Report - www.palmsbet.com/bg/pages/welcome-bonus-casino-affiliate/

Report Overview

Submitted URL
www.palmsbet.com/bg/pages/welcome-bonus-casino-affiliate/
IP
104.26.7.160
ASN
#13335 CLOUDFLARENET
Submitted
2023-01-31 05:07:24
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
1
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
adservice.google.no	96969	2018-06-20T01:38:38Z	2023-03-13T05:09:46Z	671 B	724 B	142.250.74.162
s2.adform.net	4693	2013-04-18T13:49:52Z	2023-03-13T06:09:05Z	388 B	452 B	37.157.2.249
ocsp.sectigo.com	487	2019-11-29T12:50:24Z	2023-03-13T08:22:43Z	680 B	22 kB	172.64.155.188
stream-683.optimove.net	unknown	2021-12-31T14:43:00Z	2023-03-13T07:57:08Z	1.5 kB	2.3 kB	107.154.132.121
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-13T08:14:31Z	419 B	630 B	142.250.74.74
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
adservice.google.com	76	2021-02-20T17:10:48Z	2023-03-13T08:49:52Z	681 B	830 B	142.250.74.66
www.google.com	7	2015-05-10T13:11:19Z	2023-03-13T06:40:43Z	515 B	578 B	216.58.207.228
www.google.no	25607	2016-04-05T21:50:59Z	2023-03-13T06:26:15Z	514 B	578 B	142.250.74.67
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	2.7 kB	7.1 kB	23.36.77.32
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	52.39.11.89
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.8 kB	72 kB	34.120.237.76
connect.facebook.net	139	2012-05-22T04:51:28Z	2023-03-13T05:09:29Z	794 B	30 kB	157.240.205.11
www.palmsbet.com	205486	2019-05-01T02:44:30Z	2023-03-13T05:56:57Z	874 B	1.9 kB	104.26.7.160
512974245.fls.doubleclick.net	unknown	2020-07-23T16:36:39Z	2023-03-13T07:57:06Z	678 B	2.5 kB	142.250.74.70
api.trafficguard.ai	35142	2019-03-12T09:50:04Z	2023-03-13T08:37:11Z	521 B	1.1 kB	34.120.121.20
stats.g.doubleclick.net	96	2013-06-10T22:21:11Z	2023-03-13T08:02:41Z	606 B	595 B	173.194.220.155
region1.google-analytics.com	unknown	2022-03-17T12:26:33Z	2023-03-13T05:09:18Z	863 B	447 B	216.239.34.36
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-13T08:44:36Z	2.9 kB	82 kB	216.58.207.227
sdkuaservice.optimove.net	38822	2018-09-05T11:30:45Z	2023-03-13T07:57:08Z	455 B	1.3 kB	34.102.240.186
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	7.9 kB	20 kB	142.250.74.131
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-13T08:28:24Z	382 B	74 kB	142.250.74.168
tgtag.io	35595	2020-03-11T14:37:01Z	2023-03-13T08:09:44Z	370 B	27 kB	34.120.230.83
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-13T07:36:03Z	373 B	21 kB	142.250.74.78
track.adform.net	3564	2012-05-21T09:01:21Z	2023-03-13T05:52:36Z	1.6 kB	1.7 kB	37.157.6.246
www.facebook.com	99	2012-05-21T02:23:41Z	2021-02-04T00:31:35Z	655 B	349 B	157.240.205.35
sdk-cdn.optimove.net	23584	2017-10-25T13:31:56Z	2023-03-13T07:57:08Z	815 B	26 kB	35.201.79.141
realtime-683.optimove.net	unknown	2021-12-31T14:43:03Z	2023-03-13T07:57:08Z	1.1 kB	1.6 kB	107.154.132.121
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-13T06:00:13Z	1.7 kB	6.0 kB	93.184.220.29
www.palmsbet.top	unknown	2019-07-07T07:05:15Z	2023-03-13T07:57:05Z	418 B	330 kB	78.128.8.67

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-01-31 05:07:28	medium	Client IP	Internal IP	ET DNS Query to a *.top domain - Likely Hostile

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (28)

	URL	Size	First Seen	Last Seen
	www.palmsbet.com/scripts/init.min.js?v=13.2.5.5	12 kB	2023-03-07	2023-09-17
Pretty URL www.palmsbet.com/scripts/init.min.js?v=13.2.5.5 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59:42 Last Seen2023-09-17 09:14:06 Times Seen182 Hash ca334ff65b6a9b901c3cced53c428859 03958d996ef9d273213c06c1426a644614afd225 10cd77a8fc1a1c097181884ec32999c90ede84ca0f659be37dbd1d60548f24c4 Loading...

	www.palmsbet.com/bg/pages/welcome-bonus-casino-affiliate/	398 B	2023-03-07	2023-09-17
Pretty URL www.palmsbet.com/bg/pages/welcome-bonus-casino-affiliate/ IP 104.26.7.160 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59:42 Last Seen2023-09-17 09:14:05 Times Seen106 Hash 251a94ead46a2087e9b63b61610e48e4 f5c3b3f68055117c6be373bc58a20bc6cb11fe70 b7a2547e06d5ad19132f839bbad92fb9319dec4f287af0adedf16a996a6bbff2 Loading...

	www.googletagmanager.com/gtag/js?id=G-JRG87C8CG6&l=dataLayer&cx=c	239 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtag/js?id=G-JRG87C8CG6&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 13:01:27 Last Seen2023-03-13 13:01:27 Times Seen1 Hash 2cb492548cb8a23be276cf0577b163ce 655e7c06fe320c8e07ed38d81c29ca8807ca98fb ed84eee53e9898995312ffa5947d5035b553dadbd84ae0511595dec4671f3f49 Loading...

	connect.facebook.net/signals/config/1297212827064514?v=2.9.95&r=stable	386 kB	2023-03-13	2023-03-13
Pretty URL connect.facebook.net/signals/config/1297212827064514?v=2.9.95&r=stable IP 157.240.205.11 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 13:01:27 Last Seen2023-03-13 13:01:27 Times Seen1 Hash b757c8d0ff29546b1a37d39f1e30c10f 79866176b27105a9fa8c00ea4610333c3288ef7a 81c3678bc96b8fee20dd430ba4d327707b3ba256d35de29ea8d194dd3e35e196 Loading...

	www.palmsbet.com/scripts/jquery.touchSwipe.min.js	20 kB	2023-03-07	2024-05-09
Pretty URL www.palmsbet.com/scripts/jquery.touchSwipe.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2024-05-09 14:30:22 Times Seen1363 Hash f60ff05469d1757996d85f4172d4ff4d 69c8c9f0e0fbd9bd9fd1df6c1a18067256d46c73 a10d7edb8fd307f469beaaa75a725e4bdae24a1b867f5bc7960f01e25c99d8e1 Loading...

	www.palmsbet.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1675137600	36 kB	2023-03-13	2023-03-13
Pretty URL www.palmsbet.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1675137600 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 13:01:27 Last Seen2023-03-13 13:01:27 Times Seen1 Hash 53fdc457d47370253986293599d48ec5 93a5f6c3796cfb2bc17bd5e7eb6edfaa216e47fd 31909de88b2c25aeb18708818fedb4494de1a4bd9c4f5e81eddc87b2ae5aa89a Loading...

	www.palmsbet.com/scripts/jquery-3.6.0.min.js	90 kB	2023-03-07	2024-05-10
Pretty URL www.palmsbet.com/scripts/jquery-3.6.0.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:13 Last Seen2024-05-10 21:01:15 Times Seen270323 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

	sdk-cdn.optimove.net/websdk/sdk-v2.0.js	49 kB	2023-03-13	2023-05-18
Pretty URL sdk-cdn.optimove.net/websdk/sdk-v2.0.js IP 35.201.79.141 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 10:20:09 Last Seen2023-05-18 15:24:55 Times Seen114 Hash 6534dac28bf363e64fbe3c20f01e1ef5 97f931db60a53efe35467db26cd0cf19a0ef794b 492ade39fca6ef3911968569dc4d962f3d3e880210259da57d9e2ee5d9b449b7 Loading...

	www.palmsbet.com/scripts/banner-default.js?v=960.1.1?v=1675141650925	9.7 kB	2023-03-07	2023-09-17
Pretty URL www.palmsbet.com/scripts/banner-default.js?v=960.1.1?v=1675141650925 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59:42 Last Seen2023-09-17 09:14:05 Times Seen111 Hash c2445e7c5b2725bd4a0a7bf9d4b47a42 5cb511abcefb3afb4352edb712b70c49b967bf9c 8f44a77c10b749fc6176d074eb2760aae3e945225264878bb95615cc3b7becbb Loading...

	www.palmsbet.com/bg/pages/welcome-bonus-casino-affiliate/	341 B	2023-03-07	2023-09-17
Pretty URL www.palmsbet.com/bg/pages/welcome-bonus-casino-affiliate/ IP 104.26.7.160 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59:42 Last Seen2023-09-17 09:14:05 Times Seen106 Hash 5e9ed7a18696f9b7182fb8f1c08be46b 1a24b49762f246a4a2c7e73cf1e3ccb971f25bbd 1e9823d571bcd1138a9dae0664827fcb816c423d1cb6941389c74d7e711bb516 Loading...

	www.palmsbet.com/scripts/jquery.ctdata.js?v=1.635821123.1.1	16 kB	2023-03-12	2023-04-19
Pretty URL www.palmsbet.com/scripts/jquery.ctdata.js?v=1.635821123.1.1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 23:25:37 Last Seen2023-04-19 19:56:29 Times Seen41 Hash c0d30b2cac7ae1436aef5f7e4547dc58 7586f67b3bdc6c597024552e03e8416a51d76210 4053cca5c2e7118d5b5df7714e5e9f3723cc6f7b6a378e146c71a67a4dfc5e87 Loading...

	track.adform.net/Serving/TrackPoint/?pm=2130909&ADFPageName=WebsiteName%7CSectionName%7CSubSection%7CPageName&ADFdivider=%7C&ord=981252750288&ADFtpmode=2&loc=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fwelcome-bonus-casino-affiliate%2F&Set1=en-US%7Cen-US%7C1280x1024%7C24	143 B	2023-03-07	2023-04-05
Pretty URL track.adform.net/Serving/TrackPoint/?pm=2130909&ADFPageName=WebsiteName%7CSectionName%7CSubSection%7CPageName&ADFdivider=%7C&ord=981252750288&ADFtpmode=2&loc=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fwelcome-bonus-casino-affiliate%2F&Set1=en-US%7Cen-US%7C1280x1024%7C24 IP 37.157.6.246 ASN #198622 Adform A/S Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59:42 Last Seen2023-04-05 01:52:35 Times Seen29 Hash ac85d2c997b3f5e1e7ef149366314ae6 0dc97a787c9e8cc8a20fa1ceacc3cad6c1813117 2cb28c9975c6810c04af98601f68a5464fe4929be832e4ba3866e367777155eb Loading...

	sdk-cdn.optimove.net/webconfig/f6a9d2d8264c44578514f5b495966bf8/web-configuration.1.0.0.js	110 kB	2023-03-13	2023-09-17
Pretty URL sdk-cdn.optimove.net/webconfig/f6a9d2d8264c44578514f5b495966bf8/web-configuration.1.0.0.js IP 35.201.79.141 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 02:23:35 Last Seen2023-09-17 09:14:06 Times Seen172 Hash 842dbd11eeb55dfdff0377f86937faab db6602ac2ebdfa23fde2da04954c6bcd65211770 73a2224ce42432b8960989d432867929b82993a44cd23c2f5ae1a4d7ca06e0c3 Loading...

	www.palmsbet.com/bg/pages/welcome-bonus-casino-affiliate/	1.8 kB	2023-03-13	2023-03-29
Pretty URL www.palmsbet.com/bg/pages/welcome-bonus-casino-affiliate/ IP 104.26.7.160 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 10:20:09 Last Seen2023-03-29 23:31:53 Times Seen25 Hash 47d65e17807f953ef4d43318e03b6277 62dd286d923db1c282955dee410674397391c734 12134631df44b3987a652327e0ccb07d1aef751ed832ba0f813171ab296c69ab Loading...

	http:blank	620 B	2023-03-13	2023-03-13
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 13:01:27 Last Seen2023-03-13 13:01:27 Times Seen1 Hash 2ddff2717641ddb6669243c3c5b66c11 08b5918c4d9497327ee3ca8414d7d1d6839719c4 4abf198e2a23b6afae7213fabf509c582a797b7e6b2f0422ba32597ebbda4328 Loading...

	www.palmsbet.com/bg/pages/welcome-bonus-casino-affiliate/	482 B	2023-03-07	2023-09-17
Pretty URL www.palmsbet.com/bg/pages/welcome-bonus-casino-affiliate/ IP 104.26.7.160 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59:42 Last Seen2023-09-17 09:14:05 Times Seen102 Hash fe73caa22b8f6c03742a7ffc028a58ff e60417d12e8953b2b85256bcafa881297160fe36 17bc2ec491a3a53968625e018de6dfb9d3d96c441ce67578c843383f1aeafe6c Loading...

	www.palmsbet.com/bg/pages/welcome-bonus-casino-affiliate/	486 B	2023-03-07	2023-09-17
Pretty URL www.palmsbet.com/bg/pages/welcome-bonus-casino-affiliate/ IP 104.26.7.160 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59:42 Last Seen2023-09-17 09:14:05 Times Seen102 Hash 4bf0aa2f78f73e506c9c41e11b2ed668 765f0150868fd4bf93e9dd5aa08120deea76d17f fed9a303461e7fb3eb2dcdd78d767d0e1a2b74269040d3600801a8ee48430df1 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-12	2024-04-15
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.78 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:46:21 Last Seen2024-04-15 18:54:35 Times Seen35101 Hash 54e51056211dda674100cc5b323a58ad 26dc5034cb6c7f3bbe061edd37c7fc6006cb835b 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Loading...

	connect.facebook.net/en_US/fbevents.js	109 kB	2023-03-13	2023-11-17
Pretty URL connect.facebook.net/en_US/fbevents.js IP 157.240.205.11 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:47:19 Last Seen2023-11-17 16:32:25 Times Seen5 Hash beca88e7d9125b63f58be285031b0930 08cda009ebdf601f0ffe06b0ee3065fff2fb105b c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236 Loading...

	www.palmsbet.com/scripts/order-type.js?v=1675141650926	1 B	2023-03-07	2024-05-10
Pretty URL www.palmsbet.com/scripts/order-type.js?v=1675141650926 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:53 Last Seen2024-05-10 20:04:14 Times Seen21832 Hash 7215ee9c7d9dc229d2921a40e899ec5f b858cb282617fb0956d960215c8e84d1ccf909c6 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068 Loading...

	www.palmsbet.com/bg/pages/welcome-bonus-casino-affiliate/	1.4 kB	2023-03-12	2023-05-25
Pretty URL www.palmsbet.com/bg/pages/welcome-bonus-casino-affiliate/ IP 104.26.7.160 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 23:25:37 Last Seen2023-05-25 08:16:05 Times Seen22 Hash baa6f535e6cd99f79cb38f8747cd0dc2 2b09800a96c04fe8c7b44dded77a3827a15da45a 6bf6eb6df5c91a44ca4da70f6fc2612ab468aac462f1800455b85789c40b1e0c Loading...

	www.palmsbet.com/bg/pages/welcome-bonus-casino-affiliate/	1.5 kB	2023-03-13	2023-03-13
Pretty URL www.palmsbet.com/bg/pages/welcome-bonus-casino-affiliate/ IP 104.26.7.160 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 13:01:27 Last Seen2023-03-13 13:01:27 Times Seen1 Hash 05e5c5e2db7ccfde9c91f113dfb7bbaf db81389c90e29db9324d20538f42300de1a66517 6459c0d0e22b165b9e1ad3ff3e505f1dfdad195416d00a6f141900610f2a4de7 Loading...

	www.palmsbet.com/scripts/custom.min.js?ver=1675141650767	103 kB	2023-03-13	2023-03-13
Pretty URL www.palmsbet.com/scripts/custom.min.js?ver=1675141650767 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 10:20:09 Last Seen2023-03-13 13:01:27 Times Seen1 Hash 7da2c3a9bcb8640d9a6ea68b83806389 585e3f494dae23485b073c9da4f821b1c63e8ac2 897e4bc4d49d14b1d3047e7ebcb70b7e6113fdafe03c302a22c418d5ec482a2e Loading...

	www.palmsbet.com/scripts/tab-changes.js?v=1675141650926	2.3 kB	2023-03-07	2023-09-17
Pretty URL www.palmsbet.com/scripts/tab-changes.js?v=1675141650926 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59:42 Last Seen2023-09-17 09:14:05 Times Seen114 Hash ba13a046eb6675504d302089ca3da833 57c98951979844da1387df31a1a6b010fde86a3f 9db56cd2ede27233110647b8b4e459e90f00210012c4f5373fc894daf8bc9aa2 Loading...

	www.palmsbet.com/bg/pages/welcome-bonus-casino-affiliate/	831 B	2023-03-07	2023-09-17
Pretty URL www.palmsbet.com/bg/pages/welcome-bonus-casino-affiliate/ IP 104.26.7.160 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59:42 Last Seen2023-09-17 09:14:05 Times Seen106 Hash 560bac8e455828b0dc18867c6cd9da8b e2a4b0d6a4311c0e34e6233fc6b19b31e5f3172e 3ed5000e5dd3b1a4c8b0da26e131122d6cf65cf1b5ca3f0fb68f85923b512caa Loading...

	http:blank	600 B	2023-03-12	2023-05-25
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 23:25:37 Last Seen2023-05-25 08:16:05 Times Seen22 Hash bf8b714e87d17870a08c15babf146638 c965b2f84440474323c13e0c2fc4a2c9ace3f1dd 2d03f1bbf9d0617b8cacc35582b9e4e476db721ba28cc907a81ab9db61e5b713 Loading...

	tgtag.io/tg.js?pid=tg-g-007125-001	80 kB	2023-03-13	2023-03-13
Pretty URL tgtag.io/tg.js?pid=tg-g-007125-001 IP 34.120.230.83 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 05:47:08 Last Seen2023-03-13 14:49:02 Times Seen1 Hash fdadfc30ca0ba877c3834112149c1819 39e4cdcc768ef6b52882ef5c19fd22d6ed330efc 59bb0fa3d24f031d90159ec4ca3cafc72ee806c97bafe5163f8c63f68b7af6b2 Loading...

	track.adform.net/serving/scripts/trackpoint/async/	80 kB	2023-03-08	2023-08-22
Pretty URL track.adform.net/serving/scripts/trackpoint/async/ IP 37.157.6.246 ASN #198622 Adform A/S Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:31:25 Last Seen2023-08-22 11:18:40 Times Seen317 Hash 83eb5fafaa212c785f7393188ff817aa b5a60e05523c4f55e93610169b2c6da627553fc6 45d4d6fe0a9cae467c6d81caef5edd008c13b70ba403979f979fb86d400378c7 Loading...

HTTP Transactions (86)

	URL	IP	Response	Size
	www.palmsbet.com/bg/pages/welcome-bonus-casino-affiliate/	104.26.7.160	301 Moved Permanently	178 B
URL HTTP/1.1 www.palmsbet.com/bg/pages/welcome-bonus-casino-affiliate/ IP 104.26.7.160:0 ASN #13335 CLOUDFLARENET File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size 178 B (178 bytes) Hash cd2e0e43980a00fb6a2742d3afd803b8 81ffbd1712afe8cdf138b570c0fc9934742c33c1 bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d HTTP Headers `GET /bg/pages/welcome-bonus-casino-affiliate/ HTTP/1.1 Host: www.palmsbet.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1` HTTP/1.1 301 Moved Permanently Date: Tue, 31 Jan 2023 05:07:12 GMT Content-Type: text/html Content-Length: 178 Connection: keep-alive Location: https://www.palmsbet.com/bg/pages/welcome-bonus-casino-affiliate/ Access-Control-Allow-Credentials: true Cache-Control: public, max-age=604800 stale-while-revalidate=60 stale-if-error=3600 CF-Cache-Status: MISS Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=InMMNY7QmvoauYLRvN0vmKLNmiPn4j2S9zYmVEld%2FsNu%2Boit%2BkiYgUNh%2B%2BtDhMoW%2BYfR3aI0UIDrGCjux1NEm6%2Bjyz2VNFw4htNX59j0GUlj8LugfCp02GX4B%2Fx0iY7iRVw%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 791fec25694ab529-OSL alt-svc: h2=":443"; ma=60

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash d2e72d45afe3d391c204b5391599607c 149d68b9d00a720b6f380fa2324779dca9dbe26d f6f1c295c68dfebadacb1fc812b44e01c7ede0e203615ef3e2cced2ce2251e7e HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "F6F1C295C68DFEBADACB1FC812B44E01C7EDE0E203615EF3E2CCED2CE2251E7E" Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5231 Expires: Tue, 31 Jan 2023 06:34:24 GMT Date: Tue, 31 Jan 2023 05:07:13 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 3eb88dea4fe00db1182370e72683c3ab ca520abf1e91bfd2aef40c6a1270a911071e8922 d8083ee567c7b3023111dc30f32c94237df7db30d4d2daaea0a569e8a3069ad7 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "D8083EE567C7B3023111DC30F32C94237DF7DB30D4D2DAAEA0A569E8A3069AD7" Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3611 Expires: Tue, 31 Jan 2023 06:07:24 GMT Date: Tue, 31 Jan 2023 05:07:13 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/	35.241.9.150	200 OK	939 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/ IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size 939 B (939 bytes) Hash dcd75ca6daca51c5e39d431468511793 07f76d3bf23d65c9110d810fa71a994e39e085d3 73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459 HTTP Headers `GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Tue, 31 Jan 2023 04:43:16 GMT content-type: application/json age: 1437 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 09ee4b0fe6cf4ca5ed31b24452338d00 7e62b6e20f0d4737f4a8d94f9818a0883027839e 56da08e18a408d7313de4e598984a251a0ecf85bbba98b421be9aebeb98835af HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "56DA08E18A408D7313DE4E598984A251A0ECF85BBBA98B421BE9AEBEB98835AF" Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=13921 Expires: Tue, 31 Jan 2023 08:59:14 GMT Date: Tue, 31 Jan 2023 05:07:13 GMT Connection: keep-alive`

	content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain	34.160.144.191	200 OK	5.3 kB
URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain IP 34.160.144.191:0 ASN #15169 GOOGLE File type PEM certificate\012- , ASCII text Size 5.3 kB (5348 bytes) Hash 7b922915ebf1fa3639b333f994c74f24 144a3f80b98fd0652d4614f24cf6cbbee40f8938 adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c HTTP Headers `GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK x-amz-id-2: 0Pk+da7pxHSCtfTVMvi9PWKqD3hxL4+RHnHGLIghe9Ieg1hh4gFPQWUnqeXlwEq65ylc/q6qC+E= x-amz-request-id: BZ5GXK3BDW4601YX content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Tue, 31 Jan 2023 04:51:02 GMT age: 971 last-modified: Mon, 09 Jan 2023 18:04:21 GMT etag: "7b922915ebf1fa3639b333f994c74f24" content-type: binary/octet-stream cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2`

	ocsp.digicert.com/	93.184.220.29	200 OK	279 B
URL HTTP/1.1 ocsp.digicert.com/ IP 93.184.220.29:0 ASN #15133 EDGECAST File type data Size 279 B (279 bytes) Hash 2a3a924132b7b3b44ba9812cac48906d 53ca30c998e877fd7fbc9658a83732ca607113d1 1a500aeb8e7ce25f19004b0eb276a237df663fdf7c1990552061200d85e4cd98 HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 2302 Cache-Control: max-age=142698 Content-Type: application/ocsp-response Date: Tue, 31 Jan 2023 05:07:13 GMT Etag: "63d8236e-117" Expires: Wed, 01 Feb 2023 20:45:31 GMT Last-Modified: Mon, 30 Jan 2023 20:07:10 GMT Server: ECS (amb/6B94) X-Cache: HIT Content-Length: 279`

	contile.services.mozilla.com/v1/tiles	34.117.237.239	200 OK	12 B
URL HTTP/2 contile.services.mozilla.com/v1/tiles IP 34.117.237.239:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with no line terminators Size 12 B (12 bytes) Hash 23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 HTTP Headers `GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Tue, 31 Jan 2023 05:07:13 GMT content-type: application/json content-length: 12 vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-expose-headers: content-type access-control-allow-credentials: true strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2`

	ocsp.digicert.com/	93.184.220.29	200 OK	279 B
URL HTTP/1.1 ocsp.digicert.com/ IP 93.184.220.29:0 ASN #15133 EDGECAST File type data Size 279 B (279 bytes) Hash 2a3a924132b7b3b44ba9812cac48906d 53ca30c998e877fd7fbc9658a83732ca607113d1 1a500aeb8e7ce25f19004b0eb276a237df663fdf7c1990552061200d85e4cd98 HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 2302 Cache-Control: max-age=142698 Content-Type: application/ocsp-response Date: Tue, 31 Jan 2023 05:07:13 GMT Etag: "63d8236e-117" Expires: Wed, 01 Feb 2023 20:45:31 GMT Last-Modified: Mon, 30 Jan 2023 20:07:10 GMT Server: ECS (ska/F6FE) X-Cache: HIT Content-Length: 279`

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US	35.241.9.150	200 OK	329 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size 329 B (329 bytes) Hash 0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 HTTP Headers `GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Tue, 31 Jan 2023 04:41:42 GMT age: 1531 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 22b9916fc1fafc9bdc9bb37f9eac8a9a 86f640e134a741a0f906a8e3a0f5c6659dd0e394 a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E" Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=17354 Expires: Tue, 31 Jan 2023 09:56:27 GMT Date: Tue, 31 Jan 2023 05:07:13 GMT Connection: keep-alive`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	3.3 kB
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 3.3 kB (3268 bytes) Hash 6c11b57d9079f71cfbaf73717c716a28 b05ee830dc713aa50394a9e87d266c3cc72c6f81 5f7ca7dff9073acc5eff4539722cdb81c7b23186cd665416acef398f827ecbb2 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 31 Jan 2023 05:07:13 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 40bac282ee9730b7a7fde839fcf58736 be00063ec5c760560f34663d0a6a9cad87cfebe4 45b83537d8621d3c4a7c046a9b78f6745977c359db2868d720f19dbb0eb80d3d HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 31 Jan 2023 05:07:13 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	www.googletagmanager.com/gtm.js?id=GTM-W23TMFB	142.250.74.168	200 OK	73 kB
URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-W23TMFB IP 142.250.74.168:0 ASN #15169 GOOGLE File type SVG Scalable Vector Graphics image\012- , ASCII text Size 73 kB (73360 bytes) Hash 0f46ac5cdfed3a1f8cc26b382df6aad2 9548e1593f9ae7bcca6c7b36e480928b32ebc857 36bdb17196ea6e154a9b26d8d888dce4e12296d36f7dc86483815d22adf6ab8b HTTP Headers `GET /gtm.js?id=GTM-W23TMFB HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.palmsbet.com/ Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Tue, 31 Jan 2023 05:07:13 GMT expires: Tue, 31 Jan 2023 05:07:13 GMT cache-control: private, max-age=900 last-modified: Tue, 31 Jan 2023 03:00:00 GMT strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin server: Google Tag Manager content-length: 72946 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash d81f874741beb45c89de8bb5c6de438e a251ab903e654953631d84721479bbae55aa5cdf ec28dafa2a54818028d4dfe99218d9e4b507f3bd7efaabfba630d85f24d4d75d HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 31 Jan 2023 05:07:13 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 40bac282ee9730b7a7fde839fcf58736 be00063ec5c760560f34663d0a6a9cad87cfebe4 45b83537d8621d3c4a7c046a9b78f6745977c359db2868d720f19dbb0eb80d3d HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 31 Jan 2023 05:07:13 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/s/gts1d4/1vmhpXYvMQg	142.250.74.131	200 OK	1.1 kB
URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/1vmhpXYvMQg IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 1.1 kB (1069 bytes) Hash 654f359b0a5dad4071e4e2ce5f5ca3d2 95d7989139dda012ac7f0b493c3a12b18e7319a3 2e57ab644b67c02ad9fd932073db0d3a8d355d0273193dbd8f9daf3a9c03f3bc HTTP Headers `POST /s/gts1d4/1vmhpXYvMQg HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 31 Jan 2023 05:07:14 GMT Cache-Control: public, max-age=14400 Server: scaffolding on HTTPServer2 Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	tgtag.io/tg.js?pid=tg-g-007125-001	34.120.230.83	200 OK	26 kB
URL HTTP/2 tgtag.io/tg.js?pid=tg-g-007125-001 IP 34.120.230.83:0 ASN #15169 GOOGLE File type data Size 26 kB (26380 bytes) Hash 5d4a7b3dc4ced76924e5c6c42d7d28d7 d260674a8ac62389402622329130a7a761137e33 6e6d2d1056feeb97bd80bf53fc2ab94c1a535d95841c99b94887622100855814 HTTP Headers `GET /tg.js?pid=tg-g-007125-001 HTTP/1.1 Host: tgtag.io User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.palmsbet.com/ Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK x-guploader-uploadid: ADPycdtbgStHX5T7_6mlkqnbhOosVWfOa-ekVi8zaLS8lUTz85Wy60k4sc_rUKkIS_RLj1kk3NK_5MneRs0m5sVrgNxm x-goog-generation: 1674208871933571 x-goog-metageneration: 1 x-goog-stored-content-encoding: gzip x-goog-stored-content-length: 23485 content-encoding: gzip x-goog-hash: crc32c=8ExYDw==, md5=xijv+VGXAK6CArITUPowkA== x-goog-storage-class: MULTI_REGIONAL accept-ranges: bytes content-length: 23485 access-control-allow-origin: * access-control-expose-headers: Content-Type, Access-Control-Allow-Origin server: UploadServer date: Mon, 30 Jan 2023 09:41:51 GMT expires: Tue, 31 Jan 2023 09:41:51 GMT cache-control: public, no-transform, max-age=86400, s-maxage=86400 age: 69923 last-modified: Fri, 20 Jan 2023 10:01:12 GMT etag: "c628eff9519700ae8202b21350fa3090" content-type: application/javascript alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/s/gts1d4/1vmhpXYvMQg	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/1vmhpXYvMQg IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 19bfd8a6d0be05e1b881403297434757 fcdd5be3a7f72d29c6babb721f06b5386bbdcc75 50340f0009b0e4bb14d78e207821438efbfba4dd2e1a058ccf243d52b1105eb8 HTTP Headers `POST /s/gts1d4/1vmhpXYvMQg HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 31 Jan 2023 05:07:14 GMT Cache-Control: public, max-age=14400 Server: scaffolding on HTTPServer2 Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	push.services.mozilla.com/	52.39.11.89	101 Switching Protocols	0 B
URL HTTP/1.1 push.services.mozilla.com/ IP 52.39.11.89:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: ZjhoZIWzMPuSQhkxyXnR7A== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: zW/7VEJzD+lXcGXU3ZLwqvMODoM=`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 33e403367d183257be0f03f28da923d2 a586e4052008741f8f535e7bd12a94bde81b264e 82ce104749546e6a6f76a8ddf19b67795784c06256581c13f499e80e4f713131 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 31 Jan 2023 05:07:14 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	512974245.fls.doubleclick.net/activityi;src=512974245;type=invmedia;cat=allvi0;ord=1;num=4425577189825;gtm=2wg1p0;auiddc=1254486360.1675141649;~oref=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fwelcome-bonus-casino-affiliate%2F?	142.250.74.70	200 OK	1.7 kB
URL HTTP/2 512974245.fls.doubleclick.net/activityi;src=512974245;type=invmedia;cat=allvi0;ord=1;num=4425577189825;gtm=2wg1p0;auiddc=1254486360.1675141649;~oref=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fwelcome-bonus-casino-affiliate%2F? IP 142.250.74.70:0 ASN #15169 GOOGLE File type ASCII text, with CRLF line terminators Size 1.7 kB (1738 bytes) Hash c367d5a9428c5faab76aa376b4a93de3 3c0644986ae5f7ef8236ec3cf202fa1d9a0d279d 8a2a3bedee19eb0d6e10b8d7a1047891b892ec655f5a8ad80884570ad1057283 HTTP Headers GET /activityi;src=512974245;type=invmedia;cat=allvi0;ord=1;num=4425577189825;gtm=2wg1p0;auiddc=1254486360.1675141649;~oref=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fwelcome-bonus-casino-affiliate%2F? HTTP/1.1 Host: 512974245.fls.doubleclick.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.palmsbet.com/ Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site HTTP/2 200 OK p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin: * cross-origin-resource-policy: cross-origin date: Tue, 31 Jan 2023 05:07:14 GMT expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, must-revalidate content-type: text/html; charset=UTF-8 pragma: no-cache x-content-type-options: nosniff content-encoding: br server: cafe content-length: 265 x-xss-protection: 0 set-cookie: test_cookie=CheckForPermission; expires=Tue, 31-Jan-2023 05:22:14 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 33e403367d183257be0f03f28da923d2 a586e4052008741f8f535e7bd12a94bde81b264e 82ce104749546e6a6f76a8ddf19b67795784c06256581c13f499e80e4f713131 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 31 Jan 2023 05:07:14 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash a5ff07b9b81cdf319f4a57d8d6dbbd6d 736ae15d0ed2068580d35a7cff8b33c0ec87af52 24406eda914ef8f78e1f60d6b54237ea6311f2fdf54b2b63647d84b397b41de0 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 31 Jan 2023 05:07:14 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	adservice.google.com/ddm/fls/i/src=512974245;type=invmedia;cat=allvi0;ord=1;num=4425577189825;gtm=2wg1p0;auiddc=1254486360.1675141649;~oref=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fwelcome-bonus-casino-affiliate%2F	142.250.74.66	200 OK	266 B
URL HTTP/2 adservice.google.com/ddm/fls/i/src=512974245;type=invmedia;cat=allvi0;ord=1;num=4425577189825;gtm=2wg1p0;auiddc=1254486360.1675141649;~oref=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fwelcome-bonus-casino-affiliate%2F IP 142.250.74.66:0 ASN #15169 GOOGLE File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (502), with no line terminators Size 266 B (266 bytes) Hash 2d7d46c8dd8a312d628a3537e4bbd77d 2b5055d710052d4fc3e80568a293dbd585776227 50c171dd5ec1ed4a8d9597fd8e65f7844095c7c8970d9a2f0b7d6ce80b66b847 HTTP Headers GET /ddm/fls/i/src=512974245;type=invmedia;cat=allvi0;ord=1;num=4425577189825;gtm=2wg1p0;auiddc=1254486360.1675141649;~oref=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fwelcome-bonus-casino-affiliate%2F HTTP/1.1 Host: adservice.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://512974245.fls.doubleclick.net/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site HTTP/2 200 OK p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin: * cross-origin-resource-policy: cross-origin date: Tue, 31 Jan 2023 05:07:14 GMT expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, must-revalidate content-type: text/html; charset=UTF-8 pragma: no-cache x-content-type-options: nosniff content-encoding: br server: cafe content-length: 266 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.digicert.com/	93.184.220.29	200 OK	2.9 kB
URL HTTP/1.1 ocsp.digicert.com/ IP 93.184.220.29:0 ASN #15133 EDGECAST File type data Size 2.9 kB (2947 bytes) Hash f8417b5cd589a18c9686af9b5025c22c 7be5d3cbb443a9eb541e0e218107e678868d7cc1 2e4ce9295b19e27212b22a3300d37412d2d90819191bfadaa15312dce8399801 HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 5444 Cache-Control: 'max-age=158059' Content-Type: application/ocsp-response Date: Tue, 31 Jan 2023 05:07:14 GMT Last-Modified: Tue, 31 Jan 2023 03:36:30 GMT Server: ECS (ska/F6FE) X-Cache: HIT Content-Length: 471`

	www.google-analytics.com/analytics.js	142.250.74.78	200 OK	20 kB
URL HTTP/2 www.google-analytics.com/analytics.js IP 142.250.74.78:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (1490) Size 20 kB (20085 bytes) Hash ca7fbbfd120e3e329633044190bbf134 d17f81e03dd827554ddd207ea081fb46b3415445 847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db HTTP Headers `GET /analytics.js HTTP/1.1 Host: www.google-analytics.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.palmsbet.com/ Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK strict-transport-security: max-age=10886400; includeSubDomains; preload x-content-type-options: nosniff vary: Accept-Encoding content-encoding: gzip cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 20085 date: Tue, 31 Jan 2023 03:45:20 GMT expires: Tue, 31 Jan 2023 05:45:20 GMT cache-control: public, max-age=7200 age: 4914 last-modified: Tue, 10 Jan 2023 21:29:14 GMT content-type: text/javascript alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.digicert.com/	93.184.220.29	200 OK	471 B
URL HTTP/1.1 ocsp.digicert.com/ IP 93.184.220.29:0 ASN #15133 EDGECAST File type data Size 471 B (471 bytes) Hash cb5602fc6e47675f4981dccd26dda23f d1184793bb8a7b987f22652ba69b5f4da70d60f8 8bd15ca82475d97a03cfe641a7ba01a751897ecf3ef7653acabb2d91d015edf5 HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 6192 Cache-Control: max-age=145470 Content-Type: application/ocsp-response Date: Tue, 31 Jan 2023 05:07:14 GMT Etag: "63d81f10-1d7" Expires: Wed, 01 Feb 2023 21:31:44 GMT Last-Modified: Mon, 30 Jan 2023 19:48:32 GMT Server: ECS (ska/F6FE) X-Cache: HIT Content-Length: 471`

	connect.facebook.net/en_US/fbevents.js	157.240.205.11	200 OK	28 kB
URL HTTP/2 connect.facebook.net/en_US/fbevents.js IP 157.240.205.11:0 ASN #32934 FACEBOOK File type ASCII text, with very long lines (64348) Size 28 kB (27843 bytes) Hash dd1f85cc598419df61e254e53f9ec1ef f86c0ee563f5b7a01e1d40b566f2bc184a32380f c06f52b233c835b03292f39cb847507a03bb971066bf91341b58a580244398c0 HTTP Headers `GET /en_US/fbevents.js HTTP/1.1 Host: connect.facebook.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.palmsbet.com/ Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK vary: Accept-Encoding content-encoding: gzip content-type: application/x-javascript; charset=utf-8 content-security-policy: default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; x-fb-rlafr: 0 document-policy: force-load-at-top cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups pragma: public cache-control: public, max-age=1200 expires: Sat, 01 Jan 2000 00:00:00 GMT x-content-type-options: nosniff x-xss-protection: 0 x-frame-options: DENY origin-agent-cluster: ?0 strict-transport-security: max-age=31536000; preload; includeSubDomains x-fb-debug: /0MxA0rRldCGcmu2XVGgrbjyq1CNuXeVCOTppKMx/ZBjK/iaUUve5RMjV7pjpvzZ6IFJjYBH0jEgDRLCBL8aWw== priority: u=3,i content-length: 27843 x-fb-trip-id: 1679558926 date: Tue, 31 Jan 2023 05:07:14 GMT alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash a5ff07b9b81cdf319f4a57d8d6dbbd6d 736ae15d0ed2068580d35a7cff8b33c0ec87af52 24406eda914ef8f78e1f60d6b54237ea6311f2fdf54b2b63647d84b397b41de0 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 31 Jan 2023 05:07:14 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	www.palmsbet.top/uploads/BonusCasinoIvelin+FS_1920x600_bg.jpg	78.128.8.67	200 OK	330 kB
URL HTTP/2 www.palmsbet.top/uploads/BonusCasinoIvelin+FS_1920x600_bg.jpg IP 78.128.8.67:0 ASN #31083 Telepoint Ltd File type JPEG image data, baseline, precision 8, 1920x600, components 3\012- data Size 330 kB (329533 bytes) Hash d9e19186b6726b178b977dd026253a0a efaf28b836c6766ac85c34cb170c968edbbf8ab7 ec5e8d519e50ab48f5610d4c05cfb67d848ae4bffc89074559e631aee71351b8 HTTP Headers `GET /uploads/BonusCasinoIvelin+FS_1920x600_bg.jpg HTTP/1.1 Host: www.palmsbet.top User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.palmsbet.com/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK cache-control: public, max-age=604800 expires: Tue, 07 Feb 2023 05:07:13 GMT content-type: image/jpeg last-modified: Fri, 22 Jul 2022 08:51:50 GMT accept-ranges: bytes content-length: 329533 date: Tue, 31 Jan 2023 05:07:13 GMT server: LiteSpeed access-control-allow-origin: * alt-svc: quic=":443"; ma=2592000; v="39,43,46", h3-Q039=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-23=":443"; ma=2592000 X-Firefox-Spdy: h2`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 73d6f94eec5f7bf78dc11951011af215 2d7941713a82a83c174bf782b618a6f86a8ab2d7 9de1920abadb3501bcf9f787608807f13a266efea69f12fc811bc7cac14a3552 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 31 Jan 2023 05:07:14 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.digicert.com/	93.184.220.29	200 OK	471 B
URL HTTP/1.1 ocsp.digicert.com/ IP 93.184.220.29:0 ASN #15133 EDGECAST File type data Size 471 B (471 bytes) Hash 4fa4e3a6c0ea0d843f6f77af6a290fca 965944af181e8d47677e5b428e8a3233c942cf99 801765bb2eb7f84e39a58691c4798b32ccd9e6ed22e924754d26277f4f2e0b11 HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 5444 Cache-Control: 'max-age=158059' Content-Type: application/ocsp-response Date: Tue, 31 Jan 2023 05:07:14 GMT Last-Modified: Tue, 31 Jan 2023 03:36:30 GMT Server: ECS (ska/F6FE) X-Cache: HIT Content-Length: 471`

	adservice.google.no/ddm/fls/i/src=512974245;type=invmedia;cat=allvi0;ord=1;num=4425577189825;gtm=2wg1p0;auiddc=1254486360.1675141649;~oref=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fwelcome-bonus-casino-affiliate%2F	142.250.74.162	200 OK	85 B
URL HTTP/2 adservice.google.no/ddm/fls/i/src=512974245;type=invmedia;cat=allvi0;ord=1;num=4425577189825;gtm=2wg1p0;auiddc=1254486360.1675141649;~oref=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fwelcome-bonus-casino-affiliate%2F IP 142.250.74.162:0 ASN #15169 GOOGLE File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators Size 85 B (85 bytes) Hash 4a3b3637744caa4a0b08fabbd76cc830 755e5626762ecf38f55012da892a227bf50f15f1 6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb HTTP Headers GET /ddm/fls/i/src=512974245;type=invmedia;cat=allvi0;ord=1;num=4425577189825;gtm=2wg1p0;auiddc=1254486360.1675141649;~oref=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fwelcome-bonus-casino-affiliate%2F HTTP/1.1 Host: adservice.google.no User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://adservice.google.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site HTTP/2 200 OK p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin: * cross-origin-resource-policy: cross-origin date: Tue, 31 Jan 2023 05:07:14 GMT expires: Tue, 31 Jan 2023 05:07:14 GMT cache-control: private, max-age=0 content-type: text/html; charset=UTF-8 x-content-type-options: nosniff content-encoding: br server: cafe content-length: 85 x-xss-protection: 0 alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	912 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type Applesoft BASIC program data, first line number 22\012- data Size 912 B (912 bytes) Hash a078638a1806673611658dc38657871d c7600a16900b62a6ba0f2cff7d5e6775c60a7aa6 7dd74566303e06b6eb8ecdf660652c1102c4a202d383c659b8d6f93ded02472a HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 31 Jan 2023 05:07:14 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 69ffc0a3f7ca2b025a6b99f9c38889be 1b436bda66cd246a1024f8c3d8e91e3aeef31eaa 9aaaf6c2a570c6a73a623f4fdfb0e1dfd5f16f086ae5d9c8d5b2403b0d016e4f HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 31 Jan 2023 05:07:14 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 43bc5afe1d7330aa521e0efc78185a92 f53e9daa0a32e0acf7a10d9494fb383c1d039305 429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC" Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3833 Expires: Tue, 31 Jan 2023 06:11:07 GMT Date: Tue, 31 Jan 2023 05:07:14 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 43bc5afe1d7330aa521e0efc78185a92 f53e9daa0a32e0acf7a10d9494fb383c1d039305 429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC" Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3833 Expires: Tue, 31 Jan 2023 06:11:07 GMT Date: Tue, 31 Jan 2023 05:07:14 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 43bc5afe1d7330aa521e0efc78185a92 f53e9daa0a32e0acf7a10d9494fb383c1d039305 429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC" Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3833 Expires: Tue, 31 Jan 2023 06:11:07 GMT Date: Tue, 31 Jan 2023 05:07:14 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 43bc5afe1d7330aa521e0efc78185a92 f53e9daa0a32e0acf7a10d9494fb383c1d039305 429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC" Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3833 Expires: Tue, 31 Jan 2023 06:11:07 GMT Date: Tue, 31 Jan 2023 05:07:14 GMT Connection: keep-alive`

	stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-99030406-1&cid=812062839.1675141650&jid=720183256&gjid=861657482&_gid=1200079786.1675141650&_u=YCDAgEABAAAAAEAAI~&z=1975472077	173.194.220.155	200 OK	4 B
URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-99030406-1&cid=812062839.1675141650&jid=720183256&gjid=861657482&_gid=1200079786.1675141650&_u=YCDAgEABAAAAAEAAI~&z=1975472077 IP 173.194.220.155:0 ASN #15169 GOOGLE File type ASCII text, with no line terminators Size 4 B (4 bytes) Hash 48c0473b7821185d937e685216e2168b 3743e47f8a429a5e87b86cb582d78940733d9d2e 570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a HTTP Headers POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-99030406-1&cid=812062839.1675141650&jid=720183256&gjid=861657482&_gid=1200079786.1675141650&_u=YCDAgEABAAAAAEAAI~&z=1975472077 HTTP/1.1 Host: stats.g.doubleclick.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.palmsbet.com/ Content-Type: text/plain Content-Length: 0 Origin: https://www.palmsbet.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK access-control-allow-origin: https://www.palmsbet.com strict-transport-security: max-age=10886400; includeSubDomains; preload date: Tue, 31 Jan 2023 05:07:14 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate last-modified: Sun, 17 May 1998 03:00:00 GMT access-control-allow-credentials: true x-content-type-options: nosniff content-type: text/plain cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 4 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0dd37b27-1930-4380-aa34-e533abb33eaa.jpeg	34.120.237.76	200 OK	8.8 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0dd37b27-1930-4380-aa34-e533abb33eaa.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 8.8 kB (8755 bytes) Hash 146cb1c622ae62d62090dcaf81709056 c9e939eea5ca410e2ac3e2c93fb9cdf51fd3a03e d1a2caf59c5bfb3fd66c804217c60705de91e5beebd006cffab1d712a5aef85b HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0dd37b27-1930-4380-aa34-e533abb33eaa.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 8755 x-amzn-requestid: 18054ad3-92df-4a07-b7d1-643293ba4a5f x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fR1hDGZfoAMFsFw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d09c6c-7aae5ef32459231c25465b1b;Sampled=0 x-amzn-remapped-date: Wed, 25 Jan 2023 03:05:17 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: 5GkQA5AcFOFc2Wn5rdaX7nH5F4wfy52vtlpbI8Qlai-jQE77inKzqA== via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google date: Mon, 30 Jan 2023 21:50:53 GMT age: 26181 etag: "c9e939eea5ca410e2ac3e2c93fb9cdf51fd3a03e" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1295ec36-f5b2-4db1-83c7-667fa373f592.jpeg	34.120.237.76	200 OK	14 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1295ec36-f5b2-4db1-83c7-667fa373f592.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 14 kB (13853 bytes) Hash d957012d3e2b8c3bc0eefe11d66e8554 1959fdd94846fa3791c4890578dd15336b909dcc a97e81ec5eb2eda6a603bf4bfd4fa4ef4fab762747479489e99e6c713258a736 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1295ec36-f5b2-4db1-83c7-667fa373f592.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 13853 x-amzn-requestid: ca6ea6e7-3e13-4194-87f5-20a07b813e21 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fk3zzF4hIAMFwWg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d839b1-772487cb1b7495c52c552d36;Sampled=0 x-amzn-remapped-date: Mon, 30 Jan 2023 21:42:09 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: T5CaUojMEG8x8vki59UdIhI8IbbBRY_7w3xgiW3RCZlHTyeHPLIy2Q== via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google date: Mon, 30 Jan 2023 21:47:13 GMT age: 26401 etag: "1959fdd94846fa3791c4890578dd15336b909dcc" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37e3fb86-3315-41fd-97cb-ac82604d8869.jpeg	34.120.237.76	200 OK	8.6 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37e3fb86-3315-41fd-97cb-ac82604d8869.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 8.6 kB (8558 bytes) Hash e6f9ffb8f9e99229b45ca5fdb84ce7d5 04577ad69ee9749b14382254eb5bbf0e1edcd7fa 6111acf3f363123b39d13cd3d23ab39b8c8d00379874f19231d1cd3da17c52c2 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37e3fb86-3315-41fd-97cb-ac82604d8869.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 8558 x-amzn-requestid: 2841cd36-22e6-4ecb-b56a-bfadce3197c7 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: ffB_BFA8IAMFyvA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d5e393-3fd03bd14de762b0738a3b0a;Sampled=0 x-amzn-remapped-date: Sun, 29 Jan 2023 03:10:11 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: ZP2Mar8l3QoPH733_vv3hUuQjWvaN4_TgfYwme2-6WIxGi55BoSchg== via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google date: Tue, 31 Jan 2023 04:26:31 GMT age: 2443 etag: "04577ad69ee9749b14382254eb5bbf0e1edcd7fa" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b71db36-11cb-45f6-a296-34813aea1c35.jpeg	34.120.237.76	200 OK	11 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b71db36-11cb-45f6-a296-34813aea1c35.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 11 kB (10898 bytes) Hash 4a2d26da68a313cc65958fc2692351c2 798c3538f3147ca77d317676ddd1bf040bd0f93b 76ce30224803d680c0115e987a712ce5552b2760beadf796a96b17439fb20797 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b71db36-11cb-45f6-a296-34813aea1c35.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 10898 x-amzn-requestid: e29f8dfc-07d4-4136-afaf-e1e067eea2ab x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fk3zxGshIAMFw5Q= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d839b1-5e87d2a44722af9e4e86c3d4;Sampled=0 x-amzn-remapped-date: Mon, 30 Jan 2023 21:42:09 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: djoQmYTv7Rlq9tKKkJ5U1J3YeVSIs5yzSts_xRN3bdi27Ra8UfM6OQ== via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google date: Mon, 30 Jan 2023 21:44:45 GMT age: 26549 etag: "798c3538f3147ca77d317676ddd1bf040bd0f93b" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F39003a0d-b88f-4013-b50c-7e01c5afc867.jpeg	34.120.237.76	200 OK	5.8 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F39003a0d-b88f-4013-b50c-7e01c5afc867.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 5.8 kB (5757 bytes) Hash b60240f10673b4c275619f7c2f5005cf d29076a2ad44f9d44da6f77fd1dcaea9a28c7d51 ccfdf6106ab405f6fd346bd501a7bc121acba3db657bf0bc2f7587cbe6488f55 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F39003a0d-b88f-4013-b50c-7e01c5afc867.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 5757 x-amzn-requestid: 9b6d11e9-be38-4c89-87bd-a71146dbb22f x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fiTTwG9GIAMFmZg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d7327e-4f8bebbf40e45cc6467c5c26;Sampled=0 x-amzn-remapped-date: Mon, 30 Jan 2023 02:59:10 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: xqcuV95IWwbypAsXnim75PnsGKkyN9LEF--w3P2A2nhMMAwfveh-kw== via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google date: Mon, 30 Jan 2023 12:45:24 GMT age: 58910 etag: "d29076a2ad44f9d44da6f77fd1dcaea9a28c7d51" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F746a5715-1639-49f0-9350-9e74558b6a97.jpeg	34.120.237.76	200 OK	6.9 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F746a5715-1639-49f0-9350-9e74558b6a97.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 6.9 kB (6893 bytes) Hash 0b8edbb541668f634636dc44f1559b50 0a2322b18a1cc6ca4710fce7b6d8f28263ca6064 2765a746ef8f589399e2588727364fbea9c9710327f61c979371765def1e9694 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F746a5715-1639-49f0-9350-9e74558b6a97.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 6893 x-amzn-requestid: 38d02de7-71c6-4e93-ae9f-5e2e434c2b62 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fVsbVEo2oAMFTrw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d2277b-49c8737605f859f724e3ed4f;Sampled=0 x-amzn-remapped-date: Thu, 26 Jan 2023 07:10:51 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: BYuZMDDcR56g58NhU38KpBY_-2IGglgSXsAtHpsSLlSiyOAuTkdlmQ== via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google date: Mon, 30 Jan 2023 12:26:08 GMT age: 60066 etag: "0a2322b18a1cc6ca4710fce7b6d8f28263ca6064" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 69ffc0a3f7ca2b025a6b99f9c38889be 1b436bda66cd246a1024f8c3d8e91e3aeef31eaa 9aaaf6c2a570c6a73a623f4fdfb0e1dfd5f16f086ae5d9c8d5b2403b0d016e4f HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 31 Jan 2023 05:07:14 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	track.adform.net/Serving/TrackPoint/?CC=1&pm=2130909&ADFPageName=WebsiteName%7CSectionName%7CSubSection%7CPageName&ADFdivider=%7C&ord=981252750288&ADFtpmode=2&loc=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fwelcome-bonus-casino-affiliate%2F&Set1=en-US%7Cen-US%7C1280x1024%7C24	37.157.6.246	200 OK	202 B
URL HTTP/2 track.adform.net/Serving/TrackPoint/?CC=1&pm=2130909&ADFPageName=WebsiteName%7CSectionName%7CSubSection%7CPageName&ADFdivider=%7C&ord=981252750288&ADFtpmode=2&loc=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fwelcome-bonus-casino-affiliate%2F&Set1=en-US%7Cen-US%7C1280x1024%7C24 IP 37.157.6.246:0 ASN #198622 Adform A/S File type ASCII text, with CRLF line terminators Size 202 B (202 bytes) Hash 0910f1abc8fcd706ba1278cad9a23fe3 38de7284014fd13ae7fdbd53646123d38cc7be1f 768de2d43497a5871d7097af63cb3fb25a18923887e5303a2d3d092bc750b911 HTTP Headers GET /Serving/TrackPoint/?CC=1&pm=2130909&ADFPageName=WebsiteName%7CSectionName%7CSubSection%7CPageName&ADFdivider=%7C&ord=981252750288&ADFtpmode=2&loc=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fwelcome-bonus-casino-affiliate%2F&Set1=en-US%7Cen-US%7C1280x1024%7C24 HTTP/1.1 Host: track.adform.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.palmsbet.com/ Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers `HTTP/2 200 OK server: nginx date: Tue, 31 Jan 2023 05:07:14 GMT content-type: text/javascript; charset=utf-8 content-length: 202 cache-control: no-cache, no-store, must-revalidate, no-transform pragma: no-cache content-encoding: gzip expires: -1 vary: Accept-Encoding access-control-allow-origin: * p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" strict-transport-security: max-age=31536000; includeSubDomains X-Firefox-Spdy: h2`

	ocsp.pki.goog/s/gts1d4/M7vREfWOEdc	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/M7vREfWOEdc IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash c081b92c3ebfaa9bf982126353674b85 08b2d662e253ac6e1df16fa5baf9a1c1bd0664d8 cd847178d78fc8c00cf7183dd5d00b1ce7ba892ef9311e7b3e024f5377d14aa5 HTTP Headers `POST /s/gts1d4/M7vREfWOEdc HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 31 Jan 2023 05:07:14 GMT Cache-Control: public, max-age=14400 Server: scaffolding on HTTPServer2 Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	api.trafficguard.ai/tg-g-007125-001/api/v4/client-side/validate/event	34.120.121.20	200 OK	61 B
URL HTTP/2 api.trafficguard.ai/tg-g-007125-001/api/v4/client-side/validate/event IP 34.120.121.20:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with no line terminators Size 61 B (61 bytes) Hash e1c7c08a66528b3d6bb17497416cb72a df727f7719b2201e84d87b3f615d81ee35bfe540 50e096fa1984688873bb880ab8e006bd616ea48171bd1b4974e25f7c4922a7c6 HTTP Headers POST /tg-g-007125-001/api/v4/client-side/validate/event HTTP/1.1 Host: api.trafficguard.ai User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.palmsbet.com/ Content-Type: application/x-www-form-urlencoded;charset=UTF-8 Content-Length: 2194 Origin: https://www.palmsbet.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK expect-ct: max-age=0, report-uri="https://trafficguard.report-uri.com/r/d/ct/reportOnly" x-xss-protection: 0 x-content-type-options: nosniff access-control-allow-origin: https://www.palmsbet.com access-control-allow-credentials: true access-control-allow-methods: GET, POST, OPTIONS access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Requested-With, Access-Control-Allow-Origin, Access-Control-Allow-Credentials set-cookie: geid=0201002a-8668-4351-8500-079863d8a202; Domain=.trafficguard.ai; Path=/; Expires=Wed, 31 Jan 2024 05:07:14 GMT; HttpOnly; Secure; SameSite=None geid-legacy=0201002a-8668-4351-8500-079863d8a202; Domain=.trafficguard.ai; Path=/; Expires=Wed, 31 Jan 2024 05:07:14 GMT; HttpOnly content-type: application/json; charset=utf-8 content-length: 61 etag: W/"3d-33J/dxmyIB6E2Hs/YV2B7jW/5UA" date: Tue, 31 Jan 2023 05:07:14 GMT via: 1.1 google alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	region1.google-analytics.com/g/collect?v=2&tid=G-JRG87C8CG6&gtm=2oe1p0&_p=1197833258&cid=812062839.1675141650&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675141649&sct=1&seg=0&dl=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fwelcome-bonus-casino-affiliate%2F&dt=Palms%20Bet%20-%20%D1%81%D0%BF%D0%BE%D1%80%D1%82%D0%BD%D0%B8%20%D0%B7%D0%B0%D0%BB%D0%BE%D0%B7%D0%B8%20%D0%B8%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BA%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE&en=page_view&_fv=1&_nsi=1&_ss=1	216.239.34.36	204 No Content	0 B
URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-JRG87C8CG6&gtm=2oe1p0&_p=1197833258&cid=812062839.1675141650&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675141649&sct=1&seg=0&dl=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fwelcome-bonus-casino-affiliate%2F&dt=Palms%20Bet%20-%20%D1%81%D0%BF%D0%BE%D1%80%D1%82%D0%BD%D0%B8%20%D0%B7%D0%B0%D0%BB%D0%BE%D0%B7%D0%B8%20%D0%B8%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BA%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE&en=page_view&_fv=1&_nsi=1&_ss=1 IP 216.239.34.36:0 ASN #15169 GOOGLE File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers POST /g/collect?v=2&tid=G-JRG87C8CG6&gtm=2oe1p0&_p=1197833258&cid=812062839.1675141650&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675141649&sct=1&seg=0&dl=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fwelcome-bonus-casino-affiliate%2F&dt=Palms%20Bet%20-%20%D1%81%D0%BF%D0%BE%D1%80%D1%82%D0%BD%D0%B8%20%D0%B7%D0%B0%D0%BB%D0%BE%D0%B7%D0%B8%20%D0%B8%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BA%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1 Host: region1.google-analytics.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.palmsbet.com/ Origin: https://www.palmsbet.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Content-Length: 0 `HTTP/2 204 No Content access-control-allow-origin: https://www.palmsbet.com date: Tue, 31 Jan 2023 05:07:15 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate access-control-allow-credentials: true content-type: text/plain cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2`

	ocsp.pki.goog/s/gts1d4/M7vREfWOEdc	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/M7vREfWOEdc IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash c081b92c3ebfaa9bf982126353674b85 08b2d662e253ac6e1df16fa5baf9a1c1bd0664d8 cd847178d78fc8c00cf7183dd5d00b1ce7ba892ef9311e7b3e024f5377d14aa5 HTTP Headers `POST /s/gts1d4/M7vREfWOEdc HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 31 Jan 2023 05:07:15 GMT Cache-Control: public, max-age=14400 Server: scaffolding on HTTPServer2 Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	www.facebook.com/tr/?id=1297212827064514&ev=PageView&dl=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fwelcome-bonus-casino-affiliate%2F&rl=&if=false&ts=1675141650169&sw=1280&sh=1024&v=2.9.95&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1675141650168.589324621&it=1675141649791&coo=false&rqm=GET	157.240.205.35	200 OK	0 B
URL HTTP/2 www.facebook.com/tr/?id=1297212827064514&ev=PageView&dl=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fwelcome-bonus-casino-affiliate%2F&rl=&if=false&ts=1675141650169&sw=1280&sh=1024&v=2.9.95&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1675141650168.589324621&it=1675141649791&coo=false&rqm=GET IP 157.240.205.35:0 ASN #32934 FACEBOOK File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tr/?id=1297212827064514&ev=PageView&dl=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fwelcome-bonus-casino-affiliate%2F&rl=&if=false&ts=1675141650169&sw=1280&sh=1024&v=2.9.95&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1675141650168.589324621&it=1675141649791&coo=false&rqm=GET HTTP/1.1 Host: www.facebook.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.palmsbet.com/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site `HTTP/2 200 OK content-type: text/plain access-control-allow-origin: access-control-allow-credentials: true strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin content-length: 0 server: proxygen-bolt alt-svc: h3=":443"; ma=86400 date: Tue, 31 Jan 2023 05:07:15 GMT X-Firefox-Spdy: h2`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 2ac1bcdceabf1fc4e07017906aa8a815 ba00b737325fc50b35af8d851ced0fe13d1cba22 c6c54f5dbbfc40b454b9c67a7972827f500d83b10a1594f7cb56c69158278c08 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 31 Jan 2023 05:07:15 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-99030406-1&cid=812062839.1675141650&jid=720183256&_u=YCDAgEABAAAAAEAAI~&z=120940751	142.250.74.67	200 OK	42 B
URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-99030406-1&cid=812062839.1675141650&jid=720183256&_u=YCDAgEABAAAAAEAAI~&z=120940751 IP 142.250.74.67:0 ASN #15169 GOOGLE File type GIF image data, version 89a, 1 x 1\012- data Size 42 B (42 bytes) Hash d89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 HTTP Headers GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-99030406-1&cid=812062839.1675141650&jid=720183256&_u=YCDAgEABAAAAAEAAI~&z=120940751 HTTP/1.1 Host: www.google.no User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.palmsbet.com/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site HTTP/2 200 OK p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin: * cross-origin-resource-policy: cross-origin date: Tue, 31 Jan 2023 05:07:15 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate content-type: image/gif x-content-type-options: nosniff server: cafe content-length: 42 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-99030406-1&cid=812062839.1675141650&jid=720183256&_u=YCDAgEABAAAAAEAAI~&z=120940751	216.58.207.228	200 OK	42 B
URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-99030406-1&cid=812062839.1675141650&jid=720183256&_u=YCDAgEABAAAAAEAAI~&z=120940751 IP 216.58.207.228:0 ASN #15169 GOOGLE File type GIF image data, version 89a, 1 x 1\012- data Size 42 B (42 bytes) Hash d89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 HTTP Headers GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-99030406-1&cid=812062839.1675141650&jid=720183256&_u=YCDAgEABAAAAAEAAI~&z=120940751 HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.palmsbet.com/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site HTTP/2 200 OK p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin: * cross-origin-resource-policy: cross-origin date: Tue, 31 Jan 2023 05:07:15 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate content-type: image/gif x-content-type-options: nosniff server: cafe content-length: 42 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.sectigo.com/	172.64.155.188	200 OK	21 kB
URL HTTP/1.1 ocsp.sectigo.com/ IP 172.64.155.188:0 ASN #13335 CLOUDFLARENET File type data Size 21 kB (21016 bytes) Hash 483e728f634402e9ff66b08af7cfa07d 566d6550fbc87d5992529f593fc35901c38054df a7e2b3e84b9d58be73d2a1166c173686c5a8fc8f7d56b2d72e4389b08ba43b47 HTTP Headers `POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Tue, 31 Jan 2023 05:07:15 GMT Content-Type: application/ocsp-response Content-Length: 472 Connection: keep-alive Last-Modified: Sun, 29 Jan 2023 11:03:24 GMT Expires: Sun, 05 Feb 2023 11:03:23 GMT Etag: "7581450ad9c90cbeac1de68f89f544562a74a1f4" Cache-Control: max-age=452767,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb4 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 791fec373ce20b51-OSL`

	sdk-cdn.optimove.net/websdk/sdk-v2.0.js	35.201.79.141	200 OK	17 kB
URL HTTP/2 sdk-cdn.optimove.net/websdk/sdk-v2.0.js IP 35.201.79.141:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (48711) Size 17 kB (16643 bytes) Hash c64955f068a5d896417cb0ce95ac8453 aff5c079745b20a514592ccba0b8a09197d524f1 183ba3d31307b8f69cc6fd295070d5883bdaec0e414661a856747d705029d443 HTTP Headers `GET /websdk/sdk-v2.0.js HTTP/1.1 Host: sdk-cdn.optimove.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.palmsbet.com/ Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK x-guploader-uploadid: ADPycdt2Dlov-SAin3jcuvitHXCGCjcR2oA8fSstnUUmVKkOmqFhrqJqNIFMxc67XcEV1DTqRyuvU8DEzqS3kXmBxpaaBZZeAW7D vary: X-Goog-Allowed-Resources x-goog-generation: 1674476899204117 x-goog-metageneration: 1 x-goog-stored-content-encoding: gzip x-goog-stored-content-length: 16643 content-encoding: gzip x-goog-hash: crc32c=LDag5A==, md5=xklV8Gil2JZBfLDOlayEUw== x-goog-storage-class: MULTI_REGIONAL accept-ranges: bytes content-length: 16643 server: UploadServer date: Mon, 30 Jan 2023 12:19:40 GMT age: 60455 last-modified: Mon, 23 Jan 2023 12:28:19 GMT etag: "c64955f068a5d896417cb0ce95ac8453" content-type: text/javascript cache-control: public,max-age=3600,no-transform alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.sectigo.com/	172.64.155.188	200 OK	472 B
URL HTTP/1.1 ocsp.sectigo.com/ IP 172.64.155.188:0 ASN #13335 CLOUDFLARENET File type data Size 472 B (472 bytes) Hash 0e3ceea839ad79d979de004dac2492a4 7581450ad9c90cbeac1de68f89f544562a74a1f4 e3bdb24102adf76d77090f333db02345ea06fa3f6e37a74c194adea948f64d3d HTTP Headers `POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Tue, 31 Jan 2023 05:07:15 GMT Content-Type: application/ocsp-response Content-Length: 472 Connection: keep-alive Last-Modified: Sun, 29 Jan 2023 11:03:24 GMT Expires: Sun, 05 Feb 2023 11:03:23 GMT Etag: "7581450ad9c90cbeac1de68f89f544562a74a1f4" Cache-Control: max-age=452767,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb1 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 791fec37bd0e0b51-OSL`

	sdk-cdn.optimove.net/webconfig/f6a9d2d8264c44578514f5b495966bf8/web-configuration.1.0.0.js	35.201.79.141	200 OK	7.6 kB
URL HTTP/2 sdk-cdn.optimove.net/webconfig/f6a9d2d8264c44578514f5b495966bf8/web-configuration.1.0.0.js IP 35.201.79.141:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (65536), with no line terminators Size 7.6 kB (7614 bytes) Hash d45d77dd213e3186e62342107ac35716 8c0623f8d6ea68967bdde913b3f1fdf4ae730195 51836e055c72404f402fcef5131842ed2319a8aa8540f68602279dfcf3f03980 HTTP Headers `GET /webconfig/f6a9d2d8264c44578514f5b495966bf8/web-configuration.1.0.0.js HTTP/1.1 Host: sdk-cdn.optimove.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.palmsbet.com/ Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK x-guploader-uploadid: ADPycdvMWUKefPxTloZ1zcV301VsOeYRARxYlcK7WfZemwTT679vfKdpqKA3rNhnLrsOuSetH7FnEVw9zBbK1sOo6eQa0A vary: X-Goog-Allowed-Resources x-goog-generation: 1673875967335136 x-goog-metageneration: 3 x-goog-stored-content-encoding: gzip x-goog-stored-content-length: 7614 content-encoding: gzip x-goog-hash: crc32c=vrqIwQ==, md5=1F133SE+MYbmI0IQesNXFg== x-goog-storage-class: MULTI_REGIONAL accept-ranges: bytes content-length: 7614 server: UploadServer date: Tue, 31 Jan 2023 05:07:15 GMT last-modified: Mon, 16 Jan 2023 13:32:47 GMT etag: "d45d77dd213e3186e62342107ac35716" content-type: application/json age: 0 cache-control: public,max-age=300,no-transform alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash f075625a67cefc01c034a3c732ec8023 c3ef563fbf1cf30f75fc931f82426a0f859ccb6d 75ce941806680157fcca91d6074496cbbc7cdcf6da28fa35384273bf9a76d588 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 31 Jan 2023 05:07:15 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash f075625a67cefc01c034a3c732ec8023 c3ef563fbf1cf30f75fc931f82426a0f859ccb6d 75ce941806680157fcca91d6074496cbbc7cdcf6da28fa35384273bf9a76d588 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 31 Jan 2023 05:07:15 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2	216.58.207.227	200 OK	16 kB
URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP 216.58.207.227:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data Size 16 kB (15860 bytes) Hash e9f5aaf547f165386cd313b995dddd8e acdef5603c2387b0e5bffd744b679a24a8bc1968 f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860 HTTP Headers `GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://www.palmsbet.com Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 15860 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Tue, 24 Jan 2023 13:09:06 GMT expires: Wed, 24 Jan 2024 13:09:06 GMT cache-control: public, max-age=31536000 age: 575889 last-modified: Wed, 11 May 2022 19:24:42 GMT content-type: font/woff2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash f075625a67cefc01c034a3c732ec8023 c3ef563fbf1cf30f75fc931f82426a0f859ccb6d 75ce941806680157fcca91d6074496cbbc7cdcf6da28fa35384273bf9a76d588 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 31 Jan 2023 05:07:15 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2	216.58.207.227	200 OK	9.6 kB
URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2 IP 216.58.207.227:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 9628, version 1.0\012- data Size 9.6 kB (9628 bytes) Hash d9ac47c7e500fb7083b8d595eaf6fe12 112a2fc5f4ff9b85ee3a706fa9b8c47f79b05933 495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9 HTTP Headers `GET /s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://www.palmsbet.com Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 9628 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Wed, 25 Jan 2023 12:24:15 GMT expires: Thu, 25 Jan 2024 12:24:15 GMT cache-control: public, max-age=31536000 last-modified: Wed, 11 May 2022 19:24:42 GMT content-type: font/woff2 age: 492180 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2	216.58.207.227	200 OK	10 kB
URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2 IP 216.58.207.227:0 ASN #15169 GOOGLE File type data Size 10 kB (10025 bytes) Hash 226f43731def51c080bf76c59353bbba 4b1118152147e0594f613bdd810fc063683a8e72 ecb43fb8a88d15472e09e900de6472d225ace048a61ae95bec310f0a7eed2dad HTTP Headers `GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://www.palmsbet.com Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 9644 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Wed, 25 Jan 2023 12:24:15 GMT expires: Thu, 25 Jan 2024 12:24:15 GMT cache-control: public, max-age=31536000 last-modified: Wed, 11 May 2022 19:24:50 GMT content-type: font/woff2 age: 492180 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash f075625a67cefc01c034a3c732ec8023 c3ef563fbf1cf30f75fc931f82426a0f859ccb6d 75ce941806680157fcca91d6074496cbbc7cdcf6da28fa35384273bf9a76d588 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 31 Jan 2023 05:07:15 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash f075625a67cefc01c034a3c732ec8023 c3ef563fbf1cf30f75fc931f82426a0f859ccb6d 75ce941806680157fcca91d6074496cbbc7cdcf6da28fa35384273bf9a76d588 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 31 Jan 2023 05:07:16 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2	216.58.207.227	200 OK	16 kB
URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 IP 216.58.207.227:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data Size 16 kB (15920 bytes) Hash 3a44e06eb954b96aa043227f3534189d 23cef6993ddb2b2979e8e7647fc3763694e2ba7d b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e HTTP Headers `GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://www.palmsbet.com Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 15920 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Wed, 25 Jan 2023 07:51:59 GMT expires: Thu, 25 Jan 2024 07:51:59 GMT cache-control: public, max-age=31536000 age: 508517 last-modified: Wed, 11 May 2022 19:24:45 GMT content-type: font/woff2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2	216.58.207.227	200 OK	9.8 kB
URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2 IP 216.58.207.227:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 9840, version 1.0\012- data Size 9.8 kB (9840 bytes) Hash 7b08b9e11fc6b8a8a1398b357e874144 4b5fb5790fae1c96655aaa7a426b697f5ab986d0 3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9 HTTP Headers `GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://www.palmsbet.com Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 9840 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Fri, 27 Jan 2023 09:52:09 GMT expires: Sat, 27 Jan 2024 09:52:09 GMT cache-control: public, max-age=31536000 last-modified: Wed, 11 May 2022 19:24:39 GMT content-type: font/woff2 age: 328507 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2	216.58.207.227	200 OK	16 kB
URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP 216.58.207.227:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data Size 16 kB (15744 bytes) Hash 15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 HTTP Headers `GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://www.palmsbet.com Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 15744 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Sun, 29 Jan 2023 22:02:00 GMT expires: Mon, 29 Jan 2024 22:02:00 GMT cache-control: public, max-age=31536000 last-modified: Wed, 11 May 2022 19:24:48 GMT content-type: font/woff2 age: 111916 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash f075625a67cefc01c034a3c732ec8023 c3ef563fbf1cf30f75fc931f82426a0f859ccb6d 75ce941806680157fcca91d6074496cbbc7cdcf6da28fa35384273bf9a76d588 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 31 Jan 2023 05:07:16 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	sdkuaservice.optimove.net/	34.102.240.186	200 OK	1.1 kB
URL HTTP/2 sdkuaservice.optimove.net/ IP 34.102.240.186:0 ASN #15169 GOOGLE File type data Size 1.1 kB (1084 bytes) Hash f14773f546444a9fc56140caaf224b1f 4cb3dbb3963f03e2f03dab51c264828bb35bbc07 7cb7e1ff37c940af86f6bff7bcf304ad15ef2b132e02ce876d101feff9501ebf HTTP Headers `GET / HTTP/1.1 Host: sdkuaservice.optimove.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.palmsbet.com/ Content-Type: application/x-www-form-urlencoded;charset=utf-8 Origin: https://www.palmsbet.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK x-powered-by: Express access-control-allow-origin: * content-type: application/json date: Tue, 31 Jan 2023 05:07:16 GMT content-length: 361 via: 1.1 google alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2`

	stream-683.optimove.net/	107.154.132.121	204 No Content	0 B
URL HTTP/2 stream-683.optimove.net/ IP 107.154.132.121:0 ASN #19551 INCAPSULA File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `OPTIONS / HTTP/1.1 Host: stream-683.optimove.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type,x-request-id Referer: https://www.palmsbet.com/ Origin: https://www.palmsbet.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 204 No Content x-powered-by: Express access-control-allow-origin: * access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE vary: Access-Control-Request-Headers access-control-allow-headers: content-type,x-request-id access-control-max-age: 86400 content-length: 0 date: Tue, 31 Jan 2023 05:07:16 GMT via: 1.1 google alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 set-cookie: visid_incap_2816538=7TTcgRwSTbKMGWQj7KNBtQOi2GMAAAAAQUIPAAAAAAAjEOvjmaJKJj6pbe8D561A; expires=Tue, 30 Jan 2024 22:50:12 GMT; HttpOnly; path=/; Domain=.optimove.net incap_ses_7235_2816538=phKPEQxm0RJU7MQ3tOJnZAOi2GMAAAAA/ZTyuVRUndLBAmSLggSlpg==; path=/; Domain=.optimove.net x-cdn: Imperva x-iinfo: 14-52112660-52112664 NNNN CT(2 4 0) RT(1675141635265 19) q(0 0 0 0) r(1 1) U6 X-Firefox-Spdy: h2

	stream-683.optimove.net/	107.154.132.121	200 OK	66 B
URL HTTP/2 stream-683.optimove.net/ IP 107.154.132.121:0 ASN #19551 INCAPSULA File type JSON data\012- , ASCII text, with no line terminators Size 66 B (66 bytes) Hash 24208df8c97f8cf86bf1ede4b36bb1fd 1d4cf2a366555226efa52ee2e645edc1b2b38989 7d6fb94cf30d661adac9ca2f84f3c8e0f74c538b2e5b04e17b6849d40069d7c8 HTTP Headers POST / HTTP/1.1 Host: stream-683.optimove.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.palmsbet.com/ Content-Type: application/json X-Request-ID: af6ef15f-e09e-4742-a18c-8b060b17efac Origin: https://www.palmsbet.com Content-Length: 672 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers HTTP/2 200 OK x-powered-by: Express access-control-allow-origin: * content-type: application/json; charset=utf-8 etag: W/"31-6bLGZqdMB72Bdl3IbimVWGu2wNY" date: Tue, 31 Jan 2023 05:07:16 GMT via: 1.1 google alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 set-cookie: visid_incap_2816538=7TTcgRwSTbKMGWQj7KNBtQOi2GMAAAAAQUIPAAAAAAAjEOvjmaJKJj6pbe8D561A; expires=Tue, 30 Jan 2024 22:50:12 GMT; HttpOnly; path=/; Domain=.optimove.net incap_ses_7235_2816538=sdf2OKqwCgNU7MQ3tOJnZAOi2GMAAAAABM4zpm4C30Sr4/1MMTJPzA==; path=/; Domain=.optimove.net x-cdn: Imperva content-encoding: gzip x-iinfo: 14-52112660-52112664 PNYN RT(1675141635265 76) q(0 0 0 1) r(0 0) U6 X-Firefox-Spdy: h2

	realtime-683.optimove.net/reportEvent	107.154.132.121	200 OK	87 B
URL HTTP/2 realtime-683.optimove.net/reportEvent IP 107.154.132.121:0 ASN #19551 INCAPSULA File type JSON data\012- , ASCII text, with no line terminators Size 87 B (87 bytes) Hash e0b90ae27fae83762ef117c3f73e958c 9004b37de436cf4a11a7e74be4abf69a28cc6a03 ceaa54ccdf908e3f50b6cb490a9896bdeacc77ecfb47f91dfdcfcbc6797e549b HTTP Headers POST /reportEvent HTTP/1.1 Host: realtime-683.optimove.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.palmsbet.com/ Content-Type: application/json X-Request-ID: 888591ce-b0a4-442b-861b-3cbfb48b26ba Origin: https://www.palmsbet.com Content-Length: 672 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers HTTP/2 200 OK x-powered-by: Express access-control-allow-origin: * access-control-allow-methods: GET, POST access-control-allow-headers: X-Requested-With,Content-Type content-type: application/json date: Tue, 31 Jan 2023 05:07:16 GMT via: 1.1 google alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 set-cookie: visid_incap_2819049=RdZCq+X3RkyRNEw/DASZugOi2GMAAAAAQUIPAAAAAAAik/2N5PLuOSn0WzQC8m8D; expires=Tue, 30 Jan 2024 22:50:12 GMT; HttpOnly; path=/; Domain=.optimove.net incap_ses_7235_2819049=KHvqAgFCIHyH7MQ3tOJnZAOi2GMAAAAArJRK9HCWjyLOwCuwMU6TRw==; path=/; Domain=.optimove.net x-cdn: Imperva content-encoding: gzip x-iinfo: 14-52112660-52112693 PNYN RT(1675141635265 307) q(0 0 0 0) r(1 1) U6 X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde59a1de-2b64-4d28-8e63-6d511c4c70d5.jpeg	34.120.237.76	200 OK	10 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde59a1de-2b64-4d28-8e63-6d511c4c70d5.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 10 kB (9972 bytes) Hash d143b65b98551bde96a7f026808d4583 3e995e5933e6f8c15ecd3bc642ce1778a11f7ca7 004be88ebe2a4840bb718a5148fcf7d2dc1400f6c1c880cee4428d66ba91dbd9 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde59a1de-2b64-4d28-8e63-6d511c4c70d5.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers HTTP/2 200 OK server: nginx content-length: 9972 x-amzn-requestid: fc482a0d-3033-492d-86bf-fedd44c7cac2 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fFNnUHmyIAMF3gw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63cb8fc8-7091fe260abb90766f87e7cf;Sampled=0 x-amzn-remapped-date: Sat, 21 Jan 2023 07:10:00 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: GfEXQhD_Og-PS-aycWJ75R5LL1r5hJtXd5MZ3OaYc6nb-bUHo0cnSA== via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google date: Mon, 30 Jan 2023 23:35:46 GMT age: 19895 etag: "3e995e5933e6f8c15ecd3bc642ce1778a11f7ca7" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	www.palmsbet.com/bg/pages/welcome-bonus-casino-affiliate/	172.67.75.149	200 OK	0 B
URL HTTP/2 www.palmsbet.com/bg/pages/welcome-bonus-casino-affiliate/ IP 172.67.75.149:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET /bg/pages/welcome-bonus-casino-affiliate/ HTTP/1.1 Host: www.palmsbet.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1` HTTP/2 200 OK date: Tue, 31 Jan 2023 05:07:13 GMT content-type: text/html last-modified: Tue, 17 Jan 2023 15:21:02 GMT cache-control: no-store access-control-allow-credentials: true x-content-type-options: nosniff content-security-policy: frame-ancestors 'none' x-xss-protection: 1 x-frame-options: DENY strict-transport-security: max-age=63072000; includeSubDomains; preload referrer-policy: strict-origin-when-cross-origin cf-cache-status: BYPASS report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C5aSLffZzYfde8uMWWjCq4emcGF3K9EMbwmg7pFtpMyAR6983ViIkhzv503ct5RjwNcdMe91zuJ8NWb7rNuIqr0hLo7QjH1cFug1rJF%2F68%2B7KUojWVDh31kf30ZN86UzSWE%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 791fec27ed9fb518-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	s2.adform.net/banners/scripts/st/trackpoint-async.js	37.157.2.249	200 OK	0 B
URL HTTP/2 s2.adform.net/banners/scripts/st/trackpoint-async.js IP 37.157.2.249:0 ASN #198622 Adform A/S File type Size 0 B (0 bytes) Hash HTTP Headers `GET /banners/scripts/st/trackpoint-async.js HTTP/1.1 Host: s2.adform.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.palmsbet.com/ Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Tue, 31 Jan 2023 05:02:51 GMT content-type: application/javascript vary: Accept-Encoding last-modified: Tue, 29 Nov 2022 10:23:25 GMT x-rgw-object-type: Normal etag: W/"83eb5fafaa212c785f7393188ff817aa" x-amz-request-id: tx00000bdfae384ccf5a381-006385e0d4-329373d4-default access-control-allow-origin: * cache-control: public, max-age=604800 x-cache-status: HIT content-encoding: gzip X-Firefox-Spdy: h2`

	track.adform.net/serving/scripts/trackpoint/async/	37.157.6.246	301 Moved Permanently	0 B
URL HTTP/2 track.adform.net/serving/scripts/trackpoint/async/ IP 37.157.6.246:0 ASN #198622 Adform A/S File type Size 0 B (0 bytes) Hash HTTP Headers `GET /serving/scripts/trackpoint/async/ HTTP/1.1 Host: track.adform.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.palmsbet.com/ Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 301 Moved Permanently server: nginx date: Tue, 31 Jan 2023 05:07:14 GMT content-type: text/html location: https://s2.adform.net/banners/scripts/st/trackpoint-async.js strict-transport-security: max-age=31536000; includeSubDomains X-Firefox-Spdy: h2`

	connect.facebook.net/signals/config/1297212827064514?v=2.9.95&r=stable	157.240.205.11	200 OK	0 B
URL HTTP/2 connect.facebook.net/signals/config/1297212827064514?v=2.9.95&r=stable IP 157.240.205.11:0 ASN #32934 FACEBOOK File type Size 0 B (0 bytes) Hash HTTP Headers `GET /signals/config/1297212827064514?v=2.9.95&r=stable HTTP/1.1 Host: connect.facebook.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.palmsbet.com/ Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK vary: Accept-Encoding content-encoding: gzip content-type: application/x-javascript; charset=utf-8 content-security-policy: default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; x-fb-rlafr: 0 document-policy: force-load-at-top cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups pragma: public cache-control: public, max-age=1200 expires: Sat, 01 Jan 2000 00:00:00 GMT x-content-type-options: nosniff x-xss-protection: 0 x-frame-options: DENY strict-transport-security: max-age=31536000; preload; includeSubDomains x-fb-debug: gBVb83gI/cAP8S3TR70QOtUNtmOdFfl4UfgroJH+bxa931Z/mU6TaMOM9Br5ynljbdP6PZPG0Ubxui+q069NeA== x-fb-trip-id: 1679558926 date: Tue, 31 Jan 2023 05:07:14 GMT alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	stream-683.optimove.net/	107.154.132.121	200 OK	0 B
URL HTTP/2 stream-683.optimove.net/ IP 107.154.132.121:0 ASN #19551 INCAPSULA File type Size 0 B (0 bytes) Hash HTTP Headers POST / HTTP/1.1 Host: stream-683.optimove.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.palmsbet.com/ Content-Type: application/json X-Request-ID: 0f223eb8-35c7-457c-a531-3fed0aed8a4c Origin: https://www.palmsbet.com Content-Length: 607 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers HTTP/2 200 OK x-powered-by: Express access-control-allow-origin: * content-type: application/json; charset=utf-8 etag: W/"31-lrRkJ7/z3dZkGFSPmiVnRZFNh9Y" date: Tue, 31 Jan 2023 05:07:19 GMT via: 1.1 google alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 set-cookie: visid_incap_2816538=7TTcgRwSTbKMGWQj7KNBtQOi2GMAAAAAQUIPAAAAAAAjEOvjmaJKJj6pbe8D561A; expires=Tue, 30 Jan 2024 22:50:12 GMT; HttpOnly; path=/; Domain=.optimove.net incap_ses_7235_2816538=zbUjXTg71k5U7MQ3tOJnZAai2GMAAAAA1MZtqKmKlpOtRlNSBlM5vw==; path=/; Domain=.optimove.net x-cdn: Imperva content-encoding: gzip x-iinfo: 14-52112660-52112664 PNYN RT(1675141635265 2992) q(0 0 0 0) r(1 1) U6 X-Firefox-Spdy: h2

	realtime-683.optimove.net/reportEvent	107.154.132.121	200 OK	0 B
URL HTTP/2 realtime-683.optimove.net/reportEvent IP 107.154.132.121:0 ASN #19551 INCAPSULA File type Size 0 B (0 bytes) Hash HTTP Headers POST /reportEvent HTTP/1.1 Host: realtime-683.optimove.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.palmsbet.com/ Content-Type: application/json X-Request-ID: b3402cc6-c0b6-4606-8cee-8704d8fb1e44 Origin: https://www.palmsbet.com Content-Length: 607 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers HTTP/2 200 OK x-powered-by: Express access-control-allow-origin: * access-control-allow-methods: GET, POST access-control-allow-headers: X-Requested-With,Content-Type content-type: application/json date: Tue, 31 Jan 2023 05:07:19 GMT via: 1.1 google alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 set-cookie: visid_incap_2819049=RdZCq+X3RkyRNEw/DASZugOi2GMAAAAAQUIPAAAAAAAik/2N5PLuOSn0WzQC8m8D; expires=Tue, 30 Jan 2024 22:50:12 GMT; HttpOnly; path=/; Domain=.optimove.net incap_ses_7235_2819049=TKQdcCrXtxOH7MQ3tOJnZAai2GMAAAAASiaiEU2fKayCWtjN9+Fhbg==; path=/; Domain=.optimove.net x-cdn: Imperva content-encoding: gzip x-iinfo: 14-52112660-52112693 PNYN RT(1675141635265 3052) q(0 0 0 1) r(0 0) U6 X-Firefox-Spdy: h2

	fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap	142.250.74.74	200 OK	0 B
URL HTTP/2 fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap IP 142.250.74.74:0 ASN #15169 GOOGLE File type Size 0 B (0 bytes) Hash HTTP Headers `GET /css2?family=Roboto:wght@400;500;700&display=swap HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.palmsbet.com/ Connection: keep-alive Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Tue, 31 Jan 2023 05:07:13 GMT date: Tue, 31 Jan 2023 05:07:13 GMT cache-control: private, max-age=86400 cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	track.adform.net/Serving/TrackPoint/?pm=2130909&ADFPageName=WebsiteName%7CSectionName%7CSubSection%7CPageName&ADFdivider=%7C&ord=981252750288&ADFtpmode=2&loc=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fwelcome-bonus-casino-affiliate%2F&Set1=en-US%7Cen-US%7C1280x1024%7C24	37.157.6.246	302 Found	0 B
URL HTTP/2 track.adform.net/Serving/TrackPoint/?pm=2130909&ADFPageName=WebsiteName%7CSectionName%7CSubSection%7CPageName&ADFdivider=%7C&ord=981252750288&ADFtpmode=2&loc=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fwelcome-bonus-casino-affiliate%2F&Set1=en-US%7Cen-US%7C1280x1024%7C24 IP 37.157.6.246:0 ASN #198622 Adform A/S File type Size 0 B (0 bytes) Hash HTTP Headers GET /Serving/TrackPoint/?pm=2130909&ADFPageName=WebsiteName%7CSectionName%7CSubSection%7CPageName&ADFdivider=%7C&ord=981252750288&ADFtpmode=2&loc=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fwelcome-bonus-casino-affiliate%2F&Set1=en-US%7Cen-US%7C1280x1024%7C24 HTTP/1.1 Host: track.adform.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.palmsbet.com/ Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers HTTP/2 302 Found server: nginx date: Tue, 31 Jan 2023 05:07:14 GMT content-type: text/html; charset=utf-8 location: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2130909&ADFPageName=WebsiteName%7CSectionName%7CSubSection%7CPageName&ADFdivider=%7C&ord=981252750288&ADFtpmode=2&loc=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fwelcome-bonus-casino-affiliate%2F&Set1=en-US%7Cen-US%7C1280x1024%7C24 cache-control: no-cache, no-store, must-revalidate, no-transform pragma: no-cache expires: -1 access-control-allow-origin: * set-cookie: C=1; domain=adform.net; expires=Tue, 28-Feb-2023 05:07:14 GMT; path=/ p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" strict-transport-security: max-age=31536000; includeSubDomains X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (28)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML