r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash d2e72d45afe3d391c204b5391599607c
149d68b9d00a720b6f380fa2324779dca9dbe26d
f6f1c295c68dfebadacb1fc812b44e01c7ede0e203615ef3e2cced2ce2251e7e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F6F1C295C68DFEBADACB1FC812B44E01C7EDE0E203615EF3E2CCED2CE2251E7E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8474
Expires: Wed, 01 Feb 2023 18:14:06 GMT
Date: Wed, 01 Feb 2023 15:52:52 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 0c35c3ec659d3a26ea97e68d787bb043
d97e3672244efec5b7814f2d8a734cd1a9387854
4c946a026114ff05316d92277750facf3d5f5d162839149da0b7fb1a4cff6b5e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C946A026114FF05316D92277750FACF3D5F5D162839149DA0B7FB1A4CFF6B5E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10336
Expires: Wed, 01 Feb 2023 18:45:08 GMT
Date: Wed, 01 Feb 2023 15:52:52 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Retry-After, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 01 Feb 2023 15:36:02 GMT
content-type: application/json
age: 1010
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 09ee4b0fe6cf4ca5ed31b24452338d00
7e62b6e20f0d4737f4a8d94f9818a0883027839e
56da08e18a408d7313de4e598984a251a0ecf85bbba98b421be9aebeb98835af
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56DA08E18A408D7313DE4E598984A251A0ECF85BBBA98B421BE9AEBEB98835AF"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2915
Expires: Wed, 01 Feb 2023 16:41:27 GMT
Date: Wed, 01 Feb 2023 15:52:52 GMT
Connection: keep-alive
getclout-co.intuitve.co/
162.241.24.161200 OK 214 B IP 162.241.24.161:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with very long lines (2023), with no line terminators
Hash d3c2b351e7da740f5ab84e99f446cebd
565ee0ad74a18d906d1a7fdccd30cbae82ff5b3a
cd6068a7a8129b3a424b40ab902a7c247169472d71614eac8c31463d6b02c367
GET / HTTP/1.1
Host: getclout-co.intuitve.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 15:52:52 GMT
Server: Apache
Vary: Referer,Accept-Encoding,User-Agent
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Cache-Control: max-age=2592000
Expires: Fri, 03 Mar 2023 15:52:52 GMT
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 214
Keep-Alive: timeout=5, max=75
Content-Type: text/html; charset=UTF-8
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: TNqTPGX4hVhSrzfpm44TLUTGvaxz6+OS1oWyvq9frcOuzYASh8QfNAs6YWNob9FiJgi8Fm/b57A=
x-amz-request-id: GD3D84V67DXQH3JF
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 01 Feb 2023 15:51:37 GMT
age: 75
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 15:52:52 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash d0f5aecf6e01b0a174a0c72456de3a2c
fecce67e5e7157782607e50d39d057779dbfd51b
13150d96cff0ad1ef61cbd13255dc91d84bb845b9454bdaaa718af859d6690f4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "13150D96CFF0AD1EF61CBD13255DC91D84BB845B9454BDAAA718AF859D6690F4"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7729
Expires: Wed, 01 Feb 2023 18:01:41 GMT
Date: Wed, 01 Feb 2023 15:52:52 GMT
Connection: keep-alive
cdn.violetlovelines.com/scripts/global.js?v=2.0.5
159.69.234.10200 OK 3.6 kB URL HTTP/1.1 cdn.violetlovelines.com/scripts/global.js?v=2.0.5
IP 159.69.234.10:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (11707), with no line terminators
Hash 59a536b2d045da4d1218d24229454bb2
ff6e01c48e1ab7d7bc3c78f86e43917478a65b14
b7a81a84e8d207c400dda475ef5695726d0a24112dc4f07c2880e21e2b06b561
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /scripts/global.js?v=2.0.5 HTTP/1.1
Host: cdn.violetlovelines.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://getclout-co.intuitve.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 Feb 2023 15:52:52 GMT
Content-Type: application/javascript
Last-Modified: Wed, 25 Jan 2023 09:20:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63d0f45d-2dbb"
Expires: Sat, 11 Feb 2023 15:52:52 GMT
Cache-Control: max-age=864000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
getclout-co.intuitve.co/favicon.ico
162.241.24.161200 OK 214 B URL HTTP/1.1 getclout-co.intuitve.co/favicon.ico
IP 162.241.24.161:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with very long lines (2023), with no line terminators
Hash d3c2b351e7da740f5ab84e99f446cebd
565ee0ad74a18d906d1a7fdccd30cbae82ff5b3a
cd6068a7a8129b3a424b40ab902a7c247169472d71614eac8c31463d6b02c367
GET /favicon.ico HTTP/1.1
Host: getclout-co.intuitve.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://getclout-co.intuitve.co/
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 15:52:52 GMT
Server: Apache
Vary: Referer,Accept-Encoding,User-Agent
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Cache-Control: max-age=2592000
Expires: Fri, 03 Mar 2023 15:52:52 GMT
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 214
Keep-Alive: timeout=5, max=75
Content-Type: text/html; charset=UTF-8
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Last-Modified, Cache-Control, Pragma, ETag, Backoff, Content-Type, Alert, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 01 Feb 2023 15:41:42 GMT
age: 670
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash fcbacac5eb95f3ff2259da750f722f9f
b9bb493602c7c53cc8419307230dc727533442fa
7ce7a12bbdda79f1bf740f6cfdf66c683e53ae46b2168d37f45b77833cff8c4c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7CE7A12BBDDA79F1BF740F6CFDF66C683E53AE46B2168D37F45B77833CFF8C4C"
Last-Modified: Tue, 31 Jan 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12749
Expires: Wed, 01 Feb 2023 19:25:21 GMT
Date: Wed, 01 Feb 2023 15:52:52 GMT
Connection: keep-alive
dns.firstblackphase.com/scripts/start.js?vl=0.9.5
159.69.234.10200 OK 1.7 kB URL HTTP/1.1 dns.firstblackphase.com/scripts/start.js?vl=0.9.5
IP 159.69.234.10:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (1685), with no line terminators
Hash e8025c2f37df60985c146f189efa904b
6acd32c36a0822a210b267e305821646a42ce3f3
531863f173e405b3149d06c28c9e9b768c18ff354fce7a98f3924d1ddd7e9a60
GET /scripts/start.js?vl=0.9.5 HTTP/1.1
Host: dns.firstblackphase.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://getclout-co.intuitve.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 Feb 2023 15:52:52 GMT
Content-Type: application/javascript
Content-Length: 1685
Last-Modified: Tue, 31 Jan 2023 11:00:07 GMT
Connection: keep-alive
ETag: "63d8f4b7-695"
Expires: Sat, 11 Feb 2023 15:52:52 GMT
Cache-Control: max-age=864000
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8832
Expires: Wed, 01 Feb 2023 18:20:04 GMT
Date: Wed, 01 Feb 2023 15:52:52 GMT
Connection: keep-alive
away.firstblackphase.com/scripts/take.js?vr=1.8.2
194.135.30.40301 Moved Permanently 162 B URL HTTP/1.1 away.firstblackphase.com/scripts/take.js?vr=1.8.2
IP 194.135.30.40:0
ASN #2856 British Telecommunications PLC
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /scripts/take.js?vr=1.8.2 HTTP/1.1
Host: away.firstblackphase.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://getclout-co.intuitve.co/
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 01 Feb 2023 15:52:53 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://away.firstblackphase.com/scripts/take.js?vr=1.8.2
push.services.mozilla.com/
54.184.102.146101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.184.102.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: uMPApqq4H6iCj3zgqt0AqA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 7sftkCueWud7YfKzFwvQYkldATs=
shop.similarwebline.com/zX2nnT?&se_referrer=&default_keyword=&&frm6393271e20c24=script6393271e20c28&_cid=c173b3d5-aa0c-8a4c-da69-bf2ee86a79cd
159.69.234.10301 Moved Permanently 0 B URL HTTP/1.1 shop.similarwebline.com/zX2nnT?&se_referrer=&default_keyword=&&frm6393271e20c24=script6393271e20c28&_cid=c173b3d5-aa0c-8a4c-da69-bf2ee86a79cd
IP 159.69.234.10:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /zX2nnT?&se_referrer=&default_keyword=&&frm6393271e20c24=script6393271e20c28&_cid=c173b3d5-aa0c-8a4c-da69-bf2ee86a79cd HTTP/1.1
Host: shop.similarwebline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://getclout-co.intuitve.co/
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 01 Feb 2023 15:52:53 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Location: https://shop.similarwebline.com/zX2nnT?&se_referrer=&default_keyword=&&frm6393271e20c24=script6393271e20c28&_cid=c173b3d5-aa0c-8a4c-da69-bf2ee86a79cd
Pragma: no-cache
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 47b6290ce6b7d9ec7e45122eafe9c140
a6633c111d750152038095227dc1fcdbcd7bcf7b
2a697e55ddce87fded019d5311f37194b959bd6a6b049001a066ca77d52cc974
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A697E55DDCE87FDED019D5311F37194B959BD6A6B049001A066CA77D52CC974"
Last-Modified: Tue, 31 Jan 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=223
Expires: Wed, 01 Feb 2023 15:56:36 GMT
Date: Wed, 01 Feb 2023 15:52:53 GMT
Connection: keep-alive
store.firstblackphase.com/follow/give.php?id=3467457-33-7843423
194.135.30.210302 Found 0 B URL HTTP/1.1 store.firstblackphase.com/follow/give.php?id=3467457-33-7843423
IP 194.135.30.210:0
ASN #2856 British Telecommunications PLC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /follow/give.php?id=3467457-33-7843423 HTTP/1.1
Host: store.firstblackphase.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://getclout-co.intuitve.co/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 01 Feb 2023 15:52:54 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://store.firstblackphase.com/follow/give.php?id=93953945-77-345376456-23&qid=8568&wid=76538&kid=863843534&suid=67878056
Access-Control-Allow-Origin: *
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash fead455db0c5a5c375bb3369c673eb05
db9047b2ac26a4a2f5962150631964683bb8a801
14cda7ad9c7777aaecb1216bb321fc250a5a16feed081945fa113d208ec52942
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "14CDA7AD9C7777AAECB1216BB321FC250A5A16FEED081945FA113D208EC52942"
Last-Modified: Mon, 30 Jan 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7967
Expires: Wed, 01 Feb 2023 18:05:41 GMT
Date: Wed, 01 Feb 2023 15:52:54 GMT
Connection: keep-alive
store.firstblackphase.com/follow/give.php?id=93953945-77-345376456-23&qid=8568&wid=76538&kid=863843534&suid=67878056
194.135.30.210200 OK 463 B URL HTTP/1.1 store.firstblackphase.com/follow/give.php?id=93953945-77-345376456-23&qid=8568&wid=76538&kid=863843534&suid=67878056
IP 194.135.30.210:0
ASN #2856 British Telecommunications PLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash f4fb5fcef40258813aadd804bd4e3fe4
a72595e9df38169458504f2b2e1c94e21a328223
c3496a3c77c6eeab755de66198ba494da1fb5cd8ecffb2de10cb9d5c41028538
GET /follow/give.php?id=93953945-77-345376456-23&qid=8568&wid=76538&kid=863843534&suid=67878056 HTTP/1.1
Host: store.firstblackphase.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://getclout-co.intuitve.co/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 Feb 2023 15:52:54 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Encoding: gzip
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14575
Expires: Wed, 01 Feb 2023 19:55:49 GMT
Date: Wed, 01 Feb 2023 15:52:54 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14575
Expires: Wed, 01 Feb 2023 19:55:49 GMT
Date: Wed, 01 Feb 2023 15:52:54 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14575
Expires: Wed, 01 Feb 2023 19:55:49 GMT
Date: Wed, 01 Feb 2023 15:52:54 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14575
Expires: Wed, 01 Feb 2023 19:55:49 GMT
Date: Wed, 01 Feb 2023 15:52:54 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14575
Expires: Wed, 01 Feb 2023 19:55:49 GMT
Date: Wed, 01 Feb 2023 15:52:54 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82a4ade3-0c43-4f21-9738-0bc1dbb9a6a6.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82a4ade3-0c43-4f21-9738-0bc1dbb9a6a6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 27e95b7912edc909d6b031e36fe83534
eb27fae0bb17dbe0929a620002195233ef50c1d0
b32e7e1a2eee367c5bf9e99bcb38f4c74c4e9e7bdfe7fb0f8f2a657060c0624c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82a4ade3-0c43-4f21-9738-0bc1dbb9a6a6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8597
x-amzn-requestid: e7bf4ac9-d86d-4ee9-9e10-8a42e5dfe2c6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fcRaNEW4IAMFatA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d4c90d-7731312f630b00ba028836ca;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 07:04:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: z3ZJ7bq6LuJd-9I9D22VIs0avctNGVDKnYmt-fxevCheQibivmUomQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 12:57:00 GMT
age: 10554
etag: "eb27fae0bb17dbe0929a620002195233ef50c1d0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb36bfce9-5d67-458e-846d-ca30f9242449.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb36bfce9-5d67-458e-846d-ca30f9242449.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 78fe9a77211d6f9a462f625af0c6f9bc
ac0b58423d7578e7a1b60a62220c0a57924dda82
e047466c3ae0a55509f4ace49d0476f94271b5a25e71caa3b06ec468a238b652
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb36bfce9-5d67-458e-846d-ca30f9242449.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14041
x-amzn-requestid: 2be6655d-3b0e-4e65-b44b-11682610b640
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: foJaRGFpIAMFbMQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9890e-5554d18d5db235913afa77a2;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 21:33:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: jJHVbOXepgkVHjuNJG9wPcMjDcGbAc-NIpv_KUECG6c-AnJZoIW0zg==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 21:42:56 GMT
age: 65398
etag: "ac0b58423d7578e7a1b60a62220c0a57924dda82"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc960001-158a-4a74-b6ce-f28cd110ca9c.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc960001-158a-4a74-b6ce-f28cd110ca9c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 23db22ce2120fbb0ae6109e1a046062d
2068c8d9a5bc30a17be658e198e26c64a80703cf
f307ba6c4929d9f0c9354334b7baea878da379138489d9689bb777c4da308dab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc960001-158a-4a74-b6ce-f28cd110ca9c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8735
x-amzn-requestid: f466c962-7b12-4923-a4be-7ff9fce372a0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: foJaWFP_IAMF9wA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9890e-7a8c027d58f5b9132bb68a33;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 21:33:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: XtqfgDxskGIUmZdRj2nrGDpo9KvECk528eLZV29xNx3h7CLOu49mnQ==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 21:42:19 GMT
age: 65435
etag: "2068c8d9a5bc30a17be658e198e26c64a80703cf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb28b8703-d49a-4e2e-80e7-cf4d081d6dba.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb28b8703-d49a-4e2e-80e7-cf4d081d6dba.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2998f7f50ac0eec931c348e8a0fb0c60
f5e411cda74cb7fb4a662f4787e9543b9749c8b5
0c81413a819e379212bf757b1c9469415aec2ac8fdf47f94ff23c420a1da20e1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb28b8703-d49a-4e2e-80e7-cf4d081d6dba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5736
x-amzn-requestid: 895ee89b-8d2e-42f9-a392-466557f8a0d3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ffEtEGk_oAMFYPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d5e7ed-026a1b0d79dc7eb572317bd2;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 03:28:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4yxwz2MFTdpb8I56VVbFU2Zz0qG_uHcYc3aDtn6boQPjhw7UFLLnYw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 981753271eb5b6d11bc29d52f173a5da.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 10:37:09 GMT
age: 18945
etag: "f5e411cda74cb7fb4a662f4787e9543b9749c8b5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3366ef4f8733cb9c89a5c88f63a0a441
7da46843b6d885f38a4759a08e6c899906ab7b97
7114397ee5c251cc5cb46f3433c2cc17ff68a08e0872e227671198e9b61eba0a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9600
x-amzn-requestid: 48094e1a-d550-4a91-b87c-4a08505f7cce
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVsWcFN7IAMF2pg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d2275c-5ced593a7e2126c9494563df;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 07:10:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: aZOeDFqBJQoGwLpIs-GpPvY0FKGCAOXY6MgzG32qzX-kVzUCKKv-kw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 02:29:58 GMT
age: 48176
etag: "7da46843b6d885f38a4759a08e6c899906ab7b97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30335cb7-009a-42f5-8186-d0c302adc827.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30335cb7-009a-42f5-8186-d0c302adc827.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ec7e808a5e82552c46c3417a5b32b836
f0a273292b47d7e2e33c9d77fd95abdcc9e31ddd
f16d982224dfeb0753eaf9d4eb87d80fd1111f682fd8fa36f3177aad5bf926a4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30335cb7-009a-42f5-8186-d0c302adc827.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6819
x-amzn-requestid: a0368695-4182-40bd-9a28-c50ae783a7a5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: foJaRHGnoAMF0Ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9890e-624285eb16110b8c2360dec5;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 21:33:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: daAf58GNG6Oy-ov_8TUeXnTcvZyW5eL_qwWz7dapr2Sy_5XSiS-3Mw==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 21:42:56 GMT
age: 65398
etag: "f0a273292b47d7e2e33c9d77fd95abdcc9e31ddd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
arctic-farmer.com/favicon.ico
188.72.219.35204 No Content 0 B URL HTTP/2 arctic-farmer.com/favicon.ico
IP 188.72.219.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: arctic-farmer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Wed, 01 Feb 2023 15:52:54 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
X-Firefox-Spdy: h2
arctic-farmer.com/cTG-FVzWc.zX9Yk_aaXbQc9dM-TfYg3hNiT_Ik2lNmjnc-3pNqDrMsy_MujvQw5xN-TzMAxBMCi_ZEkFdGGHt-uJPKULpMB_dO0PFQ0Rc-zTFUQVRW0_9YFZWaVbd-TdYeVfBgl_SiUjkk2lY-znhorpdqn_RsDtZukvd-GxMykzNA3_JCnDBE0Fb-jH1IDJZK0_pMPNVOHPh-JRSSlTlUu_SWnXZYZZV-1bJcpdWeV_cg1hai0jt-plQmmntoa_aqkrUsytW-XvpwBxNyE_1AXBTCXDl-OFVGEH1I3_TKmLpMZNM-UP5QHRRSX_dUaVVW1Xp-pZTa0bRcs_aeUf9gEhY-zjJkNlVm0_Vo3pTq0rR-EtVu2vxwl_cyWzVACBa-mDpEjFOGU_FIGJQKXLF-JNaOVPhQB_ZSyT0UtVJ-nXJYyZZaX_FcodPeTfl-hhNizjAkz_ZmDnhohpY-zrAswtNuT_Ew3xYy2zY-wBNCWDNEj_YGmHMIzJZ-WLVMiNOOD_EQwROSDTI-4VJWnXJYy_aaWbQc9dN-jfIg3hOiT_hkjlNmTnR-ipMqDrZsh_Mu2vIw5xM-WzEA4BOCT_ZEmFMGDHk-xJMKTLgMy_ZOGPJQhRM-zTAUmVcWn_NYyZYazb1-vddeXfQgm_eimj9kulZ-UnlokpPqT_Qs1tNuzvI-yxMyDzAA
188.72.219.35302 Found 0 B URL HTTP/2 arctic-farmer.com/cTG-FVzWc.zX9Yk_aaXbQc9dM-TfYg3hNiT_Ik2lNmjnc-3pNqDrMsy_MujvQw5xN-TzMAxBMCi_ZEkFdGGHt-uJPKULpMB_dO0PFQ0Rc-zTFUQVRW0_9YFZWaVbd-TdYeVfBgl_SiUjkk2lY-znhorpdqn_RsDtZukvd-GxMykzNA3_JCnDBE0Fb-jH1IDJZK0_pMPNVOHPh-JRSSlTlUu_SWnXZYZZV-1bJcpdWeV_cg1hai0jt-plQmmntoa_aqkrUsytW-XvpwBxNyE_1AXBTCXDl-OFVGEH1I3_TKmLpMZNM-UP5QHRRSX_dUaVVW1Xp-pZTa0bRcs_aeUf9gEhY-zjJkNlVm0_Vo3pTq0rR-EtVu2vxwl_cyWzVACBa-mDpEjFOGU_FIGJQKXLF-JNaOVPhQB_ZSyT0UtVJ-nXJYyZZaX_FcodPeTfl-hhNizjAkz_ZmDnhohpY-zrAswtNuT_Ew3xYy2zY-wBNCWDNEj_YGmHMIzJZ-WLVMiNOOD_EQwROSDTI-4VJWnXJYy_aaWbQc9dN-jfIg3hOiT_hkjlNmTnR-ipMqDrZsh_Mu2vIw5xM-WzEA4BOCT_ZEmFMGDHk-xJMKTLgMy_ZOGPJQhRM-zTAUmVcWn_NYyZYazb1-vddeXfQgm_eimj9kulZ-UnlokpPqT_Qs1tNuzvI-yxMyDzAA
IP 188.72.219.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
POST /cTG-FVzWc.zX9Yk_aaXbQc9dM-TfYg3hNiT_Ik2lNmjnc-3pNqDrMsy_MujvQw5xN-TzMAxBMCi_ZEkFdGGHt-uJPKULpMB_dO0PFQ0Rc-zTFUQVRW0_9YFZWaVbd-TdYeVfBgl_SiUjkk2lY-znhorpdqn_RsDtZukvd-GxMykzNA3_JCnDBE0Fb-jH1IDJZK0_pMPNVOHPh-JRSSlTlUu_SWnXZYZZV-1bJcpdWeV_cg1hai0jt-plQmmntoa_aqkrUsytW-XvpwBxNyE_1AXBTCXDl-OFVGEH1I3_TKmLpMZNM-UP5QHRRSX_dUaVVW1Xp-pZTa0bRcs_aeUf9gEhY-zjJkNlVm0_Vo3pTq0rR-EtVu2vxwl_cyWzVACBa-mDpEjFOGU_FIGJQKXLF-JNaOVPhQB_ZSyT0UtVJ-nXJYyZZaX_FcodPeTfl-hhNizjAkz_ZmDnhohpY-zrAswtNuT_Ew3xYy2zY-wBNCWDNEj_YGmHMIzJZ-WLVMiNOOD_EQwROSDTI-4VJWnXJYy_aaWbQc9dN-jfIg3hOiT_hkjlNmTnR-ipMqDrZsh_Mu2vIw5xM-WzEA4BOCT_ZEmFMGDHk-xJMKTLgMy_ZOGPJQhRM-zTAUmVcWn_NYyZYazb1-vddeXfQgm_eimj9kulZ-UnlokpPqT_Qs1tNuzvI-yxMyDzAA HTTP/1.1
Host: arctic-farmer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 0
Origin: null
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 01 Feb 2023 15:52:54 GMT
content-type: text/html;charset=UTF-8
content-length: 0
expires: Mon, 26 Jul 2011 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
referrer-policy: no-referrer
p3p: CP="CUR ADM OUR NOR STA NID"
location: http://xml-v4.gipostart-2.co/click?i=i3zrKW6KNUE_0
x-frame-options: DENY
last-modified: Wed, 01 Feb 2023 15:52:54 GMT
set-cookie: kadCCap=79610:1:1674135009;184246:1:1673859446;222582:1:1674318856;219047:1:1667194435;194136:1:1675008656;132751:1:1675084242;236055:1:1675253981;199455:1:1668245056;219484:1:1667715065;218665:1:1673777741;212269:1:1675220948;235975:1:1675248006;222555:1:1671433227;218693:1:1669515516;220335:1:1670435916;171526:1:1673628579;220790:1:1668460505;222775:1:1674305361;221398:1:1674769535;221352:1:1670163762;215297:1:1674141027;223454:1:1674804841;223255:1:1670393482;222513:1:1671568408;223642:1:1674763884;101716:1:1672946010;219652:1:1669330335; max-age=1706802774; path=/
kadACap=445506:1:1669286676;446498:1:1671420411;389299:1:1673726804;346329:1:1670226206;453850:1:1671627132;462319:1:1674949690;453839:1:1675215975;419299:1:1675150383;469907:1:1674927295;272913:1:1674460051;410256:1:1674039938;458045:1:1670528140;424443:1:1674359547;401659:1:1674332133;404163:1:1673226439;460522:1:1675063677;446718:1:1674353140;449523:1:1670210030;456883:1:1671781891;419297:1:1675156199;441369:1:1671297690;445499:1:1670164226;419301:1:1674188761;419321:1:1674357365;419323:1:1674028005;451724:1:1669565807;470673:1:1674289452;419293:1:1675131038;451147:1:1674036929;444748:1:1669841678;471728:1:1674871019;383700:1:1675240028;445081:1:1671894608;451139:1:1673951585;419303:1:1674299014;442019:1:1675112111;407100:1:1668246232;406293:1:1673859446;444785:1:1671894608;465201:1:1674236409;446714:1:1674043083;424441:1:1674948590;346327:1:1675197874;446720:1:1673953397;320498:1:1674924381;453831:1:1674872001;450649:1:1674026353;419295:1:1674030439;458498:1:1672536671;454815:1:1673736038;410252:1:1674308810;417177:1:1674123312;462327:1:1673736144;445788:1:1669918420;320494:1:1675266774;190964:1:1674135009;445735:1:1669286676;468607:1:1674893352;460384:1:1674927276;446013:1:1668228435;419291:1:1675228250;398832:1:1672025828;458041:1:1670526590;424445:1:1675105910;410254:1:1674926948;446531:1:1669270846;446716:1:1674258987; max-age=1706802774; path=/
kadCSCap=212269:1:1675220948;236055:1:1675253981;235975:2:1675182062; path=/
kadASCap=453839:1:1675215975;419291:1:1675228250;383700:1:1675240028;346327:1:1675197874;320494:1:1675266774; path=/
kadRPixJ=bnVsbA==; max-age=1706802774; path=/
kadUnP3=CAEQ1pXqngYaDQjgrZgCEAIY54jnngYaDQiU0ZoCEAEY7v/kngYaDQjVv5kBEAEYsvvlngYaDQj2iP8BEAIYlcblngYaDQioiJcCEAMYhoPpngYiCggDEAEY1pXqngYqDAiDvRIQARiy++WeBioMCLiOJRACGJXG5Z4GKgwIpJMoEAMYhoPpngYqDAiKqSgQAhjniOeeBioMCI3MKBABGO7/5J4G; max-age=1706802774; path=/
x-content-type-options: nosniff
X-Firefox-Spdy: h2
xml-v4.gipostart-2.co/click?i=i3zrKW6KNUE_0
173.239.53.32302 Found 0 B URL HTTP/1.1 xml-v4.gipostart-2.co/click?i=i3zrKW6KNUE_0
IP 173.239.53.32:0
ASN #27257 WEBAIR-INTERNET
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?i=i3zrKW6KNUE_0 HTTP/1.1
Host: xml-v4.gipostart-2.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Cache-Control: no-store
Content-Length: 0
Age: 0
Connection: keep-alive
Location: https://link.affiliates.cyber.bet/click?b=0&pid=8425&offer_id=53&l=1669392156&sub4=CYBERMAX300&sub8=_betting&sub6=1669392156&ref_id=EbL4HVkwiJE
Pragma: no-cache
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 0c470b2c6a6d6e0ae8981ff565585af4
281b9f337005160bb8e5372ed0580aaf41605063
c399e11efc5307df36aeb02791be06dd34ad65b6eaa26ce49ef5835b779cf314
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3035
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 15:52:55 GMT
Etag: "63d9b144-117"
Last-Modified: Wed, 01 Feb 2023 15:02:20 GMT
Server: ECS (amb/6BC4)
X-Cache: HIT
Content-Length: 279
link.affiliates.cyber.bet/click?b=0&pid=8425&offer_id=53&l=1669392156&sub4=CYBERMAX300&sub8=_betting&sub6=1669392156&ref_id=EbL4HVkwiJE
172.66.43.156302 Found 0 B URL HTTP/2 link.affiliates.cyber.bet/click?b=0&pid=8425&offer_id=53&l=1669392156&sub4=CYBERMAX300&sub8=_betting&sub6=1669392156&ref_id=EbL4HVkwiJE
IP 172.66.43.156:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?b=0&pid=8425&offer_id=53&l=1669392156&sub4=CYBERMAX300&sub8=_betting&sub6=1669392156&ref_id=EbL4HVkwiJE HTTP/1.1
Host: link.affiliates.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 01 Feb 2023 15:52:55 GMT
content-length: 0
location: https://cyber.bet/land/casino_spin_football_regform/?cid=63da8ad7902fa000015bc932&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_betting&promocode=CYBERMAX300&subid2=&subid3=&aff_bnnr=&aff_land=1669392156&slice=
x-adjust-use-original-forwarded-for: 1
access-control-allow-origin: *
set-cookie: afclick=63da8ad7902fa000015bc932; expires=Thu, 01 Feb 2024 15:52:55 GMT; secure; SameSite=None
afoffers={"53":1675266775}; expires=Thu, 01 Feb 2024 15:52:55 GMT; secure; SameSite=None
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MbySFppPsUs2oAknNDWW2dzyLsw7j5AM6K1yVJhdz873dH%2FkzvjUVtud9NwQsoGnqS4aQpLBlw4ZNRn6uK78JTcwYYGo%2BgPcuQLRcd5jgy%2FCR0xwQBJhVKyCsRmLxDeJtlGsrXY3zd2MCq4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792bdb60e871b515-OSL
X-Firefox-Spdy: h2
cyber.bet/land/casino_spin_football_regform/css/style.css?v=17
172.66.43.156200 OK 4.7 kB URL HTTP/2 cyber.bet/land/casino_spin_football_regform/css/style.css?v=17
IP 172.66.43.156:0
File type ASCII text, with very long lines (23296), with no line terminators
Hash 80af14ea1d7c05a0b2cedb3a8bf261aa
df43bf2aa1c350802de020bc1b80726135c1ebe1
da4e2fcc2efa7b2b101094bc5ec67ec9792ef39b296e1218d704801c722ce965
GET /land/casino_spin_football_regform/css/style.css?v=17 HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_spin_football_regform/?cid=63da8ad7902fa000015bc932&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_betting&promocode=CYBERMAX300&subid2=&subid3=&aff_bnnr=&aff_land=1669392156&slice=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 15:52:55 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=33037
etag: W/"63824c9c-810d"
last-modified: Sat, 26 Nov 2022 17:27:56 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2395
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eWCWEmirubg0M%2F2zZbwJdOFuA%2FgTz4sUqVtmJHPRs8RETb%2F7fDA%2FFfjeG%2FpWRqhFVJyQ22LXemg7%2Bo2d8rvXUwpuWgkc%2BRsqxL8GeV0vXhfsp4UXw15FgDrwTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792bdb62cb02b515-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 0dea93a9adb1e26a6ebfaf2e12c22cd5
e286810b718e374858f11adf0aae18dc65f27d66
73dafa5cd629cdf850ca05894932507c209713024ef27ce7597cb25365f2150e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 15:52:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 0dea93a9adb1e26a6ebfaf2e12c22cd5
e286810b718e374858f11adf0aae18dc65f27d66
73dafa5cd629cdf850ca05894932507c209713024ef27ce7597cb25365f2150e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 15:52:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
142.250.74.170200 OK 31 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
IP 142.250.74.170:0
File type ASCII text, with very long lines (65451)
Hash 81182f4b684635f6bdcbdd907ee66f25
a1f2f151df72ede41397c8131bd47a3ce85575b3
be40946c98d9a78a3c7c9ad097d379ab12549a195bd7a4766919a1d3fd987396
GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30774
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 28 Jan 2023 00:57:20 GMT
expires: Sun, 28 Jan 2024 00:57:20 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 399335
last-modified: Mon, 13 May 2019 14:37:17 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash de49044c9365e16fec3a6d361cb94728
2b7b69c16de6fda1ae5206f92fe781ee07bd182a
6e76887b036544a5da3918116a180876c094cc3b31676abce8d5b7b716b00c30
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 15:52:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 0b03afb76529d41add60c5daac95b0e5
8a1635989a4d8f6ade117b2eaa2caf4c738b9b6b
6cb7083dac48fdfd4b053ad9b2120267ccc7fdf8a85839673fbda32d1e5c94f5
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 01 Feb 2023 15:52:55 GMT
Last-Modified: Wed, 01 Feb 2023 14:22:36 GMT
Server: ECS (bsa/EB12)
X-Cache: Miss from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Zuwhxz4xXc6yy7slmX3aLAiKSzUIv-63H8r85bk9rcLkB0OP8WFgbA==
Age: 5419
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 0b03afb76529d41add60c5daac95b0e5
8a1635989a4d8f6ade117b2eaa2caf4c738b9b6b
6cb7083dac48fdfd4b053ad9b2120267ccc7fdf8a85839673fbda32d1e5c94f5
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=154963
Date: Wed, 01 Feb 2023 15:52:55 GMT
Etag: "63da44fa-1d7"
Expires: Fri, 03 Feb 2023 10:55:38 GMT
Last-Modified: Wed, 01 Feb 2023 10:54:50 GMT
Server: ECS (dcb/7FA5)
X-Cache: Miss from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: QLNJlWu2ZJP-dHpaaaV14DLq8I55uRTzVpIC4u--UZnQEB3JRWBj5w==
Age: 48
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 0b03afb76529d41add60c5daac95b0e5
8a1635989a4d8f6ade117b2eaa2caf4c738b9b6b
6cb7083dac48fdfd4b053ad9b2120267ccc7fdf8a85839673fbda32d1e5c94f5
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 01 Feb 2023 15:52:55 GMT
Last-Modified: Wed, 01 Feb 2023 14:45:32 GMT
Server: ECS (nyb/1D24)
X-Cache: Miss from cloudfront
Via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: bM7-okOc4d-UE4HNw1deQYowkYT89aLfYuSTDu0bCy_0G6Aa_yokRA==
Age: 4043
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c004ef398fc2138876eac9e202e6e7c9
9b695108fe043113ee8dc3369be58234f1a73323
ab71d4c6d64f3c7a0114070414615b26843c22de34b0f04c9ad932ca112031c7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 15:52:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 0b03afb76529d41add60c5daac95b0e5
8a1635989a4d8f6ade117b2eaa2caf4c738b9b6b
6cb7083dac48fdfd4b053ad9b2120267ccc7fdf8a85839673fbda32d1e5c94f5
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=159894
Date: Wed, 01 Feb 2023 15:52:55 GMT
Etag: "63da44fa-1d7"
Expires: Fri, 03 Feb 2023 12:17:49 GMT
Last-Modified: Wed, 01 Feb 2023 10:54:50 GMT
Server: ECS (dcb/7F14)
X-Cache: Miss from cloudfront
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: GSWYKzL-0RVa_N0Iw9wFmPuIoUhF_6EkTULrpFExZjFu3owQIc5_Ig==
Age: 4979
www.googletagmanager.com/gtm.js?id=GTM-NR2G4XB
142.250.74.40200 OK 72 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-NR2G4XB
IP 142.250.74.40:0
File type Unicode text, UTF-8 text, with very long lines (15106)
Hash ab78182ad5bdc2a20df0f71746c2c7e5
f307f7bdf7a57c74196949e99437e62912f38bbc
206d393b34287a8e8dd768cdbf87c3c7ce3642857c9a5add459b59dea9501011
GET /gtm.js?id=GTM-NR2G4XB HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 01 Feb 2023 15:52:55 GMT
expires: Wed, 01 Feb 2023 15:52:55 GMT
cache-control: private, max-age=900
last-modified: Wed, 01 Feb 2023 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 72023
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c004ef398fc2138876eac9e202e6e7c9
9b695108fe043113ee8dc3369be58234f1a73323
ab71d4c6d64f3c7a0114070414615b26843c22de34b0f04c9ad932ca112031c7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 15:52:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdnstatic.cyber.bet/css/global.css
54.230.111.100200 OK 4.7 kB URL HTTP/2 cdnstatic.cyber.bet/css/global.css
IP 54.230.111.100:0
File type ASCII text, with CRLF line terminators
Hash 1d710fedcd0ddfd6744b7011d3261d07
884abf5c059be6ddcdd9067c24c55f744d6df31f
47db4a55aeef076b5cc2c69bb230028feb69a8575b5a9651a1fa79e51990edb9
GET /css/global.css HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: text/css
content-length: 4746
vary: Accept-Encoding
date: Wed, 01 Feb 2023 15:52:56 GMT
last-modified: Tue, 24 Jan 2023 12:10:32 GMT
etag: "1d710fedcd0ddfd6744b7011d3261d07"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: pjy-3wpy812HXuwEiRWRYcGvi0wnkrxZFSqwnuCvjsUq2uUUrP0hRA==
cache-control: no-store, no-cache, must-revalidate
X-Firefox-Spdy: h2
cyber.bet/land/casino_spin_football_regform/img/new_spins/man_left.png
172.66.43.156200 OK 224 kB URL HTTP/2 cyber.bet/land/casino_spin_football_regform/img/new_spins/man_left.png
IP 172.66.43.156:0
File type PNG image data, 687 x 1080, 8-bit colormap, non-interlaced\012- data
Size 224 kB (224094 bytes)
Hash 04203ecc12c6379416293d09c2d94906
63068c8a16df3c346ce4cf902a6c8964c5b0f9b0
24393837ee0c8ddc5d2cfee805f4ba1cf4a8864c3a7520115f4ef714cae6d62c
GET /land/casino_spin_football_regform/img/new_spins/man_left.png HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_spin_football_regform/css/style.css?v=17
Cookie: _uc_referrer=direct; _uc_utm_source=affise; _uc_utm_medium=revshare; _uc_utm_campaign=53_betting; _uc_utm_term=; _uc_utm_content=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 15:52:55 GMT
content-type: image/png
content-length: 224094
last-modified: Fri, 18 Nov 2022 15:54:28 GMT
etag: "6377aab4-36b5e"
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2183
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X7TSWeiqaHp7Rgas2nZhms2o4bP8eizDs%2Fb6hNY6FePTHFHw%2BdL827JHJiZmCIbv26kySSFeTlWtrkwnS4xQq6omj6GgG9Mkzj5Mg1f56WM1GXzFQjcsC55iUw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792bdb650ddab515-OSL
X-Firefox-Spdy: h2
cyber.bet/land/casino_spin_football_regform/img/new_spins/bg-2.jpg
172.66.43.156200 OK 214 kB URL HTTP/2 cyber.bet/land/casino_spin_football_regform/img/new_spins/bg-2.jpg
IP 172.66.43.156:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1080, components 3\012- data
Size 214 kB (214519 bytes)
Hash fd6919a32afd9d6e88194010087e4c7f
2710f46894e8801e34ab0534748a04f693b41f64
43ab393f116b2bd4b8ce85f35ce9322f434de6c26d44d8d42d7d7d5e323ac34b
GET /land/casino_spin_football_regform/img/new_spins/bg-2.jpg HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_spin_football_regform/css/style.css?v=17
Cookie: _uc_referrer=direct; _uc_utm_source=affise; _uc_utm_medium=revshare; _uc_utm_campaign=53_betting; _uc_utm_term=; _uc_utm_content=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 15:52:55 GMT
content-type: image/jpeg
content-length: 214519
cf-bgj: h2pri
etag: "6377aab4-345f7"
last-modified: Fri, 18 Nov 2022 15:54:28 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2183
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CRivVwEiEYJmUnHB4wN5pFDpEk6V9WaMeQGYUGDeUUtnjLNIzR0jpIpyYbmDSqxyFfstCIdct0gH9RKO0KY92aZEu%2BZCjFsEfcflS1FN0x%2F%2Bb1xWDZsbvTne7A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792bdb64fdccb515-OSL
X-Firefox-Spdy: h2
cyber.bet/land/casino_spin_football_regform/img/new_spins/coins_left_1.png
172.66.43.156200 OK 17 kB URL HTTP/2 cyber.bet/land/casino_spin_football_regform/img/new_spins/coins_left_1.png
IP 172.66.43.156:0
File type PNG image data, 790 x 1080, 8-bit colormap, non-interlaced\012- data
Hash 74fa24294c9977b3b6ee7a8d379664d4
41f923a6552723c4dd8d407e82df334b367a683c
bb0e6a68d8b48bb9caf00bf2938e4a569e703b1e2cb77884b6e9ccaac215b171
GET /land/casino_spin_football_regform/img/new_spins/coins_left_1.png HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_spin_football_regform/css/style.css?v=17
Cookie: _uc_referrer=direct; _uc_utm_source=affise; _uc_utm_medium=revshare; _uc_utm_campaign=53_betting; _uc_utm_term=; _uc_utm_content=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 15:52:55 GMT
content-type: image/png
content-length: 16672
last-modified: Fri, 18 Nov 2022 15:54:28 GMT
etag: "6377aab4-4120"
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2183
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YjYYkFzx2q9ZF4ypPeh4Zh7n4ISmjQoJqE%2B8x7PkpsDSFcaEmjDqLLmRG1YWPmaXmRaxCDSmC13vvayeaTZH17H4B%2BKyrEZY25P7REODQemBBpwndeidd57hdg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792bdb651de3b515-OSL
X-Firefox-Spdy: h2
cyber.bet/land/casino_spin_football_regform/img/new_spins/man_right.png
172.66.43.156200 OK 203 kB URL HTTP/2 cyber.bet/land/casino_spin_football_regform/img/new_spins/man_right.png
IP 172.66.43.156:0
File type PNG image data, 667 x 1080, 8-bit colormap, non-interlaced\012- data
Size 203 kB (203053 bytes)
Hash 7e0a0f1ddbd4f469d70d379cc80fa1f7
d43f5a61e7e79afc93a9f6bd2f2763e67ac92a0d
1bd57a7a6e69260caed0cab6af817764609b1bd1d8938006fefecc43917db2d0
GET /land/casino_spin_football_regform/img/new_spins/man_right.png HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_spin_football_regform/css/style.css?v=17
Cookie: _uc_referrer=direct; _uc_utm_source=affise; _uc_utm_medium=revshare; _uc_utm_campaign=53_betting; _uc_utm_term=; _uc_utm_content=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 15:52:55 GMT
content-type: image/png
content-length: 203053
last-modified: Fri, 18 Nov 2022 15:54:28 GMT
etag: "6377aab4-3192d"
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2183
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yN6eR2vdraxCiqwBLYMakzvjqOR%2FIILAsF8l5A%2FUfFo1KBvBzBVdE0SVeNH8aAx3OayLh1eAHWUqatlT5R5yXcx19AXkByawkzkMuvDjER%2FVtOjYW4h8dyik%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792bdb650ddeb515-OSL
X-Firefox-Spdy: h2
cyber.bet/land/casino_spin_football_regform/img/new_spins/coins_right_1.png
172.66.43.156200 OK 25 kB URL HTTP/2 cyber.bet/land/casino_spin_football_regform/img/new_spins/coins_right_1.png
IP 172.66.43.156:0
File type PNG image data, 813 x 1080, 8-bit colormap, non-interlaced\012- data
Hash 01e2d88c4c51b2f2a5b10d378c1d4b8d
1e8fa866268b969d364d202eaa1253e278ec6bd0
87c37b4ecb791af1fd5a3b17f513547a8d4cc0174066bccdb293a13ca5684a8e
GET /land/casino_spin_football_regform/img/new_spins/coins_right_1.png HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_spin_football_regform/css/style.css?v=17
Cookie: _uc_referrer=direct; _uc_utm_source=affise; _uc_utm_medium=revshare; _uc_utm_campaign=53_betting; _uc_utm_term=; _uc_utm_content=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 15:52:55 GMT
content-type: image/png
content-length: 25077
last-modified: Fri, 18 Nov 2022 15:54:28 GMT
etag: "6377aab4-61f5"
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2183
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YehBLeZ4n7I8dMBifzSs2BtUsLXQpEy%2Fbu2zkqn74kQPJXa%2F5AR7ZzHRYVeqHg%2BW5AR%2Bch8njBQPLaRb4ksdvHUR2M20p4WbFduoCaI2xmQPUjqo2RLa4VCpZg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792bdb652e02b515-OSL
X-Firefox-Spdy: h2
cyber.bet/land/casino_spin_football_regform/img/new_spins/coins_left_2.png
172.66.43.156200 OK 23 kB URL HTTP/2 cyber.bet/land/casino_spin_football_regform/img/new_spins/coins_left_2.png
IP 172.66.43.156:0
File type PNG image data, 703 x 1080, 8-bit colormap, non-interlaced\012- data
Hash f111aa95827c7922143782ca612f2233
61fa84d487f9f722edecf8bc146d34ebb0a0807b
45897acd8804822425ffee5a38d5a62d03e134beb58f25120c24e1aff49c4acf
GET /land/casino_spin_football_regform/img/new_spins/coins_left_2.png HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_spin_football_regform/css/style.css?v=17
Cookie: _uc_referrer=direct; _uc_utm_source=affise; _uc_utm_medium=revshare; _uc_utm_campaign=53_betting; _uc_utm_term=; _uc_utm_content=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 15:52:55 GMT
content-type: image/png
content-length: 23327
last-modified: Fri, 18 Nov 2022 15:54:28 GMT
etag: "6377aab4-5b1f"
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2183
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FlneFSuMDkGG65wwzotxYaVBW3Uh0IJX0ReRO1TJBkiE4tT7XnM%2BwhZ0zHW%2B7KroFt21JU7cG%2B4NdlZ3D1vFES9PkPb5CwSW9khv%2BmYwRuFCwfCbxzHbscGDdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792bdb652e01b515-OSL
X-Firefox-Spdy: h2
cyber.bet/land/casino_spin_football_regform/img/new_spins/wheel_fields_EN.png
172.66.43.156200 OK 50 kB URL HTTP/2 cyber.bet/land/casino_spin_football_regform/img/new_spins/wheel_fields_EN.png
IP 172.66.43.156:0
File type PNG image data, 491 x 491, 8-bit colormap, non-interlaced\012- data
Hash e667e4fc0f204c3ce417761556c68dd2
1bc3c50cc97bf6b961d47e1919ecb5138f863b2c
5ebe297bfc97cb9fd78e26a8f7115d5d275a90300befd403a3eec6334a18b8c1
GET /land/casino_spin_football_regform/img/new_spins/wheel_fields_EN.png HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_spin_football_regform/css/style.css?v=17
Cookie: _uc_referrer=direct; _uc_utm_source=affise; _uc_utm_medium=revshare; _uc_utm_campaign=53_betting; _uc_utm_term=; _uc_utm_content=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 15:52:55 GMT
content-type: image/png
content-length: 49699
last-modified: Fri, 18 Nov 2022 15:54:28 GMT
etag: "6377aab4-c223"
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2183
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JqMzrmECMTDM85KFlMLsgHuX22QANbD5r3M9MiAG1dM1%2FCmb%2BGWdoSA%2BzoESVA9%2BTCUlqnQ%2BHiKX9ijhQipzz3mpsVAatNPZ%2FujB8B0pf2BvMek6HTfATrI59w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792bdb652e05b515-OSL
X-Firefox-Spdy: h2
cyber.bet/land/casino_spin_football_regform/img/new_spins/coins_right_2.png
172.66.43.156200 OK 11 kB URL HTTP/2 cyber.bet/land/casino_spin_football_regform/img/new_spins/coins_right_2.png
IP 172.66.43.156:0
File type PNG image data, 686 x 1080, 8-bit colormap, non-interlaced\012- data
Hash 58c57a118de44f03a8b4b558204af08f
d2c3f2d4000d4b9082554c9ab09eb61473dcc642
81e8f5c8aaac158d0dee432fb91844697d88ea9cb72efeb75dd6fec48dc3aee8
GET /land/casino_spin_football_regform/img/new_spins/coins_right_2.png HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_spin_football_regform/css/style.css?v=17
Cookie: _uc_referrer=direct; _uc_utm_source=affise; _uc_utm_medium=revshare; _uc_utm_campaign=53_betting; _uc_utm_term=; _uc_utm_content=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 15:52:55 GMT
content-type: image/png
content-length: 11330
last-modified: Fri, 18 Nov 2022 15:54:28 GMT
etag: "6377aab4-2c42"
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2183
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qK7gIGrTjXbWQfVbbZalffhSHP4oHxEINw9J6Om563pQwDFyPH9cnbs6s7ngld%2BUIgVPU%2B3uqLVQiD%2BoxlPrO8%2Fo0H0DKrfG62pyNhY1iCGBU7pi9vY1hqgX0g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792bdb652e03b515-OSL
X-Firefox-Spdy: h2
cyber.bet/land/casino_spin_football_regform/img/logo.png
172.66.43.156200 OK 3.1 kB URL HTTP/2 cyber.bet/land/casino_spin_football_regform/img/logo.png
IP 172.66.43.156:0
File type PNG image data, 319 x 61, 8-bit colormap, non-interlaced\012- data
Hash 2629d1a123bcff6f4f9730d3c334d0f1
648471b60baebce5a6a83ccebd4a1c198d4da297
1723721ffe474cfdcbf447e300c5804cb66991491fbce776cbb55d8a8cb7c189
GET /land/casino_spin_football_regform/img/logo.png HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_spin_football_regform/css/style.css?v=17
Cookie: _uc_referrer=direct; _uc_utm_source=affise; _uc_utm_medium=revshare; _uc_utm_campaign=53_betting; _uc_utm_term=; _uc_utm_content=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 15:52:55 GMT
content-type: image/png
content-length: 3083
last-modified: Fri, 18 Nov 2022 15:54:28 GMT
etag: "6377aab4-c0b"
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2183
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9ZIsbFhiFkYKcfXUzvYbiKQakQlrvc6DHpilXC9Lcw7BRoNj2Q5qxLZSO7h4Gn2kZwtW0rsSAq%2BRSJ2Tvz1T0pQLp45c6IhwZfG1xwnwBMZOMCzp1YlqE8WCdw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792bdb652e04b515-OSL
X-Firefox-Spdy: h2
cyber.bet/land/casino_spin_football_regform/img/new_spins/wheel_frame.png
172.66.43.156200 OK 36 kB URL HTTP/2 cyber.bet/land/casino_spin_football_regform/img/new_spins/wheel_frame.png
IP 172.66.43.156:0
File type PNG image data, 566 x 602, 8-bit colormap, non-interlaced\012- data
Hash 9673d7e34cd1da5ec860a85663e7e6e2
2b3ec751dc279dc26c480e84ff49210532b27a78
ced70ebfec90de68184b290375f7ab2c9ff26c4711921e735cfd950f65210826
GET /land/casino_spin_football_regform/img/new_spins/wheel_frame.png HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_spin_football_regform/css/style.css?v=17
Cookie: _uc_referrer=direct; _uc_utm_source=affise; _uc_utm_medium=revshare; _uc_utm_campaign=53_betting; _uc_utm_term=; _uc_utm_content=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 15:52:55 GMT
content-type: image/png
content-length: 36319
last-modified: Fri, 18 Nov 2022 15:54:28 GMT
etag: "6377aab4-8ddf"
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2183
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3su0mhHuTPrZ4Qd839vkU81vLc6qaRTEwlKA5h6Lx3Jg3LDH3eTNz9vbsTM2nQrzZmfgq2o3XDK3alcZYa5KkDqoL1x9nlx3QOlFUuZNSDT18xYZ%2BpU9CZtfUw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792bdb654e29b515-OSL
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 6b21f87e54b10ba719e15dc390c48701
7da5a76ac948ba52b23e19b4d857efddef75313e
178a5d6a627ac741af8a057c542d308bdc88802d07f1aeb41af37ff997cd90df
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "178A5D6A627AC741AF8A057C542D308BDC88802D07F1AEB41AF37FF997CD90DF"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16509
Expires: Wed, 01 Feb 2023 20:28:04 GMT
Date: Wed, 01 Feb 2023 15:52:55 GMT
Connection: keep-alive
cyber.bet/land/casino_spin_football_regform/img/new_spins/wheel_btn_EN_default.png
172.66.43.156200 OK 10 kB URL HTTP/2 cyber.bet/land/casino_spin_football_regform/img/new_spins/wheel_btn_EN_default.png
IP 172.66.43.156:0
File type PNG image data, 171 x 171, 8-bit colormap, non-interlaced\012- data
Hash dd9cee9644e592e9158ed2b3edf257cb
830e926590cc3ca66db051fff01693391effdf43
d773c30678fa7c669d9df3ab8b36f19f0543248fd09b9c1f8da895f0dd70ab57
GET /land/casino_spin_football_regform/img/new_spins/wheel_btn_EN_default.png HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_spin_football_regform/css/style.css?v=17
Cookie: _uc_referrer=direct; _uc_utm_source=affise; _uc_utm_medium=revshare; _uc_utm_campaign=53_betting; _uc_utm_term=; _uc_utm_content=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 15:52:55 GMT
content-type: image/png
content-length: 10373
last-modified: Fri, 18 Nov 2022 15:54:28 GMT
etag: "6377aab4-2885"
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2183
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zDnj2x%2BF3rAJr9T7jH0uYGDOE9of9jdxxo90iG0DUsgYqzaQgbCmW4N9M6as5x0Ski2J0G9mqRVkv3ZhEKWnw7SgayACkge9%2FPDGxi740nlH%2B3jQPmd9YAaYdw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792bdb654e27b515-OSL
X-Firefox-Spdy: h2
cyber.bet/land/casino_spin_football_regform/img/new_spins/cta-2.png
172.66.43.156200 OK 94 kB URL HTTP/2 cyber.bet/land/casino_spin_football_regform/img/new_spins/cta-2.png
IP 172.66.43.156:0
File type PNG image data, 800 x 378, 8-bit colormap, non-interlaced\012- data
Hash cb1ddc998ee76e8c34eedc2829c4e3e5
3926e0baf7fcbbe35b54b313a6ce439a321d4688
9f7a05996156388cff3bbfcad6abe962967a89f897b281767e79f8aa9d0dd367
GET /land/casino_spin_football_regform/img/new_spins/cta-2.png HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_spin_football_regform/css/style.css?v=17
Cookie: _uc_referrer=direct; _uc_utm_source=affise; _uc_utm_medium=revshare; _uc_utm_campaign=53_betting; _uc_utm_term=; _uc_utm_content=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 15:52:55 GMT
content-type: image/png
content-length: 94518
last-modified: Fri, 18 Nov 2022 15:54:28 GMT
etag: "6377aab4-17136"
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2183
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B30NMieaWTUjKRLuT1DliN5QqJj8wxUyIodPjyuYA7W2HUUXR%2B0tRI3bpf3MnCrfMbjbdEkHQx0BemMH3M%2FWlfz8lJSUwx0tiJpySbUtrjtaCVzWNbOLUFSAeg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792bdb655e36b515-OSL
X-Firefox-Spdy: h2
cdnstatic.cyber.bet/js/global.js
54.230.111.100200 OK 71 kB URL HTTP/2 cdnstatic.cyber.bet/js/global.js
IP 54.230.111.100:0
File type Unicode text, UTF-8 text, with very long lines (5000), with CRLF line terminators
Hash 8943965f22a29b6f800a98e0eaed584f
1cfa4c3d79808cce1785967a637819b88a9d11f5
3655c70a4699f50b8ffedcba2985671c7c8788b6a73e665e45515e6b8e69e3db
GET /js/global.js HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 70834
vary: Accept-Encoding
date: Wed, 01 Feb 2023 15:52:56 GMT
last-modified: Tue, 24 Jan 2023 12:10:35 GMT
etag: "8943965f22a29b6f800a98e0eaed584f"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: sM_oavvK4gjGX5kD30ChgPhxt2OYNe8IXielLZYNrh-C30kB5dCq3w==
cache-control: no-store, no-cache, must-revalidate
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 789b41f1f8027d4275a66ac9cb2f124d
c5eff6750f9a50fc52a7a6ec6e30a7afaf28fc79
e053b0b29fc44721473ed39ddfe41064f09b56b3531c765228fa322d599e770f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 15:52:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
my.rtmark.net/p.js?f=sync&lr=1&partner=ba0d5680aec92ed9c5c9da2be8d0e8a3a577866b71c7089a32ed732bc1246910
139.45.195.8200 OK 697 B URL HTTP/2 my.rtmark.net/p.js?f=sync&lr=1&partner=ba0d5680aec92ed9c5c9da2be8d0e8a3a577866b71c7089a32ed732bc1246910
IP 139.45.195.8:0
Hash bb07e31c2c066db5c4b3259d1f69a442
db79e9d4a817ce703b11b65faf2ba097228063b2
d96b7a3f7fe0803348c6ea7cd2f02b2a3d96feabac2339d2f89033336f6583a8
GET /p.js?f=sync&lr=1&partner=ba0d5680aec92ed9c5c9da2be8d0e8a3a577866b71c7089a32ed732bc1246910 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 15:52:55 GMT
content-type: text/javascript
content-length: 697
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
142.250.74.35200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cyber.bet
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 07:08:09 GMT
expires: Sat, 27 Jan 2024 07:08:09 GMT
cache-control: public, max-age=31536000
age: 463486
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cyber.bet/land/casino_spin_football_regform/img/favicon.png
172.66.43.156200 OK 34 kB URL HTTP/2 cyber.bet/land/casino_spin_football_regform/img/favicon.png
IP 172.66.43.156:0
File type MS Windows icon resource - 5 icons, 16x16, 32 bits/pixel, 24x24, 32 bits/pixel\012- data
Hash 983ad95f22f765399eb6873c7023ef54
ac4e2d269d98a4caa6d5e1c53503f8d423e377ad
581ee9af05f03c9c751bd2ff9275957ec320137956d33c27d7397bcbf2ddbde1
GET /land/casino_spin_football_regform/img/favicon.png HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_spin_football_regform/?cid=63da8ad7902fa000015bc932&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_betting&promocode=CYBERMAX300&subid2=&subid3=&aff_bnnr=&aff_land=1669392156&slice=
Cookie: _uc_referrer=direct; _uc_utm_source=affise; _uc_utm_medium=revshare; _uc_utm_campaign=53_betting; _uc_utm_term=; _uc_utm_content=; _ga_8FYNJV02NV=GS1.1.1675266797.1.0.1675266797.60.0.0; _ga=GA1.1.1047787705.1675266798
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 15:52:55 GMT
content-type: image/png
content-length: 34494
last-modified: Fri, 18 Nov 2022 15:54:28 GMT
etag: "6377aab4-86be"
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 761
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JSQ1xDirCc7zneNi0eLtTh6frGzfl0icmBflMRq6dJkOitgbo2k7KaYFXWmDJu32ZGcrznl%2FXAL7pUaefoJGTrWIrtx4xlbRGRrgYezKOLQgXWYAVXFOC66DAA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792bdb65eefbb515-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 42d54c8c12a2f90c448a11bf42800e86
bb66d35435411c825bfcd0a091f33b7d1708191e
3b67d91fbb38e5c47b6ebff53da366b87af3a308e5c588775ac66a808761dbb1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 15:52:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Wed, 01 Feb 2023 15:46:59 GMT
expires: Wed, 01 Feb 2023 17:46:59 GMT
cache-control: public, max-age=7200
age: 357
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Montserrat:wght@100;200;300;400;500;600;700;900&display=swap
142.250.74.106200 OK 1.2 kB URL HTTP/2 fonts.googleapis.com/css2?family=Montserrat:wght@100;200;300;400;500;600;700;900&display=swap
IP 142.250.74.106:0
Hash 8d2fcb01ad091fdaf9f7e9d0ae012433
2dc9e8f043e7d107a93723d569d704d928d2b2b3
b18bba554e12aa31a53671ec5f8304f52b3303b00b4c403f874fde5ac6eabbe1
GET /css2?family=Montserrat:wght@100;200;300;400;500;600;700;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 01 Feb 2023 15:52:55 GMT
date: Wed, 01 Feb 2023 15:52:55 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8FYNJV02NV&cid=1047787705.1675266798>m=2oe1u0&aip=1&z=2140829403
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8FYNJV02NV&cid=1047787705.1675266798>m=2oe1u0&aip=1&z=2140829403
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8FYNJV02NV&cid=1047787705.1675266798>m=2oe1u0&aip=1&z=2140829403 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 01 Feb 2023 15:52:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdnstatic.cyber.bet/js/fp.js
54.230.111.100200 OK 533 B URL HTTP/2 cdnstatic.cyber.bet/js/fp.js
IP 54.230.111.100:0
File type ASCII text, with CRLF line terminators
Hash d1abfbe2c5b50e7f427e41c79197dcd3
01f6142a97168fd15da33334c35ce351d676ed08
7266855231eab7a13a11e53e9df50e1c84582649d9708e9a8f72d62e8af8b569
GET /js/fp.js HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1675266797.1.0.1675266798.59.0.0; _ga=GA1.2.1047787705.1675266798; _gid=GA1.2.1838844547.1675266798; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 533
last-modified: Tue, 24 Jan 2023 12:10:35 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Wed, 01 Feb 2023 15:52:03 GMT
etag: "d1abfbe2c5b50e7f427e41c79197dcd3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8Ixddju_FUHW5T5RHPfjCYuq5sSHU4Ns45elp2t1Kx7_Gb0nCQ2uGQ==
age: 53
X-Firefox-Spdy: h2
cdnstatic.cyber.bet/js/geoMapping.js
54.230.111.100200 OK 443 B URL HTTP/2 cdnstatic.cyber.bet/js/geoMapping.js
IP 54.230.111.100:0
File type ASCII text, with CRLF line terminators
Hash 2f6043a16c26cde9a190dbb829b5519c
791479cfced1a000ef6411990f1c4bba615b6b4c
f9dfb0c2f94be90f2cdeb66286b36cdeb5d8fb0fbb9f28b1e1d3d99a3780306a
GET /js/geoMapping.js HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1675266797.1.0.1675266798.59.0.0; _ga=GA1.2.1047787705.1675266798; _gid=GA1.2.1838844547.1675266798; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 443
last-modified: Tue, 24 Jan 2023 12:10:35 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Wed, 01 Feb 2023 15:52:03 GMT
etag: "2f6043a16c26cde9a190dbb829b5519c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: VYUWsMwEOXQVV_1L9Y2Hvx17FWjheYucq0aydqk5-gE5pcc1s-rgLw==
age: 54
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 4a1c315f637e41293820773d650c12f3
f28e2314c4888386cb8ce3c4e2fba928b999f134
b2a81e11574f61804cf613a15225cc32f10aec859b5ee9af3ef0ae421f81c30f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 01 Feb 2023 15:52:56 GMT
Etag: "63d971f8-1d7"
Last-Modified: Wed, 01 Feb 2023 14:16:43 GMT
Server: ECS (nyb/1D22)
X-Cache: Miss from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: WOhYPYe3LJGmto9W42o__ZVsPuEXB4wO-T5Tn8h_SWtbz4THoM_Vpg==
Age: 5773
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b4c9a8ce96aa57d27a6bd55df00f08ac
180302ed4863fb5b22b45ab0cc7c770a12a8c63d
3707163ad693f536f95ed3331f045060ad51b12e95d55690d341a4a93e7f1d12
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 15:52:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Roboto:500,700&display=swap&subset=cyrillic
142.250.74.106200 OK 15 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto:500,700&display=swap&subset=cyrillic
IP 142.250.74.106:0
File type Unicode text, UTF-8 text, with very long lines (34150)
Hash 0dff6599e89321034f071d3d251a82e8
a8a061a2ca226241b7da1b61b199078e956f55f1
6a678836a9e377867f40fb7737f43e1da29312a33dd2d9922b356d71b21bab99
GET /css?family=Roboto:500,700&display=swap&subset=cyrillic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 01 Feb 2023 15:52:55 GMT
date: Wed, 01 Feb 2023 15:52:55 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cyber.bet/land/casino_spin_football_regform/css/errors.css
172.66.43.156200 OK 1.9 kB URL HTTP/2 cyber.bet/land/casino_spin_football_regform/css/errors.css
IP 172.66.43.156:0
File type ASCII text, with very long lines (1033), with no line terminators
Hash 8bbac76c372fa53739377a6c4734007a
828fedd06a2e36a5a4b249e20daf9dca9dbe15f7
fd802d455f10119ec06be7f72d1120dea278a3892127199a4d677a56f314b340
GET /land/casino_spin_football_regform/css/errors.css HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_spin_football_regform/?cid=63da8ad7902fa000015bc932&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_betting&promocode=CYBERMAX300&subid2=&subid3=&aff_bnnr=&aff_land=1669392156&slice=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 15:52:55 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=1399
etag: W/"6377aab4-577"
last-modified: Fri, 18 Nov 2022 15:54:28 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2395
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4cqk8di6Sl4hj88QaoMkMl5%2B88%2FQ79H5zO%2FwrgUGfSzDKl2U9DJz6J10OLVkXbXOMvuY%2FsFaHBhUMphXtU6S5YIwHMjEPK5Ijv5rAwKVCmEawq2Ub4MWKvF%2Bvw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792bdb62cb05b515-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 46e2bec06a11406d5cdcec9c0e76911d
edc777878dca7029c70577edae741264a22ab010
21f7443ebf888a28fb0f0010d1c83ca833b42c06f7d2c755f83a4b418de96854
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 15:52:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cyber.bet/land/casino_spin_football_regform/js/Utils.js
172.66.43.156200 OK 2.1 kB URL HTTP/2 cyber.bet/land/casino_spin_football_regform/js/Utils.js
IP 172.66.43.156:0
File type ASCII text, with very long lines (1417)
Hash f15f4050919b88f4dcd07182ec6a697c
a564b5559c8b8aa7b6db6be3c424981f880e7b03
1b8ee50ee92c666bd473ec0d038ad6dde17430126d28e5342478ea6131dd9f6c
GET /land/casino_spin_football_regform/js/Utils.js HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_spin_football_regform/?cid=63da8ad7902fa000015bc932&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_betting&promocode=CYBERMAX300&subid2=&subid3=&aff_bnnr=&aff_land=1669392156&slice=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 15:52:55 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=4944
etag: W/"6377aab4-1350"
last-modified: Fri, 18 Nov 2022 15:54:28 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2183
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=283qiIQZax4Qgcw7BGkFpdzNBZpk9m%2Bo%2FrNOKZNcC5tNZBsR5MBru9BwS1zInvdmeI1kyR9zSylsB7UtNm3PNUTsFlWrRXXY0ue67iO2K7sSc7br0kZPdPRIxA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792bdb62eb42b515-OSL
content-encoding: br
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-113371679-5&cid=1047787705.1675266798&jid=117321977&gjid=21946890&_gid=1838844547.1675266798&_u=YCDACEABBAAAACAFK~&z=2109213194
173.194.73.157200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-113371679-5&cid=1047787705.1675266798&jid=117321977&gjid=21946890&_gid=1838844547.1675266798&_u=YCDACEABBAAAACAFK~&z=2109213194
IP 173.194.73.157:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-113371679-5&cid=1047787705.1675266798&jid=117321977&gjid=21946890&_gid=1838844547.1675266798&_u=YCDACEABBAAAACAFK~&z=2109213194 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://cyber.bet
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://cyber.bet
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 01 Feb 2023 15:52:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-113371679-3&cid=1047787705.1675266798&jid=84744038&gjid=1496918814&_gid=1838844547.1675266798&_u=YCDACEAABAAAACABI~&z=1636058975
173.194.73.157200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-113371679-3&cid=1047787705.1675266798&jid=84744038&gjid=1496918814&_gid=1838844547.1675266798&_u=YCDACEAABAAAACABI~&z=1636058975
IP 173.194.73.157:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-113371679-3&cid=1047787705.1675266798&jid=84744038&gjid=1496918814&_gid=1838844547.1675266798&_u=YCDACEAABAAAACABI~&z=1636058975 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://cyber.bet
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://cyber.bet
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 01 Feb 2023 15:52:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 073fcf833bc8ef0412daa191be356733
b4890d7bc43ac33b3df23cf1c53b921bf7ff540a
8c09cd2f5febdb1566f29301c908e21ab44a367491d384818e231cecaac83027
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8C09CD2F5FEBDB1566F29301C908E21AB44A367491D384818E231CECAAC83027"
Last-Modified: Wed, 01 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4130
Expires: Wed, 01 Feb 2023 17:01:46 GMT
Date: Wed, 01 Feb 2023 15:52:56 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 073fcf833bc8ef0412daa191be356733
b4890d7bc43ac33b3df23cf1c53b921bf7ff540a
8c09cd2f5febdb1566f29301c908e21ab44a367491d384818e231cecaac83027
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8C09CD2F5FEBDB1566F29301C908E21AB44A367491D384818E231CECAAC83027"
Last-Modified: Wed, 01 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4130
Expires: Wed, 01 Feb 2023 17:01:46 GMT
Date: Wed, 01 Feb 2023 15:52:56 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 199bb3686e2305492a8e928b187b107a
ab037860b21a7d474e2031d3cfe0c64b7081ac50
f168ac90c2d2d9f55f3589842036633df71aafd87b686a6f91b1a676faab63a1
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 01 Feb 2023 15:52:56 GMT
Last-Modified: Wed, 01 Feb 2023 15:26:41 GMT
Server: ECS (bsa/EB24)
X-Cache: Miss from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: vkxsGVr5EGruDKDOf3O_iaaX8_PEbI05b-rabxTk3-p6c0TC3LYzCw==
Age: 1575
cyber.bet/graphql/v2
172.66.43.156200 OK 126 B IP 172.66.43.156:0
File type JSON data\012- , ASCII text, with no line terminators
Hash fc91e6423b3f3fa830a108da071f60f6
4a63a49a3d858b31286cf8093583364c987021fa
c3f58df74686b683fa8dfaeacbeab7aace6fe2d56d8dc59d05096d75cc8919da
POST /graphql/v2 HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cyber.bet/land/casino_spin_football_regform/?cid=63da8ad7902fa000015bc932&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_betting&promocode=CYBERMAX300&subid2=&subid3=&aff_bnnr=&aff_land=1669392156&slice=
Content-Type: application/json;charset=utf-8
Origin: https://cyber.bet
Content-Length: 51
Connection: keep-alive
Cookie: _uc_referrer=direct; _uc_utm_source=affise; _uc_utm_medium=revshare; _uc_utm_campaign=53_betting; _uc_utm_term=; _uc_utm_content=; _ga_8FYNJV02NV=GS1.1.1675266797.1.0.1675266798.59.0.0; _ga=GA1.2.1047787705.1675266798; _gid=GA1.2.1838844547.1675266798; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 15:52:56 GMT
content-type: application/json
strict-transport-security: max-age=15724800; includeSubDomains
cb-blocked: no
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3DDg3rdH1AiNqgqeQFNKY5zZNbZpfjfXgVGI4uS%2FK8dRZJYybT2ScJFq33NcqyQ2vVAU8kRub4X087yX2dp%2FAPFKqiTFOptsckNDUD2F0ACBEr3%2FiwztDqN0zw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792bdb669fd6b515-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 46e2bec06a11406d5cdcec9c0e76911d
edc777878dca7029c70577edae741264a22ab010
21f7443ebf888a28fb0f0010d1c83ca833b42c06f7d2c755f83a4b418de96854
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 15:52:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
backend.cyberbet.academy/api/gql/send?ttl=86400
34.254.83.154200 OK 4 B URL HTTP/2 backend.cyberbet.academy/api/gql/send?ttl=86400
IP 34.254.83.154:0
File type ASCII text, with no line terminators
Hash 5b3abf9c1aa7556c3a36fea4e695c5d2
3fd967d09a748e1f2b26d6fe562e7155aa87e9de
98c4922bb641c65c7a30b7bcafdf230b9b00b6693631c56146ab25b2786ee4a3
OPTIONS /api/gql/send?ttl=86400 HTTP/1.1
Host: backend.cyberbet.academy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://cyber.bet/
Origin: https://cyber.bet
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 15:52:56 GMT
content-type: application/json; charset=utf-8
content-length: 4
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-headers: origin, content-type, accept
etag: W/"4-P9ln0Jp0jh8rJtb+Vi5xVaqH6d4"
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
backend.cyberbet.academy/api/gql/send?ttl=86400
34.254.83.154200 OK 1.7 kB URL HTTP/2 backend.cyberbet.academy/api/gql/send?ttl=86400
IP 34.254.83.154:0
File type JSON data\012- , ASCII text, with very long lines (1732), with no line terminators
Hash 7d262be351a12c20d4e65ce60529f9fc
8081b04642d8b42d8af4fe92cf2e496ed15eaca5
a9d1bfc8e3fcf82bc6d372d278866fb7cc002c158e1ed329bd4f94a70a965241
POST /api/gql/send?ttl=86400 HTTP/1.1
Host: backend.cyberbet.academy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cyber.bet/
Content-Type: application/json;charset=utf-8
Origin: https://cyber.bet
Content-Length: 359
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 15:52:56 GMT
content-type: application/json; charset=utf-8
content-length: 1732
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-headers: origin, content-type, accept
etag: W/"6c4-gIGwRkLYtC2K9P6Szy5JbtFerKU"
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
cyber.bet/land/casino_spin_football_regform/img/new_spins/wheel_btn_again_NO_hover.png
172.66.43.156200 OK 11 kB URL HTTP/2 cyber.bet/land/casino_spin_football_regform/img/new_spins/wheel_btn_again_NO_hover.png
IP 172.66.43.156:0
File type PNG image data, 171 x 171, 8-bit colormap, non-interlaced\012- data
Hash 4a8c87ba6002a3773a1a6d3e7bfb71ee
bc1085ef3f8b4ad7edd49e37a6c473e7e5939609
c105dd8ea92f79a076c06c84f70eba921d7725491f46986b59872e4db79a2822
GET /land/casino_spin_football_regform/img/new_spins/wheel_btn_again_NO_hover.png HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_spin_football_regform/css/style.css?v=17
Cookie: _uc_referrer=direct; _uc_utm_source=affise; _uc_utm_medium=revshare; _uc_utm_campaign=53_betting; _uc_utm_term=; _uc_utm_content=; _ga_8FYNJV02NV=GS1.1.1675266797.1.0.1675266798.59.0.0; _ga=GA1.2.1047787705.1675266798; _gid=GA1.2.1838844547.1675266798; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 15:52:56 GMT
content-type: image/png
content-length: 10851
last-modified: Fri, 18 Nov 2022 15:54:28 GMT
etag: "6377aab4-2a63"
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1352
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HEMSD4VbhA3TNPuIDnO6KlGieAddH2W6646SQLBGp42fbtQgVoOxD3pie%2F1cxSQVGmE2QDbUHW7wfJ85OiwW3rurDdnxu35O9x7JisFAFLZqNcXxpMMV3N%2BlkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792bdb689aa9b515-OSL
X-Firefox-Spdy: h2
cyber.bet/land/casino_spin_football_regform/img/new_spins/wheel_btn_NO_default.png
172.66.43.156200 OK 10 kB URL HTTP/2 cyber.bet/land/casino_spin_football_regform/img/new_spins/wheel_btn_NO_default.png
IP 172.66.43.156:0
File type PNG image data, 171 x 171, 8-bit colormap, non-interlaced\012- data
Hash dd9cee9644e592e9158ed2b3edf257cb
830e926590cc3ca66db051fff01693391effdf43
d773c30678fa7c669d9df3ab8b36f19f0543248fd09b9c1f8da895f0dd70ab57
GET /land/casino_spin_football_regform/img/new_spins/wheel_btn_NO_default.png HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_spin_football_regform/css/style.css?v=17
Cookie: _uc_referrer=direct; _uc_utm_source=affise; _uc_utm_medium=revshare; _uc_utm_campaign=53_betting; _uc_utm_term=; _uc_utm_content=; _ga_8FYNJV02NV=GS1.1.1675266797.1.0.1675266798.59.0.0; _ga=GA1.2.1047787705.1675266798; _gid=GA1.2.1838844547.1675266798; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 15:52:56 GMT
content-type: image/png
content-length: 10373
last-modified: Fri, 18 Nov 2022 15:54:28 GMT
etag: "6377aab4-2885"
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1352
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qgtjyFFkHKo5U9zyc4D907uHK0o%2BdKmFv8rLt35gobXqAufKNchamO72CjnaSDGpYMmrd8YzFEN5AstqqRxsIkt2NGi8Qa7BSZ2VBjl9kct2%2BknCD3eaQ5NVPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792bdb689aa4b515-OSL
X-Firefox-Spdy: h2
cyber.bet/land/casino_spin_football_regform/img/new_spins/wheel_btn_NO_hover.png
172.66.43.156200 OK 10 kB URL HTTP/2 cyber.bet/land/casino_spin_football_regform/img/new_spins/wheel_btn_NO_hover.png
IP 172.66.43.156:0
File type PNG image data, 171 x 171, 8-bit colormap, non-interlaced\012- data
Hash 898b775f838a886e9bea314057f0c0ad
09330a97613e3a7bd14231e4e1bfb2489af99205
e7fcf4dfe650addacf1286592d67620a38ea5e194fdb2c8bb33e90a67c245844
GET /land/casino_spin_football_regform/img/new_spins/wheel_btn_NO_hover.png HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_spin_football_regform/css/style.css?v=17
Cookie: _uc_referrer=direct; _uc_utm_source=affise; _uc_utm_medium=revshare; _uc_utm_campaign=53_betting; _uc_utm_term=; _uc_utm_content=; _ga_8FYNJV02NV=GS1.1.1675266797.1.0.1675266798.59.0.0; _ga=GA1.2.1047787705.1675266798; _gid=GA1.2.1838844547.1675266798; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 15:52:56 GMT
content-type: image/png
content-length: 10490
last-modified: Fri, 18 Nov 2022 15:54:28 GMT
etag: "6377aab4-28fa"
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1352
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9AyYTchnphqAwIQkcSIsZnoC8A1riNT27k8NCJQXd8uVl5QrJATuu1zJiWQ7npxTjFRGWoCs6lf%2Fg63lZcHEMfBLqEu8kmfy4mtiMUhRqZTbrxtY02ChTtLwrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792bdb689aa6b515-OSL
X-Firefox-Spdy: h2
cyber.bet/land/casino_spin_football_regform/img/new_spins/wheel_btn_again_NO_default.png
172.66.43.156200 OK 11 kB URL HTTP/2 cyber.bet/land/casino_spin_football_regform/img/new_spins/wheel_btn_again_NO_default.png
IP 172.66.43.156:0
File type PNG image data, 171 x 171, 8-bit colormap, non-interlaced\012- data
Hash 79c19f7713e71b064f7c7382e2cdbe57
db1001457ae6dac8c037ed7aa5f1e05368e087c5
6a4c515df973722a1a2eb3b42f481792dc0fb79d932a23e306b8a66f5d86525b
GET /land/casino_spin_football_regform/img/new_spins/wheel_btn_again_NO_default.png HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_spin_football_regform/css/style.css?v=17
Cookie: _uc_referrer=direct; _uc_utm_source=affise; _uc_utm_medium=revshare; _uc_utm_campaign=53_betting; _uc_utm_term=; _uc_utm_content=; _ga_8FYNJV02NV=GS1.1.1675266797.1.0.1675266798.59.0.0; _ga=GA1.2.1047787705.1675266798; _gid=GA1.2.1838844547.1675266798; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 15:52:56 GMT
content-type: image/png
content-length: 10902
last-modified: Fri, 18 Nov 2022 15:54:28 GMT
etag: "6377aab4-2a96"
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1352
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n5Re7j1RpF5uqtjIX1kg6siuxSXi19ipNyL94vIwSXtmOGhEZrOOz65ySH2INoKaTSgPlkad9HQqJabP4JtRjHGwzHsJ55niAsUMkudkS8piW1MHKBnPpoEPtw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792bdb689aa8b515-OSL
X-Firefox-Spdy: h2
cyber.bet/land/casino_spin_football_regform/img/new_spins/wheel_fields_NO.png
172.66.43.156200 OK 51 kB URL HTTP/2 cyber.bet/land/casino_spin_football_regform/img/new_spins/wheel_fields_NO.png
IP 172.66.43.156:0
File type PNG image data, 491 x 491, 8-bit colormap, non-interlaced\012- data
Hash 23d66fdffe3ef92b139a8055aabe103e
5e7b0ef1845f079649cb436f00ad74015f23877a
304459e1aa92d76671d0f3d68f48036a63cac09a952fe85a0ad0f4297025ded5
GET /land/casino_spin_football_regform/img/new_spins/wheel_fields_NO.png HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_spin_football_regform/css/style.css?v=17
Cookie: _uc_referrer=direct; _uc_utm_source=affise; _uc_utm_medium=revshare; _uc_utm_campaign=53_betting; _uc_utm_term=; _uc_utm_content=; _ga_8FYNJV02NV=GS1.1.1675266797.1.0.1675266798.59.0.0; _ga=GA1.2.1047787705.1675266798; _gid=GA1.2.1838844547.1675266798; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 15:52:56 GMT
content-type: image/png
content-length: 51365
last-modified: Fri, 18 Nov 2022 15:54:28 GMT
etag: "6377aab4-c8a5"
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1352
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=49fYS4BIK%2BdeWWoJHmDt%2FF7VNQtIfXP4Htm%2FwjEPk3fK8ZqBvnk8AJRAGwYvszj1GqNUNir6cEFBOCIK30VL9n1klQJWeachNhU0oG86vAc1FnVprDGQmgbHbg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792bdb688aa2b515-OSL
X-Firefox-Spdy: h2
cyber.bet/land/casino_spin_football_regform/img/new_spins/wheel_btn_again_NO_pressed.png
172.66.43.156200 OK 11 kB URL HTTP/2 cyber.bet/land/casino_spin_football_regform/img/new_spins/wheel_btn_again_NO_pressed.png
IP 172.66.43.156:0
File type PNG image data, 171 x 171, 8-bit colormap, non-interlaced\012- data
Hash a80c8101756664caf6ba02e5b746f0e8
d883d76428c3d0af76abdccf7bc4221fa387adcb
874d475bfae7900fe778897e8b541dc89fe0dc3a466ff109595dd36902cb8891
GET /land/casino_spin_football_regform/img/new_spins/wheel_btn_again_NO_pressed.png HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_spin_football_regform/css/style.css?v=17
Cookie: _uc_referrer=direct; _uc_utm_source=affise; _uc_utm_medium=revshare; _uc_utm_campaign=53_betting; _uc_utm_term=; _uc_utm_content=; _ga_8FYNJV02NV=GS1.1.1675266797.1.0.1675266798.59.0.0; _ga=GA1.2.1047787705.1675266798; _gid=GA1.2.1838844547.1675266798; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 15:52:56 GMT
content-type: image/png
content-length: 10844
last-modified: Fri, 18 Nov 2022 15:54:28 GMT
etag: "6377aab4-2a5c"
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1352
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lX98p4BrghUwO7pBgTTMD0%2FpHhEF9yQdCb6%2By1x2Vspd4gADkaV9Hees5W%2FcN7hqzA76qENJHhX8t%2FwrMS%2FBYssbuexmI8vfs1suY1sJKUCr4DKAgbSm91bA8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792bdb689aadb515-OSL
X-Firefox-Spdy: h2
cyber.bet/land/casino_spin_football_regform/img/new_spins/wheel_btn_NO_pressed.png
172.66.43.156200 OK 10 kB URL HTTP/2 cyber.bet/land/casino_spin_football_regform/img/new_spins/wheel_btn_NO_pressed.png
IP 172.66.43.156:0
File type PNG image data, 171 x 171, 8-bit colormap, non-interlaced\012- data
Hash f3a0e4f91c3aabe726be4506cc358625
1ff6840595167526b23bd2720411a40b8281714a
4a7f77943024093e75c40b895b598b78a59b6d38cb6df6d0caf36f71cace9d6b
GET /land/casino_spin_football_regform/img/new_spins/wheel_btn_NO_pressed.png HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_spin_football_regform/css/style.css?v=17
Cookie: _uc_referrer=direct; _uc_utm_source=affise; _uc_utm_medium=revshare; _uc_utm_campaign=53_betting; _uc_utm_term=; _uc_utm_content=; _ga_8FYNJV02NV=GS1.1.1675266797.1.0.1675266798.59.0.0; _ga=GA1.2.1047787705.1675266798; _gid=GA1.2.1838844547.1675266798; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 15:52:56 GMT
content-type: image/png
content-length: 10457
last-modified: Fri, 18 Nov 2022 15:54:28 GMT
etag: "6377aab4-28d9"
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1352
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eD0XgyJ658Y7ns2%2Fiq6zzRYrr3%2BT%2B3MYCwqWA44SmRAmbOC4MUiNEad4JcirBq6gF7zJf1aFA7uwcW0yxcACh6iWDaaONTG6LGQVIJqQfUbIJiYt8v0YMPr86w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792bdb689aa7b515-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a327176edf538c07784f9b0da660c22d
4a56cfcac291dfe1cc177bd3eff976f106731834
aae92a95f747be0bca6982ed7e3e58af8ac74ff69c799b55046ab38474e149dd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 15:52:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash df4a6d84addba49571d9f6ae44c61a3f
28c8093de27e27645cf6dfd5ae93a62fc77b9be5
cb6623b08b6245ea11bb871729613e453046d427d738a8c6431c5da8347e6e05
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 15:52:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
backend.cyberbet.academy/api/affise/land_promocode?promocode=CYBERMAX300
34.254.83.154200 OK 728 B URL HTTP/2 backend.cyberbet.academy/api/affise/land_promocode?promocode=CYBERMAX300
IP 34.254.83.154:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (724), with no line terminators
Hash 4bfd4b30ef9033553e00792bd3938e29
dc712b27d1b73701adcda989f9da1c23128bba31
6956ba998ac2794a1286eaf1fbc2283e127c4044f76ac0aa28c8974aae8635d1
GET /api/affise/land_promocode?promocode=CYBERMAX300 HTTP/1.1
Host: backend.cyberbet.academy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cyber.bet/
Origin: https://cyber.bet
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 15:52:56 GMT
content-type: application/json; charset=utf-8
content-length: 728
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-headers: origin, content-type, accept
etag: W/"2d8-3HErJ9G3NwGtzamJ+docIxKLujE"
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 456d05ee4610b34f04dae8f5cd842af3
b58fa567712bd67a24b4c12b751751868dcf6953
238a61ad047b01299983d80f3030a107caf0c7e62207c685e1630bc1305cd89d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4140
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 15:52:56 GMT
Last-Modified: Wed, 01 Feb 2023 14:43:56 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-113371679-5&cid=1047787705.1675266798&jid=117321977&_u=YCDACEABBAAAACAFK~&z=22710791
142.250.74.132200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-113371679-5&cid=1047787705.1675266798&jid=117321977&_u=YCDACEABBAAAACAFK~&z=22710791
IP 142.250.74.132:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-113371679-5&cid=1047787705.1675266798&jid=117321977&_u=YCDACEABBAAAACAFK~&z=22710791 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 01 Feb 2023 15:52:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-113371679-3&cid=1047787705.1675266798&jid=84744038&_u=YCDACEAABAAAACABI~&z=2029726490
142.250.74.132200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-113371679-3&cid=1047787705.1675266798&jid=84744038&_u=YCDACEAABAAAACABI~&z=2029726490
IP 142.250.74.132:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-113371679-3&cid=1047787705.1675266798&jid=84744038&_u=YCDACEAABAAAACABI~&z=2029726490 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 01 Feb 2023 15:52:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d06fd066caf4dfa1e21a722a5c468158
acb765577662906ae8e11242bed487ce1051db28
4b45760de269e60345d43ff2da6c5803722f7c052edd0a9f5258ce69b2ffa32f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 15:52:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdnstatic.cyber.bet/css/iti/intlTelInput.css
54.230.111.100200 OK 81 kB URL HTTP/2 cdnstatic.cyber.bet/css/iti/intlTelInput.css
IP 54.230.111.100:0
Hash 7850cccb7dfb2f5dcef78ada92fe57aa
db16d33f4aed7bded356e9a8ab96458734c9ea59
d0378c9bf63779303b15658a61641e7466da51484e67ac956cff48441ad432e5
GET /css/iti/intlTelInput.css HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1675266797.1.0.1675266798.59.0.0; _ga=GA1.2.1047787705.1675266798; _gid=GA1.2.1838844547.1675266798; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Tue, 24 Jan 2023 12:10:32 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Wed, 01 Feb 2023 15:52:56 GMT
etag: W/"a69aa970266649e0b08c2cb4bc166568"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: h3x26vYzaO0A6SL8OvtdXLsifO-HclhWOFP2gAKGjan4zogSopBCTQ==
age: 10
X-Firefox-Spdy: h2
my.rtmark.net/img.gif?f=sync&partner=ba0d5680aec92ed9c5c9da2be8d0e8a3a577866b71c7089a32ed732bc1246910&ttl=&rurl=https%3A%2F%2Fcyber.bet%2Fland%2Fcasino_spin_football_regform%2F%3Fcid%3D63da8ad7902fa000015bc932%26pid%3D8425%26subid1%3D%26affs%3D1%26sid%3Daffs%26utm_medium%3Drevshare%26utm_source%3Daffise%26utm_campaign%3D53_betting%26promocode%3DCYBERMAX300%26subid2%3D%26subid3%3D%26aff_bnnr%3D%26aff_land%3D1669392156%26slice%3D
139.45.195.8200 OK 43 B URL HTTP/2 my.rtmark.net/img.gif?f=sync&partner=ba0d5680aec92ed9c5c9da2be8d0e8a3a577866b71c7089a32ed732bc1246910&ttl=&rurl=https%3A%2F%2Fcyber.bet%2Fland%2Fcasino_spin_football_regform%2F%3Fcid%3D63da8ad7902fa000015bc932%26pid%3D8425%26subid1%3D%26affs%3D1%26sid%3Daffs%26utm_medium%3Drevshare%26utm_source%3Daffise%26utm_campaign%3D53_betting%26promocode%3DCYBERMAX300%26subid2%3D%26subid3%3D%26aff_bnnr%3D%26aff_land%3D1669392156%26slice%3D
IP 139.45.195.8:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /img.gif?f=sync&partner=ba0d5680aec92ed9c5c9da2be8d0e8a3a577866b71c7089a32ed732bc1246910&ttl=&rurl=https%3A%2F%2Fcyber.bet%2Fland%2Fcasino_spin_football_regform%2F%3Fcid%3D63da8ad7902fa000015bc932%26pid%3D8425%26subid1%3D%26affs%3D1%26sid%3Daffs%26utm_medium%3Drevshare%26utm_source%3Daffise%26utm_campaign%3D53_betting%26promocode%3DCYBERMAX300%26subid2%3D%26subid3%3D%26aff_bnnr%3D%26aff_land%3D1669392156%26slice%3D HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 15:52:56 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=3ad1241eeabc4253be6513e5272ca03b; expires=Thu, 01 Feb 2024 15:52:56 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
pool.admedo.com/pixel?id=148776&t=js
35.210.53.219302 Found 0 B URL HTTP/2 pool.admedo.com/pixel?id=148776&t=js
IP 35.210.53.219:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel?id=148776&t=js HTTP/1.1
Host: pool.admedo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Wed, 01 Feb 2023 15:52:56 GMT
location: https://pool.admedo.com/ul_cb/pixel?id=148776&t=js
set-cookie: tuuid=3b20bafd-f64d-4aed-91a1-42226591b03a; path=/; expires=Thu, 01-Feb-2024 15:52:56 GMT
c=1675266776; path=/; expires=Thu, 01-Feb-2024 15:52:56 GMT
tuuid_lu=1675266776; path=/; expires=Thu, 01-Feb-2024 15:52:56 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
region1.analytics.google.com/g/collect?v=2&tid=G-8FYNJV02NV>m=2oe1u0&_p=1671071069&_gaz=1&cid=1047787705.1675266798&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675266797&sct=1&seg=0&dl=https%3A%2F%2Fcyber.bet%2Fland%2Fcasino_spin_football_regform%2F%3Fcid%3D63da8ad7902fa000015bc932%26pid%3D8425%26subid1%3D%26affs%3D1%26sid%3Daffs%26utm_medium%3Drevshare%26utm_source%3Daffise%26utm_campaign%3D53_betting%26promocode%3DCYBERMAX300%26subid2%3D%26subid3%3D%26aff_bnnr%3D%26aff_land%3D1669392156%26slice%3D&dt=Cyber.bet%20Wheel%20of%20Fortune&en=page_view&_fv=2&_nsi=1&_ss=2&up.ip=&up.anon_id=&up.score_bot=
216.239.32.36204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-8FYNJV02NV>m=2oe1u0&_p=1671071069&_gaz=1&cid=1047787705.1675266798&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675266797&sct=1&seg=0&dl=https%3A%2F%2Fcyber.bet%2Fland%2Fcasino_spin_football_regform%2F%3Fcid%3D63da8ad7902fa000015bc932%26pid%3D8425%26subid1%3D%26affs%3D1%26sid%3Daffs%26utm_medium%3Drevshare%26utm_source%3Daffise%26utm_campaign%3D53_betting%26promocode%3DCYBERMAX300%26subid2%3D%26subid3%3D%26aff_bnnr%3D%26aff_land%3D1669392156%26slice%3D&dt=Cyber.bet%20Wheel%20of%20Fortune&en=page_view&_fv=2&_nsi=1&_ss=2&up.ip=&up.anon_id=&up.score_bot=
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-8FYNJV02NV>m=2oe1u0&_p=1671071069&_gaz=1&cid=1047787705.1675266798&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675266797&sct=1&seg=0&dl=https%3A%2F%2Fcyber.bet%2Fland%2Fcasino_spin_football_regform%2F%3Fcid%3D63da8ad7902fa000015bc932%26pid%3D8425%26subid1%3D%26affs%3D1%26sid%3Daffs%26utm_medium%3Drevshare%26utm_source%3Daffise%26utm_campaign%3D53_betting%26promocode%3DCYBERMAX300%26subid2%3D%26subid3%3D%26aff_bnnr%3D%26aff_land%3D1669392156%26slice%3D&dt=Cyber.bet%20Wheel%20of%20Fortune&en=page_view&_fv=2&_nsi=1&_ss=2&up.ip=&up.anon_id=&up.score_bot= HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cyber.bet
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://cyber.bet
date: Wed, 01 Feb 2023 15:52:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
backend.cyberbet.academy/api/land_regs/session
34.254.83.154200 OK 2 B URL HTTP/2 backend.cyberbet.academy/api/land_regs/session
IP 34.254.83.154:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /api/land_regs/session HTTP/1.1
Host: backend.cyberbet.academy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://cyber.bet/
Origin: https://cyber.bet
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 15:52:56 GMT
content-type: text/html; charset=utf-8
content-length: 2
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-headers: origin, content-type, accept
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
cdnstatic.cyber.bet/js/libs/iso3to2.js
54.230.111.100200 OK 1.4 kB URL HTTP/2 cdnstatic.cyber.bet/js/libs/iso3to2.js
IP 54.230.111.100:0
Hash 038ce890688457b01f4c89846dc394e7
3209e029b521fd45f061f16b54b1f25ca1edc1e6
127925a8225f311421ce8eb4618525e33d9c16a3246325f496a69d5de396e687
GET /js/libs/iso3to2.js HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1675266797.1.0.1675266798.59.0.0; _ga=GA1.2.1047787705.1675266798; _gid=GA1.2.1838844547.1675266798; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 24 Jan 2023 12:10:35 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Wed, 01 Feb 2023 15:52:56 GMT
etag: W/"db031116c7888248916813c60a4cce2b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: MbD6nZCrchthe_BuKMPBG17q_A-qbMtqaLMjGkIA1z0hvhOy_7OP7A==
age: 2
X-Firefox-Spdy: h2
cdnstatic.cyber.bet/css/img/flags.png
54.230.111.100200 OK 71 kB URL HTTP/2 cdnstatic.cyber.bet/css/img/flags.png
IP 54.230.111.100:0
File type PNG image data, 5652 x 15, 8-bit/color RGBA, non-interlaced\012- data
Hash 416250f60d785a2e02f17e054d2e4e44
21572c9751e5a3dc20395befa0fcb349c32c4811
0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55
GET /css/img/flags.png HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdnstatic.cyber.bet/css/iti/intlTelInput.css
Cookie: _ga_8FYNJV02NV=GS1.1.1675266797.1.0.1675266798.59.0.0; _ga=GA1.1.1047787705.1675266798; _gid=GA1.2.1838844547.1675266798; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1; _ga_ZK6ZSCE3G7=GS1.1.1675266798.1.0.1675266798.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 70857
last-modified: Tue, 24 Jan 2023 12:10:32 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Wed, 01 Feb 2023 15:52:57 GMT
etag: "416250f60d785a2e02f17e054d2e4e44"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: fWwXLfITsJD4sPUolRvWNW2xyy1HADil8fLw-mvD_K4_yA0at93FZg==
X-Firefox-Spdy: h2
pool.admedo.com/ul_cb/pixel?id=148776&t=js
35.210.53.219200 OK 0 B URL HTTP/2 pool.admedo.com/ul_cb/pixel?id=148776&t=js
IP 35.210.53.219:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ul_cb/pixel?id=148776&t=js HTTP/1.1
Host: pool.admedo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cyber.bet/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-length: 0
content-type: text/javascript; charset=UTF-8
date: Wed, 01 Feb 2023 15:52:56 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4bb3a6fba496d54cdbbccaf2b9600386
8e30002699e9fbf2047f9ac11a36d2175fc9c591
927bf3a04b011b4e3bc8d8772a3d5813507f7f523312d43627767b64615562f3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 15857
x-amzn-requestid: cfe36b9d-34f6-4f3f-896e-e70ec45c4a04
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmJ2JGGWoAMFSLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8bcf3-0dd68dd778b9aba268a129b0;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:02:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: pU_436f27nMZKPxZZWqZekERHFTvcG5NT5p_CYEXHRPtIWjDtSA-uA==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 07:27:41 GMT
age: 30320
etag: "8e30002699e9fbf2047f9ac11a36d2175fc9c591"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
away.firstblackphase.com/scripts/take.js?vr=1.8.2
194.135.30.40200 OK 0 B URL HTTP/2 away.firstblackphase.com/scripts/take.js?vr=1.8.2
IP 194.135.30.40:0
ASN #2856 British Telecommunications PLC
GET /scripts/take.js?vr=1.8.2 HTTP/1.1
Host: away.firstblackphase.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://getclout-co.intuitve.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 15:52:53 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 31 Jan 2023 11:04:27 GMT
vary: Accept-Encoding
etag: W/"63d8f5bb-138b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15768000;
content-encoding: gzip
X-Firefox-Spdy: h2
cdnstatic.cyber.bet/js/currencyMapping.js
54.230.111.100200 OK 0 B URL HTTP/2 cdnstatic.cyber.bet/js/currencyMapping.js
IP 54.230.111.100:0
GET /js/currencyMapping.js HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1675266797.1.0.1675266798.59.0.0; _ga=GA1.2.1047787705.1675266798; _gid=GA1.2.1838844547.1675266798; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 24 Jan 2023 12:10:35 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Wed, 01 Feb 2023 15:52:03 GMT
etag: W/"2a3d85d14eaeaac04949a29f3c94c548"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: TR0AtPea_0hpee-uWPXaoY0u8nRmfzJ2Kta5sLVrhGTQL0IVn1yzDQ==
age: 54
X-Firefox-Spdy: h2
cdnstatic.cyber.bet/js/libs/phone/intlTelInput.js
54.230.111.100200 OK 0 B URL HTTP/2 cdnstatic.cyber.bet/js/libs/phone/intlTelInput.js
IP 54.230.111.100:0
GET /js/libs/phone/intlTelInput.js HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1675266797.1.0.1675266798.59.0.0; _ga=GA1.2.1047787705.1675266798; _gid=GA1.2.1838844547.1675266798; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 24 Jan 2023 12:10:35 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Wed, 01 Feb 2023 15:52:56 GMT
etag: W/"c73ba86bd67306c5889e9aac41e959e0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: BWTbFuLF6YZDk42VXmH9IBUQZPYj5AiQI91VAPyOpQKKI3RMqJ98sg==
age: 2
X-Firefox-Spdy: h2
cyber.bet/land/casino_spin_football_regform/?cid=63da8ad7902fa000015bc932&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_betting&promocode=CYBERMAX300&subid2=&subid3=&aff_bnnr=&aff_land=1669392156&slice=
172.66.43.156200 OK 0 B URL HTTP/2 cyber.bet/land/casino_spin_football_regform/?cid=63da8ad7902fa000015bc932&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_betting&promocode=CYBERMAX300&subid2=&subid3=&aff_bnnr=&aff_land=1669392156&slice=
IP 172.66.43.156:0
GET /land/casino_spin_football_regform/?cid=63da8ad7902fa000015bc932&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_betting&promocode=CYBERMAX300&subid2=&subid3=&aff_bnnr=&aff_land=1669392156&slice= HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 15:52:55 GMT
content-type: text/html
last-modified: Sat, 26 Nov 2022 17:27:56 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HglkZbsWHx8fw0cabmLijHoF1PcCE%2FUWVBjFnCC6ah6kl1ZmId5Lhj%2BILYjCCSHKA%2Fg69rM7RmtdMCH2Rimksd5MmN5wf2344H%2Fbj2Rk1kxG%2Bs%2Bb5RacxqyMOg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792bdb617914b515-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdnstatic.cyber.bet/js/libs/phone/utils.js
54.230.111.100200 OK 0 B URL HTTP/2 cdnstatic.cyber.bet/js/libs/phone/utils.js
IP 54.230.111.100:0
GET /js/libs/phone/utils.js HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1675266797.1.0.1675266798.59.0.0; _ga=GA1.2.1047787705.1675266798; _gid=GA1.2.1838844547.1675266798; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 24 Jan 2023 12:10:35 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Wed, 01 Feb 2023 15:52:56 GMT
etag: W/"8f3a2154b225b6257161c4dfc9b89c9c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: N1m9K88l3Yo8rGCqr59vwUZjeC69ArSr2mOc14oK1repMihj9hCmlg==
age: 2
X-Firefox-Spdy: h2
cyber.bet/land/casino_spin_football_regform/img/new_spins/promo_icon.svg
172.66.43.156200 OK 0 B URL HTTP/2 cyber.bet/land/casino_spin_football_regform/img/new_spins/promo_icon.svg
IP 172.66.43.156:0
GET /land/casino_spin_football_regform/img/new_spins/promo_icon.svg HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_spin_football_regform/css/style.css?v=17
Cookie: _uc_referrer=direct; _uc_utm_source=affise; _uc_utm_medium=revshare; _uc_utm_campaign=53_betting; _uc_utm_term=; _uc_utm_content=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 15:52:55 GMT
content-type: image/svg+xml
last-modified: Fri, 18 Nov 2022 15:54:28 GMT
etag: W/"6377aab4-606"
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2183
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y2X5NfglmC9J%2BXeVdZZCMr%2FyykTF37y1sayXHzwzjkfuVceAeeV1XOu7kQfcPNSByyCG5q6KRx2fzTLEIeNN7i4LpTHxmCvWtGTlwbyqMAuC%2Bisqr2Vc9IqUPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792bdb650dceb515-OSL
content-encoding: br
X-Firefox-Spdy: h2
arctic-farmer.com/b/3/V.0YPo3bpgvbb/mvV/JsZmDz0o0-NOTccyyRMrjDA/w/LLTTQX1eNezvIDy/MxDwER
188.72.219.35200 OK 0 B URL HTTP/2 arctic-farmer.com/b/3/V.0YPo3bpgvbb/mvV/JsZmDz0o0-NOTccyyRMrjDA/w/LLTTQX1eNezvIDy/MxDwER
IP 188.72.219.35:0