protrckit.com/a192cab81?clickid=1moeo2f34ep&subid=1moeo2f34ep
188.114.97.1301 Moved Permanently 0 B URL HTTP/1.1 protrckit.com/a192cab81?clickid=1moeo2f34ep&subid=1moeo2f34ep
IP 188.114.97.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /a192cab81?clickid=1moeo2f34ep&subid=1moeo2f34ep HTTP/1.1
Host: protrckit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 04 Dec 2022 12:15:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 04 Dec 2022 13:15:16 GMT
Location: https://protrckit.com/a192cab81?clickid=1moeo2f34ep&subid=1moeo2f34ep
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5WDJSIJS22SGAX6ZyoCGb%2BtbRpeYpFm%2BY3h0s7GlxvbUs%2BEzIeDyeOubmDowQxIc41JG1%2FbY25AjkrHtjcg2X6MibkxTj8t0rB%2Bur68tfArLjBveIuAT%2B8BU28j0sUjJ"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7744777058f3b500-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2289
Expires: Sun, 04 Dec 2022 12:53:25 GMT
Date: Sun, 04 Dec 2022 12:15:16 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fb2c0697c6d9a96a5411dd2952947458
79e57f831ec396bbdaa5bfe9472a05e6c9fb31f4
3fd7edcc349ab4402f62e54a142be6b4cecf0e7ee3f431d3168bdf0643ba4d92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4391
Cache-Control: max-age=170952
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 12:15:16 GMT
Etag: "638c76f5-1d7"
Expires: Tue, 06 Dec 2022 11:44:28 GMT
Last-Modified: Sun, 04 Dec 2022 10:31:17 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11010
Expires: Sun, 04 Dec 2022 15:18:46 GMT
Date: Sun, 04 Dec 2022 12:15:16 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 04 Dec 2022 11:20:06 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3310
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: IL8dw5HYoFhYWI+zFJPiA+wXakAKedq64AdYa5xJLMLxdTFX9oiGgeiIwOT+8MjzN+qXZOdfu2w=
x-amz-request-id: N7BVJ80S0SY64FBM
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 04 Dec 2022 11:46:58 GMT
age: 1698
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 12:15:16 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 831bcc41b92b78a2a3cab89f56657a34
bf1e208a25fe23f882b1afb59d5dc9bd373c8de8
d7dfb84d0bc5240283e8e7cb60be8750a6f6a99d868dd938759efdccbaa15758
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=112561
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 12:15:17 GMT
Etag: "638ba406-117"
Expires: Mon, 05 Dec 2022 19:31:18 GMT
Last-Modified: Sat, 03 Dec 2022 19:31:18 GMT
Server: nginx
Content-Length: 279
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 04 Dec 2022 12:08:58 GMT
cache-control: public,max-age=3600
age: 379
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 831bcc41b92b78a2a3cab89f56657a34
bf1e208a25fe23f882b1afb59d5dc9bd373c8de8
d7dfb84d0bc5240283e8e7cb60be8750a6f6a99d868dd938759efdccbaa15758
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=112561
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 12:15:17 GMT
Etag: "638ba406-117"
Expires: Mon, 05 Dec 2022 19:31:18 GMT
Last-Modified: Sat, 03 Dec 2022 19:31:18 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 31b129c94a90b1e695b21395cb54e378
a3cae46b48d469cc61ab0581303bcd5f5b654db9
fac3f681be358a20f78958dff10c89b7a91365c5114c81246c1bc34c1362ba1e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4389
Cache-Control: max-age=165883
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 12:15:17 GMT
Etag: "638c632b-1d7"
Expires: Tue, 06 Dec 2022 10:20:00 GMT
Last-Modified: Sun, 04 Dec 2022 09:06:51 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 52daa7b536fe29b64d153cb64b97fce4
0a4609b0fbb6ea6cb88645ec1b25c14c5678f1a0
077150174159d9a38cafb15178fd20f670e8f8ac8341119bfbe17d7ee8a35fa1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=148910
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 12:15:17 GMT
Etag: "638c3203-116"
Expires: Tue, 06 Dec 2022 05:37:07 GMT
Last-Modified: Sun, 04 Dec 2022 05:37:07 GMT
Server: nginx
Content-Length: 278
push.services.mozilla.com/
34.216.192.228101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.216.192.228:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: mKX3ZcWBfO1XSOq1RAW4Pw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: eRxh4glCYC8fvVHqfuZF/MNAJLY=
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 52daa7b536fe29b64d153cb64b97fce4
0a4609b0fbb6ea6cb88645ec1b25c14c5678f1a0
077150174159d9a38cafb15178fd20f670e8f8ac8341119bfbe17d7ee8a35fa1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=148910
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 12:15:17 GMT
Etag: "638c3203-116"
Expires: Tue, 06 Dec 2022 05:37:07 GMT
Last-Modified: Sun, 04 Dec 2022 05:37:07 GMT
Server: nginx
Content-Length: 278
wheel.olympia.casino/public/images/wheel/wheel-bg.png
104.21.92.47200 OK 6.5 kB URL HTTP/2 wheel.olympia.casino/public/images/wheel/wheel-bg.png
IP 104.21.92.47:0
File type PNG image data, 484 x 572, 8-bit colormap, non-interlaced\012- data
Hash da469363c96be15537f382d28c52062e
e3f683f740e2097f3e78f1bb4b4cefb9f3d6af6d
6bec03dae7a4414a3fbe2dfd11378b21e8f9bcfa911d2952c6e6836a74b2a04a
GET /public/images/wheel/wheel-bg.png HTTP/1.1
Host: wheel.olympia.casino
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wheel.olympia.casino/?stag=125932_638c8f551b2d8b7bbc839af4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 12:15:18 GMT
content-type: image/png
content-length: 6543
last-modified: Thu, 01 Sep 2022 09:10:37 GMT
etag: "198f-5e799fc956f48"
hserver: 6
cache-control: max-age=14400
cf-cache-status: HIT
age: 14
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LvIGobeZWequ4avzWsxx3TCnCNv0sMqOe9DepMKz2F%2F8I1Lz91LluPAWpbksvppoVF5MR2AjAxjlAjoBamUCF7fk%2F5Dydgc8AUcFtKen6ZkZz%2FPcN359f4a2RtrJAfxN4II37cgJ1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77447779ebbe1c0e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wheel.olympia.casino/public/images/wheel/wheel.png
104.21.92.47200 OK 21 kB URL HTTP/2 wheel.olympia.casino/public/images/wheel/wheel.png
IP 104.21.92.47:0
File type PNG image data, 484 x 484, 8-bit colormap, non-interlaced\012- data
Hash c9d4b8bd2c6f9b0aa4fc652a691088a0
afbc2f4f9f9b32e5ac37aaa2d0f253ed53b829dd
cdf75f09beba6eb9d9b8369325254e53adf9c8104a479f7b0b5e502e9ed70c72
GET /public/images/wheel/wheel.png HTTP/1.1
Host: wheel.olympia.casino
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wheel.olympia.casino/?stag=125932_638c8f551b2d8b7bbc839af4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 12:15:18 GMT
content-type: image/png
content-length: 20783
last-modified: Thu, 01 Sep 2022 09:10:37 GMT
etag: "512f-5e799fc957ee8"
hserver: 9
cache-control: max-age=14400
cf-cache-status: HIT
age: 14
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3kCBAoiwlZvNOFkG%2FGL5RtfQfmPQYZwuXLNqLVpxc640Tqtc1lOU7hpQXjrKGiHkakSORL%2FtMmPzhixcu5EmIjkvrTQ4uKrhHmZlKcWn4XqHOgXYgBDrZB9a2TgFpXv5E5SZR6ZFlA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77447779ebbf1c0e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wheel.olympia.casino/public/images/wheel/wheel-arrow.png
104.21.92.47200 OK 1.3 kB URL HTTP/2 wheel.olympia.casino/public/images/wheel/wheel-arrow.png
IP 104.21.92.47:0
File type PNG image data, 484 x 572, 4-bit colormap, non-interlaced\012- data
Hash e1abbc0983d4f5cbd28cd0bf23641a80
f4da3ae7518af0685427600c8b0b4751dbcebc4c
6040d357c023627191a44c68821a08b595b6f2794c7dcdd9874f44444a0eaec3
GET /public/images/wheel/wheel-arrow.png HTTP/1.1
Host: wheel.olympia.casino
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wheel.olympia.casino/?stag=125932_638c8f551b2d8b7bbc839af4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 12:15:18 GMT
content-type: image/png
content-length: 1259
last-modified: Thu, 01 Sep 2022 09:10:37 GMT
etag: "4eb-5e799fc956f48"
hserver: 7
cache-control: max-age=14400
cf-cache-status: HIT
age: 14
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K2Lm1TtPTH%2BoykqYIZt5ob%2FzeZtUFrO523amLT4zM6pHTvTcsuoRinZj3Jy4bZdfN1a3KfN0vkMr8WI6y%2Fq8QGGzwS6Sd40lPHKG4q1qvYzUZg2DTmIcroFOgd07DE1Gm5RZK42YUw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77447779ebcd1c0e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wheel.olympia.casino/public/images/bg-mob1.png
104.21.92.47200 OK 152 kB URL HTTP/2 wheel.olympia.casino/public/images/bg-mob1.png
IP 104.21.92.47:0
File type PNG image data, 551 x 1041, 8-bit colormap, non-interlaced\012- data
Size 152 kB (152449 bytes)
Hash bba066dd0d0b059e9aa80451cdc526fb
46aa49260b894858874e2773d2f6ee54d9d76a30
214002383f06013dd3aa2747d5a982261e7bcbae4cef87745304c41fe5e927b1
GET /public/images/bg-mob1.png HTTP/1.1
Host: wheel.olympia.casino
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wheel.olympia.casino/?stag=125932_638c8f551b2d8b7bbc839af4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 12:15:18 GMT
content-type: image/png
content-length: 152449
last-modified: Thu, 01 Sep 2022 09:10:37 GMT
etag: "25381-5e799fc94d307"
hserver: 8
cache-control: max-age=14400
cf-cache-status: HIT
age: 14
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ikTfYK%2Fy5WHCFrHlfw2AjC%2Fmf6tcEcMDNuB4jDqnLzLIZXbNvBW9%2FhRQUTR3OfQPR8akt17BnliV9bpJByTJdsPprNSnlgF%2B%2BZy3eaq6YI2z%2F5I5PBkNL%2BEBYFkDRs89nbofJWG6DA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77447779ebcf1c0e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wheel.olympia.casino/public/images/bg.png
104.21.92.47200 OK 119 kB URL HTTP/2 wheel.olympia.casino/public/images/bg.png
IP 104.21.92.47:0
File type PNG image data, 477 x 685, 8-bit colormap, non-interlaced\012- data
Size 119 kB (119334 bytes)
Hash 1e89405cbe9a617c2be88b497b58d58b
3fd63214a974df7ed9c1e00ba9ae18f23b0190a3
9e9d6259a7d99de8430cbf36f3bdcc92a2222cba42a3344c8a100a7be03439be
GET /public/images/bg.png HTTP/1.1
Host: wheel.olympia.casino
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wheel.olympia.casino/?stag=125932_638c8f551b2d8b7bbc839af4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 12:15:18 GMT
content-type: image/png
content-length: 119334
last-modified: Thu, 01 Sep 2022 09:10:37 GMT
etag: "1d226-5e799fc94d307"
hserver: 8
cache-control: max-age=14400
cf-cache-status: HIT
age: 14
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h6LndSlGAumR4QlNepoVA66qf%2BBSZgP9nHk8bO4dJ7VaAoOpqLiAwKIzIsZlJmLMJ7t6o8cotr8oECWkdlpjw2Lw6jrPlA4c0H9nuR3Tp8Sb%2Bo5OK2JfG0Q5Ik25BDWv8iqXZAfXzw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77447779fbd31c0e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wheel.olympia.casino/public/images/logo-pm.svg
104.21.92.47200 OK 3.7 kB URL HTTP/2 wheel.olympia.casino/public/images/logo-pm.svg
IP 104.21.92.47:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1684)
Hash 413b5cd4abf0843099f22a45624654df
36ebba64a00fc9978f2582a647be81a2b9e44cd5
e692a3a1aee142b54a31926c4a8b7814ec47baa5711ab030e89d9a3c3ca6edf3
GET /public/images/logo-pm.svg HTTP/1.1
Host: wheel.olympia.casino
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wheel.olympia.casino/?stag=125932_638c8f551b2d8b7bbc839af4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 12:15:18 GMT
content-type: image/svg+xml
last-modified: Thu, 01 Sep 2022 09:10:37 GMT
etag: W/"43ab-5e799fc955008"
hserver: 5
cache-control: max-age=14400
cf-cache-status: HIT
age: 14
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DDHDK6OfuYQvRXNjNBbAK4LS31FeGflN1E79i3ksWKhs4O1Xs%2FATnRkQS2bIRlQ8iOd9piCYCpHIhNogW4caj96kV4QGy7rjAvAb%2F8itPPChtq2QwOUxMGqcSnjunwjiS7eT0A%2Bufw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77447779ebbb1c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wheel.olympia.casino/public/loader.css
104.21.92.47200 OK 99 kB URL HTTP/2 wheel.olympia.casino/public/loader.css
IP 104.21.92.47:0
File type ASCII text, with CRLF line terminators
Hash 633e6b3790b4764ea7f5d49df4e42d8e
f2f4bbed0fcfde65460887c880aec68620ddd8d5
17c9846a909996079171366ee9d448a1a2bc04b63b7dc3c29f2e6b2ac38a04a9
GET /public/loader.css HTTP/1.1
Host: wheel.olympia.casino
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wheel.olympia.casino/?stag=125932_638c8f551b2d8b7bbc839af4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 12:15:18 GMT
content-type: text/css
last-modified: Thu, 01 Sep 2022 09:10:37 GMT
etag: W/"d36-5e799fc957ee8-gzip"
vary: Accept-Encoding
hserver: 9
cache-control: max-age=14400
cf-cache-status: HIT
age: 14
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eGBAMNPtx30kSCzhmY9m8Q%2FbhI2b404WsoT1YbvemSYXNxwLxSeVvv8N0OOIQrHgiUBfJkPP%2BZcANMCuuccR2CXLruCLo1VT8GnI5S%2B4k%2FC9P6VTdjcYPHI1fP6Khlmqn%2FFyCCsYsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77447779dbb11c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wheel.olympia.casino/mtapi/js/build/framework.min.js?v=1.0.0
104.21.92.47200 OK 9.2 kB URL HTTP/2 wheel.olympia.casino/mtapi/js/build/framework.min.js?v=1.0.0
IP 104.21.92.47:0
File type Unicode text, UTF-8 text, with very long lines (34152), with no line terminators
Hash 13fefcb274ea52a2c26dc243a7d456aa
97eba3a82491ebc8879a0da97b59249df5c21dfc
98c457050526e1df361fcdec367169a738e290165b9a551f9f97303ec7db90d6
GET /mtapi/js/build/framework.min.js?v=1.0.0 HTTP/1.1
Host: wheel.olympia.casino
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wheel.olympia.casino/?stag=125932_638c8f551b2d8b7bbc839af4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 12:15:18 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 16:30:47 GMT
etag: W/"6388d6b7-8569"
expires: Sun, 04 Dec 2022 12:15:20 GMT
cache-control: max-age=14400
hserver: 5
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YWqZEuXVuGs9lAs5i0L65TwdsVzqI%2BGfDJLRlwdTKtCoyvLwvRCrYxiNTVcPM4Iv2iyR9DqejE6LoSCtlcDImsvZUXmwwlwJ84DFSYLSN47I53GOseAbVqLpIQ9tIfB%2BdBOnc0jE3A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77447779dbb91c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash b7f6d430bf12f184ec82f6a0d8420434
1f2dee3164624724eb261b0aaf1268fe2cc50dae
f08f2f4e7dda05851258ca195d2e04e61d1def48a0756c3f8a6b8fc223a9baae
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F08F2F4E7DDA05851258CA195D2E04E61D1DEF48A0756C3F8A6B8FC223A9BAAE"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5215
Expires: Sun, 04 Dec 2022 13:42:13 GMT
Date: Sun, 04 Dec 2022 12:15:18 GMT
Connection: keep-alive
wheel.olympia.casino/fpapi/ws/collect
104.21.92.47101 Switching Protocols 31 kB URL HTTP/1.1 wheel.olympia.casino/fpapi/ws/collect
IP 104.21.92.47:0
Hash e7349701036430090cc0f908f13dd0d3
8e6d89b4bb6cc9833ea8fc5df2e8d74a3b37e4e7
c9f10513963dd4f34831c8bf8434f7152c75667dbd4bfdc80fcba66eca07b085
GET /fpapi/ws/collect HTTP/1.1
Host: wheel.olympia.casino
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://wheel.olympia.casino
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: uazPd4xWymnbcemJQiSA3A==
Connection: keep-alive, Upgrade
Cookie: PARISESSID=1670156119.085.47322.618353; pm_stag=125932_638c8f551b2d8b7bbc839af4; stag=125932_638c8f551b2d8b7bbc839af4; stag_t=1670156118225; entrance_url=https://wheel.olympia.casino/?stag=125932_638c8f551b2d8b7bbc839af4; dhash=413f8841-ed7f-4040-9ad8-21f5277e191a
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Sun, 04 Dec 2022 12:15:18 GMT
Content-Type: application/octet-stream
Connection: upgrade
Upgrade: websocket
Sec-Websocket-Accept: 4gjmS1m9TpOG5nu8wXP6py+beyc=
Sec-Websocket-Extensions: permessage-deflate
HServer: 9
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KuMcz7FLMpsLpqAhfU6F%2F5hPatSh94TXhre7zVVGKiym7%2F1sXpny7V%2FiRUAre2z1L0PIEyM8y6PiaUsb0RmwfyuHHebsabjiqUK%2FVRzE71pbu9fDhzdpts59bz%2FFYO5wvnW6pc23pg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7744777b6f4e1c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 68570b7de13c7dfdf686da25ce10d668
61c1304152f11e6a83c383fff8d5e498c4385e6f
537302c07522f4bf1e766fbb1a8da346f59526715a5fcecd3f6aa4817b6b32ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 12:15:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
wheel.olympia.casino/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
104.21.92.47200 OK 1.1 kB URL HTTP/2 wheel.olympia.casino/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP 104.21.92.47:0
Hash 9dcd9d2c0cf47e2970f69037bf1776ee
f98859305d9b39f2c38520d1aa3c5a1f9c517fed
2b7d26a2c52145b6fe6e755de944722660ed5ce5c3712f5f05ddfe1b3934d58c
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: wheel.olympia.casino
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wheel.olympia.casino/?stag=125932_638c8f551b2d8b7bbc839af4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 12:15:18 GMT
content-type: application/javascript
last-modified: Wed, 30 Nov 2022 18:31:41 GMT
etag: W/"6387a18d-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tas5ns8IBwKHTZDt5Hw5N5y4jQDIMr%2F5E6k%2FuM08hEW3devgjvZqGeTwtSEaue2D6H6J4BRyq06muoKDP2lqTL0KtCXr0YQ5fNvr6cLleyGboAJGiYfGhKpZ9y1Ef3jOg%2FQWoqkdhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77447779fbd81c0e-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Tue, 06 Dec 2022 12:15:18 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 68570b7de13c7dfdf686da25ce10d668
61c1304152f11e6a83c383fff8d5e498c4385e6f
537302c07522f4bf1e766fbb1a8da346f59526715a5fcecd3f6aa4817b6b32ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 12:15:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 68570b7de13c7dfdf686da25ce10d668
61c1304152f11e6a83c383fff8d5e498c4385e6f
537302c07522f4bf1e766fbb1a8da346f59526715a5fcecd3f6aa4817b6b32ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 12:15:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 882 B IP 93.184.220.29:0
Hash 366e6c264e27eb89948040e1e1e40a84
cb23cc37970644c46ced3989edc70cc8696a2067
7fb7c73f752cd6ea388508e54af9a8c56cef5a430fc9bf05e6fb078da9430b89
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5014
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 12:15:18 GMT
Last-Modified: Sun, 04 Dec 2022 10:51:44 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
mpsnare.iesnare.com/star
54.195.39.4101 Switching Protocols 0 B IP 54.195.39.4:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /star HTTP/1.1
Host: mpsnare.iesnare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://wheel.olympia.casino
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: TcTjd2ES2mP+OC6Pr6pEdg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Server: nginx
Date: Sun, 04 Dec 2022 12:15:18 GMT
Connection: upgrade
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Accept: 9HK4rXg3sNku3Kuu2RFr5ISCLk0=
Upgrade: WebSocket
9774526.fls.doubleclick.net/activityi;src=9774526;type=pmhjo0;cat=all_s0;ord=7514628405355;gtm=2wgbu0;auiddc=831963223.1670156116;~oref=https%3A%2F%2Fwheel.olympia.casino%2F%3Fstag%3D125932_638c8f551b2d8b7bbc839af4?
142.250.74.38200 OK 269 B URL HTTP/2 9774526.fls.doubleclick.net/activityi;src=9774526;type=pmhjo0;cat=all_s0;ord=7514628405355;gtm=2wgbu0;auiddc=831963223.1670156116;~oref=https%3A%2F%2Fwheel.olympia.casino%2F%3Fstag%3D125932_638c8f551b2d8b7bbc839af4?
IP 142.250.74.38:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (491), with no line terminators
Hash d6ba9cff64af604b5a53b5e952e94280
aa89a2a5fd0d352ae26511801d69a34dd1814bb2
d8c716b0a7c3ccaa608066452cb1fad9f4a0827f2384f545bc1d2282514e2896
GET /activityi;src=9774526;type=pmhjo0;cat=all_s0;ord=7514628405355;gtm=2wgbu0;auiddc=831963223.1670156116;~oref=https%3A%2F%2Fwheel.olympia.casino%2F%3Fstag%3D125932_638c8f551b2d8b7bbc839af4? HTTP/1.1
Host: 9774526.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wheel.olympia.casino/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 04 Dec 2022 12:15:18 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 269
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 04-Dec-2022 12:30:18 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
9774526.fls.doubleclick.net/activityi;src=9774526;type=pmhjo0;cat=all_s00;ord=1;num=3213901852609;gtm=2wgbu0;auiddc=831963223.1670156116;~oref=https%3A%2F%2Fwheel.olympia.casino%2F%3Fstag%3D125932_638c8f551b2d8b7bbc839af4?
142.250.74.38200 OK 272 B URL HTTP/2 9774526.fls.doubleclick.net/activityi;src=9774526;type=pmhjo0;cat=all_s00;ord=1;num=3213901852609;gtm=2wgbu0;auiddc=831963223.1670156116;~oref=https%3A%2F%2Fwheel.olympia.casino%2F%3Fstag%3D125932_638c8f551b2d8b7bbc839af4?
IP 142.250.74.38:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (498), with no line terminators
Hash daa2a7acce2de9e75be2bb39ccc77220
21ec1bb6b86d19187179bbbca5de7e7db3069c03
bec6e58784d72bd9783c66da881badb3d4fa4601cfca148e994323e6403aec25
GET /activityi;src=9774526;type=pmhjo0;cat=all_s00;ord=1;num=3213901852609;gtm=2wgbu0;auiddc=831963223.1670156116;~oref=https%3A%2F%2Fwheel.olympia.casino%2F%3Fstag%3D125932_638c8f551b2d8b7bbc839af4? HTTP/1.1
Host: 9774526.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wheel.olympia.casino/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 04 Dec 2022 12:15:18 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 272
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 04-Dec-2022 12:30:18 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
9774526.fls.doubleclick.net/activityi;src=9774526;type=pmhjo0;cat=landi0;ord=3792821638728;gtm=2wgbu0;auiddc=831963223.1670156116;~oref=https%3A%2F%2Fwheel.olympia.casino%2F%3Fstag%3D125932_638c8f551b2d8b7bbc839af4?
142.250.74.38200 OK 270 B URL HTTP/2 9774526.fls.doubleclick.net/activityi;src=9774526;type=pmhjo0;cat=landi0;ord=3792821638728;gtm=2wgbu0;auiddc=831963223.1670156116;~oref=https%3A%2F%2Fwheel.olympia.casino%2F%3Fstag%3D125932_638c8f551b2d8b7bbc839af4?
IP 142.250.74.38:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (491), with no line terminators
Hash e0514e8a7af9b553fd462d022f4b5080
71533f86f27d54b73930c7f239e0857cd2183f6d
125353ca682afabdbd34c25eb11fe6390a498d32c9c78de80c65498cab8db680
GET /activityi;src=9774526;type=pmhjo0;cat=landi0;ord=3792821638728;gtm=2wgbu0;auiddc=831963223.1670156116;~oref=https%3A%2F%2Fwheel.olympia.casino%2F%3Fstag%3D125932_638c8f551b2d8b7bbc839af4? HTTP/1.1
Host: 9774526.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wheel.olympia.casino/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 04 Dec 2022 12:15:18 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 270
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 04-Dec-2022 12:30:18 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
wheel.olympia.casino/mtapi/js/build/framework.min.js?v=1.0.2
104.21.92.47200 OK 27 kB URL HTTP/2 wheel.olympia.casino/mtapi/js/build/framework.min.js?v=1.0.2
IP 104.21.92.47:0
File type Unicode text, UTF-8 text, with very long lines (34152), with no line terminators
Hash abed1b4a549b89041fb1b41f73d214ad
a0a2fc854eac4bdaea32fa42573b3acdd5f5e5df
a070d47aa99c7607b64d7e4010c72f7a638dfea6be36c7a0aa99b04ee9f2693a
GET /mtapi/js/build/framework.min.js?v=1.0.2 HTTP/1.1
Host: wheel.olympia.casino
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wheel.olympia.casino/?stag=125932_638c8f551b2d8b7bbc839af4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 12:15:18 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 16:30:47 GMT
etag: W/"6388d6b7-8569"
expires: Sun, 04 Dec 2022 12:15:20 GMT
cache-control: max-age=14400
hserver: 6
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fjuF2sNwBAdz0yFLsOCyZrr0lTg3s2mm9w1%2FCrXAed248By1XGnhqrUEl%2F4tcAcyx6F2u%2Fxmf24EHOcu6%2BwKmRnmVEncekbEuYn4XKUtYfyv5M3kf%2FuCNVo2zcfMAMnK36BqG8wqVA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77447779dbb61c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 68570b7de13c7dfdf686da25ce10d668
61c1304152f11e6a83c383fff8d5e498c4385e6f
537302c07522f4bf1e766fbb1a8da346f59526715a5fcecd3f6aa4817b6b32ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 12:15:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash f54a71942ab5d7fdc54672cf84aa76db
e03db706ad371c93ddd3cc4a3e4c329777bb5f4b
87453ee6a206085c9b82594123a30bf59f7354733d19f21e388dea70768198c9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 12:15:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash f54a71942ab5d7fdc54672cf84aa76db
e03db706ad371c93ddd3cc4a3e4c329777bb5f4b
87453ee6a206085c9b82594123a30bf59f7354733d19f21e388dea70768198c9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 12:15:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/WN5AJRoEZfI
216.58.211.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/WN5AJRoEZfI
IP 216.58.211.3:0
Hash e7a4da88dca7c33d8c1dadeb50434a05
ec57f5aeafcefa632318ca94ca978a28735cdc33
0d42f6919f4471da111ec840e2739b1d32b54c36b89e57be5afe3e76fb38d204
POST /s/gts1p5/WN5AJRoEZfI HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 12:15:18 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/ddm/fls/i/src=9774526;type=pmhjo0;cat=all_s00;ord=1;num=3213901852609;gtm=2wgbu0;auiddc=831963223.1670156116;~oref=https%3A%2F%2Fwheel.olympia.casino%2F%3Fstag%3D125932_638c8f551b2d8b7bbc839af4
216.58.207.226200 OK 272 B URL HTTP/2 adservice.google.com/ddm/fls/i/src=9774526;type=pmhjo0;cat=all_s00;ord=1;num=3213901852609;gtm=2wgbu0;auiddc=831963223.1670156116;~oref=https%3A%2F%2Fwheel.olympia.casino%2F%3Fstag%3D125932_638c8f551b2d8b7bbc839af4
IP 216.58.207.226:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (497), with no line terminators
Hash a3217bd9a8987dd3cc34e51d625f388d
ce004d5516dbd32c01aa7bbd4dda0aa108ae525d
ef49c688c0d6f79749b9e4b9c1a42d24d69fe907e38f9211c74a7dd127099f3a
GET /ddm/fls/i/src=9774526;type=pmhjo0;cat=all_s00;ord=1;num=3213901852609;gtm=2wgbu0;auiddc=831963223.1670156116;~oref=https%3A%2F%2Fwheel.olympia.casino%2F%3Fstag%3D125932_638c8f551b2d8b7bbc839af4 HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9774526.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 04 Dec 2022 12:15:18 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 272
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/ddm/fls/i/src=9774526;type=pmhjo0;cat=landi0;ord=3792821638728;gtm=2wgbu0;auiddc=831963223.1670156116;~oref=https%3A%2F%2Fwheel.olympia.casino%2F%3Fstag%3D125932_638c8f551b2d8b7bbc839af4
216.58.207.226200 OK 269 B URL HTTP/2 adservice.google.com/ddm/fls/i/src=9774526;type=pmhjo0;cat=landi0;ord=3792821638728;gtm=2wgbu0;auiddc=831963223.1670156116;~oref=https%3A%2F%2Fwheel.olympia.casino%2F%3Fstag%3D125932_638c8f551b2d8b7bbc839af4
IP 216.58.207.226:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (490), with no line terminators
Hash 6cf2b5ab3b32dcf7fa84f3d96dcd71f3
bcbb0c9cdb3e3bcaa22c6b3294806ad88ca7d637
f5ea8ea1ba0b839453568c7ff25d95df55f9663a24f565aab08988512860d191
GET /ddm/fls/i/src=9774526;type=pmhjo0;cat=landi0;ord=3792821638728;gtm=2wgbu0;auiddc=831963223.1670156116;~oref=https%3A%2F%2Fwheel.olympia.casino%2F%3Fstag%3D125932_638c8f551b2d8b7bbc839af4 HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9774526.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 04 Dec 2022 12:15:18 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 269
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/ddm/fls/i/src=9774526;type=pmhjo0;cat=all_s0;ord=7514628405355;gtm=2wgbu0;auiddc=831963223.1670156116;~oref=https%3A%2F%2Fwheel.olympia.casino%2F%3Fstag%3D125932_638c8f551b2d8b7bbc839af4
216.58.207.226200 OK 268 B URL HTTP/2 adservice.google.com/ddm/fls/i/src=9774526;type=pmhjo0;cat=all_s0;ord=7514628405355;gtm=2wgbu0;auiddc=831963223.1670156116;~oref=https%3A%2F%2Fwheel.olympia.casino%2F%3Fstag%3D125932_638c8f551b2d8b7bbc839af4
IP 216.58.207.226:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (490), with no line terminators
Hash 99ac1fcc9471cf33d530e182e4dcf98b
066f5311824e3c1793ae4910bec7baef41dfcfbb
37cec02828cedf13f34846daa8cd29fe071f29f73abba5d8dcf4b065041a4fec
GET /ddm/fls/i/src=9774526;type=pmhjo0;cat=all_s0;ord=7514628405355;gtm=2wgbu0;auiddc=831963223.1670156116;~oref=https%3A%2F%2Fwheel.olympia.casino%2F%3Fstag%3D125932_638c8f551b2d8b7bbc839af4 HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9774526.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 04 Dec 2022 12:15:18 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 268
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/ddm/fls/i/src=9774526;type=pmhjo0;cat=landi00;ord=1;num=8495337529335;gtm=2wgbu0;auiddc=831963223.1670156116;~oref=https%3A%2F%2Fwheel.olympia.casino%2F%3Fstag%3D125932_638c8f551b2d8b7bbc839af4
216.58.207.226200 OK 275 B URL HTTP/2 adservice.google.com/ddm/fls/i/src=9774526;type=pmhjo0;cat=landi00;ord=1;num=8495337529335;gtm=2wgbu0;auiddc=831963223.1670156116;~oref=https%3A%2F%2Fwheel.olympia.casino%2F%3Fstag%3D125932_638c8f551b2d8b7bbc839af4
IP 216.58.207.226:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (497), with no line terminators
Hash da49d590d4111d3bc7fc08376bd4dc1a
e115ef418f88a99247a7131a2563a2865956c53e
208d05488aef93f2b8d0c05fc5ec08b459efd53c11e3b3fa3ba8d31ff6d14d94
GET /ddm/fls/i/src=9774526;type=pmhjo0;cat=landi00;ord=1;num=8495337529335;gtm=2wgbu0;auiddc=831963223.1670156116;~oref=https%3A%2F%2Fwheel.olympia.casino%2F%3Fstag%3D125932_638c8f551b2d8b7bbc839af4 HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9774526.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 04 Dec 2022 12:15:18 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 275
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash f54a71942ab5d7fdc54672cf84aa76db
e03db706ad371c93ddd3cc4a3e4c329777bb5f4b
87453ee6a206085c9b82594123a30bf59f7354733d19f21e388dea70768198c9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 12:15:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
alexatracker.com/jscode/OAIA.js?sub1=wheel.olympia.casino&sub2=&sub3=&sub4=&sub5=&prid=
172.67.204.112200 OK 0 B URL HTTP/2 alexatracker.com/jscode/OAIA.js?sub1=wheel.olympia.casino&sub2=&sub3=&sub4=&sub5=&prid=
IP 172.67.204.112:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /jscode/OAIA.js?sub1=wheel.olympia.casino&sub2=&sub3=&sub4=&sub5=&prid= HTTP/1.1
Host: alexatracker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wheel.olympia.casino/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 12:15:18 GMT
content-type: application/json; charset=UTF-8
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
cf-cache-status: BYPASS
set-cookie: trbarid=873c57397eb37aaae77b5f2fbe40d86f0e884d75899a7ecc22e0564fe631e0e0a%3A2%3A%7Bi%3A0%3Bs%3A7%3A%22trbarid%22%3Bi%3A1%3Bi%3A7568933640920141654%3B%7D; expires=Sun, 08-Dec-2024 12:15:18 GMT; Max-Age=63504000; path=/; secure; HttpOnly; SameSite=None
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KHhvNHdXkTmgLretYUAMpc5y2kDz27sG3yBEFG4oq78nxFyUcne%2BIlBZlx3pwZ14L9cyBVLN3Urqt4SgY6aYO6wQrfqkuhHp0H1cdzd1ISnlUtyiYLtCHV6Hg6rYV9Q9dwJC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7744777e3901b529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 689 B IP 216.58.211.3:0
Hash e768aa046f4df3af32a76cce3343c249
0237de42b0d9541b0d47639d5a6a7efb93293bf2
791aba0ff913a3540578531869cdc1f06e5642affc2148258e3e6860072659e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 12:15:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 663979bbd831a40bec8611cfac8d77af
aa43c96676a33100f244e6772e37adc2b6f89b76
60c21027da288e857f546b531dd226d81206bfa85a35985b0e1587a68dec4d5b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 12:15:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 2dabd839729e9b0fb2558253d850126b
64f617aa0afb52168ef3519a4cf9829ac61ee007
1a47e4d0efdac6fbec990e3e168bfdfe615ff8953158773e8b1940d4d91eee18
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 12:15:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/gtm/optimize.js?id=GTM-57WMTNT
142.250.74.46200 OK 45 kB URL HTTP/2 www.google-analytics.com/gtm/optimize.js?id=GTM-57WMTNT
IP 142.250.74.46:0
File type ASCII text, with very long lines (1921)
Hash f218ae5f3d315d34a23fac2639a046c9
50672a91d8d56a368d08465cc2d88860c979876d
43becce1c7c9d176bd4ee3cf3cb7e662f82fab66cebe844f81cf4472980c5a48
GET /gtm/optimize.js?id=GTM-57WMTNT HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wheel.olympia.casino/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 04 Dec 2022 12:15:19 GMT
expires: Sun, 04 Dec 2022 12:15:19 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 45155
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 663979bbd831a40bec8611cfac8d77af
aa43c96676a33100f244e6772e37adc2b6f89b76
60c21027da288e857f546b531dd226d81206bfa85a35985b0e1587a68dec4d5b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 12:15:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/1p-conversion/693592642/?random=1670156116123&cv=11&fst=1670156116123&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&label=MuzlCJTz-7gBEMLE3coC&hn=www.google.com&frm=0&url=https%3A%2F%2Fwheel.olympia.casino%2F%3Fstag%3D125932_638c8f551b2d8b7bbc839af4&tiba=Olympia%20Casino%20%E2%80%94%20Top%20Games%20of%20Chance%20%7C%20Olympia&value=0&bttype=purchase&auid=831963223.1670156116&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
216.58.207.228302 Found 63 B URL HTTP/2 www.google.com/pagead/1p-conversion/693592642/?random=1670156116123&cv=11&fst=1670156116123&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&label=MuzlCJTz-7gBEMLE3coC&hn=www.google.com&frm=0&url=https%3A%2F%2Fwheel.olympia.casino%2F%3Fstag%3D125932_638c8f551b2d8b7bbc839af4&tiba=Olympia%20Casino%20%E2%80%94%20Top%20Games%20of%20Chance%20%7C%20Olympia&value=0&bttype=purchase&auid=831963223.1670156116&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
IP 216.58.207.228:0
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/693592642/?random=1670156116123&cv=11&fst=1670156116123&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&label=MuzlCJTz-7gBEMLE3coC&hn=www.google.com&frm=0&url=https%3A%2F%2Fwheel.olympia.casino%2F%3Fstag%3D125932_638c8f551b2d8b7bbc839af4&tiba=Olympia%20Casino%20%E2%80%94%20Top%20Games%20of%20Chance%20%7C%20Olympia&value=0&bttype=purchase&auid=831963223.1670156116&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wheel.olympia.casino/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 04 Dec 2022 12:15:19 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-conversion/693592642/?random=1670156116123&cv=11&fst=1670156116123&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&label=MuzlCJTz-7gBEMLE3coC&hn=www.google.com&frm=0&url=https%3A%2F%2Fwheel.olympia.casino%2F%3Fstag%3D125932_638c8f551b2d8b7bbc839af4&tiba=Olympia%20Casino%20%E2%80%94%20Top%20Games%20of%20Chance%20%7C%20Olympia&value=0&bttype=purchase&auid=831963223.1670156116&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/693592642/?random=1670156116123&cv=11&fst=1670156116123&fmt=3&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&label=MuzlCJTz-7gBEMLE3coC&hn=www.google.com&frm=0&url=https%3A%2F%2Fwheel.olympia.casino%2F%3Fstag%3D125932_638c8f551b2d8b7bbc839af4&tiba=Olympia%20Casino%20%E2%80%94%20Top%20Games%20of%20Chance%20%7C%20Olympia&value=0&bttype=purchase&auid=831963223.1670156116&gcp=1&ct_cookie_present=1
216.58.211.2200 OK 42 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/693592642/?random=1670156116123&cv=11&fst=1670156116123&fmt=3&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&label=MuzlCJTz-7gBEMLE3coC&hn=www.google.com&frm=0&url=https%3A%2F%2Fwheel.olympia.casino%2F%3Fstag%3D125932_638c8f551b2d8b7bbc839af4&tiba=Olympia%20Casino%20%E2%80%94%20Top%20Games%20of%20Chance%20%7C%20Olympia&value=0&bttype=purchase&auid=831963223.1670156116&gcp=1&ct_cookie_present=1
IP 216.58.211.2:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/viewthroughconversion/693592642/?random=1670156116123&cv=11&fst=1670156116123&fmt=3&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&label=MuzlCJTz-7gBEMLE3coC&hn=www.google.com&frm=0&url=https%3A%2F%2Fwheel.olympia.casino%2F%3Fstag%3D125932_638c8f551b2d8b7bbc839af4&tiba=Olympia%20Casino%20%E2%80%94%20Top%20Games%20of%20Chance%20%7C%20Olympia&value=0&bttype=purchase&auid=831963223.1670156116&gcp=1&ct_cookie_present=1 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wheel.olympia.casino/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 04 Dec 2022 12:15:19 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 04-Dec-2022 12:30:19 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
js.datadome.co/tags.js
143.204.55.44200 OK 43 kB IP 143.204.55.44:0
File type ASCII text, with very long lines (65432)
Hash 1e9601b9f2fcd0d1d742e87fd046749c
88431bfdad7d8be4cf62396a57aebcec0de09827
4bcdd319b49ac3e4683e774aefe69157100f9ebee3bc428e425cfc93a7da9feb
GET /tags.js HTTP/1.1
Host: js.datadome.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wheel.olympia.casino/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript
content-length: 43164
server: Apache
strict-transport-security: max-age=15768000
last-modified: Thu, 17 Nov 2022 15:19:16 GMT
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
date: Sun, 04 Dec 2022 11:19:58 GMT
cache-control: max-age=3600, public
expires: Sun, 04 Dec 2022 12:19:58 GMT
etag: "33bf8-5edac1cc94a7f-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ZiKbokDV6mdyPX69K8FYkClKGgekh5qoHX-_NCYFlcqId5ePi9tCkg==
age: 3321
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/WN5AJRoEZfI
216.58.211.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/WN5AJRoEZfI
IP 216.58.211.3:0
Hash e7a4da88dca7c33d8c1dadeb50434a05
ec57f5aeafcefa632318ca94ca978a28735cdc33
0d42f6919f4471da111ec840e2739b1d32b54c36b89e57be5afe3e76fb38d204
POST /s/gts1p5/WN5AJRoEZfI HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 12:15:19 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mpsnare.iesnare.com/general5/wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
54.195.39.4200 OK 19 kB URL HTTP/1.1 mpsnare.iesnare.com/general5/wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
IP 54.195.39.4:0
File type ASCII text, with very long lines (1056)
Hash fb218ba6c75f7676201ae5f9e1772f5a
cadb1fc7750c02212e41ec80b2c7a88ba09f9fbc
89c4522fc8cb6b70f7efc293a8a1f64c712ca4730de38c152e7154ac3d5f6773
GET /general5/wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false HTTP/1.1
Host: mpsnare.iesnare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wheel.olympia.casino/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:15:19 GMT
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: io_token_7c6a6574-f011-4c9a-abdd-9894a102ccef=oI8nblqZQSLVsNaQXMrakCfngNEVhV2t9haO9S5oVUI=;Path=/;Expires=Mon, 04-Dec-2023 12:15:19 GMT;Max-Age=31536000;Secure;HttpOnly;SameSite=None
Cache-Control: no-cache, private
Pragma: no-cache
Expires: 0
p3p: CP="NON DSP COR CURa"
Accept-CH: ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip
mpsnare.iesnare.com/time.mp3?nocache=0.7884281621900746
54.195.39.4206 Partial Content 504 B URL HTTP/1.1 mpsnare.iesnare.com/time.mp3?nocache=0.7884281621900746
IP 54.195.39.4:0
File type MPEG ADTS, layer III, v2.5, 32 kbps, 8 kHz, JntStereo\012- data
Hash cfe47da3367b896cf8fe9d23144e6294
5eb28e56c71ce7e851b99b4d90b4091e3090243a
2857eb76b4850703192f5d42bc145b2384147fcb65f63b5447ed74664e241507
GET /time.mp3?nocache=0.7884281621900746 HTTP/1.1
Host: mpsnare.iesnare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://wheel.olympia.casino/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 206 Partial Content
Server: nginx
Date: Sun, 04 Dec 2022 12:15:19 GMT
Content-Type: audio/mpeg
Content-Length: 504
Connection: keep-alive
Content-Disposition: inline; filename=time.mp3
Content-Range: bytes 0-503/504
Accept-Ranges: bytes
Pragma: public
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 2dabd839729e9b0fb2558253d850126b
64f617aa0afb52168ef3519a4cf9829ac61ee007
1a47e4d0efdac6fbec990e3e168bfdfe615ff8953158773e8b1940d4d91eee18
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 12:15:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js
151.101.129.229200 OK 66 kB URL HTTP/2 cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js
IP 151.101.129.229:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (589)
Hash 0250b3e7cecccb8301b34f9a7c950781
e8e189885818a23d5289075bccdb828c3e0899e5
e20998cabddd6d1279fe345cf21752e92035000bea6265c2034066df4f0ae987
GET /npm/yandex-metrica-watch/watch.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wheel.olympia.casino/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.250.0
x-jsd-version-type: version
etag: W/"284a9-olkblV5dKsPdtysJ+KUa6G+Eb18"
content-encoding: gzip
accept-ranges: bytes
date: Sun, 04 Dec 2022 12:15:19 GMT
age: 21010
x-served-by: cache-fra-eddf8230043-FRA, cache-bma1673-BMA
x-cache: MISS, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 66541
X-Firefox-Spdy: h2
adservice.google.no/ddm/fls/i/src=9774526;type=pmhjo0;cat=all_s00;ord=1;num=3213901852609;gtm=2wgbu0;auiddc=831963223.1670156116;~oref=https%3A%2F%2Fwheel.olympia.casino%2F%3Fstag%3D125932_638c8f551b2d8b7bbc839af4
216.58.207.226200 OK 85 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=9774526;type=pmhjo0;cat=all_s00;ord=1;num=3213901852609;gtm=2wgbu0;auiddc=831963223.1670156116;~oref=https%3A%2F%2Fwheel.olympia.casino%2F%3Fstag%3D125932_638c8f551b2d8b7bbc839af4
IP 216.58.207.226:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb
GET /ddm/fls/i/src=9774526;type=pmhjo0;cat=all_s00;ord=1;num=3213901852609;gtm=2wgbu0;auiddc=831963223.1670156116;~oref=https%3A%2F%2Fwheel.olympia.casino%2F%3Fstag%3D125932_638c8f551b2d8b7bbc839af4 HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 04 Dec 2022 12:15:19 GMT
expires: Sun, 04 Dec 2022 12:15:19 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/ddm/fls/i/src=9774526;type=pmhjo0;cat=landi0;ord=3792821638728;gtm=2wgbu0;auiddc=831963223.1670156116;~oref=https%3A%2F%2Fwheel.olympia.casino%2F%3Fstag%3D125932_638c8f551b2d8b7bbc839af4
216.58.207.226200 OK 85 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=9774526;type=pmhjo0;cat=landi0;ord=3792821638728;gtm=2wgbu0;auiddc=831963223.1670156116;~oref=https%3A%2F%2Fwheel.olympia.casino%2F%3Fstag%3D125932_638c8f551b2d8b7bbc839af4
IP 216.58.207.226:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb
GET /ddm/fls/i/src=9774526;type=pmhjo0;cat=landi0;ord=3792821638728;gtm=2wgbu0;auiddc=831963223.1670156116;~oref=https%3A%2F%2Fwheel.olympia.casino%2F%3Fstag%3D125932_638c8f551b2d8b7bbc839af4 HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 04 Dec 2022 12:15:19 GMT
expires: Sun, 04 Dec 2022 12:15:19 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/ddm/fls/i/src=9774526;type=pmhjo0;cat=landi00;ord=1;num=8495337529335;gtm=2wgbu0;auiddc=831963223.1670156116;~oref=https%3A%2F%2Fwheel.olympia.casino%2F%3Fstag%3D125932_638c8f551b2d8b7bbc839af4
216.58.207.226200 OK 85 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=9774526;type=pmhjo0;cat=landi00;ord=1;num=8495337529335;gtm=2wgbu0;auiddc=831963223.1670156116;~oref=https%3A%2F%2Fwheel.olympia.casino%2F%3Fstag%3D125932_638c8f551b2d8b7bbc839af4
IP 216.58.207.226:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb
GET /ddm/fls/i/src=9774526;type=pmhjo0;cat=landi00;ord=1;num=8495337529335;gtm=2wgbu0;auiddc=831963223.1670156116;~oref=https%3A%2F%2Fwheel.olympia.casino%2F%3Fstag%3D125932_638c8f551b2d8b7bbc839af4 HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 04 Dec 2022 12:15:19 GMT
expires: Sun, 04 Dec 2022 12:15:19 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/ddm/fls/i/src=9774526;type=pmhjo0;cat=all_s0;ord=7514628405355;gtm=2wgbu0;auiddc=831963223.1670156116;~oref=https%3A%2F%2Fwheel.olympia.casino%2F%3Fstag%3D125932_638c8f551b2d8b7bbc839af4
216.58.207.226200 OK 85 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=9774526;type=pmhjo0;cat=all_s0;ord=7514628405355;gtm=2wgbu0;auiddc=831963223.1670156116;~oref=https%3A%2F%2Fwheel.olympia.casino%2F%3Fstag%3D125932_638c8f551b2d8b7bbc839af4
IP 216.58.207.226:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb
GET /ddm/fls/i/src=9774526;type=pmhjo0;cat=all_s0;ord=7514628405355;gtm=2wgbu0;auiddc=831963223.1670156116;~oref=https%3A%2F%2Fwheel.olympia.casino%2F%3Fstag%3D125932_638c8f551b2d8b7bbc839af4 HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 04 Dec 2022 12:15:19 GMT
expires: Sun, 04 Dec 2022 12:15:19 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2501
Expires: Sun, 04 Dec 2022 12:57:00 GMT
Date: Sun, 04 Dec 2022 12:15:19 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2501
Expires: Sun, 04 Dec 2022 12:57:00 GMT
Date: Sun, 04 Dec 2022 12:15:19 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2501
Expires: Sun, 04 Dec 2022 12:57:00 GMT
Date: Sun, 04 Dec 2022 12:15:19 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c01fe1cccdb3b672bbade6d98217ffe9
a9a529dc9894827f6243a1bf57f81caa4fe88fc2
c43da6212c79a08e22e78e04e99e8f5422e64b4b0a87f30b7907f1b4bc675c71
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4666
x-amzn-requestid: 850d341f-5ccb-453c-8adf-a8194f8fbdad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clr_-GiboAMFwww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc066-766293f2526e637235067aca;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: z5uqgjB-Bsl0U55a8aFi37cpJ65Vnbjm6bJ2GnMpaO7RXsMZsOCbPQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:44:01 GMT
age: 52278
etag: "a9a529dc9894827f6243a1bf57f81caa4fe88fc2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 14dcca2a9c4792d835ee709bcd947402
1d702df3a64258628f4124eafd580695f2d350af
da01dcd8fef7c50bdb6f7a8a6a4955694092f479df3dba72f7fa69d7280d07b2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 16143
x-amzn-requestid: dc86fad4-4e53-42c9-9b0a-5e4d2cfcd087
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdGyLGqmoAMFnaA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851a7-0ea324b31e8c6578098b8ab9;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:03 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KHd4ajJWl-8TDH5HGbkuJXI4NL6I83IwSUBKzfq85cxpyRH_LGl6OA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 05:55:20 GMT
age: 22799
etag: "1d702df3a64258628f4124eafd580695f2d350af"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 663979bbd831a40bec8611cfac8d77af
aa43c96676a33100f244e6772e37adc2b6f89b76
60c21027da288e857f546b531dd226d81206bfa85a35985b0e1587a68dec4d5b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 12:15:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61cc2744-b517-4404-bfa2-25fadadfa3f3.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61cc2744-b517-4404-bfa2-25fadadfa3f3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2636f91bb8fa4d9bb7bef114c248a9ae
8637105f41058bc0d2b259d462b560881928adb6
3d93fd8fcf1af31d00ccbd453142dbea5f2b91d7f58373095943ed40a31ed1f7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61cc2744-b517-4404-bfa2-25fadadfa3f3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10431
x-amzn-requestid: f79ab5e7-8c1b-4827-a531-aaa19c1d80aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsCGEwxIAMF34g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc073-6358d2950955884c470c0a89;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PQ7xh995cd1UVi3z42EVZGjQjHLLvtAP5BBC-xLEEGr4mEiXS6fC-w==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:47:06 GMT
age: 52093
etag: "8637105f41058bc0d2b259d462b560881928adb6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash db1701b7b9d161a0c935bb6e10b17893
22a8c4bd58c729c1abcf794466e8f3231dfb034b
b495524a33e5b1d3ba34cfbe867ada0da956c061370b1fcde06b23a6194a9787
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8315
x-amzn-requestid: f1bcc33b-aad9-4d3b-b1f9-49282f2d4fb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAMGVboAMFfxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc067-13472a097177d4751c8f7a8c;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JuY0xcLDiERwrVhq33d4PP64liDqFfk9bc9xX1H62o0tOwrt1ek7Pg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:42:39 GMT
age: 52360
etag: "22a8c4bd58c729c1abcf794466e8f3231dfb034b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19c9bb39-be15-49f9-aad9-2cc511601111.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19c9bb39-be15-49f9-aad9-2cc511601111.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a6e7b32ac999cf3c899a234c621fa91a
fc5d4f3163ebb9faf85968cbb1d194e8e68418be
f12db3aed126006fee00649aba0b3eaae900de200b85b9523866a90b5494f18e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19c9bb39-be15-49f9-aad9-2cc511601111.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8989
x-amzn-requestid: abce0b01-f70c-42ad-b242-5a24735fe4c2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltl4Gk2oAMFSWQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc2f2-1cccffff5199dffe70264a95;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:43:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PFl7VUrzRkMFNnTiIw_cbGCyrEFn43eUSlZfT0nUhUmjjyXT7JfjMA==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:50:01 GMT
age: 51918
etag: "fc5d4f3163ebb9faf85968cbb1d194e8e68418be"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
151.101.194.133200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 151.101.194.133:0
Hash 28fb556c6d3f60f94670521a91c98113
2e0dcb2918ba5f4eed7284e06ebd6a125c8d65fa
0b84f914ce1abd18260be81d46b349e729ac8e1cc9cd38d571b1cee9cb6a64a6
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1462
Content-Type: application/ocsp-response
Etag: "6CA052429F7FA812A0E2670968AF15A06F49D5DB"
Expires: Sun, 04 Dec 2022 23:00:00 UTC
Last-Modified: Sun, 04 Dec 2022 11:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
Accept-Ranges: bytes
Date: Sun, 04 Dec 2022 12:15:19 GMT
Via: 1.1 varnish
Age: 3224
X-Served-By: cache-bma1630-BMA
X-Cache: HIT
X-Cache-Hits: 11
X-Timer: S1670156119.265836,VS0,VE0
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 43309032a892c486f9985ef520df696e
36f4682ca6a33ff80ee02129c77e6f27e996ede0
24225ff504f30405d9ec3feb2555c738fcca0d6b265f285aa9c73a64c78a496e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5681
x-amzn-requestid: 8f0d66b8-d532-48d9-9a29-74540cd6ab3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltXnEotIAMFqkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc296-27349a376ff819ab63b04a81;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:41:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vNP2rQwmWTntetjJyjonO8N_YOBqvQuZUm42BWX7c1GoX7jASOIpCg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:49:42 GMT
age: 51937
etag: "36f4682ca6a33ff80ee02129c77e6f27e996ede0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-R7FNVBZ741>m=2oebu0&_p=411301203&cid=1794525780.1670156116&ul=en-us&sr=1280x1024&_s=1&sid=1670156116&sct=1&seg=0&dl=https%3A%2F%2Fwheel.olympia.casino%2F%3Fstag%3D125932_638c8f551b2d8b7bbc839af4&dt=Olympia%20Casino%20%E2%80%94%20Top%20Games%20of%20Chance%20%7C%20Olympia&en=page_view&_fv=1&_nsi=1&_ss=2&ep.clientId=&epn.timestamp=1670156116098&ep.is_landing=true&up.clientId=
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-R7FNVBZ741>m=2oebu0&_p=411301203&cid=1794525780.1670156116&ul=en-us&sr=1280x1024&_s=1&sid=1670156116&sct=1&seg=0&dl=https%3A%2F%2Fwheel.olympia.casino%2F%3Fstag%3D125932_638c8f551b2d8b7bbc839af4&dt=Olympia%20Casino%20%E2%80%94%20Top%20Games%20of%20Chance%20%7C%20Olympia&en=page_view&_fv=1&_nsi=1&_ss=2&ep.clientId=&epn.timestamp=1670156116098&ep.is_landing=true&up.clientId=
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-R7FNVBZ741>m=2oebu0&_p=411301203&cid=1794525780.1670156116&ul=en-us&sr=1280x1024&_s=1&sid=1670156116&sct=1&seg=0&dl=https%3A%2F%2Fwheel.olympia.casino%2F%3Fstag%3D125932_638c8f551b2d8b7bbc839af4&dt=Olympia%20Casino%20%E2%80%94%20Top%20Games%20of%20Chance%20%7C%20Olympia&en=page_view&_fv=1&_nsi=1&_ss=2&ep.clientId=&epn.timestamp=1670156116098&ep.is_landing=true&up.clientId= HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wheel.olympia.casino
Connection: keep-alive
Referer: https://wheel.olympia.casino/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://wheel.olympia.casino
date: Sun, 04 Dec 2022 12:15:19 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 283 B IP 172.64.155.188:0
Hash a1ea2512e6be399f15c57786eaea6724
22a7ce28619fcdd0a636a843244b3c743ecd9e85
be26bd30a4722ec9a3161c2fff5810759c2069ed5ce0eef3fdd52eec4843c0be
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 12:15:19 GMT
Content-Type: application/ocsp-response
Content-Length: 283
Connection: keep-alive
Last-Modified: Fri, 02 Dec 2022 06:32:35 GMT
Expires: Fri, 09 Dec 2022 06:32:34 GMT
Etag: "22a7ce28619fcdd0a636a843244b3c743ecd9e85"
Cache-Control: max-age=410834,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 774477808be8b529-OSL
mpsnare.iesnare.com/star
54.195.39.4101 Switching Protocols 0 B IP 54.195.39.4:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /star HTTP/1.1
Host: mpsnare.iesnare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://wheel.olympia.casino
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: g0/WLjGOQLvE7sE/y9sOrA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Server: nginx
Date: Sun, 04 Dec 2022 12:15:19 GMT
Connection: upgrade
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Accept: HVNovecsSCNjB1v5hqLRLrmS+rA=
Upgrade: WebSocket
mpsnare.iesnare.com/5.5.0/logo.js
54.195.39.4200 OK 420 B URL HTTP/1.1 mpsnare.iesnare.com/5.5.0/logo.js
IP 54.195.39.4:0
File type ASCII text, with very long lines (377)
Hash acaf5b80656e354e50974537af3fbee5
2b58532d0ead61568e27d7ddfd309ac7fcf119e1
c44d59e5bfa0ed8f2d306b675e079167ccbc146e579226301c5dc56d9188af07
GET /5.5.0/logo.js HTTP/1.1
Host: mpsnare.iesnare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wheel.olympia.casino/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:15:19 GMT
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 06 May 2014 00:01:40 GMT
Expires: Mon, 04 Dec 2023 12:15:19 GMT
Cache-Control: private
p3p: CP="NON DSP COR CURa"
Accept-CH: ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip
mpsnare.iesnare.com/time.mp3?nocache=0.7904739253494162
54.195.39.4206 Partial Content 504 B URL HTTP/1.1 mpsnare.iesnare.com/time.mp3?nocache=0.7904739253494162
IP 54.195.39.4:0
File type MPEG ADTS, layer III, v2.5, 32 kbps, 8 kHz, JntStereo\012- data
Hash cfe47da3367b896cf8fe9d23144e6294
5eb28e56c71ce7e851b99b4d90b4091e3090243a
2857eb76b4850703192f5d42bc145b2384147fcb65f63b5447ed74664e241507
GET /time.mp3?nocache=0.7904739253494162 HTTP/1.1
Host: mpsnare.iesnare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://wheel.olympia.casino/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 206 Partial Content
Server: nginx
Date: Sun, 04 Dec 2022 12:15:19 GMT
Content-Type: audio/mpeg
Content-Length: 504
Connection: keep-alive
Content-Disposition: inline; filename=time.mp3
Content-Range: bytes 0-503/504
Accept-Ranges: bytes
Pragma: public
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
www.google.no/pagead/1p-conversion/693592642/?random=1670156116123&cv=11&fst=1670156116123&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&label=MuzlCJTz-7gBEMLE3coC&hn=www.google.com&frm=0&url=https%3A%2F%2Fwheel.olympia.casino%2F%3Fstag%3D125932_638c8f551b2d8b7bbc839af4&tiba=Olympia%20Casino%20%E2%80%94%20Top%20Games%20of%20Chance%20%7C%20Olympia&value=0&bttype=purchase&auid=831963223.1670156116&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
142.250.74.163200 OK 63 B URL HTTP/2 www.google.no/pagead/1p-conversion/693592642/?random=1670156116123&cv=11&fst=1670156116123&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&label=MuzlCJTz-7gBEMLE3coC&hn=www.google.com&frm=0&url=https%3A%2F%2Fwheel.olympia.casino%2F%3Fstag%3D125932_638c8f551b2d8b7bbc839af4&tiba=Olympia%20Casino%20%E2%80%94%20Top%20Games%20of%20Chance%20%7C%20Olympia&value=0&bttype=purchase&auid=831963223.1670156116&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
IP 142.250.74.163:0
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/693592642/?random=1670156116123&cv=11&fst=1670156116123&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&label=MuzlCJTz-7gBEMLE3coC&hn=www.google.com&frm=0&url=https%3A%2F%2Fwheel.olympia.casino%2F%3Fstag%3D125932_638c8f551b2d8b7bbc839af4&tiba=Olympia%20Casino%20%E2%80%94%20Top%20Games%20of%20Chance%20%7C%20Olympia&value=0&bttype=purchase&auid=831963223.1670156116&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wheel.olympia.casino/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 04 Dec 2022 12:15:19 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
gde-default.hit.gemius.pl/gdejs/xgde.js
185.11.128.206200 OK 19 kB URL HTTP/2 gde-default.hit.gemius.pl/gdejs/xgde.js
IP 185.11.128.206:0
ASN #50599 Data Space Sp. z o.o.
File type ASCII text, with very long lines (1202)
Hash 9aa7eb9278e76072c921e6e462099a4f
aa02cc49999555344513f15e6e6e6fb2900ddfd7
b9c2686e1b4861c3d4adc18f21797c43e5848ccb4a032d1f857700f5ffcda9a6
GET /gdejs/xgde.js HTTP/1.1
Host: gde-default.hit.gemius.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wheel.olympia.casino/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 12:15:19 GMT
expires: Mon, 05 Dec 2022 12:15:19 GMT
server: GHC
accept-ranges: none
cache-control: public, max-age=86400
last-modified: Wed, 31 Aug 2022 06:49:43 GMT
etag: "630F04870000D964BC018988"
vary: Accept-Encoding,Origin
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
content-length: 19348
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 5ae3e58834e78fd5f6d0f95813a40892
c48317abdfbe60ea762ef698297843e42e6b63b9
a19d15b020e91bdea9fec2ab40b20a3ba5ee3c7f3acb0dc1697a94d2220acdd0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 12:15:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
start-parimatch-com.appspot.com/collect?v=1&_v=j98&a=411301203&t=pageview&_s=1&dl=https%3A%2F%2Fwheel.olympia.casino%2F%3Fstag%3D125932_638c8f551b2d8b7bbc839af4&ul=en-us&de=UTF-8&dt=Olympia%20Casino%20%E2%80%94%20Top%20Games%20of%20Chance%20%7C%20Olympia&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YCDACEABRAAAACAUI~&jid=1083595389&gjid=1968152425&cid=1794525780.1670156116&tid=UA-1171079-5&_gid=1240891219.1670156117&_r=1>m=2wgbu05CZS6L&cd6=1794525780.1670156116&z=18775709&cd6=1794525780.1670156116
142.250.74.148404 Not Found 272 B URL HTTP/2 start-parimatch-com.appspot.com/collect?v=1&_v=j98&a=411301203&t=pageview&_s=1&dl=https%3A%2F%2Fwheel.olympia.casino%2F%3Fstag%3D125932_638c8f551b2d8b7bbc839af4&ul=en-us&de=UTF-8&dt=Olympia%20Casino%20%E2%80%94%20Top%20Games%20of%20Chance%20%7C%20Olympia&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YCDACEABRAAAACAUI~&jid=1083595389&gjid=1968152425&cid=1794525780.1670156116&tid=UA-1171079-5&_gid=1240891219.1670156117&_r=1>m=2wgbu05CZS6L&cd6=1794525780.1670156116&z=18775709&cd6=1794525780.1670156116
IP 142.250.74.148:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 9902fb9f7cf3e9a8dd26f45a5cb94113
91995c443aa89cdcf3ab52e2ea1ae3d4893624bc
6b43b396ba4708e5ffe9da06909bc2059e55b300f2434bc4181ca3a842d83bd6
GET /collect?v=1&_v=j98&a=411301203&t=pageview&_s=1&dl=https%3A%2F%2Fwheel.olympia.casino%2F%3Fstag%3D125932_638c8f551b2d8b7bbc839af4&ul=en-us&de=UTF-8&dt=Olympia%20Casino%20%E2%80%94%20Top%20Games%20of%20Chance%20%7C%20Olympia&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YCDACEABRAAAACAUI~&jid=1083595389&gjid=1968152425&cid=1794525780.1670156116&tid=UA-1171079-5&_gid=1240891219.1670156117&_r=1>m=2wgbu05CZS6L&cd6=1794525780.1670156116&z=18775709&cd6=1794525780.1670156116 HTTP/1.1
Host: start-parimatch-com.appspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wheel.olympia.casino/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
content-length: 272
content-type: text/html; charset=UTF-8
date: Sun, 04 Dec 2022 12:15:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
151.101.194.133200 OK 938 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 151.101.194.133:0
Hash 2d9237c6428d258ae09d42c2d47c2d03
db69f07ecce1f09e8b19c97c15bfa65f040b83da
1602b5d67965f0a7ab1373c24d89ac293dbf2e91f267f1d37a230a9d1d14a360
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 938
Server: nginx
Content-Type: application/ocsp-response
Expires: Thu, 08 Dec 2022 11:44:37 GMT
ETag: "db69f07ecce1f09e8b19c97c15bfa65f040b83da"
Last-Modified: Sun, 04 Dec 2022 11:44:38 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sun, 04 Dec 2022 12:15:19 GMT
Age: 1426
X-Served-By: cache-qpg1244-QPG, cache-bma1630-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 3, 96
X-Timer: S1670156119.470057,VS0,VE0
api-js.datadome.co/js/
13.51.39.45200 OK 235 B IP 13.51.39.45:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 9fcc4de0d2be9786ca0e734b6c26dd56
b28b0122ce650529b0fa334ebf225531d9e0ceb5
df80fad342baa6744bf8a931d49e450690fb4794af14e3c515cb8d64a25fb25a
POST /js/ HTTP/1.1
Host: api-js.datadome.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 3151
Origin: https://wheel.olympia.casino
Connection: keep-alive
Referer: https://wheel.olympia.casino/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 12:15:19 GMT
content-type: application/json;charset=utf-8
content-length: 235
server: DataDome
access-control-allow-origin: *
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
expires: 0
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 5ae3e58834e78fd5f6d0f95813a40892
c48317abdfbe60ea762ef698297843e42e6b63b9
a19d15b020e91bdea9fec2ab40b20a3ba5ee3c7f3acb0dc1697a94d2220acdd0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 12:15:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
gde-default.hit.gemius.pl/gdejs/xgde.html
185.11.128.206200 OK 215 B URL HTTP/2 gde-default.hit.gemius.pl/gdejs/xgde.html
IP 185.11.128.206:0
ASN #50599 Data Space Sp. z o.o.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 55e60b35e679aae2decd8d7b37c2c310
cc934f43ee3d226c5f8f040e42343bfc26b26f01
72796c74c2c95fe9d62ecc1ea25b00b824c095fd955b5c67e82eb2dd0b50600f
GET /gdejs/xgde.html HTTP/1.1
Host: gde-default.hit.gemius.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wheel.olympia.casino/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 12:15:19 GMT
expires: Mon, 05 Dec 2022 12:15:19 GMT
server: GHC
accept-ranges: none
cache-control: public, max-age=86400
last-modified: Fri, 18 Aug 2017 12:03:49 GMT
etag: "5996D7A50000012F9178E011"
vary: Accept-Encoding,Origin
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: text/html;charset=utf-8
content-length: 215
content-encoding: gzip
X-Firefox-Spdy: h2
mc.yandex.ru/watch/35233970?wmode=7&page-url=https%3A%2F%2Fwheel.olympia.casino%2F%3Fstag%3D125932_638c8f551b2d8b7bbc839af4&charset=utf-8&browser-info=pv%3A1%3Avf%3A255el9lxer4jhgs0gdua5w%3Afp%3A2482%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A1142678071419%3Ahid%3A197886306%3Az%3A0%3Ai%3A20221204121517%3Aet%3A1670156117%3Ac%3A1%3Arn%3A515471770%3Arqn%3A1%3Au%3A1670156117596129998%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A2%2C259%2C141%2C0%2C1064%2C0%2C%2C992%2C7%2C%2C%2C%2C2487%3Aco%3A0%3Ans%3A1670156114078%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670156117%3At%3AOlympia%20Casino%20%E2%80%94%20Top%20Games%20of%20Chance%20%7C%20Olympia&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
77.88.21.119302 Found 419 B URL HTTP/2 mc.yandex.ru/watch/35233970?wmode=7&page-url=https%3A%2F%2Fwheel.olympia.casino%2F%3Fstag%3D125932_638c8f551b2d8b7bbc839af4&charset=utf-8&browser-info=pv%3A1%3Avf%3A255el9lxer4jhgs0gdua5w%3Afp%3A2482%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A1142678071419%3Ahid%3A197886306%3Az%3A0%3Ai%3A20221204121517%3Aet%3A1670156117%3Ac%3A1%3Arn%3A515471770%3Arqn%3A1%3Au%3A1670156117596129998%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A2%2C259%2C141%2C0%2C1064%2C0%2C%2C992%2C7%2C%2C%2C%2C2487%3Aco%3A0%3Ans%3A1670156114078%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670156117%3At%3AOlympia%20Casino%20%E2%80%94%20Top%20Games%20of%20Chance%20%7C%20Olympia&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
IP 77.88.21.119:0
File type JSON data\012- , ASCII text, with very long lines (419), with no line terminators
Hash d4bacec4d04b881b805ed2b3880ac772
fc0bef71ae1125e36e6d1d9a6e71ffb9974cf275
082542a72e216332d1eef7577f2855f18e409f53ccd88302a8a019ad7e291e13
GET /watch/35233970?wmode=7&page-url=https%3A%2F%2Fwheel.olympia.casino%2F%3Fstag%3D125932_638c8f551b2d8b7bbc839af4&charset=utf-8&browser-info=pv%3A1%3Avf%3A255el9lxer4jhgs0gdua5w%3Afp%3A2482%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A1142678071419%3Ahid%3A197886306%3Az%3A0%3Ai%3A20221204121517%3Aet%3A1670156117%3Ac%3A1%3Arn%3A515471770%3Arqn%3A1%3Au%3A1670156117596129998%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A2%2C259%2C141%2C0%2C1064%2C0%2C%2C992%2C7%2C%2C%2C%2C2487%3Aco%3A0%3Ans%3A1670156114078%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670156117%3At%3AOlympia%20Casino%20%E2%80%94%20Top%20Games%20of%20Chance%20%7C%20Olympia&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wheel.olympia.casino
Connection: keep-alive
Referer: https://wheel.olympia.casino/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /watch/35233970/1?wmode=7&page-url=https%3A%2F%2Fwheel.olympia.casino%2F%3Fstag%3D125932_638c8f551b2d8b7bbc839af4&charset=utf-8&browser-info=pv%3A1%3Avf%3A255el9lxer4jhgs0gdua5w%3Afp%3A2482%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A1142678071419%3Ahid%3A197886306%3Az%3A0%3Ai%3A20221204121517%3Aet%3A1670156117%3Ac%3A1%3Arn%3A515471770%3Arqn%3A1%3Au%3A1670156117596129998%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A2%2C259%2C141%2C0%2C1064%2C0%2C%2C992%2C7%2C%2C%2C%2C2487%3Aco%3A0%3Ans%3A1670156114078%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670156117%3At%3AOlympia%20Casino%20%E2%80%94%20Top%20Games%20of%20Chance%20%7C%20Olympia&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Sun, 04 Dec 2022 12:15:19 GMT
access-control-allow-origin: https://wheel.olympia.casino
set-cookie: yabs-sid=678747841670156119; Path=/; SameSite=None; Secure
i=XO6hCkCzRo1LFTR7cD9Fbgtdq/6Lx7AZwLQogXtGM4aPM57E8HUbw8ncKadvaf2d2I+ThGyl2cLARQjjlu0M60OtaCw=; Expires=Wed, 01-Dec-2032 12:15:16 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=7495527121670156119; Expires=Mon, 04-Dec-2023 12:15:19 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=7495527121670156119; Expires=Mon, 04-Dec-2023 12:15:19 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1701692119.yc.1670156119#1701692119.yrts.1670156119#1701692119.yrtsi.1670156119; Expires=Mon, 04-Dec-2023 12:15:19 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 04-Dec-2022 12:15:19 GMT
last-modified: Sun, 04-Dec-2022 12:15:19 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/advert.gif
77.88.21.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 77.88.21.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wheel.olympia.casino/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sun, 04 Dec 2022 12:15:19 GMT
access-control-allow-origin: *
etag: "6388ac0c-2b"
expires: Sun, 04 Dec 2022 13:15:19 GMT
accept-ranges: bytes
last-modified: Thu, 01 Dec 2022 16:28:44 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
gde-default.hit.gemius.pl/gemius.js
185.11.128.206200 OK 17 kB URL HTTP/2 gde-default.hit.gemius.pl/gemius.js
IP 185.11.128.206:0
ASN #50599 Data Space Sp. z o.o.
File type ASCII text, with very long lines (417)
Hash df4ec30e16e59850123de04bde7895a8
0af30aa1fd1f2d1d292b6fa2d49c4217c649086e
65300cb6dfc065f9c4094af2bdcaa40a103e7846a1a62de7f396913d3ff77dcb
GET /gemius.js HTTP/1.1
Host: gde-default.hit.gemius.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gde-default.hit.gemius.pl/gdejs/xgde.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 12:15:19 GMT
expires: Mon, 05 Dec 2022 00:15:19 GMT
server: GHC
accept-ranges: none
cache-control: max-age=43200
last-modified: Thu, 10 Nov 2022 11:36:49 GMT
vary: Accept-Encoding,Origin
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
content-length: 17089
content-encoding: gzip
X-Firefox-Spdy: h2
gde-default.hit.gemius.pl/_1670156117356/redot.js?id=bDhAfVAWa6tcLtJTY4DiRpciLeUsPidinVsSrv4wvLv.H7&extra=ls%3D1%7Cffx%3D1%7Ctpb%3D0%7Cifr%3D0%7Ctq%3D1&lsdata=-TURNEDOFF&href=https%3A%2F%2Fwheel.olympia.casino%2F%3Fstag%3D125932_638c8f551b2d8b7bbc839af4
185.11.128.206301 Moved Permanently 0 B URL HTTP/2 gde-default.hit.gemius.pl/_1670156117356/redot.js?id=bDhAfVAWa6tcLtJTY4DiRpciLeUsPidinVsSrv4wvLv.H7&extra=ls%3D1%7Cffx%3D1%7Ctpb%3D0%7Cifr%3D0%7Ctq%3D1&lsdata=-TURNEDOFF&href=https%3A%2F%2Fwheel.olympia.casino%2F%3Fstag%3D125932_638c8f551b2d8b7bbc839af4
IP 185.11.128.206:0
ASN #50599 Data Space Sp. z o.o.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /_1670156117356/redot.js?id=bDhAfVAWa6tcLtJTY4DiRpciLeUsPidinVsSrv4wvLv.H7&extra=ls%3D1%7Cffx%3D1%7Ctpb%3D0%7Cifr%3D0%7Ctq%3D1&lsdata=-TURNEDOFF&href=https%3A%2F%2Fwheel.olympia.casino%2F%3Fstag%3D125932_638c8f551b2d8b7bbc839af4 HTTP/1.1
Host: gde-default.hit.gemius.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wheel.olympia.casino
Connection: keep-alive
Referer: https://wheel.olympia.casino/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Sun, 04 Dec 2022 12:15:19 GMT
expires: Sat, 03 Dec 2022 12:15:19 GMT
server: GHC
accept-ranges: none
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-origin: https://wheel.olympia.casino
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
set-cookie: Gtest=KlGw2MGGQMGGeq1ppkYymKMissGMXP8cERbG; Domain=hit.gemius.pl; Path=/; SameSite=None; Secure; Expires=Sun, 11 Dec 2022 12:15:19 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1670156117356/redot.js?id=bDhAfVAWa6tcLtJTY4DiRpciLeUsPidinVsSrv4wvLv.H7&extra=ls%3D1%7Cffx%3D1%7Ctpb%3D0%7Cifr%3D0%7Ctq%3D1&lsdata=-TURNEDOFF&href=https%3A%2F%2Fwheel.olympia.casino%2F%3Fstag%3D125932_638c8f551b2d8b7bbc839af4
content-length: 0
X-Firefox-Spdy: h2
gde-default.hit.gemius.pl/__/_1670156117356/redot.js?id=bDhAfVAWa6tcLtJTY4DiRpciLeUsPidinVsSrv4wvLv.H7&extra=ls%3D1%7Cffx%3D1%7Ctpb%3D0%7Cifr%3D0%7Ctq%3D1&lsdata=-TURNEDOFF&href=https%3A%2F%2Fwheel.olympia.casino%2F%3Fstag%3D125932_638c8f551b2d8b7bbc839af4
185.11.128.206200 OK 2 B URL HTTP/2 gde-default.hit.gemius.pl/__/_1670156117356/redot.js?id=bDhAfVAWa6tcLtJTY4DiRpciLeUsPidinVsSrv4wvLv.H7&extra=ls%3D1%7Cffx%3D1%7Ctpb%3D0%7Cifr%3D0%7Ctq%3D1&lsdata=-TURNEDOFF&href=https%3A%2F%2Fwheel.olympia.casino%2F%3Fstag%3D125932_638c8f551b2d8b7bbc839af4
IP 185.11.128.206:0
ASN #50599 Data Space Sp. z o.o.
Hash e1c06d85ae7b8b032bef47e42e4c08f9
71853c6197a6a7f222db0f1978c7cb232b87c5ee
75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070
GET /__/_1670156117356/redot.js?id=bDhAfVAWa6tcLtJTY4DiRpciLeUsPidinVsSrv4wvLv.H7&extra=ls%3D1%7Cffx%3D1%7Ctpb%3D0%7Cifr%3D0%7Ctq%3D1&lsdata=-TURNEDOFF&href=https%3A%2F%2Fwheel.olympia.casino%2F%3Fstag%3D125932_638c8f551b2d8b7bbc839af4 HTTP/1.1
Host: gde-default.hit.gemius.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wheel.olympia.casino
Referer: https://wheel.olympia.casino/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 12:15:19 GMT
expires: Sat, 03 Dec 2022 12:15:19 GMT
server: GHC
accept-ranges: none
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-origin: https://wheel.olympia.casino
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
set-cookie: Gtest=KlQT9MMGQMQGI2qG9rYymKMissGMXP8cERbG; Domain=hit.gemius.pl; Path=/; SameSite=None; Secure; Expires=Sun, 11 Dec 2022 12:15:19 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
content-length: 2
X-Firefox-Spdy: h2
wheel.olympia.casino/?stag=125932_638c8f551b2d8b7bbc839af4
104.21.92.47200 OK 0 B URL HTTP/2 wheel.olympia.casino/?stag=125932_638c8f551b2d8b7bbc839af4
IP 104.21.92.47:0
GET /?stag=125932_638c8f551b2d8b7bbc839af4 HTTP/1.1
Host: wheel.olympia.casino
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sun, 04 Dec 2022 12:15:17 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
hserver: 8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4BxzzW%2BL%2BGrf9tYtopyYkmEYTjAbIV51whuKa87Bq6royIeDhc752Qq6P1OzSWnzJJEhZ3FajvHc6l4GgFUxhb%2Fykdcf0GegdqwCg2PUwVXeVOP%2FS0pcgo2tUAnQV3BKX5Nz4sZD%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77447777f9f81c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wheel.olympia.casino/public/bundle.css?v=32
104.21.92.47200 OK 0 B URL HTTP/2 wheel.olympia.casino/public/bundle.css?v=32
IP 104.21.92.47:0
GET /public/bundle.css?v=32 HTTP/1.1
Host: wheel.olympia.casino
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wheel.olympia.casino/?stag=125932_638c8f551b2d8b7bbc839af4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 12:15:18 GMT
content-type: text/css
last-modified: Thu, 01 Sep 2022 09:10:37 GMT
etag: W/"1f5c2-5e799fc9436c7-gzip"
vary: Accept-Encoding
hserver: 10
cache-control: max-age=14400
cf-cache-status: HIT
age: 14
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XY6YSiwcSLCV2e1fw%2FRiBwauGAsLU2sfHLa4DJ1YJde%2Fyi8H57zU9TheDXasUlqM%2FEXLCoa7WOfUzzsgfDco4kvPqIcJavmJxRDVAf9XeLhGpGp%2Fhis0iaQGI4avs9HZNpzWFVOSNw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77447779dbaf1c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wheel.olympia.casino/public/modernizr-custom.js
104.21.92.47200 OK 0 B URL HTTP/2 wheel.olympia.casino/public/modernizr-custom.js
IP 104.21.92.47:0
GET /public/modernizr-custom.js HTTP/1.1
Host: wheel.olympia.casino
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wheel.olympia.casino/?stag=125932_638c8f551b2d8b7bbc839af4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 12:15:18 GMT
content-type: application/javascript
last-modified: Thu, 01 Sep 2022 09:10:37 GMT
etag: W/"aab-5e799fc957ee8-gzip"
vary: Accept-Encoding
hserver: 9
cache-control: max-age=14400
cf-cache-status: HIT
age: 14
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wkdz4DDGPUknEp%2F%2F71c0YShvCI2zTMhlz6RDAPWkG6qsr1vcQYjJgJUHADgWQLHOOEuTIfrP4DK5EcRlufrOZdY92JAuzXIrdp6m5GKzNS35lLZ6XloSrUaeQwK8hGTatOvAKIYtpw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77447779fbd91c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
protrckit.com/a192cab81?clickid=1moeo2f34ep&subid=1moeo2f34ep
188.114.96.1302 Found 0 B URL HTTP/2 protrckit.com/a192cab81?clickid=1moeo2f34ep&subid=1moeo2f34ep
IP 188.114.96.1:0
GET /a192cab81?clickid=1moeo2f34ep&subid=1moeo2f34ep HTTP/1.1
Host: protrckit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Sun, 04 Dec 2022 12:15:17 GMT
content-type: text/html; charset=utf-8
location: https://wheel.olympia.casino/?stag=125932_638c8f551b2d8b7bbc839af4
set-cookie: 4a8596a7790b5ca9e067=638c8f551b2d8b7bbc839af4; Expires=Tue, 03 Jan 2023 12:15:17 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15724800; includeSubDomains
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1F7ZYLqDgW5BPnK306FsXptA89OO7U%2BM4jf5uafQ5OuEKMzhL5DEMT5jvUbmVLsQJzH4WeSOkMBUzNtSdOJLuiZeWNSg%2BBBfcdxhln%2BVPFEcB9jRrLTQD2nWGZllXQSD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77447773fd91b50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wheel.olympia.casino/public/vendor.js?v=30
104.21.92.47200 OK 0 B URL HTTP/2 wheel.olympia.casino/public/vendor.js?v=30
IP 104.21.92.47:0
GET /public/vendor.js?v=30 HTTP/1.1
Host: wheel.olympia.casino
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wheel.olympia.casino/?stag=125932_638c8f551b2d8b7bbc839af4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 12:15:18 GMT
content-type: application/javascript
last-modified: Thu, 01 Sep 2022 09:10:37 GMT
etag: W/"51cea-5e799fc957ee8-gzip"
vary: Accept-Encoding
hserver: 5
cache-control: max-age=14400
cf-cache-status: HIT
age: 14
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FCxf3NXM3wfBDRGFx6h503N9WPFQVGWTRi8ZKfpdpPBOgbBTZOYq5GRFGmEUPhGWUjPki76FOusDqSogPiB5%2B5AgZEd1cvwJQkWhgw4t65STXXCVt6Ph7MiYUrbGxqlI%2BS1hjdGiDg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77447779fbda1c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wheel.olympia.casino/public/bundle.js?v=30
104.21.92.47200 OK 0 B URL HTTP/2 wheel.olympia.casino/public/bundle.js?v=30
IP 104.21.92.47:0
GET /public/bundle.js?v=30 HTTP/1.1
Host: wheel.olympia.casino
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wheel.olympia.casino/?stag=125932_638c8f551b2d8b7bbc839af4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 12:15:18 GMT
content-type: application/javascript
last-modified: Thu, 01 Sep 2022 09:10:37 GMT
etag: W/"119333-5e799fc944667-gzip"
vary: Accept-Encoding
hserver: 8
cache-control: max-age=14400
cf-cache-status: HIT
age: 14
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fuCBVP1cDDGdPKHNuZCSqrJ9a5kOv8hqPtTzLdFxQ4iwB%2B9DB8HojaxSdh2wwZM3dRYQ4Nf6mGzhjEZC%2BWJyRFTVdtOuzrPpq9YjXbMUdb3ZUkEYY9Ie3fCCvHPRwY6i8%2FL2wo%2FYdA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77447779fbdb1c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
zeniocloud.com/OAIA.js?sub1=wheel.olympia.casino
167.114.67.56200 OK 0 B URL HTTP/2 zeniocloud.com/OAIA.js?sub1=wheel.olympia.casino
IP 167.114.67.56:0
Analyzer Verdict Alert fortinet Phishing
GET /OAIA.js?sub1=wheel.olympia.casino HTTP/1.1
Host: zeniocloud.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wheel.olympia.casino/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sun, 04 Dec 2022 12:15:18 GMT
content-type: text/html; charset=UTF-8
content-encoding: gzip
X-Firefox-Spdy: h2