Overview

URLur.onlinerealmoneygames.xyz/%D0%98%D1%88%D0%B5%D0%BD%D0%B8%D0%BC_%D1%8D%D1%81%D0%B5%D0%B1%D0%B8%D0%BD_%D0%B1%D0%B0%D1%88%D0%BA%D0%B0%D1%80%D1%83%D1%83_%D0%B1%D1%83%D0%BA%D0%BC%D0%B5%D0%BA%D0%B5%D1%80%D1%8B.html"%3Eolimpbet
IP 188.114.97.1 (Colombia)
ASN#13335 CLOUDFLARENET
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-30 12:36:05 UTC
StatusLoading report..
IDS alerts0
Blocklist alert3
urlquery alerts No alerts detected
Tags None

Domain Summary (66)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
e1.o.lencr.org (2) 6159 No data No data 23.36.77.32
ocsp.sca1b.amazontrust.com (5) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 143.204.42.88
c4457c89-e5ba-4d22-92e5-c2959310ee85.snippet.antillephone.com (3) 580028 No data No data 54.230.111.63
www.googletagmanager.com (1) 75 2013-05-22 02:07:37 UTC 2022-11-30 04:53:34 UTC 142.250.74.40
casino.cur.a8r.games (1) 336046 2021-05-15 15:15:03 UTC 2022-11-29 18:35:41 UTC 104.18.12.198
my.rtmark.net (1) 9054 2017-08-22 14:11:49 UTC 2022-11-30 04:08:46 UTC 139.45.195.8
www.google.com (1) 7 2016-03-22 03:56:07 UTC 2022-11-30 04:48:28 UTC 142.250.74.164
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
trc.taboola.com (1) 602 2013-07-11 10:17:31 UTC 2020-03-17 19:54:14 UTC 151.101.129.44
accounts.livechatinc.com (1) 7698 2018-09-03 02:09:14 UTC 2020-01-31 06:28:20 UTC 23.36.79.17
www.facebook.com (1) 99 2012-05-21 00:23:41 UTC 2021-06-08 06:38:51 UTC 31.13.72.36
dwmu1hf7ovvid.cloudfront.net (128) 0 2022-06-02 17:28:59 UTC 2022-11-29 17:52:39 UTC 143.204.42.190 Unknown ranking
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-30 04:06:04 UTC 34.117.237.239
main.exosrv.com (1) 206751 2018-03-28 04:10:16 UTC 2020-03-23 03:33:53 UTC 95.211.229.247
ur.onlinerealmoneygames.xyz (4) 0 2022-05-21 15:38:43 UTC 2022-11-30 11:57:57 UTC 104.21.14.60 Unknown ranking
ocsp.sectigo.com (4) 487 2019-11-29 11:50:24 UTC 2021-09-17 20:05:40 UTC 172.64.155.188
promo.20bet.partners (1) 524075 No data No data 23.36.79.17
tracker.growthbuddy.app (1) 153665 2020-11-30 13:00:07 UTC 2022-11-29 18:35:42 UTC 54.74.8.139
ctrack.trafficjunky.net (2) 27301 2014-03-23 22:43:38 UTC 2022-11-30 04:12:09 UTC 66.254.114.89
dsp-trk.eskimi.com (1) 38619 2019-10-03 08:08:12 UTC 2022-11-29 21:18:15 UTC 34.120.139.69
match.sharethrough.com (3) 604 2016-10-07 22:49:32 UTC 2020-04-24 05:52:36 UTC 3.72.32.250
fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-11-30 05:55:22 UTC 142.250.74.106
ocsp.digicert.com (20) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
region1.google-analytics.com (1) 0 2022-03-17 11:26:33 UTC 2022-11-30 04:06:41 UTC 216.239.34.36 Domain (google-analytics.com) ranked at: 8401
tsyndicate.com (1) 13042 2017-03-16 09:04:54 UTC 2022-11-30 05:14:01 UTC 136.243.46.131
tag.growthbuddy.app (1) 470040 2020-11-30 13:00:05 UTC 2022-11-29 18:35:42 UTC 54.74.8.139
tracker.ads.sportradar.com (2) 41720 No data No data 23.36.79.43
mc.yandex.ru (5) 2672 2012-05-21 09:38:30 UTC 2022-11-30 04:08:52 UTC 87.250.251.119
stats.g.doubleclick.net (1) 96 2013-06-10 20:21:11 UTC 2022-11-30 05:00:30 UTC 74.125.131.156
main.exoclick.com (1) 33599 2015-09-01 10:25:49 UTC 2020-03-31 04:40:59 UTC 95.211.229.247
static.cloudflareinsights.com (1) 1294 2019-09-24 14:34:56 UTC 2022-11-30 04:11:12 UTC 104.16.56.101
a.sportradarserving.com (4) 2372 No data No data 3.123.120.111
ur.onlinerealmoneygames.xyz (4) 0 2022-05-21 15:38:43 UTC 2022-11-30 11:57:57 UTC 172.67.158.27 Unknown ranking
platform.20bet.com (37) 784200 2019-11-07 07:49:18 UTC 2022-11-29 18:35:43 UTC 172.67.15.187
r3.o.lencr.org (9) 344 No data No data 23.36.77.32
zz.connextra.com (1) 14652 2014-03-20 17:05:16 UTC 2020-03-18 19:26:33 UTC 104.85.191.64
a.exoclick.com (1) 71579 No data No data 205.185.216.10
api.livechatinc.com (1) 5353 2013-12-20 14:27:35 UTC 2020-05-14 13:42:22 UTC 23.36.79.17
static.hotjar.com (1) 641 2014-11-01 05:14:27 UTC 2020-04-26 08:32:02 UTC 143.204.55.84
aswpsdkus.com (1) 5300 2019-03-19 12:39:22 UTC 2022-11-29 18:39:10 UTC 34.160.158.95
vc.hotjar.io (1) 2334 No data No data 54.230.111.8
x.bidswitch.net (8) 286 2017-08-28 15:21:00 UTC 2021-09-28 10:50:41 UTC 18.195.153.121
ocsp.globalsign.com (1) 2075 2012-07-20 17:46:16 UTC 2020-05-02 20:58:10 UTC 104.18.20.226
eb2.3lift.com (1) 402 2014-09-24 15:03:42 UTC 2020-03-13 01:44:01 UTC 76.223.111.18
secure.livechatinc.com (1) 6541 2012-08-20 19:27:12 UTC 2020-04-07 20:28:05 UTC 23.36.79.17
assets.customer.io (1) 19446 2013-05-31 17:10:04 UTC 2020-05-06 15:54:46 UTC 54.230.111.79
tm.ads.sportradar.com (1) 40177 No data No data 23.36.79.43
www.google-analytics.com (1) 40 2012-10-03 01:04:21 UTC 2022-11-30 05:03:07 UTC 142.250.74.46
main.exdynsrv.com (1) 91821 2018-06-22 13:05:36 UTC 2020-03-31 04:40:59 UTC 95.211.229.248
dsp-media.eskimi.com (1) 46408 2015-12-29 16:38:43 UTC 2022-01-25 11:30:48 UTC 194.242.11.186
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 52.39.94.191
script.hotjar.com (1) 887 2020-11-05 16:23:46 UTC 2022-11-30 06:12:24 UTC 143.204.55.46
serving.ads.sportradar.com (1) 42818 2021-06-21 12:16:59 UTC 2022-11-29 19:56:57 UTC 63.33.93.29
ws-cdn001.akamaized.net (1) 188179 No data No data 23.36.77.10
cdn.onesignal.com (1) 3015 2015-04-22 13:41:50 UTC 2022-11-30 05:28:23 UTC 104.18.226.52
platform.20bet.com (37) 784200 2019-11-07 07:49:18 UTC 2022-11-29 18:35:43 UTC 104.22.35.208
vars.hotjar.com (1) 1014 2020-11-05 16:23:46 UTC 2022-11-30 04:44:55 UTC 143.204.55.118
dsp-ap.eskimi.com (1) 62069 2019-10-03 09:45:00 UTC 2022-11-29 21:18:15 UTC 35.186.201.99
track.trackingtraffo.com (2) 0 No data No data 88.214.195.156 Unknown ranking
20bet.com (43) 249292 2017-09-02 02:41:52 UTC 2022-11-30 06:31:02 UTC 104.22.35.208
connect.facebook.net (1) 139 2012-05-22 02:51:28 UTC 2020-02-17 13:26:09 UTC 31.13.72.12
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-11-30 04:06:17 UTC 34.102.187.140
ocsp.pki.goog (9) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.131
cdn.seon.io (1) 212690 2020-04-21 11:37:11 UTC 2022-11-29 18:35:41 UTC 54.230.111.74
cdn.softswiss.net (27) 412286 2015-07-09 16:04:37 UTC 2022-11-29 17:52:26 UTC 104.17.112.131
img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-11-30 2 ur.onlinerealmoneygames.xyz/ Malware
2022-11-30 2 c4457c89-e5ba-4d22-92e5-c2959310ee85.snippet.antillephone.com/apg-seal.js Malware
2022-11-30 2 ur.onlinerealmoneygames.xyz/ Malware

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 188.114.97.1
Date UQ / IDS / BL URL IP
2023-02-04 02:07:14 +0000 0 - 2 - 0 download.freemake.net/products/4FC302F4104A3A (...) 188.114.97.1
2023-02-04 01:53:24 +0000 0 - 6 - 2 img4fap.club/pict/girl-open-jacket 188.114.97.1
2023-02-04 01:49:48 +0000 0 - 11 - 0 waitprocessing.com/webv4/before_continue 188.114.97.1
2023-02-04 01:43:12 +0000 0 - 0 - 12 crackdare.com/http:/crackdare.com/wp-content/ (...) 188.114.97.1
2023-02-04 01:43:04 +0000 0 - 1 - 0 poc-uk.org.uk/ 188.114.97.1


Last 5 reports on ASN: CLOUDFLARENET
Date UQ / IDS / BL URL IP
2023-02-04 02:31:14 +0000 0 - 0 - 1 serendipityprizes.com/ 104.21.44.172
2023-02-04 02:31:12 +0000 0 - 2 - 3 pdoyl.mirrorbay.org/prn247.com/tagged/taylor-russo 188.114.96.1
2023-02-04 02:30:26 +0000 0 - 2 - 2 0psmbbg4s0.youtubee.biz/ 172.67.208.41
2023-02-04 02:30:16 +0000 0 - 3 - 0 cdn.crazydownapi.tk/upload/CrazyDownSetup.rar 172.67.140.143
2023-02-04 02:27:59 +0000 0 - 0 - 1 betciptrofit.fun 104.21.39.215


Last 1 reports on domain: onlinerealmoneygames.xyz
Date UQ / IDS / BL URL IP
2022-11-30 12:36:05 +0000 0 - 0 - 3 ur.onlinerealmoneygames.xyz/%D0%98%D1%88%D0%B (...) 188.114.97.1


Last 1 reports with similar screenshot
Date UQ / IDS / BL URL IP
2022-11-10 19:52:37 +0000 0 - 0 - 4 kazinov.site/ 104.21.72.12

JavaScript

Executed Scripts (96)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (368)


Request Response
                                        
                                            GET /%D0%98%D1%88%D0%B5%D0%BD%D0%B8%D0%BC_%D1%8D%D1%81%D0%B5%D0%B1%D0%B8%D0%BD_%D0%B1%D0%B0%D1%88%D0%BA%D0%B0%D1%80%D1%83%D1%83_%D0%B1%D1%83%D0%BA%D0%BC%D0%B5%D0%BA%D0%B5%D1%80%D1%8B.html"%3Eolimpbet HTTP/1.1 
Host: ur.onlinerealmoneygames.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         104.21.14.60
HTTP/1.1 301 Moved Permanently
                                        
Date: Wed, 30 Nov 2022 12:35:51 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 30 Nov 2022 13:35:51 GMT
Location: https://ur.onlinerealmoneygames.xyz/%D0%98%D1%88%D0%B5%D0%BD%D0%B8%D0%BC_%D1%8D%D1%81%D0%B5%D0%B1%D0%B8%D0%BD_%D0%B1%D0%B0%D1%88%D0%BA%D0%B0%D1%80%D1%83%D1%83_%D0%B1%D1%83%D0%BA%D0%BC%D0%B5%D0%BA%D0%B5%D1%80%D1%8B.html"%3Eolimpbet
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eQZHEATzPL%2BR9kmVF%2FKkCqMfOsnOyuQkt2o8lr7U3s61rJc78QKm6%2BH61x3MUJW9MOSVr262SCvDttePVt2HPFYDu4wRKnDspuxAJNhxiOfKvBElP%2BJaTJj1fysjMRLQRA0VPtga4zS24yuk%2Fqk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7723a016fae5b509-OSL
alt-svc: h2=":443"; ma=60

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "8EED57C91B42EF7B2D5EFF1309E306E23E13C3DE21219AF24A693CBF3E8977FC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2216
Expires: Wed, 30 Nov 2022 13:12:47 GMT
Date: Wed, 30 Nov 2022 12:35:51 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3236
Cache-Control: max-age=168564
Date: Wed, 30 Nov 2022 12:35:51 GMT
Etag: "638730f7-1d7"
Expires: Fri, 02 Dec 2022 11:25:15 GMT
Last-Modified: Wed, 30 Nov 2022 10:31:19 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 30 Nov 2022 12:19:41 GMT
cache-control: public,max-age=3600
age: 970
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    14cd9a0afb6ba9a763651d5112760d1e
Sha1:   75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A3EC545A8F9364AC9062EDDB41279E1465687A1B60F9C1DEC6B3A3DF8B033EB3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8608
Expires: Wed, 30 Nov 2022 14:59:19 GMT
Date: Wed, 30 Nov 2022 12:35:51 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: IhJy2Cgs5mQh6WMJ2ftLWlOIha3DhUMmgZWT9GX8I+zAwWHnE4yUONtdBUBYdiy4m+vXCoP6/PE=
x-amz-request-id: KYJEGKQTNYJM54WY
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 30 Nov 2022 11:45:51 GMT
age: 3000
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Wed, 30 Nov 2022 12:35:51 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "3EF71D8DC3D2BEBF4DE30231BDF05094175DCE0CE99580C9BC5C643E8AD14054"
Last-Modified: Tue, 29 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Wed, 30 Nov 2022 18:35:51 GMT
Date: Wed, 30 Nov 2022 12:35:51 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "3EF71D8DC3D2BEBF4DE30231BDF05094175DCE0CE99580C9BC5C643E8AD14054"
Last-Modified: Tue, 29 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21599
Expires: Wed, 30 Nov 2022 18:35:51 GMT
Date: Wed, 30 Nov 2022 12:35:52 GMT
Connection: keep-alive

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 30 Nov 2022 12:11:14 GMT
cache-control: public,max-age=3600
age: 1478
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3239
Cache-Control: max-age=163497
Date: Wed, 30 Nov 2022 12:35:52 GMT
Etag: "63871d2b-1d7"
Expires: Fri, 02 Dec 2022 10:00:49 GMT
Last-Modified: Wed, 30 Nov 2022 09:06:51 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: sB4EBcgT0byrYdiNiyJ14w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         52.39.94.191
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 70acVQKP3hAX8BBtcviBwTwhXI0=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8565
Expires: Wed, 30 Nov 2022 14:58:39 GMT
Date: Wed, 30 Nov 2022 12:35:54 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8565
Expires: Wed, 30 Nov 2022 14:58:39 GMT
Date: Wed, 30 Nov 2022 12:35:54 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8565
Expires: Wed, 30 Nov 2022 14:58:39 GMT
Date: Wed, 30 Nov 2022 12:35:54 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8565
Expires: Wed, 30 Nov 2022 14:58:39 GMT
Date: Wed, 30 Nov 2022 12:35:54 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8565
Expires: Wed, 30 Nov 2022 14:58:39 GMT
Date: Wed, 30 Nov 2022 12:35:54 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb1888-5971-4b4a-923b-dc9d4050182b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7298
x-amzn-requestid: 381e55bb-876b-46ad-84b6-1ddf9f876f56
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDcE3poAMFaAA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-7c12394600900afc7281e858;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7mRG070F4NZnewfowUhVhMerJaGjJd4G6O1tvTPiKyvTAzq-Y16-jw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:56:51 GMT
etag: "e4ddf955e8ac1986045ed55880c43c69e588a021"
age: 52743
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7298
Md5:    e00769bd1391b8f4f5b8ab128a825355
Sha1:   e4ddf955e8ac1986045ed55880c43c69e588a021
Sha256: 81ca4d20c28fed8fd3135515daadc1fdbfb4198535d7c46021b418b8b98e59a5
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9674
x-amzn-requestid: 7e7d0183-9667-462a-8d44-d125998c1ae3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgEoHVAoAMFvAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a1d-280ba97e3fe1bf7244cbde35;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: qftF-GQkcjKTs30KMGCTDymw2SVSXeAYKGNWUnaMfvIb8HjtfHUx8A==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:44:46 GMT
etag: "53650399f9a986ba54addd668b4557109d12003b"
age: 53468
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9674
Md5:    5508d05a290b663fd89ead9b58f2efd8
Sha1:   53650399f9a986ba54addd668b4557109d12003b
Sha256: 65704a961410fdd318c491fedf002c8e9b184cd34b76fe1b67026d42ce21be3f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13e1db4e-7108-464a-85b6-24ac0c4609f9.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9330
x-amzn-requestid: 3fad352d-7664-43e0-9395-e840f671ca61
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgFQFIdoAMFSmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a21-5e9847852f8435231d401fe6;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: mCEtSOenWKxay4vNy5mN9cexxXKXKt7TMuLaLw-M86tLKwQ2MwuxPg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:11:32 GMT
age: 51862
etag: "2f3a39a528d3b759060203931de33c12303592e1"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9330
Md5:    bbe350ea797a0fec5a19a450fc5de4b4
Sha1:   2f3a39a528d3b759060203931de33c12303592e1
Sha256: 4d661dac2e19e07ae15d0f8cf00bd268c6c2defb2f5e4de38fcb6e7031dfd605
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F250668cd-c9db-4014-b576-3aaad4eb9150.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5785
x-amzn-requestid: ee77265b-8e90-4035-8ef1-92a2d26aaefa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDaHdWoAMFqmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-0d10d74030e7aee74804b654;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GydenCzPtpFdVLqN4ssiZ4dKN48WGneS3mwzEdDE81pobtLznfC4VQ==
via: 1.1 38eecd3ca21bf068d69a2f9cfe668d14.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:07:59 GMT
age: 52075
etag: "f7cf3a0f89751a02fbcf8d21f505f24a74e8b30b"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5785
Md5:    59baec8db5ced0210ab766ea5636a5fd
Sha1:   f7cf3a0f89751a02fbcf8d21f505f24a74e8b30b
Sha256: 33ff55891f18c22970804f1b8b2ba6821ddfd7426b01486410bd43f2b4295a8d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2730750-552d-4852-8ce1-503874565f75.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9051
x-amzn-requestid: 1032dd9c-a15e-4e8a-9c81-07419e8caf67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhGvEMNIAMFaKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867bc4-1005c20a33320dbf6567ca31;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:38:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rtfl896JX35oFFEVmqyH9Nm62iSY6rqwzkLwZMcM45p_ySF6J2QwEQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:44:47 GMT
age: 53467
etag: "6170d6776615503e3e29f86783febc3e3e78ca66"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9051
Md5:    05196ec43964cf559caa0c0279148d62
Sha1:   6170d6776615503e3e29f86783febc3e3e78ca66
Sha256: 47f3a5cde661987e3496ce110a0170b10087dd9ba8d4fd691c4830587ba3fa3f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd170538c-f8cf-4acb-ba33-2ead00b9db73.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10958
x-amzn-requestid: abfea5b0-58f5-49e1-b78e-7cf456d03cb3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgFHF9oIAMF5lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a20-5ab719292d440d083b07a478;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: e4GuUolL0WIMXvnF7BZ80j-dMMSILN2gd-1mqFwNns-zCUBsJa8iHQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:43:04 GMT
age: 53570
etag: "57e1d34f146d5ccd9943aa97bcc3158f7103bb07"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10958
Md5:    777ce44582c70bf01a31da4cab366f36
Sha1:   57e1d34f146d5ccd9943aa97bcc3158f7103bb07
Sha256: fbdc8f65ae74dc13b7aafec464f08fdc9902af519946200ec52432ac3ca55982
                                        
                                            GET /redirect.aspx?pid=11600&bid=1971&lpid=281 HTTP/1.1 
Host: promo.20bet.partners
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ur.onlinerealmoneygames.xyz/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.79.17
HTTP/2 307 Temporary Redirect
content-type: text/html
                                        
content-length: 0
location: https://20media.world/casino?btag=656524_3A082069A28A41ACA7875AA039F5E290
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
expires: Wed, 30 Nov 2022 12:35:54 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 30 Nov 2022 12:35:54 GMT
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a11600%2c%22BID%22%3a1971%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1669811754364)%5c%2f%22%2c%22CookieTag%22%3a%22197111600451240919C202211301235%22%7d%5d; SameSite=None;; domain=.20bet.partners; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%22925038288%7c1%22%7d%5d; domain=.20bet.partners; expires=Fri, 30-Nov-3021 12:35:54 GMT; path=/; secure; SameSite=Strict
server-timing: cdn-cache; desc=MISS, edge; dur=123, origin; dur=97
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=94403
Date: Wed, 30 Nov 2022 12:35:54 GMT
Etag: "63861bed-117"
Expires: Thu, 01 Dec 2022 14:49:17 GMT
Last-Modified: Tue, 29 Nov 2022 14:49:17 GMT
Server: nginx
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2126
Cache-Control: max-age=115950
Date: Wed, 30 Nov 2022 12:35:54 GMT
Etag: "638667ca-1d7"
Expires: Thu, 01 Dec 2022 20:48:24 GMT
Last-Modified: Tue, 29 Nov 2022 20:12:58 GMT
Server: ECS (amb/6B83)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: ur.onlinerealmoneygames.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ur.onlinerealmoneygames.xyz/%D0%98%D1%88%D0%B5%D0%BD%D0%B8%D0%BC_%D1%8D%D1%81%D0%B5%D0%B1%D0%B8%D0%BD_%D0%B1%D0%B0%D1%88%D0%BA%D0%B0%D1%80%D1%83%D1%83_%D0%B1%D1%83%D0%BA%D0%BC%D0%B5%D0%BA%D0%B5%D1%80%D1%8B.html"%3Eolimpbet
Connection: keep-alive
Cookie: antibot_referer=https%3A%2F%2Fur.onlinerealmoneygames.xyz%2F%25D0%2598%25D1%2588%25D0%25B5%25D0%25BD%25D0%25B8%25D0%25BC_%25D1%258D%25D1%2581%25D0%25B5%25D0%25B1%25D0%25B8%25D0%25BD_%25D0%25B1%25D0%25B0%25D1%2588%25D0%25BA%25D0%25B0%25D1%2580%25D1%2583%25D1%2583_%25D0%25B1%25D1%2583%25D0%25BA%25D0%25BC%25D0%25B5%25D0%25BA%25D0%25B5%25D1%2580%25D1%258B.html%26quot%3B%253Eolimpbet; antibot_uid=68a14cf1cee0b945c3a456a5ca39075c; antibot_country=NO; antibot_lang=en; antibot_ptr=s919042154.blix.com; antibot_5a78ab254a574dc9218bcf6a5eaba5aa=2308d3bcea88a7dccf4f71e85df02fc6; lastcid=1669811752.1969
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

search
                                         172.67.158.27
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                        
date: Wed, 30 Nov 2022 12:35:54 GMT
location: https://promo.20bet.partners/redirect.aspx?pid=11600&bid=1971&lpid=281
set-cookie: antibot_hits=2; expires=Thu, 01-Dec-2022 12:35:53 GMT; Max-Age=86400; path=/ antibot_unique_20221130=1; expires=Thu, 01-Dec-2022 12:35:53 GMT; Max-Age=86400; path=/ lastcid=0; expires=Wed, 30-Nov-2022 12:34:13 GMT; Max-Age=0; path=/ 961ba845da85400d8594e09ea5073046=0; expires=Wed, 30-Nov-2022 13:35:53 GMT; Max-Age=3600; path=/
expires: Sat, 10 Dec 2022 12:35:53 GMT
last-modified: Wed, 30 Nov 2022 12:35:53 GMT
cache-control: public, max-age=864000
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HjwSJfq0AedH7Irozf6mFZhgdpqln8kWYw1NV2zUt%2F1AIcsowLojGp4PH6O0in05Q%2Fq2IOakdW0g1Gtl5WmAMy0lP9CjHxVp39clg0f2WX6mwxyB0A0%2FuLkVAdwvw8RFgdAsz7mmQ6FEoyI1So0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7723a022a9830b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5009)
Size:   17976
Md5:    699ef47901f4b4285ce7dd2b59e48bdd
Sha1:   7458004f93dc3a1656c4cb2166501134e7e6b85a
Sha256: 0209187ba7c61e99c741528451ea6800f7f2aaed7e9435bc2709889b89f72331

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Cache-Control: 'max-age=158059'
Date: Wed, 30 Nov 2022 12:35:54 GMT
Server: ECS (amb/6B71)
Content-Length: 280

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3264
Cache-Control: max-age=159205
Date: Wed, 30 Nov 2022 12:35:55 GMT
Etag: "63870c50-117"
Expires: Fri, 02 Dec 2022 08:49:20 GMT
Last-Modified: Wed, 30 Nov 2022 07:54:56 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2059
Cache-Control: 'max-age=158059'
Date: Wed, 30 Nov 2022 12:35:55 GMT
Etag: "638648f6-117"
Last-Modified: Wed, 30 Nov 2022 12:01:36 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 30 Nov 2022 12:35:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3247
Cache-Control: 'max-age=158059'
Date: Wed, 30 Nov 2022 12:35:55 GMT
Last-Modified: Wed, 30 Nov 2022 11:41:49 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3264
Cache-Control: max-age=159205
Date: Wed, 30 Nov 2022 12:35:55 GMT
Etag: "63870c50-117"
Expires: Fri, 02 Dec 2022 08:49:20 GMT
Last-Modified: Wed, 30 Nov 2022 07:54:56 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 30 Nov 2022 12:35:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         143.204.42.88
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=111319
Date: Wed, 30 Nov 2022 12:35:55 GMT
Etag: "6386559a-1d7"
Expires: Thu, 01 Dec 2022 19:31:14 GMT
Last-Modified: Tue, 29 Nov 2022 18:55:22 GMT
Server: ECS (dcb/7EA3)
X-Cache: Miss from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: UBoOwyfLBk0ZToqR88BfzyKsqyq3tPQ7UvrIfifTCJFXra6e-2EdZA==
Age: 2152

                                        
                                            GET /assets/loader.gif HTTP/1.1 
Host: 20bet.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/casino?btag=656524_3A082069A28A41ACA7875AA039F5E290
Cookie: preferred-language=en; btag=656524_3A082069A28A41ACA7875AA039F5E290
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

search
                                         104.22.35.208
HTTP/2 200 OK
content-type: image/gif
                                        
date: Wed, 30 Nov 2022 12:35:55 GMT
content-length: 402680
cf-ray: 7723a0315efaf15a-ARN
accept-ranges: bytes
etag: "6385fd45-624f8"
last-modified: Tue, 29 Nov 2022 12:38:29 GMT
set-cookie: is_mobile_device=false
vary: Accept-Encoding
cf-cache-status: BYPASS
server: cloudflare
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 400 x 400\012- data
Size:   402680
Md5:    8529d23ed344b353f7b89b4c90b1aa82
Sha1:   5433dc4344e9fc4f3b516febe6c9df5e9fec1657
Sha256: d8a42ccb018c64bda5b2cac2f522c7895ce66055455e9eb9a0425dd7cfe18771
                                        
                                            GET /js/v4/agent.js HTTP/1.1 
Host: cdn.seon.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

search
                                         54.230.111.74
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Fri, 09 Sep 2022 15:20:31 GMT
x-amz-version-id: mfjcVMYC8eQg.3.C.jDktKY9HpyiJtFK
server: AmazonS3
content-encoding: gzip
date: Wed, 30 Nov 2022 11:39:40 GMT
cache-control: max-age=3600
etag: W/"7e416f9feeb805e04c423899736c48e2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: EVK7UlLeHNVmA2AZ_QkPl2wtec3eTKY0x9W9uI7llz6gBL_FpL36Bg==
age: 3386
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   110846
Md5:    9286882fe9bdac6b98c2bd1685665cad
Sha1:   e4df408e25c21e315229e7eb72479e6ea4ff0dca
Sha256: c63c48f78db7be91ae7660d50806f43bd588658b18576b122f89f6c8c68db3b6
                                        
                                            GET /sealassets/a10f772e8d9e71861d4ea2be20f6db60-20bet.com-f5faf6d82a7be2057527120fa49724355adf2a8c973918d432fa7b70160234e717ac6b01358f27fc0aff52358b79fb11-c3ByaXRlLXNlYWwucG5n?status=valid HTTP/1.1 
Host: c4457c89-e5ba-4d22-92e5-c2959310ee85.snippet.antillephone.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

search
                                         54.230.111.63
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 49397
date: Wed, 30 Nov 2022 12:32:16 GMT
x-powered-by: Express
cache-control: max-age=1200
etag: W/"c0f5-y5nfd/SGXZwvKHU5pcpHTPdvfQk"
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 77239ad63c885bf5-FRA
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: QqyNcscECmXyIzd-jUiS1F3swJpM0XFA1xpg9RSsSAaL9nV3Kra1_g==
age: 219
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 512 x 256, 8-bit/color RGBA, non-interlaced\012- data
Size:   49397
Md5:    8ef6782be55b8ce8f5b132d28af8e0d0
Sha1:   cb99df77f4865d9c2f287539a5ca474cf76f7d09
Sha256: d614922fde9604f8899e47f3cc3d69bf952312b996f7cf1421163996710850fa
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2845
Cache-Control: max-age=151229
Date: Wed, 30 Nov 2022 12:35:56 GMT
Etag: "6386eecc-1d7"
Expires: Fri, 02 Dec 2022 06:36:25 GMT
Last-Modified: Wed, 30 Nov 2022 05:49:00 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /app/styles.a1f6fc82d7ce3311.css HTTP/1.1 
Host: 20bet.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/casino?btag=656524_3A082069A28A41ACA7875AA039F5E290
Cookie: preferred-language=en; btag=656524_3A082069A28A41ACA7875AA039F5E290
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

search
                                         104.22.35.208
HTTP/2 200 OK
content-type: text/css
                                        
date: Wed, 30 Nov 2022 12:35:55 GMT
cf-ray: 7723a0314ef4f15a-ARN
etag: W/"6385fd07-2377c"
last-modified: Tue, 29 Nov 2022 12:37:27 GMT
set-cookie: is_mobile_device=false
vary: Accept-Encoding
cf-cache-status: BYPASS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   31586
Md5:    a7c67ded74b79cc2d5a45580e69aabf7
Sha1:   17c675795321dbf95732ff5ff69f897b130d8264
Sha256: 4c69e529489f64af16d44571fe4f5b3eb23212d3733b97fe35e29166fa9d9b87
                                        
                                            GET /notify/v1/ua-sdk.min.js HTTP/1.1 
Host: aswpsdkus.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

search
                                         34.160.158.95
HTTP/2 200 OK
content-type: application/javascript
                                        
x-guploader-uploadid: ADPycdta-JWbSXA-fzHvZbkFREqjwz0pCu-6l80yCiPZEBlbqeXtOrcU00d2Wm1BiPgS9GSpml9E-ppXLk8kCMVRc8cRxg
x-goog-generation: 1665770460678651
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 42633
content-encoding: gzip
x-goog-hash: crc32c=2hVL0A==, md5=iv9O9Jdsw6vOvyD0hXd1Ow==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 42633
server: UploadServer
date: Wed, 30 Nov 2022 12:34:26 GMT
expires: Wed, 30 Nov 2022 12:39:26 GMT
cache-control: public,max-age=300,no-transform
age: 90
last-modified: Fri, 14 Oct 2022 18:01:00 GMT
etag: "8aff4ef4976cc3abcebf20f48577753b"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   42633
Md5:    8aff4ef4976cc3abcebf20f48577753b
Sha1:   8dc504909cc95b490c33f80853cc871e4303addd
Sha256: 3f1e34da0d341f968e5e49a8bd25ca2fcb608eb2817998731c6b054113067ee3
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 30 Nov 2022 12:35:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2845
Cache-Control: max-age=151229
Date: Wed, 30 Nov 2022 12:35:56 GMT
Etag: "6386eecc-1d7"
Expires: Fri, 02 Dec 2022 06:36:25 GMT
Last-Modified: Wed, 30 Nov 2022 05:49:00 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /gtm.js?id=GTM-55HKBB7 HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.40
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 12:35:56 GMT
expires: Wed, 30 Nov 2022 12:35:56 GMT
cache-control: private, max-age=900
last-modified: Wed, 30 Nov 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 58692
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (23167)
Size:   58692
Md5:    20b6ba8f5cfdd79dbe4df477f8b5f46d
Sha1:   8dee7d74ca5594e32c914861969d712662e42fe6
Sha256: 55b225b21a370f52ef78b8be421cf863d20dc668762e9a5249fb0f67824d775d
                                        
                                            GET /7693683943e78a298c36d469e68b47d8/widgetloader HTTP/1.1 
Host: ws-cdn001.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.10
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
content-security-policy: frame-ancestors 'self' https://st-cdn001.akamaized.net https://ls-cdn001.akamaized.net
cache-control: public, max-age=120, stale-while-revalidate=60, immutable
etag: "9bc46328338c378d30894ab4a4e7d934-bbc305cdcf6bf9c0587379b5415909bd"
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
x-ing-v: 2
content-length: 59716
date: Wed, 30 Nov 2022 12:35:56 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (40931)
Size:   59716
Md5:    942c23f37ef3a0d771075ccfb13e232c
Sha1:   0b4acaded331db43bfb71078fa881d8314b04af6
Sha256: b7b036b0b4054d2a36530ea79a2b3f37b76eed25856ccb48a5068d14276fd912
                                        
                                            GET /dist/tag-manager.js?id=STM-AAAACT HTTP/1.1 
Host: tm.ads.sportradar.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.79.43
HTTP/2 200 OK
content-type: application/javascript
                                        
apigw-requestid: cadHyie6joEEJUA=
vary: Accept-Encoding
content-encoding: gzip
content-length: 31257
date: Wed, 30 Nov 2022 12:35:56 GMT
cache-control: max-age=900, public
x-n: S
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Size:   31257
Md5:    c107cbeae2be0d4f1d241b9fd672457d
Sha1:   a017d05ff36c646bfa755b60c25e0f67f723de6d
Sha256: 3aac2aa9d355d442078788e431cc0f96baa3f893389c422659323d7602c0261d
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 30 Nov 2022 12:35:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 30 Nov 2022 12:35:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /modules.fb61877307ee2cbdddd8.js HTTP/1.1 
Host: script.hotjar.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

search
                                         143.204.55.46
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 68686
date: Tue, 29 Nov 2022 13:13:06 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "83b19b8f1226afd21aa19be455afda7e"
last-modified: Tue, 29 Nov 2022 13:12:54 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: cbZMN2w_7TucGL90gi3yKNnkOSKKeOPffL8iDVCVy8NrxzsUGmR7GA==
age: 84170
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (48714)
Size:   68686
Md5:    83b19b8f1226afd21aa19be455afda7e
Sha1:   fae192c39c07152703f176652331b0012c642d64
Sha256: 29d4b3c00c20eefcbe98d8e99a16a64314bfb599eaf90153754c5a3c6375f87a
                                        
                                            GET /assets/favicon.png HTTP/1.1 
Host: 20bet.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/casino?btag=656524_3A082069A28A41ACA7875AA039F5E290
Cookie: is_mobile_device=false; preferred-language=en; btag=656524_3A082069A28A41ACA7875AA039F5E290
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

search
                                         104.22.35.208
HTTP/2 200 OK
content-type: image/png
                                        
date: Wed, 30 Nov 2022 12:35:56 GMT
content-length: 9320
cf-ray: 7723a0347851f15a-ARN
accept-ranges: bytes
etag: "6385fd37-2468"
last-modified: Tue, 29 Nov 2022 12:38:15 GMT
set-cookie: is_mobile_device=false
vary: Accept-Encoding
cf-cache-status: BYPASS
server: cloudflare
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 129 x 128, 8-bit/color RGBA, non-interlaced\012- data
Size:   9320
Md5:    76d3202979d99d33720b7b189cf8bc23
Sha1:   81cba7c933e4e332ea31208c388307d49bf1c1c8
Sha256: 7731ec4a0f05418aaf44b5d3b8010c5470303578fed1331bc18089fc802b2a96
                                        
                                            GET /assets/favicon.png HTTP/1.1 
Host: 20bet.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/casino?btag=656524_3A082069A28A41ACA7875AA039F5E290
Cookie: is_mobile_device=false; preferred-language=en; btag=656524_3A082069A28A41ACA7875AA039F5E290
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

search
                                         104.22.35.208
HTTP/2 200 OK
content-type: image/png
                                        
date: Wed, 30 Nov 2022 12:35:56 GMT
content-length: 9320
cf-ray: 7723a0347852f15a-ARN
accept-ranges: bytes
etag: "6385fd45-2468"
last-modified: Tue, 29 Nov 2022 12:38:29 GMT
set-cookie: is_mobile_device=false
vary: Accept-Encoding
cf-cache-status: BYPASS
server: cloudflare
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 129 x 128, 8-bit/color RGBA, non-interlaced\012- data
Size:   9320
Md5:    76d3202979d99d33720b7b189cf8bc23
Sha1:   81cba7c933e4e332ea31208c388307d49bf1c1c8
Sha256: 7731ec4a0f05418aaf44b5d3b8010c5470303578fed1331bc18089fc802b2a96
                                        
                                            GET /dist/tracker.js HTTP/1.1 
Host: tracker.ads.sportradar.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

search
                                         23.36.79.43
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Wed, 20 Jan 2021 14:51:32 GMT
accept-ranges: bytes
server: AmazonS3
etag: "5ff82a1c468a89919e9437d33e0402cb"
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: W_J6AF2Ok-eE3rbP4xPikMa75J_77BR-7Gsxn6KRO6zjS2RaYiGj_Q==
vary: Accept-Encoding
content-encoding: gzip
content-length: 11553
date: Wed, 30 Nov 2022 12:35:56 GMT
cache-control: max-age=900, public
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (34755)
Size:   11553
Md5:    b34b13d85152f71b7fd15289c78c0583
Sha1:   0bb20191b022bbd0e75f2bbce7f6332886079c2c
Sha256: 7a3fc57394ecc6745eb6e18745aa1e5e5d05cb2237c4d0d754ab43d33863a84c
                                        
                                            GET /dist//sp-2.14.0.js HTTP/1.1 
Host: tracker.ads.sportradar.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

search
                                         23.36.79.43
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Wed, 20 Jan 2021 14:51:32 GMT
etag: "8dba669b94e3865c9205ef8fd15ee4d1"
accept-ranges: bytes
server: AmazonS3
x-amz-cf-pop: AMS50-C1
x-amz-cf-id: nhilYV6V-q1PhJgn8gs9dmUPL39Zd2IwgnsFUnicuqpA-U_Vrqb7CA==
vary: Accept-Encoding
content-encoding: gzip
content-length: 30370
date: Wed, 30 Nov 2022 12:35:56 GMT
cache-control: max-age=900, public
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (64903)
Size:   30370
Md5:    44f237857b8d03f32b53fe551e83c95a
Sha1:   91536fe6c60d947d29dfcb5f04d09b752b5ccf03
Sha256: a5e10dc2f3c729300afe8fe24aa430f57d91fdefa8112c0b35dd424ba612caa7
                                        
                                            GET /box-5e66f98b4ee957db209dc6f63e3d59dd.html HTTP/1.1 
Host: vars.hotjar.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         143.204.55.118
HTTP/2 200 OK
content-type: text/html
                                        
content-length: 1035
date: Wed, 23 Nov 2022 13:10:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "e0652b84b7b3b650769c759fc520c3f8"
last-modified: Wed, 23 Nov 2022 13:09:18 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: hUIMeyL3ez9CikjNO3fWZ5OWfWzGQ9lzcQ4zPHqrIfIESNk-ZdYeiA==
age: 602750
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Size:   1035
Md5:    e0652b84b7b3b650769c759fc520c3f8
Sha1:   0b55d6e28613350c7f41b88f19e726e6751ad03b
Sha256: 94b4c240f83065223dcacdd3f8b69cb229d0616edc3e2041eef3e270d859fc3d
                                        
                                            GET /dcs/tagController/tag/d3ea3fb1f9d4/homepage HTTP/1.1 
Host: zz.connextra.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.85.191.64
HTTP/2 200 OK
content-type: text/javascript;charset=utf-8
                                        
content-encoding: gzip
content-length: 16263
cache-control: must-revalidate, max-age=180
expires: Wed, 30 Nov 2022 12:38:56 GMT
date: Wed, 30 Nov 2022 12:35:56 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- exported SGML document, ASCII text, with very long lines (2407)
Size:   16263
Md5:    a48b7d649ea4ff6d54adcc1966fdf787
Sha1:   d8d4c0645613806cf861cfa1d793e40aca2748f0
Sha256: 1479166998807326fbc3aa71ab41a46597b3dc39c6e9c9b372c0a0286030add0
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A39AEA35B520EA57ED99947959688861E9D413C4B1B90B9466BF5D4F97DF7830"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2323
Expires: Wed, 30 Nov 2022 13:14:39 GMT
Date: Wed, 30 Nov 2022 12:35:56 GMT
Connection: keep-alive

                                        
                                            GET /app/main.882d7390f891bc88.css HTTP/1.1 
Host: 20bet.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/casino?btag=656524_3A082069A28A41ACA7875AA039F5E290
Cookie: preferred-language=en; btag=656524_3A082069A28A41ACA7875AA039F5E290
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

search
                                         104.22.35.208
HTTP/2 200 OK
content-type: text/css
                                        
date: Wed, 30 Nov 2022 12:35:55 GMT
cf-ray: 7723a0314ef3f15a-ARN
etag: W/"6385fd10-5d264"
last-modified: Tue, 29 Nov 2022 12:37:36 GMT
set-cookie: is_mobile_device=false
vary: Accept-Encoding
cf-cache-status: BYPASS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   62651
Md5:    dff632d5e7c44f9933f7c79a5a9c7b31
Sha1:   f1bb5c72de912ef2b65c4d4552838335a688f93f
Sha256: 0eb36be6ebcbb102481dedb331ff5049127dd447e7b975b64f08611bf19ac44d
                                        
                                            GET /public/sg.js HTTP/1.1 
Host: casino.cur.a8r.games
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.12.198
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
                                        
date: Wed, 30 Nov 2022 12:35:55 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Wed, 30 Nov 2022 11:28:59 GMT
cf-cache-status: HIT
age: 3044
expires: Wed, 30 Nov 2022 16:35:55 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 7723a031a8a9b515-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   3809
Md5:    a7a3becfba9b883359726b5818ee0699
Sha1:   c42e6590c9c954092a3d83a648c4039225d3be2e
Sha256: 81bf95d8d11ebfdb974a95da746ec2d863c3c3317db4cc15a921993c9c12de4d
                                        
                                            GET /sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId= HTTP/1.1 
Host: a.sportradarserving.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

search
                                         3.123.120.111
HTTP/1.1 302 Moved Temporarily
                                        
Cache-Control: no-cache, no-store, must-revalidate
Date: Wed, 30 Nov 2022 12:35:56 GMT
Location: https://a.sportradarserving.com/ul_cb/sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId=
Set-Cookie: zuuid=e664cd8d-f427-4534-907c-ff2da83510fc; path=/; expires=Thu, 30-Nov-2023 12:35:56 GMT; domain=sportradarserving.com; samesite=none; secure c=1669811756; path=/; expires=Thu, 30-Nov-2023 12:35:56 GMT; domain=sportradarserving.com; samesite=none; secure zuuid_lu=1669811756; path=/; expires=Thu, 30-Nov-2023 12:35:56 GMT; domain=sportradarserving.com; samesite=none; secure
Content-Length: 0
Connection: keep-alive

                                        
                                            GET /pixel?type=js&aid=1121&id=1859 HTTP/1.1 
Host: a.sportradarserving.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

search
                                         3.123.120.111
HTTP/1.1 302 Moved Temporarily
                                        
Cache-Control: no-cache, no-store, must-revalidate
Date: Wed, 30 Nov 2022 12:35:56 GMT
Location: https://a.sportradarserving.com/ul_cb/pixel?type=js&aid=1121&id=1859
Set-Cookie: zuuid=793732d6-9f7e-4a5d-a258-ca96bf9c6ede; path=/; expires=Thu, 30-Nov-2023 12:35:56 GMT; domain=sportradarserving.com; samesite=none; secure c=1669811756; path=/; expires=Thu, 30-Nov-2023 12:35:56 GMT; domain=sportradarserving.com; samesite=none; secure zuuid_lu=1669811756; path=/; expires=Thu, 30-Nov-2023 12:35:56 GMT; domain=sportradarserving.com; samesite=none; secure
Content-Length: 0
Connection: keep-alive

                                        
                                            GET /ul_cb/sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId= HTTP/1.1 
Host: a.sportradarserving.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20bet.com/
Connection: keep-alive
Cookie: zuuid=793732d6-9f7e-4a5d-a258-ca96bf9c6ede; c=1669811756; zuuid_lu=1669811756
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

search
                                         3.123.120.111
HTTP/1.1 302 Moved Temporarily
                                        
Cache-Control: no-cache, no-store, must-revalidate
Date: Wed, 30 Nov 2022 12:35:56 GMT
Location: https://x.bidswitch.net/syncd?dsp_id=409&user_group=1&user_id=793732d6-9f7e-4a5d-a258-ca96bf9c6ede&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3D793732d6-9f7e-4a5d-a258-ca96bf9c6ede
Set-Cookie: zuuid=793732d6-9f7e-4a5d-a258-ca96bf9c6ede; path=/; expires=Thu, 30-Nov-2023 12:35:56 GMT; domain=sportradarserving.com; samesite=none; secure zuuid_lu=1669811756; path=/; expires=Thu, 30-Nov-2023 12:35:56 GMT; domain=sportradarserving.com; samesite=none; secure zuuid_k=1; path=/; expires=Thu, 30-Nov-2023 12:35:56 GMT; domain=sportradarserving.com; samesite=none; secure zuuid_k_lu=1669811756; path=/; expires=Thu, 30-Nov-2023 12:35:56 GMT; domain=sportradarserving.com; samesite=none; secure
Content-Length: 0
Connection: keep-alive

                                        
                                            GET /ul_cb/pixel?type=js&aid=1121&id=1859 HTTP/1.1 
Host: a.sportradarserving.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20bet.com/
Connection: keep-alive
Cookie: zuuid=793732d6-9f7e-4a5d-a258-ca96bf9c6ede; c=1669811756; zuuid_lu=1669811756
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

search
                                         3.123.120.111
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
Cache-Control: no-cache, no-store, must-revalidate
Date: Wed, 30 Nov 2022 12:35:56 GMT
Set-Cookie: zuuid=793732d6-9f7e-4a5d-a258-ca96bf9c6ede; path=/; expires=Thu, 30-Nov-2023 12:35:56 GMT; domain=sportradarserving.com; samesite=none; secure zuuid_lu=1669811756; path=/; expires=Thu, 30-Nov-2023 12:35:56 GMT; domain=sportradarserving.com; samesite=none; secure zuuid_k=1; path=/; expires=Thu, 30-Nov-2023 12:35:56 GMT; domain=sportradarserving.com; samesite=none; secure zuuid_k_lu=1669811756; path=/; expires=Thu, 30-Nov-2023 12:35:56 GMT; domain=sportradarserving.com; samesite=none; secure cm2=!bidswitch,439140956; path=/; expires=Thu, 30-Nov-2023 12:35:56 GMT; domain=sportradarserving.com; samesite=none; secure bss=!bidswitch,439068956; path=/; expires=Thu, 30-Nov-2023 12:35:56 GMT; domain=sportradarserving.com; samesite=none; secure
Content-Length: 1698
Connection: keep-alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (1698), with no line terminators
Size:   1698
Md5:    6d3622f4f36aac34901f315ead9c3ce3
Sha1:   3765b73764fa4d489d7a83a8ff14edcdc8132c70
Sha256: 4848d53281d2fdd7923fbd87513bdbde3264c1a1bc2811041cdfa46b33610520
                                        
                                            GET /track.js?e=pageview&u=https%3A%2F%2F20bet.com%2Fcasino%3Fbtag%3D656524_3A082069A28A41ACA7875AA039F5E290&r=https%3A%2F%2Fur.onlinerealmoneygames.xyz%2F&i=DV-02355017850611493202&v=1.0.0&uid=23f5bf90-e8ab-4feb-923d-acf201dc928e&_nc=1669811755454 HTTP/1.1 
Host: tracker.growthbuddy.app
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

search
                                         54.74.8.139
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Wed, 30 Nov 2022 12:35:56 GMT
content-length: 0
set-cookie: INGRESSCOOKIE=1669811757.702.113.148080|4755d7349ad2180cc27216e76023fb56; Path=/; Secure; HttpOnly
cache-control: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         143.204.42.88
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=131733
Date: Wed, 30 Nov 2022 12:35:56 GMT
Etag: "6386a424-1d7"
Expires: Fri, 02 Dec 2022 01:11:29 GMT
Last-Modified: Wed, 30 Nov 2022 00:30:28 GMT
Server: ECS (bsa/EB1E)
X-Cache: Miss from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: g0iLF_64QA2iil6HiTaxkfqCwM2DJs_A7SW_bG5LTC5mbJIBLwTvrg==
Age: 2461

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2748
Cache-Control: max-age=160497
Date: Wed, 30 Nov 2022 12:35:56 GMT
Etag: "63871361-1d7"
Expires: Fri, 02 Dec 2022 09:10:53 GMT
Last-Modified: Wed, 30 Nov 2022 08:25:05 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3287
Cache-Control: max-age=164959
Date: Wed, 30 Nov 2022 12:35:56 GMT
Etag: "638722b4-1d7"
Expires: Fri, 02 Dec 2022 10:25:15 GMT
Last-Modified: Wed, 30 Nov 2022 09:30:28 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.46
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Wed, 30 Nov 2022 10:46:55 GMT
expires: Wed, 30 Nov 2022 12:46:55 GMT
cache-control: public, max-age=7200
age: 6541
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   20039
Md5:    47e6f374ca946fddd5b59871b325736c
Sha1:   baa9282efc8785e84d247c3bff518eaa45f101c4
Sha256: 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
                                        
                                            GET /tag_gen.js HTTP/1.1 
Host: a.exoclick.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

search
                                         205.185.216.10
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Wed, 30 Nov 2022 12:35:56 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 515
Accept-Ranges: bytes
Cache-Control: max-age=10800
Server: nginx
etag: W/"a56c0470b9aa925085e51a6271a"
X-HW: 1669811756.dop018.sk1.t,1669811756.cds203.sk1.shn,1669811756.dop018.sk1.t,1669811756.cds251.sk1.c
Access-Control-Allow-Origin: *, *


--- Additional Info ---
Magic:  ASCII text, with very long lines (1030), with no line terminators
Size:   515
Md5:    628e0302068ade64b5f411f39d5ce7e5
Sha1:   ff1a609269f34bad5ae67ed1678df3f7b905d018
Sha256: c583ceaeae2e9a05e25c27b61520710f16b8b98ca7f9087a75ae90a040b8bc3f
                                        
                                            GET /en_US/fbevents.js HTTP/1.1 
Host: connect.facebook.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

search
                                         31.13.72.12
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
vary: Accept-Encoding
content-encoding: gzip
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: jCU77cs+69Qk6jP5L/cwYGnLkm1K8hHCPgrVyoCdRiEkJ/HlNB6x68t9J83EqbCGFxMPRvJv9sdJFkKHw7gigw==
priority: u=3,i
content-length: 27340
x-fb-trip-id: 1904183273
date: Wed, 30 Nov 2022 12:35:57 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (64348)
Size:   27340
Md5:    44ecaa3c2a4929a40141edc4540aaf84
Sha1:   f29a573182333b2500d41bfc389d6c5232dfb348
Sha256: 6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3115
Cache-Control: max-age=96410
Date: Wed, 30 Nov 2022 12:35:57 GMT
Etag: "6386179c-13a"
Expires: Thu, 01 Dec 2022 15:22:47 GMT
Last-Modified: Tue, 29 Nov 2022 14:30:52 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 314

                                        
                                            GET /sessions/2053477?s=0.25&r=0.16378807148579355 HTTP/1.1 
Host: vc.hotjar.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://20bet.com
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

search
                                         54.230.111.8
HTTP/2 204 No Content
                                        
access-control-allow-origin: *
cache-control: no-store
date: Wed, 30 Nov 2022 12:35:57 GMT
server: Python/3.7 aiohttp/3.5.4
x-cache: Miss from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 0TktGr6bCI_PF_AYpZDTfTwWhGJxbQroLgxv8pBERFFTsWVMMHdKaw==
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 30 Nov 2022 12:35:57 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 13:56:49 GMT
Expires: Tue, 06 Dec 2022 13:56:48 GMT
Etag: "2a14fbf1023ab3a7f94c5ed80a68a826d69f28fc"
Cache-Control: max-age=522650,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7723a0395ff2b500-OSL

                                        
                                            GET /ctrack?action=list&type=add&id=notregistered&context=20bet.com&cookiename=notregistered&age=262800&maxcookiecount=10 HTTP/1.1 
Host: ctrack.trafficjunky.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

search
                                         66.254.114.89
HTTP/1.1 200 OK
content-type: image/gif
                                        
server: openresty
date: Wed, 30 Nov 2022 12:35:57 GMT
content-length: 35
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Sun, 22 Jan 1984 03:00:00 GMT
p3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
pragma: no-cache
set-cookie: tj_UUID=631cd2ee2b4f4cf89a98c513c08d9583; Path=/; Domain=trafficjunky.net; Expires=Fri, 30 Dec 2022 12:35:57 GMT; Secure; SameSite=None tj_UUID_v2=631cd2ee-2b4f-4cf8-9a98-c513c08d9583; Path=/; Domain=trafficjunky.net; Expires=Fri, 30 Dec 2022 12:35:57 GMT; Secure; SameSite=None 1918bc62c1a6d87456120b5ac922270e=notregistered; Path=/; Domain=trafficjunky.net; Expires=Thu, 01 Jun 2023 00:35:57 GMT; Secure; SameSite=None
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-headers: Content-Type
access-control-max-age: 86400
x-request-id: 63874E2C-42FE725901BB9451-142D88D3


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   35
Md5:    28d6814f309ea289f847c69cf91194c6
Sha1:   0f4e929dd5bb2564f7ab9c76338e04e292a42ace
Sha256: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 30 Nov 2022 12:35:57 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 13:56:49 GMT
Expires: Tue, 06 Dec 2022 13:56:48 GMT
Etag: "2a14fbf1023ab3a7f94c5ed80a68a826d69f28fc"
Cache-Control: max-age=522650,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7723a0395932b4eb-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3288
Cache-Control: max-age=164959
Date: Wed, 30 Nov 2022 12:35:57 GMT
Etag: "638722b4-1d7"
Expires: Fri, 02 Dec 2022 10:25:16 GMT
Last-Modified: Wed, 30 Nov 2022 09:30:28 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 30 Nov 2022 12:35:57 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 13:56:49 GMT
Expires: Tue, 06 Dec 2022 13:56:48 GMT
Etag: "2a14fbf1023ab3a7f94c5ed80a68a826d69f28fc"
Cache-Control: max-age=522650,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7723a0397f2db51b-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         143.204.42.88
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=91210
Date: Wed, 30 Nov 2022 12:35:57 GMT
Etag: "6386029d-1d7"
Expires: Thu, 01 Dec 2022 13:56:07 GMT
Last-Modified: Tue, 29 Nov 2022 13:01:17 GMT
Server: ECS (nyb/1D35)
X-Cache: Miss from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ClgPCsYU1Z4-n9iUQrFDSM_1M5eBTgLB2HX2gq99VK7iDOBtP6qx4w==
Age: 3290

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 30 Nov 2022 12:35:57 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 13:56:49 GMT
Expires: Tue, 06 Dec 2022 13:56:48 GMT
Etag: "2a14fbf1023ab3a7f94c5ed80a68a826d69f28fc"
Cache-Control: max-age=522650,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7723a0398bdfb4fa-OSL

                                        
                                            GET /syncd?dsp_id=409&user_id=793732d6-9f7e-4a5d-a258-ca96bf9c6ede&user_group=2&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D HTTP/1.1 
Host: x.bidswitch.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

search
                                         18.195.153.121
HTTP/2 302 Found
                                        
date: Wed, 30 Nov 2022 12:35:57 GMT
content-length: 0
location: https://x.bidswitch.net/ul_cb/syncd?dsp_id=409&user_id=793732d6-9f7e-4a5d-a258-ca96bf9c6ede&user_group=2&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D
cache-control: no-cache, no-store, must-revalidate
set-cookie: tuuid=0e6920d9-7f6c-42e0-b4db-e660545d6cd4; path=/; expires=Thu, 30-Nov-2023 12:35:57 GMT; domain=.bidswitch.net; samesite=none; secure c=1669811757; path=/; expires=Thu, 30-Nov-2023 12:35:57 GMT; domain=.bidswitch.net; samesite=none; secure tuuid_lu=1669811757; path=/; expires=Thu, 30-Nov-2023 12:35:57 GMT; domain=.bidswitch.net; samesite=none; secure c=1669811757; path=/; expires=Thu, 30-Nov-2023 12:35:57 GMT; domain=.bidswitch.net; samesite=none; secure
X-Firefox-Spdy: h2

                                        
                                            POST /gseccovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 30 Nov 2022 12:35:57 GMT
Content-Length: 938
Connection: keep-alive
Expires: Sun, 04 Dec 2022 11:09:55 GMT
ETag: "f9e65676ecfa474afd47dbd4b8bd67c2ba379e21"
Last-Modified: Wed, 30 Nov 2022 11:09:56 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1601
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7723a039cfeb0af6-OSL

                                        
                                            GET /sync?dsp_id=409&expires=14&user_group=2&user_id=793732d6-9f7e-4a5d-a258-ca96bf9c6ede&cb=01358a82-a5c6-4908-be6f-8e1e6d1b56c3 HTTP/1.1 
Host: x.bidswitch.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

search
                                         18.195.153.121
HTTP/2 302 Found
                                        
date: Wed, 30 Nov 2022 12:35:57 GMT
content-length: 0
location: https://x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=793732d6-9f7e-4a5d-a258-ca96bf9c6ede&cb=01358a82-a5c6-4908-be6f-8e1e6d1b56c3
cache-control: no-cache, no-store, must-revalidate
set-cookie: tuuid=beff071d-e0ba-49da-98c2-81ef67f0e296; path=/; expires=Thu, 30-Nov-2023 12:35:57 GMT; domain=.bidswitch.net; samesite=none; secure c=1669811757; path=/; expires=Thu, 30-Nov-2023 12:35:57 GMT; domain=.bidswitch.net; samesite=none; secure tuuid_lu=1669811757; path=/; expires=Thu, 30-Nov-2023 12:35:57 GMT; domain=.bidswitch.net; samesite=none; secure c=1669811757; path=/; expires=Thu, 30-Nov-2023 12:35:57 GMT; domain=.bidswitch.net; samesite=none; secure
X-Firefox-Spdy: h2

                                        
                                            GET /syncd?dsp_id=409&user_group=1&user_id=793732d6-9f7e-4a5d-a258-ca96bf9c6ede&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3D793732d6-9f7e-4a5d-a258-ca96bf9c6ede HTTP/1.1 
Host: x.bidswitch.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20bet.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

search
                                         18.195.153.121
HTTP/2 302 Found
                                        
date: Wed, 30 Nov 2022 12:35:57 GMT
content-length: 0
location: https://x.bidswitch.net/ul_cb/syncd?dsp_id=409&user_group=1&user_id=793732d6-9f7e-4a5d-a258-ca96bf9c6ede&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3D793732d6-9f7e-4a5d-a258-ca96bf9c6ede
cache-control: no-cache, no-store, must-revalidate
set-cookie: tuuid=d210903a-2e81-4709-bca8-53124bb5bf1d; path=/; expires=Thu, 30-Nov-2023 12:35:57 GMT; domain=.bidswitch.net; samesite=none; secure c=1669811757; path=/; expires=Thu, 30-Nov-2023 12:35:57 GMT; domain=.bidswitch.net; samesite=none; secure tuuid_lu=1669811757; path=/; expires=Thu, 30-Nov-2023 12:35:57 GMT; domain=.bidswitch.net; samesite=none; secure c=1669811757; path=/; expires=Thu, 30-Nov-2023 12:35:57 GMT; domain=.bidswitch.net; samesite=none; secure
X-Firefox-Spdy: h2

                                        
                                            GET /sync?dsp_id=409&expires=14&user_group=2&user_id=793732d6-9f7e-4a5d-a258-ca96bf9c6ede&cb=4669320a-ce90-453f-b391-4576c7d21563 HTTP/1.1 
Host: x.bidswitch.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

search
                                         18.195.153.121
HTTP/2 302 Found
                                        
date: Wed, 30 Nov 2022 12:35:57 GMT
content-length: 0
cache-control: no-cache, no-store, must-revalidate
location: //match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=793732d6-9f7e-4a5d-a258-ca96bf9c6ede&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
X-Firefox-Spdy: h2

                                        
                                            GET /xuid?mid=7963&xuid=793732d6-9f7e-4a5d-a258-ca96bf9c6ede&dongle=3oy7 HTTP/1.1 
Host: eb2.3lift.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

search
                                         76.223.111.18
HTTP/2 200 OK
content-type: image/gif
                                        
date: Wed, 30 Nov 2022 12:35:57 GMT
content-length: 37
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   37
Md5:    3eacd0132310ea44cad756b378a3bc07
Sha1:   e2216a7e9b73f5cb0279351c78ce61c33475cea7
Sha256: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
                                        
                                            GET /sync?dsp_id=409&expires=14&user_group=2&user_id=793732d6-9f7e-4a5d-a258-ca96bf9c6ede&cb=5e585bf7-bf20-4de1-b8d8-5e8506a7a2c5 HTTP/1.1 
Host: x.bidswitch.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

search
                                         18.195.153.121
HTTP/2 302 Found
                                        
date: Wed, 30 Nov 2022 12:35:57 GMT
content-length: 0
cache-control: no-cache, no-store, must-revalidate
location: //match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=793732d6-9f7e-4a5d-a258-ca96bf9c6ede&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
X-Firefox-Spdy: h2

                                        
                                            POST /g/collect?v=2&tid=G-J9LNZYMXZE&gtm=2oebs0&_p=1552734670&cid=516450411.1669811755&ul=en-us&sr=1280x1024&_s=1&sid=1669811755&sct=1&seg=0&dl=https%3A%2F%2F20bet.com%2Fcasino%3Fbtag%3D656524_3A082069A28A41ACA7875AA039F5E290&dr=https%3A%2F%2Fur.onlinerealmoneygames.xyz%2F&dt=Best%20Online%20Casino%20to%20Win%20Real%20Money%20%C2%BB%20Play%20at%2020Bet%20Legally&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1 
Host: region1.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://20bet.com
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

search
                                         216.239.34.36
HTTP/2 204 No Content
content-type: text/plain
                                        
access-control-allow-origin: https://20bet.com
date: Wed, 30 Nov 2022 12:35:57 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            GET /metrika/tag.js HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

search
                                         87.250.251.119
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 73267
date: Wed, 30 Nov 2022 12:35:57 GMT
access-control-allow-origin: *
etag: "6384bff1-11e33"
expires: Wed, 30 Nov 2022 13:35:57 GMT
last-modified: Mon, 28 Nov 2022 17:04:33 GMT
cache-control: max-age=3600
content-encoding: br
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 (with BOM) text, with very long lines (587)
Size:   73267
Md5:    1d79426653c3b55939eaec59a2ce8ef5
Sha1:   c6db0314df7a4e5c08047f6306e0b79a1ad3bab2
Sha256: 2729cfe8b2f5142cf99734cbb4e1a3c6cd35868d279cd796db49ef62742ef993
                                        
                                            GET /tracking/cssession?tst&id=22441 HTTP/1.1 
Host: dsp-trk.eskimi.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://20bet.com
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

search
                                         34.120.139.69
HTTP/2 304 Not Modified
                                        
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
date: Wed, 30 Nov 2022 12:35:57 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

                                        
                                            GET /tag.php?goal=8b2e6ea6f4f288415527d8eb7f5c3dc2 HTTP/1.1 
Host: main.exdynsrv.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.211.229.248
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Wed, 30 Nov 2022 12:35:57 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: goals=a%3A1%3A%7Bi%3A93090%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-11-30%22%3B%7D%7D; expires=Thu, 30 Nov 2023 12:35:57 GMT; path=/; domain=.exdynsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "455BDA3629E55C1730A67D5D82C68E4001F78F8019A755178225624E16076E80"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3564
Expires: Wed, 30 Nov 2022 13:35:21 GMT
Date: Wed, 30 Nov 2022 12:35:57 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2749
Cache-Control: max-age=160497
Date: Wed, 30 Nov 2022 12:35:57 GMT
Etag: "63871361-1d7"
Expires: Fri, 02 Dec 2022 09:10:54 GMT
Last-Modified: Wed, 30 Nov 2022 08:25:05 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /app/main.c599d4e73c91ee49.esm.js HTTP/1.1 
Host: 20bet.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/casino?btag=656524_3A082069A28A41ACA7875AA039F5E290
Cookie: is_mobile_device=false; preferred-language=en; btag=656524_3A082069A28A41ACA7875AA039F5E290
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

search
                                         104.22.35.208
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Wed, 30 Nov 2022 12:35:56 GMT
cf-ray: 7723a0360901f15a-ARN
etag: W/"6385fd15-1612f0"
last-modified: Tue, 29 Nov 2022 12:37:41 GMT
set-cookie: is_mobile_device=false
vary: Accept-Encoding
cf-cache-status: BYPASS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   370195
Md5:    990c8cb5d88434323164a5e1fb33461e
Sha1:   d3fee1121e91ab8d8abf35f66fc19ae7bc319932
Sha256: 4d21dc4568283b5197d70b30f41700a324f62b17d44942c5e1b9f3f083c82e2c
                                        
                                            GET /app/polyfills.fd81acc1ca9f311f.esm.js HTTP/1.1 
Host: 20bet.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/casino?btag=656524_3A082069A28A41ACA7875AA039F5E290
Cookie: is_mobile_device=false; preferred-language=en; btag=656524_3A082069A28A41ACA7875AA039F5E290
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

search
                                         104.22.35.208
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Wed, 30 Nov 2022 12:35:56 GMT
cf-ray: 7723a0360903f15a-ARN
etag: W/"6385fd15-17687"
last-modified: Tue, 29 Nov 2022 12:37:41 GMT
set-cookie: is_mobile_device=false
vary: Accept-Encoding
cf-cache-status: BYPASS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   46148
Md5:    dec3d37cd96d1da8e9cf5ce8f18b3737
Sha1:   7a4a2a7ac7e45577d0f2c8e64e1ffc9c71a46d10
Sha256: 9f6f25c876ec9feb832172659cb1390b9efdcffe793685009b04cc400d632ae4
                                        
                                            OPTIONS /api/market-descriptions/get-all-outcomes/en HTTP/1.1 
Host: platform.20bet.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://20bet.com/
Origin: https://20bet.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

search
                                         172.67.15.187
HTTP/2 204 No Content
                                        
date: Wed, 30 Nov 2022 12:35:57 GMT
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone,LOCATION-SMART-HTML-SESSION-ID,LOCATION-SMART-DEVICE-SESSION-ID
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7723a03b8bb8b4eb-OSL
X-Firefox-Spdy: h2

                                        
                                            GET /p.js?f=sync&lr=1&partner=cd60a55da311d1562975ffab2a7f08e376179d9ae222cd454571a6753429581a HTTP/1.1 
Host: my.rtmark.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

search
                                         139.45.195.8
HTTP/2 200 OK
content-type: text/javascript
                                        
server: nginx
date: Wed, 30 Nov 2022 12:35:57 GMT
content-length: 697
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   697
Md5:    50bd6e5705d2521bca2b787e709a056b
Sha1:   6216f7e6fce68eba983e254863c86f29248531b0
Sha256: 0f9b337808a018383c64035060134c4bbf0d8de9e9541284ab5ffaa9f42cd434
                                        
                                            OPTIONS /api/market-descriptions/get-all-markets/en HTTP/1.1 
Host: platform.20bet.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://20bet.com/
Origin: https://20bet.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

search
                                         172.67.15.187
HTTP/2 204 No Content
                                        
date: Wed, 30 Nov 2022 12:35:57 GMT
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone,LOCATION-SMART-HTML-SESSION-ID,LOCATION-SMART-DEVICE-SESSION-ID
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7723a03b8bbcb4eb-OSL
X-Firefox-Spdy: h2

                                        
                                            GET /v2/gtr?id=22441&url=https%3A%2F%2F20bet.com%2Fcasino%3Fbtag%3D656524_3A082069A28A41ACA7875AA039F5E290&t=1669811756073 HTTP/1.1 
Host: dsp-ap.eskimi.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://20bet.com
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

search
                                         35.186.201.99
HTTP/2 200 OK
content-type: application/json
                                        
set-cookie: __eConsent=1; Expires=Fri, 30 Dec 2022 12:35:57 GMT; Max-Age=2592000; Domain=.eskimi.com; Path=/; Secure; SameSite=None __eDId=49fc47a3-5830-4b43-bebd-1c928976f5da; Expires=Fri, 30 Dec 2022 12:35:57 GMT; Max-Age=2592000; Domain=.eskimi.com; Path=/; Secure; SameSite=None __eP=1; Expires=Wed, 14 Dec 2022 12:35:57 GMT; Max-Age=1209600; Domain=.eskimi.com; Path=/; Secure; SameSite=None
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
cache-control: no-cache
date: Wed, 30 Nov 2022 12:35:56 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   116
Md5:    4e62ac6fe2af60f3c756127981deb04c
Sha1:   b4238678a8ba9af87c652b4fd38ddb8e13b49757
Sha256: ccfbc161ffd896ee12e42fded3a82111b504ff15dafa76cd0aa8d6ed359e3f49
                                        
                                            OPTIONS /api/data/provinces HTTP/1.1 
Host: platform.20bet.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://20bet.com/
Origin: https://20bet.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

search
                                         172.67.15.187
HTTP/2 204 No Content
                                        
date: Wed, 30 Nov 2022 12:35:57 GMT
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone,LOCATION-SMART-HTML-SESSION-ID,LOCATION-SMART-DEVICE-SESSION-ID
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7723a03bbbeeb4eb-OSL
X-Firefox-Spdy: h2

                                        
                                            OPTIONS /api/tournaments/bet-tournament/get-active?fields%5B%5D=tournaments&fields%5B%5D=leaderboards&fields%5B%5D=authorizedUsers HTTP/1.1 
Host: platform.20bet.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://20bet.com/
Origin: https://20bet.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

search
                                         172.67.15.187
HTTP/2 204 No Content
                                        
date: Wed, 30 Nov 2022 12:35:57 GMT
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone,LOCATION-SMART-HTML-SESSION-ID,LOCATION-SMART-DEVICE-SESSION-ID
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7723a03bbbfdb4eb-OSL
X-Firefox-Spdy: h2

                                        
                                            OPTIONS /api/data/get-currencies HTTP/1.1 
Host: platform.20bet.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://20bet.com/
Origin: https://20bet.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

search
                                         172.67.15.187
HTTP/2 204 No Content
                                        
date: Wed, 30 Nov 2022 12:35:57 GMT
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone,LOCATION-SMART-HTML-SESSION-ID,LOCATION-SMART-DEVICE-SESSION-ID
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7723a03bbbfab4eb-OSL
X-Firefox-Spdy: h2

                                        
                                            OPTIONS /api/match-statuses/get-all/en HTTP/1.1 
Host: platform.20bet.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://20bet.com/
Origin: https://20bet.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

search
                                         104.22.35.208
HTTP/2 204 No Content
                                        
date: Wed, 30 Nov 2022 12:35:57 GMT
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone,LOCATION-SMART-HTML-SESSION-ID,LOCATION-SMART-DEVICE-SESSION-ID
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7723a03b5bd5f15a-ARN
X-Firefox-Spdy: h2

                                        
                                            GET /app/vendor.5a5bc3021b9892f3.esm.js HTTP/1.1 
Host: 20bet.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/casino?btag=656524_3A082069A28A41ACA7875AA039F5E290
Cookie: is_mobile_device=false; preferred-language=en; btag=656524_3A082069A28A41ACA7875AA039F5E290
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

search
                                         104.22.35.208
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Wed, 30 Nov 2022 12:35:56 GMT
cf-ray: 7723a0360905f15a-ARN
etag: W/"6385fd1c-24a7ac"
last-modified: Tue, 29 Nov 2022 12:37:48 GMT
set-cookie: is_mobile_device=false
vary: Accept-Encoding
cf-cache-status: BYPASS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65451)
Size:   454017
Md5:    400c3de89b3308c3146b385ad90b94dc
Sha1:   ac9a50fa811a3f80d6a6de522cb4b2738b09d32c
Sha256: 9007835c5383fb87bde5f0cba58e9835cf9a2959ee3cf7a6632ab040f122f069
                                        
                                            OPTIONS /api/status HTTP/1.1 
Host: platform.20bet.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://20bet.com/
Origin: https://20bet.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

search
                                         104.22.35.208
HTTP/2 204 No Content
                                        
date: Wed, 30 Nov 2022 12:35:57 GMT
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone,LOCATION-SMART-HTML-SESSION-ID,LOCATION-SMART-DEVICE-SESSION-ID
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7723a03b5bdbf15a-ARN
X-Firefox-Spdy: h2

                                        
                                            OPTIONS /api/sport/list/-1/0/en HTTP/1.1 
Host: platform.20bet.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://20bet.com/
Origin: https://20bet.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

search
                                         104.22.35.208
HTTP/2 204 No Content
                                        
date: Wed, 30 Nov 2022 12:35:57 GMT
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone,LOCATION-SMART-HTML-SESSION-ID,LOCATION-SMART-DEVICE-SESSION-ID
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7723a03b8bf6f15a-ARN
X-Firefox-Spdy: h2

                                        
                                            OPTIONS /api/v2/ip-data HTTP/1.1 
Host: platform.20bet.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://20bet.com/
Origin: https://20bet.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

search
                                         104.22.35.208
HTTP/2 204 No Content
                                        
date: Wed, 30 Nov 2022 12:35:57 GMT
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone,LOCATION-SMART-HTML-SESSION-ID,LOCATION-SMART-DEVICE-SESSION-ID
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7723a03b8c00f15a-ARN
X-Firefox-Spdy: h2

                                        
                                            GET /assets/registration_loader.gif HTTP/1.1 
Host: 20bet.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/casino?btag=656524_3A082069A28A41ACA7875AA039F5E290
Cookie: is_mobile_device=false; preferred-language=en; btag=656524_3A082069A28A41ACA7875AA039F5E290; _ga_J9LNZYMXZE=GS1.1.1669811755.1.0.1669811755.0.0.0; _ga=GA1.1.516450411.1669811755; _sp_srt_ses.1d36=*; _sp_srt_id.1d36=c1388fc7-7f62-45eb-b5d7-b0523c0bafb1.1669811755.1.1669811755.1669811755.65c56d81-744d-48cf-8e3c-b2e6ad66b917; _hjSessionUser_2053477=eyJpZCI6ImNjZDIzYjYyLWNiYTctNWViNS05MGI4LTYxNTgzZjkxYjAzMCIsImNyZWF0ZWQiOjE2Njk4MTE3NTUyMzgsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjIncludedInSessionSample=0; _hjSession_2053477=eyJpZCI6IjU3MjM3OGY5LWU1MDItNGRhNy04ZWNlLTE5YTk0M2RhOTY5OSIsImNyZWF0ZWQiOjE2Njk4MTE3NTU0NDksImluU2FtcGxlIjpmYWxzZX0=; _hjAbsoluteSessionInProgress=1; DV_TRACK=23f5bf90-e8ab-4feb-923d-acf201dc928e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

search
                                         104.22.35.208
HTTP/2 200 OK
content-type: image/gif
                                        
date: Wed, 30 Nov 2022 12:35:57 GMT
content-length: 190218
cf-ray: 7723a03aab7ff15a-ARN
accept-ranges: bytes
etag: "6385fd2a-2e70a"
last-modified: Tue, 29 Nov 2022 12:38:02 GMT
set-cookie: is_mobile_device=false
vary: Accept-Encoding
cf-cache-status: BYPASS
server: cloudflare
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 200 x 200\012- data
Size:   190218
Md5:    970c1b0852106da323f78bc2b065eede
Sha1:   843e9db8df957182ec32f5bc8a1e74a3249655d0
Sha256: 11de3d33b7be490a6be50e32f995e8ce2e4a6d12a748e0363dcabd976dec1b4a
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 30 Nov 2022 12:35:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /app/runtime.293d7105bd65653b.esm.js HTTP/1.1 
Host: 20bet.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/casino?btag=656524_3A082069A28A41ACA7875AA039F5E290
Cookie: is_mobile_device=false; preferred-language=en; btag=656524_3A082069A28A41ACA7875AA039F5E290
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

search
                                         104.22.35.208
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Wed, 30 Nov 2022 12:35:56 GMT
cf-ray: 7723a0360904f15a-ARN
etag: W/"6385fd06-25f8"
last-modified: Tue, 29 Nov 2022 12:37:26 GMT
set-cookie: is_mobile_device=false
vary: Accept-Encoding
cf-cache-status: BYPASS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (9720), with no line terminators
Size:   5627
Md5:    566c6cdb8ce5626e45b7f2f49aef17a6
Sha1:   a1492924729c5197ec6f58162fac9a90bb89dad3
Sha256: 01d659257f68da1771e5c7c91dca0b2511a20e96b8933023e81f106cd59c79ac
                                        
                                            GET /recaptcha/api.js?render=6LeYXFIiAAAAAEinEF15OsBYNq5UXwmor7zuYO0g HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.164
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
expires: Wed, 30 Nov 2022 12:35:57 GMT
date: Wed, 30 Nov 2022 12:35:57 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 583
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (884), with no line terminators
Size:   583
Md5:    0391e5b907187f59669f5c361a1aa817
Sha1:   ead959f80500bc9f20bc30ba68928950565dc2cf
Sha256: 6f137c3a3503a6c88114d5c80a513a2c327d9f9ec00902fa0f27be36afc679d9
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 30 Nov 2022 12:35:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /watch/73094056/1?wmode=7&page-url=https%3A%2F%2F20bet.com%2Fcasino%3Fbtag%3D656524_3A082069A28A41ACA7875AA039F5E290&page-ref=https%3A%2F%2Fur.onlinerealmoneygames.xyz%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afp%3A2693%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1091297822759%3Ahid%3A825079747%3Az%3A0%3Ai%3A20221130123556%3Aet%3A1669811756%3Ac%3A1%3Arn%3A485735875%3Arqn%3A1%3Au%3A1669811756109329748%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C23%2C337%2C1%2C1966%2C0%2C%2C354%2C0%2C%2C%2C%2C2702%3Ans%3A1669811752189%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669811756%3At%3ABest%20Online%20Casino%20to%20Win%20Real%20Money%20%C2%BB%20Play%20at%2020Bet%20Legally&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29 HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://20bet.com
Referer: https://20bet.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

search
                                         87.250.251.119
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
content-length: 400
date: Wed, 30 Nov 2022 12:35:57 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 30-Nov-2022 12:35:57 GMT
last-modified: Wed, 30-Nov-2022 12:35:57 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (400), with no line terminators
Size:   400
Md5:    2b6ba944d277d5d47b3d1d6ff5d82b01
Sha1:   1c22b4996c0f1e37de17d64c28eb67ce1afc5941
Sha256: 177ab3b70af98965c0afb3545942a09cf2dc0dd0de2b3a82ee8ec4f715fb234e
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 30 Nov 2022 12:35:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /api/v1/retargeting/set/45d3301c-de08-443f-9716-ba31e2632331 HTTP/1.1 
Host: tsyndicate.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

search
                                         136.243.46.131
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
                                        
server: nginx
date: Wed, 30 Nov 2022 12:35:57 GMT
content-length: 35
pragma: no-cache
expires: 0
vary: *
x-api-version: 1
x-request-id: 0ad33dd2369e5141
set-cookie: ts_rt_45d3301c-de08-443f-9716-ba31e2632331=AAMC; expires=Thu, 30 Nov 2023 12:35:57 GMT; path=/; HttpOnly; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   35
Md5:    c2196de8ba412c60c22ab491af7b1409
Sha1:   5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
Sha256: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
                                        
                                            POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-179168354-1&cid=516450411.1669811755&jid=60607204&gjid=271306482&_gid=1863656645.1669811756&_u=YADAAEAAAAAAACAAI~&z=2059973221 HTTP/1.1 
Host: stats.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://20bet.com
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

search
                                         74.125.131.156
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin: https://20bet.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 30 Nov 2022 12:35:57 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  very short file (no magic)
Size:   1
Md5:    c4ca4238a0b923820dcc509a6f75849b
Sha1:   356a192b7913b04c54574d18c28d46e6395428ab
Sha256: 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 30 Nov 2022 12:35:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /api/v2/configurations HTTP/1.1 
Host: platform.20bet.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
client-timezone: UTC
Origin: https://20bet.com
Connection: keep-alive
Referer: https://20bet.com/
Cookie: _ga_J9LNZYMXZE=GS1.1.1669811755.1.0.1669811755.0.0.0; _ga=GA1.1.516450411.1669811755; _sp_srt_ses.1d36=*; _sp_srt_id.1d36=c1388fc7-7f62-45eb-b5d7-b0523c0bafb1.1669811755.1.1669811755.1669811755.65c56d81-744d-48cf-8e3c-b2e6ad66b917; _hjSessionUser_2053477=eyJpZCI6ImNjZDIzYjYyLWNiYTctNWViNS05MGI4LTYxNTgzZjkxYjAzMCIsImNyZWF0ZWQiOjE2Njk4MTE3NTUyMzgsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjSession_2053477=eyJpZCI6IjU3MjM3OGY5LWU1MDItNGRhNy04ZWNlLTE5YTk0M2RhOTY5OSIsImNyZWF0ZWQiOjE2Njk4MTE3NTU0NDksImluU2FtcGxlIjpmYWxzZX0=; _hjAbsoluteSessionInProgress=1; DV_TRACK=23f5bf90-e8ab-4feb-923d-acf201dc928e
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

search
                                         104.22.35.208
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
                                        
date: Wed, 30 Nov 2022 12:35:57 GMT
vary: Accept-Encoding
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone,LOCATION-SMART-HTML-SESSION-ID,LOCATION-SMART-DEVICE-SESSION-ID
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7723a03c3c6af15a-ARN
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Size:   22133
Md5:    9c6619e323b5fc6e9174dc102f943853
Sha1:   39c0110ac4f57ea85c1bab2d16e6eda13151b2b2
Sha256: b6588fd735df743a0b5f69d41363003003b58259bda0d280c1478a55a4c5d951
                                        
                                            GET /api/data/get-countries HTTP/1.1 
Host: platform.20bet.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
client-timezone: UTC
Origin: https://20bet.com
Connection: keep-alive
Referer: https://20bet.com/
Cookie: _ga_J9LNZYMXZE=GS1.1.1669811755.1.0.1669811755.0.0.0; _ga=GA1.1.516450411.1669811755; _sp_srt_ses.1d36=*; _sp_srt_id.1d36=c1388fc7-7f62-45eb-b5d7-b0523c0bafb1.1669811755.1.1669811755.1669811755.65c56d81-744d-48cf-8e3c-b2e6ad66b917; _hjSessionUser_2053477=eyJpZCI6ImNjZDIzYjYyLWNiYTctNWViNS05MGI4LTYxNTgzZjkxYjAzMCIsImNyZWF0ZWQiOjE2Njk4MTE3NTUyMzgsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjSession_2053477=eyJpZCI6IjU3MjM3OGY5LWU1MDItNGRhNy04ZWNlLTE5YTk0M2RhOTY5OSIsImNyZWF0ZWQiOjE2Njk4MTE3NTU0NDksImluU2FtcGxlIjpmYWxzZX0=; _hjAbsoluteSessionInProgress=1; DV_TRACK=23f5bf90-e8ab-4feb-923d-acf201dc928e
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

search
                                         104.22.35.208
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
                                        
date: Wed, 30 Nov 2022 12:35:57 GMT
vary: Accept-Encoding
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone,LOCATION-SMART-HTML-SESSION-ID,LOCATION-SMART-DEVICE-SESSION-ID
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7723a03c0c48f15a-ARN
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Size:   20330
Md5:    82822af8a1679fdb3c429847a29ead9a
Sha1:   91014594835906c50a4ac26015782e63606e4139
Sha256: ffbdd69462a6fbcbe92b5e9bc59f82f95aa5e99a4024e7ac8f042194b23083c6
                                        
                                            GET /api/market-descriptions/get-all-outcomes/en HTTP/1.1 
Host: platform.20bet.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
client-timezone: UTC
Origin: https://20bet.com
Connection: keep-alive
Referer: https://20bet.com/
Cookie: _ga_J9LNZYMXZE=GS1.1.1669811755.1.0.1669811755.0.0.0; _ga=GA1.1.516450411.1669811755; _sp_srt_ses.1d36=*; _sp_srt_id.1d36=c1388fc7-7f62-45eb-b5d7-b0523c0bafb1.1669811755.1.1669811755.1669811755.65c56d81-744d-48cf-8e3c-b2e6ad66b917; _hjSessionUser_2053477=eyJpZCI6ImNjZDIzYjYyLWNiYTctNWViNS05MGI4LTYxNTgzZjkxYjAzMCIsImNyZWF0ZWQiOjE2Njk4MTE3NTUyMzgsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjSession_2053477=eyJpZCI6IjU3MjM3OGY5LWU1MDItNGRhNy04ZWNlLTE5YTk0M2RhOTY5OSIsImNyZWF0ZWQiOjE2Njk4MTE3NTU0NDksImluU2FtcGxlIjpmYWxzZX0=; _hjAbsoluteSessionInProgress=1; DV_TRACK=23f5bf90-e8ab-4feb-923d-acf201dc928e
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

search
                                         104.22.35.208
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
                                        
date: Wed, 30 Nov 2022 12:35:57 GMT
vary: Accept-Encoding
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone,LOCATION-SMART-HTML-SESSION-ID,LOCATION-SMART-DEVICE-SESSION-ID
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7723a03bfc3cf15a-ARN
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Size:   40337
Md5:    85e436d4bacb2e908f76d06e9465ae1f
Sha1:   73039831ea0c32c3e8e34dd4d1054b92a3dddde9
Sha256: 28268ea398df2f5ea0306f30d62e5226f8efc7f385831202288be400c2227bc6
                                        
                                            GET /i?stm=1669811755364&e=pv&url=https%3A%2F%2F20bet.com%2Fcasino%3Fbtag%3D656524_3A082069A28A41ACA7875AA039F5E290&page=Best%20Online%20Casino%20to%20Win%20Real%20Money%20%C2%BB%20Play%20at%2020Bet%20Legally&refr=https%3A%2F%2Fur.onlinerealmoneygames.xyz%2F&tv=js-2.14.0&tna=cf&aid=sr-tracker-20bet-com&p=web&tz=UTC&lang=en-US&cs=UTF-8&res=1280x1024&cd=24&cookie=1&eid=c1e59cc6-3055-41ca-8912-c89f1a0bb463&dtm=1669811755361&vp=1280x939&ds=1280x939&vid=1&sid=65c56d81-744d-48cf-8e3c-b2e6ad66b917&duid=c1388fc7-7f62-45eb-b5d7-b0523c0bafb1&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoiaWdsdTpjb20uZ29vZ2xlLmFuYWx5dGljcy9jb29raWVzL2pzb25zY2hlbWEvMS0wLTAiLCJkYXRhIjp7Il9nYSI6IkdBMS4xLjUxNjQ1MDQxMS4xNjY5ODExNzU1In19LHsic2NoZW1hIjoiaWdsdTpjb20uc3BvcnRyYWRhci5hZHMvZHNwL2pzb25zY2hlbWEvMS0wLTAiLCJkYXRhIjp7ImRzcF90eXBlIjoianMiLCJkc3BfYWlkIjoiMTEyMSIsImRzcF9pZCI6IjE4NTkifX0seyJzY2hlbWEiOiJpZ2x1OmNvbS5zcG9ydHJhZGFyLmFkcy90YWdtYW5hZ2VyL2pzb25zY2hlbWEvMS0wLTAiLCJkYXRhIjp7ImNvbnRhaW5lcklkIjoiU1RNLUFBQUFDVCIsImV2ZW50TmFtZSI6InRyYWNrLnBhZ2UudmlldyIsImFmZmlsaWF0ZUlkIjoiMTEyMSIsImFmZmlsaWF0ZVR5cGUiOiJhZHZlcnRpc2VyIn19XX0 HTTP/1.1 
Host: serving.ads.sportradar.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

search
                                         63.33.93.29
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Set-Cookie: _sr_ads=6df6fe07-76d5-4e8c-8b93-6a53eb9e1cad; Expires=Thu, 30 Nov 2023 12:35:58 GMT; Domain=sportradar.com; Path=/; Secure; HttpOnly; SameSite=None
Cache-Control: no-cache, no-store, must-revalidate
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Server: akka-http/10.1.12
Date: Wed, 30 Nov 2022 12:35:58 GMT
Content-Length: 43


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    fb02f374b8f73825415db1bccd4bd76d
Sha1:   b103aa629cacdd90b39538a7561da7f8e49ad73f
Sha256: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
                                        
                                            GET /api/match-statuses/get-all/en HTTP/1.1 
Host: platform.20bet.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
client-timezone: UTC
Origin: https://20bet.com
Connection: keep-alive
Referer: https://20bet.com/
Cookie: _ga_J9LNZYMXZE=GS1.1.1669811755.1.0.1669811755.0.0.0; _ga=GA1.1.516450411.1669811755; _sp_srt_ses.1d36=*; _sp_srt_id.1d36=c1388fc7-7f62-45eb-b5d7-b0523c0bafb1.1669811755.1.1669811755.1669811755.65c56d81-744d-48cf-8e3c-b2e6ad66b917; _hjSessionUser_2053477=eyJpZCI6ImNjZDIzYjYyLWNiYTctNWViNS05MGI4LTYxNTgzZjkxYjAzMCIsImNyZWF0ZWQiOjE2Njk4MTE3NTUyMzgsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjSession_2053477=eyJpZCI6IjU3MjM3OGY5LWU1MDItNGRhNy04ZWNlLTE5YTk0M2RhOTY5OSIsImNyZWF0ZWQiOjE2Njk4MTE3NTU0NDksImluU2FtcGxlIjpmYWxzZX0=; _hjAbsoluteSessionInProgress=1; DV_TRACK=23f5bf90-e8ab-4feb-923d-acf201dc928e
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

search
                                         104.22.35.208
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
                                        
date: Wed, 30 Nov 2022 12:35:57 GMT
vary: Accept-Encoding
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone,LOCATION-SMART-HTML-SESSION-ID,LOCATION-SMART-DEVICE-SESSION-ID
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7723a03c0c53f15a-ARN
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (6242), with no line terminators
Size:   1448
Md5:    934bb149522ff57d38913f12ebcb3813
Sha1:   86f6a142cf2b6745839ac492da7b1bc7516743c7
Sha256: ba46dfbf1aa6f24e833226c722e65df0185efa62ddc0e61eae0e73839a3821c3
                                        
                                            GET /api/market-group-sorting/get-all-ordered HTTP/1.1 
Host: platform.20bet.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
client-timezone: UTC
Origin: https://20bet.com
Connection: keep-alive
Referer: https://20bet.com/
Cookie: _ga_J9LNZYMXZE=GS1.1.1669811755.1.0.1669811755.0.0.0; _ga=GA1.1.516450411.1669811755; _sp_srt_ses.1d36=*; _sp_srt_id.1d36=c1388fc7-7f62-45eb-b5d7-b0523c0bafb1.1669811755.1.1669811755.1669811755.65c56d81-744d-48cf-8e3c-b2e6ad66b917; _hjSessionUser_2053477=eyJpZCI6ImNjZDIzYjYyLWNiYTctNWViNS05MGI4LTYxNTgzZjkxYjAzMCIsImNyZWF0ZWQiOjE2Njk4MTE3NTUyMzgsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjSession_2053477=eyJpZCI6IjU3MjM3OGY5LWU1MDItNGRhNy04ZWNlLTE5YTk0M2RhOTY5OSIsImNyZWF0ZWQiOjE2Njk4MTE3NTU0NDksImluU2FtcGxlIjpmYWxzZX0=; _hjAbsoluteSessionInProgress=1; DV_TRACK=23f5bf90-e8ab-4feb-923d-acf201dc928e
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

search
                                         104.22.35.208
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
                                        
date: Wed, 30 Nov 2022 12:35:57 GMT
vary: Accept-Encoding
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone,LOCATION-SMART-HTML-SESSION-ID,LOCATION-SMART-DEVICE-SESSION-ID
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7723a03c8ca8f15a-ARN
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (23833), with no line terminators
Size:   5370
Md5:    afa03f04fc7426ce15a5bd8fe91c15f6
Sha1:   f9fda77b2bbbb449f7c44540324138d2812c492a
Sha256: 2e2ef86e1a33eb7f19efca26133de95c690d8499af7690b7bb15c4a36bc08bc1
                                        
                                            GET /app/9117.7e7cb358ede89ce7.esm.js HTTP/1.1 
Host: 20bet.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/casino?btag=656524_3A082069A28A41ACA7875AA039F5E290
Cookie: is_mobile_device=false; preferred-language=en; btag=656524_3A082069A28A41ACA7875AA039F5E290; _ga_J9LNZYMXZE=GS1.1.1669811755.1.0.1669811755.0.0.0; _ga=GA1.2.516450411.1669811755; _sp_srt_ses.1d36=*; _sp_srt_id.1d36=c1388fc7-7f62-45eb-b5d7-b0523c0bafb1.1669811755.1.1669811755.1669811755.65c56d81-744d-48cf-8e3c-b2e6ad66b917; _hjSessionUser_2053477=eyJpZCI6ImNjZDIzYjYyLWNiYTctNWViNS05MGI4LTYxNTgzZjkxYjAzMCIsImNyZWF0ZWQiOjE2Njk4MTE3NTUyMzgsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjIncludedInSessionSample=0; _hjSession_2053477=eyJpZCI6IjU3MjM3OGY5LWU1MDItNGRhNy04ZWNlLTE5YTk0M2RhOTY5OSIsImNyZWF0ZWQiOjE2Njk4MTE3NTU0NDksImluU2FtcGxlIjpmYWxzZX0=; _hjAbsoluteSessionInProgress=1; DV_TRACK=23f5bf90-e8ab-4feb-923d-acf201dc928e; _gid=GA1.2.1863656645.1669811756; _gat_UA-179168354-1=1; _ym_uid=1669811756109329748; _ym_d=1669811756; _ym_visorc=b
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

search
                                         104.22.35.208
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Wed, 30 Nov 2022 12:35:58 GMT
cf-ray: 7723a0400e69f15a-ARN
etag: W/"6385fd06-7ce"
last-modified: Tue, 29 Nov 2022 12:37:26 GMT
set-cookie: is_mobile_device=false
vary: Accept-Encoding
cf-cache-status: BYPASS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1998), with no line terminators
Size:   1444
Md5:    bd22531f376147d116e9d0923976c5c9
Sha1:   53ae43e90b0adb334026283ee809a741301c7493
Sha256: a0cf1fcd4e8e7fece2571e5f52f690cff44ee744dc0b5fe2dca672a37c6cc279
                                        
                                            GET /api/tournaments/bet-tournament/get-active?fields%5B%5D=tournaments&fields%5B%5D=leaderboards&fields%5B%5D=authorizedUsers HTTP/1.1 
Host: platform.20bet.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
client-timezone: UTC
Origin: https://20bet.com
Connection: keep-alive
Referer: https://20bet.com/
Cookie: _ga_J9LNZYMXZE=GS1.1.1669811755.1.0.1669811755.0.0.0; _ga=GA1.1.516450411.1669811755; _sp_srt_ses.1d36=*; _sp_srt_id.1d36=c1388fc7-7f62-45eb-b5d7-b0523c0bafb1.1669811755.1.1669811755.1669811755.65c56d81-744d-48cf-8e3c-b2e6ad66b917; _hjSessionUser_2053477=eyJpZCI6ImNjZDIzYjYyLWNiYTctNWViNS05MGI4LTYxNTgzZjkxYjAzMCIsImNyZWF0ZWQiOjE2Njk4MTE3NTUyMzgsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjSession_2053477=eyJpZCI6IjU3MjM3OGY5LWU1MDItNGRhNy04ZWNlLTE5YTk0M2RhOTY5OSIsImNyZWF0ZWQiOjE2Njk4MTE3NTU0NDksImluU2FtcGxlIjpmYWxzZX0=; _hjAbsoluteSessionInProgress=1; DV_TRACK=23f5bf90-e8ab-4feb-923d-acf201dc928e
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

search
                                         104.22.35.208
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
                                        
date: Wed, 30 Nov 2022 12:35:57 GMT
vary: Accept-Encoding
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone,LOCATION-SMART-HTML-SESSION-ID,LOCATION-SMART-DEVICE-SESSION-ID
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7723a03c0c4ff15a-ARN
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (850), with no line terminators
Size:   2963
Md5:    bed41512a3f7825716d4a3270faecdcf
Sha1:   0a840c291d6b2e7f41bf439d8a7d340048f581d7
Sha256: 1c32ab5d355d93f7af8728c216bf65c72813b25a0c3bf1a819a3bf847c54c606
                                        
                                            GET /app/8459.340b8368399f3466.esm.js HTTP/1.1 
Host: 20bet.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/casino?btag=656524_3A082069A28A41ACA7875AA039F5E290
Cookie: is_mobile_device=false; preferred-language=en; btag=656524_3A082069A28A41ACA7875AA039F5E290; _ga_J9LNZYMXZE=GS1.1.1669811755.1.0.1669811755.0.0.0; _ga=GA1.2.516450411.1669811755; _sp_srt_ses.1d36=*; _sp_srt_id.1d36=c1388fc7-7f62-45eb-b5d7-b0523c0bafb1.1669811755.1.1669811755.1669811755.65c56d81-744d-48cf-8e3c-b2e6ad66b917; _hjSessionUser_2053477=eyJpZCI6ImNjZDIzYjYyLWNiYTctNWViNS05MGI4LTYxNTgzZjkxYjAzMCIsImNyZWF0ZWQiOjE2Njk4MTE3NTUyMzgsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjIncludedInSessionSample=0; _hjSession_2053477=eyJpZCI6IjU3MjM3OGY5LWU1MDItNGRhNy04ZWNlLTE5YTk0M2RhOTY5OSIsImNyZWF0ZWQiOjE2Njk4MTE3NTU0NDksImluU2FtcGxlIjpmYWxzZX0=; _hjAbsoluteSessionInProgress=1; DV_TRACK=23f5bf90-e8ab-4feb-923d-acf201dc928e; _gid=GA1.2.1863656645.1669811756; _gat_UA-179168354-1=1; _ym_uid=1669811756109329748; _ym_d=1669811756; _ym_visorc=b
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

search
                                         104.22.35.208
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Wed, 30 Nov 2022 12:35:58 GMT
cf-ray: 7723a03fee57f15a-ARN
etag: W/"6385fd15-cac"
last-modified: Tue, 29 Nov 2022 12:37:41 GMT
set-cookie: is_mobile_device=false
vary: Accept-Encoding
cf-cache-status: BYPASS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3244), with no line terminators
Size:   1361
Md5:    e19e7159c2ce31c712e1efefcdc19420
Sha1:   aef154dffa1dc4f80d89c2dd4e54a8676bd58025
Sha256: dc2691b316714b06faed8f51396d96e2b572af67e7c053f97e3a43a9795da994
                                        
                                            GET /api/market-descriptions/get-all-markets/en HTTP/1.1 
Host: platform.20bet.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
client-timezone: UTC
Origin: https://20bet.com
Connection: keep-alive
Referer: https://20bet.com/
Cookie: _ga_J9LNZYMXZE=GS1.1.1669811755.1.0.1669811755.0.0.0; _ga=GA1.1.516450411.1669811755; _sp_srt_ses.1d36=*; _sp_srt_id.1d36=c1388fc7-7f62-45eb-b5d7-b0523c0bafb1.1669811755.1.1669811755.1669811755.65c56d81-744d-48cf-8e3c-b2e6ad66b917; _hjSessionUser_2053477=eyJpZCI6ImNjZDIzYjYyLWNiYTctNWViNS05MGI4LTYxNTgzZjkxYjAzMCIsImNyZWF0ZWQiOjE2Njk4MTE3NTUyMzgsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjSession_2053477=eyJpZCI6IjU3MjM3OGY5LWU1MDItNGRhNy04ZWNlLTE5YTk0M2RhOTY5OSIsImNyZWF0ZWQiOjE2Njk4MTE3NTU0NDksImluU2FtcGxlIjpmYWxzZX0=; _hjAbsoluteSessionInProgress=1; DV_TRACK=23f5bf90-e8ab-4feb-923d-acf201dc928e
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

search
                                         104.22.35.208
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
                                        
date: Wed, 30 Nov 2022 12:35:57 GMT
vary: Accept-Encoding
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone,LOCATION-SMART-HTML-SESSION-ID,LOCATION-SMART-DEVICE-SESSION-ID
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7723a03c0c46f15a-ARN
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Size:   30552
Md5:    8ecb7f07b79b8b9cbbb6b80377943270
Sha1:   ebcb1cd92bbe990cf4edf2110613f10a598fcb0e
Sha256: 0d9a6db9c3212eb6633744034b5a2de4403ab0f057e2ce5aca04567b85faf0ec
                                        
                                            GET /pixel/js?auth=v3eu8spg&event=visit HTTP/1.1 
Host: track.trackingtraffo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

search
                                         88.214.195.156
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 30 Nov 2022 12:35:58 GMT
Content-Length: 422
Connection: keep-alive
Cache-Control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
Pragma: no-cache
Expires: Sat, 01 Jan 2000 00:00:00 GMT


--- Additional Info ---
Magic:  ASCII text
Size:   422
Md5:    a84da22ba993cb90a87bbc7196a83564
Sha1:   284dae1447b59756ec476d581d6aad1ddd3218c3
Sha256: 98b0ce9e2f8df8f89c2adf5bcc0cf0eaf3b43c8b7fb26418f8a72179f4e6a440
                                        
                                            GET /assets/banners/casino/header_casino.webp HTTP/1.1 
Host: 20bet.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/casino?btag=656524_3A082069A28A41ACA7875AA039F5E290
Cookie: is_mobile_device=false; preferred-language=en; btag=656524_3A082069A28A41ACA7875AA039F5E290; _ga_J9LNZYMXZE=GS1.1.1669811755.1.0.1669811755.0.0.0; _ga=GA1.2.516450411.1669811755; _sp_srt_ses.1d36=*; _sp_srt_id.1d36=c1388fc7-7f62-45eb-b5d7-b0523c0bafb1.1669811755.1.1669811755.1669811755.65c56d81-744d-48cf-8e3c-b2e6ad66b917; _hjSessionUser_2053477=eyJpZCI6ImNjZDIzYjYyLWNiYTctNWViNS05MGI4LTYxNTgzZjkxYjAzMCIsImNyZWF0ZWQiOjE2Njk4MTE3NTUyMzgsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjIncludedInSessionSample=0; _hjSession_2053477=eyJpZCI6IjU3MjM3OGY5LWU1MDItNGRhNy04ZWNlLTE5YTk0M2RhOTY5OSIsImNyZWF0ZWQiOjE2Njk4MTE3NTU0NDksImluU2FtcGxlIjpmYWxzZX0=; _hjAbsoluteSessionInProgress=1; DV_TRACK=23f5bf90-e8ab-4feb-923d-acf201dc928e; _gid=GA1.2.1863656645.1669811756; _gat_UA-179168354-1=1; _ym_uid=1669811756109329748; _ym_d=1669811756; _ym_visorc=b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

search
                                         104.22.35.208
HTTP/2 200 OK
content-type: image/webp