Report - walter-larence.com/54b9601c-08a1-449d-bb9f-8b82c27d7369

Report Overview

Submitted URL
walter-larence.com/54b9601c-08a1-449d-bb9f-8b82c27d7369
IP
18.193.146.82
ASN
#16509 AMAZON-02
Submitted
2023-02-04 14:12:05
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
assets.palms.bet	unknown	2018-01-03T17:14:54Z	2023-03-12T20:54:11Z	410 B	366 kB	188.114.97.1
track.adform.net	3564	2012-05-21T09:01:21Z	2023-03-13T05:52:36Z	1.1 kB	1.9 kB	37.157.5.141
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	8.0 kB	20 kB	216.58.211.3
adservice.google.no	96969	2018-06-20T01:38:38Z	2023-03-13T05:09:46Z	729 B	724 B	142.250.74.66
region1.google-analytics.com	unknown	2022-03-17T12:26:33Z	2023-03-13T05:09:18Z	960 B	447 B	216.239.32.36
ocsp.sectigo.com	487	2019-11-29T12:50:24Z	2023-03-13T08:22:43Z	680 B	1.9 kB	172.64.155.188
stream-683.optimove.net	unknown	2021-12-31T14:43:00Z	2023-03-13T07:57:08Z	1.5 kB	2.3 kB	107.154.132.121
www.facebook.com	99	2012-05-21T02:23:41Z	2021-02-04T00:31:35Z	758 B	349 B	31.13.72.36
click.trafficguard.ai	106951	2018-06-28T07:43:23Z	2023-03-12T20:54:11Z	787 B	1.6 kB	35.201.93.108
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-13T07:36:03Z	373 B	21 kB	142.250.74.14
connect.facebook.net	139	2012-05-22T04:51:28Z	2023-03-13T05:09:29Z	374 B	29 kB	157.240.205.11
s2.adform.net	4693	2013-04-18T13:49:52Z	2023-03-13T06:09:05Z	388 B	47 kB	37.157.6.234
www.google.no	25607	2016-04-05T21:50:59Z	2023-03-13T06:26:15Z	516 B	578 B	142.250.74.163
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-13T08:28:24Z	382 B	74 kB	142.250.74.168
stats.g.doubleclick.net	96	2013-06-10T22:21:11Z	2023-03-13T08:02:41Z	607 B	595 B	64.233.165.156
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	54.148.70.121
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-13T08:14:31Z	419 B	247 kB	142.250.74.74
api.trafficguard.ai	35142	2019-03-12T09:50:04Z	2023-03-13T08:37:11Z	521 B	1.1 kB	34.120.121.20
walter-larence.com	208176	2019-03-30T11:22:48Z	2023-03-13T05:45:12Z	386 B	872 B	18.193.146.82
512974245.fls.doubleclick.net	unknown	2020-07-23T16:36:39Z	2023-03-13T07:57:06Z	736 B	1.1 kB	142.250.74.70
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	59 kB	34.120.237.76
sdkuaservice.optimove.net	38822	2018-09-05T11:30:45Z	2023-03-13T07:57:08Z	455 B	615 B	34.102.240.186
realtime-683.optimove.net	unknown	2021-12-31T14:43:03Z	2023-03-13T07:57:08Z	1.1 kB	1.5 kB	107.154.132.121
support.palmsbet.com	390324	2021-07-14T14:00:22Z	2023-03-13T06:38:58Z	613 B	8.3 kB	78.128.60.140
adservice.google.com	76	2021-02-20T17:10:48Z	2023-03-13T08:49:52Z	739 B	876 B	172.217.21.162
sdk-cdn.optimove.net	23584	2017-10-25T13:31:56Z	2023-03-13T07:57:08Z	815 B	46 kB	35.201.79.141
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-13T08:44:36Z	2.4 kB	66 kB	142.250.74.35
www.palmsbet.com	205486	2019-05-01T02:44:30Z	2023-03-13T05:56:57Z	580 B	956 B	172.67.75.149
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	3.4 kB	8.9 kB	23.36.77.32
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-13T06:00:13Z	2.4 kB	26 kB	93.184.220.29
tgtag.io	35595	2020-03-11T14:37:01Z	2023-03-13T08:09:44Z	370 B	33 kB	34.120.230.83

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-02-04	medium	walter-larence.com/54b9601c-08a1-449d-bb9f-8b82c27d7369	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (28)

	URL	Size	First Seen	Last Seen
	www.palmsbet.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1675512000	40 kB	2023-03-13	2023-03-13
Pretty URL www.palmsbet.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1675512000 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:48:10 Last Seen2023-03-13 16:48:10 Times Seen1 Hash 8977b109aa7cf4a5e27ca8e08d8490e8 227fa9a8a200f50989e31742a4ad6dce7a8f2560 07ab20c317bd5375ef54a24600b337f9624057ddf1a5087bebe67157b72473f4 Loading...

	www.palmsbet.com/bg/pages/wheel-lending/?marketingCode=PB-0115&tgclid=0a010046-bba3-4412-8800-05bb63de67aa	486 B	2023-03-07	2023-09-17
Pretty URL www.palmsbet.com/bg/pages/wheel-lending/?marketingCode=PB-0115&tgclid=0a010046-bba3-4412-8800-05bb63de67aa IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59:42 Last Seen2023-09-17 09:14:05 Times Seen102 Hash 4bf0aa2f78f73e506c9c41e11b2ed668 765f0150868fd4bf93e9dd5aa08120deea76d17f fed9a303461e7fb3eb2dcdd78d767d0e1a2b74269040d3600801a8ee48430df1 Loading...

	sdk-cdn.optimove.net/websdk/sdk-v2.0.js	49 kB	2023-03-13	2023-05-18
Pretty URL sdk-cdn.optimove.net/websdk/sdk-v2.0.js IP 35.201.79.141 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 10:20:09 Last Seen2023-05-18 15:24:55 Times Seen114 Hash 6534dac28bf363e64fbe3c20f01e1ef5 97f931db60a53efe35467db26cd0cf19a0ef794b 492ade39fca6ef3911968569dc4d962f3d3e880210259da57d9e2ee5d9b449b7 Loading...

	connect.facebook.net/signals/config/1297212827064514?v=2.9.95&r=stable	387 kB	2023-03-13	2023-04-19
Pretty URL connect.facebook.net/signals/config/1297212827064514?v=2.9.95&r=stable IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:26:34 Last Seen2023-04-19 19:56:29 Times Seen51 Hash 46346d14732c61b8459d90ef1c171114 c8212463a7c51dd5290ed9e6dbeb7a090258c834 2fcbd1fb6717d328cb599e22e8b60114c4a197b3d18198972a5ecc47a815826a Loading...

	track.adform.net/Serving/TrackPoint/?pm=2130909&ADFPageName=WebsiteName%7CSectionName%7CSubSection%7CPageName&ADFdivider=%7C&ord=672649745319&ADFtpmode=2&loc=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fwheel-lending%2F%3FmarketingCode%3DPB-0115%26tgclid%3D0a010046-bba3-4412-8800-05bb63de67aa&CPref=https%3A%2F%2Fwww.palmsbet.com%2F&Set1=en-US%7Cen-US%7C1280x1024%7C24	143 B	2023-03-07	2023-04-05
Pretty URL track.adform.net/Serving/TrackPoint/?pm=2130909&ADFPageName=WebsiteName%7CSectionName%7CSubSection%7CPageName&ADFdivider=%7C&ord=672649745319&ADFtpmode=2&loc=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fwheel-lending%2F%3FmarketingCode%3DPB-0115%26tgclid%3D0a010046-bba3-4412-8800-05bb63de67aa&CPref=https%3A%2F%2Fwww.palmsbet.com%2F&Set1=en-US%7Cen-US%7C1280x1024%7C24 IP 37.157.5.141 ASN #198622 Adform A/S Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59:42 Last Seen2023-04-05 01:52:35 Times Seen29 Hash ac85d2c997b3f5e1e7ef149366314ae6 0dc97a787c9e8cc8a20fa1ceacc3cad6c1813117 2cb28c9975c6810c04af98601f68a5464fe4929be832e4ba3866e367777155eb Loading...

	www.palmsbet.com/bg/pages/wheel-lending/?marketingCode=PB-0115&tgclid=0a010046-bba3-4412-8800-05bb63de67aa	831 B	2023-03-07	2023-09-17
Pretty URL www.palmsbet.com/bg/pages/wheel-lending/?marketingCode=PB-0115&tgclid=0a010046-bba3-4412-8800-05bb63de67aa IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59:42 Last Seen2023-09-17 09:14:05 Times Seen106 Hash 560bac8e455828b0dc18867c6cd9da8b e2a4b0d6a4311c0e34e6233fc6b19b31e5f3172e 3ed5000e5dd3b1a4c8b0da26e131122d6cf65cf1b5ca3f0fb68f85923b512caa Loading...

	www.palmsbet.com/bg/pages/wheel-lending/?marketingCode=PB-0115&tgclid=0a010046-bba3-4412-8800-05bb63de67aa	1.4 kB	2023-03-13	2023-03-26
Pretty URL www.palmsbet.com/bg/pages/wheel-lending/?marketingCode=PB-0115&tgclid=0a010046-bba3-4412-8800-05bb63de67aa IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 02:23:35 Last Seen2023-03-26 06:18:12 Times Seen4 Hash a0dc5bd2834e45d39143d7d007bab573 2b09a543109db73695e26eacff636a3bad82afd1 fc3dd708c92bb33701dfbd95984cdd3883dcbed0e8afb034e98f0a3090b3fd24 Loading...

	www.palmsbet.com/bg/pages/wheel-lending/?marketingCode=PB-0115&tgclid=0a010046-bba3-4412-8800-05bb63de67aa	482 B	2023-03-07	2023-09-17
Pretty URL www.palmsbet.com/bg/pages/wheel-lending/?marketingCode=PB-0115&tgclid=0a010046-bba3-4412-8800-05bb63de67aa IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59:42 Last Seen2023-09-17 09:14:05 Times Seen102 Hash fe73caa22b8f6c03742a7ffc028a58ff e60417d12e8953b2b85256bcafa881297160fe36 17bc2ec491a3a53968625e018de6dfb9d3d96c441ce67578c843383f1aeafe6c Loading...

	track.adform.net/serving/scripts/trackpoint/async/	80 kB	2023-03-08	2023-08-22
Pretty URL track.adform.net/serving/scripts/trackpoint/async/ IP 37.157.5.141 ASN #198622 Adform A/S Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:31:25 Last Seen2023-08-22 11:18:40 Times Seen317 Hash 83eb5fafaa212c785f7393188ff817aa b5a60e05523c4f55e93610169b2c6da627553fc6 45d4d6fe0a9cae467c6d81caef5edd008c13b70ba403979f979fb86d400378c7 Loading...

	www.palmsbet.com/scripts/banner-default.js?v=960.1.1?v=1675519952918	9.7 kB	2023-03-07	2023-09-17
Pretty URL www.palmsbet.com/scripts/banner-default.js?v=960.1.1?v=1675519952918 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59:42 Last Seen2023-09-17 09:14:05 Times Seen111 Hash c2445e7c5b2725bd4a0a7bf9d4b47a42 5cb511abcefb3afb4352edb712b70c49b967bf9c 8f44a77c10b749fc6176d074eb2760aae3e945225264878bb95615cc3b7becbb Loading...

	www.palmsbet.com/scripts/init.min.js?v=13.2.5.5	12 kB	2023-03-07	2023-09-17
Pretty URL www.palmsbet.com/scripts/init.min.js?v=13.2.5.5 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59:42 Last Seen2023-09-17 09:14:06 Times Seen182 Hash ca334ff65b6a9b901c3cced53c428859 03958d996ef9d273213c06c1426a644614afd225 10cd77a8fc1a1c097181884ec32999c90ede84ca0f659be37dbd1d60548f24c4 Loading...

	www.palmsbet.com/scripts/jquery.ctdata.js?v=1.635821123.1.1	16 kB	2023-03-12	2023-04-19
Pretty URL www.palmsbet.com/scripts/jquery.ctdata.js?v=1.635821123.1.1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 23:25:37 Last Seen2023-04-19 19:56:29 Times Seen41 Hash c0d30b2cac7ae1436aef5f7e4547dc58 7586f67b3bdc6c597024552e03e8416a51d76210 4053cca5c2e7118d5b5df7714e5e9f3723cc6f7b6a378e146c71a67a4dfc5e87 Loading...

	www.palmsbet.com/scripts/jquery.touchSwipe.min.js	20 kB	2023-03-07	2024-04-19
Pretty URL www.palmsbet.com/scripts/jquery.touchSwipe.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2024-04-19 11:28:16 Times Seen1349 Hash f60ff05469d1757996d85f4172d4ff4d 69c8c9f0e0fbd9bd9fd1df6c1a18067256d46c73 a10d7edb8fd307f469beaaa75a725e4bdae24a1b867f5bc7960f01e25c99d8e1 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-12	2024-04-15
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.14 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:46:21 Last Seen2024-04-15 18:54:35 Times Seen35101 Hash 54e51056211dda674100cc5b323a58ad 26dc5034cb6c7f3bbe061edd37c7fc6006cb835b 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Loading...

	www.palmsbet.com/scripts/custom.min.js?ver=1675519952456	103 kB	2023-03-13	2023-03-13
Pretty URL www.palmsbet.com/scripts/custom.min.js?ver=1675519952456 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:26:34 Last Seen2023-03-13 20:18:00 Times Seen1 Hash 4ccecec3a6b5c21da25ae00457953a45 0090bceabf913d835fa0a3da6be9d6f2147ca8f4 1ef54cf9093724208a20652f70b8a9d1b15339ca5f63981d0af7e9af348b26fd Loading...

	www.palmsbet.com/bg/pages/wheel-lending/?marketingCode=PB-0115&tgclid=0a010046-bba3-4412-8800-05bb63de67aa	1.8 kB	2023-03-13	2023-03-29
Pretty URL www.palmsbet.com/bg/pages/wheel-lending/?marketingCode=PB-0115&tgclid=0a010046-bba3-4412-8800-05bb63de67aa IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 10:20:09 Last Seen2023-03-29 23:31:53 Times Seen25 Hash 47d65e17807f953ef4d43318e03b6277 62dd286d923db1c282955dee410674397391c734 12134631df44b3987a652327e0ccb07d1aef751ed832ba0f813171ab296c69ab Loading...

	www.palmsbet.com/scripts/jquery-3.6.0.min.js	90 kB	2023-03-07	2024-04-19
Pretty URL www.palmsbet.com/scripts/jquery-3.6.0.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:13 Last Seen2024-04-19 12:28:18 Times Seen259834 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

	www.palmsbet.com/bg/pages/wheel-lending/?marketingCode=PB-0115&tgclid=0a010046-bba3-4412-8800-05bb63de67aa	1.5 kB	2023-03-13	2023-03-13
Pretty URL www.palmsbet.com/bg/pages/wheel-lending/?marketingCode=PB-0115&tgclid=0a010046-bba3-4412-8800-05bb63de67aa IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:48:10 Last Seen2023-03-13 16:48:10 Times Seen1 Hash 46b9503d38590753bbbd0201a681b0c1 6ef1fd56b3e18947a2c32f6610d330e2dcd03993 3a6209ced3596140a7f883ab6e8846386971c6b11e5a430ac4fd3e7c926829b2 Loading...

	http:blank	600 B	2023-03-13	2023-03-26
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 02:23:35 Last Seen2023-03-26 06:18:12 Times Seen4 Hash 3f8042fc02591206bd4dabe1a25d81dc c7e6a9aa4d9f0ca5e6e88d15d97f66745fc6c015 89eb56caa2a4695d53d3f1ed9b2537e61d649897ff54cab5912147a762603968 Loading...

	www.palmsbet.com/bg/pages/wheel-lending/?marketingCode=PB-0115&tgclid=0a010046-bba3-4412-8800-05bb63de67aa	341 B	2023-03-07	2023-09-17
Pretty URL www.palmsbet.com/bg/pages/wheel-lending/?marketingCode=PB-0115&tgclid=0a010046-bba3-4412-8800-05bb63de67aa IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59:42 Last Seen2023-09-17 09:14:05 Times Seen106 Hash 5e9ed7a18696f9b7182fb8f1c08be46b 1a24b49762f246a4a2c7e73cf1e3ccb971f25bbd 1e9823d571bcd1138a9dae0664827fcb816c423d1cb6941389c74d7e711bb516 Loading...

	www.googletagmanager.com/gtag/js?id=G-JRG87C8CG6&l=dataLayer&cx=c	238 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtag/js?id=G-JRG87C8CG6&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:48:10 Last Seen2023-03-13 16:48:10 Times Seen1 Hash 44c280e183922424045aab72e48c87e9 c066c27e75c8e712af9ee5d09dd1eda618a71619 80e707f340178f16a2ce7c5855b9672788656191b960cb5dae9e8ae7d5655872 Loading...

	sdk-cdn.optimove.net/webconfig/f6a9d2d8264c44578514f5b495966bf8/web-configuration.1.0.0.js	110 kB	2023-03-13	2023-09-17
Pretty URL sdk-cdn.optimove.net/webconfig/f6a9d2d8264c44578514f5b495966bf8/web-configuration.1.0.0.js IP 35.201.79.141 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 02:23:35 Last Seen2023-09-17 09:14:06 Times Seen172 Hash 842dbd11eeb55dfdff0377f86937faab db6602ac2ebdfa23fde2da04954c6bcd65211770 73a2224ce42432b8960989d432867929b82993a44cd23c2f5ae1a4d7ca06e0c3 Loading...

	www.palmsbet.com/scripts/tab-changes.js	2.3 kB	2023-03-07	2023-09-17
Pretty URL www.palmsbet.com/scripts/tab-changes.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59:42 Last Seen2023-09-17 09:14:05 Times Seen114 Hash ba13a046eb6675504d302089ca3da833 57c98951979844da1387df31a1a6b010fde86a3f 9db56cd2ede27233110647b8b4e459e90f00210012c4f5373fc894daf8bc9aa2 Loading...

	www.palmsbet.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1675512000	40 kB	2023-03-13	2023-03-13
Pretty URL www.palmsbet.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1675512000 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:48:10 Last Seen2023-03-13 16:48:10 Times Seen1 Hash f64a77f7471c1b5c760304752333fca2 c274d1acdbe8c8efa35add633bdbb88510555f9c 9d4e94d096daf54ed3736fb3832a2ee30c2942ba4c7340ce2f775cb0103bb760 Loading...

	connect.facebook.net/en_US/fbevents.js	109 kB	2023-03-13	2023-11-17
Pretty URL connect.facebook.net/en_US/fbevents.js IP 157.240.205.11 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:47:19 Last Seen2023-11-17 16:32:25 Times Seen5 Hash beca88e7d9125b63f58be285031b0930 08cda009ebdf601f0ffe06b0ee3065fff2fb105b c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236 Loading...

	www.palmsbet.com/affiliate/?marketingCode=PB-0115&banID=&brand=ecasino&ns=wo169bemnnv9eucm2tbqp226&clickid=wo169bemnnv9eucm2tbqp226&pages=wheel-lending	141 B	2023-03-07	2023-04-05
Pretty URL www.palmsbet.com/affiliate/?marketingCode=PB-0115&banID=&brand=ecasino&ns=wo169bemnnv9eucm2tbqp226&clickid=wo169bemnnv9eucm2tbqp226&pages=wheel-lending IP 172.67.75.149 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59:42 Last Seen2023-04-05 01:52:35 Times Seen20 Hash 8cf0d2fe46ea3e75d1aea4708a499488 a37f980aa8b855df6489ca02e5af5dddddf81f9a a1a8f8141097ad0e2373121faf95e8fbbe5411b87c422ade042f84bc3daeac21 Loading...

	www.palmsbet.com/bg/pages/wheel-lending/?marketingCode=PB-0115&tgclid=0a010046-bba3-4412-8800-05bb63de67aa	398 B	2023-03-07	2023-09-17
Pretty URL www.palmsbet.com/bg/pages/wheel-lending/?marketingCode=PB-0115&tgclid=0a010046-bba3-4412-8800-05bb63de67aa IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59:42 Last Seen2023-09-17 09:14:05 Times Seen106 Hash 251a94ead46a2087e9b63b61610e48e4 f5c3b3f68055117c6be373bc58a20bc6cb11fe70 b7a2547e06d5ad19132f839bbad92fb9319dec4f287af0adedf16a996a6bbff2 Loading...

	http:blank	684 B	2023-03-13	2023-03-13
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:48:10 Last Seen2023-03-13 16:48:10 Times Seen1 Hash 885a45094d65c6fe451add9f3d14c5ab 555c4d38897304e5c1917cbfb5134b378e28d249 68d05f959780c2d544a571b9ea1dd648ad6adde17246fe176545eef2b21ade38 Loading...

HTTP Transactions (87)

URL IP Response Size

walter-larence.com/54b9601c-08a1-449d-bb9f-8b82c27d7369

18.193.146.82

302

0 B

URL HTTP/1.1
walter-larence.com/54b9601c-08a1-449d-bb9f-8b82c27d7369
IP
18.193.146.82:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /54b9601c-08a1-449d-bb9f-8b82c27d7369 HTTP/1.1
Host: walter-larence.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 
Server: nginx
Date: Sat, 04 Feb 2023 14:11:53 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://www.palmsbet.com/affiliate/?marketingCode=PB-0115&banID=&brand=ecasino&ns=wo169bemnnv9eucm2tbqp226&clickid=wo169bemnnv9eucm2tbqp226&pages=wheel-lending
Pragma: no-cache
Set-Cookie: 54b9601c-08a1-449d-bb9f-8b82c27d7369-v4=1zX3HqbLIxzWg9xSf3hjj4EgcV_6RnffXppUXqqWQjQ; Max-Age=86400; Expires=Sun, 05-Feb-2023 14:11:53 GMT; Domain=walter-larence.com; Path=/; HttpOnly
cc-v4=cxPo%2FZoMSQDjUNU2ywWGsJneMA0TB2Ub3HM1ffLPOuPx%2BCdYiuM7zEkqGFHtEtTJx%2BhooellTYLCjJT7a19opNiJB7LIVuuRCVlWScU6p6OotPbunaEy63Ka5dLoCt5JiEOr11ARAhNM5Fv%2Fq%2BPHsg%3D%3D; Max-Age=31536000; Expires=Sun, 04-Feb-2024 14:11:53 GMT; Domain=walter-larence.com; Path=/; HttpOnly

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1cdc095521e9ee2606059be447d1fdd5
02b5d0a5b5823e2338daf7e144700babe2a213af
8bda3aabcf331c2bfcc4c7023cd797c760fd301dc353641bb95048e072f66c66

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8BDA3AABCF331C2BFCC4C7023CD797C760FD301DC353641BB95048E072F66C66"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7089
Expires: Sat, 04 Feb 2023 16:10:03 GMT
Date: Sat, 04 Feb 2023 14:11:54 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11481
Expires: Sat, 04 Feb 2023 17:23:15 GMT
Date: Sat, 04 Feb 2023 14:11:54 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 04 Feb 2023 13:43:38 GMT
content-type: application/json
age: 1696
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19098
Expires: Sat, 04 Feb 2023 19:30:12 GMT
Date: Sat, 04 Feb 2023 14:11:54 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
852c2f138e421536f0525bf670988156
4e53d3a35d6266221e71c112f6a52a8189c06d4b
0e45c54465968e5d2d3537460fb3405fafabb331585f7bda67e88feb51bc04bc

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4106
Cache-Control: max-age=111825
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 14:11:54 GMT
Etag: "63dd6971-118"
Expires: Sun, 05 Feb 2023 21:15:39 GMT
Last-Modified: Fri, 03 Feb 2023 20:07:13 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 280

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: ArTdb9weQakxK+bBoeUY30A2AIiZ/FIdwBgACsP8IHI7eLtnkbJ7d+4HvKN3hjTd80TbOkMVLDA=
x-amz-request-id: AQT7Y15W0F2JKATW
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 04 Feb 2023 13:24:01 GMT
age: 2873
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 14:11:54 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
852c2f138e421536f0525bf670988156
4e53d3a35d6266221e71c112f6a52a8189c06d4b
0e45c54465968e5d2d3537460fb3405fafabb331585f7bda67e88feb51bc04bc

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4106
Cache-Control: max-age=111825
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 14:11:54 GMT
Etag: "63dd6971-118"
Expires: Sun, 05 Feb 2023 21:15:39 GMT
Last-Modified: Fri, 03 Feb 2023 20:07:13 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 280

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 04 Feb 2023 14:07:19 GMT
age: 275
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
522d1ca9f517a7b5fb3834a9dc5c1cc5
2ca8ba79a60e8491605d211a122d84f5c5958a64
dcecefbee58d048a6705b5766ea6d472cfbfa6c29d17247a8da69eaf51dcfde3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DCECEFBEE58D048A6705B5766EA6D472CFBFA6C29D17247A8DA69EAF51DCFDE3"
Last-Modified: Sat, 04 Feb 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9970
Expires: Sat, 04 Feb 2023 16:58:04 GMT
Date: Sat, 04 Feb 2023 14:11:54 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8574
Expires: Sat, 04 Feb 2023 16:34:48 GMT
Date: Sat, 04 Feb 2023 14:11:54 GMT
Connection: keep-alive

ocsp.pki.goog/s/gts1d4/2yZcQvQHgaE

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/2yZcQvQHgaE
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
bd542c3d2a87eb3d0bd0785a7d7aed95
17b9cffffbec8815c01ce3e5f2f4479c4ca12d05
7a12f3c58707a451590954abb9f8a28108465218f710f02c404e807c9678822e

HTTP Headers

POST /s/gts1d4/2yZcQvQHgaE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 14:11:54 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

click.trafficguard.ai/?organisation_id=palmsbet_affiliate&property_id=tg-007126-001&source_id=PB-0115&campaign_id=&site_id=&partner_click_id=wo169bemnnv9eucm2tbqp226&keyword=wo169bemnnv9eucm2tbqp226&click_time=2023-02-04%2016-11-55&destination_url=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fwheel-lending%2F%3FmarketingCode%3DPB-0115

35.201.93.108

302 Found

280 B

URL HTTP/2
click.trafficguard.ai/?organisation_id=palmsbet_affiliate&property_id=tg-007126-001&source_id=PB-0115&campaign_id=&site_id=&partner_click_id=wo169bemnnv9eucm2tbqp226&keyword=wo169bemnnv9eucm2tbqp226&click_time=2023-02-04%2016-11-55&destination_url=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fwheel-lending%2F%3FmarketingCode%3DPB-0115
IP
35.201.93.108:0
ASN
#15169 GOOGLE

File type
HTML document, ASCII text, with no line terminators
Size
280 B (280 bytes)
Hash
5ec23a40967e61f28f6a53332b190868
603a30e504619eed4c51074321f3e1168d063499
3d049f4457332cde4df6cdcab66a0f44d9793c3a8225c0b92f494ed52dd6b4e4

HTTP Headers

GET /?organisation_id=palmsbet_affiliate&property_id=tg-007126-001&source_id=PB-0115&campaign_id=&site_id=&partner_click_id=wo169bemnnv9eucm2tbqp226&keyword=wo169bemnnv9eucm2tbqp226&click_time=2023-02-04%2016-11-55&destination_url=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fwheel-lending%2F%3FmarketingCode%3DPB-0115 HTTP/1.1
Host: click.trafficguard.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.palmsbet.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
expect-ct: max-age=0, report-uri="https://trafficguard.report-uri.com/r/d/ct/reportOnly"
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: geid=07010047-f15a-4e6f-bf00-0e8a63de67aa; Domain=.trafficguard.ai; Path=/; Expires=Sun, 04 Feb 2024 14:11:54 GMT; HttpOnly; Secure; SameSite=None
geid-legacy=07010047-f15a-4e6f-bf00-0e8a63de67aa; Domain=.trafficguard.ai; Path=/; Expires=Sun, 04 Feb 2024 14:11:54 GMT; HttpOnly
DC_27f0dd1cd8fd1ea7a1331b53d10294e0=RZfrkhF1zUA31WoGsS4g878NdhlklhothfjWrtqM8kFAMrP8vSbZPrdNHdYBCM2MlRhT/EgTKaN/VD714ClgbYoTTopJKMiS7u5ZAH0YQtfPKJdMSprgmEBNeASGYVOYuXQPSQpK; Domain=.trafficguard.ai; Path=/; Expires=Sun, 05 Feb 2023 14:11:54 GMT; HttpOnly; Secure; SameSite=None
DC_27f0dd1cd8fd1ea7a1331b53d10294e0-legacy=RZfrkhF1zUA31WoGsS4g878NdhlklhothfjWrtqM8kFAMrP8vSbZPrdNHdYBCM2MlRhT/EgTKaN/VD714ClgbYoTTopJKMiS7u5ZAH0YQtfPKJdMSprgmEBNeASGYVOYuXQPSQpK; Domain=.trafficguard.ai; Path=/; Expires=Sun, 05 Feb 2023 14:11:54 GMT; HttpOnly
location: https://www.palmsbet.com/bg/pages/wheel-lending/?marketingCode=PB-0115&tgclid=0a010046-bba3-4412-8800-05bb63de67aa
vary: Accept
content-type: text/html; charset=utf-8
content-length: 280
date: Sat, 04 Feb 2023 14:11:54 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4/2yZcQvQHgaE

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/2yZcQvQHgaE
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
bd542c3d2a87eb3d0bd0785a7d7aed95
17b9cffffbec8815c01ce3e5f2f4479c4ca12d05
7a12f3c58707a451590954abb9f8a28108465218f710f02c404e807c9678822e

HTTP Headers

POST /s/gts1d4/2yZcQvQHgaE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 14:11:54 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

push.services.mozilla.com/

54.148.70.121

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.148.70.121:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: OG27fPOxBBqr/x8SrXakmA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: uwArOOmzg6koFeOiA5J6TZycA8s=

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

1.0 kB

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
1.0 kB (1047 bytes)
Hash
ee3aff2007291af6f02c941589741b5e
e0be905f4041c2229ca13b965466d49c772c2654
d470029fe7ed37aa39763eae752ec12d8b085c4f4f52f6ebee9e29219090dcd5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 14:11:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

support.palmsbet.com/affiliate/?marketingCode=PB-0115&banID=&brand=ecasino&ns=wo169bemnnv9eucm2tbqp226&clickid=wo169bemnnv9eucm2tbqp226&pages=wheel-lending&or_ref=

78.128.60.140

302 Found

7.4 kB

URL HTTP/2
support.palmsbet.com/affiliate/?marketingCode=PB-0115&banID=&brand=ecasino&ns=wo169bemnnv9eucm2tbqp226&clickid=wo169bemnnv9eucm2tbqp226&pages=wheel-lending&or_ref=
IP
78.128.60.140:0
ASN
#31083 Telepoint Ltd

File type
data
Size
7.4 kB (7413 bytes)
Hash
f302b41a1c08318a503e437ff4a420cc
beb002f3279de1193b43fce09fda03a629bd7691
363299d7c9a03ffd0317acf4aa875548a561f07c8505399c7fd8cbb72d02b079

HTTP Headers

GET /affiliate/?marketingCode=PB-0115&banID=&brand=ecasino&ns=wo169bemnnv9eucm2tbqp226&clickid=wo169bemnnv9eucm2tbqp226&pages=wheel-lending&or_ref= HTTP/1.1
Host: support.palmsbet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.palmsbet.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site

HTTP/2 302 Found
content-encoding: gzip
vary: Accept-Encoding,Origin
set-cookie: affClick=%7B%22marketingCode%22%3A%22PB-0115%22%2C%22banID%22%3A%22%22%2C%22clickid%22%3A%22wo169bemnnv9eucm2tbqp226%22%2C%22ns%22%3A%22wo169bemnnv9eucm2tbqp226%22%7D; expires=Mon, 06-Mar-2023 14:11:55 GMT; Max-Age=2592000; path=/; domain=palmsbet.com
marketingCode=PB-0115; expires=Mon, 06-Mar-2023 14:11:55 GMT; Max-Age=2592000; path=/; domain=palmsbet.com
location: https://click.trafficguard.ai/?organisation_id=palmsbet_affiliate&property_id=tg-007126-001&source_id=PB-0115&campaign_id=&site_id=&partner_click_id=wo169bemnnv9eucm2tbqp226&keyword=wo169bemnnv9eucm2tbqp226&click_time=2023-02-04 16-11-55&destination_url=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fwheel-lending%2F%3FmarketingCode%3DPB-0115
content-type: text/html; charset=UTF-8
date: Sat, 04 Feb 2023 14:11:55 GMT
server: Apache
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

3.4 kB

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
3.4 kB (3366 bytes)
Hash
2f07f737e5b84d0170a7947730be38ef
b75579f350df9afb061ab029ecd12b4fef018efc
baac81c5250c8d33c3fcdbdf86921edaa192d40df0dba915c8999a386cfc1129

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 14:11:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtm.js?id=GTM-W23TMFB

142.250.74.168

200 OK

73 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-W23TMFB
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with CRLF line terminators
Size
73 kB (73180 bytes)
Hash
5a891e3ca3635e7254fb57aea421a836
5535c7f286f375afdbfacdb2accc62c797ae3308
1ac7321dba15dd6149cfd1512547983b982f7d9a61ada4635ca8b36c837c17f3

HTTP Headers

GET /gtm.js?id=GTM-W23TMFB HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.palmsbet.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 04 Feb 2023 14:11:55 GMT
expires: Sat, 04 Feb 2023 14:11:55 GMT
cache-control: private, max-age=900
last-modified: Sat, 04 Feb 2023 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 72793
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap

142.250.74.74

200 OK

246 kB

URL HTTP/2
fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type
data
Size
246 kB (246181 bytes)
Hash
602ec28e7fe29f1e945c93d52a6b420c
21e2fb5cf1bb850243efa6c285d690540bf1d911
693f73b2c6a4eb511e4a6aa0f557868d588674e8cb38c33bd869bda8190b23c0

HTTP Headers

GET /css2?family=Roboto:wght@400;500;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.palmsbet.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 Feb 2023 14:11:55 GMT
date: Sat, 04 Feb 2023 14:11:55 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4/1vmhpXYvMQg

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/1vmhpXYvMQg
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
80f9925e64b74559678bc9c2e450e6d8
b7194a8842e69c0ed33864acf82c278d5fe13e4f
f96f2c74df2db2d44dca9fbfdebd1c0147f5caea5f435471c19914fe0a5630eb

HTTP Headers

POST /s/gts1d4/1vmhpXYvMQg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 14:11:55 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
e8b7a294de868e6dd48b1322c9afa79d
fc99c1d55a9d9e583b3f3bf1226a74adb30e88ee
9b510b7f6d6080f9ab077753d7b09358b93402bce1ef78c77f7cc2246b4a318f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 14:11:55 GMT
Server: ECS (amb/6BBF)
Content-Length: 279

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7d482750bf7fdfcaa38c0efd583ef4dc
a4f68a124e4be130bc838e70f23fd4c6d2f4ef2d
5e6f1cadf4bc425664bb26fa2b384cf13900461b689c77d0916b1d2edd41337c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 14:11:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

tgtag.io/tg.js?pid=tg-g-007125-001

34.120.230.83

200 OK

32 kB

URL HTTP/2
tgtag.io/tg.js?pid=tg-g-007125-001
IP
34.120.230.83:0
ASN
#15169 GOOGLE

File type
Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size
32 kB (31667 bytes)
Hash
508072c63a35c84745dd1ef33706f34f
5db9b0f2db74f01c0a450f7c0a5d0901cc61d749
f10eba601f45922924f18cd57fdf391d29bacdf5098e3d0433b0d8b58c5d3358

HTTP Headers

GET /tg.js?pid=tg-g-007125-001 HTTP/1.1
Host: tgtag.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.palmsbet.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-guploader-uploadid: ADPycdtwNiIoTrkh1r_H6h2TFii6HD7NZ6BGTVo_9pb7v61OOEBuqLrenSmi_hOUtLurUhiZj6eqFUVkyuavMUvu0HKBPhiXgYSz
vary: X-Goog-Allowed-Resources
x-goog-generation: 1675327980026762
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 31667
content-encoding: gzip
x-goog-hash: crc32c=oV25fg==, md5=UIByxjo1yEdF3R7zNwbzTw==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 31667
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Access-Control-Allow-Origin
server: UploadServer
date: Sat, 04 Feb 2023 08:57:12 GMT
expires: Sun, 05 Feb 2023 08:57:12 GMT
cache-control: public, no-transform, max-age=86400, s-maxage=86400
age: 18883
last-modified: Thu, 02 Feb 2023 08:53:00 GMT
etag: "508072c63a35c84745dd1ef33706f34f"
content-type: application/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4/1vmhpXYvMQg

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/1vmhpXYvMQg
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
80f9925e64b74559678bc9c2e450e6d8
b7194a8842e69c0ed33864acf82c278d5fe13e4f
f96f2c74df2db2d44dca9fbfdebd1c0147f5caea5f435471c19914fe0a5630eb

HTTP Headers

POST /s/gts1d4/1vmhpXYvMQg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 14:11:55 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

assets.palms.bet/uploads/WinterWheel2_1920x600_bg.jpg

188.114.97.1

200 OK

365 kB

URL HTTP/2
assets.palms.bet/uploads/WinterWheel2_1920x600_bg.jpg
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, progressive, precision 8, 1920x600, components 3\012- data
Size
365 kB (365272 bytes)
Hash
857d1acd186d99f6a3502972162bf317
6747542d7162e831dadf5ef06a3d2daada441df4
17089ca9e7f4896ca6c87cf556245097c0ef8ede29288caa8918ca145c689116

HTTP Headers

GET /uploads/WinterWheel2_1920x600_bg.jpg HTTP/1.1
Host: assets.palms.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.palmsbet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 04 Feb 2023 14:11:55 GMT
content-type: image/jpeg
content-length: 365272
last-modified: Thu, 05 Jan 2023 13:23:44 GMT
vary: Origin, Accept-Encoding
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SiAHnxIDCkrYMWCQv0uyEwmMioUlPj%2B1jno0b8p3cwqE6hzBvvuGmgRYT2mElvVReMp%2BUGz0DDPXTw3crHLpft1eqZ4lROqKxS6r6EQTW0Rdaarps13oROaGEpZjulxWlHXf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7943ff905f40b4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

16 kB

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
16 kB (16172 bytes)
Hash
61cea4143d675ee2d28eb4d84b17de1d
b0ee09083d5771f69b9f36954002e08a3ecc0bd1
b50358fecf6310c5499297bd1297e50310b6c2e8f632af64f7b166188797de19

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 14:11:55 GMT
Last-Modified: Sat, 04 Feb 2023 14:11:55 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 279

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d2e174531b474d26a32c11aaa9965c69
6356e52468c57397bd01afe8c7cb861b4fe931ee
5eefef5a21ca2e611d0904b3adcff0005053a0d1f23a024808b436141cadd6b3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 14:11:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

512974245.fls.doubleclick.net/activityi;src=512974245;type=invmedia;cat=allvi0;ord=1;num=5800658028263;gtm=45He3210;auiddc=530259360.1675519952;~oref=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fwheel-lending%2F%3FmarketingCode%3DPB-0115%26tgclid%3D0a010046-bba3-4412-8800-05bb63de67aa?

142.250.74.70

200 OK

313 B

URL HTTP/2
512974245.fls.doubleclick.net/activityi;src=512974245;type=invmedia;cat=allvi0;ord=1;num=5800658028263;gtm=45He3210;auiddc=530259360.1675519952;~oref=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fwheel-lending%2F%3FmarketingCode%3DPB-0115%26tgclid%3D0a010046-bba3-4412-8800-05bb63de67aa?
IP
142.250.74.70:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (561), with no line terminators
Size
313 B (313 bytes)
Hash
264735df29125ae2a3287566cf195468
9aed2eabdc4138ba61ca28f4cc2d93f5b89e4473
3e5fc07d5449a7fce84201db797be2d7172264ab2e43f7bd62447fd96e71e787

HTTP Headers

GET /activityi;src=512974245;type=invmedia;cat=allvi0;ord=1;num=5800658028263;gtm=45He3210;auiddc=530259360.1675519952;~oref=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fwheel-lending%2F%3FmarketingCode%3DPB-0115%26tgclid%3D0a010046-bba3-4412-8800-05bb63de67aa? HTTP/1.1
Host: 512974245.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.palmsbet.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 04 Feb 2023 14:11:56 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 313
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 04-Feb-2023 14:26:56 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

509 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
509 B (509 bytes)
Hash
b604dca0266375758bf833e84b183e10
8626deb1a752e8acd12ba2b1ab8f078673ff081c
2e8d0bfdc1ef9c994d625918fe1af36d5bc34c96b3d9faeed337189d7278bdb1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2497
Expires: Sat, 04 Feb 2023 14:53:33 GMT
Date: Sat, 04 Feb 2023 14:11:56 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2497
Expires: Sat, 04 Feb 2023 14:53:33 GMT
Date: Sat, 04 Feb 2023 14:11:56 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2497
Expires: Sat, 04 Feb 2023 14:53:33 GMT
Date: Sat, 04 Feb 2023 14:11:56 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2497
Expires: Sat, 04 Feb 2023 14:53:33 GMT
Date: Sat, 04 Feb 2023 14:11:56 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2497
Expires: Sat, 04 Feb 2023 14:53:33 GMT
Date: Sat, 04 Feb 2023 14:11:56 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11565 bytes)
Hash
e366b32074025aaf60bbae8bdb08d330
a52c2883bad98fa20333aa639a5dd3a5bf544c8e
9d661c26effaec9efee16833f6459d6ecbe4f77b822c9c46e2a6433bda816e5c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11565
x-amzn-requestid: 87a84ffd-1176-4656-aac4-e98f38ec2cd9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboIrFGboAMFyyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d48704-162ed8114aa1809204500548;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:23:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lsQxPtozrh2Ty1T-3d-1crDfi8HgVKRafOXb1UFl033bCx3kAzTS7w==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 21:48:04 GMT
age: 59032
etag: "a52c2883bad98fa20333aa639a5dd3a5bf544c8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.5 kB (8527 bytes)
Hash
6661b7263315f5eb3cd2465f671e1fcd
b7b5831c6b3ccc41d7a980b6088adc10ff8785f1
eb25507950d81db4b54a1af7fadaceee1bcff780eb28b6a04dbfb3886785f5b7

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8527
x-amzn-requestid: f95a2821-ae89-4ea9-93b2-43e570285df3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEC3FyboAMFe0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8078-7e2177f11d5715d4092cad2c;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:45:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dcFgY5x3Ef0J__7wGn3llTjZ9as5nX1H4HErIT3VlKfeQaQTjymW2g==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:33 GMT
etag: "b7b5831c6b3ccc41d7a980b6088adc10ff8785f1"
content-type: image/jpeg
age: 57683
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.2 kB (5174 bytes)
Hash
e5b4e4f15da3323c73974c3f1cdb5d74
1f14971d0cf979cc34ff191849dc43d86e8ac463
5893d7e5b2fd9de92829b303c42d0c07ff32b3f6b8705b6f5b4a784315c8808e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5174
x-amzn-requestid: 35630c70-3bad-47b4-94bb-09c873632194
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7EFAHIAMFQQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-317b1fbb3bee0f377697bf3d;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: OD5cy75AkNMwTIvIool2nKbKgr5Jpo1Plm_X_YPr3rdPbg86_V2fdA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:21 GMT
age: 57695
etag: "1f14971d0cf979cc34ff191849dc43d86e8ac463"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10253 bytes)
Hash
392b61306c346508d3ac4a2f28218f9c
d2de32b52e0d3f4fc6acaf687b3521294b01dc03
018712a4d6734b84ac1777124f97dae4d93b1e5b297a5dcfe0955b52710b8a35

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10253
x-amzn-requestid: a90cb6b3-8a72-4b4b-b4f5-6dafc8c6752a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7GGv5IAMFu8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-3ca59e7c52800a4e44bda8fd;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: G8F3Fflod6HB4QFtjpD09xzi-2LKPw_DBJT0PKYKU3bs3pvOwO_LRw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:32 GMT
age: 57684
etag: "d2de32b52e0d3f4fc6acaf687b3521294b01dc03"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c030376-7935-4601-969c-86a91f4f5e85.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.2 kB (7249 bytes)
Hash
d7afd5ce8fb9ec7b62e528bf97705e49
afbf22f5d8f54adcb00e8980a9b22f2c5b6703c3
b2d93ba6c0ed2c858d91afba1c81251afbffa41c779be2e9203994dcfb7bbc9d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c030376-7935-4601-969c-86a91f4f5e85.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7249
x-amzn-requestid: 007ce521-ed5c-4074-a314-684ad0df2e22
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD9GH5goAMF_ag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8053-7060f02b767c90371991a190;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5fTV_e56nzjiXo4Guu67WXDDvp3nrjB0Yfyy6ByjcDSx23J-8r0fmQ==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:21 GMT
age: 57695
etag: "afbf22f5d8f54adcb00e8980a9b22f2c5b6703c3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4/M7vREfWOEdc

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/M7vREfWOEdc
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
ef9e1d0cb112a16640b86c2df26c0fc9
b007e1437346b3312ef0b5138db89bc7f58aa558
6e45b8c3f3aac31b75dd683f996fa4c35fdf59e3b845318dc1afa53289b33e97

HTTP Headers

POST /s/gts1d4/M7vREfWOEdc HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 14:11:56 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

34.120.237.76

200 OK

9.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b2d6920-2a79-45a8-b007-d36cc875c52f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.5 kB (9500 bytes)
Hash
3ac51fd6789cbe19c2d484c9022b0e39
bcba22a7b7f5dd1f59fffd1027e5d7002cecb6e9
300b5e50cb910f9f4905ee7313d98763b68f85f5874db499cc94469fb14cabfe

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b2d6920-2a79-45a8-b007-d36cc875c52f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9500
x-amzn-requestid: 8fe94388-e8d9-4329-b73a-e9a356df76bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD9QEA1IAMF3Ug=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8054-51f954ac4bec16d1055e38f5;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:52 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FkTJ6wQ4eFYBPDyS0l5vLeWvHHiQIx-cYyFzT4ggHJ8M5Gg3dozFxQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:30:36 GMT
age: 56480
etag: "bcba22a7b7f5dd1f59fffd1027e5d7002cecb6e9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d2e174531b474d26a32c11aaa9965c69
6356e52468c57397bd01afe8c7cb861b4fe931ee
5eefef5a21ca2e611d0904b3adcff0005053a0d1f23a024808b436141cadd6b3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 14:11:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8176ac8bbb8fa05f36bdfa163da09e0c
b936c84c5fa7e781b12a17952c82bca546ca0575
1aa7e39fd02514a4023036a8a100d7e7898ee220063ebfb41c509264c81ed727

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 14:11:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

adservice.google.com/ddm/fls/i/src=512974245;type=invmedia;cat=allvi0;ord=1;num=5800658028263;gtm=45He3210;auiddc=530259360.1675519952;~oref=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fwheel-lending%2F%3FmarketingCode%3DPB-0115%26tgclid%3D0a010046-bba3-4412-8800-05bb63de67aa

172.217.21.162

200 OK

312 B

URL HTTP/2
adservice.google.com/ddm/fls/i/src=512974245;type=invmedia;cat=allvi0;ord=1;num=5800658028263;gtm=45He3210;auiddc=530259360.1675519952;~oref=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fwheel-lending%2F%3FmarketingCode%3DPB-0115%26tgclid%3D0a010046-bba3-4412-8800-05bb63de67aa
IP
172.217.21.162:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (560), with no line terminators
Size
312 B (312 bytes)
Hash
1a86556c622d6d59bd50e567cc35eec6
940e4df56b03ce227ee44bbd1820c15e32a50fce
5efd7ffa2aab5c4b21c7b5f060275eb0e591ad819824dacf54cf7c5e939b8d6e

HTTP Headers

GET /ddm/fls/i/src=512974245;type=invmedia;cat=allvi0;ord=1;num=5800658028263;gtm=45He3210;auiddc=530259360.1675519952;~oref=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fwheel-lending%2F%3FmarketingCode%3DPB-0115%26tgclid%3D0a010046-bba3-4412-8800-05bb63de67aa HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://512974245.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 04 Feb 2023 14:11:56 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 312
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8176ac8bbb8fa05f36bdfa163da09e0c
b936c84c5fa7e781b12a17952c82bca546ca0575
1aa7e39fd02514a4023036a8a100d7e7898ee220063ebfb41c509264c81ed727

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 14:11:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
de88149c85daf1f2f8f183d16f581394
4b88639d92a9defef7e575ff50f00348d7a4fc91
5bcde8fa6ee36e3a745249b5a5d1c583b0b17e1bd37a3d5b83ce9255b818680d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 14:11:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

adservice.google.no/ddm/fls/i/src=512974245;type=invmedia;cat=allvi0;ord=1;num=5800658028263;gtm=45He3210;auiddc=530259360.1675519952;~oref=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fwheel-lending%2F%3FmarketingCode%3DPB-0115%26tgclid%3D0a010046-bba3-4412-8800-05bb63de67aa

142.250.74.66

200 OK

85 B

URL HTTP/2
adservice.google.no/ddm/fls/i/src=512974245;type=invmedia;cat=allvi0;ord=1;num=5800658028263;gtm=45He3210;auiddc=530259360.1675519952;~oref=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fwheel-lending%2F%3FmarketingCode%3DPB-0115%26tgclid%3D0a010046-bba3-4412-8800-05bb63de67aa
IP
142.250.74.66:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Size
85 B (85 bytes)
Hash
4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb

HTTP Headers

GET /ddm/fls/i/src=512974245;type=invmedia;cat=allvi0;ord=1;num=5800658028263;gtm=45He3210;auiddc=530259360.1675519952;~oref=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fwheel-lending%2F%3FmarketingCode%3DPB-0115%26tgclid%3D0a010046-bba3-4412-8800-05bb63de67aa HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 04 Feb 2023 14:11:56 GMT
expires: Sat, 04 Feb 2023 14:11:56 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
de88149c85daf1f2f8f183d16f581394
4b88639d92a9defef7e575ff50f00348d7a4fc91
5bcde8fa6ee36e3a745249b5a5d1c583b0b17e1bd37a3d5b83ce9255b818680d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 14:11:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
a3a67dba1b1b1f3ae766058d9cd538d7
9dc833327c3755593c077f703117f6187f4d3e97
b8990e3b7ba47804077dd1d5c3b3e05c8beec9a3288e3fa9e41680dc15045f0d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5484
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 14:11:56 GMT
Last-Modified: Sat, 04 Feb 2023 12:40:33 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471

www.google-analytics.com/analytics.js

142.250.74.14

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.14:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1490)
Size
20 kB (20085 bytes)
Hash
ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.palmsbet.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Sat, 04 Feb 2023 13:45:20 GMT
expires: Sat, 04 Feb 2023 15:45:20 GMT
cache-control: public, max-age=7200
age: 1596
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
b2225cc2d185fde75131092ad660d637
cd30900570650f2f02b61ec691a71885f72e1974
870dd465ebcd3c268152c2f77ac12fddf0c22e4b388ff0ca1df9cf5e20724546

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3662
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 14:11:56 GMT
Last-Modified: Sat, 04 Feb 2023 13:10:54 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471

connect.facebook.net/en_US/fbevents.js

157.240.205.11

200 OK

28 kB

URL HTTP/2
connect.facebook.net/en_US/fbevents.js
IP
157.240.205.11:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (64348)
Size
28 kB (27843 bytes)
Hash
dd1f85cc598419df61e254e53f9ec1ef
f86c0ee563f5b7a01e1d40b566f2bc184a32380f
c06f52b233c835b03292f39cb847507a03bb971066bf91341b58a580244398c0

HTTP Headers

GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.palmsbet.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: sPeM6TnMzqS/5GuanW0qxOROL2qaHZb7CvwHTEycCfU3f4G61Z5QwH/nyZ5mZ/gZ8pp9R+drE3Fj+VUMJ0xtiQ==
content-length: 27843
x-fb-trip-id: 1679558926
date: Sat, 04 Feb 2023 14:11:56 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

5.9 kB

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
5.9 kB (5876 bytes)
Hash
425a08bb72fd8bf9cc4bd91078545a4a
a267236de27c6ebe75a0aef347c0f9340ae94bdf
fac90b957bd03cc0fb459122a1343ec8955d34837224c4709eef570126e57407

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5484
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 14:11:56 GMT
Last-Modified: Sat, 04 Feb 2023 12:40:33 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
42f7bb86070a306c0902a2947bfd5db1
679751d86f7520d1e5e30b5bc050015450de75a7
ebccfef4e98d659e8e275dd6b2797b1154e42572695aefc916825bc0819e96dd

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 14:11:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

region1.google-analytics.com/g/collect?v=2&tid=G-JRG87C8CG6&gtm=45je3210&_p=1704316038&cid=1177366487.1675519952&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675519952&sct=1&seg=0&dl=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fwheel-lending%2F%3FmarketingCode%3DPB-0115%26tgclid%3D0a010046-bba3-4412-8800-05bb63de67aa&dr=https%3A%2F%2Fwww.palmsbet.com%2F&dt=Palms%20Bet%20-%20%D1%81%D0%BF%D0%BE%D1%80%D1%82%D0%BD%D0%B8%20%D0%B7%D0%B0%D0%BB%D0%BE%D0%B7%D0%B8%20%D0%B8%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BA%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE&en=page_view&_fv=1&_nsi=1&_ss=1

216.239.32.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-JRG87C8CG6&gtm=45je3210&_p=1704316038&cid=1177366487.1675519952&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675519952&sct=1&seg=0&dl=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fwheel-lending%2F%3FmarketingCode%3DPB-0115%26tgclid%3D0a010046-bba3-4412-8800-05bb63de67aa&dr=https%3A%2F%2Fwww.palmsbet.com%2F&dt=Palms%20Bet%20-%20%D1%81%D0%BF%D0%BE%D1%80%D1%82%D0%BD%D0%B8%20%D0%B7%D0%B0%D0%BB%D0%BE%D0%B7%D0%B8%20%D0%B8%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BA%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE&en=page_view&_fv=1&_nsi=1&_ss=1
IP
216.239.32.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-JRG87C8CG6&gtm=45je3210&_p=1704316038&cid=1177366487.1675519952&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675519952&sct=1&seg=0&dl=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fwheel-lending%2F%3FmarketingCode%3DPB-0115%26tgclid%3D0a010046-bba3-4412-8800-05bb63de67aa&dr=https%3A%2F%2Fwww.palmsbet.com%2F&dt=Palms%20Bet%20-%20%D1%81%D0%BF%D0%BE%D1%80%D1%82%D0%BD%D0%B8%20%D0%B7%D0%B0%D0%BB%D0%BE%D0%B7%D0%B8%20%D0%B8%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BA%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.palmsbet.com/
Origin: https://www.palmsbet.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://www.palmsbet.com
date: Sat, 04 Feb 2023 14:11:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-99030406-1&cid=1177366487.1675519952&jid=1627019368&gjid=1027458283&_gid=468896559.1675519952&_u=YCDAgEABAAAAAEAAI~&z=811965487

64.233.165.156

200 OK

4 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-99030406-1&cid=1177366487.1675519952&jid=1627019368&gjid=1027458283&_gid=468896559.1675519952&_u=YCDAgEABAAAAAEAAI~&z=811965487
IP
64.233.165.156:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-99030406-1&cid=1177366487.1675519952&jid=1627019368&gjid=1027458283&_gid=468896559.1675519952&_u=YCDAgEABAAAAAEAAI~&z=811965487 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.palmsbet.com/
Content-Type: text/plain
Content-Length: 0
Origin: https://www.palmsbet.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://www.palmsbet.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 04 Feb 2023 14:11:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
42f7bb86070a306c0902a2947bfd5db1
679751d86f7520d1e5e30b5bc050015450de75a7
ebccfef4e98d659e8e275dd6b2797b1154e42572695aefc916825bc0819e96dd

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 14:11:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
f7c5e62f265bd66bf718675e8403d319
f3d6f5b2a0d69c13372444b9ede09cd497a0e0e0
52add25d992b3a7307f3241cf8dcac7e2303504eb54434ce4b05a15cda450548

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 14:11:57 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 01 Feb 2023 23:03:29 GMT
Expires: Wed, 08 Feb 2023 23:03:28 GMT
Etag: "f3d6f5b2a0d69c13372444b9ede09cd497a0e0e0"
Cache-Control: max-age=376890,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7943ff99db7bb503-OSL

sdk-cdn.optimove.net/websdk/sdk-v2.0.js

35.201.79.141

200 OK

37 kB

URL HTTP/2
sdk-cdn.optimove.net/websdk/sdk-v2.0.js
IP
35.201.79.141:0
ASN
#15169 GOOGLE

File type
data
Size
37 kB (37204 bytes)
Hash
08820f202536348e34497881200b5ce4
049bb919f2b8b6f79c04b10f2e7a38204dbbca33
7f3d7f2bc71a4cc7fb7c8f2c2ae74ad7d22413d15a2c59a44ea6433215af0928

HTTP Headers

GET /websdk/sdk-v2.0.js HTTP/1.1
Host: sdk-cdn.optimove.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.palmsbet.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-guploader-uploadid: ADPycdtL0R7MGbvmVWtiJy6hDhKDEQ1z-f4k0Cn-XRv_JhNqQTqjc9tP4h5OWHFN7fugQ8HYocuxOBY3VVEilEKRuVDFhb_Ou4Vn
vary: X-Goog-Allowed-Resources
x-goog-generation: 1674476899204117
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 16643
content-encoding: gzip
x-goog-hash: crc32c=LDag5A==, md5=xklV8Gil2JZBfLDOlayEUw==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 16643
server: UploadServer
date: Sat, 04 Feb 2023 12:19:41 GMT
age: 6736
last-modified: Mon, 23 Jan 2023 12:28:19 GMT
etag: "c64955f068a5d896417cb0ce95ac8453"
content-type: text/javascript
cache-control: public,max-age=3600,no-transform
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

sdk-cdn.optimove.net/webconfig/f6a9d2d8264c44578514f5b495966bf8/web-configuration.1.0.0.js

35.201.79.141

200 OK

7.6 kB

URL HTTP/2
sdk-cdn.optimove.net/webconfig/f6a9d2d8264c44578514f5b495966bf8/web-configuration.1.0.0.js
IP
35.201.79.141:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (65536), with no line terminators
Size
7.6 kB (7614 bytes)
Hash
d45d77dd213e3186e62342107ac35716
8c0623f8d6ea68967bdde913b3f1fdf4ae730195
51836e055c72404f402fcef5131842ed2319a8aa8540f68602279dfcf3f03980

HTTP Headers

GET /webconfig/f6a9d2d8264c44578514f5b495966bf8/web-configuration.1.0.0.js HTTP/1.1
Host: sdk-cdn.optimove.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.palmsbet.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-guploader-uploadid: ADPycdtNOsufVwU7ZWGeoSq6jFDgN0ZrjJzQzhdSQT5_gx1U9tsTAjEPkwqYVuXu_-1qTaQx9b-1zHUMhu0lRjud8oVshw
vary: X-Goog-Allowed-Resources
x-goog-generation: 1673875967335136
x-goog-metageneration: 3
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 7614
content-encoding: gzip
x-goog-hash: crc32c=vrqIwQ==, md5=1F133SE+MYbmI0IQesNXFg==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 7614
server: UploadServer
date: Sat, 04 Feb 2023 14:11:57 GMT
last-modified: Mon, 16 Jan 2023 13:32:47 GMT
etag: "d45d77dd213e3186e62342107ac35716"
content-type: application/json
age: 0
cache-control: public,max-age=300,no-transform
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
23287a0337047631e479bb3cbe8b0fcd
15ec24f5ee1990ee456a6fd3bbcbdbe27bf62c99
da05b381eec3589d2689bc5fab2b89eb5d65f9a5652f9254f3353e30a4540034

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 14:11:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
f7c5e62f265bd66bf718675e8403d319
f3d6f5b2a0d69c13372444b9ede09cd497a0e0e0
52add25d992b3a7307f3241cf8dcac7e2303504eb54434ce4b05a15cda450548

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 14:11:57 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 01 Feb 2023 23:03:29 GMT
Expires: Wed, 08 Feb 2023 23:03:28 GMT
Etag: "f3d6f5b2a0d69c13372444b9ede09cd497a0e0e0"
Cache-Control: max-age=376890,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7943ff9a5c11b503-OSL

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
23287a0337047631e479bb3cbe8b0fcd
15ec24f5ee1990ee456a6fd3bbcbdbe27bf62c99
da05b381eec3589d2689bc5fab2b89eb5d65f9a5652f9254f3353e30a4540034

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 14:11:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

142.250.74.35

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.palmsbet.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 13:09:06 GMT
expires: Wed, 31 Jan 2024 13:09:06 GMT
cache-control: public, max-age=31536000
age: 349371
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
23287a0337047631e479bb3cbe8b0fcd
15ec24f5ee1990ee456a6fd3bbcbdbe27bf62c99
da05b381eec3589d2689bc5fab2b89eb5d65f9a5652f9254f3353e30a4540034

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 14:11:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.35

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.palmsbet.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 22:02:00 GMT
expires: Mon, 29 Jan 2024 22:02:00 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 490197
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
23287a0337047631e479bb3cbe8b0fcd
15ec24f5ee1990ee456a6fd3bbcbdbe27bf62c99
da05b381eec3589d2689bc5fab2b89eb5d65f9a5652f9254f3353e30a4540034

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 14:11:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

142.250.74.35

200 OK

10 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
10 kB (10009 bytes)
Hash
bc97692adf80a3da3ad21576c57373db
e214977c1ee093532056f1890c395b7d10e92954
1987c656ab77434386a09f59ac2c37de79d9d3faba2e86b03687b5f8ab7f91ed

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.palmsbet.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9628
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 12:24:15 GMT
expires: Thu, 01 Feb 2024 12:24:15 GMT
cache-control: public, max-age=31536000
age: 265662
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

s2.adform.net/banners/scripts/st/trackpoint-async.js

37.157.6.234

200 OK

47 kB

URL HTTP/2
s2.adform.net/banners/scripts/st/trackpoint-async.js
IP
37.157.6.234:0
ASN
#198622 Adform A/S

File type
data
Size
47 kB (46772 bytes)
Hash
76c6a7560774e6f71397a21042dcf2a5
89e32c5639920eaa0ddeaa7006ec9f885e7208c5
1377810ace371236bde95b669dd6e31c4138eab8164462634907e797ca9928c9

HTTP Headers

GET /banners/scripts/st/trackpoint-async.js HTTP/1.1
Host: s2.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.palmsbet.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 14:11:56 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 29 Nov 2022 10:23:25 GMT
x-rgw-object-type: Normal
etag: W/"83eb5fafaa212c785f7393188ff817aa"
x-amz-request-id: tx00000ea5be29143837370-006385e0d3-32941e2b-default
access-control-allow-origin: *
cache-control: public, max-age=604800
x-cache-status: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2

142.250.74.35

200 OK

9.6 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 9644, version 1.0\012- data
Size
9.6 kB (9644 bytes)
Hash
6f112ec2b932ee12379442c42853244e
b2e73c8c70d6261e1d187f41693c43ac4fe0809d
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.palmsbet.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9644
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 12:24:15 GMT
expires: Thu, 01 Feb 2024 12:24:15 GMT
cache-control: public, max-age=31536000
age: 265662
last-modified: Wed, 11 May 2022 19:24:50 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2

142.250.74.35

200 OK

10 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
10 kB (10416 bytes)
Hash
cc8a6ebb34215959a931afbb1445a4a1
afbfc4045b1d6c240e3e2e0ece7bd39363a8af6b
188cd46534b8ae9bba24522bee665b56b4f6ff70899651a28ca1768de40bdb01

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.palmsbet.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9840
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 01:03:44 GMT
expires: Fri, 02 Feb 2024 01:03:44 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:39 GMT
content-type: font/woff2
age: 220093
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
23287a0337047631e479bb3cbe8b0fcd
15ec24f5ee1990ee456a6fd3bbcbdbe27bf62c99
da05b381eec3589d2689bc5fab2b89eb5d65f9a5652f9254f3353e30a4540034

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 14:11:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

api.trafficguard.ai/tg-g-007125-001/api/v4/client-side/validate/event

34.120.121.20

200 OK

62 B

URL HTTP/2
api.trafficguard.ai/tg-g-007125-001/api/v4/client-side/validate/event
IP
34.120.121.20:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
62 B (62 bytes)
Hash
d51fb880e4f0c1140c9a6bb0c69841b8
013a4f0effd9e02b90d8d5ae71f20535106537ae
11ef8218c126b582e1a9f8dadd318a6a280af8c059476b218f0e1a10ef529770

HTTP Headers

POST /tg-g-007125-001/api/v4/client-side/validate/event HTTP/1.1
Host: api.trafficguard.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.palmsbet.com/
Content-Type: application/x-www-form-urlencoded;charset=UTF-8
Content-Length: 2294
Origin: https://www.palmsbet.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
expect-ct: max-age=0, report-uri="https://trafficguard.report-uri.com/r/d/ct/reportOnly"
x-xss-protection: 0
x-content-type-options: nosniff
access-control-allow-origin: https://www.palmsbet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Requested-With, Access-Control-Allow-Origin, Access-Control-Allow-Credentials
set-cookie: geid=0701000d-7079-4056-9100-175063de67ad; Domain=.trafficguard.ai; Path=/; Expires=Sun, 04 Feb 2024 14:11:57 GMT; HttpOnly; Secure; SameSite=None
geid-legacy=0701000d-7079-4056-9100-175063de67ad; Domain=.trafficguard.ai; Path=/; Expires=Sun, 04 Feb 2024 14:11:57 GMT; HttpOnly
content-type: application/json; charset=utf-8
content-length: 62
etag: W/"3e-ATpPDv/Z4CuQ2NWucfIFNRBlN64"
date: Sat, 04 Feb 2023 14:11:57 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

sdkuaservice.optimove.net/

34.102.240.186

200 OK

361 B

URL HTTP/2
sdkuaservice.optimove.net/
IP
34.102.240.186:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text
Size
361 B (361 bytes)
Hash
3083d0e97d9681d8731856bcc2d38dc0
0d962f0c4fd88ef4e6613e5ea47e5998f13ac636
eb902e82d3845ac4d70e6edd86509b810996391fce4434547483a457b34f0e1f

HTTP Headers

GET / HTTP/1.1
Host: sdkuaservice.optimove.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.palmsbet.com/
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Origin: https://www.palmsbet.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-powered-by: Express
access-control-allow-origin: *
content-type: application/json
date: Sat, 04 Feb 2023 14:11:57 GMT
content-length: 361
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4/M7vREfWOEdc

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/M7vREfWOEdc
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
ef9e1d0cb112a16640b86c2df26c0fc9
b007e1437346b3312ef0b5138db89bc7f58aa558
6e45b8c3f3aac31b75dd683f996fa4c35fdf59e3b845318dc1afa53289b33e97

HTTP Headers

POST /s/gts1d4/M7vREfWOEdc HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 14:11:57 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stream-683.optimove.net/

107.154.132.121

204 No Content

0 B

URL HTTP/2
stream-683.optimove.net/
IP
107.154.132.121:0
ASN
#19551 INCAPSULA

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS / HTTP/1.1
Host: stream-683.optimove.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-request-id
Referer: https://www.palmsbet.com/
Origin: https://www.palmsbet.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
vary: Access-Control-Request-Headers
access-control-allow-headers: content-type,x-request-id
access-control-max-age: 86400
content-length: 0
date: Sat, 04 Feb 2023 14:11:57 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
set-cookie: visid_incap_2816538=PIT23nJBR8WQSLnpMlYmQ61n3mMAAAAAQUIPAAAAAAC97Yyw3f/VEmiqKHfB+Blj; expires=Sat, 03 Feb 2024 22:32:58 GMT; HttpOnly; path=/; Domain=.optimove.net
incap_ses_276_2816538=Ms6WInT4ciZMDJNRI43UA61n3mMAAAAAEVIUDqcrgAZJiReYHMctbw==; path=/; Domain=.optimove.net
x-cdn: Imperva
x-iinfo: 14-6660443-6660452 NNNN CT(1 4 0) RT(1675519917178 31) q(0 0 0 0) r(0 0) U6
X-Firefox-Spdy: h2

www.facebook.com/tr/?id=1297212827064514&ev=PageView&dl=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fwheel-lending%2F%3FmarketingCode%3DPB-0115%26tgclid%3D0a010046-bba3-4412-8800-05bb63de67aa&rl=https%3A%2F%2Fwww.palmsbet.com%2F&if=false&ts=1675519953413&sw=1280&sh=1024&v=2.9.95&r=stable&a=tmgoogletagmanager&ec=0&o=30&cs_est=true&fbp=fb.1.1675519953412.1152723145&it=1675519952471&coo=false&rqm=GET

31.13.72.36

200 OK

0 B

URL HTTP/2
www.facebook.com/tr/?id=1297212827064514&ev=PageView&dl=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fwheel-lending%2F%3FmarketingCode%3DPB-0115%26tgclid%3D0a010046-bba3-4412-8800-05bb63de67aa&rl=https%3A%2F%2Fwww.palmsbet.com%2F&if=false&ts=1675519953413&sw=1280&sh=1024&v=2.9.95&r=stable&a=tmgoogletagmanager&ec=0&o=30&cs_est=true&fbp=fb.1.1675519953412.1152723145&it=1675519952471&coo=false&rqm=GET
IP
31.13.72.36:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tr/?id=1297212827064514&ev=PageView&dl=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fwheel-lending%2F%3FmarketingCode%3DPB-0115%26tgclid%3D0a010046-bba3-4412-8800-05bb63de67aa&rl=https%3A%2F%2Fwww.palmsbet.com%2F&if=false&ts=1675519953413&sw=1280&sh=1024&v=2.9.95&r=stable&a=tmgoogletagmanager&ec=0&o=30&cs_est=true&fbp=fb.1.1675519953412.1152723145&it=1675519952471&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.palmsbet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin: 
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sat, 04 Feb 2023 14:11:57 GMT
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
621b586028d5acaf29b8777ca0872ce1
9d2a358576d0acab58e2eacf7765b686cee9181f
a7c99a5217e394c715679780ae1e3e60202653547212b0a4fd2efab0e1a01015

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 14:11:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-99030406-1&cid=1177366487.1675519952&jid=1627019368&_u=YCDAgEABAAAAAEAAI~&z=463283930

142.250.74.163

200 OK

42 B

URL HTTP/2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-99030406-1&cid=1177366487.1675519952&jid=1627019368&_u=YCDAgEABAAAAAEAAI~&z=463283930
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-99030406-1&cid=1177366487.1675519952&jid=1627019368&_u=YCDAgEABAAAAAEAAI~&z=463283930 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.palmsbet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 04 Feb 2023 14:11:57 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

stream-683.optimove.net/

107.154.132.121

200 OK

108 B

URL HTTP/2
stream-683.optimove.net/
IP
107.154.132.121:0
ASN
#19551 INCAPSULA

File type
data
Size
108 B (108 bytes)
Hash
81cb032d16a2c62952bdfdc5080a4256
45b0221b5a1df2d96a26cd1d2b53168558c2a560
ff9fd89ce35a86fc8194617df70ce9443f63948fa2a1e252c82825d69878fa62

HTTP Headers

POST / HTTP/1.1
Host: stream-683.optimove.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.palmsbet.com/
Content-Type: application/json
X-Request-ID: d57bdef1-a92f-49ba-a44c-055ec5d8e172
Origin: https://www.palmsbet.com
Content-Length: 672
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-powered-by: Express
access-control-allow-origin: *
content-type: application/json; charset=utf-8
etag: W/"31-C1KbvIaXJN1Ve5ROMWZ6wEXylvU"
date: Sat, 04 Feb 2023 14:11:57 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
set-cookie: visid_incap_2816538=PIT23nJBR8WQSLnpMlYmQ61n3mMAAAAAQUIPAAAAAAC97Yyw3f/VEmiqKHfB+Blj; expires=Sat, 03 Feb 2024 22:32:58 GMT; HttpOnly; path=/; Domain=.optimove.net
incap_ses_276_2816538=FPY5CxiYsA1MDJNRI43UA61n3mMAAAAAEIDGG57v0I2uSLPlDVFR3g==; path=/; Domain=.optimove.net
x-cdn: Imperva
content-encoding: gzip
x-iinfo: 14-6660443-6660452 PNYN RT(1675519917178 78) q(0 0 0 0) r(1 1) U6
X-Firefox-Spdy: h2

track.adform.net/Serving/TrackPoint/?pm=2130909&ADFPageName=WebsiteName%7CSectionName%7CSubSection%7CPageName&ADFdivider=%7C&ord=672649745319&ADFtpmode=2&loc=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fwheel-lending%2F%3FmarketingCode%3DPB-0115%26tgclid%3D0a010046-bba3-4412-8800-05bb63de67aa&CPref=https%3A%2F%2Fwww.palmsbet.com%2F&Set1=en-US%7Cen-US%7C1280x1024%7C24

37.157.5.141

302 Found

734 B

URL HTTP/2
track.adform.net/Serving/TrackPoint/?pm=2130909&ADFPageName=WebsiteName%7CSectionName%7CSubSection%7CPageName&ADFdivider=%7C&ord=672649745319&ADFtpmode=2&loc=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fwheel-lending%2F%3FmarketingCode%3DPB-0115%26tgclid%3D0a010046-bba3-4412-8800-05bb63de67aa&CPref=https%3A%2F%2Fwww.palmsbet.com%2F&Set1=en-US%7Cen-US%7C1280x1024%7C24
IP
37.157.5.141:0
ASN
#198622 Adform A/S

File type
data
Size
734 B (734 bytes)
Hash
8e3d03ef7a8185e09dd093c26d800d3f
2a7ce26d8fb761688e7498e3f18ffc926b35b2ad
d18df8a88424239aea32a349b1406756b34fda3d2381005245b78d220db6b37c

HTTP Headers

GET /Serving/TrackPoint/?pm=2130909&ADFPageName=WebsiteName%7CSectionName%7CSubSection%7CPageName&ADFdivider=%7C&ord=672649745319&ADFtpmode=2&loc=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fwheel-lending%2F%3FmarketingCode%3DPB-0115%26tgclid%3D0a010046-bba3-4412-8800-05bb63de67aa&CPref=https%3A%2F%2Fwww.palmsbet.com%2F&Set1=en-US%7Cen-US%7C1280x1024%7C24 HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.palmsbet.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
server: nginx
date: Sat, 04 Feb 2023 14:11:57 GMT
content-type: text/html; charset=utf-8
location: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2130909&ADFPageName=WebsiteName%7CSectionName%7CSubSection%7CPageName&ADFdivider=%7C&ord=672649745319&ADFtpmode=2&loc=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fwheel-lending%2F%3FmarketingCode%3DPB-0115%26tgclid%3D0a010046-bba3-4412-8800-05bb63de67aa&CPref=https%3A%2F%2Fwww.palmsbet.com%2F&Set1=en-US%7Cen-US%7C1280x1024%7C24
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-origin: *
set-cookie: C=1; domain=adform.net; expires=Sat, 04-Mar-2023 14:11:57 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

realtime-683.optimove.net/reportEvent

107.154.132.121

204 No Content

0 B

URL HTTP/2
realtime-683.optimove.net/reportEvent
IP
107.154.132.121:0
ASN
#19551 INCAPSULA

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /reportEvent HTTP/1.1
Host: realtime-683.optimove.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-request-id
Referer: https://www.palmsbet.com/
Origin: https://www.palmsbet.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
vary: Access-Control-Request-Headers
access-control-allow-headers: content-type,x-request-id
access-control-max-age: 86400
content-length: 0
date: Sat, 04 Feb 2023 14:11:57 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
set-cookie: visid_incap_2819049=Suw6zMH+QF+nbwBlsF+NBa1n3mMAAAAAQUIPAAAAAACuWbG0cE1jQ9mtDd59lCXm; expires=Sat, 03 Feb 2024 22:32:58 GMT; HttpOnly; path=/; Domain=.optimove.net
incap_ses_276_2819049=VwKQCzM+gEZsDJNRI43UA61n3mMAAAAAWEBnSwG5kpG+pzVq9xk3Nw==; path=/; Domain=.optimove.net
x-cdn: Imperva
x-iinfo: 14-6660443-6660492 NNNN CT(1 5 0) RT(1675519917178 290) q(0 0 0 0) r(1 1) U6
X-Firefox-Spdy: h2

www.palmsbet.com/affiliate/?marketingCode=PB-0115&banID=&brand=ecasino&ns=wo169bemnnv9eucm2tbqp226&clickid=wo169bemnnv9eucm2tbqp226&pages=wheel-lending

172.67.75.149

200 OK

0 B

URL HTTP/2
www.palmsbet.com/affiliate/?marketingCode=PB-0115&banID=&brand=ecasino&ns=wo169bemnnv9eucm2tbqp226&clickid=wo169bemnnv9eucm2tbqp226&pages=wheel-lending
IP
172.67.75.149:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /affiliate/?marketingCode=PB-0115&banID=&brand=ecasino&ns=wo169bemnnv9eucm2tbqp226&clickid=wo169bemnnv9eucm2tbqp226&pages=wheel-lending HTTP/1.1
Host: www.palmsbet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Sat, 04 Feb 2023 14:11:54 GMT
content-type: text/html
last-modified: Tue, 23 Nov 2021 13:23:59 GMT
cache-control: no-store
access-control-allow-credentials: true
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'none'
x-xss-protection: 1
x-frame-options: DENY
strict-transport-security: max-age=63072000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=exssCKSk44XBKRWK8Q5Vxd8TlQ5In8A4JTSlfm%2FeWDtleBCxuHH0QAMpqEQIS4PT9e64496kwPQ%2FoFWckcIrfl6qLwQbvxKOWJb7msNgfjrsYK8%2BixllJjEFdcUhJqZ80xs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7943ff8719471c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

track.adform.net/serving/scripts/trackpoint/async/

37.157.5.141

301 Moved Permanently

0 B

URL HTTP/2
track.adform.net/serving/scripts/trackpoint/async/
IP
37.157.5.141:0
ASN
#198622 Adform A/S

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /serving/scripts/trackpoint/async/ HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.palmsbet.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: nginx
date: Sat, 04 Feb 2023 14:11:56 GMT
content-type: text/html
location: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

realtime-683.optimove.net/reportEvent

107.154.132.121

200 OK

0 B

URL HTTP/2
realtime-683.optimove.net/reportEvent
IP
107.154.132.121:0
ASN
#19551 INCAPSULA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /reportEvent HTTP/1.1
Host: realtime-683.optimove.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.palmsbet.com/
Content-Type: application/json
X-Request-ID: 6cb93310-216f-41c1-bb8e-f39d3f9e5622
Origin: https://www.palmsbet.com
Content-Length: 672
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With,Content-Type
content-type: application/json
date: Sat, 04 Feb 2023 14:11:57 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
set-cookie: visid_incap_2819049=Suw6zMH+QF+nbwBlsF+NBa1n3mMAAAAAQUIPAAAAAACuWbG0cE1jQ9mtDd59lCXm; expires=Sat, 03 Feb 2024 22:32:58 GMT; HttpOnly; path=/; Domain=.optimove.net
incap_ses_276_2819049=B5R6IvU93D5sDJNRI43UA61n3mMAAAAAek3+1tJk94ltGo0YoOYuyg==; path=/; Domain=.optimove.net
x-cdn: Imperva
content-encoding: gzip
x-iinfo: 14-6660443-6660492 PNYN RT(1675519917178 344) q(0 0 0 0) r(0 0) U6
X-Firefox-Spdy: h2

stream-683.optimove.net/

107.154.132.121

200 OK

0 B

URL HTTP/2
stream-683.optimove.net/
IP
107.154.132.121:0
ASN
#19551 INCAPSULA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST / HTTP/1.1
Host: stream-683.optimove.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.palmsbet.com/
Content-Type: application/json
X-Request-ID: dee4f81e-4c86-43e4-9eeb-04bb705f1ab6
Origin: https://www.palmsbet.com
Content-Length: 656
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-powered-by: Express
access-control-allow-origin: *
content-type: application/json; charset=utf-8
etag: W/"31-CBYPrC0LJiUZJC1v/m+OJWAD9xw"
date: Sat, 04 Feb 2023 14:12:00 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
set-cookie: visid_incap_2816538=PIT23nJBR8WQSLnpMlYmQ61n3mMAAAAAQUIPAAAAAAC97Yyw3f/VEmiqKHfB+Blj; expires=Sat, 03 Feb 2024 22:32:58 GMT; HttpOnly; path=/; Domain=.optimove.net
incap_ses_276_2816538=PtTOC7bv0GRMDJNRI43UA7Bn3mMAAAAAbMBivSVHy/0aslbvZiteVQ==; path=/; Domain=.optimove.net
x-cdn: Imperva
content-encoding: gzip
x-iinfo: 14-6660443-6660452 PNYN RT(1675519917178 2979) q(0 0 0 0) r(1 1) U6
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (28)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML