jiggasha.com/cas/docusignOffice2017/docusignOffice2017/docusign/docusign
200 OK 527 B URL HTTP/1.1 jiggasha.com/cas/docusignOffice2017/docusignOffice2017/docusign/docusign
IP
ASN #60781 LeaseWeb Netherlands B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (527), with no line terminators
Hash 3689769392e021357c77e62b2cc76922
f51035c5b81ef057dbb1520609217413ed173324
9380e7e5de1c528832eea92dd56fe1bff476318fa83ee88084b7d965089c406b
Analyzer Verdict Alert fortinet Malware
GET /cas/docusignOffice2017/docusignOffice2017/docusign/docusign HTTP/1.1
Host: jiggasha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 527
content-type: text/html; charset=utf-8
date: Mon, 26 Sep 2022 18:03:21 GMT
server: nginx
set-cookie: sid=820fe91a-3dc5-11ed-ac8d-f54a6511a635; path=/; domain=.jiggasha.com; expires=Sat, 14 Oct 2090 21:17:28 GMT; max-age=2147483647; HttpOnly
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d2560f62890e75b8de444fed96c22f52
334ce0c48e606ee029f31eeb1463af87b1024bb9
4397e6b45b5822fbab9b83abe0b96ee70efba7cd2160b51936159865ede5fdb1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2915
Expires: Mon, 26 Sep 2022 18:51:57 GMT
Date: Mon, 26 Sep 2022 18:03:22 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 26 Sep 2022 17:15:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ZAjzLlGi4e18rgvUAJ1sjkr1Yd70W-hDpy1Q_0f0e1vwaUcNFGeaQw==
Age: 2884
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 26 Sep 2022 04:35:16 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 25nhl2MUwg8M3ZZi0NLNkkcHY5_IBNRJiHDi3T5Cg_qMnw6B5Pkv3Q==
age: 48487
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 18:03:22 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
jiggasha.com/favicon.ico
404 Not Found 9 B IP
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with no line terminators
Hash d8f4a1993546cc4b850cde3599e27aec
094b763b4cfcc0b05e5d040581cd513c3ca08067
907ba78b4545338d3539683e63ecb51cf51c10adc9dabd86e92bd52339f298b9
GET /favicon.ico HTTP/1.1
Host: jiggasha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jiggasha.com/cas/docusignOffice2017/docusignOffice2017/docusign/docusign
Cookie: sid=820fe91a-3dc5-11ed-ac8d-f54a6511a635
HTTP/1.1 404 Not Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 9
date: Mon, 26 Sep 2022 18:03:22 GMT
server: nginx
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Mon, 26 Sep 2022 17:10:46 GMT
Expires: Mon, 26 Sep 2022 17:33:16 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: OCK4PDroXsRc_ozPGI-Mp3uv2W_ACSq0ViVZm5KM40Dm58ZzS0yDow==
Age: 3156
ocsp.digicert.com/
200 OK 471 B IP
Hash 5adb7eb1d103eadeeafac36e663ffdd3
23b784388dd634fa736cd60aed71570661e73d02
5c95ba48bc342887b4f7ef697bd4def50f6f2f472f654169179e5ac44df883d9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6204
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 18:03:22 GMT
Last-Modified: Mon, 26 Sep 2022 16:19:58 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
jiggasha.com/cas/docusignOffice2017/docusignOffice2017/docusign/docusign?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY2NDIyMjYwMSwiaWF0IjoxNjY0MjE1NDAxLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc2M3bTVwZzhmNmJuYms1MmMwZWxqZzEiLCJuYmYiOjE2NjQyMTU0MDEsInRzIjoxNjY0MjE1NDAxODM3NTI2fQ.gTF0hx_bE_5tzZbkzlgLiblqGNi88nyFOTI41QvEcck&sid=820fe91a-3dc5-11ed-ac8d-f54a6511a635
302 Found 11 B URL HTTP/1.1 jiggasha.com/cas/docusignOffice2017/docusignOffice2017/docusign/docusign?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY2NDIyMjYwMSwiaWF0IjoxNjY0MjE1NDAxLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc2M3bTVwZzhmNmJuYms1MmMwZWxqZzEiLCJuYmYiOjE2NjQyMTU0MDEsInRzIjoxNjY0MjE1NDAxODM3NTI2fQ.gTF0hx_bE_5tzZbkzlgLiblqGNi88nyFOTI41QvEcck&sid=820fe91a-3dc5-11ed-ac8d-f54a6511a635
IP
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with no line terminators
Hash 32682312d17c7cbf18e73594f5570319
60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47
GET /cas/docusignOffice2017/docusignOffice2017/docusign/docusign?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY2NDIyMjYwMSwiaWF0IjoxNjY0MjE1NDAxLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc2M3bTVwZzhmNmJuYms1MmMwZWxqZzEiLCJuYmYiOjE2NjQyMTU0MDEsInRzIjoxNjY0MjE1NDAxODM3NTI2fQ.gTF0hx_bE_5tzZbkzlgLiblqGNi88nyFOTI41QvEcck&sid=820fe91a-3dc5-11ed-ac8d-f54a6511a635 HTTP/1.1
Host: jiggasha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jiggasha.com/cas/docusignOffice2017/docusignOffice2017/docusign/docusign
Cookie: sid=820fe91a-3dc5-11ed-ac8d-f54a6511a635
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Mon, 26 Sep 2022 18:03:22 GMT
location: http://irene-eux.com/zcvisitor/8254555a-3dc5-11ed-aebe-0a0bc0d2d2c9/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=82712c26-3dc5-11ed-aebe-0a0bc0d2d2c9
server: nginx
set-cookie: sid=820fe91a-3dc5-11ed-ac8d-f54a6511a635; path=/; domain=.jiggasha.com; expires=Sat, 14 Oct 2090 21:17:29 GMT; max-age=2147483647; HttpOnly
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ekLJTS/bc2NfIXIxRuaRVw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: aDSQDutaJ2D2k6Ij2/9+Xf1OKTU=
irene-eux.com/zcvisitor/8254555a-3dc5-11ed-aebe-0a0bc0d2d2c9/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=82712c26-3dc5-11ed-aebe-0a0bc0d2d2c9
200 996 B URL HTTP/1.1 irene-eux.com/zcvisitor/8254555a-3dc5-11ed-aebe-0a0bc0d2d2c9/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=82712c26-3dc5-11ed-aebe-0a0bc0d2d2c9
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 0eea6a82f93513a62e9bdcaf05c31818
ce5388e3a11239c2dfa9f78a6428ef51beefac5a
209efce831ee44935724e4294f9caa30230cb85a760a2d2b915a51c23bd3470e
GET /zcvisitor/8254555a-3dc5-11ed-aebe-0a0bc0d2d2c9/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=82712c26-3dc5-11ed-aebe-0a0bc0d2d2c9 HTTP/1.1
Host: irene-eux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://jiggasha.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Date: Mon, 26 Sep 2022 18:03:23 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server: TXXbLINW
irene-eux.com/zcredirect?visitid=8254555a-3dc5-11ed-aebe-0a0bc0d2d2c9&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false
200 284 B URL HTTP/1.1 irene-eux.com/zcredirect?visitid=8254555a-3dc5-11ed-aebe-0a0bc0d2d2c9&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 21f384f1a4d7fa0b03de10130c01d0b5
c007a90c205dea4d6846e00c03735779fae7a74d
7842de288fc9c05cd14baa274456ca6a69d9360b74e26e940cb88d5059403836
GET /zcredirect?visitid=8254555a-3dc5-11ed-aebe-0a0bc0d2d2c9&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false HTTP/1.1
Host: irene-eux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://irene-eux.com/zcvisitor/8254555a-3dc5-11ed-aebe-0a0bc0d2d2c9/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=82712c26-3dc5-11ed-aebe-0a0bc0d2d2c9
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Date: Mon, 26 Sep 2022 18:03:23 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
Server: TXXbLINW
irene-eux.com/favicon.ico
404 653 B URL HTTP/1.1 irene-eux.com/favicon.ico
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (649), with no line terminators
Hash ba2732b1b2fa2626ffaa15f62f9e7d66
203d4e7fbb1d80449d6e4e1f3ae7a9bf8625debe
879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8
GET /favicon.ico HTTP/1.1
Host: irene-eux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://irene-eux.com/zcredirect?visitid=8254555a-3dc5-11ed-aebe-0a0bc0d2d2c9&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false
HTTP/1.1 404
Date: Mon, 26 Sep 2022 18:03:23 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 653
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Content-Language: en
Server: xeXMELMv
click-v4.expmdiadi.com/click?i=pRhpNZv8fFo_0
302 Found 0 B URL HTTP/1.1 click-v4.expmdiadi.com/click?i=pRhpNZv8fFo_0
IP
ASN #27257 WEBAIR-INTERNET
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?i=pRhpNZv8fFo_0 HTTP/1.1
Host: click-v4.expmdiadi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://irene-eux.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Cache-Control: no-store
Content-Length: 0
Age: 0
Connection: keep-alive
Location: https://cadrctlnk.com/in/p/?spot_id=54785&cat=25&sub_id=291760455&&utm_source=45314&utm_medium=385784&utm_campaign=FIREFOX_96.0&utm_content=irene-eux.com
Pragma: no-cache
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a26450b92d3db862e3e496a01d6b63a9
b20302c3b29f035332e3a13816fb3c6ac5c9739f
bb19cb96d82a1294ef1b4aec30fa53ad7b7a1d78de8097c6f7cf6f5051f252db
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BB19CB96D82A1294EF1B4AEC30FA53AD7B7A1D78DE8097C6F7CF6F5051F252DB"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6137
Expires: Mon, 26 Sep 2022 19:45:40 GMT
Date: Mon, 26 Sep 2022 18:03:23 GMT
Connection: keep-alive
cadrctlnk.com/favicon.ico
404 Not Found 9 B URL HTTP/2 cadrctlnk.com/favicon.ico
IP
File type ASCII text, with no line terminators
Hash 9d1ead73e678fa2f51a70a933b0bf017
d205cbd6783332a212c5ae92d73c77178c2d2f28
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: cadrctlnk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cadrctlnk.com/in/p/?spot_id=54785&cat=25&sub_id=291760455&&utm_source=45314&utm_medium=385784&utm_campaign=FIREFOX_96.0&utm_content=irene-eux.com
Cookie: 1095.0=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx/1.20.1
date: Mon, 26 Sep 2022 18:03:24 GMT
content-type: text/plain; charset=utf-8
content-length: 9
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fb444d915fa6130fb054d021f38c0776
a806c232c701db1afdebbbe1cf3ba25223dc780a
cf3f5d40d1f5c38cee17ec4c2ebd1a1deb2538d794970f50710b656f5c771c93
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CF3F5D40D1F5C38CEE17EC4C2EBD1A1DEB2538D794970F50710B656F5C771C93"
Last-Modified: Sun, 25 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3999
Expires: Mon, 26 Sep 2022 19:10:03 GMT
Date: Mon, 26 Sep 2022 18:03:24 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19674
Expires: Mon, 26 Sep 2022 23:31:18 GMT
Date: Mon, 26 Sep 2022 18:03:24 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19674
Expires: Mon, 26 Sep 2022 23:31:18 GMT
Date: Mon, 26 Sep 2022 18:03:24 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19674
Expires: Mon, 26 Sep 2022 23:31:18 GMT
Date: Mon, 26 Sep 2022 18:03:24 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febd85aa2-fe15-49c2-aa3e-38b97cb99849.jpeg
200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febd85aa2-fe15-49c2-aa3e-38b97cb99849.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2fe8c4f0c70fb6c1f4259eabedc7015e
85e378d0fff856832a8dd01743516b9476fed8c6
508a1c7d350fcf82d1ece0b99f8557b2f300c7c1148f28c3ae9fece20530e4b6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febd85aa2-fe15-49c2-aa3e-38b97cb99849.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5157
x-amzn-requestid: b5748f49-693f-4bc3-a850-cb68e770de24
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCUG9GUHIAMF7pw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cd5f-5d2aaa212cf1be2506593746;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:51:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 4h9lb_7egxb2hBbxjcS_cpZ5lDq6Lx-c_WUZyRHdUA0YTwr6kgDuiQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:10:16 GMT
age: 71588
etag: "85e378d0fff856832a8dd01743516b9476fed8c6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc9985e6-5fe2-4d64-8060-3ea9e7ea528d.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc9985e6-5fe2-4d64-8060-3ea9e7ea528d.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a90590f26bae9ad9e95ffdfbfb7dd21d
cde7845f38c4c077f1f1cfda1d1e3b00065d3ac3
33fe3394213e01d11c3e005cb5a678ba74511704d4132fc2bd9f7ad4e1b7dbfc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc9985e6-5fe2-4d64-8060-3ea9e7ea528d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10318
x-amzn-requestid: 6a205445-8a9e-4f25-b144-ba6e6934d383
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCSlhFNAIAMFmBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330caef-61ecbf9154cd56131b940ac0;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:41:04 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: qP5-TglQAoTGc78-rIK27mKRTS_WthN0OpiiMqSF-y2rmWxVOyfNVw==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 21:57:14 GMT
age: 72370
etag: "cde7845f38c4c077f1f1cfda1d1e3b00065d3ac3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feddf5115-4c67-4a03-b497-8b149b3c332c.png
200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feddf5115-4c67-4a03-b497-8b149b3c332c.png
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2c11e6fef1be62b971bd9daf378bfc95
ef9d756cbcda72cf7ef5029b7d384cd1fbaed633
b8369f83d6dddcd2355b81d8eb200791788165e56881ce21e1a1e9c8bb1bb2ef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feddf5115-4c67-4a03-b497-8b149b3c332c.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13584
x-amzn-requestid: 198bd2b4-d4ae-4f19-a500-463aee52b890
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCTHgFdNoAMFwEw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cbc9-19a1f7d2102820da4b21f18b;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:44:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: bGRBCfCtZkeYhbTpaE18IpIgUtOHyttE-0hRk8fWVB9sJS2rSbP22g==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:05:32 GMT
etag: "ef9d756cbcda72cf7ef5029b7d384cd1fbaed633"
content-type: image/jpeg
age: 71872
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8ea5f06ad31f0cedd2cb5c6df82f35f4
60a83a1618ffae06e49ca3002bac1db9980dcfe8
5f6a4cb92c016ef0f229b11d727e9680a15b10782b5bfe9e66ad9d100b458d8d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10279
x-amzn-requestid: 0f361c26-1f12-421a-9752-7d4fcdf839ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4V65GTXIAMF9-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd045-25677a637307879044de8242;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:14:45 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: HfslSWhSAKRjZr-qqajVm6bKf9jGt2pXq8N8GlXgyTwRxWqw0y-CgA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 06:49:49 GMT
age: 40415
etag: "60a83a1618ffae06e49ca3002bac1db9980dcfe8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff3689ec8-63b4-42ae-b7d5-a9b4b63af788.jpeg
200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff3689ec8-63b4-42ae-b7d5-a9b4b63af788.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ef17205adb2b478d3bff54b048208d22
12aac1bd22e675f09a220de08b4656e801c2e647
620fe39cf421ed3a21e968570f7e863d69224113be867ec2457ed3850ea113f6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff3689ec8-63b4-42ae-b7d5-a9b4b63af788.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5980
x-amzn-requestid: fbf0c390-da24-49e2-8492-43e29e5d4bb3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCTHCGJVoAMFgxA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cbc6-1f9b1b7d63467c58702e6d7e;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:44:38 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: pt7rJi8EIQFBk0gHQZ1WnjvThPba86XZCGFs83l1ZW2dj-_6bZprAA==
via: 1.1 ec2a2c75c16156e4d43504606c118b90.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 21:49:56 GMT
age: 72808
etag: "12aac1bd22e675f09a220de08b4656e801c2e647"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9723d426-a6ee-4860-8067-0b8d98143233.jpeg
200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9723d426-a6ee-4860-8067-0b8d98143233.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d02ede0c964f3346fd53ae2950bf2a62
e49306a3713cb724be024a4ddb5e90645718a718
c0e653d89656016c55aca9b198b9191620f1ae9a3c45742a90744bd74c4f9505
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9723d426-a6ee-4860-8067-0b8d98143233.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8637
x-amzn-requestid: 07dc23e0-000f-4f6c-8d2b-0e65d88be270
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCSvvEenoAMFr0Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cb31-520803124760abc216152d7b;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:42:09 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: mToVKJcSAtJB1AOuQ-Y9o_EZzyhUuZJivVa3DLql5FwzK4NC82kh5Q==
via: 1.1 27a84054de24e45f952ea4056a821764.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:06:17 GMT
age: 71827
etag: "e49306a3713cb724be024a4ddb5e90645718a718"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
mcpuwpush.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxMDk1LCJ0eXBlIjoicG9wIiwic3BhY2VpZCI6MTA5NSwic3ViaWQiOiIyOTE3NjA0NTUiLCJzcG90X2lkIjo1NDc4NSwidXRtMSI6IjQ1MzE0IiwidXRtMiI6IjM4NTc4NCIsInV0bTMiOiJGSVJFRk9YXzk2LjAiLCJ1dG00IjoiaXJlbmUtZXV4LmNvbSJ9fV0sInNpdGUiOnsiaWQiOiI1NDc4NSIsInBhZ2UiOiJodHRwOi8vaXJlbmUtZXV4LmNvbS8ifSwiZGV2aWNlIjp7InciOjEyODAsImgiOjEwMjR9LCJ1c2VyIjp7ImlkIjoiNzBiNGMwYmVkYmJlZjk4NmFhZjVlNzEyMDc0OWY1ODYifSwiZXh0Ijp7ImR0IjoxNjY0MjE1NDAyMDY1fX0=
302 Found 0 B URL HTTP/2 mcpuwpush.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxMDk1LCJ0eXBlIjoicG9wIiwic3BhY2VpZCI6MTA5NSwic3ViaWQiOiIyOTE3NjA0NTUiLCJzcG90X2lkIjo1NDc4NSwidXRtMSI6IjQ1MzE0IiwidXRtMiI6IjM4NTc4NCIsInV0bTMiOiJGSVJFRk9YXzk2LjAiLCJ1dG00IjoiaXJlbmUtZXV4LmNvbSJ9fV0sInNpdGUiOnsiaWQiOiI1NDc4NSIsInBhZ2UiOiJodHRwOi8vaXJlbmUtZXV4LmNvbS8ifSwiZGV2aWNlIjp7InciOjEyODAsImgiOjEwMjR9LCJ1c2VyIjp7ImlkIjoiNzBiNGMwYmVkYmJlZjk4NmFhZjVlNzEyMDc0OWY1ODYifSwiZXh0Ijp7ImR0IjoxNjY0MjE1NDAyMDY1fX0=
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxMDk1LCJ0eXBlIjoicG9wIiwic3BhY2VpZCI6MTA5NSwic3ViaWQiOiIyOTE3NjA0NTUiLCJzcG90X2lkIjo1NDc4NSwidXRtMSI6IjQ1MzE0IiwidXRtMiI6IjM4NTc4NCIsInV0bTMiOiJGSVJFRk9YXzk2LjAiLCJ1dG00IjoiaXJlbmUtZXV4LmNvbSJ9fV0sInNpdGUiOnsiaWQiOiI1NDc4NSIsInBhZ2UiOiJodHRwOi8vaXJlbmUtZXV4LmNvbS8ifSwiZGV2aWNlIjp7InciOjEyODAsImgiOjEwMjR9LCJ1c2VyIjp7ImlkIjoiNzBiNGMwYmVkYmJlZjk4NmFhZjVlNzEyMDc0OWY1ODYifSwiZXh0Ijp7ImR0IjoxNjY0MjE1NDAyMDY1fX0= HTTP/1.1
Host: mcpuwpush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cadrctlnk.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.16.0
date: Mon, 26 Sep 2022 18:03:24 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://mcpuwpush.com/popunder/in/click/?mid=1588438157&pid=0&site=54785&sc=NO&usage_type=DCH&subid=291760455&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=irene-eux.com&hostname=auc-popunder-hz-1&site_id=0&spot_id=54785&utm_source=45314&utm_medium=385784&utm_campaign=FIREFOX_96.0&utm_content=irene-eux.com&expirationTimestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&burl=&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=&iabcat=&min_cpm=0.035612&placement_type_id=&skin_test=&verify_hash=&score=92&durl=&ml=&tag_ab=&original_bid=0&pop_type=0&space_id=1095&verify_hash=&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=&ip_mismatch=false&ssp=0&url=https%3A%2F%2Fts.cvastico.com%2Fin%2F849%2F%3Fsource%3D291760455%26site_id%3D54785%26utm1%3D45314%26utm2%3D385784%26utm3%3DFIREFOX_96.0%26utm4%3Direne-eux.com%26idzone%3D0%26spot_id%3D54785%26mo%3D%26ve%3D%26ad_tags%3D%26p%3Dhttp%253A%252F%252Firene-eux.com%252F%26sid%3D1095%26katds_labels%3D%26is_iframe%3D0%26btype%3D0%26score%3D92&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=0
X-Firefox-Spdy: h2
mcpuwpush.com/popunder/in/click/?mid=1588438157&pid=0&site=54785&sc=NO&usage_type=DCH&subid=291760455&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=irene-eux.com&hostname=auc-popunder-hz-1&site_id=0&spot_id=54785&utm_source=45314&utm_medium=385784&utm_campaign=FIREFOX_96.0&utm_content=irene-eux.com&expirationTimestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&burl=&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=&iabcat=&min_cpm=0.035612&placement_type_id=&skin_test=&verify_hash=&score=92&durl=&ml=&tag_ab=&original_bid=0&pop_type=0&space_id=1095&verify_hash=&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=&ip_mismatch=false&ssp=0&url=https%3A%2F%2Fts.cvastico.com%2Fin%2F849%2F%3Fsource%3D291760455%26site_id%3D54785%26utm1%3D45314%26utm2%3D385784%26utm3%3DFIREFOX_96.0%26utm4%3Direne-eux.com%26idzone%3D0%26spot_id%3D54785%26mo%3D%26ve%3D%26ad_tags%3D%26p%3Dhttp%253A%252F%252Firene-eux.com%252F%26sid%3D1095%26katds_labels%3D%26is_iframe%3D0%26btype%3D0%26score%3D92&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=0
302 Found 0 B URL HTTP/2 mcpuwpush.com/popunder/in/click/?mid=1588438157&pid=0&site=54785&sc=NO&usage_type=DCH&subid=291760455&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=irene-eux.com&hostname=auc-popunder-hz-1&site_id=0&spot_id=54785&utm_source=45314&utm_medium=385784&utm_campaign=FIREFOX_96.0&utm_content=irene-eux.com&expirationTimestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&burl=&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=&iabcat=&min_cpm=0.035612&placement_type_id=&skin_test=&verify_hash=&score=92&durl=&ml=&tag_ab=&original_bid=0&pop_type=0&space_id=1095&verify_hash=&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=&ip_mismatch=false&ssp=0&url=https%3A%2F%2Fts.cvastico.com%2Fin%2F849%2F%3Fsource%3D291760455%26site_id%3D54785%26utm1%3D45314%26utm2%3D385784%26utm3%3DFIREFOX_96.0%26utm4%3Direne-eux.com%26idzone%3D0%26spot_id%3D54785%26mo%3D%26ve%3D%26ad_tags%3D%26p%3Dhttp%253A%252F%252Firene-eux.com%252F%26sid%3D1095%26katds_labels%3D%26is_iframe%3D0%26btype%3D0%26score%3D92&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=0
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /popunder/in/click/?mid=1588438157&pid=0&site=54785&sc=NO&usage_type=DCH&subid=291760455&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=irene-eux.com&hostname=auc-popunder-hz-1&site_id=0&spot_id=54785&utm_source=45314&utm_medium=385784&utm_campaign=FIREFOX_96.0&utm_content=irene-eux.com&expirationTimestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&burl=&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=&iabcat=&min_cpm=0.035612&placement_type_id=&skin_test=&verify_hash=&score=92&durl=&ml=&tag_ab=&original_bid=0&pop_type=0&space_id=1095&verify_hash=&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=&ip_mismatch=false&ssp=0&url=https%3A%2F%2Fts.cvastico.com%2Fin%2F849%2F%3Fsource%3D291760455%26site_id%3D54785%26utm1%3D45314%26utm2%3D385784%26utm3%3DFIREFOX_96.0%26utm4%3Direne-eux.com%26idzone%3D0%26spot_id%3D54785%26mo%3D%26ve%3D%26ad_tags%3D%26p%3Dhttp%253A%252F%252Firene-eux.com%252F%26sid%3D1095%26katds_labels%3D%26is_iframe%3D0%26btype%3D0%26score%3D92&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=0 HTTP/1.1
Host: mcpuwpush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cadrctlnk.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx/1.16.0
date: Mon, 26 Sep 2022 18:03:24 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://ts.cvastico.com/in/849/?source=291760455&site_id=54785&utm1=45314&utm2=385784&utm3=FIREFOX_96.0&utm4=irene-eux.com&idzone=0&spot_id=54785&mo=&ve=&ad_tags=&p=http%3A%2F%2Firene-eux.com%2F&sid=1095&katds_labels=&is_iframe=0&btype=0&score=92
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f5f8f21aac5c0427a269d556cd867bdb
fb691a15327c6c519cce6e9a9a21b63227ae5991
ed625dc7fad2c07b64626d79140c2d982d9fccab8df6d3453588ea98801974b9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ED625DC7FAD2C07B64626D79140C2D982D9FCCAB8DF6D3453588EA98801974B9"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4135
Expires: Mon, 26 Sep 2022 19:12:19 GMT
Date: Mon, 26 Sep 2022 18:03:24 GMT
Connection: keep-alive
tsyndicate.com/api/v1/direct/9ec3f857838642ee90b423db7c4845f1?subid=291760455&categories={{ad_tags}}
302 Found 0 B URL HTTP/2 tsyndicate.com/api/v1/direct/9ec3f857838642ee90b423db7c4845f1?subid=291760455&categories={{ad_tags}}
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/v1/direct/9ec3f857838642ee90b423db7c4845f1?subid=291760455&categories={{ad_tags}} HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ts.cvastico.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Mon, 26 Sep 2022 18:03:25 GMT
content-length: 0
pragma: no-cache
expires: 0
vary: *
x-api-version: 2
location: https://track.trackingtraffo.com/pop/imp?auth=d12jux&c=ZW8l8eo_oYPjJMUpPYn5cAei3ooY2nQ5jOEFF1JjQz-yY58DxonmCSLqM1VWnW0HJTYjf1ntRPZ_wZ4rjK25TkclcTS8GRo5sbm7eQAgjnDgcOmLREeEc2mF7gMIeedhin1-20oQNFF-DMg9jmbtghgoB5w-E04wZzu6Nrj7_uCsnSenFc6yrUsJQB7fiGDxIezp3jWPhqyVrdbZz9Xlh9ZDZgBOEF4HQdeGRkOdsXMElkpPV099EpA4lpXMxVq1Pt19qZgu0G8R5Ut2yJoOUIydLFGJsg-quqeorMEA3KVDGwvVl1P0qtRVJPKLzQU3j17CxZyJsqi9i37rsBEGda8ZGwDq1ltrji2MV7F7Jor81QRaGRVqcnSzhF5QMlyc3jPxHU6u0Fw8tPsr0DtirTq8OrpL7xSJWxGBHBbL0PPvZcylJTscs677a0bkXuikCiIcREjgbPcQ9zge1g9RLuM_NVFJLdcszM4X5d5RKkzzheyho-_XdRVH-wRy8H0l-e1ViitjvnCSPAaDJAqKJh21dOmiPdHJcOWz9KHwqtaaBb1udvBMDV76ugM-Leyi_HUVZBbBZR34u8y6IuiTsLPdhCkV7mJsEUj9uILrF_u4dr77XHp9BpeR5FA3Uk1-lZ19bTIi3b1BTGv5ID_gq65e-cbkPK8GMeyN8canzaD_INAPpgfKyBtVeuvsysG8iAZYEdIXWyk56Sp9YInhHs40FE5prryKEZ_MJuT1GGE
x-request-id: be17fa9fbd2453da
set-cookie: ts_uid=c91b8b3f-ceb5-47b8-a7c1-c6ec13be14db; expires=Sun, 26 Mar 2023 18:03:25 GMT; domain=.tsyndicate.com; path=/; HttpOnly; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
X-Firefox-Spdy: h2
ts.cvastico.com/in/849/?source=291760455&site_id=54785&utm1=45314&utm2=385784&utm3=FIREFOX_96.0&utm4=irene-eux.com&idzone=0&spot_id=54785&mo=&ve=&ad_tags=&p=http%3A%2F%2Firene-eux.com%2F&sid=1095&katds_labels=&is_iframe=0&btype=0&score=92
200 OK 709 B URL HTTP/2 ts.cvastico.com/in/849/?source=291760455&site_id=54785&utm1=45314&utm2=385784&utm3=FIREFOX_96.0&utm4=irene-eux.com&idzone=0&spot_id=54785&mo=&ve=&ad_tags=&p=http%3A%2F%2Firene-eux.com%2F&sid=1095&katds_labels=&is_iframe=0&btype=0&score=92
IP
Hash 6384f7305e9b0347911147c93d8abd36
5a303a2b68466df5552d287a3e797a6e4bcf28b9
ed758550a134ac4d502718bfd61955aaea1c42a80172d80e741f19728aeee777
GET /in/849/?source=291760455&site_id=54785&utm1=45314&utm2=385784&utm3=FIREFOX_96.0&utm4=irene-eux.com&idzone=0&spot_id=54785&mo=&ve=&ad_tags=&p=http%3A%2F%2Firene-eux.com%2F&sid=1095&katds_labels=&is_iframe=0&btype=0&score=92 HTTP/1.1
Host: ts.cvastico.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cadrctlnk.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.20.1
date: Mon, 26 Sep 2022 18:03:24 GMT
content-type: text/html
vary: Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
set-cookie: 849.830=1; expires=Tue, 27 Sep 2022 18:03:25 GMT; path=/; secure; SameSite=None
2565.0=1; expires=Tue, 27 Sep 2022 18:03:25 GMT; path=/; secure; SameSite=None
2467.0=1; expires=Tue, 27 Sep 2022 18:03:25 GMT; path=/; secure; SameSite=None
2560.0=1; expires=Tue, 27 Sep 2022 18:03:25 GMT; path=/; secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2
track.trackingtraffo.com/pop/imp?auth=d12jux&c=ZW8l8eo_oYPjJMUpPYn5cAei3ooY2nQ5jOEFF1JjQz-yY58DxonmCSLqM1VWnW0HJTYjf1ntRPZ_wZ4rjK25TkclcTS8GRo5sbm7eQAgjnDgcOmLREeEc2mF7gMIeedhin1-20oQNFF-DMg9jmbtghgoB5w-E04wZzu6Nrj7_uCsnSenFc6yrUsJQB7fiGDxIezp3jWPhqyVrdbZz9Xlh9ZDZgBOEF4HQdeGRkOdsXMElkpPV099EpA4lpXMxVq1Pt19qZgu0G8R5Ut2yJoOUIydLFGJsg-quqeorMEA3KVDGwvVl1P0qtRVJPKLzQU3j17CxZyJsqi9i37rsBEGda8ZGwDq1ltrji2MV7F7Jor81QRaGRVqcnSzhF5QMlyc3jPxHU6u0Fw8tPsr0DtirTq8OrpL7xSJWxGBHBbL0PPvZcylJTscs677a0bkXuikCiIcREjgbPcQ9zge1g9RLuM_NVFJLdcszM4X5d5RKkzzheyho-_XdRVH-wRy8H0l-e1ViitjvnCSPAaDJAqKJh21dOmiPdHJcOWz9KHwqtaaBb1udvBMDV76ugM-Leyi_HUVZBbBZR34u8y6IuiTsLPdhCkV7mJsEUj9uILrF_u4dr77XHp9BpeR5FA3Uk1-lZ19bTIi3b1BTGv5ID_gq65e-cbkPK8GMeyN8canzaD_INAPpgfKyBtVeuvsysG8iAZYEdIXWyk56Sp9YInhHs40FE5prryKEZ_MJuT1GGE
302 Found 0 B URL HTTP/1.1 track.trackingtraffo.com/pop/imp?auth=d12jux&c=ZW8l8eo_oYPjJMUpPYn5cAei3ooY2nQ5jOEFF1JjQz-yY58DxonmCSLqM1VWnW0HJTYjf1ntRPZ_wZ4rjK25TkclcTS8GRo5sbm7eQAgjnDgcOmLREeEc2mF7gMIeedhin1-20oQNFF-DMg9jmbtghgoB5w-E04wZzu6Nrj7_uCsnSenFc6yrUsJQB7fiGDxIezp3jWPhqyVrdbZz9Xlh9ZDZgBOEF4HQdeGRkOdsXMElkpPV099EpA4lpXMxVq1Pt19qZgu0G8R5Ut2yJoOUIydLFGJsg-quqeorMEA3KVDGwvVl1P0qtRVJPKLzQU3j17CxZyJsqi9i37rsBEGda8ZGwDq1ltrji2MV7F7Jor81QRaGRVqcnSzhF5QMlyc3jPxHU6u0Fw8tPsr0DtirTq8OrpL7xSJWxGBHBbL0PPvZcylJTscs677a0bkXuikCiIcREjgbPcQ9zge1g9RLuM_NVFJLdcszM4X5d5RKkzzheyho-_XdRVH-wRy8H0l-e1ViitjvnCSPAaDJAqKJh21dOmiPdHJcOWz9KHwqtaaBb1udvBMDV76ugM-Leyi_HUVZBbBZR34u8y6IuiTsLPdhCkV7mJsEUj9uILrF_u4dr77XHp9BpeR5FA3Uk1-lZ19bTIi3b1BTGv5ID_gq65e-cbkPK8GMeyN8canzaD_INAPpgfKyBtVeuvsysG8iAZYEdIXWyk56Sp9YInhHs40FE5prryKEZ_MJuT1GGE
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pop/imp?auth=d12jux&c=ZW8l8eo_oYPjJMUpPYn5cAei3ooY2nQ5jOEFF1JjQz-yY58DxonmCSLqM1VWnW0HJTYjf1ntRPZ_wZ4rjK25TkclcTS8GRo5sbm7eQAgjnDgcOmLREeEc2mF7gMIeedhin1-20oQNFF-DMg9jmbtghgoB5w-E04wZzu6Nrj7_uCsnSenFc6yrUsJQB7fiGDxIezp3jWPhqyVrdbZz9Xlh9ZDZgBOEF4HQdeGRkOdsXMElkpPV099EpA4lpXMxVq1Pt19qZgu0G8R5Ut2yJoOUIydLFGJsg-quqeorMEA3KVDGwvVl1P0qtRVJPKLzQU3j17CxZyJsqi9i37rsBEGda8ZGwDq1ltrji2MV7F7Jor81QRaGRVqcnSzhF5QMlyc3jPxHU6u0Fw8tPsr0DtirTq8OrpL7xSJWxGBHBbL0PPvZcylJTscs677a0bkXuikCiIcREjgbPcQ9zge1g9RLuM_NVFJLdcszM4X5d5RKkzzheyho-_XdRVH-wRy8H0l-e1ViitjvnCSPAaDJAqKJh21dOmiPdHJcOWz9KHwqtaaBb1udvBMDV76ugM-Leyi_HUVZBbBZR34u8y6IuiTsLPdhCkV7mJsEUj9uILrF_u4dr77XHp9BpeR5FA3Uk1-lZ19bTIi3b1BTGv5ID_gq65e-cbkPK8GMeyN8canzaD_INAPpgfKyBtVeuvsysG8iAZYEdIXWyk56Sp9YInhHs40FE5prryKEZ_MJuT1GGE HTTP/1.1
Host: track.trackingtraffo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ts.cvastico.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 26 Sep 2022 18:03:26 GMT
Content-Length: 0
Connection: keep-alive
Location: https://newbinotracs.com/click.php?key=2luo9plrxh2k2ej2k2ph&clickid=2e9ba733-63b3-4a9d-80db-d4c05630e508&cost=0.0055&PUB_ID=20&SUB_ID=4005609&KEYWORD=Adult General&SUBSCRIBER_AGE=0&SUBSCRIBER_DATE=2022-09-26&BID_PUB=0.0055&CR_ID=36502&PUB_NAME=TrafficStars-pop
newbinotracs.com/click.php?key=2luo9plrxh2k2ej2k2ph&clickid=2e9ba733-63b3-4a9d-80db-d4c05630e508&cost=0.0055&PUB_ID=20&SUB_ID=4005609&KEYWORD=Adult%20General&SUBSCRIBER_AGE=0&SUBSCRIBER_DATE=2022-09-26&BID_PUB=0.0055&CR_ID=36502&PUB_NAME=TrafficStars-pop
302 Found 0 B URL HTTP/2 newbinotracs.com/click.php?key=2luo9plrxh2k2ej2k2ph&clickid=2e9ba733-63b3-4a9d-80db-d4c05630e508&cost=0.0055&PUB_ID=20&SUB_ID=4005609&KEYWORD=Adult%20General&SUBSCRIBER_AGE=0&SUBSCRIBER_DATE=2022-09-26&BID_PUB=0.0055&CR_ID=36502&PUB_NAME=TrafficStars-pop
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click.php?key=2luo9plrxh2k2ej2k2ph&clickid=2e9ba733-63b3-4a9d-80db-d4c05630e508&cost=0.0055&PUB_ID=20&SUB_ID=4005609&KEYWORD=Adult%20General&SUBSCRIBER_AGE=0&SUBSCRIBER_DATE=2022-09-26&BID_PUB=0.0055&CR_ID=36502&PUB_NAME=TrafficStars-pop HTTP/1.1
Host: newbinotracs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ts.cvastico.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.18.0
date: Mon, 26 Sep 2022 18:03:26 GMT
content-type: text/html; charset=UTF-8
location: https://promo.20bet.partners/redirect.aspx?pid=176996&bid=1971&lpid=861&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-20bet-EU-NotReg-popFTDCasino&utm_term=Ubidex-20bet-EU-NotReg-pop-FTDCasino&subid=43d9dqqk2ciqevr712
set-cookie: uclick=qqk2ciqevr; expires=Tue, 27-Sep-2022 18:03:26 GMT; Max-Age=86400; path=/; secure; SameSite=none
uclickhash=qqk2ciqevr-qqk2ciqevr-qqxi-p28n-gx7v8n-qdfn0-qdxs3y-ed2469; expires=Tue, 27-Sep-2022 18:03:26 GMT; Max-Age=86400; path=/; secure; SameSite=none
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 8df165a0f9774a8a91a3860ff08105a6
0ea887d2b3e3799f41b2a13b7b4cf252f5021c76
11a0b3a7262207ea31245cc8e4c6c7293d7cc002ad6199199e5fa114bd0c26cb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5448
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 18:03:26 GMT
Last-Modified: Mon, 26 Sep 2022 16:32:38 GMT
Server: ECS (amb/6BC6)
X-Cache: HIT
Content-Length: 471
20media.world/casino?btag=655020_5BD7A9B6B8284D4692ECB34435B01F1D&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-20bet-EU-NotReg-popFTDCasino&utm_term=Ubidex-20bet-EU-NotReg-pop-FTDCasino&subid=43d9dqqk2ciqevr712
302 Found 270 B URL HTTP/2 20media.world/casino?btag=655020_5BD7A9B6B8284D4692ECB34435B01F1D&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-20bet-EU-NotReg-popFTDCasino&utm_term=Ubidex-20bet-EU-NotReg-pop-FTDCasino&subid=43d9dqqk2ciqevr712
IP
File type HTML document, ASCII text
Hash eb978702c34e619c8fd38ba9934fd1e9
e5e5fef0dc6846ddba554b7f73ce89967fe6d699
9b0cb279e34214fc285e5b9014533a263cad02b06e21e8fde534dd1416edbbd0
GET /casino?btag=655020_5BD7A9B6B8284D4692ECB34435B01F1D&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-20bet-EU-NotReg-popFTDCasino&utm_term=Ubidex-20bet-EU-NotReg-pop-FTDCasino&subid=43d9dqqk2ciqevr712 HTTP/1.1
Host: 20media.world
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ts.cvastico.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 26 Sep 2022 18:03:26 GMT
content-type: text/html; charset=UTF-8
location: https://app.adjust.com/js8txs6?btag=655020_5BD7A9B6B8284D4692ECB34435B01F1D&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-20bet-EU-NotReg-popFTDCasino&utm_term=Ubidex-20bet-EU-NotReg-pop-FTDCasino&subid=43d9dqqk2ciqevr712&label=655020_5BD7A9B6B8284D4692ECB34435B01F1D&redirect=https%3A%2F%2F20bet.com%2Fcasino%3Fbtag%3D655020_5BD7A9B6B8284D4692ECB34435B01F1D%26utm_source%3Dretarget%26utm_medium%3DUbidex%26utm_campaign%3DUbidex-20bet-EU-NotReg-popFTDCasino%26utm_term%3DUbidex-20bet-EU-NotReg-pop-FTDCasino%26subid%3D43d9dqqk2ciqevr712
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PwWu0FOXBo%2FkdU0KFEeFQOhZgPAbpY0U5%2BNsPNfaM0pUhI2LxCQHOf2f%2FTqLU2Z%2BaU7hxOhQ2%2BBkDSqByKWvRtUvP7mnswtpzQyxdewKheeVBdDbfsMsPH72xAVxjoo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750dea931a221bfe-OSL
X-Firefox-Spdy: h2
20bet.com/assets/loader.gif
200 OK 403 kB URL HTTP/2 20bet.com/assets/loader.gif
IP
File type GIF image data, version 89a, 400 x 400\012- data
Size 403 kB (402680 bytes)
Hash 8529d23ed344b353f7b89b4c90b1aa82
5433dc4344e9fc4f3b516febe6c9df5e9fec1657
d8a42ccb018c64bda5b2cac2f522c7895ce66055455e9eb9a0425dd7cfe18771
GET /assets/loader.gif HTTP/1.1
Host: 20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/casino?btag=655020_5BD7A9B6B8284D4692ECB34435B01F1D&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-20bet-EU-NotReg-popFTDCasino&utm_term=Ubidex-20bet-EU-NotReg-pop-FTDCasino&subid=43d9dqqk2ciqevr712
Cookie: preferred-language=en; btag=655020_5BD7A9B6B8284D4692ECB34435B01F1D; subid=43d9dqqk2ciqevr712; utm_campaign=Ubidex-20bet-EU-NotReg-popFTDCasino; utm_medium=Ubidex; utm_source=retarget; utm_term=Ubidex-20bet-EU-NotReg-pop-FTDCasino
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 18:03:27 GMT
content-type: image/gif
content-length: 402680
last-modified: Mon, 26 Sep 2022 08:27:14 GMT
etag: "63316262-624f8"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4316
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 750dea9b1e0b1c06-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 97e4d0612033929b2c12392055453852
fef7cc1605c72d161524c3f398e4daaec61545fb
559cfa390f2726a5e8d606ffaa81da1ce7cd7dba72193b84fb40b09de8685284
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6159
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 18:03:27 GMT
Last-Modified: Mon, 26 Sep 2022 16:20:48 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash f09a18ffd47757d6303864753f40a57c
6f056a04785c83dae4a4f40eaac5ac34a5a391f2
9969afe37e2b095cd931423fcc9dbfaa9a751d81a055bcd8f77a1aa7a51bd72e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 18:03:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 279 B IP
Hash 47151f3c851a195179c909b3a592feac
edb971133ea24221bd6f674e3cdaf6f0a9903228
7676796bf9f1058b6efac2c1881108f13f51bb386d5a1bee2bcfa1fdb12ea338
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1504
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 18:03:27 GMT
Last-Modified: Mon, 26 Sep 2022 17:38:23 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
200 OK 279 B IP
Hash 97e4d0612033929b2c12392055453852
fef7cc1605c72d161524c3f398e4daaec61545fb
559cfa390f2726a5e8d606ffaa81da1ce7cd7dba72193b84fb40b09de8685284
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6159
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 18:03:27 GMT
Last-Modified: Mon, 26 Sep 2022 16:20:48 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 279
fonts.googleapis.com/css?family=Roboto:400,500,700,300,900&display=swap&subset=cyrillic
200 OK 1.2 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto:400,500,700,300,900&display=swap&subset=cyrillic
IP
Hash 5702966dba081b7eaf1ae31e59a85890
a2e47af9639af20e2ec74987704a24b4a263a7e4
bcd2f061e5c7bc46b9d38001b5c249b30ab29705bc647e69c97dbd156fab78be
GET /css?family=Roboto:400,500,700,300,900&display=swap&subset=cyrillic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 26 Sep 2022 18:03:27 GMT
date: Mon, 26 Sep 2022 18:03:27 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 314ab287f2cab37be630f0e097eec6c7
0a728c97665ec04e1411ff7e692cba3ae4ff52ec
a5ca5d7806d8f071befce73bd8238dabf9794410898979eba22fed5458c69cb7
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Mon, 26 Sep 2022 18:03:27 GMT
Server: ECS (dcb/7F3C)
X-Cache: Miss from cloudfront
Via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: WnfL-IFtP8F52tUH84PLNqj2Q5zzXMSMRuh1wW75d3wRjg0pXc4XXg==
c4457c89-e5ba-4d22-92e5-c2959310ee85.snippet.antillephone.com/sealassets/ba2ba39e0e626ec08236133b3a5195af-20bet.com-f5faf6d82a7be2057527120fa49724355adf2a8c973918d432fa7b70160234e717ac6b01358f27fc0aff52358b79fb11-c3BhY2VyLXNwcml0ZS5wbmc%3D
200 OK 95 B URL HTTP/2 c4457c89-e5ba-4d22-92e5-c2959310ee85.snippet.antillephone.com/sealassets/ba2ba39e0e626ec08236133b3a5195af-20bet.com-f5faf6d82a7be2057527120fa49724355adf2a8c973918d432fa7b70160234e717ac6b01358f27fc0aff52358b79fb11-c3BhY2VyLXNwcml0ZS5wbmc%3D
IP
File type PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Hash 9591c410148e6883727c5339fd1c02cd
3442a95fe890ce4769b36b2ecc611b801a54cfb5
cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323
Analyzer Verdict Alert fortinet Malware
GET /sealassets/ba2ba39e0e626ec08236133b3a5195af-20bet.com-f5faf6d82a7be2057527120fa49724355adf2a8c973918d432fa7b70160234e717ac6b01358f27fc0aff52358b79fb11-c3BhY2VyLXNwcml0ZS5wbmc%3D HTTP/1.1
Host: c4457c89-e5ba-4d22-92e5-c2959310ee85.snippet.antillephone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 95
date: Mon, 26 Sep 2022 18:00:37 GMT
x-powered-by: Express
cache-control: max-age=1200
etag: W/"5f-NEKpX+iQzkdps2suzGEbgBpUz7U"
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 750de66f1e51bbb0-FRA
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: pb6bCKpxeW6x15cESRHdi9cnNkzRQVonRptmqaYHjZm3T8XFNLNkZw==
age: 171
X-Firefox-Spdy: h2
c4457c89-e5ba-4d22-92e5-c2959310ee85.snippet.antillephone.com/sealassets/ba2ba39e0e626ec08236133b3a5195af-20bet.com-f5faf6d82a7be2057527120fa49724355adf2a8c973918d432fa7b70160234e717ac6b01358f27fc0aff52358b79fb11-c3ByaXRlLXNlYWwucG5n?status=valid
200 OK 49 kB URL HTTP/2 c4457c89-e5ba-4d22-92e5-c2959310ee85.snippet.antillephone.com/sealassets/ba2ba39e0e626ec08236133b3a5195af-20bet.com-f5faf6d82a7be2057527120fa49724355adf2a8c973918d432fa7b70160234e717ac6b01358f27fc0aff52358b79fb11-c3ByaXRlLXNlYWwucG5n?status=valid
IP
File type PNG image data, 512 x 256, 8-bit/color RGBA, non-interlaced\012- data
Hash 8ef6782be55b8ce8f5b132d28af8e0d0
cb99df77f4865d9c2f287539a5ca474cf76f7d09
d614922fde9604f8899e47f3cc3d69bf952312b996f7cf1421163996710850fa
GET /sealassets/ba2ba39e0e626ec08236133b3a5195af-20bet.com-f5faf6d82a7be2057527120fa49724355adf2a8c973918d432fa7b70160234e717ac6b01358f27fc0aff52358b79fb11-c3ByaXRlLXNlYWwucG5n?status=valid HTTP/1.1
Host: c4457c89-e5ba-4d22-92e5-c2959310ee85.snippet.antillephone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 49397
date: Mon, 26 Sep 2022 18:00:37 GMT
x-powered-by: Express
cache-control: max-age=1200
etag: W/"c0f5-y5nfd/SGXZwvKHU5pcpHTPdvfQk"
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 750de6712a2768f8-FRA
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 2WCU7gilHZpwYSbpIypjs9MD9SvbkFew-0BNwlxvtJ0McIRiirC4dw==
age: 171
X-Firefox-Spdy: h2
tm.ads.sportradar.com/dist/tag-manager.js?id=STM-AAAACT
200 OK 31 kB URL HTTP/2 tm.ads.sportradar.com/dist/tag-manager.js?id=STM-AAAACT
IP
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Hash 0251bbcc02c98cc8347f19baaccacf83
fd1873bc9c359f3659d575973d7c4ea83d63b987
3f16f0d1896e5e10748df413a3344fee95579c7e6b77378a34e6008af04576bd
GET /dist/tag-manager.js?id=STM-AAAACT HTTP/1.1
Host: tm.ads.sportradar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
apigw-requestid: ZFEqHjgVDoEEM0Q=
vary: Accept-Encoding
content-encoding: gzip
content-length: 30881
date: Mon, 26 Sep 2022 18:03:28 GMT
cache-control: max-age=900, public
x-n: S
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 5223ab00d7b6f7df82345456f9f31402
bf4107a2d111e7ae4d4a21332e0d769364c9c105
c500490d2fac5f944a267a21816c700994990f0a3fefdd33beab70fd145b202d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5316
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 18:03:28 GMT
Last-Modified: Mon, 26 Sep 2022 16:34:52 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 70 kB IP
Hash f840bd40af760515588a2d2caa06d444
db4094c4876ce0fbc2f92f124046da48ae9b3098
7188064327f2631c1aecb616a6b74a45157d61dccd18700c4ef31b686d06e29a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 18:03:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.onesignal.com/sdks/OneSignalSDK.js
200 OK 3.3 kB URL HTTP/2 cdn.onesignal.com/sdks/OneSignalSDK.js
IP
File type ASCII text, with very long lines (9097)
Hash 7571e3bfbd984aec48fffab683580608
b4abe8c91492e5870c16d65533a29b6aaf23f22e
4de08dd495f3f9bf92fc7c6bd8dc325015833d2861081c1bbf009b82e166a93e
GET /sdks/OneSignalSDK.js HTTP/1.1
Host: cdn.onesignal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 18:03:27 GMT
content-type: application/javascript
etag: W/"ae63ef8ff03da61fffaa7f165729897a"
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 2474
expires: Thu, 29 Sep 2022 18:03:27 GMT
cache-control: public, max-age=259200
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
cf-ray: 750dea9b7b59b512-OSL
content-encoding: br
X-Firefox-Spdy: h2
aswpsdkus.com/notify/v1/ua-sdk.min.js
200 OK 42 kB URL HTTP/2 aswpsdkus.com/notify/v1/ua-sdk.min.js
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash b2a97340af12eabf1f156f096783b4ba
26a5e71c19c7e7165e9f9247de0d3b0e6ae21542
c5153b2e4ba9ed07b810d27c10b47c7fe19b14f55b7da3e5bbc48d8a33d7118f
GET /notify/v1/ua-sdk.min.js HTTP/1.1
Host: aswpsdkus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdsxsVKiaSP0XFNTFSJ794AJubFpaPbc7H-psXeCUW7jV3qsUdg8txZUap-iyexmv8zrYIAad73n0o6EQZWvgz8z1uZKhhyQ
x-goog-generation: 1661795824566829
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 42547
content-encoding: gzip
x-goog-hash: crc32c=a8SXJw==, md5=sqlzQK8S6r8fFW8JZ4O0ug==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 42547
server: UploadServer
date: Mon, 26 Sep 2022 18:02:46 GMT
expires: Mon, 26 Sep 2022 18:07:46 GMT
cache-control: public,max-age=300,no-transform
age: 42
last-modified: Mon, 29 Aug 2022 17:57:04 GMT
etag: "b2a97340af12eabf1f156f096783b4ba"
content-type: application/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
20bet.com/app/styles.db65330f249fdf6c.css
200 OK 29 kB URL HTTP/2 20bet.com/app/styles.db65330f249fdf6c.css
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 5c4d080a4ca40ef0bdec8ab314ceeba9
e416f05ec8d352aefa4c2301b2a2437d5c6d9710
87dd57ed4e3085693aa689c327a0687494be813885d871c2f9ee68386f20fb0e
GET /app/styles.db65330f249fdf6c.css HTTP/1.1
Host: 20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/casino?btag=655020_5BD7A9B6B8284D4692ECB34435B01F1D&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-20bet-EU-NotReg-popFTDCasino&utm_term=Ubidex-20bet-EU-NotReg-pop-FTDCasino&subid=43d9dqqk2ciqevr712
Cookie: preferred-language=en; btag=655020_5BD7A9B6B8284D4692ECB34435B01F1D; subid=43d9dqqk2ciqevr712; utm_campaign=Ubidex-20bet-EU-NotReg-popFTDCasino; utm_medium=Ubidex; utm_source=retarget; utm_term=Ubidex-20bet-EU-NotReg-pop-FTDCasino
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 18:03:27 GMT
content-type: text/css
last-modified: Mon, 26 Sep 2022 08:26:55 GMT
vary: Accept-Encoding
etag: W/"6331624f-21659"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6838
server: cloudflare
cf-ray: 750dea9b1e051c06-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://20bet.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:34:08 GMT
expires: Thu, 21 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 426560
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tracker.ads.sportradar.com/dist/tracker.js
200 OK 12 kB URL HTTP/2 tracker.ads.sportradar.com/dist/tracker.js
IP
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (34755)
Hash b34b13d85152f71b7fd15289c78c0583
0bb20191b022bbd0e75f2bbce7f6332886079c2c
7a3fc57394ecc6745eb6e18745aa1e5e5d05cb2237c4d0d754ab43d33863a84c
GET /dist/tracker.js HTTP/1.1
Host: tracker.ads.sportradar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 20 Jan 2021 14:51:32 GMT
accept-ranges: bytes
server: AmazonS3
etag: "5ff82a1c468a89919e9437d33e0402cb"
x-amz-cf-pop: AMS50-C1
x-amz-cf-id: ETbLIh65aY9mAVLWVaDNXwp9snfbUH2WYXvAEL3sCX87VsDHTCtsDg==
vary: Accept-Encoding
content-encoding: gzip
unused62: 8096267
content-length: 11553
date: Mon, 26 Sep 2022 18:03:28 GMT
cache-control: max-age=900, public
X-Firefox-Spdy: h2
ws-cdn001.akamaized.net/7693683943e78a298c36d469e68b47d8/widgetloader
200 OK 59 kB URL HTTP/2 ws-cdn001.akamaized.net/7693683943e78a298c36d469e68b47d8/widgetloader
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (40404)
Hash a06f9577aad360fa0e64aa136b2b40c9
59deacc1529e9321752caae3532a281018ef1700
674b8adfc82380fd8bc6eae143c8d643bbca3f934c5160a79e78485177025d63
GET /7693683943e78a298c36d469e68b47d8/widgetloader HTTP/1.1
Host: ws-cdn001.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-security-policy: frame-ancestors 'self' https://st-cdn001.akamaized.net https://ls-cdn001.akamaized.net
cache-control: public, max-age=120, stale-while-revalidate=60, immutable
etag: "1d729cd7f9e23e0adf2c8973dd5dd044-9d01859bcff12bdb9e4abcac9b773d46"
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
x-ing-v: 2
date: Mon, 26 Sep 2022 18:03:28 GMT
content-length: 58928
vary: Accept-Encoding
X-Firefox-Spdy: h2
tracker.ads.sportradar.com/dist//sp-2.14.0.js
200 OK 30 kB URL HTTP/2 tracker.ads.sportradar.com/dist//sp-2.14.0.js
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (64903)
Hash 44f237857b8d03f32b53fe551e83c95a
91536fe6c60d947d29dfcb5f04d09b752b5ccf03
a5e10dc2f3c729300afe8fe24aa430f57d91fdefa8112c0b35dd424ba612caa7
GET /dist//sp-2.14.0.js HTTP/1.1
Host: tracker.ads.sportradar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 20 Jan 2021 14:51:32 GMT
etag: "8dba669b94e3865c9205ef8fd15ee4d1"
accept-ranges: bytes
server: AmazonS3
x-amz-cf-pop: AMS50-C1
x-amz-cf-id: nhilYV6V-q1PhJgn8gs9dmUPL39Zd2IwgnsFUnicuqpA-U_Vrqb7CA==
vary: Accept-Encoding
content-encoding: gzip
content-length: 30370
date: Mon, 26 Sep 2022 18:03:28 GMT
cache-control: max-age=900, public
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash c939f97c8bcbfea356e92036803714bc
608c795e7c4fb943a4db49a4e4533c41ea717023
b05b38c78c15c259720bfc6783ac65ab60ceb1e6037b45b08113f183554f08cb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 18:03:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash d1256b6452c58ffb05e1db44d9d37a5f
04538f69abefe1019a0c4c6cc1fd3ffe5a5b2cfd
4bf592b24e41cf58e4ea973378a8559c4011a25ccdc51cc7a31457cc6561d22b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 18:03:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e09c21978cc26e33082b197e712f1a6a
16895e4276996b9e570bf1543a22a4f4c784c3f2
bef97b36b5796eef1cc98986f5344df274851eb43388848c4a6adb1d243cfbbe
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BEF97B36B5796EEF1CC98986F5344DF274851EB43388848C4A6ADB1D243CFBBE"
Last-Modified: Mon, 26 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19154
Expires: Mon, 26 Sep 2022 23:22:42 GMT
Date: Mon, 26 Sep 2022 18:03:28 GMT
Connection: keep-alive
zz.connextra.com/dcs/tagController/tag/d3ea3fb1f9d4/homepage
200 OK 16 kB URL HTTP/2 zz.connextra.com/dcs/tagController/tag/d3ea3fb1f9d4/homepage
IP
File type HTML document text\012- exported SGML document, ASCII text, with very long lines (2407)
Hash a48b7d649ea4ff6d54adcc1966fdf787
d8d4c0645613806cf861cfa1d793e40aca2748f0
1479166998807326fbc3aa71ab41a46597b3dc39c6e9c9b372c0a0286030add0
GET /dcs/tagController/tag/d3ea3fb1f9d4/homepage HTTP/1.1
Host: zz.connextra.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
content-type: text/javascript;charset=utf-8
content-length: 16263
cache-control: must-revalidate, max-age=50
expires: Mon, 26 Sep 2022 18:04:18 GMT
date: Mon, 26 Sep 2022 18:03:28 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash b252479497bb37eb2524ef233b367a7d
acb173d8f36ab66ae329347400216187820159b0
7644d87c44103acab2df9efc4d09c041a45dcbccc4c772ffdbffcc8c41cfefe2
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 26 Sep 2022 18:03:28 GMT
Last-Modified: Mon, 26 Sep 2022 16:47:03 GMT
Server: ECS (nyb/1D05)
X-Cache: Miss from cloudfront
Via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: o7Eob6ZLhtGuWi1eJIFExts2eCo8hPXQKarPHBb03GfZNh8-hjlFRg==
Age: 4585
tracker.growthbuddy.app/track.js?e=pageview&u=https%3A%2F%2F20bet.com%2Fcasino%3Fbtag%3D655020_5BD7A9B6B8284D4692ECB34435B01F1D%26utm_source%3Dretarget%26utm_medium%3DUbidex%26utm_campaign%3DUbidex-20bet-EU-NotReg-popFTDCasino%26utm_term%3DUbidex-20bet-EU-NotReg-pop-FTDCasino%26subid%3D43d9dqqk2ciqevr712&r=https%3A%2F%2Fts.cvastico.com%2F&i=DV-02355017850611493202&v=1.0.0&uid=b6251639-a050-4909-b3e1-02e83e51cfdd&_nc=1664215406725
200 OK 0 B URL HTTP/2 tracker.growthbuddy.app/track.js?e=pageview&u=https%3A%2F%2F20bet.com%2Fcasino%3Fbtag%3D655020_5BD7A9B6B8284D4692ECB34435B01F1D%26utm_source%3Dretarget%26utm_medium%3DUbidex%26utm_campaign%3DUbidex-20bet-EU-NotReg-popFTDCasino%26utm_term%3DUbidex-20bet-EU-NotReg-pop-FTDCasino%26subid%3D43d9dqqk2ciqevr712&r=https%3A%2F%2Fts.cvastico.com%2F&i=DV-02355017850611493202&v=1.0.0&uid=b6251639-a050-4909-b3e1-02e83e51cfdd&_nc=1664215406725
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /track.js?e=pageview&u=https%3A%2F%2F20bet.com%2Fcasino%3Fbtag%3D655020_5BD7A9B6B8284D4692ECB34435B01F1D%26utm_source%3Dretarget%26utm_medium%3DUbidex%26utm_campaign%3DUbidex-20bet-EU-NotReg-popFTDCasino%26utm_term%3DUbidex-20bet-EU-NotReg-pop-FTDCasino%26subid%3D43d9dqqk2ciqevr712&r=https%3A%2F%2Fts.cvastico.com%2F&i=DV-02355017850611493202&v=1.0.0&uid=b6251639-a050-4909-b3e1-02e83e51cfdd&_nc=1664215406725 HTTP/1.1
Host: tracker.growthbuddy.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 18:03:28 GMT
content-type: application/javascript; charset=utf-8
content-length: 0
set-cookie: INGRESSCOOKIE=1664215409.617.535.373077|4755d7349ad2180cc27216e76023fb56; Path=/; Secure; HttpOnly
cache-control: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
serving.ads.sportradar.com/i?stm=1664215406547&e=pv&url=https%3A%2F%2F20bet.com%2Fcasino%3Fbtag%3D655020_5BD7A9B6B8284D4692ECB34435B01F1D%26utm_source%3Dretarget%26utm_medium%3DUbidex%26utm_campaign%3DUbidex-20bet-EU-NotReg-popFTDCasino%26utm_term%3DUbidex-20bet-EU-NotReg-pop-FTDCasino%26subid%3D43d9dqqk2ciqevr712&page=Best%20Online%20Casino%20to%20Win%20Real%20Money%20%C2%BB%20Play%20at%2020Bet%20Legally&refr=https%3A%2F%2Fts.cvastico.com%2F&tv=js-2.14.0&tna=cf&aid=sr-tracker-20bet-com&p=web&tz=UTC&lang=en-US&cs=UTF-8&res=1280x1024&cd=24&cookie=1&eid=f2ec25f7-acbc-4544-8e47-9bb80fcaff59&dtm=1664215406544&vp=1280x939&ds=1280x939&vid=1&sid=7c62c39b-2adb-4e6b-bc2e-3f5188733984&duid=68b83fef-3c13-4a11-9e6e-606ad6b863c8&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoiaWdsdTpjb20uZ29vZ2xlLmFuYWx5dGljcy9jb29raWVzL2pzb25zY2hlbWEvMS0wLTAiLCJkYXRhIjp7fX0seyJzY2hlbWEiOiJpZ2x1OmNvbS5zcG9ydHJhZGFyLmFkcy9kc3AvanNvbnNjaGVtYS8xLTAtMCIsImRhdGEiOnsiZHNwX3R5cGUiOiJqcyIsImRzcF9haWQiOiIxMTIxIiwiZHNwX2lkIjoiMTg1OSJ9fSx7InNjaGVtYSI6ImlnbHU6Y29tLnNwb3J0cmFkYXIuYWRzL3RhZ21hbmFnZXIvanNvbnNjaGVtYS8xLTAtMCIsImRhdGEiOnsiY29udGFpbmVySWQiOiJTVE0tQUFBQUNUIiwiZXZlbnROYW1lIjoidHJhY2sucGFnZS52aWV3IiwiYWZmaWxpYXRlSWQiOiIxMTIxIiwiYWZmaWxpYXRlVHlwZSI6ImFkdmVydGlzZXIifX1dfQ
200 OK 43 B URL HTTP/1.1 serving.ads.sportradar.com/i?stm=1664215406547&e=pv&url=https%3A%2F%2F20bet.com%2Fcasino%3Fbtag%3D655020_5BD7A9B6B8284D4692ECB34435B01F1D%26utm_source%3Dretarget%26utm_medium%3DUbidex%26utm_campaign%3DUbidex-20bet-EU-NotReg-popFTDCasino%26utm_term%3DUbidex-20bet-EU-NotReg-pop-FTDCasino%26subid%3D43d9dqqk2ciqevr712&page=Best%20Online%20Casino%20to%20Win%20Real%20Money%20%C2%BB%20Play%20at%2020Bet%20Legally&refr=https%3A%2F%2Fts.cvastico.com%2F&tv=js-2.14.0&tna=cf&aid=sr-tracker-20bet-com&p=web&tz=UTC&lang=en-US&cs=UTF-8&res=1280x1024&cd=24&cookie=1&eid=f2ec25f7-acbc-4544-8e47-9bb80fcaff59&dtm=1664215406544&vp=1280x939&ds=1280x939&vid=1&sid=7c62c39b-2adb-4e6b-bc2e-3f5188733984&duid=68b83fef-3c13-4a11-9e6e-606ad6b863c8&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoiaWdsdTpjb20uZ29vZ2xlLmFuYWx5dGljcy9jb29raWVzL2pzb25zY2hlbWEvMS0wLTAiLCJkYXRhIjp7fX0seyJzY2hlbWEiOiJpZ2x1OmNvbS5zcG9ydHJhZGFyLmFkcy9kc3AvanNvbnNjaGVtYS8xLTAtMCIsImRhdGEiOnsiZHNwX3R5cGUiOiJqcyIsImRzcF9haWQiOiIxMTIxIiwiZHNwX2lkIjoiMTg1OSJ9fSx7InNjaGVtYSI6ImlnbHU6Y29tLnNwb3J0cmFkYXIuYWRzL3RhZ21hbmFnZXIvanNvbnNjaGVtYS8xLTAtMCIsImRhdGEiOnsiY29udGFpbmVySWQiOiJTVE0tQUFBQUNUIiwiZXZlbnROYW1lIjoidHJhY2sucGFnZS52aWV3IiwiYWZmaWxpYXRlSWQiOiIxMTIxIiwiYWZmaWxpYXRlVHlwZSI6ImFkdmVydGlzZXIifX1dfQ
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash fb02f374b8f73825415db1bccd4bd76d
b103aa629cacdd90b39538a7561da7f8e49ad73f
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
GET /i?stm=1664215406547&e=pv&url=https%3A%2F%2F20bet.com%2Fcasino%3Fbtag%3D655020_5BD7A9B6B8284D4692ECB34435B01F1D%26utm_source%3Dretarget%26utm_medium%3DUbidex%26utm_campaign%3DUbidex-20bet-EU-NotReg-popFTDCasino%26utm_term%3DUbidex-20bet-EU-NotReg-pop-FTDCasino%26subid%3D43d9dqqk2ciqevr712&page=Best%20Online%20Casino%20to%20Win%20Real%20Money%20%C2%BB%20Play%20at%2020Bet%20Legally&refr=https%3A%2F%2Fts.cvastico.com%2F&tv=js-2.14.0&tna=cf&aid=sr-tracker-20bet-com&p=web&tz=UTC&lang=en-US&cs=UTF-8&res=1280x1024&cd=24&cookie=1&eid=f2ec25f7-acbc-4544-8e47-9bb80fcaff59&dtm=1664215406544&vp=1280x939&ds=1280x939&vid=1&sid=7c62c39b-2adb-4e6b-bc2e-3f5188733984&duid=68b83fef-3c13-4a11-9e6e-606ad6b863c8&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoiaWdsdTpjb20uZ29vZ2xlLmFuYWx5dGljcy9jb29raWVzL2pzb25zY2hlbWEvMS0wLTAiLCJkYXRhIjp7fX0seyJzY2hlbWEiOiJpZ2x1OmNvbS5zcG9ydHJhZGFyLmFkcy9kc3AvanNvbnNjaGVtYS8xLTAtMCIsImRhdGEiOnsiZHNwX3R5cGUiOiJqcyIsImRzcF9haWQiOiIxMTIxIiwiZHNwX2lkIjoiMTg1OSJ9fSx7InNjaGVtYSI6ImlnbHU6Y29tLnNwb3J0cmFkYXIuYWRzL3RhZ21hbmFnZXIvanNvbnNjaGVtYS8xLTAtMCIsImRhdGEiOnsiY29udGFpbmVySWQiOiJTVE0tQUFBQUNUIiwiZXZlbnROYW1lIjoidHJhY2sucGFnZS52aWV3IiwiYWZmaWxpYXRlSWQiOiIxMTIxIiwiYWZmaWxpYXRlVHlwZSI6ImFkdmVydGlzZXIifX1dfQ HTTP/1.1
Host: serving.ads.sportradar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Set-Cookie: _sr_ads=5c197c38-0f55-4ce5-98a3-eb0c1f554828; Expires=Tue, 26 Sep 2023 18:03:28 GMT; Domain=sportradar.com; Path=/; Secure; HttpOnly; SameSite=None
Cache-Control: no-cache, no-store, must-revalidate
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Server: akka-http/10.1.12
Date: Mon, 26 Sep 2022 18:03:28 GMT
Content-Type: image/gif
Content-Length: 43
ocsp.entrust.net/
200 OK 1.6 kB IP
Hash 49d8cf793d263c1db1c9e9f15e61f30e
f5b875afc2e6d4d9d737ebf0b5d3e337a53d14a8
0fb6b2923edf4f8de068eefe214b48b41b769ec9be0903453dd844e8c2f56ede
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "0FB6B2923EDF4F8DE068EEFE214B48B41B769EC9BE0903453DD844E8C2F56EDE"
Last-Modified: Mon, 26 Sep 2022 10:00:00 UTC
Content-Length: 1586
Cache-Control: public, no-transform, must-revalidate, max-age=2555
Expires: Mon, 26 Sep 2022 18:46:03 GMT
Date: Mon, 26 Sep 2022 18:03:28 GMT
Connection: keep-alive
assets.customer.io/assets/track.js
200 OK 5.6 kB URL HTTP/2 assets.customer.io/assets/track.js
IP
Hash 0e3c8e4aab1ed329bf5700ae36d8590d
6484668ea1ff6fd8736a1f8d92e1d57924747094
f7f02165c7c6d5e727f5fde83b98b7a704d6c6a52a103bda7926609d8892372a
GET /assets/track.js HTTP/1.1
Host: assets.customer.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Mon, 19 Sep 2022 17:17:34 GMT
server: AmazonS3
content-encoding: gzip
date: Mon, 26 Sep 2022 07:50:21 GMT
etag: W/"1001c66e903ff2591dc0f4722c06e375"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: M7YGp_vqUzhggLqxRidmDWJwclGh9ioTFqzhDwi2pctcPr1TX-lpJw==
age: 37853
X-Firefox-Spdy: h2
c4457c89-e5ba-4d22-92e5-c2959310ee85.snippet.antillephone.com/apg-seal.js
200 OK 1.3 kB URL HTTP/2 c4457c89-e5ba-4d22-92e5-c2959310ee85.snippet.antillephone.com/apg-seal.js
IP
File type ASCII text, with very long lines (3532), with no line terminators
Hash fc40073d2c6b573b16cf735c55c59a6a
291c8a75e6b8f1672df942a03f39a7cd794e9a41
657897344579d08ef2c1591416636c5e1b5e34ba4c4f446f10c40680ae79394d
Analyzer Verdict Alert fortinet Malware
GET /apg-seal.js HTTP/1.1
Host: c4457c89-e5ba-4d22-92e5-c2959310ee85.snippet.antillephone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
date: Mon, 26 Sep 2022 18:00:36 GMT
x-powered-by: Express
cache-control: max-age=300
etag: W/"dcc-IZlHbGiPy/ks3OiLHyxp7SEqxYM"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 750de66c9d7b9a39-FRA
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: HPb54NXQ3-vJKlDGfAQ9mVgrcIf3-add-3CEbxamxcLVjCt5bC3DYg==
age: 171
X-Firefox-Spdy: h2
a.sportradarserving.com/ul_cb/sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId=
302 Moved Temporarily 0 B URL HTTP/1.1 a.sportradarserving.com/ul_cb/sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId=
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ul_cb/sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId= HTTP/1.1
Host: a.sportradarserving.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20bet.com/
Connection: keep-alive
Cookie: zuuid=8fd9eee2-4623-410f-bfe8-0210716374c2; c=1664215408; zuuid_lu=1664215408
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache, no-store, must-revalidate
Date: Mon, 26 Sep 2022 18:03:28 GMT
Location: https://x.bidswitch.net/syncd?dsp_id=409&user_group=1&user_id=8fd9eee2-4623-410f-bfe8-0210716374c2&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3D8fd9eee2-4623-410f-bfe8-0210716374c2
Set-Cookie: zuuid=8fd9eee2-4623-410f-bfe8-0210716374c2; path=/; expires=Tue, 26-Sep-2023 18:03:28 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_lu=1664215408; path=/; expires=Tue, 26-Sep-2023 18:03:28 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_k=1; path=/; expires=Tue, 26-Sep-2023 18:03:28 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_k_lu=1664215408; path=/; expires=Tue, 26-Sep-2023 18:03:28 GMT; domain=sportradarserving.com; samesite=none; secure
Content-Length: 0
Connection: keep-alive
a.sportradarserving.com/ul_cb/pixel?type=js&aid=1121&id=1859
200 OK 2.3 kB URL HTTP/1.1 a.sportradarserving.com/ul_cb/pixel?type=js&aid=1121&id=1859
IP
File type ASCII text, with very long lines (2325), with no line terminators
Hash e4a9fc202c7a2accafbc3165b2fbf59f
b87af296c76f2dc1681b3f290b54076ab568a493
c7026750c2aa6c064c65b81f7c4a77f2a6bf490f1d92d221015b85c7b122049c
GET /ul_cb/pixel?type=js&aid=1121&id=1859 HTTP/1.1
Host: a.sportradarserving.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20bet.com/
Connection: keep-alive
Cookie: zuuid=8fd9eee2-4623-410f-bfe8-0210716374c2; c=1664215408; zuuid_lu=1664215408
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/javascript; charset=UTF-8
Date: Mon, 26 Sep 2022 18:03:28 GMT
Set-Cookie: zuuid=8fd9eee2-4623-410f-bfe8-0210716374c2; path=/; expires=Tue, 26-Sep-2023 18:03:28 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_lu=1664215408; path=/; expires=Tue, 26-Sep-2023 18:03:28 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_k=1; path=/; expires=Tue, 26-Sep-2023 18:03:28 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_k_lu=1664215408; path=/; expires=Tue, 26-Sep-2023 18:03:28 GMT; domain=sportradarserving.com; samesite=none; secure
bss=!bidswitch,433472608; path=/; expires=Tue, 26-Sep-2023 18:03:28 GMT; domain=sportradarserving.com; samesite=none; secure
cm2=!bidswitch,433544608; path=/; expires=Tue, 26-Sep-2023 18:03:28 GMT; domain=sportradarserving.com; samesite=none; secure
Content-Length: 2325
Connection: keep-alive
ocsp.sectigo.com/
200 OK 472 B IP
Hash 8dddff9754bf5377fcea5313924e2b6c
f61eb17d9d0daeba92095d9b5db9f833c5af71d6
2a7ef65f9a77b5f2d384d6e22eabf8e8b5cb4fa29538058fcaa94fd1ddbc68d8
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 18:03:28 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 25 Sep 2022 12:04:39 GMT
Expires: Sun, 02 Oct 2022 12:04:38 GMT
Etag: "f61eb17d9d0daeba92095d9b5db9f833c5af71d6"
Cache-Control: max-age=496269,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 750deaa0297cb4f9-OSL
ocsp.pki.goog/s/gts1d4/Bz2q3fRhivk
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/Bz2q3fRhivk
IP
Hash c214f048501728760696ba4759d5e36a
9a973f262c6ca27ca7005c73bbeec8c3762d3faa
46298941f21761b6af795c73eed468b5ea7e326d8e72c86948347a042c107ec1
POST /s/gts1d4/Bz2q3fRhivk HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 18:03:28 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/mhuqZ1vnJhs
200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/mhuqZ1vnJhs
IP
Hash 0fecea329ecc403fc7ab514cbe7e316b
46d1dacfd9928b5a27f7fc4f686bde3875ad0f1a
22bf651fc3d7a2e0243dc48583ccfd090fa49f6aa36f7ebef76627f427a44ce3
POST /s/gts1d4/mhuqZ1vnJhs HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 18:03:28 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
api.feedad.com/1.1/web/usersyncs?b=8461718b-151b-486e-8ea2-a9b349f07f98&u=8fd9eee2-4623-410f-bfe8-0210716374c2
200 OK 42 B URL HTTP/2 api.feedad.com/1.1/web/usersyncs?b=8461718b-151b-486e-8ea2-a9b349f07f98&u=8fd9eee2-4623-410f-bfe8-0210716374c2
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /1.1/web/usersyncs?b=8461718b-151b-486e-8ea2-a9b349f07f98&u=8fd9eee2-4623-410f-bfe8-0210716374c2 HTTP/1.1
Host: api.feedad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
set-cookie: fa_8461718b-151b-486e-8ea2-a9b349f07f98_u=8fd9eee2-4623-410f-bfe8-0210716374c2; Domain=.feedad.com; Path=/; Max-Age=2592000; HttpOnly; SameSite=None; Secure
x-cloud-trace-context: afe0e4e95b5c52f7dd02fa91be4e770a
date: Mon, 26 Sep 2022 18:03:28 GMT
server: Google Frontend
content-length: 42
expires: Mon, 26 Sep 2022 18:03:28 GMT
cache-control: private
X-Firefox-Spdy: h2
track.trackingtraffo.com/pixel/js?auth=q1wumswr&event=visit&uid=undefined&tid={TRANSACTION_ID}&cur=undefined&amount=undefined
200 OK 492 B URL HTTP/1.1 track.trackingtraffo.com/pixel/js?auth=q1wumswr&event=visit&uid=undefined&tid={TRANSACTION_ID}&cur=undefined&amount=undefined
IP
Hash 3756cad2f2f81943455eecd9491da8ec
157eae8c2012f0024834d48b1b4d08d461da9d7b
bb32cb34f8853772cba14cede98cb887fca7a412811488a79899a8620527cb9b
GET /pixel/js?auth=q1wumswr&event=visit&uid=undefined&tid={TRANSACTION_ID}&cur=undefined&amount=undefined HTTP/1.1
Host: track.trackingtraffo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 26 Sep 2022 18:03:28 GMT
Content-Type: text/javascript
Content-Length: 492
Connection: keep-alive
Cache-Control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
Pragma: no-cache
Expires: Sat, 01 Jan 2000 00:00:00 GMT
tags.feedad.com/1/usersyncs?b=8461718b-151b-486e-8ea2-a9b349f07f98&u=8fd9eee2-4623-410f-bfe8-0210716374c2
200 OK 42 B URL HTTP/2 tags.feedad.com/1/usersyncs?b=8461718b-151b-486e-8ea2-a9b349f07f98&u=8fd9eee2-4623-410f-bfe8-0210716374c2
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /1/usersyncs?b=8461718b-151b-486e-8ea2-a9b349f07f98&u=8fd9eee2-4623-410f-bfe8-0210716374c2 HTTP/1.1
Host: tags.feedad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
set-cookie: fa_8461718b-151b-486e-8ea2-a9b349f07f98_u=8fd9eee2-4623-410f-bfe8-0210716374c2; Domain=.feedad.com; Path=/; Max-Age=2592000; HttpOnly; SameSite=None; Secure
x-cloud-trace-context: 71f0075ab4fa39f10087ac5bcd8d28a3
date: Mon, 26 Sep 2022 18:03:28 GMT
server: Google Frontend
content-length: 42
expires: Mon, 26 Sep 2022 18:03:28 GMT
cache-control: private
X-Firefox-Spdy: h2
20bet.com/assets/favicon.png
200 OK 9.3 kB URL HTTP/2 20bet.com/assets/favicon.png
IP
File type PNG image data, 129 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash 76d3202979d99d33720b7b189cf8bc23
81cba7c933e4e332ea31208c388307d49bf1c1c8
7731ec4a0f05418aaf44b5d3b8010c5470303578fed1331bc18089fc802b2a96
GET /assets/favicon.png HTTP/1.1
Host: 20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/casino?btag=655020_5BD7A9B6B8284D4692ECB34435B01F1D&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-20bet-EU-NotReg-popFTDCasino&utm_term=Ubidex-20bet-EU-NotReg-pop-FTDCasino&subid=43d9dqqk2ciqevr712
Cookie: preferred-language=en; btag=655020_5BD7A9B6B8284D4692ECB34435B01F1D; subid=43d9dqqk2ciqevr712; utm_campaign=Ubidex-20bet-EU-NotReg-popFTDCasino; utm_medium=Ubidex; utm_source=retarget; utm_term=Ubidex-20bet-EU-NotReg-pop-FTDCasino; _sp_srt_ses.1d36=*; _sp_srt_id.1d36=68b83fef-3c13-4a11-9e6e-606ad6b863c8.1664215407.1.1664215407.1664215407.7c62c39b-2adb-4e6b-bc2e-3f5188733984; _ga_J9LNZYMXZE=GS1.1.1664215406.1.0.1664215406.0.0.0; _ga=GA1.1.1723472836.1664215407; DV_TRACK=b6251639-a050-4909-b3e1-02e83e51cfdd
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 18:03:28 GMT
content-type: image/png
content-length: 9320
last-modified: Mon, 26 Sep 2022 08:27:08 GMT
etag: "6331625c-2468"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1146
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 750deaa23dbe1c06-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash f5b2b66a4c58b7d00bf6d9b1a856f014
052056440bc080691f8845cfb7ec4bdac3297a4c
00f3e7583ac5de995f182185d63b2df91d8594210afa18f543e73d0f81f6f5cf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5505
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 18:03:29 GMT
Last-Modified: Mon, 26 Sep 2022 16:31:44 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 471 B IP
Hash cf99681f6f1d6e00e0abca7033eb6219
73261f7daa90ce6fd7a81b10ed7bd762200c3f28
3f4bfe673679f8f0650774c07f8707a7013ac7e1c3e1b3b03e68cbaa5ccc1af6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3797
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 18:03:29 GMT
Last-Modified: Mon, 26 Sep 2022 17:00:12 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1325)
Hash cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Mon, 26 Sep 2022 16:41:09 GMT
expires: Mon, 26 Sep 2022 18:41:09 GMT
cache-control: public, max-age=7200
age: 4940
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 314 B IP
Hash ee8eeda4e9bcb3bb0b0c4a986ae7e68a
c9724fa989a36657e73da839c1e3cb59e49a8833
f4217a1b5a0487d90e984066fca080549632068d63a0b914494503a4adf14f79
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4725
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 18:03:29 GMT
Last-Modified: Mon, 26 Sep 2022 16:44:44 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 314
connect.facebook.net/en_US/fbevents.js
200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP
File type ASCII text, with very long lines (64348)
Hash e1327a02d76346c7e23d114e4e508b30
195b8ad875ab8f7a7adf735f1f70aa02b3a2e1a3
331e67b451c6559915b12ab2df810ccdba73b3971c5301b2010b54dd6d391de2
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: c817SaJLlGslX92Njd369bVdvdyKMcVzTaElJPZogE11J+C9Z8SOb7rirW6NLWJm8CG1f76dr9gVDeuluFporw==
priority: u=3,i
content-length: 26840
x-fb-trip-id: 1679558926
date: Mon, 26 Sep 2022 18:03:29 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ctrack.trafficjunky.net/ctrack?action=list&type=add&id=notregistered&context=20bet.com&cookiename=notregistered&age=262800&maxcookiecount=10
200 OK 35 B URL HTTP/1.1 ctrack.trafficjunky.net/ctrack?action=list&type=add&id=notregistered&context=20bet.com&cookiename=notregistered&age=262800&maxcookiecount=10
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /ctrack?action=list&type=add&id=notregistered&context=20bet.com&cookiename=notregistered&age=262800&maxcookiecount=10 HTTP/1.1
Host: ctrack.trafficjunky.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
server: openresty
date: Mon, 26 Sep 2022 18:03:29 GMT
content-type: image/gif
content-length: 35
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Sun, 22 Jan 1984 03:00:00 GMT
p3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
pragma: no-cache
set-cookie: tj_UUID=03e5610b977c4b8ba2f44366780e17bc; Path=/; Domain=trafficjunky.net; Expires=Wed, 26 Oct 2022 18:03:29 GMT; Secure; SameSite=None
tj_UUID_v2=03e5610b-977c-4b8b-a2f4-4366780e17bc; Path=/; Domain=trafficjunky.net; Expires=Wed, 26 Oct 2022 18:03:29 GMT; Secure; SameSite=None
1918bc62c1a6d87456120b5ac922270e=notregistered; Path=/; Domain=trafficjunky.net; Expires=Tue, 28 Mar 2023 06:03:29 GMT; Secure; SameSite=None
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-headers: Content-Type
access-control-max-age: 86400
x-request-id: 6331E971-42FE725901BB2FF6-1FA96204
ocsp.sectigo.com/
200 OK 471 B IP
Hash 925dcfd890f0fc22ebce6e43cc497ecd
1d756347443f7bf74cbe47b8f4f3a7f011f34a6a
e7b0dd7394e21b78df7c84eef61e0dd3ca0811a470c06d594cd93f080dabc580
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 18:03:29 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 24 Sep 2022 01:56:49 GMT
Expires: Sat, 01 Oct 2022 01:56:48 GMT
Etag: "1d756347443f7bf74cbe47b8f4f3a7f011f34a6a"
Cache-Control: max-age=373398,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 750deaa2cf570b4d-OSL
ocsp.sectigo.com/
200 OK 471 B IP
Hash 925dcfd890f0fc22ebce6e43cc497ecd
1d756347443f7bf74cbe47b8f4f3a7f011f34a6a
e7b0dd7394e21b78df7c84eef61e0dd3ca0811a470c06d594cd93f080dabc580
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 18:03:29 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 24 Sep 2022 01:56:49 GMT
Expires: Sat, 01 Oct 2022 01:56:48 GMT
Etag: "1d756347443f7bf74cbe47b8f4f3a7f011f34a6a"
Cache-Control: max-age=373398,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 750deaa2efba0b31-OSL
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 37e4c42becee6919e21a1ad247185dcf
79ca18439435bb90839dd0c37b7953610b548823
79003f5a9bd967319c6216b7310a5013840865120f8397fbc9b4f3f983d6636f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 26 Sep 2022 18:03:29 GMT
Last-Modified: Mon, 26 Sep 2022 16:13:38 GMT
Server: ECS (nyb/1D20)
X-Cache: Miss from cloudfront
Via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: OncM_NhcLlNZlZ4ffadlZ_SOpqWD0VLf5mw78fdsmwdDeNBkolvURQ==
Age: 6591
ocsp.digicert.com/
200 OK 471 B IP
Hash cf99681f6f1d6e00e0abca7033eb6219
73261f7daa90ce6fd7a81b10ed7bd762200c3f28
3f4bfe673679f8f0650774c07f8707a7013ac7e1c3e1b3b03e68cbaa5ccc1af6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3797
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 18:03:29 GMT
Last-Modified: Mon, 26 Sep 2022 17:00:12 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=2&user_id=8fd9eee2-4623-410f-bfe8-0210716374c2&cb=bb55c6b1-c99b-4d3f-9f91-b6fdfa8d1f93
302 Moved Temporarily 0 B URL HTTP/1.1 x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=2&user_id=8fd9eee2-4623-410f-bfe8-0210716374c2&cb=bb55c6b1-c99b-4d3f-9f91-b6fdfa8d1f93
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?dsp_id=409&expires=14&user_group=2&user_id=8fd9eee2-4623-410f-bfe8-0210716374c2&cb=bb55c6b1-c99b-4d3f-9f91-b6fdfa8d1f93 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache, no-store, must-revalidate
Date: Mon, 26 Sep 2022 18:03:29 GMT
Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=8fd9eee2-4623-410f-bfe8-0210716374c2&cb=bb55c6b1-c99b-4d3f-9f91-b6fdfa8d1f93
Set-Cookie: tuuid=2e0d3396-1189-45f5-99cd-114ddb77dcf0; path=/; expires=Tue, 26-Sep-2023 18:03:29 GMT; domain=.bidswitch.net; samesite=none; secure
c=1664215409; path=/; expires=Tue, 26-Sep-2023 18:03:29 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1664215409; path=/; expires=Tue, 26-Sep-2023 18:03:29 GMT; domain=.bidswitch.net; samesite=none; secure
c=1664215409; path=/; expires=Tue, 26-Sep-2023 18:03:29 GMT; domain=.bidswitch.net; samesite=none; secure
Content-Length: 0
Connection: keep-alive
x.bidswitch.net/syncd?dsp_id=409&user_group=1&user_id=8fd9eee2-4623-410f-bfe8-0210716374c2&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3D8fd9eee2-4623-410f-bfe8-0210716374c2
302 Moved Temporarily 0 B URL HTTP/1.1 x.bidswitch.net/syncd?dsp_id=409&user_group=1&user_id=8fd9eee2-4623-410f-bfe8-0210716374c2&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3D8fd9eee2-4623-410f-bfe8-0210716374c2
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /syncd?dsp_id=409&user_group=1&user_id=8fd9eee2-4623-410f-bfe8-0210716374c2&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3D8fd9eee2-4623-410f-bfe8-0210716374c2 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20bet.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache, no-store, must-revalidate
Date: Mon, 26 Sep 2022 18:03:29 GMT
Location: https://x.bidswitch.net/ul_cb/syncd?dsp_id=409&user_group=1&user_id=8fd9eee2-4623-410f-bfe8-0210716374c2&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3D8fd9eee2-4623-410f-bfe8-0210716374c2
Set-Cookie: tuuid=d20e1d9c-f7d3-4199-839b-e280d5ef4112; path=/; expires=Tue, 26-Sep-2023 18:03:29 GMT; domain=.bidswitch.net; samesite=none; secure
c=1664215409; path=/; expires=Tue, 26-Sep-2023 18:03:29 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1664215409; path=/; expires=Tue, 26-Sep-2023 18:03:29 GMT; domain=.bidswitch.net; samesite=none; secure
c=1664215409; path=/; expires=Tue, 26-Sep-2023 18:03:29 GMT; domain=.bidswitch.net; samesite=none; secure
Content-Length: 0
Connection: keep-alive
eb2.3lift.com/xuid?mid=7963&xuid=8fd9eee2-4623-410f-bfe8-0210716374c2&dongle=3oy7
200 OK 37 B URL HTTP/2 eb2.3lift.com/xuid?mid=7963&xuid=8fd9eee2-4623-410f-bfe8-0210716374c2&dongle=3oy7
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /xuid?mid=7963&xuid=8fd9eee2-4623-410f-bfe8-0210716374c2&dongle=3oy7 HTTP/1.1
Host: eb2.3lift.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 18:03:29 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
20bet.com/app/common.e89c277859fdc666.esm.js
200 OK 197 kB URL HTTP/2 20bet.com/app/common.e89c277859fdc666.esm.js
IP
File type ASCII text, with very long lines (23919), with no line terminators
Size 197 kB (197367 bytes)
Hash 38f0e98ab5e51b3fa997df6e2ca4c4d3
c8e6ff0d030f7be60cbd59321515a52e5a1e31fe
5606f42c4b20ea0bc9dafeaefe45409b3fcf2d4c216b1f90b879f31b0f955164
GET /app/common.e89c277859fdc666.esm.js HTTP/1.1
Host: 20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/casino?btag=655020_5BD7A9B6B8284D4692ECB34435B01F1D&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-20bet-EU-NotReg-popFTDCasino&utm_term=Ubidex-20bet-EU-NotReg-pop-FTDCasino&subid=43d9dqqk2ciqevr712
Cookie: preferred-language=en; btag=655020_5BD7A9B6B8284D4692ECB34435B01F1D; subid=43d9dqqk2ciqevr712; utm_campaign=Ubidex-20bet-EU-NotReg-popFTDCasino; utm_medium=Ubidex; utm_source=retarget; utm_term=Ubidex-20bet-EU-NotReg-pop-FTDCasino; _sp_srt_ses.1d36=*; _sp_srt_id.1d36=68b83fef-3c13-4a11-9e6e-606ad6b863c8.1664215407.1.1664215407.1664215407.7c62c39b-2adb-4e6b-bc2e-3f5188733984; _ga_J9LNZYMXZE=GS1.1.1664215406.1.0.1664215406.0.0.0; _ga=GA1.1.1723472836.1664215407; DV_TRACK=b6251639-a050-4909-b3e1-02e83e51cfdd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 18:03:29 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 08:26:50 GMT
vary: Accept-Encoding
etag: W/"6331624a-5d6f"
cache-control: max-age=14400
cf-cache-status: HIT
age: 266
server: cloudflare
cf-ray: 750deaa31f331c06-OSL
content-encoding: br
X-Firefox-Spdy: h2
x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=2&user_id=8fd9eee2-4623-410f-bfe8-0210716374c2&cb=e7a5b8b3-08d5-4c0c-8366-3b5eec323544
302 Moved Temporarily 0 B URL HTTP/1.1 x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=2&user_id=8fd9eee2-4623-410f-bfe8-0210716374c2&cb=e7a5b8b3-08d5-4c0c-8366-3b5eec323544
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?dsp_id=409&expires=14&user_group=2&user_id=8fd9eee2-4623-410f-bfe8-0210716374c2&cb=e7a5b8b3-08d5-4c0c-8366-3b5eec323544 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache, no-store, must-revalidate
Date: Mon, 26 Sep 2022 18:03:29 GMT
Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=8fd9eee2-4623-410f-bfe8-0210716374c2&cb=e7a5b8b3-08d5-4c0c-8366-3b5eec323544
Set-Cookie: tuuid=99521e19-8f46-4f22-a3bb-d1033be5c3fa; path=/; expires=Tue, 26-Sep-2023 18:03:29 GMT; domain=.bidswitch.net; samesite=none; secure
c=1664215409; path=/; expires=Tue, 26-Sep-2023 18:03:29 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1664215409; path=/; expires=Tue, 26-Sep-2023 18:03:29 GMT; domain=.bidswitch.net; samesite=none; secure
c=1664215409; path=/; expires=Tue, 26-Sep-2023 18:03:29 GMT; domain=.bidswitch.net; samesite=none; secure
Content-Length: 0
Connection: keep-alive
20bet.com/app/common.9fee8e38091ae3ff.css
200 OK 1.6 kB URL HTTP/2 20bet.com/app/common.9fee8e38091ae3ff.css
IP
File type ASCII text, with very long lines (2188), with no line terminators
Hash 93e84f2d91e566e5e56a73d6fb1b6446
c41c47ce6f75f19768a83b630d4dff1fe2af2cc0
9b478ebdd2e4f26fdd9521d06488aa76780e347bd30bad564654855abe2f4876
GET /app/common.9fee8e38091ae3ff.css HTTP/1.1
Host: 20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/casino?btag=655020_5BD7A9B6B8284D4692ECB34435B01F1D&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-20bet-EU-NotReg-popFTDCasino&utm_term=Ubidex-20bet-EU-NotReg-pop-FTDCasino&subid=43d9dqqk2ciqevr712
Cookie: preferred-language=en; btag=655020_5BD7A9B6B8284D4692ECB34435B01F1D; subid=43d9dqqk2ciqevr712; utm_campaign=Ubidex-20bet-EU-NotReg-popFTDCasino; utm_medium=Ubidex; utm_source=retarget; utm_term=Ubidex-20bet-EU-NotReg-pop-FTDCasino; _sp_srt_ses.1d36=*; _sp_srt_id.1d36=68b83fef-3c13-4a11-9e6e-606ad6b863c8.1664215407.1.1664215407.1664215407.7c62c39b-2adb-4e6b-bc2e-3f5188733984; _ga_J9LNZYMXZE=GS1.1.1664215406.1.0.1664215406.0.0.0; _ga=GA1.1.1723472836.1664215407; DV_TRACK=b6251639-a050-4909-b3e1-02e83e51cfdd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 18:03:29 GMT
content-type: text/css
last-modified: Mon, 26 Sep 2022 08:26:31 GMT
vary: Accept-Encoding
etag: W/"63316237-88c"
cache-control: max-age=14400
cf-cache-status: HIT
age: 266
server: cloudflare
cf-ray: 750deaa31f291c06-OSL
content-encoding: br
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-J9LNZYMXZE>m=2oe9l0&_p=271500426&cid=1723472836.1664215407&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664215406&sct=1&seg=0&dl=https%3A%2F%2F20bet.com%2Fcasino%3Fbtag%3D655020_5BD7A9B6B8284D4692ECB34435B01F1D%26utm_source%3Dretarget%26utm_medium%3DUbidex%26utm_campaign%3DUbidex-20bet-EU-NotReg-popFTDCasino%26utm_term%3DUbidex-20bet-EU-NotReg-pop-FTDCasino%26subid%3D43d9dqqk2ciqevr712&dr=https%3A%2F%2Fts.cvastico.com%2F&dt=Best%20Online%20Casino%20to%20Win%20Real%20Money%20%C2%BB%20Play%20at%2020Bet%20Legally&en=page_view&_fv=1&_nsi=1&_ss=1
204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-J9LNZYMXZE>m=2oe9l0&_p=271500426&cid=1723472836.1664215407&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664215406&sct=1&seg=0&dl=https%3A%2F%2F20bet.com%2Fcasino%3Fbtag%3D655020_5BD7A9B6B8284D4692ECB34435B01F1D%26utm_source%3Dretarget%26utm_medium%3DUbidex%26utm_campaign%3DUbidex-20bet-EU-NotReg-popFTDCasino%26utm_term%3DUbidex-20bet-EU-NotReg-pop-FTDCasino%26subid%3D43d9dqqk2ciqevr712&dr=https%3A%2F%2Fts.cvastico.com%2F&dt=Best%20Online%20Casino%20to%20Win%20Real%20Money%20%C2%BB%20Play%20at%2020Bet%20Legally&en=page_view&_fv=1&_nsi=1&_ss=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-J9LNZYMXZE>m=2oe9l0&_p=271500426&cid=1723472836.1664215407&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664215406&sct=1&seg=0&dl=https%3A%2F%2F20bet.com%2Fcasino%3Fbtag%3D655020_5BD7A9B6B8284D4692ECB34435B01F1D%26utm_source%3Dretarget%26utm_medium%3DUbidex%26utm_campaign%3DUbidex-20bet-EU-NotReg-popFTDCasino%26utm_term%3DUbidex-20bet-EU-NotReg-pop-FTDCasino%26subid%3D43d9dqqk2ciqevr712&dr=https%3A%2F%2Fts.cvastico.com%2F&dt=Best%20Online%20Casino%20to%20Win%20Real%20Money%20%C2%BB%20Play%20at%2020Bet%20Legally&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://20bet.com
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://20bet.com
date: Mon, 26 Sep 2022 18:03:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash 925dcfd890f0fc22ebce6e43cc497ecd
1d756347443f7bf74cbe47b8f4f3a7f011f34a6a
e7b0dd7394e21b78df7c84eef61e0dd3ca0811a470c06d594cd93f080dabc580
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 18:03:29 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 24 Sep 2022 01:56:49 GMT
Expires: Sat, 01 Oct 2022 01:56:48 GMT
Etag: "1d756347443f7bf74cbe47b8f4f3a7f011f34a6a"
Cache-Control: max-age=373398,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 750deaa2bd00b4f9-OSL
track.trackingtraffo.com/pixel?auth=q1wumswr&event=visit&uid=undefined&tid=%7BTRANSACTION_ID%7D&cur=undefined&amount=undefined&site=20bet.com&ln=en-US
200 OK 0 B URL HTTP/1.1 track.trackingtraffo.com/pixel?auth=q1wumswr&event=visit&uid=undefined&tid=%7BTRANSACTION_ID%7D&cur=undefined&amount=undefined&site=20bet.com&ln=en-US
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel?auth=q1wumswr&event=visit&uid=undefined&tid=%7BTRANSACTION_ID%7D&cur=undefined&amount=undefined&site=20bet.com&ln=en-US HTTP/1.1
Host: track.trackingtraffo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 26 Sep 2022 18:03:29 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
Pragma: no-cache
Expires: Sat, 01 Jan 2000 00:00:00 GMT
platform.20bet.com/api/status
204 No Content 0 B URL HTTP/2 platform.20bet.com/api/status
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/status HTTP/1.1
Host: platform.20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://20bet.com/
Origin: https://20bet.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 26 Sep 2022 18:03:29 GMT
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 750deaa3c8351c06-OSL
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash 925dcfd890f0fc22ebce6e43cc497ecd
1d756347443f7bf74cbe47b8f4f3a7f011f34a6a
e7b0dd7394e21b78df7c84eef61e0dd3ca0811a470c06d594cd93f080dabc580
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 18:03:29 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 24 Sep 2022 01:56:49 GMT
Expires: Sat, 01 Oct 2022 01:56:48 GMT
Etag: "1d756347443f7bf74cbe47b8f4f3a7f011f34a6a"
Cache-Control: max-age=373398,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 750deaa2cd35fabc-OSL
static.hotjar.com/c/hotjar-2053477.js?sv=6
200 OK 2.2 kB URL HTTP/2 static.hotjar.com/c/hotjar-2053477.js?sv=6
IP
File type ASCII text, with very long lines (3790)
Hash 867a004afaea4f9b475afce9fb64b4ed
1062c0e1f4eca02ae1f2dff5200e4ca8d4c0142a
ca0785722f0effbaa225077028059ec5989ed39d84bdcd1aee27b5d68d3cb58a
GET /c/hotjar-2053477.js?sv=6 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=604800; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
date: Mon, 26 Sep 2022 18:03:08 GMT
cache-control: max-age=60
etag: W/59a4ac8d8d3165e34d6b433f61257550
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: NuMfPHTKNVKdJ2RRtkmWFNZpOi4gqMfydMtpRPDzuuC9Nh7goBQw3A==
age: 37
X-Firefox-Spdy: h2
platform.20bet.com/api/v2/configurations
204 No Content 0 B URL HTTP/2 platform.20bet.com/api/v2/configurations
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/v2/configurations HTTP/1.1
Host: platform.20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://20bet.com/
Origin: https://20bet.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 26 Sep 2022 18:03:29 GMT
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 750deaa3d83e1c06-OSL
X-Firefox-Spdy: h2
platform.20bet.com/api/sport/list/-1/0/en
204 No Content 0 B URL HTTP/2 platform.20bet.com/api/sport/list/-1/0/en
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/sport/list/-1/0/en HTTP/1.1
Host: platform.20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://20bet.com/
Origin: https://20bet.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 26 Sep 2022 18:03:29 GMT
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 750deaa3d8431c06-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash f5b2b66a4c58b7d00bf6d9b1a856f014
052056440bc080691f8845cfb7ec4bdac3297a4c
00f3e7583ac5de995f182185d63b2df91d8594210afa18f543e73d0f81f6f5cf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5505
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 18:03:29 GMT
Last-Modified: Mon, 26 Sep 2022 16:31:44 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
platform.20bet.com/api/market-descriptions/get-all-markets/en
204 No Content 0 B URL HTTP/2 platform.20bet.com/api/market-descriptions/get-all-markets/en
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/market-descriptions/get-all-markets/en HTTP/1.1
Host: platform.20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://20bet.com/
Origin: https://20bet.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 26 Sep 2022 18:03:29 GMT
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 750deaa3c82f1c06-OSL
X-Firefox-Spdy: h2
dsp-trk.eskimi.com/tracking/cssession?tst&id=22441
304 Not Modified 0 B URL HTTP/2 dsp-trk.eskimi.com/tracking/cssession?tst&id=22441
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tracking/cssession?tst&id=22441 HTTP/1.1
Host: dsp-trk.eskimi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://20bet.com
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 304 Not Modified
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
date: Mon, 26 Sep 2022 18:03:29 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
platform.20bet.com/api/data/get-countries
204 No Content 0 B URL HTTP/2 platform.20bet.com/api/data/get-countries
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/data/get-countries HTTP/1.1
Host: platform.20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://20bet.com/
Origin: https://20bet.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 26 Sep 2022 18:03:29 GMT
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 750deaa3fb4e1c0e-OSL
X-Firefox-Spdy: h2
platform.20bet.com/api/data/provinces
204 No Content 0 B URL HTTP/2 platform.20bet.com/api/data/provinces
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/data/provinces HTTP/1.1
Host: platform.20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://20bet.com/
Origin: https://20bet.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 26 Sep 2022 18:03:29 GMT
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 750deaa3fb531c0e-OSL
X-Firefox-Spdy: h2
20bet.com/push-worker.js
404 Not Found 7.6 kB IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4744), with CRLF, LF line terminators
Hash 3ee96ff724157686589e7874f38ffa05
e2e541b878a91bf92005d6c225f44bf945575dbd
4134542201cdcec68c881aac75ec8b527f37ac613ee65c9e2343edfa542c5d42
GET /push-worker.js HTTP/1.1
Host: 20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: preferred-language=en; btag=655020_5BD7A9B6B8284D4692ECB34435B01F1D; subid=43d9dqqk2ciqevr712; utm_campaign=Ubidex-20bet-EU-NotReg-popFTDCasino; utm_medium=Ubidex; utm_source=retarget; utm_term=Ubidex-20bet-EU-NotReg-pop-FTDCasino
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
date: Mon, 26 Sep 2022 18:03:28 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.29
cache-control: max-age=0, must-revalidate, private
expires: Mon, 26 Sep 2022 18:03:28 GMT
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: BYPASS
server: cloudflare
cf-ray: 750dea9e297b1c06-OSL
content-encoding: br
X-Firefox-Spdy: h2
x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=2&user_id=8fd9eee2-4623-410f-bfe8-0210716374c2&cb=45885f6d-3ac6-4668-9430-03e3ae96355f
302 Moved Temporarily 0 B URL HTTP/1.1 x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=2&user_id=8fd9eee2-4623-410f-bfe8-0210716374c2&cb=45885f6d-3ac6-4668-9430-03e3ae96355f
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?dsp_id=409&expires=14&user_group=2&user_id=8fd9eee2-4623-410f-bfe8-0210716374c2&cb=45885f6d-3ac6-4668-9430-03e3ae96355f HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache, no-store, must-revalidate
Date: Mon, 26 Sep 2022 18:03:29 GMT
Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=8fd9eee2-4623-410f-bfe8-0210716374c2&cb=45885f6d-3ac6-4668-9430-03e3ae96355f
Set-Cookie: tuuid=23c78ef5-dc4a-4d17-a423-fc4c01ce8466; path=/; expires=Tue, 26-Sep-2023 18:03:29 GMT; domain=.bidswitch.net; samesite=none; secure
c=1664215409; path=/; expires=Tue, 26-Sep-2023 18:03:29 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1664215409; path=/; expires=Tue, 26-Sep-2023 18:03:29 GMT; domain=.bidswitch.net; samesite=none; secure
c=1664215409; path=/; expires=Tue, 26-Sep-2023 18:03:29 GMT; domain=.bidswitch.net; samesite=none; secure
Content-Length: 0
Connection: keep-alive
platform.20bet.com/api/data/get-currencies
204 No Content 0 B URL HTTP/2 platform.20bet.com/api/data/get-currencies
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/data/get-currencies HTTP/1.1
Host: platform.20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://20bet.com/
Origin: https://20bet.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 26 Sep 2022 18:03:29 GMT
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 750deaa40b5e1c0e-OSL
X-Firefox-Spdy: h2
platform.20bet.com/api/tournaments/bet-tournament/get-active?fields%5B%5D=tournaments&fields%5B%5D=leaderboards&fields%5B%5D=authorizedUsers
204 No Content 0 B URL HTTP/2 platform.20bet.com/api/tournaments/bet-tournament/get-active?fields%5B%5D=tournaments&fields%5B%5D=leaderboards&fields%5B%5D=authorizedUsers
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/tournaments/bet-tournament/get-active?fields%5B%5D=tournaments&fields%5B%5D=leaderboards&fields%5B%5D=authorizedUsers HTTP/1.1
Host: platform.20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://20bet.com/
Origin: https://20bet.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 26 Sep 2022 18:03:29 GMT
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 750deaa40b651c0e-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash bc7883d0a03d9c3559288a600fecc70a
b0e538996510ec8c861264cba4bf79fa73f6f7d6
c3bdc9bb12c7c951ca2d861c95156de2c724acc82386e882864c464132e07ac3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 18:03:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tag.growthbuddy.app/tag.js?id=DV-02355017850611493202
200 OK 4.2 kB URL HTTP/2 tag.growthbuddy.app/tag.js?id=DV-02355017850611493202
IP
Hash cd15d86fe8abef22ea1059e185427673
447f883d6e58b811c51c257bb8096b8aff73bdcb
9e11afc47a1e68e749edec2e81afd672fb7c994dc7bc899732fd996bec24141d
GET /tag.js?id=DV-02355017850611493202 HTTP/1.1
Host: tag.growthbuddy.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 18:03:28 GMT
content-type: application/javascript; charset=utf-8
set-cookie: INGRESSCOOKIE=1664215409.555.535.307546|5f2e1b57d78510d04b0cf9036879032b; Path=/; Secure; HttpOnly
vary: Accept-Encoding
cache-control: public, max-age=7200
x-content-type-options: nosniff
etag: "1382-4YuDa3owVc9r2LUx5CM7dj7oB9U"
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
platform.20bet.com/api/market-descriptions/get-all-outcomes/en
204 No Content 0 B URL HTTP/2 platform.20bet.com/api/market-descriptions/get-all-outcomes/en
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/market-descriptions/get-all-outcomes/en HTTP/1.1
Host: platform.20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://20bet.com/
Origin: https://20bet.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 204 No Content
date: Mon, 26 Sep 2022 18:03:29 GMT
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 750deaa3db391c0e-OSL
X-Firefox-Spdy: h2
www.google.com/recaptcha/api.js?render=6Ley_-AUAAAAABKS0CxGrXn7WcIrUtA7OZDmjlTZ
200 OK 585 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6Ley_-AUAAAAABKS0CxGrXn7WcIrUtA7OZDmjlTZ
IP
File type ASCII text, with very long lines (884), with no line terminators
Hash 42156d68208fcb2a0b9b58c7053b2431
f4b4e673b3ff57c0d1b1a524a75843cf2ed33877
c1c077bef6f130fcac7d3adc952de446d031a9b3f6d57f91164ef542a9110083
GET /recaptcha/api.js?render=6Ley_-AUAAAAABKS0CxGrXn7WcIrUtA7OZDmjlTZ HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Mon, 26 Sep 2022 18:03:29 GMT
date: Mon, 26 Sep 2022 18:03:29 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 585
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
platform.20bet.com/api/status
200 OK 1.1 kB URL HTTP/2 platform.20bet.com/api/status
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash ba43f9d84d5cc3e37a817601b691db69
65b15c276d48c4314a71e948f473b54416815e4c
0c227098cee8fa8bf2a4e9079beeee2d5523ce352c3d8af729c121096d569133
GET /api/status HTTP/1.1
Host: platform.20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
client-timezone: UTC
Origin: https://20bet.com
Connection: keep-alive
Referer: https://20bet.com/
Cookie: _sp_srt_ses.1d36=*; _sp_srt_id.1d36=68b83fef-3c13-4a11-9e6e-606ad6b863c8.1664215407.1.1664215407.1664215407.7c62c39b-2adb-4e6b-bc2e-3f5188733984; _ga_J9LNZYMXZE=GS1.1.1664215406.1.0.1664215406.0.0.0; _ga=GA1.1.1723472836.1664215407; DV_TRACK=b6251639-a050-4909-b3e1-02e83e51cfdd
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 18:03:29 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.30
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 750deaa4086c1c06-OSL
content-encoding: br
X-Firefox-Spdy: h2
platform.20bet.com/api/market-group-sorting/get-all-ordered
204 No Content 0 B URL HTTP/2 platform.20bet.com/api/market-group-sorting/get-all-ordered
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/market-group-sorting/get-all-ordered HTTP/1.1
Host: platform.20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://20bet.com/
Origin: https://20bet.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 26 Sep 2022 18:03:29 GMT
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 750deaa3eb3d1c0e-OSL
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/tag.js
200 OK 72 kB URL HTTP/2 mc.yandex.ru/metrika/tag.js
IP
File type Unicode text, UTF-8 (with BOM) text, with very long lines (593)
Hash 7a68c8644032413981e4ba5bc0d66c4a
2d46ca8055e8577ae7138140e34a6e633434973c
e0573e9a9cbfc3f00a921fa64c50270f5941a1ebb253ab70af2cc0dac45cb0d5
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 72341
date: Mon, 26 Sep 2022 18:03:29 GMT
access-control-allow-origin: *
etag: "632d6d03-11a95"
expires: Mon, 26 Sep 2022 19:03:29 GMT
last-modified: Fri, 23 Sep 2022 11:23:31 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 4474bfba80fa3257384d1c908e1353bf
9a2869a3888743d575e6f87d2a7479d5d97fa123
63378e949c0ea9564e7660ea0522ce7a59727a0a5232b81b77f8525899f67a2b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 18:03:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
platform.20bet.com/api/data/provinces
200 OK 912 B URL HTTP/2 platform.20bet.com/api/data/provinces
IP
File type JSON data\012- , ASCII text, with very long lines (1894), with no line terminators
Hash d3f403ba9ff43a43d731d7ca3dca9399
bba10653b90e745c0a9de7faa891e3de2a986f9b
13b8a773162461819d62dc8ddb8d18d2ca9488f47c0d0eefe6d9c521f77361c7
GET /api/data/provinces HTTP/1.1
Host: platform.20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
client-timezone: UTC
Origin: https://20bet.com
Connection: keep-alive
Referer: https://20bet.com/
Cookie: _sp_srt_ses.1d36=*; _sp_srt_id.1d36=68b83fef-3c13-4a11-9e6e-606ad6b863c8.1664215407.1.1664215407.1664215407.7c62c39b-2adb-4e6b-bc2e-3f5188733984; _ga_J9LNZYMXZE=GS1.1.1664215406.1.0.1664215406.0.0.0; _ga=GA1.1.1723472836.1664215407; DV_TRACK=b6251639-a050-4909-b3e1-02e83e51cfdd
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 18:03:29 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.30
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 750deaa438aa1c06-OSL
content-encoding: br
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-179168354-1&cid=1723472836.1664215407&jid=1667217700&gjid=1700556404&_gid=1828877326.1664215407&_u=YADAAEAAAAAAAC~&z=671179229
200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-179168354-1&cid=1723472836.1664215407&jid=1667217700&gjid=1700556404&_gid=1828877326.1664215407&_u=YADAAEAAAAAAAC~&z=671179229
IP
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-179168354-1&cid=1723472836.1664215407&jid=1667217700&gjid=1700556404&_gid=1828877326.1664215407&_u=YADAAEAAAAAAAC~&z=671179229 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://20bet.com
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://20bet.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 26 Sep 2022 18:03:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
platform.20bet.com/api/tournaments/bet-tournament/get-active?fields%5B%5D=tournaments&fields%5B%5D=leaderboards&fields%5B%5D=authorizedUsers
200 OK 840 B URL HTTP/2 platform.20bet.com/api/tournaments/bet-tournament/get-active?fields%5B%5D=tournaments&fields%5B%5D=leaderboards&fields%5B%5D=authorizedUsers
IP
File type JSON data\012- , ASCII text, with very long lines (1628), with no line terminators
Hash c0f0ddf0cd33aded2d89be4498bc7f11
7aa6f346c4c45c44eb5ff920eec8ee111f81b692
c959054fa61d93b796e00b1c2e01682a608c2e367850ccf1b0d990d3fad1c5c9
GET /api/tournaments/bet-tournament/get-active?fields%5B%5D=tournaments&fields%5B%5D=leaderboards&fields%5B%5D=authorizedUsers HTTP/1.1
Host: platform.20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
client-timezone: UTC
Origin: https://20bet.com
Connection: keep-alive
Referer: https://20bet.com/
Cookie: _sp_srt_ses.1d36=*; _sp_srt_id.1d36=68b83fef-3c13-4a11-9e6e-606ad6b863c8.1664215407.1.1664215407.1664215407.7c62c39b-2adb-4e6b-bc2e-3f5188733984; _ga_J9LNZYMXZE=GS1.1.1664215406.1.0.1664215406.0.0.0; _ga=GA1.1.1723472836.1664215407; DV_TRACK=b6251639-a050-4909-b3e1-02e83e51cfdd
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 18:03:29 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.30
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 750deaa448d31c06-OSL
content-encoding: br
X-Firefox-Spdy: h2
platform.20bet.com/api/data/get-currencies
200 OK 24 kB URL HTTP/2 platform.20bet.com/api/data/get-currencies
IP
File type JSON data\012- , ASCII text, with very long lines (9863), with no line terminators
Hash 7f1466f646b4558d392d3b9d947b7182
d931ca14906b761c67c417483755ca075f9105fd
0caa93cb588bfca5d730eb7034d119313c76eb480e72f3211cdbb6a808eb9984
GET /api/data/get-currencies HTTP/1.1
Host: platform.20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
client-timezone: UTC
Origin: https://20bet.com
Connection: keep-alive
Referer: https://20bet.com/
Cookie: _sp_srt_ses.1d36=*; _sp_srt_id.1d36=68b83fef-3c13-4a11-9e6e-606ad6b863c8.1664215407.1.1664215407.1664215407.7c62c39b-2adb-4e6b-bc2e-3f5188733984; _ga_J9LNZYMXZE=GS1.1.1664215406.1.0.1664215406.0.0.0; _ga=GA1.1.1723472836.1664215407; DV_TRACK=b6251639-a050-4909-b3e1-02e83e51cfdd
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 18:03:29 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.30
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 750deaa448bd1c06-OSL
content-encoding: br
X-Firefox-Spdy: h2
platform.20bet.com/api/sport/list/-1/0/en
200 OK 8.8 kB URL HTTP/2 platform.20bet.com/api/sport/list/-1/0/en
IP
File type JSON data\012- , ASCII text, with very long lines (22420), with no line terminators
Hash 16bf00f215d82f9b152620529b9676fe
535bd345431c9b00395dba0ce47ade23f219f341
9162d8527453d10719b5e27d3aa382402e56d1be7625054d0b51e0a8bb3fb549
GET /api/sport/list/-1/0/en HTTP/1.1
Host: platform.20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
client-timezone: UTC
Origin: https://20bet.com
Connection: keep-alive
Referer: https://20bet.com/
Cookie: _sp_srt_ses.1d36=*; _sp_srt_id.1d36=68b83fef-3c13-4a11-9e6e-606ad6b863c8.1664215407.1.1664215407.1664215407.7c62c39b-2adb-4e6b-bc2e-3f5188733984; _ga_J9LNZYMXZE=GS1.1.1664215406.1.0.1664215406.0.0.0; _ga=GA1.1.1723472836.1664215407; DV_TRACK=b6251639-a050-4909-b3e1-02e83e51cfdd
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 18:03:29 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.30
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 750deaa4187f1c06-OSL
content-encoding: br
X-Firefox-Spdy: h2
platform.20bet.com/api/data/get-countries
200 OK 20 kB URL HTTP/2 platform.20bet.com/api/data/get-countries
IP
File type JSON data\012- , ASCII text, with very long lines (65093), with no line terminators
Hash 40cac051ba97a64b7f43002af72508b4
09cbf293d4f0d5c69f3830f507c86071d057a79a
ab81075eb41a7374bcdd838535d16c7d0e636b956fa55dd67d80933ae6df765c
GET /api/data/get-countries HTTP/1.1
Host: platform.20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
client-timezone: UTC
Origin: https://20bet.com
Connection: keep-alive
Referer: https://20bet.com/
Cookie: _sp_srt_ses.1d36=*; _sp_srt_id.1d36=68b83fef-3c13-4a11-9e6e-606ad6b863c8.1664215407.1.1664215407.1664215407.7c62c39b-2adb-4e6b-bc2e-3f5188733984; _ga_J9LNZYMXZE=GS1.1.1664215406.1.0.1664215406.0.0.0; _ga=GA1.1.1723472836.1664215407; DV_TRACK=b6251639-a050-4909-b3e1-02e83e51cfdd
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 18:03:29 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.30
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 750deaa438a81c06-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://20bet.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 18:14:12 GMT
expires: Mon, 25 Sep 2023 18:14:12 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
age: 85757
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
platform.20bet.com/api/market-descriptions/get-all-markets/en
200 OK 27 kB URL HTTP/2 platform.20bet.com/api/market-descriptions/get-all-markets/en
IP
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash e77e71dbd2f25543ce8200bbc40e4293
2f840554ec3cb7ed08c0425bd77d09c114bbc30b
cba734309e12bb32c4234b978706b525bb5653adfd4ccaabe41fc3161675149f
GET /api/market-descriptions/get-all-markets/en HTTP/1.1
Host: platform.20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
client-timezone: UTC
Origin: https://20bet.com
Connection: keep-alive
Referer: https://20bet.com/
Cookie: _sp_srt_ses.1d36=*; _sp_srt_id.1d36=68b83fef-3c13-4a11-9e6e-606ad6b863c8.1664215407.1.1664215407.1664215407.7c62c39b-2adb-4e6b-bc2e-3f5188733984; _ga_J9LNZYMXZE=GS1.1.1664215406.1.0.1664215406.0.0.0; _ga=GA1.1.1723472836.1664215407; DV_TRACK=b6251639-a050-4909-b3e1-02e83e51cfdd
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 18:03:29 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.30
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 750deaa418891c06-OSL
content-encoding: br
X-Firefox-Spdy: h2
20bet.com/app/8194.ea64745e1f110df0.esm.js
200 OK 31 kB URL HTTP/2 20bet.com/app/8194.ea64745e1f110df0.esm.js
IP
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 940cd4fa9c6eff6d002f220499b7bd2c
13d1f62e1729292a713f13cb703a77d4c40f973f
598d6ea0ed1b7e1836c6daca65741b11409b8356581d5936966df42332713448
GET /app/8194.ea64745e1f110df0.esm.js HTTP/1.1
Host: 20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/casino?btag=655020_5BD7A9B6B8284D4692ECB34435B01F1D&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-20bet-EU-NotReg-popFTDCasino&utm_term=Ubidex-20bet-EU-NotReg-pop-FTDCasino&subid=43d9dqqk2ciqevr712
Cookie: preferred-language=en; btag=655020_5BD7A9B6B8284D4692ECB34435B01F1D; subid=43d9dqqk2ciqevr712; utm_campaign=Ubidex-20bet-EU-NotReg-popFTDCasino; utm_medium=Ubidex; utm_source=retarget; utm_term=Ubidex-20bet-EU-NotReg-pop-FTDCasino; _sp_srt_ses.1d36=*; _sp_srt_id.1d36=68b83fef-3c13-4a11-9e6e-606ad6b863c8.1664215407.1.1664215407.1664215407.7c62c39b-2adb-4e6b-bc2e-3f5188733984; _ga_J9LNZYMXZE=GS1.1.1664215406.1.0.1664215406.0.0.0; _ga=GA1.2.1723472836.1664215407; DV_TRACK=b6251639-a050-4909-b3e1-02e83e51cfdd; _gid=GA1.2.1828877326.1664215407; _gat_UA-179168354-1=1; _ym_uid=16642154081018845130; _ym_d=1664215408
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 18:03:29 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 08:26:41 GMT
vary: Accept-Encoding
etag: W/"63316241-10fdc"
cache-control: max-age=14400
cf-cache-status: EXPIRED
server: cloudflare
cf-ray: 750deaa68ba41c06-OSL
content-encoding: br
X-Firefox-Spdy: h2
20bet.com/app/1571.5263265b0583a52e.esm.js
200 OK 3.0 kB URL HTTP/2 20bet.com/app/1571.5263265b0583a52e.esm.js
IP
File type ASCII text, with very long lines (6094), with no line terminators
Hash 83c1e787cd4bae369501a4b4abb76e29
5a37f787f41610007a7ad2d67c6eede1e442296b
f9a4860913237c37069eac1abfef67bb504a0658662631a3b8e458d388084a77
GET /app/1571.5263265b0583a52e.esm.js HTTP/1.1
Host: 20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/casino?btag=655020_5BD7A9B6B8284D4692ECB34435B01F1D&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-20bet-EU-NotReg-popFTDCasino&utm_term=Ubidex-20bet-EU-NotReg-pop-FTDCasino&subid=43d9dqqk2ciqevr712
Cookie: preferred-language=en; btag=655020_5BD7A9B6B8284D4692ECB34435B01F1D; subid=43d9dqqk2ciqevr712; utm_campaign=Ubidex-20bet-EU-NotReg-popFTDCasino; utm_medium=Ubidex; utm_source=retarget; utm_term=Ubidex-20bet-EU-NotReg-pop-FTDCasino; _sp_srt_ses.1d36=*; _sp_srt_id.1d36=68b83fef-3c13-4a11-9e6e-606ad6b863c8.1664215407.1.1664215407.1664215407.7c62c39b-2adb-4e6b-bc2e-3f5188733984; _ga_J9LNZYMXZE=GS1.1.1664215406.1.0.1664215406.0.0.0; _ga=GA1.2.1723472836.1664215407; DV_TRACK=b6251639-a050-4909-b3e1-02e83e51cfdd; _gid=GA1.2.1828877326.1664215407; _gat_UA-179168354-1=1; _ym_uid=16642154081018845130; _ym_d=1664215408
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 18:03:29 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 08:26:31 GMT
vary: Accept-Encoding
etag: W/"63316237-17ce"
cache-control: max-age=14400
cf-cache-status: EXPIRED
server: cloudflare
cf-ray: 750deaa68ba71c06-OSL
content-encoding: br
X-Firefox-Spdy: h2
track.trackingtraffo.com/pixel?auth=v3eu8spg&event=visit&site=20bet.com&ln=en-US
200 OK 0 B URL HTTP/1.1 track.trackingtraffo.com/pixel?auth=v3eu8spg&event=visit&site=20bet.com&ln=en-US
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel?auth=v3eu8spg&event=visit&site=20bet.com&ln=en-US HTTP/1.1
Host: track.trackingtraffo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 26 Sep 2022 18:03:29 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
Pragma: no-cache
Expires: Sat, 01 Jan 2000 00:00:00 GMT
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 40178bbfd660ef9d7ed94f316f844c94
34aef6f56912e94488e86670168764075b401659
ed3406fcfd99af1e4d5341fa07c8d85ccd655154db9e2e58fb2a466f00387c42
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "ED3406FCFD99AF1E4D5341FA07C8D85CCD655154DB9E2E58FB2A466F00387C42"
Last-Modified: Mon, 26 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20247
Expires: Mon, 26 Sep 2022 23:40:56 GMT
Date: Mon, 26 Sep 2022 18:03:29 GMT
Connection: keep-alive
platform.20bet.com/api/v2/casino/category?isLive=0&auth=false
204 No Content 0 B URL HTTP/2 platform.20bet.com/api/v2/casino/category?isLive=0&auth=false
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/v2/casino/category?isLive=0&auth=false HTTP/1.1
Host: platform.20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://20bet.com/
Origin: https://20bet.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 26 Sep 2022 18:03:29 GMT
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 750deaa7bf481c0e-OSL
X-Firefox-Spdy: h2
platform.20bet.com/api/v2/casino/producer?is_live=0
204 No Content 0 B URL HTTP/2 platform.20bet.com/api/v2/casino/producer?is_live=0
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/v2/casino/producer?is_live=0 HTTP/1.1
Host: platform.20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://20bet.com/
Origin: https://20bet.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 26 Sep 2022 18:03:29 GMT
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 750deaa7bf551c0e-OSL
X-Firefox-Spdy: h2
20bet.com/app/8416.42320496342b2bb5.esm.js
200 OK 549 B URL HTTP/2 20bet.com/app/8416.42320496342b2bb5.esm.js
IP
File type ASCII text, with very long lines (974), with no line terminators
Hash e12497fc2ed9a9b82072c4e7331d0740
d554e480f70e7c59529fbbdd98273c58cd30e2fc
85f1016fe312b1fa70d6544ee17c3f6d51b160eab134c899ae033f97396f15c8
GET /app/8416.42320496342b2bb5.esm.js HTTP/1.1
Host: 20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/casino?btag=655020_5BD7A9B6B8284D4692ECB34435B01F1D&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-20bet-EU-NotReg-popFTDCasino&utm_term=Ubidex-20bet-EU-NotReg-pop-FTDCasino&subid=43d9dqqk2ciqevr712
Cookie: preferred-language=en; btag=655020_5BD7A9B6B8284D4692ECB34435B01F1D; subid=43d9dqqk2ciqevr712; utm_campaign=Ubidex-20bet-EU-NotReg-popFTDCasino; utm_medium=Ubidex; utm_source=retarget; utm_term=Ubidex-20bet-EU-NotReg-pop-FTDCasino; _sp_srt_ses.1d36=*; _sp_srt_id.1d36=68b83fef-3c13-4a11-9e6e-606ad6b863c8.1664215407.1.1664215407.1664215407.7c62c39b-2adb-4e6b-bc2e-3f5188733984; _ga_J9LNZYMXZE=GS1.1.1664215406.1.0.1664215406.0.0.0; _ga=GA1.1.1723472836.1664215407; DV_TRACK=b6251639-a050-4909-b3e1-02e83e51cfdd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 18:03:29 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 08:26:45 GMT
etag: W/"63316245-3ce"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3141
vary: Accept-Encoding
server: cloudflare
cf-ray: 750deaa31f391c06-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.livechatinc.com/tracking.js
200 OK 26 kB URL HTTP/2 cdn.livechatinc.com/tracking.js
IP
ASN #20940 Akamai International B.V.
Hash f61292f2ea5acf5598599547b21ded5e
514e2156e842563c85232a017dd347de6fcb79f3
48aa6dae53b928ce44bfbdced0cc27d9a332967dab69d565a116da4e52ded5b3
GET /tracking.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 22 Sep 2022 10:03:22 GMT
x-amz-version-id: O_IWnJ8_6UFnDnYWNYZfebEg7uBCf6_J
server: AmazonS3
content-encoding: br
etag: W/"08c0746873a649a99ee8d47403496ba9"
vary: Accept-Encoding
x-amz-cf-pop: HAM50-P2
x-amz-cf-id: tTXG5Mtx6BhCs8gZEwvtojVBEtrgYGYAS30SjwYivZxY1ODM_b3c5w==
content-length: 25745
cache-control: max-age=28800
expires: Tue, 27 Sep 2022 02:03:30 GMT
date: Mon, 26 Sep 2022 18:03:30 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
X-Firefox-Spdy: h2
20bet.com/assets/banners/casino/header_casino.webp
200 OK 269 kB URL HTTP/2 20bet.com/assets/banners/casino/header_casino.webp
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1920x460, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 269 kB (269174 bytes)
Hash 96d6a7f546ed96e3c3b710b0529b6958
767268af900033c2428ea1156f2fc783b95509c1
f95373a54b6e4992d86f6981cac11ec8deea18456eba753753b79619db98f703
GET /assets/banners/casino/header_casino.webp HTTP/1.1
Host: 20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/casino?btag=655020_5BD7A9B6B8284D4692ECB34435B01F1D&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-20bet-EU-NotReg-popFTDCasino&utm_term=Ubidex-20bet-EU-NotReg-pop-FTDCasino&subid=43d9dqqk2ciqevr712
Cookie: preferred-language=en; btag=655020_5BD7A9B6B8284D4692ECB34435B01F1D; subid=43d9dqqk2ciqevr712; utm_campaign=Ubidex-20bet-EU-NotReg-popFTDCasino; utm_medium=Ubidex; utm_source=retarget; utm_term=Ubidex-20bet-EU-NotReg-pop-FTDCasino; _sp_srt_ses.1d36=*; _sp_srt_id.1d36=68b83fef-3c13-4a11-9e6e-606ad6b863c8.1664215407.1.1664215407.1664215407.7c62c39b-2adb-4e6b-bc2e-3f5188733984; _ga_J9LNZYMXZE=GS1.1.1664215406.1.0.1664215406.0.0.0; _ga=GA1.2.1723472836.1664215407; DV_TRACK=b6251639-a050-4909-b3e1-02e83e51cfdd; _gid=GA1.2.1828877326.1664215407; _gat_UA-179168354-1=1; _ym_uid=16642154081018845130; _ym_d=1664215408
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 18:03:30 GMT
content-type: image/webp
content-length: 269174
last-modified: Mon, 26 Sep 2022 08:27:25 GMT
etag: "6331626d-41b76"
cache-control: max-age=14400
cf-cache-status: EXPIRED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 750deaa82e2a1c06-OSL
X-Firefox-Spdy: h2
20bet.com/assets/banners/casino-bg.png
200 OK 362 kB URL HTTP/2 20bet.com/assets/banners/casino-bg.png
IP
File type PNG image data, 2578 x 1777, 8-bit/color RGBA, non-interlaced\012- data
Size 362 kB (361899 bytes)
Hash 616f338401a529047e340f7682e3d97f
9a2e83f29ba4337286123dbfd6bfad514040bd32
23578bdd54017141d5f2c4d5acc8831c327a12942bfa358396efc83ff0b81698
GET /assets/banners/casino-bg.png HTTP/1.1
Host: 20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/casino?btag=655020_5BD7A9B6B8284D4692ECB34435B01F1D&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-20bet-EU-NotReg-popFTDCasino&utm_term=Ubidex-20bet-EU-NotReg-pop-FTDCasino&subid=43d9dqqk2ciqevr712
Cookie: preferred-language=en; btag=655020_5BD7A9B6B8284D4692ECB34435B01F1D; subid=43d9dqqk2ciqevr712; utm_campaign=Ubidex-20bet-EU-NotReg-popFTDCasino; utm_medium=Ubidex; utm_source=retarget; utm_term=Ubidex-20bet-EU-NotReg-pop-FTDCasino; _sp_srt_ses.1d36=*; _sp_srt_id.1d36=68b83fef-3c13-4a11-9e6e-606ad6b863c8.1664215407.1.1664215407.1664215407.7c62c39b-2adb-4e6b-bc2e-3f5188733984; _ga_J9LNZYMXZE=GS1.1.1664215406.1.0.1664215406.0.0.0; _ga=GA1.2.1723472836.1664215407; DV_TRACK=b6251639-a050-4909-b3e1-02e83e51cfdd; _gid=GA1.2.1828877326.1664215407; _gat_UA-179168354-1=1; _ym_uid=16642154081018845130; _ym_d=1664215408
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 18:03:30 GMT
content-type: image/png
content-length: 361899
last-modified: Mon, 26 Sep 2022 08:27:25 GMT
etag: "6331626d-585ab"
cache-control: max-age=14400
cf-cache-status: EXPIRED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 750deaa82e2c1c06-OSL
X-Firefox-Spdy: h2
x.bidswitch.net/ul_cb/syncd?dsp_id=409&user_group=1&user_id=8fd9eee2-4623-410f-bfe8-0210716374c2&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3D8fd9eee2-4623-410f-bfe8-0210716374c2
200 OK 43 B URL HTTP/1.1 x.bidswitch.net/ul_cb/syncd?dsp_id=409&user_group=1&user_id=8fd9eee2-4623-410f-bfe8-0210716374c2&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3D8fd9eee2-4623-410f-bfe8-0210716374c2
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/syncd?dsp_id=409&user_group=1&user_id=8fd9eee2-4623-410f-bfe8-0210716374c2&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3D8fd9eee2-4623-410f-bfe8-0210716374c2 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20bet.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: image/gif
Date: Mon, 26 Sep 2022 18:03:30 GMT
Content-Length: 43
Connection: keep-alive
script.hotjar.com/modules.01a02f6e8b126e8c8358.js
200 OK 66 kB URL HTTP/2 script.hotjar.com/modules.01a02f6e8b126e8c8358.js
IP
File type Unicode text, UTF-8 text, with very long lines (48714)
Hash 88b47d3464ed75957aaec1d6b297a6e8
760b0f75cc7a47bfd293e211fc950218675cdf41
84812290eadd6391e8c8083c3016bbb7de5a43346f873080b74052eda996392b
GET /modules.01a02f6e8b126e8c8358.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 65760
date: Fri, 23 Sep 2022 10:32:06 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "88b47d3464ed75957aaec1d6b297a6e8"
last-modified: Fri, 23 Sep 2022 10:32:03 GMT
strict-transport-security: max-age=604800; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: mj_45ztF__d3NZZjFyVPDjdh9ts8p3fLHFUWvgs1zpb3mtad-Oje9g==
age: 286284
X-Firefox-Spdy: h2
dwmu1hf7ovvid.cloudfront.net/logos/payments/interac.webp
200 OK 2.0 kB URL HTTP/2 dwmu1hf7ovvid.cloudfront.net/logos/payments/interac.webp
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash cdab7fb995b7866403558f335543bda7
7e6664ba967fd7b2e4d974fdb935a34e05227c45
c995f3a08c8df5b312ca12754a9faf36a9ee44ace812217fcf71414ec89a707f
GET /logos/payments/interac.webp HTTP/1.1
Host: dwmu1hf7ovvid.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 1950
last-modified: Fri, 25 Feb 2022 07:48:25 GMT
x-amz-version-id: IsVRXTBPMjrUqDJ0FxzCocQI4PQQyK0X
accept-ranges: bytes
server: AmazonS3
date: Sun, 25 Sep 2022 21:39:26 GMT
etag: "cdab7fb995b7866403558f335543bda7"
x-cache: Hit from cloudfront
via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: vAy7Rv3GaNJaqA3ry3aldcREl0Z6O1IcWuAaCBgNV86wLWLXreUn5g==
age: 73445
X-Firefox-Spdy: h2
c4457c89-e5ba-4d22-92e5-c2959310ee85.snippet.antillephone.com/54f396e0-b046-49b1-9cb3-0c69281d7ea9-beacon.png
200 OK 68 B URL HTTP/2 c4457c89-e5ba-4d22-92e5-c2959310ee85.snippet.antillephone.com/54f396e0-b046-49b1-9cb3-0c69281d7ea9-beacon.png
IP
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Hash e679fbd466a2d656f194a5da4fa083cd
2aa795c7607aa6ea41313be88f1b7a9c1ab516b3
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
GET /54f396e0-b046-49b1-9cb3-0c69281d7ea9-beacon.png HTTP/1.1
Host: c4457c89-e5ba-4d22-92e5-c2959310ee85.snippet.antillephone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 68
date: Wed, 31 Aug 2022 05:55:39 GMT
last-modified: Tue, 15 Dec 2020 08:04:53 GMT
etag: "e679fbd466a2d656f194a5da4fa083cd"
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: MSsZfDORGqXOye-mhQ_0KVgjucflGJHQOu25XJSnVEJgzKBmufD75g==
age: 2290072
X-Firefox-Spdy: h2
dwmu1hf7ovvid.cloudfront.net/flags/gb.svg
200 OK 538 B URL HTTP/2 dwmu1hf7ovvid.cloudfront.net/flags/gb.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash d3ddd6025a06a78535b0d432d14905bf
2b5148a18b90f933e47bf895c26d61a52d21d9d8
825310f9bcc8892559317bfc87fc28d5d7bad06c02d562b5740aafcf4b040803
GET /flags/gb.svg HTTP/1.1
Host: dwmu1hf7ovvid.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 538
last-modified: Tue, 10 Aug 2021 11:34:09 GMT
x-amz-version-id: b7y7vBlhmWvSwGzjTB5rWvuQdIeHyqcn
accept-ranges: bytes
server: AmazonS3
date: Mon, 26 Sep 2022 13:04:55 GMT
etag: "d3ddd6025a06a78535b0d432d14905bf"
x-cache: Hit from cloudfront
via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 480s3R9cjT6zFORODV8F64FyAA5bo21_oxbPMSnwe6B_cczzRDOBjQ==
age: 17916
X-Firefox-Spdy: h2
dwmu1hf7ovvid.cloudfront.net/logos/payments/jeton.webp
200 OK 5.9 kB URL HTTP/2 dwmu1hf7ovvid.cloudfront.net/logos/payments/jeton.webp
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 5b322abc074e92690294cbc4c91e7367
2eec25886d1b942709730e2ad20bf4175ac5a670
1b0d4b8ad5f4e4a48a81be2d13a2649d6b3c7cd41a501744c2525567d0d0bab8
GET /logos/payments/jeton.webp HTTP/1.1
Host: dwmu1hf7ovvid.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 5878
last-modified: Fri, 25 Feb 2022 07:48:25 GMT
x-amz-version-id: 3LxIFrbuND7xADVUotkoJ4KLlpdKaCIO
accept-ranges: bytes
server: AmazonS3
date: Sun, 25 Sep 2022 21:39:26 GMT
etag: "5b322abc074e92690294cbc4c91e7367"
x-cache: Hit from cloudfront
via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: r_9NgZXgOEATbCd5wQTlvhXs1YJHq7MTxrS6Xr5ex6K9dfSmhCC13w==
age: 73445
X-Firefox-Spdy: h2
dwmu1hf7ovvid.cloudfront.net/logos/payments/cryptocurrency.webp
200 OK 5.3 kB URL HTTP/2 dwmu1hf7ovvid.cloudfront.net/logos/payments/cryptocurrency.webp
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 4923661fefdfbe670be68a25329912eb
6ad90e59a44ea11896e12fb1b9832e9c7088c780
53eeb9d95673ea2018aa9a7033846d58c7592a0d068ba5778033e167f9e33361
GET /logos/payments/cryptocurrency.webp HTTP/1.1
Host: dwmu1hf7ovvid.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 5348
last-modified: Fri, 25 Feb 2022 07:48:25 GMT
x-amz-version-id: b72gvm3FoOVUU.rPJwpoK6me7DPM5VqB
accept-ranges: bytes
server: AmazonS3
date: Sun, 25 Sep 2022 21:39:26 GMT
etag: "4923661fefdfbe670be68a25329912eb"
x-cache: Hit from cloudfront
via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 1rOdNcfNLVD8JI93h7_gi3JqH9AfOB4j3gIIMt_0NKNQbYDMenVIRw==
age: 73445
X-Firefox-Spdy: h2
dwmu1hf7ovvid.cloudfront.net/logos/payments/ecopayz.webp
200 OK 11 kB URL HTTP/2 dwmu1hf7ovvid.cloudfront.net/logos/payments/ecopayz.webp
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 655fa02c6cfd48264806295ab9c2f3dc
c4abba9520932ed352a85b34fd59a3a6978cfd22
29bd5b67b49f82e8b22afb6502cce95d9972f580406ed3cabc58498e762831fe
GET /logos/payments/ecopayz.webp HTTP/1.1
Host: dwmu1hf7ovvid.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 11298
last-modified: Fri, 25 Feb 2022 07:48:25 GMT
x-amz-version-id: bdHaBf_POQvEHZxa2qXczjd2tqXiAluR
accept-ranges: bytes
server: AmazonS3
date: Mon, 26 Sep 2022 08:26:26 GMT
etag: "655fa02c6cfd48264806295ab9c2f3dc"
x-cache: Hit from cloudfront
via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 8C7-XLMLSeNDu4Q7Equ3a2Gx4xhpv95mPZK43AoyUFTBjJCVwleYGg==
age: 34624
X-Firefox-Spdy: h2
casino.cur.a8r.games/public/sg.js
200 OK 11 kB URL HTTP/2 casino.cur.a8r.games/public/sg.js
IP
Hash 190e2915a9628f32297f11336ea9f528
085d57f69232ec778adb157ef4c0edea2a4197ac
59458620c9edb77b02605e0248a7482a1cb5fab2658f58e75cd9a3b421f31a8f
GET /public/sg.js HTTP/1.1
Host: casino.cur.a8r.games
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 18:03:27 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Sep 2022 17:30:19 GMT
cf-cache-status: HIT
age: 1344
expires: Mon, 26 Sep 2022 22:03:27 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 750dea9baec20b39-OSL
X-Firefox-Spdy: h2
x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=8fd9eee2-4623-410f-bfe8-0210716374c2&cb=e7a5b8b3-08d5-4c0c-8366-3b5eec323544
302 Moved Temporarily 0 B URL HTTP/1.1 x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=8fd9eee2-4623-410f-bfe8-0210716374c2&cb=e7a5b8b3-08d5-4c0c-8366-3b5eec323544
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=8fd9eee2-4623-410f-bfe8-0210716374c2&cb=e7a5b8b3-08d5-4c0c-8366-3b5eec323544 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20bet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache, no-store, must-revalidate
Date: Mon, 26 Sep 2022 18:03:30 GMT
Location: //match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=8fd9eee2-4623-410f-bfe8-0210716374c2&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
Content-Length: 0
Connection: keep-alive
x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=8fd9eee2-4623-410f-bfe8-0210716374c2&cb=bb55c6b1-c99b-4d3f-9f91-b6fdfa8d1f93
302 Moved Temporarily 0 B URL HTTP/1.1 x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=8fd9eee2-4623-410f-bfe8-0210716374c2&cb=bb55c6b1-c99b-4d3f-9f91-b6fdfa8d1f93
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=8fd9eee2-4623-410f-bfe8-0210716374c2&cb=bb55c6b1-c99b-4d3f-9f91-b6fdfa8d1f93 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20bet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache, no-store, must-revalidate
Date: Mon, 26 Sep 2022 18:03:30 GMT
Location: //match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=8fd9eee2-4623-410f-bfe8-0210716374c2&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
Content-Length: 0
Connection: keep-alive
dwmu1hf7ovvid.cloudfront.net/logos/providers_small/color/all-providers.svg
200 OK 69 kB URL HTTP/2 dwmu1hf7ovvid.cloudfront.net/logos/providers_small/color/all-providers.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1039)
Hash 368c15a3508982efb54c11e9eaf3e480
2e2113d3674937ed0eca0b12628943646d8bee7e
56ea6cffe38f580d890ae291db5b9b386a0e92440da727bce7f932ad0fc81fe4
GET /logos/providers_small/color/all-providers.svg HTTP/1.1
Host: dwmu1hf7ovvid.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 68663
date: Sun, 25 Sep 2022 22:20:03 GMT
last-modified: Tue, 15 Jun 2021 13:20:51 GMT
etag: "368c15a3508982efb54c11e9eaf3e480"
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: eIfZw9802FK_YVpbsk9lhKwE5l3nnNtrcIjoAVnjdCfiyrJBWpmeBQ==
age: 71008
X-Firefox-Spdy: h2
x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=8fd9eee2-4623-410f-bfe8-0210716374c2&cb=45885f6d-3ac6-4668-9430-03e3ae96355f
302 Moved Temporarily 0 B URL HTTP/1.1 x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=8fd9eee2-4623-410f-bfe8-0210716374c2&cb=45885f6d-3ac6-4668-9430-03e3ae96355f
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=8fd9eee2-4623-410f-bfe8-0210716374c2&cb=45885f6d-3ac6-4668-9430-03e3ae96355f HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20bet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache, no-store, must-revalidate
Date: Mon, 26 Sep 2022 18:03:30 GMT
Location: //match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=8fd9eee2-4623-410f-bfe8-0210716374c2&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
Content-Length: 0
Connection: keep-alive
dsp-ap.eskimi.com/v2/gtr?id=22441&url=https%3A%2F%2F20bet.com%2Fcasino%3Fbtag%3D655020_5BD7A9B6B8284D4692ECB34435B01F1D%26utm_source%3Dretarget%26utm_medium%3DUbidex%26utm_campaign%3DUbidex-20bet-EU-NotReg-popFTDCasino%26utm_term%3DUbidex-20bet-EU-NotReg-pop-FTDCasino%26subid%3D43d9dqqk2ciqevr712&t=1664215407324
200 OK 3.8 kB URL HTTP/2 dsp-ap.eskimi.com/v2/gtr?id=22441&url=https%3A%2F%2F20bet.com%2Fcasino%3Fbtag%3D655020_5BD7A9B6B8284D4692ECB34435B01F1D%26utm_source%3Dretarget%26utm_medium%3DUbidex%26utm_campaign%3DUbidex-20bet-EU-NotReg-popFTDCasino%26utm_term%3DUbidex-20bet-EU-NotReg-pop-FTDCasino%26subid%3D43d9dqqk2ciqevr712&t=1664215407324
IP
Hash 0cff34e04ed13ea862fae9060fa98630
0d227a333b68bc4f9a1892364b7814335e9b34bd
e3b4c0ed839c32d3e41931e617bae4ea3b5d2a93d15d0c518c741bab402ebca4
GET /v2/gtr?id=22441&url=https%3A%2F%2F20bet.com%2Fcasino%3Fbtag%3D655020_5BD7A9B6B8284D4692ECB34435B01F1D%26utm_source%3Dretarget%26utm_medium%3DUbidex%26utm_campaign%3DUbidex-20bet-EU-NotReg-popFTDCasino%26utm_term%3DUbidex-20bet-EU-NotReg-pop-FTDCasino%26subid%3D43d9dqqk2ciqevr712&t=1664215407324 HTTP/1.1
Host: dsp-ap.eskimi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://20bet.com
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
set-cookie: __eConsent=1; Expires=Wed, 26 Oct 2022 18:03:29 GMT; Max-Age=2592000; Domain=.eskimi.com; Path=/; Secure; SameSite=None
__eDId=09f67ff6-3fb5-4dc2-9ea6-dd5eb2e2fe4b; Expires=Wed, 26 Oct 2022 18:03:29 GMT; Max-Age=2592000; Domain=.eskimi.com; Path=/; Secure; SameSite=None
__eP=1; Expires=Mon, 10 Oct 2022 18:03:29 GMT; Max-Age=1209600; Domain=.eskimi.com; Path=/; Secure; SameSite=None
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
cache-control: no-cache
date: Mon, 26 Sep 2022 18:03:28 GMT
content-type: application/json
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
dwmu1hf7ovvid.cloudfront.net/logos/payments/dinners_discover.webp
200 OK 4.9 kB URL HTTP/2 dwmu1hf7ovvid.cloudfront.net/logos/payments/dinners_discover.webp
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 6ea8d660b5467827c912554aabe647d5
4570f9ecbcb61f9a2c44cd16ab737fb0e2b4cebd
2221037740fca246343805287f1d37d254f7942155f6b4c8572ac553f1bad5c6
GET /logos/payments/dinners_discover.webp HTTP/1.1
Host: dwmu1hf7ovvid.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/webp
content-length: 4926
last-modified: Fri, 25 Feb 2022 07:48:25 GMT
x-amz-version-id: UHAkVVlDSlfVyn0QaFp_FgwNMMIk82nh
accept-ranges: bytes
server: AmazonS3
date: Sun, 25 Sep 2022 21:39:26 GMT
etag: "6ea8d660b5467827c912554aabe647d5"
x-cache: Hit from cloudfront
via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: GqnXAUKVNeED015ah4_qI46lfkuC_CuE1RnS90Bk6YSb2gObFEUBmg==
age: 73445
X-Firefox-Spdy: h2
20bet.com/configuration.js
200 OK 5.9 kB URL HTTP/2 20bet.com/configuration.js
IP
Hash c259169b0a96f233e174e0410af3eec3
bcd897b9b7b1bfd58f57c2136c5b362f9291e0aa
c4bd0688aaa1565496ed4139e1dbe68fa495b447d63216cd8788b2194e6f7120
GET /configuration.js HTTP/1.1
Host: 20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/casino?btag=655020_5BD7A9B6B8284D4692ECB34435B01F1D&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-20bet-EU-NotReg-popFTDCasino&utm_term=Ubidex-20bet-EU-NotReg-pop-FTDCasino&subid=43d9dqqk2ciqevr712
Cookie: preferred-language=en; btag=655020_5BD7A9B6B8284D4692ECB34435B01F1D; subid=43d9dqqk2ciqevr712; utm_campaign=Ubidex-20bet-EU-NotReg-popFTDCasino; utm_medium=Ubidex; utm_source=retarget; utm_term=Ubidex-20bet-EU-NotReg-pop-FTDCasino
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 18:03:28 GMT
content-type: text/javascript; charset=UTF-8
x-powered-by: PHP/7.4.29
cache-control: max-age=0, must-revalidate, private
expires: Mon, 26 Sep 2022 18:03:28 GMT
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: BYPASS
vary: Accept-Encoding
server: cloudflare
cf-ray: 750dea9b1e071c06-OSL
content-encoding: br
X-Firefox-Spdy: h2
platform.20bet.com/api/v2/casino/category?isLive=0&auth=false
200 OK 58 kB URL HTTP/2 platform.20bet.com/api/v2/casino/category?isLive=0&auth=false
IP
File type JSON data\012- , ASCII text, with very long lines (1038), with no line terminators
Hash 95ef97abdec171df9919775b55e158e3
03d393d2d7745a72d09c8123d8fb76f9b69c09d5
34c157205f7e2b40d2fcbfde7f610e3e723b0f1970182c94fc2262a8fdb584c6
GET /api/v2/casino/category?isLive=0&auth=false HTTP/1.1
Host: platform.20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
client-timezone: UTC
Origin: https://20bet.com
Connection: keep-alive
Referer: https://20bet.com/
Cookie: _sp_srt_ses.1d36=*; _sp_srt_id.1d36=68b83fef-3c13-4a11-9e6e-606ad6b863c8.1664215407.1.1664215407.1664215407.7c62c39b-2adb-4e6b-bc2e-3f5188733984; _ga_J9LNZYMXZE=GS1.1.1664215406.1.0.1664215406.0.0.0; _ga=GA1.2.1723472836.1664215407; DV_TRACK=b6251639-a050-4909-b3e1-02e83e51cfdd; _gid=GA1.2.1828877326.1664215407; _gat_UA-179168354-1=1; _ym_uid=16642154081018845130; _ym_d=1664215408
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 18:03:30 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.30
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 750deaa7fdf01c06-OSL
content-encoding: br
X-Firefox-Spdy: h2
dwmu1hf7ovvid.cloudfront.net/logos/payments/visa.webp
200 OK 6.6 kB URL HTTP/2 dwmu1hf7ovvid.cloudfront.net/logos/payments/visa.webp
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash ee2fad6bac293e4ca7ab69e783d4e2cd
f11c25ce6201ed8431bf370ba8163a8b96a629ea
75e10393bb2bf4d84cf86b733f85db33b66e7bf6e2538dc601d8772d2bfcad87
GET /logos/payments/visa.webp HTTP/1.1
Host: dwmu1hf7ovvid.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/webp
content-length: 6550
last-modified: Fri, 25 Feb 2022 07:48:25 GMT
x-amz-version-id: pIXrhOThuPwmmXfQM00f4w8j43Wb2AWV
accept-ranges: bytes
server: AmazonS3
date: Sun, 25 Sep 2022 21:39:26 GMT
etag: "ee2fad6bac293e4ca7ab69e783d4e2cd"
x-cache: Hit from cloudfront
via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Grb7GEUYXKu3lTaIY2EsSn_RgXbll-5Of4z7sXsxCuZsp5qgD_mHNQ==
age: 73445
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/advert.gif
200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Mon, 26 Sep 2022 18:03:30 GMT
access-control-allow-origin: *
etag: "632d6d03-2b"
expires: Mon, 26 Sep 2022 19:03:30 GMT
accept-ranges: bytes
last-modified: Fri, 23 Sep 2022 11:23:31 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=9054575&url=https%3A%2F%2F20bet.com%2Fcasino%3Fbtag%3D655020_5BD7A9B6B8284D4692ECB34435B01F1D%26utm_source%3Dretarget%26utm_medium%3DUbidex%26utm_campaign%3DUbidex-20bet-EU-NotReg-popFTDCasino%26utm_term%3DUbidex-20bet-EU-NotReg-pop-FTDCasino%26subid%3D43d9dqqk2ciqevr712&channel_type=code&jsonp=__wjbluin1cfn
200 OK 625 B URL HTTP/2 api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=9054575&url=https%3A%2F%2F20bet.com%2Fcasino%3Fbtag%3D655020_5BD7A9B6B8284D4692ECB34435B01F1D%26utm_source%3Dretarget%26utm_medium%3DUbidex%26utm_campaign%3DUbidex-20bet-EU-NotReg-popFTDCasino%26utm_term%3DUbidex-20bet-EU-NotReg-pop-FTDCasino%26subid%3D43d9dqqk2ciqevr712&channel_type=code&jsonp=__wjbluin1cfn
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (625), with no line terminators
Hash 0de210181313927afa060f3c4ff83f15
2ac29e8f9159885ad560f8c19a52ddb16464180a
9d0fc0e1462623223369588a75f8af9baae1157e7265c6085de1051ff200243e
GET /v3.3/customer/action/get_dynamic_configuration?license_id=9054575&url=https%3A%2F%2F20bet.com%2Fcasino%3Fbtag%3D655020_5BD7A9B6B8284D4692ECB34435B01F1D%26utm_source%3Dretarget%26utm_medium%3DUbidex%26utm_campaign%3DUbidex-20bet-EU-NotReg-popFTDCasino%26utm_term%3DUbidex-20bet-EU-NotReg-pop-FTDCasino%26subid%3D43d9dqqk2ciqevr712&channel_type=code&jsonp=__wjbluin1cfn HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-security-policy: frame-ancestors https://20bet.com/;
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
vary: Accept-Encoding
x-frame-options: allow-from https://20bet.com/
content-length: 625
date: Mon, 26 Sep 2022 18:03:30 GMT
X-Firefox-Spdy: h2
main.exdynsrv.com/tag.php?goal=8b2e6ea6f4f288415527d8eb7f5c3dc2
200 OK 20 B URL HTTP/1.1 main.exdynsrv.com/tag.php?goal=8b2e6ea6f4f288415527d8eb7f5c3dc2
IP
ASN #60781 LeaseWeb Netherlands B.V.
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /tag.php?goal=8b2e6ea6f4f288415527d8eb7f5c3dc2 HTTP/1.1
Host: main.exdynsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 18:03:30 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: goals=a%3A1%3A%7Bi%3A93090%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-09-26%22%3B%7D%7D; expires=Tue, 26 Sep 2023 18:03:30 GMT; path=/; domain=.exdynsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
api.livechatinc.com/v3.3/customer/action/get_configuration?license_id=9054575&version=298342.12.12.41670.1209.1285.266.16.3.3.3.244&group_id=24&jsonp=__lc_static_config
200 OK 1.4 kB URL HTTP/2 api.livechatinc.com/v3.3/customer/action/get_configuration?license_id=9054575&version=298342.12.12.41670.1209.1285.266.16.3.3.3.244&group_id=24&jsonp=__lc_static_config
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (3975), with no line terminators
Hash e99bd2b36ca97a84d33b3c42f4b15cac
da6d55cac6fc3ee4175c0a3112fa5ffce75c39bc
20646b3eab8d01c8a2a495d01111a64279d56c40fcab6786f215284901422745
GET /v3.3/customer/action/get_configuration?license_id=9054575&version=298342.12.12.41670.1209.1285.266.16.3.3.3.244&group_id=24&jsonp=__lc_static_config HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
vary: Accept-Encoding
content-length: 1379
cache-control: public, max-age=525
expires: Mon, 26 Sep 2022 18:12:15 GMT
date: Mon, 26 Sep 2022 18:03:30 GMT
X-Firefox-Spdy: h2
main.realsrv.com/tag.php?goal=8b2e6ea6f4f288415527d8eb7f5c3dc2
200 OK 20 B URL HTTP/1.1 main.realsrv.com/tag.php?goal=8b2e6ea6f4f288415527d8eb7f5c3dc2
IP
ASN #60781 LeaseWeb Netherlands B.V.
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /tag.php?goal=8b2e6ea6f4f288415527d8eb7f5c3dc2 HTTP/1.1
Host: main.realsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Sep 2022 18:03:30 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: goals=a%3A1%3A%7Bi%3A93090%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-09-26%22%3B%7D%7D; expires=Tue, 26 Sep 2023 18:03:30 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
ocsp.sectigo.com/
200 OK 471 B IP
Hash 0869109d63ef5270595fb34384023a90
f2ec69fdaca2a0327cd3599ac05d0051df3dee41
c4a67afda7094519228049f837e2e0c1674148bd2e564ae2dccc3458bbdb9ed4
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 18:03:30 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 26 Sep 2022 06:25:19 GMT
Expires: Mon, 03 Oct 2022 06:25:18 GMT
Etag: "f2ec69fdaca2a0327cd3599ac05d0051df3dee41"
Cache-Control: max-age=562307,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 750deaac1ad5b4f9-OSL
api.livechatinc.com/v3.3/customer/action/get_localization?license_id=9054575&version=ff93808ef52c6dd040640c4853b854bd&language=en&group_id=24&jsonp=__lc_localization
200 OK 3.8 kB URL HTTP/2 api.livechatinc.com/v3.3/customer/action/get_localization?license_id=9054575&version=ff93808ef52c6dd040640c4853b854bd&language=en&group_id=24&jsonp=__lc_localization
IP
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (10855), with no line terminators
Hash 90496f5489197d6329e4a1724baac913
b05f8c26e827877f2e5930e1af0b8145fa45a307
b08b6783533f02ddfe54df4f74a25700b2d7a889ecec51f1da2f7f5b58b0a269
GET /v3.3/customer/action/get_localization?license_id=9054575&version=ff93808ef52c6dd040640c4853b854bd&language=en&group_id=24&jsonp=__lc_localization HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
vary: Accept-Encoding
cache-control: public, max-age=525
expires: Mon, 26 Sep 2022 18:12:15 GMT
date: Mon, 26 Sep 2022 18:03:30 GMT
content-length: 3776
X-Firefox-Spdy: h2
my.rtmark.net/p.js?f=sync&lr=1&partner=cd60a55da311d1562975ffab2a7f08e376179d9ae222cd454571a6753429581a
200 OK 697 B URL HTTP/2 my.rtmark.net/p.js?f=sync&lr=1&partner=cd60a55da311d1562975ffab2a7f08e376179d9ae222cd454571a6753429581a
IP
Hash 50bd6e5705d2521bca2b787e709a056b
6216f7e6fce68eba983e254863c86f29248531b0
0f9b337808a018383c64035060134c4bbf0d8de9e9541284ab5ffaa9f42cd434
GET /p.js?f=sync&lr=1&partner=cd60a55da311d1562975ffab2a7f08e376179d9ae222cd454571a6753429581a HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 18:03:30 GMT
content-type: text/javascript
content-length: 697
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
secure.livechatinc.com/customer/action/open_chat?license_id=9054575&group=24&embedded=1&widget_version=3&unique_groups=0
200 OK 2.0 kB URL HTTP/2 secure.livechatinc.com/customer/action/open_chat?license_id=9054575&group=24&embedded=1&widget_version=3&unique_groups=0
IP
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4424), with no line terminators
Hash 9c3f16244be088f5cecf655868ac333a
597c9d5cc676f8391f669a8b63f0f2c79e7fe5cd
bcb414813b0925c5998a0ab7ceabf75130cfbcde72418189844ddcc0ef5e5e46
GET /customer/action/open_chat?license_id=9054575&group=24&embedded=1&widget_version=3&unique_groups=0 HTTP/1.1
Host: secure.livechatinc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: text/html; charset=utf-8
vary: Accept-Encoding
content-length: 1966
date: Mon, 26 Sep 2022 18:03:31 GMT
X-Firefox-Spdy: h2
20bet.com/assets/placeholders/games/190x190.png
200 OK 7.0 kB URL HTTP/2 20bet.com/assets/placeholders/games/190x190.png
IP
File type PNG image data, 190 x 190, 8-bit/color RGBA, non-interlaced\012- data
Hash 9283bd080c01ccbbb87480d4baecae32
f7bcba62d6571f4d33fd590d09510442bd3f3f47
8860cf92a6813fb4c5c96574e04f1aebfbe670f84d05a4563efbb8a1248ad4bc
GET /assets/placeholders/games/190x190.png HTTP/1.1
Host: 20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/casino?btag=655020_5BD7A9B6B8284D4692ECB34435B01F1D&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-20bet-EU-NotReg-popFTDCasino&utm_term=Ubidex-20bet-EU-NotReg-pop-FTDCasino&subid=43d9dqqk2ciqevr712
Cookie: preferred-language=en; btag=655020_5BD7A9B6B8284D4692ECB34435B01F1D; subid=43d9dqqk2ciqevr712; utm_campaign=Ubidex-20bet-EU-NotReg-popFTDCasino; utm_medium=Ubidex; utm_source=retarget; utm_term=Ubidex-20bet-EU-NotReg-pop-FTDCasino; _sp_srt_ses.1d36=*; _sp_srt_id.1d36=68b83fef-3c13-4a11-9e6e-606ad6b863c8.1664215407.1.1664215407.1664215407.7c62c39b-2adb-4e6b-bc2e-3f5188733984; _ga_J9LNZYMXZE=GS1.1.1664215406.1.0.1664215406.0.0.0; _ga=GA1.2.1723472836.1664215407; DV_TRACK=b6251639-a050-4909-b3e1-02e83e51cfdd; _gid=GA1.2.1828877326.1664215407; _gat_UA-179168354-1=1; _ym_uid=16642154081018845130; _ym_d=1664215408; _ym_visorc=b; _fbp=fb.1.1664215408680.1604322651; _ym_isad=2; _hjSessionUser_2053477=eyJpZCI6ImZiMDE3MjU2LWJkNDQtNWQwMC1hZDNkLWUwZTQ4MGVmNDE1OSIsImNyZWF0ZWQiOjE2NjQyMTU0MDg2NTQsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjIncludedInSessionSample=0; _hjSession_2053477=eyJpZCI6ImM0OWMxMzM1LTkyZWEtNGI3OC05NDc3LTE0NTVmYjA1OWYxYiIsImNyZWF0ZWQiOjE2NjQyMTU0MDg3ODEsImluU2FtcGxlIjpmYWxzZX0=; _hjAbsoluteSessionInProgress=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 18:03:31 GMT
content-type: image/png
content-length: 6980
last-modified: Mon, 26 Sep 2022 08:27:26 GMT
etag: "6331626e-1b44"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1585
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 750deab04a101c06-OSL
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7838a122-2b2e-4e4c-9bcc-7c6b46a93b1e.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7838a122-2b2e-4e4c-9bcc-7c6b46a93b1e.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 968b9c138702fb5994d1d9eab1a697fa
9660bb2d38079182efbd11d7a687bfc7f9d30751
5ba74820ad451747c8ed25529f06b037bebf4c0616a1f2165c9197c1171db7a6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7838a122-2b2e-4e4c-9bcc-7c6b46a93b1e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 11728
x-amzn-requestid: bf60e58f-c4f4-45c7-923b-0d1539f720f5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCUCGGw7oAMF3wQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cd40-32043c1b1411544f5d00edc0;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:50:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ZRG0Axnhc5RY5rDbnnbauco9dpPeFdkP01UxkpNYI5pgSbfGKWcikw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:16:26 GMT
age: 71225
etag: "9660bb2d38079182efbd11d7a687bfc7f9d30751"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn.softswiss.net/i/s4/pushgaming/Nightfall.webp
200 OK 14 kB URL HTTP/2 cdn.softswiss.net/i/s4/pushgaming/Nightfall.webp
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 190x190, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash bb63a1aee23400624f513c1c1baccddf
aa85aa859ec36ab686257a5542a8c19fa9130051
02867d43ef149ff0c897eebf82c54af850be5f7f13413e7099e3330c62459d3f
GET /i/s4/pushgaming/Nightfall.webp HTTP/1.1
Host: cdn.softswiss.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 18:03:31 GMT
content-type: image/webp
content-length: 14058
last-modified: Wed, 30 Mar 2022 15:15:02 GMT
etag: "624473f6-36ea"
expires: Mon, 26 Sep 2022 23:41:35 GMT
cache-control: max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 60258
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 750deab09aecb4fa-OSL
X-Firefox-Spdy: h2
cdn.softswiss.net/i/s4/pragmaticexternal/GreatRhinoMegaways.webp
200 OK 15 kB URL HTTP/2 cdn.softswiss.net/i/s4/pragmaticexternal/GreatRhinoMegaways.webp
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 190x190, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 45bde2bb1ee8e51d290a6ac1e92e6d40
1884e072fc918b0068f46685da590b3249d29714
25d57538b31262ac959aab6c4ab184d02792ace3b2c9a2746157e3095159fca3
GET /i/s4/pragmaticexternal/GreatRhinoMegaways.webp HTTP/1.1
Host: cdn.softswiss.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 18:03:31 GMT
content-type: image/webp
content-length: 15202
last-modified: Tue, 05 May 2020 09:35:16 GMT
etag: "5eb13354-3b62"
expires: Mon, 26 Sep 2022 15:40:50 GMT
cache-control: max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 86305
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 750deab09af2b4fa-OSL
X-Firefox-Spdy: h2
cdn.softswiss.net/i/s4/belatra/BigWildBuffalo.webp
200 OK 15 kB URL HTTP/2 cdn.softswiss.net/i/s4/belatra/BigWildBuffalo.webp
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 190x190, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash cd2d1c09e2118005995f3494a844cda6
13cf4b1e724274d517f98cc25af314359397567d
e13b5642afda5d2b70d6d091cdae27fd231f143f0d8636f0c0867036ac725d16
GET /i/s4/belatra/BigWildBuffalo.webp HTTP/1.1
Host: cdn.softswiss.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 18:03:31 GMT
content-type: image/webp
content-length: 14792
last-modified: Wed, 29 Jun 2022 06:55:02 GMT
etag: "62bbf746-39c8"
expires: Tue, 27 Sep 2022 13:47:42 GMT
cache-control: max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 12504
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 750deab0ab0eb4fa-OSL
X-Firefox-Spdy: h2
platform.20bet.com/api/v3/casino/game?title=&per_page=25&category_id=22&page=1&has_live=0&is_desktop=1&perPage=25
204 No Content 0 B URL HTTP/2 platform.20bet.com/api/v3/casino/game?title=&per_page=25&category_id=22&page=1&has_live=0&is_desktop=1&perPage=25
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/v3/casino/game?title=&per_page=25&category_id=22&page=1&has_live=0&is_desktop=1&perPage=25 HTTP/1.1
Host: platform.20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://20bet.com/
Origin: https://20bet.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 26 Sep 2022 18:03:31 GMT
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 750deab0d8fb1c0e-OSL
X-Firefox-Spdy: h2
platform.20bet.com/api/v3/casino/game?title=&per_page=25&category_id=41&page=1&has_live=0&is_desktop=1&perPage=25
204 No Content 0 B URL HTTP/2 platform.20bet.com/api/v3/casino/game?title=&per_page=25&category_id=41&page=1&has_live=0&is_desktop=1&perPage=25
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/v3/casino/game?title=&per_page=25&category_id=41&page=1&has_live=0&is_desktop=1&perPage=25 HTTP/1.1
Host: platform.20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://20bet.com/
Origin: https://20bet.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 26 Sep 2022 18:03:31 GMT
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 750deab0d8ff1c0e-OSL
X-Firefox-Spdy: h2
platform.20bet.com/api/v3/casino/game?title=&per_page=25&category_id=24&page=1&has_live=0&is_desktop=1&perPage=25
204 No Content 0 B URL HTTP/2 platform.20bet.com/api/v3/casino/game?title=&per_page=25&category_id=24&page=1&has_live=0&is_desktop=1&perPage=25
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/v3/casino/game?title=&per_page=25&category_id=24&page=1&has_live=0&is_desktop=1&perPage=25 HTTP/1.1
Host: platform.20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://20bet.com/
Origin: https://20bet.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 26 Sep 2022 18:03:31 GMT
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 750deab0e9091c0e-OSL
X-Firefox-Spdy: h2
platform.20bet.com/api/v3/casino/game?title=&per_page=25&category_id=35&page=1&has_live=0&is_desktop=1&perPage=25
204 No Content 0 B URL HTTP/2 platform.20bet.com/api/v3/casino/game?title=&per_page=25&category_id=35&page=1&has_live=0&is_desktop=1&perPage=25
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/v3/casino/game?title=&per_page=25&category_id=35&page=1&has_live=0&is_desktop=1&perPage=25 HTTP/1.1
Host: platform.20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://20bet.com/
Origin: https://20bet.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 26 Sep 2022 18:03:31 GMT
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 750deab0e90a1c0e-OSL
X-Firefox-Spdy: h2
platform.20bet.com/api/v3/casino/game?title=&per_page=25&category_id=53&page=1&has_live=0&is_desktop=1&perPage=25
204 No Content 0 B URL HTTP/2 platform.20bet.com/api/v3/casino/game?title=&per_page=25&category_id=53&page=1&has_live=0&is_desktop=1&perPage=25
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/v3/casino/game?title=&per_page=25&category_id=53&page=1&has_live=0&is_desktop=1&perPage=25 HTTP/1.1
Host: platform.20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://20bet.com/
Origin: https://20bet.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 26 Sep 2022 18:03:31 GMT
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 750deab0e9161c0e-OSL
X-Firefox-Spdy: h2
platform.20bet.com/api/v3/casino/game?title=&per_page=25&category_id=51&page=1&has_live=0&is_desktop=1&perPage=25
204 No Content 0 B URL HTTP/2 platform.20bet.com/api/v3/casino/game?title=&per_page=25&category_id=51&page=1&has_live=0&is_desktop=1&perPage=25
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/v3/casino/game?title=&per_page=25&category_id=51&page=1&has_live=0&is_desktop=1&perPage=25 HTTP/1.1
Host: platform.20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://20bet.com/
Origin: https://20bet.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 26 Sep 2022 18:03:31 GMT
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 750deab0e9101c0e-OSL
X-Firefox-Spdy: h2
platform.20bet.com/api/v3/casino/game?title=&per_page=25&category_id=34&page=1&has_live=0&is_desktop=1&perPage=25
204 No Content 0 B URL HTTP/2 platform.20bet.com/api/v3/casino/game?title=&per_page=25&category_id=34&page=1&has_live=0&is_desktop=1&perPage=25
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/v3/casino/game?title=&per_page=25&category_id=34&page=1&has_live=0&is_desktop=1&perPage=25 HTTP/1.1
Host: platform.20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://20bet.com/
Origin: https://20bet.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 26 Sep 2022 18:03:31 GMT
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 750deab0f9291c0e-OSL
X-Firefox-Spdy: h2
tsyndicate.com/api/v1/retargeting/set/45d3301c-de08-443f-9716-ba31e2632331
200 OK 35 B URL HTTP/2 tsyndicate.com/api/v1/retargeting/set/45d3301c-de08-443f-9716-ba31e2632331
IP
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /api/v1/retargeting/set/45d3301c-de08-443f-9716-ba31e2632331 HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 18:03:31 GMT
content-type: text/plain; charset=utf-8
content-length: 35
pragma: no-cache
expires: 0
vary: *
x-api-version: 1
x-request-id: 22e38e8b09f844e7
set-cookie: ts_rt_45d3301c-de08-443f-9716-ba31e2632331=AAMC; expires=Tue, 26 Sep 2023 18:03:31 GMT; path=/; HttpOnly; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
X-Firefox-Spdy: h2
platform.20bet.com/api/v3/casino/game?title=&per_page=25&category_id=45&page=1&has_live=0&is_desktop=1&perPage=25
204 No Content 0 B URL HTTP/2 platform.20bet.com/api/v3/casino/game?title=&per_page=25&category_id=45&page=1&has_live=0&is_desktop=1&perPage=25
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/v3/casino/game?title=&per_page=25&category_id=45&page=1&has_live=0&is_desktop=1&perPage=25 HTTP/1.1
Host: platform.20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://20bet.com/
Origin: https://20bet.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 26 Sep 2022 18:03:31 GMT
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 750deab0f92b1c0e-OSL
X-Firefox-Spdy: h2
20bet.com/app/5027.503315c7314b935f.esm.js
200 OK 0 B URL HTTP/2 20bet.com/app/5027.503315c7314b935f.esm.js
IP
GET /app/5027.503315c7314b935f.esm.js HTTP/1.1
Host: 20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/casino?btag=655020_5BD7A9B6B8284D4692ECB34435B01F1D&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-20bet-EU-NotReg-popFTDCasino&utm_term=Ubidex-20bet-EU-NotReg-pop-FTDCasino&subid=43d9dqqk2ciqevr712
Cookie: preferred-language=en; btag=655020_5BD7A9B6B8284D4692ECB34435B01F1D; subid=43d9dqqk2ciqevr712; utm_campaign=Ubidex-20bet-EU-NotReg-popFTDCasino; utm_medium=Ubidex; utm_source=retarget; utm_term=Ubidex-20bet-EU-NotReg-pop-FTDCasino; _sp_srt_ses.1d36=*; _sp_srt_id.1d36=68b83fef-3c13-4a11-9e6e-606ad6b863c8.1664215407.1.1664215407.1664215407.7c62c39b-2adb-4e6b-bc2e-3f5188733984; _ga_J9LNZYMXZE=GS1.1.1664215406.1.0.1664215406.0.0.0; _ga=GA1.2.1723472836.1664215407; DV_TRACK=b6251639-a050-4909-b3e1-02e83e51cfdd; _gid=GA1.2.1828877326.1664215407; _gat_UA-179168354-1=1; _ym_uid=16642154081018845130; _ym_d=1664215408
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 18:03:29 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 08:26:45 GMT
etag: W/"63316245-ef"
cache-control: max-age=14400
cf-cache-status: HIT
age: 266
vary: Accept-Encoding
server: cloudflare
cf-ray: 750deaa68baa1c06-OSL
content-encoding: br
X-Firefox-Spdy: h2
platform.20bet.com/api/user/is-auth
200 OK 0 B URL HTTP/2 platform.20bet.com/api/user/is-auth
IP
GET /api/user/is-auth HTTP/1.1
Host: platform.20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
client-timezone: UTC
Origin: https://20bet.com
Connection: keep-alive
Referer: https://20bet.com/
Cookie: _sp_srt_ses.1d36=*; _sp_srt_id.1d36=68b83fef-3c13-4a11-9e6e-606ad6b863c8.1664215407.1.1664215407.1664215407.7c62c39b-2adb-4e6b-bc2e-3f5188733984; _ga_J9LNZYMXZE=GS1.1.1664215406.1.0.1664215406.0.0.0; _ga=GA1.2.1723472836.1664215407; DV_TRACK=b6251639-a050-4909-b3e1-02e83e51cfdd; _gid=GA1.2.1828877326.1664215407; _gat_UA-179168354-1=1; _ym_uid=16642154081018845130; _ym_d=1664215408
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 18:03:29 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.30
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 750deaa7cd7b1c06-OSL
content-encoding: br
X-Firefox-Spdy: h2
20bet.com/app/6485.69e1d2c2eee810bb.esm.js
200 OK 0 B URL HTTP/2 20bet.com/app/6485.69e1d2c2eee810bb.esm.js
IP
GET /app/6485.69e1d2c2eee810bb.esm.js HTTP/1.1
Host: 20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/casino?btag=655020_5BD7A9B6B8284D4692ECB34435B01F1D&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-20bet-EU-NotReg-popFTDCasino&utm_term=Ubidex-20bet-EU-NotReg-pop-FTDCasino&subid=43d9dqqk2ciqevr712
Cookie: preferred-language=en; btag=655020_5BD7A9B6B8284D4692ECB34435B01F1D; subid=43d9dqqk2ciqevr712; utm_campaign=Ubidex-20bet-EU-NotReg-popFTDCasino; utm_medium=Ubidex; utm_source=retarget; utm_term=Ubidex-20bet-EU-NotReg-pop-FTDCasino; _sp_srt_ses.1d36=*; _sp_srt_id.1d36=68b83fef-3c13-4a11-9e6e-606ad6b863c8.1664215407.1.1664215407.1664215407.7c62c39b-2adb-4e6b-bc2e-3f5188733984; _ga_J9LNZYMXZE=GS1.1.1664215406.1.0.1664215406.0.0.0; _ga=GA1.1.1723472836.1664215407; DV_TRACK=b6251639-a050-4909-b3e1-02e83e51cfdd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 18:03:29 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 08:26:41 GMT
etag: W/"63316241-3ff"
cache-control: max-age=14400
cf-cache-status: HIT
age: 266
vary: Accept-Encoding
server: cloudflare
cf-ray: 750deaa31f361c06-OSL
content-encoding: br
X-Firefox-Spdy: h2
20bet.com/casino?btag=655020_5BD7A9B6B8284D4692ECB34435B01F1D&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-20bet-EU-NotReg-popFTDCasino&utm_term=Ubidex-20bet-EU-NotReg-pop-FTDCasino&subid=43d9dqqk2ciqevr712
302 Found 0 B URL HTTP/2 20bet.com/casino?btag=655020_5BD7A9B6B8284D4692ECB34435B01F1D&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-20bet-EU-NotReg-popFTDCasino&utm_term=Ubidex-20bet-EU-NotReg-pop-FTDCasino&subid=43d9dqqk2ciqevr712
IP
GET /casino?btag=655020_5BD7A9B6B8284D4692ECB34435B01F1D&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-20bet-EU-NotReg-popFTDCasino&utm_term=Ubidex-20bet-EU-NotReg-pop-FTDCasino&subid=43d9dqqk2ciqevr712 HTTP/1.1
Host: 20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ts.cvastico.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 26 Sep 2022 18:03:27 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.29
cache-control: no-cache, private
location: /en_ee/casino?btag=655020_5BD7A9B6B8284D4692ECB34435B01F1D&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-20bet-EU-NotReg-popFTDCasino&utm_term=Ubidex-20bet-EU-NotReg-pop-FTDCasino&subid=43d9dqqk2ciqevr712
set-cookie: preferred-language=en_ee; path=/; secure; httponly; samesite=lax
btag=655020_5BD7A9B6B8284D4692ECB34435B01F1D; expires=Wed, 26-Oct-2022 00:00:00 GMT; Max-Age=2526993; path=/; secure; samesite=none
subid=43d9dqqk2ciqevr712; expires=Wed, 26-Oct-2022 00:00:00 GMT; Max-Age=2526993; path=/; secure; samesite=none
utm_campaign=Ubidex-20bet-EU-NotReg-popFTDCasino; expires=Wed, 26-Oct-2022 00:00:00 GMT; Max-Age=2526993; path=/; secure; samesite=lax
utm_medium=Ubidex; expires=Wed, 26-Oct-2022 00:00:00 GMT; Max-Age=2526993; path=/; secure; samesite=lax
utm_source=retarget; expires=Wed, 26-Oct-2022 00:00:00 GMT; Max-Age=2526993; path=/; secure; samesite=lax
utm_term=Ubidex-20bet-EU-NotReg-pop-FTDCasino; expires=Wed, 26-Oct-2022 00:00:00 GMT; Max-Age=2526993; path=/; secure; samesite=lax
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 750dea951e711c06-OSL
X-Firefox-Spdy: h2
20bet.com/app/main.1084f07e36d83537.css
200 OK 0 B URL HTTP/2 20bet.com/app/main.1084f07e36d83537.css
IP
GET /app/main.1084f07e36d83537.css HTTP/1.1
Host: 20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/casino?btag=655020_5BD7A9B6B8284D4692ECB34435B01F1D&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-20bet-EU-NotReg-popFTDCasino&utm_term=Ubidex-20bet-EU-NotReg-pop-FTDCasino&subid=43d9dqqk2ciqevr712
Cookie: preferred-language=en; btag=655020_5BD7A9B6B8284D4692ECB34435B01F1D; subid=43d9dqqk2ciqevr712; utm_campaign=Ubidex-20bet-EU-NotReg-popFTDCasino; utm_medium=Ubidex; utm_source=retarget; utm_term=Ubidex-20bet-EU-NotReg-pop-FTDCasino
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 18:03:27 GMT
content-type: text/css
last-modified: Mon, 26 Sep 2022 08:26:31 GMT
vary: Accept-Encoding
etag: W/"63316237-3d961"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3771
server: cloudflare
cf-ray: 750dea9b1e031c06-OSL
content-encoding: br
X-Firefox-Spdy: h2
20bet.com/assets/fonts/icon-font/icons_defs.svg?V=123
200 OK 0 B URL HTTP/2 20bet.com/assets/fonts/icon-font/icons_defs.svg?V=123
IP
GET /assets/fonts/icon-font/icons_defs.svg?V=123 HTTP/1.1
Host: 20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/casino?btag=655020_5BD7A9B6B8284D4692ECB34435B01F1D&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-20bet-EU-NotReg-popFTDCasino&utm_term=Ubidex-20bet-EU-NotReg-pop-FTDCasino&subid=43d9dqqk2ciqevr712
Cookie: preferred-language=en; btag=655020_5BD7A9B6B8284D4692ECB34435B01F1D; subid=43d9dqqk2ciqevr712; utm_campaign=Ubidex-20bet-EU-NotReg-popFTDCasino; utm_medium=Ubidex; utm_source=retarget; utm_term=Ubidex-20bet-EU-NotReg-pop-FTDCasino; _sp_srt_ses.1d36=*; _sp_srt_id.1d36=68b83fef-3c13-4a11-9e6e-606ad6b863c8.1664215407.1.1664215407.1664215407.7c62c39b-2adb-4e6b-bc2e-3f5188733984; _ga_J9LNZYMXZE=GS1.1.1664215406.1.0.1664215406.0.0.0; _ga=GA1.2.1723472836.1664215407; DV_TRACK=b6251639-a050-4909-b3e1-02e83e51cfdd; _gid=GA1.2.1828877326.1664215407; _gat_UA-179168354-1=1; _ym_uid=16642154081018845130; _ym_d=1664215408
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 18:03:29 GMT
content-type: image/svg+xml
last-modified: Mon, 26 Sep 2022 08:27:20 GMT
vary: Accept-Encoding
etag: W/"63316268-37269"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2938
server: cloudflare
cf-ray: 750deaa6dc081c06-OSL
content-encoding: br
X-Firefox-Spdy: h2
20bet.com/app/9061.160f05377e83e70a.esm.js
200 OK 0 B URL HTTP/2 20bet.com/app/9061.160f05377e83e70a.esm.js
IP
GET /app/9061.160f05377e83e70a.esm.js HTTP/1.1
Host: 20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/casino?btag=655020_5BD7A9B6B8284D4692ECB34435B01F1D&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-20bet-EU-NotReg-popFTDCasino&utm_term=Ubidex-20bet-EU-NotReg-pop-FTDCasino&subid=43d9dqqk2ciqevr712
Cookie: preferred-language=en; btag=655020_5BD7A9B6B8284D4692ECB34435B01F1D; subid=43d9dqqk2ciqevr712; utm_campaign=Ubidex-20bet-EU-NotReg-popFTDCasino; utm_medium=Ubidex; utm_source=retarget; utm_term=Ubidex-20bet-EU-NotReg-pop-FTDCasino; _sp_srt_ses.1d36=*; _sp_srt_id.1d36=68b83fef-3c13-4a11-9e6e-606ad6b863c8.1664215407.1.1664215407.1664215407.7c62c39b-2adb-4e6b-bc2e-3f5188733984; _ga_J9LNZYMXZE=GS1.1.1664215406.1.0.1664215406.0.0.0; _ga=GA1.2.1723472836.1664215407; DV_TRACK=b6251639-a050-4909-b3e1-02e83e51cfdd; _gid=GA1.2.1828877326.1664215407; _gat_UA-179168354-1=1; _ym_uid=16642154081018845130; _ym_d=1664215408; _ym_visorc=b; _fbp=fb.1.1664215408680.1604322651; _ym_isad=2; _hjSessionUser_2053477=eyJpZCI6ImZiMDE3MjU2LWJkNDQtNWQwMC1hZDNkLWUwZTQ4MGVmNDE1OSIsImNyZWF0ZWQiOjE2NjQyMTU0MDg2NTQsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjIncludedInSessionSample=0; _hjSession_2053477=eyJpZCI6ImM0OWMxMzM1LTkyZWEtNGI3OC05NDc3LTE0NTVmYjA1OWYxYiIsImNyZWF0ZWQiOjE2NjQyMTU0MDg3ODEsImluU2FtcGxlIjpmYWxzZX0=; _hjAbsoluteSessionInProgress=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 18:03:31 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 08:26:31 GMT
vary: Accept-Encoding
etag: W/"63316237-414d"
cache-control: max-age=14400
cf-cache-status: EXPIRED
server: cloudflare
cf-ray: 750deab04a041c06-OSL
content-encoding: br
X-Firefox-Spdy: h2
platform.20bet.com/api/match-statuses/get-all/en
200 OK 0 B URL HTTP/2 platform.20bet.com/api/match-statuses/get-all/en
IP
GET /api/match-statuses/get-all/en HTTP/1.1
Host: platform.20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
client-timezone: UTC
Origin: https://20bet.com
Connection: keep-alive
Referer: https://20bet.com/
Cookie: _sp_srt_ses.1d36=*; _sp_srt_id.1d36=68b83fef-3c13-4a11-9e6e-606ad6b863c8.1664215407.1.1664215407.1664215407.7c62c39b-2adb-4e6b-bc2e-3f5188733984; _ga_J9LNZYMXZE=GS1.1.1664215406.1.0.1664215406.0.0.0; _ga=GA1.1.1723472836.1664215407; DV_TRACK=b6251639-a050-4909-b3e1-02e83e51cfdd
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 18:03:29 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.30
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 750deaa4187c1c06-OSL
content-encoding: br
X-Firefox-Spdy: h2
20bet.com/app/runtime.65791a46781cb253.esm.js
200 OK 0 B URL HTTP/2 20bet.com/app/runtime.65791a46781cb253.esm.js
IP
GET /app/runtime.65791a46781cb253.esm.js HTTP/1.1
Host: 20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/casino?btag=655020_5BD7A9B6B8284D4692ECB34435B01F1D&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-20bet-EU-NotReg-popFTDCasino&utm_term=Ubidex-20bet-EU-NotReg-pop-FTDCasino&subid=43d9dqqk2ciqevr712
Cookie: preferred-language=en; btag=655020_5BD7A9B6B8284D4692ECB34435B01F1D; subid=43d9dqqk2ciqevr712; utm_campaign=Ubidex-20bet-EU-NotReg-popFTDCasino; utm_medium=Ubidex; utm_source=retarget; utm_term=Ubidex-20bet-EU-NotReg-pop-FTDCasino; _sp_srt_ses.1d36=*; _sp_srt_id.1d36=68b83fef-3c13-4a11-9e6e-606ad6b863c8.1664215407.1.1664215407.1664215407.7c62c39b-2adb-4e6b-bc2e-3f5188733984
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 18:03:28 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 08:26:50 GMT
vary: Accept-Encoding
etag: W/"6331624a-1438"
cache-control: max-age=14400
cf-cache-status: EXPIRED
server: cloudflare
cf-ray: 750dea9f0a511c06-OSL
content-encoding: br
X-Firefox-Spdy: h2
platform.20bet.com/api/v2/casino/last-winners?limit=4&has_live=0
200 OK 0 B URL HTTP/2 platform.20bet.com/api/v2/casino/last-winners?limit=4&has_live=0
IP
GET /api/v2/casino/last-winners?limit=4&has_live=0 HTTP/1.1
Host: platform.20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
client-timezone: UTC
Origin: https://20bet.com
Connection: keep-alive
Referer: https://20bet.com/
Cookie: _sp_srt_ses.1d36=*; _sp_srt_id.1d36=68b83fef-3c13-4a11-9e6e-606ad6b863c8.1664215407.1.1664215407.1664215407.7c62c39b-2adb-4e6b-bc2e-3f5188733984; _ga_J9LNZYMXZE=GS1.1.1664215406.1.0.1664215406.0.0.0; _ga=GA1.2.1723472836.1664215407; DV_TRACK=b6251639-a050-4909-b3e1-02e83e51cfdd; _gid=GA1.2.1828877326.1664215407; _gat_UA-179168354-1=1; _ym_uid=16642154081018845130; _ym_d=1664215408
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 18:03:30 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.30
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 750deaa7cd791c06-OSL
content-encoding: br
X-Firefox-Spdy: h2
20bet.com/cdn-cgi/rum?
200 OK 0 B IP
POST /cdn-cgi/rum? HTTP/1.1
Host: 20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 435
Origin: https://20bet.com
Connection: keep-alive
Referer: https://20bet.com/casino?btag=655020_5BD7A9B6B8284D4692ECB34435B01F1D&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-20bet-EU-NotReg-popFTDCasino&utm_term=Ubidex-20bet-EU-NotReg-pop-FTDCasino&subid=43d9dqqk2ciqevr712
Cookie: preferred-language=en; btag=655020_5BD7A9B6B8284D4692ECB34435B01F1D; subid=43d9dqqk2ciqevr712; utm_campaign=Ubidex-20bet-EU-NotReg-popFTDCasino; utm_medium=Ubidex; utm_source=retarget; utm_term=Ubidex-20bet-EU-NotReg-pop-FTDCasino; _sp_srt_ses.1d36=*; _sp_srt_id.1d36=68b83fef-3c13-4a11-9e6e-606ad6b863c8.1664215407.1.1664215407.1664215407.7c62c39b-2adb-4e6b-bc2e-3f5188733984; _ga_J9LNZYMXZE=GS1.1.1664215406.1.0.1664215409.0.0.0; _ga=GA1.2.1723472836.1664215407; DV_TRACK=b6251639-a050-4909-b3e1-02e83e51cfdd; _gid=GA1.2.1828877326.1664215407; _gat_UA-179168354-1=1; _ym_uid=16642154081018845130; _ym_d=1664215408; _ym_visorc=b; _fbp=fb.1.1664215408680.1604322651; _ym_isad=2; _hjSessionUser_2053477=eyJpZCI6ImZiMDE3MjU2LWJkNDQtNWQwMC1hZDNkLWUwZTQ4MGVmNDE1OSIsImNyZWF0ZWQiOjE2NjQyMTU0MDg2NTQsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjIncludedInSessionSample=0; _hjSession_2053477=eyJpZCI6ImM0OWMxMzM1LTkyZWEtNGI3OC05NDc3LTE0NTVmYjA1OWYxYiIsImNyZWF0ZWQiOjE2NjQyMTU0MDg3ODEsImluU2FtcGxlIjpmYWxzZX0=; _hjAbsoluteSessionInProgress=0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 18:03:31 GMT
content-type: text/plain
access-control-allow-origin: https://20bet.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 750deab19b651c06-OSL
x-frame-options: DENY
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
platform.20bet.com/api/market-descriptions/get-all-outcomes/en
200 OK 0 B URL HTTP/2 platform.20bet.com/api/market-descriptions/get-all-outcomes/en
IP
GET /api/market-descriptions/get-all-outcomes/en HTTP/1.1
Host: platform.20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
client-timezone: UTC
Origin: https://20bet.com
Connection: keep-alive
Referer: https://20bet.com/
Cookie: _sp_srt_ses.1d36=*; _sp_srt_id.1d36=68b83fef-3c13-4a11-9e6e-606ad6b863c8.1664215407.1.1664215407.1664215407.7c62c39b-2adb-4e6b-bc2e-3f5188733984; _ga_J9LNZYMXZE=GS1.1.1664215406.1.0.1664215406.0.0.0; _ga=GA1.1.1723472836.1664215407; DV_TRACK=b6251639-a050-4909-b3e1-02e83e51cfdd
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 18:03:29 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.30
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 750deaa4a93d1c06-OSL
content-encoding: br
X-Firefox-Spdy: h2
cadrctlnk.com/in/p/?spot_id=54785&cat=25&sub_id=291760455&&utm_source=45314&utm_medium=385784&utm_campaign=FIREFOX_96.0&utm_content=irene-eux.com
200 OK 0 B URL HTTP/2 cadrctlnk.com/in/p/?spot_id=54785&cat=25&sub_id=291760455&&utm_source=45314&utm_medium=385784&utm_campaign=FIREFOX_96.0&utm_content=irene-eux.com
IP
Analyzer Verdict Alert quad9 Sinkholed
GET /in/p/?spot_id=54785&cat=25&sub_id=291760455&&utm_source=45314&utm_medium=385784&utm_campaign=FIREFOX_96.0&utm_content=irene-eux.com HTTP/1.1
Host: cadrctlnk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://irene-eux.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.20.1
date: Mon, 26 Sep 2022 18:03:24 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
vary: Accept-Encoding, *
set-cookie: 1095.0=1; expires=Tue, 27 Sep 2022 18:03:22 GMT; path=/; secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2
20bet.com/app/2984.0d3b08a9672c358a.esm.js
200 OK 0 B URL HTTP/2 20bet.com/app/2984.0d3b08a9672c358a.esm.js
IP
GET /app/2984.0d3b08a9672c358a.esm.js HTTP/1.1
Host: 20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/casino?btag=655020_5BD7A9B6B8284D4692ECB34435B01F1D&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-20bet-EU-NotReg-popFTDCasino&utm_term=Ubidex-20bet-EU-NotReg-pop-FTDCasino&subid=43d9dqqk2ciqevr712
Cookie: preferred-language=en; btag=655020_5BD7A9B6B8284D4692ECB34435B01F1D; subid=43d9dqqk2ciqevr712; utm_campaign=Ubidex-20bet-EU-NotReg-popFTDCasino; utm_medium=Ubidex; utm_source=retarget; utm_term=Ubidex-20bet-EU-NotReg-pop-FTDCasino; _sp_srt_ses.1d36=*; _sp_srt_id.1d36=68b83fef-3c13-4a11-9e6e-606ad6b863c8.1664215407.1.1664215407.1664215407.7c62c39b-2adb-4e6b-bc2e-3f5188733984; _ga_J9LNZYMXZE=GS1.1.1664215406.1.0.1664215406.0.0.0; _ga=GA1.2.1723472836.1664215407; DV_TRACK=b6251639-a050-4909-b3e1-02e83e51cfdd; _gid=GA1.2.1828877326.1664215407; _gat_UA-179168354-1=1; _ym_uid=16642154081018845130; _ym_d=1664215408; _ym_visorc=b; _fbp=fb.1.1664215408680.1604322651; _ym_isad=2; _hjSessionUser_2053477=eyJpZCI6ImZiMDE3MjU2LWJkNDQtNWQwMC1hZDNkLWUwZTQ4MGVmNDE1OSIsImNyZWF0ZWQiOjE2NjQyMTU0MDg2NTQsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjIncludedInSessionSample=0; _hjSession_2053477=eyJpZCI6ImM0OWMxMzM1LTkyZWEtNGI3OC05NDc3LTE0NTVmYjA1OWYxYiIsImNyZWF0ZWQiOjE2NjQyMTU0MDg3ODEsImluU2FtcGxlIjpmYWxzZX0=; _hjAbsoluteSessionInProgress=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 18:03:31 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 08:26:54 GMT
vary: Accept-Encoding
etag: W/"6331624e-a32"
cache-control: max-age=14400
cf-cache-status: EXPIRED
server: cloudflare
cf-ray: 750deab04a011c06-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
200 OK 0 B URL HTTP/2 static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
IP
GET /beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://20bet.com
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 18:03:27 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2021.12.0
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 750dea9b7e900afa-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
20bet.com/app/5609.3eb3d80ef775a105.esm.js
200 OK 0 B URL HTTP/2 20bet.com/app/5609.3eb3d80ef775a105.esm.js
IP
GET /app/5609.3eb3d80ef775a105.esm.js HTTP/1.1
Host: 20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/casino?btag=655020_5BD7A9B6B8284D4692ECB34435B01F1D&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-20bet-EU-NotReg-popFTDCasino&utm_term=Ubidex-20bet-EU-NotReg-pop-FTDCasino&subid=43d9dqqk2ciqevr712
Cookie: preferred-language=en; btag=655020_5BD7A9B6B8284D4692ECB34435B01F1D; subid=43d9dqqk2ciqevr712; utm_campaign=Ubidex-20bet-EU-NotReg-popFTDCasino; utm_medium=Ubidex; utm_source=retarget; utm_term=Ubidex-20bet-EU-NotReg-pop-FTDCasino; _sp_srt_ses.1d36=*; _sp_srt_id.1d36=68b83fef-3c13-4a11-9e6e-606ad6b863c8.1664215407.1.1664215407.1664215407.7c62c39b-2adb-4e6b-bc2e-3f5188733984; _ga_J9LNZYMXZE=GS1.1.1664215406.1.0.1664215406.0.0.0; _ga=GA1.2.1723472836.1664215407; DV_TRACK=b6251639-a050-4909-b3e1-02e83e51cfdd; _gid=GA1.2.1828877326.1664215407; _gat_UA-179168354-1=1; _ym_uid=16642154081018845130; _ym_d=1664215408
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 18:03:29 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 08:26:45 GMT
vary: Accept-Encoding
etag: W/"63316245-1c22"
cache-control: max-age=14400
cf-cache-status: EXPIRED
server: cloudflare
cf-ray: 750deaa67b901c06-OSL
content-encoding: br
X-Firefox-Spdy: h2
platform.20bet.com/api/v2/ip-data
200 OK 0 B URL HTTP/2 platform.20bet.com/api/v2/ip-data
IP
GET /api/v2/ip-data HTTP/1.1
Host: platform.20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
client-timezone: UTC
Origin: https://20bet.com
Connection: keep-alive
Referer: https://20bet.com/
Cookie: _sp_srt_ses.1d36=*; _sp_srt_id.1d36=68b83fef-3c13-4a11-9e6e-606ad6b863c8.1664215407.1.1664215407.1664215407.7c62c39b-2adb-4e6b-bc2e-3f5188733984; _ga_J9LNZYMXZE=GS1.1.1664215406.1.0.1664215406.0.0.0; _ga=GA1.1.1723472836.1664215407; DV_TRACK=b6251639-a050-4909-b3e1-02e83e51cfdd
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 18:03:29 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.30
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 750deaa4a9361c06-OSL
content-encoding: br
X-Firefox-Spdy: h2
20bet.com/app/9290.ed865096d085764e.esm.js
200 OK 0 B URL HTTP/2 20bet.com/app/9290.ed865096d085764e.esm.js
IP
GET /app/9290.ed865096d085764e.esm.js HTTP/1.1
Host: 20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/casino?btag=655020_5BD7A9B6B8284D4692ECB34435B01F1D&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-20bet-EU-NotReg-popFTDCasino&utm_term=Ubidex-20bet-EU-NotReg-pop-FTDCasino&subid=43d9dqqk2ciqevr712
Cookie: preferred-language=en; btag=655020_5BD7A9B6B8284D4692ECB34435B01F1D; subid=43d9dqqk2ciqevr712; utm_campaign=Ubidex-20bet-EU-NotReg-popFTDCasino; utm_medium=Ubidex; utm_source=retarget; utm_term=Ubidex-20bet-EU-NotReg-pop-FTDCasino; _sp_srt_ses.1d36=*; _sp_srt_id.1d36=68b83fef-3c13-4a11-9e6e-606ad6b863c8.1664215407.1.1664215407.1664215407.7c62c39b-2adb-4e6b-bc2e-3f5188733984; _ga_J9LNZYMXZE=GS1.1.1664215406.1.0.1664215406.0.0.0; _ga=GA1.2.1723472836.1664215407; DV_TRACK=b6251639-a050-4909-b3e1-02e83e51cfdd; _gid=GA1.2.1828877326.1664215407; _gat_UA-179168354-1=1; _ym_uid=16642154081018845130; _ym_d=1664215408
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 18:03:29 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 08:26:54 GMT
vary: Accept-Encoding
etag: W/"6331624e-3708"
cache-control: max-age=14400
cf-cache-status: EXPIRED
server: cloudflare
cf-ray: 750deaa68ba11c06-OSL
content-encoding: br
X-Firefox-Spdy: h2
20bet.com/app/vendor.84e9046d17e9905a.esm.js
200 OK 0 B URL HTTP/2 20bet.com/app/vendor.84e9046d17e9905a.esm.js
IP
GET /app/vendor.84e9046d17e9905a.esm.js HTTP/1.1
Host: 20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/casino?btag=655020_5BD7A9B6B8284D4692ECB34435B01F1D&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-20bet-EU-NotReg-popFTDCasino&utm_term=Ubidex-20bet-EU-NotReg-pop-FTDCasino&subid=43d9dqqk2ciqevr712
Cookie: preferred-language=en; btag=655020_5BD7A9B6B8284D4692ECB34435B01F1D; subid=43d9dqqk2ciqevr712; utm_campaign=Ubidex-20bet-EU-NotReg-popFTDCasino; utm_medium=Ubidex; utm_source=retarget; utm_term=Ubidex-20bet-EU-NotReg-pop-FTDCasino; _sp_srt_ses.1d36=*; _sp_srt_id.1d36=68b83fef-3c13-4a11-9e6e-606ad6b863c8.1664215407.1.1664215407.1664215407.7c62c39b-2adb-4e6b-bc2e-3f5188733984
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 18:03:28 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 08:26:32 GMT
vary: Accept-Encoding
etag: W/"63316238-14edbe"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
server: cloudflare
cf-ray: 750dea9f0a521c06-OSL
content-encoding: br
X-Firefox-Spdy: h2
20bet.com/app/polyfills.4743b5f1698ee308.esm.js
200 OK 0 B URL HTTP/2 20bet.com/app/polyfills.4743b5f1698ee308.esm.js
IP
GET /app/polyfills.4743b5f1698ee308.esm.js HTTP/1.1
Host: 20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/casino?btag=655020_5BD7A9B6B8284D4692ECB34435B01F1D&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-20bet-EU-NotReg-popFTDCasino&utm_term=Ubidex-20bet-EU-NotReg-pop-FTDCasino&subid=43d9dqqk2ciqevr712
Cookie: preferred-language=en; btag=655020_5BD7A9B6B8284D4692ECB34435B01F1D; subid=43d9dqqk2ciqevr712; utm_campaign=Ubidex-20bet-EU-NotReg-popFTDCasino; utm_medium=Ubidex; utm_source=retarget; utm_term=Ubidex-20bet-EU-NotReg-pop-FTDCasino; _sp_srt_ses.1d36=*; _sp_srt_id.1d36=68b83fef-3c13-4a11-9e6e-606ad6b863c8.1664215407.1.1664215407.1664215407.7c62c39b-2adb-4e6b-bc2e-3f5188733984
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 18:03:28 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 08:26:50 GMT
vary: Accept-Encoding
etag: W/"6331624a-17348"
cache-control: max-age=14400
cf-cache-status: EXPIRED
server: cloudflare
cf-ray: 750dea9efa501c06-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.seon.io/js/v4/agent.js
200 OK 0 B URL HTTP/2 cdn.seon.io/js/v4/agent.js
IP
GET /js/v4/agent.js HTTP/1.1
Host: cdn.seon.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 09 Sep 2022 15:20:31 GMT
x-amz-version-id: mfjcVMYC8eQg.3.C.jDktKY9HpyiJtFK
server: AmazonS3
content-encoding: gzip
date: Mon, 26 Sep 2022 17:21:20 GMT
cache-control: max-age=3600
etag: W/"7e416f9feeb805e04c423899736c48e2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: FNXqEauytT8wzu72N5-_ivVoepf7BpsmAWtX0Zfb4GBkz6JhSIXGQA==
age: 2535
X-Firefox-Spdy: h2
5.79.68.104
104.18.226.52
23.36.79.16
64.233.162.157
94.130.197.134
54.74.252.125
157.240.200.14
93.184.220.29
104.85.191.64
77.88.21.119