GET /5LMHK7/2F8LBL/ HTTP/1.1
Host: www.cmjdj2smns.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
|
search
 34.107.199.247
HTTP/1.1 302 Found
content-type: text/html; charset=utf-8
server: nginx
date: Mon, 05 Dec 2022 06:21:15 GMT
content-length: 224
location: https://www.c9ikptk.com/5LMHK7/BP658/?__rpt=0&__po=29&__ptid=4d99df32cf32469a8b2891702a77965e&__rpa=0&__rc=1&sub1=&sub2=&sub3=&sub4=&sub5=&source_id=&__pcd=9
set-cookie: uniqueClick_2F8LBL=665313c1-982d-46b5-ada0-87b3c3bbb490:1670221275; Path=/; Expires=Mon, 19 Dec 2022 06:21:15 GMT; SameSite=None
vary: Origin
x-eflow-request-id: 3a78fbfd-f98e-41e1-8891-fd694ffce91b
Via: 1.1 google
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
 95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15523
Expires: Mon, 05 Dec 2022 10:39:58 GMT
Date: Mon, 05 Dec 2022 06:21:15 GMT
Connection: keep-alive
|
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
 93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Accept-Ranges: bytes
Age: 3562
Cache-Control: max-age=104964
Date: Mon, 05 Dec 2022 06:21:15 GMT
Etag: "638c76f5-1d7"
Expires: Tue, 06 Dec 2022 11:30:39 GMT
Last-Modified: Sun, 04 Dec 2022 10:31:17 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
|
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
34.102.187.140
HTTP/2 200 OK
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 05 Dec 2022 06:20:13 GMT
cache-control: public,max-age=3600
age: 62
alt-svc: clear
X-Firefox-Spdy: h2
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16191
Expires: Mon, 05 Dec 2022 10:51:06 GMT
Date: Mon, 05 Dec 2022 06:21:15 GMT
Connection: keep-alive
|
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
search
34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
x-amz-id-2: XXHcMdWD3ynbXXEGD7a+wljiEwZIb7O5bQe0ghNs0sGD0onVRc+AWSg3K5TMJxzG+z8HjvV7I0M=
x-amz-request-id: MX95V69M17N77ZNW
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 05 Dec 2022 05:47:17 GMT
age: 2038
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
34.117.237.239
HTTP/2 200 OK
content-type: application/json
server: nginx
date: Mon, 05 Dec 2022 06:21:15 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
192.124.249.24
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: Sucuri/Cloudproxy
Date: Mon, 05 Dec 2022 06:21:15 GMT
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sun, 04 Dec 2022 18:45:40 GMT
Expires: Mon, 05 Dec 2022 18:45:40 GMT
ETag: "4d1362830a44e7de062fe236f92c65cd3d76acb4"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
|
GET /5LMHK7/BP658/?__rpt=0&__po=29&__ptid=4d99df32cf32469a8b2891702a77965e&__rpa=0&__rc=1&sub1=&sub2=&sub3=&sub4=&sub5=&source_id=&__pcd=9 HTTP/1.1
Host: www.c9ikptk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
|
search
34.107.199.247
HTTP/2 302 Found
content-type: text/html; charset=utf-8
server: nginx
date: Mon, 05 Dec 2022 06:21:15 GMT
content-length: 57
location: http://p.npcad.com/go/89517/482729
set-cookie: uniqueClick_BP658=5ff85607-5cac-4aea-9b4a-c22ef9608efc:1670221275; Path=/; Expires=Mon, 12 Dec 2022 06:21:15 GMT; Secure; SameSite=None
transaction_id=1ec949192ed44f81aef6a5975ca0a0df; Path=/; Expires=Sun, 05 Mar 2023 06:21:15 GMT; Secure; SameSite=None
vary: Origin
x-eflow-request-id: 73298b44-708b-4c05-96cf-3bd95036aa72
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
34.102.187.140
HTTP/2 200 OK
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 05 Dec 2022 06:08:58 GMT
cache-control: public,max-age=3600
age: 737
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2
|
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Accept-Ranges: bytes
Age: 3547
Cache-Control: max-age=99882
Date: Mon, 05 Dec 2022 06:21:16 GMT
Etag: "638c632b-1d7"
Expires: Tue, 06 Dec 2022 10:05:58 GMT
Last-Modified: Sun, 04 Dec 2022 09:06:51 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
|
GET /go/89517/482729 HTTP/1.1
Host: p.npcad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
|
search
3.228.63.1
HTTP/1.1 200 OK
Content-Type: text/html
Content-Encoding: gzip
Date: Mon, 05 Dec 2022 06:21:16 GMT
Server: nginx
Vary: Accept-Encoding
Content-Length: 271
Connection: keep-alive
|
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: D41LfJM056UKviBkAcmOyQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
|
search
54.148.84.125
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: wCiUU3aMDx0k6U9fbg3rwVBBX8U=
|
GET /ad/ad?p=89517&w=482729&t=7013e34c5dda52ec&r=&vw=1280&vh=0 HTTP/1.1
Host: p.npcad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://p.npcad.com/go/89517/482729
Upgrade-Insecure-Requests: 1
|
search
3.228.63.1
HTTP/1.1 303 See Other
Date: Mon, 05 Dec 2022 06:21:16 GMT
Location: http://xml.poprtb.pro/click?i=qQpvL3yuk3g_0#pc224398
Server: nginx
Content-Length: 0
Connection: keep-alive
|
GET /click?i=qQpvL3yuk3g_0 HTTP/1.1
Host: xml.poprtb.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://p.npcad.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
|
search
174.137.133.18
HTTP/1.1 302 Found
Cache-Control: no-store
Content-Length: 0
Age: 0
Connection: keep-alive
Location: https://us.doctorpost.net/postback/click?key=v2-1670221276426-7-7522-1178228-d3c94a57-892a-ecb4-1a89-2ccec450423d
Pragma: no-cache
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20370
Expires: Mon, 05 Dec 2022 12:00:47 GMT
Date: Mon, 05 Dec 2022 06:21:17 GMT
Connection: keep-alive
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20370
Expires: Mon, 05 Dec 2022 12:00:47 GMT
Date: Mon, 05 Dec 2022 06:21:17 GMT
Connection: keep-alive
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20370
Expires: Mon, 05 Dec 2022 12:00:47 GMT
Date: Mon, 05 Dec 2022 06:21:17 GMT
Connection: keep-alive
|
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe9e8d044-2cda-4dba-9da8-c0a296845bca.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-length: 12348
x-amzn-requestid: 72f681ef-9ae7-4fc5-8539-230e1d4277a1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjKa_HpTIAMFrcg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638abddf-43ef45165fd982997e5018c8;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 03:09:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tGsNaADKr1KoJT7rxDSFf8dxM1_IXsaF67Eqe8DIO9PAJy8HtqQKng==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 04:17:03 GMT
age: 7454
etag: "f8d5cc7b315879b66a11b403463da1330617d2fa"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20370
Expires: Mon, 05 Dec 2022 12:00:47 GMT
Date: Mon, 05 Dec 2022 06:21:17 GMT
Connection: keep-alive
|
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7663e5fc-37de-4be8-9be7-49805622f85d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-length: 10183
x-amzn-requestid: 0cdea572-aab4-4d52-948b-976170a787a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_uLHQZoAMF4hA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d1327-7948052f39c4f6071b4a0e0d;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:43 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Vhtd0Bo5kTQySEn0vD_RJin0usoC7GQvK74fhVtrtZNEy64_vrWQNw==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:45:46 GMT
age: 30931
etag: "f914f04a0e1fb45a221d31d2105bfc73015b03e6"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-length: 10396
x-amzn-requestid: b879fd2e-b6cf-4373-b780-2d97481c45f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cioNbH5KoAMFUsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a8722-6add7f8e225878473b20c015;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 23:15:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ir97GJKaFoW6BNXCcmMqp0JSUd5JhCACyUvLh5G-0BWCDVJsqs7XhQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 22:03:01 GMT
age: 29896
etag: "2cc31dc1c5d2d2a8b3a378dce8a1240a79acfec9"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb6034ca-f8c1-4979-8165-5f755e5d12a1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-length: 6430
x-amzn-requestid: ae2ec151-d383-4554-9ac2-3d204701251c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_ttFDKoAMFp0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d1324-15aebb1a06253068472a6ab0;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kYXmy10msfeWdDYgvq0PXyGpy9UJyQkSLAhR_Q5PQMllJPXOOTnalw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:45:53 GMT
age: 30924
etag: "e03cf1c7c2ec15b3cc50d9c54bebbf81aa08cf28"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b8e1482-c241-410e-81b0-55ea5ac84c98.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-length: 7631
x-amzn-requestid: 9fc3a621-dcd9-4332-b085-6cda0cb25ac9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjKUYF2toAMFVkQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638abdb5-36f6c7d67940ed18394328c8;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 03:08:37 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: dl8jhq0YETppiEYYnJeap1IgU8-xFLAUnsleTdG1EZMwZfHmDaQQQg==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 03:25:28 GMT
age: 10549
etag: "ff7740d3c12ce7ab23291272221c0d9503f9c139"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b3b9022-ae31-4c4b-b4aa-3d82606d5c7c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-length: 5276
x-amzn-requestid: d337310e-59be-4268-bfd0-8cc4f2c91a11
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_soE98IAMF0aA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d131d-230591591f8fd0984c222549;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: x7xrn7E3aUdw75Br3B_GcqRhg-i5FcqG2NRMo4Pa5VhqjblbsvcgDg==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:48:15 GMT
age: 30782
etag: "2d47af0fb664d9fec52549bb3bdba1dfd8911bb2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "17D3214DA9FEA9561FD27A58C0FAEC65F3EEF457BA19B64EC231BA42EDEF8CCD"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19101
Expires: Mon, 05 Dec 2022 11:39:38 GMT
Date: Mon, 05 Dec 2022 06:21:17 GMT
Connection: keep-alive
|
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
192.124.249.24
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: Sucuri/Cloudproxy
Date: Mon, 05 Dec 2022 06:21:17 GMT
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sun, 04 Dec 2022 18:45:40 GMT
Expires: Mon, 05 Dec 2022 18:45:40 GMT
ETag: "4d1362830a44e7de062fe236f92c65cd3d76acb4"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
|
GET /postback/click?key=v2-1670221276426-7-7522-1178228-d3c94a57-892a-ecb4-1a89-2ccec450423d HTTP/1.1
Host: us.doctorpost.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://p.npcad.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
|
search
38.100.129.136
HTTP/2 200 OK
content-type: text/html;charset=UTF-8
server: openresty/1.15.8.3
date: Mon, 05 Dec 2022 06:21:17 GMT
content-length: 2101
X-Firefox-Spdy: h2
|
GET /postback/click?key=v2-1670221276426-7-7522-1178228-d3c94a57-892a-ecb4-1a89-2ccec450423d&token=ae25410e809a9c53853af30e94e5b1f8&timezone=0&iframe_test=false&webdriver_test=false HTTP/1.1
Host: us.doctorpost.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://us.doctorpost.net/postback/click?key=v2-1670221276426-7-7522-1178228-d3c94a57-892a-ecb4-1a89-2ccec450423d
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
|
search
38.100.129.136
HTTP/2 302 Found
server: openresty/1.15.8.3
date: Mon, 05 Dec 2022 06:21:18 GMT
content-length: 0
set-cookie: platform_user_id=desktop:b9ce734ea0955fdbdaef46d4d37c6039
platform_user_id_3rd_party=desktop:b9ce734ea0955fdbdaef46d4d37c6039; SameSite=None; Secure; Max-Age=31556952
location: https://track.trackingtraffo.com/push/c?auth=pz6u78&c=p4ePMSD1V1055MD9FiENofiBrdJGgNMWQmOKO2jAHfEQDjAOGfi-G2DnuQ38-ax7nA0rUR7VkZc-MvWUFrEkxc5D-9n7zmsYF1f9kZOY5K3ySMaYfUS8nVkZV79Qr1UIkt-VvDvI0HfOfRxsHYEWZeAw06BOtis1_pSNXL7QW69UVRII9-usUPGJ54fKQ295hzooTpvMhXPWz28nFkkX1KkcATivt8anRRuZbxcREaQXCfYpSx1eIysgWDfqntvXG07un4rB2r3IZjsfgtWSqgOlkvl7cPbkILbrh28W3fnJ7MUSHao_V6qoD77RqOnWUQqExFOBVbFTR3qY84uGz42VJCkj6cI1nzMvnuN4EWoYx5gq3cYDl7zsYFSc-Kk4cUIeLKcCy8w_U0RKjEWkT_S6whqlaZUTa-vVrOG2DQrZnlDcsVCvynKq81gkuNj3MYH5EfS88rSGT20zhAFlP3s_2Aqva9erVbO7G9i9-a1uDeJRYaWrvcNDK6abpvttk1sTKEQFKUfk-XLk-8zZwz41OPRXCi74tjbvUlJVIjxH2pg40zC79yvoIHQLtIJjSgi74qbTmsROrQHWioeA0VevqSdHONl-Mx1vUsI2I8ASIhlCefekwrtxGBSFumdYfmixw8D11ayXfmX-xcVo7d5LAGagw7OVT4VQ044PB93Tf90ko9WEfeUgtZBwK6PmqYpSYWajSGGwY23pB3KTLAy8qMq_M5T4pF8sddVQFMFCSJrLg5JPtYWTrL7SdROrP-Gcynt4OMun6VKumLIPP2RTS9esoWB3I7EIwy_xRP6cGHyQW1hPiEdl8aE
X-Firefox-Spdy: h2
|
GET /favicon.ico HTTP/1.1
Host: us.doctorpost.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://us.doctorpost.net/postback/click?key=v2-1670221276426-7-7522-1178228-d3c94a57-892a-ecb4-1a89-2ccec450423d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
|
search
38.100.129.136
HTTP/2 200 OK
content-type: text/html;charset=UTF-8
server: openresty/1.15.8.3
date: Mon, 05 Dec 2022 06:21:18 GMT
content-length: 0
X-Firefox-Spdy: h2
|
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
 104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 06:21:18 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 04 Dec 2022 12:04:39 GMT
Expires: Sun, 11 Dec 2022 12:04:38 GMT
Etag: "cdcf062ccd27731f447c794459fb283d185dd2da"
Cache-Control: max-age=538399,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 774aae4e3c85b505-OSL
|
GET /push/c?auth=pz6u78&c=p4ePMSD1V1055MD9FiENofiBrdJGgNMWQmOKO2jAHfEQDjAOGfi-G2DnuQ38-ax7nA0rUR7VkZc-MvWUFrEkxc5D-9n7zmsYF1f9kZOY5K3ySMaYfUS8nVkZV79Qr1UIkt-VvDvI0HfOfRxsHYEWZeAw06BOtis1_pSNXL7QW69UVRII9-usUPGJ54fKQ295hzooTpvMhXPWz28nFkkX1KkcATivt8anRRuZbxcREaQXCfYpSx1eIysgWDfqntvXG07un4rB2r3IZjsfgtWSqgOlkvl7cPbkILbrh28W3fnJ7MUSHao_V6qoD77RqOnWUQqExFOBVbFTR3qY84uGz42VJCkj6cI1nzMvnuN4EWoYx5gq3cYDl7zsYFSc-Kk4cUIeLKcCy8w_U0RKjEWkT_S6whqlaZUTa-vVrOG2DQrZnlDcsVCvynKq81gkuNj3MYH5EfS88rSGT20zhAFlP3s_2Aqva9erVbO7G9i9-a1uDeJRYaWrvcNDK6abpvttk1sTKEQFKUfk-XLk-8zZwz41OPRXCi74tjbvUlJVIjxH2pg40zC79yvoIHQLtIJjSgi74qbTmsROrQHWioeA0VevqSdHONl-Mx1vUsI2I8ASIhlCefekwrtxGBSFumdYfmixw8D11ayXfmX-xcVo7d5LAGagw7OVT4VQ044PB93Tf90ko9WEfeUgtZBwK6PmqYpSYWajSGGwY23pB3KTLAy8qMq_M5T4pF8sddVQFMFCSJrLg5JPtYWTrL7SdROrP-Gcynt4OMun6VKumLIPP2RTS9esoWB3I7EIwy_xRP6cGHyQW1hPiEdl8aE HTTP/1.1
Host: track.trackingtraffo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://us.doctorpost.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
|
search
88.214.206.175
HTTP/1.1 302 Found
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 05 Dec 2022 06:21:18 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
Pragma: no-cache
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Location: https://newbinotracs.com/click.php?key=fqwyfkhxnjuqvm1tdngx&clickid=45838fc6-d97b-41e2-88ef-9f0863100eeb&cost=0.0838&PUB_ID=81&SUB_ID=0b6db819a583befaf431100a36249fee&KEYWORD=&SUBSCRIBER_AGE=28&SUBSCRIBER_DATE=2022-11-07&BID_PUB=0.0838&CR_ID=1694&PUB_NAME=RichAds-push-inpage
|
GET /redirect.aspx?pid=180698&bid=2036&lpid=523&utm_source=retargetvr&utm_medium=Ubidex&utm_campaign=Ubidex-National-Ksenia&utm_term=Ubidex-National-Ksenia&subid=ecc41gxqdibgxlp5b3 HTTP/1.1
Host: media.playamopartners.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://us.doctorpost.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
|
search
23.36.79.25
HTTP/2 307 Temporary Redirect
content-type: text/html
content-length: 0
location: https://natregs.com/promotions/first-deposit-bonus?btag=667497_8E81AF21C4D04AC49975CDFB0D1FA21E&utm_source=retargetvr&utm_medium=Ubidex&utm_campaign=Ubidex-National-Ksenia&utm_term=Ubidex-National-Ksenia&subid=ecc41gxqdibgxlp5b3
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
expires: Mon, 05 Dec 2022 06:21:19 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Mon, 05 Dec 2022 06:21:19 GMT
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a180698%2c%22BID%22%3a2036%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670221279095)%5c%2f%22%2c%22CookieTag%22%3a%222036180698451240919C2022125621%22%7d%5d; SameSite=None;; domain=.playamopartners.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%22935266510%7c1%22%7d%5d; domain=.playamopartners.com; expires=Wed, 05-Dec-3021 06:21:19 GMT; path=/; secure; SameSite=Strict
server-timing: cdn-cache; desc=MISS, edge; dur=20, origin; dur=35
X-Firefox-Spdy: h2
|
GET /promotions/first-deposit-bonus?btag=667497_8E81AF21C4D04AC49975CDFB0D1FA21E&utm_source=retargetvr&utm_medium=Ubidex&utm_campaign=Ubidex-National-Ksenia&utm_term=Ubidex-National-Ksenia&subid=ecc41gxqdibgxlp5b3 HTTP/1.1
Host: natregs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://us.doctorpost.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
|
search
104.26.3.89
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
date: Mon, 05 Dec 2022 06:21:19 GMT
location: https://nationalcasino.com/promotions/first-deposit-bonus?btag=667497_8E81AF21C4D04AC49975CDFB0D1FA21E&utm_source=retargetvr&utm_medium=Ubidex&utm_campaign=Ubidex-National-Ksenia&utm_term=Ubidex-National-Ksenia&subid=ecc41gxqdibgxlp5b3
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V5jl6XUpiIewZLCBP%2FDczWCfyf%2BuAL%2BWuAlthn3M%2FJVdu51ca89k0GXmgg9CHiajyhpBImUNHEAwp%2BVT5eim8j9zwUHMPkw5IP4I5wptbhCtqS4vJYTuLRwViuwS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774aae5318131c12-OSL
X-Firefox-Spdy: h2
|
GET /images/nationalcasino/to-free-spins.png HTTP/1.1
Host: nationalcasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nationalcasino.com/promotions/first-deposit-bonus?btag=667497_8E81AF21C4D04AC49975CDFB0D1FA21E&utm_source=retargetvr&utm_medium=Ubidex&utm_campaign=Ubidex-National-Ksenia&utm_term=Ubidex-National-Ksenia&subid=ecc41gxqdibgxlp5b3
Cookie: btag=667497_8E81AF21C4D04AC49975CDFB0D1FA21E; subid=ecc41gxqdibgxlp5b3; utm_campaign=Ubidex-National-Ksenia; utm_medium=Ubidex; utm_source=retargetvr; utm_term=Ubidex-National-Ksenia
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
|
search
104.26.6.72
HTTP/2 200 OK
content-type: image/png
date: Mon, 05 Dec 2022 06:21:21 GMT
content-length: 81509
last-modified: Tue, 29 Nov 2022 08:47:00 GMT
etag: "6385c704-13e65"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3993
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NtYp%2BLRvMZgI9BPgYNyOrwlJH4LIm3KkjvXIbr%2BW38g0BQcMJIRjb5Q6kgfG4FE6c6T%2F1Pm6XYDGxULtWD4aqdAA%2FAQDtYvmBpThAs5pbv2b5sslrJIfsZYQW%2FBp%2FgPV4TSM1g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774aae5e9d7eb4f1-OSL
X-Firefox-Spdy: h2
|
GET /images/nationalcasino/to-second-deposit.png HTTP/1.1
Host: nationalcasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nationalcasino.com/promotions/first-deposit-bonus?btag=667497_8E81AF21C4D04AC49975CDFB0D1FA21E&utm_source=retargetvr&utm_medium=Ubidex&utm_campaign=Ubidex-National-Ksenia&utm_term=Ubidex-National-Ksenia&subid=ecc41gxqdibgxlp5b3
Cookie: btag=667497_8E81AF21C4D04AC49975CDFB0D1FA21E; subid=ecc41gxqdibgxlp5b3; utm_campaign=Ubidex-National-Ksenia; utm_medium=Ubidex; utm_source=retargetvr; utm_term=Ubidex-National-Ksenia
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
|
search
104.26.6.72
HTTP/2 200 OK
content-type: image/png
date: Mon, 05 Dec 2022 06:21:21 GMT
content-length: 69995
last-modified: Tue, 29 Nov 2022 08:47:01 GMT
etag: "6385c705-1116b"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3993
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9OhfCghzi88mYMoMhNg8LgWOk%2BTjbS%2BAxPP9oSzvMV3Hljbq%2FTL04RKhDxCG2amFOt9TfnaW3oRq13hagQfBGWASsYhG6tL1y5t2uCER3xZZnj1dWIiVMn3fquhKelqGpmhdjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774aae5e9d82b4f1-OSL
X-Firefox-Spdy: h2
|
GET /images/nationalcasino/hexagon.svg HTTP/1.1
Host: nationalcasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nationalcasino.com/promotions/first-deposit-bonus?btag=667497_8E81AF21C4D04AC49975CDFB0D1FA21E&utm_source=retargetvr&utm_medium=Ubidex&utm_campaign=Ubidex-National-Ksenia&utm_term=Ubidex-National-Ksenia&subid=ecc41gxqdibgxlp5b3
Cookie: btag=667497_8E81AF21C4D04AC49975CDFB0D1FA21E; subid=ecc41gxqdibgxlp5b3; utm_campaign=Ubidex-National-Ksenia; utm_medium=Ubidex; utm_source=retargetvr; utm_term=Ubidex-National-Ksenia
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
|
search
104.26.6.72
HTTP/2 200 OK
content-type: image/svg+xml
date: Mon, 05 Dec 2022 06:21:21 GMT
last-modified: Tue, 29 Nov 2022 08:46:55 GMT
etag: W/"6385c6ff-3ab"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3993
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V39UJMn3HmuErrbbe5q6%2Fub0gRD%2FeJIHTb4DeVByoYtCsfsNeNOVriKyXpKg5zM%2F%2FXB0rO1fczm3nQ1JOnu%2Fb2hn1oduVmWqRngHhcPwkK40xCzTMMb2b4POSBNKTZHMJ4IMpw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774aae5e9d7cb4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 06:21:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Accept-Ranges: bytes
Age: 2489
Cache-Control: 'max-age=158059'
Date: Mon, 05 Dec 2022 06:21:21 GMT
Last-Modified: Mon, 05 Dec 2022 05:39:52 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 278
|
GET /images/nationalcasino/hexagon-active.svg HTTP/1.1
Host: nationalcasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nationalcasino.com/promotions/first-deposit-bonus?btag=667497_8E81AF21C4D04AC49975CDFB0D1FA21E&utm_source=retargetvr&utm_medium=Ubidex&utm_campaign=Ubidex-National-Ksenia&utm_term=Ubidex-National-Ksenia&subid=ecc41gxqdibgxlp5b3
Cookie: btag=667497_8E81AF21C4D04AC49975CDFB0D1FA21E; subid=ecc41gxqdibgxlp5b3; utm_campaign=Ubidex-National-Ksenia; utm_medium=Ubidex; utm_source=retargetvr; utm_term=Ubidex-National-Ksenia
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
|
search
104.26.6.72
HTTP/2 200 OK
content-type: image/svg+xml
date: Mon, 05 Dec 2022 06:21:21 GMT
last-modified: Tue, 29 Nov 2022 08:46:56 GMT
etag: W/"6385c700-4a0"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3993
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XcPfm4wUQhs9m1cutZ13tK%2BwEVJ83VSenoKaNn0ONMgcVSWhBN9qIgEsJoVL115a%2BmNTyQpBcGdnVVy%2FZZ44pFOHs%2FMzbTu03X1S1rsJLAZC4%2BgL6xDqpZ8wrQxN%2FqQfmnP5tw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774aae5e9d7db4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
54.230.245.110
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=131639
Date: Mon, 05 Dec 2022 06:21:21 GMT
Etag: "638ced18-1d7"
Expires: Tue, 06 Dec 2022 18:55:20 GMT
Last-Modified: Sun, 04 Dec 2022 18:55:20 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: _UslGYBxro1Z-cgpsv5NZQoGLY7_W0X31EExwIJnf9J72JaXZeC4ig==
|
GET /promotions/first-deposit-bonus?btag=667497_8E81AF21C4D04AC49975CDFB0D1FA21E&utm_source=retargetvr&utm_medium=Ubidex&utm_campaign=Ubidex-National-Ksenia&utm_term=Ubidex-National-Ksenia&subid=ecc41gxqdibgxlp5b3 HTTP/1.1
Host: nationalcasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://us.doctorpost.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
|
search
104.26.6.72
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Mon, 05 Dec 2022 06:21:20 GMT
vary: Accept-Encoding
x-powered-by: PHP/7.4.29
cache-control: no-cache, private
set-cookie: btag=667497_8E81AF21C4D04AC49975CDFB0D1FA21E; expires=Thu, 05-Jan-2023 00:00:00 GMT; Max-Age=2655520; path=/; secure; samesite=none
subid=ecc41gxqdibgxlp5b3; expires=Thu, 05-Jan-2023 00:00:00 GMT; Max-Age=2655520; path=/; secure; samesite=none
utm_campaign=Ubidex-National-Ksenia; expires=Thu, 05-Jan-2023 00:00:00 GMT; Max-Age=2655520; path=/; secure; samesite=lax
utm_medium=Ubidex; expires=Thu, 05-Jan-2023 00:00:00 GMT; Max-Age=2655520; path=/; secure; samesite=lax
utm_source=retargetvr; expires=Thu, 05-Jan-2023 00:00:00 GMT; Max-Age=2655520; path=/; secure; samesite=lax
utm_term=Ubidex-National-Ksenia; expires=Thu, 05-Jan-2023 00:00:00 GMT; Max-Age=2655520; path=/; secure; samesite=lax
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7keecFm%2B%2Fp4qpxiZNe26Y5%2FTDnLRhvfu4NiFG1lhkD0MFADSS5rfOkBc9ZK9s1rw1%2BuKK7rmdR%2BZ3Kk%2B7uOM3NqZ2jq5je5CI%2BqXJnCWm4%2FCAT8ymvrPcrBnRT%2FHkJcjq%2BoqJw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774aae58d87ab4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
GET /assets/loader.gif HTTP/1.1
Host: nationalcasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nationalcasino.com/promotions/first-deposit-bonus?btag=667497_8E81AF21C4D04AC49975CDFB0D1FA21E&utm_source=retargetvr&utm_medium=Ubidex&utm_campaign=Ubidex-National-Ksenia&utm_term=Ubidex-National-Ksenia&subid=ecc41gxqdibgxlp5b3
Cookie: btag=667497_8E81AF21C4D04AC49975CDFB0D1FA21E; subid=ecc41gxqdibgxlp5b3; utm_campaign=Ubidex-National-Ksenia; utm_medium=Ubidex; utm_source=retargetvr; utm_term=Ubidex-National-Ksenia
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
|
search
104.26.6.72
HTTP/2 200 OK
content-type: image/gif
date: Mon, 05 Dec 2022 06:21:21 GMT
content-length: 542186
last-modified: Thu, 17 Nov 2022 09:01:29 GMT
etag: "6375f869-845ea"
cache-control: max-age=14400
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rwvkh5bnbZVGJPZ6BWpfGVbmPVdeZhB44i1pN9cjT48dd6P%2FUi8U9ZB%2BRv9osNA16cg5lHhlhEHptNBTctTOlB%2FcJWBT1LJDrrJQ0MQVnPHWRs8LFKdxFkFtYvpjicFDwWFLrw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774aae5e9d77b4f1-OSL
X-Firefox-Spdy: h2
|
GET /sealassets/9f360a50e1f27bc3f2552c00d6f1ff33-nationalcasino.com-f5faf6d82a7be2057527120fa49724355adf2a8c973918d432fa7b70160234e717ac6b01358f27fc0aff52358b79fb11-c3BhY2VyLXNwcml0ZS5wbmc%3D HTTP/1.1
Host: c4457c89-e5ba-4d22-92e5-c2959310ee85.snippet.antillephone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nationalcasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
|
search
54.230.111.125
HTTP/2 200 OK
content-type: image/png
content-length: 95
date: Mon, 05 Dec 2022 06:21:04 GMT
x-powered-by: Express
cache-control: max-age=1200
etag: W/"5f-NEKpX+iQzkdps2suzGEbgBpUz7U"
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 774aadf6581c9b7a-FRA
x-cache: Hit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: pOX0yglFXcT6GjXpOdTMLPmnwvbu9uN72tjoTyBqGQbuRkJW99nfIw==
age: 17
X-Firefox-Spdy: h2
|
GET /sealassets/9f360a50e1f27bc3f2552c00d6f1ff33-nationalcasino.com-f5faf6d82a7be2057527120fa49724355adf2a8c973918d432fa7b70160234e717ac6b01358f27fc0aff52358b79fb11-c3ByaXRlLXNlYWwucG5n?status=valid HTTP/1.1
Host: c4457c89-e5ba-4d22-92e5-c2959310ee85.snippet.antillephone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nationalcasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
|
search
54.230.111.125
HTTP/2 200 OK
content-type: image/png
content-length: 49397
date: Mon, 05 Dec 2022 06:21:04 GMT
x-powered-by: Express
cache-control: max-age=1200
etag: W/"c0f5-y5nfd/SGXZwvKHU5pcpHTPdvfQk"
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 774aadf66c779072-FRA
x-cache: Hit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: TihTlI9Fx7mrSIBTMVjcEcLg-VihyBvYKXNMW2KO0AvWpwqfTCrioQ==
age: 17
X-Firefox-Spdy: h2
|
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 06:21:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
GET /static/js/app-692ed3cf06.js HTTP/1.1
Host: nationalcasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nationalcasino.com/promotions/first-deposit-bonus?btag=667497_8E81AF21C4D04AC49975CDFB0D1FA21E&utm_source=retargetvr&utm_medium=Ubidex&utm_campaign=Ubidex-National-Ksenia&utm_term=Ubidex-National-Ksenia&subid=ecc41gxqdibgxlp5b3
Cookie: btag=667497_8E81AF21C4D04AC49975CDFB0D1FA21E; subid=ecc41gxqdibgxlp5b3; utm_campaign=Ubidex-National-Ksenia; utm_medium=Ubidex; utm_source=retargetvr; utm_term=Ubidex-National-Ksenia
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
|
search
104.26.6.72
HTTP/2 200 OK
content-type: application/javascript
date: Mon, 05 Dec 2022 06:21:21 GMT
last-modified: Tue, 29 Nov 2022 08:46:58 GMT
etag: W/"6385c702-4bd"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3994
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N9brWIFM5xB%2F4jE9VKx5pIisUVN6Xse5v12yrkmR3Ad3y2T5cUJqD0VkapFylC9u%2FOiGprRxnaPaQHGgNe4FQAk14cp%2BPGBFo1gdlx6Z8XpUeQ7AA%2F0vgfVDwQVilzlgef0d%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774aae5e9d83b4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
GET /gtm.js?id=GTM-5PKWDCC HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nationalcasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
search
142.250.74.168
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 05 Dec 2022 06:21:21 GMT
expires: Mon, 05 Dec 2022 06:21:21 GMT
cache-control: private, max-age=900
last-modified: Mon, 05 Dec 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 58045
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
GET /api/translation/get?locale=en_GB HTTP/1.1
Host: nationalcasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nationalcasino.com/promotions/first-deposit-bonus?btag=667497_8E81AF21C4D04AC49975CDFB0D1FA21E&utm_source=retargetvr&utm_medium=Ubidex&utm_campaign=Ubidex-National-Ksenia&utm_term=Ubidex-National-Ksenia&subid=ecc41gxqdibgxlp5b3
Cookie: btag=667497_8E81AF21C4D04AC49975CDFB0D1FA21E; subid=ecc41gxqdibgxlp5b3; utm_campaign=Ubidex-National-Ksenia; utm_medium=Ubidex; utm_source=retargetvr; utm_term=Ubidex-National-Ksenia
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
|
search
104.26.6.72
HTTP/2 200 OK
content-type: application/json
date: Mon, 05 Dec 2022 06:21:21 GMT
vary: Accept-Encoding
x-powered-by: PHP/7.4.29
cache-control: no-cache, private
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XXmNJGXcWmYdGp7cwdSzmp9jkK%2FAXShgZ6wT3VHaTiISvubq5pYcLa0og2b9OiPlS8S76THgSXvxUFlWS%2BXw19wWjT96QgjkkYhC1QhCDW2%2B8Z%2FHNpa4IWlFrV1674fBUdhpjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774aae5fee71b4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
GET /7693683943e78a298c36d469e68b47d8/widgetloader HTTP/1.1
Host: ws-cdn001.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nationalcasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
search
23.36.77.10
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-security-policy: frame-ancestors 'self' https://st-cdn001.akamaized.net https://ls-cdn001.akamaized.net
cache-control: public, max-age=120, stale-while-revalidate=60, immutable
etag: "9bc46328338c378d30894ab4a4e7d934-a036221ef5aef4e01862643812dd55b7"
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
x-ing-v: 2
content-length: 59719
date: Mon, 05 Dec 2022 06:21:21 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
|
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 06:21:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
GET /dist/tag-manager.js?id=STM-AAAAJE HTTP/1.1
Host: tm.ads.sportradar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nationalcasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
search
23.36.79.43
HTTP/2 200 OK
content-type: application/javascript
apigw-requestid: cqMYpju_joEEP0A=
vary: Accept-Encoding
content-encoding: gzip
content-length: 37421
date: Mon, 05 Dec 2022 06:21:21 GMT
cache-control: max-age=900, public
x-n: S
X-Firefox-Spdy: h2
|
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 06:21:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
GET /dist/tracker.js HTTP/1.1
Host: tracker.ads.sportradar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nationalcasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
|
search
23.36.79.43
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 20 Jan 2021 14:51:32 GMT
accept-ranges: bytes
server: AmazonS3
etag: "5ff82a1c468a89919e9437d33e0402cb"
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: wuUbQUm4iRwa8A6rowGJaB64BSa2kYagE-KYpU8ZocYAfhri6NZQJQ==
vary: Accept-Encoding
content-encoding: gzip
content-length: 11553
date: Mon, 05 Dec 2022 06:21:21 GMT
cache-control: max-age=900, public
X-Firefox-Spdy: h2
|
GET /dcs/tagController/tag/9074f6689420/homepage HTTP/1.1
Host: zz.connextra.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nationalcasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
search
 104.85.191.64
HTTP/2 200 OK
content-type: text/javascript;charset=utf-8
content-length: 16260
server: istio-envoy
content-encoding: gzip
x-envoy-upstream-service-time: 3
cache-control: must-revalidate, max-age=283
expires: Mon, 05 Dec 2022 06:26:04 GMT
date: Mon, 05 Dec 2022 06:21:21 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
|
GET /dist//sp-2.14.0.js HTTP/1.1
Host: tracker.ads.sportradar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nationalcasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
|
search
23.36.79.43
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 20 Jan 2021 14:51:32 GMT
accept-ranges: bytes
server: AmazonS3
etag: "8dba669b94e3865c9205ef8fd15ee4d1"
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: QbMscScT1eq1WbZN7BMfomOBrf6_dxzxBPAGv4Nnw-yYsUMIK7g4mw==
vary: Accept-Encoding
content-encoding: gzip
date: Mon, 05 Dec 2022 06:21:21 GMT
content-length: 30370
cache-control: max-age=900, public
X-Firefox-Spdy: h2
|
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 06:21:21 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 04 Dec 2022 12:04:39 GMT
Expires: Sun, 11 Dec 2022 12:04:38 GMT
Etag: "cdcf062ccd27731f447c794459fb283d185dd2da"
Cache-Control: max-age=538396,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 774aae634ba9b505-OSL
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "29F8E17F8D44305A732EA874A9C9F7478B641536F478DDA05D4C9668C56318CE"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 05 Dec 2022 12:21:21 GMT
Date: Mon, 05 Dec 2022 06:21:21 GMT
Connection: keep-alive
|
GET /configuration.js HTTP/1.1
Host: nationalcasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nationalcasino.com/promotions/first-deposit-bonus?btag=667497_8E81AF21C4D04AC49975CDFB0D1FA21E&utm_source=retargetvr&utm_medium=Ubidex&utm_campaign=Ubidex-National-Ksenia&utm_term=Ubidex-National-Ksenia&subid=ecc41gxqdibgxlp5b3
Cookie: btag=667497_8E81AF21C4D04AC49975CDFB0D1FA21E; subid=ecc41gxqdibgxlp5b3; utm_campaign=Ubidex-National-Ksenia; utm_medium=Ubidex; utm_source=retargetvr; utm_term=Ubidex-National-Ksenia
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
|
search
104.26.6.72
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
date: Mon, 05 Dec 2022 06:21:21 GMT
x-powered-by: PHP/7.4.29
cache-control: no-cache, no-store, private
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BEEQhkLFuX8GeTGdRFDTstcV%2FFnx6LkOLiZmjcFVNdW%2BMcN7uRvhU5sOXWBlNvyROqk9xx1b%2Fx17AgvTDPY3b12U65nde78htBtzaoxGBLMgkJV2MAR63bamR59juGnqCcoYIw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774aae5e8d75b4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
104.110.10.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "86E3988110C767C4E0D360F39C8E001A2521252B176CFD5068E0D028B88BF000"
Last-Modified: Sun, 04 Dec 2022 18:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=2557
Expires: Mon, 05 Dec 2022 07:03:59 GMT
Date: Mon, 05 Dec 2022 06:21:22 GMT
Connection: keep-alive
|
GET /pixel/js?auth=61xu7tg&event=visit&uid=undefined&tid={TRANSACTION_ID}&cur={CURRENCY}&amount=0 HTTP/1.1
Host: track.trackingtraffo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nationalcasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
search
88.214.195.156
HTTP/1.1 200 OK
Content-Type: text/javascript
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 05 Dec 2022 06:21:21 GMT
Content-Length: 488
Connection: keep-alive
Cache-Control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
Pragma: no-cache
Expires: Sat, 01 Jan 2000 00:00:00 GMT
|
GET /pixel?type=js&aid=1186&id=2527 HTTP/1.1
Host: a.sportradarserving.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nationalcasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
search
 35.156.160.245
HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache, no-store, must-revalidate
Date: Mon, 05 Dec 2022 06:21:22 GMT
Location: https://a.sportradarserving.com/ul_cb/pixel?type=js&aid=1186&id=2527
Set-Cookie: zuuid=8e737555-b7d3-4f2e-9399-88bfcd9b01cc; path=/; expires=Tue, 05-Dec-2023 06:21:22 GMT; domain=sportradarserving.com; samesite=none; secure
c=1670221282; path=/; expires=Tue, 05-Dec-2023 06:21:22 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_lu=1670221282; path=/; expires=Tue, 05-Dec-2023 06:21:22 GMT; domain=sportradarserving.com; samesite=none; secure
Content-Length: 0
Connection: keep-alive
|
GET /sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId= HTTP/1.1
Host: a.sportradarserving.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nationalcasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
search
35.156.160.245
HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache, no-store, must-revalidate
Date: Mon, 05 Dec 2022 06:21:22 GMT
Location: https://a.sportradarserving.com/ul_cb/sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId=
Set-Cookie: zuuid=9124af7a-5a9f-4371-8a5c-2f6dac73c33e; path=/; expires=Tue, 05-Dec-2023 06:21:22 GMT; domain=sportradarserving.com; samesite=none; secure
c=1670221282; path=/; expires=Tue, 05-Dec-2023 06:21:22 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_lu=1670221282; path=/; expires=Tue, 05-Dec-2023 06:21:22 GMT; domain=sportradarserving.com; samesite=none; secure
Content-Length: 0
Connection: keep-alive
|
GET /tag.js?id=DV-94905054618481252564 HTTP/1.1
Host: tag.growthbuddy.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nationalcasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
search
 54.74.8.139
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Mon, 05 Dec 2022 06:21:21 GMT
set-cookie: INGRESSCOOKIE=1670221282.94.114.272232|5f2e1b57d78510d04b0cf9036879032b; Path=/; Secure; HttpOnly
vary: Accept-Encoding
cache-control: public, max-age=7200
x-content-type-options: nosniff
etag: "1382-negDj3/q3mLK2bONN/3hDb5WPZA"
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "18D3562684C32ED7B8D7CF02C853D8F1F08BF1074151891D9B756D14FDDDFA1F"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4374
Expires: Mon, 05 Dec 2022 07:34:16 GMT
Date: Mon, 05 Dec 2022 06:21:22 GMT
Connection: keep-alive
|
GET /tag.php?goal=d23417ed7e786d7f8227d25b45f72bf0 HTTP/1.1
Host: main.exdynsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nationalcasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
search
 95.211.229.246
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: nginx
Date: Mon, 05 Dec 2022 06:21:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: goals=a%3A1%3A%7Bi%3A90552%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-12-05%22%3B%7D%7D; expires=Tue, 05 Dec 2023 06:21:22 GMT; path=/; domain=.exdynsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
|
GET /tag.php?goal=d23417ed7e786d7f8227d25b45f72bf0 HTTP/1.1
Host: main.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nationalcasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
search
95.211.229.245
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: nginx
Date: Mon, 05 Dec 2022 06:21:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: goals=a%3A1%3A%7Bi%3A90552%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-12-05%22%3B%7D%7D; expires=Tue, 05 Dec 2023 06:21:22 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
|
GET /pixel?auth=61xu7tg&event=visit&uid=undefined&tid=%7BTRANSACTION_ID%7D&cur=%7BCURRENCY%7D&amount=0&site=nationalcasino.com&ln=en-US HTTP/1.1
Host: track.trackingtraffo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nationalcasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
search
88.214.195.156
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 05 Dec 2022 06:21:22 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
Pragma: no-cache
Expires: Sat, 01 Jan 2000 00:00:00 GMT
|
GET /p.js?f=sync&lr=1&partner=8085a55cc8720072416da5835af0ec0fab6b176a2deb4185f40aade2c7db9f90 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nationalcasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
search
139.45.195.8
HTTP/2 200 OK
content-type: text/javascript
server: nginx
date: Mon, 05 Dec 2022 06:21:22 GMT
content-length: 697
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Accept-Ranges: bytes
Age: 2588
Cache-Control: max-age=96403
Date: Mon, 05 Dec 2022 06:21:22 GMT
Etag: "638c5959-1d7"
Expires: Tue, 06 Dec 2022 09:08:05 GMT
Last-Modified: Sun, 04 Dec 2022 08:24:57 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
|
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nationalcasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
search
142.250.74.110
HTTP/2 200 OK
content-type: text/javascript
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Mon, 05 Dec 2022 04:41:08 GMT
expires: Mon, 05 Dec 2022 06:41:08 GMT
cache-control: public, max-age=7200
age: 6014
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
GET /ul_cb/pixel?type=js&aid=1186&id=2527 HTTP/1.1
Host: a.sportradarserving.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nationalcasino.com/
Connection: keep-alive
Cookie: zuuid=9124af7a-5a9f-4371-8a5c-2f6dac73c33e; c=1670221282; zuuid_lu=1670221282
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
search
35.156.160.245
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Date: Mon, 05 Dec 2022 06:21:22 GMT
Set-Cookie: zuuid=9124af7a-5a9f-4371-8a5c-2f6dac73c33e; path=/; expires=Tue, 05-Dec-2023 06:21:22 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_lu=1670221282; path=/; expires=Tue, 05-Dec-2023 06:21:22 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_k=1; path=/; expires=Tue, 05-Dec-2023 06:21:22 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_k_lu=1670221282; path=/; expires=Tue, 05-Dec-2023 06:21:22 GMT; domain=sportradarserving.com; samesite=none; secure
cm2=!bidswitch,439550482; path=/; expires=Tue, 05-Dec-2023 06:21:22 GMT; domain=sportradarserving.com; samesite=none; secure
bss=!bidswitch,439478482; path=/; expires=Tue, 05-Dec-2023 06:21:22 GMT; domain=sportradarserving.com; samesite=none; secure
Content-Length: 1843
Connection: keep-alive
|
GET /ul_cb/sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId= HTTP/1.1
Host: a.sportradarserving.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nationalcasino.com/
Connection: keep-alive
Cookie: zuuid=9124af7a-5a9f-4371-8a5c-2f6dac73c33e; c=1670221282; zuuid_lu=1670221282
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
search
35.156.160.245
HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache, no-store, must-revalidate
Date: Mon, 05 Dec 2022 06:21:22 GMT
Location: https://x.bidswitch.net/syncd?dsp_id=409&user_group=2&user_id=9124af7a-5a9f-4371-8a5c-2f6dac73c33e&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3D9124af7a-5a9f-4371-8a5c-2f6dac73c33e
Set-Cookie: zuuid=9124af7a-5a9f-4371-8a5c-2f6dac73c33e; path=/; expires=Tue, 05-Dec-2023 06:21:22 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_lu=1670221282; path=/; expires=Tue, 05-Dec-2023 06:21:22 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_k=1; path=/; expires=Tue, 05-Dec-2023 06:21:22 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_k_lu=1670221282; path=/; expires=Tue, 05-Dec-2023 06:21:22 GMT; domain=sportradarserving.com; samesite=none; secure
Content-Length: 0
Connection: keep-alive
|
GET /tag.php?goal=d23417ed7e786d7f8227d25b45f72bf0 HTTP/1.1
Host: main.exoclick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nationalcasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
search
95.211.229.246
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: nginx
Date: Mon, 05 Dec 2022 06:21:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: goals=a%3A1%3A%7Bi%3A90552%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-12-05%22%3B%7D%7D; expires=Tue, 05 Dec 2023 06:21:22 GMT; path=/; domain=.exoclick.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
|
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Accept-Ranges: bytes
Age: 104
Cache-Control: max-age=115874
Date: Mon, 05 Dec 2022 06:21:22 GMT
Etag: "638caf1c-138"
Expires: Tue, 06 Dec 2022 14:32:36 GMT
Last-Modified: Sun, 04 Dec 2022 14:30:52 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 312
|
GET /tag.php?goal=d23417ed7e786d7f8227d25b45f72bf0 HTTP/1.1
Host: main.exosrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nationalcasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
search
95.211.229.246
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: nginx
Date: Mon, 05 Dec 2022 06:21:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: goals=a%3A1%3A%7Bi%3A90552%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-12-05%22%3B%7D%7D; expires=Tue, 05 Dec 2023 06:21:22 GMT; path=/; domain=.exosrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
|
GET /assets/favicon.png HTTP/1.1
Host: nationalcasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nationalcasino.com/promotions/first-deposit-bonus?btag=667497_8E81AF21C4D04AC49975CDFB0D1FA21E&utm_source=retargetvr&utm_medium=Ubidex&utm_campaign=Ubidex-National-Ksenia&utm_term=Ubidex-National-Ksenia&subid=ecc41gxqdibgxlp5b3
Cookie: btag=667497_8E81AF21C4D04AC49975CDFB0D1FA21E; subid=ecc41gxqdibgxlp5b3; utm_campaign=Ubidex-National-Ksenia; utm_medium=Ubidex; utm_source=retargetvr; utm_term=Ubidex-National-Ksenia; _ga_9G634HNY5N=GS1.1.1670221279.1.0.1670221279.0.0.0; _ga=GA1.1.1087109354.1670221279; _sp_srt_ses.1060=*; _sp_srt_id.1060=e61164f4-f3b8-4279-bdf5-1aaf14e85396.1670221279.1.1670221279.1670221279.10d3b2e1-2f77-4206-9376-318236f62ba8; DV_TRACK=5923f043-0aef-4000-98f7-cd379fb209c1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
|
search
104.26.6.72
HTTP/2 200 OK
content-type: image/png
date: Mon, 05 Dec 2022 06:21:22 GMT
content-length: 22994
last-modified: Thu, 17 Nov 2022 09:01:23 GMT
etag: "6375f863-59d2"
cache-control: max-age=14400
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KJZzTBbcHQG40rtYjJcqKtjXv0Jag7CfkCU4OXOr0g1OB%2FmyVn%2B3zk9tU55FzwHQV4P6op8Odb82fmxiF5DZsH%2BQJfclF%2BUMplpgQGpLBZoDlp%2FXy%2F3vAxmNV0ScIet0bpCCnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774aae679b8cb4f1-OSL
X-Firefox-Spdy: h2
|
GET /ctrack?action=list&type=add&id=notregistered&context=National&cookiename=notregistered&age=259200&maxcookiecount=10 HTTP/1.1
Host: ctrack.trafficjunky.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nationalcasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
search
66.254.114.89
HTTP/1.1 200 OK
content-type: image/gif
server: openresty
date: Mon, 05 Dec 2022 06:21:22 GMT
content-length: 35
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Sun, 22 Jan 1984 03:00:00 GMT
p3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
pragma: no-cache
set-cookie: tj_UUID=631cd2ee2b4f4cf89a98c513c08d9583; Path=/; Domain=trafficjunky.net; Expires=Wed, 04 Jan 2023 06:21:22 GMT; Secure; SameSite=None
tj_UUID_v2=631cd2ee-2b4f-4cf8-9a98-c513c08d9583; Path=/; Domain=trafficjunky.net; Expires=Wed, 04 Jan 2023 06:21:22 GMT; Secure; SameSite=None
04acaa237b5a69118d03403dbe7a25f9=notregistered; Path=/; Domain=trafficjunky.net; Expires=Sat, 03 Jun 2023 06:21:22 GMT; Secure; SameSite=None
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-headers: Content-Type
access-control-max-age: 86400
x-request-id: 638D8DE2-42FE725901BB4A56-28BC8F06
|
GET /api/v1/retargeting/set/549f8e4e-78b7-4c4e-b846-357584a8ff56 HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nationalcasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
search
136.243.46.156
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
server: nginx
date: Mon, 05 Dec 2022 06:21:22 GMT
content-length: 35
pragma: no-cache
expires: 0
vary: *
x-api-version: 1
x-request-id: 6160188f7d732884
set-cookie: ts_rt_549f8e4e-78b7-4c4e-b846-357584a8ff56=AAMC; expires=Tue, 05 Dec 2023 06:21:22 GMT; path=/; HttpOnly; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
X-Firefox-Spdy: h2
|
GET /1460267/log/3/unip?item-url=https%3A%2F%2Fnationalcasino.com%2Fpromotions%2Ffirst-deposit-bonus%3Fbtag%3D667497_8E81AF21C4D04AC49975CDFB0D1FA21E%26utm_source%3Dretargetvr%26utm_medium%3DUbidex%26utm_campaign%3DUbidex-National-Ksenia%26utm_term%3DUbidex-National-Ksenia%26subid%3Decc41gxqdibgxlp5b3&ref=https%3A%2F%2Fus.doctorpost.net%2F&en=Nationalcasinocom_notreg HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nationalcasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
search
151.101.193.44
HTTP/2 204 No Content
content-type: image/gif
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
accept-ranges: bytes
date: Mon, 05 Dec 2022 06:21:22 GMT
via: 1.1 varnish
x-served-by: cache-bma1651-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1670221283.708109,VS0,VE89
x-vcl-time-ms: 89
X-Firefox-Spdy: h2
|
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 06:21:22 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 03 Dec 2022 01:56:49 GMT
Expires: Sat, 10 Dec 2022 01:56:48 GMT
Etag: "2d18c51e1a9d35c874c96ad0552aa35d88bfc5f9"
Cache-Control: max-age=415525,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 774aae69689fb505-OSL
|
GET /tracking/cssession?tst&id=22441 HTTP/1.1
Host: dsp-trk.eskimi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nationalcasino.com
Connection: keep-alive
Referer: https://nationalcasino.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
34.120.139.69
HTTP/2 304 Not Modified
access-control-allow-origin: https://nationalcasino.com
access-control-allow-credentials: true
date: Mon, 05 Dec 2022 06:21:22 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
54.230.245.110
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 05 Dec 2022 06:21:22 GMT
Last-Modified: Mon, 05 Dec 2022 05:21:31 GMT
Server: ECS (nyb/1D1B)
X-Cache: Miss from cloudfront
Via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 21Cdt6EL9P0PnNOTiFGEdQiyo7kCxFQXhrP0v-0sn3kJ-4wUEAFPLA==
Age: 3591
|
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 06:21:22 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 03 Dec 2022 01:56:49 GMT
Expires: Sat, 10 Dec 2022 01:56:48 GMT
Etag: "2d18c51e1a9d35c874c96ad0552aa35d88bfc5f9"
Cache-Control: max-age=415525,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 774aae698e141c02-OSL
|
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Accept-Ranges: bytes
Age: 2588
Cache-Control: max-age=96403
Date: Mon, 05 Dec 2022 06:21:22 GMT
Etag: "638c5959-1d7"
Expires: Tue, 06 Dec 2022 09:08:05 GMT
Last-Modified: Sun, 04 Dec 2022 08:24:57 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
|
GET /v2/gtr?id=22441&url=https%3A%2F%2Fnationalcasino.com%2Fpromotions%2Ffirst-deposit-bonus%3Fbtag%3D667497_8E81AF21C4D04AC49975CDFB0D1FA21E%26utm_source%3Dretargetvr%26utm_medium%3DUbidex%26utm_campaign%3DUbidex-National-Ksenia%26utm_term%3DUbidex-National-Ksenia%26subid%3Decc41gxqdibgxlp5b3&t=1670221279986 HTTP/1.1
Host: dsp-ap.eskimi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nationalcasino.com
Connection: keep-alive
Referer: https://nationalcasino.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
35.186.201.99
HTTP/2 200 OK
content-type: application/json
set-cookie: __eConsent=1; Expires=Wed, 04 Jan 2023 06:21:22 GMT; Max-Age=2592000; Domain=.eskimi.com; Path=/; Secure; SameSite=None
__eDId=02dfbb55-bdba-44b2-9f4c-85c73054a3ae; Expires=Wed, 04 Jan 2023 06:21:22 GMT; Max-Age=2592000; Domain=.eskimi.com; Path=/; Secure; SameSite=None
__eP=1; Expires=Mon, 19 Dec 2022 06:21:22 GMT; Max-Age=1209600; Domain=.eskimi.com; Path=/; Secure; SameSite=None
access-control-allow-origin: https://nationalcasino.com
access-control-allow-credentials: true
cache-control: no-cache
date: Mon, 05 Dec 2022 06:21:21 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
GET /sdks/OneSignalSDK.js HTTP/1.1
Host: cdn.onesignal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nationalcasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
search
104.18.226.52
HTTP/2 200 OK
content-type: application/javascript
date: Mon, 05 Dec 2022 06:21:21 GMT
etag: W/"ae63ef8ff03da61fffaa7f165729897a"
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 1525
expires: Thu, 08 Dec 2022 06:21:21 GMT
cache-control: public, max-age=259200
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
cf-ray: 774aae5ed859b52d-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
GET /syncd?dsp_id=409&user_group=2&user_id=9124af7a-5a9f-4371-8a5c-2f6dac73c33e&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3D9124af7a-5a9f-4371-8a5c-2f6dac73c33e HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nationalcasino.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
search
3.73.96.152
HTTP/2 302 Found
date: Mon, 05 Dec 2022 06:21:22 GMT
content-length: 0
location: https://x.bidswitch.net/ul_cb/syncd?dsp_id=409&user_group=2&user_id=9124af7a-5a9f-4371-8a5c-2f6dac73c33e&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3D9124af7a-5a9f-4371-8a5c-2f6dac73c33e
cache-control: no-cache, no-store, must-revalidate
set-cookie: tuuid=202be5d2-d787-4ebd-8455-362d9ea454e1; path=/; expires=Tue, 05-Dec-2023 06:21:22 GMT; domain=.bidswitch.net; samesite=none; secure
c=1670221282; path=/; expires=Tue, 05-Dec-2023 06:21:22 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1670221282; path=/; expires=Tue, 05-Dec-2023 06:21:22 GMT; domain=.bidswitch.net; samesite=none; secure
c=1670221282; path=/; expires=Tue, 05-Dec-2023 06:21:22 GMT; domain=.bidswitch.net; samesite=none; secure
X-Firefox-Spdy: h2
|
GET /xuid?mid=7963&xuid=9124af7a-5a9f-4371-8a5c-2f6dac73c33e&dongle=3oy7 HTTP/1.1
Host: eb2.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nationalcasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
search
13.248.245.213
HTTP/2 200 OK
content-type: image/gif
date: Mon, 05 Dec 2022 06:21:22 GMT
content-length: 37
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
|
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Accept-Ranges: bytes
Age: 2588
Cache-Control: max-age=96403
Date: Mon, 05 Dec 2022 06:21:22 GMT
Etag: "638c5959-1d7"
Expires: Tue, 06 Dec 2022 09:08:05 GMT
Last-Modified: Sun, 04 Dec 2022 08:24:57 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
|
GET /syncd?dsp_id=409&user_id=9124af7a-5a9f-4371-8a5c-2f6dac73c33e&user_group=2&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nationalcasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
search
3.73.96.152
HTTP/2 302 Found
date: Mon, 05 Dec 2022 06:21:22 GMT
content-length: 0
location: https://x.bidswitch.net/ul_cb/syncd?dsp_id=409&user_id=9124af7a-5a9f-4371-8a5c-2f6dac73c33e&user_group=2&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D
cache-control: no-cache, no-store, must-revalidate
set-cookie: tuuid=37659f5f-2614-4807-9876-c83cddd71114; path=/; expires=Tue, 05-Dec-2023 06:21:22 GMT; domain=.bidswitch.net; samesite=none; secure
c=1670221282; path=/; expires=Tue, 05-Dec-2023 06:21:22 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1670221282; path=/; expires=Tue, 05-Dec-2023 06:21:22 GMT; domain=.bidswitch.net; samesite=none; secure
c=1670221282; path=/; expires=Tue, 05-Dec-2023 06:21:22 GMT; domain=.bidswitch.net; samesite=none; secure
X-Firefox-Spdy: h2
|
GET /app/vendor.7443690a9a6ea18c.esm.js HTTP/1.1
Host: nationalcasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nationalcasino.com/promotions/first-deposit-bonus?btag=667497_8E81AF21C4D04AC49975CDFB0D1FA21E&utm_source=retargetvr&utm_medium=Ubidex&utm_campaign=Ubidex-National-Ksenia&utm_term=Ubidex-National-Ksenia&subid=ecc41gxqdibgxlp5b3
Cookie: btag=667497_8E81AF21C4D04AC49975CDFB0D1FA21E; subid=ecc41gxqdibgxlp5b3; utm_campaign=Ubidex-National-Ksenia; utm_medium=Ubidex; utm_source=retargetvr; utm_term=Ubidex-National-Ksenia
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
|
search
104.26.6.72
HTTP/2 200 OK
content-type: application/javascript
date: Mon, 05 Dec 2022 06:21:21 GMT
last-modified: Thu, 17 Nov 2022 09:01:28 GMT
vary: Accept-Encoding
etag: W/"6375f868-35b744"
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gFHDN3D1NEvdUqCwResAzu7Xlv2DfwCL90c3ocprcjYmSrz4FO6YlHx0Gs5FuJCTWl2qs0A5PYRtnZZ6SCisG4Tive00LBRc8PTQeIV4xtRhufVcz5Yuy%2BR%2BGlEKzHxNfUdDYA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774aae626834b4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 06:21:23 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 03 Dec 2022 01:56:49 GMT
Expires: Sat, 10 Dec 2022 01:56:48 GMT
Etag: "2d18c51e1a9d35c874c96ad0552aa35d88bfc5f9"
Cache-Control: max-age=415525,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 774aae69996a1bfa-OSL
|
GET /sync?dsp_id=409&expires=14&user_group=2&user_id=9124af7a-5a9f-4371-8a5c-2f6dac73c33e&cb=3760af98-0439-49f1-999b-0a98403fb945 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nationalcasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
search
3.73.96.152
HTTP/2 302 Found
date: Mon, 05 Dec 2022 06:21:23 GMT
content-length: 0
cache-control: no-cache, no-store, must-revalidate
location: //match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=9124af7a-5a9f-4371-8a5c-2f6dac73c33e&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
X-Firefox-Spdy: h2
|
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 06:21:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
GET /recaptcha/api.js?render=6LcIXVIiAAAAAOSkusfnmE4Oe97qAFgJYg71vdQc HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nationalcasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
search
142.250.74.132
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
expires: Mon, 05 Dec 2022 06:21:23 GMT
date: Mon, 05 Dec 2022 06:21:23 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 584
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
GET /img.gif?f=sync&partner=8085a55cc8720072416da5835af0ec0fab6b176a2deb4185f40aade2c7db9f90&ttl=&rurl=https%3A%2F%2Fnationalcasino.com%2Fpromotions%2Ffirst-deposit-bonus%3Fbtag%3D667497_8E81AF21C4D04AC49975CDFB0D1FA21E%26utm_source%3Dretargetvr%26utm_medium%3DUbidex%26utm_campaign%3DUbidex-National-Ksenia%26utm_term%3DUbidex-National-Ksenia%26subid%3Decc41gxqdibgxlp5b3 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nationalcasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
|
search
139.45.195.8
HTTP/2 200 OK
content-type: image/gif
server: nginx
date: Mon, 05 Dec 2022 06:21:23 GMT
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=b5b5d7581c8946c582f3e162b12fd847; expires=Tue, 05 Dec 2023 06:21:23 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 06:21:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 06:21:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-189011525-1&cid=1087109354.1670221279&jid=1850108184&gjid=964405871&_gid=293443561.1670221280&_u=YADAAEAAAAAAACAAI~&z=1348590225 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://nationalcasino.com
Connection: keep-alive
Referer: https://nationalcasino.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
108.177.14.157
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin: https://nationalcasino.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 05 Dec 2022 06:21:23 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 06:21:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
OPTIONS /api/v2/casino/producer?is_desktop=1&is_live=1 HTTP/1.1
Host: platform.nationalcasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://nationalcasino.com/
Origin: https://nationalcasino.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
|
search
172.67.69.139
HTTP/2 204 No Content
date: Mon, 05 Dec 2022 06:21:23 GMT
access-control-allow-origin: https://nationalcasino.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone,LOCATION-SMART-HTML-SESSION-ID,LOCATION-SMART-DEVICE-SESSION-ID
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VdtZPC4U1Yo%2FdIzHxA1lBZW282n6oZwXXypyM3sZt2MRaCMGRqTAl4xF8bElITLimYMz11R2KaRQCwJsOuZlzU69B7RDEFoAVQNpfD3xEb58bzyGIdShNB4OtPGAXG0c2xrO%2FwJeghLM4YFrxw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774aae6d6844fac4-OSL
X-Firefox-Spdy: h2
|
OPTIONS /api/v2/casino/producer?is_desktop=1&is_live=0 HTTP/1.1
Host: platform.nationalcasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://nationalcasino.com/
Origin: https://nationalcasino.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
|
search
172.67.69.139
HTTP/2 204 No Content
date: Mon, 05 Dec 2022 06:21:23 GMT
access-control-allow-origin: https://nationalcasino.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone,LOCATION-SMART-HTML-SESSION-ID,LOCATION-SMART-DEVICE-SESSION-ID
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fhCI8MvitSJW9e471GhHTHuDp3oGFq10d29uUBWYJsnstmeB%2F%2F4csTSfLE092nXBlzihX33KIRcXHofkkrCsJP%2FRmemF9f6rjpul7mcGaYZxJBsHQkY6VHnwscjz5rzWTisqKmNRpamxG9rGCw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774aae6d884efac4-OSL
X-Firefox-Spdy: h2
|
OPTIONS /api/data/get-currencies HTTP/1.1
Host: platform.nationalcasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://nationalcasino.com/
Origin: https://nationalcasino.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
|
search
172.67.69.139
HTTP/2 204 No Content
date: Mon, 05 Dec 2022 06:21:23 GMT
access-control-allow-origin: https://nationalcasino.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone,LOCATION-SMART-HTML-SESSION-ID,LOCATION-SMART-DEVICE-SESSION-ID
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n99STN4MYSfrdMDZsKGpQLlMOIuqosrn%2BNfqRvwrj01woyCWXauhi1ktehMFTlA47YLorX6ktth1T4MzR6OxzrPAqIFRSgnPKFkDSGAiAa7AjRPAK4eYobDkwnN%2FFnWMFpYrcY36iwIcmz2VMg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774aae6d784afac4-OSL
X-Firefox-Spdy: h2
|
OPTIONS /api/v2/ip-data HTTP/1.1
Host: platform.nationalcasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://nationalcasino.com/
Origin: https://nationalcasino.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
|
search
172.67.69.139
HTTP/2 204 No Content
date: Mon, 05 Dec 2022 06:21:23 GMT
access-control-allow-origin: https://nationalcasino.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone,LOCATION-SMART-HTML-SESSION-ID,LOCATION-SMART-DEVICE-SESSION-ID
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SjdBRrtS9ORcWB0Migb2sYzWDbMG17nOvrBnZA4abpvTRnV0bnPrWU4M%2FSk8az7zRvI%2FXKyBq%2B7YAMwZoDQC9y3FcotK%2F4YhQYZ%2FjO%2Fh3x0j2cYCDfYuOP9idOzFky9%2ByNBrT21JLc5r6g8dwA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774aae6d6842fac4-OSL
X-Firefox-Spdy: h2
|
OPTIONS /api/v2/casino/category?auth=false HTTP/1.1
Host: platform.nationalcasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://nationalcasino.com/
Origin: https://nationalcasino.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
|
search
172.67.69.139
HTTP/2 204 No Content
date: Mon, 05 Dec 2022 06:21:23 GMT
access-control-allow-origin: https://nationalcasino.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone,LOCATION-SMART-HTML-SESSION-ID,LOCATION-SMART-DEVICE-SESSION-ID
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mXVbLeYsTl90NrLMOd2%2B7M9Ac7v86yIYe5F59F2XpXw71XFtA9gvW63xQer%2F%2Bkn%2B6IRkpr6zFEXxrohiugQe2OVDFvTrIRHVTptPeNnJt7iqnXwjxffv%2BRPZEjjAV7ZTsq4LKpTzRFcN2RZjkA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774aae6d6845fac4-OSL
X-Firefox-Spdy: h2
|
GET /api/promotion/list?onlyPromotionType=0&lang=en_GB HTTP/1.1
Host: nationalcasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://nationalcasino.com/promotions/first-deposit-bonus?btag=667497_8E81AF21C4D04AC49975CDFB0D1FA21E&utm_source=retargetvr&utm_medium=Ubidex&utm_campaign=Ubidex-National-Ksenia&utm_term=Ubidex-National-Ksenia&subid=ecc41gxqdibgxlp5b3
Cookie: btag=667497_8E81AF21C4D04AC49975CDFB0D1FA21E; subid=ecc41gxqdibgxlp5b3; utm_campaign=Ubidex-National-Ksenia; utm_medium=Ubidex; utm_source=retargetvr; utm_term=Ubidex-National-Ksenia; _ga_9G634HNY5N=GS1.1.1670221279.1.0.1670221279.0.0.0; _ga=GA1.2.1087109354.1670221279; _sp_srt_ses.1060=*; _sp_srt_id.1060=e61164f4-f3b8-4279-bdf5-1aaf14e85396.1670221279.1.1670221279.1670221279.10d3b2e1-2f77-4206-9376-318236f62ba8; DV_TRACK=5923f043-0aef-4000-98f7-cd379fb209c1; _gid=GA1.2.293443561.1670221280; _gat_UA-189011525-1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
|
search
104.26.6.72
HTTP/2 200 OK
content-type: application/json
date: Mon, 05 Dec 2022 06:21:23 GMT
vary: Accept-Encoding
x-powered-by: PHP/7.4.29
cache-control: no-cache, private
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8SMC3dsKIeLWIct1c%2FdrI7p7Estox95mXVmp61x%2BIbmqa6zd2zW0wk7c%2FF6OatJ4oEfSPzELnWDUC8Ag5m26NavxsuZy0xcdehpwNqSNzMKR%2BQvHczGfX96fS%2FfFIyw76r%2FDhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774aae6bdea9b4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
OPTIONS /api/data/provinces HTTP/1.1
Host: platform.nationalcasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://nationalcasino.com/
Origin: https://nationalcasino.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
|
search
172.67.69.139
HTTP/2 204 No Content
date: Mon, 05 Dec 2022 06:21:23 GMT
access-control-allow-origin: https://nationalcasino.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone,LOCATION-SMART-HTML-SESSION-ID,LOCATION-SMART-DEVICE-SESSION-ID
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=stKkMIfX%2FGaPGAeV3pReOk7iATlyI5bRj%2B0gFkGrktl8gEQ4TIPoGtJ%2BBXqscQMhPvrHUtHO%2BM%2FhYxyqYzVXyPn5nNlsRkI%2BEQ0LY%2F4dIdf1eboq8ZgxiD2QWya57OZG%2FHGaU4hPhE51nlVsUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774aae6d784dfac4-OSL
X-Firefox-Spdy: h2
|
OPTIONS /api/v2/configurations HTTP/1.1
Host: platform.nationalcasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://nationalcasino.com/
Origin: https://nationalcasino.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
|
search
172.67.69.139
HTTP/2 204 No Content
date: Mon, 05 Dec 2022 06:21:23 GMT
access-control-allow-origin: https://nationalcasino.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone,LOCATION-SMART-HTML-SESSION-ID,LOCATION-SMART-DEVICE-SESSION-ID
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BpNUTf3JBV3v81CHua3EHX4uJQq%2BbcJ7IdGoYB%2F0gTIHLwz0KRh7LWz9Dukm%2F%2F0kYlibQ%2BdZsgdc3K9fJmR%2BbghEE3vm6G5jLE%2BDoV%2Bl4bhpwzBu03I7rt4nXeU1U2xNXCc7udHuZidj5lpWeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774aae6d8851fac4-OSL
X-Firefox-Spdy: h2
|
OPTIONS /api/data/get-countries HTTP/1.1
Host: platform.nationalcasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://nationalcasino.com/
Origin: https://nationalcasino.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
|
search
172.67.69.139
HTTP/2 204 No Content
date: Mon, 05 Dec 2022 06:21:23 GMT
access-control-allow-origin: https://nationalcasino.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone,LOCATION-SMART-HTML-SESSION-ID,LOCATION-SMART-DEVICE-SESSION-ID
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FO8imQTuKdju0YrvjqWsV4X%2BYb12T74Q8EJyeO7n2v%2FNxqYQgbyrdG5FS%2BXmQyzfmlI85mH%2FVyqbpNXnPaXBtVRdsPCRzN2NTutMQywSmBHVZ6ndQuN2slD4e%2BNnIjbFsyHT9qHBXJIC4Wbx1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774aae6d884ffac4-OSL
X-Firefox-Spdy: h2
|
GET /api/data/get-currencies HTTP/1.1
Host: platform.nationalcasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
client-timezone: UTC
Origin: https://nationalcasino.com
Connection: keep-alive
Referer: https://nationalcasino.com/
Cookie: _ga_9G634HNY5N=GS1.1.1670221279.1.0.1670221279.0.0.0; _ga=GA1.2.1087109354.1670221279; _sp_srt_ses.1060=*; _sp_srt_id.1060=e61164f4-f3b8-4279-bdf5-1aaf14e85396.1670221279.1.1670221279.1670221279.10d3b2e1-2f77-4206-9376-318236f62ba8; DV_TRACK=5923f043-0aef-4000-98f7-cd379fb209c1; _gid=GA1.2.293443561.1670221280; _gat_UA-189011525-1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
|
search
104.26.6.72
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
date: Mon, 05 Dec 2022 06:21:23 GMT
vary: Accept-Encoding
access-control-allow-origin: https://nationalcasino.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone,LOCATION-SMART-HTML-SESSION-ID,LOCATION-SMART-DEVICE-SESSION-ID
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=daQdGksT1xL5NIPwkuU6SFLLaRw4MqhyJbEY%2BSbnpTog4K2c2VChfy2KzhxU2BtfBJd1YfTkFPAne2UZuHiYDPJYuyY3Ak645f6PnDvOKMDN8Ksd0vOTJBbdvu1bGg%2FQ9JZWnaekRFCAcLMsSA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774aae6e585fb4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
GET /api/v2/casino/producer?is_desktop=1&is_live=0 HTTP/1.1
Host: platform.nationalcasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
client-timezone: UTC
Origin: https://nationalcasino.com
Connection: keep-alive
Referer: https://nationalcasino.com/
Cookie: _ga_9G634HNY5N=GS1.1.1670221279.1.0.1670221279.0.0.0; _ga=GA1.2.1087109354.1670221279; _sp_srt_ses.1060=*; _sp_srt_id.1060=e61164f4-f3b8-4279-bdf5-1aaf14e85396.1670221279.1.1670221279.1670221279.10d3b2e1-2f77-4206-9376-318236f62ba8; DV_TRACK=5923f043-0aef-4000-98f7-cd379fb209c1; _gid=GA1.2.293443561.1670221280; _gat_UA-189011525-1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
|
search
104.26.6.72
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
date: Mon, 05 Dec 2022 06:21:23 GMT
vary: Accept-Encoding
access-control-allow-origin: https://nationalcasino.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone,LOCATION-SMART-HTML-SESSION-ID,LOCATION-SMART-DEVICE-SESSION-ID
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NdytJRx4kvEuHT1P87x%2BQhAvMb6QjfwVZKSGTC0rw6pRAOdea2ea%2FfN%2FpDXNHFcIHYLiuhgwsnKzBId0pycrZLPx%2BBbUY%2B5FXBrSbHDRV1Jpr8WV7hTZLLJu3vQu3mY6BhSq6n3YiRTL1HaZlA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774aae6e485cb4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
GET /api/v2/configurations HTTP/1.1
Host: platform.nationalcasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
client-timezone: UTC
Origin: https://nationalcasino.com
Connection: keep-alive
Referer: https://nationalcasino.com/
Cookie: _ga_9G634HNY5N=GS1.1.1670221279.1.0.1670221279.0.0.0; _ga=GA1.2.1087109354.1670221279; _sp_srt_ses.1060=*; _sp_srt_id.1060=e61164f4-f3b8-4279-bdf5-1aaf14e85396.1670221279.1.1670221279.1670221279.10d3b2e1-2f77-4206-9376-318236f62ba8; DV_TRACK=5923f043-0aef-4000-98f7-cd379fb209c1; _gid=GA1.2.293443561.1670221280; _gat_UA-189011525-1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
|
search
104.26.6.72
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
date: Mon, 05 Dec 2022 06:21:23 GMT
vary: Accept-Encoding
access-control-allow-origin: https://nationalcasino.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone,LOCATION-SMART-HTML-SESSION-ID,LOCATION-SMART-DEVICE-SESSION-ID
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7JRxqr6Ob2wT0syGWDUFftCmkNvQml3tJN6NiDTHVG3SHCfhQWhIZauG%2FwJ3gnp2Hsz6RAdWNsYjDzR%2BSEDQ7jka7VqsXqZB%2FzTkLIuLbCSGdyYNUXt72xALSQoBvSziPi0pWdPMlX%2B6lwRC6A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774aae6e78afb4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
54.230.245.110
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=171542
Date: Mon, 05 Dec 2022 06:21:24 GMT
Etag: "638d7afb-1d7"
Expires: Wed, 07 Dec 2022 06:00:26 GMT
Last-Modified: Mon, 05 Dec 2022 05:00:43 GMT
Server: ECS (nyb/1D28)
X-Cache: Miss from cloudfront
Via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: pXdDYD_vg_DRAz4TOBn_dBJIpTSQE_iKQSF_AyR8yid5XoROJD-pmg==
Age: 3583
|
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
54.230.245.110
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=171540
Date: Mon, 05 Dec 2022 06:21:24 GMT
Etag: "638d7afb-1d7"
Expires: Wed, 07 Dec 2022 06:00:24 GMT
Last-Modified: Mon, 05 Dec 2022 05:00:43 GMT
Server: ECS (nyb/1D1A)
X-Cache: Miss from cloudfront
Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: KPFicSekZl3Dqms5PVY2NjqdfvOoeL_eyndurWi6KOIXxU22VPv23g==
Age: 3581
|
GET /api/v2/casino/producer?is_desktop=1&is_live=1 HTTP/1.1
Host: platform.nationalcasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
client-timezone: UTC
Origin: https://nationalcasino.com
Connection: keep-alive
Referer: https://nationalcasino.com/
Cookie: _ga_9G634HNY5N=GS1.1.1670221279.1.0.1670221279.0.0.0; _ga=GA1.2.1087109354.1670221279; _sp_srt_ses.1060=*; _sp_srt_id.1060=e61164f4-f3b8-4279-bdf5-1aaf14e85396.1670221279.1.1670221279.1670221279.10d3b2e1-2f77-4206-9376-318236f62ba8; DV_TRACK=5923f043-0aef-4000-98f7-cd379fb209c1; _gid=GA1.2.293443561.1670221280; _gat_UA-189011525-1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
|
search
104.26.6.72
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
date: Mon, 05 Dec 2022 06:21:23 GMT
vary: Accept-Encoding
access-control-allow-origin: https://nationalcasino.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone,LOCATION-SMART-HTML-SESSION-ID,LOCATION-SMART-DEVICE-SESSION-ID
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QF9TkcKPWQ2dOYYxU5bD1VP9wI%2F%2B8JXdvM35QnYQVmaDcTAuJ5TJetvcdI2YrBNLx9b6lTWYcvodRz3YTpJDPmgmSxe%2Fz4dEFdWLRs1xuqeMumP9UC4942MLyS81tuTDUuZY4J8qgWJC4JZSyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774aae6e2844b4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
GET /api/data/provinces HTTP/1.1
Host: platform.nationalcasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
client-timezone: UTC
Origin: https://nationalcasino.com
Connection: keep-alive
Referer: https://nationalcasino.com/
Cookie: _ga_9G634HNY5N=GS1.1.1670221279.1.0.1670221279.0.0.0; _ga=GA1.2.1087109354.1670221279; _sp_srt_ses.1060=*; _sp_srt_id.1060=e61164f4-f3b8-4279-bdf5-1aaf14e85396.1670221279.1.1670221279.1670221279.10d3b2e1-2f77-4206-9376-318236f62ba8; DV_TRACK=5923f043-0aef-4000-98f7-cd379fb209c1; _gid=GA1.2.293443561.1670221280; _gat_UA-189011525-1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
|
search
104.26.6.72
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
date: Mon, 05 Dec 2022 06:21:23 GMT
vary: Accept-Encoding
access-control-allow-origin: https://nationalcasino.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone,LOCATION-SMART-HTML-SESSION-ID,LOCATION-SMART-DEVICE-SESSION-ID
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1d4H7e5aiENPlrBz93Pf7CyttbI13x3PAbhgFfAxT8m8iRQh8%2F0uArsXb7arswWCXZzN7nB9UYUrEmGPWxlyTtRqxK8IjxVPgdE6QaS2BM%2FAIC7PB9yxynLU1CB2u7nSMtjWRaO1Vgjm4WKOxA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774aae6e78aab4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2
--- Additional Info ---
|
GET /css?family=Roboto:400,500,700,300,900&display=swap&subset=cyrillic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nationalcasino.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
search
142.250.74.106
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 05 Dec 2022 06:21:21 GMT
date: Mon, 05 Dec 2022 06:21:21 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
--- Additional Info ---
|
GET /app/styles.0b355258e5d259e1.css HTTP/1.1
Host: nationalcasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nationalcasino.com/promotions/first-deposit-bonus?btag=667497_8E81AF21C4D04AC49975CDFB0D1FA21E&utm_source=retargetvr&utm_medium=Ubidex&utm_campaign=Ubidex-National-Ksenia&utm_term=Ubidex-National-Ksenia&subid=ecc41gxqdibgxlp5b3
Cookie: btag=667497_8E81AF21C4D04AC49975CDFB0D1FA21E; subid=ecc41gxqdibgxlp5b3; utm_campaign=Ubidex-National-Ksenia; utm_medium=Ubidex; utm_source=retargetvr; utm_term=Ubidex-National-Ksenia
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
|
search
104.26.6.72
HTTP/2 200 OK
content-type: text/css
date: Mon, 05 Dec 2022 06:21:21 GMT
last-modified: Thu, 17 Nov 2022 09:01:35 GMT
vary: Accept-Encoding
etag: W/"6375f86f-3f6b5"
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B7YOKRJlhWHmJmgkErKoDqYplewbtCapKyCAzlENvuhTwNsHd4UZZ0alX9rOd62URcnSKBfzLlcPO1Gx4%2Boj9UBGWZO0QI8FOJIMIh6xRDkMZO9%2FdC%2BYJUmDZRz19SM7G9t0CA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774aae5e8d73b4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2
--- Additional Info ---
|
GET /api/promotion/tournaments?lang=en_GB HTTP/1.1
Host: nationalcasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://nationalcasino.com/promotions/first-deposit-bonus?btag=667497_8E81AF21C4D04AC49975CDFB0D1FA21E&utm_source=retargetvr&utm_medium=Ubidex&utm_campaign=Ubidex-National-Ksenia&utm_term=Ubidex-National-Ksenia&subid=ecc41gxqdibgxlp5b3
Cookie: btag=667497_8E81AF21C4D04AC49975CDFB0D1FA21E; subid=ecc41gxqdibgxlp5b3; utm_campaign=Ubidex-National-Ksenia; utm_medium=Ubidex; utm_source=retargetvr; utm_term=Ubidex-National-Ksenia; _ga_9G634HNY5N=GS1.1.1670221279.1.0.1670221279.0.0.0; _ga=GA1.2.1087109354.1670221279; _sp_srt_ses.1060=*; _sp_srt_id.1060=e61164f4-f3b8-4279-bdf5-1aaf14e85396.1670221279.1.1670221279.1670221279.10d3b2e1-2f77-4206-9376-318236f62ba8; DV_TRACK=5923f043-0aef-4000-98f7-cd379fb209c1; _gid=GA1.2.293443561.1670221280; _gat_UA-189011525-1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
|
search
104.26.6.72
HTTP/2 200 OK
content-type: application/json
date: Mon, 05 Dec 2022 06:21:23 GMT
vary: Accept-Encoding
x-powered-by: PHP/7.4.29
cache-control: no-cache, private
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jv50bE0EshAnZl4wPak0RQB6z3wGG6eiKI1ZGamtIrL11TcAT5S1T0kNDLG%2BJ%2Bv7IwCHV5jcsDypRGqyFb58jki6U%2B%2BlyHHPUAMTyPV512s%2BUbFNp%2FaD2WCI1Hp3q3Wx68u4Ag%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774aae6bdeafb4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2
--- Additional Info ---
|
GET /api/v2/casino/category?auth=false HTTP/1.1
Host: platform.nationalcasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
client-timezone: UTC
Origin: https://nationalcasino.com
Connection: keep-alive
Referer: https://nationalcasino.com/
Cookie: _ga_9G634HNY5N=GS1.1.1670221279.1.0.1670221279.0.0.0; _ga=GA1.2.1087109354.1670221279; _sp_srt_ses.1060=*; _sp_srt_id.1060=e61164f4-f3b8-4279-bdf5-1aaf14e85396.1670221279.1.1670221279.1670221279.10d3b2e1-2f77-4206-9376-318236f62ba8; DV_TRACK=5923f043-0aef-4000-98f7-cd379fb209c1; _gid=GA1.2.293443561.1670221280; _gat_UA-189011525-1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
|
search
104.26.6.72
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
date: Mon, 05 Dec 2022 06:21:23 GMT
vary: Accept-Encoding
access-control-allow-origin: https://nationalcasino.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone,LOCATION-SMART-HTML-SESSION-ID,LOCATION-SMART-DEVICE-SESSION-ID
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RGCOPvWpbX%2FF1ZOSgSIxzlRLpQ4SHlbRdoXZY3asxScKztrqTrRCffBjzefiR%2Bpyi8%2FBm0KTvp9M0%2B5H%2Bul0HU4C8ksaMIggO1q%2FhZ7%2BWjifMg7P8P7wEdBNy7MYnMG1ZQj9nLcx81%2FWVXwu1w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774aae6e6887b4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2
--- Additional Info ---
|
GET /app/runtime.b2e82eb996bed5b0.esm.js HTTP/1.1
Host: nationalcasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nationalcasino.com/promotions/first-deposit-bonus?btag=667497_8E81AF21C4D04AC49975CDFB0D1FA21E&utm_source=retargetvr&utm_medium=Ubidex&utm_campaign=Ubidex-National-Ksenia&utm_term=Ubidex-National-Ksenia&subid=ecc41gxqdibgxlp5b3
Cookie: btag=667497_8E81AF21C4D04AC49975CDFB0D1FA21E; subid=ecc41gxqdibgxlp5b3; utm_campaign=Ubidex-National-Ksenia; utm_medium=Ubidex; utm_source=retargetvr; utm_term=Ubidex-National-Ksenia
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
|
search
104.26.6.72
HTTP/2 200 OK
content-type: application/javascript
date: Mon, 05 Dec 2022 06:21:21 GMT
last-modified: Thu, 17 Nov 2022 09:01:21 GMT
vary: Accept-Encoding
etag: W/"6375f861-1fb1"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=emldHUGtwyYI26DIzKCZbhKs9c2tvn4wOveDoIPme4W0u37ha%2BtcMruJO91Cwn57wBp1mJvxVFx4dzEzcpwKD1Hl2vurfxsxW1Ulul721hT59nPyHfXIgNiFRuocxsGZpmlOMA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774aae626833b4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2
--- Additional Info ---
|
GET /app/polyfills.9981ee15c1709677.esm.js HTTP/1.1
Host: nationalcasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nationalcasino.com/promotions/first-deposit-bonus?btag=667497_8E81AF21C4D04AC49975CDFB0D1FA21E&utm_source=retargetvr&utm_medium=Ubidex&utm_campaign=Ubidex-National-Ksenia&utm_term=Ubidex-National-Ksenia&subid=ecc41gxqdibgxlp5b3
Cookie: btag=667497_8E81AF21C4D04AC49975CDFB0D1FA21E; subid=ecc41gxqdibgxlp5b3; utm_campaign=Ubidex-National-Ksenia; utm_medium=Ubidex; utm_source=retargetvr; utm_term=Ubidex-National-Ksenia
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
|
search
104.26.6.72
HTTP/2 200 OK
content-type: application/javascript
date: Mon, 05 Dec 2022 06:21:21 GMT
last-modified: Thu, 17 Nov 2022 09:01:15 GMT
vary: Accept-Encoding
etag: W/"6375f85b-2d895"
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KfkpM8lZ52aSfGSLS2vlDO5REbT2UfGxelzP%2BcD0Tn9DkV3iJcT2myC6NiPzH661fEF4g%2B0YX9VbKj1vry4bIUmz1DqhXwgUSnqb4cGY69ENTPDgNKZduKhIq2TCPoJnvFmAow%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774aae62682ab4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2
--- Additional Info ---
|
GET /app/main.afe1d482adbb8c73.css HTTP/1.1
Host: nationalcasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nationalcasino.com/promotions/first-deposit-bonus?btag=667497_8E81AF21C4D04AC49975CDFB0D1FA21E&utm_source=retargetvr&utm_medium=Ubidex&utm_campaign=Ubidex-National-Ksenia&utm_term=Ubidex-National-Ksenia&subid=ecc41gxqdibgxlp5b3
Cookie: btag=667497_8E81AF21C4D04AC49975CDFB0D1FA21E; subid=ecc41gxqdibgxlp5b3; utm_campaign=Ubidex-National-Ksenia; utm_medium=Ubidex; utm_source=retargetvr; utm_term=Ubidex-National-Ksenia
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
|
search
104.26.6.72
HTTP/2 200 OK
content-type: text/css
date: Mon, 05 Dec 2022 06:21:21 GMT
last-modified: Thu, 17 Nov 2022 09:01:15 GMT
vary: Accept-Encoding
etag: W/"6375f85b-31e3"
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=58cIGYvZWxpI%2B4BTYWZazw0VmPT3GHg%2FhJ2vk11HXSlIlod%2BoW69iLHOSllUgam%2B%2FN4zQJfNfP5QwqUyWsXSgAl8ynC1noeVJ0%2FU6dQ7nD3evwDm9haDzXjKjmY9jS23QIF3AQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774aae5e8d72b4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2
--- Additional Info ---
|
GET /js/v4/agent.js HTTP/1.1
Host: cdn.seon.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nationalcasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
search
54.230.111.35
HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 09 Sep 2022 15:20:31 GMT
x-amz-version-id: mfjcVMYC8eQg.3.C.jDktKY9HpyiJtFK
server: AmazonS3
content-encoding: gzip
date: Mon, 05 Dec 2022 05:40:35 GMT
cache-control: max-age=3600
etag: W/"7e416f9feeb805e04c423899736c48e2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 03z-C1jK0UAIcz0LaBh6fX9F_XgAJyZapJShXl6XnPDcIKNP_rB-MA==
age: 2509
X-Firefox-Spdy: h2
--- Additional Info ---
|
GET /assets/track.js HTTP/1.1
Host: assets.customer.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nationalcasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
search
54.230.111.127
HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 21 Oct 2022 17:44:53 GMT
server: AmazonS3
content-encoding: br
date: Mon, 05 Dec 2022 03:45:59 GMT
etag: W/"4c5f83ddacacecc5a74e105c6940b5ca"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Ox9YikjKR5iUkXVt8pRIXeSqpWuViF7TCG2Ht93WwXwT7vfPA5cZ5w==
age: 16363
X-Firefox-Spdy: h2
--- Additional Info ---
|
GET /api/v2/ip-data HTTP/1.1
Host: platform.nationalcasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
client-timezone: UTC
Origin: https://nationalcasino.com
Connection: keep-alive
Referer: https://nationalcasino.com/
Cookie: _ga_9G634HNY5N=GS1.1.1670221279.1.0.1670221279.0.0.0; _ga=GA1.2.1087109354.1670221279; _sp_srt_ses.1060=*; _sp_srt_id.1060=e61164f4-f3b8-4279-bdf5-1aaf14e85396.1670221279.1.1670221279.1670221279.10d3b2e1-2f77-4206-9376-318236f62ba8; DV_TRACK=5923f043-0aef-4000-98f7-cd379fb209c1; _gid=GA1.2.293443561.1670221280; _gat_UA-189011525-1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
|
search
104.26.6.72
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
date: Mon, 05 Dec 2022 06:21:23 GMT
vary: Accept-Encoding
access-control-allow-origin: https://nationalcasino.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone,LOCATION-SMART-HTML-SESSION-ID,LOCATION-SMART-DEVICE-SESSION-ID
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lEnfhkHcJSmXRHjaJcUGDz2f%2F%2BcD1aWFBBlCB1Bz3t2r3tdqBuAYvx2%2BqHblxHKCI5n3l%2FvttWpMB7ng3wZf%2Fo0OFIumDDvX0Dc%2FzbS2kARSU%2FDTphBQ9xJx6iwPCMXY9v5z%2BKzI3SlSvuAd6w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774aae6e6885b4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2
--- Additional Info ---
|
GET /click.php?key=fqwyfkhxnjuqvm1tdngx&clickid=45838fc6-d97b-41e2-88ef-9f0863100eeb&cost=0.0838&PUB_ID=81&SUB_ID=0b6db819a583befaf431100a36249fee&KEYWORD=&SUBSCRIBER_AGE=28&SUBSCRIBER_DATE=2022-11-07&BID_PUB=0.0838&CR_ID=1694&PUB_NAME=RichAds-push-inpage HTTP/1.1
Host: newbinotracs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://us.doctorpost.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
|
search
49.12.123.158
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
server: nginx/1.18.0
date: Mon, 05 Dec 2022 06:21:18 GMT
location: https://media.playamopartners.com/redirect.aspx?pid=180698&bid=2036&lpid=523&utm_source=retargetvr&utm_medium=Ubidex&utm_campaign=Ubidex-National-Ksenia&utm_term=Ubidex-National-Ksenia&subid=ecc41gxqdibgxlp5b3
set-cookie: uclick=gxqdibgxlp; expires=Tue, 06-Dec-2022 06:21:18 GMT; Max-Age=86400; path=/; secure; SameSite=none
uclickhash=gxqdibgxlp-gxqdibgxlp-2tb40-0-gxzw0-gmgxbl-gmgx8n-423434; expires=Tue, 06-Dec-2022 06:21:18 GMT; Max-Age=86400; path=/; secure; SameSite=none
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
--- Additional Info ---
|
GET /api/data/get-countries HTTP/1.1
Host: platform.nationalcasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest |
35.240.72.43
104.21.51.194