n3jj0.bemobtrcks.com/go/3c486930-0a2f-49b5-84ab-a367c98b5fe8
3.70.16.242302 Found 212 B URL HTTP/1.1 n3jj0.bemobtrcks.com/go/3c486930-0a2f-49b5-84ab-a367c98b5fe8
IP 3.70.16.242:0
File type HTML document, ASCII text, with no line terminators
Hash 8596b4686b6a7293bb8bf8af12063cd9
94d4c92349fea911f7e45650f3a8f73fa41dea71
8bacd748b5f1678a46123564c6f26f347948829f5363f4c3816371fe18da60a9
GET /go/3c486930-0a2f-49b5-84ab-a367c98b5fe8 HTTP/1.1
Host: n3jj0.bemobtrcks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: openresty
Date: Sat, 21 Jan 2023 20:12:46 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 212
Connection: keep-alive
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Reduced
Access-Control-Allow-Origin: *
Location: https://www.highcpmrevenuenetwork.com/gxwefg3r3?key=704aa0a48775b4f547bfd700713e85fd
Set-Cookie: bemob-uniq-visit:3c486930-0a2f-49b5-84ab-a367c98b5fe8=1; Domain=n3jj0.bemobtrcks.com; Path=/; Expires=Sun, 22 Jan 2023 20:12:46 GMT; HttpOnly
bemob-rotation:3c486930-0a2f-49b5-84ab-a367c98b5fe8:random:89f8df934aaf6257ee32070e9efe6050=0-0-0; Domain=n3jj0.bemobtrcks.com; Path=/; Expires=Sun, 22 Jan 2023 20:12:46 GMT; HttpOnly
bemob-click-id=Xg4jeP4ksj1jmUEFP8xMQE; Domain=n3jj0.bemobtrcks.com; Path=/; Expires=Sun, 22 Jan 2023 20:12:46 GMT; HttpOnly
Vary: Accept
X-Response-Time: 37.398ms
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 20d267853e48ef7d476459ed67da5d97
06d1bd08efd69c0e93486d3c423fa2640f372d29
24323cd45ca2ed01c63f908233d9b2ad5bb6f63394884c45bf6abb0221d0edd6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "24323CD45CA2ED01C63F908233D9B2AD5BB6F63394884C45BF6ABB0221D0EDD6"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5894
Expires: Sat, 21 Jan 2023 21:51:00 GMT
Date: Sat, 21 Jan 2023 20:12:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8a5e416451617846248067d72b675125
995b0346adefaf5f2e167d1b81e60cc9afc4f19e
c5fafb9127b71cbd4f7b1a44f755fc4aa0e2f47bbc50de4b15c870a22bf160d9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5FAFB9127B71CBD4F7B1A44F755FC4AA0E2F47BBC50DE4B15C870A22BF160D9"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16252
Expires: Sun, 22 Jan 2023 00:43:38 GMT
Date: Sat, 21 Jan 2023 20:12:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 38c102db4bcfb9c4fb19174986950fd3
51c2cc8a3aca4da5c9ab3438467c29203fc0b0c3
dad6b64bc9f4dd827471ccc2e5273fceee574685376083aaa80f9d2f918037f2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DAD6B64BC9F4DD827471CCC2E5273FCEEE574685376083AAA80F9D2F918037F2"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6402
Expires: Sat, 21 Jan 2023 21:59:28 GMT
Date: Sat, 21 Jan 2023 20:12:46 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 21 Jan 2023 19:49:39 GMT
content-type: application/json
age: 1387
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Jh69UyI1bBg+EnjsEp2Eyh9ml1Oxhjd59AuRrB7QvX8ink0ul8wna5yrD2Ce4qTnZ9+NSuJtSIY=
x-amz-request-id: XY00MYFV7YK2Q0ET
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 21 Jan 2023 19:46:58 GMT
age: 1548
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 21 Jan 2023 20:12:46 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d6e3648d0bf0ec9430138a5b91760601
937cea0fadfd1bce86108413d0e5653f0e5f9ac8
5bc0fe7ec22cebf8ed8deed026d9bb21ba338971c50f6cfb5f93a2a182af0b0e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5BC0FE7EC22CEBF8ED8DEED026D9BB21BA338971C50F6CFB5F93A2A182AF0B0E"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8784
Expires: Sat, 21 Jan 2023 22:39:10 GMT
Date: Sat, 21 Jan 2023 20:12:46 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Expires, Last-Modified, Alert, Content-Type, Content-Length, ETag, Pragma, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 21 Jan 2023 19:48:58 GMT
age: 1429
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
www.highcpmrevenuenetwork.com/gxwefg3r3?key=704aa0a48775b4f547bfd700713e85fd
192.243.59.12200 OK 1.2 kB URL HTTP/1.1 www.highcpmrevenuenetwork.com/gxwefg3r3?key=704aa0a48775b4f547bfd700713e85fd
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash b085233e5a37bd22fd0324f585d1c7ee
8a9a1d6b39fd95982a6757ece23a16e3e95ae11d
137f85cb8ce6bdf9a653d8e3af960085322850a6fb83b7d63372f0540f079514
Analyzer Verdict Alert quad9 Sinkholed
GET /gxwefg3r3?key=704aa0a48775b4f547bfd700713e85fd HTTP/1.1
Host: www.highcpmrevenuenetwork.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sat, 21 Jan 2023 20:12:47 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=17201730; expires=Sun, 22 Jan 2023 20:12:47 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzIwMTczMCwiayI6IjcwNGFhMGE0ODc3NWI0ZjU0N2JmZDcwMDcxM2U4NWZkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODQ1NTcxLCJwaWQiOjQ2MTkzOSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozMSwiYWlkIjoyOCwicHQiOjQsInBrIjoiZ3h3ZWZnM3IzIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiIifX0.3-6ghnpTyJ_O7mQ1IcYc_3B6upynUPGQ0BnPRI_82SU; expires=Sat, 21 Jan 2023 20:13:47 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9b001a3999042a277a23f624d0163a45
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fc96297d0b59147e8f6052b16f1ca13f
23aeddfa143bb9be19b2ed06f2024a3a8aa120ce
034327c6ada560c662f451f3c95cd8531482d4ab51629e95875fab54c8f3e49a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2283
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 20:12:47 GMT
Last-Modified: Sat, 21 Jan 2023 19:34:44 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.26.236.137101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.26.236.137:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: f1ZjRsxTa7NFq8thOp9p+A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: lTJM7oC2U3E/HEfeuvgI5akSmBs=
www.highcpmrevenuenetwork.com/gxwefg3r3?shu=d89576c793aef1ca3f782e3a50ecb36fb81564ed5c36f3bbfe3ef39cae6ca9e4fbf32f57b03e4c2e1eec515bcfb3ea39fc5ac1b06b64a8f690ed4751fb9a5cef93b068e42a752816cedfe48077bfa5b4ca2e08&pst=1674332027&rmtc=t&uuid=&pii=&in=false&key=704aa0a48775b4f547bfd700713e85fd
192.243.59.12302 Found 0 B URL HTTP/1.1 www.highcpmrevenuenetwork.com/gxwefg3r3?shu=d89576c793aef1ca3f782e3a50ecb36fb81564ed5c36f3bbfe3ef39cae6ca9e4fbf32f57b03e4c2e1eec515bcfb3ea39fc5ac1b06b64a8f690ed4751fb9a5cef93b068e42a752816cedfe48077bfa5b4ca2e08&pst=1674332027&rmtc=t&uuid=&pii=&in=false&key=704aa0a48775b4f547bfd700713e85fd
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /gxwefg3r3?shu=d89576c793aef1ca3f782e3a50ecb36fb81564ed5c36f3bbfe3ef39cae6ca9e4fbf32f57b03e4c2e1eec515bcfb3ea39fc5ac1b06b64a8f690ed4751fb9a5cef93b068e42a752816cedfe48077bfa5b4ca2e08&pst=1674332027&rmtc=t&uuid=&pii=&in=false&key=704aa0a48775b4f547bfd700713e85fd HTTP/1.1
Host: www.highcpmrevenuenetwork.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.highcpmrevenuenetwork.com/gxwefg3r3?key=a969ca5c9ad2611762f11b79a526e2d2&submetric=17201730
Cookie: u_pl=17201730; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzIwMTczMCwiayI6IjcwNGFhMGE0ODc3NWI0ZjU0N2JmZDcwMDcxM2U4NWZkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODQ1NTcxLCJwaWQiOjQ2MTkzOSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozMSwiYWlkIjoyOCwicHQiOjQsInBrIjoiZ3h3ZWZnM3IzIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiIifX0.3-6ghnpTyJ_O7mQ1IcYc_3B6upynUPGQ0BnPRI_82SU; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Server: nginx/1.17.6
Date: Sat, 21 Jan 2023 20:12:47 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://asper-media.com/click.php?key=1wojcs0r58urwh6jy9ky&SUB_ID_SHORT=1c4f8c568dfca414bbd98f5efe113c37&COST_CPC=0.002500&PLACEMENT_ID=17201730&CAMPAIGN_ID=720711&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Windows&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&REMOTE_LANGUAGE=11&BANNER_ID=2126475
Set-Cookie: iprced5a646883d9ca9ae16dabe816017d3b=3950617; expires=Sun, 22 Jan 2023 20:12:47 GMT
pdhtkv=true; expires=Sun, 22 Jan 2023 20:12:47 GMT
uncs=1; expires=Sun, 22 Jan 2023 20:12:47 GMT
pdhtkv28=true; expires=Sun, 22 Jan 2023 20:12:47 GMT
uncs28=1; expires=Sun, 22 Jan 2023 20:12:47 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 37ec7d3cf67379be7af606fdf8eb557d
Strict-Transport-Security: max-age=0; includeSubdomains
asper-media.com/click.php?key=1wojcs0r58urwh6jy9ky&SUB_ID_SHORT=1c4f8c568dfca414bbd98f5efe113c37&COST_CPC=0.002500&PLACEMENT_ID=17201730&CAMPAIGN_ID=720711&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Windows&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&REMOTE_LANGUAGE=11&BANNER_ID=2126475
159.89.28.67302 Found 0 B URL HTTP/2 asper-media.com/click.php?key=1wojcs0r58urwh6jy9ky&SUB_ID_SHORT=1c4f8c568dfca414bbd98f5efe113c37&COST_CPC=0.002500&PLACEMENT_ID=17201730&CAMPAIGN_ID=720711&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Windows&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&REMOTE_LANGUAGE=11&BANNER_ID=2126475
IP 159.89.28.67:0
ASN #14061 DIGITALOCEAN-ASN
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click.php?key=1wojcs0r58urwh6jy9ky&SUB_ID_SHORT=1c4f8c568dfca414bbd98f5efe113c37&COST_CPC=0.002500&PLACEMENT_ID=17201730&CAMPAIGN_ID=720711&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Windows&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&REMOTE_LANGUAGE=11&BANNER_ID=2126475 HTTP/1.1
Host: asper-media.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.highcpmrevenuenetwork.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.18.0
date: Sat, 21 Jan 2023 20:12:47 GMT
content-type: text/html; charset=UTF-8
location: https://promo.20bet.partners/redirect.aspx?pid=205174&bid=1971&lpid=1042&clickid=9df44x9ydxstl8a4&campaign=1642&trafficsource=62
set-cookie: uclick=x9ydxstl; expires=Sun, 22-Jan-2023 20:12:47 GMT; Max-Age=86400; path=/; secure; SameSite=none
uclickhash=x9ydxstl-x9ydxstl-us7s-0-pmib-9za7-9za5-598a78; expires=Sun, 22-Jan-2023 20:12:47 GMT; Max-Age=86400; path=/; secure; SameSite=none
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5530e335c38e483c0322f585c977a73b
7b7d18ac7ee6d6f43fd0baba11fdd27660622729
b483d25830daf085713b32a53736b1eaf293513bf608ebe6cbca2ea09162a6ef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B483D25830DAF085713B32A53736B1EAF293513BF608EBE6CBCA2EA09162A6EF"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3692
Expires: Sat, 21 Jan 2023 21:14:20 GMT
Date: Sat, 21 Jan 2023 20:12:48 GMT
Connection: keep-alive
20betlp.com/bonus-wheel-en/?btag=667089_56020FE892A84B32AB0CF9C4953AEB00&clickid=9df44x9ydxstl8a4&campaign=1642&trafficsource=62
37.252.8.95200 OK 1.9 kB URL HTTP/1.1 20betlp.com/bonus-wheel-en/?btag=667089_56020FE892A84B32AB0CF9C4953AEB00&clickid=9df44x9ydxstl8a4&campaign=1642&trafficsource=62
IP 37.252.8.95:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (474)
Hash 680cf4daa1a31b9192a9601e715c7b89
8dee29aa12049a16081e0746d8c18e4d48fbb63d
b18680631feed7054f7251f542ef888fe486c5e04cc610e6ea98292d4c650feb
GET /bonus-wheel-en/?btag=667089_56020FE892A84B32AB0CF9C4953AEB00&clickid=9df44x9ydxstl8a4&campaign=1642&trafficsource=62 HTTP/1.1
Host: 20betlp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.highcpmrevenuenetwork.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sat, 21 Jan 2023 20:12:48 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 14 Nov 2022 15:18:46 GMT
ETag: W/"1580-5ed6fc1775dec"
Strict-Transport-Security: max-age=31536000;
Content-Encoding: gzip
20betlp.com/bonus-wheel-en/css/reset.css
37.252.8.95200 OK 758 B URL HTTP/1.1 20betlp.com/bonus-wheel-en/css/reset.css
IP 37.252.8.95:0
Hash 4efd21f2a250eb9c74738efd20649c5f
d2b04957878a7eb16378885edc870e5d4ed85e0a
854bdd447667d255572764fe724efa5b6f97d9e66452e28010eb850dad46dbb1
GET /bonus-wheel-en/css/reset.css HTTP/1.1
Host: 20betlp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/bonus-wheel-en/?btag=667089_56020FE892A84B32AB0CF9C4953AEB00&clickid=9df44x9ydxstl8a4&campaign=1642&trafficsource=62
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sat, 21 Jan 2023 20:12:48 GMT
Content-Type: text/css
Last-Modified: Mon, 08 Nov 2021 13:54:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"61892bf9-6a6"
Expires: Sat, 21 Jan 2023 20:13:18 GMT
Cache-Control: max-age=30
Strict-Transport-Security: max-age=31536000;
Content-Encoding: gzip
20betlp.com/bonus-wheel-en/js/refers.js
37.252.8.95200 OK 388 B URL HTTP/1.1 20betlp.com/bonus-wheel-en/js/refers.js
IP 37.252.8.95:0
Hash 1a02133cce7b2f9786a3d14737b7acbe
940b4a4f62322d164c6f1ca888ccfbd975839105
3d53e0fdccc953658e13bfe3523749c55818cab7dc61f26b954657b0b1543ec0
GET /bonus-wheel-en/js/refers.js HTTP/1.1
Host: 20betlp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/bonus-wheel-en/?btag=667089_56020FE892A84B32AB0CF9C4953AEB00&clickid=9df44x9ydxstl8a4&campaign=1642&trafficsource=62
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sat, 21 Jan 2023 20:12:48 GMT
Content-Type: application/javascript; charset=UTF-8
Last-Modified: Fri, 12 Nov 2021 10:15:19 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"618e3eb7-29e"
Expires: Sat, 21 Jan 2023 20:13:18 GMT
Cache-Control: max-age=30
Strict-Transport-Security: max-age=31536000;
Content-Encoding: gzip
20betlp.com/bonus-wheel-en/css/main.css
37.252.8.95200 OK 1.8 kB URL HTTP/1.1 20betlp.com/bonus-wheel-en/css/main.css
IP 37.252.8.95:0
Hash 49e5413a26bd3d4d13d60f414dba76de
8aeeb9927881cc873b8b70511122200c6b859343
7322def013c20cef26baa26179065e114db85f87206566dd8be65eb664bfd4db
GET /bonus-wheel-en/css/main.css HTTP/1.1
Host: 20betlp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/bonus-wheel-en/?btag=667089_56020FE892A84B32AB0CF9C4953AEB00&clickid=9df44x9ydxstl8a4&campaign=1642&trafficsource=62
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sat, 21 Jan 2023 20:12:48 GMT
Content-Type: text/css
Last-Modified: Tue, 09 Nov 2021 09:29:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"618a3f92-2071"
Expires: Sat, 21 Jan 2023 20:13:18 GMT
Cache-Control: max-age=30
Strict-Transport-Security: max-age=31536000;
Content-Encoding: gzip
20betlp.com/bonus-wheel-en/css/media.css
37.252.8.95200 OK 683 B URL HTTP/1.1 20betlp.com/bonus-wheel-en/css/media.css
IP 37.252.8.95:0
Hash 62eeedcb147782e36e45fdc1b729986f
a313491431992254578f66c453aeb13cfb74d32f
34fa0adb22eeb0e39ad94be91ec1bc92e2dd12f86695510aec7fbfdd91660bf2
GET /bonus-wheel-en/css/media.css HTTP/1.1
Host: 20betlp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/bonus-wheel-en/?btag=667089_56020FE892A84B32AB0CF9C4953AEB00&clickid=9df44x9ydxstl8a4&campaign=1642&trafficsource=62
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sat, 21 Jan 2023 20:12:48 GMT
Content-Type: text/css
Last-Modified: Tue, 09 Nov 2021 09:35:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"618a40c6-a4f"
Expires: Sat, 21 Jan 2023 20:13:18 GMT
Cache-Control: max-age=30
Strict-Transport-Security: max-age=31536000;
Content-Encoding: gzip
20betlp.com/bonus-wheel-en/css/animation.css
37.252.8.95200 OK 942 B URL HTTP/1.1 20betlp.com/bonus-wheel-en/css/animation.css
IP 37.252.8.95:0
Hash 750d918201188f29886c58f10d4146a4
efc731484d3b10f60de17baf34a4f85c42464a6a
6ca0c67d84ee7da96eef03e0a696ced35ac4d44b6f752a363861a9034b8f560e
GET /bonus-wheel-en/css/animation.css HTTP/1.1
Host: 20betlp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/bonus-wheel-en/?btag=667089_56020FE892A84B32AB0CF9C4953AEB00&clickid=9df44x9ydxstl8a4&campaign=1642&trafficsource=62
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sat, 21 Jan 2023 20:12:48 GMT
Content-Type: text/css
Last-Modified: Wed, 10 Nov 2021 14:37:39 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"618bd933-2f55"
Expires: Sat, 21 Jan 2023 20:13:18 GMT
Cache-Control: max-age=30
Strict-Transport-Security: max-age=31536000;
Content-Encoding: gzip
20betlp.com/bonus-wheel-en/js/main.js
37.252.8.95200 OK 337 B URL HTTP/1.1 20betlp.com/bonus-wheel-en/js/main.js
IP 37.252.8.95:0
Hash 2a749c98673b6fd39be2b6f98dbac273
f536836a45df4c8fed6b667c674e1ec708aa9efe
0638e3aeb297166e0175dcf1abbab179e655196a653682196c7a8e794598fa47
GET /bonus-wheel-en/js/main.js HTTP/1.1
Host: 20betlp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/bonus-wheel-en/?btag=667089_56020FE892A84B32AB0CF9C4953AEB00&clickid=9df44x9ydxstl8a4&campaign=1642&trafficsource=62
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sat, 21 Jan 2023 20:12:48 GMT
Content-Type: application/javascript; charset=UTF-8
Last-Modified: Thu, 11 Nov 2021 10:29:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"618cf09e-40a"
Expires: Sat, 21 Jan 2023 20:13:18 GMT
Cache-Control: max-age=30
Strict-Transport-Security: max-age=31536000;
Content-Encoding: gzip
20betlp.com/bonus-wheel-en/js/jquery-3.3.1.min.js
37.252.8.95200 OK 30 kB URL HTTP/1.1 20betlp.com/bonus-wheel-en/js/jquery-3.3.1.min.js
IP 37.252.8.95:0
File type ASCII text, with very long lines (65451)
Hash 8c94335279b4912ce3f2d6806ce9687a
81f77bfa6a35e3d8260d083074c92a99b8893a36
9075f5a34529dd0bbb9edb86c011a755f5138e2ba7006a12c5c57e87c588c1b8
GET /bonus-wheel-en/js/jquery-3.3.1.min.js HTTP/1.1
Host: 20betlp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/bonus-wheel-en/?btag=667089_56020FE892A84B32AB0CF9C4953AEB00&clickid=9df44x9ydxstl8a4&campaign=1642&trafficsource=62
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sat, 21 Jan 2023 20:12:48 GMT
Content-Type: application/javascript; charset=UTF-8
Last-Modified: Mon, 08 Nov 2021 13:54:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"61892bfa-1538e"
Expires: Sat, 21 Jan 2023 20:13:18 GMT
Cache-Control: max-age=30
Strict-Transport-Security: max-age=31536000;
Content-Encoding: gzip
20betlp.com/bonus-wheel-en/images/logo/visamc_new.png
37.252.8.95200 OK 3.4 kB URL HTTP/1.1 20betlp.com/bonus-wheel-en/images/logo/visamc_new.png
IP 37.252.8.95:0
File type PNG image data, 100 x 33, 8-bit/color RGBA, non-interlaced\012- data
Hash 42ae8796fddaf0636035e39d98c4f15a
de35eaaf6df81c0570ec58833581617ad2099a60
4b9dc457817a3a2578a394834ecd291c8a352ad280e35e62024dda1f2dab73e9
GET /bonus-wheel-en/images/logo/visamc_new.png HTTP/1.1
Host: 20betlp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/bonus-wheel-en/?btag=667089_56020FE892A84B32AB0CF9C4953AEB00&clickid=9df44x9ydxstl8a4&campaign=1642&trafficsource=62
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sat, 21 Jan 2023 20:12:48 GMT
Content-Type: image/png
Content-Length: 3374
Last-Modified: Tue, 09 Nov 2021 09:12:17 GMT
Connection: keep-alive
ETag: "618a3b71-d2e"
Expires: Sat, 21 Jan 2023 20:13:18 GMT
Cache-Control: max-age=30
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
20betlp.com/bonus-wheel-en/images/logo/neteller_new.png
37.252.8.95200 OK 4.2 kB URL HTTP/1.1 20betlp.com/bonus-wheel-en/images/logo/neteller_new.png
IP 37.252.8.95:0
File type PNG image data, 185 x 34, 8-bit/color RGBA, non-interlaced\012- data
Hash 0d4d7708d1139fd4793741e35d091d6d
3a12ff356a277abc12418a656fdd973ea496bac0
464604486ca20b0d844cc62b4af2a8550942aa2972f402d7a8da06e332f7702a
GET /bonus-wheel-en/images/logo/neteller_new.png HTTP/1.1
Host: 20betlp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/bonus-wheel-en/?btag=667089_56020FE892A84B32AB0CF9C4953AEB00&clickid=9df44x9ydxstl8a4&campaign=1642&trafficsource=62
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sat, 21 Jan 2023 20:12:48 GMT
Content-Type: image/png
Content-Length: 4162
Last-Modified: Tue, 09 Nov 2021 09:13:00 GMT
Connection: keep-alive
ETag: "618a3b9c-1042"
Expires: Sat, 21 Jan 2023 20:13:18 GMT
Cache-Control: max-age=30
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
20betlp.com/bonus-wheel-en/images/logo/skrill_new.png
37.252.8.95200 OK 3.1 kB URL HTTP/1.1 20betlp.com/bonus-wheel-en/images/logo/skrill_new.png
IP 37.252.8.95:0
File type PNG image data, 105 x 37, 8-bit/color RGBA, non-interlaced\012- data
Hash f7f53770508e4524d76a646e42489eed
b5b3ee0f8d851744947d03675426f297c9f1dd53
be653dca4bc909851e0ef709ec9ae0feeb50e3a67c8e4454bfff01c6a85b0757
GET /bonus-wheel-en/images/logo/skrill_new.png HTTP/1.1
Host: 20betlp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/bonus-wheel-en/?btag=667089_56020FE892A84B32AB0CF9C4953AEB00&clickid=9df44x9ydxstl8a4&campaign=1642&trafficsource=62
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sat, 21 Jan 2023 20:12:48 GMT
Content-Type: image/png
Content-Length: 3056
Last-Modified: Tue, 09 Nov 2021 09:12:46 GMT
Connection: keep-alive
ETag: "618a3b8e-bf0"
Expires: Sat, 21 Jan 2023 20:13:18 GMT
Cache-Control: max-age=30
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
20betlp.com/bonus-wheel-en/images/logo/flexepin_new.png
37.252.8.95200 OK 2.8 kB URL HTTP/1.1 20betlp.com/bonus-wheel-en/images/logo/flexepin_new.png
IP 37.252.8.95:0
File type PNG image data, 100 x 35, 8-bit/color RGBA, non-interlaced\012- data
Hash f49c033c892d92fe21bbbd093216f94c
cd6648cc417b11747dcc1071c619ee133445abba
b12fb0ae0a41fb3dc4a379f1bae8344cf7b3b093b6f336005964e3c8b298197c
GET /bonus-wheel-en/images/logo/flexepin_new.png HTTP/1.1
Host: 20betlp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/bonus-wheel-en/?btag=667089_56020FE892A84B32AB0CF9C4953AEB00&clickid=9df44x9ydxstl8a4&campaign=1642&trafficsource=62
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sat, 21 Jan 2023 20:12:48 GMT
Content-Type: image/png
Content-Length: 2827
Last-Modified: Tue, 09 Nov 2021 09:13:40 GMT
Connection: keep-alive
ETag: "618a3bc4-b0b"
Expires: Sat, 21 Jan 2023 20:13:18 GMT
Cache-Control: max-age=30
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
20betlp.com/bonus-wheel-en/images/logo/muchbetter.png
37.252.8.95200 OK 4.7 kB URL HTTP/1.1 20betlp.com/bonus-wheel-en/images/logo/muchbetter.png
IP 37.252.8.95:0
File type PNG image data, 161 x 36, 8-bit/color RGBA, non-interlaced\012- data
Hash 909e39a66412fc4b6687e293a69057dd
71b11cf1d7631f1febae4eba3ce40ae0483f8dd6
c6842348624c6b4fa14e6134b46d06ff4f204b86e22cfe0247347643be257cc4
GET /bonus-wheel-en/images/logo/muchbetter.png HTTP/1.1
Host: 20betlp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/bonus-wheel-en/?btag=667089_56020FE892A84B32AB0CF9C4953AEB00&clickid=9df44x9ydxstl8a4&campaign=1642&trafficsource=62
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sat, 21 Jan 2023 20:12:48 GMT
Content-Type: image/png
Content-Length: 4712
Last-Modified: Tue, 09 Nov 2021 09:13:32 GMT
Connection: keep-alive
ETag: "618a3bbc-1268"
Expires: Sat, 21 Jan 2023 20:13:18 GMT
Cache-Control: max-age=30
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
20betlp.com/bonus-wheel-en/images/logo/net_banking.png
37.252.8.95200 OK 2.5 kB URL HTTP/1.1 20betlp.com/bonus-wheel-en/images/logo/net_banking.png
IP 37.252.8.95:0
File type PNG image data, 120 x 49, 8-bit/color RGBA, non-interlaced\012- data
Hash c46d90c5747589b5c68afcd95356c976
7bd5c560be0c147e709fb7836e2b5045bce8aae3
db740d8801f6dc3c0500c5e398b6a8e00a3f15fcf9cb1adbb1e5ae7b4f8c4fd1
GET /bonus-wheel-en/images/logo/net_banking.png HTTP/1.1
Host: 20betlp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/bonus-wheel-en/?btag=667089_56020FE892A84B32AB0CF9C4953AEB00&clickid=9df44x9ydxstl8a4&campaign=1642&trafficsource=62
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sat, 21 Jan 2023 20:12:48 GMT
Content-Type: image/png
Content-Length: 2465
Last-Modified: Tue, 09 Nov 2021 09:13:17 GMT
Connection: keep-alive
ETag: "618a3bad-9a1"
Expires: Sat, 21 Jan 2023 20:13:18 GMT
Cache-Control: max-age=30
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
20betlp.com/bonus-wheel-en/images/logo/GPay.png
37.252.8.95200 OK 2.6 kB URL HTTP/1.1 20betlp.com/bonus-wheel-en/images/logo/GPay.png
IP 37.252.8.95:0
File type PNG image data, 93 x 38, 8-bit/color RGBA, non-interlaced\012- data
Hash 17d672ffde367ad80132340957c887c5
4f712364b138c122c7a00b65c14f683f96fe3bd2
232c254eaaf82129dc93368897f25f1c82161dbeb3f7676d7fabaff1b9e542fa
GET /bonus-wheel-en/images/logo/GPay.png HTTP/1.1
Host: 20betlp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/bonus-wheel-en/?btag=667089_56020FE892A84B32AB0CF9C4953AEB00&clickid=9df44x9ydxstl8a4&campaign=1642&trafficsource=62
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sat, 21 Jan 2023 20:12:48 GMT
Content-Type: image/png
Content-Length: 2570
Last-Modified: Tue, 09 Nov 2021 09:14:10 GMT
Connection: keep-alive
ETag: "618a3be2-a0a"
Expires: Sat, 21 Jan 2023 20:13:18 GMT
Cache-Control: max-age=30
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
20betlp.com/bonus-wheel-en/images/logo/jeton.png
37.252.8.95200 OK 7.1 kB URL HTTP/1.1 20betlp.com/bonus-wheel-en/images/logo/jeton.png
IP 37.252.8.95:0
File type PNG image data, 123 x 39, 8-bit/color RGBA, non-interlaced\012- data
Hash 615d8d9fe9f2056b2fbcd00cb25312cf
57278c236bb6559f44c3e9b64663973ba8317e5b
abab9115e653ee3830e6fe4c0b226a21b4aceb78afd01246aec384d2783633f8
GET /bonus-wheel-en/images/logo/jeton.png HTTP/1.1
Host: 20betlp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/bonus-wheel-en/?btag=667089_56020FE892A84B32AB0CF9C4953AEB00&clickid=9df44x9ydxstl8a4&campaign=1642&trafficsource=62
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sat, 21 Jan 2023 20:12:48 GMT
Content-Type: image/png
Content-Length: 7056
Last-Modified: Tue, 09 Nov 2021 09:13:59 GMT
Connection: keep-alive
ETag: "618a3bd7-1b90"
Expires: Sat, 21 Jan 2023 20:13:18 GMT
Cache-Control: max-age=30
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
20betlp.com/bonus-wheel-en/images/logo/perfectmoney_new.png
37.252.8.95200 OK 5.2 kB URL HTTP/1.1 20betlp.com/bonus-wheel-en/images/logo/perfectmoney_new.png
IP 37.252.8.95:0
File type PNG image data, 168 x 35, 8-bit/color RGBA, non-interlaced\012- data
Hash d29926bb1a723d10d6b5154e6801b6b4
a876e717672fa93ab89e88761e0a2f7585e90b60
6a4a985776ed324898260272af353d531ecd717db104a1d62a49bb64f64f3b19
GET /bonus-wheel-en/images/logo/perfectmoney_new.png HTTP/1.1
Host: 20betlp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/bonus-wheel-en/?btag=667089_56020FE892A84B32AB0CF9C4953AEB00&clickid=9df44x9ydxstl8a4&campaign=1642&trafficsource=62
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sat, 21 Jan 2023 20:12:48 GMT
Content-Type: image/png
Content-Length: 5175
Last-Modified: Tue, 09 Nov 2021 09:13:48 GMT
Connection: keep-alive
ETag: "618a3bcc-1437"
Expires: Sat, 21 Jan 2023 20:13:18 GMT
Cache-Control: max-age=30
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
20betlp.com/bonus-wheel-en/images/copyright.png
37.252.8.95200 OK 3.4 kB URL HTTP/1.1 20betlp.com/bonus-wheel-en/images/copyright.png
IP 37.252.8.95:0
File type PNG image data, 50 x 49, 8-bit/color RGBA, non-interlaced\012- data
Hash 773e24b3c400ffb8bf6619fa6b2a0430
2ed762770d5f3f257df2f648e80e6376b09c8823
d1ecd9f01b462dcd82ae6c90908dbf63d02c35c0eae9b65a17570dd361fe74e4
GET /bonus-wheel-en/images/copyright.png HTTP/1.1
Host: 20betlp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/bonus-wheel-en/?btag=667089_56020FE892A84B32AB0CF9C4953AEB00&clickid=9df44x9ydxstl8a4&campaign=1642&trafficsource=62
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sat, 21 Jan 2023 20:12:48 GMT
Content-Type: image/png
Content-Length: 3443
Last-Modified: Mon, 08 Nov 2021 15:54:19 GMT
Connection: keep-alive
ETag: "6189482b-d73"
Expires: Sat, 21 Jan 2023 20:13:18 GMT
Cache-Control: max-age=30
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
20betlp.com/bonus-wheel-en/images/logo.png
37.252.8.95200 OK 17 kB URL HTTP/1.1 20betlp.com/bonus-wheel-en/images/logo.png
IP 37.252.8.95:0
File type PNG image data, 254 x 124, 8-bit/color RGBA, non-interlaced\012- data
Hash 78def5eabf59675b4f0ee3e6649a03f7
67a6dafdbea7d307b9dfb3b18718e282e46fd219
f1a1ffabc45b0570df933b634a743941db677176ad0a917de8e95848b36f4a47
GET /bonus-wheel-en/images/logo.png HTTP/1.1
Host: 20betlp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/bonus-wheel-en/?btag=667089_56020FE892A84B32AB0CF9C4953AEB00&clickid=9df44x9ydxstl8a4&campaign=1642&trafficsource=62
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sat, 21 Jan 2023 20:12:48 GMT
Content-Type: image/png
Content-Length: 17049
Last-Modified: Tue, 09 Nov 2021 08:59:54 GMT
Connection: keep-alive
ETag: "618a388a-4299"
Expires: Sat, 21 Jan 2023 20:13:18 GMT
Cache-Control: max-age=30
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash c0f67edfa92ff11474d17ad3160ed43e
a43cc627d3c9258bdbe14ff3ceeed1c98496ff50
309dea4b94ceda4ec43c2f944cdfad61434c96eaafd172bc55c39545f3bf5a1e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 20:12:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
20betlp.com/bonus-wheel-en/images/logo/ecopayz.png
37.252.8.95200 OK 5.2 kB URL HTTP/1.1 20betlp.com/bonus-wheel-en/images/logo/ecopayz.png
IP 37.252.8.95:0
File type PNG image data, 146 x 36, 8-bit/color RGBA, non-interlaced\012- data
Hash 0d4dbdc5ecb23f1a8798513f2f728155
f8693c37c36af34771b0d188aed78fd289767e65
1b31125b4beb00232b1566676ff8dda6d68b5dabb2b4471296cc7c10d009b000
GET /bonus-wheel-en/images/logo/ecopayz.png HTTP/1.1
Host: 20betlp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/bonus-wheel-en/?btag=667089_56020FE892A84B32AB0CF9C4953AEB00&clickid=9df44x9ydxstl8a4&campaign=1642&trafficsource=62
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sat, 21 Jan 2023 20:12:48 GMT
Content-Type: image/png
Content-Length: 5161
Last-Modified: Tue, 09 Nov 2021 09:14:25 GMT
Connection: keep-alive
ETag: "618a3bf1-1429"
Expires: Sat, 21 Jan 2023 20:13:18 GMT
Cache-Control: max-age=30
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
20betlp.com/bonus-wheel-en/images/stopper.png
37.252.8.95200 OK 6.9 kB URL HTTP/1.1 20betlp.com/bonus-wheel-en/images/stopper.png
IP 37.252.8.95:0
File type PNG image data, 69 x 81, 8-bit/color RGBA, non-interlaced\012- data
Hash ccdaf73595b088b4fc63428f9fe100e2
081fc4e5f0d9f0b519d40e5dd760ea28f1b7c444
d7d9fcc51b3da99da21f8be521d60b994ef891ee083e68e93c8f76de755ce966
GET /bonus-wheel-en/images/stopper.png HTTP/1.1
Host: 20betlp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/bonus-wheel-en/?btag=667089_56020FE892A84B32AB0CF9C4953AEB00&clickid=9df44x9ydxstl8a4&campaign=1642&trafficsource=62
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sat, 21 Jan 2023 20:12:48 GMT
Content-Type: image/png
Content-Length: 6945
Last-Modified: Mon, 08 Nov 2021 14:28:44 GMT
Connection: keep-alive
ETag: "6189341c-1b21"
Expires: Sat, 21 Jan 2023 20:13:18 GMT
Cache-Control: max-age=30
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
www.googletagmanager.com/gtm.js?id=GTM-55HKBB7
142.250.74.168200 OK 60 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-55HKBB7
IP 142.250.74.168:0
File type ASCII text, with very long lines (26711)
Hash f662ae969cfb3af03a967a200968d8c8
035f98b204c6090cfc4197564477db9349dc8d37
8c92bc92309fe2c4db87da0b65818252ec7d634d3bef53aeea34a327c066d18b
GET /gtm.js?id=GTM-55HKBB7 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 21 Jan 2023 20:12:48 GMT
expires: Sat, 21 Jan 2023 20:12:48 GMT
cache-control: private, max-age=900
last-modified: Sat, 21 Jan 2023 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 59696
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
20betlp.com/bonus-wheel-en/fonts/Roboto-Regular.woff2
37.252.8.95200 OK 63 kB URL HTTP/1.1 20betlp.com/bonus-wheel-en/fonts/Roboto-Regular.woff2
IP 37.252.8.95:0
File type Web Open Font Format (Version 2), TrueType, length 63212, version 1.0\012- data
Hash ac35bf2f313045353c04a3803608fec3
131f8a84c9daa2a8245f0e16dc90ef4a295d0d2a
0aff3d001df2f4a793cb90be4ef4b9b79d0c8d661e568aff19d9c1f0050f2d6b
GET /bonus-wheel-en/fonts/Roboto-Regular.woff2 HTTP/1.1
Host: 20betlp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://20betlp.com/bonus-wheel-en/css/main.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sat, 21 Jan 2023 20:12:48 GMT
Content-Type: font/woff2
Content-Length: 63212
Connection: keep-alive
Last-Modified: Mon, 08 Nov 2021 13:53:58 GMT
ETag: "f6ec-5d047530a6980"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=31536000;
20betlp.com/bonus-wheel-en/images/make-a-spin.png
37.252.8.95200 OK 127 kB URL HTTP/1.1 20betlp.com/bonus-wheel-en/images/make-a-spin.png
IP 37.252.8.95:0
File type PNG image data, 744 x 201, 8-bit/color RGBA, non-interlaced\012- data
Size 127 kB (126955 bytes)
Hash 2cab480711ffc79de987c81449ae9eaa
8ac2d4324e60cebaacd09aaa5c58b54b26d12fca
12ffa9a312269979d2cc05b4b553e54570a8149d6ebc0671d263662bd3dce225
GET /bonus-wheel-en/images/make-a-spin.png HTTP/1.1
Host: 20betlp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/bonus-wheel-en/?btag=667089_56020FE892A84B32AB0CF9C4953AEB00&clickid=9df44x9ydxstl8a4&campaign=1642&trafficsource=62
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sat, 21 Jan 2023 20:12:48 GMT
Content-Type: image/png
Content-Length: 126955
Last-Modified: Mon, 08 Nov 2021 14:47:19 GMT
Connection: keep-alive
ETag: "61893877-1efeb"
Expires: Sat, 21 Jan 2023 20:13:18 GMT
Cache-Control: max-age=30
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash bccd1fe14275d3bb56418297e502cd10
cdf19d2a4099ada369589fc7aa7021f9b30302aa
801e8b57b77806d98fe23b8421a8fdba9f1138827cc320cb5dcc986161aa7ca4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 20:12:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
20betlp.com/bonus-wheel-en/audio/fanfare-2.mp3
37.252.8.95206 Partial Content 101 kB URL HTTP/1.1 20betlp.com/bonus-wheel-en/audio/fanfare-2.mp3
IP 37.252.8.95:0
File type Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 192 kbps, 44.1 kHz, JntStereo\012- data
Size 101 kB (101007 bytes)
Hash 88da6b9ed0e64ef406ab5e7b3474b227
92068d14a2c4cf93de697cf9abc9496c3c5c481b
1210732e4a4fa21a700492498829f6370b9d2a3343bfd5382af9f42b1158d4e3
GET /bonus-wheel-en/audio/fanfare-2.mp3 HTTP/1.1
Host: 20betlp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://20betlp.com/bonus-wheel-en/?btag=667089_56020FE892A84B32AB0CF9C4953AEB00&clickid=9df44x9ydxstl8a4&campaign=1642&trafficsource=62
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 206 Partial Content
Server: nginx/1.14.1
Date: Sat, 21 Jan 2023 20:12:48 GMT
Content-Type: audio/mpeg
Content-Length: 101007
Last-Modified: Mon, 08 Nov 2021 13:54:03 GMT
Connection: keep-alive
ETag: "61892bfb-18a8f"
Expires: Sat, 21 Jan 2023 20:13:18 GMT
Cache-Control: max-age=30
Strict-Transport-Security: max-age=31536000;
Content-Range: bytes 0-101006/101007
20betlp.com/bonus-wheel-en/images/wheel-bg.png
37.252.8.95200 OK 212 kB URL HTTP/1.1 20betlp.com/bonus-wheel-en/images/wheel-bg.png
IP 37.252.8.95:0
File type PNG image data, 601 x 601, 8-bit/color RGBA, non-interlaced\012- data
Size 212 kB (211550 bytes)
Hash 77f3339675a5bf3bca71968782a857a9
31a4c7cbeba109adfafd495cac9f9a5b33d76652
221badfcf9c1a76ed140fe77ada496f91140c841efd09bf2335bbfb336d876bf
GET /bonus-wheel-en/images/wheel-bg.png HTTP/1.1
Host: 20betlp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/bonus-wheel-en/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sat, 21 Jan 2023 20:12:48 GMT
Content-Type: image/png
Content-Length: 211550
Last-Modified: Mon, 08 Nov 2021 14:06:03 GMT
Connection: keep-alive
ETag: "61892ecb-33a5e"
Expires: Sat, 21 Jan 2023 20:13:18 GMT
Cache-Control: max-age=30
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
20betlp.com/bonus-wheel-en/images/spin-btn.png
37.252.8.95200 OK 51 kB URL HTTP/1.1 20betlp.com/bonus-wheel-en/images/spin-btn.png
IP 37.252.8.95:0
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash 618d28fd139fa818dd979927def57561
fb2e676d80e87ba983e8bd6975f0c698829dab04
959554bbe25ce29001bbe2e2b4ba8e862c4a1b962765bf6b179e11fb4b1dea29
GET /bonus-wheel-en/images/spin-btn.png HTTP/1.1
Host: 20betlp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/bonus-wheel-en/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sat, 21 Jan 2023 20:12:48 GMT
Content-Type: image/png
Content-Length: 51216
Last-Modified: Mon, 08 Nov 2021 14:26:51 GMT
Connection: keep-alive
ETag: "618933ab-c810"
Expires: Sat, 21 Jan 2023 20:13:18 GMT
Cache-Control: max-age=30
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
20betlp.com/bonus-wheel-en/audio/fanfare-1.mp3
37.252.8.95206 Partial Content 101 kB URL HTTP/1.1 20betlp.com/bonus-wheel-en/audio/fanfare-1.mp3
IP 37.252.8.95:0
File type Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 192 kbps, 44.1 kHz, JntStereo\012- data
Size 101 kB (101007 bytes)
Hash 54d91dc77f4e905b3d90b66441f6333a
c213f2c642c93ac76191e61d9fe530f39340b361
ae6d928ca56dcdb0635db0cfad425de2edeafb27fa4053eb8e9f30d07ee787c5
GET /bonus-wheel-en/audio/fanfare-1.mp3 HTTP/1.1
Host: 20betlp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://20betlp.com/bonus-wheel-en/?btag=667089_56020FE892A84B32AB0CF9C4953AEB00&clickid=9df44x9ydxstl8a4&campaign=1642&trafficsource=62
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 206 Partial Content
Server: nginx/1.14.1
Date: Sat, 21 Jan 2023 20:12:48 GMT
Content-Type: audio/mpeg
Content-Length: 101007
Last-Modified: Mon, 08 Nov 2021 13:54:03 GMT
Connection: keep-alive
ETag: "61892bfb-18a8f"
Expires: Sat, 21 Jan 2023 20:13:18 GMT
Cache-Control: max-age=30
Strict-Transport-Security: max-age=31536000;
Content-Range: bytes 0-101006/101007
20betlp.com/bonus-wheel-en/images/logo/crypto.png
37.252.8.95200 OK 3.9 kB URL HTTP/1.1 20betlp.com/bonus-wheel-en/images/logo/crypto.png
IP 37.252.8.95:0
File type PNG image data, 112 x 33, 8-bit/color RGBA, non-interlaced\012- data
Hash 4a02abf14ae557f358e5ad08779e5c63
ca1255e1af637643cfc37819686205fa98e52ab7
6b9c714743ae2b5fed2333459c1e6c5c092673ff7243a3b08427abea21b306f2
GET /bonus-wheel-en/images/logo/crypto.png HTTP/1.1
Host: 20betlp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/bonus-wheel-en/?btag=667089_56020FE892A84B32AB0CF9C4953AEB00&clickid=9df44x9ydxstl8a4&campaign=1642&trafficsource=62
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sat, 21 Jan 2023 20:12:48 GMT
Content-Type: image/png
Content-Length: 3940
Last-Modified: Tue, 09 Nov 2021 09:12:36 GMT
Connection: keep-alive
ETag: "618a3b84-f64"
Expires: Sat, 21 Jan 2023 20:13:18 GMT
Cache-Control: max-age=30
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
20betlp.com/bonus-wheel-en/images/logo/sticpay_new.png
37.252.8.95200 OK 5.9 kB URL HTTP/1.1 20betlp.com/bonus-wheel-en/images/logo/sticpay_new.png
IP 37.252.8.95:0
File type PNG image data, 156 x 34, 8-bit/color RGBA, non-interlaced\012- data
Hash 915e8659fe4104a9edca936e3b64af6f
237f1ddfabd6ed0654923ac52f65ed2853479004
37b66b4f7682f3d582194a6509946b7fab719aa66a16e576793abc5402c4fecc
GET /bonus-wheel-en/images/logo/sticpay_new.png HTTP/1.1
Host: 20betlp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/bonus-wheel-en/?btag=667089_56020FE892A84B32AB0CF9C4953AEB00&clickid=9df44x9ydxstl8a4&campaign=1642&trafficsource=62
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sat, 21 Jan 2023 20:12:48 GMT
Content-Type: image/png
Content-Length: 5850
Last-Modified: Tue, 09 Nov 2021 09:14:18 GMT
Connection: keep-alive
ETag: "618a3bea-16da"
Expires: Sat, 21 Jan 2023 20:13:18 GMT
Cache-Control: max-age=30
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
20betlp.com/bonus-wheel-en/images/wheel-fg.png
37.252.8.95200 OK 236 kB URL HTTP/1.1 20betlp.com/bonus-wheel-en/images/wheel-fg.png
IP 37.252.8.95:0
File type PNG image data, 528 x 527, 8-bit/color RGBA, non-interlaced\012- data
Size 236 kB (236388 bytes)
Hash d2e97dbd7ae4c54b415a151f39be0887
9d38dd892fbd1a93e7a61788498f72824e3b9ada
905712289eb6fa7638607e41d96ad085d59a0748f52f6068df99fb8a894b4f47
GET /bonus-wheel-en/images/wheel-fg.png HTTP/1.1
Host: 20betlp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/bonus-wheel-en/?btag=667089_56020FE892A84B32AB0CF9C4953AEB00&clickid=9df44x9ydxstl8a4&campaign=1642&trafficsource=62
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sat, 21 Jan 2023 20:12:48 GMT
Content-Type: image/png
Content-Length: 236388
Last-Modified: Mon, 08 Nov 2021 04:17:16 GMT
Connection: keep-alive
ETag: "6188a4cc-39b64"
Expires: Sat, 21 Jan 2023 20:13:18 GMT
Cache-Control: max-age=30
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
20betlp.com/bonus-wheel-en/audio/wheel.mp3
37.252.8.95206 Partial Content 126 kB URL HTTP/1.1 20betlp.com/bonus-wheel-en/audio/wheel.mp3
IP 37.252.8.95:0
File type Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 192 kbps, 44.1 kHz, JntStereo\012- data
Size 126 kB (126084 bytes)
Hash 20e886554f6b25f85110df851f55a460
0a94793f9bd1866580d62b70a2826904b7e167b0
6fd75847fcb250dd04d637286da58286cf472482af2840f9aabbf5845bb941ca
GET /bonus-wheel-en/audio/wheel.mp3 HTTP/1.1
Host: 20betlp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://20betlp.com/bonus-wheel-en/?btag=667089_56020FE892A84B32AB0CF9C4953AEB00&clickid=9df44x9ydxstl8a4&campaign=1642&trafficsource=62
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 206 Partial Content
Server: nginx/1.14.1
Date: Sat, 21 Jan 2023 20:12:48 GMT
Content-Type: audio/mpeg
Content-Length: 126084
Last-Modified: Mon, 08 Nov 2021 13:54:03 GMT
Connection: keep-alive
ETag: "61892bfb-1ec84"
Expires: Sat, 21 Jan 2023 20:13:18 GMT
Cache-Control: max-age=30
Strict-Transport-Security: max-age=31536000;
Content-Range: bytes 0-126083/126084
20betlp.com/bonus-wheel-en/images/main-bg.png
37.252.8.95200 OK 2.6 MB URL HTTP/1.1 20betlp.com/bonus-wheel-en/images/main-bg.png
IP 37.252.8.95:0
File type PNG image data, 1920 x 1080, 8-bit/color RGBA, non-interlaced\012- data
Size 2.6 MB (2577577 bytes)
Hash 2d4ab198ac7a6dce01ac7edd60989fc5
9b549e73d6f54a81950adf3b8d636b2e8f15657b
8929ccea9d65858ea6428174d8ca029dd52ff1a020d20e10b9ddeac3a33ae5e7
GET /bonus-wheel-en/images/main-bg.png HTTP/1.1
Host: 20betlp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/bonus-wheel-en/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sat, 21 Jan 2023 20:12:48 GMT
Content-Type: image/png
Content-Length: 2577577
Last-Modified: Tue, 09 Nov 2021 08:57:20 GMT
Connection: keep-alive
ETag: "618a37f0-2754a9"
Expires: Sat, 21 Jan 2023 20:13:18 GMT
Cache-Control: max-age=30
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
secure.adnxs.com/seg?add=32401244&t=1
185.89.210.101307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/seg?add=32401244&t=1
IP 185.89.210.101:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /seg?add=32401244&t=1 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sat, 21 Jan 2023 20:12:48 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D32401244%26t%3D1
AN-X-Request-Uuid: 6b419d1d-5fcf-4002-b390-b01452a139fe
Set-Cookie: uuid2=7787461097750450673; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 21-Apr-2023 20:12:48 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ocsp.godaddy.com/
192.124.249.24200 OK 1.8 kB IP 192.124.249.24:0
Hash 1650af3cd580466db29c17ff0c35ce3e
9587dfd70d3fc3a0b0e8638a8eba5090895e2d43
3f4ff3fc32672f61812a7abdd7fe0bbdc9ef55e0f4cf39f4017092e1eeb62e06
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 21 Jan 2023 20:12:48 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 20 Jan 2023 20:35:31 GMT
Expires: Sat, 21 Jan 2023 20:35:31 GMT
ETag: "9587dfd70d3fc3a0b0e8638a8eba5090895e2d43"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
sc-events-sdk.sharechat.com/web-sdk.js
34.120.129.12200 OK 12 kB URL HTTP/2 sc-events-sdk.sharechat.com/web-sdk.js
IP 34.120.129.12:0
File type ASCII text, with very long lines (11862), with no line terminators
Hash 590bf0022120d1610cba44ba02e12810
5dc081270f226a5e3ee9b47ad279ed2b1cdcf492
07886428aa53f7fa0b69b0b5e236e171be8c492d7020686b0fdec11f572c07a8
GET /web-sdk.js HTTP/1.1
Host: sc-events-sdk.sharechat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycduaUzdXgUyx-xvIySlaWn9WgJFHePPhCWNyJ-kdzKYUkKctSLj7EgQDYdFR3Q-QqUB7MwAemX1OVs0zOi1EOpO3NQ
x-goog-generation: 1667891067679001
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 11862
x-goog-hash: crc32c=ZVy9+A==, md5=WQvwAiEg0WEMukS6AuEoEA==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 11862
server: UploadServer
date: Sat, 21 Jan 2023 19:40:36 GMT
expires: Sat, 21 Jan 2023 20:40:36 GMT
cache-control: public, max-age=3600
age: 1932
last-modified: Tue, 08 Nov 2022 07:04:27 GMT
etag: "590bf0022120d1610cba44ba02e12810"
content-type: application/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
secure.adnxs.com/bounce?%2Fseg%3Fadd%3D32401244%26t%3D1
185.89.210.101200 OK 0 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fseg%3Fadd%3D32401244%26t%3D1
IP 185.89.210.101:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fseg%3Fadd%3D32401244%26t%3D1 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20betlp.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sat, 21 Jan 2023 20:12:48 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 98049338-6569-4b1f-9041-1bb4294a2283
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2H`bu]*%)!@wnf-Te9(>wL5L!!'9Q$]27l; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 21-Apr-2023 20:12:48 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
zz.connextra.com/dcs/tagController/tag/d3ea3fb1f9d4/homepage
104.85.191.64200 OK 16 kB URL HTTP/2 zz.connextra.com/dcs/tagController/tag/d3ea3fb1f9d4/homepage
IP 104.85.191.64:0
File type HTML document text\012- exported SGML document, ASCII text, with very long lines (2407)
Hash f5c6ed464a100daeec24c257b81aeba4
f73b688dfff651a1342f8f36b2763f16e8fa976e
c62f6ae2fe15b2279beb5110c4d7827a39865b01b4b53caabcbe5686c8eae626
GET /dcs/tagController/tag/d3ea3fb1f9d4/homepage HTTP/1.1
Host: zz.connextra.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript;charset=utf-8
content-length: 16263
server: istio-envoy
content-encoding: gzip
x-envoy-upstream-service-time: 3
cache-control: must-revalidate, max-age=34
expires: Sat, 21 Jan 2023 20:13:22 GMT
date: Sat, 21 Jan 2023 20:12:48 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.24200 OK 1.8 kB IP 192.124.249.24:0
Hash 1650af3cd580466db29c17ff0c35ce3e
9587dfd70d3fc3a0b0e8638a8eba5090895e2d43
3f4ff3fc32672f61812a7abdd7fe0bbdc9ef55e0f4cf39f4017092e1eeb62e06
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 21 Jan 2023 20:12:48 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 20 Jan 2023 20:35:31 GMT
Expires: Sat, 21 Jan 2023 20:35:31 GMT
ETag: "9587dfd70d3fc3a0b0e8638a8eba5090895e2d43"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2481
Expires: Sat, 21 Jan 2023 20:54:10 GMT
Date: Sat, 21 Jan 2023 20:12:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2481
Expires: Sat, 21 Jan 2023 20:54:10 GMT
Date: Sat, 21 Jan 2023 20:12:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2481
Expires: Sat, 21 Jan 2023 20:54:10 GMT
Date: Sat, 21 Jan 2023 20:12:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2481
Expires: Sat, 21 Jan 2023 20:54:10 GMT
Date: Sat, 21 Jan 2023 20:12:49 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc1d34ea3-007b-405d-b0bb-99fdb4b08159.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc1d34ea3-007b-405d-b0bb-99fdb4b08159.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 447c7832b50421193a9b962e621d8379
eddd33bded6e9c705ed5f0aa2ed036faeefa388f
00946fa4ac2a2c6c23a22e1c5bf2d1d3871975c9730cf522fa7f937bb431e0ba
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc1d34ea3-007b-405d-b0bb-99fdb4b08159.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5963
x-amzn-requestid: ef0681fa-95e9-4c43-94b2-4ebb1ff652b1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e6x_OG3goAMF3wQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c76394-279293ff66d40dd65e0b8481;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 03:12:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 5LBmRNL56mbOmY8ajrSlll2tfCxpMSlKDoym8YzJHUj3fF2Eq61TYw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 11:44:38 GMT
age: 30491
etag: "eddd33bded6e9c705ed5f0aa2ed036faeefa388f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28666e20-8b0b-428c-af81-822361800b23.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28666e20-8b0b-428c-af81-822361800b23.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ee23b50996d59e5b3d4d99af0d0bc05f
76fbdbd85092cb841ca269206de46cc1b6e0f215
20e83f1e7f48eaee8f946958d4bd94d0c876dd2fdab85f3c4dfe088d7726e0eb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28666e20-8b0b-428c-af81-822361800b23.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6902
x-amzn-requestid: eac4818f-27cf-4e74-967f-ba9b761e236f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e0uNuF0QIAMFUEg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c4f724-3a8ae0ba482b10f04c90c3b5;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 07:05:08 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: AKGI_lQSNDKkYkcLfgIsQOt8ghMJbouQt26TehAyOBDEkg0ZU-L_Tw==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 09:28:02 GMT
age: 38687
etag: "76fbdbd85092cb841ca269206de46cc1b6e0f215"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
20betlp.com/bonus-wheel-en/images/favicon.png
37.252.8.95200 OK 2.2 kB URL HTTP/1.1 20betlp.com/bonus-wheel-en/images/favicon.png
IP 37.252.8.95:0
File type PNG image data, 32 x 29, 8-bit colormap, non-interlaced\012- data
Hash 036e0f36b5a13f1fa5ab0dd3241693ff
603c662bc6f6df4adfc53b0ee2b46c2e37bf8e61
432c7a05fd30a114d2edad7833b393a3a5077ca364fbbca7eb256385072f844e
GET /bonus-wheel-en/images/favicon.png HTTP/1.1
Host: 20betlp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/bonus-wheel-en/?btag=667089_56020FE892A84B32AB0CF9C4953AEB00&clickid=9df44x9ydxstl8a4&campaign=1642&trafficsource=62
Cookie: _ga_J9LNZYMXZE=GS1.1.1674331967.1.0.1674331967.0.0.0; _ga=GA1.1.822368312.1674331968
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sat, 21 Jan 2023 20:12:49 GMT
Content-Type: image/png
Content-Length: 2161
Last-Modified: Thu, 07 Oct 2021 12:51:34 GMT
Connection: keep-alive
ETag: "615eed56-871"
Expires: Sat, 21 Jan 2023 20:13:19 GMT
Cache-Control: max-age=30
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F970e5016-1064-4d66-9524-d77906184f93.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F970e5016-1064-4d66-9524-d77906184f93.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2422bc3ba3140462f4507b7a4fe3a746
d2b1d477d56fa40ca4d5e5be4b31667d5e3977a3
90f04120820c28da092bdd235a141a8ae6347f73025dbcf235a1562abf4dd9d6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F970e5016-1064-4d66-9524-d77906184f93.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12866
x-amzn-requestid: fe1078a2-3e26-4906-b7b4-73c9fd315e0a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e6w4ZHPLoAMFw8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c761cf-7ae3119b62b0ccef08dcd2af;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 03:04:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: zL09KSxkGqnwziJ1XtAVONPJ9nxMN1yCzYXvT2ZCWKtHzpStn92YmQ==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 05:46:04 GMT
age: 52005
etag: "d2b1d477d56fa40ca4d5e5be4b31667d5e3977a3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4f85f34-177a-42e1-8337-e98ac6995842.jpeg
34.120.237.76200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4f85f34-177a-42e1-8337-e98ac6995842.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b48f53e84a3ec564b35cf6b0754d09bb
dc7ad580f90e8af4349f409fb0302a79c672ff99
37d8f9a37eed22705123275ac7a36ff34bcdea1b2faaa7108a7112afe5a8201f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4f85f34-177a-42e1-8337-e98ac6995842.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6068
x-amzn-requestid: 8962c77a-e852-426f-b37a-024546e0a2ee
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fD5VKG_zoAMFgZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb08ed-368af491496d024a0142b0e4;Sampled=0
x-amzn-remapped-date: Fri, 20 Jan 2023 21:34:37 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GVOdNzEzcPvkVkDOfnHOI1RPDfuJ_gUmoqYFkge2Qdp87B0wdOA6Bw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 20 Jan 2023 21:40:03 GMT
age: 81166
etag: "dc7ad580f90e8af4349f409fb0302a79c672ff99"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1122c75-908d-4e51-8a61-b64f7ab77c76.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1122c75-908d-4e51-8a61-b64f7ab77c76.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f5195ac5d83278bed049661c0d1aaa4a
74b3e81e1dfc9f0a50aa936ba02b357c0df3aa9e
30af8f591b2d4f7c8de7d52ea53bb170ca426ef0550001c7802a7f993a6344df
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1122c75-908d-4e51-8a61-b64f7ab77c76.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7111
x-amzn-requestid: d9b5e6b0-3995-4c70-be84-0b1b457b7143
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fAmRlHtkIAMFiGg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c9b73d-37d253ee68fe1b7e483097dd;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 21:33:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 86-hgCgiYN-PYLZgXJO79kM9Vm6DIiRixaz-kQZFaY0m5481x8GWlw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 20 Jan 2023 22:10:04 GMT
age: 79365
etag: "74b3e81e1dfc9f0a50aa936ba02b357c0df3aa9e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcee2448b-66c5-48e7-89de-838393cf3f07.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcee2448b-66c5-48e7-89de-838393cf3f07.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b08ef55971faa2683ab9f2af8a11dcec
a46c748cccb714f05a068c2438181328b4fbd57a
1d073abf25fbea2d85f34076eae47f9e89502846815094f5288b8e80762a8fe4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcee2448b-66c5-48e7-89de-838393cf3f07.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11562
x-amzn-requestid: c3864d3b-caaa-4c44-a4bd-9339d0eede69
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e-E1UGw4IAMFtyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c8b4ee-703e32aa596019d42680e599;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 03:11:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ZxoIRkRgzS5Hp0D9gzxOiTg3GatK8zSCIokF3NWUghEUmePltkYVRQ==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 03:38:02 GMT
age: 59687
etag: "a46c748cccb714f05a068c2438181328b4fbd57a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 79a7be7bb907212c182fda49673d7ca5
2cc42e5f3fb486b7d971d02779914a68b4a73fee
cc31bed1fb4ddb4093531d618cf9719019fd88420e8a574623b809db216b1aeb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6464
Cache-Control: max-age=136788
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 20:12:49 GMT
Etag: "63cba155-1d7"
Expires: Mon, 23 Jan 2023 10:12:37 GMT
Last-Modified: Sat, 21 Jan 2023 08:24:53 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 983410dffbd2f6609e689d468279cad3
9ed22350a720ebff727059fa19538dd721252f31
0f772ca05a2b10e54f9d9ba798c555e777461c5d5270b5355df7c303af07297d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4714
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 20:12:49 GMT
Last-Modified: Sat, 21 Jan 2023 18:54:15 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/analytics.js
142.250.74.14200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.14:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Sat, 21 Jan 2023 19:45:20 GMT
expires: Sat, 21 Jan 2023 21:45:20 GMT
cache-control: public, max-age=7200
age: 1649
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
a.exoclick.com/tag_gen.js
205.185.216.10200 OK 515 B URL HTTP/1.1 a.exoclick.com/tag_gen.js
IP 205.185.216.10:0
File type ASCII text, with very long lines (1030), with no line terminators
Hash 628e0302068ade64b5f411f39d5ce7e5
ff1a609269f34bad5ae67ed1678df3f7b905d018
c583ceaeae2e9a05e25c27b61520710f16b8b98ca7f9087a75ae90a040b8bc3f
GET /tag_gen.js HTTP/1.1
Host: a.exoclick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 21 Jan 2023 20:12:49 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 515
Content-Type: application/javascript
Accept-Ranges: bytes
Cache-Control: max-age=10800
Server: nginx
etag: W/"a56c0470b9aa925085e51a6271a"
X-HW: 1674331969.dop202.sk1.t,1674331969.cds208.sk1.shn,1674331969.dop202.sk1.t,1674331969.cds251.sk1.c
Access-Control-Allow-Origin: *, *
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash e27372427e0202ed22ddfc77fbadbb09
6eb7947822271f5a31942556aa6001fb4a897375
76d81a7957e7d3b7e51ea0359bdce57935586f244e1262219bf42f9f51ebd8d8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1536
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 20:12:49 GMT
Last-Modified: Sat, 21 Jan 2023 19:47:13 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 313
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash 9ba458c0d3060a442f3094daf58ec05d
fc35d487d0dd81e6855f1b02367b755609d9608d
17087257ea25c2232c025f338b9f3153d35c3d953cb382b7b6e01728a643bc0b
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: qcMuRLn/gC9Mg3d8SekxIB4HwH/od/9P39nf8u3TxFH3p9y34pP4PjdbWPjKfvbNGUQx1hL1eULf/QhQmLFX0A==
content-length: 27859
x-fb-trip-id: 1904183273
date: Sat, 21 Jan 2023 20:12:49 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 983410dffbd2f6609e689d468279cad3
9ed22350a720ebff727059fa19538dd721252f31
0f772ca05a2b10e54f9d9ba798c555e777461c5d5270b5355df7c303af07297d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4714
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 20:12:49 GMT
Last-Modified: Sat, 21 Jan 2023 18:54:15 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash 462ca4e2ad016036f5939eaf26b3c665
b72abfd5630285dbb09ce1b4a9a684cfca3032ea
ea1da42c8b34529b2e056a0cea5f93711095cf81789bb10ffc9b16e4e949a4d0
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 21 Jan 2023 20:12:49 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Wed, 25 Jan 2023 18:27:57 GMT
ETag: "b72abfd5630285dbb09ce1b4a9a684cfca3032ea"
Last-Modified: Sat, 21 Jan 2023 18:27:58 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1545
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78d2b4f77d8ab509-OSL
ctrack.trafficjunky.net/ctrack?action=list&type=add&id=notregistered&context=20bet.com&cookiename=notregistered&age=262800&maxcookiecount=10
66.254.114.89200 OK 35 B URL HTTP/1.1 ctrack.trafficjunky.net/ctrack?action=list&type=add&id=notregistered&context=20bet.com&cookiename=notregistered&age=262800&maxcookiecount=10
IP 66.254.114.89:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /ctrack?action=list&type=add&id=notregistered&context=20bet.com&cookiename=notregistered&age=262800&maxcookiecount=10 HTTP/1.1
Host: ctrack.trafficjunky.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
server: openresty
date: Sat, 21 Jan 2023 20:12:49 GMT
content-type: image/gif
content-length: 35
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Sun, 22 Jan 1984 03:00:00 GMT
p3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
pragma: no-cache
set-cookie: tj_UUID=631cd2ee2b4f4cf89a98c513c08d9583; Path=/; Domain=trafficjunky.net; Expires=Mon, 20 Feb 2023 20:12:49 GMT; Secure; SameSite=None
tj_UUID_v2=631cd2ee-2b4f-4cf8-9a98-c513c08d9583; Path=/; Domain=trafficjunky.net; Expires=Mon, 20 Feb 2023 20:12:49 GMT; Secure; SameSite=None
1918bc62c1a6d87456120b5ac922270e=notregistered; Path=/; Domain=trafficjunky.net; Expires=Sun, 23 Jul 2023 08:12:49 GMT; Secure; SameSite=None
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-headers: Content-Type
access-control-max-age: 86400
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
x-request-id: 63CC4741-42FE725901BB7220-14D7E500
dsp-trk.eskimi.com/tracking/cssession?tst&id=22441
34.120.139.69304 Not Modified 0 B URL HTTP/2 dsp-trk.eskimi.com/tracking/cssession?tst&id=22441
IP 34.120.139.69:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tracking/cssession?tst&id=22441 HTTP/1.1
Host: dsp-trk.eskimi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://20betlp.com
Connection: keep-alive
Referer: https://20betlp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 304 Not Modified
access-control-allow-origin: https://20betlp.com
access-control-allow-credentials: true
date: Sat, 21 Jan 2023 20:12:49 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 79a7be7bb907212c182fda49673d7ca5
2cc42e5f3fb486b7d971d02779914a68b4a73fee
cc31bed1fb4ddb4093531d618cf9719019fd88420e8a574623b809db216b1aeb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6464
Cache-Control: max-age=136788
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 20:12:49 GMT
Etag: "63cba155-1d7"
Expires: Mon, 23 Jan 2023 10:12:37 GMT
Last-Modified: Sat, 21 Jan 2023 08:24:53 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
main.exdynsrv.com/tag.php?goal=8b2e6ea6f4f288415527d8eb7f5c3dc2
95.211.229.246200 OK 20 B URL HTTP/1.1 main.exdynsrv.com/tag.php?goal=8b2e6ea6f4f288415527d8eb7f5c3dc2
IP 95.211.229.246:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /tag.php?goal=8b2e6ea6f4f288415527d8eb7f5c3dc2 HTTP/1.1
Host: main.exdynsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 21 Jan 2023 20:12:49 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: goals=a%3A1%3A%7Bi%3A93090%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222023-01-21%22%3B%7D%7D; expires=Sun, 21 Jan 2024 20:12:49 GMT; path=/; domain=.exdynsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
main.realsrv.com/tag.php?goal=8b2e6ea6f4f288415527d8eb7f5c3dc2
95.211.229.246200 OK 20 B URL HTTP/1.1 main.realsrv.com/tag.php?goal=8b2e6ea6f4f288415527d8eb7f5c3dc2
IP 95.211.229.246:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /tag.php?goal=8b2e6ea6f4f288415527d8eb7f5c3dc2 HTTP/1.1
Host: main.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 21 Jan 2023 20:12:49 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: goals=a%3A1%3A%7Bi%3A93090%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222023-01-21%22%3B%7D%7D; expires=Sun, 21 Jan 2024 20:12:49 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 48e257c8f2392f159921a40b7d3ffe56
f89f2ea262bd86780848257fb73bcb45019d2dbf
939e3a190c0d0cdc796a73a852b368415660f6bb8f00653af4f8c960ed797fba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "939E3A190C0D0CDC796A73A852B368415660F6BB8F00653AF4F8C960ED797FBA"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15694
Expires: Sun, 22 Jan 2023 00:34:23 GMT
Date: Sat, 21 Jan 2023 20:12:49 GMT
Connection: keep-alive
mc.yandex.ru/metrika/tag.js
87.250.251.119200 OK 74 kB URL HTTP/2 mc.yandex.ru/metrika/tag.js
IP 87.250.251.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (659)
Hash a236c7014c1f1a1e52d356f59e5d665a
b66c638eb2346287364c37725819bbab1f409d66
ad2d57579e453af0eac49156840bcd1dcfbd802a82135af98f41f714d7e698f2
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 73769
date: Sat, 21 Jan 2023 20:12:49 GMT
access-control-allow-origin: *
etag: "63c93a4b-12029"
expires: Sat, 21 Jan 2023 21:12:49 GMT
last-modified: Thu, 19 Jan 2023 15:40:43 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: application/javascript
content-encoding: br
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
my.rtmark.net/p.js?f=sync&lr=1&partner=cd60a55da311d1562975ffab2a7f08e376179d9ae222cd454571a6753429581a
139.45.195.8200 OK 697 B URL HTTP/2 my.rtmark.net/p.js?f=sync&lr=1&partner=cd60a55da311d1562975ffab2a7f08e376179d9ae222cd454571a6753429581a
IP 139.45.195.8:0
Hash 50bd6e5705d2521bca2b787e709a056b
6216f7e6fce68eba983e254863c86f29248531b0
0f9b337808a018383c64035060134c4bbf0d8de9e9541284ab5ffaa9f42cd434
GET /p.js?f=sync&lr=1&partner=cd60a55da311d1562975ffab2a7f08e376179d9ae222cd454571a6753429581a HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 21 Jan 2023 20:12:49 GMT
content-type: text/javascript
content-length: 697
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
tsyndicate.com/api/v1/retargeting/set/45d3301c-de08-443f-9716-ba31e2632331
148.251.19.25200 OK 35 B URL HTTP/2 tsyndicate.com/api/v1/retargeting/set/45d3301c-de08-443f-9716-ba31e2632331
IP 148.251.19.25:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /api/v1/retargeting/set/45d3301c-de08-443f-9716-ba31e2632331 HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 21 Jan 2023 20:12:49 GMT
content-type: text/plain; charset=utf-8
content-length: 35
pragma: no-cache
expires: 0
vary: *
x-api-version: 1
x-request-id: 986f77c74aac3971
set-cookie: ts_rt_45d3301c-de08-443f-9716-ba31e2632331=AAMC; expires=Sun, 21 Jan 2024 20:12:49 GMT; path=/; HttpOnly; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
X-Firefox-Spdy: h2
ctrack.trafficjunky.net/ctrack?action=list&type=add&id=notregistered-new&context=20bet.com&cookiename=notregistered-new&age=259200&maxcookiecount=10
66.254.114.89200 OK 35 B URL HTTP/1.1 ctrack.trafficjunky.net/ctrack?action=list&type=add&id=notregistered-new&context=20bet.com&cookiename=notregistered-new&age=259200&maxcookiecount=10
IP 66.254.114.89:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /ctrack?action=list&type=add&id=notregistered-new&context=20bet.com&cookiename=notregistered-new&age=259200&maxcookiecount=10 HTTP/1.1
Host: ctrack.trafficjunky.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
server: openresty
date: Sat, 21 Jan 2023 20:12:49 GMT
content-type: image/gif
content-length: 35
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Sun, 22 Jan 1984 03:00:00 GMT
p3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
pragma: no-cache
set-cookie: tj_UUID=631cd2ee2b4f4cf89a98c513c08d9583; Path=/; Domain=trafficjunky.net; Expires=Mon, 20 Feb 2023 20:12:49 GMT; Secure; SameSite=None
tj_UUID_v2=631cd2ee-2b4f-4cf8-9a98-c513c08d9583; Path=/; Domain=trafficjunky.net; Expires=Mon, 20 Feb 2023 20:12:49 GMT; Secure; SameSite=None
614ac6550300bc7c00c3f821d11e0512=notregistered-new; Path=/; Domain=trafficjunky.net; Expires=Thu, 20 Jul 2023 20:12:49 GMT; Secure; SameSite=None
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-headers: Content-Type
access-control-max-age: 86400
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
x-request-id: 63CC4741-42FE725901BB7220-14D7E610
region1.google-analytics.com/g/collect?v=2&tid=G-J9LNZYMXZE>m=2oe1i0&_p=1020897282&cid=822368312.1674331968&ul=en-us&sr=1280x1024&_s=1&sid=1674331967&sct=1&seg=0&dl=https%3A%2F%2F20betlp.com%2Fbonus-wheel-en%2F%3Fbtag%3D667089_56020FE892A84B32AB0CF9C4953AEB00%26clickid%3D9df44x9ydxstl8a4%26campaign%3D1642%26trafficsource%3D62&dr=https%3A%2F%2Fwww.highcpmrevenuenetwork.com%2F&dt=20BET%20%7C%20Best%20Online%20Casino%20to%20Win%20Real%20Money&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-J9LNZYMXZE>m=2oe1i0&_p=1020897282&cid=822368312.1674331968&ul=en-us&sr=1280x1024&_s=1&sid=1674331967&sct=1&seg=0&dl=https%3A%2F%2F20betlp.com%2Fbonus-wheel-en%2F%3Fbtag%3D667089_56020FE892A84B32AB0CF9C4953AEB00%26clickid%3D9df44x9ydxstl8a4%26campaign%3D1642%26trafficsource%3D62&dr=https%3A%2F%2Fwww.highcpmrevenuenetwork.com%2F&dt=20BET%20%7C%20Best%20Online%20Casino%20to%20Win%20Real%20Money&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-J9LNZYMXZE>m=2oe1i0&_p=1020897282&cid=822368312.1674331968&ul=en-us&sr=1280x1024&_s=1&sid=1674331967&sct=1&seg=0&dl=https%3A%2F%2F20betlp.com%2Fbonus-wheel-en%2F%3Fbtag%3D667089_56020FE892A84B32AB0CF9C4953AEB00%26clickid%3D9df44x9ydxstl8a4%26campaign%3D1642%26trafficsource%3D62&dr=https%3A%2F%2Fwww.highcpmrevenuenetwork.com%2F&dt=20BET%20%7C%20Best%20Online%20Casino%20to%20Win%20Real%20Money&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://20betlp.com
Connection: keep-alive
Referer: https://20betlp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://20betlp.com
date: Sat, 21 Jan 2023 20:12:49 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/advert.gif
87.250.251.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 87.250.251.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sat, 21 Jan 2023 20:12:49 GMT
access-control-allow-origin: *
etag: "63c93a4b-2b"
expires: Sat, 21 Jan 2023 21:12:49 GMT
accept-ranges: bytes
last-modified: Thu, 19 Jan 2023 15:40:43 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
main.exoclick.com/tag.php?goal=8b2e6ea6f4f288415527d8eb7f5c3dc2
95.211.229.245200 OK 20 B URL HTTP/1.1 main.exoclick.com/tag.php?goal=8b2e6ea6f4f288415527d8eb7f5c3dc2
IP 95.211.229.245:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /tag.php?goal=8b2e6ea6f4f288415527d8eb7f5c3dc2 HTTP/1.1
Host: main.exoclick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 21 Jan 2023 20:12:49 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: goals=a%3A1%3A%7Bi%3A93090%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222023-01-21%22%3B%7D%7D; expires=Sun, 21 Jan 2024 20:12:49 GMT; path=/; domain=.exoclick.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
mc.yandex.ru/watch/73094056/1?wmode=7&page-url=https%3A%2F%2F20betlp.com%2Fbonus-wheel-en%2F%3Fbtag%3D667089_56020FE892A84B32AB0CF9C4953AEB00%26clickid%3D9df44x9ydxstl8a4%26campaign%3D1642%26trafficsource%3D62&page-ref=https%3A%2F%2Fwww.highcpmrevenuenetwork.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A1291%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A29895761256%3Ahid%3A250644383%3Az%3A0%3Ai%3A20230121201248%3Aet%3A1674331969%3Ac%3A1%3Arn%3A884731652%3Arqn%3A1%3Au%3A1674331969888671794%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A34%2C37%2C13%2C2%2C828%2C0%2C%2C340%2C1%2C%2C%2C%2C1284%3Aco%3A0%3Ans%3A1674331966300%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674331969%3At%3A20BET%20%7C%20Best%20Online%20Casino%20to%20Win%20Real%20Money&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
87.250.251.119200 OK 400 B URL HTTP/2 mc.yandex.ru/watch/73094056/1?wmode=7&page-url=https%3A%2F%2F20betlp.com%2Fbonus-wheel-en%2F%3Fbtag%3D667089_56020FE892A84B32AB0CF9C4953AEB00%26clickid%3D9df44x9ydxstl8a4%26campaign%3D1642%26trafficsource%3D62&page-ref=https%3A%2F%2Fwww.highcpmrevenuenetwork.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A1291%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A29895761256%3Ahid%3A250644383%3Az%3A0%3Ai%3A20230121201248%3Aet%3A1674331969%3Ac%3A1%3Arn%3A884731652%3Arqn%3A1%3Au%3A1674331969888671794%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A34%2C37%2C13%2C2%2C828%2C0%2C%2C340%2C1%2C%2C%2C%2C1284%3Aco%3A0%3Ans%3A1674331966300%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674331969%3At%3A20BET%20%7C%20Best%20Online%20Casino%20to%20Win%20Real%20Money&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
IP 87.250.251.119:0
File type JSON data\012- , ASCII text, with very long lines (400), with no line terminators
Hash b2355fe44326361100f2f54ed476d1bd
96adf8e1fd022dafc425cc93fa5f668812a61789
47a5b29a2451e54abe862b6e0bfe6acfbed3bb8447161a8fe9bc3caa9a691c96
GET /watch/73094056/1?wmode=7&page-url=https%3A%2F%2F20betlp.com%2Fbonus-wheel-en%2F%3Fbtag%3D667089_56020FE892A84B32AB0CF9C4953AEB00%26clickid%3D9df44x9ydxstl8a4%26campaign%3D1642%26trafficsource%3D62&page-ref=https%3A%2F%2Fwww.highcpmrevenuenetwork.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A1291%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A29895761256%3Ahid%3A250644383%3Az%3A0%3Ai%3A20230121201248%3Aet%3A1674331969%3Ac%3A1%3Arn%3A884731652%3Arqn%3A1%3Au%3A1674331969888671794%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A34%2C37%2C13%2C2%2C828%2C0%2C%2C340%2C1%2C%2C%2C%2C1284%3Aco%3A0%3Ans%3A1674331966300%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674331969%3At%3A20BET%20%7C%20Best%20Online%20Casino%20to%20Win%20Real%20Money&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://20betlp.com
Referer: https://20betlp.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 400
date: Sat, 21 Jan 2023 20:12:49 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://20betlp.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 21-Jan-2023 20:12:49 GMT
last-modified: Sat, 21-Jan-2023 20:12:49 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5074bfa38808c4a0f18b00a601cfef53
ffc0c526e49251605b2c95d0d1d595f9c702cd9a
6262e4155e8fbf18388f2f38c8e65cb87db94dae66d1dbbd329b4973d8b243df
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 20:12:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
trc.taboola.com/1460267/log/3/unip?item-url=https%3A%2F%2F20betlp.com%2Fbonus-wheel-en%2F%3Fbtag%3D667089_56020FE892A84B32AB0CF9C4953AEB00%26clickid%3D9df44x9ydxstl8a4%26campaign%3D1642%26trafficsource%3D62&ref=https%3A%2F%2Fwww.highcpmrevenuenetwork.com%2F&en=20betcom_notreg
151.101.65.44204 No Content 0 B URL HTTP/2 trc.taboola.com/1460267/log/3/unip?item-url=https%3A%2F%2F20betlp.com%2Fbonus-wheel-en%2F%3Fbtag%3D667089_56020FE892A84B32AB0CF9C4953AEB00%26clickid%3D9df44x9ydxstl8a4%26campaign%3D1642%26trafficsource%3D62&ref=https%3A%2F%2Fwww.highcpmrevenuenetwork.com%2F&en=20betcom_notreg
IP 151.101.65.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1460267/log/3/unip?item-url=https%3A%2F%2F20betlp.com%2Fbonus-wheel-en%2F%3Fbtag%3D667089_56020FE892A84B32AB0CF9C4953AEB00%26clickid%3D9df44x9ydxstl8a4%26campaign%3D1642%26trafficsource%3D62&ref=https%3A%2F%2Fwww.highcpmrevenuenetwork.com%2F&en=20betcom_notreg HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
content-type: image/gif
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
accept-ranges: bytes
date: Sat, 21 Jan 2023 20:12:49 GMT
via: 1.1 varnish
x-served-by: cache-bma1652-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1674331970.586716,VS0,VE93
x-vcl-time-ms: 93
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-179168354-1&cid=822368312.1674331968&jid=331546101&gjid=1245665250&_gid=1597594545.1674331968&_u=YADAAEAAAAAAACAAI~&z=1208510358
64.233.161.156200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-179168354-1&cid=822368312.1674331968&jid=331546101&gjid=1245665250&_gid=1597594545.1674331968&_u=YADAAEAAAAAAACAAI~&z=1208510358
IP 64.233.161.156:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-179168354-1&cid=822368312.1674331968&jid=331546101&gjid=1245665250&_gid=1597594545.1674331968&_u=YADAAEAAAAAAACAAI~&z=1208510358 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://20betlp.com
Connection: keep-alive
Referer: https://20betlp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://20betlp.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 21 Jan 2023 20:12:49 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=4565082360183930&ev=PageView&dl=https%3A%2F%2F20betlp.com%2Fbonus-wheel-en%2F%3Fbtag%3D667089_56020FE892A84B32AB0CF9C4953AEB00%26clickid%3D9df44x9ydxstl8a4%26campaign%3D1642%26trafficsource%3D62&rl=https%3A%2F%2Fwww.highcpmrevenuenetwork.com%2F&if=false&ts=1674331968763&sw=1280&sh=1024&v=2.9.94&r=stable&ec=0&o=30&fbp=fb.1.1674331968762.2059697246&it=1674331968253&coo=false&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=4565082360183930&ev=PageView&dl=https%3A%2F%2F20betlp.com%2Fbonus-wheel-en%2F%3Fbtag%3D667089_56020FE892A84B32AB0CF9C4953AEB00%26clickid%3D9df44x9ydxstl8a4%26campaign%3D1642%26trafficsource%3D62&rl=https%3A%2F%2Fwww.highcpmrevenuenetwork.com%2F&if=false&ts=1674331968763&sw=1280&sh=1024&v=2.9.94&r=stable&ec=0&o=30&fbp=fb.1.1674331968762.2059697246&it=1674331968253&coo=false&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=4565082360183930&ev=PageView&dl=https%3A%2F%2F20betlp.com%2Fbonus-wheel-en%2F%3Fbtag%3D667089_56020FE892A84B32AB0CF9C4953AEB00%26clickid%3D9df44x9ydxstl8a4%26campaign%3D1642%26trafficsource%3D62&rl=https%3A%2F%2Fwww.highcpmrevenuenetwork.com%2F&if=false&ts=1674331968763&sw=1280&sh=1024&v=2.9.94&r=stable&ec=0&o=30&fbp=fb.1.1674331968762.2059697246&it=1674331968253&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sat, 21 Jan 2023 20:12:49 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 875fc1415608498b67d609fd3b7335ae
463aca613dcdfc3446e7c7f4663d9577ef92f94e
fcb4c1657bc5afb8c1adfbec67198211be206ff61b5cc7c13565d5ce492de66e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 20:12:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
secure.adnxs.com/seg?add=30613014&t=1
185.89.210.101307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/seg?add=30613014&t=1
IP 185.89.210.101:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /seg?add=30613014&t=1 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sat, 21 Jan 2023 20:12:49 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D30613014%26t%3D1
AN-X-Request-Uuid: b0dc4040-6b7c-45bb-988d-34b4ccf72ba3
Set-Cookie: uuid2=2264652938095965915; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 21-Apr-2023 20:12:49 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
zz.connextra.com/20Bet/dcs/tagController/tagData/d3ea3fb1f9d4
104.85.191.64200 OK 0 B URL HTTP/2 zz.connextra.com/20Bet/dcs/tagController/tagData/d3ea3fb1f9d4
IP 104.85.191.64:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /20Bet/dcs/tagController/tagData/d3ea3fb1f9d4 HTTP/1.1
Host: zz.connextra.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 41
Origin: https://20betlp.com
Connection: keep-alive
Referer: https://20betlp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://20betlp.com
vary: Origin
p3p: CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
content-type: text/plain
content-length: 0
expires: Sat, 21 Jan 2023 20:12:49 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 21 Jan 2023 20:12:49 GMT
set-cookie: CxtId=829904c9-cca4-413b-963a-f76fd49b0ac5; Domain=.connextra.com; Expires=Mon, 20-Jan-2025 20:12:49 GMT; Path=/; Secure; SameSite=None
20Bet=P%7Chomepage%7C1%7C202301212012; Domain=.connextra.com; Expires=Sun, 21-Jan-2024 20:12:49 GMT; Path=/; Secure; HttpOnly; SameSite=None
X-Firefox-Spdy: h2
secure.adnxs.com/getuidnb?https%3A//zz.connextra.com/sync/data/uid/3bc1d7fd2e/%24UID
185.89.210.101200 OK 43 B URL HTTP/1.1 secure.adnxs.com/getuidnb?https%3A//zz.connextra.com/sync/data/uid/3bc1d7fd2e/%24UID
IP 185.89.210.101:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
GET /getuidnb?https%3A//zz.connextra.com/sync/data/uid/3bc1d7fd2e/%24UID HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sat, 21 Jan 2023 20:12:49 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: f5a4a497-f70d-410a-8966-75053eab3bac
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
apis.sharechat.com/self-serve-service/v1/external/selfServe/sdk/SG3eKxKT7W/get
104.17.235.9200 OK 57 B URL HTTP/2 apis.sharechat.com/self-serve-service/v1/external/selfServe/sdk/SG3eKxKT7W/get
IP 104.17.235.9:0
File type JSON data\012- , ASCII text, with no line terminators
Hash b743f3d65555324eb815a39dbfda117e
854c81927d8fd17fd8cb66503d8d2a0912293007
b93f1daec177bd721359292bba935c7f95c000e39bc8eb2f5f86eee34957e0f4
GET /self-serve-service/v1/external/selfServe/sdk/SG3eKxKT7W/get HTTP/1.1
Host: apis.sharechat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20betlp.com/
Origin: https://20betlp.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 21 Jan 2023 20:12:49 GMT
content-type: application/json;charset=utf-8
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: https://20betlp.com
vary: Origin
etag: W/"1f-6dkZ0odeH7r21LA6dRUG6G17Ebs"
via: 1.1 google
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=Rh5IAGgyniDmMBegs5ecY23sIBQGqF0VSQVVErb.J24-1674331969-0-AWZ5qgom7DP4RXpIXe8hN9x7pkRyZ5iAtmXTqesHHmv4muqU4tHf7lbytjHBz2Pe/PDAlIrkubMXVmSpcZhMRfs=; path=/; expires=Sat, 21-Jan-23 20:42:49 GMT; domain=.sharechat.com; HttpOnly; Secure; SameSite=None
_cfuvid=a43fOsHE2HvI47lOnqJwHq6JQase9Fem42uBDKR0QDE-1674331969418-0-604800000; path=/; domain=.sharechat.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 78d2b4f63c42b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
my.rtmark.net/img.gif?f=sync&partner=cd60a55da311d1562975ffab2a7f08e376179d9ae222cd454571a6753429581a&ttl=&rurl=https%3A%2F%2F20betlp.com%2Fbonus-wheel-en%2F%3Fbtag%3D667089_56020FE892A84B32AB0CF9C4953AEB00%26clickid%3D9df44x9ydxstl8a4%26campaign%3D1642%26trafficsource%3D62
139.45.195.8200 OK 43 B URL HTTP/2 my.rtmark.net/img.gif?f=sync&partner=cd60a55da311d1562975ffab2a7f08e376179d9ae222cd454571a6753429581a&ttl=&rurl=https%3A%2F%2F20betlp.com%2Fbonus-wheel-en%2F%3Fbtag%3D667089_56020FE892A84B32AB0CF9C4953AEB00%26clickid%3D9df44x9ydxstl8a4%26campaign%3D1642%26trafficsource%3D62
IP 139.45.195.8:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /img.gif?f=sync&partner=cd60a55da311d1562975ffab2a7f08e376179d9ae222cd454571a6753429581a&ttl=&rurl=https%3A%2F%2F20betlp.com%2Fbonus-wheel-en%2F%3Fbtag%3D667089_56020FE892A84B32AB0CF9C4953AEB00%26clickid%3D9df44x9ydxstl8a4%26campaign%3D1642%26trafficsource%3D62 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 21 Jan 2023 20:12:49 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=2c354c08340440859df0b946db7fdec7; expires=Sun, 21 Jan 2024 20:12:49 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b7e829d-d4bc-4fa0-b5e5-e4527e48fd42.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b7e829d-d4bc-4fa0-b5e5-e4527e48fd42.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4483cb695fef2fe82f38a65e18ea1fd7
ea95504fc5be0259c8c3a39f47f8fcb322bca88d
807a120b964ee7ec7c83c5d943d29cea5df2171291ad1b99de9ef4df7e7e9046
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b7e829d-d4bc-4fa0-b5e5-e4527e48fd42.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9657
x-amzn-requestid: 63c51fc8-3cd1-486b-960b-91d0d4b14dbd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: exbnMFUvoAMFvYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c3a62d-3f30f1cb5bc13bf812d3cf71;Sampled=0
x-amzn-remapped-date: Sun, 15 Jan 2023 07:07:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VuSAJTNeYNhttE_PILwWsQmCBULQteT3BkAUOPYGTksqRK7rKBbYyg==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 16:05:36 GMT
age: 14839
etag: "ea95504fc5be0259c8c3a39f47f8fcb322bca88d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
dsp-media.eskimi.com/assets/js/e/gtr.min.js?_=0.0.0.3
194.242.11.186200 OK 0 B URL HTTP/2 dsp-media.eskimi.com/assets/js/e/gtr.min.js?_=0.0.0.3
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
GET /assets/js/e/gtr.min.js?_=0.0.0.3 HTTP/1.1
Host: dsp-media.eskimi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 21 Jan 2023 20:12:49 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 692289
cdn-uid: ce2848ff-13c5-49e5-873d-af24ad423612
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
etag: W/"621cbfb5-12fb"
expires: Tue, 28 Nov 2023 12:07:50 GMT
last-modified: Mon, 28 Feb 2022 12:27:33 GMT
x-content-type-options: nosniff
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 11/28/2022 12:07:50
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: a2c39eb5b82202ca639df2ec2a3b3793
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
dsp-ap.eskimi.com/v2/gtr?id=22441&url=https%3A%2F%2F20betlp.com%2Fbonus-wheel-en%2F%3Fbtag%3D667089_56020FE892A84B32AB0CF9C4953AEB00%26clickid%3D9df44x9ydxstl8a4%26campaign%3D1642%26trafficsource%3D62&t=1674331968196
35.186.201.99200 OK 0 B URL HTTP/2 dsp-ap.eskimi.com/v2/gtr?id=22441&url=https%3A%2F%2F20betlp.com%2Fbonus-wheel-en%2F%3Fbtag%3D667089_56020FE892A84B32AB0CF9C4953AEB00%26clickid%3D9df44x9ydxstl8a4%26campaign%3D1642%26trafficsource%3D62&t=1674331968196
IP 35.186.201.99:0
GET /v2/gtr?id=22441&url=https%3A%2F%2F20betlp.com%2Fbonus-wheel-en%2F%3Fbtag%3D667089_56020FE892A84B32AB0CF9C4953AEB00%26clickid%3D9df44x9ydxstl8a4%26campaign%3D1642%26trafficsource%3D62&t=1674331968196 HTTP/1.1
Host: dsp-ap.eskimi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://20betlp.com
Connection: keep-alive
Referer: https://20betlp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
set-cookie: __eConsent=1; Expires=Mon, 20 Feb 2023 20:12:49 GMT; Max-Age=2592000; Domain=.eskimi.com; Path=/; Secure; SameSite=None
__eDId=ef946dc9-984f-4e78-aa2d-424f9aead09c; Expires=Mon, 20 Feb 2023 20:12:49 GMT; Max-Age=2592000; Domain=.eskimi.com; Path=/; Secure; SameSite=None
__eP=1; Expires=Sat, 04 Feb 2023 20:12:49 GMT; Max-Age=1209600; Domain=.eskimi.com; Path=/; Secure; SameSite=None
access-control-allow-origin: https://20betlp.com
access-control-allow-credentials: true
cache-control: no-cache
date: Sat, 21 Jan 2023 20:12:48 GMT
content-type: application/json
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/73094056?wmode=7&page-url=https%3A%2F%2F20betlp.com%2Fbonus-wheel-en%2F%3Fbtag%3D667089_56020FE892A84B32AB0CF9C4953AEB00%26clickid%3D9df44x9ydxstl8a4%26campaign%3D1642%26trafficsource%3D62&page-ref=https%3A%2F%2Fwww.highcpmrevenuenetwork.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A1291%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A29895761256%3Ahid%3A250644383%3Az%3A0%3Ai%3A20230121201248%3Aet%3A1674331969%3Ac%3A1%3Arn%3A884731652%3Arqn%3A1%3Au%3A1674331969888671794%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A34%2C37%2C13%2C2%2C828%2C0%2C%2C340%2C1%2C%2C%2C%2C1284%3Aco%3A0%3Ans%3A1674331966300%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674331969%3At%3A20BET%20%7C%20Best%20Online%20Casino%20to%20Win%20Real%20Money&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
87.250.251.119302 Found 0 B URL HTTP/2 mc.yandex.ru/watch/73094056?wmode=7&page-url=https%3A%2F%2F20betlp.com%2Fbonus-wheel-en%2F%3Fbtag%3D667089_56020FE892A84B32AB0CF9C4953AEB00%26clickid%3D9df44x9ydxstl8a4%26campaign%3D1642%26trafficsource%3D62&page-ref=https%3A%2F%2Fwww.highcpmrevenuenetwork.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A1291%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A29895761256%3Ahid%3A250644383%3Az%3A0%3Ai%3A20230121201248%3Aet%3A1674331969%3Ac%3A1%3Arn%3A884731652%3Arqn%3A1%3Au%3A1674331969888671794%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A34%2C37%2C13%2C2%2C828%2C0%2C%2C340%2C1%2C%2C%2C%2C1284%3Aco%3A0%3Ans%3A1674331966300%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674331969%3At%3A20BET%20%7C%20Best%20Online%20Casino%20to%20Win%20Real%20Money&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
IP 87.250.251.119:0
GET /watch/73094056?wmode=7&page-url=https%3A%2F%2F20betlp.com%2Fbonus-wheel-en%2F%3Fbtag%3D667089_56020FE892A84B32AB0CF9C4953AEB00%26clickid%3D9df44x9ydxstl8a4%26campaign%3D1642%26trafficsource%3D62&page-ref=https%3A%2F%2Fwww.highcpmrevenuenetwork.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A1291%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A29895761256%3Ahid%3A250644383%3Az%3A0%3Ai%3A20230121201248%3Aet%3A1674331969%3Ac%3A1%3Arn%3A884731652%3Arqn%3A1%3Au%3A1674331969888671794%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A34%2C37%2C13%2C2%2C828%2C0%2C%2C340%2C1%2C%2C%2C%2C1284%3Aco%3A0%3Ans%3A1674331966300%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674331969%3At%3A20BET%20%7C%20Best%20Online%20Casino%20to%20Win%20Real%20Money&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://20betlp.com
Connection: keep-alive
Referer: https://20betlp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/73094056/1?wmode=7&page-url=https%3A%2F%2F20betlp.com%2Fbonus-wheel-en%2F%3Fbtag%3D667089_56020FE892A84B32AB0CF9C4953AEB00%26clickid%3D9df44x9ydxstl8a4%26campaign%3D1642%26trafficsource%3D62&page-ref=https%3A%2F%2Fwww.highcpmrevenuenetwork.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A1291%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A29895761256%3Ahid%3A250644383%3Az%3A0%3Ai%3A20230121201248%3Aet%3A1674331969%3Ac%3A1%3Arn%3A884731652%3Arqn%3A1%3Au%3A1674331969888671794%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A34%2C37%2C13%2C2%2C828%2C0%2C%2C340%2C1%2C%2C%2C%2C1284%3Aco%3A0%3Ans%3A1674331966300%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674331969%3At%3A20BET%20%7C%20Best%20Online%20Casino%20to%20Win%20Real%20Money&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Sat, 21 Jan 2023 20:12:49 GMT
access-control-allow-origin: https://20betlp.com
set-cookie: yabs-sid=2113203121674331969; Path=/; SameSite=None; Secure
i=goX0OoKIPlMOmb8D/zkDohNsq64DCdLxEK8AqjtTxAjmFYbmdXjMGXKGs/ksCU2wcC3IMdwWd7LtgwAWikwmhlg3N/s=; Expires=Tue, 18-Jan-2033 20:12:47 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=8319060281674331969; Expires=Sun, 21-Jan-2024 20:12:49 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=8319060281674331969; Expires=Sun, 21-Jan-2024 20:12:49 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1705867969.yc.1674331969#1705867969.yrts.1674331969#1705867969.yrtsi.1674331969; Expires=Sun, 21-Jan-2024 20:12:49 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 21-Jan-2023 20:12:49 GMT
last-modified: Sat, 21-Jan-2023 20:12:49 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2