detectportal.firefox.com/success.txt?ipv4
200 OK 8 B URL HTTP/1.1 detectportal.firefox.com/success.txt?ipv4
IP
Hash ae780585f49b94ce1444eb7d28906123
7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86
81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5
GET /success.txt?ipv4 HTTP/1.1
Host: detectportal.firefox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Length: 8
Via: 1.1 google
Date: Sun, 05 Feb 2023 08:14:39 GMT
Age: 58419
Content-Type: text/plain
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
tele10.site/m/ng/ppt4/
302 Found 0 B IP
ASN #212531 UAB Interneto vizija
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /m/ng/ppt4/ HTTP/1.1
Host: tele10.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Mon, 06 Feb 2023 00:28:18 GMT
Server: Apache
Connection: Upgrade, Keep-Alive
Location: http://inumbreonr.com/4/5620708?var=ar_error
Keep-Alive: timeout=2, max=100
Transfer-Encoding: chunked
Content-Type: text/html
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 0bf32948ebe69cc5a92dce2b209a6bab
291d5e9e653dd98a1c4e7bdeb0dd6d55befe20ea
52a298b4036a7ae2fe6ea0630e9f9536a47b7e865a8a9d7b0c917f5111e885e8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "52A298B4036A7AE2FE6EA0630E9F9536A47B7E865A8A9D7B0C917F5111E885E8"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20724
Expires: Mon, 06 Feb 2023 06:13:43 GMT
Date: Mon, 06 Feb 2023 00:28:19 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 507011ccb9124dcd57e84a90a0965cc4
1a6575d0ac979c7184490cc9836ac4812ad2afd1
01626c18e1e68507aa33ef7448dbc3311901ab6f29adc2f51d449409b0680dce
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "01626C18E1E68507AA33EF7448DBC3311901AB6F29ADC2F51D449409B0680DCE"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21025
Expires: Mon, 06 Feb 2023 06:18:44 GMT
Date: Mon, 06 Feb 2023 00:28:19 GMT
Connection: keep-alive
getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30
200 OK 38 kB URL HTTP/2 getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30
IP
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 77e5b8e10fc2d6bce72f10dc007b62ad
55d85a05209ec4782bffb1c4154d5c2063df7585
049c707cdc39b48b57550bf2e6827c5de2132388a958ce0195c1a0be3307a908
GET /v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30 HTTP/1.1
Host: getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
vary: Accept-Encoding
content-location: global-recs.php
tcn: choice
x-frame-options: SAMEORIGIN
status: 200 OK
x-source: Pocket
pragma: cache
p3p: policyref="/w3c/p3p.xml", CP="ALL CURa ADMa DEVa OUR IND UNI COM NAV INT STA PRE"
x-cache: Miss from cloudfront
x-amz-cf-pop: SEA73-P2
x-amz-cf-id: zvE-BmpEhQvJdi6HzDdMMnjGqdakbh5GzZO95iLDwQh_wmfo3NaxJw==
content-encoding: gzip
via: 1.1 95785220a566cd050f3ad80928463374.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 00:21:05 GMT
content-type: application/json
content-length: 38246
age: 434
cache-control: s-maxage=900,public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10912
Expires: Mon, 06 Feb 2023 03:30:11 GMT
Date: Mon, 06 Feb 2023 00:28:19 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 64Ga+fmNazxuO0DlxEcvAYbt48xUvtVuXg2Tpstys0agNW3OYHfcQMX3hQMmmzcvcgdTP4+9uf4=
x-amz-request-id: 158Z8PAKH02CHND4
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 06 Feb 2023 00:01:32 GMT
age: 1607
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
inumbreonr.com/4/5620708?var=ar_error
200 OK 9.3 kB URL HTTP/1.1 inumbreonr.com/4/5620708?var=ar_error
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (12966)
Hash 82945450c2f8f0cf5d1a8fcfd41c52cf
b62387139636dbe5d2054baf898184110643a78a
d853ace2026a318c138815755c79fb49e77bad627a6ac8584ad1712b16474992
Analyzer Verdict Alert quad9 Sinkholed
GET /4/5620708?var=ar_error HTTP/1.1
Host: inumbreonr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Feb 2023 00:28:19 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: d206c12e42fc40b67d4f633cad21d6ad
Link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Timing-Allow-Origin: *
Set-Cookie: OAID=1081700e87864e2f97994af6474baecc; expires=Tue, 06 Feb 2024 00:28:19 GMT; path=/
oaidts=1675643299; expires=Tue, 06 Feb 2024 00:28:19 GMT; path=/
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
Pragma: no-cache, no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS, POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Accept, Content-Type, Content-Length, Accept-Encoding
Content-Encoding: gzip
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4715
Expires: Mon, 06 Feb 2023 01:46:54 GMT
Date: Mon, 06 Feb 2023 00:28:19 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 00:28:19 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 05 Feb 2023 23:33:59 GMT
content-type: application/json
age: 3260
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3f42c0d1cd34dd1d6e27d8d13e2034fa
aee1e48ed0450d58d165714bec4be7307eede096
8c057825608d7e340ab1b69839c5a73316162b0afbea1f759c2d6acb6e3f9035
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8C057825608D7E340AB1B69839C5A73316162B0AFBEA1F759C2D6ACB6E3F9035"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4287
Expires: Mon, 06 Feb 2023 01:39:46 GMT
Date: Mon, 06 Feb 2023 00:28:19 GMT
Connection: keep-alive
my.rtmark.net/img.gif?f=merge&userId=1081700e87864e2f97994af6474baecc
200 OK 43 B URL HTTP/2 my.rtmark.net/img.gif?f=merge&userId=1081700e87864e2f97994af6474baecc
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /img.gif?f=merge&userId=1081700e87864e2f97994af6474baecc HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://inumbreonr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 00:28:19 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=1081700e87864e2f97994af6474baecc; expires=Tue, 06 Feb 2024 00:28:19 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash 71c8111ac9d63deac2a414c0a64fcc9b
855b767fc93c000b338e25e6342d93611447d677
9eb3105d541665d69b5a23b32ed483f71616fd390d47a44f32eb20cb8ba1f7a6
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 00:28:19 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 02 Feb 2023 14:07:11 GMT
Expires: Thu, 09 Feb 2023 14:07:10 GMT
Etag: "855b767fc93c000b338e25e6342d93611447d677"
Cache-Control: max-age=307730,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 794fc3ddac931c12-OSL
inumbreonr.com/?z=5620708&syncedCookie=true&rhd=false
302 Found 0 B URL HTTP/1.1 inumbreonr.com/?z=5620708&syncedCookie=true&rhd=false
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
NIDS Severity Alert suricata medium ET ADWARE_PUP Win32/Adware.Agent.NSU CnC Activity M2
POST /?z=5620708&syncedCookie=true&rhd=false HTTP/1.1
Host: inumbreonr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 470
Origin: http://inumbreonr.com
Connection: keep-alive
Referer: http://inumbreonr.com/afu.php?zoneid=5620708&var=5620708&rid=uZkGuFtJfk-T2gq_XdzZSg%3D%3D&rhd=false
Cookie: OAID=1081700e87864e2f97994af6474baecc; oaidts=1675643299
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx
Date: Mon, 06 Feb 2023 00:28:19 GMT
Content-Length: 0
Connection: keep-alive
X-Trace-Id: 23fd9f52e9f79429625ac2e4707852f7
Link: <https://record.ibetaffiliates.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
Referrer-Policy: no-referrer
Location: https://record.ibetaffiliates.com/_1LOEjeN3o8q22a5QkwDt8GNd7ZgqdRLk/10/?payload=5620708&rdk=rk3
Access-Control-Allow-Origin: http://inumbreonr.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Set-Cookie: OAID=1081700e87864e2f97994af6474baecc; expires=Tue, 06 Feb 2024 00:28:19 GMT; path=/
oaidts=1675643299; expires=Tue, 06 Feb 2024 00:28:19 GMT; path=/
syncedCookie=true; expires=Mon, 13 Feb 2023 00:28:19 GMT; path=/
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *
detectportal.firefox.com/success.txt?ipv4
200 OK 8 B URL HTTP/1.1 detectportal.firefox.com/success.txt?ipv4
IP
Hash ae780585f49b94ce1444eb7d28906123
7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86
81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5
GET /success.txt?ipv4 HTTP/1.1
Host: detectportal.firefox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Length: 8
Via: 1.1 google
Date: Sun, 05 Feb 2023 08:14:39 GMT
Age: 58420
Content-Type: text/plain
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
ocsp.pki.goog/s/gts1p5/DPv2Tv_7RGg
200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/DPv2Tv_7RGg
IP
Hash 12b8a195ed59d3cdb75d30edc722ee26
3a6e20b01cce7f0b374801677190f8195ba015e2
13fb803f1ddf3afe206d562738cfcaaa17882e7c8957be21ad7415b6eb90a686
POST /s/gts1p5/DPv2Tv_7RGg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 00:28:19 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 06 Feb 2023 00:07:20 GMT
age: 1259
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash ffc87f9ac48fe66c2c6b2ff16515d812
717ef25f427f17f2d2b8b7bf072ce6a5c41d3844
da2902f794c69b0b3a156043c5c0246e1dece467b2cbc4746e38dad55aef5c01
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1628
Cache-Control: max-age=147245
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 00:28:19 GMT
Etag: "63dfdf74-1d7"
Expires: Tue, 07 Feb 2023 17:22:24 GMT
Last-Modified: Sun, 05 Feb 2023 16:55:16 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9528
Expires: Mon, 06 Feb 2023 03:07:08 GMT
Date: Mon, 06 Feb 2023 00:28:20 GMT
Connection: keep-alive
record.ibetaffiliates.com/_1LOEjeN3o8q22a5QkwDt8GNd7ZgqdRLk/10/?payload=5620708&rdk=rk3
301 Moved Permanently 8.5 kB URL HTTP/2 record.ibetaffiliates.com/_1LOEjeN3o8q22a5QkwDt8GNd7ZgqdRLk/10/?payload=5620708&rdk=rk3
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (8453), with no line terminators
Hash f73bb467f2de77c3c8b80c7dc7f106cc
4b26ea34270d4dbf47bcd63fcad4e6dc0e09ed32
2d26e90a7ef6d0647b4fd4ed977b5d4092565ef15b80aafb8e521551d72de56e
GET /_1LOEjeN3o8q22a5QkwDt8GNd7ZgqdRLk/10/?payload=5620708&rdk=rk3 HTTP/1.1
Host: record.ibetaffiliates.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Mon, 06 Feb 2023 00:28:19 GMT
content-type: text/html; charset=utf-8
location: https://www.ibet.com/no-NO/?aff=ZG0C9ZL7-e76LFaHCxTGxGNd7ZgqdRLk
cache-control: private, no-cache, must-revalidate, Cache-Control: no-cache
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
pragma: no-cache
x-powered-by: ZBan
cf-cache-status: BYPASS
set-cookie: VID1=Jy4zQFMsQ0RTLFBgYApgCg%3D%3D; expires=Tue, 06-Feb-2024 00:28:19 GMT; Max-Age=31536000; path=/; secure; HttpOnly; SameSite=None
ZBan=ZG0C9ZL7-e76LFaHCxTGxGNd7ZgqdRLk; expires=Tue, 06-Feb-2024 00:28:19 GMT; Max-Age=31536000; path=/; domain=.ibetaffiliates.com; secure; HttpOnly; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 794fc3dec94a1c0a-OSL
X-Firefox-Spdy: h2
www.ibet.com/static/css/main.17c66d77.chunk.css
200 OK 36 kB URL HTTP/2 www.ibet.com/static/css/main.17c66d77.chunk.css
IP
File type ASCII text, with very long lines (24239)
Hash 9f7fa2e99942f15807e2e6f5cd62aca5
cdf6ed1947e285ae3be5f68949f6d0e5cf057a23
ec55dea9a5ac90bd72bc727eebe8545b58b19470d28c5892894bc3754d97da60
GET /static/css/main.17c66d77.chunk.css HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ibet.com/no-NO/?aff=ZG0C9ZL7-e76LFaHCxTGxGNd7ZgqdRLk
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 35641
last-modified: Thu, 05 Jan 2023 16:20:42 GMT
accept-ranges: bytes
server: AmazonS3
date: Mon, 06 Feb 2023 00:28:21 GMT
etag: "9f7fa2e99942f15807e2e6f5cd62aca5"
x-cache: RefreshHit from cloudfront
via: 1.1 d84d4103926180da8f8abcb90515db0c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: Q2anO33YbP_ki687U_W6uOWNAGwfSgMYR5Ab1DmbfUSag1yN5hv2SQ==
X-Firefox-Spdy: h2
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: khFNrHAW3XY5as1gUkI/Rw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: gUN+7S3HXppXDPw8phdUJDHdxGU=
www.ibet.com/static/css/56.07bf056b.chunk.css
200 OK 2.0 kB URL HTTP/2 www.ibet.com/static/css/56.07bf056b.chunk.css
IP
File type ASCII text, with very long lines (2049), with no line terminators
Hash 36b2f8ea1e16e9f607c1701f688c13da
bbcf0e61433d91d8ccf793fddaf638b0326f254d
2ce59990e026b2074cb274798dd1ee8b536bf4e628d481003e015ece685c00da
GET /static/css/56.07bf056b.chunk.css HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ibet.com/no-NO/?aff=ZG0C9ZL7-e76LFaHCxTGxGNd7ZgqdRLk
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 2049
last-modified: Thu, 05 Jan 2023 16:20:42 GMT
accept-ranges: bytes
server: AmazonS3
date: Mon, 06 Feb 2023 00:28:21 GMT
etag: "36b2f8ea1e16e9f607c1701f688c13da"
x-cache: RefreshHit from cloudfront
via: 1.1 d84d4103926180da8f8abcb90515db0c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: 3IYM5e96JkgQUiufndcSilmbytHXVlJOxWZVQWK42-BLbiRzD1SnFQ==
X-Firefox-Spdy: h2
www.ibet.com/fonts/OpenSans-SemiBold.ttf
200 OK 101 kB URL HTTP/2 www.ibet.com/fonts/OpenSans-SemiBold.ttf
IP
File type TrueType Font data, 17 tables, 1st "GDEF", 15 names, Microsoft, language 0x409, Digitized data copyright \251 2011, Google Corporation.Open Sans SemiBoldRegular1.10;1ASC;OpenSa\012- data
Size 101 kB (100820 bytes)
Hash ba5cde21eeea0d57ab7efefc99596cce
e256f8391718ef61f253dfb4e95bbeb3c5857afc
5e8d9e1a89083cd1b0849993fe2f3acc9aa33b7f439f7e8616872f6897f30684
GET /fonts/OpenSans-SemiBold.ttf HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ibet.com/no-NO/?aff=ZG0C9ZL7-e76LFaHCxTGxGNd7ZgqdRLk
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/font-sfnt
content-length: 100820
last-modified: Thu, 05 Jan 2023 16:20:42 GMT
accept-ranges: bytes
server: AmazonS3
date: Mon, 06 Feb 2023 00:28:21 GMT
etag: "ba5cde21eeea0d57ab7efefc99596cce"
x-cache: RefreshHit from cloudfront
via: 1.1 d84d4103926180da8f8abcb90515db0c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: 4aszI9usS4xRn1emm5x_rkVAQOzCQr7U-BSbIza5AG2qcor5eSlAjw==
X-Firefox-Spdy: h2
www.ibet.com/fonts/OpenSans-Regular.ttf
200 OK 97 kB URL HTTP/2 www.ibet.com/fonts/OpenSans-Regular.ttf
IP
File type TrueType Font data, 17 tables, 1st "GDEF", 13 names, Microsoft, language 0x409, Digitized data copyright \251 2010-2011, Google Corporation.Open SansRegular1.10;1ASC;OpenSans-R\012- data
Hash 3ed9575dcc488c3e3a5bd66620bdf5a4
babe8dce93a3e48b6c3c79720a0c048e88dd1fe7
037236ed4bf58a85f67074c165d308260fd6be01c86d7df4e79ea16eb273f8c5
GET /fonts/OpenSans-Regular.ttf HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ibet.com/no-NO/?aff=ZG0C9ZL7-e76LFaHCxTGxGNd7ZgqdRLk
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/font-sfnt
content-length: 96932
last-modified: Thu, 05 Jan 2023 16:20:42 GMT
accept-ranges: bytes
server: AmazonS3
date: Mon, 06 Feb 2023 00:28:21 GMT
etag: "3ed9575dcc488c3e3a5bd66620bdf5a4"
x-cache: RefreshHit from cloudfront
via: 1.1 d84d4103926180da8f8abcb90515db0c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: XsM9C_4kF_WtV33hInHfsGFq-Tmi60Tkq3Nkas10vFm-mRhuD21yFA==
X-Firefox-Spdy: h2
www.ibet.com/static/js/56.2ed00168.chunk.js
200 OK 1.2 MB URL HTTP/2 www.ibet.com/static/js/56.2ed00168.chunk.js
IP
File type ASCII text, with very long lines (65461)
Size 1.2 MB (1238789 bytes)
Hash 5b98e1b5c0306fbb6a00599a1f71ec11
3fe04bd9c37bee0468e73447ba3a48e919767914
12df518fc3b1e454fcc10f93ebdf7594e981eee90abe3079890cd17547f38883
GET /static/js/56.2ed00168.chunk.js HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ibet.com/no-NO/?aff=ZG0C9ZL7-e76LFaHCxTGxGNd7ZgqdRLk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 1238789
last-modified: Thu, 05 Jan 2023 16:20:43 GMT
accept-ranges: bytes
server: AmazonS3
date: Mon, 06 Feb 2023 00:28:21 GMT
etag: "5b98e1b5c0306fbb6a00599a1f71ec11"
x-cache: RefreshHit from cloudfront
via: 1.1 d84d4103926180da8f8abcb90515db0c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: Jm_WmFJA58h58JPLgDX18B_PMNFxexupsgCjM4Tj6QHqjYbhuiL5uQ==
X-Firefox-Spdy: h2
www.ibet.com/static/js/main.1ea8a9f9.chunk.js
200 OK 1.7 MB URL HTTP/2 www.ibet.com/static/js/main.1ea8a9f9.chunk.js
IP
File type ASCII text, with very long lines (65536), with no line terminators
Size 1.7 MB (1728511 bytes)
Hash d5fee69f9f3840934ed0ec43d231353f
b431b619540acfb2cd950abbc9f9b01b367129f9
ab8ec9c6f8ee993ce28b5b6d77e47158f8938ab7d970eb8a3f9b02501da134fc
GET /static/js/main.1ea8a9f9.chunk.js HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ibet.com/no-NO/?aff=ZG0C9ZL7-e76LFaHCxTGxGNd7ZgqdRLk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 1728511
last-modified: Thu, 05 Jan 2023 16:20:43 GMT
accept-ranges: bytes
server: AmazonS3
date: Mon, 06 Feb 2023 00:28:21 GMT
etag: "d5fee69f9f3840934ed0ec43d231353f"
x-cache: RefreshHit from cloudfront
via: 1.1 d84d4103926180da8f8abcb90515db0c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: 6DVFsbks3IouHVPZOLaLeZJqT5ZoAksygcyt5wuW1sJYNCQ5fF635w==
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1675449433343&_since=%221666204638208%22
200 OK 27 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1675449433343&_since=%221666204638208%22
IP
File type JSON data\012- , ASCII text, with very long lines (27294), with no line terminators
Hash 1e630048e362b77c6ad38fd0ea8e4288
15cdb480e906413a492e7269c43f64f0f8956ff6
a6071af1e1185a063481aca6541ad39a5b7f02d67a990e33f6f02c8782f98d53
GET /v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1675449433343&_since=%221666204638208%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Retry-After, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 27294
via: 1.1 google
date: Mon, 06 Feb 2023 00:01:08 GMT
age: 1632
last-modified: Fri, 03 Feb 2023 18:37:13 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: Gbt63jNQJCqSBBGQgo5IKI2/yXqgTjq5QfnmOzRyUyKAThvQi7XJv+xoU4cO1c9WiOTlfisIhJo=
x-amz-request-id: VX4CK6TN9YWMS717
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 05 Feb 2023 23:34:54 GMT
age: 3206
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 05 Feb 2023 23:33:59 GMT
content-type: application/json
age: 3261
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1070bda5398d0e4012c7ebe62828e6ee
e072659271bcce877688f7244e58cad847ce57f9
026369f2eac79a5506de6e2fa9879298ec7c63882cbff6a4cb49688783de9485
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "026369F2EAC79A5506DE6E2FA9879298EC7C63882CBFF6A4CB49688783DE9485"
Last-Modified: Sun, 05 Feb 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4169
Expires: Mon, 06 Feb 2023 01:37:49 GMT
Date: Mon, 06 Feb 2023 00:28:20 GMT
Connection: keep-alive
firefox-settings-attachments.cdn.mozilla.net/staging/addons-bloomfilters/8038652a-6557-460a-858c-84f19a5a0987.bin
200 OK 807 kB URL HTTP/2 firefox-settings-attachments.cdn.mozilla.net/staging/addons-bloomfilters/8038652a-6557-460a-858c-84f19a5a0987.bin
IP
Size 807 kB (807180 bytes)
Hash 914be443bdfbe8a1c3ded61e1c114bd6
4fe7c5ff83f6a29e6699f4cebc17550891504661
41b036d0c889509d547296b238027a063c313261ad52d5f7bb81922011791857
GET /staging/addons-bloomfilters/8038652a-6557-460a-858c-84f19a5a0987.bin HTTP/1.1
Host: firefox-settings-attachments.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: dguZsNlgt0E45bClSnS3eklmiykznZzPHsVWHNdaaMzEAaRGO4cZgbeZnkXLWgpuuMWxb90zRhY=
x-amz-request-id: 7YF2ZWT19PGFW512
x-amz-version-id: K1ODzappZsD35qeu0OM5zvs_BP1eybj7
accept-ranges: bytes
server: AmazonS3
content-length: 807180
via: 1.1 google
date: Sat, 04 Feb 2023 15:34:39 GMT
age: 118421
last-modified: Tue, 10 Jan 2023 12:38:46 GMT
etag: "914be443bdfbe8a1c3ded61e1c114bd6"
content-type: application/octet-stream
cache-control: public,max-age=604800
alt-svc: clear
X-Firefox-Spdy: h2
shavar.services.mozilla.com/downloads?client=Firefox&appver=96.0a&pver=2.2
200 OK 8 B URL HTTP/1.1 shavar.services.mozilla.com/downloads?client=Firefox&appver=96.0a&pver=2.2
IP
Hash 29fc57841962e407cb50c1be60284bf7
ce968a77e2996da5eee8925182318f171ccdce47
ae7e7075247dcfad763f1e131aeac3d2e756bb03d48b0d315a50c69636e5dc8b
POST /downloads?client=Firefox&appver=96.0a&pver=2.2 HTTP/1.1
Host: shavar.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 773
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/octet-stream
Date: Mon, 06 Feb 2023 00:28:20 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 8
Connection: Close
firefox.settings.services.mozilla.com/v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1675631138013&_since=%221662044085942%22
200 OK 5.3 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1675631138013&_since=%221662044085942%22
IP
File type JSON data\012- , ASCII text, with very long lines (5292), with no line terminators
Hash 69ea02f4bd722bc1dba315f6508bff04
8a38ddb4b244d88db76d399c1d1d4f0e83d2dcf0
729cb4ee47b66be659d748a3121de3fafe4918b74acff2c9a8a1dfc33c67373c
GET /v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1675631138013&_since=%221662044085942%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Retry-After, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 5292
via: 1.1 google
date: Mon, 06 Feb 2023 00:07:54 GMT
age: 1227
last-modified: Sun, 05 Feb 2023 21:05:38 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
d1w3v8ahdm9uzk.cloudfront.net/prod/api/v1/player/access/context
200 OK 370 B URL HTTP/2 d1w3v8ahdm9uzk.cloudfront.net/prod/api/v1/player/access/context
IP
File type JSON data\012- , ASCII text
Hash a9058bcafaa20f452059d17d71366809
36aafe52e527968827415e32b53af7d537ac2ff9
181dd6c8374efe4830ed13c69dc30510b272911f318ab3ca6e0f1d80f421ca15
GET /prod/api/v1/player/access/context HTTP/1.1
Host: d1w3v8ahdm9uzk.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ibet.com
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
content-length: 370
date: Mon, 06 Feb 2023 00:28:21 GMT
x-amzn-requestid: fb408dfa-fc8f-45d1-91dd-15cbc163e50e
access-control-allow-origin: *
x-amz-apigw-id: f5Bx0F6ujoEFlrw=
x-amzn-trace-id: Root=1-63e049a5-480a50446546403b22777531
x-cache: Miss from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: afATdhxOSddY8aI8z8HI0CX_yDy5iyra248jYjsSoamY3vTO3miYxA==
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/message-groups/changeset?_expected=1670425599656&_since=%221665698079854%22
200 OK 932 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/message-groups/changeset?_expected=1670425599656&_since=%221665698079854%22
IP
File type JSON data\012- , ASCII text, with very long lines (932), with no line terminators
Hash 22ad217b8542124e6c8821717559faf6
4330760a23c61ac654d088a592408e3b5c3b0bc5
a003887785e0e602be4c05929a584b7f3f1f79f27460e7eb35a4998663c5436b
GET /v1/buckets/main/collections/message-groups/changeset?_expected=1670425599656&_since=%221665698079854%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Retry-After, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 932
via: 1.1 google
date: Sun, 05 Feb 2023 23:41:18 GMT
age: 2823
last-modified: Sun, 05 Feb 2023 16:36:44 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
www.ibet.com/fonts/OpenSans-Bold.ttf
200 OK 104 kB URL HTTP/2 www.ibet.com/fonts/OpenSans-Bold.ttf
IP
File type TrueType Font data, 17 tables, 1st "GDEF", 13 names, Microsoft, language 0x409, Digitized data copyright \251 2010-2011, Google Corporation.Open SansBold1.10;1ASC;OpenSans-Bold\012- data
Size 104 kB (104120 bytes)
Hash 1025a6e0fb0fa86f17f57cc82a6b9756
1e3704ee48b5ff7e582488ead87b05249f14dc1c
f7916a37377e38527d4306303cfe89b653b49b0a6b0b05c6b7593f7ab0248da8
GET /fonts/OpenSans-Bold.ttf HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.ibet.com/no-NO/?aff=ZG0C9ZL7-e76LFaHCxTGxGNd7ZgqdRLk
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/font-sfnt
content-length: 104120
last-modified: Thu, 05 Jan 2023 16:20:42 GMT
accept-ranges: bytes
server: AmazonS3
date: Mon, 06 Feb 2023 00:28:22 GMT
etag: "1025a6e0fb0fa86f17f57cc82a6b9756"
x-cache: RefreshHit from cloudfront
via: 1.1 d84d4103926180da8f8abcb90515db0c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: 0M8vbST7yCPBPABPLYbH8IHmtFD0T08zPq6eSAioKjH5KV_aIxQW9w==
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22
200 OK 1.5 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22
IP
File type JSON data\012- , ASCII text, with very long lines (1505), with no line terminators
Hash 5fbaf2b7815ccde4e006732f60cf45c3
358f788e1494eb1777de83a84aa1e831c6189ec9
d95422b3bbfa32ed668a90e5db3f3dd703e46d69e169e82a1e014b64b6b2d703
GET /v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1505
via: 1.1 google
date: Mon, 06 Feb 2023 00:09:57 GMT
age: 1104
last-modified: Sat, 04 Feb 2023 16:36:45 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
detectportal.firefox.com/success.txt?ipv4
200 OK 8 B URL HTTP/1.1 detectportal.firefox.com/success.txt?ipv4
IP
Hash ae780585f49b94ce1444eb7d28906123
7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86
81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5
GET /success.txt?ipv4 HTTP/1.1
Host: detectportal.firefox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Length: 8
Via: 1.1 google
Date: Sun, 05 Feb 2023 08:14:39 GMT
Age: 58422
Content-Type: text/plain
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1675468864323&_since=%221666483264567%22
200 OK 52 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1675468864323&_since=%221666483264567%22
IP
File type JSON data\012- , ASCII text, with very long lines (52267), with no line terminators
Hash 06e189dc52881e7f5616b0214ff59542
16bd38b5d24dbc7fb6d44561cad597d6f555cf52
3b59d876391dc2db99e43edcffa3ed5a184468b0c937ef6293fc392ed7426df8
GET /v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1675468864323&_since=%221666483264567%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 52267
via: 1.1 google
date: Sun, 05 Feb 2023 23:27:53 GMT
age: 3628
last-modified: Sat, 04 Feb 2023 00:01:04 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1675459018632&_since=%221666279968541%22
200 OK 70 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1675459018632&_since=%221666279968541%22
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 8818fb009189a8f32c82de2c9dbef0ac
8da541bdc5aaa5ad5f9f8cd936f69c17d09e2063
796f325e35d855f4001ee15b3ba9f3a2d25fdaba26527e259a833ea1b33b6d11
GET /v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1675459018632&_since=%221666279968541%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 70181
via: 1.1 google
date: Sun, 05 Feb 2023 23:26:52 GMT
age: 3689
last-modified: Fri, 03 Feb 2023 21:16:58 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
www.ibet.com/favicon.ico
200 OK 104 kB IP
File type MS Windows icon resource - 6 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Size 104 kB (103505 bytes)
Hash c4ec29ec7a9b51ab3672ad4235022800
3b38d99e09a5935441eeb46a7ff6325ff253a243
852384ec427a20845c6be9329635438d03e9ce66712989c2b03a653b8c0169a3
GET /favicon.ico HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ibet.com/no-NO/?aff=ZG0C9ZL7-e76LFaHCxTGxGNd7ZgqdRLk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/vnd.microsoft.icon
content-length: 103505
last-modified: Thu, 05 Jan 2023 16:20:42 GMT
accept-ranges: bytes
server: AmazonS3
date: Mon, 06 Feb 2023 00:28:22 GMT
etag: "c4ec29ec7a9b51ab3672ad4235022800"
x-cache: RefreshHit from cloudfront
via: 1.1 d84d4103926180da8f8abcb90515db0c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: pGA6EO-Wl-7UetYIcbi4j-K1ETLUpfXPnk1nVUC2vt1o64tipTPHnQ==
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1674132577705&_since=%221657747510534%22
200 OK 2.1 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1674132577705&_since=%221657747510534%22
IP
File type JSON data\012- , ASCII text, with very long lines (2144), with no line terminators
Hash 5cfd74fcbede0ee061689b95c597b11b
75d870f627cdc06f4cb7fa47751ae56c740da850
c68708f43d2bf28e3d619542c6fd7ab408f034a7f87de731ed11356efc4453eb
GET /v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1674132577705&_since=%221657747510534%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 2144
via: 1.1 google
date: Mon, 06 Feb 2023 00:25:34 GMT
age: 167
last-modified: Thu, 02 Feb 2023 16:36:44 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/search-config/changeset?_expected=1675353179510&_since=%221661199949574%22
200 OK 22 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/search-config/changeset?_expected=1675353179510&_since=%221661199949574%22
IP
File type JSON data\012- , ASCII text, with very long lines (22471), with no line terminators
Hash 86e5267005f7001a7a7fb7f25d7e02b9
67ea12312364541e026dfd85800ce5f4280601c5
9c469d6cd61cb4f4e3f06e980f86f3ee16cb4ec776ed105998810bcabbe12969
GET /v1/buckets/main/collections/search-config/changeset?_expected=1675353179510&_since=%221661199949574%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 22471
via: 1.1 google
date: Mon, 06 Feb 2023 00:09:16 GMT
age: 1145
last-modified: Thu, 02 Feb 2023 15:52:59 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash a87d8a919b10bfacffe702c368b58e61
88182f1643f50c8ee613607ae7283d1cfdd78e5f
69c77a2be0351707b1eb6cc5a6fbf0bd4ecfb5c814c9b1cf8243daa36b36238e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 00:28:21 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 02 Feb 2023 16:56:15 GMT
Expires: Thu, 09 Feb 2023 16:56:14 GMT
Etag: "88182f1643f50c8ee613607ae7283d1cfdd78e5f"
Cache-Control: max-age=317872,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 794fc3e86a641c12-OSL
w9lc5y04.apicdn.sanity.io/v1/data/query/production/?query=%7B%20%20%20%20%0A%20%20%20%20%27languages%27%3A%20*%5B_type%20%3D%3D%20%22language%22%20%26%26%20%22NO%22%20in%20markets%5B%5D-%3Eid%5D%2C%0A%20%20%20%20%27markets%27%3A%20*%5B_type%20%3D%3D%20%22market%22%20%26%26%20!(_id%20in%20path(%27drafts.**%27))%5D%7Bid%7D%2C%0A%20%20%20%20%27texts%27%3A%20*%5B_type%20%3D%3D%20%22texts%22%20%26%26%20!(_id%20in%20path(%27drafts.**%27))%5D%7Bkey%2C%22value%22%3Ano%7D%2C%0A%20%20%7D
200 OK 28 kB URL HTTP/2 w9lc5y04.apicdn.sanity.io/v1/data/query/production/?query=%7B%20%20%20%20%0A%20%20%20%20%27languages%27%3A%20*%5B_type%20%3D%3D%20%22language%22%20%26%26%20%22NO%22%20in%20markets%5B%5D-%3Eid%5D%2C%0A%20%20%20%20%27markets%27%3A%20*%5B_type%20%3D%3D%20%22market%22%20%26%26%20!(_id%20in%20path(%27drafts.**%27))%5D%7Bid%7D%2C%0A%20%20%20%20%27texts%27%3A%20*%5B_type%20%3D%3D%20%22texts%22%20%26%26%20!(_id%20in%20path(%27drafts.**%27))%5D%7Bkey%2C%22value%22%3Ano%7D%2C%0A%20%20%7D
IP
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (65221), with no line terminators
Hash 6fc6e910f422f8fd683ba19784cbd0cd
d48a89f2823c9327308646a829cc6c037aa34d6c
a158a6f09dbf6ed53843064f21d8b91eeffe2dd40b7bd613187b648cb0952ef5
GET /v1/data/query/production/?query=%7B%20%20%20%20%0A%20%20%20%20%27languages%27%3A%20*%5B_type%20%3D%3D%20%22language%22%20%26%26%20%22NO%22%20in%20markets%5B%5D-%3Eid%5D%2C%0A%20%20%20%20%27markets%27%3A%20*%5B_type%20%3D%3D%20%22market%22%20%26%26%20!(_id%20in%20path(%27drafts.**%27))%5D%7Bid%7D%2C%0A%20%20%20%20%27texts%27%3A%20*%5B_type%20%3D%3D%20%22texts%22%20%26%26%20!(_id%20in%20path(%27drafts.**%27))%5D%7Bkey%2C%22value%22%3Ano%7D%2C%0A%20%20%7D HTTP/1.1
Host: w9lc5y04.apicdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ibet.com
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json; charset=utf-8
date: Mon, 06 Feb 2023 00:06:44 GMT
server-timing: api;dur=499
x-sanity-shard: gcp-eu-w1-01-prod-1013
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: https://www.ibet.com
access-control-expose-headers: Content-Type, Content-Length, ETag, X-Sanity-Deprecated, X-Sanity-Warning
access-control-max-age: 600
content-encoding: br
x-sanity-age: 1297
cache-control: public, max-age=60, s-maxage=60, stale-while-revalidate=15, stale-if-error=7200
vary: accept-encoding, origin
accept-ranges: bytes
content-length: 28130
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8586
Expires: Mon, 06 Feb 2023 02:51:27 GMT
Date: Mon, 06 Feb 2023 00:28:21 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8586
Expires: Mon, 06 Feb 2023 02:51:27 GMT
Date: Mon, 06 Feb 2023 00:28:21 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8586
Expires: Mon, 06 Feb 2023 02:51:27 GMT
Date: Mon, 06 Feb 2023 00:28:21 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8586
Expires: Mon, 06 Feb 2023 02:51:27 GMT
Date: Mon, 06 Feb 2023 00:28:21 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8586
Expires: Mon, 06 Feb 2023 02:51:27 GMT
Date: Mon, 06 Feb 2023 00:28:21 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7a9b5f68-fd45-4868-ba31-8118d000f7d9.jpeg
200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7a9b5f68-fd45-4868-ba31-8118d000f7d9.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ea463f7a06fe1403c18c8ce8781244a1
fbbe4b97e4b39983b36340030f6b40adc69cd485
93a12a85886512e3336d027c889a2276087976b1c9106356cc81596b88087042
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7a9b5f68-fd45-4868-ba31-8118d000f7d9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8971
x-amzn-requestid: b1baa973-5b7c-4daa-af2e-e9f0b3c6a604
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fzViwFG1IAMF4qg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63de02de-4a0c9cf45c1a20083bb838dc;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 07:01:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7EshPvVIwmQebOuznRkbCUTYaedh_e4PPsNWC2iyExQ942_leuLkSQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 07:31:09 GMT
age: 61032
etag: "fbbe4b97e4b39983b36340030f6b40adc69cd485"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda427d37-8d0b-44cf-ae98-f96ceaf21b52.jpeg
200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda427d37-8d0b-44cf-ae98-f96ceaf21b52.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d0c62c5956f36c9f1c5d2f17bc372d98
fca4d7140e4c391b02d734425ccc92acec568a70
eb1b743ede5ed223536358bd92a322ca5231267f4434be1eced98a0fe93b790d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda427d37-8d0b-44cf-ae98-f96ceaf21b52.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8929
x-amzn-requestid: ea29dd36-d05b-4824-ba18-78f868259f76
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiQEeTIAMFqGA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-7a6ade1c4501a81c0823ce10;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: O-QHP886Cczm6dsVDQVMR7SMSxgIhUSuEPAKJvzQTQtkj59Pg-z9QA==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 22:11:05 GMT
age: 8236
etag: "fca4d7140e4c391b02d734425ccc92acec568a70"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3288563a-8f6e-4597-833f-b5512e91e772.png
200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3288563a-8f6e-4597-833f-b5512e91e772.png
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a24cf7b2db6d65c3fe5daf78b3309ced
a3653a9a7baea412808dd91572ff21e1a505c26f
f55ee98bab5ce53d6acc1cac7f54f089b42d5f2ffbe750d869c4f4a7bc26f715
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3288563a-8f6e-4597-833f-b5512e91e772.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13230
x-amzn-requestid: 8171829a-cf6d-4c33-99a1-f3cef7cd4475
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiTH8GoAMFYLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-1597a0f06ef3db2534a101aa;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Nvfp0sEYw5bxnFHisq80WCXh6T-LdFlPqs95tyX2epjMfhM_hjUj0A==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:50:03 GMT
age: 9498
etag: "a3653a9a7baea412808dd91572ff21e1a505c26f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3694634-2f5a-47ff-b75c-9cb394881acc.jpeg
200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3694634-2f5a-47ff-b75c-9cb394881acc.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ccc8078cc937b7de0b299bcee1496f1b
395f04af71767acc9516387c8b07bde08968fdfe
cf959fc4a72d80dcab20c235bec6d21eadaab87efa7a8969744cd228628ba050
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3694634-2f5a-47ff-b75c-9cb394881acc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9808
x-amzn-requestid: 75cc8041-19f5-4994-96b6-b14d3c90ec6e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiSFZAIAMF65g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-355d272c345c8c37595b4bb2;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: T7YlRZ936VEDkBvo2YKrS3GbyEh1xzC8W-50KiODzFjTnQb-hvkKpw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 22:10:54 GMT
age: 8247
etag: "395f04af71767acc9516387c8b07bde08968fdfe"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F731dc7de-ce12-4639-9ceb-3218584c3d56.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F731dc7de-ce12-4639-9ceb-3218584c3d56.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9046d887fd45a0940e31a74173d17798
1ff698b9cf660165e846dfc4770f29852aedce45
0c7b0e1250aa7718b7b35b80a1442f62e94ace1fb578fb781ec8204ee96386d0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F731dc7de-ce12-4639-9ceb-3218584c3d56.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10514
x-amzn-requestid: ac2a383b-833d-4dae-9bd9-43dc3d9e373d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiPEIyoAMFqUw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-436bb6816b269ce45b9f8600;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RYNzle5-l5dOMPWb2Bmu_T5aIJw9NX2FKuJsej8hzpYZcgD6coH9SA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:50:09 GMT
age: 9492
etag: "1ff698b9cf660165e846dfc4770f29852aedce45"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd4c26323-ca84-49c2-9f28-1ea4944d5cd9.jpeg
200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd4c26323-ca84-49c2-9f28-1ea4944d5cd9.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 929818fabd5a6ee5200499ca445d121e
3951cfa614e0a8674b730c4850f6483e35f73f6a
9f56ead2f8c136f6d6906fbb8a0ee5e0fd879e8ed104512ed4edf3ba3ece6917
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd4c26323-ca84-49c2-9f28-1ea4944d5cd9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8481
x-amzn-requestid: 77c27205-9d32-42d4-b2c4-e5c3941bbe72
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4pcuG8VoAMFTaQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e022b7-76fae5a943c7a1d242f7a758;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:42:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RDlRiO7e6e283A5DEKRr8kz-S9t9vlt8bzxhc_sfN3R16BygeOovhA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 22:02:40 GMT
age: 8741
etag: "3951cfa614e0a8674b730c4850f6483e35f73f6a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/password-recipes/changeset?_expected=1674595048726&_since=%221642005109349%22
200 OK 1.7 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/password-recipes/changeset?_expected=1674595048726&_since=%221642005109349%22
IP
File type JSON data\012- , ASCII text, with very long lines (1742), with no line terminators
Hash 22092e301760ed865af6ece6eb04b1be
557b52e40ec2d8f2fe080580a1858c8666791bf2
12afba8f5929ab372e9cffbbe57e8bb562c60fc0a98b751c69de1adc04fb4aea
GET /v1/buckets/main/collections/password-recipes/changeset?_expected=1674595048726&_since=%221642005109349%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Retry-After, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1742
via: 1.1 google
date: Sun, 05 Feb 2023 23:29:34 GMT
age: 3527
last-modified: Wed, 01 Feb 2023 16:36:43 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/query-stripping/changeset?_expected=1667238122278&_since=%221656585893704%22
200 OK 1.7 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/query-stripping/changeset?_expected=1667238122278&_since=%221656585893704%22
IP
File type JSON data\012- , ASCII text, with very long lines (1719), with no line terminators
Hash 91fc66b0cc0a6a614095f1a64df0ae3b
36d83cd4aac353d81990df94ac1e5466483ab145
fee8713249b5cc35e5a4bb521c3a645c8b2a0c927c8384b99cf4f3a046e5d316
GET /v1/buckets/main/collections/query-stripping/changeset?_expected=1667238122278&_since=%221656585893704%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1719
via: 1.1 google
date: Mon, 06 Feb 2023 00:24:05 GMT
age: 256
last-modified: Tue, 31 Jan 2023 16:36:45 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/language-dictionaries/changeset?_expected=1673270322227&_since=%221569410800356%22
200 OK 1.3 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/language-dictionaries/changeset?_expected=1673270322227&_since=%221569410800356%22
IP
File type JSON data\012- , ASCII text, with very long lines (1250), with no line terminators
Hash 4b4dc2f2fa90e5157009acf4c7b1d589
ec64bb109dac848eafb80765cb510015c5d3ffd5
83ad9f7b27e6c7f20f257f0a3ff004ca69cfd0d4768222a51a655ac9ae139f6e
GET /v1/buckets/main/collections/language-dictionaries/changeset?_expected=1673270322227&_since=%221569410800356%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1250
via: 1.1 google
date: Sun, 05 Feb 2023 23:47:24 GMT
age: 2457
last-modified: Tue, 31 Jan 2023 16:36:44 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 472 B IP
Hash e0002087c53128a0ec00e18ccf327aa7
2dee3f4ae93e5956d2f7e8fba4c501fb183ab01e
5085057ebf15232eeadd9a39cd828eacf1ad20333f346f045fecc6a208dad3b6
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 00:28:21 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 03 Feb 2023 18:36:58 GMT
Expires: Fri, 10 Feb 2023 18:36:57 GMT
Etag: "2dee3f4ae93e5956d2f7e8fba4c501fb183ab01e"
Cache-Control: max-age=410315,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 794fc3eade4e1c0e-OSL
www.ibet.com/static/js/GoogleTagManager.be9a14e5.chunk.js
200 OK 5.8 kB URL HTTP/2 www.ibet.com/static/js/GoogleTagManager.be9a14e5.chunk.js
IP
File type ASCII text, with very long lines (5790), with no line terminators
Hash 205c5f208d88e6b99d785b986bf9b9b5
bbcaabff0472d6093e1d8865675d09ef152d1883
9b5a20b5c436c34dbca9108cb771204fb028d9abc59ec48639e0e7c6fb98dc59
GET /static/js/GoogleTagManager.be9a14e5.chunk.js HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ibet.com/no-NO/?aff=ZG0C9ZL7-e76LFaHCxTGxGNd7ZgqdRLk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 5790
last-modified: Thu, 05 Jan 2023 16:20:43 GMT
accept-ranges: bytes
server: AmazonS3
date: Mon, 06 Feb 2023 00:28:22 GMT
etag: "205c5f208d88e6b99d785b986bf9b9b5"
x-cache: RefreshHit from cloudfront
via: 1.1 d84d4103926180da8f8abcb90515db0c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: zVvqRW0TVdJhe5VQK05F9OpTskER7YsHWIQxqv3-DF926952-VxexQ==
X-Firefox-Spdy: h2
www.ibet.com/static/js/MaxAttemptsModal.7e3eba41.chunk.js
200 OK 1.5 kB URL HTTP/2 www.ibet.com/static/js/MaxAttemptsModal.7e3eba41.chunk.js
IP
File type ASCII text, with very long lines (1454), with no line terminators
Hash 015bc9d0ac6756e7c694c12c14a0fada
7847d25c07d3a55f865c3601ce1721fac73739bd
bf8c832128595cb321b74ae7a26cb45e11003d5bfb09c9223f497e5c290b3674
GET /static/js/MaxAttemptsModal.7e3eba41.chunk.js HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ibet.com/no-NO/?aff=ZG0C9ZL7-e76LFaHCxTGxGNd7ZgqdRLk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 1454
last-modified: Thu, 05 Jan 2023 16:20:43 GMT
accept-ranges: bytes
server: AmazonS3
date: Mon, 06 Feb 2023 00:28:22 GMT
etag: "015bc9d0ac6756e7c694c12c14a0fada"
x-cache: RefreshHit from cloudfront
via: 1.1 d84d4103926180da8f8abcb90515db0c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: HSuvbrkKvYsXkKCSMccUk0fLwg_a4JP7ejzLIEoe1d_DFDFVIpuCpQ==
X-Firefox-Spdy: h2
www.ibet.com/static/js/AffiliateId.c0b02e79.chunk.js
200 OK 382 B URL HTTP/2 www.ibet.com/static/js/AffiliateId.c0b02e79.chunk.js
IP
File type ASCII text, with very long lines (382), with no line terminators
Hash 8f61d14714cab76e1f57265976a2d0d4
fc0ccb9f3daa1a095f97e392cc4eab43f2d0f3e6
ee321134757f62b7fe82ceb10413d3e10edfce8ee05aabcf353271a9e261d448
GET /static/js/AffiliateId.c0b02e79.chunk.js HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ibet.com/no-NO/?aff=ZG0C9ZL7-e76LFaHCxTGxGNd7ZgqdRLk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 382
last-modified: Thu, 05 Jan 2023 16:20:43 GMT
accept-ranges: bytes
server: AmazonS3
date: Mon, 06 Feb 2023 00:28:22 GMT
etag: "8f61d14714cab76e1f57265976a2d0d4"
x-cache: RefreshHit from cloudfront
via: 1.1 d84d4103926180da8f8abcb90515db0c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: WDq-zBkpyiCzi7sT8h_39Y_vHr4TuAKNuIAvJS5duyrwwFiJcZtAEA==
X-Firefox-Spdy: h2
www.ibet.com/static/js/60.5575fe00.chunk.js
200 OK 68 kB URL HTTP/2 www.ibet.com/static/js/60.5575fe00.chunk.js
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 84ce6a1c5443e84e5145682a532c0853
79a2956259110219696e8fa3bda49053421bf333
b395d31a8ee1907d8ea891b22c73d8a584c19fdd42191900cf6b1ed09fbd07db
GET /static/js/60.5575fe00.chunk.js HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ibet.com/no-NO/?aff=ZG0C9ZL7-e76LFaHCxTGxGNd7ZgqdRLk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 67663
last-modified: Thu, 05 Jan 2023 16:20:43 GMT
accept-ranges: bytes
server: AmazonS3
date: Mon, 06 Feb 2023 00:28:22 GMT
etag: "84ce6a1c5443e84e5145682a532c0853"
x-cache: RefreshHit from cloudfront
via: 1.1 d84d4103926180da8f8abcb90515db0c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: Gj3k3jBdZ233Tb5jkEF2D6WwO8pAOHTaD7FcIWDW9-0zS8m88Z6C7g==
X-Firefox-Spdy: h2
www.ibet.com/static/js/ToastNotification.cf6c1eb6.chunk.js
200 OK 2.7 kB URL HTTP/2 www.ibet.com/static/js/ToastNotification.cf6c1eb6.chunk.js
IP
File type ASCII text, with very long lines (2714), with no line terminators
Hash ba1d06cb70d2b2c64cac8094c3d8f2d3
776fe2616d23ec011ac634180d09d853f0811103
68f0be364f0b4b6305a59a2f5f16225773cd59a4457ec318fe364b2cb44707c3
GET /static/js/ToastNotification.cf6c1eb6.chunk.js HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ibet.com/no-NO/?aff=ZG0C9ZL7-e76LFaHCxTGxGNd7ZgqdRLk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 2714
last-modified: Thu, 05 Jan 2023 16:20:43 GMT
accept-ranges: bytes
server: AmazonS3
date: Mon, 06 Feb 2023 00:28:22 GMT
etag: "ba1d06cb70d2b2c64cac8094c3d8f2d3"
x-cache: RefreshHit from cloudfront
via: 1.1 d84d4103926180da8f8abcb90515db0c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: xC-zzDUmf_WavNy5njcWcn5hlxXbFv12rBQmg5WeBIQnassjDxSP7w==
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258
200 OK 682 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258
IP
File type JSON data\012- , ASCII text, with very long lines (682), with no line terminators
Hash ee3b2ca8193a47eb1c2f1628b80b953f
6b53021c8663e3a0f874c5f030902a78c3ef1b9d
2cc501aa09d747a9b69b88c92f896650b9c9f5c32dae8b2315ab61c63d9a4ccc
GET /v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 682
via: 1.1 google
date: Sun, 05 Feb 2023 23:39:57 GMT
age: 2904
last-modified: Sun, 29 Jan 2023 16:36:52 GMT
etag: "1675010212483"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
www.ibet.com/static/js/ScrollToTopOnRouteChange.f0af955f.chunk.js
200 OK 279 B URL HTTP/2 www.ibet.com/static/js/ScrollToTopOnRouteChange.f0af955f.chunk.js
IP
File type ASCII text, with no line terminators
Hash 057be0c51a8d595af5f093393d82b68b
9101c6bbc32f67e1a611e63d32366307ce5d98fb
a3fe499aab0e0ecb2d142ef4487e67d78b9fd8b4d3ee516946250ebf6cb5f231
GET /static/js/ScrollToTopOnRouteChange.f0af955f.chunk.js HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ibet.com/no-NO/?aff=ZG0C9ZL7-e76LFaHCxTGxGNd7ZgqdRLk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 279
last-modified: Thu, 05 Jan 2023 16:20:43 GMT
accept-ranges: bytes
server: AmazonS3
date: Mon, 06 Feb 2023 00:28:22 GMT
etag: "057be0c51a8d595af5f093393d82b68b"
x-cache: RefreshHit from cloudfront
via: 1.1 d84d4103926180da8f8abcb90515db0c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: -tT0KiGGFL4oIhZLI-I47Zu72DYdHbX7Z92PPezHnB8OGfc66ihWJw==
X-Firefox-Spdy: h2
www.ibet.com/static/js/5.4dcf6ecd.chunk.js
200 OK 9.2 kB URL HTTP/2 www.ibet.com/static/js/5.4dcf6ecd.chunk.js
IP
File type ASCII text, with very long lines (9240), with no line terminators
Hash 82f5caf259cf6a1c1bbfceabd6b50013
3e711f24aed1b4cb3657b86ac2d79391e53f0ed0
8aa44f40ea43d09a4575ac9099eaefa9b497c88b3bf912cc6d89a21b61591c86
GET /static/js/5.4dcf6ecd.chunk.js HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ibet.com/no-NO/?aff=ZG0C9ZL7-e76LFaHCxTGxGNd7ZgqdRLk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 9240
last-modified: Thu, 05 Jan 2023 16:20:43 GMT
accept-ranges: bytes
server: AmazonS3
date: Mon, 06 Feb 2023 00:28:22 GMT
etag: "82f5caf259cf6a1c1bbfceabd6b50013"
x-cache: RefreshHit from cloudfront
via: 1.1 d84d4103926180da8f8abcb90515db0c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: JXvztIqeL1hClbMVvG6wmCto1eVBR72EDkDYlYBgeLSK81IOI53lQQ==
X-Firefox-Spdy: h2
www.ibet.com/static/js/FEReload.588ab5c8.chunk.js
200 OK 1.5 kB URL HTTP/2 www.ibet.com/static/js/FEReload.588ab5c8.chunk.js
IP
File type ASCII text, with very long lines (1469), with no line terminators
Hash d1e7e43f0c2e7eae5e38b92128c06205
35773de13762b35d1c9d56bc2b4bbbce020d31c9
aeac9660e902c52d04829718c580fb5098799f5d61e311c4d0db726477cbd283
GET /static/js/FEReload.588ab5c8.chunk.js HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ibet.com/no-NO/?aff=ZG0C9ZL7-e76LFaHCxTGxGNd7ZgqdRLk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 1469
last-modified: Thu, 05 Jan 2023 16:20:43 GMT
accept-ranges: bytes
server: AmazonS3
date: Mon, 06 Feb 2023 00:28:22 GMT
etag: "d1e7e43f0c2e7eae5e38b92128c06205"
x-cache: RefreshHit from cloudfront
via: 1.1 d84d4103926180da8f8abcb90515db0c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: FjRvYHKvV-V3COwU-6QZ3308GC8xNXuEYGCth_1dCrJI4MpcBy6bQw==
X-Firefox-Spdy: h2
www.ibet.com/static/js/SiteFooter.c577284c.chunk.js
200 OK 61 kB URL HTTP/2 www.ibet.com/static/js/SiteFooter.c577284c.chunk.js
IP
File type ASCII text, with very long lines (60710), with no line terminators
Hash 7950bcbb5fb522eb1b565b149c5a2a5c
91ef126927a316da5385265373e723ba78c62cb2
f2bdbbe5c2bd6a5f39f52476b077ee0f4130eb6915ff2572245d031920f4d2cb
GET /static/js/SiteFooter.c577284c.chunk.js HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ibet.com/no-NO/?aff=ZG0C9ZL7-e76LFaHCxTGxGNd7ZgqdRLk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 60710
last-modified: Thu, 05 Jan 2023 16:20:43 GMT
accept-ranges: bytes
server: AmazonS3
date: Mon, 06 Feb 2023 00:28:22 GMT
etag: "7950bcbb5fb522eb1b565b149c5a2a5c"
x-cache: RefreshHit from cloudfront
via: 1.1 d84d4103926180da8f8abcb90515db0c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: haT13SyhqROspctPV_lahcyrnTve4Jh4TgJ-CcfIZHGTyee8gxOd9Q==
X-Firefox-Spdy: h2
salesiq.zoho.eu/widget
200 35 kB IP
ASN #205111 ZOHO Corporation B.V
File type ASCII text, with very long lines (65536), with no line terminators
Hash d6cb12ff1db84e3523b349971061219f
5ba3e28a6dfca16b92a20c27072650e7008f39f1
6624036f26858c56846bbcf4c5cc5c8b52f08106e3ae5fab8b2cc5e95acc20f1
GET /widget HTTP/1.1
Host: salesiq.zoho.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Server: ZGS
Date: Mon, 06 Feb 2023 00:28:21 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: b3e783bb62=d7d6152db3ede6c913254c5c940f5ed5; Path=/
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate
Pragma:
Expires: Mon, 06 Feb 2023 00:33:21 GMT
ETag: W/40dec934df8e25d85c9fc774974ff1a84072f929315c3b2c78f1b2ede3629833
vary: accept-encoding
Content-Encoding: gzip
Strict-Transport-Security: max-age=63072000
ocsp.sectigo.com/
200 OK 471 B IP
Hash a87d8a919b10bfacffe702c368b58e61
88182f1643f50c8ee613607ae7283d1cfdd78e5f
69c77a2be0351707b1eb6cc5a6fbf0bd4ecfb5c814c9b1cf8243daa36b36238e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 00:28:21 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 02 Feb 2023 16:56:15 GMT
Expires: Thu, 09 Feb 2023 16:56:14 GMT
Etag: "88182f1643f50c8ee613607ae7283d1cfdd78e5f"
Cache-Control: max-age=317872,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 794fc3ea5b481c12-OSL
www.ibet.com/static/js/AppRoutes.50c58bf0.chunk.js
200 OK 12 kB URL HTTP/2 www.ibet.com/static/js/AppRoutes.50c58bf0.chunk.js
IP
File type ASCII text, with very long lines (11849), with no line terminators
Hash ef56513927c442d468ffcc1ceee2cc9a
e5611447dceea9a54b03279caefadb44e83244d3
17f238d5c1ef5955f5ed2b22fe639016018110d530e002d0e09ab0947debb335
GET /static/js/AppRoutes.50c58bf0.chunk.js HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ibet.com/no-NO/?aff=ZG0C9ZL7-e76LFaHCxTGxGNd7ZgqdRLk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 11849
last-modified: Thu, 05 Jan 2023 16:20:43 GMT
accept-ranges: bytes
server: AmazonS3
date: Mon, 06 Feb 2023 00:28:22 GMT
etag: "ef56513927c442d468ffcc1ceee2cc9a"
x-cache: RefreshHit from cloudfront
via: 1.1 d84d4103926180da8f8abcb90515db0c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: FOjLBwcrWTjTrOZQou2UuqYC_aaVMkeUX8Fw0E7d-WleH-HZeGWt7w==
X-Firefox-Spdy: h2
www.ibet.com/js/iovation/loader.js
200 OK 3.7 kB URL HTTP/2 www.ibet.com/js/iovation/loader.js
IP
File type ASCII text, with very long lines (566)
Hash 345143e355b88a10dd5e7e47b83f2348
d53b59af90bba7818c705ad9cc3ef813a44bf9b0
834949bd4e4b0149dc8655578cfab9ef4e66af0989de0ded9d9e4cd0da97fd06
GET /js/iovation/loader.js HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ibet.com/no-NO/?aff=ZG0C9ZL7-e76LFaHCxTGxGNd7ZgqdRLk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 3655
last-modified: Thu, 05 Jan 2023 16:20:42 GMT
accept-ranges: bytes
server: AmazonS3
date: Mon, 06 Feb 2023 00:28:22 GMT
etag: "345143e355b88a10dd5e7e47b83f2348"
x-cache: RefreshHit from cloudfront
via: 1.1 d84d4103926180da8f8abcb90515db0c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: jD0OSQTO_pjXramhf88ZJKImXoRGHYgoizYbw_ReaNo7R9rtaRv_-w==
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: CjKAUqwT7jMFBUkradiBUVpp+H6GOc1zm0tCVDWvfIqG2Z9zouu3pnIVb5snPt/S4i5SgedAtsQ=
x-amz-request-id: PF49K5X3G39AY64F
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 06 Feb 2023 00:24:43 GMT
age: 218
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 9206c3ba6d5a17d62244c438fd03496e
069e8257aebe618953434b1299d065540125a512
937d395fed398e9410f75945e80f607f3146458b48cd47ba7249536ca2195817
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 00:28:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-PCVT5ZK
200 OK 74 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-PCVT5ZK
IP
File type Unicode text, UTF-8 text, with very long lines (27763)
Hash 7a01787577b3ebef08d2b43b5b56c051
fe88b8b969f433be0931a85ec92dd30e3d1d8916
4cefa75656a0e0e5f67d70fb3dfc47edb6c739c484274f6b2402c21eb4d80694
GET /gtm.js?id=GTM-PCVT5ZK HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 06 Feb 2023 00:28:21 GMT
expires: Mon, 06 Feb 2023 00:28:21 GMT
cache-control: private, max-age=900
last-modified: Mon, 06 Feb 2023 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 73968
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.ibet.com/static/media/ibet-logo-red.6daec8ec.svg
200 OK 3.4 kB URL HTTP/2 www.ibet.com/static/media/ibet-logo-red.6daec8ec.svg
IP
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2861)
Hash 6daec8ec3cf491542936b5840240e511
7570d251da8522b314c1adffe9ce8be30120738c
9436edb0bd4d0b11e27997468fed995d01fd87d7b1e89d93f930064c4a21a901
GET /static/media/ibet-logo-red.6daec8ec.svg HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ibet.com/no-NO/?aff=ZG0C9ZL7-e76LFaHCxTGxGNd7ZgqdRLk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 3445
last-modified: Thu, 05 Jan 2023 16:20:43 GMT
accept-ranges: bytes
server: AmazonS3
date: Mon, 06 Feb 2023 00:28:22 GMT
etag: "6daec8ec3cf491542936b5840240e511"
x-cache: RefreshHit from cloudfront
via: 1.1 d84d4103926180da8f8abcb90515db0c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: ISkgTyQ211GELVDE8OlKhovNSlqJhUJVhRpi5C-ZOsKD1YSbcTgxHA==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 9206c3ba6d5a17d62244c438fd03496e
069e8257aebe618953434b1299d065540125a512
937d395fed398e9410f75945e80f607f3146458b48cd47ba7249536ca2195817
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 00:28:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.ibet.com/asset-manifest.json?rand=13956
200 OK 14 kB URL HTTP/2 www.ibet.com/asset-manifest.json?rand=13956
IP
File type JSON data\012- , ASCII text
Hash c183387f74c3bf921d0470bc8128b64f
8c8db45022aa9cfcf02311a2fe7473291b23fd82
82e95849c862d5f880c371dd360bf9539a1ee1a71fdadd4cd243e46b0158ad37
GET /asset-manifest.json?rand=13956 HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ibet.com/no-NO/?aff=ZG0C9ZL7-e76LFaHCxTGxGNd7ZgqdRLk
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/json
content-length: 13926
last-modified: Thu, 05 Jan 2023 16:20:42 GMT
accept-ranges: bytes
server: AmazonS3
date: Mon, 06 Feb 2023 00:28:22 GMT
etag: "c183387f74c3bf921d0470bc8128b64f"
x-cache: RefreshHit from cloudfront
via: 1.1 d84d4103926180da8f8abcb90515db0c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: Oox0lMSwSRvUu4Ha0YuaEPtk34279CijMaVtum1KBYMgfGuoA8L9Ew==
X-Firefox-Spdy: h2
www.ibet.com/static/css/Home.c7d5bb57.chunk.css
200 OK 63 B URL HTTP/2 www.ibet.com/static/css/Home.c7d5bb57.chunk.css
IP
File type ASCII text, with no line terminators
Hash 813b17a6690bbfb32d877fbda442ef4c
c7f56f22b32af8454a849639dea6745008535859
7e4269e3372452b4d9a3ab8c989d084c3fa9fd43c963f558637a1ffdf7d25f88
GET /static/css/Home.c7d5bb57.chunk.css HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ibet.com/no-NO/?aff=ZG0C9ZL7-e76LFaHCxTGxGNd7ZgqdRLk
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 63
last-modified: Thu, 05 Jan 2023 16:20:42 GMT
accept-ranges: bytes
server: AmazonS3
date: Mon, 06 Feb 2023 00:28:22 GMT
etag: "813b17a6690bbfb32d877fbda442ef4c"
x-cache: RefreshHit from cloudfront
via: 1.1 d84d4103926180da8f8abcb90515db0c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: 7NufNmh_BwzlT9SgTFzaGMvvN0V2-3BuwqfmLB9JkKlYr06u4mZoWg==
X-Firefox-Spdy: h2
w9lc5y04.apicdn.sanity.io/v1/data/query/production/?query=*%5B_type%20%3D%3D%20%22market%22%20%26%26%20active%5D%7B%27flagUrl%27%3A%20flag.asset-%3Eurl%2C%20...%7D
200 OK 1.3 kB URL HTTP/2 w9lc5y04.apicdn.sanity.io/v1/data/query/production/?query=*%5B_type%20%3D%3D%20%22market%22%20%26%26%20active%5D%7B%27flagUrl%27%3A%20flag.asset-%3Eurl%2C%20...%7D
IP
File type JSON data\012- , ASCII text, with very long lines (5109), with no line terminators
Hash 732f62d7e7186a455ec96a0dfc069692
3a5e374b250121558c395f5fa76c1ff5aade758a
61832b8c8bde156509f9125f9a2f81a1839178e516c503f5c68bce0e5644d0be
GET /v1/data/query/production/?query=*%5B_type%20%3D%3D%20%22market%22%20%26%26%20active%5D%7B%27flagUrl%27%3A%20flag.asset-%3Eurl%2C%20...%7D HTTP/1.1
Host: w9lc5y04.apicdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ibet.com
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=utf-8
date: Mon, 06 Feb 2023 00:04:33 GMT
server-timing: api;dur=16
x-sanity-shard: gcp-eu-w1-01-prod-1013
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: https://www.ibet.com
access-control-expose-headers: Content-Type, Content-Length, ETag, X-Sanity-Deprecated, X-Sanity-Warning
access-control-max-age: 600
content-encoding: br
x-sanity-age: 1428
cache-control: public, max-age=60, s-maxage=60, stale-while-revalidate=15, stale-if-error=7200
vary: accept-encoding, origin
accept-ranges: bytes
content-length: 1284
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
w9lc5y04.apicdn.sanity.io/v1/data/query/production/?query=%0A%20%20%20%20%20%20*%5B_type%20%3D%3D%20%27paymentMethod%27%20%26%26%20markets%5B%5D-%3Eid%20match%20%22NO%22%5D%20%7C%20order(_createdAt%20desc)%20%0A%20%20%20%20%20%20%0A%7B%0A%20%20name%2C%0A%20%20%22image%22%3Aimage.asset-%3Eurl%2C%0A%20%20altTag%0A%7D%0A%0A%20%20%20%20
200 OK 661 B URL HTTP/2 w9lc5y04.apicdn.sanity.io/v1/data/query/production/?query=%0A%20%20%20%20%20%20*%5B_type%20%3D%3D%20%27paymentMethod%27%20%26%26%20markets%5B%5D-%3Eid%20match%20%22NO%22%5D%20%7C%20order(_createdAt%20desc)%20%0A%20%20%20%20%20%20%0A%7B%0A%20%20name%2C%0A%20%20%22image%22%3Aimage.asset-%3Eurl%2C%0A%20%20altTag%0A%7D%0A%0A%20%20%20%20
IP
File type JSON data\012- , ASCII text, with very long lines (1673), with no line terminators
Hash 03db91d97560707137d637e4b7309fd8
7e8ad0271d41850e080e8e1e8e9fe7a01db28ea9
b515397f47a3454ec70f8b2775b66d59ea2d06969754135ecc04498e8fa43c61
GET /v1/data/query/production/?query=%0A%20%20%20%20%20%20*%5B_type%20%3D%3D%20%27paymentMethod%27%20%26%26%20markets%5B%5D-%3Eid%20match%20%22NO%22%5D%20%7C%20order(_createdAt%20desc)%20%0A%20%20%20%20%20%20%0A%7B%0A%20%20name%2C%0A%20%20%22image%22%3Aimage.asset-%3Eurl%2C%0A%20%20altTag%0A%7D%0A%0A%20%20%20%20 HTTP/1.1
Host: w9lc5y04.apicdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ibet.com
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=utf-8
date: Mon, 06 Feb 2023 00:06:52 GMT
server-timing: api;dur=23
x-sanity-shard: gcp-eu-w1-01-prod-1013
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: https://www.ibet.com
access-control-expose-headers: Content-Type, Content-Length, ETag, X-Sanity-Deprecated, X-Sanity-Warning
access-control-max-age: 600
content-encoding: br
x-sanity-age: 1289
cache-control: public, max-age=60, s-maxage=60, stale-while-revalidate=15, stale-if-error=7200
vary: accept-encoding, origin
accept-ranges: bytes
content-length: 661
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.ibet.com/static/js/FooterImageContainer.0bd48991.chunk.js
200 OK 673 B URL HTTP/2 www.ibet.com/static/js/FooterImageContainer.0bd48991.chunk.js
IP
File type ASCII text, with very long lines (673), with no line terminators
Hash 007a27a39ed59ad8c742a6290d085cae
90cf703ba626fb71329f0d8a21dc0147c955906f
56d2505682228db27598098f9aa19526f3291d1121df94e765922b750fbcbd41
GET /static/js/FooterImageContainer.0bd48991.chunk.js HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ibet.com/no-NO/?aff=ZG0C9ZL7-e76LFaHCxTGxGNd7ZgqdRLk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 673
last-modified: Thu, 05 Jan 2023 16:20:43 GMT
accept-ranges: bytes
server: AmazonS3
date: Mon, 06 Feb 2023 00:28:23 GMT
etag: "007a27a39ed59ad8c742a6290d085cae"
x-cache: RefreshHit from cloudfront
via: 1.1 d84d4103926180da8f8abcb90515db0c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: MpoyNa-9iUaulfRH0lB5Tzg8xI5klf-_tHUDo4Vrm82iMTdbiNii5A==
X-Firefox-Spdy: h2
www.ibet.com/static/js/MenuIcon.d2e33758.chunk.js
200 OK 81 kB URL HTTP/2 www.ibet.com/static/js/MenuIcon.d2e33758.chunk.js
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash e38a7661715a8dc6e232107d769c4b40
2556cb8f1d7405782b1707bcbc531e26ac60e63d
dee2dac553c443e4dced293ed749200a8f4c7e28750d48360b4a9f5e30c08c71
GET /static/js/MenuIcon.d2e33758.chunk.js HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ibet.com/no-NO/?aff=ZG0C9ZL7-e76LFaHCxTGxGNd7ZgqdRLk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 81074
last-modified: Thu, 05 Jan 2023 16:20:43 GMT
accept-ranges: bytes
server: AmazonS3
date: Mon, 06 Feb 2023 00:28:23 GMT
etag: "e38a7661715a8dc6e232107d769c4b40"
x-cache: RefreshHit from cloudfront
via: 1.1 d84d4103926180da8f8abcb90515db0c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: NptjOAM9qcbcAMkK3Bbu2zz0C2v3eP4XqD_vSWKnB7lfpWWs_YPpiQ==
X-Firefox-Spdy: h2
www.ibet.com/static/js/58.5a328239.chunk.js
200 OK 64 kB URL HTTP/2 www.ibet.com/static/js/58.5a328239.chunk.js
IP
File type ASCII text, with very long lines (64231), with no line terminators
Hash e6f104c1fb10b3cbd61573a1131ffec5
20f0624cdfa9d527e81a02028b69c03c76f49a46
352d7cc76556ff8d3f1a5552ec21919a1b8a70b62d5990b37b4f56f1c98bf5bc
GET /static/js/58.5a328239.chunk.js HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ibet.com/no-NO/?aff=ZG0C9ZL7-e76LFaHCxTGxGNd7ZgqdRLk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 64231
last-modified: Thu, 05 Jan 2023 16:20:43 GMT
accept-ranges: bytes
server: AmazonS3
date: Mon, 06 Feb 2023 00:28:23 GMT
etag: "e6f104c1fb10b3cbd61573a1131ffec5"
x-cache: RefreshHit from cloudfront
via: 1.1 d84d4103926180da8f8abcb90515db0c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: MLsh6wJS4GmBvX7NnJiJRK3lj-4XffISgrJp6PeB2KtYQ2SsAUvvJA==
X-Firefox-Spdy: h2
www.ibet.com/static/js/SiteHeader.c48a74c4.chunk.js
200 OK 69 kB URL HTTP/2 www.ibet.com/static/js/SiteHeader.c48a74c4.chunk.js
IP
File type gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)\012- data
Hash 0c324f1c8165e0699470679c1cf4e277
a50cffcb5645ac368012ade847a9abcc0dc4f1f8
c675c332eda0441a5e5c22c475aefc7b3494c3ff1691bf93d2e0244eef8999ae
GET /static/js/SiteHeader.c48a74c4.chunk.js HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ibet.com/no-NO/?aff=ZG0C9ZL7-e76LFaHCxTGxGNd7ZgqdRLk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 126322
last-modified: Thu, 05 Jan 2023 16:20:43 GMT
accept-ranges: bytes
server: AmazonS3
date: Mon, 06 Feb 2023 00:28:22 GMT
etag: "ce51f792d443e430e0d602dfeac29434"
x-cache: RefreshHit from cloudfront
via: 1.1 d84d4103926180da8f8abcb90515db0c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: e79pxOkufZPbUNoA5chfgL3LWkI1coaa2dfZdxyKOHOFGo2nAbc0CA==
X-Firefox-Spdy: h2
salesiq.zoho.eu/visitor/v2/channels/website?widgetcode=429c68585fd2941a35c4c0726de2afe5f3c8164b72b4840747ca2e980e0011f9&internal_channel_req=true&language_api=true&browser_language=en¤t_domain=https%3A%2F%2Fibet.com&pagetitle=iBet.com&include_fields=avuid
200 8.9 kB URL HTTP/1.1 salesiq.zoho.eu/visitor/v2/channels/website?widgetcode=429c68585fd2941a35c4c0726de2afe5f3c8164b72b4840747ca2e980e0011f9&internal_channel_req=true&language_api=true&browser_language=en¤t_domain=https%3A%2F%2Fibet.com&pagetitle=iBet.com&include_fields=avuid
IP
ASN #205111 ZOHO Corporation B.V
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (22614), with no line terminators
Hash f37cee1540b47d311c91697fa14f6a17
04e3a14131d40e5e1b6c43f0ec992cd4f531b013
ac5502a7950ec98b40e797e3442c4f20b7498fafbd1d92445aa2df09305f3a5f
GET /visitor/v2/channels/website?widgetcode=429c68585fd2941a35c4c0726de2afe5f3c8164b72b4840747ca2e980e0011f9&internal_channel_req=true&language_api=true&browser_language=en¤t_domain=https%3A%2F%2Fibet.com&pagetitle=iBet.com&include_fields=avuid HTTP/1.1
Host: salesiq.zoho.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ibet.com
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Server: ZGS
Date: Mon, 06 Feb 2023 00:28:22 GMT
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Content-Type-Options: nosniff
Encoding: UTF-8
X-XSS-Protection: 1
Set-Cookie: b3e783bb62=3b25613755bedb7ecf913eeaa36b4a8c; Path=/
LS_CSRF_TOKEN=5a46b783-efc6-44df-af54-345136430f18;path=/;SameSite=None;Secure;priority=high
_zcsr_tmp=5a46b783-efc6-44df-af54-345136430f18;path=/;SameSite=Strict;Secure;priority=high
uesign=dd07f05935ff776f8ebac230f1342a12541cd100d72927b1d3c9f13a2ab2881061fd18800006880c1663c5b93cabbf10;Max-Age=2592000;Path=/;Secure;SameSite=None;priority=high
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Headers: Content-Type,x-siq-internal-channel
Access-Control-Allow-Origin: https://www.ibet.com
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: true
Cache-Control: no-cache
Content-Language: en-US
Strict-Transport-Security: max-age=63072000
Content-Encoding: gzip
ocsp.sectigo.com/
200 OK 472 B IP
Hash b53b22fb999e186eebe72073aa62af32
310130edaa8d9e272cd3077e046330041f6af65f
8aba19386e013e82e03bde36039cb8b8f6aa97edee3fcdd41b4d21d152762518
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 00:28:22 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 04 Feb 2023 13:59:51 GMT
Expires: Sat, 11 Feb 2023 13:59:50 GMT
Etag: "310130edaa8d9e272cd3077e046330041f6af65f"
Cache-Control: max-age=480087,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 794fc3ee78551c0e-OSL
ocsp.sectigo.com/
200 OK 472 B IP
Hash b53b22fb999e186eebe72073aa62af32
310130edaa8d9e272cd3077e046330041f6af65f
8aba19386e013e82e03bde36039cb8b8f6aa97edee3fcdd41b4d21d152762518
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 00:28:22 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 04 Feb 2023 13:59:51 GMT
Expires: Sat, 11 Feb 2023 13:59:50 GMT
Etag: "310130edaa8d9e272cd3077e046330041f6af65f"
Cache-Control: max-age=480087,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 794fc3ee8c771bfa-OSL
cdn.sanity.io/images/w9lc5y04/production/55d86f60b146584dbf41fcd8444f32cad91ce0ae-270x93.png
200 OK 1.8 kB URL HTTP/2 cdn.sanity.io/images/w9lc5y04/production/55d86f60b146584dbf41fcd8444f32cad91ce0ae-270x93.png
IP
File type PNG image data, 270 x 93, 8-bit colormap, non-interlaced\012- data
Hash e4b9e11554e481b113004a5fa1bcd3ca
55d86f60b146584dbf41fcd8444f32cad91ce0ae
5bff602b52530e6bf9e7328c551a062ffb4153b63b1a22a3e2701270b24cf694
GET /images/w9lc5y04/production/55d86f60b146584dbf41fcd8444f32cad91ce0ae-270x93.png HTTP/1.1
Host: cdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 1819
x-b3-traceid: 4f2c7923042f4a15de3ccccb57ff05fb
x-b3-parentspanid: 20c326142bb8c893
x-b3-spanid: 84a4db3681fb78df
x-b3-sampled: 0
vary: origin
x-sanity-asset-storage: gcs-default
content-security-policy: script-src 'none'
x-content-type-options: nosniff
xkey: project-w9lc5y04-production
x-varnish-age: 0
accept-ranges: bytes
via: 1.1 google
date: Fri, 27 Jan 2023 06:59:06 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
last-modified: Wed, 14 Jul 2021 11:39:31 GMT
content-type: image/png
age: 840556
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.sanity.io/images/w9lc5y04/production/ad7d8c466475535ca8c0a94019fe003de7e8f69a-318x78.png
200 OK 5.2 kB URL HTTP/2 cdn.sanity.io/images/w9lc5y04/production/ad7d8c466475535ca8c0a94019fe003de7e8f69a-318x78.png
IP
File type PNG image data, 318 x 78, 8-bit/color RGBA, non-interlaced\012- data
Hash 54f08de44053ac484ef92bd1b2490323
fbfd97517c2b1e30611014c9938e5ac6f75e3315
68d588a5d493dc1ad73240aa42bbf23a7b522f8ab1c42b8718ce05a027293ac7
GET /images/w9lc5y04/production/ad7d8c466475535ca8c0a94019fe003de7e8f69a-318x78.png HTTP/1.1
Host: cdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 5240
x-b3-traceid: 2ba79a8e9b8baaff8166caa57a9f9898
x-b3-parentspanid: 9b38e79204f6a8a9
x-b3-spanid: 44bc33c0e90889ea
x-b3-sampled: 0
vary: origin
x-sanity-asset-storage: gcs-default
content-security-policy: script-src 'none'
x-content-type-options: nosniff
xkey: project-w9lc5y04-production
vha6-origin: image-varnish-ssd-2
x-varnish-age: 0
accept-ranges: bytes
via: 1.1 google
date: Tue, 17 Jan 2023 23:56:23 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
age: 1643519
last-modified: Fri, 25 Nov 2022 13:38:56 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.sanity.io/images/w9lc5y04/production/9baabec764476ca445f88710f67677b633a54b95-430x100.png
200 OK 3.6 kB URL HTTP/2 cdn.sanity.io/images/w9lc5y04/production/9baabec764476ca445f88710f67677b633a54b95-430x100.png
IP
File type PNG image data, 430 x 100, 8-bit colormap, non-interlaced\012- data
Hash b3af83174bcd7c3365106aec05ceabc1
9baabec764476ca445f88710f67677b633a54b95
42fae6932054cb4d37203480d9e5c6cf8787934f3b5ac09176da4f1867a992de
GET /images/w9lc5y04/production/9baabec764476ca445f88710f67677b633a54b95-430x100.png HTTP/1.1
Host: cdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 3612
x-b3-traceid: 22699caa888393d4f10bcee065fb16d4
x-b3-parentspanid: e5f055cd93a920c4
x-b3-spanid: f0d70ab65a47f37d
x-b3-sampled: 0
vary: origin
x-sanity-asset-storage: gcs-default
content-security-policy: script-src 'none'
x-content-type-options: nosniff
xkey: project-w9lc5y04-production
x-varnish-age: 2129
accept-ranges: bytes
via: 1.1 google
date: Thu, 02 Feb 2023 12:35:39 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
last-modified: Wed, 14 Jul 2021 11:37:46 GMT
content-type: image/png
age: 301963
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.sanity.io/images/w9lc5y04/production/bc900fced5d5b640bf862dee4f6f672c336eb059-395x97.png
200 OK 3.1 kB URL HTTP/2 cdn.sanity.io/images/w9lc5y04/production/bc900fced5d5b640bf862dee4f6f672c336eb059-395x97.png
IP
File type PNG image data, 395 x 97, 8-bit colormap, non-interlaced\012- data
Hash bae88acf6501b95d744ac42753fd154e
bc900fced5d5b640bf862dee4f6f672c336eb059
a9b8a511c5a65723741f141c52a491e45a6d1d47d4cdc57c8b29f39e2ca0fe41
GET /images/w9lc5y04/production/bc900fced5d5b640bf862dee4f6f672c336eb059-395x97.png HTTP/1.1
Host: cdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 3072
x-b3-traceid: deb5273c00b493ea99e4989cecfd1af8
x-b3-parentspanid: 81f3e761b9a77920
x-b3-spanid: 41f35c40ff2f3475
x-b3-sampled: 0
vary: origin
x-sanity-asset-storage: gcs-default
content-security-policy: script-src 'none'
x-content-type-options: nosniff
xkey: project-w9lc5y04-production
vha6-origin: image-varnish-ssd-1
x-varnish-age: 23719
accept-ranges: bytes
via: 1.1 google
date: Sun, 29 Jan 2023 18:21:31 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
age: 626811
last-modified: Wed, 14 Jul 2021 11:38:03 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.sanity.io/images/w9lc5y04/production/d6a6f0ddcb6ad69046e43cbf379c27d839b47e1f-560x107.png
200 OK 3.3 kB URL HTTP/2 cdn.sanity.io/images/w9lc5y04/production/d6a6f0ddcb6ad69046e43cbf379c27d839b47e1f-560x107.png
IP
File type PNG image data, 560 x 107, 8-bit colormap, non-interlaced\012- data
Hash e83e505077311e5f9cd28570d22b274c
d6a6f0ddcb6ad69046e43cbf379c27d839b47e1f
f0571891d0bb64899275389561c72cf12622f87bc6921910c0fea86108c13fae
GET /images/w9lc5y04/production/d6a6f0ddcb6ad69046e43cbf379c27d839b47e1f-560x107.png HTTP/1.1
Host: cdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 3304
x-b3-traceid: 66f7b5776ecb164ae0745d7e3ea6fb20
x-b3-parentspanid: 5fd15eb28f6c62e6
x-b3-spanid: 9725b10e4927e38c
x-b3-sampled: 0
vary: origin
x-sanity-asset-storage: gcs-default
content-security-policy: script-src 'none'
x-content-type-options: nosniff
xkey: project-w9lc5y04-production
vha6-origin: image-varnish-ssd-6
x-varnish-age: 16742
accept-ranges: bytes
via: 1.1 google
date: Sun, 29 Jan 2023 02:55:56 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
age: 682346
last-modified: Wed, 14 Jul 2021 11:37:21 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.sanity.io/images/w9lc5y04/production/261e1d6a2c26e8e34b81f82d20cdbb39e524d7e3-256x90.png
200 OK 2.3 kB URL HTTP/2 cdn.sanity.io/images/w9lc5y04/production/261e1d6a2c26e8e34b81f82d20cdbb39e524d7e3-256x90.png
IP
File type PNG image data, 256 x 90, 8-bit colormap, non-interlaced\012- data
Hash 3cc63e63d23d84e22251a97cae156b43
261e1d6a2c26e8e34b81f82d20cdbb39e524d7e3
a24220152c92cc21497f600a6ec7abe14875485a719e1ef2841919188681d803
GET /images/w9lc5y04/production/261e1d6a2c26e8e34b81f82d20cdbb39e524d7e3-256x90.png HTTP/1.1
Host: cdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 2272
x-b3-traceid: 59b6235f44b115da2a02d908fb5631e7
x-b3-parentspanid: b481e27c3ee65889
x-b3-spanid: 1b1d48cd8645b298
x-b3-sampled: 0
vary: origin
x-sanity-asset-storage: gcs-default
content-security-policy: script-src 'none'
x-content-type-options: nosniff
xkey: project-w9lc5y04-production
vha6-origin: image-varnish-ssd-7
x-varnish-age: 10899
accept-ranges: bytes
via: 1.1 google
date: Tue, 17 Jan 2023 13:36:45 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
age: 1680697
last-modified: Wed, 14 Jul 2021 11:35:44 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 472 B IP
Hash b53b22fb999e186eebe72073aa62af32
310130edaa8d9e272cd3077e046330041f6af65f
8aba19386e013e82e03bde36039cb8b8f6aa97edee3fcdd41b4d21d152762518
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 00:28:22 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 04 Feb 2023 13:59:51 GMT
Expires: Sat, 11 Feb 2023 13:59:50 GMT
Etag: "310130edaa8d9e272cd3077e046330041f6af65f"
Cache-Control: max-age=480087,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 794fc3ee9a1bfac0-OSL
cdn.sanity.io/images/w9lc5y04/production/98a1fe10a380461fda22a3baccc6031744fef4fb-991x225.png
200 OK 23 kB URL HTTP/2 cdn.sanity.io/images/w9lc5y04/production/98a1fe10a380461fda22a3baccc6031744fef4fb-991x225.png
IP
File type PNG image data, 991 x 225, 8-bit/color RGBA, non-interlaced\012- data
Hash ded03dbc96554750e94cb0f5b1b780ff
98a1fe10a380461fda22a3baccc6031744fef4fb
e001ab0ed5f5808d34f62add059289fc8fa6ccb6a347a610b7e0a668d810cf0b
GET /images/w9lc5y04/production/98a1fe10a380461fda22a3baccc6031744fef4fb-991x225.png HTTP/1.1
Host: cdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 22817
x-b3-traceid: 30eba1789aaa47bb60b6b3c2a1a4769a
x-b3-parentspanid: 052a368a7f8e41c5
x-b3-spanid: fd4fedada1837b3c
x-b3-sampled: 0
vary: origin
x-sanity-asset-storage: gcs-default
content-security-policy: script-src 'none'
x-content-type-options: nosniff
xkey: project-w9lc5y04-production
vha6-origin: image-varnish-ssd-8
x-varnish-age: 0
accept-ranges: bytes
via: 1.1 google
date: Sat, 07 Jan 2023 22:01:43 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
age: 2514399
last-modified: Thu, 28 Apr 2022 12:46:16 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.sanity.io/images/w9lc5y04/production/417d814c6c80a9400e9b057707dbb54c08cfefd4-897x497.png
200 OK 19 kB URL HTTP/2 cdn.sanity.io/images/w9lc5y04/production/417d814c6c80a9400e9b057707dbb54c08cfefd4-897x497.png
IP
File type PNG image data, 897 x 497, 8-bit/color RGBA, non-interlaced\012- data
Hash 7f9d14d17f40f7e7ee9a226a905b08bd
417d814c6c80a9400e9b057707dbb54c08cfefd4
ed8b6c84dbbf53d89846770b7765d9c33ca294cb5c7cddd73a8e7cb3fc102d48
GET /images/w9lc5y04/production/417d814c6c80a9400e9b057707dbb54c08cfefd4-897x497.png HTTP/1.1
Host: cdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 18989
x-b3-traceid: 18cbe0a13be0e52e5b8ff2c6dee1244f
x-b3-parentspanid: f397ea68b6f9aade
x-b3-spanid: 824e0270be3f959e
x-b3-sampled: 0
vary: origin
x-sanity-asset-storage: gcs-default
content-security-policy: script-src 'none'
x-content-type-options: nosniff
xkey: project-w9lc5y04-production
x-varnish-age: 0
accept-ranges: bytes
via: 1.1 google
vha6-origin: image-varnish-ssd-8
date: Thu, 26 Jan 2023 23:38:38 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
age: 866984
last-modified: Thu, 29 Sep 2022 08:53:29 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.sanity.io/images/w9lc5y04/production/bbf27568b61d4113e6c772dce2e018abda0fcc0c-87x34.svg
200 OK 1.5 kB URL HTTP/2 cdn.sanity.io/images/w9lc5y04/production/bbf27568b61d4113e6c772dce2e018abda0fcc0c-87x34.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2523)
Hash 2ad526f14821d156aa6ce0121aa08ce7
8593c593a45edaaee6f643cfb1721ad99e9ab3d8
c8b2ebb7f2ac2a8d902463ff865937d7136396cb72d0693d5505cffd15b7ac64
GET /images/w9lc5y04/production/bbf27568b61d4113e6c772dce2e018abda0fcc0c-87x34.svg HTTP/1.1
Host: cdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding, origin, accept-encoding
x-b3-traceid: 0ea2eeddc4bfea5e62d2ac095fda658c
x-b3-parentspanid: 2e24b0c133f79fc1
x-b3-spanid: a07d1a6c3cab0ac
x-b3-sampled: 0
x-sanity-asset-storage: gcs-default
content-security-policy: script-src 'none'
x-content-type-options: nosniff
xkey: project-w9lc5y04-production
content-encoding: br
vha6-origin: image-varnish-ssd-5
x-varnish-age: 7948
accept-ranges: bytes
content-length: 1454
via: 1.1 google
date: Sun, 15 Jan 2023 18:12:17 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
age: 1836965
last-modified: Wed, 20 Jul 2022 10:00:20 GMT
content-type: image/svg+xml
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.ibet.com/iojs/5.5.0/mM0sp8Erj2GlCHJLX6SgFKsKcD68gIN_z1-m9vV_lm0/dyn_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
200 OK 1.4 kB URL HTTP/2 www.ibet.com/iojs/5.5.0/mM0sp8Erj2GlCHJLX6SgFKsKcD68gIN_z1-m9vV_lm0/dyn_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
IP
File type ASCII text, with very long lines (985)
Hash b7a727a54a66574687d1d7c4c0811bf1
c20f7a638cf18f36b84b12453774de7ee52651fb
1c4eecc4d12f6d23ce91f872dee6de7890ee8f2eb6179a7f05eff9477500c634
GET /iojs/5.5.0/mM0sp8Erj2GlCHJLX6SgFKsKcD68gIN_z1-m9vV_lm0/dyn_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ibet.com/no-NO/?aff=ZG0C9ZL7-e76LFaHCxTGxGNd7ZgqdRLk
Cookie: isiframeenabled=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
content-length: 1402
date: 2023-Feb-06 00:28:22
cache-control: no-cache, private
pragma: no-cache
expires: 0
p3p: CP="NON DSP COR CURa"
accept-ch: ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
vary: Accept-Encoding, User-Agent
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 d84d4103926180da8f8abcb90515db0c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: JqvlcbzdTOUP2xpi050ITJN49mHy9gDXPDL6gXDSN4GLa8345J_p0g==
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 472 B IP
Hash b53b22fb999e186eebe72073aa62af32
310130edaa8d9e272cd3077e046330041f6af65f
8aba19386e013e82e03bde36039cb8b8f6aa97edee3fcdd41b4d21d152762518
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 00:28:22 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 04 Feb 2023 13:59:51 GMT
Expires: Sat, 11 Feb 2023 13:59:50 GMT
Etag: "310130edaa8d9e272cd3077e046330041f6af65f"
Cache-Control: max-age=480087,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 794fc3ef389b1c0e-OSL
js.adsrvr.org/up_loader.1.1.0.js
200 OK 1.9 kB URL HTTP/1.1 js.adsrvr.org/up_loader.1.1.0.js
IP
File type ASCII text, with very long lines (4593), with no line terminators
Hash 8dc722d27824e60548fd25752623cd07
33d66ad1a4a162e2d6c9ed732d6c9af79635fc4d
14ce9119fe06fb2d363ba3c824e9f5b3f212f1f39dfab38c836fa13a20daec1b
GET /up_loader.1.1.0.js HTTP/1.1
Host: js.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Sun, 05 Feb 2023 09:30:24 GMT
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: wWT2eezBu0gocanwiJQ3UCKSlSRtumJ8yD4mPx2-pPkMIvhUCr2vug==
Age: 53879
ocsp.sectigo.com/
200 OK 472 B IP
Hash b53b22fb999e186eebe72073aa62af32
310130edaa8d9e272cd3077e046330041f6af65f
8aba19386e013e82e03bde36039cb8b8f6aa97edee3fcdd41b4d21d152762518
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 00:28:22 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 04 Feb 2023 13:59:51 GMT
Expires: Sat, 11 Feb 2023 13:59:50 GMT
Etag: "310130edaa8d9e272cd3077e046330041f6af65f"
Cache-Control: max-age=480087,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 794fc3ee7d591c12-OSL
ocsp.sectigo.com/
200 OK 471 B IP
Hash 750eea13270d515ca3d0e42b5db8885c
17d65469a0c73fe5ae4d5f51a25051d54010dd4a
6cd245cb7388b0b1bf584ca48cdd293d835bbe95e33c533befb1e85f23d417ee
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 00:28:22 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 03 Feb 2023 03:09:29 GMT
Expires: Fri, 10 Feb 2023 03:09:28 GMT
Etag: "17d65469a0c73fe5ae4d5f51a25051d54010dd4a"
Cache-Control: max-age=354665,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 794fc3ef9d0d1bfa-OSL
w9lc5y04.apicdn.sanity.io/v1/data/query/production/?query=*%5B_type%20%3D%3D%20%22homePage%22%20%26%26%20%27NO%27%20in%20market%5B%5D-%3Eid%20%26%26%20!(_id%20in%20path(%27drafts.**%27))%5D%5B0%5D%7B%0A%20%20%20%20%20%22banner%22%3A%7B%0A%20%20%20%20%20%20%20%20%22list%22%3Abanners%5B%5D-%3E%7B%0A%20%20%20%20%20%20%20%20%20%20%20_id%2C%0A%20%20%20%20%20%20%20%20%20%20%20%22description%22%3Adescription.no%2C%0A%20%20%20%20%20%20%20%20%20%20%20%22title%22%3Atitle.no%2C%0A%20%20%20%20%20%20%20%20%20%20%20%22greeting%22%3Agreeting.no%2C%0A%20%20%20%20%20%20%20%20%20%20%20%22button%22%3A%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%22type%22%3Abutton.type%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%22label%22%3Abutton.label.no%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%22param%22%3Abutton.param%0A%20%20%20%20%20%20%20%20%20%20%20%7D%2C%0A%20%20%20%20%20%20%20%20%20%20%20%22urlAction%22%3A%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20%22slug%22%3A%20urlAction.anonymousSlug%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20%22absoluteUrl%22%3A%20urlAction.anonymousAbsoluteUrl%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20%22openNewTab%22%3A%20urlAction.anonymousOpenNewTab%0A%20%20%20%20%20%20%20%20%20%20%7D%2C%0A%20%20%20%20%20%20%20%20%20%20%20%22img%22%3A%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%22img1x%22%3Aimg.img1x.asset-%3Eurl%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%22img2x%22%3Aimg.img2x.asset-%3Eurl%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%22img3x%22%3Aimg.img3x.asset-%3Eurl%2C%0A%20%20%20%20%20%20%20%20%20%20%20%7D%2C%20%20%20%20%20%20%20%20%20%20%20%0A%20%20%20%20%20%20%20%20%20%20%20%22imgPortrait%22%3A%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%22img1x%22%3AimgPortrait.img1x.asset-%3Eurl%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%22img2x%22%3AimgPortrait.img2x.asset-%3Eurl%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%22img3x%22%3AimgPortrait.img3x.asset-%3Eurl%2C%0A%20%20%20%20%20%20%20%20%20%20%20%7D%2C%0A%20%20%20%20%20%20%20%20%20%20%20startDate%2C%0A%20%20%20%20%20%20%20%20%20%20%20endDate%2C%0A%20%20%20%20%20%20%20%20%20%20%20authorized%2C%0A%20%20%20%20%20%20%20%20%20%20%20isClickable%0A%20%20%20%20%20%20%20%20%7D%2C%0A%20%20%20%20%20%20%20%20%22options%22%3A%7B%22duration%22%3AbannersDuration%7D%20%20%20%20%20%20%20%20%0A%20%20%20%20%20%7D%2C%0A%20%20%20%20%20%22verticals%22%3Averticals%5B%5D-%3E%7B%0A%20%20%20%20%20%20%20%20%20%20%22title%22%3Atitle.no%2C%20type%2C%20authorized%2C%20%22subtitle%22%3Asubtitle.no%2C%20%22description%22%3Adescription.no%2C%20%0A%20%20%20%20%20%20%20%20%20%20items%5B%5D-%3E%7B%20%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20id%2C%20%22label%22%3Acoalesce(title.no%2Cname)%2C%20image%7B%22img1x%22%3Aimg1x.asset-%3Eurl%2C%22img2x%22%3Aimg2x.asset-%3Eurl%2C%22img3x%22%3Aimg3x.asset-%3Eurl%7D%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%22provider%22%3Acoalesce(provider-%3Eprovider.id%2Cprovider)%0A%20%20%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%7D
200 OK 6.4 kB URL HTTP/2 w9lc5y04.apicdn.sanity.io/v1/data/query/production/?query=*%5B_type%20%3D%3D%20%22homePage%22%20%26%26%20%27NO%27%20in%20market%5B%5D-%3Eid%20%26%26%20!(_id%20in%20path(%27drafts.**%27))%5D%5B0%5D%7B%0A%20%20%20%20%20%22banner%22%3A%7B%0A%20%20%20%20%20%20%20%20%22list%22%3Abanners%5B%5D-%3E%7B%0A%20%20%20%20%20%20%20%20%20%20%20_id%2C%0A%20%20%20%20%20%20%20%20%20%20%20%22description%22%3Adescription.no%2C%0A%20%20%20%20%20%20%20%20%20%20%20%22title%22%3Atitle.no%2C%0A%20%20%20%20%20%20%20%20%20%20%20%22greeting%22%3Agreeting.no%2C%0A%20%20%20%20%20%20%20%20%20%20%20%22button%22%3A%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%22type%22%3Abutton.type%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%22label%22%3Abutton.label.no%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%22param%22%3Abutton.param%0A%20%20%20%20%20%20%20%20%20%20%20%7D%2C%0A%20%20%20%20%20%20%20%20%20%20%20%22urlAction%22%3A%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20%22slug%22%3A%20urlAction.anonymousSlug%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20%22absoluteUrl%22%3A%20urlAction.anonymousAbsoluteUrl%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20%22openNewTab%22%3A%20urlAction.anonymousOpenNewTab%0A%20%20%20%20%20%20%20%20%20%20%7D%2C%0A%20%20%20%20%20%20%20%20%20%20%20%22img%22%3A%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%22img1x%22%3Aimg.img1x.asset-%3Eurl%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%22img2x%22%3Aimg.img2x.asset-%3Eurl%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%22img3x%22%3Aimg.img3x.asset-%3Eurl%2C%0A%20%20%20%20%20%20%20%20%20%20%20%7D%2C%20%20%20%20%20%20%20%20%20%20%20%0A%20%20%20%20%20%20%20%20%20%20%20%22imgPortrait%22%3A%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%22img1x%22%3AimgPortrait.img1x.asset-%3Eurl%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%22img2x%22%3AimgPortrait.img2x.asset-%3Eurl%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%22img3x%22%3AimgPortrait.img3x.asset-%3Eurl%2C%0A%20%20%20%20%20%20%20%20%20%20%20%7D%2C%0A%20%20%20%20%20%20%20%20%20%20%20startDate%2C%0A%20%20%20%20%20%20%20%20%20%20%20endDate%2C%0A%20%20%20%20%20%20%20%20%20%20%20authorized%2C%0A%20%20%20%20%20%20%20%20%20%20%20isClickable%0A%20%20%20%20%20%20%20%20%7D%2C%0A%20%20%20%20%20%20%20%20%22options%22%3A%7B%22duration%22%3AbannersDuration%7D%20%20%20%20%20%20%20%20%0A%20%20%20%20%20%7D%2C%0A%20%20%20%20%20%22verticals%22%3Averticals%5B%5D-%3E%7B%0A%20%20%20%20%20%20%20%20%20%20%22title%22%3Atitle.no%2C%20type%2C%20authorized%2C%20%22subtitle%22%3Asubtitle.no%2C%20%22description%22%3Adescription.no%2C%20%0A%20%20%20%20%20%20%20%20%20%20items%5B%5D-%3E%7B%20%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20id%2C%20%22label%22%3Acoalesce(title.no%2Cname)%2C%20image%7B%22img1x%22%3Aimg1x.asset-%3Eurl%2C%22img2x%22%3Aimg2x.asset-%3Eurl%2C%22img3x%22%3Aimg3x.asset-%3Eurl%7D%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%22provider%22%3Acoalesce(provider-%3Eprovider.id%2Cprovider)%0A%20%20%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%7D
IP
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (28272), with no line terminators
Hash a7b0379defa3705d64fd72e4a0fbb814
ff8196098a15773f1d886d8af2097fe45c543d8c
cac2273dd3d0708540bf2c072f95fbedbcb458e3ceca2f55f925fb701f9c0405
GET /v1/data/query/production/?query=*%5B_type%20%3D%3D%20%22homePage%22%20%26%26%20%27NO%27%20in%20market%5B%5D-%3Eid%20%26%26%20!(_id%20in%20path(%27drafts.**%27))%5D%5B0%5D%7B%0A%20%20%20%20%20%22banner%22%3A%7B%0A%20%20%20%20%20%20%20%20%22list%22%3Abanners%5B%5D-%3E%7B%0A%20%20%20%20%20%20%20%20%20%20%20_id%2C%0A%20%20%20%20%20%20%20%20%20%20%20%22description%22%3Adescription.no%2C%0A%20%20%20%20%20%20%20%20%20%20%20%22title%22%3Atitle.no%2C%0A%20%20%20%20%20%20%20%20%20%20%20%22greeting%22%3Agreeting.no%2C%0A%20%20%20%20%20%20%20%20%20%20%20%22button%22%3A%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%22type%22%3Abutton.type%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%22label%22%3Abutton.label.no%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%22param%22%3Abutton.param%0A%20%20%20%20%20%20%20%20%20%20%20%7D%2C%0A%20%20%20%20%20%20%20%20%20%20%20%22urlAction%22%3A%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20%22slug%22%3A%20urlAction.anonymousSlug%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20%22absoluteUrl%22%3A%20urlAction.anonymousAbsoluteUrl%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20%22openNewTab%22%3A%20urlAction.anonymousOpenNewTab%0A%20%20%20%20%20%20%20%20%20%20%7D%2C%0A%20%20%20%20%20%20%20%20%20%20%20%22img%22%3A%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%22img1x%22%3Aimg.img1x.asset-%3Eurl%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%22img2x%22%3Aimg.img2x.asset-%3Eurl%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%22img3x%22%3Aimg.img3x.asset-%3Eurl%2C%0A%20%20%20%20%20%20%20%20%20%20%20%7D%2C%20%20%20%20%20%20%20%20%20%20%20%0A%20%20%20%20%20%20%20%20%20%20%20%22imgPortrait%22%3A%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%22img1x%22%3AimgPortrait.img1x.asset-%3Eurl%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%22img2x%22%3AimgPortrait.img2x.asset-%3Eurl%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%22img3x%22%3AimgPortrait.img3x.asset-%3Eurl%2C%0A%20%20%20%20%20%20%20%20%20%20%20%7D%2C%0A%20%20%20%20%20%20%20%20%20%20%20startDate%2C%0A%20%20%20%20%20%20%20%20%20%20%20endDate%2C%0A%20%20%20%20%20%20%20%20%20%20%20authorized%2C%0A%20%20%20%20%20%20%20%20%20%20%20isClickable%0A%20%20%20%20%20%20%20%20%7D%2C%0A%20%20%20%20%20%20%20%20%22options%22%3A%7B%22duration%22%3AbannersDuration%7D%20%20%20%20%20%20%20%20%0A%20%20%20%20%20%7D%2C%0A%20%20%20%20%20%22verticals%22%3Averticals%5B%5D-%3E%7B%0A%20%20%20%20%20%20%20%20%20%20%22title%22%3Atitle.no%2C%20type%2C%20authorized%2C%20%22subtitle%22%3Asubtitle.no%2C%20%22description%22%3Adescription.no%2C%20%0A%20%20%20%20%20%20%20%20%20%20items%5B%5D-%3E%7B%20%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20id%2C%20%22label%22%3Acoalesce(title.no%2Cname)%2C%20image%7B%22img1x%22%3Aimg1x.asset-%3Eurl%2C%22img2x%22%3Aimg2x.asset-%3Eurl%2C%22img3x%22%3Aimg3x.asset-%3Eurl%7D%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%22provider%22%3Acoalesce(provider-%3Eprovider.id%2Cprovider)%0A%20%20%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%7D HTTP/1.1
Host: w9lc5y04.apicdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ibet.com
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=utf-8
date: Mon, 06 Feb 2023 00:06:47 GMT
server-timing: api;dur=281
x-sanity-shard: gcp-eu-w1-01-prod-1013
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: https://www.ibet.com
access-control-expose-headers: Content-Type, Content-Length, ETag, X-Sanity-Deprecated, X-Sanity-Warning
access-control-max-age: 600
content-encoding: br
x-sanity-age: 1295
cache-control: public, max-age=60, s-maxage=60, stale-while-revalidate=15, stale-if-error=7200
vary: accept-encoding, origin
accept-ranges: bytes
content-length: 6367
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 472 B IP
Hash b53b22fb999e186eebe72073aa62af32
310130edaa8d9e272cd3077e046330041f6af65f
8aba19386e013e82e03bde36039cb8b8f6aa97edee3fcdd41b4d21d152762518
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 00:28:22 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 04 Feb 2023 13:59:51 GMT
Expires: Sat, 11 Feb 2023 13:59:50 GMT
Etag: "310130edaa8d9e272cd3077e046330041f6af65f"
Cache-Control: max-age=480087,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 794fc3eeaad5b4f7-OSL
ocsp.digicert.com/
200 OK 279 B IP
Hash 749ecda478edfe798881d20f655e815c
8d738c8565488437d3afa121f99a3ff8ecaaf06b
07cd96607dd7917f9a96e870513c5c46bfbab5dbdfa67244a94a99ac4ca9e97b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4808
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 00:28:22 GMT
Last-Modified: Sun, 05 Feb 2023 23:08:14 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 279
tm.ads.sportradar.com/dist/tag-manager.js?id=STM-AAAAUT
200 OK 37 kB URL HTTP/2 tm.ads.sportradar.com/dist/tag-manager.js?id=STM-AAAAUT
IP
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (61814)
Hash 7a4c7084a1cc66299069cae286e77ae9
69e0d50e779ea14bf86e8da3791c0ac246317499
08a9e9ea264c09e8bbed7876e604711eaa12870ead3a524324bc429b415032a0
GET /dist/tag-manager.js?id=STM-AAAAUT HTTP/1.1
Host: tm.ads.sportradar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
apigw-requestid: f46AchgEDoEEJsg=
vary: Accept-Encoding
content-encoding: gzip
content-length: 37374
date: Mon, 06 Feb 2023 00:28:22 GMT
cache-control: max-age=900, public
x-n: S
X-Firefox-Spdy: h2
css.zohocdn.com/salesiq/styles/floatbutton1_bd045c29766df2806787522c13149e23_.css
200 OK 5.1 kB URL HTTP/2 css.zohocdn.com/salesiq/styles/floatbutton1_bd045c29766df2806787522c13149e23_.css
IP
ASN #41913 Computerline GmbH
File type ASCII text, with very long lines (22576), with no line terminators
Hash 9674bdea22120177e94ec071e3dfbe6c
206b3ab605f3409b8f33e7e4b1b464c02d6831b0
63f3b43a7dfed48774b53a6432331e78e98bd86549e2916cfc0e9eb8fc530c12
GET /salesiq/styles/floatbutton1_bd045c29766df2806787522c13149e23_.css HTTP/1.1
Host: css.zohocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: ZGS
date: Mon, 06 Feb 2023 00:28:22 GMT
content-type: text/css;charset=UTF-8
content-length: 5141
x-content-type-options: nosniff
x-xss-protection: 1
cache-control: public, max-age=7776000, immutable
etag: "9674bdea22120177e94ec071e3dfbe6c"
content-language: en-US
last-modified: Mon, 09 Jan 2023 12:41:16 GMT
content-encoding: br
access-control-expose-headers: *
access-control-allow-origin: *
vary: Accept-Encoding
strict-transport-security: max-age=15768000
timing-allow-origin: *
x-cache: HIT
nb-request-id: c58ca9515b8635a6881852ecb9d862be
z-origin-id: ex1-2f7dc721d34449d58349e76a361aeb74
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ibet.com/iojs/5.5.0/mM0sp8Erj2GlCHJLX6SgFKsKcD68gIN_z1-m9vV_lm0/logo.js
200 OK 505 B URL HTTP/2 www.ibet.com/iojs/5.5.0/mM0sp8Erj2GlCHJLX6SgFKsKcD68gIN_z1-m9vV_lm0/logo.js
IP
File type ASCII text, with very long lines (377)
Hash f2c86563d874e05e9005cd457aec4b03
1535d511bd561b6c0d6820d54db794a99a6463d6
1a8cf8d5d918bc7c1aab76fd0857f8ab92b704626ae4d8fc8d1efdfc30a0c8e8
GET /iojs/5.5.0/mM0sp8Erj2GlCHJLX6SgFKsKcD68gIN_z1-m9vV_lm0/logo.js HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ibet.com/no-NO/?aff=ZG0C9ZL7-e76LFaHCxTGxGNd7ZgqdRLk
Cookie: isiframeenabled=true; _gcl_au=1.1.1242781563.1675643345
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
content-length: 505
date: Mon, 06 Feb 2023 00:28:22 GMT
last-modified: Tue, 06 May 2014 00:01:40 GMT
expires: Tue, 06 Feb 2024 00:28:22 GMT
cache-control: private
p3p: CP="NON DSP COR CURa"
accept-ch: ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
vary: Accept-Encoding, User-Agent
x-cache: Miss from cloudfront
via: 1.1 d84d4103926180da8f8abcb90515db0c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: EhRAxmqgKiG1ZYQOLI1UgT2qhAxOiDFoe2dPJdVy-RJbCZvFC5HoGg==
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 7125328058f95e3c17e44f90a4b69a40
96073265c5bb3eb49b77f5e87a2b1226cc5082ea
afd80667fd34b628fb701a20a892c899a09d8029ea6aeb8527f6035b60e3e20b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2302
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 00:28:22 GMT
Last-Modified: Sun, 05 Feb 2023 23:50:00 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
mpsnare.iesnare.com/star
101 Switching Protocols 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /star HTTP/1.1
Host: mpsnare.iesnare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://www.ibet.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: T5faSlkp6PZ7He5r4IhgEg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Server: nginx
Date: Mon, 06 Feb 2023 00:28:22 GMT
Connection: upgrade
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Accept: AMQ7TBfwBath6d5sGHlFyxjSLI4=
Upgrade: WebSocket
www.ibet.com/media/home/features/features-desktop.jpg
200 OK 136 kB URL HTTP/2 www.ibet.com/media/home/features/features-desktop.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1440x824, components 3\012- data
Size 136 kB (135662 bytes)
Hash fffc21166194075701552a7d2218a9fc
c84cc4212579053740c58bf3245759c2371436f3
02ab2a6abaaa6981603402a187337d197b57578609f7ebf09b9b49dba94ca276
GET /media/home/features/features-desktop.jpg HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ibet.com/no-NO/?aff=ZG0C9ZL7-e76LFaHCxTGxGNd7ZgqdRLk
Cookie: isiframeenabled=true; _gcl_au=1.1.1242781563.1675643345
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 135662
last-modified: Thu, 05 Jan 2023 16:20:42 GMT
accept-ranges: bytes
server: AmazonS3
date: Mon, 06 Feb 2023 00:28:23 GMT
etag: "fffc21166194075701552a7d2218a9fc"
x-cache: RefreshHit from cloudfront
via: 1.1 d84d4103926180da8f8abcb90515db0c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: qYMvoNXvETeYPCi2r2GhypAJZr0dy4x9QyzuOKh8FH7gDaya-iGhoQ==
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash 750eea13270d515ca3d0e42b5db8885c
17d65469a0c73fe5ae4d5f51a25051d54010dd4a
6cd245cb7388b0b1bf584ca48cdd293d835bbe95e33c533befb1e85f23d417ee
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 00:28:22 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 03 Feb 2023 03:09:29 GMT
Expires: Fri, 10 Feb 2023 03:09:28 GMT
Etag: "17d65469a0c73fe5ae4d5f51a25051d54010dd4a"
Cache-Control: max-age=354665,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 794fc3efaa6cfac0-OSL
js.zohocdn.com/salesiq/js/floatbutton1_aaa7d7b4872c11015e75ee4b6a789bc6_.js
200 OK 13 kB URL HTTP/2 js.zohocdn.com/salesiq/js/floatbutton1_aaa7d7b4872c11015e75ee4b6a789bc6_.js
IP
ASN #41913 Computerline GmbH
File type ASCII text, with very long lines (36889), with no line terminators
Hash 442bffdefe2ad3df847c10003dfaa48e
8e99d0948737ae632d6e3e71a4e6224c60330abf
74712da9d15ad35a1cd198fb88274206dc23cf453b0e34a77c29a63dddae9e0f
GET /salesiq/js/floatbutton1_aaa7d7b4872c11015e75ee4b6a789bc6_.js HTTP/1.1
Host: js.zohocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: ZGS
date: Mon, 06 Feb 2023 00:28:22 GMT
content-type: application/javascript;charset=UTF-8
content-length: 12566
x-content-type-options: nosniff
x-xss-protection: 1
cache-control: public, max-age=7776000, immutable
etag: "442bffdefe2ad3df847c10003dfaa48e"
content-language: en-US
last-modified: Wed, 01 Feb 2023 13:08:55 GMT
content-encoding: br
access-control-expose-headers: *
access-control-allow-origin: *
vary: Accept-Encoding
strict-transport-security: max-age=15768000
timing-allow-origin: *
x-cache: HIT
nb-request-id: 59436098b1a973eba4fa1b63c7115bfb
z-origin-id: ex1-9de30ebb55644ef0ad9d37b88d5878cc
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsalphasha2g2
200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP
Hash 26a90dd530d424ba54ae4490b05c884b
cb2aff7f21701d9d56e73ea44c815c803eacf142
ee1626f133b5fd23b729c832c003677d8dc5502fb334236576a501c6176b333c
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1423
Server: nginx
Content-Type: application/ocsp-response
Expires: Thu, 09 Feb 2023 23:53:52 GMT
ETag: "cb2aff7f21701d9d56e73ea44c815c803eacf142"
Last-Modified: Sun, 05 Feb 2023 23:53:53 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Mon, 06 Feb 2023 00:28:22 GMT
Age: 1774
X-Served-By: cache-qpg1246-QPG, cache-bma1681-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 21, 1
X-Timer: S1675643302.432038,VS0,VE190
ocsp2.globalsign.com/gsalphasha2g2
200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP
Hash 26a90dd530d424ba54ae4490b05c884b
cb2aff7f21701d9d56e73ea44c815c803eacf142
ee1626f133b5fd23b729c832c003677d8dc5502fb334236576a501c6176b333c
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1423
Server: nginx
Content-Type: application/ocsp-response
Expires: Thu, 09 Feb 2023 23:53:52 GMT
ETag: "cb2aff7f21701d9d56e73ea44c815c803eacf142"
Last-Modified: Sun, 05 Feb 2023 23:53:53 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Mon, 06 Feb 2023 00:28:22 GMT
Age: 1774
X-Served-By: cache-qpg1246-QPG, cache-bma1658-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 21, 1
X-Timer: S1675643302.431296,VS0,VE190
ocsp.digicert.com/
200 OK 279 B IP
Hash 749ecda478edfe798881d20f655e815c
8d738c8565488437d3afa121f99a3ff8ecaaf06b
07cd96607dd7917f9a96e870513c5c46bfbab5dbdfa67244a94a99ac4ca9e97b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4808
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 00:28:22 GMT
Last-Modified: Sun, 05 Feb 2023 23:08:14 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 279
imagesrv.adition.com/js/aut.js
200 OK 3.6 kB URL HTTP/2 imagesrv.adition.com/js/aut.js
IP
ASN #24961 myLoc managed IT AG
File type C source, ASCII text, with very long lines (575)
Hash 20bcb89e1593d0791dc1e75cddc1651d
d696cd7a407d3d95f197c44cf1d8e47312242e1b
453f86a616db4a42e5dd92fc00a580d769a6275c0adb56700b134290c8302971
GET /js/aut.js HTTP/1.1
Host: imagesrv.adition.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
accept-ranges: bytes
etag: "2397954584-br"
last-modified: Wed, 11 Jan 2023 08:47:11 GMT
content-length: 3634
access-control-allow-origin: *
vary: Accept-Encoding
content-encoding: br
date: Mon, 06 Feb 2023 00:28:22 GMT
X-Firefox-Spdy: h2
www.ibet.com/static/media/IntegralCF-Regular.2bead141.woff2
200 OK 18 kB URL HTTP/2 www.ibet.com/static/media/IntegralCF-Regular.2bead141.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 18484, version 1.6553\012- data
Hash 2bead14105eb2526e9547d6dd69ed86c
23601938b7bbb0631b6a33f7f6c7e73700241dea
07839fe34039d0bf261f3cb68b299f96f43705a4c8a0bce5063d6376a311c4d6
GET /static/media/IntegralCF-Regular.2bead141.woff2 HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.ibet.com/no-NO/?aff=ZG0C9ZL7-e76LFaHCxTGxGNd7ZgqdRLk
Cookie: isiframeenabled=true; _gcl_au=1.1.1242781563.1675643345
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 18484
last-modified: Thu, 05 Jan 2023 16:20:43 GMT
accept-ranges: bytes
server: AmazonS3
date: Mon, 06 Feb 2023 00:28:23 GMT
etag: "2bead14105eb2526e9547d6dd69ed86c"
x-cache: RefreshHit from cloudfront
via: 1.1 d84d4103926180da8f8abcb90515db0c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: 7AQdUlwG4DuTriSm7rirV17avBfFwuChPoC9OIdFv8L_WbGReanMZg==
X-Firefox-Spdy: h2
amplify.outbrain.com/cp/obtp.js
200 OK 5.9 kB URL HTTP/1.1 amplify.outbrain.com/cp/obtp.js
IP
File type ASCII text, with very long lines (17769), with no line terminators
Hash 939f95ffc91ae8a9eacb6998ec5a635f
e122fe07195821f6abf871cc65f315c6b9e27f4a
49462b3c223095ac3fc223f11a29e4bceed96feba62e167d444e9a082626fc17
GET /cp/obtp.js HTTP/1.1
Host: amplify.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "b07048fb19f7c325242e254218118e14:1675339769.124179"
Last-Modified: Thu, 02 Feb 2023 09:48:30 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=1200
Expires: Mon, 06 Feb 2023 00:48:22 GMT
Date: Mon, 06 Feb 2023 00:28:22 GMT
Content-Length: 5911
Connection: keep-alive
cdn.taboola.com/libtrc/unip/1504263/tfa.js
200 OK 18 kB URL HTTP/2 cdn.taboola.com/libtrc/unip/1504263/tfa.js
IP
File type ASCII text, with very long lines (59751)
Hash eaaa55ecd0df9f3d15025fe31067d6e2
41d2ff206533e0a0591830006eeb0d23ad4067e4
523a64e22feeba57088890ef903114b51e99be9c234cc67584fd503885b50221
GET /libtrc/unip/1504263/tfa.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: cjPISMejHhhCUvSLbVC5G9pNPTqRSMsZmp5txQxMJ80ktMx7Td2IXOTj1p8eSdTP5X/x3MMG+f4=
x-amz-request-id: 3Z7KQJXSYZRZ551M
x-amz-replication-status: PENDING
last-modified: Sun, 05 Feb 2023 11:37:23 GMT
etag: "301611c7eae6b8e6feeec85b501e908d"
x-amz-version-id: _ThGk74OaON4eTUIKCvsct5EpXcGSKOg
content-type: application/javascript; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Mon, 06 Feb 2023 00:28:22 GMT
via: 1.1 varnish
age: 51
x-served-by: cache-bma1633-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1675643303.746908,VS0,VE1
cache-control: private,max-age=14401
vary: Accept-Encoding
abp: 47
content-length: 18376
X-Firefox-Spdy: h2
origin.acuityplatform.com/event/v2/pixel.js
200 OK 2.4 kB URL HTTP/1.1 origin.acuityplatform.com/event/v2/pixel.js
IP
File type HTML document, ASCII text, with very long lines (2423)
Hash c1e398d8cc65cd9241cc3f1840add2cb
316b1005d23d838c83e8bc65d3c2679b8c098df6
89cf66cb9de8da20fc15e9953845dd4d1de2c0fb465c827a09d818449222c533
GET /event/v2/pixel.js HTTP/1.1
Host: origin.acuityplatform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.14.0
Content-Type: application/javascript
Content-Length: 2424
Last-Modified: Wed, 04 Jan 2023 18:57:40 GMT
ETag: "63b5cc24-978"
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Date: Mon, 06 Feb 2023 00:28:22 GMT
Connection: keep-alive
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Sun, 05 Feb 2023 23:45:20 GMT
expires: Mon, 06 Feb 2023 01:45:20 GMT
cache-control: public, max-age=7200
age: 2582
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash a4c9aec1fbb347e37394d01baf52fa49
2de722d77d4154504aa98e9ef46b8cb21a1be780
069169ac204505b2880ce68b15dd222b84f5923a8d6da6a1119e183f626c6700
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6345
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 00:28:22 GMT
Last-Modified: Sun, 05 Feb 2023 22:42:37 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 471 B IP
Hash 1195dd6a2166c4b6c4f45510e64cbd2c
1600d859c9c6e74468bbd3d30b86a666ff307116
d0603547733c0617e521f5f0c1766800d3541f1afc470b8f8c94ca58d34df1c1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1957
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 00:28:22 GMT
Last-Modified: Sun, 05 Feb 2023 23:55:45 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
mpsnare.iesnare.com/general5/mM0sp8Erj2GlCHJLX6SgFKsKcD68gIN_z1-m9vV_lm0/wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
200 OK 19 kB URL HTTP/1.1 mpsnare.iesnare.com/general5/mM0sp8Erj2GlCHJLX6SgFKsKcD68gIN_z1-m9vV_lm0/wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
IP
File type ASCII text, with very long lines (1056)
Hash daa1d959e49caa69212f14225eb35b04
f83696888b801c190d7eff156e275dd4a16faddd
6af143495f2c75d53bb4f26a6644003853c2d978e047b5ad480d202d14c5e248
GET /general5/mM0sp8Erj2GlCHJLX6SgFKsKcD68gIN_z1-m9vV_lm0/wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false HTTP/1.1
Host: mpsnare.iesnare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Feb 2023 00:28:22 GMT
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: io_token_7c6a6574-f011-4c9a-abdd-9894a102ccef=YZOj5Cc8uOp2jc+glgdvWEPXlSvwFR9halrQwG3WzD8=;Path=/;Expires=Tue, 06-Feb-2024 00:28:22 GMT;Max-Age=31536000;Secure;HttpOnly;SameSite=None
Cache-Control: no-cache, private
Pragma: no-cache
Expires: 0
p3p: CP="NON DSP COR CURa"
Accept-CH: ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip
ocsp2.globalsign.com/gsalphasha2g2
200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP
Hash 24c7de0855ede70f58dab07724eac218
607517a5e8bf38520c655b7d3d311cbca0b70a8f
076831bdf1008b4dc3890b101cc7a6427db6315153750d99e71c8733f6b6f82b
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1423
Server: nginx
Content-Type: application/ocsp-response
Expires: Thu, 09 Feb 2023 22:30:58 GMT
ETag: "607517a5e8bf38520c655b7d3d311cbca0b70a8f"
Last-Modified: Sun, 05 Feb 2023 22:30:59 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Mon, 06 Feb 2023 00:28:22 GMT
Age: 2431
X-Served-By: cache-qpg1227-QPG, cache-bma1681-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 17, 2
X-Timer: S1675643303.815170,VS0,VE0
mpsnare.iesnare.com/time.mp3?nocache=0.029935242986976585
206 Partial Content 504 B URL HTTP/1.1 mpsnare.iesnare.com/time.mp3?nocache=0.029935242986976585
IP
File type MPEG ADTS, layer III, v2.5, 32 kbps, 8 kHz, JntStereo\012- data
Hash cfe47da3367b896cf8fe9d23144e6294
5eb28e56c71ce7e851b99b4d90b4091e3090243a
2857eb76b4850703192f5d42bc145b2384147fcb65f63b5447ed74664e241507
GET /time.mp3?nocache=0.029935242986976585 HTTP/1.1
Host: mpsnare.iesnare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 206 Partial Content
Server: nginx
Date: Mon, 06 Feb 2023 00:28:22 GMT
Content-Type: audio/mpeg
Content-Length: 504
Connection: keep-alive
Content-Disposition: inline; filename=time.mp3
Content-Range: bytes 0-503/504
Accept-Ranges: bytes
Pragma: public
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
adfarm1.adition.com/i?raw=1&ts=200778401
200 OK 19 B URL HTTP/2 adfarm1.adition.com/i?raw=1&ts=200778401
IP
ASN #24961 myLoc managed IT AG
File type ASCII text, with no line terminators
Hash 36914a35af69715638f0b02f3692825c
b26a78e75f5c836bf90a406a675ac556b06d3750
9f4b1ad7c478083c3cdeb726912a714118f962922be317ed49629d7eb1549f66
GET /i?raw=1&ts=200778401 HTTP/1.1
Host: adfarm1.adition.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ibet.com
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
content-length: 19
server: ADITIONSERVER v1.0
date: Mon, 06 Feb 2023 01:28:22 +0100
access-control-allow-credentials: true
access-control-allow-origin: https://www.ibet.com
access-control-expose-headers: set-cookie
cache-control: max-age=31536000,private
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
set-cookie: UserID1=7196833181854075657; expires=Sun, 07-May-2023 01:28:22 GMT; path=/; domain=.adfarm1.adition.com; SameSite=None; Secure
X-Firefox-Spdy: h2
tracker.ads.sportradar.com/dist/tracker.js
200 OK 12 kB URL HTTP/2 tracker.ads.sportradar.com/dist/tracker.js
IP
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (34755)
Hash b34b13d85152f71b7fd15289c78c0583
0bb20191b022bbd0e75f2bbce7f6332886079c2c
7a3fc57394ecc6745eb6e18745aa1e5e5d05cb2237c4d0d754ab43d33863a84c
GET /dist/tracker.js HTTP/1.1
Host: tracker.ads.sportradar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 20 Jan 2021 14:51:32 GMT
accept-ranges: bytes
server: AmazonS3
etag: "5ff82a1c468a89919e9437d33e0402cb"
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: xxy24jTmXvVX0pZDc4mQqOEbDdBZu0yd_clnp0StuyGWfF7ogQHfyg==
vary: Accept-Encoding
content-encoding: gzip
date: Mon, 06 Feb 2023 00:28:23 GMT
content-length: 11553
cache-control: max-age=900, public
X-Firefox-Spdy: h2
mpsnare.iesnare.com/star
101 Switching Protocols 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /star HTTP/1.1
Host: mpsnare.iesnare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://www.ibet.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: T2ZGfT6Vp4lFOE2v09ecpw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Server: nginx
Date: Mon, 06 Feb 2023 00:28:23 GMT
Connection: upgrade
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Accept: ltFGq5SGsig+oyTh4rpeZQAi8Kc=
Upgrade: WebSocket
ocsp.entrust.net/
200 OK 1.6 kB IP
Hash 7a942df038e18997eb83c77533333fcb
75b4b06074dfbd059731f87c7a8ddbb012e393b1
4d1229f61a50bceb2b05f2d8da12d541c6175657e13e873ff1237e5643cc1a9f
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "4D1229F61A50BCEB2B05F2D8DA12D541C6175657E13E873FF1237E5643CC1A9F"
Last-Modified: Sun, 05 Feb 2023 18:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=2721
Expires: Mon, 06 Feb 2023 01:13:44 GMT
Date: Mon, 06 Feb 2023 00:28:23 GMT
Connection: keep-alive
s2.adform.net/banners/scripts/st/trackpoint-async.js
200 OK 32 kB URL HTTP/2 s2.adform.net/banners/scripts/st/trackpoint-async.js
IP
Hash 4e643e8b6d14bcb941b4b25939c1bb43
c54bada914094fcdac953e87c5c1d5f00931cf57
e4e53ea30d466e2ce117ce28c81d63914ce0e665b677e92f8bc5ae9e352861aa
GET /banners/scripts/st/trackpoint-async.js HTTP/1.1
Host: s2.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 00:28:22 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 29 Nov 2022 10:23:25 GMT
x-rgw-object-type: Normal
etag: W/"83eb5fafaa212c785f7393188ff817aa"
x-amz-request-id: tx0000062cf0e7d8446165f-006385e0d3-329354d9-default
access-control-allow-origin: *
cache-control: public, max-age=604800
x-cache-status: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
script.hotjar.com/modules.bca0d1c28285412bb689.js
200 OK 68 kB URL HTTP/2 script.hotjar.com/modules.bca0d1c28285412bb689.js
IP
File type Unicode text, UTF-8 text, with very long lines (49086)
Hash e923aa360dc485b9df86355bd040c998
03c46dbd41e9d4bdf8a9e4bfbaba3f7f2e9280ec
9c7575553c5b81f9b905dbb27c8116b175b69e7472aa6597f8cace1c6434d676
GET /modules.bca0d1c28285412bb689.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 67924
date: Fri, 03 Feb 2023 13:10:06 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "e923aa360dc485b9df86355bd040c998"
last-modified: Fri, 03 Feb 2023 13:09:45 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: CT5zgfOGsr_oqc7w6bGX-SsISFlzblQCCmIGOIE1tMVf-5xVldUrxQ==
age: 213497
X-Firefox-Spdy: h2
imagesrv.adition.com/1x1.gif
200 OK 68 B URL HTTP/2 imagesrv.adition.com/1x1.gif
IP
ASN #24961 myLoc managed IT AG
File type GIF image data, version 89a, 1 x 1\012- data
Hash 93e65182fe45341563c2f18f13987dc9
2dfd85967b0ac77f85697b05de2c1aca1b31e934
5fb3bdb7f966c852579fb6b0574517445d5b2d171c804d66227ee67b1bffca9c
GET /1x1.gif HTTP/1.1
Host: imagesrv.adition.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
accept-ranges: bytes
etag: "3122740758"
last-modified: Fri, 24 Jul 2009 13:46:10 GMT
content-length: 68
access-control-allow-origin: *
date: Mon, 06 Feb 2023 00:28:23 GMT
X-Firefox-Spdy: h2
rules.quantcount.com/rules-p-SJDus0aEB8nDE.js
200 OK 160 B URL HTTP/2 rules.quantcount.com/rules-p-SJDus0aEB8nDE.js
IP
Hash 2c7ec77dcb085abc40e3ff98738bfef5
2be6000c8124f67c59a84558ba19702b4fc3efd5
b29a1754d555695ef6044793dc63e4614cdbaf4dc19aa1e1dec711f42ff9d916
GET /rules-p-SJDus0aEB8nDE.js HTTP/1.1
Host: rules.quantcount.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 160
last-modified: Fri, 14 Oct 2022 00:21:05 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
access-control-allow-methods: GET
date: Sun, 05 Feb 2023 23:59:38 GMT
cache-control: max-age=3600
etag: "2c7ec77dcb085abc40e3ff98738bfef5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7XJ4C99wg1lDQNXBLRrRgyrRz_7lsxMfKUCx9x5JX5LFIWW2lwq0uw==
age: 1726
X-Firefox-Spdy: h2
mpsnare.iesnare.com/5.5.0/mM0sp8Erj2GlCHJLX6SgFKsKcD68gIN_z1-m9vV_lm0/logo.js
200 OK 420 B URL HTTP/1.1 mpsnare.iesnare.com/5.5.0/mM0sp8Erj2GlCHJLX6SgFKsKcD68gIN_z1-m9vV_lm0/logo.js
IP
File type ASCII text, with very long lines (377)
Hash 3ef44677e92c54438e0f97f449cad18c
26582c1820e1e15dd4005a6aae5af15c8afc7c11
02cabd5343f444004262d0a15d8bd54d7dbb5bdf4f8cad84f170d649f11cb49b
GET /5.5.0/mM0sp8Erj2GlCHJLX6SgFKsKcD68gIN_z1-m9vV_lm0/logo.js HTTP/1.1
Host: mpsnare.iesnare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 06 Feb 2023 00:28:23 GMT
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 06 May 2014 00:01:40 GMT
Expires: Tue, 06 Feb 2024 00:28:23 GMT
Cache-Control: private
p3p: CP="NON DSP COR CURa"
Accept-CH: ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip
mpsnare.iesnare.com/time.mp3?nocache=0.6006623473826316
206 Partial Content 504 B URL HTTP/1.1 mpsnare.iesnare.com/time.mp3?nocache=0.6006623473826316
IP
File type MPEG ADTS, layer III, v2.5, 32 kbps, 8 kHz, JntStereo\012- data
Hash cfe47da3367b896cf8fe9d23144e6294
5eb28e56c71ce7e851b99b4d90b4091e3090243a
2857eb76b4850703192f5d42bc145b2384147fcb65f63b5447ed74664e241507
GET /time.mp3?nocache=0.6006623473826316 HTTP/1.1
Host: mpsnare.iesnare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 206 Partial Content
Server: nginx
Date: Mon, 06 Feb 2023 00:28:23 GMT
Content-Type: audio/mpeg
Content-Length: 504
Connection: keep-alive
Content-Disposition: inline; filename=time.mp3
Content-Range: bytes 0-503/504
Accept-Ranges: bytes
Pragma: public
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
a.sportradarserving.com/pixel?type=js&aid=1622&id=7046
302 Moved Temporarily 0 B URL HTTP/1.1 a.sportradarserving.com/pixel?type=js&aid=1622&id=7046
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel?type=js&aid=1622&id=7046 HTTP/1.1
Host: a.sportradarserving.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache, no-store, must-revalidate
Date: Mon, 06 Feb 2023 00:28:23 GMT
Location: https://a.sportradarserving.com/ul_cb/pixel?type=js&aid=1622&id=7046
Set-Cookie: zuuid=18414364-2936-4aa5-a2d4-4b6ace556982; path=/; expires=Tue, 06-Feb-2024 00:28:23 GMT; domain=sportradarserving.com; samesite=none; secure
c=1675643303; path=/; expires=Tue, 06-Feb-2024 00:28:23 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_lu=1675643303; path=/; expires=Tue, 06-Feb-2024 00:28:23 GMT; domain=sportradarserving.com; samesite=none; secure
Content-Length: 0
Connection: keep-alive
a.sportradarserving.com/sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId=
302 Moved Temporarily 0 B URL HTTP/1.1 a.sportradarserving.com/sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId=
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId= HTTP/1.1
Host: a.sportradarserving.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache, no-store, must-revalidate
Date: Mon, 06 Feb 2023 00:28:23 GMT
Location: https://a.sportradarserving.com/ul_cb/sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId=
Set-Cookie: zuuid=ff294647-5b05-4b19-8ab3-6c1d1b9a7c86; path=/; expires=Tue, 06-Feb-2024 00:28:23 GMT; domain=sportradarserving.com; samesite=none; secure
c=1675643303; path=/; expires=Tue, 06-Feb-2024 00:28:23 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_lu=1675643303; path=/; expires=Tue, 06-Feb-2024 00:28:23 GMT; domain=sportradarserving.com; samesite=none; secure
Content-Length: 0
Connection: keep-alive
tracker.ads.sportradar.com/dist//sp-2.14.0.js
200 OK 30 kB URL HTTP/2 tracker.ads.sportradar.com/dist//sp-2.14.0.js
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (64903)
Hash 44f237857b8d03f32b53fe551e83c95a
91536fe6c60d947d29dfcb5f04d09b752b5ccf03
a5e10dc2f3c729300afe8fe24aa430f57d91fdefa8112c0b35dd424ba612caa7
GET /dist//sp-2.14.0.js HTTP/1.1
Host: tracker.ads.sportradar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 20 Jan 2021 14:51:32 GMT
accept-ranges: bytes
server: AmazonS3
etag: "8dba669b94e3865c9205ef8fd15ee4d1"
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: dvubTwXiRCjiJB7wCHMomvWFLhrbYyzD7rIO_O4yfnHhyBM3lf2JMA==
vary: Accept-Encoding
content-encoding: gzip
date: Mon, 06 Feb 2023 00:28:23 GMT
content-length: 30370
cache-control: max-age=900, public
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-QMJ93CW4C3>m=45je3210&_p=1410426674&cid=1698884179.1675643345&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675643345&sct=1&seg=0&dl=https%3A%2F%2Fwww.ibet.com%2Fno-NO%2F%3Faff%3DZG0C9ZL7-e76LFaHCxTGxGNd7ZgqdRLk&dt=iBet.com%20online%20tipping%2C%20casino%2C%20spill%20-%20F%C3%A5%20din%20250%20Euro%20Velkomstbonus%20n%C3%A5!&en=page_view&_fv=1&_nsi=1&_ss=1
204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-QMJ93CW4C3>m=45je3210&_p=1410426674&cid=1698884179.1675643345&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675643345&sct=1&seg=0&dl=https%3A%2F%2Fwww.ibet.com%2Fno-NO%2F%3Faff%3DZG0C9ZL7-e76LFaHCxTGxGNd7ZgqdRLk&dt=iBet.com%20online%20tipping%2C%20casino%2C%20spill%20-%20F%C3%A5%20din%20250%20Euro%20Velkomstbonus%20n%C3%A5!&en=page_view&_fv=1&_nsi=1&_ss=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-QMJ93CW4C3>m=45je3210&_p=1410426674&cid=1698884179.1675643345&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675643345&sct=1&seg=0&dl=https%3A%2F%2Fwww.ibet.com%2Fno-NO%2F%3Faff%3DZG0C9ZL7-e76LFaHCxTGxGNd7ZgqdRLk&dt=iBet.com%20online%20tipping%2C%20casino%2C%20spill%20-%20F%C3%A5%20din%20250%20Euro%20Velkomstbonus%20n%C3%A5!&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ibet.com
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.ibet.com
date: Mon, 06 Feb 2023 00:28:23 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash dbec6c29aea314998b2a924b36022815
c48a1556407e6528b1133e574fdea11790e16590
a5cd4f6c8db2d16d7dc73cf2e886a8d7f7319dc78f303254fce03cba43325966
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Mon, 06 Feb 2023 00:28:23 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sun, 05 Feb 2023 22:16:17 GMT
Expires: Mon, 06 Feb 2023 22:16:17 GMT
ETag: "c48a1556407e6528b1133e574fdea11790e16590"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ad1.adfarm1.adition.com/track?tid=26000&sid=55435&type=image&orderid=&itemno=&descr=&quantity=&price=0.00&total=0.00&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_39}&parm1=&parm2=&parm3=&parm4=
302 Found 1.3 kB URL HTTP/2 ad1.adfarm1.adition.com/track?tid=26000&sid=55435&type=image&orderid=&itemno=&descr=&quantity=&price=0.00&total=0.00&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_39}&parm1=&parm2=&parm3=&parm4=
IP
ASN #24961 myLoc managed IT AG
File type ASCII text, with very long lines (1272), with no line terminators
Hash 469e6280917068b31f8fe093ff8c4de5
f0176baa2a20a7c7a547761b374965b339861205
8eb91d18255c6b2b820915c4acf3bc8d5f492f22b3ec97bb89267fc3402891ad
GET /track?tid=26000&sid=55435&type=image&orderid=&itemno=&descr=&quantity=&price=0.00&total=0.00&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_39}&parm1=&parm2=&parm3=&parm4= HTTP/1.1
Host: ad1.adfarm1.adition.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/plain
location: https://imagesrv.adition.com/1x1.gif
server: ADITIONSERVER v1.0
date: Mon, 06 Feb 2023 01:28:22 +0100
access-control-allow-origin: *
cache-control: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pragma: no-cache
set-cookie: UserID1=7196833181860562129; expires=Sun, 07-May-2023 01:28:21 GMT; path=/; domain=.adfarm1.adition.com; SameSite=None; Secure
X-Firefox-Spdy: h2
tr.outbrain.com/cachedClickId?marketerId=undefined
200 OK 35 B URL HTTP/1.1 tr.outbrain.com/cachedClickId?marketerId=undefined
IP
File type ASCII text, with no line terminators
Hash 75c843c7b717e7b722777907475c67a3
983d1c9a05b315288039b9d4694ce3b402259240
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
GET /cachedClickId?marketerId=undefined HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 00:28:23 GMT
Content-Type: application/javascript
Content-Length: 35
X-TraceId: d5ccd31901945c7d12b5d1290abf2f29
a.sportradarserving.com/ul_cb/pixel?type=js&aid=1622&id=7046
200 OK 1.5 kB URL HTTP/1.1 a.sportradarserving.com/ul_cb/pixel?type=js&aid=1622&id=7046
IP
File type ASCII text, with very long lines (1527), with no line terminators
Hash dc691611072fdd04296e5303484d4c0d
ccda8a0e4862a6d739902aedae7cf285986b2655
19f8fa754fa93ebf4df99a926e3ead857d74264f2169230209d44d96017e27f9
GET /ul_cb/pixel?type=js&aid=1622&id=7046 HTTP/1.1
Host: a.sportradarserving.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ibet.com/
Connection: keep-alive
Cookie: zuuid=ff294647-5b05-4b19-8ab3-6c1d1b9a7c86; c=1675643303; zuuid_lu=1675643303
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/javascript; charset=UTF-8
Date: Mon, 06 Feb 2023 00:28:23 GMT
Set-Cookie: zuuid=ff294647-5b05-4b19-8ab3-6c1d1b9a7c86; path=/; expires=Tue, 06-Feb-2024 00:28:23 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_lu=1675643303; path=/; expires=Tue, 06-Feb-2024 00:28:23 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_k=1; path=/; expires=Tue, 06-Feb-2024 00:28:23 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_k_lu=1675643303; path=/; expires=Tue, 06-Feb-2024 00:28:23 GMT; domain=sportradarserving.com; samesite=none; secure
cm4=!bidswitch,444972503; path=/; expires=Tue, 06-Feb-2024 00:28:23 GMT; domain=sportradarserving.com; samesite=none; secure
bss=!bidswitch,444900503; path=/; expires=Tue, 06-Feb-2024 00:28:23 GMT; domain=sportradarserving.com; samesite=none; secure
Content-Length: 1527
Connection: keep-alive
a.sportradarserving.com/ul_cb/sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId=
302 Moved Temporarily 0 B URL HTTP/1.1 a.sportradarserving.com/ul_cb/sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId=
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ul_cb/sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId= HTTP/1.1
Host: a.sportradarserving.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ibet.com/
Connection: keep-alive
Cookie: zuuid=ff294647-5b05-4b19-8ab3-6c1d1b9a7c86; c=1675643303; zuuid_lu=1675643303
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache, no-store, must-revalidate
Date: Mon, 06 Feb 2023 00:28:23 GMT
Location: https://x.bidswitch.net/syncd?dsp_id=409&user_group=3&user_id=ff294647-5b05-4b19-8ab3-6c1d1b9a7c86&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3Dff294647-5b05-4b19-8ab3-6c1d1b9a7c86
Set-Cookie: zuuid=ff294647-5b05-4b19-8ab3-6c1d1b9a7c86; path=/; expires=Tue, 06-Feb-2024 00:28:23 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_lu=1675643303; path=/; expires=Tue, 06-Feb-2024 00:28:23 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_k=1; path=/; expires=Tue, 06-Feb-2024 00:28:23 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_k_lu=1675643303; path=/; expires=Tue, 06-Feb-2024 00:28:23 GMT; domain=sportradarserving.com; samesite=none; secure
Content-Length: 0
Connection: keep-alive
tr.outbrain.com/unifiedPixel?marketerId=0015ef2fd363de31fda729e1cf9b43cc1b&obApiVersion=1.1&obtpVersion=2.0.5&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.ibet.com%2Fno-NO%2F%3Faff%3DZG0C9ZL7-e76LFaHCxTGxGNd7ZgqdRLk&g=1&optOut=false&bust=0801591994260824&referrer=
200 OK 53 B URL HTTP/1.1 tr.outbrain.com/unifiedPixel?marketerId=0015ef2fd363de31fda729e1cf9b43cc1b&obApiVersion=1.1&obtpVersion=2.0.5&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.ibet.com%2Fno-NO%2F%3Faff%3DZG0C9ZL7-e76LFaHCxTGxGNd7ZgqdRLk&g=1&optOut=false&bust=0801591994260824&referrer=
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 414bd2a5161db03fdd910327b42c6daa
65d4cf50496813c5f1a34eddd5c50dc67d44ff47
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
GET /unifiedPixel?marketerId=0015ef2fd363de31fda729e1cf9b43cc1b&obApiVersion=1.1&obtpVersion=2.0.5&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.ibet.com%2Fno-NO%2F%3Faff%3DZG0C9ZL7-e76LFaHCxTGxGNd7ZgqdRLk&g=1&optOut=false&bust=0801591994260824&referrer= HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 00:28:23 GMT
Content-Type: image/gif;
Content-Length: 53
Cache-Control: no-cache
X-TraceId: cdd5f939947d0446c701651981503857
vars.hotjar.com/box-e031119f9e9e307a08fa610f85dbfb52.html
200 OK 1.0 kB URL HTTP/2 vars.hotjar.com/box-e031119f9e9e307a08fa610f85dbfb52.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Hash 112fdf47cdb80b9ce3d033ed09717460
3898efa86cbf1b64dc41a90a110ed5afd6f2ae13
3bfb2e882091d872eece2eee40084183a5fcb0a7ed98c1b004850751260a4cbb
GET /box-e031119f9e9e307a08fa610f85dbfb52.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ibet.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1034
date: Fri, 03 Feb 2023 13:10:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "112fdf47cdb80b9ce3d033ed09717460"
last-modified: Fri, 03 Feb 2023 13:09:45 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: enAYubKr843muX0ABCE_2c6GYo6-VdYyNfc4nIK4L9xALQZmptKHog==
age: 213497
X-Firefox-Spdy: h2
track.adform.net/Serving/TrackPoint/?CC=1&pm=2836286&ADFPageName=Page%20View&ADFdivider=%7C&ord=309216391831&ADFtpmode=2&loc=https%3A%2F%2Fwww.ibet.com%2Fno-NO%2F%3Faff%3DZG0C9ZL7-e76LFaHCxTGxGNd7ZgqdRLk&Set1=en-US%7Cen-US%7C1280x1024%7C24
200 OK 184 B URL HTTP/2 track.adform.net/Serving/TrackPoint/?CC=1&pm=2836286&ADFPageName=Page%20View&ADFdivider=%7C&ord=309216391831&ADFtpmode=2&loc=https%3A%2F%2Fwww.ibet.com%2Fno-NO%2F%3Faff%3DZG0C9ZL7-e76LFaHCxTGxGNd7ZgqdRLk&Set1=en-US%7Cen-US%7C1280x1024%7C24
IP
File type ASCII text, with CRLF line terminators
Hash c13136d2b1fe8b16bb3ddf519b6baa78
875cca302b518f903d8eecfd54cd7e20fd3fc161
cd3d2e6d539436e57ae48ccbba84b880e602a77617190b03151ceae877dba860
GET /Serving/TrackPoint/?CC=1&pm=2836286&ADFPageName=Page%20View&ADFdivider=%7C&ord=309216391831&ADFtpmode=2&loc=https%3A%2F%2Fwww.ibet.com%2Fno-NO%2F%3Faff%3DZG0C9ZL7-e76LFaHCxTGxGNd7ZgqdRLk&Set1=en-US%7Cen-US%7C1280x1024%7C24 HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ibet.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 00:28:24 GMT
content-type: text/javascript; charset=utf-8
content-length: 184
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
pixel.quantserve.com/pixel;r=1110687475;source=gtm;rf=0;a=p-SJDus0aEB8nDE;url=https%3A%2F%2Fwww.ibet.com%2Fno-NO%2F%3Faff%3DZG0C9ZL7-e76LFaHCxTGxGNd7ZgqdRLk;uh=82244417f956ac7c599f191593f7e441a4fafa20a4158fd52e154f1dc4c8ed92;uht=2;fpan=1;fpa=P0-263187419-1675643345666;pbc=;ns=0;ce=1;qjs=1;qv=bf501fc4-20230203135208;cm=;gdpr=0;ref=;d=ibet.com;dst=0;et=1675643345965;tzo=0;ogl=type.website%2Ctitle.iBet%252Ecom%20online%20tipping%252C%20casino%252C%20spill%20-%20F%C3%A5%20din%20250%20Euro%20Velkomstbonus%20n%C3%A5!%2Curl.https%3A%2F%2Fwww%252Eibet%252Ecom%2Cdescription.Velkommen%20til%20iBet%252Ecom%20-%20Online%20spill%20p%C3%A5%20sport%20med%20topp%20odds%252C%20spennende%20casino%252C%20;ses=149a5206-d36a-446e-93d5-82d1a6b7e69a
200 OK 35 B URL HTTP/2 pixel.quantserve.com/pixel;r=1110687475;source=gtm;rf=0;a=p-SJDus0aEB8nDE;url=https%3A%2F%2Fwww.ibet.com%2Fno-NO%2F%3Faff%3DZG0C9ZL7-e76LFaHCxTGxGNd7ZgqdRLk;uh=82244417f956ac7c599f191593f7e441a4fafa20a4158fd52e154f1dc4c8ed92;uht=2;fpan=1;fpa=P0-263187419-1675643345666;pbc=;ns=0;ce=1;qjs=1;qv=bf501fc4-20230203135208;cm=;gdpr=0;ref=;d=ibet.com;dst=0;et=1675643345965;tzo=0;ogl=type.website%2Ctitle.iBet%252Ecom%20online%20tipping%252C%20casino%252C%20spill%20-%20F%C3%A5%20din%20250%20Euro%20Velkomstbonus%20n%C3%A5!%2Curl.https%3A%2F%2Fwww%252Eibet%252Ecom%2Cdescription.Velkommen%20til%20iBet%252Ecom%20-%20Online%20spill%20p%C3%A5%20sport%20med%20topp%20odds%252C%20spennende%20casino%252C%20;ses=149a5206-d36a-446e-93d5-82d1a6b7e69a
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 55d25e9dc950d5db4d53a3b195c046c6
75e91ae3e549dab12ed1c9787ade9131aef1c981
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
GET /pixel;r=1110687475;source=gtm;rf=0;a=p-SJDus0aEB8nDE;url=https%3A%2F%2Fwww.ibet.com%2Fno-NO%2F%3Faff%3DZG0C9ZL7-e76LFaHCxTGxGNd7ZgqdRLk;uh=82244417f956ac7c599f191593f7e441a4fafa20a4158fd52e154f1dc4c8ed92;uht=2;fpan=1;fpa=P0-263187419-1675643345666;pbc=;ns=0;ce=1;qjs=1;qv=bf501fc4-20230203135208;cm=;gdpr=0;ref=;d=ibet.com;dst=0;et=1675643345965;tzo=0;ogl=type.website%2Ctitle.iBet%252Ecom%20online%20tipping%252C%20casino%252C%20spill%20-%20F%C3%A5%20din%20250%20Euro%20Velkomstbonus%20n%C3%A5!%2Curl.https%3A%2F%2Fwww%252Eibet%252Ecom%2Cdescription.Velkommen%20til%20iBet%252Ecom%20-%20Online%20spill%20p%C3%A5%20sport%20med%20topp%20odds%252C%20spennende%20casino%252C%20;ses=149a5206-d36a-446e-93d5-82d1a6b7e69a HTTP/1.1
Host: pixel.quantserve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 00:28:24 GMT
content-type: image/gif
content-length: 35
cache-control: private, no-cache, no-store, proxy-revalidate
expires: Fri, 04 Aug 1978 12:00:00 GMT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
set-cookie: mc=63e049a8-01645-aa61d-0182f; expires=Fri, 08-Mar-2024 00:28:24 GMT; path=/; domain=.quantserve.com
X-Firefox-Spdy: h2
secure.quantserve.com/quant.js
200 OK 10 kB URL HTTP/2 secure.quantserve.com/quant.js
IP
Hash 4a99f0c75dabbdacb0c0337882288c41
2e125434dbffddccdade70cb9166cd055ea29924
97ec7b5ecccc29074ac1b3fd4770938c5f253a235f430629dd636e4bf331abd8
GET /quant.js HTTP/1.1
Host: secure.quantserve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 00:28:22 GMT
content-type: application/javascript
accept-ranges: bytes
cache-control: private, max-age=604800
content-encoding: gzip
etag: "u+riIbpeWSVolXo4r+dT2g=="
expires: Mon, 13 Feb 2023 00:28:22 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 7d267d83a126d050c7cd3d37daf7308c
ae050bd3eaccd6b6238f69bd360bd954ab62a1f7
6e0ab46ee3ac5e3052b4a2aa055ea55fb1d7c3c0515482292d59e6cb3f1f385e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4484
Cache-Control: max-age=103977
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 00:28:24 GMT
Etag: "63df2b4d-1d7"
Expires: Tue, 07 Feb 2023 05:21:21 GMT
Last-Modified: Sun, 05 Feb 2023 04:06:37 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
trc.taboola.com/1504263/log/3/unip?en=all_pages&tim=1675643345658&vi=1675643345625&ri=47044969b310cb5a9c7da62dc26bcd4e&ref=null&cv=20230205-12-RELEASE&item-url=https%3A%2F%2Fwww.ibet.com%2Fno-NO%2F%3Faff%3DZG0C9ZL7-e76LFaHCxTGxGNd7ZgqdRLk&tos=529&ssd=1&scd=0
204 No Content 0 B URL HTTP/2 trc.taboola.com/1504263/log/3/unip?en=all_pages&tim=1675643345658&vi=1675643345625&ri=47044969b310cb5a9c7da62dc26bcd4e&ref=null&cv=20230205-12-RELEASE&item-url=https%3A%2F%2Fwww.ibet.com%2Fno-NO%2F%3Faff%3DZG0C9ZL7-e76LFaHCxTGxGNd7ZgqdRLk&tos=529&ssd=1&scd=0
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1504263/log/3/unip?en=all_pages&tim=1675643345658&vi=1675643345625&ri=47044969b310cb5a9c7da62dc26bcd4e&ref=null&cv=20230205-12-RELEASE&item-url=https%3A%2F%2Fwww.ibet.com%2Fno-NO%2F%3Faff%3DZG0C9ZL7-e76LFaHCxTGxGNd7ZgqdRLk&tos=529&ssd=1&scd=0 HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ibet.com
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
content-type: image/gif
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.ibet.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
accept-ranges: bytes
date: Mon, 06 Feb 2023 00:28:24 GMT
via: 1.1 varnish
x-served-by: cache-bma1633-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675643304.007089,VS0,VE92
x-vcl-time-ms: 92
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash e58d6980cbddaa1e952d4f64fda8fa6c
5be91756739fff3289837e3a4ec43ee902966230
be1b404742c28b1171e1f7e8c6beb4e68a62d775d3c43b2844b5d1a3bb145a98
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4030
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 00:28:24 GMT
Last-Modified: Sun, 05 Feb 2023 23:21:14 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash 9d955ae620c99cdd12a42546f787dcfd
3be6d2eb78942ca47899d452769320f18bc634d1
e404e2fe3cb2f5e67cf77d3323dfa0c1f431bd15f6c8d306c9fde9d380012889
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Mon, 06 Feb 2023 00:28:23 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sun, 05 Feb 2023 20:26:47 GMT
Expires: Mon, 06 Feb 2023 20:26:47 GMT
ETag: "3be6d2eb78942ca47899d452769320f18bc634d1"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.sectigo.com/
200 OK 471 B IP
Hash bbd90245f244e76d9f45706b1fb5ae58
1e15a0d03d74175f976310f2db334050485ed546
03fda0816cd373e36f33630fc50b4fb5e5852fb1f2c65175b98437386c436dd4
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 00:28:24 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 04 Feb 2023 01:56:49 GMT
Expires: Sat, 11 Feb 2023 01:56:48 GMT
Etag: "1e15a0d03d74175f976310f2db334050485ed546"
Cache-Control: max-age=436703,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 794fc3fa8f4e1c0e-OSL
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 7afb8eb5dcbd727fb69c14bfabe20e72
d4b1cc1973e4200a371f0aa8c5ec8232d780a77b
ca0a46edfe267973b60ff163d696fe7c0e862e56ee3f90f098bf309f276c987f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 00:28:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
secure.adnxs.com/getuid?https%3A%2F%2Fums.acuityplatform.com%2Fsum%3Fumid%3D10%26auid%3D739911338687%26uid%3D%24UID
307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/getuid?https%3A%2F%2Fums.acuityplatform.com%2Fsum%3Fumid%3D10%26auid%3D739911338687%26uid%3D%24UID
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https%3A%2F%2Fums.acuityplatform.com%2Fsum%3Fumid%3D10%26auid%3D739911338687%26uid%3D%24UID HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Mon, 06 Feb 2023 00:28:24 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fums.acuityplatform.com%252Fsum%253Fumid%253D10%2526auid%253D739911338687%2526uid%253D%2524UID
AN-X-Request-Uuid: 977b424b-b799-4092-bb8e-9c91eb78966a
Set-Cookie: uuid2=7068075297297694162; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 07-May-2023 00:28:24 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ocsp.sectigo.com/
200 OK 471 B IP
Hash bbd90245f244e76d9f45706b1fb5ae58
1e15a0d03d74175f976310f2db334050485ed546
03fda0816cd373e36f33630fc50b4fb5e5852fb1f2c65175b98437386c436dd4
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 00:28:24 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 04 Feb 2023 01:56:49 GMT
Expires: Sat, 11 Feb 2023 01:56:48 GMT
Etag: "1e15a0d03d74175f976310f2db334050485ed546"
Cache-Control: max-age=436703,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 794fc3fa9b611c12-OSL
pixel.tapad.com/idsync/ex/receive?partner_id=3150&partner_device_id=739911338687&partner_url=https%3A%2F%2Fums.acuityplatform.com%2Fsum%3Fumid%3D64%26auid%3D739911338687%26uid%3D%24%7BTA_DEVICE_ID%7D
302 Found 0 B URL HTTP/2 pixel.tapad.com/idsync/ex/receive?partner_id=3150&partner_device_id=739911338687&partner_url=https%3A%2F%2Fums.acuityplatform.com%2Fsum%3Fumid%3D64%26auid%3D739911338687%26uid%3D%24%7BTA_DEVICE_ID%7D
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /idsync/ex/receive?partner_id=3150&partner_device_id=739911338687&partner_url=https%3A%2F%2Fums.acuityplatform.com%2Fsum%3Fumid%3D64%26auid%3D739911338687%26uid%3D%24%7BTA_DEVICE_ID%7D HTTP/1.1
Host: pixel.tapad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 06 Feb 2023 00:28:24 GMT
strict-transport-security: max-age=31536000
access-control-allow-origin: *
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
set-cookie: TapAd_TS=1675643304124;Expires=Fri, 07 Apr 2023 00:28:24 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
TapAd_DID=d0b5a710-d6c9-4bf3-a219-df581e0acd20;Expires=Fri, 07 Apr 2023 00:28:24 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3150&partner_device_id=739911338687&partner_url=https%3A%2F%2Fums.acuityplatform.com%2Fsum%3Fumid%3D64%26auid%3D739911338687%26uid%3D%24%7BTA_DEVICE_ID%7D
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pixel.advertising.com/ups/55950/sync?uid=739911338687&_origin=1
301 Moved Permanently 355 B URL HTTP/2 pixel.advertising.com/ups/55950/sync?uid=739911338687&_origin=1
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 2cfb699477e4aea76d091ab6d50eabfd
c8c9890463e6ccb2d0e231db3a6ba8dff1ecf262
83ebba7a5566b8d581b87a822914d693848a0446edc870627c06de8bbf538325
GET /ups/55950/sync?uid=739911338687&_origin=1 HTTP/1.1
Host: pixel.advertising.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Mon, 06 Feb 2023 00:28:24 GMT
server: ATS/9.1.10.25
cache-control: no-store
location: https://ups.analytics.yahoo.com/ups/55950/sync?uid=739911338687&_origin=1
content-type: text/html
content-language: en
set-cookie: A3=d=AQABBKhJ4GMCEKFxh6X33aMDkCtGPBLiz6sFEgEBAQGb4WPqYwAAAAAA_eMAAA&S=AQAAAiS8FfJEigS-80DUYN83K2k; Expires=Tue, 6 Feb 2024 06:28:24 GMT; Max-Age=31557600; Domain=.advertising.com; Path=/; SameSite=None; Secure; HttpOnly
content-length: 355
X-Firefox-Spdy: h2
x.bidswitch.net/syncd?dsp_id=409&user_group=3&user_id=ff294647-5b05-4b19-8ab3-6c1d1b9a7c86&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3Dff294647-5b05-4b19-8ab3-6c1d1b9a7c86
302 Found 0 B URL HTTP/2 x.bidswitch.net/syncd?dsp_id=409&user_group=3&user_id=ff294647-5b05-4b19-8ab3-6c1d1b9a7c86&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3Dff294647-5b05-4b19-8ab3-6c1d1b9a7c86
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /syncd?dsp_id=409&user_group=3&user_id=ff294647-5b05-4b19-8ab3-6c1d1b9a7c86&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3Dff294647-5b05-4b19-8ab3-6c1d1b9a7c86 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ibet.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 06 Feb 2023 00:28:24 GMT
content-length: 0
location: https://x.bidswitch.net/ul_cb/syncd?dsp_id=409&user_group=3&user_id=ff294647-5b05-4b19-8ab3-6c1d1b9a7c86&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3Dff294647-5b05-4b19-8ab3-6c1d1b9a7c86
cache-control: no-cache, no-store, must-revalidate
set-cookie: tuuid=a60d6cbf-e279-47e8-9b25-51ba338e21de; path=/; expires=Tue, 06-Feb-2024 00:28:24 GMT; domain=.bidswitch.net; samesite=none; secure
c=1675643304; path=/; expires=Tue, 06-Feb-2024 00:28:24 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1675643304; path=/; expires=Tue, 06-Feb-2024 00:28:24 GMT; domain=.bidswitch.net; samesite=none; secure
c=1675643304; path=/; expires=Tue, 06-Feb-2024 00:28:24 GMT; domain=.bidswitch.net; samesite=none; secure
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 33799143aba7ecc77550ec353e2d6efe
6daa70e1ec21a8ae0a915c10ee874893a087c08e
d547d0c952b4d6e679c04ea944147a111d3f22c185a1f26302c70d9844d9422c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6057
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 00:28:24 GMT
Last-Modified: Sun, 05 Feb 2023 22:47:27 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-160917518-1&cid=1698884179.1675643345&jid=575762211&gjid=1644792704&_gid=717852708.1675643346&_u=YADAAEAAAAAAACAAI~&z=839343216
200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-160917518-1&cid=1698884179.1675643345&jid=575762211&gjid=1644792704&_gid=717852708.1675643346&_u=YADAAEAAAAAAACAAI~&z=839343216
IP
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-160917518-1&cid=1698884179.1675643345&jid=575762211&gjid=1644792704&_gid=717852708.1675643346&_u=YADAAEAAAAAAACAAI~&z=839343216 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.ibet.com
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.ibet.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 06 Feb 2023 00:28:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=3&user_id=ff294647-5b05-4b19-8ab3-6c1d1b9a7c86&cb=d76a3dac-344a-457c-bba2-ca80717a1ccf
302 Found 0 B URL HTTP/2 x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=3&user_id=ff294647-5b05-4b19-8ab3-6c1d1b9a7c86&cb=d76a3dac-344a-457c-bba2-ca80717a1ccf
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?dsp_id=409&expires=14&user_group=3&user_id=ff294647-5b05-4b19-8ab3-6c1d1b9a7c86&cb=d76a3dac-344a-457c-bba2-ca80717a1ccf HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 06 Feb 2023 00:28:24 GMT
content-length: 0
location: https://x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=3&user_id=ff294647-5b05-4b19-8ab3-6c1d1b9a7c86&cb=d76a3dac-344a-457c-bba2-ca80717a1ccf
cache-control: no-cache, no-store, must-revalidate
set-cookie: tuuid=02f44a81-73a9-4e60-93ba-3ee2a2eb568e; path=/; expires=Tue, 06-Feb-2024 00:28:24 GMT; domain=.bidswitch.net; samesite=none; secure
c=1675643304; path=/; expires=Tue, 06-Feb-2024 00:28:24 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1675643304; path=/; expires=Tue, 06-Feb-2024 00:28:24 GMT; domain=.bidswitch.net; samesite=none; secure
c=1675643304; path=/; expires=Tue, 06-Feb-2024 00:28:24 GMT; domain=.bidswitch.net; samesite=none; secure
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 7d267d83a126d050c7cd3d37daf7308c
ae050bd3eaccd6b6238f69bd360bd954ab62a1f7
6e0ab46ee3ac5e3052b4a2aa055ea55fb1d7c3c0515482292d59e6cb3f1f385e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4484
Cache-Control: max-age=103977
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 00:28:24 GMT
Etag: "63df2b4d-1d7"
Expires: Tue, 07 Feb 2023 05:21:21 GMT
Last-Modified: Sun, 05 Feb 2023 04:06:37 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=3&user_id=ff294647-5b05-4b19-8ab3-6c1d1b9a7c86&cb=643ab5ef-cba5-453d-a54e-1065fa2891bc
302 Found 0 B URL HTTP/2 x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=3&user_id=ff294647-5b05-4b19-8ab3-6c1d1b9a7c86&cb=643ab5ef-cba5-453d-a54e-1065fa2891bc
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?dsp_id=409&expires=14&user_group=3&user_id=ff294647-5b05-4b19-8ab3-6c1d1b9a7c86&cb=643ab5ef-cba5-453d-a54e-1065fa2891bc HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 06 Feb 2023 00:28:24 GMT
content-length: 0
cache-control: no-cache, no-store, must-revalidate
location: //match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=ff294647-5b05-4b19-8ab3-6c1d1b9a7c86&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
X-Firefox-Spdy: h2
x.bidswitch.net/sync?dsp_id=236&user_id=739911338687&expires=30&user_group=1
302 Found 0 B URL HTTP/2 x.bidswitch.net/sync?dsp_id=236&user_id=739911338687&expires=30&user_group=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?dsp_id=236&user_id=739911338687&expires=30&user_group=1 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 06 Feb 2023 00:28:24 GMT
content-length: 0
cache-control: no-cache, no-store, must-revalidate
location: //match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=739911338687&seat_key=236&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-3070584.js?sv=7
200 OK 3.6 kB URL HTTP/2 static.hotjar.com/c/hotjar-3070584.js?sv=7
IP
File type ASCII text, with very long lines (7460)
Hash 387f1a8ce28afb8f15a21d91231535cb
b4da7791aa0987e672aef9c7e783e0f2adda2c6b
1afe11aa67e8892f060f9ec81e04055aede7d58445d88663fb8cf1cc560d33e2
GET /c/hotjar-3070584.js?sv=7 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
date: Mon, 06 Feb 2023 00:27:47 GMT
cache-control: max-age=60
etag: W/32c1ccfb70c0895a7625542b920fa564
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2afd697fc5d0058ea30d6c4b939e714c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ApaiQdBLFWBScS8j3gcAkCu5iavJoi1NcFVVxS9DzFELHo-uAbaSDA==
age: 35
X-Firefox-Spdy: h2
loadm.exelator.com/load/?p=204&g=620&j=0
204 No Content 0 B URL HTTP/2 loadm.exelator.com/load/?p=204&g=620&j=0
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /load/?p=204&g=620&j=0 HTTP/1.1
Host: loadm.exelator.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Mon, 06 Feb 2023 00:28:24 GMT
cache-control: no-cache
x-powered-by: Undertow/1
access-control-allow-credentials: true
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
X-Firefox-Spdy: h2
tags.bluekai.com/site/37592?id=123456&limit=0&redir=https%3A%2F%2Fums.acuityplatform.com%2Fsum%3Fumid%3D49%26auid%3D739911338687%26uid%3D%24_BK_UUID
302 Found 0 B URL HTTP/2 tags.bluekai.com/site/37592?id=123456&limit=0&redir=https%3A%2F%2Fums.acuityplatform.com%2Fsum%3Fumid%3D49%26auid%3D739911338687%26uid%3D%24_BK_UUID
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /site/37592?id=123456&limit=0&redir=https%3A%2F%2Fums.acuityplatform.com%2Fsum%3Fumid%3D49%26auid%3D739911338687%26uid%3D%24_BK_UUID HTTP/1.1
Host: tags.bluekai.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-length: 0
location: https://ums.acuityplatform.com/sum?umid=49&auid=739911338687&uid=$_BK_UUID
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Mon, 06 Feb 2023 00:28:24 GMT
set-cookie: bku=tJ/99vCJTsBwwsRZ; Path=/; Domain=.bluekai.com; Expires=Sun, 06 Aug 2023 00:28:24 GMT; Secure; SameSite=None
bkpa=KJyA0nWvQp9x9BYFmDK+5hgBWW3nOWo7jy7s6Q1wJqA1d4+YrpNKANZlCGqKToVMS8sblkxfYbrfPsZn7Bhq2zh9B69wb/FAm30a2UwrxP2cA7G2OBe7/AYIYWKQ3qm9Jou4OfvtqRks1yb98oI9lUJdnFwXZnTe9vK7JfT=; Path=/; Domain=.bluekai.com; Expires=Sun, 06 Aug 2023 00:28:24 GMT; Secure; SameSite=None
X-Firefox-Spdy: h2
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash 4493f1410f1d1bc45923100896260524
7ca36fc7084b134c20cbc457332ff5995874467f
fe556f9bfa39e85ca307a9f7fd8ed79cb86a0c7e8b6164cc419ec612b42e453c
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Mon, 06 Feb 2023 00:28:23 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sun, 05 Feb 2023 23:07:35 GMT
Expires: Mon, 06 Feb 2023 23:07:35 GMT
ETag: "7ca36fc7084b134c20cbc457332ff5995874467f"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 7afb8eb5dcbd727fb69c14bfabe20e72
d4b1cc1973e4200a371f0aa8c5ec8232d780a77b
ca0a46edfe267973b60ff163d696fe7c0e862e56ee3f90f098bf309f276c987f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 00:28:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cs.admanmedia.com/sync?dsp=acuity&dsp_id=739911338687&to=https%3A%2F%2Fums.acuityplatform.com%2Fsum%3Fumid%3D134%26auid%3D739911338687%26uid%3D%5BADM%5D
302 Found 0 B URL HTTP/1.1 cs.admanmedia.com/sync?dsp=acuity&dsp_id=739911338687&to=https%3A%2F%2Fums.acuityplatform.com%2Fsum%3Fumid%3D134%26auid%3D739911338687%26uid%3D%5BADM%5D
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?dsp=acuity&dsp_id=739911338687&to=https%3A%2F%2Fums.acuityplatform.com%2Fsum%3Fumid%3D134%26auid%3D739911338687%26uid%3D%5BADM%5D HTTP/1.1
Host: cs.admanmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Mon, 06 Feb 2023 00:28:24 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: admtr=10991d73-fdbe-4570-ac70-fee23db222df; path=/; domain=.admanmedia.com; expires=Mon, 20 Feb 2023 00:28:24 GMT;SameSite=None;Secure
ac_r=CS114; path=/; domain=.admanmedia.com; expires=Mon, 20 Feb 2023 00:28:24 GMT;SameSite=None;Secure
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Location: https://ums.acuityplatform.com/sum?umid=134&auid=739911338687&uid=[ADM]
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Frame-Options: DENY
sync.crwdcntrl.net/map/c=14774/tp=ACUT/tpid=739911338687
404 Not Found 6.6 kB URL HTTP/2 sync.crwdcntrl.net/map/c=14774/tp=ACUT/tpid=739911338687
IP
Hash ddfffdeabf323a9263b218f0240ee5f4
4d20be9a370f4550df3f0886ef3b86940feacec0
4dd708c51c597a06838231ed7610e12605cd57ea714f3f5745315d3188fe17e9
GET /map/c=14774/tp=ACUT/tpid=739911338687 HTTP/1.1
Host: sync.crwdcntrl.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Mon, 06 Feb 2023 00:28:24 GMT
content-type: image/gif
content-length: 49
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.19.194
access-control-allow-origin: *
server: Jetty(9.4.38.v20210224)
X-Firefox-Spdy: h2
secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fums.acuityplatform.com%252Fsum%253Fumid%253D10%2526auid%253D739911338687%2526uid%253D%2524UID
302 Found 0 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fums.acuityplatform.com%252Fsum%253Fumid%253D10%2526auid%253D739911338687%2526uid%253D%2524UID
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%253A%252F%252Fums.acuityplatform.com%252Fsum%253Fumid%253D10%2526auid%253D739911338687%2526uid%253D%2524UID HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Mon, 06 Feb 2023 00:28:24 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ums.acuityplatform.com/sum?umid=10&auid=739911338687&uid=0
AN-X-Request-Uuid: 469732e2-df74-421f-aac0-3d54808044ec
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x.bidswitch.net/ul_cb/syncd?dsp_id=409&user_group=3&user_id=ff294647-5b05-4b19-8ab3-6c1d1b9a7c86&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3Dff294647-5b05-4b19-8ab3-6c1d1b9a7c86
200 OK 43 B URL HTTP/2 x.bidswitch.net/ul_cb/syncd?dsp_id=409&user_group=3&user_id=ff294647-5b05-4b19-8ab3-6c1d1b9a7c86&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3Dff294647-5b05-4b19-8ab3-6c1d1b9a7c86
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/syncd?dsp_id=409&user_group=3&user_id=ff294647-5b05-4b19-8ab3-6c1d1b9a7c86&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3Dff294647-5b05-4b19-8ab3-6c1d1b9a7c86 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ibet.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 00:28:24 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=3&user_id=ff294647-5b05-4b19-8ab3-6c1d1b9a7c86&cb=d76a3dac-344a-457c-bba2-ca80717a1ccf
302 Found 0 B URL HTTP/2 x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=3&user_id=ff294647-5b05-4b19-8ab3-6c1d1b9a7c86&cb=d76a3dac-344a-457c-bba2-ca80717a1ccf
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ul_cb/sync?dsp_id=409&expires=14&user_group=3&user_id=ff294647-5b05-4b19-8ab3-6c1d1b9a7c86&cb=d76a3dac-344a-457c-bba2-ca80717a1ccf HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Mon, 06 Feb 2023 00:28:24 GMT
content-length: 0
cache-control: no-cache, no-store, must-revalidate
location: //match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=ff294647-5b05-4b19-8ab3-6c1d1b9a7c86&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
X-Firefox-Spdy: h2
x.bidswitch.net/ul_cb/syncd?dsp_id=409&user_id=ff294647-5b05-4b19-8ab3-6c1d1b9a7c86&user_group=3&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D
200 OK 43 B URL HTTP/2 x.bidswitch.net/ul_cb/syncd?dsp_id=409&user_id=ff294647-5b05-4b19-8ab3-6c1d1b9a7c86&user_group=3&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/syncd?dsp_id=409&user_id=ff294647-5b05-4b19-8ab3-6c1d1b9a7c86&user_group=3&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 00:28:24 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
ups.analytics.yahoo.com/ups/55950/sync?uid=739911338687&_origin=1
302 Found 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/55950/sync?uid=739911338687&_origin=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/55950/sync?uid=739911338687&_origin=1 HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Mon, 06 Feb 2023 00:28:24 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
location: https://ups.analytics.yahoo.com/ups/55950/sync?uid=739911338687&_origin=1&verify=true
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBKhJ4GMCEMCpW7Oiyb1DQPJB1BBBQNkFEgEBAQGb4WPqYwAAAAAA_eMAAA&S=AQAAAuhN4A2SsmY-gEgaYRtcIyo; Expires=Tue, 6 Feb 2024 06:28:24 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash bbd90245f244e76d9f45706b1fb5ae58
1e15a0d03d74175f976310f2db334050485ed546
03fda0816cd373e36f33630fc50b4fb5e5852fb1f2c65175b98437386c436dd4
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 00:28:24 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 04 Feb 2023 01:56:49 GMT
Expires: Sat, 11 Feb 2023 01:56:48 GMT
Etag: "1e15a0d03d74175f976310f2db334050485ed546"
Cache-Control: max-age=436703,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 794fc3fa9b2b1bfa-OSL
ups.analytics.yahoo.com/ups/55950/sync?uid=739911338687&_origin=1&verify=true
204 No Content 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/55950/sync?uid=739911338687&_origin=1&verify=true
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/55950/sync?uid=739911338687&_origin=1&verify=true HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 06 Feb 2023 00:28:24 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security: max-age=31536000
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBKhJ4GMCEJB0dOyLozZDsC3UOfPiJOUFEgEBAQGb4WPqYwAAAAAA_eMAAA&S=AQAAAsP8eWxIZN5ZhhuviRMVZWQ; Expires=Tue, 6 Feb 2024 06:28:24 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=3&user_id=ff294647-5b05-4b19-8ab3-6c1d1b9a7c86&cb=d14afa01-1bfd-46a6-afa1-e7a89017ad1f
302 Found 0 B URL HTTP/2 x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=3&user_id=ff294647-5b05-4b19-8ab3-6c1d1b9a7c86&cb=d14afa01-1bfd-46a6-afa1-e7a89017ad1f
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?dsp_id=409&expires=14&user_group=3&user_id=ff294647-5b05-4b19-8ab3-6c1d1b9a7c86&cb=d14afa01-1bfd-46a6-afa1-e7a89017ad1f HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 06 Feb 2023 00:28:24 GMT
content-length: 0
cache-control: no-cache, no-store, must-revalidate
location: //match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=ff294647-5b05-4b19-8ab3-6c1d1b9a7c86&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
X-Firefox-Spdy: h2
ums.acuityplatform.com/sum?umid=64&auid=739911338687&uid=b8ecd3e6-ec89-45ca-a4cb-ccbb327c312b
204 No Content 0 B URL HTTP/1.1 ums.acuityplatform.com/sum?umid=64&auid=739911338687&uid=b8ecd3e6-ec89-45ca-a4cb-ccbb327c312b
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sum?umid=64&auid=739911338687&uid=b8ecd3e6-ec89-45ca-a4cb-ccbb327c312b HTTP/1.1
Host: ums.acuityplatform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
access-control-allow-origin: *
set-cookie: auid=739939503515; Domain=.acuityplatform.com; Expires=Tue, 06-Feb-2024 00:28:24 GMT; Path=/; SameSite=None; Secure
aum="OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqBNjT6jXVzZXJNYXRjaGluZ0lkJAKAkWxhc3REcm9wVGltZU1pbGxpcyUBQwkDe0yymGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUMJA3tMso90aGlyZFBhcnR5VXNlcklkY2I4ZWNkM2U2LWVjODktNDVjYS1hNGNiLWNjYmIzMjdjMzEyYvv7hnZlcnNpb27C+w=="; Version=1; Domain=.acuityplatform.com; Max-Age=31536000; Expires=Tue, 06-Feb-2024 00:28:24 GMT; Path=/; SameSite=None; Secure
x-acuity-userid: 739939503515
access-control-expose-headers: X-Acuity-UserID
ums.acuityplatform.com/sum?umid=49&auid=739911338687&uid=$_BK_UUID
204 No Content 0 B URL HTTP/1.1 ums.acuityplatform.com/sum?umid=49&auid=739911338687&uid=$_BK_UUID
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sum?umid=49&auid=739911338687&uid=$_BK_UUID HTTP/1.1
Host: ums.acuityplatform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
ums.acuityplatform.com/sum?umid=134&auid=739911338687&uid=[ADM]
204 No Content 0 B URL HTTP/1.1 ums.acuityplatform.com/sum?umid=134&auid=739911338687&uid=[ADM]
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sum?umid=134&auid=739911338687&uid=[ADM] HTTP/1.1
Host: ums.acuityplatform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
ums.acuityplatform.com/sum?umid=10&auid=739911338687&uid=0
204 No Content 0 B URL HTTP/1.1 ums.acuityplatform.com/sum?umid=10&auid=739911338687&uid=0
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sum?umid=10&auid=739911338687&uid=0 HTTP/1.1
Host: ums.acuityplatform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 7747482ad48551c80c7099680c497b3a
369de8f8c56917f793d8f8c425c8ab6204832159
3f6a47246c40f0b1ebb5de42929e4f084c7908f41b6f1fe74f286ed27306cae0
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 06 Feb 2023 00:28:24 GMT
Last-Modified: Sun, 05 Feb 2023 22:43:02 GMT
Server: ECS (nyb/1D10)
X-Cache: Miss from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: v_uD4jh8mFd7cpesqtyx-eWeNR0DGncz0TmDe0cuPYMetosVqGi2vw==
Age: 6322
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 7747482ad48551c80c7099680c497b3a
369de8f8c56917f793d8f8c425c8ab6204832159
3f6a47246c40f0b1ebb5de42929e4f084c7908f41b6f1fe74f286ed27306cae0
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=109053
Date: Mon, 06 Feb 2023 00:28:24 GMT
Etag: "63df37fa-1d7"
Expires: Tue, 07 Feb 2023 06:45:57 GMT
Last-Modified: Sun, 05 Feb 2023 05:00:42 GMT
Server: ECS (nyb/1D28)
X-Cache: Miss from cloudfront
Via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: zafgaQCnvrVb4p85AvQZKfaBsbhsvICLA79dfTJryCQ0SsnxzPXw_A==
Age: 6315
match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=ff294647-5b05-4b19-8ab3-6c1d1b9a7c86&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
204 No Content 0 B URL HTTP/2 match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=ff294647-5b05-4b19-8ab3-6c1d1b9a7c86&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=ff294647-5b05-4b19-8ab3-6c1d1b9a7c86&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy= HTTP/1.1
Host: match.sharethrough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 06 Feb 2023 00:28:24 GMT
X-Firefox-Spdy: h2
match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=739911338687&seat_key=236&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
204 No Content 0 B URL HTTP/2 match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=739911338687&seat_key=236&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=739911338687&seat_key=236&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy= HTTP/1.1
Host: match.sharethrough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 06 Feb 2023 00:28:24 GMT
X-Firefox-Spdy: h2
match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=ff294647-5b05-4b19-8ab3-6c1d1b9a7c86&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
204 No Content 0 B URL HTTP/2 match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=ff294647-5b05-4b19-8ab3-6c1d1b9a7c86&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=ff294647-5b05-4b19-8ab3-6c1d1b9a7c86&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy= HTTP/1.1
Host: match.sharethrough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 06 Feb 2023 00:28:24 GMT
X-Firefox-Spdy: h2
match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=ff294647-5b05-4b19-8ab3-6c1d1b9a7c86&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
204 No Content 0 B URL HTTP/2 match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=ff294647-5b05-4b19-8ab3-6c1d1b9a7c86&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=ff294647-5b05-4b19-8ab3-6c1d1b9a7c86&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy= HTTP/1.1
Host: match.sharethrough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 06 Feb 2023 00:28:24 GMT
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 7747482ad48551c80c7099680c497b3a
369de8f8c56917f793d8f8c425c8ab6204832159
3f6a47246c40f0b1ebb5de42929e4f084c7908f41b6f1fe74f286ed27306cae0
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=109053
Date: Mon, 06 Feb 2023 00:28:24 GMT
Etag: "63df37fa-1d7"
Expires: Tue, 07 Feb 2023 06:45:57 GMT
Last-Modified: Sun, 05 Feb 2023 05:00:42 GMT
Server: ECS (nyb/1D07)
X-Cache: Miss from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Qsry0tZmtUrbLMbn2GnofVjra6xYn9y8gvLXpXpNBME0EAfGfEEZbA==
Age: 6315
trc-events.taboola.com/1504263/log/3/unip?en=pre_d_eng_tb&tos=2242&scd=0&ssd=1&est=1675643345627&ver=36&isls=true&src=i&invt=1500&msa=2617&rv=1&tim=1675643347872&vi=1675643345625&ri=47044969b310cb5a9c7da62dc26bcd4e&ref=null&cv=20230205-12-RELEASE&item-url=https%3A%2F%2Fwww.ibet.com%2Fno-NO%2F%3Faff%3DZG0C9ZL7-e76LFaHCxTGxGNd7ZgqdRLk
204 No Content 0 B URL HTTP/2 trc-events.taboola.com/1504263/log/3/unip?en=pre_d_eng_tb&tos=2242&scd=0&ssd=1&est=1675643345627&ver=36&isls=true&src=i&invt=1500&msa=2617&rv=1&tim=1675643347872&vi=1675643345625&ri=47044969b310cb5a9c7da62dc26bcd4e&ref=null&cv=20230205-12-RELEASE&item-url=https%3A%2F%2Fwww.ibet.com%2Fno-NO%2F%3Faff%3DZG0C9ZL7-e76LFaHCxTGxGNd7ZgqdRLk
IP
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1504263/log/3/unip?en=pre_d_eng_tb&tos=2242&scd=0&ssd=1&est=1675643345627&ver=36&isls=true&src=i&invt=1500&msa=2617&rv=1&tim=1675643347872&vi=1675643345625&ri=47044969b310cb5a9c7da62dc26bcd4e&ref=null&cv=20230205-12-RELEASE&item-url=https%3A%2F%2Fwww.ibet.com%2Fno-NO%2F%3Faff%3DZG0C9ZL7-e76LFaHCxTGxGNd7ZgqdRLk HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ibet.com
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Mon, 06 Feb 2023 00:28:25 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.ibet.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
track.adform.net/Serving/TrackPoint/?pm=2836286&ADFPageName=Page%20View&ADFdivider=%7C&ord=309216391831&ADFtpmode=2&loc=https%3A%2F%2Fwww.ibet.com%2Fno-NO%2F%3Faff%3DZG0C9ZL7-e76LFaHCxTGxGNd7ZgqdRLk&Set1=en-US%7Cen-US%7C1280x1024%7C24
302 Found 0 B URL HTTP/2 track.adform.net/Serving/TrackPoint/?pm=2836286&ADFPageName=Page%20View&ADFdivider=%7C&ord=309216391831&ADFtpmode=2&loc=https%3A%2F%2Fwww.ibet.com%2Fno-NO%2F%3Faff%3DZG0C9ZL7-e76LFaHCxTGxGNd7ZgqdRLk&Set1=en-US%7Cen-US%7C1280x1024%7C24
IP
GET /Serving/TrackPoint/?pm=2836286&ADFPageName=Page%20View&ADFdivider=%7C&ord=309216391831&ADFtpmode=2&loc=https%3A%2F%2Fwww.ibet.com%2Fno-NO%2F%3Faff%3DZG0C9ZL7-e76LFaHCxTGxGNd7ZgqdRLk&Set1=en-US%7Cen-US%7C1280x1024%7C24 HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Mon, 06 Feb 2023 00:28:23 GMT
content-type: text/html; charset=utf-8
location: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2836286&ADFPageName=Page%20View&ADFdivider=%7C&ord=309216391831&ADFtpmode=2&loc=https%3A%2F%2Fwww.ibet.com%2Fno-NO%2F%3Faff%3DZG0C9ZL7-e76LFaHCxTGxGNd7ZgqdRLk&Set1=en-US%7Cen-US%7C1280x1024%7C24
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-origin: *
set-cookie: C=1; domain=adform.net; expires=Mon, 06-Mar-2023 00:28:23 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
trc.taboola.com/1504263/trc/3/json?tim=1675643345633&data=%7B%22id%22%3A542%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1675643345625%2C%22cv%22%3A%2220230205-12-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.ibet.com%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Faff%3DZG0C9ZL7-e76LFaHCxTGxGNd7ZgqdRLk%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Datomikibetsam-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1675643345632%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fwww.ibet.com%2Fno-NO%2F%3Faff%3DZG0C9ZL7-e76LFaHCxTGxGNd7ZgqdRLk%22%2C%22tos%22%3A2%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
200 OK 0 B URL HTTP/2 trc.taboola.com/1504263/trc/3/json?tim=1675643345633&data=%7B%22id%22%3A542%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1675643345625%2C%22cv%22%3A%2220230205-12-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.ibet.com%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Faff%3DZG0C9ZL7-e76LFaHCxTGxGNd7ZgqdRLk%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Datomikibetsam-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1675643345632%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fwww.ibet.com%2Fno-NO%2F%3Faff%3DZG0C9ZL7-e76LFaHCxTGxGNd7ZgqdRLk%22%2C%22tos%22%3A2%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
IP
GET /1504263/trc/3/json?tim=1675643345633&data=%7B%22id%22%3A542%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1675643345625%2C%22cv%22%3A%2220230205-12-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.ibet.com%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Faff%3DZG0C9ZL7-e76LFaHCxTGxGNd7ZgqdRLk%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Datomikibetsam-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1675643345632%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fwww.ibet.com%2Fno-NO%2F%3Faff%3DZG0C9ZL7-e76LFaHCxTGxGNd7ZgqdRLk%22%2C%22tos%22%3A2%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Mon, 06 Feb 2023 00:28:23 GMT
via: 1.1 varnish
x-served-by: cache-bma1633-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675643303.351365,VS0,VE101
vary: Accept-Encoding
x-vcl-time-ms: 101
X-Firefox-Spdy: h2
api.fouanalytics.com/api/init-2315cm3nkx3pemx84qeo.js
200 OK 0 B URL HTTP/2 api.fouanalytics.com/api/init-2315cm3nkx3pemx84qeo.js
IP
GET /api/init-2315cm3nkx3pemx84qeo.js HTTP/1.1
Host: api.fouanalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 00:28:22 GMT
content-type: text/javascript
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M1NDXFlwza9owJpFq5nbW0EL7gXA9fkCDAFfDT9O0VoP4VXNJ%2BldiYUOj9lu%2BJU4ilYusG3yG3S8El1RP7LcP76x6zLwO58Pafn0iSojAUiqcxI123%2F%2BBtrvGVy6s%2FhfTpFYyckbnA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794fc3f02f1076a3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ad1.adfarm1.adition.com/tagging?type=image&network=834&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_39}&tag[iBet_Retargeting.iBet_Ret_Site_Visit]&userid=7196833181854075657
302 Found 0 B URL HTTP/2 ad1.adfarm1.adition.com/tagging?type=image&network=834&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_39}&tag[iBet_Retargeting.iBet_Ret_Site_Visit]&userid=7196833181854075657
IP
ASN #24961 myLoc managed IT AG
GET /tagging?type=image&network=834&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_39}&tag[iBet_Retargeting.iBet_Ret_Site_Visit]&userid=7196833181854075657 HTTP/1.1
Host: ad1.adfarm1.adition.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
content-type: text/plain
location: https://imagesrv.adition.com/1x1.gif
server: ADITIONSERVER v1.0
date: Mon, 06 Feb 2023 01:28:23 +0100
access-control-allow-origin: *
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
set-cookie: UserID1=7196833181854075657; expires=Sun, 07-May-2023 01:28:23 GMT; path=/; domain=.adfarm1.adition.com; SameSite=None; Secure
X-Firefox-Spdy: h2
insight.adsrvr.org/track/up?adv=zi4n276&ref=https%3A%2F%2Fwww.ibet.com%2Fno-NO%2F%3Faff%3DZG0C9ZL7-e76LFaHCxTGxGNd7ZgqdRLk&upid=6g98c3e&upv=1.1.0
302 Found 0 B URL HTTP/2 insight.adsrvr.org/track/up?adv=zi4n276&ref=https%3A%2F%2Fwww.ibet.com%2Fno-NO%2F%3Faff%3DZG0C9ZL7-e76LFaHCxTGxGNd7ZgqdRLk&upid=6g98c3e&upv=1.1.0
IP
GET /track/up?adv=zi4n276&ref=https%3A%2F%2Fwww.ibet.com%2Fno-NO%2F%3Faff%3DZG0C9ZL7-e76LFaHCxTGxGNd7ZgqdRLk&upid=6g98c3e&upv=1.1.0 HTTP/1.1
Host: insight.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ibet.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 06 Feb 2023 00:28:23 GMT
content-type: text/html; charset=utf-8
location: https://match.adsrvr.org/track/upb/?adv=zi4n276&ref=https%3A%2F%2Fwww.ibet.com%2Fno-NO%2F%3Faff%3DZG0C9ZL7-e76LFaHCxTGxGNd7ZgqdRLk&upid=6g98c3e&upv=1.1.0
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
set-cookie: TDID=c28321ed-d0f5-43ac-b044-54e24a6f8d0f; domain=.adsrvr.org; expires=Tue, 06-Feb-2024 00:28:23 GMT; path=/; secure; SameSite=None
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221675631138013%22
200 OK 0 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221675631138013%22
IP
GET /v1/buckets/monitor/collections/changes/changeset?_expected=%221675631138013%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 20973
via: 1.1 google
date: Mon, 06 Feb 2023 00:07:06 GMT
age: 1274
last-modified: Sun, 05 Feb 2023 21:05:38 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
79.98.29.29
142.250.74.163
104.110.10.32
80.77.87.162
104.18.189.136
104.88.22.250
3.121.138.183
141.226.228.48
54.78.254.47
37.157.4.29
185.20.209.147