Overview

URL bizzoreg.com/tournaments/awesome-christmas-race
IP104.26.2.121
ASNCLOUDFLARENET
Location United States
Report completed2022-09-19 15:04:36 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-19 2 c4457c89-e5ba-4d22-92e5-c2959310ee85.snippet.antillephone.com/sealassets/2c (...) Malware
2022-09-19 2 c4457c89-e5ba-4d22-92e5-c2959310ee85.snippet.antillephone.com/apg-seal.js Malware
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (55)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS bizzoreg.com (2) 0 2021-07-30 10:10:29 UTC 2022-09-19 11:39:43 UTC 104.26.2.121 Unknown ranking
mnemonic passive DNS ctrack.trafficjunky.net (1) 27301 2014-03-23 22:43:38 UTC 2022-09-19 09:45:30 UTC 66.254.114.89
mnemonic passive DNS cdn.softswiss.net (2) 412286 2015-07-09 16:04:37 UTC 2022-09-19 05:31:04 UTC 104.17.115.131
mnemonic passive DNS eb2.3lift.com (1) 402 2014-09-24 15:03:42 UTC 2022-09-19 09:07:16 UTC 13.248.245.213
mnemonic passive DNS bizzocasino.com (23) 291590 2021-07-06 13:20:32 UTC 2022-09-19 05:30:27 UTC 104.26.8.22
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-19 04:39:15 UTC 52.89.17.198
mnemonic passive DNS assets.customer.io (1) 19446 2013-05-31 16:10:41 UTC 2022-09-19 12:20:35 UTC 54.230.111.79
mnemonic passive DNS main.exdynsrv.com (1) 91821 2017-01-30 11:01:34 UTC 2022-09-19 08:04:00 UTC 95.211.229.245
mnemonic passive DNS www.google-analytics.com (1) 40 2012-10-03 01:04:21 UTC 2022-09-19 11:30:25 UTC 142.250.74.174
mnemonic passive DNS sentry.softlabs.com (1) 0 2021-11-03 07:02:43 UTC 2022-09-19 05:31:03 UTC 172.67.71.55 Unknown ranking
mnemonic passive DNS fonts.googleapis.com (1) 8877 2014-07-21 13:19:55 UTC 2022-09-19 09:08:48 UTC 142.250.74.10
mnemonic passive DNS zz.connextra.com (2) 14652 2014-03-20 17:05:16 UTC 2022-09-19 08:46:35 UTC 104.85.191.64
mnemonic passive DNS e1.o.lencr.org (1) 6159 2021-08-20 07:36:30 UTC 2022-09-19 04:36:28 UTC 23.36.76.226
mnemonic passive DNS img-getpocket.cdn.mozilla.net (7) 1631 2017-09-01 03:40:57 UTC 2022-09-19 04:20:29 UTC 34.120.237.76
mnemonic passive DNS www.google.com (1) 7 2016-08-04 12:36:31 UTC 2022-09-19 09:41:45 UTC 142.250.74.164
mnemonic passive DNS cdn.livechatinc.com (3) 6288 2012-06-22 08:37:34 UTC 2022-09-19 04:42:27 UTC 23.36.79.17
mnemonic passive DNS c4457c89-e5ba-4d22-92e5-c2959310ee85.snippet.antillephone.com (4) 580028 2019-04-26 16:46:17 UTC 2022-09-19 08:03:58 UTC 54.230.111.125
mnemonic passive DNS api.feedad.com (1) 5296 2017-12-20 17:42:46 UTC 2022-09-19 05:28:39 UTC 216.239.38.21
mnemonic passive DNS platform.bizzocasino.com (25) 0 2022-01-12 13:05:28 UTC 2022-09-13 19:58:36 UTC 172.67.68.182 Domain (bizzocasino.com) ranked at: 291590
mnemonic passive DNS track-eu.customer.io (1) 451044 2021-05-19 17:12:05 UTC 2022-09-19 12:32:31 UTC 34.120.129.162
mnemonic passive DNS r3.o.lencr.org (5) 344 2020-12-02 08:52:13 UTC 2022-09-19 04:28:44 UTC 23.36.77.32
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-19 04:39:15 UTC 143.204.55.110
mnemonic passive DNS www.googletagmanager.com (1) 75 2012-12-25 14:52:06 UTC 2022-09-19 04:27:30 UTC 142.250.74.72
mnemonic passive DNS main.exoclick.com (1) 33599 2015-09-01 10:25:49 UTC 2022-09-19 05:24:18 UTC 95.211.229.247
mnemonic passive DNS api.livechatinc.com (5) 5353 2013-12-20 14:27:35 UTC 2022-09-19 04:42:27 UTC 23.36.79.17
mnemonic passive DNS ocsp.sca1b.amazontrust.com (4) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 143.204.42.156
mnemonic passive DNS main.exosrv.com (1) 206751 2016-11-30 11:41:20 UTC 2022-09-19 08:04:00 UTC 95.211.229.245
mnemonic passive DNS ocsp.pki.goog (9) 175 2017-06-14 07:23:31 UTC 2022-09-19 04:27:19 UTC 142.250.74.3
mnemonic passive DNS ws-cdn001.akamaized.net (1) 188179 2021-10-21 16:23:57 UTC 2022-09-19 05:31:01 UTC 23.36.77.10
mnemonic passive DNS x.bidswitch.net (6) 286 2017-08-28 15:21:00 UTC 2022-09-19 04:33:32 UTC 3.126.140.73
mnemonic passive DNS secure.livechatinc.com (1) 6541 2012-08-20 19:27:12 UTC 2022-09-19 04:42:28 UTC 23.36.79.17
mnemonic passive DNS bizzoreg.com (2) 0 2021-07-30 10:10:29 UTC 2022-09-19 11:39:43 UTC 172.67.68.203 Unknown ranking
mnemonic passive DNS main.realsrv.com (1) 91110 2019-02-11 13:11:59 UTC 2022-09-19 08:04:00 UTC 95.211.229.245
mnemonic passive DNS platform.bizzocasino.com (25) 0 2022-01-12 13:05:28 UTC 2022-09-13 19:58:36 UTC 104.26.8.22 Domain (bizzocasino.com) ranked at: 291590
mnemonic passive DNS d2i76d1bskcqlp.cloudfront.net (10) 0 2022-03-01 15:03:20 UTC 2022-09-13 21:49:37 UTC 54.230.245.154 Unknown ranking
mnemonic passive DNS tracker.growthbuddy.app (1) 153665 2020-11-30 13:00:07 UTC 2022-09-16 05:30:27 UTC 52.31.198.104
mnemonic passive DNS ocsp.entrust.net (2) 1208 2013-07-24 12:09:14 UTC 2022-09-19 04:27:21 UTC 104.110.10.32
mnemonic passive DNS trc.taboola.com (1) 602 2013-07-11 10:17:31 UTC 2022-09-19 04:40:19 UTC 151.101.85.44
mnemonic passive DNS accounts.livechatinc.com (1) 7698 2017-07-31 05:50:56 UTC 2022-09-19 04:42:29 UTC 23.36.79.17
mnemonic passive DNS tag.growthbuddy.app (1) 470040 2020-11-30 13:00:05 UTC 2022-09-16 05:30:27 UTC 52.31.198.104
mnemonic passive DNS fonts.gstatic.com (1) 0 2014-08-29 13:43:22 UTC 2022-09-19 04:27:25 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS region1.google-analytics.com (1) 0 2022-03-17 11:26:33 UTC 2022-09-19 05:10:35 UTC 216.239.32.36 Domain (google-analytics.com) ranked at: 8401
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-19 04:30:26 UTC 34.117.237.239
mnemonic passive DNS ocsp.digicert.com (4) 86 2012-05-21 07:02:23 UTC 2022-09-19 11:44:46 UTC 93.184.220.29
mnemonic passive DNS tm.ads.sportradar.com (1) 40177 2019-07-25 10:47:51 UTC 2022-09-19 10:01:45 UTC 23.36.79.43
mnemonic passive DNS tracker.ads.sportradar.com (2) 41720 2019-05-23 08:10:00 UTC 2022-09-19 10:01:46 UTC 23.36.79.43
mnemonic passive DNS a.sportradarserving.com (4) 2372 2019-05-18 08:44:07 UTC 2022-09-19 04:59:34 UTC 52.29.158.178
mnemonic passive DNS track.trackingtraffo.com (2) 0 2021-12-15 22:48:04 UTC 2022-09-19 08:04:00 UTC 88.214.195.156 Unknown ranking
mnemonic passive DNS cdn.onesignal.com (1) 3015 2015-04-22 13:41:50 UTC 2022-09-19 05:13:47 UTC 104.18.225.52
mnemonic passive DNS tags.feedad.com (1) 26948 2019-10-23 18:30:02 UTC 2022-09-19 05:28:39 UTC 216.239.38.21
mnemonic passive DNS secure.adnxs.com (3) 396 2012-05-22 16:37:37 UTC 2022-09-19 04:35:17 UTC 185.89.210.141
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-09-19 13:15:20 UTC 143.204.55.35
mnemonic passive DNS ocsp.sectigo.com (3) 487 2018-12-17 11:31:55 UTC 2022-09-19 10:51:19 UTC 172.64.155.188
mnemonic passive DNS casino.cur.a8r.games (1) 336046 2021-05-15 15:15:03 UTC 2022-09-19 05:31:01 UTC 172.64.145.200
mnemonic passive DNS my.rtmark.net (2) 9054 2017-08-22 14:11:49 UTC 2022-09-19 06:28:42 UTC 139.45.195.8


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 104.26.2.121

Date UQ / IDS / BL URL IP
2022-11-26 08:59:06 +0000
0 - 0 - 2 bizzoreg.com/es/registration 104.26.2.121
2022-11-10 14:43:48 +0000
0 - 0 - 2 bizzoreg.com/cz 104.26.2.121
2022-10-15 02:38:59 +0000
0 - 0 - 2 bizzoreg.com/en_ca?btag=667527_92289C8C53FD46 (...) 104.26.2.121
2022-09-19 15:04:36 +0000
0 - 0 - 2 bizzoreg.com/tournaments/awesome-christmas-race 104.26.2.121
2022-09-01 01:57:12 +0000
0 - 0 - 2 bizzoreg.com/pt 104.26.2.121

Last 5 reports on ASN: CLOUDFLARENET

Date UQ / IDS / BL URL IP
2022-11-29 00:50:54 +0000
0 - 0 - 1 bafybeihngfmvx6gtwmcunfiykyfhr5g75prdf6wibdhd (...) 104.18.22.52
2022-11-29 00:49:16 +0000
0 - 0 - 2 a.startprizesurveynow.top/ 104.21.94.142
2022-11-29 00:48:50 +0000
0 - 0 - 3 c.pseessustijy.com/ 104.21.33.3
2022-11-29 00:47:33 +0000
0 - 0 - 17 0afcu.com/login 104.16.243.78
2022-11-29 00:46:05 +0000
0 - 0 - 7 smartanswer-ph.com/ 104.21.67.124

Last 5 reports on domain: bizzoreg.com

Date UQ / IDS / BL URL IP
2022-11-26 08:59:06 +0000
0 - 0 - 2 bizzoreg.com/es/registration 104.26.2.121
2022-11-10 14:43:48 +0000
0 - 0 - 2 bizzoreg.com/cz 104.26.2.121
2022-10-15 02:38:59 +0000
0 - 0 - 2 bizzoreg.com/en_ca?btag=667527_92289C8C53FD46 (...) 104.26.2.121
2022-09-19 15:04:36 +0000
0 - 0 - 2 bizzoreg.com/tournaments/awesome-christmas-race 104.26.2.121
2022-09-13 08:07:25 +0000
0 - 0 - 1 bizzoreg.com/cz 104.26.3.121

No other reports with similar screenshot



JavaScript

Executed Scripts (47)


Executed Evals (5)

#1 JavaScript::Eval (size: 15578, repeated: 1) - SHA256: 82b81c86cdae578664003b993458bc63c9de6f989bde32d1671110605cbbb93f

                                        /* Anti-spam. Want to say hello? Contact (base64) Ym90Z3VhcmQtY29udGFjdEBnb29nbGUuY29t */
(function() {
    var c = function(h) {
            return h
        },
        Y = this || self,
        y = function(h, U) {
            if (h = (U = Y.trustedTypes, null), !U || !U.createPolicy) return h;
            try {
                h = U.createPolicy("bg", {
                    createHTML: c,
                    createScript: c,
                    createScriptURL: c
                })
            } catch (w) {
                Y.console && Y.console.error(w.message)
            }
            return h
        };
    (0, eval)(function(h, U) {
        return (U = y()) && 1 === h.eval(U.createScript("1")) ? function(w) {
            return U.createScript(w)
        } : function(w) {
            return "" + w
        }
    }(Y)(Array(7824 * Math.random() | 0).join("\n") + '(function(){var p=function(h,U){if(h.v)return hi(h,h.P);return(U=v(true,8,h),U)&128&&(U^=128,h=v(true,2,h),U=(U<<2)+(h|0)),U},T=function(h,U,c){c=this;try{Uu(U,this,h)}catch(Y){E(this,Y),U(function(A){A(c.F)})}},X=function(h,U,c,Y,A,w){if(!U.S){if(3<(h=m(419,((0==(Y=m((A=void 0,h&&h[0]===R&&(A=h[2],c=h[1],h=void 0),418),U),Y.length)&&(w=m(168,U)>>3,Y.push(c,w>>8&255,w&255),void 0!=A&&Y.push(A&255)),c="",h)&&(h.message&&(c+=h.message),h.stack&&(c+=":"+h.stack)),U)),h)){c=(h-=(c=c.slice(0,(h|0)-3),(c.length|0)+3),wH(c)),A=U.j,U.j=U;try{q(U,23,u(c.length,2).concat(c),9)}finally{U.j=A}}I(419,U,h)}},YC=function(h,U){if(U=(h=f.trustedTypes,null),!h||!h.createPolicy)return U;try{U=h.createPolicy("bg",{createHTML:cv,createScript:cv,createScriptURL:cv})}catch(c){f.console&&f.console.error(c.message)}return U},zq=function(h,U,c,Y,A,w){function y(){if(Y.j==Y){if(Y.K){var z=[D,c,U,void 0,A,w,arguments];if(2==h)var g=V(Y,(H(z,Y),false),false);else if(1==h){var r=!Y.h.length;H(z,Y),r&&V(Y,false,false)}else g=yF(Y,z);return g}A&&w&&A.removeEventListener(w,y,Z)}}return y},Ai=function(h,U){return h(function(c){c(U)}),[function(){return U}]},E=function(h,U){h.F=((h.F?h.F+"~":"E:")+U.message+":"+U.stack).slice(0,2048)},i4=function(h,U,c,Y){for(c=(Y=p(U),0);0<h;h--)c=c<<8|N(U);I(Y,U,c)},pl=function(h,U,c,Y){return m(408,(I(108,(vv(h,((Y=m(108,h),h.W)&&Y<h.Z?(I(108,h,h.Z),rH(h,U)):I(108,h,U),c)),h),Y),h))},wH=function(h,U,c,Y,A){for(A=(U=(h=h.replace(/\\r\\n/g,"\\n"),[]),c=0);c<h.length;c++)Y=h.charCodeAt(c),128>Y?U[A++]=Y:(2048>Y?U[A++]=Y>>6|192:(55296==(Y&64512)&&c+1<h.length&&56320==(h.charCodeAt(c+1)&64512)?(Y=65536+((Y&1023)<<10)+(h.charCodeAt(++c)&1023),U[A++]=Y>>18|240,U[A++]=Y>>12&63|128):U[A++]=Y>>12|224,U[A++]=Y>>6&63|128),U[A++]=Y&63|128);return U},Eu=function(h,U){return h[U]<<24|h[(U|0)+1]<<16|h[(U|0)+2]<<8|h[(U|0)+3]},Tq=function(h,U,c,Y){function A(){}return{invoke:(Y=xC(h,function(w){A&&(U&&K(U),c=w,A(),A=void 0)},(c=void 0,!!U))[0],function(w,y,z,g){function r(){c(function(x){K(function(){w(x)})},z)}if(!y)return y=Y(z),w&&w(y),y;c?r():(g=A,A=function(){(g(),K)(r)})})}},e=function(h,U){for(U=[];h--;)U.push(255*Math.random()|0);return U},I=function(h,U,c){if(108==h||168==h)U.K[h]?U.K[h].concat(c):U.K[h]=M9(U,c);else{if(U.S&&142!=h)return;158==h||23==h||190==h||418==h||77==h?U.K[h]||(U.K[h]=SD(U,c,h,38)):U.K[h]=SD(U,c,h,41)}142==h&&(U.U=v(false,32,U),U.J=void 0)},b=function(h,U,c){c[I(U,h,c),Ou]=2796},q=function(h,U,c,Y,A,w){if(h.j==h)for(w=m(U,h),23==U?(U=function(y,z,g,r){if(r=((z=w.length,z)|0)-4>>3,w.eN!=r){r=[0,0,(w.eN=r,g=(r<<3)-4,A)[1],A[2]];try{w.kR=Ri(Eu(w,(g|0)+4),r,Eu(w,g))}catch(x){throw x;}}w.push(w.kR[z&7]^y)},A=m(77,h)):U=function(y){w.push(y)},Y&&U(Y&255),h=c.length,Y=0;Y<h;Y++)U(c[Y])},k,mu=function(h,U,c){return U.g(function(Y){c=Y},false,h),c},Uu=function(h,U,c,Y,A){for((U.Qc=((U.qI=su,U).Zs=(U.dd=q9,U[n]),u4)(U.H,{get:function(){return this.concat()}}),U).Hs=W[U.H](U.Qc,{value:{value:{}}}),Y=[],A=0;128>A;A++)Y[A]=String.fromCharCode(A);V(U,true,(H((H([(H((b(U,(b((b(U,(I(((b(U,(b(U,(b(U,(U.br=(b(U,(I(335,U,(I(190,(b(U,103,(I(158,U,[160,(b((b(U,318,(b(U,436,(b((b(U,114,(b(U,33,(I((b(U,260,(b(U,222,(b(U,242,(I((b(U,133,(b((b(U,215,(b(U,398,(b(U,(b((b(U,(I(23,(b(U,(I(418,U,((I(168,U,(I(108,(U.tZ=((U.Fu=false,A=window.performance||{},U).S=((U.N=(U.G=8001,U.D=void 0,U.X=[],0),U.hZ=(U.h=[],function(w){this.j=w}),U.Y=1,U).F=(U.Z=0,U.B=25,U.j=(U.J=void 0,U),(U.u=0,U).L=null,void 0),false),(U.s=(U.yc=[],0),(U.P=(U.i=false,void 0),U).W=(U.OB=0,[]),U).U=(U.V=[],U.C=(U.o=0,U.K=[],U.v=void 0,0),U.R=void 0,void 0),A.timeOrigin||(A.timing||{}).navigationStart||0),U),0),0)),b)(U,91,function(w,y,z,g){z=(g=(z=p(w),p(w)),y=p(w),g=m(g,w),m(z,w)==g),I(y,w,+z)}),[])),179),function(w,y,z,g,r){I((z=(y=p((z=(g=(r=p(w),p(w)),p)(w),w)),y=m(y,w),m(z,w)),g=m(g,w),r),w,zq(y,z,g,w))}),U),e(4)),486),function(w){QF(w,4)}),U),507,function(w){l4(w,4)}),462),function(w,y,z){J(false,y,true,w)||(y=p(w),z=p(w),I(z,w,function(g){return eval(g)}(oi(m(y,w.j)))))}),function(w,y,z,g){I((z=(y=p(w),g=N(w),p)(w),z),w,m(y,w)>>>g)})),function(w,y,z,g,r){0!==(z=(y=m((r=(g=m((z=p((r=p(w),w)),y=p(w),g=p(w),g),w),m)(r,w.j),y),w),m(z,w)),r)&&(g=zq(1,g,y,w,r,z),r.addEventListener(z,g,Z),I(246,w,[r,z,g]))})),I(385,U,0),U),266,function(w,y,z,g,r,x,M,O,S,C,Q,F){function a(l,G){for(;S<l;)g|=N(w)<<S,S+=8;return S-=l,G=g&(1<<l)-1,g>>=l,G}for(x=(Q=(C=(S=(z=p(w),g=0),(a(3)|0)+1),a(5)),r=M=0,[]);r<Q;r++)y=a(1),x.push(y),M+=y?0:1;for(O=(M=((M|0)-1).toString(2).length,[]),r=0;r<Q;r++)x[r]||(O[r]=a(M));for(M=0;M<Q;M++)x[M]&&(O[M]=p(w));for(F=[];C--;)F.push(m(p(w),w));b(w,z,function(l,G,P,L,gH){for(G=(gH=[],0),L=[];G<Q;G++){if(!x[P=O[G],G]){for(;P>=L.length;)L.push(p(l));P=L[P]}gH.push(P)}l.P=M9(l,(l.v=M9(l,F.slice()),gH))})}),function(w,y,z,g,r,x){J(false,y,true,w)||(z=Ii(w.j),y=z.KJ,x=z.jN,r=z.A,z=z.O,g=z.length,x=0==g?new x[r]:1==g?new x[r](z[0]):2==g?new x[r](z[0],z[1]):3==g?new x[r](z[0],z[1],z[2]):4==g?new x[r](z[0],z[1],z[2],z[3]):2(),I(y,w,x))})),77),U,[0,0,0]),function(){})),U.LJ=0,I(419,U,2048),function(w,y,z,g,r,x,M){for(y=(M=(x=m(237,(z=(g=(r=p(w),X$)(w),""),w)),x.length),0);g--;)y=((y|0)+(X$(w)|0))%M,z+=Y[x[y]];I(r,w,z)})),function(w,y,z,g,r){for(g=(r=(y=X$((z=p(w),w)),0),[]);r<y;r++)g.push(N(w));I(z,w,g)})),296),U,U),function(w,y,z,g){y=(z=(g=(z=(y=p(w),p)(w),p)(w),m)(z,w),m)(y,w),I(g,w,y in z|0)})),function(w,y,z,g){I((z=m((y=(g=(y=(z=p(w),p)(w),p)(w),m(y,w)),z),w),g),w,z[y])})),U),76,function(w,y,z){(z=0!=(y=(z=p(w),p(w)),m(z,w)),y=m(y,w),z)&&I(108,w,y)}),function(w){QF(w,1)})),function(w,y,z,g){I((z=(g=(y=p(w),p(w)),p(w)),z),w,m(y,w)||m(g,w))})),U),510,function(w,y,z,g){if(y=w.yc.pop()){for(z=N(w);0<z;z--)g=p(w),y[g]=w.K[g];w.K=(y[419]=(y[418]=w.K[418],w).K[419],y)}else I(108,w,w.Z)}),b(U,113,function(w,y,z,g,r){r=(z=p((y=p(w),w)),p)(w),w.j==w&&(g=m(y,w),r=m(r,w),z=m(z,w),g[z]=r,142==y&&(w.J=void 0,2==z&&(w.U=v(false,32,w),w.J=void 0)))}),0),0]),function(w){i4(4,w)})),I(369,U,477),U),[]),f)),I(408,U,{}),397),function(w,y,z,g,r,x){if(!J(true,y,true,w)){if("object"==(w=(g=(r=m((y=m((x=p((g=(r=(y=p(w),p(w)),p(w)),w)),y),w),r),w),m)(g,w),m(x,w)),fl(y))){for(z in x=[],y)x.push(z);y=x}for(x=0,z=y.length,g=0<g?g:1;x<z;x+=g)r(y.slice(x,(x|0)+(g|0)),w)}}),0),85),function(w,y,z){(y=fl((y=m((z=(y=p(w),p(w)),y),w),y)),I)(z,w,y)}),431),function(w,y,z,g){!J(false,y,true,w)&&(y=Ii(w),z=y.jN,g=y.A,w.j==w||g==w.hZ&&z==w)&&(I(y.KJ,w,g.apply(z,y.O)),w.o=w.T())}),254),function(w,y){rH((y=m(p(w),w),w.j),y)}),U).IO=0,246),U,0),71),function(w,y){w=m((y=p(w),y),w.j),w[0].removeEventListener(w[1],w[2],Z)}),b(U,468,function(w,y,z){z=(y=p(w),p(w)),I(z,w,""+m(y,w))}),U),58,function(w,y,z,g){g=(y=m((z=(g=p(w),p(w)),z),w),m(g,w)),I(z,w,y+g)}),449),function(w){l4(w,3)}),[Ou]),U),d),c],U),[jD,h]),U),true))},hi=function(h,U){return U=U.create().shift(),h.v.create().length||h.P.create().length||(h.v=void 0,h.P=void 0),U},SD=function(h,U,c,Y,A,w,y,z){return(z=W[h.H]((U=[-74,93,-46,-30,9,-35,U,-89,(w=Gq,y=Y&7,40),87],h.Qc)),z)[h.H]=function(g){A=(y+=6+7*Y,y&=7,g)},z.concat=function(g){return(g=(A=(g=(g=c%16+1,3*c*c*g+U[y+27&7]*c*g+(w()|0)*g+54*A*A-162*c*c*A-5022*c*A)-g*A- -4752*A+y,void 0),U[g]),U)[(y+45&7)+(Y&2)]=g,U[y+(Y&2)]=93,g},z},rH=function(h,U){I(108,h,(h.yc.push(h.K.slice()),h.K[108]=void 0,U))},m=function(h,U){if(void 0===(U=U.K[h],U))throw[R,30,h];if(U.value)return U.create();return U.create(3*h*h+93*h+-88),U.prototype},Ii=function(h,U,c,Y,A,w){for(Y=p((c=((A=(w=h[F$]||{},p)(h),w.KJ=p(h),w).O=[],h.j==h?(N(h)|0)-1:1),h)),U=0;U<c;U++)w.O.push(p(h));for(;c--;)w.O[c]=m(w.O[c],h);return(w.jN=m(Y,h),w).A=m(A,h),w},v=function(h,U,c,Y,A,w,y,z,g,r,x,M,O,S){if(y=m(108,c),y>=c.Z)throw[R,31];for(O=(g=(S=y,c).Zs.length,U),z=0;0<O;)A=S>>3,M=S%8,w=c.W[A],r=8-(M|0),r=r<O?r:O,h&&(Y=c,Y.J!=S>>6&&(Y.J=S>>6,x=m(142,Y),Y.D=Ri(Y.J,[0,0,x[1],x[2]],Y.U)),w^=c.D[A&g]),S+=r,z|=(w>>8-(M|0)-(r|0)&(1<<r)-1)<<(O|0)-(r|0),O-=r;return I(108,c,(h=z,(y|0)+(U|0))),h},DN=function(h,U,c,Y){for(;h.h.length;){c=(h.L=null,h.h.pop());try{Y=yF(h,c)}catch(A){E(h,A)}if(U&&h.L){(U=h.L,U)(function(){V(h,true,true)});break}}return Y},V=function(h,U,c,Y,A,w){if(h.h.length){h.i=(h.i&&0(),true),h.Fu=c;try{w=h.T(),h.C=w,h.o=w,h.R=0,Y=DN(h,c),A=h.T()-h.C,h.s+=A,A<(U?0:10)||0>=h.B--||(A=Math.floor(A),h.V.push(254>=A?A:254))}finally{h.i=false}return Y}},Hv=function(h,U){(U.push(h[0]<<24|h[1]<<16|h[2]<<8|h[3]),U).push(h[4]<<24|h[5]<<16|h[6]<<8|h[7]),U.push(h[8]<<24|h[9]<<16|h[10]<<8|h[11])},M9=function(h,U,c){return(c=W[h.H](h.Hs),c)[h.H]=function(){return U},c.concat=function(Y){U=Y},c},Ri=function(h,U,c,Y,A){for(A=(U=U[Y=U[2]|0,3]|0,0);14>A;A++)h=h>>>8|h<<24,h+=c|0,c=c<<3|c>>>29,h^=Y+1890,U=U>>>8|U<<24,U+=Y|0,c^=h,Y=Y<<3|Y>>>29,U^=A+1890,Y^=U;return[c>>>24&255,c>>>16&255,c>>>8&255,c>>>0&255,h>>>24&255,h>>>16&255,h>>>8&255,h>>>0&255]},J=function(h,U,c,Y,A,w,y,z,g){if(((((w=(g=(A=(c||Y.R++,0<Y.N&&Y.i&&Y.Fu&&1>=Y.u&&!Y.v&&!Y.L&&(!c||1<Y.G-U)&&0==document.hidden),z=(y=4==Y.R)||A?Y.T():Y.o,z)-Y.o,g>>14),Y).U&&(Y.U^=w*(g<<2)),Y).Y+=w,Y).j=w||Y.j,y)||A)Y.o=z,Y.R=0;if(!A||z-Y.C<Y.N-(h?255:c?5:2))return false;return!(((I((h=m(c?168:108,(Y.G=U,Y)),108),Y,Y.Z),Y.h).push([VF,h,c?U+1:U]),Y).L=K,0)},xC=function(h,U,c,Y){return(Y=t[h.substring(0,3)+"_"])?Y(h.substring(3),U,c):Ai(U,h)},l4=function(h,U,c,Y,A){q(h,((c=m((Y=(c=p((A=U&3,U&=4,h)),p(h)),c),h),U)&&(c=wH(""+c)),A&&q(h,Y,u(c.length,2)),Y),c)},ai=function(h,U,c){if(3==h.length){for(c=0;3>c;c++)U[c]+=h[c];for(c=[13,8,13,12,16,(h=0,5),3,10,15];9>h;h++)U[3](U,h%3,c[h])}},t,f=this||self,Z={passive:true,capture:true},QF=function(h,U,c,Y){q(h,(c=p((Y=p(h),h)),c),u(m(Y,h),U))},cv=function(h){return h},fl=function(h,U,c){if((c=typeof h,"object")==c)if(h){if(h instanceof Array)return"array";if(h instanceof Object)return c;if("[object Window]"==(U=Object.prototype.toString.call(h),U))return"object";if("[object Array]"==U||"number"==typeof h.length&&"undefined"!=typeof h.splice&&"undefined"!=typeof h.propertyIsEnumerable&&!h.propertyIsEnumerable("splice"))return"array";if("[object Function]"==U||"undefined"!=typeof h.call&&"undefined"!=typeof h.propertyIsEnumerable&&!h.propertyIsEnumerable("call"))return"function"}else return"null";else if("function"==c&&"undefined"==typeof h.call)return"object";return c},u4=function(h,U){return W[h](W.prototype,{call:U,console:U,floor:U,replace:U,stack:U,splice:U,document:U,pop:U,propertyIsEnumerable:U,length:U,prototype:U,parent:U})},K=f.requestIdleCallback?function(h){requestIdleCallback(function(){h()},{timeout:4})}:f.setImmediate?function(h){setImmediate(h)}:function(h){setTimeout(h,0)},X$=function(h,U){return(U=N(h),U)&128&&(U=U&127|N(h)<<7),U},N=function(h){return h.v?hi(h,h.P):v(true,8,h)},u=function(h,U,c,Y){for(c=(Y=(U|0)-1,[]);0<=Y;Y--)c[(U|0)-1-(Y|0)]=h>>8*Y&255;return c},H=function(h,U){U.h.splice(0,0,h)},ZN=function(h,U,c,Y){try{Y=h[((U|0)+2)%3],h[U]=(h[U]|0)-(h[((U|0)+1)%3]|0)-(Y|0)^(1==U?Y<<c:Y>>>c)}catch(A){throw A;}},vv=function(h,U,c,Y,A,w){if(!h.F){h.u++;try{for(A=(Y=(c=0,h.Z),void 0);--U;)try{if((w=void 0,h).v)A=hi(h,h.v);else{if((c=m(108,h),c)>=Y)break;A=(w=(I(168,h,c),p(h)),m(w,h))}J(false,(A&&A[N9]&2048?A(h,U):X([R,21,w],h,0),U),false,h)}catch(y){m(369,h)?X(y,h,22):I(369,h,y)}if(!U){if(h.vs){vv(h,(h.u--,446149057662));return}X([R,33],h,0)}}catch(y){try{X(y,h,22)}catch(z){E(h,z)}}h.u--}},yF=function(h,U,c,Y,A){if(c=U[0],c==B)h.B=25,h.I(U);else if(c==n){Y=U[1];try{A=h.F||h.I(U)}catch(w){E(h,w),A=h.F}Y(A)}else if(c==VF)h.I(U);else if(c==d)h.I(U);else if(c==jD){try{for(A=0;A<h.X.length;A++)try{Y=h.X[A],Y[0][Y[1]](Y[2])}catch(w){}}catch(w){}(0,U[1])((h.X=[],function(w,y){h.g(w,true,y)}),function(w){(w=!h.h.length,H([N9],h),w)&&V(h,false,true)})}else{if(c==D)return A=U[2],I(371,h,U[6]),I(408,h,A),h.I(U);c==N9?(h.W=[],h.K=null,h.V=[]):c==Ou&&"loading"===f.document.readyState&&(h.L=function(w,y){function z(){y||(y=true,w())}(y=false,f).document.addEventListener("DOMContentLoaded",z,Z),f.addEventListener("load",z,Z)})}},F$=String.fromCharCode(105,110,116,101,103,67,104,101,99,107,66,121,112,97,115,115),d=((T.prototype.oO=void 0,(T.prototype.vs=false,T).prototype).Ws=void 0,[]),Ou=(T.prototype.l="toString",[]),B=[],n=[],VF=[],N9=[],R={},D=[],jD=[],W=((Hv,e,ZN,function(){})(ai),R.constructor),Gq=((((k=(T.prototype.H="create",T.prototype),k).EB=function(){return Math.floor(this.s+(this.T()-this.C))},k).T=(window.performance||{}).now?function(){return this.tZ+window.performance.now()}:function(){return+new Date},k).pJ=function(h,U,c){return((U=(U^=U<<13,U^=U>>17,(U^U<<5)&c))||(U=1),h)^U},k.JZ=function(){return Math.floor(this.T())},void 0),q9=(((k.g=function(h,U,c,Y,A){if((c="array"===fl(c)?c:[c],this).F)h(this.F);else try{Y=[],A=!this.h.length,H([B,Y,c],this),H([n,h,Y],this),U&&!A||V(this,true,U)}catch(w){E(this,w),h(this.F)}},k.Ps=function(h,U,c,Y,A,w){for(Y=w=0,c=[];Y<h.length;Y++)for(w+=U,A=A<<U|h[Y];7<w;)w-=8,c.push(A>>w&255);return c},k).UB=function(h,U,c,Y,A){for(A=Y=0;Y<h.length;Y++)A+=h.charCodeAt(Y),A+=A<<10,A^=A>>6;return Y=new (h=(A+=A<<3,A^=A>>11,A)+(A<<15)>>>0,Number)(h&(1<<U)-1),Y[0]=(h>>>U)%c,Y},T.prototype).I=function(h,U){return U=(h={},Gq=function(){return h==U?-88:-31},{}),function(c,Y,A,w,y,z,g,r,x,M,O,S,C,Q,F){h=(z=h,U);try{if(M=c[0],M==d){C=c[1];try{for(w=(Y=(S=atob(C),Q=[],0),0);w<S.length;w++)g=S.charCodeAt(w),255<g&&(Q[Y++]=g&255,g>>=8),Q[Y++]=g;I(142,this,(this.Z=(this.W=Q,this.W).length<<3,[0,0,0]))}catch(a){X(a,this,17);return}vv(this,8001)}else if(M==B)c[1].push(m(419,this),m(23,this).length,m(158,this).length,m(190,this).length),I(408,this,c[2]),this.K[366]&&pl(this,m(366,this),8001);else{if(M==n){this.j=(F=u((m(158,(Y=c[2],this)).length|0)+2,2),x=this.j,this);try{A=m(418,this),0<A.length&&q(this,158,u(A.length,2).concat(A),10),q(this,158,u(this.Y,1),109),q(this,158,u(this[n].length,1)),S=0,S+=m(385,this)&2047,y=m(23,this),S-=(m(158,this).length|0)+5,4<y.length&&(S-=(y.length|0)+3),0<S&&q(this,158,u(S,2).concat(e(S)),15),4<y.length&&q(this,158,u(y.length,2).concat(y),156)}finally{this.j=x}if(O=(((w=e(2).concat(m(158,this)),w)[1]=w[0]^6,w)[3]=w[1]^F[0],w[4]=w[1]^F[1],this.wd(w)))O="!"+O;else for(S=0,O="";S<w.length;S++)r=w[S][this.l](16),1==r.length&&(r="0"+r),O+=r;return m((m(158,(m(23,(I(419,this,(Q=O,Y.shift())),this)).length=Y.shift(),this)).length=Y.shift(),190),this).length=Y.shift(),Q}if(M==VF)pl(this,c[1],c[2]);else if(M==D)return pl(this,c[1],8001)}}finally{h=z}}}(),/./),su,Kl=(T.prototype[T.prototype.wd=(T.prototype.cs=0,T.prototype.T3=0,function(h,U,c,Y){if(c=window.btoa){for(Y="",U=0;U<h.length;U+=8192)Y+=String.fromCharCode.apply(null,h.slice(U,U+8192));h=c(Y).replace(/\\+/g,"-").replace(/\\//g,"_").replace(/=/g,"")}else h=void 0;return h}),jD]=[0,0,1,1,0,1,1],d).pop.bind(T.prototype[B]),oi=function(h,U){return(U=YC())&&1===h.eval(U.createScript("1"))?function(c){return U.createScript(c)}:function(c){return""+c}}((su=u4((q9[T.prototype.l]=Kl,T.prototype).H,{get:Kl}),T.prototype.rd=void 0,f));(40<(t=f.botguard||(f.botguard={}),t).m||(t.m=41,t.bg=Tq,t.a=xC),t).YBO_=function(h,U,c){return c=new T(h,U),[function(Y){return mu(Y,c)}]};}).call(this);'));
}).call(this);
                                    

#2 JavaScript::Eval (size: 64, repeated: 1) - SHA256: 3755a8c0633fef887d8f3e30674dfbef87ddb8b872bf69663731ed531f6a6ed0

                                        0,
function(w, y, z) {
    I((z = (y = (z = p(w), p)(w), w.K[z] && m(z, w)), y), w, z)
}
                                    

#3 JavaScript::Eval (size: 22, repeated: 1) - SHA256: e305e4a9f1526070c2c93d1248512d6460115b8db421e150919978d6f2df61a2

                                        0,
function(w) {
    i4(1, w)
}
                                    

#4 JavaScript::Eval (size: 22, repeated: 1) - SHA256: 45f5e5195f57ae43fbd3dacdbdf1de261f7a716f6241be91b64b0a1e990cdc75

                                        0,
function(w) {
    i4(2, w)
}
                                    

#5 JavaScript::Eval (size: 19378, repeated: 1) - SHA256: 070449aa3f507aedaf6e0e4941135df3a319e533ef60e555b7c286e5e11c0d5c

                                        (function() {
    var p = function(h, U) {
            if (h.v) return hi(h, h.P);
            return (U = v(true, 8, h), U) & 128 && (U ^= 128, h = v(true, 2, h), U = (U << 2) + (h | 0)), U
        },
        T = function(h, U, c) {
            c = this;
            try {
                Uu(U, this, h)
            } catch (Y) {
                E(this, Y), U(function(A) {
                    A(c.F)
                })
            }
        },
        X = function(h, U, c, Y, A, w) {
            if (!U.S) {
                if (3 < (h = m(419, ((0 == (Y = m((A = void 0, h && h[0] === R && (A = h[2], c = h[1], h = void 0), 418), U), Y.length) && (w = m(168, U) >> 3, Y.push(c, w >> 8 & 255, w & 255), void 0 != A && Y.push(A & 255)), c = "", h) && (h.message && (c += h.message), h.stack && (c += ":" + h.stack)), U)), h)) {
                    c = (h -= (c = c.slice(0, (h | 0) - 3), (c.length | 0) + 3), wH(c)), A = U.j, U.j = U;
                    try {
                        q(U, 23, u(c.length, 2).concat(c), 9)
                    } finally {
                        U.j = A
                    }
                }
                I(419, U, h)
            }
        },
        YC = function(h, U) {
            if (U = (h = f.trustedTypes, null), !h || !h.createPolicy) return U;
            try {
                U = h.createPolicy("bg", {
                    createHTML: cv,
                    createScript: cv,
                    createScriptURL: cv
                })
            } catch (c) {
                f.console && f.console.error(c.message)
            }
            return U
        },
        zq = function(h, U, c, Y, A, w) {
            function y() {
                if (Y.j == Y) {
                    if (Y.K) {
                        var z = [D, c, U, void 0, A, w, arguments];
                        if (2 == h) var g = V(Y, (H(z, Y), false), false);
                        else if (1 == h) {
                            var r = !Y.h.length;
                            H(z, Y), r && V(Y, false, false)
                        } else g = yF(Y, z);
                        return g
                    }
                    A && w && A.removeEventListener(w, y, Z)
                }
            }
            return y
        },
        Ai = function(h, U) {
            return h(function(c) {
                c(U)
            }), [function() {
                return U
            }]
        },
        E = function(h, U) {
            h.F = ((h.F ? h.F + "~" : "E:") + U.message + ":" + U.stack).slice(0, 2048)
        },
        i4 = function(h, U, c, Y) {
            for (c = (Y = p(U), 0); 0 < h; h--) c = c << 8 | N(U);
            I(Y, U, c)
        },
        pl = function(h, U, c, Y) {
            return m(408, (I(108, (vv(h, ((Y = m(108, h), h.W) && Y < h.Z ? (I(108, h, h.Z), rH(h, U)) : I(108, h, U), c)), h), Y), h))
        },
        wH = function(h, U, c, Y, A) {
            for (A = (U = (h = h.replace(/\r\n/g, "\n"), []), c = 0); c < h.length; c++) Y = h.charCodeAt(c), 128 > Y ? U[A++] = Y : (2048 > Y ? U[A++] = Y >> 6 | 192 : (55296 == (Y & 64512) && c + 1 < h.length && 56320 == (h.charCodeAt(c + 1) & 64512) ? (Y = 65536 + ((Y & 1023) << 10) + (h.charCodeAt(++c) & 1023), U[A++] = Y >> 18 | 240, U[A++] = Y >> 12 & 63 | 128) : U[A++] = Y >> 12 | 224, U[A++] = Y >> 6 & 63 | 128), U[A++] = Y & 63 | 128);
            return U
        },
        Eu = function(h, U) {
            return h[U] << 24 | h[(U | 0) + 1] << 16 | h[(U | 0) + 2] << 8 | h[(U | 0) + 3]
        },
        Tq = function(h, U, c, Y) {
            function A() {}
            return {
                invoke: (Y = xC(h, function(w) {
                    A && (U && K(U), c = w, A(), A = void 0)
                }, (c = void 0, !!U))[0], function(w, y, z, g) {
                    function r() {
                        c(function(x) {
                            K(function() {
                                w(x)
                            })
                        }, z)
                    }
                    if (!y) return y = Y(z), w && w(y), y;
                    c ? r() : (g = A, A = function() {
                        (g(), K)(r)
                    })
                })
            }
        },
        e = function(h, U) {
            for (U = []; h--;) U.push(255 * Math.random() | 0);
            return U
        },
        I = function(h, U, c) {
            if (108 == h || 168 == h) U.K[h] ? U.K[h].concat(c) : U.K[h] = M9(U, c);
            else {
                if (U.S && 142 != h) return;
                158 == h || 23 == h || 190 == h || 418 == h || 77 == h ? U.K[h] || (U.K[h] = SD(U, c, h, 38)) : U.K[h] = SD(U, c, h, 41)
            }
            142 == h && (U.U = v(false, 32, U), U.J = void 0)
        },
        b = function(h, U, c) {
            c[I(U, h, c), Ou] = 2796
        },
        q = function(h, U, c, Y, A, w) {
            if (h.j == h)
                for (w = m(U, h), 23 == U ? (U = function(y, z, g, r) {
                        if (r = ((z = w.length, z) | 0) - 4 >> 3, w.eN != r) {
                            r = [0, 0, (w.eN = r, g = (r << 3) - 4, A)[1], A[2]];
                            try {
                                w.kR = Ri(Eu(w, (g | 0) + 4), r, Eu(w, g))
                            } catch (x) {
                                throw x;
                            }
                        }
                        w.push(w.kR[z & 7] ^ y)
                    }, A = m(77, h)) : U = function(y) {
                        w.push(y)
                    }, Y && U(Y & 255), h = c.length, Y = 0; Y < h; Y++) U(c[Y])
        },
        k, mu = function(h, U, c) {
            return U.g(function(Y) {
                c = Y
            }, false, h), c
        },
        Uu = function(h, U, c, Y, A) {
            for ((U.Qc = ((U.qI = su, U).Zs = (U.dd = q9, U[n]), u4)(U.H, {get: function() {
                        return this.concat()
                    }
                }), U).Hs = W[U.H](U.Qc, {
                    value: {
                        value: {}
                    }
                }), Y = [], A = 0; 128 > A; A++) Y[A] = String.fromCharCode(A);
            V(U, true, (H((H([(H((b(U, (b((b(U, (I(((b(U, (b(U, (b(U, (U.br = (b(U, (I(335, U, (I(190, (b(U, 103, (I(158, U, [160, (b((b(U, 318, (b(U, 436, (b((b(U, 114, (b(U, 33, (I((b(U, 260, (b(U, 222, (b(U, 242, (I((b(U, 133, (b((b(U, 215, (b(U, 398, (b(U, (b((b(U, (I(23, (b(U, (I(418, U, ((I(168, U, (I(108, (U.tZ = ((U.Fu = false, A = window.performance || {}, U).S = ((U.N = (U.G = 8001, U.D = void 0, U.X = [], 0), U.hZ = (U.h = [], function(w) {
                this.j = w
            }), U.Y = 1, U).F = (U.Z = 0, U.B = 25, U.j = (U.J = void 0, U), (U.u = 0, U).L = null, void 0), false), (U.s = (U.yc = [], 0), (U.P = (U.i = false, void 0), U).W = (U.OB = 0, []), U).U = (U.V = [], U.C = (U.o = 0, U.K = [], U.v = void 0, 0), U.R = void 0, void 0), A.timeOrigin || (A.timing || {}).navigationStart || 0), U), 0), 0)), b)(U, 91, function(w, y, z, g) {
                z = (g = (z = p(w), p(w)), y = p(w), g = m(g, w), m(z, w) == g), I(y, w, +z)
            }), [])), 179), function(w, y, z, g, r) {
                I((z = (y = p((z = (g = (r = p(w), p(w)), p)(w), w)), y = m(y, w), m(z, w)), g = m(g, w), r), w, zq(y, z, g, w))
            }), U), e(4)), 486), function(w) {
                QF(w, 4)
            }), U), 507, function(w) {
                l4(w, 4)
            }), 462), function(w, y, z) {
                J(false, y, true, w) || (y = p(w), z = p(w), I(z, w, function(g) {
                    return eval(g)
                }(oi(m(y, w.j)))))
            }), function(w, y, z, g) {
                I((z = (y = p(w), g = N(w), p)(w), z), w, m(y, w) >>> g)
            })), function(w, y, z, g, r) {
                0 !== (z = (y = m((r = (g = m((z = p((r = p(w), w)), y = p(w), g = p(w), g), w), m)(r, w.j), y), w), m(z, w)), r) && (g = zq(1, g, y, w, r, z), r.addEventListener(z, g, Z), I(246, w, [r, z, g]))
            })), I(385, U, 0), U), 266, function(w, y, z, g, r, x, M, O, S, C, Q, F) {
                function a(l, G) {
                    for (; S < l;) g |= N(w) << S, S += 8;
                    return S -= l, G = g & (1 << l) - 1, g >>= l, G
                }
                for (x = (Q = (C = (S = (z = p(w), g = 0), (a(3) | 0) + 1), a(5)), r = M = 0, []); r < Q; r++) y = a(1), x.push(y), M += y ? 0 : 1;
                for (O = (M = ((M | 0) - 1).toString(2).length, []), r = 0; r < Q; r++) x[r] || (O[r] = a(M));
                for (M = 0; M < Q; M++) x[M] && (O[M] = p(w));
                for (F = []; C--;) F.push(m(p(w), w));
                b(w, z, function(l, G, P, L, gH) {
                    for (G = (gH = [], 0), L = []; G < Q; G++) {
                        if (!x[P = O[G], G]) {
                            for (; P >= L.length;) L.push(p(l));
                            P = L[P]
                        }
                        gH.push(P)
                    }
                    l.P = M9(l, (l.v = M9(l, F.slice()), gH))
                })
            }), function(w, y, z, g, r, x) {
                J(false, y, true, w) || (z = Ii(w.j), y = z.KJ, x = z.jN, r = z.A, z = z.O, g = z.length, x = 0 == g ? new x[r] : 1 == g ? new x[r](z[0]) : 2 == g ? new x[r](z[0], z[1]) : 3 == g ? new x[r](z[0], z[1], z[2]) : 4 == g ? new x[r](z[0], z[1], z[2], z[3]) : 2(), I(y, w, x))
            })), 77), U, [0, 0, 0]), function() {})), U.LJ = 0, I(419, U, 2048), function(w, y, z, g, r, x, M) {
                for (y = (M = (x = m(237, (z = (g = (r = p(w), X$)(w), ""), w)), x.length), 0); g--;) y = ((y | 0) + (X$(w) | 0)) % M, z += Y[x[y]];
                I(r, w, z)
            })), function(w, y, z, g, r) {
                for (g = (r = (y = X$((z = p(w), w)), 0), []); r < y; r++) g.push(N(w));
                I(z, w, g)
            })), 296), U, U), function(w, y, z, g) {
                y = (z = (g = (z = (y = p(w), p)(w), p)(w), m)(z, w), m)(y, w), I(g, w, y in z | 0)
            })), function(w, y, z, g) {
                I((z = m((y = (g = (y = (z = p(w), p)(w), p)(w), m(y, w)), z), w), g), w, z[y])
            })), U), 76, function(w, y, z) {
                (z = 0 != (y = (z = p(w), p(w)), m(z, w)), y = m(y, w), z) && I(108, w, y)
            }), function(w) {
                QF(w, 1)
            })), function(w, y, z, g) {
                I((z = (g = (y = p(w), p(w)), p(w)), z), w, m(y, w) || m(g, w))
            })), U), 510, function(w, y, z, g) {
                if (y = w.yc.pop()) {
                    for (z = N(w); 0 < z; z--) g = p(w), y[g] = w.K[g];
                    w.K = (y[419] = (y[418] = w.K[418], w).K[419], y)
                } else I(108, w, w.Z)
            }), b(U, 113, function(w, y, z, g, r) {
                r = (z = p((y = p(w), w)), p)(w), w.j == w && (g = m(y, w), r = m(r, w), z = m(z, w), g[z] = r, 142 == y && (w.J = void 0, 2 == z && (w.U = v(false, 32, w), w.J = void 0)))
            }), 0), 0]), function(w) {
                i4(4, w)
            })), I(369, U, 477), U), []), f)), I(408, U, {}), 397), function(w, y, z, g, r, x) {
                if (!J(true, y, true, w)) {
                    if ("object" == (w = (g = (r = m((y = m((x = p((g = (r = (y = p(w), p(w)), p(w)), w)), y), w), r), w), m)(g, w), m(x, w)), fl(y))) {
                        for (z in x = [], y) x.push(z);
                        y = x
                    }
                    for (x = 0, z = y.length, g = 0 < g ? g : 1; x < z; x += g) r(y.slice(x, (x | 0) + (g | 0)), w)
                }
            }), 0), 85), function(w, y, z) {
                (y = fl((y = m((z = (y = p(w), p(w)), y), w), y)), I)(z, w, y)
            }), 431), function(w, y, z, g) {
                !J(false, y, true, w) && (y = Ii(w), z = y.jN, g = y.A, w.j == w || g == w.hZ && z == w) && (I(y.KJ, w, g.apply(z, y.O)), w.o = w.T())
            }), 254), function(w, y) {
                rH((y = m(p(w), w), w.j), y)
            }), U).IO = 0, 246), U, 0), 71), function(w, y) {
                w = m((y = p(w), y), w.j), w[0].removeEventListener(w[1], w[2], Z)
            }), b(U, 468, function(w, y, z) {
                z = (y = p(w), p(w)), I(z, w, "" + m(y, w))
            }), U), 58, function(w, y, z, g) {
                g = (y = m((z = (g = p(w), p(w)), z), w), m(g, w)), I(z, w, y + g)
            }), 449), function(w) {
                l4(w, 3)
            }), [Ou]), U), d), c], U), [jD, h]), U), true))
        },
        hi = function(h, U) {
            return U = U.create().shift(), h.v.create().length || h.P.create().length || (h.v = void 0, h.P = void 0), U
        },
        SD = function(h, U, c, Y, A, w, y, z) {
            return (z = W[h.H]((U = [-74, 93, -46, -30, 9, -35, U, -89, (w = Gq, y = Y & 7, 40), 87], h.Qc)), z)[h.H] = function(g) {
                A = (y += 6 + 7 * Y, y &= 7, g)
            }, z.concat = function(g) {
                return (g = (A = (g = (g = c % 16 + 1, 3 * c * c * g + U[y + 27 & 7] * c * g + (w() | 0) * g + 54 * A * A - 162 * c * c * A - 5022 * c * A) - g * A - -4752 * A + y, void 0), U[g]), U)[(y + 45 & 7) + (Y & 2)] = g, U[y + (Y & 2)] = 93, g
            }, z
        },
        rH = function(h, U) {
            I(108, h, (h.yc.push(h.K.slice()), h.K[108] = void 0, U))
        },
        m = function(h, U) {
            if (void 0 === (U = U.K[h], U)) throw [R, 30, h];
            if (U.value) return U.create();
            return U.create(3 * h * h + 93 * h + -88), U.prototype
        },
        Ii = function(h, U, c, Y, A, w) {
            for (Y = p((c = ((A = (w = h[F$] || {}, p)(h), w.KJ = p(h), w).O = [], h.j == h ? (N(h) | 0) - 1 : 1), h)), U = 0; U < c; U++) w.O.push(p(h));
            for (; c--;) w.O[c] = m(w.O[c], h);
            return (w.jN = m(Y, h), w).A = m(A, h), w
        },
        v = function(h, U, c, Y, A, w, y, z, g, r, x, M, O, S) {
            if (y = m(108, c), y >= c.Z) throw [R, 31];
            for (O = (g = (S = y, c).Zs.length, U), z = 0; 0 < O;) A = S >> 3, M = S % 8, w = c.W[A], r = 8 - (M | 0), r = r < O ? r : O, h && (Y = c, Y.J != S >> 6 && (Y.J = S >> 6, x = m(142, Y), Y.D = Ri(Y.J, [0, 0, x[1], x[2]], Y.U)), w ^= c.D[A & g]), S += r, z |= (w >> 8 - (M | 0) - (r | 0) & (1 << r) - 1) << (O | 0) - (r | 0), O -= r;
            return I(108, c, (h = z, (y | 0) + (U | 0))), h
        },
        DN = function(h, U, c, Y) {
            for (; h.h.length;) {
                c = (h.L = null, h.h.pop());
                try {
                    Y = yF(h, c)
                } catch (A) {
                    E(h, A)
                }
                if (U && h.L) {
                    (U = h.L, U)(function() {
                        V(h, true, true)
                    });
                    break
                }
            }
            return Y
        },
        V = function(h, U, c, Y, A, w) {
            if (h.h.length) {
                h.i = (h.i && 0(), true), h.Fu = c;
                try {
                    w = h.T(), h.C = w, h.o = w, h.R = 0, Y = DN(h, c), A = h.T() - h.C, h.s += A, A < (U ? 0 : 10) || 0 >= h.B-- || (A = Math.floor(A), h.V.push(254 >= A ? A : 254))
                } finally {
                    h.i = false
                }
                return Y
            }
        },
        Hv = function(h, U) {
            (U.push(h[0] << 24 | h[1] << 16 | h[2] << 8 | h[3]), U).push(h[4] << 24 | h[5] << 16 | h[6] << 8 | h[7]), U.push(h[8] << 24 | h[9] << 16 | h[10] << 8 | h[11])
        },
        M9 = function(h, U, c) {
            return (c = W[h.H](h.Hs), c)[h.H] = function() {
                return U
            }, c.concat = function(Y) {
                U = Y
            }, c
        },
        Ri = function(h, U, c, Y, A) {
            for (A = (U = U[Y = U[2] | 0, 3] | 0, 0); 14 > A; A++) h = h >>> 8 | h << 24, h += c | 0, c = c << 3 | c >>> 29, h ^= Y + 1890, U = U >>> 8 | U << 24, U += Y | 0, c ^= h, Y = Y << 3 | Y >>> 29, U ^= A + 1890, Y ^= U;
            return [c >>> 24 & 255, c >>> 16 & 255, c >>> 8 & 255, c >>> 0 & 255, h >>> 24 & 255, h >>> 16 & 255, h >>> 8 & 255, h >>> 0 & 255]
        },
        J = function(h, U, c, Y, A, w, y, z, g) {
            if (((((w = (g = (A = (c || Y.R++, 0 < Y.N && Y.i && Y.Fu && 1 >= Y.u && !Y.v && !Y.L && (!c || 1 < Y.G - U) && 0 == document.hidden), z = (y = 4 == Y.R) || A ? Y.T() : Y.o, z) - Y.o, g >> 14), Y).U && (Y.U ^= w * (g << 2)), Y).Y += w, Y).j = w || Y.j, y) || A) Y.o = z, Y.R = 0;
            if (!A || z - Y.C < Y.N - (h ? 255 : c ? 5 : 2)) return false;
            return !(((I((h = m(c ? 168 : 108, (Y.G = U, Y)), 108), Y, Y.Z), Y.h).push([VF, h, c ? U + 1 : U]), Y).L = K, 0)
        },
        xC = function(h, U, c, Y) {
            return (Y = t[h.substring(0, 3) + "_"]) ? Y(h.substring(3), U, c) : Ai(U, h)
        },
        l4 = function(h, U, c, Y, A) {
            q(h, ((c = m((Y = (c = p((A = U & 3, U &= 4, h)), p(h)), c), h), U) && (c = wH("" + c)), A && q(h, Y, u(c.length, 2)), Y), c)
        },
        ai = function(h, U, c) {
            if (3 == h.length) {
                for (c = 0; 3 > c; c++) U[c] += h[c];
                for (c = [13, 8, 13, 12, 16, (h = 0, 5), 3, 10, 15]; 9 > h; h++) U[3](U, h % 3, c[h])
            }
        },
        t, f = this || self,
        Z = {
            passive: true,
            capture: true
        },
        QF = function(h, U, c, Y) {
            q(h, (c = p((Y = p(h), h)), c), u(m(Y, h), U))
        },
        cv = function(h) {
            return h
        },
        fl = function(h, U, c) {
            if ((c = typeof h, "object") == c)
                if (h) {
                    if (h instanceof Array) return "array";
                    if (h instanceof Object) return c;
                    if ("[object Window]" == (U = Object.prototype.toString.call(h), U)) return "object";
                    if ("[object Array]" == U || "number" == typeof h.length && "undefined" != typeof h.splice && "undefined" != typeof h.propertyIsEnumerable && !h.propertyIsEnumerable("splice")) return "array";
                    if ("[object Function]" == U || "undefined" != typeof h.call && "undefined" != typeof h.propertyIsEnumerable && !h.propertyIsEnumerable("call")) return "function"
                } else return "null";
            else if ("function" == c && "undefined" == typeof h.call) return "object";
            return c
        },
        u4 = function(h, U) {
            return W[h](W.prototype, {
                call: U,
                console: U,
                floor: U,
                replace: U,
                stack: U,
                splice: U,
                document: U,
                pop: U,
                propertyIsEnumerable: U,
                length: U,
                prototype: U,
                parent: U
            })
        },
        K = f.requestIdleCallback ? function(h) {
            requestIdleCallback(function() {
                h()
            }, {
                timeout: 4
            })
        } : f.setImmediate ? function(h) {
            setImmediate(h)
        } : function(h) {
            setTimeout(h, 0)
        },
        X$ = function(h, U) {
            return (U = N(h), U) & 128 && (U = U & 127 | N(h) << 7), U
        },
        N = function(h) {
            return h.v ? hi(h, h.P) : v(true, 8, h)
        },
        u = function(h, U, c, Y) {
            for (c = (Y = (U | 0) - 1, []); 0 <= Y; Y--) c[(U | 0) - 1 - (Y | 0)] = h >> 8 * Y & 255;
            return c
        },
        H = function(h, U) {
            U.h.splice(0, 0, h)
        },
        ZN = function(h, U, c, Y) {
            try {
                Y = h[((U | 0) + 2) % 3], h[U] = (h[U] | 0) - (h[((U | 0) + 1) % 3] | 0) - (Y | 0) ^ (1 == U ? Y << c : Y >>> c)
            } catch (A) {
                throw A;
            }
        },
        vv = function(h, U, c, Y, A, w) {
            if (!h.F) {
                h.u++;
                try {
                    for (A = (Y = (c = 0, h.Z), void 0); --U;) try {
                        if ((w = void 0, h).v) A = hi(h, h.v);
                        else {
                            if ((c = m(108, h), c) >= Y) break;
                            A = (w = (I(168, h, c), p(h)), m(w, h))
                        }
                        J(false, (A && A[N9] & 2048 ? A(h, U) : X([R, 21, w], h, 0), U), false, h)
                    } catch (y) {
                        m(369, h) ? X(y, h, 22) : I(369, h, y)
                    }
                    if (!U) {
                        if (h.vs) {
                            vv(h, (h.u--, 446149057662));
                            return
                        }
                        X([R, 33], h, 0)
                    }
                } catch (y) {
                    try {
                        X(y, h, 22)
                    } catch (z) {
                        E(h, z)
                    }
                }
                h.u--
            }
        },
        yF = function(h, U, c, Y, A) {
            if (c = U[0], c == B) h.B = 25, h.I(U);
            else if (c == n) {
                Y = U[1];
                try {
                    A = h.F || h.I(U)
                } catch (w) {
                    E(h, w), A = h.F
                }
                Y(A)
            } else if (c == VF) h.I(U);
            else if (c == d) h.I(U);
            else if (c == jD) {
                try {
                    for (A = 0; A < h.X.length; A++) try {
                        Y = h.X[A], Y[0][Y[1]](Y[2])
                    } catch (w) {}
                } catch (w) {}(0, U[1])((h.X = [], function(w, y) {
                    h.g(w, true, y)
                }), function(w) {
                    (w = !h.h.length, H([N9], h), w) && V(h, false, true)
                })
            } else {
                if (c == D) return A = U[2], I(371, h, U[6]), I(408, h, A), h.I(U);
                c == N9 ? (h.W = [], h.K = null, h.V = []) : c == Ou && "loading" === f.document.readyState && (h.L = function(w, y) {
                    function z() {
                        y || (y = true, w())
                    }(y = false, f).document.addEventListener("DOMContentLoaded", z, Z), f.addEventListener("load", z, Z)
                })
            }
        },
        F$ = String.fromCharCode(105, 110, 116, 101, 103, 67, 104, 101, 99, 107, 66, 121, 112, 97, 115, 115),
        d = ((T.prototype.oO = void 0, (T.prototype.vs = false, T).prototype).Ws = void 0, []),
        Ou = (T.prototype.l = "toString", []),
        B = [],
        n = [],
        VF = [],
        N9 = [],
        R = {},
        D = [],
        jD = [],
        W = ((Hv, e, ZN, function() {})(ai), R.constructor),
        Gq = ((((k = (T.prototype.H = "create", T.prototype), k).EB = function() {
            return Math.floor(this.s + (this.T() - this.C))
        }, k).T = (window.performance || {}).now ? function() {
            return this.tZ + window.performance.now()
        } : function() {
            return +new Date
        }, k).pJ = function(h, U, c) {
            return ((U = (U ^= U << 13, U ^= U >> 17, (U ^ U << 5) & c)) || (U = 1), h) ^ U
        }, k.JZ = function() {
            return Math.floor(this.T())
        }, void 0),
        q9 = (((k.g = function(h, U, c, Y, A) {
            if ((c = "array" === fl(c) ? c : [c], this).F) h(this.F);
            else try {
                Y = [], A = !this.h.length, H([B, Y, c], this), H([n, h, Y], this), U && !A || V(this, true, U)
            } catch (w) {
                E(this, w), h(this.F)
            }
        }, k.Ps = function(h, U, c, Y, A, w) {
            for (Y = w = 0, c = []; Y < h.length; Y++)
                for (w += U, A = A << U | h[Y]; 7 < w;) w -= 8, c.push(A >> w & 255);
            return c
        }, k).UB = function(h, U, c, Y, A) {
            for (A = Y = 0; Y < h.length; Y++) A += h.charCodeAt(Y), A += A << 10, A ^= A >> 6;
            return Y = new(h = (A += A << 3, A ^= A >> 11, A) + (A << 15) >>> 0, Number)(h & (1 << U) - 1), Y[0] = (h >>> U) % c, Y
        }, T.prototype).I = function(h, U) {
            return U = (h = {}, Gq = function() {
                    return h == U ? -88 : -31
                }, {}),
                function(c, Y, A, w, y, z, g, r, x, M, O, S, C, Q, F) {
                    h = (z = h, U);
                    try {
                        if (M = c[0], M == d) {
                            C = c[1];
                            try {
                                for (w = (Y = (S = atob(C), Q = [], 0), 0); w < S.length; w++) g = S.charCodeAt(w), 255 < g && (Q[Y++] = g & 255, g >>= 8), Q[Y++] = g;
                                I(142, this, (this.Z = (this.W = Q, this.W).length << 3, [0, 0, 0]))
                            } catch (a) {
                                X(a, this, 17);
                                return
                            }
                            vv(this, 8001)
                        } else if (M == B) c[1].push(m(419, this), m(23, this).length, m(158, this).length, m(190, this).length), I(408, this, c[2]), this.K[366] && pl(this, m(366, this), 8001);
                        else {
                            if (M == n) {
                                this.j = (F = u((m(158, (Y = c[2], this)).length | 0) + 2, 2), x = this.j, this);
                                try {
                                    A = m(418, this), 0 < A.length && q(this, 158, u(A.length, 2).concat(A), 10), q(this, 158, u(this.Y, 1), 109), q(this, 158, u(this[n].length, 1)), S = 0, S += m(385, this) & 2047, y = m(23, this), S -= (m(158, this).length | 0) + 5, 4 < y.length && (S -= (y.length | 0) + 3), 0 < S && q(this, 158, u(S, 2).concat(e(S)), 15), 4 < y.length && q(this, 158, u(y.length, 2).concat(y), 156)
                                } finally {
                                    this.j = x
                                }
                                if (O = (((w = e(2).concat(m(158, this)), w)[1] = w[0] ^ 6, w)[3] = w[1] ^ F[0], w[4] = w[1] ^ F[1], this.wd(w))) O = "!" + O;
                                else
                                    for (S = 0, O = ""; S < w.length; S++) r = w[S][this.l](16), 1 == r.length && (r = "0" + r), O += r;
                                return m((m(158, (m(23, (I(419, this, (Q = O, Y.shift())), this)).length = Y.shift(), this)).length = Y.shift(), 190), this).length = Y.shift(), Q
                            }
                            if (M == VF) pl(this, c[1], c[2]);
                            else if (M == D) return pl(this, c[1], 8001)
                        }
                    } finally {
                        h = z
                    }
                }
        }(), /./),
        su, Kl = (T.prototype[T.prototype.wd = (T.prototype.cs = 0, T.prototype.T3 = 0, function(h, U, c, Y) {
            if (c = window.btoa) {
                for (Y = "", U = 0; U < h.length; U += 8192) Y += String.fromCharCode.apply(null, h.slice(U, U + 8192));
                h = c(Y).replace(/\+/g, "-").replace(/\//g, "_").replace(/=/g, "")
            } else h = void 0;
            return h
        }), jD] = [0, 0, 1, 1, 0, 1, 1], d).pop.bind(T.prototype[B]),
        oi = function(h, U) {
            return (U = YC()) && 1 === h.eval(U.createScript("1")) ? function(c) {
                return U.createScript(c)
            } : function(c) {
                return "" + c
            }
        }((su = u4((q9[T.prototype.l] = Kl, T.prototype).H, {get: Kl
        }), T.prototype.rd = void 0, f));
    (40 < (t = f.botguard || (f.botguard = {}), t).m || (t.m = 41, t.bg = Tq, t.a = xC), t).YBO_ = function(h, U, c) {
        return c = new T(h, U), [function(Y) {
            return mu(Y, c)
        }]
    };
}).call(this);
                                    

Executed Writes (3)

#1 JavaScript::Write (size: 6236, repeated: 1) - SHA256: d249a4eef0a62f30ff9421ce0718012c739017f1b09ba8952618e70ca413d3a4

                                        < !DOCTYPE html >
    < html >
    < head >
    < link rel = "stylesheet"
href = "https://fonts.googleapis.com/css?family=Noto+Sans:400,700&subset=latin-ext&display=swap" > < /link> < style >
    * {
        font - family: 'Noto Sans', sans - serif;
        box - sizing: border - box; - webkit - font - smoothing: antialiased; - moz - osx - font - smoothing: grayscale; - webkit - tap - highlight - color: transparent;
    }
body {
    margin: 0;
} < /style> < style data - emotion = "css-global 1yzzujv" > .css - 1 yzzujv {
        max - width: 100 % ;
        position: absolute;
        bottom: 0;
        z - index: 2;
        display: -webkit - box;
        display: -webkit - flex;
        display: -ms - flexbox;
        display: flex; - webkit - align - items: flex - end; - webkit - box - align: flex - end; - ms - flex - align: flex - end;
        align - items: flex - end;
        will - change: width, height, transform, opacity; - webkit - backface - visibility: hidden;
        backface - visibility: hidden;
        padding: 0.5e m 0.5e m 1e m 1e m;
        right: 0; - webkit - box - pack: end; - ms - flex - pack: end; - webkit - justify - content: flex - end;
        justify - content: flex - end;
        --primary - color: #2000F0;--secondary-color:# FFFFFF;
        --tertiary - color: # E3E3E3;
    } < /style><style data-emotion="css-global 1aasxu6">.css-1aasxu6{display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;-webkit-flex-direction:column;-ms-flex-direction:column;flex-direction:column;min-width:0;--primary-color:#2000F0;--secondary-color:#FFFFFF;--tertiary-color:#E3E3E3;}</style > < style data - emotion = "css-global 1g9ek8d" > .css - 1 g9ek8d {
        display: -webkit - box;display: -webkit - flex;display: -ms - flexbox;display: flex;min - width: 0;--primary - color: #2000F0;--secondary-color:# FFFFFF;--tertiary - color: # E3E3E3;
    } < /style><style data-emotion="css-global 197w67f">.css-197w67f{display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;width:60px;height:60px;box-shadow:0 4px 12px rgba(0,0,0,0.3);border-radius:50%;background:#FFFFFF;-webkit-box-pack:center;-ms-flex-pack:center;-webkit-justify-content:center;justify-content:center;margin-left:auto;--primary-color:#2000F0;--secondary-color:#FFFFFF;--tertiary-color:#E3E3E3;position:relative;background:var(--primary-color);color:#FFFFFF;background-color:#16C935;}.css-197w67f:hover{cursor:pointer;}</style > < style data - emotion = "css-global 2jkngm" > .css - 2 jkngm {
        -webkit - appearance: none; - moz - appearance: none; - ms - appearance: none;
        appearance: none;
        background: transparent;
        border: 0;
        display: inline - block;
        margin: 0;
        padding: 0.5e m;
        color: inherit;
        cursor: pointer;
        --primary - color: #2000F0;--secondary-color:# FFFFFF;
        --tertiary - color: # E3E3E3;
        padding: 0.5e m;
        padding: 0;
        display: -webkit - box;
        display: -webkit - flex;
        display: -ms - flexbox;
        display: flex; - webkit - box - pack: center; - ms - flex - pack: center; - webkit - justify - content: center;
        justify - content: center; - webkit - align - items: center; - webkit - box - align: center; - ms - flex - align: center;
        align - items: center;
        border - radius: 6 px;
        --primary - color: #2000F0;--secondary-color:# FFFFFF;
        --tertiary - color: # E3E3E3;
        padding: 0;
        width: 100 % ;
        display: -webkit - box;
        display: -webkit - flex;
        display: -ms - flexbox;
        display: flex; - webkit - box - pack: center; - ms - flex - pack: center; - webkit - justify - content: center;
        justify - content: center; - webkit - align - items: center; - webkit - box - align: center; - ms - flex - align: center;
        align - items: center;
    }.css - 2 jkngm: disabled {
        cursor: not - allowed;
    } < /style><style data-emotion="css-global eiheq7">.css-eiheq7{position:relative;display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;width:32px;height:32px;-webkit-align-items:center;-webkit-box-align:center;-ms-flex-align:center;align-items:center;-webkit-box-pack:center;-ms-flex-pack:center;-webkit-justify-content:center;justify-content:center;--primary-color:#2000F0;--secondary-color:#FFFFFF;--tertiary-color:#E3E3E3;}</style > < style data - emotion = "css-global 1mpchac" > .css - 1 mpchac {
        display: inline - block; - webkit - flex - shrink: 0; - ms - flex - negative: 0;flex - shrink: 0;width: 1e m;height: 1e m;font - size: 2 rem; - webkit - user - select: none; - moz - user - select: none; - ms - user - select: none;user - select: none;fill: currentColor;
    } < /style><style data-emotion="css-global 1adcsh3">.css-1adcsh3{opacity:1;-webkit-transform:scale(1);-moz-transform:scale(1);-ms-transform:scale(1);transform:scale(1);transform-origin:50% 50%;-webkit-transition:200ms cubic-bezier(0.18, 0.89, 0.32, 1.28) 50ms;transition:200ms cubic-bezier(0.18, 0.89, 0.32, 1.28) 50ms;--primary-color:#2000F0;--secondary-color:#FFFFFF;--tertiary-color:#E3E3E3;}</style > < style data - emotion = "css-global 1o92iqh" > .css - 1 o92iqh {
        position: absolute;z - index: 1;left: 0;right: 0;bottom: 1 px; - webkit - transition: opacity 150 ms cubic - bezier(0.33, 0, 0.67, 1) 50 ms;transition: opacity 150 ms cubic - bezier(0.33, 0, 0.67, 1) 50 ms;display: -webkit - box;display: -webkit - flex;display: -ms - flexbox;display: flex;width: 32 px;height: 32 px; - webkit - align - items: center; - webkit - box - align: center; - ms - flex - align: center;align - items: center; - webkit - box - pack: center; - ms - flex - pack: center; - webkit - justify - content: center;justify - content: center;opacity: 0;--primary - color: #2000F0;--secondary-color:# FFFFFF;--tertiary - color: # E3E3E3;
    } < /style><style data-emotion="css "></style >
    < /head> < body > < div dir = "ltr"
role = "main"
data - lc - id = "0"
data - lc - event = "mouseover:s81oq5gw92;focus:6c6ebobwcbi;blur:jg6zegzsosp"
class = "css-1yzzujv eqd5v0k0" > < div class = "css-1aasxu6 ek650k30" > < div class = "css-1g9ek8d e108e6fy0" > < /div><div class="css-1g9ek8d e108e6fy0"><div data-lc-id="1" data-lc-event="click:k5c9cevh28r;mouseleave:lxwikwm6z0a;mouseenter:icjw2hm5pwd;focus:4riuxm4buaw;blur:ssk5267d3r" class="css-197w67f e1ybl9g10"><button aria-label="Open LiveChat chat widget" data-lc-id="2" data-lc-event="click:lrakaati6t;focus:9xwb6fahqw;blur:1o005ln0ggs" class="e1mwfyk10 css-2jkngm e1m5b1js0" type="button"><div aria-hidden="true" class="css-eiheq7 e1dmt1bi1"><svg color="inherit" viewBox="0 0 32 32" class="css-1mpchac"><path fill="#3B326F" d="M12.63,26.46H8.83a6.61,6.61,0,0,1-6.65-6.07,89.05,89.05,0,0,1,0-11.2A6.5,6.5,0,0,1,8.23,3.25a121.62,121.62,0,0,1,15.51,0A6.51,6.51,0,0,1,29.8,9.19a77.53,77.53,0,0,1,0,11.2,6.61,6.61,0,0,1-6.66,6.07H19.48L12.63,31V26.46"></path > < path fill = "#16C935"
d = "M19.57,21.68h3.67a2.08,2.08,0,0,0,2.11-1.81,89.86,89.86,0,0,0,0-10.38,1.9,1.9,0,0,0-1.84-1.74,113.15,113.15,0,0,0-15,0A1.9,1.9,0,0,0,6.71,9.49a74.92,74.92,0,0,0-.06,10.38,2,2,0,0,0,2.1,1.81h3.81V26.5Z"
class = "css-1adcsh3 e1nep2br0" > < /path></svg > < div class = "css-1o92iqh e1dmt1bi0" > < /div></div > < /button></div > < /div></div > < /div></body >
    < /html>
                                    

#2 JavaScript::Write (size: 190, repeated: 1) - SHA256: 743f6492a5beb847167322304f93922a25b48b4fda556b6039418e53930e9df1

                                        <!-- AppNexus Sync pixel START--><img src="https://secure.adnxs.com/getuidnb?https%3A//zz.connextra.com/sync/data/uid/3bc1d7fd2e/%24UID" width="1" height="1"/><!--AppNexus Sync pixel: END-->
                                    

#3 JavaScript::Write (size: 184, repeated: 1) - SHA256: 9e1c99833a39f42fdcc131a611c618bdda2e0854ac5842b13d55747d0fb2b8ca

                                        <!-- Segment Pixel - BizzoCasino Homepage - DO NOT MODIFY --> <script src="https://secure.adnxs.com/seg?add=30624960&t=1" type="text/javascript"></script> <!-- End of Segment Pixel -->
                                    


HTTP Transactions (161)


Request Response
                                        
                                            GET /tournaments/awesome-christmas-race HTTP/1.1 
Host: bizzoreg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         172.67.68.203
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Date: Mon, 19 Sep 2022 15:04:24 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://bizzoreg.com/tournaments/awesome-christmas-race
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V55l8Bk3hAyU6lnK6nZu2dU9LmwzS3y%2BWwyDMvF1%2FDxM4geQTSra%2FaymwAFMmB%2FVYWFtGod%2FaKk8w%2FGtzIUz6uYKUb50KgbfYvn2l9rp6XsZKURFlh5ordUEwV32fQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74d336b0a9bd0b69-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   178
Md5:    bd2695f4b079c71dbddde3436286fb9c
Sha1:   733c05da132193d6cf1d8e242d12e2525c03bab4
Sha256: 2e04a18ff185ba5b16f762a0538339bc4049aceaef9738edd43af77d2ceb788b
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 19 Sep 2022 14:12:42 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: --UxucnYGY__E5dU_fQ5tHgGJQCyW0wg7NY62kgqlHVwLsVNfpnKZQ==
Age: 3102


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    99b7d23c1748d0526782b9ff9ea45f09
Sha1:   eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
Sha256: 48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "5C706B2718B1698995F4FEB91223779AEF4BF6DC967C31F9EF9A93873197D5F9"
Last-Modified: Sun, 18 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9955
Expires: Mon, 19 Sep 2022 17:50:19 GMT
Date: Mon, 19 Sep 2022 15:04:24 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.110
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 19 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: V_PfeItT6jEDWG7uILBWTNRRZMdgJhQ_FmCzUztcdbFwA3S8AsBMyQ==
age: 37751
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Mon, 19 Sep 2022 15:04:24 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /tournaments/awesome-christmas-race HTTP/1.1 
Host: bizzoreg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         104.26.2.121
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                        
date: Mon, 19 Sep 2022 15:04:24 GMT
location: https://bizzocasino.com/tournaments/awesome-christmas-race
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HcLXHoJ1WrQ1LSkTh9QHrQAcK%2FBOh79UEAIKMibwTSGMYC8LJyNuLyXasFy99FZGz5VGVH9ZMZ%2B0JdRQiEdi%2BM64254cyzo5qIch%2FKCpI5p7kdEMS%2B3q3BX%2FT%2FEhaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74d336b26f24b517-OSL
X-Firefox-Spdy: h2

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Mon, 19 Sep 2022 15:03:22 GMT
Expires: Mon, 19 Sep 2022 15:04:47 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ueX78qIcSo6KEKBMNFy7FM7Ivr57apZqOA2rOZAISlUEyRBGzbb9HA==
Age: 63


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5222
Cache-Control: 'max-age=158059'
Date: Mon, 19 Sep 2022 15:04:25 GMT
Last-Modified: Mon, 19 Sep 2022 13:37:23 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /assets/loader.gif HTTP/1.1 
Host: bizzocasino.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/tournaments/awesome-christmas-race
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.26.8.22
HTTP/2 200 OK
content-type: image/gif
                                        
date: Mon, 19 Sep 2022 15:04:25 GMT
content-length: 226410
last-modified: Thu, 15 Sep 2022 08:45:39 GMT
etag: "6322e633-3746a"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5261
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kgzeZ5i719XubuF%2FaU5eWUgoZH55ndu7w1J4pelbyDCmBCGVRa5dS0ZaZXv68o4PbtzOywAUZwZLb8xW8QLfQDSHxR9FsZUUvUd7yUEh7zsydnk9cpHhTpIgH3Smc3bDSw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d336b75c850b39-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 300 x 300\012- data
Size:   226410
Md5:    53684e7cd922afc2ada4d7a223ca2cf1
Sha1:   69bfbb4a548cd152977cd6d004863e4d4c9e7272
Sha256: 4aa82add5b485c28e85dcc9162fa5d279fdcb306e9c417667f842d0edc345f1b
                                        
                                            GET /app/main.50fcf697708e7845.css HTTP/1.1 
Host: bizzocasino.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/tournaments/awesome-christmas-race
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.26.8.22
HTTP/2 200 OK
content-type: text/css
                                        
date: Mon, 19 Sep 2022 15:04:25 GMT
last-modified: Thu, 15 Sep 2022 08:45:33 GMT
vary: Accept-Encoding
etag: W/"6322e62d-31a9"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3346
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fPqkp%2FHccc%2Fu0qxan1zls%2FpH6kMSFSRNmATSsGFruxfIHJAiOZI3nOAHjiZJwUUSQJjELwWI1hGkTmAC1El7%2F46zloaAD9MeURv0wjeBvf%2FF2NxXDG1VJCMdcck6qO2koA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74d336b74c800b39-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (12713), with no line terminators
Size:   3161
Md5:    c950cc65a7da38325f8d2b6d1be5744c
Sha1:   12f21f4b4ed464a0ee98aa18b4d085f6fb66f02a
Sha256: 120697fd517dbb0fb016a7de746a07e11a6a5581fe53e709bc416192e464bd60
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 19 Sep 2022 15:04:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4388
Cache-Control: 'max-age=158059'
Date: Mon, 19 Sep 2022 15:04:25 GMT
Last-Modified: Mon, 19 Sep 2022 13:51:17 GMT
Server: ECS (amb/6BA7)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4389
Cache-Control: 'max-age=158059'
Date: Mon, 19 Sep 2022 15:04:25 GMT
Last-Modified: Mon, 19 Sep 2022 13:51:16 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 278

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 19 Sep 2022 15:04:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 19 Sep 2022 15:04:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         143.204.42.156
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 19 Sep 2022 15:04:25 GMT
Last-Modified: Mon, 19 Sep 2022 14:07:10 GMT
Server: ECS (nyb/1D2F)
X-Cache: Miss from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: C428u7FUXS7KhmG7x5AjZKhWfLdxfqPE5YALeyXjQAo0Y3Nd7ieliA==
Age: 3435

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Q6G6ZW0tzVUHJpPErrQnfQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         52.89.17.198
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: f8rvjqxWw6oTixMo2stPcJkgAWk=

                                        
                                            GET /dist/tag-manager.js?id=STM-AAAALW HTTP/1.1 
Host: tm.ads.sportradar.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: application/javascript
                                        
apigw-requestid: Ythzeh25joEEJVQ=
vary: Accept-Encoding
content-encoding: gzip
content-length: 37167
date: Mon, 19 Sep 2022 15:04:25 GMT
cache-control: max-age=900, public
x-n: S
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (62063)
Size:   37167
Md5:    bd4292ddbc63f9243a33edcc270bb481
Sha1:   17614ee4c63d3d263411789464323b3a83827ef1
Sha256: 2976e049043d50dc0014df9e9856efb89b57d30e71ef4a600175e917e713f88d
                                        
                                            GET /sealassets/2c300a296a6c27752d43830f04f89cc1-bizzocasino.com-f5faf6d82a7be2057527120fa49724355adf2a8c973918d432fa7b70160234e717ac6b01358f27fc0aff52358b79fb11-c3ByaXRlLXNlYWwucG5n?status=valid HTTP/1.1 
Host: c4457c89-e5ba-4d22-92e5-c2959310ee85.snippet.antillephone.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.111.125
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 49397
date: Mon, 19 Sep 2022 15:04:25 GMT
x-powered-by: Express
cache-control: max-age=1200
etag: W/"c0f5-y5nfd/SGXZwvKHU5pcpHTPdvfQk"
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74d336b91f3b9196-FRA
x-cache: Miss from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: wvn5oeXLwz-K88wmUkEWYcAYgaH4nHjFPuzPbn8qvrLPb4smLA3pYA==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 512 x 256, 8-bit/color RGBA, non-interlaced\012- data
Size:   49397
Md5:    8ef6782be55b8ce8f5b132d28af8e0d0
Sha1:   cb99df77f4865d9c2f287539a5ca474cf76f7d09
Sha256: d614922fde9604f8899e47f3cc3d69bf952312b996f7cf1421163996710850fa
                                        
                                            GET /sealassets/2c300a296a6c27752d43830f04f89cc1-bizzocasino.com-f5faf6d82a7be2057527120fa49724355adf2a8c973918d432fa7b70160234e717ac6b01358f27fc0aff52358b79fb11-c3BhY2VyLXNwcml0ZS5wbmc%3D HTTP/1.1 
Host: c4457c89-e5ba-4d22-92e5-c2959310ee85.snippet.antillephone.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.111.125
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 95
date: Mon, 19 Sep 2022 15:04:25 GMT
x-powered-by: Express
cache-control: max-age=1200
etag: W/"5f-NEKpX+iQzkdps2suzGEbgBpUz7U"
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74d336b90cdf90a0-FRA
x-cache: Miss from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: NjuiiafyQFUXkeWm1enqhKbwq9nTd8bWBDFhhwK_9ajnZd9_AWuWZQ==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Size:   95
Md5:    9591c410148e6883727c5339fd1c02cd
Sha1:   3442a95fe890ce4769b36b2ecc611b801a54cfb5
Sha256: cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /gtm.js?id=GTM-5W7F767 HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.72
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 19 Sep 2022 15:04:25 GMT
expires: Mon, 19 Sep 2022 15:04:25 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 51682
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (16180)
Size:   51682
Md5:    06cd9f12fcd30d37dc49cdd977b71755
Sha1:   fa11cdc8d915f2d6e732a96c25071a29bfc37020
Sha256: eea1873d1bbb737147dbf101af09516fbebab89550d8bcd052cce264b44c9ec2
                                        
                                            GET /7693683943e78a298c36d469e68b47d8/widgetloader HTTP/1.1 
Host: ws-cdn001.akamaized.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.77.10
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
content-security-policy: frame-ancestors 'self' https://st-cdn001.akamaized.net https://ls-cdn001.akamaized.net
cache-control: public, max-age=120, stale-while-revalidate=60, immutable
etag: "306bfe6b6916e111836fb396f70a843a-754578303ae0238921f01b46ae560020"
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
x-ing-v: 2
content-length: 59011
date: Mon, 19 Sep 2022 15:04:25 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (40429)
Size:   59011
Md5:    b1f2f1694f0d99e15d279579d4e92845
Sha1:   fa15750351b1f94b4fc89f8de2a93670be59adeb
Sha256: 5f2391a92bf63b63c7140a244058e7a9db8bbd1de1d1f9677d892c72676d0b17
                                        
                                            GET /assets/track-eu.js HTTP/1.1 
Host: assets.customer.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.79
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Fri, 09 Sep 2022 22:30:24 GMT
server: AmazonS3
content-encoding: gzip
date: Mon, 19 Sep 2022 00:59:53 GMT
etag: W/"cfc1adde4168cb9cdaba4a2ea6da00b2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8j5w2j2TDO2LmCA-r05_LW4eYfQpTfiuuDObu2vmMhfbK9Svgw5yQQ==
age: 50681
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   4439
Md5:    4dc7c5a44c8b16097503150136f0201a
Sha1:   a08a38a1f84ca2ba2fe1c26b107b74e49112855f
Sha256: 8d3773b09551d427e636072bac9708db79069bdda9388d073daf8581ea613219
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 19 Sep 2022 15:04:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bizzocasino.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 19:32:09 GMT
expires: Thu, 14 Sep 2023 19:32:09 GMT
cache-control: public, max-age=31536000
age: 415936
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Size:   7884
Md5:    9212f6f9860f9fc6c69b02fedf6db8c3
Sha1:   ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
Sha256: 7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
                                        
                                            GET /public/sg.js HTTP/1.1 
Host: casino.cur.a8r.games
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.64.145.200
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
                                        
date: Mon, 19 Sep 2022 15:04:25 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 19 Sep 2022 13:53:37 GMT
cf-cache-status: HIT
age: 4219
expires: Mon, 19 Sep 2022 19:04:25 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 74d336b7ddf20afa-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   2693
Md5:    bc95d9d416669b89a025aaf61fff0dde
Sha1:   eb9f8dfe346eef73a8a9b8ce29aaced3217bc8e1
Sha256: 0d04b3d4d7bc0ae4908d96f99da2ddf3671474cc7a093ee3d5ed171d3106830d
                                        
                                            GET /dist/tracker.js HTTP/1.1 
Host: tracker.ads.sportradar.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Wed, 20 Jan 2021 14:51:32 GMT
accept-ranges: bytes
server: AmazonS3
etag: "5ff82a1c468a89919e9437d33e0402cb"
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: Mv-8IIBmcp0vFVq9YXTT57-4Gu93F_tfPtH40iL3OhfxGj6YljmI4g==
vary: Accept-Encoding
content-encoding: gzip
content-length: 11553
date: Mon, 19 Sep 2022 15:04:26 GMT
cache-control: max-age=900, public
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (34755)
Size:   11553
Md5:    b34b13d85152f71b7fd15289c78c0583
Sha1:   0bb20191b022bbd0e75f2bbce7f6332886079c2c
Sha256: 7a3fc57394ecc6745eb6e18745aa1e5e5d05cb2237c4d0d754ab43d33863a84c
                                        
                                            GET /tag.php?goal=690f08e992705cf61f1bdfe9b5790416 HTTP/1.1 
Host: main.realsrv.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         95.211.229.245
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Mon, 19 Sep 2022 15:04:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: goals=a%3A1%3A%7Bi%3A95968%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-09-19%22%3B%7D%7D; expires=Tue, 19 Sep 2023 15:04:26 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

                                        
                                            GET /tag.php?goal=690f08e992705cf61f1bdfe9b5790416 HTTP/1.1 
Host: main.exdynsrv.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         95.211.229.245
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Mon, 19 Sep 2022 15:04:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: goals=a%3A1%3A%7Bi%3A95968%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-09-19%22%3B%7D%7D; expires=Tue, 19 Sep 2023 15:04:26 GMT; path=/; domain=.exdynsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

                                        
                                            GET /app/styles.362253d072705118.css HTTP/1.1 
Host: bizzocasino.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/tournaments/awesome-christmas-race
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.26.8.22
HTTP/2 200 OK
content-type: text/css
                                        
date: Mon, 19 Sep 2022 15:04:25 GMT
last-modified: Thu, 15 Sep 2022 08:45:34 GMT
vary: Accept-Encoding
etag: W/"6322e62e-3a4b0"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3346
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CVyMZMBVCDXZOGi7DhzsAkf8WRgpVH3m3uBEHfp4Hs19MNoPIAHVuAUstF26%2FJm%2FtP5lrLwMfiQXMmSTASEFranlMYUM5DNi7jMLX5MWvmbKXDkm11TeKUv8shskcLdbqw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74d336b74c820b39-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   42991
Md5:    0e09bea9134b68cf907db616690d2c84
Sha1:   413f29e7e255f7c00691fbec3dccb418871d5813
Sha256: 84095d8c5d962c1cd2fbf291873144082cce12d7a2e1dd16e7f5194d1f351bab
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "57EB9B5D56663DA08CFB151A0EAC2C2E705C292C393E63B6A3BEC19BCFB77CE0"
Last-Modified: Sun, 18 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10379
Expires: Mon, 19 Sep 2022 17:57:25 GMT
Date: Mon, 19 Sep 2022 15:04:26 GMT
Connection: keep-alive

                                        
                                            GET /dist//sp-2.14.0.js HTTP/1.1 
Host: tracker.ads.sportradar.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Wed, 20 Jan 2021 14:51:32 GMT
accept-ranges: bytes
server: AmazonS3
etag: "8dba669b94e3865c9205ef8fd15ee4d1"
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: 6MAdKqhhdwmf90BjAZCPWoRdIY0PXmNu5YyIRIUIEiZBK48TayCg9w==
vary: Accept-Encoding
content-encoding: gzip
date: Mon, 19 Sep 2022 15:04:26 GMT
content-length: 30370
cache-control: max-age=900, public
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (64903)
Size:   30370
Md5:    44f237857b8d03f32b53fe551e83c95a
Sha1:   91536fe6c60d947d29dfcb5f04d09b752b5ccf03
Sha256: a5e10dc2f3c729300afe8fe24aa430f57d91fdefa8112c0b35dd424ba612caa7
                                        
                                            GET /track.js?e=pageview&u=https%3A%2F%2Fbizzocasino.com%2Ftournaments%2Fawesome-christmas-race&r=&i=DV-4182611165&v=1.0.0&uid=6a7e905c-eb62-459e-9862-d78bef6da200&_nc=1663599846709 HTTP/1.1 
Host: tracker.growthbuddy.app
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         52.31.198.104
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Mon, 19 Sep 2022 15:04:26 GMT
content-length: 0
set-cookie: INGRESSCOOKIE=1663599867.176.103.921248|4755d7349ad2180cc27216e76023fb56; Path=/; Secure; HttpOnly
cache-control: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.entrust.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.110.10.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
ETag: "BBF21E5EE161EC99109483E1147B816CEA42484716030A80CD0D20FE5095A052"
Last-Modified: Mon, 19 Sep 2022 10:00:00 UTC
Content-Length: 1586
Cache-Control: public, no-transform, must-revalidate, max-age=3335
Expires: Mon, 19 Sep 2022 16:00:01 GMT
Date: Mon, 19 Sep 2022 15:04:26 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1586
Md5:    1007b31e01d8090fc5888f3832bf6c07
Sha1:   a73fffa7210ce2ccd4712b77b76b9568e98318d0
Sha256: bbf21e5ee161ec99109483e1147b816cea42484716030a80cd0d20fe5095a052
                                        
                                            POST / HTTP/1.1 
Host: ocsp.entrust.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.110.10.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
ETag: "BBF21E5EE161EC99109483E1147B816CEA42484716030A80CD0D20FE5095A052"
Last-Modified: Mon, 19 Sep 2022 10:00:00 UTC
Content-Length: 1586
Cache-Control: public, no-transform, must-revalidate, max-age=3340
Expires: Mon, 19 Sep 2022 16:00:06 GMT
Date: Mon, 19 Sep 2022 15:04:26 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1586
Md5:    1007b31e01d8090fc5888f3832bf6c07
Sha1:   a73fffa7210ce2ccd4712b77b76b9568e98318d0
Sha256: bbf21e5ee161ec99109483e1147b816cea42484716030a80cd0d20fe5095a052
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 19 Sep 2022 15:04:26 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 18 Sep 2022 12:04:39 GMT
Expires: Sun, 25 Sep 2022 12:04:38 GMT
Etag: "3a5c5dee0ddce0fdd6dec3f518781f45d0a165c1"
Cache-Control: max-age=507011,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74d336bbcc281bfe-OSL

                                        
                                            GET /sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId= HTTP/1.1 
Host: a.sportradarserving.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         52.29.158.178
HTTP/1.1 302 Moved Temporarily
                                        
Cache-Control: no-cache, no-store, must-revalidate
Date: Mon, 19 Sep 2022 15:04:26 GMT
Location: https://a.sportradarserving.com/ul_cb/sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId=
Set-Cookie: zuuid=7306d47b-ed60-4cec-af70-0b993f3d5aeb; path=/; expires=Tue, 19-Sep-2023 15:04:26 GMT; domain=sportradarserving.com; samesite=none; secure c=1663599866; path=/; expires=Tue, 19-Sep-2023 15:04:26 GMT; domain=sportradarserving.com; samesite=none; secure zuuid_lu=1663599866; path=/; expires=Tue, 19-Sep-2023 15:04:26 GMT; domain=sportradarserving.com; samesite=none; secure
Content-Length: 0
Connection: keep-alive

                                        
                                            GET /pixel?type=js&aid=1312&id=3945 HTTP/1.1 
Host: a.sportradarserving.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         52.29.158.178
HTTP/1.1 302 Moved Temporarily
                                        
Cache-Control: no-cache, no-store, must-revalidate
Date: Mon, 19 Sep 2022 15:04:26 GMT
Location: https://a.sportradarserving.com/ul_cb/pixel?type=js&aid=1312&id=3945
Set-Cookie: zuuid=55015eb8-4b75-4e75-9e87-70c7af7bb1e9; path=/; expires=Tue, 19-Sep-2023 15:04:26 GMT; domain=sportradarserving.com; samesite=none; secure c=1663599866; path=/; expires=Tue, 19-Sep-2023 15:04:26 GMT; domain=sportradarserving.com; samesite=none; secure zuuid_lu=1663599866; path=/; expires=Tue, 19-Sep-2023 15:04:26 GMT; domain=sportradarserving.com; samesite=none; secure
Content-Length: 0
Connection: keep-alive

                                        
                                            GET /ul_cb/sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId= HTTP/1.1 
Host: a.sportradarserving.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bizzocasino.com/
Connection: keep-alive
Cookie: zuuid=55015eb8-4b75-4e75-9e87-70c7af7bb1e9; c=1663599866; zuuid_lu=1663599866
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         52.29.158.178
HTTP/1.1 302 Moved Temporarily
                                        
Cache-Control: no-cache, no-store, must-revalidate
Date: Mon, 19 Sep 2022 15:04:26 GMT
Location: https://x.bidswitch.net/syncd?dsp_id=409&user_group=1&user_id=55015eb8-4b75-4e75-9e87-70c7af7bb1e9&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3D55015eb8-4b75-4e75-9e87-70c7af7bb1e9
Set-Cookie: zuuid=55015eb8-4b75-4e75-9e87-70c7af7bb1e9; path=/; expires=Tue, 19-Sep-2023 15:04:26 GMT; domain=sportradarserving.com; samesite=none; secure zuuid_lu=1663599866; path=/; expires=Tue, 19-Sep-2023 15:04:26 GMT; domain=sportradarserving.com; samesite=none; secure zuuid_k=1; path=/; expires=Tue, 19-Sep-2023 15:04:26 GMT; domain=sportradarserving.com; samesite=none; secure zuuid_k_lu=1663599866; path=/; expires=Tue, 19-Sep-2023 15:04:26 GMT; domain=sportradarserving.com; samesite=none; secure
Content-Length: 0
Connection: keep-alive

                                        
                                            GET /pixel/js?auth=5g3u7sq7&event=visit&uid=undefined&tid={TRANSACTION_ID}&cur=undefined&amount=undefined HTTP/1.1 
Host: track.trackingtraffo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         88.214.195.156
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 19 Sep 2022 15:04:26 GMT
Content-Length: 492
Connection: keep-alive
Cache-Control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
Pragma: no-cache
Expires: Sat, 01 Jan 2000 00:00:00 GMT


--- Additional Info ---
Magic:  ASCII text
Size:   492
Md5:    712d35f5b8479ea398e1f1e5d6c7392d
Sha1:   8cab2d9a27680c9dbb7291f4772c629d072a32bf
Sha256: 8e3058c3170bbb8436acac9f9c9bb0c4abba060775eae6e98c064c6a0c58112b
                                        
                                            GET /ul_cb/pixel?type=js&aid=1312&id=3945 HTTP/1.1 
Host: a.sportradarserving.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bizzocasino.com/
Connection: keep-alive
Cookie: zuuid=55015eb8-4b75-4e75-9e87-70c7af7bb1e9; c=1663599866; zuuid_lu=1663599866
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         52.29.158.178
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
Cache-Control: no-cache, no-store, must-revalidate
Date: Mon, 19 Sep 2022 15:04:26 GMT
Set-Cookie: zuuid=55015eb8-4b75-4e75-9e87-70c7af7bb1e9; path=/; expires=Tue, 19-Sep-2023 15:04:26 GMT; domain=sportradarserving.com; samesite=none; secure zuuid_lu=1663599866; path=/; expires=Tue, 19-Sep-2023 15:04:26 GMT; domain=sportradarserving.com; samesite=none; secure zuuid_k=1; path=/; expires=Tue, 19-Sep-2023 15:04:26 GMT; domain=sportradarserving.com; samesite=none; secure zuuid_k_lu=1663599866; path=/; expires=Tue, 19-Sep-2023 15:04:26 GMT; domain=sportradarserving.com; samesite=none; secure cm2=!bidswitch,432929066; path=/; expires=Tue, 19-Sep-2023 15:04:26 GMT; domain=sportradarserving.com; samesite=none; secure bss=!bidswitch,432857066; path=/; expires=Tue, 19-Sep-2023 15:04:26 GMT; domain=sportradarserving.com; samesite=none; secure
Content-Length: 2325
Connection: keep-alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (2325), with no line terminators
Size:   2325
Md5:    5a5ef8ff4555e6125086b36efada8540
Sha1:   375901885efd27cb03fc319ca84e396564668778
Sha256: cd32c9f364d8e10ee1ea597d06fbb952fdadcda1b1320e3893028abe29ebb257
                                        
                                            GET /assets/favicon.png HTTP/1.1 
Host: bizzocasino.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/tournaments/awesome-christmas-race
Cookie: _ga_89BGS3MKPL=GS1.1.1663599846.1.0.1663599846.0.0.0; _ga=GA1.1.763445415.1663599847; DV_TRACK=6a7e905c-eb62-459e-9862-d78bef6da200; _sp_srt_ses.52c6=*; _sp_srt_id.52c6=f1321b2f-007b-4959-b303-19c68ffabad3.1663599847.1.1663599847.1663599847.5c1e7694-9327-43e5-a15b-dfc09fb5e3f2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.26.8.22
HTTP/2 200 OK
content-type: image/png
                                        
date: Mon, 19 Sep 2022 15:04:26 GMT
content-length: 38098
last-modified: Thu, 15 Sep 2022 08:45:39 GMT
etag: "6322e633-94d2"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1299
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tKc7AGA3D4i%2BuWKmbMcbteB4%2BCqQLirJ42MeTNEciUdaTKJE5COV6QjTRCnmdWquVoVeHhs10Q4ZEBVPIiB9ZaO1fj7C8R%2FdGlFuX1HEM1bO%2BKN5qQm91%2FX1DIAGKEGr0g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d336bcfa3a0b39-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced\012- data
Size:   38098
Md5:    73c0aee64f13a266b6b742c486fe1337
Sha1:   ccd750b9fd381a26be739ac360338ac561053e89
Sha256: 1c3abd9ad5e3c51ce047428580299ebff7a1a8359e973c34cb37fd1491146478
                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Mon, 19 Sep 2022 14:41:12 GMT
expires: Mon, 19 Sep 2022 16:41:12 GMT
cache-control: public, max-age=7200
age: 1394
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   20006
Md5:    56f5d7f608e25d64207135f045f988cb
Sha1:   901eb59372ae330ae85e1384da93479b21ae1082
Sha256: 1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5253
Cache-Control: 'max-age=158059'
Date: Mon, 19 Sep 2022 15:04:26 GMT
Last-Modified: Mon, 19 Sep 2022 13:36:53 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 314

                                        
                                            GET /tag.php?goal=690f08e992705cf61f1bdfe9b5790416 HTTP/1.1 
Host: main.exosrv.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         95.211.229.245
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Mon, 19 Sep 2022 15:04:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: goals=a%3A1%3A%7Bi%3A95968%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-09-19%22%3B%7D%7D; expires=Tue, 19 Sep 2023 15:04:26 GMT; path=/; domain=.exosrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

                                        
                                            GET /tag.php?goal=690f08e992705cf61f1bdfe9b5790416 HTTP/1.1 
Host: main.exoclick.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         95.211.229.247
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Mon, 19 Sep 2022 15:04:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: goals=a%3A1%3A%7Bi%3A95968%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-09-19%22%3B%7D%7D; expires=Tue, 19 Sep 2023 15:04:26 GMT; path=/; domain=.exoclick.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

                                        
                                            POST /s/gts1d4/Bz2q3fRhivk HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 19 Sep 2022 15:04:26 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /s/gts1d4/mhuqZ1vnJhs HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 19 Sep 2022 15:04:26 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /pixel?auth=5g3u7sq7&event=visit&uid=undefined&tid=%7BTRANSACTION_ID%7D&cur=undefined&amount=undefined&site=bizzocasino.com&ln=en-US HTTP/1.1 
Host: track.trackingtraffo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         88.214.195.156
HTTP/1.1 200 OK
                                        
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 19 Sep 2022 15:04:26 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
Pragma: no-cache
Expires: Sat, 01 Jan 2000 00:00:00 GMT

                                        
                                            GET /1460267/log/3/unip?item-url=https%3A%2F%2Fbizzocasino.com%2Ftournaments%2Fawesome-christmas-race&ref=&en=bizzocasino_notreg HTTP/1.1 
Host: trc.taboola.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.44
HTTP/2 204 No Content
content-type: image/gif
                                        
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
accept-ranges: bytes
date: Mon, 19 Sep 2022 15:04:26 GMT
via: 1.1 varnish
x-served-by: cache-bma1674-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1663599866.432965,VS0,VE87
x-vcl-time-ms: 87
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 19 Sep 2022 15:04:26 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 19 Sep 2022 06:25:21 GMT
Expires: Mon, 26 Sep 2022 06:25:20 GMT
Etag: "72219bfe4412de462135af38de924431a60cd5f5"
Cache-Control: max-age=573053,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74d336bd7dd21bfe-OSL

                                        
                                            GET /ctrack?action=list&type=add&id=notregistered&context=Bizzocasino.com&cookiename=notregistered&age=500000&maxcookiecount=10 HTTP/1.1 
Host: ctrack.trafficjunky.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         66.254.114.89
HTTP/1.1 200 OK
content-type: image/gif
                                        
server: openresty
date: Mon, 19 Sep 2022 15:04:26 GMT
content-length: 35
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Sun, 22 Jan 1984 03:00:00 GMT
p3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
pragma: no-cache
set-cookie: tj_UUID=03e5610b977c4b8ba2f44366780e17bc; Path=/; Domain=trafficjunky.net; Expires=Wed, 19 Oct 2022 15:04:26 GMT; Secure; SameSite=None tj_UUID_v2=03e5610b-977c-4b8b-a2f4-4366780e17bc; Path=/; Domain=trafficjunky.net; Expires=Wed, 19 Oct 2022 15:04:26 GMT; Secure; SameSite=None 00eeb7d7a7bd81d86b2f272dd250c93c=notregistered; Path=/; Domain=trafficjunky.net; Expires=Fri, 01 Sep 2023 20:24:26 GMT; Secure; SameSite=None
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-headers: Content-Type
access-control-max-age: 86400
x-request-id: 632884FA-42FE725901BB892F-400B31C


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   35
Md5:    28d6814f309ea289f847c69cf91194c6
Sha1:   0f4e929dd5bb2564f7ab9c76338e04e292a42ace
Sha256: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
                                        
                                            GET /1.1/web/usersyncs?b=8461718b-151b-486e-8ea2-a9b349f07f98&u=55015eb8-4b75-4e75-9e87-70c7af7bb1e9 HTTP/1.1 
Host: api.feedad.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         216.239.38.21
HTTP/2 200 OK
content-type: image/gif
                                        
set-cookie: fa_8461718b-151b-486e-8ea2-a9b349f07f98_u=55015eb8-4b75-4e75-9e87-70c7af7bb1e9; Domain=.feedad.com; Path=/; Max-Age=2592000; HttpOnly; SameSite=None; Secure
x-cloud-trace-context: 105cfe6b81fa53e67d300cba128831cc
date: Mon, 19 Sep 2022 15:04:26 GMT
server: Google Frontend
content-length: 42
expires: Mon, 19 Sep 2022 15:04:26 GMT
cache-control: private
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            GET /1/usersyncs?b=8461718b-151b-486e-8ea2-a9b349f07f98&u=55015eb8-4b75-4e75-9e87-70c7af7bb1e9 HTTP/1.1 
Host: tags.feedad.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         216.239.38.21
HTTP/2 200 OK
content-type: image/gif
                                        
set-cookie: fa_8461718b-151b-486e-8ea2-a9b349f07f98_u=55015eb8-4b75-4e75-9e87-70c7af7bb1e9; Domain=.feedad.com; Path=/; Max-Age=2592000; HttpOnly; SameSite=None; Secure
x-cloud-trace-context: 7e2e996e76f868b034e17b292dbb516c
date: Mon, 19 Sep 2022 15:04:26 GMT
server: Google Frontend
content-length: 42
expires: Mon, 19 Sep 2022 15:04:26 GMT
cache-control: private
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 19 Sep 2022 15:04:26 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 17 Sep 2022 01:56:49 GMT
Expires: Sat, 24 Sep 2022 01:56:48 GMT
Etag: "12855b87981010ed81a3582a3ce06eae3ef5dc6f"
Cache-Control: max-age=384141,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74d336bd9e22fabc-OSL

                                        
                                            GET /p.js?f=sync&lr=1&partner=d52d64e3ae130730ea33c02cfefc955af6fb94275ad1752dd9486271dd6cf068 HTTP/1.1 
Host: my.rtmark.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.195.8
HTTP/2 200 OK
content-type: text/javascript
                                        
server: nginx
date: Mon, 19 Sep 2022 15:04:26 GMT
content-length: 697
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   697
Md5:    d0faf6100c68eca3bd5782a5b94fc212
Sha1:   27a475c79e1b4728005805ffe000f54a0101d9af
Sha256: 6378b5c7e59ed7146d4c8a4130e3506701be02869ee31d527599ea60dcaaee6e
                                        
                                            GET /syncd?dsp_id=409&user_group=1&user_id=55015eb8-4b75-4e75-9e87-70c7af7bb1e9&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3D55015eb8-4b75-4e75-9e87-70c7af7bb1e9 HTTP/1.1 
Host: x.bidswitch.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bizzocasino.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         3.126.140.73
HTTP/1.1 302 Moved Temporarily
                                        
Cache-Control: no-cache, no-store, must-revalidate
Date: Mon, 19 Sep 2022 15:04:26 GMT
Location: https://x.bidswitch.net/ul_cb/syncd?dsp_id=409&user_group=1&user_id=55015eb8-4b75-4e75-9e87-70c7af7bb1e9&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3D55015eb8-4b75-4e75-9e87-70c7af7bb1e9
Set-Cookie: tuuid=be575789-8adb-4887-923f-119792722a6a; path=/; expires=Tue, 19-Sep-2023 15:04:26 GMT; domain=.bidswitch.net; samesite=none; secure c=1663599866; path=/; expires=Tue, 19-Sep-2023 15:04:26 GMT; domain=.bidswitch.net; samesite=none; secure tuuid_lu=1663599866; path=/; expires=Tue, 19-Sep-2023 15:04:26 GMT; domain=.bidswitch.net; samesite=none; secure c=1663599866; path=/; expires=Tue, 19-Sep-2023 15:04:26 GMT; domain=.bidswitch.net; samesite=none; secure
Content-Length: 0
Connection: keep-alive

                                        
                                            GET /sync?dsp_id=409&expires=14&user_group=2&user_id=55015eb8-4b75-4e75-9e87-70c7af7bb1e9&cb=99bc05b0-fe60-4cd9-ac0c-9e9320bf3446 HTTP/1.1 
Host: x.bidswitch.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         3.126.140.73
HTTP/1.1 302 Moved Temporarily
                                        
Cache-Control: no-cache, no-store, must-revalidate
Date: Mon, 19 Sep 2022 15:04:26 GMT
Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=55015eb8-4b75-4e75-9e87-70c7af7bb1e9&cb=99bc05b0-fe60-4cd9-ac0c-9e9320bf3446
Set-Cookie: tuuid=5d0bc897-061b-4a59-a038-b6519eda72d9; path=/; expires=Tue, 19-Sep-2023 15:04:26 GMT; domain=.bidswitch.net; samesite=none; secure c=1663599866; path=/; expires=Tue, 19-Sep-2023 15:04:26 GMT; domain=.bidswitch.net; samesite=none; secure tuuid_lu=1663599866; path=/; expires=Tue, 19-Sep-2023 15:04:26 GMT; domain=.bidswitch.net; samesite=none; secure c=1663599866; path=/; expires=Tue, 19-Sep-2023 15:04:26 GMT; domain=.bidswitch.net; samesite=none; secure
Content-Length: 0
Connection: keep-alive

                                        
                                            GET /sync?dsp_id=409&expires=14&user_group=2&user_id=55015eb8-4b75-4e75-9e87-70c7af7bb1e9&cb=a3eafec8-cd29-427f-9678-18f0220e7dda HTTP/1.1 
Host: x.bidswitch.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         3.126.140.73
HTTP/1.1 302 Moved Temporarily
                                        
Cache-Control: no-cache, no-store, must-revalidate
Date: Mon, 19 Sep 2022 15:04:26 GMT
Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=55015eb8-4b75-4e75-9e87-70c7af7bb1e9&cb=a3eafec8-cd29-427f-9678-18f0220e7dda
Set-Cookie: tuuid=374e0bee-418a-4b55-9823-40283a62f4bb; path=/; expires=Tue, 19-Sep-2023 15:04:26 GMT; domain=.bidswitch.net; samesite=none; secure c=1663599866; path=/; expires=Tue, 19-Sep-2023 15:04:26 GMT; domain=.bidswitch.net; samesite=none; secure tuuid_lu=1663599866; path=/; expires=Tue, 19-Sep-2023 15:04:26 GMT; domain=.bidswitch.net; samesite=none; secure c=1663599866; path=/; expires=Tue, 19-Sep-2023 15:04:26 GMT; domain=.bidswitch.net; samesite=none; secure
Content-Length: 0
Connection: keep-alive

                                        
                                            GET /syncd?dsp_id=409&user_id=55015eb8-4b75-4e75-9e87-70c7af7bb1e9&user_group=2&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D HTTP/1.1 
Host: x.bidswitch.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         3.126.140.73
HTTP/1.1 302 Moved Temporarily
                                        
Cache-Control: no-cache, no-store, must-revalidate
Date: Mon, 19 Sep 2022 15:04:26 GMT
Location: https://x.bidswitch.net/ul_cb/syncd?dsp_id=409&user_id=55015eb8-4b75-4e75-9e87-70c7af7bb1e9&user_group=2&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D
Set-Cookie: tuuid=b0d76f65-cfd5-4afe-a190-29c0c2d1856a; path=/; expires=Tue, 19-Sep-2023 15:04:26 GMT; domain=.bidswitch.net; samesite=none; secure c=1663599866; path=/; expires=Tue, 19-Sep-2023 15:04:26 GMT; domain=.bidswitch.net; samesite=none; secure tuuid_lu=1663599866; path=/; expires=Tue, 19-Sep-2023 15:04:26 GMT; domain=.bidswitch.net; samesite=none; secure c=1663599866; path=/; expires=Tue, 19-Sep-2023 15:04:26 GMT; domain=.bidswitch.net; samesite=none; secure
Content-Length: 0
Connection: keep-alive

                                        
                                            GET /sync?dsp_id=409&expires=14&user_group=2&user_id=55015eb8-4b75-4e75-9e87-70c7af7bb1e9&cb=17ed8f11-24bb-4249-ab65-7cd965bd0522 HTTP/1.1 
Host: x.bidswitch.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         3.126.140.73
HTTP/1.1 302 Moved Temporarily
                                        
Cache-Control: no-cache, no-store, must-revalidate
Date: Mon, 19 Sep 2022 15:04:26 GMT
Location: //match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=55015eb8-4b75-4e75-9e87-70c7af7bb1e9&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
Content-Length: 0
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         143.204.42.156
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 19 Sep 2022 15:04:26 GMT
Last-Modified: Mon, 19 Sep 2022 13:42:23 GMT
Server: ECS (nyb/1D05)
X-Cache: Miss from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: KqMDzINBCCIiFRt8KqAa0ZbKV-W30n4QkknIUzzvNDYti_txjjLhaQ==
Age: 4924

                                        
                                            POST /g/collect?v=2&tid=G-89BGS3MKPL&gtm=2oe9e0&_p=1859606556&cid=763445415.1663599847&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663599846&sct=1&seg=0&dl=https%3A%2F%2Fbizzocasino.com%2Ftournaments%2Fawesome-christmas-race&dt=Awesome%20Christmas%20Race!&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1 
Host: region1.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bizzocasino.com
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

                                         
                                         216.239.32.36
HTTP/2 204 No Content
content-type: text/plain
                                        
access-control-allow-origin: https://bizzocasino.com
date: Mon, 19 Sep 2022 15:04:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E64C0C03925BDFAA2520D90339C90D1F8D98C432441ADB771DFE1E818220F06F"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6270
Expires: Mon, 19 Sep 2022 16:48:56 GMT
Date: Mon, 19 Sep 2022 15:04:26 GMT
Connection: keep-alive

                                        
                                            GET /xuid?mid=7963&xuid=55015eb8-4b75-4e75-9e87-70c7af7bb1e9&dongle=3oy7 HTTP/1.1 
Host: eb2.3lift.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         13.248.245.213
HTTP/2 200 OK
content-type: image/gif
                                        
date: Mon, 19 Sep 2022 15:04:26 GMT
content-length: 37
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   37
Md5:    3eacd0132310ea44cad756b378a3bc07
Sha1:   e2216a7e9b73f5cb0279351c78ce61c33475cea7
Sha256: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E64C0C03925BDFAA2520D90339C90D1F8D98C432441ADB771DFE1E818220F06F"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6270
Expires: Mon, 19 Sep 2022 16:48:56 GMT
Date: Mon, 19 Sep 2022 15:04:26 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E64C0C03925BDFAA2520D90339C90D1F8D98C432441ADB771DFE1E818220F06F"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6270
Expires: Mon, 19 Sep 2022 16:48:56 GMT
Date: Mon, 19 Sep 2022 15:04:26 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e5b5676-18df-4d43-8bbd-b85ffe4f1a94.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5866
x-amzn-requestid: 3a7db39d-cd4f-486f-954b-39fc7464706c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YrNeAE67IAMFSoQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63278f8c-66a419ac7fbd977f5f41061b;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 21:37:16 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: TdVz72qdwMdsuW1WsOq1qEZk2vmbXJlbppLTTsZ9PlrmN7GEph0dyQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:53:39 GMT
etag: "58c5d6f8ba1d3236d788ac55ff7cb2ec7863fb5c"
age: 61847
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5866
Md5:    1105b56cf779b6df1cbd081bbd0cda50
Sha1:   58c5d6f8ba1d3236d788ac55ff7cb2ec7863fb5c
Sha256: 10c1f0433baf51e06565ff905688075aaba8fec0a8b3f9cef34168e297f94c2c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F24f3f8eb-09f7-4c60-864d-3ff96da7c86a.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6428
x-amzn-requestid: 7dd3072b-403a-4bb4-b8c4-58a6d7c254f7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YRmgCGJVIAMFk5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d5133-0756be8c75da02a857e36a2f;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 03:08:35 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: nD62kVNMZRvoZaM85m1kNlgU-KOj2X7tqhy9cPxGJFaBHCMVEsvWXQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:53:45 GMT
age: 61841
etag: "480182fd29c7edd369339847b85e4e2580cef0f6"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6428
Md5:    893f3495f1f575e946a57c8e8411b2a5
Sha1:   480182fd29c7edd369339847b85e4e2580cef0f6
Sha256: 097d868881231eae089ac8b97d5dc290583477f63dc35b7458ed4898e0db3e0c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd460ce9f-ea5c-436e-8b02-8ec8233b9681.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5064
x-amzn-requestid: 985dbd5b-3e8a-4e22-a974-1effa6c99112
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YrOS8FyBoAMFrCQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632790df-201df5494f1513b91eefe9d5;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 21:42:55 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: GIhj3a2-SwYu2w4mLx7JiIJzFfV82-Et89ORRsx5fsGOx9nttPlCxA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:57:13 GMT
etag: "b0ad467f2837d103f8a96fb732bd34176c4c7110"
age: 61633
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5064
Md5:    e4098577adb98eae5ba4a8b5e143df71
Sha1:   b0ad467f2837d103f8a96fb732bd34176c4c7110
Sha256: 83aa54020ffc684690dfb58d78608411de38ab02fee50808a8243c6b388e77c0
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6582596-5079-44f5-a869-65c8766f7d1a.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9901
x-amzn-requestid: e1792a3b-1893-48a6-8d01-463050259dc2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YiGMYE3IoAMFgvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6323ea4f-42ab13411e65943538101b11;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 03:15:27 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: XmcyJv7bahHB4wMjFmgvh2fEkJJYLPhRrISZ_DczSErdEQjXIxWUvg==
via: 1.1 0800f067ff646622f3e8e507cb9b52e8.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 03:54:31 GMT
age: 40195
etag: "e460ad4376cd118a6fe8b6b050af9398117d9531"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9901
Md5:    da8b8819fc21dcfb224ce0e7ecdc6772
Sha1:   e460ad4376cd118a6fe8b6b050af9398117d9531
Sha256: 9d0cf5fe17040e6c494d1596c24f01501babff37c95caa47d048b5e1aefa7697
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a91bc33-86f4-4bda-af70-da083ceb7c72.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10894
x-amzn-requestid: f7aad96e-af80-4db7-8bc1-d1e09a9b37e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YeJQGHhOIAMFYuw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322559a-538534e91448af217c59ab3d;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 22:28:42 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: P7aZQzmAvqn2rcHJUQjHo0Dcg8dsrqseey5mNOabfq1b857M4SUMDQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 10:33:00 GMT
age: 16286
etag: "ebd83f29edd95217dfa4f4c7a94eddf34dd58b14"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10894
Md5:    d3e70b2859ca89b353682d03f6b46b93
Sha1:   ebd83f29edd95217dfa4f4c7a94eddf34dd58b14
Sha256: 43ad8f8b0a664bbec39e0410c1201498a2d2e36e5bd7d5ece8d65b15230ec50b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c670b93-3941-4322-a938-e74eba949ad6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11919
x-amzn-requestid: 2f547c1f-2f5d-4707-8f6c-fe9dfff51383
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YbfS4FI9oAMFScw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632145ab-3c967f2653d06c1c079f88c1;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 03:08:27 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: xG9XQItrQEJXCW9JRcI6aDELQKCTOlnwq1Xg5_vQcqCPNtHGWkScFw==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 22:00:17 GMT
age: 61449
etag: "786c333cf08456aea446a55c547520572e1c2df9"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11919
Md5:    f003d8b6e12692fb16dddd6827deead8
Sha1:   786c333cf08456aea446a55c547520572e1c2df9
Sha256: d79ea50cfc0f237b3de8f1826cbae1de0b1dbc632a5a06b08d9640abedded935
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 19 Sep 2022 15:04:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /recaptcha/api.js?render=6Lfp3sIbAAAAAJ37H0nwMOrTaY-Qv4xUHUwkqVeu HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.164
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
expires: Mon, 19 Sep 2022 15:04:26 GMT
date: Mon, 19 Sep 2022 15:04:26 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 586
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (884), with no line terminators
Size:   586
Md5:    1b73a731d132512467fd72dbf9bbb713
Sha1:   e355d17aeeeb33256f4b03c05387b4826181ba30
Sha256: 72d3a9a74ec3de03229f8636718d948b898f412cd57f97c7b20c603bcf425a2f
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 19 Sep 2022 15:04:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            OPTIONS /api/data/get-currencies HTTP/1.1 
Host: platform.bizzocasino.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://bizzocasino.com/
Origin: https://bizzocasino.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         104.26.8.22
HTTP/2 204 No Content
                                        
date: Mon, 19 Sep 2022 15:04:26 GMT
access-control-allow-origin: https://bizzocasino.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZZzmQvhgx2tolzSFlC71HMr2IWLXViKOoWX1tL2YhqMHqOTFZ0mppM3BC0ojFuU%2FVj42qkKr7Rqkc1MCl1ZGCS8uyauU5jptkKbLOB%2FD1owXW1Qj%2F0L74xcxKjVTV37SGnmdFm8JZeznRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74d336bffd600b39-OSL
X-Firefox-Spdy: h2

                                        
                                            OPTIONS /api/data/provinces HTTP/1.1 
Host: platform.bizzocasino.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://bizzocasino.com/
Origin: https://bizzocasino.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         104.26.8.22
HTTP/2 204 No Content
                                        
date: Mon, 19 Sep 2022 15:04:27 GMT
access-control-allow-origin: https://bizzocasino.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Zu0yQsgOpeQ2Qm%2FxeDR%2FjHeRbJSUIG5FlvUK%2FpeMGO9AnQInbvmR1Qp1AfK5XDZhdT9hbHGjrtajhkpLP%2BIQb2QdZ5UoSFugMHRNmxWxILlOHYxcZPbrc8Pmyv9lCi4tpfzd4g6ZtDXkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74d336c00db30b39-OSL
X-Firefox-Spdy: h2

                                        
                                            OPTIONS /api/v2/casino/producer?is_desktop=1&is_live=0 HTTP/1.1 
Host: platform.bizzocasino.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://bizzocasino.com/
Origin: https://bizzocasino.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         104.26.8.22
HTTP/2 204 No Content
                                        
date: Mon, 19 Sep 2022 15:04:27 GMT
access-control-allow-origin: https://bizzocasino.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0GShzy1X9LT0UDKmsgaKkjv7%2B6yZ3H9pBdnWlyaW6UQjGykxxu36lGVCym2rmAC3u4%2BUCxT5CU2q7Y%2BZkveZ49fJpUVeUM4%2FR8DF3SQDd8x9i5MWFnbWfRISeYcYsTYqEAkmPxu8o37Qfg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74d336c01dde0b39-OSL
X-Firefox-Spdy: h2

                                        
                                            OPTIONS /api/data/get-countries HTTP/1.1 
Host: platform.bizzocasino.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://bizzocasino.com/
Origin: https://bizzocasino.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         104.26.8.22
HTTP/2 204 No Content
                                        
date: Mon, 19 Sep 2022 15:04:27 GMT
access-control-allow-origin: https://bizzocasino.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=885UB7VLqq5WRtEcKpwH3DGOdH6EXvppmSIYCcfd9287Z0uQukgmfaIz84wthQGcJ6DGk6NF%2FRG3NHHg%2Bwu97v%2FBtXQq9JRvRZD%2FtW31inAfFT7D4tXxAp1RRXyW5CAMA2gAC2OyIDKjPg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74d336c00da60b39-OSL
X-Firefox-Spdy: h2

                                        
                                            OPTIONS /api/v2/casino/producer?is_desktop=1&is_live=1 HTTP/1.1 
Host: platform.bizzocasino.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://bizzocasino.com/
Origin: https://bizzocasino.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         104.26.8.22
HTTP/2 204 No Content
                                        
date: Mon, 19 Sep 2022 15:04:27 GMT
access-control-allow-origin: https://bizzocasino.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nVyFO5Z3uCwDSoHcr0nKArSa%2Bfyu9%2BRW4L0pbFufkBvQrWnyavHbzB5wPmN5eWLQIBLI7lx4PEtMXpcySgQVU%2BnmgGZxyFiAvvpScy4yofvxUOHBRcq6s%2Fgv0ZMk2aRKGX2B0SX6XIou3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74d336c02de40b39-OSL
X-Firefox-Spdy: h2

                                        
                                            OPTIONS /api/v2/configurations HTTP/1.1 
Host: platform.bizzocasino.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://bizzocasino.com/
Origin: https://bizzocasino.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

                                         
                                         172.67.68.182
HTTP/2 204 No Content
                                        
date: Mon, 19 Sep 2022 15:04:27 GMT
access-control-allow-origin: https://bizzocasino.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WRdbDaMq6WRfhjIYt3e%2FsgjW4K2FLdpmOBPasK9Uk9kNrb8wv%2BHW68yuRZQn%2FlbZqVmTWug1ZJwM0zNUdt3TFRFNu07eHy8XfQ359%2FdP3ZT8q7BG9KbFySk%2BwzQz9th6KmqpTwsomc0oNw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74d336c028901bfa-OSL
X-Firefox-Spdy: h2

                                        
                                            OPTIONS /api/v2/ip-data HTTP/1.1 
Host: platform.bizzocasino.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://bizzocasino.com/
Origin: https://bizzocasino.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

                                         
                                         172.67.68.182
HTTP/2 204 No Content
                                        
date: Mon, 19 Sep 2022 15:04:27 GMT
access-control-allow-origin: https://bizzocasino.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S%2BouxQbzyIZNTKH6c9qPJCSpboqHnxao1HZmYT4vV%2BGO75Z0hqsKORYhcIlZTM7Jh5U8ai83tOJp8l0T2VJCwpIg8eahgJavmWOEj5Agc0LcbAsGiP7P8w4SBIX94Ir2cntpVxlnISwvBw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74d336c028961bfa-OSL
X-Firefox-Spdy: h2

                                        
                                            OPTIONS /api/v2/casino/category?auth=false HTTP/1.1 
Host: platform.bizzocasino.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://bizzocasino.com/
Origin: https://bizzocasino.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         104.26.8.22
HTTP/2 204 No Content
                                        
date: Mon, 19 Sep 2022 15:04:27 GMT
access-control-allow-origin: https://bizzocasino.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nd2XAqBFOXShOxYCFxC0AcjcvXzydCHEmEgICCNlvrqjZV%2BshlKWYBKAmWs0EzAY1pqNz1rOUFYM2YvP7Q2JkEfq%2Bz625j8O0qN9VPBd5nzkiUddWkH03YdTGGLtleENk1C5t5pajETrqg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74d336c02de50b39-OSL
X-Firefox-Spdy: h2

                                        
                                            GET /api/data/get-currencies HTTP/1.1 
Host: platform.bizzocasino.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
client-timezone: UTC
Origin: https://bizzocasino.com
Connection: keep-alive
Referer: https://bizzocasino.com/
Cookie: _ga_89BGS3MKPL=GS1.1.1663599846.1.0.1663599846.0.0.0; _ga=GA1.2.763445415.1663599847; DV_TRACK=6a7e905c-eb62-459e-9862-d78bef6da200; _sp_srt_ses.52c6=*; _sp_srt_id.52c6=f1321b2f-007b-4959-b303-19c68ffabad3.1663599847.1.1663599847.1663599847.5c1e7694-9327-43e5-a15b-dfc09fb5e3f2; _gid=GA1.2.514568752.1663599847; _gat_UA-207151463-1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         104.26.8.22
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
                                        
date: Mon, 19 Sep 2022 15:04:27 GMT
vary: Accept-Encoding
x-powered-by: PHP/7.4.30
access-control-allow-origin: https://bizzocasino.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AIIcUVSigpb9pXX0RD2X2PVPz20XDYt9oE4k0i6i8epMRHCqv6v6%2B3hKiYQVQPg22VITlwWAag3K4NTyVDfglmGtyqXBxhKIFwdLBVEOKadKXyLQLEKIO%2FhBn0Pj2P%2FCT0tp2CULTzw0BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74d336c0cea80b39-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (9389), with no line terminators
Size:   993
Md5:    d1d61e1ecb1353f959946d63e82b2cf3
Sha1:   c4fa5698ac509ca11e3f4b649cc90ebc33078f63
Sha256: 90e00215c89c5aaca051b26f2403ddef61162da166dc6c79e05b61a51ecdeb6f
                                        
                                            GET /api/v2/configurations HTTP/1.1 
Host: platform.bizzocasino.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
client-timezone: UTC
Origin: https://bizzocasino.com
Connection: keep-alive
Referer: https://bizzocasino.com/
Cookie: _ga_89BGS3MKPL=GS1.1.1663599846.1.0.1663599846.0.0.0; _ga=GA1.2.763445415.1663599847; DV_TRACK=6a7e905c-eb62-459e-9862-d78bef6da200; _sp_srt_ses.52c6=*; _sp_srt_id.52c6=f1321b2f-007b-4959-b303-19c68ffabad3.1663599847.1.1663599847.1663599847.5c1e7694-9327-43e5-a15b-dfc09fb5e3f2; _gid=GA1.2.514568752.1663599847; _gat_UA-207151463-1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         104.26.8.22
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
                                        
date: Mon, 19 Sep 2022 15:04:27 GMT
vary: Accept-Encoding
x-powered-by: PHP/7.4.30
access-control-allow-origin: https://bizzocasino.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ScMNCOylx5oM76jiDFguWr4oCvKIa4PtuoW7N7Jn4iX0w3dSBe12N2umf%2ByESHio%2Ffrt0UlfoO9s%2FlmGeJ%2BAfp0qjHfGtRtmWG8eVzhPw9Ep4xjjDj%2BT2vS3ZMvthxlKUTQBpsM9gOi3%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74d336c0fee10b39-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Size:   163850
Md5:    f9083d5bc5ca60c28807e67e084be102
Sha1:   d04c60afa6083c097f0cc87ed99ed23c30f41b50
Sha256: 018f0fe811800e3fc703320474260c18e324984863b79d60756bd9fd3929f6d4
                                        
                                            GET /ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=55015eb8-4b75-4e75-9e87-70c7af7bb1e9&cb=a3eafec8-cd29-427f-9678-18f0220e7dda HTTP/1.1 
Host: x.bidswitch.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bizzocasino.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         3.126.140.73
HTTP/1.1 302 Moved Temporarily
                                        
Cache-Control: no-cache, no-store, must-revalidate
Date: Mon, 19 Sep 2022 15:04:27 GMT
Location: //match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=55015eb8-4b75-4e75-9e87-70c7af7bb1e9&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
Content-Length: 0
Connection: keep-alive

                                        
                                            GET /api/promotion/tournaments?lang=en_GB HTTP/1.1 
Host: bizzocasino.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://bizzocasino.com/tournaments/awesome-christmas-race
Cookie: _ga_89BGS3MKPL=GS1.1.1663599846.1.0.1663599846.0.0.0; _ga=GA1.2.763445415.1663599847; DV_TRACK=6a7e905c-eb62-459e-9862-d78bef6da200; _sp_srt_ses.52c6=*; _sp_srt_id.52c6=f1321b2f-007b-4959-b303-19c68ffabad3.1663599847.1.1663599847.1663599847.5c1e7694-9327-43e5-a15b-dfc09fb5e3f2; _gid=GA1.2.514568752.1663599847; _gat_UA-207151463-1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.26.8.22
HTTP/2 200 OK
content-type: application/json
                                        
date: Mon, 19 Sep 2022 15:04:27 GMT
vary: Accept-Encoding
x-powered-by: PHP/7.4.29
cache-control: max-age=0, must-revalidate, private
expires: Mon, 19 Sep 2022 15:04:27 GMT
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XhumD%2BrbvxIO9giXHthlOpooo7Nt%2B%2BkyYV7CPmV1sQQCsxbHzXZ2w0H8zf0bh2DDGp4HRrEhlAOiR8zAoJgieBm%2FJQ%2FOMDqQKLdzJFC4nAzLo3SrO0%2BDKcji9OZtG%2FI2SA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74d336c01dda0b39-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (5655), with no line terminators
Size:   1649
Md5:    cea158f1705b61599f5bf91b2401243f
Sha1:   8ef5e62c5bfa13ea9e4b4fa9cc8f6f11de569e0b
Sha256: e6934605dd7e333c0b32ec3b9e816ae903f9e732e13edbfc43c46efb4b214781
                                        
                                            GET /api/v2/casino/producer?is_desktop=1&is_live=0 HTTP/1.1 
Host: platform.bizzocasino.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
client-timezone: UTC
Origin: https://bizzocasino.com
Connection: keep-alive
Referer: https://bizzocasino.com/
Cookie: _ga_89BGS3MKPL=GS1.1.1663599846.1.0.1663599846.0.0.0; _ga=GA1.2.763445415.1663599847; DV_TRACK=6a7e905c-eb62-459e-9862-d78bef6da200; _sp_srt_ses.52c6=*; _sp_srt_id.52c6=f1321b2f-007b-4959-b303-19c68ffabad3.1663599847.1.1663599847.1663599847.5c1e7694-9327-43e5-a15b-dfc09fb5e3f2; _gid=GA1.2.514568752.1663599847; _gat_UA-207151463-1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         104.26.8.22
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
                                        
date: Mon, 19 Sep 2022 15:04:27 GMT
vary: Accept-Encoding
x-powered-by: PHP/7.4.30
access-control-allow-origin: https://bizzocasino.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hifv23hnbN0TXf3Rjo54YOw2K4PQL7Q%2B%2FupRqFmcn2atJkuhuLBBlqOQdTezQ6JJs5RNiAGWQB1PPVsXqZ4GLVIEPeb1OX3YyZfV3fdDM07T1T%2BiOlq7WQpz06LvEl%2Fok7Wit6ggDAgJUA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74d336c0ceba0b39-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (35276), with no line terminators
Size:   3146
Md5:    8f75ceab39dfe7b2c46b4ac973c27df6
Sha1:   6344e781d919d6aabec988d7ad14bb1a839e84ff
Sha256: 0adcc57f66f743c59bbcb56aee8eb047dcd921ffcd8dc71bf5ed03d581675ac1
                                        
                                            GET /img.gif?f=sync&partner=d52d64e3ae130730ea33c02cfefc955af6fb94275ad1752dd9486271dd6cf068&ttl=&rurl=https%3A%2F%2Fbizzocasino.com%2Ftournaments%2Fawesome-christmas-race HTTP/1.1 
Host: my.rtmark.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.195.8
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Mon, 19 Sep 2022 15:04:27 GMT
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=9bfa52e15a3a416382b898e254a49ef2; expires=Tue, 19 Sep 2023 15:04:27 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    b4491705564909da7f9eaf749dbbfbb1
Sha1:   279315d507855c6a4351e1e2c2f39dd9cd2fccd8
Sha256: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
                                        
                                            OPTIONS /api/v2/bonuses/tournaments?lang=en&frontendIdentifier_in%5B%5D=oracle-slot-race&frontendIdentifier_in%5B%5D=luxury-table-battle HTTP/1.1 
Host: platform.bizzocasino.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://bizzocasino.com/
Origin: https://bizzocasino.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         172.67.68.182
HTTP/2 204 No Content
                                        
date: Mon, 19 Sep 2022 15:04:27 GMT
access-control-allow-origin: https://bizzocasino.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1sDqAgrDlDjuz2WQnAtRO%2FIPY8tiY2DXax81MAHbR81%2FsCoWKc%2BbbZGkVRtumi9SYZO8kEm97vbfoMIAgQDXPwYNCh5x7eEd964vXDaKybNFpI4qSeOnNKKlNfj%2BbBbk8o1uP7OGyt9Geg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74d336c33c0d1bfa-OSL
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         143.204.42.156
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 19 Sep 2022 15:04:27 GMT
Last-Modified: Mon, 19 Sep 2022 13:24:26 GMT
Server: ECS (nyb/1D17)
X-Cache: Miss from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: -ptsc8iwlxQGc5gpeE2r977QLTcQtcNl6e9QKQW_rnYFLWTIO6NCog==
Age: 6001

                                        
                                            GET /api/v2/casino/producer?is_desktop=1&is_live=1 HTTP/1.1 
Host: platform.bizzocasino.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
client-timezone: UTC
Origin: https://bizzocasino.com
Connection: keep-alive
Referer: https://bizzocasino.com/
Cookie: _ga_89BGS3MKPL=GS1.1.1663599846.1.0.1663599846.0.0.0; _ga=GA1.2.763445415.1663599847; DV_TRACK=6a7e905c-eb62-459e-9862-d78bef6da200; _sp_srt_ses.52c6=*; _sp_srt_id.52c6=f1321b2f-007b-4959-b303-19c68ffabad3.1663599847.1.1663599847.1663599847.5c1e7694-9327-43e5-a15b-dfc09fb5e3f2; _gid=GA1.2.514568752.1663599847; _gat_UA-207151463-1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         104.26.8.22
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
                                        
date: Mon, 19 Sep 2022 15:04:27 GMT
vary: Accept-Encoding
x-powered-by: PHP/7.4.30
access-control-allow-origin: https://bizzocasino.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NKVXKW%2FWz%2B2k2kRwIfy3sabnXJv45Rq9cibadgSMSi9RWtb2hYKFgX4lNcn2aQk5vwsnNvxaoiUf78vQ4TlIcpZG7h14yfvvZ4ZGH%2BoJ43ipdUfLM0vozRp2liznK%2BIhurZ5DTl%2BD0vkUw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74d336c0decb0b39-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (4972), with no line terminators
Size:   659
Md5:    a10fe611fb89f9c8aba2264d74e2176b
Sha1:   98b8d5399131c10f72cf554d7853df025b165eee
Sha256: 33336ed100023c58d9f863ba220cd48a3b308a23c1339178c774aa5b5a189d5a
                                        
                                            GET /api/v2/ip-data HTTP/1.1 
Host: platform.bizzocasino.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
client-timezone: UTC
Origin: https://bizzocasino.com
Connection: keep-alive
Referer: https://bizzocasino.com/
Cookie: _ga_89BGS3MKPL=GS1.1.1663599846.1.0.1663599846.0.0.0; _ga=GA1.2.763445415.1663599847; DV_TRACK=6a7e905c-eb62-459e-9862-d78bef6da200; _sp_srt_ses.52c6=*; _sp_srt_id.52c6=f1321b2f-007b-4959-b303-19c68ffabad3.1663599847.1.1663599847.1663599847.5c1e7694-9327-43e5-a15b-dfc09fb5e3f2; _gid=GA1.2.514568752.1663599847; _gat_UA-207151463-1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         104.26.8.22
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
                                        
date: Mon, 19 Sep 2022 15:04:27 GMT
vary: Accept-Encoding
x-powered-by: PHP/7.4.30
access-control-allow-origin: https://bizzocasino.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NOkW0AYPij3f77jKIk1605QzyYuIjdH6ipaIXmotodSfOHN1BuT6cr6S7azdTuOT2bGHZWxVyhQR9acUh%2BurAna0F1gIKgS4604k7ZLEefbpzsePIXfcjIshXN0RqAyZopm%2FL7c8pMETgg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74d336c0fee30b39-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (693), with no line terminators
Size:   24627
Md5:    c19eddf9c30c7b9450e464857333d591
Sha1:   fc03eb07c1f64a7a19967adb9583f2eab02c5ebd
Sha256: 255dbd3de796db134adb749ef1be2107217a633b90defe37d768913101e82ca2
                                        
                                            GET /api/promotion/list?onlyPromotionType=0&lang=en_GB HTTP/1.1 
Host: bizzocasino.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://bizzocasino.com/tournaments/awesome-christmas-race
Cookie: _ga_89BGS3MKPL=GS1.1.1663599846.1.0.1663599846.0.0.0; _ga=GA1.2.763445415.1663599847; DV_TRACK=6a7e905c-eb62-459e-9862-d78bef6da200; _sp_srt_ses.52c6=*; _sp_srt_id.52c6=f1321b2f-007b-4959-b303-19c68ffabad3.1663599847.1.1663599847.1663599847.5c1e7694-9327-43e5-a15b-dfc09fb5e3f2; _gid=GA1.2.514568752.1663599847; _gat_UA-207151463-1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.26.8.22
HTTP/2 200 OK
content-type: application/json
                                        
date: Mon, 19 Sep 2022 15:04:27 GMT
vary: Accept-Encoding
x-powered-by: PHP/7.4.29
cache-control: max-age=0, must-revalidate, private
expires: Mon, 19 Sep 2022 15:04:27 GMT
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oq%2FHYEg1w0xwIdmOM47D4fDFaRvtw6sIYTJRgzWyxV05vcN9rht4sMG1rraMJ3T%2B%2BE1zmcTRO1du%2BG9WwjBYDibsxsOKj8QsRz7SIOe%2BGsqJHWeWsU%2BNVa5MJ7zTjAD6fA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74d336c00dac0b39-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (11722), with no line terminators
Size:   2326
Md5:    99704db607ddd9a7359f4f4bef676e15
Sha1:   9510678816d9ecec54a6559556351680ef59358b
Sha256: 0c8e0fc7cfdce2f9ca48cedb9af6c8917992216966374bb28f71af3a9e61dc33
                                        
                                            GET /api/data/get-countries HTTP/1.1 
Host: platform.bizzocasino.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
client-timezone: UTC
Origin: https://bizzocasino.com
Connection: keep-alive
Referer: https://bizzocasino.com/
Cookie: _ga_89BGS3MKPL=GS1.1.1663599846.1.0.1663599846.0.0.0; _ga=GA1.2.763445415.1663599847; DV_TRACK=6a7e905c-eb62-459e-9862-d78bef6da200; _sp_srt_ses.52c6=*; _sp_srt_id.52c6=f1321b2f-007b-4959-b303-19c68ffabad3.1663599847.1.1663599847.1663599847.5c1e7694-9327-43e5-a15b-dfc09fb5e3f2; _gid=GA1.2.514568752.1663599847; _gat_UA-207151463-1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         104.26.8.22
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
                                        
date: Mon, 19 Sep 2022 15:04:27 GMT
vary: Accept-Encoding
x-powered-by: PHP/7.4.30
access-control-allow-origin: https://bizzocasino.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j1dnsOgCxeCPk72pVdRhh0ZzEU%2Bkv%2B0E1rskVra1OQ%2BOTk3DJaCh45kt6OvIFtr87e1DbR7kE%2FAFrpQP8Vxuf4yWu5w8%2B%2BHGU19e%2Fn20ge%2FJyM818XrBpXUzdGG3NpRF8Ut2SFJVab7Uow%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74d336c0dec40b39-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (65327), with no line terminators
Size:   4355
Md5:    ff33e571539e717f200cbe3a4c29803a
Sha1:   fc6ae99b7f446ec7512c2c16b356d27daf7542fb
Sha256: d53cf650a755fd90e083acf8fcc11f5b77bec29bd476da42e6d3095e3d34a2ca
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         143.204.42.156
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 19 Sep 2022 15:04:27 GMT
Last-Modified: Mon, 19 Sep 2022 13:39:20 GMT
Server: ECS (nyb/1D25)
X-Cache: Miss from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Q7AaStfdZIvZpEfxiz96kowjIEkYWhkwM_IJtrapbbbyoEG8nXbQrw==
Age: 5107

                                        
                                            POST /BizzoCasino/dcs/tagController/tagData/b00c73e99d55 HTTP/1.1 
Host: zz.connextra.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 41
Origin: https://bizzocasino.com
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.85.191.64
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-credentials: true
access-control-allow-origin: https://bizzocasino.com
vary: Origin
p3p: CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
content-length: 0
date: Mon, 19 Sep 2022 15:04:27 GMT
set-cookie: CxtId=66b8db8f-b868-406d-adf3-368d89886e66; Domain=.connextra.com; Expires=Wed, 18-Sep-2024 15:04:27 GMT; Path=/; Secure; SameSite=None BizzoCasino=P%7Chomepage%7C1%7C202209191604; Domain=.connextra.com; Expires=Tue, 19-Sep-2023 15:04:27 GMT; Path=/; Secure; HttpOnly; SameSite=None
X-Firefox-Spdy: h2

                                        
                                            GET /assets/bizzo-logo.svg HTTP/1.1 
Host: bizzocasino.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/tournaments/awesome-christmas-race
Cookie: _ga_89BGS3MKPL=GS1.1.1663599846.1.0.1663599846.0.0.0; _ga=GA1.2.763445415.1663599847; DV_TRACK=6a7e905c-eb62-459e-9862-d78bef6da200; _sp_srt_ses.52c6=*; _sp_srt_id.52c6=f1321b2f-007b-4959-b303-19c68ffabad3.1663599847.1.1663599847.1663599847.5c1e7694-9327-43e5-a15b-dfc09fb5e3f2; _gid=GA1.2.514568752.1663599847; _gat_UA-207151463-1=1; _cioanonid=d0df7266-335f-ce53-b9de-cf9db694e9f1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.26.8.22
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Mon, 19 Sep 2022 15:04:27 GMT
last-modified: Thu, 15 Sep 2022 08:45:35 GMT
vary: Accept-Encoding
etag: W/"6322e62f-6df1"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4699
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rlClmof8PapU%2FIq%2BZCXZgh2%2BW8xUS3fl3xfw%2F%2BkbHDomJGTJ5JPe%2FA8oQ7DGXU2uy2yBvaVf5IXDxn3p6e2o%2FCQsPEACtcuP%2BzTjfsAm7em3ioGklvSejM4xuNpA%2FIOK0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74d336c5ac520b39-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1635)
Size:   6990
Md5:    e5ddd2dad47846ed0bf8791c3c0e9c57
Sha1:   11d72dda6c1aa79c56a6f35d0433f6c9be4cf769
Sha256: 2f48896ca007e4798cfe2f848292e1a5fcd809a5a7db0ae2b6270a66e4af818e
                                        
                                            GET /events/page.gif?name=https%3A%2F%2Fbizzocasino.com%2Ftournaments%2Fawesome-christmas-race&data%5Bwidth%5D=1280&data%5Bheight%5D=939&c=&s=d0df7266-335f-ce53-b9de-cf9db694e9f1&site_id=9efc4c3b0cc60e451da4&timestamp=1663599848315 HTTP/1.1 
Host: track-eu.customer.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.129.162
HTTP/2 200 OK
content-type: image/gif
                                        
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
content-disposition: attachment
content-length: 35
content-transfer-encoding: binary
date: Mon, 19 Sep 2022 15:04:27 GMT
status: 200 OK
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   35
Md5:    28d6814f309ea289f847c69cf91194c6
Sha1:   0f4e929dd5bb2564f7ab9c76338e04e292a42ace
Sha256: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
                                        
                                            GET /54f396e0-b046-49b1-9cb3-0c69281d7ea9-beacon.png HTTP/1.1 
Host: c4457c89-e5ba-4d22-92e5-c2959310ee85.snippet.antillephone.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.111.125
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 68
date: Wed, 31 Aug 2022 05:55:39 GMT
last-modified: Tue, 15 Dec 2020 08:04:53 GMT
etag: "e679fbd466a2d656f194a5da4fa083cd"
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: dHMV1GmOoknr7c00QUfDt-_qvsCYcBzMcRCewJFBNjVQDOfXyzGg-A==
age: 1674529
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Size:   68
Md5:    e679fbd466a2d656f194a5da4fa083cd
Sha1:   2aa795c7607aa6ea41313be88f1b7a9c1ab516b3
Sha256: f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
                                        
                                            GET /assets/footer/footer-head.png HTTP/1.1 
Host: bizzocasino.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/tournaments/awesome-christmas-race
Cookie: _ga_89BGS3MKPL=GS1.1.1663599846.1.0.1663599846.0.0.0; _ga=GA1.2.763445415.1663599847; DV_TRACK=6a7e905c-eb62-459e-9862-d78bef6da200; _sp_srt_ses.52c6=*; _sp_srt_id.52c6=f1321b2f-007b-4959-b303-19c68ffabad3.1663599847.1.1663599847.1663599847.5c1e7694-9327-43e5-a15b-dfc09fb5e3f2; _gid=GA1.2.514568752.1663599847; _gat_UA-207151463-1=1; _cioanonid=d0df7266-335f-ce53-b9de-cf9db694e9f1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.26.8.22
HTTP/2 200 OK
content-type: image/png
                                        
date: Mon, 19 Sep 2022 15:04:27 GMT
content-length: 1716
last-modified: Thu, 15 Sep 2022 08:45:48 GMT
etag: "6322e63c-6b4"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4699
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rllYoOLH8LvUapzi1PZfDHfWmtDn2oQu6rxWTKd2g3RDx5bMy43n9gHgF2geT9NDkq0iYQ2LCq1PP0GLJ6W4m7r0tWD1QInu8EhTsWi6XLu%2BSvCfl01jNnsjNes0JrjscA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d336c61ccb0b39-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 88 x 30, 8-bit/color RGBA, non-interlaced\012- data
Size:   1716
Md5:    fc93928fb4619868fdd48ced90da63b4
Sha1:   2833e205cdc25a819a9fec774b67d7b55ce60874
Sha256: 6424b9d791c1c089ba2a5c71d0834b1d967407dacf2a13f3c1ad73f1c0c20c69
                                        
                                            GET /tracking.js HTTP/1.1 
Host: cdn.livechatinc.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.79.17
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
last-modified: Thu, 08 Sep 2022 10:40:48 GMT
etag: W/"007b32487b3fb040f15d1ea195bd2acb"
x-amz-version-id: _xG88gXidICys4xDpATfRKLYWxJ0cOXw
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-amz-cf-pop: HAM50-C2
x-amz-cf-id: XfFQEPhNJ8FEv87XGAfLjDCzthgq9RDoJGT0nCuA8EZGTXxwL48iww==
content-length: 25611
cache-control: max-age=28800
expires: Mon, 19 Sep 2022 23:04:27 GMT
date: Mon, 19 Sep 2022 15:04:27 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   25611
Md5:    a443118060061ab6e271ebe122464239
Sha1:   155d13a2aa3bd75fea5c2298e4678cb76c07b084
Sha256: b98138ab7050589277e5751d6a3818e726bbd106b9523f104e23bd3933bff04d
                                        
                                            OPTIONS /api/v2/casino/last-winners?limit=5&has_live=0 HTTP/1.1 
Host: platform.bizzocasino.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://bizzocasino.com/
Origin: https://bizzocasino.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         172.67.68.182
HTTP/2 204 No Content
                                        
date: Mon, 19 Sep 2022 15:04:27 GMT
access-control-allow-origin: https://bizzocasino.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HCNj9NO5v2uoyD0MU%2Fab%2F6UtgJic0%2BTL%2FGxAuE%2Fhh6MogCgjKlZIgXJGbzhtdFSGJ70BwEtMEa%2BtJTzSGSD49SlUR9iLQW4lHYBnZfTWUhjCNUbDMFY6DN%2Fib9%2Bj3cG%2BXtFHuBE9jOfSfw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74d336c62f181bfa-OSL
X-Firefox-Spdy: h2

                                        
                                            POST /s/gts1d4/SgecDA2qrw4 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 19 Sep 2022 15:04:27 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /getuidnb?https%3A//zz.connextra.com/sync/data/uid/3bc1d7fd2e/%24UID HTTP/1.1 
Host: secure.adnxs.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.89.210.141
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.21.3
Date: Mon, 19 Sep 2022 15:04:27 GMT
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 5b35d61b-e1dc-4de1-81f1-df3a4f5dff2c
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    592ebefc7104d681d57852665e9ad514
Sha1:   15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
Sha256: 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "A8DDBEE1B41557C2EBEEBF35345E6029F58BA2C0A72E7C391B6D2E9646E791D3"
Last-Modified: Sun, 18 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7085
Expires: Mon, 19 Sep 2022 17:02:32 GMT
Date: Mon, 19 Sep 2022 15:04:27 GMT
Connection: keep-alive

                                        
                                            GET /app/national-casino.43560e9be334e28bf33f.ttf?l1lc9r HTTP/1.1 
Host: bizzocasino.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/app/styles.362253d072705118.css
Cookie: _ga_89BGS3MKPL=GS1.1.1663599846.1.0.1663599846.0.0.0; _ga=GA1.2.763445415.1663599847; DV_TRACK=6a7e905c-eb62-459e-9862-d78bef6da200; _sp_srt_ses.52c6=*; _sp_srt_id.52c6=f1321b2f-007b-4959-b303-19c68ffabad3.1663599847.1.1663599847.1663599847.5c1e7694-9327-43e5-a15b-dfc09fb5e3f2; _gid=GA1.2.514568752.1663599847; _gat_UA-207151463-1=1; _cioanonid=d0df7266-335f-ce53-b9de-cf9db694e9f1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.26.8.22
HTTP/2 200 OK
content-type: application/octet-stream
                                        
date: Mon, 19 Sep 2022 15:04:27 GMT
content-length: 45520
last-modified: Thu, 15 Sep 2022 08:45:33 GMT
etag: "6322e62d-b1d0"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eM2ny89CnRaccAfUyrR6Y0jO9vZhGm6mEZq5XaR5IxAbrj8VnfwpmMYlZZnWqjEXyOdk47kmDEQhGMUuInGorsfvA6wWWIhhPQs%2FznEaWEMgC4giSVQ8pQ6i6dtnrnvFUA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d336c5ec960b39-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, national-casino\012- data
Size:   45520
Md5:    43560e9be334e28bf33fe43cfc88efc3
Sha1:   491d12bd3c88b681d4bcf3b83da0af7ca1aa723b
Sha256: 8a568d26f70a3f143c096bcb6fe5ce956cbf0683b6b0bc3fc7862149db5fdcc5
                                        
                                            GET /seg?add=30624960&t=1 HTTP/1.1 
Host: secure.adnxs.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.89.210.141
HTTP/1.1 307 Redirection
Content-Type: text/html; charset=utf-8
                                        
Server: nginx/1.21.3
Date: Mon, 19 Sep 2022 15:04:27 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D30624960%26t%3D1
AN-X-Request-Uuid: 8d5f00f1-2948-4f49-bedc-6a3ddb57fc05
Set-Cookie: uuid2=7056968088583127494; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 18-Dec-2022 15:04:27 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com

                                        
                                            OPTIONS /api/user/is-auth HTTP/1.1 
Host: platform.bizzocasino.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://bizzocasino.com/
Origin: https://bizzocasino.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         172.67.68.182
HTTP/2 204 No Content
                                        
date: Mon, 19 Sep 2022 15:04:27 GMT
access-control-allow-origin: https://bizzocasino.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P16IM4twUQfQVCQ%2FlTchLa%2BZ9AbMqiNXX9zKu8%2FwnTYXN0zyKcVEA4E2%2BEzV3nJEBk8MciMZBY7NW9bxWK0vWvsvs%2FlYts6p57Vi4AbFY%2FrJgcWvo6d8bKT%2BAYaOd1JdzFfv%2BaJzvYvHvw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74d336c6cf991bfa-OSL
X-Firefox-Spdy: h2

                                        
                                            GET /bounce?%2Fseg%3Fadd%3D30624960%26t%3D1 HTTP/1.1 
Host: secure.adnxs.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bizzocasino.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.89.210.141
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Server: nginx/1.21.3
Date: Mon, 19 Sep 2022 15:04:27 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: ab854e5d-9e8c-43b5-a793-9173f983f926
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2Iljsw_]2!]tbP6j2F-XstGt!@Db*$k_nI; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 18-Dec-2022 15:04:27 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com

                                        
                                            OPTIONS /api/v2/bonuses/tournaments/last-multiple?frontendIdentifiers%5B%5D=everyday-christmas-race&frontendIdentifiers%5B%5D=big-christmas-race&getPrevious=true&maxDepth=1&maxTopPlayers=1000&getTop=true&lang=en HTTP/1.1 
Host: platform.bizzocasino.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://bizzocasino.com/
Origin: https://bizzocasino.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         172.67.68.182
HTTP/2 204 No Content
                                        
date: Mon, 19 Sep 2022 15:04:28 GMT
access-control-allow-origin: https://bizzocasino.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GbEcZcIkVf5uoxU0tXyt1yIu3VjDBkIcsHNYnfkVEbz0uNgmmWaXPjCOEELjKC%2FiOPIN47tbKAe14f3U2AAEFSQ2vzwvsM3OaUkL5avLNegIcP%2BMkEm9Id25sDCqabiUMMh5XzoNfaR3tw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74d336c6efae1bfa-OSL
X-Firefox-Spdy: h2

                                        
                                            GET /assets/placeholders/games/190x190.png HTTP/1.1 
Host: bizzocasino.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/tournaments/awesome-christmas-race
Cookie: _ga_89BGS3MKPL=GS1.1.1663599846.1.0.1663599846.0.0.0; _ga=GA1.2.763445415.1663599847; DV_TRACK=6a7e905c-eb62-459e-9862-d78bef6da200; _sp_srt_ses.52c6=*; _sp_srt_id.52c6=f1321b2f-007b-4959-b303-19c68ffabad3.1663599847.1.1663599847.1663599847.5c1e7694-9327-43e5-a15b-dfc09fb5e3f2; _gid=GA1.2.514568752.1663599847; _gat_UA-207151463-1=1; _cioanonid=d0df7266-335f-ce53-b9de-cf9db694e9f1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.26.8.22
HTTP/2 200 OK
content-type: image/png
                                        
date: Mon, 19 Sep 2022 15:04:28 GMT
content-length: 7227
last-modified: Thu, 15 Sep 2022 08:45:44 GMT
etag: "6322e638-1c3b"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3345
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2lCmsg%2FJlxjLkxTx7FnN4HPRBxP6PVRiSlvL%2B2CQZKxD5VpZzqsRPA4e%2FWfx3Kg6njlJciBu7Kioj4kvA7jbmD2W6vFq6eVGy%2FVRF5eai3wDQbZQNQ1OriL5IEhEH%2FF8RA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d336c72df10b39-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 190 x 190, 8-bit/color RGBA, non-interlaced\012- data
Size:   7227
Md5:    3e97a9b923d7436191e29f37e75a0c65
Sha1:   c3b209a37a0f9cf9ff9f4915398e5899addb7553
Sha256: 8bc932d63f9c4bdb4cdc070fbbe4a0f598ba35d9dc3b950f6a461afbde95eb73
                                        
                                            GET /api/v2/casino/last-winners?limit=5&has_live=0 HTTP/1.1 
Host: platform.bizzocasino.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
client-timezone: UTC
Origin: https://bizzocasino.com
Connection: keep-alive
Referer: https://bizzocasino.com/
Cookie: _ga_89BGS3MKPL=GS1.1.1663599846.1.0.1663599846.0.0.0; _ga=GA1.2.763445415.1663599847; DV_TRACK=6a7e905c-eb62-459e-9862-d78bef6da200; _sp_srt_ses.52c6=*; _sp_srt_id.52c6=f1321b2f-007b-4959-b303-19c68ffabad3.1663599847.1.1663599847.1663599847.5c1e7694-9327-43e5-a15b-dfc09fb5e3f2; _gid=GA1.2.514568752.1663599847; _gat_UA-207151463-1=1; _cioanonid=d0df7266-335f-ce53-b9de-cf9db694e9f1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         104.26.8.22
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
                                        
date: Mon, 19 Sep 2022 15:04:28 GMT
vary: Accept-Encoding
x-powered-by: PHP/7.4.30
access-control-allow-origin: https://bizzocasino.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0tXvB8shognyycPDQdBYp7h9nddg%2FWUe2rrthpwkIlfqxcZ1BuvIxy%2BHwMk44Q7qWEQnBvqu8Nrn1gRBGkA4MmVNfXJoTQhndA3H5bRnSQyxlZwlBWn1oYcBme8FmmUVXeiOIdgaoAp7%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74d336c66d130b39-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (1711), with no line terminators
Size:   20281
Md5:    917073545ef8b2aee1579c2d59a699c3
Sha1:   aaa84e258b02c2e79e47a4f35c902130c6883676
Sha256: 12e7397b881a8e26576b22ba778cb1507eb285654e07dff5b7f33b543afa94bd
                                        
                                            GET /i/s4/pragmaticexternal/MadameDestinyMegaways1.webp HTTP/1.1 
Host: cdn.softswiss.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.115.131
HTTP/2 200 OK
content-type: image/webp
                                        
date: Mon, 19 Sep 2022 15:04:28 GMT
content-length: 18966
last-modified: Mon, 25 Jan 2021 11:40:02 GMT
etag: "600eae12-4a16"
expires: Tue, 20 Sep 2022 13:23:30 GMT
cache-control: max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 2798
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d336c75865b4f3-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 190x190, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   18966
Md5:    eac2055caeba532911202863911b3b1a
Sha1:   af857ac74e1b5c03398384bcffc16bf97d6b6059
Sha256: 13ad47c01c17c294369f3255ad36548e93803fca0f32d64aaf0fb7094ea61865
                                        
                                            GET /i/s4/pragmaticexternal/WolfGold.webp HTTP/1.1 
Host: cdn.softswiss.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.115.131
HTTP/2 200 OK
content-type: image/webp
                                        
date: Mon, 19 Sep 2022 15:04:28 GMT
content-length: 8428
last-modified: Tue, 05 May 2020 09:35:16 GMT
etag: "5eb13354-20ec"
expires: Mon, 19 Sep 2022 13:06:12 GMT
cache-control: max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 84169
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d336c76868b4f3-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 190x190, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   8428
Md5:    b363f4ca80de180d6f1e41baa6178ea1
Sha1:   7cf150811bfb533cbffb261534e3abdae8eb673d
Sha256: d024c2ffcef06b5520744e53fc7a6ba61442913e3d4739050c4af90e16c3b2e7
                                        
                                            POST /api/9/store/?sentry_key=913196a6014545bda28200a38ba9826a&sentry_version=7 HTTP/1.1 
Host: sentry.softlabs.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bizzocasino.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://bizzocasino.com
Content-Length: 2986
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.71.55
HTTP/2 200 OK
content-type: application/json
                                        
date: Mon, 19 Sep 2022 15:04:28 GMT
content-length: 41
access-control-allow-origin: https://bizzocasino.com
access-control-expose-headers: retry-after, x-sentry-rate-limits, x-sentry-error
vary: Origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LKSIE9NtixIdJEPJ%2FuVpUfEEVs8x7YUd2sTO0%2BVpJu0v5SwrkdM1oOxt9QhcLb5vR488kPpXRiCDd6Ov0y1eqh1GXTAY90EHlxB4NNRq3jtPhhPMPpHEBcqIBXfDj3cbn2nEFLY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74d336c6ab7b0b4d-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   41
Md5:    a61f63747f673d37fcaa3789ad6932a1
Sha1:   f3f98ee63064ca33e60ddb4d4c5389509d653aa9
Sha256: 0d524a590b06aed8a0516f9a27323e6888d70052b29542191a2e270a09133bdd
                                        
                                            GET /v3.3/customer/action/get_dynamic_configuration?license_id=9054575&url=https%3A%2F%2Fbizzocasino.com%2Ftournaments%2Fawesome-christmas-race&channel_type=code&jsonp=__o9h5kr339w HTTP/1.1 
Host: api.livechatinc.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.17
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
content-security-policy: frame-ancestors https://bizzocasino.com/;
legacy: 2023-06-30
vary: Accept-Encoding
x-frame-options: allow-from https://bizzocasino.com/
content-length: 624
date: Mon, 19 Sep 2022 15:04:28 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (624), with no line terminators
Size:   624
Md5:    195a026e9fc6999edaa495848dd9237a
Sha1:   41907ca476397cf56fb85f69d0ff45fb4f84673d
Sha256: 98adb641a9a3c8cfbcd55b34f16d5f3dd7e956af039dcf5ba93da412c6ce3f36
                                        
                                            GET /assets/tournaments/christmas-banner-bg.webp HTTP/1.1 
Host: bizzocasino.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/tournaments/awesome-christmas-race
Cookie: _ga_89BGS3MKPL=GS1.1.1663599846.1.0.1663599846.0.0.0; _ga=GA1.2.763445415.1663599847; DV_TRACK=6a7e905c-eb62-459e-9862-d78bef6da200; _sp_srt_ses.52c6=*; _sp_srt_id.52c6=f1321b2f-007b-4959-b303-19c68ffabad3.1663599847.1.1663599847.1663599847.5c1e7694-9327-43e5-a15b-dfc09fb5e3f2; _gid=GA1.2.514568752.1663599847; _gat_UA-207151463-1=1; _cioanonid=d0df7266-335f-ce53-b9de-cf9db694e9f1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.26.8.22
HTTP/2 200 OK
content-type: image/webp
                                        
date: Mon, 19 Sep 2022 15:04:28 GMT
content-length: 192124
last-modified: Thu, 15 Sep 2022 08:45:44 GMT
etag: "6322e638-2ee7c"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NLP5I4Yce0akx66pb%2BbYnUMeu2c4stFod%2Fg6hOoivblukFIpNNNAkulzdLcE96aGR0KUQ77g0IEvyNdY2%2FL6omChcYqg%2FzOwY28s09t0aOfNJxGBMJXYsSNU4ileYKBWFw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d336c6cd7c0b39-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   192124
Md5:    1daf2f256ba30582ec88331f93a6747e
Sha1:   d8572a01a9e0d8016e36ee8373b41abe2ca5273b
Sha256: f9609c1bc02dc7168c5a5617eb91b590981d15d3f8c86627f4245060439debcf
                                        
                                            GET /assets/tournaments/christmas-results-image.webp HTTP/1.1 
Host: bizzocasino.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/tournaments/awesome-christmas-race
Cookie: _ga_89BGS3MKPL=GS1.1.1663599846.1.0.1663599846.0.0.0; _ga=GA1.2.763445415.1663599847; DV_TRACK=6a7e905c-eb62-459e-9862-d78bef6da200; _sp_srt_ses.52c6=*; _sp_srt_id.52c6=f1321b2f-007b-4959-b303-19c68ffabad3.1663599847.1.1663599847.1663599847.5c1e7694-9327-43e5-a15b-dfc09fb5e3f2; _gid=GA1.2.514568752.1663599847; _gat_UA-207151463-1=1; _cioanonid=d0df7266-335f-ce53-b9de-cf9db694e9f1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.26.8.22
HTTP/2 200 OK
content-type: image/webp
                                        
date: Mon, 19 Sep 2022 15:04:28 GMT
content-length: 66302
last-modified: Thu, 15 Sep 2022 08:45:40 GMT
etag: "6322e634-102fe"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b2TY2W4LLf0qnMiKVZbC82GM07VrLBBj5nKEh%2BFDZm9ELLhGfgUML81TBLRuKuD8%2FJrfUcWf80py%2FCT2JvhMlL2t73BuTgBTwLu5wInMmiw%2BEq381ghVYIZyMFP6gei64w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d336c6bd700b39-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   66302
Md5:    1b2925338bb5e51c848bacb45f358f61
Sha1:   7139eff6f29dc93b8bf497799c4565343c428580
Sha256: 93b9c0cfd74858681bd4f27755c3f3f089aed83cbed51ee3be9488f510fe8b00
                                        
                                            GET /v3.3/customer/action/get_configuration?license_id=9054575&version=298265.12.12.41670.1209.1285.266.16.3.3.3.244&group_id=46&jsonp=__lc_static_config HTTP/1.1 
Host: api.livechatinc.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.17
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
content-encoding: gzip
legacy: 2023-06-30
vary: Accept-Encoding
content-length: 1354
cache-control: public, max-age=600
expires: Mon, 19 Sep 2022 15:14:28 GMT
date: Mon, 19 Sep 2022 15:04:28 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3892), with no line terminators
Size:   1354
Md5:    ae62c64732f73730ec3ea672a94145d2
Sha1:   b6e426c87a015656d9a074d529bb8f41d3e35d7e
Sha256: 1996c30db1e304144b9e101b00680fc1150ecec57ed9a6f2a1a4f312513108a8
                                        
                                            GET /v3.3/customer/action/get_localization?license_id=9054575&version=ff93808ef52c6dd040640c4853b854bd&language=en&group_id=46&jsonp=__lc_localization HTTP/1.1 
Host: api.livechatinc.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.17
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
content-encoding: gzip
legacy: 2023-06-30
vary: Accept-Encoding
cache-control: public, max-age=600
expires: Mon, 19 Sep 2022 15:14:28 GMT
date: Mon, 19 Sep 2022 15:04:28 GMT
content-length: 3776
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (10855), with no line terminators
Size:   3776
Md5:    90496f5489197d6329e4a1724baac913
Sha1:   b05f8c26e827877f2e5930e1af0b8145fa45a307
Sha256: b08b6783533f02ddfe54df4f74a25700b2d7a889ecec51f1da2f7f5b58b0a269
                                        
                                            GET /customer/action/open_chat?license_id=9054575&group=46&embedded=1&widget_version=3&unique_groups=0 HTTP/1.1 
Host: secure.livechatinc.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.17
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
content-encoding: gzip
vary: Accept-Encoding
content-length: 1968
date: Mon, 19 Sep 2022 15:04:28 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4424), with no line terminators
Size:   1968
Md5:    6975fc9733be12516047d02256294684
Sha1:   d7d3d381d40b2fc3004bb3d1efbd9b54824466b4
Sha256: 4b673d4636d0081533e90b9bf9a9217d1405207d271aaeced82f90e59a3845d8
                                        
                                            GET /widget/static/js/0.96a16c18.chunk.js HTTP/1.1 
Host: cdn.livechatinc.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         23.36.79.17
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
last-modified: Wed, 07 Sep 2022 12:23:44 GMT
etag: W/"6a835528d087d08b1f0fe0642cb6d223"
x-amz-version-id: D3auGCHl.1EBD8fIsGg0TVEJ4vGgzVLu
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-amz-cf-pop: AMS54-C1
x-amz-cf-id: 2Z3Jj0ChNSBBVMOnJi6CzXCHxdv4j89b_Ig-RZcY8UGtT5nFkSAmPg==
content-length: 69542
cache-control: max-age=31536000
expires: Tue, 19 Sep 2023 15:04:28 GMT
date: Mon, 19 Sep 2022 15:04:28 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65462)
Size:   69542
Md5:    4e94f8d92e0b5b5d837c91a71518ae93
Sha1:   3a901f88735fe470d89fabae6f6da1bd6ef57370
Sha256: ad40d01aa34c47aa7e9bc7bf52adc65074e90e7ea81a3646ee536b79a278be8c
                                        
                                            GET /widget/static/js/2.ae17a60b.chunk.js HTTP/1.1 
Host: cdn.livechatinc.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         23.36.79.17
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
last-modified: Thu, 08 Sep 2022 10:40:49 GMT
x-amz-version-id: bpU.37FnIOPFeqPnyYN2_ycnjcD2Lb3N
server: AmazonS3
content-encoding: br
etag: W/"e6fe58bbd66bcb579db091bb3857594b"
vary: Accept-Encoding
x-amz-cf-pop: AMS54-C1
x-amz-cf-id: fUoYfoKRf_-mHPxNenC1mgk_IOQLtReBv2PlWcsF8yQyKpu_289HCA==
content-length: 94203
cache-control: max-age=31536000
expires: Tue, 19 Sep 2023 15:04:28 GMT
date: Mon, 19 Sep 2022 15:04:28 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65462)
Size:   94203
Md5:    abe670f887a53cd14952f83930b4e64c
Sha1:   0782b5828efbdc2aab89de12ce7b15d9d5ef9618
Sha256: 03325c5d00828b3c704161dc3264869027f126cd4ce8ed94bc8809b310174a36
                                        
                                            GET /logos/payments/ecopayz.webp HTTP/1.1 
Host: d2i76d1bskcqlp.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.245.154
HTTP/2 200 OK
content-type: image/webp
                                        
content-length: 11298
last-modified: Fri, 25 Feb 2022 06:27:12 GMT
accept-ranges: bytes
server: AmazonS3
date: Sun, 18 Sep 2022 20:00:03 GMT
etag: "655fa02c6cfd48264806295ab9c2f3dc"
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 4TFYjrIR7T4z41Dgeg9oocRqfwuvobJuMt9ZAle7io0asM88bLfSuQ==
age: 68666
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   11298
Md5:    655fa02c6cfd48264806295ab9c2f3dc
Sha1:   c4abba9520932ed352a85b34fd59a3a6978cfd22
Sha256: 29bd5b67b49f82e8b22afb6502cce95d9972f580406ed3cabc58498e762831fe
                                        
                                            GET /logos/payments/jeton.webp HTTP/1.1 
Host: d2i76d1bskcqlp.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.245.154
HTTP/2 200 OK
content-type: image/webp
                                        
content-length: 5878
last-modified: Fri, 25 Feb 2022 06:27:12 GMT
accept-ranges: bytes
server: AmazonS3
date: Sun, 18 Sep 2022 20:00:03 GMT
etag: "5b322abc074e92690294cbc4c91e7367"
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ELg8o_Okb9uKN0cgymK4WM7Je23n__fcPv6SQPJDR2atm3k9XZx2HQ==
age: 68666
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   5878
Md5:    5b322abc074e92690294cbc4c91e7367
Sha1:   2eec25886d1b942709730e2ad20bf4175ac5a670
Sha256: 1b0d4b8ad5f4e4a48a81be2d13a2649d6b3c7cd41a501744c2525567d0d0bab8
                                        
                                            GET /api/user/is-auth HTTP/1.1 
Host: platform.bizzocasino.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
client-timezone: UTC
Origin: https://bizzocasino.com
Connection: keep-alive
Referer: https://bizzocasino.com/
Cookie: _ga_89BGS3MKPL=GS1.1.1663599846.1.0.1663599846.0.0.0; _ga=GA1.2.763445415.1663599847; DV_TRACK=6a7e905c-eb62-459e-9862-d78bef6da200; _sp_srt_ses.52c6=*; _sp_srt_id.52c6=f1321b2f-007b-4959-b303-19c68ffabad3.1663599847.1.1663599847.1663599847.5c1e7694-9327-43e5-a15b-dfc09fb5e3f2; _gid=GA1.2.514568752.1663599847; _gat_UA-207151463-1=1; _cioanonid=d0df7266-335f-ce53-b9de-cf9db694e9f1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         104.26.8.22
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
                                        
date: Mon, 19 Sep 2022 15:04:28 GMT
vary: Accept-Encoding
x-powered-by: PHP/7.4.30
access-control-allow-origin: https://bizzocasino.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=beJ6rdHtpQkHBcyK%2BUwjIBaOCCZXWdLtvsedY%2BJNn5%2FrvqSXylaJmXd92hgicqhtcuXUajrSdPTbnPtU9T2Gt2XxYOmKHcb9aT1uBtwD9rVMsMFN25RqyVmFp980Fbp9Cwuiwv5IpTDn5A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74d336c6fdb40b39-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   2101
Md5:    6bd8abcdce56d9e0465e9746f350e20c
Sha1:   11ba2615897f1b3e72d0ba0d824b8526bdd6826d
Sha256: e5f34d6716c021b27751baa1a5d5d5751511437239938670c8c2eaeaf1d03348
                                        
                                            GET /flags/gb.svg HTTP/1.1 
Host: d2i76d1bskcqlp.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.245.154
HTTP/2 200 OK
content-type: image/svg+xml
                                        
content-length: 538
date: Sun, 18 Sep 2022 18:53:19 GMT
last-modified: Wed, 29 Sep 2021 07:35:06 GMT
etag: "d3ddd6025a06a78535b0d432d14905bf"
x-amz-meta-sha256: 825310f9bcc8892559317bfc87fc28d5d7bad06c02d562b5740aafcf4b040803
x-amz-meta-s3b-last-modified: 20210929T073222Z
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: VVA2LM_xdy5YLNH7hV2In_FunINL5x3uFMsrxcUGijX4QK1vppWRfw==
age: 72670
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text
Size:   538
Md5:    d3ddd6025a06a78535b0d432d14905bf
Sha1:   2b5148a18b90f933e47bf895c26d61a52d21d9d8
Sha256: 825310f9bcc8892559317bfc87fc28d5d7bad06c02d562b5740aafcf4b040803
                                        
                                            GET /logos/payments/perfectmoney.webp HTTP/1.1 
Host: d2i76d1bskcqlp.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.245.154
HTTP/2 200 OK
content-type: image/webp
                                        
content-length: 9200
last-modified: Fri, 25 Feb 2022 06:27:12 GMT
accept-ranges: bytes
server: AmazonS3
date: Sun, 18 Sep 2022 20:00:03 GMT
etag: "7bdbb0621ba893bb559e51169543deb5"
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ApsnexI4uqiTHWmHcfPxrNL0t6fRJM86i7hnBgJQQlSVsbx_GsmB1w==
age: 68666
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   9200
Md5:    7bdbb0621ba893bb559e51169543deb5
Sha1:   a8579c46d6a94a2c89f2c489da5228cc51fe5ab5
Sha256: 764bc6ff2e5e83dd93def92c7acfb0c1ccd094c0231bc0adab4e52dc0fbbf136
                                        
                                            GET /logos/payments/cryptocurrency.webp HTTP/1.1 
Host: d2i76d1bskcqlp.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.245.154
HTTP/2 200 OK
content-type: image/webp
                                        
content-length: 5348
last-modified: Fri, 25 Feb 2022 06:27:12 GMT
accept-ranges: bytes
server: AmazonS3
date: Sun, 18 Sep 2022 20:00:03 GMT
etag: "4923661fefdfbe670be68a25329912eb"
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: zqLmrJ-wx9pJe_VrIf9vixvCTWHnZ2_cN1kJf7D3CIwKoMZkxT8rjw==
age: 68666
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   5348
Md5:    4923661fefdfbe670be68a25329912eb
Sha1:   6ad90e59a44ea11896e12fb1b9832e9c7088c780
Sha256: 53eeb9d95673ea2018aa9a7033846d58c7592a0d068ba5778033e167f9e33361
                                        
                                            GET /logos/payments/visa.webp HTTP/1.1 
Host: d2i76d1bskcqlp.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.245.154
HTTP/2 200 OK
content-type: image/webp
                                        
content-length: 6550
last-modified: Fri, 25 Feb 2022 06:27:12 GMT
accept-ranges: bytes
server: AmazonS3
date: Sun, 18 Sep 2022 20:00:03 GMT
etag: "ee2fad6bac293e4ca7ab69e783d4e2cd"
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: NNYeqSWh0CZJM27Q1ScWXvuiAkcILFraL00bmVDxwaThFxlxzO-mSw==
age: 68666
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   6550
Md5:    ee2fad6bac293e4ca7ab69e783d4e2cd
Sha1:   f11c25ce6201ed8431bf370ba8163a8b96a629ea
Sha256: 75e10393bb2bf4d84cf86b733f85db33b66e7bf6e2538dc601d8772d2bfcad87
                                        
                                            GET /logos/payments/dinners_discover.webp HTTP/1.1 
Host: d2i76d1bskcqlp.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.245.154
HTTP/2 200 OK
content-type: image/webp
                                        
content-length: 4926
last-modified: Fri, 25 Feb 2022 06:27:12 GMT
accept-ranges: bytes
server: AmazonS3
date: Sun, 18 Sep 2022 20:00:03 GMT
etag: "6ea8d660b5467827c912554aabe647d5"
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 4fUpsNfFYZELj8mc06mcC6DGFwqdcNwtzoHrvXSDjT5Lqig24eZ1NA==
age: 68666
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   4926
Md5:    6ea8d660b5467827c912554aabe647d5
Sha1:   4570f9ecbcb61f9a2c44cd16ab737fb0e2b4cebd
Sha256: 2221037740fca246343805287f1d37d254f7942155f6b4c8572ac553f1bad5c6
                                        
                                            GET /logos/payments/mastercard.webp HTTP/1.1 
Host: d2i76d1bskcqlp.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.245.154
HTTP/2 200 OK
content-type: image/webp