12:28:19 GMT etag: "c64955f068a5d896417cb0ce95ac8453" content-type: text/javascript vary: X-Goog-Allowed-Resources cache-control: public,max-age=3600,no-transform alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	sdk-cdn.optimove.net/webconfig/f6a9d2d8264c44578514f5b495966bf8/web-configuration.1.0.0.js	35.201.79.141	200 OK	7.6 kB
URL HTTP/2 sdk-cdn.optimove.net/webconfig/f6a9d2d8264c44578514f5b495966bf8/web-configuration.1.0.0.js IP 35.201.79.141:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (65536), with no line terminators Size 7.6 kB (7614 bytes) Hash d45d77dd213e3186e62342107ac35716 8c0623f8d6ea68967bdde913b3f1fdf4ae730195 51836e055c72404f402fcef5131842ed2319a8aa8540f68602279dfcf3f03980 HTTP Headers `GET /webconfig/f6a9d2d8264c44578514f5b495966bf8/web-configuration.1.0.0.js HTTP/1.1 Host: sdk-cdn.optimove.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.palmsbet.com/ Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK x-guploader-uploadid: ADPycdty0LBAWbpCB5YUr-9m-lpgp2i4LvnTntdT8lT86Cpxs-ALhwOOV89JC-r-xmOlox5sRt3SANiXShg_GqBRw0xb5pVEiVeI x-goog-generation: 1673875967335136 x-goog-metageneration: 3 x-goog-stored-content-encoding: gzip x-goog-stored-content-length: 7614 content-encoding: gzip x-goog-hash: crc32c=vrqIwQ==, md5=1F133SE+MYbmI0IQesNXFg== x-goog-storage-class: MULTI_REGIONAL accept-ranges: bytes content-length: 7614 server: UploadServer date: Wed, 29 Mar 2023 19:30:48 GMT last-modified: Mon, 16 Jan 2023 13:32:47 GMT etag: "d45d77dd213e3186e62342107ac35716" content-type: application/json vary: X-Goog-Allowed-Resources age: 0 cache-control: public,max-age=300,no-transform alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	sdkuaservice.optimove.net/	34.102.240.186	200 OK	361 B
URL HTTP/2 sdkuaservice.optimove.net/ IP 34.102.240.186:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text Size 361 B (361 bytes) Hash 3083d0e97d9681d8731856bcc2d38dc0 0d962f0c4fd88ef4e6613e5ea47e5998f13ac636 eb902e82d3845ac4d70e6edd86509b810996391fce4434547483a457b34f0e1f HTTP Headers `GET / HTTP/1.1 Host: sdkuaservice.optimove.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.palmsbet.com/ Content-Type: application/x-www-form-urlencoded;charset=utf-8 Origin: https://www.palmsbet.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK x-powered-by: Express access-control-allow-origin: * content-type: application/json date: Wed, 29 Mar 2023 19:30:48 GMT content-length: 361 via: 1.1 google alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2`

	ocsp.sectigo.com/	172.64.155.188	200 OK	472 B
URL HTTP/1.1 ocsp.sectigo.com/ IP 172.64.155.188:0 ASN #13335 CLOUDFLARENET File type data Size 472 B (472 bytes) Hash b76a71a101505a5dfa3747b487357d1e 6a6d07576b4d48a418693ae1ebc841354baf20bc 6f02b10723d2321c72858e4f7b69ba5de6b00fb653cb72457b063c8fd95fc5bf HTTP Headers `POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Wed, 29 Mar 2023 19:30:48 GMT Content-Type: application/ocsp-response Content-Length: 472 Connection: keep-alive Last-Modified: Sun, 26 Mar 2023 11:03:27 GMT Expires: Sun, 02 Apr 2023 11:03:26 GMT Etag: "6a6d07576b4d48a418693ae1ebc841354baf20bc" Cache-Control: max-age=314557,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb6 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 7afa878c9b42b521-OSL`

	stream-683.optimove.net/	107.154.132.121	204 No Content	0 B
URL HTTP/2 stream-683.optimove.net/ IP 107.154.132.121:0 ASN #19551 INCAPSULA File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `OPTIONS / HTTP/1.1 Host: stream-683.optimove.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type,x-request-id Referer: https://www.palmsbet.com/ Origin: https://www.palmsbet.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 204 No Content x-powered-by: Express access-control-allow-origin: * access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE vary: Access-Control-Request-Headers access-control-allow-headers: content-type,x-request-id access-control-max-age: 86400 content-length: 0 date: Wed, 29 Mar 2023 19:30:48 GMT via: 1.1 google alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 set-cookie: visid_incap_2816538=3lM7yirwS8mrwRDfBWDKbeiRJGQAAAAAQUIPAAAAAAA+ntMd2YQgejFuNmpsyBFl; expires=Wed, 27 Mar 2024 22:28:12 GMT; HttpOnly; path=/; Domain=.optimove.net incap_ses_277_2816538=exXIfwVLaSgweDv9mhrYA+iRJGQAAAAANByvZpZL8EMaF40jfij/Wg==; path=/; Domain=.optimove.net x-cdn: Imperva x-iinfo: 14-76400206-76400210 NNNN CT(1 4 0) RT(1680118248082 22) q(0 0 0 -1) r(0 0) U6 X-Firefox-Spdy: h2

	www.palmsbet.com/affiliate/?marketingCode=PB-0395&banID=&brand=ecasino&ns=&clickid=z831d1cg9plfu30gcp&pages=new-free-spins-everyday	104.26.7.160	200 OK	0 B
URL HTTP/2 www.palmsbet.com/affiliate/?marketingCode=PB-0395&banID=&brand=ecasino&ns=&clickid=z831d1cg9plfu30gcp&pages=new-free-spins-everyday IP 104.26.7.160:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers GET /affiliate/?marketingCode=PB-0395&banID=&brand=ecasino&ns=&clickid=z831d1cg9plfu30gcp&pages=new-free-spins-everyday HTTP/1.1 Host: www.palmsbet.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 HTTP/2 200 OK date: Wed, 29 Mar 2023 19:30:44 GMT content-type: text/html last-modified: Tue, 23 Nov 2021 13:23:59 GMT cache-control: no-store access-control-allow-credentials: true x-content-type-options: nosniff content-security-policy: frame-ancestors 'none' x-xss-protection: 1 x-frame-options: DENY strict-transport-security: max-age=63072000; includeSubDomains; preload referrer-policy: strict-origin-when-cross-origin cf-cache-status: BYPASS report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m9O5%2FK8AC%2B5yemAD37Irzk79nNKdrK9C38wjeSCvbPgLOFtl3EpJKZezEtUQvK8gs%2FjvzufNxzwPPUTP0Vhmga88XPE93SUOFqrWZ1e6bt0%2BOzJSWjA2Ese%2FiZxeuszGpb8%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7afa8772bcd4b518-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	stream-683.optimove.net/	107.154.132.121	200 OK	0 B
URL HTTP/2 stream-683.optimove.net/ IP 107.154.132.121:0 ASN #19551 INCAPSULA File type Size 0 B (0 bytes) Hash HTTP Headers POST / HTTP/1.1 Host: stream-683.optimove.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.palmsbet.com/ Content-Type: application/json X-Request-ID: 3484d3aa-156b-48cd-a231-086f056e9a1b Origin: https://www.palmsbet.com Content-Length: 672 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers HTTP/2 200 OK x-powered-by: Express access-control-allow-origin: * content-type: application/json; charset=utf-8 etag: W/"31-hu4qlDBk3AxNSTt0wIYyHG6WJbM" date: Wed, 29 Mar 2023 19:30:48 GMT via: 1.1 google alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 set-cookie: visid_incap_2816538=kbBYxikxQ32+9XxF3lT15uiRJGQAAAAAQUIPAAAAAAA1OYU8ev+xr4nB6vP9Ye9v; expires=Wed, 27 Mar 2024 22:28:12 GMT; HttpOnly; path=/; Domain=.optimove.net incap_ses_277_2816538=KO+xOmclxyo4eDv9mhrYA+iRJGQAAAAAwSjyisBp+hLA0puFNz22og==; path=/; Domain=.optimove.net x-cdn: Imperva content-encoding: gzip x-iinfo: 14-76400206-76400210 PNYN RT(1680118248082 75) q(0 0 0 -1) r(1 1) U6 X-Firefox-Spdy: h2

	track.adform.net/serving/scripts/trackpoint/async/	37.157.6.233	301 Moved Permanently	0 B
URL HTTP/2 track.adform.net/serving/scripts/trackpoint/async/ IP 37.157.6.233:0 ASN #198622 Adform A/S File type Size 0 B (0 bytes) Hash HTTP Headers `GET /serving/scripts/trackpoint/async/ HTTP/1.1 Host: track.adform.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.palmsbet.com/ Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 301 Moved Permanently server: nginx date: Wed, 29 Mar 2023 19:30:46 GMT content-type: text/html location: https://s2.adform.net/banners/scripts/st/trackpoint-async.js strict-transport-security: max-age=31536000; includeSubDomains X-Firefox-Spdy: h2`

	stream-683.optimove.net/	107.154.132.121	200 OK	0 B
URL HTTP/2 stream-683.optimove.net/ IP 107.154.132.121:0 ASN #19551 INCAPSULA File type Size 0 B (0 bytes) Hash HTTP Headers POST / HTTP/1.1 Host: stream-683.optimove.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.palmsbet.com/ Content-Type: application/json X-Request-ID: 68caba30-31d7-41f6-8899-50fe9fd0902d Origin: https://www.palmsbet.com Content-Length: 666 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers HTTP/2 200 OK x-powered-by: Express access-control-allow-origin: * content-type: application/json; charset=utf-8 etag: W/"31-uDNzmHQxufqpBhfMtnaM35HMHRA" date: Wed, 29 Mar 2023 19:30:51 GMT via: 1.1 google alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 set-cookie: visid_incap_2816538=v/gTo+KiRVqtfXNiVXI6/OuRJGQAAAAAQUIPAAAAAACZlV4+JpGw7EQqqEnXk8cN; expires=Wed, 27 Mar 2024 22:28:12 GMT; HttpOnly; path=/; Domain=.optimove.net incap_ses_277_2816538=Q2oWZe0MuzNoeTv9mhrYA+uRJGQAAAAA30A0AoHRtLjRJR97NNb3lw==; path=/; Domain=.optimove.net x-cdn: Imperva content-encoding: gzip x-iinfo: 14-76400206-76400210 PNYN RT(1680118248082 2986) q(0 0 0 -1) r(1 1) U6 X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (26)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML