Report - n3jj0.bemobtrcks.com/go/3c486930-0a2f-49b5-84ab-a367c98b5fe8

Report Overview

Submitted URL
n3jj0.bemobtrcks.com/go/3c486930-0a2f-49b5-84ab-a367c98b5fe8
IP
3.70.16.242
ASN
#16509 AMAZON-02
Submitted
2023-01-21 20:12:58
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
20betlp.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	17 kB	3.7 MB	37.252.8.95
zz.connextra.com	14652	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	883 B	17 kB	104.85.191.64
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.4 kB	8.9 kB	23.36.77.32
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	377 B	60 kB	142.250.74.168
secure.adnxs.com	396	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	3.8 kB	185.89.210.101
dsp-trk.eskimi.com	38619	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	406 B	246 B	34.120.139.69
mc.yandex.ru	2672	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.9 kB	79 kB	87.250.251.119
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	2.8 kB	142.250.74.131
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
www.highcpmrevenuenetwork.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.2 kB	4.1 kB	192.243.59.12
ocsp.globalsign.com	2075	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	359 B	1.4 kB	104.18.21.226
ctrack.trafficjunky.net	27301	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	992 B	2.3 kB	66.254.114.89
main.realsrv.com	91110	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	414 B	436 B	95.211.229.246
www.facebook.com	99	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	759 B	349 B	31.13.72.36
dsp-media.eskimi.com	46408	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	384 B	1.0 kB	194.242.11.186
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	52.26.236.137
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.8 kB	68 kB	34.120.237.76
stats.g.doubleclick.net	96	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	598 B	703 B	64.233.161.156
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	368 B	21 kB	142.250.74.14
trc.taboola.com	602	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	628 B	528 B	151.101.65.44
ocsp.godaddy.com	698	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	680 B	4.6 kB	192.124.249.24
main.exoclick.com	33599	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	415 B	437 B	95.211.229.245
tsyndicate.com	13042	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	426 B	625 B	148.251.19.25
apis.sharechat.com	109357	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	434 B	1.0 kB	104.17.235.9
dsp-ap.eskimi.com	62069	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	572 B	691 B	35.186.201.99
asper-media.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	869 B	579 B	159.89.28.67
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	4.4 kB	93.184.220.29
sc-events-sdk.sharechat.com	726987	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	369 B	13 kB	34.120.129.12
a.exoclick.com	71579	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	356 B	922 B	205.185.216.10
connect.facebook.net	139	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	369 B	29 kB	31.13.72.12
main.exdynsrv.com	91821	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	415 B	437 B	95.211.229.246
my.rtmark.net	9054	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	1.9 kB	139.45.195.8
region1.google-analytics.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	856 B	558 B	216.239.32.36
n3jj0.bemobtrcks.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	391 B	1.2 kB	3.70.16.242

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-01-21	medium	highcpmrevenuenetwork.com	Sinkholed
2023-01-21	medium	highcpmrevenuenetwork.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (23)

	URL	Size	First Seen	Last Seen
	www.googletagmanager.com/gtag/js?id=G-J9LNZYMXZE&l=dataLayer&cx=c	223 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtag/js?id=G-J9LNZYMXZE&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 05:00:45 Last Seen2023-03-13 05:00:45 Times Seen1 Hash 70897f999f83581a4b5694f6f2d2c35e b3cad0ca07df78986144d7fa1c64f778b1ab0d56 961b833b6ef3b36b3b3f15e5c4fdaa331e8cc3d9e26a1c4b228bac7236120fd7 Loading...

	mc.yandex.ru/metrika/tag.js	216 kB	2023-03-13	2024-02-12
Pretty URL mc.yandex.ru/metrika/tag.js IP 87.250.251.119 ASN #13238 YANDEX LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 03:21:16 Last Seen2024-02-12 03:39:19 Times Seen26 Hash 11dace43aae35c0df839beaed62a7af2 69bc46afefb0a5a4246be951c20b9ea7196333df e920c8868829d751996c981a49d415d9a1abc190bc51cc719826441236231e32 Loading...

	www.highcpmrevenuenetwork.com/gxwefg3r3?key=a969ca5c9ad2611762f11b79a526e2d2&submetric=17201730	2.1 kB	2023-03-07	2023-04-05
Pretty URL www.highcpmrevenuenetwork.com/gxwefg3r3?key=a969ca5c9ad2611762f11b79a526e2d2&submetric=17201730 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:21 Last Seen2023-04-05 02:12:07 Times Seen388 Hash 4fd91164aa79d34ae401150b9f112bbe a09fe46ece27e06c82f059c481090481804461bc e717b18eba32145b270f89fb30d50c51c6fdd7060deff6f467fc8621973123f8 Loading...

	20betlp.com/bonus-wheel-en/js/jquery-3.3.1.min.js	87 kB	2023-03-07	2024-04-25
Pretty URL 20betlp.com/bonus-wheel-en/js/jquery-3.3.1.min.js IP 37.252.8.95 ASN #42708 GleSYS AB Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:01 Last Seen2024-04-25 16:27:58 Times Seen25908 Hash 4b57cf46dc8cb95c4cca54afc85e9540 05e1ad0cc600a057886deaf237ab6e3d4fcdb5ac a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855 Loading...

	20betlp.com/bonus-wheel-en/?btag=667089_56020FE892A84B32AB0CF9C4953AEB00&clickid=9df44x9ydxstl8a4&campaign=1642&trafficsource=62	513 B	2023-03-07	2023-04-01
Pretty URL 20betlp.com/bonus-wheel-en/?btag=667089_56020FE892A84B32AB0CF9C4953AEB00&clickid=9df44x9ydxstl8a4&campaign=1642&trafficsource=62 IP 37.252.8.95 ASN #42708 GleSYS AB Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:21 Last Seen2023-04-01 11:11:57 Times Seen9 Hash c1a53e8e67729a38dfba12ebb64c8f42 ef222f64de7db03a7fb8e60c8ccdeb18ee2454b8 4d8d0a19d7ec00b0bd3509a2615e8ef20c79cc590c0121f94ed89e59300fd047 Loading...

	20betlp.com/bonus-wheel-en/js/main.js	1.0 kB	2023-03-07	2024-04-24
Pretty URL 20betlp.com/bonus-wheel-en/js/main.js IP 37.252.8.95 ASN #42708 GleSYS AB Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:21 Last Seen2024-04-24 07:23:49 Times Seen67 Hash fcaee45c580549bc5a1098cdc39add72 0705814694ae0ac9c6412799fe09f86dbed00879 444da91a153df8160c709eefb8c88ae337692c091d7f320167ef96eaa2c87fca Loading...

	20betlp.com/bonus-wheel-en/?btag=667089_56020FE892A84B32AB0CF9C4953AEB00&clickid=9df44x9ydxstl8a4&campaign=1642&trafficsource=62	423 B	2023-03-07	2024-04-24
Pretty URL 20betlp.com/bonus-wheel-en/?btag=667089_56020FE892A84B32AB0CF9C4953AEB00&clickid=9df44x9ydxstl8a4&campaign=1642&trafficsource=62 IP 37.252.8.95 ASN #42708 GleSYS AB Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:21 Last Seen2024-04-24 07:23:48 Times Seen356 Hash 98b4892766a0f7c68156bef4ed5a21e6 58e7da61395ebef335feec02cea6a36a2b52d5e4 0d0be9c5209b8bbb628fda457cfe7bcc9062fc8b1aac37597ddd3dbea2fbf5c6 Loading...

	sc-events-sdk.sharechat.com/web-sdk.js	12 kB	2023-03-08	2023-06-11
Pretty URL sc-events-sdk.sharechat.com/web-sdk.js IP 34.120.129.12 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:29:25 Last Seen2023-06-11 14:23:42 Times Seen5 Hash 590bf0022120d1610cba44ba02e12810 5dc081270f226a5e3ee9b47ad279ed2b1cdcf492 07886428aa53f7fa0b69b0b5e236e171be8c492d7020686b0fdec11f572c07a8 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-12	2024-04-15
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.14 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:46:21 Last Seen2024-04-15 18:54:35 Times Seen35101 Hash 54e51056211dda674100cc5b323a58ad 26dc5034cb6c7f3bbe061edd37c7fc6006cb835b 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Loading...

	connect.facebook.net/en_US/fbevents.js	109 kB	2023-03-13	2023-03-13
Pretty URL connect.facebook.net/en_US/fbevents.js IP 31.13.72.12 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 03:30:49 Last Seen2023-03-13 08:53:57 Times Seen1 Hash ab83678e33d91a4c05df6e3d3f200bce 499efc34dc56dbc5e8a6fdb3a7dc4cfda2a3848d ef8f067f829af7c95936a36f38e54c98ab090f937f5557e4c78829ed8fcf5ffd Loading...

	zz.connextra.com/dcs/tagController/tag/d3ea3fb1f9d4/homepage	46 kB	2023-03-07	2023-05-05
Pretty URL zz.connextra.com/dcs/tagController/tag/d3ea3fb1f9d4/homepage IP 104.85.191.64 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:21 Last Seen2023-05-05 01:17:50 Times Seen103 Hash 43ab4770520b433b5b51ad02003e3858 84e559fb544a4238023575b3975f44e668d59f27 eb551214d228e76a0698d9dcda141a4ca33d5003374e2e233039af78fb9448af Loading...

	secure.adnxs.com/seg?add=32401244&t=1	0 B	2023-03-07	2024-04-25
Pretty URL secure.adnxs.com/seg?add=32401244&t=1 IP 185.89.210.101 ASN #29990 ASN-APPNEX Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-25 18:07:51 Times Seen37068887 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	dsp-media.eskimi.com/assets/js/e/gtr.min.js?_=0.0.0.3	4.9 kB	2023-03-07	2023-03-17
Pretty URL dsp-media.eskimi.com/assets/js/e/gtr.min.js?_=0.0.0.3 IP 194.242.11.186 ASN #34989 ServeTheWorld AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:21 Last Seen2023-03-17 12:37:14 Times Seen1 Hash 74ae299a43922f36965001ae9d638ee5 398686c0d59db1cbe647885a56a281405e93c3ed 9815c5028421996acaf760f85539642ed35bfdb7e2ca0f4a5411530accfb4689 Loading...

	20betlp.com/bonus-wheel-en/js/refers.js	670 B	2023-03-07	2024-04-24
Pretty URL 20betlp.com/bonus-wheel-en/js/refers.js IP 37.252.8.95 ASN #42708 GleSYS AB Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:21 Last Seen2024-04-24 07:23:49 Times Seen56 Hash 569bc7dff65a2ac535621f5740c6cb71 26fe363a4e8c5ac44ed577778a4a8e1832dbe9aa 8269fa1b6ddabf2482f4f807049fd9dad8dffdf1da5b3b4bc11ae02943e56341 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-55HKBB7	172 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-55HKBB7 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 05:00:45 Last Seen2023-03-13 05:00:45 Times Seen1 Hash 0f82242ef68b486164d350650cff631d f047501ee5e9b064a211a05d51303bd25abb488c 0ab350bc6939295b347b22a59f651a420d45d2770b5d5b1687a235a9d4c8cf2c Loading...

	20betlp.com/bonus-wheel-en/?btag=667089_56020FE892A84B32AB0CF9C4953AEB00&clickid=9df44x9ydxstl8a4&campaign=1642&trafficsource=62	394 B	2023-03-07	2024-04-24
Pretty URL 20betlp.com/bonus-wheel-en/?btag=667089_56020FE892A84B32AB0CF9C4953AEB00&clickid=9df44x9ydxstl8a4&campaign=1642&trafficsource=62 IP 37.252.8.95 ASN #42708 GleSYS AB Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:21 Last Seen2024-04-24 07:55:38 Times Seen937 Hash 9d6eb340ce0c810328b8866aa3e14118 b60a1e2489912170edee437799255873d46d0abe 3a84e7f9c0e72f5006c5e32ba4426a0ab0b9bad4c8a2ad4c7e1e4357970483fb Loading...

	20betlp.com/bonus-wheel-en/?btag=667089_56020FE892A84B32AB0CF9C4953AEB00&clickid=9df44x9ydxstl8a4&campaign=1642&trafficsource=62	422 B	2023-03-08	2023-03-14
Pretty URL 20betlp.com/bonus-wheel-en/?btag=667089_56020FE892A84B32AB0CF9C4953AEB00&clickid=9df44x9ydxstl8a4&campaign=1642&trafficsource=62 IP 37.252.8.95 ASN #42708 GleSYS AB Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:29:25 Last Seen2023-03-14 06:07:34 Times Seen1 Hash 6e9d30a59125e9dcd3c2aebbdab8cf48 d1cf8e3b05ced8ced9077662a783441b60761cb5 e862170db3798ca46af35af76391a471d198e2c078b452a67f18247071c2fdfd Loading...

	www.highcpmrevenuenetwork.com/gxwefg3r3?key=704aa0a48775b4f547bfd700713e85fd	358 B	2023-03-13	2023-03-13
Pretty URL www.highcpmrevenuenetwork.com/gxwefg3r3?key=704aa0a48775b4f547bfd700713e85fd IP 192.243.59.12 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 00:15:34 Last Seen2023-03-13 05:00:45 Times Seen1 Hash 83890377c341a6b43e867c7bc8a3ed1a 0939d1a4ba2221e31c84e1faefd14b52cbd6e2e4 930817f16152049d0d7539a63e470dade5ce96f38c6cc9c5f1039a18108d6d58 Loading...

	20betlp.com/bonus-wheel-en/?btag=667089_56020FE892A84B32AB0CF9C4953AEB00&clickid=9df44x9ydxstl8a4&campaign=1642&trafficsource=62	357 B	2023-03-07	2024-04-24
Pretty URL 20betlp.com/bonus-wheel-en/?btag=667089_56020FE892A84B32AB0CF9C4953AEB00&clickid=9df44x9ydxstl8a4&campaign=1642&trafficsource=62 IP 37.252.8.95 ASN #42708 GleSYS AB Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:21 Last Seen2024-04-24 07:23:48 Times Seen354 Hash 9ba5e2cc94604bac192e1ff9eafcdded f7469f9e9c81cd6a1038cb4b4d1ce6e62172ecd9 11fe5062dd0a4108233106939370ecf442e97a38e7a78578f7a18e7a0eb3bf0e Loading...

	a.exoclick.com/tag_gen.js	1.0 kB	2023-03-07	2023-05-03
Pretty URL a.exoclick.com/tag_gen.js IP 205.185.216.10 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:21 Last Seen2023-05-03 11:49:17 Times Seen218 Hash e04e1dcc070d00703ed07cf1d8d4dbbb a56c0470b9aa925085e51a6271a4a2185006fc13 3f89c138ce1226da6cf58792344304839adeea6fc1fad2ba4ff9fc137abb70a0 Loading...

	my.rtmark.net/p.js?f=sync&lr=1&partner=cd60a55da311d1562975ffab2a7f08e376179d9ae222cd454571a6753429581a	697 B	2023-03-07	2024-04-24
Pretty URL my.rtmark.net/p.js?f=sync&lr=1&partner=cd60a55da311d1562975ffab2a7f08e376179d9ae222cd454571a6753429581a IP 139.45.195.8 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:21 Last Seen2024-04-24 07:23:49 Times Seen416 Hash 50bd6e5705d2521bca2b787e709a056b 6216f7e6fce68eba983e254863c86f29248531b0 0f9b337808a018383c64035060134c4bbf0d8de9e9541284ab5ffaa9f42cd434 Loading...

		Size	First Seen	Last Seen
	#1 Write - 24ef47276c7d910b9a1e47a12b31728c	178 B	2023-03-07	2023-05-05
Pretty Observations First Seen2023-03-07 01:06:21 Last Seen2023-05-05 01:17:51 Times Seen57 Hash 24ef47276c7d910b9a1e47a12b31728c 99128b2348362cdc784a0e7cc6aa5bfd0da8f855 854fe45fbedc9cb4a9b0def7bec122dd2d5d997f82d2cac592645667cad8c929 Loading...

	#2 Write - be697b6dfc757d76713a72a0aced3741	190 B	2023-03-07	2023-05-06
Pretty Observations First Seen2023-03-07 01:06:21 Last Seen2023-05-06 00:11:34 Times Seen161 Hash be697b6dfc757d76713a72a0aced3741 6ebc97158e27218a733b71e28bab1d52c30c2afb 743f6492a5beb847167322304f93922a25b48b4fda556b6039418e53930e9df1 Loading...

HTTP Transactions (103)

URL IP Response Size

n3jj0.bemobtrcks.com/go/3c486930-0a2f-49b5-84ab-a367c98b5fe8

3.70.16.242

302 Found

212 B

URL HTTP/1.1
n3jj0.bemobtrcks.com/go/3c486930-0a2f-49b5-84ab-a367c98b5fe8
IP
3.70.16.242:0
ASN
#16509 AMAZON-02

File type
HTML document, ASCII text, with no line terminators
Size
212 B (212 bytes)
Hash
8596b4686b6a7293bb8bf8af12063cd9
94d4c92349fea911f7e45650f3a8f73fa41dea71
8bacd748b5f1678a46123564c6f26f347948829f5363f4c3816371fe18da60a9

HTTP Headers

GET /go/3c486930-0a2f-49b5-84ab-a367c98b5fe8 HTTP/1.1
Host: n3jj0.bemobtrcks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Server: openresty
Date: Sat, 21 Jan 2023 20:12:46 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 212
Connection: keep-alive
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Reduced
Access-Control-Allow-Origin: *
Location: https://www.highcpmrevenuenetwork.com/gxwefg3r3?key=704aa0a48775b4f547bfd700713e85fd
Set-Cookie: bemob-uniq-visit:3c486930-0a2f-49b5-84ab-a367c98b5fe8=1; Domain=n3jj0.bemobtrcks.com; Path=/; Expires=Sun, 22 Jan 2023 20:12:46 GMT; HttpOnly
bemob-rotation:3c486930-0a2f-49b5-84ab-a367c98b5fe8:random:89f8df934aaf6257ee32070e9efe6050=0-0-0; Domain=n3jj0.bemobtrcks.com; Path=/; Expires=Sun, 22 Jan 2023 20:12:46 GMT; HttpOnly
bemob-click-id=Xg4jeP4ksj1jmUEFP8xMQE; Domain=n3jj0.bemobtrcks.com; Path=/; Expires=Sun, 22 Jan 2023 20:12:46 GMT; HttpOnly
Vary: Accept
X-Response-Time: 37.398ms
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
20d267853e48ef7d476459ed67da5d97
06d1bd08efd69c0e93486d3c423fa2640f372d29
24323cd45ca2ed01c63f908233d9b2ad5bb6f63394884c45bf6abb0221d0edd6

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "24323CD45CA2ED01C63F908233D9B2AD5BB6F63394884C45BF6ABB0221D0EDD6"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5894
Expires: Sat, 21 Jan 2023 21:51:00 GMT
Date: Sat, 21 Jan 2023 20:12:46 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8a5e416451617846248067d72b675125
995b0346adefaf5f2e167d1b81e60cc9afc4f19e
c5fafb9127b71cbd4f7b1a44f755fc4aa0e2f47bbc50de4b15c870a22bf160d9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5FAFB9127B71CBD4F7B1A44F755FC4AA0E2F47BBC50DE4B15C870A22BF160D9"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16252
Expires: Sun, 22 Jan 2023 00:43:38 GMT
Date: Sat, 21 Jan 2023 20:12:46 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
38c102db4bcfb9c4fb19174986950fd3
51c2cc8a3aca4da5c9ab3438467c29203fc0b0c3
dad6b64bc9f4dd827471ccc2e5273fceee574685376083aaa80f9d2f918037f2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DAD6B64BC9F4DD827471CCC2E5273FCEEE574685376083AAA80F9D2F918037F2"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6402
Expires: Sat, 21 Jan 2023 21:59:28 GMT
Date: Sat, 21 Jan 2023 20:12:46 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 21 Jan 2023 19:49:39 GMT
content-type: application/json
age: 1387
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: Jh69UyI1bBg+EnjsEp2Eyh9ml1Oxhjd59AuRrB7QvX8ink0ul8wna5yrD2Ce4qTnZ9+NSuJtSIY=
x-amz-request-id: XY00MYFV7YK2Q0ET
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 21 Jan 2023 19:46:58 GMT
age: 1548
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jan 2023 20:12:46 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d6e3648d0bf0ec9430138a5b91760601
937cea0fadfd1bce86108413d0e5653f0e5f9ac8
5bc0fe7ec22cebf8ed8deed026d9bb21ba338971c50f6cfb5f93a2a182af0b0e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5BC0FE7EC22CEBF8ED8DEED026D9BB21BA338971C50F6CFB5F93A2A182AF0B0E"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8784
Expires: Sat, 21 Jan 2023 22:39:10 GMT
Date: Sat, 21 Jan 2023 20:12:46 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Expires, Last-Modified, Alert, Content-Type, Content-Length, ETag, Pragma, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 21 Jan 2023 19:48:58 GMT
age: 1429
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

www.highcpmrevenuenetwork.com/gxwefg3r3?key=704aa0a48775b4f547bfd700713e85fd

192.243.59.12

200 OK

1.2 kB

URL HTTP/1.1
www.highcpmrevenuenetwork.com/gxwefg3r3?key=704aa0a48775b4f547bfd700713e85fd
IP
192.243.59.12:0
ASN
#39572 DataWeb Global Group B.V.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
1.2 kB (1210 bytes)
Hash
b085233e5a37bd22fd0324f585d1c7ee
8a9a1d6b39fd95982a6757ece23a16e3e95ae11d
137f85cb8ce6bdf9a653d8e3af960085322850a6fb83b7d63372f0540f079514

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /gxwefg3r3?key=704aa0a48775b4f547bfd700713e85fd HTTP/1.1
Host: www.highcpmrevenuenetwork.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sat, 21 Jan 2023 20:12:47 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=17201730; expires=Sun, 22 Jan 2023 20:12:47 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzIwMTczMCwiayI6IjcwNGFhMGE0ODc3NWI0ZjU0N2JmZDcwMDcxM2U4NWZkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODQ1NTcxLCJwaWQiOjQ2MTkzOSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozMSwiYWlkIjoyOCwicHQiOjQsInBrIjoiZ3h3ZWZnM3IzIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiIifX0.3-6ghnpTyJ_O7mQ1IcYc_3B6upynUPGQ0BnPRI_82SU; expires=Sat, 21 Jan 2023 20:13:47 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9b001a3999042a277a23f624d0163a45
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
fc96297d0b59147e8f6052b16f1ca13f
23aeddfa143bb9be19b2ed06f2024a3a8aa120ce
034327c6ada560c662f451f3c95cd8531482d4ab51629e95875fab54c8f3e49a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2283
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 20:12:47 GMT
Last-Modified: Sat, 21 Jan 2023 19:34:44 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

52.26.236.137

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.26.236.137:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: f1ZjRsxTa7NFq8thOp9p+A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: lTJM7oC2U3E/HEfeuvgI5akSmBs=

www.highcpmrevenuenetwork.com/gxwefg3r3?shu=d89576c793aef1ca3f782e3a50ecb36fb81564ed5c36f3bbfe3ef39cae6ca9e4fbf32f57b03e4c2e1eec515bcfb3ea39fc5ac1b06b64a8f690ed4751fb9a5cef93b068e42a752816cedfe48077bfa5b4ca2e08&pst=1674332027&rmtc=t&uuid=&pii=&in=false&key=704aa0a48775b4f547bfd700713e85fd

192.243.59.12

302 Found

0 B

URL HTTP/1.1
www.highcpmrevenuenetwork.com/gxwefg3r3?shu=d89576c793aef1ca3f782e3a50ecb36fb81564ed5c36f3bbfe3ef39cae6ca9e4fbf32f57b03e4c2e1eec515bcfb3ea39fc5ac1b06b64a8f690ed4751fb9a5cef93b068e42a752816cedfe48077bfa5b4ca2e08&pst=1674332027&rmtc=t&uuid=&pii=&in=false&key=704aa0a48775b4f547bfd700713e85fd
IP
192.243.59.12:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /gxwefg3r3?shu=d89576c793aef1ca3f782e3a50ecb36fb81564ed5c36f3bbfe3ef39cae6ca9e4fbf32f57b03e4c2e1eec515bcfb3ea39fc5ac1b06b64a8f690ed4751fb9a5cef93b068e42a752816cedfe48077bfa5b4ca2e08&pst=1674332027&rmtc=t&uuid=&pii=&in=false&key=704aa0a48775b4f547bfd700713e85fd HTTP/1.1
Host: www.highcpmrevenuenetwork.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.highcpmrevenuenetwork.com/gxwefg3r3?key=a969ca5c9ad2611762f11b79a526e2d2&submetric=17201730
Cookie: u_pl=17201730; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzIwMTczMCwiayI6IjcwNGFhMGE0ODc3NWI0ZjU0N2JmZDcwMDcxM2U4NWZkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODQ1NTcxLCJwaWQiOjQ2MTkzOSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozMSwiYWlkIjoyOCwicHQiOjQsInBrIjoiZ3h3ZWZnM3IzIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiIifX0.3-6ghnpTyJ_O7mQ1IcYc_3B6upynUPGQ0BnPRI_82SU; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin

HTTP/1.1 302 Found
Server: nginx/1.17.6
Date: Sat, 21 Jan 2023 20:12:47 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://asper-media.com/click.php?key=1wojcs0r58urwh6jy9ky&SUB_ID_SHORT=1c4f8c568dfca414bbd98f5efe113c37&COST_CPC=0.002500&PLACEMENT_ID=17201730&CAMPAIGN_ID=720711&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Windows&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&REMOTE_LANGUAGE=11&BANNER_ID=2126475
Set-Cookie: iprced5a646883d9ca9ae16dabe816017d3b=3950617; expires=Sun, 22 Jan 2023 20:12:47 GMT
pdhtkv=true; expires=Sun, 22 Jan 2023 20:12:47 GMT
uncs=1; expires=Sun, 22 Jan 2023 20:12:47 GMT
pdhtkv28=true; expires=Sun, 22 Jan 2023 20:12:47 GMT
uncs28=1; expires=Sun, 22 Jan 2023 20:12:47 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 37ec7d3cf67379be7af606fdf8eb557d
Strict-Transport-Security: max-age=0; includeSubdomains

asper-media.com/click.php?key=1wojcs0r58urwh6jy9ky&SUB_ID_SHORT=1c4f8c568dfca414bbd98f5efe113c37&COST_CPC=0.002500&PLACEMENT_ID=17201730&CAMPAIGN_ID=720711&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Windows&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&REMOTE_LANGUAGE=11&BANNER_ID=2126475

159.89.28.67

302 Found

0 B

URL HTTP/2
asper-media.com/click.php?key=1wojcs0r58urwh6jy9ky&SUB_ID_SHORT=1c4f8c568dfca414bbd98f5efe113c37&COST_CPC=0.002500&PLACEMENT_ID=17201730&CAMPAIGN_ID=720711&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Windows&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&REMOTE_LANGUAGE=11&BANNER_ID=2126475
IP
159.89.28.67:0
ASN
#14061 DIGITALOCEAN-ASN

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /click.php?key=1wojcs0r58urwh6jy9ky&SUB_ID_SHORT=1c4f8c568dfca414bbd98f5efe113c37&COST_CPC=0.002500&PLACEMENT_ID=17201730&CAMPAIGN_ID=720711&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Windows&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&REMOTE_LANGUAGE=11&BANNER_ID=2126475 HTTP/1.1
Host: asper-media.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.highcpmrevenuenetwork.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx/1.18.0
date: Sat, 21 Jan 2023 20:12:47 GMT
content-type: text/html; charset=UTF-8
location: https://promo.20bet.partners/redirect.aspx?pid=205174&bid=1971&lpid=1042&clickid=9df44x9ydxstl8a4&campaign=1642&trafficsource=62
set-cookie: uclick=x9ydxstl; expires=Sun, 22-Jan-2023 20:12:47 GMT; Max-Age=86400; path=/; secure; SameSite=none
uclickhash=x9ydxstl-x9ydxstl-us7s-0-pmib-9za7-9za5-598a78; expires=Sun, 22-Jan-2023 20:12:47 GMT; Max-Age=86400; path=/; secure; SameSite=none
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5530e335c38e483c0322f585c977a73b
7b7d18ac7ee6d6f43fd0baba11fdd27660622729
b483d25830daf085713b32a53736b1eaf293513bf608ebe6cbca2ea09162a6ef

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B483D25830DAF085713B32A53736B1EAF293513BF608EBE6CBCA2EA09162A6EF"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3692
Expires: Sat, 21 Jan 2023 21:14:20 GMT
Date: Sat, 21 Jan 2023 20:12:48 GMT
Connection: keep-alive

20betlp.com/bonus-wheel-en/?btag=667089_56020FE892A84B32AB0CF9C4953AEB00&clickid=9df44x9ydxstl8a4&campaign=1642&trafficsource=62

37.252.8.95

200 OK

1.9 kB

URL HTTP/1.1
20betlp.com/bonus-wheel-en/?btag=667089_56020FE892A84B32AB0CF9C4953AEB00&clickid=9df44x9ydxstl8a4&campaign=1642&trafficsource=62
IP
37.252.8.95:0
ASN
#42708 GleSYS AB

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (474)
Size
1.9 kB (1908 bytes)
Hash
680cf4daa1a31b9192a9601e715c7b89
8dee29aa12049a16081e0746d8c18e4d48fbb63d
b18680631feed7054f7251f542ef888fe486c5e04cc610e6ea98292d4c650feb

HTTP Headers

GET /bonus-wheel-en/?btag=667089_56020FE892A84B32AB0CF9C4953AEB00&clickid=9df44x9ydxstl8a4&campaign=1642&trafficsource=62 HTTP/1.1
Host: 20betlp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.highcpmrevenuenetwork.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sat, 21 Jan 2023 20:12:48 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 14 Nov 2022 15:18:46 GMT
ETag: W/"1580-5ed6fc1775dec"
Strict-Transport-Security: max-age=31536000;
Content-Encoding: gzip

20betlp.com/bonus-wheel-en/css/reset.css

37.252.8.95

200 OK

758 B

URL HTTP/1.1
20betlp.com/bonus-wheel-en/css/reset.css
IP
37.252.8.95:0
ASN
#42708 GleSYS AB

File type
ASCII text
Size
758 B (758 bytes)
Hash
4efd21f2a250eb9c74738efd20649c5f
d2b04957878a7eb16378885edc870e5d4ed85e0a
854bdd447667d255572764fe724efa5b6f97d9e66452e28010eb850dad46dbb1

HTTP Headers

GET /bonus-wheel-en/css/reset.css HTTP/1.1
Host: 20betlp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/bonus-wheel-en/?btag=667089_56020FE892A84B32AB0CF9C4953AEB00&clickid=9df44x9ydxstl8a4&campaign=1642&trafficsource=62
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sat, 21 Jan 2023 20:12:48 GMT
Content-Type: text/css
Last-Modified: Mon, 08 Nov 2021 13:54:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"61892bf9-6a6"
Expires: Sat, 21 Jan 2023 20:13:18 GMT
Cache-Control: max-age=30
Strict-Transport-Security: max-age=31536000;
Content-Encoding: gzip

20betlp.com/bonus-wheel-en/js/refers.js

37.252.8.95

200 OK

388 B

URL HTTP/1.1
20betlp.com/bonus-wheel-en/js/refers.js
IP
37.252.8.95:0
ASN
#42708 GleSYS AB

File type
ASCII text
Size
388 B (388 bytes)
Hash
1a02133cce7b2f9786a3d14737b7acbe
940b4a4f62322d164c6f1ca888ccfbd975839105
3d53e0fdccc953658e13bfe3523749c55818cab7dc61f26b954657b0b1543ec0

HTTP Headers

GET /bonus-wheel-en/js/refers.js HTTP/1.1
Host: 20betlp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/bonus-wheel-en/?btag=667089_56020FE892A84B32AB0CF9C4953AEB00&clickid=9df44x9ydxstl8a4&campaign=1642&trafficsource=62
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sat, 21 Jan 2023 20:12:48 GMT
Content-Type: application/javascript; charset=UTF-8
Last-Modified: Fri, 12 Nov 2021 10:15:19 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"618e3eb7-29e"
Expires: Sat, 21 Jan 2023 20:13:18 GMT
Cache-Control: max-age=30
Strict-Transport-Security: max-age=31536000;
Content-Encoding: gzip

20betlp.com/bonus-wheel-en/css/main.css

37.252.8.95

200 OK

1.8 kB

URL HTTP/1.1
20betlp.com/bonus-wheel-en/css/main.css
IP
37.252.8.95:0
ASN
#42708 GleSYS AB

File type
ASCII text
Size
1.8 kB (1776 bytes)
Hash
49e5413a26bd3d4d13d60f414dba76de
8aeeb9927881cc873b8b70511122200c6b859343
7322def013c20cef26baa26179065e114db85f87206566dd8be65eb664bfd4db

HTTP Headers

GET /bonus-wheel-en/css/main.css HTTP/1.1
Host: 20betlp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/bonus-wheel-en/?btag=667089_56020FE892A84B32AB0CF9C4953AEB00&clickid=9df44x9ydxstl8a4&campaign=1642&trafficsource=62
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sat, 21 Jan 2023 20:12:48 GMT
Content-Type: text/css
Last-Modified: Tue, 09 Nov 2021 09:29:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"618a3f92-2071"
Expires: Sat, 21 Jan 2023 20:13:18 GMT
Cache-Control: max-age=30
Strict-Transport-Security: max-age=31536000;
Content-Encoding: gzip

20betlp.com/bonus-wheel-en/css/media.css

37.252.8.95

200 OK

683 B

URL HTTP/1.1
20betlp.com/bonus-wheel-en/css/media.css
IP
37.252.8.95:0
ASN
#42708 GleSYS AB

File type
ASCII text
Size
683 B (683 bytes)
Hash
62eeedcb147782e36e45fdc1b729986f
a313491431992254578f66c453aeb13cfb74d32f
34fa0adb22eeb0e39ad94be91ec1bc92e2dd12f86695510aec7fbfdd91660bf2

HTTP Headers

GET /bonus-wheel-en/css/media.css HTTP/1.1
Host: 20betlp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/bonus-wheel-en/?btag=667089_56020FE892A84B32AB0CF9C4953AEB00&clickid=9df44x9ydxstl8a4&campaign=1642&trafficsource=62
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sat, 21 Jan 2023 20:12:48 GMT
Content-Type: text/css
Last-Modified: Tue, 09 Nov 2021 09:35:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"618a40c6-a4f"
Expires: Sat, 21 Jan 2023 20:13:18 GMT
Cache-Control: max-age=30
Strict-Transport-Security: max-age=31536000;
Content-Encoding: gzip

20betlp.com/bonus-wheel-en/css/animation.css

37.252.8.95

200 OK

942 B

URL HTTP/1.1
20betlp.com/bonus-wheel-en/css/animation.css
IP
37.252.8.95:0
ASN
#42708 GleSYS AB

File type
ASCII text
Size
942 B (942 bytes)
Hash
750d918201188f29886c58f10d4146a4
efc731484d3b10f60de17baf34a4f85c42464a6a
6ca0c67d84ee7da96eef03e0a696ced35ac4d44b6f752a363861a9034b8f560e

HTTP Headers

GET /bonus-wheel-en/css/animation.css HTTP/1.1
Host: 20betlp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/bonus-wheel-en/?btag=667089_56020FE892A84B32AB0CF9C4953AEB00&clickid=9df44x9ydxstl8a4&campaign=1642&trafficsource=62
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sat, 21 Jan 2023 20:12:48 GMT
Content-Type: text/css
Last-Modified: Wed, 10 Nov 2021 14:37:39 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"618bd933-2f55"
Expires: Sat, 21 Jan 2023 20:13:18 GMT
Cache-Control: max-age=30
Strict-Transport-Security: max-age=31536000;
Content-Encoding: gzip

20betlp.com/bonus-wheel-en/js/main.js

37.252.8.95

200 OK

337 B

URL HTTP/1.1
20betlp.com/bonus-wheel-en/js/main.js
IP
37.252.8.95:0
ASN
#42708 GleSYS AB

File type
ASCII text
Size
337 B (337 bytes)
Hash
2a749c98673b6fd39be2b6f98dbac273
f536836a45df4c8fed6b667c674e1ec708aa9efe
0638e3aeb297166e0175dcf1abbab179e655196a653682196c7a8e794598fa47

HTTP Headers

GET /bonus-wheel-en/js/main.js HTTP/1.1
Host: 20betlp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/bonus-wheel-en/?btag=667089_56020FE892A84B32AB0CF9C4953AEB00&clickid=9df44x9ydxstl8a4&campaign=1642&trafficsource=62
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sat, 21 Jan 2023 20:12:48 GMT
Content-Type: application/javascript; charset=UTF-8
Last-Modified: Thu, 11 Nov 2021 10:29:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"618cf09e-40a"
Expires: Sat, 21 Jan 2023 20:13:18 GMT
Cache-Control: max-age=30
Strict-Transport-Security: max-age=31536000;
Content-Encoding: gzip

20betlp.com/bonus-wheel-en/js/jquery-3.3.1.min.js

37.252.8.95

200 OK

30 kB

URL HTTP/1.1
20betlp.com/bonus-wheel-en/js/jquery-3.3.1.min.js
IP
37.252.8.95:0
ASN
#42708 GleSYS AB

File type
ASCII text, with very long lines (65451)
Size
30 kB (30541 bytes)
Hash
8c94335279b4912ce3f2d6806ce9687a
81f77bfa6a35e3d8260d083074c92a99b8893a36
9075f5a34529dd0bbb9edb86c011a755f5138e2ba7006a12c5c57e87c588c1b8

HTTP Headers

GET /bonus-wheel-en/js/jquery-3.3.1.min.js HTTP/1.1
Host: 20betlp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/bonus-wheel-en/?btag=667089_56020FE892A84B32AB0CF9C4953AEB00&clickid=9df44x9ydxstl8a4&campaign=1642&trafficsource=62
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sat, 21 Jan 2023 20:12:48 GMT
Content-Type: application/javascript; charset=UTF-8
Last-Modified: Mon, 08 Nov 2021 13:54:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"61892bfa-1538e"
Expires: Sat, 21 Jan 2023 20:13:18 GMT
Cache-Control: max-age=30
Strict-Transport-Security: max-age=31536000;
Content-Encoding: gzip

20betlp.com/bonus-wheel-en/images/logo/visamc_new.png

37.252.8.95

200 OK

3.4 kB

URL HTTP/1.1
20betlp.com/bonus-wheel-en/images/logo/visamc_new.png
IP
37.252.8.95:0
ASN
#42708 GleSYS AB

File type
PNG image data, 100 x 33, 8-bit/color RGBA, non-interlaced\012- data
Size
3.4 kB (3374 bytes)
Hash
42ae8796fddaf0636035e39d98c4f15a
de35eaaf6df81c0570ec58833581617ad2099a60
4b9dc457817a3a2578a394834ecd291c8a352ad280e35e62024dda1f2dab73e9

HTTP Headers

GET /bonus-wheel-en/images/logo/visamc_new.png HTTP/1.1
Host: 20betlp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/bonus-wheel-en/?btag=667089_56020FE892A84B32AB0CF9C4953AEB00&clickid=9df44x9ydxstl8a4&campaign=1642&trafficsource=62
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sat, 21 Jan 2023 20:12:48 GMT
Content-Type: image/png
Content-Length: 3374
Last-Modified: Tue, 09 Nov 2021 09:12:17 GMT
Connection: keep-alive
ETag: "618a3b71-d2e"
Expires: Sat, 21 Jan 2023 20:13:18 GMT
Cache-Control: max-age=30
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

20betlp.com/bonus-wheel-en/images/logo/neteller_new.png

37.252.8.95

200 OK

4.2 kB

URL HTTP/1.1
20betlp.com/bonus-wheel-en/images/logo/neteller_new.png
IP
37.252.8.95:0
ASN
#42708 GleSYS AB

File type
PNG image data, 185 x 34, 8-bit/color RGBA, non-interlaced\012- data
Size
4.2 kB (4162 bytes)
Hash
0d4d7708d1139fd4793741e35d091d6d
3a12ff356a277abc12418a656fdd973ea496bac0
464604486ca20b0d844cc62b4af2a8550942aa2972f402d7a8da06e332f7702a

HTTP Headers

GET /bonus-wheel-en/images/logo/neteller_new.png HTTP/1.1
Host: 20betlp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/bonus-wheel-en/?btag=667089_56020FE892A84B32AB0CF9C4953AEB00&clickid=9df44x9ydxstl8a4&campaign=1642&trafficsource=62
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sat, 21 Jan 2023 20:12:48 GMT
Content-Type: image/png
Content-Length: 4162
Last-Modified: Tue, 09 Nov 2021 09:13:00 GMT
Connection: keep-alive
ETag: "618a3b9c-1042"
Expires: Sat, 21 Jan 2023 20:13:18 GMT
Cache-Control: max-age=30
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

20betlp.com/bonus-wheel-en/images/logo/skrill_new.png

37.252.8.95

200 OK

3.1 kB

URL HTTP/1.1
20betlp.com/bonus-wheel-en/images/logo/skrill_new.png
IP
37.252.8.95:0
ASN
#42708 GleSYS AB

File type
PNG image data, 105 x 37, 8-bit/color RGBA, non-interlaced\012- data
Size
3.1 kB (3056 bytes)
Hash
f7f53770508e4524d76a646e42489eed
b5b3ee0f8d851744947d03675426f297c9f1dd53
be653dca4bc909851e0ef709ec9ae0feeb50e3a67c8e4454bfff01c6a85b0757

HTTP Headers

GET /bonus-wheel-en/images/logo/skrill_new.png HTTP/1.1
Host: 20betlp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/bonus-wheel-en/?btag=667089_56020FE892A84B32AB0CF9C4953AEB00&clickid=9df44x9ydxstl8a4&campaign=1642&trafficsource=62
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sat, 21 Jan 2023 20:12:48 GMT
Content-Type: image/png
Content-Length: 3056
Last-Modified: Tue, 09 Nov 2021 09:12:46 GMT
Connection: keep-alive
ETag: "618a3b8e-bf0"
Expires: Sat, 21 Jan 2023 20:13:18 GMT
Cache-Control: max-age=30
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

20betlp.com/bonus-wheel-en/images/logo/flexepin_new.png

37.252.8.95

200 OK

2.8 kB

URL HTTP/1.1
20betlp.com/bonus-wheel-en/images/logo/flexepin_new.png
IP
37.252.8.95:0
ASN
#42708 GleSYS AB

File type
PNG image data, 100 x 35, 8-bit/color RGBA, non-interlaced\012- data
Size
2.8 kB (2827 bytes)
Hash
f49c033c892d92fe21bbbd093216f94c
cd6648cc417b11747dcc1071c619ee133445abba
b12fb0ae0a41fb3dc4a379f1bae8344cf7b3b093b6f336005964e3c8b298197c

HTTP Headers

GET /bonus-wheel-en/images/logo/flexepin_new.png HTTP/1.1
Host: 20betlp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/bonus-wheel-en/?btag=667089_56020FE892A84B32AB0CF9C4953AEB00&clickid=9df44x9ydxstl8a4&campaign=1642&trafficsource=62
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sat, 21 Jan 2023 20:12:48 GMT
Content-Type: image/png
Content-Length: 2827
Last-Modified: Tue, 09 Nov 2021 09:13:40 GMT
Connection: keep-alive
ETag: "618a3bc4-b0b"
Expires: Sat, 21 Jan 2023 20:13:18 GMT
Cache-Control: max-age=30
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

20betlp.com/bonus-wheel-en/images/logo/muchbetter.png

37.252.8.95

200 OK

4.7 kB

URL HTTP/1.1
20betlp.com/bonus-wheel-en/images/logo/muchbetter.png
IP
37.252.8.95:0
ASN
#42708 GleSYS AB

File type
PNG image data, 161 x 36, 8-bit/color RGBA, non-interlaced\012- data
Size
4.7 kB (4712 bytes)
Hash
909e39a66412fc4b6687e293a69057dd
71b11cf1d7631f1febae4eba3ce40ae0483f8dd6
c6842348624c6b4fa14e6134b46d06ff4f204b86e22cfe0247347643be257cc4

HTTP Headers

GET /bonus-wheel-en/images/logo/muchbetter.png HTTP/1.1
Host: 20betlp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/bonus-wheel-en/?btag=667089_56020FE892A84B32AB0CF9C4953AEB00&clickid=9df44x9ydxstl8a4&campaign=1642&trafficsource=62
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sat, 21 Jan 2023 20:12:48 GMT
Content-Type: image/png
Content-Length: 4712
Last-Modified: Tue, 09 Nov 2021 09:13:32 GMT
Connection: keep-alive
ETag: "618a3bbc-1268"
Expires: Sat, 21 Jan 2023 20:13:18 GMT
Cache-Control: max-age=30
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

20betlp.com/bonus-wheel-en/images/logo/net_banking.png

37.252.8.95

200 OK

2.5 kB

URL HTTP/1.1
20betlp.com/bonus-wheel-en/images/logo/net_banking.png
IP
37.252.8.95:0
ASN
#42708 GleSYS AB

File type
PNG image data, 120 x 49, 8-bit/color RGBA, non-interlaced\012- data
Size
2.5 kB (2465 bytes)
Hash
c46d90c5747589b5c68afcd95356c976
7bd5c560be0c147e709fb7836e2b5045bce8aae3
db740d8801f6dc3c0500c5e398b6a8e00a3f15fcf9cb1adbb1e5ae7b4f8c4fd1

HTTP Headers

GET /bonus-wheel-en/images/logo/net_banking.png HTTP/1.1
Host: 20betlp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/bonus-wheel-en/?btag=667089_56020FE892A84B32AB0CF9C4953AEB00&clickid=9df44x9ydxstl8a4&campaign=1642&trafficsource=62
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sat, 21 Jan 2023 20:12:48 GMT
Content-Type: image/png
Content-Length: 2465
Last-Modified: Tue, 09 Nov 2021 09:13:17 GMT
Connection: keep-alive
ETag: "618a3bad-9a1"
Expires: Sat, 21 Jan 2023 20:13:18 GMT
Cache-Control: max-age=30
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

20betlp.com/bonus-wheel-en/images/logo/GPay.png

37.252.8.95

200 OK

2.6 kB

URL HTTP/1.1
20betlp.com/bonus-wheel-en/images/logo/GPay.png
IP
37.252.8.95:0
ASN
#42708 GleSYS AB

File type
PNG image data, 93 x 38, 8-bit/color RGBA, non-interlaced\012- data
Size
2.6 kB (2570 bytes)
Hash
17d672ffde367ad80132340957c887c5
4f712364b138c122c7a00b65c14f683f96fe3bd2
232c254eaaf82129dc93368897f25f1c82161dbeb3f7676d7fabaff1b9e542fa

HTTP Headers

GET /bonus-wheel-en/images/logo/GPay.png HTTP/1.1
Host: 20betlp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/bonus-wheel-en/?btag=667089_56020FE892A84B32AB0CF9C4953AEB00&clickid=9df44x9ydxstl8a4&campaign=1642&trafficsource=62
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sat, 21 Jan 2023 20:12:48 GMT
Content-Type: image/png
Content-Length: 2570
Last-Modified: Tue, 09 Nov 2021 09:14:10 GMT
Connection: keep-alive
ETag: "618a3be2-a0a"
Expires: Sat, 21 Jan 2023 20:13:18 GMT
Cache-Control: max-age=30
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

20betlp.com/bonus-wheel-en/images/logo/jeton.png

37.252.8.95

200 OK

7.1 kB

URL HTTP/1.1
20betlp.com/bonus-wheel-en/images/logo/jeton.png
IP
37.252.8.95:0
ASN
#42708 GleSYS AB

File type
PNG image data, 123 x 39, 8-bit/color RGBA, non-interlaced\012- data
Size
7.1 kB (7056 bytes)
Hash
615d8d9fe9f2056b2fbcd00cb25312cf
57278c236bb6559f44c3e9b64663973ba8317e5b
abab9115e653ee3830e6fe4c0b226a21b4aceb78afd01246aec384d2783633f8

HTTP Headers

GET /bonus-wheel-en/images/logo/jeton.png HTTP/1.1
Host: 20betlp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/bonus-wheel-en/?btag=667089_56020FE892A84B32AB0CF9C4953AEB00&clickid=9df44x9ydxstl8a4&campaign=1642&trafficsource=62
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sat, 21 Jan 2023 20:12:48 GMT
Content-Type: image/png
Content-Length: 7056
Last-Modified: Tue, 09 Nov 2021 09:13:59 GMT
Connection: keep-alive
ETag: "618a3bd7-1b90"
Expires: Sat, 21 Jan 2023 20:13:18 GMT
Cache-Control: max-age=30
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

20betlp.com/bonus-wheel-en/images/logo/perfectmoney_new.png

37.252.8.95

200 OK

5.2 kB

URL HTTP/1.1
20betlp.com/bonus-wheel-en/images/logo/perfectmoney_new.png
IP
37.252.8.95:0
ASN
#42708 GleSYS AB

File type
PNG image data, 168 x 35, 8-bit/color RGBA, non-interlaced\012- data
Size
5.2 kB (5175 bytes)
Hash
d29926bb1a723d10d6b5154e6801b6b4
a876e717672fa93ab89e88761e0a2f7585e90b60
6a4a985776ed324898260272af353d531ecd717db104a1d62a49bb64f64f3b19

HTTP Headers

GET /bonus-wheel-en/images/logo/perfectmoney_new.png HTTP/1.1
Host: 20betlp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/bonus-wheel-en/?btag=667089_56020FE892A84B32AB0CF9C4953AEB00&clickid=9df44x9ydxstl8a4&campaign=1642&trafficsource=62
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sat, 21 Jan 2023 20:12:48 GMT
Content-Type: image/png
Content-Length: 5175
Last-Modified: Tue, 09 Nov 2021 09:13:48 GMT
Connection: keep-alive
ETag: "618a3bcc-1437"
Expires: Sat, 21 Jan 2023 20:13:18 GMT
Cache-Control: max-age=30
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

20betlp.com/bonus-wheel-en/images/copyright.png

37.252.8.95

200 OK

3.4 kB

URL HTTP/1.1
20betlp.com/bonus-wheel-en/images/copyright.png
IP
37.252.8.95:0
ASN
#42708 GleSYS AB

File type
PNG image data, 50 x 49, 8-bit/color RGBA, non-interlaced\012- data
Size
3.4 kB (3443 bytes)
Hash
773e24b3c400ffb8bf6619fa6b2a0430
2ed762770d5f3f257df2f648e80e6376b09c8823
d1ecd9f01b462dcd82ae6c90908dbf63d02c35c0eae9b65a17570dd361fe74e4

HTTP Headers

GET /bonus-wheel-en/images/copyright.png HTTP/1.1
Host: 20betlp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/bonus-wheel-en/?btag=667089_56020FE892A84B32AB0CF9C4953AEB00&clickid=9df44x9ydxstl8a4&campaign=1642&trafficsource=62
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sat, 21 Jan 2023 20:12:48 GMT
Content-Type: image/png
Content-Length: 3443
Last-Modified: Mon, 08 Nov 2021 15:54:19 GMT
Connection: keep-alive
ETag: "6189482b-d73"
Expires: Sat, 21 Jan 2023 20:13:18 GMT
Cache-Control: max-age=30
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

20betlp.com/bonus-wheel-en/images/logo.png

37.252.8.95

200 OK

17 kB

URL HTTP/1.1
20betlp.com/bonus-wheel-en/images/logo.png
IP
37.252.8.95:0
ASN
#42708 GleSYS AB

File type
PNG image data, 254 x 124, 8-bit/color RGBA, non-interlaced\012- data
Size
17 kB (17049 bytes)
Hash
78def5eabf59675b4f0ee3e6649a03f7
67a6dafdbea7d307b9dfb3b18718e282e46fd219
f1a1ffabc45b0570df933b634a743941db677176ad0a917de8e95848b36f4a47

HTTP Headers

GET /bonus-wheel-en/images/logo.png HTTP/1.1
Host: 20betlp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/bonus-wheel-en/?btag=667089_56020FE892A84B32AB0CF9C4953AEB00&clickid=9df44x9ydxstl8a4&campaign=1642&trafficsource=62
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sat, 21 Jan 2023 20:12:48 GMT
Content-Type: image/png
Content-Length: 17049
Last-Modified: Tue, 09 Nov 2021 08:59:54 GMT
Connection: keep-alive
ETag: "618a388a-4299"
Expires: Sat, 21 Jan 2023 20:13:18 GMT
Cache-Control: max-age=30
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
c0f67edfa92ff11474d17ad3160ed43e
a43cc627d3c9258bdbe14ff3ceeed1c98496ff50
309dea4b94ceda4ec43c2f944cdfad61434c96eaafd172bc55c39545f3bf5a1e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 20:12:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

20betlp.com/bonus-wheel-en/images/logo/ecopayz.png

37.252.8.95

200 OK

5.2 kB

URL HTTP/1.1
20betlp.com/bonus-wheel-en/images/logo/ecopayz.png
IP
37.252.8.95:0
ASN
#42708 GleSYS AB

File type
PNG image data, 146 x 36, 8-bit/color RGBA, non-interlaced\012- data
Size
5.2 kB (5161 bytes)
Hash
0d4dbdc5ecb23f1a8798513f2f728155
f8693c37c36af34771b0d188aed78fd289767e65
1b31125b4beb00232b1566676ff8dda6d68b5dabb2b4471296cc7c10d009b000

HTTP Headers

GET /bonus-wheel-en/images/logo/ecopayz.png HTTP/1.1
Host: 20betlp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/bonus-wheel-en/?btag=667089_56020FE892A84B32AB0CF9C4953AEB00&clickid=9df44x9ydxstl8a4&campaign=1642&trafficsource=62
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sat, 21 Jan 2023 20:12:48 GMT
Content-Type: image/png
Content-Length: 5161
Last-Modified: Tue, 09 Nov 2021 09:14:25 GMT
Connection: keep-alive
ETag: "618a3bf1-1429"
Expires: Sat, 21 Jan 2023 20:13:18 GMT
Cache-Control: max-age=30
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

20betlp.com/bonus-wheel-en/images/stopper.png

37.252.8.95

200 OK

6.9 kB

URL HTTP/1.1
20betlp.com/bonus-wheel-en/images/stopper.png
IP
37.252.8.95:0
ASN
#42708 GleSYS AB

File type
PNG image data, 69 x 81, 8-bit/color RGBA, non-interlaced\012- data
Size
6.9 kB (6945 bytes)
Hash
ccdaf73595b088b4fc63428f9fe100e2
081fc4e5f0d9f0b519d40e5dd760ea28f1b7c444
d7d9fcc51b3da99da21f8be521d60b994ef891ee083e68e93c8f76de755ce966

HTTP Headers

GET /bonus-wheel-en/images/stopper.png HTTP/1.1
Host: 20betlp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/bonus-wheel-en/?btag=667089_56020FE892A84B32AB0CF9C4953AEB00&clickid=9df44x9ydxstl8a4&campaign=1642&trafficsource=62
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sat, 21 Jan 2023 20:12:48 GMT
Content-Type: image/png
Content-Length: 6945
Last-Modified: Mon, 08 Nov 2021 14:28:44 GMT
Connection: keep-alive
ETag: "6189341c-1b21"
Expires: Sat, 21 Jan 2023 20:13:18 GMT
Cache-Control: max-age=30
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

www.googletagmanager.com/gtm.js?id=GTM-55HKBB7

142.250.74.168

200 OK

60 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-55HKBB7
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (26711)
Size
60 kB (59696 bytes)
Hash
f662ae969cfb3af03a967a200968d8c8
035f98b204c6090cfc4197564477db9349dc8d37
8c92bc92309fe2c4db87da0b65818252ec7d634d3bef53aeea34a327c066d18b

HTTP Headers

GET /gtm.js?id=GTM-55HKBB7 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 21 Jan 2023 20:12:48 GMT
expires: Sat, 21 Jan 2023 20:12:48 GMT
cache-control: private, max-age=900
last-modified: Sat, 21 Jan 2023 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 59696
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

20betlp.com/bonus-wheel-en/fonts/Roboto-Regular.woff2

37.252.8.95

200 OK

63 kB

URL HTTP/1.1
20betlp.com/bonus-wheel-en/fonts/Roboto-Regular.woff2
IP
37.252.8.95:0
ASN
#42708 GleSYS AB

File type
Web Open Font Format (Version 2), TrueType, length 63212, version 1.0\012- data
Size
63 kB (63212 bytes)
Hash
ac35bf2f313045353c04a3803608fec3
131f8a84c9daa2a8245f0e16dc90ef4a295d0d2a
0aff3d001df2f4a793cb90be4ef4b9b79d0c8d661e568aff19d9c1f0050f2d6b

HTTP Headers

GET /bonus-wheel-en/fonts/Roboto-Regular.woff2 HTTP/1.1
Host: 20betlp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://20betlp.com/bonus-wheel-en/css/main.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sat, 21 Jan 2023 20:12:48 GMT
Content-Type: font/woff2
Content-Length: 63212
Connection: keep-alive
Last-Modified: Mon, 08 Nov 2021 13:53:58 GMT
ETag: "f6ec-5d047530a6980"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=31536000;

20betlp.com/bonus-wheel-en/images/make-a-spin.png

37.252.8.95

200 OK

127 kB

URL HTTP/1.1
20betlp.com/bonus-wheel-en/images/make-a-spin.png
IP
37.252.8.95:0
ASN
#42708 GleSYS AB

File type
PNG image data, 744 x 201, 8-bit/color RGBA, non-interlaced\012- data
Size
127 kB (126955 bytes)
Hash
2cab480711ffc79de987c81449ae9eaa
8ac2d4324e60cebaacd09aaa5c58b54b26d12fca
12ffa9a312269979d2cc05b4b553e54570a8149d6ebc0671d263662bd3dce225

HTTP Headers

GET /bonus-wheel-en/images/make-a-spin.png HTTP/1.1
Host: 20betlp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/bonus-wheel-en/?btag=667089_56020FE892A84B32AB0CF9C4953AEB00&clickid=9df44x9ydxstl8a4&campaign=1642&trafficsource=62
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sat, 21 Jan 2023 20:12:48 GMT
Content-Type: image/png
Content-Length: 126955
Last-Modified: Mon, 08 Nov 2021 14:47:19 GMT
Connection: keep-alive
ETag: "61893877-1efeb"
Expires: Sat, 21 Jan 2023 20:13:18 GMT
Cache-Control: max-age=30
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
bccd1fe14275d3bb56418297e502cd10
cdf19d2a4099ada369589fc7aa7021f9b30302aa
801e8b57b77806d98fe23b8421a8fdba9f1138827cc320cb5dcc986161aa7ca4

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 20:12:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

20betlp.com/bonus-wheel-en/audio/fanfare-2.mp3

37.252.8.95

206 Partial Content

101 kB

URL HTTP/1.1
20betlp.com/bonus-wheel-en/audio/fanfare-2.mp3
IP
37.252.8.95:0
ASN
#42708 GleSYS AB

File type
Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 192 kbps, 44.1 kHz, JntStereo\012- data
Size
101 kB (101007 bytes)
Hash
88da6b9ed0e64ef406ab5e7b3474b227
92068d14a2c4cf93de697cf9abc9496c3c5c481b
1210732e4a4fa21a700492498829f6370b9d2a3343bfd5382af9f42b1158d4e3

HTTP Headers

GET /bonus-wheel-en/audio/fanfare-2.mp3 HTTP/1.1
Host: 20betlp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://20betlp.com/bonus-wheel-en/?btag=667089_56020FE892A84B32AB0CF9C4953AEB00&clickid=9df44x9ydxstl8a4&campaign=1642&trafficsource=62
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 206 Partial Content
Server: nginx/1.14.1
Date: Sat, 21 Jan 2023 20:12:48 GMT
Content-Type: audio/mpeg
Content-Length: 101007
Last-Modified: Mon, 08 Nov 2021 13:54:03 GMT
Connection: keep-alive
ETag: "61892bfb-18a8f"
Expires: Sat, 21 Jan 2023 20:13:18 GMT
Cache-Control: max-age=30
Strict-Transport-Security: max-age=31536000;
Content-Range: bytes 0-101006/101007

20betlp.com/bonus-wheel-en/images/wheel-bg.png

37.252.8.95

200 OK

212 kB

URL HTTP/1.1
20betlp.com/bonus-wheel-en/images/wheel-bg.png
IP
37.252.8.95:0
ASN
#42708 GleSYS AB

File type
PNG image data, 601 x 601, 8-bit/color RGBA, non-interlaced\012- data
Size
212 kB (211550 bytes)
Hash
77f3339675a5bf3bca71968782a857a9
31a4c7cbeba109adfafd495cac9f9a5b33d76652
221badfcf9c1a76ed140fe77ada496f91140c841efd09bf2335bbfb336d876bf

HTTP Headers

GET /bonus-wheel-en/images/wheel-bg.png HTTP/1.1
Host: 20betlp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/bonus-wheel-en/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sat, 21 Jan 2023 20:12:48 GMT
Content-Type: image/png
Content-Length: 211550
Last-Modified: Mon, 08 Nov 2021 14:06:03 GMT
Connection: keep-alive
ETag: "61892ecb-33a5e"
Expires: Sat, 21 Jan 2023 20:13:18 GMT
Cache-Control: max-age=30
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

20betlp.com/bonus-wheel-en/images/spin-btn.png

37.252.8.95

200 OK

51 kB

URL HTTP/1.1
20betlp.com/bonus-wheel-en/images/spin-btn.png
IP
37.252.8.95:0
ASN
#42708 GleSYS AB

File type
PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size
51 kB (51216 bytes)
Hash
618d28fd139fa818dd979927def57561
fb2e676d80e87ba983e8bd6975f0c698829dab04
959554bbe25ce29001bbe2e2b4ba8e862c4a1b962765bf6b179e11fb4b1dea29

HTTP Headers

GET /bonus-wheel-en/images/spin-btn.png HTTP/1.1
Host: 20betlp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/bonus-wheel-en/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sat, 21 Jan 2023 20:12:48 GMT
Content-Type: image/png
Content-Length: 51216
Last-Modified: Mon, 08 Nov 2021 14:26:51 GMT
Connection: keep-alive
ETag: "618933ab-c810"
Expires: Sat, 21 Jan 2023 20:13:18 GMT
Cache-Control: max-age=30
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

20betlp.com/bonus-wheel-en/audio/fanfare-1.mp3

37.252.8.95

206 Partial Content

101 kB

URL HTTP/1.1
20betlp.com/bonus-wheel-en/audio/fanfare-1.mp3
IP
37.252.8.95:0
ASN
#42708 GleSYS AB

File type
Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 192 kbps, 44.1 kHz, JntStereo\012- data
Size
101 kB (101007 bytes)
Hash
54d91dc77f4e905b3d90b66441f6333a
c213f2c642c93ac76191e61d9fe530f39340b361
ae6d928ca56dcdb0635db0cfad425de2edeafb27fa4053eb8e9f30d07ee787c5

HTTP Headers

GET /bonus-wheel-en/audio/fanfare-1.mp3 HTTP/1.1
Host: 20betlp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://20betlp.com/bonus-wheel-en/?btag=667089_56020FE892A84B32AB0CF9C4953AEB00&clickid=9df44x9ydxstl8a4&campaign=1642&trafficsource=62
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 206 Partial Content
Server: nginx/1.14.1
Date: Sat, 21 Jan 2023 20:12:48 GMT
Content-Type: audio/mpeg
Content-Length: 101007
Last-Modified: Mon, 08 Nov 2021 13:54:03 GMT
Connection: keep-alive
ETag: "61892bfb-18a8f"
Expires: Sat, 21 Jan 2023 20:13:18 GMT
Cache-Control: max-age=30
Strict-Transport-Security: max-age=31536000;
Content-Range: bytes 0-101006/101007

20betlp.com/bonus-wheel-en/images/logo/crypto.png

37.252.8.95

200 OK

3.9 kB

URL HTTP/1.1
20betlp.com/bonus-wheel-en/images/logo/crypto.png
IP
37.252.8.95:0
ASN
#42708 GleSYS AB

File type
PNG image data, 112 x 33, 8-bit/color RGBA, non-interlaced\012- data
Size
3.9 kB (3940 bytes)
Hash
4a02abf14ae557f358e5ad08779e5c63
ca1255e1af637643cfc37819686205fa98e52ab7
6b9c714743ae2b5fed2333459c1e6c5c092673ff7243a3b08427abea21b306f2

HTTP Headers

GET /bonus-wheel-en/images/logo/crypto.png HTTP/1.1
Host: 20betlp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/bonus-wheel-en/?btag=667089_56020FE892A84B32AB0CF9C4953AEB00&clickid=9df44x9ydxstl8a4&campaign=1642&trafficsource=62
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sat, 21 Jan 2023 20:12:48 GMT
Content-Type: image/png
Content-Length: 3940
Last-Modified: Tue, 09 Nov 2021 09:12:36 GMT
Connection: keep-alive
ETag: "618a3b84-f64"
Expires: Sat, 21 Jan 2023 20:13:18 GMT
Cache-Control: max-age=30
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

20betlp.com/bonus-wheel-en/images/logo/sticpay_new.png

37.252.8.95

200 OK

5.9 kB

URL HTTP/1.1
20betlp.com/bonus-wheel-en/images/logo/sticpay_new.png
IP
37.252.8.95:0
ASN
#42708 GleSYS AB

File type
PNG image data, 156 x 34, 8-bit/color RGBA, non-interlaced\012- data
Size
5.9 kB (5850 bytes)
Hash
915e8659fe4104a9edca936e3b64af6f
237f1ddfabd6ed0654923ac52f65ed2853479004
37b66b4f7682f3d582194a6509946b7fab719aa66a16e576793abc5402c4fecc

HTTP Headers

GET /bonus-wheel-en/images/logo/sticpay_new.png HTTP/1.1
Host: 20betlp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/bonus-wheel-en/?btag=667089_56020FE892A84B32AB0CF9C4953AEB00&clickid=9df44x9ydxstl8a4&campaign=1642&trafficsource=62
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sat, 21 Jan 2023 20:12:48 GMT
Content-Type: image/png
Content-Length: 5850
Last-Modified: Tue, 09 Nov 2021 09:14:18 GMT
Connection: keep-alive
ETag: "618a3bea-16da"
Expires: Sat, 21 Jan 2023 20:13:18 GMT
Cache-Control: max-age=30
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

20betlp.com/bonus-wheel-en/images/wheel-fg.png

37.252.8.95

200 OK

236 kB

URL HTTP/1.1
20betlp.com/bonus-wheel-en/images/wheel-fg.png
IP
37.252.8.95:0
ASN
#42708 GleSYS AB

File type
PNG image data, 528 x 527, 8-bit/color RGBA, non-interlaced\012- data
Size
236 kB (236388 bytes)
Hash
d2e97dbd7ae4c54b415a151f39be0887
9d38dd892fbd1a93e7a61788498f72824e3b9ada
905712289eb6fa7638607e41d96ad085d59a0748f52f6068df99fb8a894b4f47

HTTP Headers

GET /bonus-wheel-en/images/wheel-fg.png HTTP/1.1
Host: 20betlp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/bonus-wheel-en/?btag=667089_56020FE892A84B32AB0CF9C4953AEB00&clickid=9df44x9ydxstl8a4&campaign=1642&trafficsource=62
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sat, 21 Jan 2023 20:12:48 GMT
Content-Type: image/png
Content-Length: 236388
Last-Modified: Mon, 08 Nov 2021 04:17:16 GMT
Connection: keep-alive
ETag: "6188a4cc-39b64"
Expires: Sat, 21 Jan 2023 20:13:18 GMT
Cache-Control: max-age=30
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

20betlp.com/bonus-wheel-en/audio/wheel.mp3

37.252.8.95

206 Partial Content

126 kB

URL HTTP/1.1
20betlp.com/bonus-wheel-en/audio/wheel.mp3
IP
37.252.8.95:0
ASN
#42708 GleSYS AB

File type
Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 192 kbps, 44.1 kHz, JntStereo\012- data
Size
126 kB (126084 bytes)
Hash
20e886554f6b25f85110df851f55a460
0a94793f9bd1866580d62b70a2826904b7e167b0
6fd75847fcb250dd04d637286da58286cf472482af2840f9aabbf5845bb941ca

HTTP Headers

GET /bonus-wheel-en/audio/wheel.mp3 HTTP/1.1
Host: 20betlp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://20betlp.com/bonus-wheel-en/?btag=667089_56020FE892A84B32AB0CF9C4953AEB00&clickid=9df44x9ydxstl8a4&campaign=1642&trafficsource=62
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 206 Partial Content
Server: nginx/1.14.1
Date: Sat, 21 Jan 2023 20:12:48 GMT
Content-Type: audio/mpeg
Content-Length: 126084
Last-Modified: Mon, 08 Nov 2021 13:54:03 GMT
Connection: keep-alive
ETag: "61892bfb-1ec84"
Expires: Sat, 21 Jan 2023 20:13:18 GMT
Cache-Control: max-age=30
Strict-Transport-Security: max-age=31536000;
Content-Range: bytes 0-126083/126084

20betlp.com/bonus-wheel-en/images/main-bg.png

37.252.8.95

200 OK

2.6 MB

URL HTTP/1.1
20betlp.com/bonus-wheel-en/images/main-bg.png
IP
37.252.8.95:0
ASN
#42708 GleSYS AB

File type
PNG image data, 1920 x 1080, 8-bit/color RGBA, non-interlaced\012- data
Size
2.6 MB (2577577 bytes)
Hash
2d4ab198ac7a6dce01ac7edd60989fc5
9b549e73d6f54a81950adf3b8d636b2e8f15657b
8929ccea9d65858ea6428174d8ca029dd52ff1a020d20e10b9ddeac3a33ae5e7

HTTP Headers

GET /bonus-wheel-en/images/main-bg.png HTTP/1.1
Host: 20betlp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/bonus-wheel-en/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sat, 21 Jan 2023 20:12:48 GMT
Content-Type: image/png
Content-Length: 2577577
Last-Modified: Tue, 09 Nov 2021 08:57:20 GMT
Connection: keep-alive
ETag: "618a37f0-2754a9"
Expires: Sat, 21 Jan 2023 20:13:18 GMT
Cache-Control: max-age=30
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

secure.adnxs.com/seg?add=32401244&t=1

185.89.210.101

307 Redirection

0 B

URL HTTP/1.1
secure.adnxs.com/seg?add=32401244&t=1
IP
185.89.210.101:0
ASN
#29990 ASN-APPNEX

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /seg?add=32401244&t=1 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sat, 21 Jan 2023 20:12:48 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D32401244%26t%3D1
AN-X-Request-Uuid: 6b419d1d-5fcf-4002-b390-b01452a139fe
Set-Cookie: uuid2=7787461097750450673; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 21-Apr-2023 20:12:48 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com

ocsp.godaddy.com/

192.124.249.24

200 OK

1.8 kB

URL HTTP/1.1
ocsp.godaddy.com/
IP
192.124.249.24:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1777 bytes)
Hash
1650af3cd580466db29c17ff0c35ce3e
9587dfd70d3fc3a0b0e8638a8eba5090895e2d43
3f4ff3fc32672f61812a7abdd7fe0bbdc9ef55e0f4cf39f4017092e1eeb62e06

HTTP Headers

POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 21 Jan 2023 20:12:48 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 20 Jan 2023 20:35:31 GMT
Expires: Sat, 21 Jan 2023 20:35:31 GMT
ETag: "9587dfd70d3fc3a0b0e8638a8eba5090895e2d43"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

sc-events-sdk.sharechat.com/web-sdk.js

34.120.129.12

200 OK

12 kB

URL HTTP/2
sc-events-sdk.sharechat.com/web-sdk.js
IP
34.120.129.12:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (11862), with no line terminators
Size
12 kB (11862 bytes)
Hash
590bf0022120d1610cba44ba02e12810
5dc081270f226a5e3ee9b47ad279ed2b1cdcf492
07886428aa53f7fa0b69b0b5e236e171be8c492d7020686b0fdec11f572c07a8

HTTP Headers

GET /web-sdk.js HTTP/1.1
Host: sc-events-sdk.sharechat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-guploader-uploadid: ADPycduaUzdXgUyx-xvIySlaWn9WgJFHePPhCWNyJ-kdzKYUkKctSLj7EgQDYdFR3Q-QqUB7MwAemX1OVs0zOi1EOpO3NQ
x-goog-generation: 1667891067679001
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 11862
x-goog-hash: crc32c=ZVy9+A==, md5=WQvwAiEg0WEMukS6AuEoEA==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 11862
server: UploadServer
date: Sat, 21 Jan 2023 19:40:36 GMT
expires: Sat, 21 Jan 2023 20:40:36 GMT
cache-control: public, max-age=3600
age: 1932
last-modified: Tue, 08 Nov 2022 07:04:27 GMT
etag: "590bf0022120d1610cba44ba02e12810"
content-type: application/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

secure.adnxs.com/bounce?%2Fseg%3Fadd%3D32401244%26t%3D1

185.89.210.101

200 OK

0 B

URL HTTP/1.1
secure.adnxs.com/bounce?%2Fseg%3Fadd%3D32401244%26t%3D1
IP
185.89.210.101:0
ASN
#29990 ASN-APPNEX

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /bounce?%2Fseg%3Fadd%3D32401244%26t%3D1 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20betlp.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sat, 21 Jan 2023 20:12:48 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 98049338-6569-4b1f-9041-1bb4294a2283
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2H`bu]*%)!@wnf-Te9(>wL5L!!'9Q$]27l; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 21-Apr-2023 20:12:48 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com

zz.connextra.com/dcs/tagController/tag/d3ea3fb1f9d4/homepage

104.85.191.64

200 OK

16 kB

URL HTTP/2
zz.connextra.com/dcs/tagController/tag/d3ea3fb1f9d4/homepage
IP
104.85.191.64:0
ASN
#16625 AKAMAI-AS

File type
HTML document text\012- exported SGML document, ASCII text, with very long lines (2407)
Size
16 kB (16263 bytes)
Hash
f5c6ed464a100daeec24c257b81aeba4
f73b688dfff651a1342f8f36b2763f16e8fa976e
c62f6ae2fe15b2279beb5110c4d7827a39865b01b4b53caabcbe5686c8eae626

HTTP Headers

GET /dcs/tagController/tag/d3ea3fb1f9d4/homepage HTTP/1.1
Host: zz.connextra.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/javascript;charset=utf-8
content-length: 16263
server: istio-envoy
content-encoding: gzip
x-envoy-upstream-service-time: 3
cache-control: must-revalidate, max-age=34
expires: Sat, 21 Jan 2023 20:13:22 GMT
date: Sat, 21 Jan 2023 20:12:48 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

ocsp.godaddy.com/

192.124.249.24

200 OK

1.8 kB

URL HTTP/1.1
ocsp.godaddy.com/
IP
192.124.249.24:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1777 bytes)
Hash
1650af3cd580466db29c17ff0c35ce3e
9587dfd70d3fc3a0b0e8638a8eba5090895e2d43
3f4ff3fc32672f61812a7abdd7fe0bbdc9ef55e0f4cf39f4017092e1eeb62e06

HTTP Headers

POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 21 Jan 2023 20:12:48 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 20 Jan 2023 20:35:31 GMT
Expires: Sat, 21 Jan 2023 20:35:31 GMT
ETag: "9587dfd70d3fc3a0b0e8638a8eba5090895e2d43"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2481
Expires: Sat, 21 Jan 2023 20:54:10 GMT
Date: Sat, 21 Jan 2023 20:12:49 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2481
Expires: Sat, 21 Jan 2023 20:54:10 GMT
Date: Sat, 21 Jan 2023 20:12:49 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2481
Expires: Sat, 21 Jan 2023 20:54:10 GMT
Date: Sat, 21 Jan 2023 20:12:49 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2481
Expires: Sat, 21 Jan 2023 20:54:10 GMT
Date: Sat, 21 Jan 2023 20:12:49 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc1d34ea3-007b-405d-b0bb-99fdb4b08159.jpeg

34.120.237.76

200 OK

6.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc1d34ea3-007b-405d-b0bb-99fdb4b08159.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.0 kB (5963 bytes)
Hash
447c7832b50421193a9b962e621d8379
eddd33bded6e9c705ed5f0aa2ed036faeefa388f
00946fa4ac2a2c6c23a22e1c5bf2d1d3871975c9730cf522fa7f937bb431e0ba

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc1d34ea3-007b-405d-b0bb-99fdb4b08159.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5963
x-amzn-requestid: ef0681fa-95e9-4c43-94b2-4ebb1ff652b1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e6x_OG3goAMF3wQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c76394-279293ff66d40dd65e0b8481;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 03:12:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 5LBmRNL56mbOmY8ajrSlll2tfCxpMSlKDoym8YzJHUj3fF2Eq61TYw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 11:44:38 GMT
age: 30491
etag: "eddd33bded6e9c705ed5f0aa2ed036faeefa388f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28666e20-8b0b-428c-af81-822361800b23.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.9 kB (6902 bytes)
Hash
ee23b50996d59e5b3d4d99af0d0bc05f
76fbdbd85092cb841ca269206de46cc1b6e0f215
20e83f1e7f48eaee8f946958d4bd94d0c876dd2fdab85f3c4dfe088d7726e0eb

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28666e20-8b0b-428c-af81-822361800b23.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6902
x-amzn-requestid: eac4818f-27cf-4e74-967f-ba9b761e236f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e0uNuF0QIAMFUEg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c4f724-3a8ae0ba482b10f04c90c3b5;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 07:05:08 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: AKGI_lQSNDKkYkcLfgIsQOt8ghMJbouQt26TehAyOBDEkg0ZU-L_Tw==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 09:28:02 GMT
age: 38687
etag: "76fbdbd85092cb841ca269206de46cc1b6e0f215"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

20betlp.com/bonus-wheel-en/images/favicon.png

37.252.8.95

200 OK

2.2 kB

URL HTTP/1.1
20betlp.com/bonus-wheel-en/images/favicon.png
IP
37.252.8.95:0
ASN
#42708 GleSYS AB

File type
PNG image data, 32 x 29, 8-bit colormap, non-interlaced\012- data
Size
2.2 kB (2161 bytes)
Hash
036e0f36b5a13f1fa5ab0dd3241693ff
603c662bc6f6df4adfc53b0ee2b46c2e37bf8e61
432c7a05fd30a114d2edad7833b393a3a5077ca364fbbca7eb256385072f844e

HTTP Headers

GET /bonus-wheel-en/images/favicon.png HTTP/1.1
Host: 20betlp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/bonus-wheel-en/?btag=667089_56020FE892A84B32AB0CF9C4953AEB00&clickid=9df44x9ydxstl8a4&campaign=1642&trafficsource=62
Cookie: _ga_J9LNZYMXZE=GS1.1.1674331967.1.0.1674331967.0.0.0; _ga=GA1.1.822368312.1674331968
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sat, 21 Jan 2023 20:12:49 GMT
Content-Type: image/png
Content-Length: 2161
Last-Modified: Thu, 07 Oct 2021 12:51:34 GMT
Connection: keep-alive
ETag: "615eed56-871"
Expires: Sat, 21 Jan 2023 20:13:19 GMT
Cache-Control: max-age=30
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F970e5016-1064-4d66-9524-d77906184f93.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (12866 bytes)
Hash
2422bc3ba3140462f4507b7a4fe3a746
d2b1d477d56fa40ca4d5e5be4b31667d5e3977a3
90f04120820c28da092bdd235a141a8ae6347f73025dbcf235a1562abf4dd9d6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F970e5016-1064-4d66-9524-d77906184f93.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12866
x-amzn-requestid: fe1078a2-3e26-4906-b7b4-73c9fd315e0a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e6w4ZHPLoAMFw8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c761cf-7ae3119b62b0ccef08dcd2af;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 03:04:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: zL09KSxkGqnwziJ1XtAVONPJ9nxMN1yCzYXvT2ZCWKtHzpStn92YmQ==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 05:46:04 GMT
age: 52005
etag: "d2b1d477d56fa40ca4d5e5be4b31667d5e3977a3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4f85f34-177a-42e1-8337-e98ac6995842.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.1 kB (6068 bytes)
Hash
b48f53e84a3ec564b35cf6b0754d09bb
dc7ad580f90e8af4349f409fb0302a79c672ff99
37d8f9a37eed22705123275ac7a36ff34bcdea1b2faaa7108a7112afe5a8201f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4f85f34-177a-42e1-8337-e98ac6995842.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6068
x-amzn-requestid: 8962c77a-e852-426f-b37a-024546e0a2ee
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fD5VKG_zoAMFgZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb08ed-368af491496d024a0142b0e4;Sampled=0
x-amzn-remapped-date: Fri, 20 Jan 2023 21:34:37 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GVOdNzEzcPvkVkDOfnHOI1RPDfuJ_gUmoqYFkge2Qdp87B0wdOA6Bw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 20 Jan 2023 21:40:03 GMT
age: 81166
etag: "dc7ad580f90e8af4349f409fb0302a79c672ff99"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1122c75-908d-4e51-8a61-b64f7ab77c76.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.1 kB (7111 bytes)
Hash
f5195ac5d83278bed049661c0d1aaa4a
74b3e81e1dfc9f0a50aa936ba02b357c0df3aa9e
30af8f591b2d4f7c8de7d52ea53bb170ca426ef0550001c7802a7f993a6344df

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1122c75-908d-4e51-8a61-b64f7ab77c76.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7111
x-amzn-requestid: d9b5e6b0-3995-4c70-be84-0b1b457b7143
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fAmRlHtkIAMFiGg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c9b73d-37d253ee68fe1b7e483097dd;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 21:33:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 86-hgCgiYN-PYLZgXJO79kM9Vm6DIiRixaz-kQZFaY0m5481x8GWlw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 20 Jan 2023 22:10:04 GMT
age: 79365
etag: "74b3e81e1dfc9f0a50aa936ba02b357c0df3aa9e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcee2448b-66c5-48e7-89de-838393cf3f07.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11562 bytes)
Hash
b08ef55971faa2683ab9f2af8a11dcec
a46c748cccb714f05a068c2438181328b4fbd57a
1d073abf25fbea2d85f34076eae47f9e89502846815094f5288b8e80762a8fe4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcee2448b-66c5-48e7-89de-838393cf3f07.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11562
x-amzn-requestid: c3864d3b-caaa-4c44-a4bd-9339d0eede69
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e-E1UGw4IAMFtyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c8b4ee-703e32aa596019d42680e599;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 03:11:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ZxoIRkRgzS5Hp0D9gzxOiTg3GatK8zSCIokF3NWUghEUmePltkYVRQ==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 03:38:02 GMT
age: 59687
etag: "a46c748cccb714f05a068c2438181328b4fbd57a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
79a7be7bb907212c182fda49673d7ca5
2cc42e5f3fb486b7d971d02779914a68b4a73fee
cc31bed1fb4ddb4093531d618cf9719019fd88420e8a574623b809db216b1aeb

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6464
Cache-Control: max-age=136788
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 20:12:49 GMT
Etag: "63cba155-1d7"
Expires: Mon, 23 Jan 2023 10:12:37 GMT
Last-Modified: Sat, 21 Jan 2023 08:24:53 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
983410dffbd2f6609e689d468279cad3
9ed22350a720ebff727059fa19538dd721252f31
0f772ca05a2b10e54f9d9ba798c555e777461c5d5270b5355df7c303af07297d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4714
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 20:12:49 GMT
Last-Modified: Sat, 21 Jan 2023 18:54:15 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471

www.google-analytics.com/analytics.js

142.250.74.14

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.14:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1490)
Size
20 kB (20085 bytes)
Hash
ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Sat, 21 Jan 2023 19:45:20 GMT
expires: Sat, 21 Jan 2023 21:45:20 GMT
cache-control: public, max-age=7200
age: 1649
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

a.exoclick.com/tag_gen.js

205.185.216.10

200 OK

515 B

URL HTTP/1.1
a.exoclick.com/tag_gen.js
IP
205.185.216.10:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with very long lines (1030), with no line terminators
Size
515 B (515 bytes)
Hash
628e0302068ade64b5f411f39d5ce7e5
ff1a609269f34bad5ae67ed1678df3f7b905d018
c583ceaeae2e9a05e25c27b61520710f16b8b98ca7f9087a75ae90a040b8bc3f

HTTP Headers

GET /tag_gen.js HTTP/1.1
Host: a.exoclick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sat, 21 Jan 2023 20:12:49 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 515
Content-Type: application/javascript
Accept-Ranges: bytes
Cache-Control: max-age=10800
Server: nginx
etag: W/"a56c0470b9aa925085e51a6271a"
X-HW: 1674331969.dop202.sk1.t,1674331969.cds208.sk1.shn,1674331969.dop202.sk1.t,1674331969.cds251.sk1.c
Access-Control-Allow-Origin: *, *

ocsp.digicert.com/

93.184.220.29

200 OK

313 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
313 B (313 bytes)
Hash
e27372427e0202ed22ddfc77fbadbb09
6eb7947822271f5a31942556aa6001fb4a897375
76d81a7957e7d3b7e51ea0359bdce57935586f244e1262219bf42f9f51ebd8d8

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1536
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 20:12:49 GMT
Last-Modified: Sat, 21 Jan 2023 19:47:13 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 313

connect.facebook.net/en_US/fbevents.js

31.13.72.12

200 OK

28 kB

URL HTTP/2
connect.facebook.net/en_US/fbevents.js
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (64348)
Size
28 kB (27859 bytes)
Hash
9ba458c0d3060a442f3094daf58ec05d
fc35d487d0dd81e6855f1b02367b755609d9608d
17087257ea25c2232c025f338b9f3153d35c3d953cb382b7b6e01728a643bc0b

HTTP Headers

GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: qcMuRLn/gC9Mg3d8SekxIB4HwH/od/9P39nf8u3TxFH3p9y34pP4PjdbWPjKfvbNGUQx1hL1eULf/QhQmLFX0A==
content-length: 27859
x-fb-trip-id: 1904183273
date: Sat, 21 Jan 2023 20:12:49 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
983410dffbd2f6609e689d468279cad3
9ed22350a720ebff727059fa19538dd721252f31
0f772ca05a2b10e54f9d9ba798c555e777461c5d5270b5355df7c303af07297d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4714
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 20:12:49 GMT
Last-Modified: Sat, 21 Jan 2023 18:54:15 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471

ocsp.globalsign.com/gseccovsslca2018

104.18.21.226

200 OK

939 B

URL HTTP/1.1
ocsp.globalsign.com/gseccovsslca2018
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
939 B (939 bytes)
Hash
462ca4e2ad016036f5939eaf26b3c665
b72abfd5630285dbb09ce1b4a9a684cfca3032ea
ea1da42c8b34529b2e056a0cea5f93711095cf81789bb10ffc9b16e4e949a4d0

HTTP Headers

POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 21 Jan 2023 20:12:49 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Wed, 25 Jan 2023 18:27:57 GMT
ETag: "b72abfd5630285dbb09ce1b4a9a684cfca3032ea"
Last-Modified: Sat, 21 Jan 2023 18:27:58 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1545
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78d2b4f77d8ab509-OSL

ctrack.trafficjunky.net/ctrack?action=list&type=add&id=notregistered&context=20bet.com&cookiename=notregistered&age=262800&maxcookiecount=10

66.254.114.89

200 OK

35 B

URL HTTP/1.1
ctrack.trafficjunky.net/ctrack?action=list&type=add&id=notregistered&context=20bet.com&cookiename=notregistered&age=262800&maxcookiecount=10
IP
66.254.114.89:0
ASN
#29789 REFLECTED

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

HTTP Headers

GET /ctrack?action=list&type=add&id=notregistered&context=20bet.com&cookiename=notregistered&age=262800&maxcookiecount=10 HTTP/1.1
Host: ctrack.trafficjunky.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
server: openresty
date: Sat, 21 Jan 2023 20:12:49 GMT
content-type: image/gif
content-length: 35
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Sun, 22 Jan 1984 03:00:00 GMT
p3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
pragma: no-cache
set-cookie: tj_UUID=631cd2ee2b4f4cf89a98c513c08d9583; Path=/; Domain=trafficjunky.net; Expires=Mon, 20 Feb 2023 20:12:49 GMT; Secure; SameSite=None
tj_UUID_v2=631cd2ee-2b4f-4cf8-9a98-c513c08d9583; Path=/; Domain=trafficjunky.net; Expires=Mon, 20 Feb 2023 20:12:49 GMT; Secure; SameSite=None
1918bc62c1a6d87456120b5ac922270e=notregistered; Path=/; Domain=trafficjunky.net; Expires=Sun, 23 Jul 2023 08:12:49 GMT; Secure; SameSite=None
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-headers: Content-Type
access-control-max-age: 86400
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
x-request-id: 63CC4741-42FE725901BB7220-14D7E500

dsp-trk.eskimi.com/tracking/cssession?tst&id=22441

34.120.139.69

304 Not Modified

0 B

URL HTTP/2
dsp-trk.eskimi.com/tracking/cssession?tst&id=22441
IP
34.120.139.69:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tracking/cssession?tst&id=22441 HTTP/1.1
Host: dsp-trk.eskimi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://20betlp.com
Connection: keep-alive
Referer: https://20betlp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 304 Not Modified
access-control-allow-origin: https://20betlp.com
access-control-allow-credentials: true
date: Sat, 21 Jan 2023 20:12:49 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
79a7be7bb907212c182fda49673d7ca5
2cc42e5f3fb486b7d971d02779914a68b4a73fee
cc31bed1fb4ddb4093531d618cf9719019fd88420e8a574623b809db216b1aeb

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6464
Cache-Control: max-age=136788
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 20:12:49 GMT
Etag: "63cba155-1d7"
Expires: Mon, 23 Jan 2023 10:12:37 GMT
Last-Modified: Sat, 21 Jan 2023 08:24:53 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471

main.exdynsrv.com/tag.php?goal=8b2e6ea6f4f288415527d8eb7f5c3dc2

95.211.229.246

200 OK

20 B

URL HTTP/1.1
main.exdynsrv.com/tag.php?goal=8b2e6ea6f4f288415527d8eb7f5c3dc2
IP
95.211.229.246:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
data
Size
20 B (20 bytes)
Hash
a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

HTTP Headers

GET /tag.php?goal=8b2e6ea6f4f288415527d8eb7f5c3dc2 HTTP/1.1
Host: main.exdynsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 21 Jan 2023 20:12:49 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: goals=a%3A1%3A%7Bi%3A93090%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222023-01-21%22%3B%7D%7D; expires=Sun, 21 Jan 2024 20:12:49 GMT; path=/; domain=.exdynsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

main.realsrv.com/tag.php?goal=8b2e6ea6f4f288415527d8eb7f5c3dc2

95.211.229.246

200 OK

20 B

URL HTTP/1.1
main.realsrv.com/tag.php?goal=8b2e6ea6f4f288415527d8eb7f5c3dc2
IP
95.211.229.246:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
data
Size
20 B (20 bytes)
Hash
a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

HTTP Headers

GET /tag.php?goal=8b2e6ea6f4f288415527d8eb7f5c3dc2 HTTP/1.1
Host: main.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 21 Jan 2023 20:12:49 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: goals=a%3A1%3A%7Bi%3A93090%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222023-01-21%22%3B%7D%7D; expires=Sun, 21 Jan 2024 20:12:49 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
48e257c8f2392f159921a40b7d3ffe56
f89f2ea262bd86780848257fb73bcb45019d2dbf
939e3a190c0d0cdc796a73a852b368415660f6bb8f00653af4f8c960ed797fba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "939E3A190C0D0CDC796A73A852B368415660F6BB8F00653AF4F8C960ED797FBA"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15694
Expires: Sun, 22 Jan 2023 00:34:23 GMT
Date: Sat, 21 Jan 2023 20:12:49 GMT
Connection: keep-alive

mc.yandex.ru/metrika/tag.js

87.250.251.119

200 OK

74 kB

URL HTTP/2
mc.yandex.ru/metrika/tag.js
IP
87.250.251.119:0
ASN
#13238 YANDEX LLC

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (659)
Size
74 kB (73769 bytes)
Hash
a236c7014c1f1a1e52d356f59e5d665a
b66c638eb2346287364c37725819bbab1f409d66
ad2d57579e453af0eac49156840bcd1dcfbd802a82135af98f41f714d7e698f2

HTTP Headers

GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-length: 73769
date: Sat, 21 Jan 2023 20:12:49 GMT
access-control-allow-origin: *
etag: "63c93a4b-12029"
expires: Sat, 21 Jan 2023 21:12:49 GMT
last-modified: Thu, 19 Jan 2023 15:40:43 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: application/javascript
content-encoding: br
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

my.rtmark.net/p.js?f=sync&lr=1&partner=cd60a55da311d1562975ffab2a7f08e376179d9ae222cd454571a6753429581a

139.45.195.8

200 OK

697 B

URL HTTP/2
my.rtmark.net/p.js?f=sync&lr=1&partner=cd60a55da311d1562975ffab2a7f08e376179d9ae222cd454571a6753429581a
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
ASCII text
Size
697 B (697 bytes)
Hash
50bd6e5705d2521bca2b787e709a056b
6216f7e6fce68eba983e254863c86f29248531b0
0f9b337808a018383c64035060134c4bbf0d8de9e9541284ab5ffaa9f42cd434

HTTP Headers

GET /p.js?f=sync&lr=1&partner=cd60a55da311d1562975ffab2a7f08e376179d9ae222cd454571a6753429581a HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jan 2023 20:12:49 GMT
content-type: text/javascript
content-length: 697
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

tsyndicate.com/api/v1/retargeting/set/45d3301c-de08-443f-9716-ba31e2632331

148.251.19.25

200 OK

35 B

URL HTTP/2
tsyndicate.com/api/v1/retargeting/set/45d3301c-de08-443f-9716-ba31e2632331
IP
148.251.19.25:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

HTTP Headers

GET /api/v1/retargeting/set/45d3301c-de08-443f-9716-ba31e2632331 HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jan 2023 20:12:49 GMT
content-type: text/plain; charset=utf-8
content-length: 35
pragma: no-cache
expires: 0
vary: *
x-api-version: 1
x-request-id: 986f77c74aac3971
set-cookie: ts_rt_45d3301c-de08-443f-9716-ba31e2632331=AAMC; expires=Sun, 21 Jan 2024 20:12:49 GMT; path=/; HttpOnly; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
X-Firefox-Spdy: h2

ctrack.trafficjunky.net/ctrack?action=list&type=add&id=notregistered-new&context=20bet.com&cookiename=notregistered-new&age=259200&maxcookiecount=10

66.254.114.89

200 OK

35 B

URL HTTP/1.1
ctrack.trafficjunky.net/ctrack?action=list&type=add&id=notregistered-new&context=20bet.com&cookiename=notregistered-new&age=259200&maxcookiecount=10
IP
66.254.114.89:0
ASN
#29789 REFLECTED

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

HTTP Headers

GET /ctrack?action=list&type=add&id=notregistered-new&context=20bet.com&cookiename=notregistered-new&age=259200&maxcookiecount=10 HTTP/1.1
Host: ctrack.trafficjunky.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
server: openresty
date: Sat, 21 Jan 2023 20:12:49 GMT
content-type: image/gif
content-length: 35
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Sun, 22 Jan 1984 03:00:00 GMT
p3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
pragma: no-cache
set-cookie: tj_UUID=631cd2ee2b4f4cf89a98c513c08d9583; Path=/; Domain=trafficjunky.net; Expires=Mon, 20 Feb 2023 20:12:49 GMT; Secure; SameSite=None
tj_UUID_v2=631cd2ee-2b4f-4cf8-9a98-c513c08d9583; Path=/; Domain=trafficjunky.net; Expires=Mon, 20 Feb 2023 20:12:49 GMT; Secure; SameSite=None
614ac6550300bc7c00c3f821d11e0512=notregistered-new; Path=/; Domain=trafficjunky.net; Expires=Thu, 20 Jul 2023 20:12:49 GMT; Secure; SameSite=None
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-headers: Content-Type
access-control-max-age: 86400
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
x-request-id: 63CC4741-42FE725901BB7220-14D7E610

region1.google-analytics.com/g/collect?v=2&tid=G-J9LNZYMXZE&gtm=2oe1i0&_p=1020897282&cid=822368312.1674331968&ul=en-us&sr=1280x1024&_s=1&sid=1674331967&sct=1&seg=0&dl=https%3A%2F%2F20betlp.com%2Fbonus-wheel-en%2F%3Fbtag%3D667089_56020FE892A84B32AB0CF9C4953AEB00%26clickid%3D9df44x9ydxstl8a4%26campaign%3D1642%26trafficsource%3D62&dr=https%3A%2F%2Fwww.highcpmrevenuenetwork.com%2F&dt=20BET%20%7C%20Best%20Online%20Casino%20to%20Win%20Real%20Money&en=page_view&_fv=1&_nsi=1&_ss=1

216.239.32.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-J9LNZYMXZE&gtm=2oe1i0&_p=1020897282&cid=822368312.1674331968&ul=en-us&sr=1280x1024&_s=1&sid=1674331967&sct=1&seg=0&dl=https%3A%2F%2F20betlp.com%2Fbonus-wheel-en%2F%3Fbtag%3D667089_56020FE892A84B32AB0CF9C4953AEB00%26clickid%3D9df44x9ydxstl8a4%26campaign%3D1642%26trafficsource%3D62&dr=https%3A%2F%2Fwww.highcpmrevenuenetwork.com%2F&dt=20BET%20%7C%20Best%20Online%20Casino%20to%20Win%20Real%20Money&en=page_view&_fv=1&_nsi=1&_ss=1
IP
216.239.32.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-J9LNZYMXZE&gtm=2oe1i0&_p=1020897282&cid=822368312.1674331968&ul=en-us&sr=1280x1024&_s=1&sid=1674331967&sct=1&seg=0&dl=https%3A%2F%2F20betlp.com%2Fbonus-wheel-en%2F%3Fbtag%3D667089_56020FE892A84B32AB0CF9C4953AEB00%26clickid%3D9df44x9ydxstl8a4%26campaign%3D1642%26trafficsource%3D62&dr=https%3A%2F%2Fwww.highcpmrevenuenetwork.com%2F&dt=20BET%20%7C%20Best%20Online%20Casino%20to%20Win%20Real%20Money&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://20betlp.com
Connection: keep-alive
Referer: https://20betlp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://20betlp.com
date: Sat, 21 Jan 2023 20:12:49 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

mc.yandex.ru/metrika/advert.gif

87.250.251.119

200 OK

43 B

URL HTTP/2
mc.yandex.ru/metrika/advert.gif
IP
87.250.251.119:0
ASN
#13238 YANDEX LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 43
date: Sat, 21 Jan 2023 20:12:49 GMT
access-control-allow-origin: *
etag: "63c93a4b-2b"
expires: Sat, 21 Jan 2023 21:12:49 GMT
accept-ranges: bytes
last-modified: Thu, 19 Jan 2023 15:40:43 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

main.exoclick.com/tag.php?goal=8b2e6ea6f4f288415527d8eb7f5c3dc2

95.211.229.245

200 OK

20 B

URL HTTP/1.1
main.exoclick.com/tag.php?goal=8b2e6ea6f4f288415527d8eb7f5c3dc2
IP
95.211.229.245:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
data
Size
20 B (20 bytes)
Hash
a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

HTTP Headers

GET /tag.php?goal=8b2e6ea6f4f288415527d8eb7f5c3dc2 HTTP/1.1
Host: main.exoclick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 21 Jan 2023 20:12:49 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: goals=a%3A1%3A%7Bi%3A93090%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222023-01-21%22%3B%7D%7D; expires=Sun, 21 Jan 2024 20:12:49 GMT; path=/; domain=.exoclick.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

mc.yandex.ru/watch/73094056/1?wmode=7&page-url=https%3A%2F%2F20betlp.com%2Fbonus-wheel-en%2F%3Fbtag%3D667089_56020FE892A84B32AB0CF9C4953AEB00%26clickid%3D9df44x9ydxstl8a4%26campaign%3D1642%26trafficsource%3D62&page-ref=https%3A%2F%2Fwww.highcpmrevenuenetwork.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A1291%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A29895761256%3Ahid%3A250644383%3Az%3A0%3Ai%3A20230121201248%3Aet%3A1674331969%3Ac%3A1%3Arn%3A884731652%3Arqn%3A1%3Au%3A1674331969888671794%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A34%2C37%2C13%2C2%2C828%2C0%2C%2C340%2C1%2C%2C%2C%2C1284%3Aco%3A0%3Ans%3A1674331966300%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674331969%3At%3A20BET%20%7C%20Best%20Online%20Casino%20to%20Win%20Real%20Money&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29

87.250.251.119

200 OK

400 B

URL HTTP/2
mc.yandex.ru/watch/73094056/1?wmode=7&page-url=https%3A%2F%2F20betlp.com%2Fbonus-wheel-en%2F%3Fbtag%3D667089_56020FE892A84B32AB0CF9C4953AEB00%26clickid%3D9df44x9ydxstl8a4%26campaign%3D1642%26trafficsource%3D62&page-ref=https%3A%2F%2Fwww.highcpmrevenuenetwork.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A1291%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A29895761256%3Ahid%3A250644383%3Az%3A0%3Ai%3A20230121201248%3Aet%3A1674331969%3Ac%3A1%3Arn%3A884731652%3Arqn%3A1%3Au%3A1674331969888671794%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A34%2C37%2C13%2C2%2C828%2C0%2C%2C340%2C1%2C%2C%2C%2C1284%3Aco%3A0%3Ans%3A1674331966300%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674331969%3At%3A20BET%20%7C%20Best%20Online%20Casino%20to%20Win%20Real%20Money&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
IP
87.250.251.119:0
ASN
#13238 YANDEX LLC

File type
JSON data\012- , ASCII text, with very long lines (400), with no line terminators
Size
400 B (400 bytes)
Hash
b2355fe44326361100f2f54ed476d1bd
96adf8e1fd022dafc425cc93fa5f668812a61789
47a5b29a2451e54abe862b6e0bfe6acfbed3bb8447161a8fe9bc3caa9a691c96

HTTP Headers

GET /watch/73094056/1?wmode=7&page-url=https%3A%2F%2F20betlp.com%2Fbonus-wheel-en%2F%3Fbtag%3D667089_56020FE892A84B32AB0CF9C4953AEB00%26clickid%3D9df44x9ydxstl8a4%26campaign%3D1642%26trafficsource%3D62&page-ref=https%3A%2F%2Fwww.highcpmrevenuenetwork.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A1291%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A29895761256%3Ahid%3A250644383%3Az%3A0%3Ai%3A20230121201248%3Aet%3A1674331969%3Ac%3A1%3Arn%3A884731652%3Arqn%3A1%3Au%3A1674331969888671794%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A34%2C37%2C13%2C2%2C828%2C0%2C%2C340%2C1%2C%2C%2C%2C1284%3Aco%3A0%3Ans%3A1674331966300%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674331969%3At%3A20BET%20%7C%20Best%20Online%20Casino%20to%20Win%20Real%20Money&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://20betlp.com
Referer: https://20betlp.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 400
date: Sat, 21 Jan 2023 20:12:49 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://20betlp.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 21-Jan-2023 20:12:49 GMT
last-modified: Sat, 21-Jan-2023 20:12:49 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5074bfa38808c4a0f18b00a601cfef53
ffc0c526e49251605b2c95d0d1d595f9c702cd9a
6262e4155e8fbf18388f2f38c8e65cb87db94dae66d1dbbd329b4973d8b243df

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 20:12:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

trc.taboola.com/1460267/log/3/unip?item-url=https%3A%2F%2F20betlp.com%2Fbonus-wheel-en%2F%3Fbtag%3D667089_56020FE892A84B32AB0CF9C4953AEB00%26clickid%3D9df44x9ydxstl8a4%26campaign%3D1642%26trafficsource%3D62&ref=https%3A%2F%2Fwww.highcpmrevenuenetwork.com%2F&en=20betcom_notreg

151.101.65.44

204 No Content

0 B

URL HTTP/2
trc.taboola.com/1460267/log/3/unip?item-url=https%3A%2F%2F20betlp.com%2Fbonus-wheel-en%2F%3Fbtag%3D667089_56020FE892A84B32AB0CF9C4953AEB00%26clickid%3D9df44x9ydxstl8a4%26campaign%3D1642%26trafficsource%3D62&ref=https%3A%2F%2Fwww.highcpmrevenuenetwork.com%2F&en=20betcom_notreg
IP
151.101.65.44:0
ASN
#54113 FASTLY

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /1460267/log/3/unip?item-url=https%3A%2F%2F20betlp.com%2Fbonus-wheel-en%2F%3Fbtag%3D667089_56020FE892A84B32AB0CF9C4953AEB00%26clickid%3D9df44x9ydxstl8a4%26campaign%3D1642%26trafficsource%3D62&ref=https%3A%2F%2Fwww.highcpmrevenuenetwork.com%2F&en=20betcom_notreg HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
server: nginx
content-type: image/gif
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
accept-ranges: bytes
date: Sat, 21 Jan 2023 20:12:49 GMT
via: 1.1 varnish
x-served-by: cache-bma1652-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1674331970.586716,VS0,VE93
x-vcl-time-ms: 93
X-Firefox-Spdy: h2

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-179168354-1&cid=822368312.1674331968&jid=331546101&gjid=1245665250&_gid=1597594545.1674331968&_u=YADAAEAAAAAAACAAI~&z=1208510358

64.233.161.156

200 OK

1 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-179168354-1&cid=822368312.1674331968&jid=331546101&gjid=1245665250&_gid=1597594545.1674331968&_u=YADAAEAAAAAAACAAI~&z=1208510358
IP
64.233.161.156:0
ASN
#15169 GOOGLE

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-179168354-1&cid=822368312.1674331968&jid=331546101&gjid=1245665250&_gid=1597594545.1674331968&_u=YADAAEAAAAAAACAAI~&z=1208510358 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://20betlp.com
Connection: keep-alive
Referer: https://20betlp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://20betlp.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 21 Jan 2023 20:12:49 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.facebook.com/tr/?id=4565082360183930&ev=PageView&dl=https%3A%2F%2F20betlp.com%2Fbonus-wheel-en%2F%3Fbtag%3D667089_56020FE892A84B32AB0CF9C4953AEB00%26clickid%3D9df44x9ydxstl8a4%26campaign%3D1642%26trafficsource%3D62&rl=https%3A%2F%2Fwww.highcpmrevenuenetwork.com%2F&if=false&ts=1674331968763&sw=1280&sh=1024&v=2.9.94&r=stable&ec=0&o=30&fbp=fb.1.1674331968762.2059697246&it=1674331968253&coo=false&rqm=GET

31.13.72.36

200 OK

0 B

URL HTTP/2
www.facebook.com/tr/?id=4565082360183930&ev=PageView&dl=https%3A%2F%2F20betlp.com%2Fbonus-wheel-en%2F%3Fbtag%3D667089_56020FE892A84B32AB0CF9C4953AEB00%26clickid%3D9df44x9ydxstl8a4%26campaign%3D1642%26trafficsource%3D62&rl=https%3A%2F%2Fwww.highcpmrevenuenetwork.com%2F&if=false&ts=1674331968763&sw=1280&sh=1024&v=2.9.94&r=stable&ec=0&o=30&fbp=fb.1.1674331968762.2059697246&it=1674331968253&coo=false&rqm=GET
IP
31.13.72.36:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tr/?id=4565082360183930&ev=PageView&dl=https%3A%2F%2F20betlp.com%2Fbonus-wheel-en%2F%3Fbtag%3D667089_56020FE892A84B32AB0CF9C4953AEB00%26clickid%3D9df44x9ydxstl8a4%26campaign%3D1642%26trafficsource%3D62&rl=https%3A%2F%2Fwww.highcpmrevenuenetwork.com%2F&if=false&ts=1674331968763&sw=1280&sh=1024&v=2.9.94&r=stable&ec=0&o=30&fbp=fb.1.1674331968762.2059697246&it=1674331968253&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin: 
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sat, 21 Jan 2023 20:12:49 GMT
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
875fc1415608498b67d609fd3b7335ae
463aca613dcdfc3446e7c7f4663d9577ef92f94e
fcb4c1657bc5afb8c1adfbec67198211be206ff61b5cc7c13565d5ce492de66e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 20:12:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

secure.adnxs.com/seg?add=30613014&t=1

185.89.210.101

307 Redirection

0 B

URL HTTP/1.1
secure.adnxs.com/seg?add=30613014&t=1
IP
185.89.210.101:0
ASN
#29990 ASN-APPNEX

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /seg?add=30613014&t=1 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sat, 21 Jan 2023 20:12:49 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D30613014%26t%3D1
AN-X-Request-Uuid: b0dc4040-6b7c-45bb-988d-34b4ccf72ba3
Set-Cookie: uuid2=2264652938095965915; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 21-Apr-2023 20:12:49 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com

zz.connextra.com/20Bet/dcs/tagController/tagData/d3ea3fb1f9d4

104.85.191.64

200 OK

0 B

URL HTTP/2
zz.connextra.com/20Bet/dcs/tagController/tagData/d3ea3fb1f9d4
IP
104.85.191.64:0
ASN
#16625 AKAMAI-AS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /20Bet/dcs/tagController/tagData/d3ea3fb1f9d4 HTTP/1.1
Host: zz.connextra.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 41
Origin: https://20betlp.com
Connection: keep-alive
Referer: https://20betlp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://20betlp.com
vary: Origin
p3p: CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
content-type: text/plain
content-length: 0
expires: Sat, 21 Jan 2023 20:12:49 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 21 Jan 2023 20:12:49 GMT
set-cookie: CxtId=829904c9-cca4-413b-963a-f76fd49b0ac5; Domain=.connextra.com; Expires=Mon, 20-Jan-2025 20:12:49 GMT; Path=/; Secure; SameSite=None
20Bet=P%7Chomepage%7C1%7C202301212012; Domain=.connextra.com; Expires=Sun, 21-Jan-2024 20:12:49 GMT; Path=/; Secure; HttpOnly; SameSite=None
X-Firefox-Spdy: h2

secure.adnxs.com/getuidnb?https%3A//zz.connextra.com/sync/data/uid/3bc1d7fd2e/%24UID

185.89.210.101

200 OK

43 B

URL HTTP/1.1
secure.adnxs.com/getuidnb?https%3A//zz.connextra.com/sync/data/uid/3bc1d7fd2e/%24UID
IP
185.89.210.101:0
ASN
#29990 ASN-APPNEX

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

HTTP Headers

GET /getuidnb?https%3A//zz.connextra.com/sync/data/uid/3bc1d7fd2e/%24UID HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sat, 21 Jan 2023 20:12:49 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: f5a4a497-f70d-410a-8966-75053eab3bac
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com

apis.sharechat.com/self-serve-service/v1/external/selfServe/sdk/SG3eKxKT7W/get

104.17.235.9

200 OK

57 B

URL HTTP/2
apis.sharechat.com/self-serve-service/v1/external/selfServe/sdk/SG3eKxKT7W/get
IP
104.17.235.9:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with no line terminators
Size
57 B (57 bytes)
Hash
b743f3d65555324eb815a39dbfda117e
854c81927d8fd17fd8cb66503d8d2a0912293007
b93f1daec177bd721359292bba935c7f95c000e39bc8eb2f5f86eee34957e0f4

HTTP Headers

GET /self-serve-service/v1/external/selfServe/sdk/SG3eKxKT7W/get HTTP/1.1
Host: apis.sharechat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20betlp.com/
Origin: https://20betlp.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 21 Jan 2023 20:12:49 GMT
content-type: application/json;charset=utf-8
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: https://20betlp.com
vary: Origin
etag: W/"1f-6dkZ0odeH7r21LA6dRUG6G17Ebs"
via: 1.1 google
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=Rh5IAGgyniDmMBegs5ecY23sIBQGqF0VSQVVErb.J24-1674331969-0-AWZ5qgom7DP4RXpIXe8hN9x7pkRyZ5iAtmXTqesHHmv4muqU4tHf7lbytjHBz2Pe/PDAlIrkubMXVmSpcZhMRfs=; path=/; expires=Sat, 21-Jan-23 20:42:49 GMT; domain=.sharechat.com; HttpOnly; Secure; SameSite=None
_cfuvid=a43fOsHE2HvI47lOnqJwHq6JQase9Fem42uBDKR0QDE-1674331969418-0-604800000; path=/; domain=.sharechat.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 78d2b4f63c42b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

my.rtmark.net/img.gif?f=sync&partner=cd60a55da311d1562975ffab2a7f08e376179d9ae222cd454571a6753429581a&ttl=&rurl=https%3A%2F%2F20betlp.com%2Fbonus-wheel-en%2F%3Fbtag%3D667089_56020FE892A84B32AB0CF9C4953AEB00%26clickid%3D9df44x9ydxstl8a4%26campaign%3D1642%26trafficsource%3D62

139.45.195.8

200 OK

43 B

URL HTTP/2
my.rtmark.net/img.gif?f=sync&partner=cd60a55da311d1562975ffab2a7f08e376179d9ae222cd454571a6753429581a&ttl=&rurl=https%3A%2F%2F20betlp.com%2Fbonus-wheel-en%2F%3Fbtag%3D667089_56020FE892A84B32AB0CF9C4953AEB00%26clickid%3D9df44x9ydxstl8a4%26campaign%3D1642%26trafficsource%3D62
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

HTTP Headers

GET /img.gif?f=sync&partner=cd60a55da311d1562975ffab2a7f08e376179d9ae222cd454571a6753429581a&ttl=&rurl=https%3A%2F%2F20betlp.com%2Fbonus-wheel-en%2F%3Fbtag%3D667089_56020FE892A84B32AB0CF9C4953AEB00%26clickid%3D9df44x9ydxstl8a4%26campaign%3D1642%26trafficsource%3D62 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jan 2023 20:12:49 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=2c354c08340440859df0b946db7fdec7; expires=Sun, 21 Jan 2024 20:12:49 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b7e829d-d4bc-4fa0-b5e5-e4527e48fd42.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.7 kB (9657 bytes)
Hash
4483cb695fef2fe82f38a65e18ea1fd7
ea95504fc5be0259c8c3a39f47f8fcb322bca88d
807a120b964ee7ec7c83c5d943d29cea5df2171291ad1b99de9ef4df7e7e9046

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b7e829d-d4bc-4fa0-b5e5-e4527e48fd42.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 9657
x-amzn-requestid: 63c51fc8-3cd1-486b-960b-91d0d4b14dbd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: exbnMFUvoAMFvYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c3a62d-3f30f1cb5bc13bf812d3cf71;Sampled=0
x-amzn-remapped-date: Sun, 15 Jan 2023 07:07:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VuSAJTNeYNhttE_PILwWsQmCBULQteT3BkAUOPYGTksqRK7rKBbYyg==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 16:05:36 GMT
age: 14839
etag: "ea95504fc5be0259c8c3a39f47f8fcb322bca88d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

dsp-media.eskimi.com/assets/js/e/gtr.min.js?_=0.0.0.3

194.242.11.186

200 OK

0 B

URL HTTP/2
dsp-media.eskimi.com/assets/js/e/gtr.min.js?_=0.0.0.3
IP
194.242.11.186:0
ASN
#34989 ServeTheWorld AS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /assets/js/e/gtr.min.js?_=0.0.0.3 HTTP/1.1
Host: dsp-media.eskimi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20betlp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 21 Jan 2023 20:12:49 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 692289
cdn-uid: ce2848ff-13c5-49e5-873d-af24ad423612
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
etag: W/"621cbfb5-12fb"
expires: Tue, 28 Nov 2023 12:07:50 GMT
last-modified: Mon, 28 Feb 2022 12:27:33 GMT
x-content-type-options: nosniff
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 11/28/2022 12:07:50
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: a2c39eb5b82202ca639df2ec2a3b3793
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2

dsp-ap.eskimi.com/v2/gtr?id=22441&url=https%3A%2F%2F20betlp.com%2Fbonus-wheel-en%2F%3Fbtag%3D667089_56020FE892A84B32AB0CF9C4953AEB00%26clickid%3D9df44x9ydxstl8a4%26campaign%3D1642%26trafficsource%3D62&t=1674331968196

35.186.201.99

200 OK

0 B

URL HTTP/2
dsp-ap.eskimi.com/v2/gtr?id=22441&url=https%3A%2F%2F20betlp.com%2Fbonus-wheel-en%2F%3Fbtag%3D667089_56020FE892A84B32AB0CF9C4953AEB00%26clickid%3D9df44x9ydxstl8a4%26campaign%3D1642%26trafficsource%3D62&t=1674331968196
IP
35.186.201.99:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /v2/gtr?id=22441&url=https%3A%2F%2F20betlp.com%2Fbonus-wheel-en%2F%3Fbtag%3D667089_56020FE892A84B32AB0CF9C4953AEB00%26clickid%3D9df44x9ydxstl8a4%26campaign%3D1642%26trafficsource%3D62&t=1674331968196 HTTP/1.1
Host: dsp-ap.eskimi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://20betlp.com
Connection: keep-alive
Referer: https://20betlp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
set-cookie: __eConsent=1; Expires=Mon, 20 Feb 2023 20:12:49 GMT; Max-Age=2592000; Domain=.eskimi.com; Path=/; Secure; SameSite=None
__eDId=ef946dc9-984f-4e78-aa2d-424f9aead09c; Expires=Mon, 20 Feb 2023 20:12:49 GMT; Max-Age=2592000; Domain=.eskimi.com; Path=/; Secure; SameSite=None
__eP=1; Expires=Sat, 04 Feb 2023 20:12:49 GMT; Max-Age=1209600; Domain=.eskimi.com; Path=/; Secure; SameSite=None
access-control-allow-origin: https://20betlp.com
access-control-allow-credentials: true
cache-control: no-cache
date: Sat, 21 Jan 2023 20:12:48 GMT
content-type: application/json
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

mc.yandex.ru/watch/73094056?wmode=7&page-url=https%3A%2F%2F20betlp.com%2Fbonus-wheel-en%2F%3Fbtag%3D667089_56020FE892A84B32AB0CF9C4953AEB00%26clickid%3D9df44x9ydxstl8a4%26campaign%3D1642%26trafficsource%3D62&page-ref=https%3A%2F%2Fwww.highcpmrevenuenetwork.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A1291%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A29895761256%3Ahid%3A250644383%3Az%3A0%3Ai%3A20230121201248%3Aet%3A1674331969%3Ac%3A1%3Arn%3A884731652%3Arqn%3A1%3Au%3A1674331969888671794%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A34%2C37%2C13%2C2%2C828%2C0%2C%2C340%2C1%2C%2C%2C%2C1284%3Aco%3A0%3Ans%3A1674331966300%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674331969%3At%3A20BET%20%7C%20Best%20Online%20Casino%20to%20Win%20Real%20Money&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)

87.250.251.119

302 Found

0 B

URL HTTP/2
mc.yandex.ru/watch/73094056?wmode=7&page-url=https%3A%2F%2F20betlp.com%2Fbonus-wheel-en%2F%3Fbtag%3D667089_56020FE892A84B32AB0CF9C4953AEB00%26clickid%3D9df44x9ydxstl8a4%26campaign%3D1642%26trafficsource%3D62&page-ref=https%3A%2F%2Fwww.highcpmrevenuenetwork.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A1291%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A29895761256%3Ahid%3A250644383%3Az%3A0%3Ai%3A20230121201248%3Aet%3A1674331969%3Ac%3A1%3Arn%3A884731652%3Arqn%3A1%3Au%3A1674331969888671794%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A34%2C37%2C13%2C2%2C828%2C0%2C%2C340%2C1%2C%2C%2C%2C1284%3Aco%3A0%3Ans%3A1674331966300%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674331969%3At%3A20BET%20%7C%20Best%20Online%20Casino%20to%20Win%20Real%20Money&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
IP
87.250.251.119:0
ASN
#13238 YANDEX LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /watch/73094056?wmode=7&page-url=https%3A%2F%2F20betlp.com%2Fbonus-wheel-en%2F%3Fbtag%3D667089_56020FE892A84B32AB0CF9C4953AEB00%26clickid%3D9df44x9ydxstl8a4%26campaign%3D1642%26trafficsource%3D62&page-ref=https%3A%2F%2Fwww.highcpmrevenuenetwork.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A1291%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A29895761256%3Ahid%3A250644383%3Az%3A0%3Ai%3A20230121201248%3Aet%3A1674331969%3Ac%3A1%3Arn%3A884731652%3Arqn%3A1%3Au%3A1674331969888671794%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A34%2C37%2C13%2C2%2C828%2C0%2C%2C340%2C1%2C%2C%2C%2C1284%3Aco%3A0%3Ans%3A1674331966300%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674331969%3At%3A20BET%20%7C%20Best%20Online%20Casino%20to%20Win%20Real%20Money&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://20betlp.com
Connection: keep-alive
Referer: https://20betlp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
location: /watch/73094056/1?wmode=7&page-url=https%3A%2F%2F20betlp.com%2Fbonus-wheel-en%2F%3Fbtag%3D667089_56020FE892A84B32AB0CF9C4953AEB00%26clickid%3D9df44x9ydxstl8a4%26campaign%3D1642%26trafficsource%3D62&page-ref=https%3A%2F%2Fwww.highcpmrevenuenetwork.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A1291%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A29895761256%3Ahid%3A250644383%3Az%3A0%3Ai%3A20230121201248%3Aet%3A1674331969%3Ac%3A1%3Arn%3A884731652%3Arqn%3A1%3Au%3A1674331969888671794%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A34%2C37%2C13%2C2%2C828%2C0%2C%2C340%2C1%2C%2C%2C%2C1284%3Aco%3A0%3Ans%3A1674331966300%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674331969%3At%3A20BET%20%7C%20Best%20Online%20Casino%20to%20Win%20Real%20Money&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Sat, 21 Jan 2023 20:12:49 GMT
access-control-allow-origin: https://20betlp.com
set-cookie: yabs-sid=2113203121674331969; Path=/; SameSite=None; Secure
i=goX0OoKIPlMOmb8D/zkDohNsq64DCdLxEK8AqjtTxAjmFYbmdXjMGXKGs/ksCU2wcC3IMdwWd7LtgwAWikwmhlg3N/s=; Expires=Tue, 18-Jan-2033 20:12:47 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=8319060281674331969; Expires=Sun, 21-Jan-2024 20:12:49 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=8319060281674331969; Expires=Sun, 21-Jan-2024 20:12:49 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1705867969.yc.1674331969#1705867969.yrts.1674331969#1705867969.yrtsi.1674331969; Expires=Sun, 21-Jan-2024 20:12:49 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 21-Jan-2023 20:12:49 GMT
last-modified: Sat, 21-Jan-2023 20:12:49 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (23)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML