youngmedias.biz/?p=mfrdoojrgq5gi3bpgmztamrv
185.177.93.164301 Moved Permanently 162 B URL HTTP/1.1 youngmedias.biz/?p=mfrdoojrgq5gi3bpgmztamrv
IP 185.177.93.164:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert quad9 Sinkholed
GET /?p=mfrdoojrgq5gi3bpgmztamrv HTTP/1.1
Host: youngmedias.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 13 Sep 2022 14:17:01 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://youngmedias.biz/?p=mfrdoojrgq5gi3bpgmztamrv
firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 13 Sep 2022 14:08:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: XDAgogpJJHiFLBoHtEw45-i23v62hU8O26ENpYgIHVs-VJSkksvI6g==
Age: 495
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash be88d3e043e3b95b52e41812e50fb634
0318ba1ce487817ea7cba61dd9413bed29213800
b5f178d23e633283f226cca7a9ae79b01e6cab2299ff7065c980d3a9953212fd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5F178D23E633283F226CCA7A9AE79B01E6CAB2299FF7065C980D3A9953212FD"
Last-Modified: Tue, 13 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9768
Expires: Tue, 13 Sep 2022 16:59:49 GMT
Date: Tue, 13 Sep 2022 14:17:01 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.25200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.25:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 13 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 1Ee9E7YKZI7Kz2FsQD98c-YWI1EsVVXVtbamOoNUwoqPAD3LMxoaqg==
age: 34907
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 14:17:01 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 72d944e54fdc68a914e45f067c237e80
026cefaa011fd9e3f3200ce76176df058c139607
103bba334e4786f61fb859052611f60e605a5ab222f274fa2107b3190d035b5e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "103BBA334E4786F61FB859052611F60E605A5AB222F274FA2107B3190D035B5E"
Last-Modified: Sun, 11 Sep 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2591
Expires: Tue, 13 Sep 2022 15:00:13 GMT
Date: Tue, 13 Sep 2022 14:17:02 GMT
Connection: keep-alive
youngmedias.biz/w5e16f81f.js
185.177.93.164200 OK 62 B URL HTTP/2 youngmedias.biz/w5e16f81f.js
IP 185.177.93.164:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 68c9e9713c574bfb98121a1b82ceee0c
52669825af5fe9ffe5d0e02f7100173208ba5dd5
c7435d314c116f6749e0200fd5dd8f1ce49f50c829855598288a357ef04af5ec
Analyzer Verdict Alert quad9 Sinkholed
GET /w5e16f81f.js HTTP/1.1
Host: youngmedias.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: uuid=04c17c2e-3bd0-40a0-8d74-534188e62ed1
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 14:17:02 GMT
content-type: application/javascript; charset=utf-8
content-length: 62
last-modified: Tue, 10 May 2022 13:25:57 GMT
etag: "627a67e5-3e"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
youngmedias.biz/favicon.ico
185.177.93.164204 No Content 0 B URL HTTP/2 youngmedias.biz/favicon.ico
IP 185.177.93.164:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: youngmedias.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://youngmedias.biz/?p=mfrdoojrgq5gi3bpgmztamrv
Cookie: uuid=04c17c2e-3bd0-40a0-8d74-534188e62ed1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Tue, 13 Sep 2022 14:17:02 GMT
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 08fca2f7240396f0ae94551cb5cf8117
0ca0609c606376fa54404ec9d623a572042cade0
608395a6c39523f487e1f18e86ad9dbaebf06595e85fcb191e408d5cbcce6c9f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "608395A6C39523F487E1F18E86AD9DBAEBF06595E85FCB191E408D5CBCCE6C9F"
Last-Modified: Sat, 10 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5851
Expires: Tue, 13 Sep 2022 15:54:33 GMT
Date: Tue, 13 Sep 2022 14:17:02 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 13 Sep 2022 14:03:22 GMT
Cache-Control: max-age=3600
Expires: Tue, 13 Sep 2022 14:06:46 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: dCbg2Z_Mj9_nYLKeDfB3BI1tCEvHGFndc9eFy--j6UNHUAZvvazowA==
Age: 820
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e96dbe1b54932c8f447bbbfc9d31cfb0
b15d4a54fbdf95b0af8bd34b6f8ef03055eef0cd
427326963ac1ef6ddeeaf52ab07807c694b82effa6111671ada8270b1faecdae
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1795
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 14:17:02 GMT
Last-Modified: Tue, 13 Sep 2022 13:47:07 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 9f9915edf8ece6a3402d66104bdeef70
60f9a20343982e9a184e0006ce4d90fc9d4a1f23
6d434f1044b1c0e88bd748e9101d9a00895febfc28a3a55349ccb0eaedba8d44
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6D434F1044B1C0E88BD748E9101D9A00895FEBFC28A3A55349CCB0EAEDBA8D44"
Last-Modified: Tue, 13 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15974
Expires: Tue, 13 Sep 2022 18:43:16 GMT
Date: Tue, 13 Sep 2022 14:17:02 GMT
Connection: keep-alive
0.youngmedias.biz/w5e16f81f.js
185.177.93.164200 OK 62 B URL HTTP/2 0.youngmedias.biz/w5e16f81f.js
IP 185.177.93.164:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 68c9e9713c574bfb98121a1b82ceee0c
52669825af5fe9ffe5d0e02f7100173208ba5dd5
c7435d314c116f6749e0200fd5dd8f1ce49f50c829855598288a357ef04af5ec
Analyzer Verdict Alert quad9 Sinkholed
GET /w5e16f81f.js HTTP/1.1
Host: 0.youngmedias.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: uuid=04c17c2e-3bd0-40a0-8d74-534188e62ed1; uuid=04c17c2e-3bd0-40a0-8d74-534188e62ed1
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 14:17:02 GMT
content-type: application/javascript; charset=utf-8
content-length: 62
last-modified: Tue, 10 May 2022 13:25:57 GMT
etag: "627a67e5-3e"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.43.253.52101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.43.253.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: sArVlWAaFGhnruBSuEBj0w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: iNtjoinNmXO4WIiHVpIhdNVC8Ig=
1.youngmedias.biz/w5e16f81f.js
185.177.93.164200 OK 62 B URL HTTP/2 1.youngmedias.biz/w5e16f81f.js
IP 185.177.93.164:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 68c9e9713c574bfb98121a1b82ceee0c
52669825af5fe9ffe5d0e02f7100173208ba5dd5
c7435d314c116f6749e0200fd5dd8f1ce49f50c829855598288a357ef04af5ec
Analyzer Verdict Alert quad9 Sinkholed
GET /w5e16f81f.js HTTP/1.1
Host: 1.youngmedias.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: uuid=04c17c2e-3bd0-40a0-8d74-534188e62ed1; uuid=04c17c2e-3bd0-40a0-8d74-534188e62ed1
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 14:17:03 GMT
content-type: application/javascript; charset=utf-8
content-length: 62
last-modified: Tue, 10 May 2022 13:25:57 GMT
etag: "627a67e5-3e"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
2.youngmedias.biz/w5e16f81f.js
185.177.93.164200 OK 62 B URL HTTP/2 2.youngmedias.biz/w5e16f81f.js
IP 185.177.93.164:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 68c9e9713c574bfb98121a1b82ceee0c
52669825af5fe9ffe5d0e02f7100173208ba5dd5
c7435d314c116f6749e0200fd5dd8f1ce49f50c829855598288a357ef04af5ec
Analyzer Verdict Alert quad9 Sinkholed
GET /w5e16f81f.js HTTP/1.1
Host: 2.youngmedias.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: uuid=04c17c2e-3bd0-40a0-8d74-534188e62ed1; uuid=04c17c2e-3bd0-40a0-8d74-534188e62ed1
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 14:17:03 GMT
content-type: application/javascript; charset=utf-8
content-length: 62
last-modified: Tue, 10 May 2022 13:25:57 GMT
etag: "627a67e5-3e"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
2.youngmedias.biz/favicon.ico
185.177.93.164204 No Content 0 B URL HTTP/2 2.youngmedias.biz/favicon.ico
IP 185.177.93.164:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: 2.youngmedias.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.youngmedias.biz/?p=mfrdoojrgq5gi3bpgmztamrv
Cookie: uuid=04c17c2e-3bd0-40a0-8d74-534188e62ed1; uuid=04c17c2e-3bd0-40a0-8d74-534188e62ed1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Tue, 13 Sep 2022 14:17:03 GMT
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
3.youngmedias.biz/w5e16f81f.js
185.177.93.164200 OK 62 B URL HTTP/2 3.youngmedias.biz/w5e16f81f.js
IP 185.177.93.164:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 68c9e9713c574bfb98121a1b82ceee0c
52669825af5fe9ffe5d0e02f7100173208ba5dd5
c7435d314c116f6749e0200fd5dd8f1ce49f50c829855598288a357ef04af5ec
Analyzer Verdict Alert quad9 Sinkholed
GET /w5e16f81f.js HTTP/1.1
Host: 3.youngmedias.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: uuid=04c17c2e-3bd0-40a0-8d74-534188e62ed1; uuid=04c17c2e-3bd0-40a0-8d74-534188e62ed1
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 14:17:03 GMT
content-type: application/javascript; charset=utf-8
content-length: 62
last-modified: Tue, 10 May 2022 13:25:57 GMT
etag: "627a67e5-3e"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
4.youngmedias.biz/?p=mfrdoojrgq5gi3bpgmztamrv
185.177.93.164200 OK 18 kB URL HTTP/2 4.youngmedias.biz/?p=mfrdoojrgq5gi3bpgmztamrv
IP 185.177.93.164:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (7505)
Hash 45d22ec1d9484e2f46694fd6556cab24
bc1083e8d74deebc8f6ca0c7665c1f523629a9eb
791040fbd06947288aa424d86b9396f8f48691ab6330a2379367444aeba35304
Analyzer Verdict Alert quad9 Sinkholed
GET /?p=mfrdoojrgq5gi3bpgmztamrv HTTP/1.1
Host: 4.youngmedias.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.youngmedias.biz/
Cookie: uuid=04c17c2e-3bd0-40a0-8d74-534188e62ed1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 14:17:03 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
set-cookie: uuid=04c17c2e-3bd0-40a0-8d74-534188e62ed1; expires=Thu, 13-Oct-2022 14:17:03 GMT; Max-Age=2592000; path=/; domain=4.youngmedias.biz
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
gobacktothefuture.biz/sw/w1s.js
62.210.6.153200 OK 1.5 kB URL HTTP/2 gobacktothefuture.biz/sw/w1s.js
IP 62.210.6.153:0
Hash 2c352ad771973782879ce65de49bcd02
df4af9c5d68aaaf5f2ab16bea507a467c398d7df
0981c272dfa6837b34a2831b86dbbf124908aa7ea53ca6ae949161d7675a4dad
GET /sw/w1s.js HTTP/1.1
Host: gobacktothefuture.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.youngmedias.biz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 14:17:03 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
expires: Wed, 13 Sep 2023 14:17:03 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
6.youngmedias.biz/?p=mfrdoojrgq5gi3bpgmztamrv
185.177.93.164200 OK 18 kB URL HTTP/2 6.youngmedias.biz/?p=mfrdoojrgq5gi3bpgmztamrv
IP 185.177.93.164:0
ASN #39572 DataWeb Global Group B.V.
Hash e8d322ec12ae30e8e30e643bd5ce1384
c141fda08d85e4389793c1748a6ca37bf9b33e5c
7fd3d7495147031922d2cb581ce4afbc5d3cb5b6735d7e15ba7aafdcb7946b44
Analyzer Verdict Alert quad9 Sinkholed
GET /?p=mfrdoojrgq5gi3bpgmztamrv HTTP/1.1
Host: 6.youngmedias.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.youngmedias.biz/
Cookie: uuid=04c17c2e-3bd0-40a0-8d74-534188e62ed1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 14:17:04 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
set-cookie: uuid=04c17c2e-3bd0-40a0-8d74-534188e62ed1; expires=Thu, 13-Oct-2022 14:17:04 GMT; Max-Age=2592000; path=/; domain=6.youngmedias.biz
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11659
Expires: Tue, 13 Sep 2022 17:31:23 GMT
Date: Tue, 13 Sep 2022 14:17:04 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11659
Expires: Tue, 13 Sep 2022 17:31:23 GMT
Date: Tue, 13 Sep 2022 14:17:04 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11659
Expires: Tue, 13 Sep 2022 17:31:23 GMT
Date: Tue, 13 Sep 2022 14:17:04 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11659
Expires: Tue, 13 Sep 2022 17:31:23 GMT
Date: Tue, 13 Sep 2022 14:17:04 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb9bab12-4fd5-4be7-b453-25dfb0d4c606.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb9bab12-4fd5-4be7-b453-25dfb0d4c606.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6c824a7db30839607b01c7a164f6f6ec
bbab791971056750a46dd6ed9c5d7c8e12ab457e
872262a28a383a9eafd1f453014a3edfde4872160b772874271be6358a47449f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb9bab12-4fd5-4be7-b453-25dfb0d4c606.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9606
x-amzn-requestid: bf72ce8c-1272-42df-8958-d392210106c5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YIR7NFh2oAMFXIQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631996ad-4646091a428db21e2dce1a61;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 07:15:58 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 4skZVE5BinFMAJV196j5-qtDez6m26DtU8NZvU6K2VuhFnC7E1zXWw==
via: 1.1 0bb842bd5868b86440983b936bb0adee.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:56:19 GMT
age: 58845
etag: "bbab791971056750a46dd6ed9c5d7c8e12ab457e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f033f00-b116-4419-9d21-3aed9c73ea2e.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f033f00-b116-4419-9d21-3aed9c73ea2e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9d97e56f75165efcc71ae54952ded405
28d47359e70789115b2954b6c94711bb783b3c8c
564eac2ae99724e5f43aa1ae0afe4dec03697f888f51774e70e1b9c273c2d9d6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f033f00-b116-4419-9d21-3aed9c73ea2e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8764
x-amzn-requestid: 48f44e2c-3d91-46cf-8701-3c5028e0a86d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YE-gLG4_oAMFn-A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63184467-46abfc77601bd90f39a2c840;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 07:12:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tE5GZDktiELwfFRC_IEAqoat6cN7vb_TA17d-zRO6saTLEGRqB94Pw==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 22:01:47 GMT
age: 58517
etag: "28d47359e70789115b2954b6c94711bb783b3c8c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6174529fff57758e958da5432344962f
05ec2076b32398d60ee77fab8c14345bc7dfe647
65284a76355864efa944dff5033575013c6d74a019a7b731e0236603f2f656a7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9466
x-amzn-requestid: ba3f7eac-61c9-4b5f-ae8a-b372906a25ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YOTeoHMKoAMFr5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bff90-1e70e2c444242a2d46387986;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 03:08:00 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: -SwaUjMInlOaGpH6yK1W1a57QCQMgY-l43RdUfKVtZA1zJzMrLzC6g==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 f7283f3fe2c258cf54f8b7d3dd272e0e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 04:49:30 GMT
age: 34054
etag: "05ec2076b32398d60ee77fab8c14345bc7dfe647"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4acf448-2a96-49a3-8257-7743a38525f5.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4acf448-2a96-49a3-8257-7743a38525f5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ae7d16fad4da4300a1953a916fb59688
488c58f73c81bb4d45e496c458fe3197a0884c26
4d4946932d53caad6e97bcc66527bd9cad658c0cf6f4215d01943b8a9e832959
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4acf448-2a96-49a3-8257-7743a38525f5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7720
x-amzn-requestid: 7670a969-cb9c-4583-8455-10f7512ee9c6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YT9YJG__oAMF4YA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e429a-674ef5a4727826ab0d60529e;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 20:18:34 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: OOCryyfLht-3ebVn-5aWtQI_JnVkWxMGggv07cUoomDlgb5ogru7vg==
via: 1.1 d16c3f15bd14953a9d4109eaaa991de2.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 22:01:55 GMT
age: 58509
etag: "488c58f73c81bb4d45e496c458fe3197a0884c26"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9a2dff5-4864-4430-8c54-6b68d2bbd35a.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9a2dff5-4864-4430-8c54-6b68d2bbd35a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 838f709437b2dfbede4ee15307afe217
2ab2ee20e720b78be6deb55f967ac0d8b7dad048
a3b47ce595b475f2aab6f7378888d15ba3e98453d6c8a3d88946efc5d65eedba
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9a2dff5-4864-4430-8c54-6b68d2bbd35a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10849
x-amzn-requestid: 722d8d75-0911-4b59-af65-2b408bc09d80
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YXbx6E9-oAMFT8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631fa672-74ea9343619d4a1865e34818;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 21:36:50 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 4rpwcrZLDlgcwBtH7wpoHMOb8hhFbKbZSQpjWqUqbt_Sl4ud3dm9Vg==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:42:18 GMT
age: 59686
etag: "2ab2ee20e720b78be6deb55f967ac0d8b7dad048"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2830e2cb-8887-441e-8c0c-906b8fbb2366.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2830e2cb-8887-441e-8c0c-906b8fbb2366.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c9ab2ec10c79b91d15edb1d1e3dc763c
744fee4a0baa22ba3aa352d60620a916972b47dd
f7bb66f5bb572d73f936fc74823f51ede1f2c4e309a939b39d9529ff8f757fbe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2830e2cb-8887-441e-8c0c-906b8fbb2366.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9945
x-amzn-requestid: a347749f-a63a-4533-a274-7151b9f235ff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YXcX8HAKoAMF5EQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631fa765-56cff18515b2a5b3397231df;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 21:40:53 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: lZ3FmD1gM8YBgZNt97kuYSol1kj0GQqRjyLT_7715VtH9GR1WpMDxA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:42:20 GMT
age: 59684
etag: "744fee4a0baa22ba3aa352d60620a916972b47dd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
6.youngmedias.biz/w5e16f81f.js
185.177.93.164200 OK 62 B URL HTTP/2 6.youngmedias.biz/w5e16f81f.js
IP 185.177.93.164:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 68c9e9713c574bfb98121a1b82ceee0c
52669825af5fe9ffe5d0e02f7100173208ba5dd5
c7435d314c116f6749e0200fd5dd8f1ce49f50c829855598288a357ef04af5ec
Analyzer Verdict Alert quad9 Sinkholed
GET /w5e16f81f.js HTTP/1.1
Host: 6.youngmedias.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: uuid=04c17c2e-3bd0-40a0-8d74-534188e62ed1; uuid=04c17c2e-3bd0-40a0-8d74-534188e62ed1
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 14:17:04 GMT
content-type: application/javascript; charset=utf-8
content-length: 62
last-modified: Tue, 10 May 2022 13:25:57 GMT
etag: "627a67e5-3e"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
6.youngmedias.biz/favicon.ico
185.177.93.164204 No Content 0 B URL HTTP/2 6.youngmedias.biz/favicon.ico
IP 185.177.93.164:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: 6.youngmedias.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.youngmedias.biz/?p=mfrdoojrgq5gi3bpgmztamrv
Cookie: uuid=04c17c2e-3bd0-40a0-8d74-534188e62ed1; uuid=04c17c2e-3bd0-40a0-8d74-534188e62ed1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Tue, 13 Sep 2022 14:17:04 GMT
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
7.youngmedias.biz/w5e16f81f.js
185.177.93.164200 OK 62 B URL HTTP/2 7.youngmedias.biz/w5e16f81f.js
IP 185.177.93.164:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 68c9e9713c574bfb98121a1b82ceee0c
52669825af5fe9ffe5d0e02f7100173208ba5dd5
c7435d314c116f6749e0200fd5dd8f1ce49f50c829855598288a357ef04af5ec
Analyzer Verdict Alert quad9 Sinkholed
GET /w5e16f81f.js HTTP/1.1
Host: 7.youngmedias.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: uuid=04c17c2e-3bd0-40a0-8d74-534188e62ed1; uuid=04c17c2e-3bd0-40a0-8d74-534188e62ed1
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 14:17:04 GMT
content-type: application/javascript; charset=utf-8
content-length: 62
last-modified: Tue, 10 May 2022 13:25:57 GMT
etag: "627a67e5-3e"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
gobacktothefuture.biz/sw/w1s.js
62.210.6.153200 OK 1.5 kB URL HTTP/2 gobacktothefuture.biz/sw/w1s.js
IP 62.210.6.153:0
Hash 2c352ad771973782879ce65de49bcd02
df4af9c5d68aaaf5f2ab16bea507a467c398d7df
0981c272dfa6837b34a2831b86dbbf124908aa7ea53ca6ae949161d7675a4dad
GET /sw/w1s.js HTTP/1.1
Host: gobacktothefuture.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.youngmedias.biz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 14:17:04 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
expires: Wed, 13 Sep 2023 14:17:04 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
gobacktothefuture.biz/sw/w1s.js
62.210.6.153200 OK 19 kB URL HTTP/2 gobacktothefuture.biz/sw/w1s.js
IP 62.210.6.153:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (7522)
Hash 23ca314c931100e8d1a474c089df415d
1d8342423a9e201388db17d85adc07d098a09991
3194fc2dcdddb0a33f3848fe6c619434958372f4b17a8644d0acaaf31145d304
GET /sw/w1s.js HTTP/1.1
Host: gobacktothefuture.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.youngmedias.biz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 14:17:04 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
expires: Wed, 13 Sep 2023 14:17:04 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
9.youngmedias.biz/w5e16f81f.js
185.177.93.164200 OK 62 B URL HTTP/2 9.youngmedias.biz/w5e16f81f.js
IP 185.177.93.164:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 68c9e9713c574bfb98121a1b82ceee0c
52669825af5fe9ffe5d0e02f7100173208ba5dd5
c7435d314c116f6749e0200fd5dd8f1ce49f50c829855598288a357ef04af5ec
Analyzer Verdict Alert quad9 Sinkholed
GET /w5e16f81f.js HTTP/1.1
Host: 9.youngmedias.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: uuid=04c17c2e-3bd0-40a0-8d74-534188e62ed1; uuid=04c17c2e-3bd0-40a0-8d74-534188e62ed1
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 14:17:04 GMT
content-type: application/javascript; charset=utf-8
content-length: 62
last-modified: Tue, 10 May 2022 13:25:57 GMT
etag: "627a67e5-3e"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsalphasha2g2
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.20.226:0
Hash d2fd711ea06a7e559a4def2396c723f7
dcf3fac1d7a1bbc5032cbd48620cc66d948d93c6
0595835b1a867e85c9738300fcdcd2bd325eacc2871b5d65644e0dbe14ae53c7
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 14:17:05 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Sat, 17 Sep 2022 13:56:40 GMT
ETag: "dcf3fac1d7a1bbc5032cbd48620cc66d948d93c6"
Last-Modified: Tue, 13 Sep 2022 13:56:41 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74a181209cfcb511-OSL
affiliates.support/?a=54716&c=178198
3.222.171.254302 Found 263 B URL HTTP/1.1 affiliates.support/?a=54716&c=178198
IP 3.222.171.254:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 1b44986a4bd8e1018807e48ae9f44f81
f98ae93836b633e978803be666c1d86c55039744
756ab67966c22a9cea40d5b246affeadabfb3e3f15cceb900cd4e1f58783bebc
GET /?a=54716&c=178198 HTTP/1.1
Host: affiliates.support
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.youngmedias.biz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: private
Content-Length: 263
Content-Type: text/html; charset=utf-8
Date: Tue, 13 Sep 2022 14:17:05 GMT
Location: https://uh2910ce55uh.jhqelrjewr.cc/?target=-7EBNQCgQAAAE9ATQD1AEABAEBEREKEQkKEQ0yEQ0SAAEfYmlhbW8BMQ&ap=-1&subpub=54716&subacc4=9680805
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: sid=io8+qx4LQZ4jos4aQhGDYDOugxHCzRE5K5WtiWtB+hAqFamRFKga7Q==; domain=.affiliates.support; path=/; HttpOnly
trk=i1hH634xduwjos4aQhGDYDOugxHCzRE5K5WtiWtB+hAqFamRFKga7Q==; domain=.affiliates.support; expires=Fri, 13-Sep-2024 14:17:05 GMT; path=/; HttpOnly
c7166=io8+qx4LQZ6FfPqBTmmuAut9GhOn0+bJeDYxBoG2etM=; domain=.affiliates.support; expires=Thu, 13-Oct-2022 14:17:05 GMT; path=/; HttpOnly
Connection: close
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 43ba4e4acf635121ce4832fefd1cbdf2
09da1cc728bb1a636c92cc1a0e9780bc985ba521
bd004d1e2b7f65cb39d8b7d85afc40e5b0673eafa81162d51e76a10cda8271a9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD004D1E2B7F65CB39D8B7D85AFC40E5B0673EAFA81162D51E76A10CDA8271A9"
Last-Modified: Mon, 12 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 13 Sep 2022 20:17:06 GMT
Date: Tue, 13 Sep 2022 14:17:06 GMT
Connection: keep-alive
gobacktothefuture.biz/sw/w1s.js
62.210.6.153200 OK 2.6 kB URL HTTP/2 gobacktothefuture.biz/sw/w1s.js
IP 62.210.6.153:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 49c3fb573531dbfd5ef1c8b947a1f5e8
3fdee4719588557c98d8464cb40a87c947c03b7d
cb6c60c79eeff7c79e614504cda789d44455459dfd4af65e3f8a8419bed5ac39
GET /sw/w1s.js HTTP/1.1
Host: gobacktothefuture.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.youngmedias.biz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 14:17:05 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
expires: Wed, 13 Sep 2023 14:17:05 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash b1e53b47f4742f6c31140364e7880979
1c78ba6c50b48a943150ef66555642e44fa0e2d6
0185ea9dedf460480b6c6b87b64b79ab658d3392473fda4b0c09d8875cfdf7ec
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0185EA9DEDF460480B6C6B87B64B79AB658D3392473FDA4B0C09D8875CFDF7EC"
Last-Modified: Tue, 13 Sep 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21573
Expires: Tue, 13 Sep 2022 20:16:39 GMT
Date: Tue, 13 Sep 2022 14:17:06 GMT
Connection: keep-alive
nuclearlegend.org/content/!common_files/js/fingerprint2.2.1.0.min.js
92.223.97.97200 OK 12 kB URL HTTP/2 nuclearlegend.org/content/!common_files/js/fingerprint2.2.1.0.min.js
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
Hash 980ae2ed74284e3a062ff4cde36da228
14c8c4fc81e3b6288b05775bc694e4ca8936cc82
ceaa5b64e9836b180c6d3147fd2e65af9033c9be952ab3d762d527f12a00dabd
GET /content/!common_files/js/fingerprint2.2.1.0.min.js HTTP/1.1
Host: nuclearlegend.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 14:17:06 GMT
content-type: application/javascript
last-modified: Thu, 16 Jan 2020 09:58:32 GMT
vary: Accept-Encoding
etag: W/"5e2033c8-73a6"
pragma: public
x-edge-node: slave-nl1
expires: Tue, 13 Sep 2022 15:17:06 GMT
cache-control: max-age=3600
access-control-allow-origin: *
cache: HIT
x-cached-since: 2022-09-10T18:06:30+00:00
x-id: sto5-up-gc15
content-encoding: gzip
X-Firefox-Spdy: h2
uh2910ce55uh.jhqelrjewr.cc/?target=-7EBNQCgQAAAE9ATQD1AEABAEBEREKEQkKEQ0yEQ0SAAEfYmlhbW8BMQ&ap=-1&subpub=54716&subacc4=9680805&fingerprint_=6251b88c27a072da975e70d4bbf3960b
88.208.35.20302 Found 183 B URL HTTP/2 uh2910ce55uh.jhqelrjewr.cc/?target=-7EBNQCgQAAAE9ATQD1AEABAEBEREKEQkKEQ0yEQ0SAAEfYmlhbW8BMQ&ap=-1&subpub=54716&subacc4=9680805&fingerprint_=6251b88c27a072da975e70d4bbf3960b
IP 88.208.35.20:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document, ASCII text
Hash 7480c9411bc5a16192aed4fccb1964c8
bbee9204f858cb58482c9927b9feabda183cfedb
e8c3b0ccfffda3c29f8f4fb0c4f3e82fd3cf33812635076380f1158eac3a21d0
GET /?target=-7EBNQCgQAAAE9ATQD1AEABAEBEREKEQkKEQ0yEQ0SAAEfYmlhbW8BMQ&ap=-1&subpub=54716&subacc4=9680805&fingerprint_=6251b88c27a072da975e70d4bbf3960b HTTP/1.1
Host: uh2910ce55uh.jhqelrjewr.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
server: openresty
date: Tue, 13 Sep 2022 14:17:06 GMT
content-type: text/html; charset=utf-8
content-length: 183
location: https://biamo.bet/no/signup?faff=2910ce55bd524eeb6fcf68766a7e972a&sub=-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3
set-cookie: adc_52610=1; Path=/; Domain=uh2910ce55uh.jhqelrjewr.cc; Expires=Fri, 28 Oct 2022 14:17:06 GMT
x-node: slave-nl1
referrer-policy: unsafe-url
cache-control: private, no-transform,no-cache
x-edge-node: slave-nl1
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash c6ac30c8db604e75aa6949009205567c
424617b87745dca6195c63949e3ddafcba363dba
56314e8a8a4b06c7fcc313babf7ecc9620af8f70496c47a95d4b92dcc0cdcfd0
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Tue, 13 Sep 2022 14:17:06 GMT
Etag: "631fb1aa-1d7"
Server: ECS (dcb/7F82)
X-Cache: Miss from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: bFEVX1RVokK5iy3UyLOK7GweFQCB8m96JHNoiMNRAZZU-SsvKuTQcw==
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 3d78106b45fc93574b5aaa2bcf7d7f2b
66ee6928f2fdac47e6fe07395e651d78ae2e93de
1796866c32e41bfdd33119facee7c15b0d45ae8fd293ee9f209583dec0616b40
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "1796866C32E41BFDD33119FACEE7C15B0D45AE8FD293EE9F209583DEC0616B40"
Last-Modified: Mon, 12 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8418
Expires: Tue, 13 Sep 2022 16:37:24 GMT
Date: Tue, 13 Sep 2022 14:17:06 GMT
Connection: keep-alive
biamo.bet/static/dist/scripts.394d85fdbddb1838.js
18.65.39.71200 OK 29 B URL HTTP/2 biamo.bet/static/dist/scripts.394d85fdbddb1838.js
IP 18.65.39.71:0
File type ASCII text, with no line terminators
Hash 0b313806ac03f6ee470e6e0a42a1c5eb
1363e294d67a9190969c869d693bfc75674902a0
89aaeea56ec4f9267a45a39500775a25c83a1989be6c85820647e7660f65e08a
GET /static/dist/scripts.394d85fdbddb1838.js HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biamo.bet/no/signup?faff=2910ce55bd524eeb6fcf68766a7e972a&sub=-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3
Cookie: sitelang=no; _aff=system%3Dfaff%26id%3D2910ce55bd524eeb6fcf68766a7e972a%26data%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3%26params%3Dfaff%253D2910ce55bd524eeb6fcf68766a7e972a%2526sub%253D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; faff=faff%3D2910ce55bd524eeb6fcf68766a7e972a%26sub%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 29
server: nginx
date: Tue, 13 Sep 2022 14:17:07 GMT
last-modified: Mon, 05 Sep 2022 07:24:56 GMT
etag: "6315a448-1d"
expires: Wed, 14 Sep 2022 14:17:07 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
accept-ranges: bytes
x-cache: Miss from cloudfront
via: 1.1 a4583a5b47f0a64ec35be32f95ac1b46.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
x-amz-cf-id: UUq_EVSzxoxM22o5p7WUXOizrAWqr2vvPEUz2_6DTpW5AcXto8nDjA==
X-Firefox-Spdy: h2
cdn.onesignal.com/sdks/OneSignalSDK.js
104.18.225.52200 OK 3.3 kB URL HTTP/2 cdn.onesignal.com/sdks/OneSignalSDK.js
IP 104.18.225.52:0
File type ASCII text, with very long lines (9097)
Hash 0b9924b0b3e12566192db76370f0cea2
ad94f8c3803f5ad9fa0dceb18a50d28425a75a58
63991710972efac58f00edb7bedad1160be43aa198185a9b16c5837c87e3fe9a
GET /sdks/OneSignalSDK.js HTTP/1.1
Host: cdn.onesignal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biamo.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 14:17:07 GMT
content-type: application/javascript
etag: W/"ae63ef8ff03da61fffaa7f165729897a"
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 798
expires: Fri, 16 Sep 2022 14:17:07 GMT
cache-control: public, max-age=259200
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
cf-ray: 74a1812ac9a5b4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-P75XW8W
142.250.74.72200 OK 55 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-P75XW8W
IP 142.250.74.72:0
File type ASCII text, with very long lines (6039)
Hash 7944cf245527b62637141e11afcde580
b3d4d7ef3a3142e97bb1e505f1ed881084cbcbe9
930f1f0e260613b61db98956e8f95bc99e7e35c91affab95e6f03a69486a5f87
GET /gtm.js?id=GTM-P75XW8W HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biamo.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 13 Sep 2022 14:17:07 GMT
expires: Tue, 13 Sep 2022 14:17:07 GMT
cache-control: private, max-age=900
last-modified: Tue, 13 Sep 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 55042
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ec7a5bb8e310f5c9c992cf85832d5445
e32b8e200a79da9008985e8e6c272f35b02581c5
6391e4c68631e272509ade559b8f568b03dd88be1956906332ae584f9faee00a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 14:17:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 9b410e137f2fd8247a21292b319e4be5
24a7490d0a1f91cb5a089e17e5381f103b142aac
b8113945224522ddbb07c427dea8c3392b0a16282fc39b7e8c473183a3a17245
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B8113945224522DDBB07C427DEA8C3392B0A16282FC39B7E8C473183A3A17245"
Last-Modified: Tue, 13 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12894
Expires: Tue, 13 Sep 2022 17:52:01 GMT
Date: Tue, 13 Sep 2022 14:17:07 GMT
Connection: keep-alive
biamo.bet/static/dist/main.d407346fa4263e6b.js
18.65.39.71200 OK 68 kB URL HTTP/2 biamo.bet/static/dist/main.d407346fa4263e6b.js
IP 18.65.39.71:0
Hash 9e5c431485943882e5640badcd4fdf03
127775fe5166520e3da09594ad040eb87a8a422c
f093bb50d76a987484a2c3faf7e09b2a680e5013abd88d3e4ea96ce65c79ef6b
GET /static/dist/main.d407346fa4263e6b.js HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biamo.bet/no/signup?faff=2910ce55bd524eeb6fcf68766a7e972a&sub=-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3
Cookie: sitelang=no; _aff=system%3Dfaff%26id%3D2910ce55bd524eeb6fcf68766a7e972a%26data%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3%26params%3Dfaff%253D2910ce55bd524eeb6fcf68766a7e972a%2526sub%253D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; faff=faff%3D2910ce55bd524eeb6fcf68766a7e972a%26sub%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Tue, 13 Sep 2022 14:17:07 GMT
last-modified: Mon, 05 Sep 2022 07:24:56 GMT
etag: W/"6315a448-257f55"
expires: Wed, 14 Sep 2022 14:17:07 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 a4583a5b47f0a64ec35be32f95ac1b46.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
x-amz-cf-id: xIN3WYoQmeuSIYAdT_QIc_w9xSBj2UjqJHduDmLrX2Gm6r56X9mq7g==
X-Firefox-Spdy: h2
biamo.bet/static/css/app.loader.css
18.65.39.71200 OK 2.7 kB URL HTTP/2 biamo.bet/static/css/app.loader.css
IP 18.65.39.71:0
Hash fe37f3650f45cccc28ce69c5828b7f27
f61cb60197ec515211efe0bfac624e6ba6f991b4
22b77489f1bd38bf99c4105780ee0cbaa59c0ad7f70ae56886d0fc0697427ca0
GET /static/css/app.loader.css HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biamo.bet/no/signup?faff=2910ce55bd524eeb6fcf68766a7e972a&sub=-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3
Cookie: sitelang=no; _aff=system%3Dfaff%26id%3D2910ce55bd524eeb6fcf68766a7e972a%26data%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3%26params%3Dfaff%253D2910ce55bd524eeb6fcf68766a7e972a%2526sub%253D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; faff=faff%3D2910ce55bd524eeb6fcf68766a7e972a%26sub%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
server: nginx
date: Tue, 13 Sep 2022 14:17:06 GMT
last-modified: Mon, 05 Sep 2022 07:25:03 GMT
etag: W/"6315a44f-4ef"
expires: Wed, 14 Sep 2022 14:17:06 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 a4583a5b47f0a64ec35be32f95ac1b46.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
x-amz-cf-id: F40kxa1JX-upv3gWtvS3bwEqBuDGJ_J9WrByBsDrmofviXnK5M1XOA==
X-Firefox-Spdy: h2
scripts.prdredir.com/scripts/k_biamo_bet.js
172.67.175.127200 OK 719 B URL HTTP/2 scripts.prdredir.com/scripts/k_biamo_bet.js
IP 172.67.175.127:0
Hash 12cf1647dd28b2a6aa8e9dd2b438b9c7
a26e40e72697fcb5a505386f4d0b6a5fa6bda83a
da603e6c9eaa6d35217715077cd85f9df9cd7b813a51b57fd0ab74b7e56b2b56
GET /scripts/k_biamo_bet.js HTTP/1.1
Host: scripts.prdredir.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biamo.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 14:17:07 GMT
content-type: text/javascript; charset=utf-8
status: 200 OK
cache-control: max-age=0, public
access-control-allow-origin: *
x-request-id: b69a4afa-bb27-4310-af8c-8117cad12dc8
etag: W/"95d838de11136e7964ca0eaa375bf294"
x-runtime: 0.005684
expires: 2022-08-14 14:17:07 UTC
x-powered-by: Phusion Passenger(R) 6.0.11
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o1Oq4NM7r5fGIz%2FWU5R4M2VIb7xVNKvn0Pf8hf%2Busgj%2FCL7Bowx74r4ug%2FSvRehc6I5yZTijfu4NOqzooUMw3XXiWNbfvfe2cr5ei%2FVnEQW7N2CM6K93oInSiuN2icNvsN5NsHcTTA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74a1812acb93b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ad7728eba10023f1bf442ce8a38fba5e
03bca124e60f6aca2bb355a3445c3943b0b0befe
795d44c48051fb28b98c9aef0e6116a2f6e9d59dcb3633f4f1fc1843d6081f20
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 14:17:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ad439cab56126bcc402ee9f92365a209
a4b48a9a733c53cbc7020e190b8c787e1f80f55a
d0e2e52b66a8dec8c57092ec332f452a7348941d778d7b4686ca32696aabd065
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 14:17:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/ddm/fls/i/src=11641679;type=users00;cat=all_u0;ord=8990194622948;gtm=2wg970;auiddc=1627695547.1663078614;~oref=https%3A%2F%2Fbiamo.bet%2Fno%2Fsignup%3Ffaff%3D2910ce55bd524eeb6fcf68766a7e972a%26sub%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3
142.250.74.66200 OK 468 B URL HTTP/2 adservice.google.com/ddm/fls/i/src=11641679;type=users00;cat=all_u0;ord=8990194622948;gtm=2wg970;auiddc=1627695547.1663078614;~oref=https%3A%2F%2Fbiamo.bet%2Fno%2Fsignup%3Ffaff%3D2910ce55bd524eeb6fcf68766a7e972a%26sub%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3
IP 142.250.74.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (589), with no line terminators
Hash 41155ec2df7b18537218faadcc93231d
b820dc0d9a6d9c54438ad86bbe9a598452993e21
9332cb0389f4c1cba4b6085caa661a25070d78f895be09ac1f0135ea3a0e191a
GET /ddm/fls/i/src=11641679;type=users00;cat=all_u0;ord=8990194622948;gtm=2wg970;auiddc=1627695547.1663078614;~oref=https%3A%2F%2Fbiamo.bet%2Fno%2Fsignup%3Ffaff%3D2910ce55bd524eeb6fcf68766a7e972a%26sub%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3 HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://11641679.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 13 Sep 2022 14:17:07 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 468
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
biamo.bet/static/dist/styles.50b1e882979ab36a.css
18.65.39.71200 OK 20 kB URL HTTP/2 biamo.bet/static/dist/styles.50b1e882979ab36a.css
IP 18.65.39.71:0
Hash 02e1bcf60bb6d0a9d9d9e5e3106bb6eb
47e0531614afce50ea55bdf9d0b5cc5834c3e13b
0bae93bddc593df8d9c946f35d42405b69187bcbad862db167e00eac4e946713
GET /static/dist/styles.50b1e882979ab36a.css HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biamo.bet/no/signup?faff=2910ce55bd524eeb6fcf68766a7e972a&sub=-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3
Cookie: sitelang=no; _aff=system%3Dfaff%26id%3D2910ce55bd524eeb6fcf68766a7e972a%26data%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3%26params%3Dfaff%253D2910ce55bd524eeb6fcf68766a7e972a%2526sub%253D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; faff=faff%3D2910ce55bd524eeb6fcf68766a7e972a%26sub%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
server: nginx
date: Tue, 13 Sep 2022 14:17:07 GMT
last-modified: Mon, 05 Sep 2022 07:24:56 GMT
etag: W/"6315a448-20d82"
expires: Wed, 14 Sep 2022 14:17:07 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 a4583a5b47f0a64ec35be32f95ac1b46.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
x-amz-cf-id: ml3AdRKFC9kw2gH6q-HHCjIUiaP4HjzMw9dZ3t0ioH-JU1KGN29noA==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4fd53df42280409cd83e9f2cbd753bb6
c7879abb078bdc6dfd363f72509d1f36e5a8a622
c6eecc725ec5cf4376f99fafaf029eaa6f207dceefb09c09f1e8aaaa1fa1b5f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 14:17:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/ddm/fls/i/src=11641679;type=users00;cat=all_u0;ord=8990194622948;gtm=2wg970;auiddc=1627695547.1663078614;~oref=https%3A%2F%2Fbiamo.bet%2Fno%2Fsignup%3Ffaff%3D2910ce55bd524eeb6fcf68766a7e972a%26sub%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3
142.250.74.130302 Found 0 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=11641679;type=users00;cat=all_u0;ord=8990194622948;gtm=2wg970;auiddc=1627695547.1663078614;~oref=https%3A%2F%2Fbiamo.bet%2Fno%2Fsignup%3Ffaff%3D2910ce55bd524eeb6fcf68766a7e972a%26sub%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3
IP 142.250.74.130:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ddm/fls/i/src=11641679;type=users00;cat=all_u0;ord=8990194622948;gtm=2wg970;auiddc=1627695547.1663078614;~oref=https%3A%2F%2Fbiamo.bet%2Fno%2Fsignup%3Ffaff%3D2910ce55bd524eeb6fcf68766a7e972a%26sub%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3 HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 13 Sep 2022 14:17:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://11641679.fls.doubleclick.net/ddm/fls/r/src=11641679;type=users00;cat=all_u0;ord=8990194622948;gtm=2wg970;auiddc=1627695547.1663078614;~oref=https%3A%2F%2Fbiamo.bet%2Fno%2Fsignup%3Ffaff%3D2910ce55bd524eeb6fcf68766a7e972a%26sub%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4fd53df42280409cd83e9f2cbd753bb6
c7879abb078bdc6dfd363f72509d1f36e5a8a622
c6eecc725ec5cf4376f99fafaf029eaa6f207dceefb09c09f1e8aaaa1fa1b5f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 14:17:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 61bb37e2ed236c60cdc63ee9883c515b
16d7fce5381bd6815cf690dcf8a341b942ad5f5e
296618cd510f6447c2af4f0cd3bb8d5e0ac444e4c057e3ea0e9c3163e1377947
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "296618CD510F6447C2AF4F0CD3BB8D5E0AC444E4C057E3EA0E9C3163E1377947"
Last-Modified: Mon, 12 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1991
Expires: Tue, 13 Sep 2022 14:50:18 GMT
Date: Tue, 13 Sep 2022 14:17:07 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 4d5b81170c4ad9f75db8f1419b39a4f8
02a515422968914bc71662f192bad8c8261dbee6
7911c3255763eaa9e307c2e6287d4da75a33eccd90fe7c561365ec9a39363e6e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 14:17:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googleadservices.com/pagead/conversion.js
172.217.21.162200 OK 17 kB URL HTTP/2 www.googleadservices.com/pagead/conversion.js
IP 172.217.21.162:0
File type ASCII text, with very long lines (1952)
Hash 902cfd206a78c4eae56d87bb357f427e
4ad4df5fdc5a1004a718d389a461e37780ade759
450ddee27f69db14fd541551e86634b6d829a5c4e8e6097cf1d0c7a947aaf1f1
GET /pagead/conversion.js HTTP/1.1
Host: www.googleadservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://11641679.fls.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 13 Sep 2022 14:17:07 GMT
expires: Tue, 13 Sep 2022 14:17:07 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 16286937264090633215
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 17396
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
biamo.bet/api/v1/games?slim=true
18.65.39.71200 OK 275 kB URL HTTP/2 biamo.bet/api/v1/games?slim=true
IP 18.65.39.71:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (64416), with no line terminators
Size 275 kB (274591 bytes)
Hash b0c9c3f135e39fe5f792e547adf7bdfb
42cf4e578fbf1e153ecd65e81c84491a8bb65829
1d2efd5810541f4d98f96f6fca11def8c6b6038a4b153acef10cf4c5523d7e52
GET /api/v1/games?slim=true HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://biamo.bet/no/signup?faff=2910ce55bd524eeb6fcf68766a7e972a&sub=-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3
Connection: keep-alive
Cookie: sitelang=no; _aff=system%3Dfaff%26id%3D2910ce55bd524eeb6fcf68766a7e972a%26data%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3%26params%3Dfaff%253D2910ce55bd524eeb6fcf68766a7e972a%2526sub%253D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; faff=faff%3D2910ce55bd524eeb6fcf68766a7e972a%26sub%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; _gcl_au=1.1.1627695547.1663078614; _ga_4L2GVL08BD=GS1.1.1663078614.1.0.1663078614.0.0.0; _ga=GA1.1.881031737.1663078614
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/json; encoding=utf-8
content-length: 274591
server: nginx
date: Tue, 13 Sep 2022 14:17:07 GMT
x-geo-detected: nor
content-encoding: gzip
x-accept-language: en-US
strict-transport-security: max-age=31536000; includeSubdomains; preload
cache-control: private,no-store,no-cache,max-age=0
x-monitor: bff8fb57bcbfa445bf9fa60c030563dc,msec:1663078627.671
x-cache: Miss from cloudfront
via: 1.1 a4583a5b47f0a64ec35be32f95ac1b46.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
x-amz-cf-id: U9Cicor9Cm68KtP492WAZneTqhr23vqFhklvcKOXpqHZaZWtwuuwrA==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 741400b574ef7f9f3236164e28e58c51
811018b86fd196da2faf32b044905e1130002a90
efb8e915e207a776018a5319e449e47a105b1d8692e08317c2b3014135b01418
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 14:17:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
alexatracker.com/jscode/LAIA.js?sub1=biamobet&sub2=&sub3=&sub4=&sub5=&prid=
51.68.197.173200 OK 8.7 kB URL HTTP/1.1 alexatracker.com/jscode/LAIA.js?sub1=biamobet&sub2=&sub3=&sub4=&sub5=&prid=
IP 51.68.197.173:0
File type ASCII text, with very long lines (8695), with no line terminators
Hash 33878395f92373800339b84c8ad0d407
b17c71da1892155d8dd37b13d20e6057ae8b45d8
3ab85fec44a195f89ed738aa8109c7fc2d4e4a16aee1b4d84a8a8125f7755c0d
GET /jscode/LAIA.js?sub1=biamobet&sub2=&sub3=&sub4=&sub5=&prid= HTTP/1.1
Host: alexatracker.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biamo.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 13 Sep 2022 14:17:07 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 8695
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Set-Cookie: trbarid=f1ed20dad713a6ee496148e5d4a51e61b2917e65592e2403e47d21941bc45bd0a%3A2%3A%7Bi%3A0%3Bs%3A7%3A%22trbarid%22%3Bi%3A1%3Bi%3A7010192978780131555%3B%7D; expires=Tue, 17-Sep-2024 14:17:07 GMT; Max-Age=63504000; path=/; secure; HttpOnly; SameSite=None
biamo.bet/api/v1/bootstrap
18.65.39.71200 OK 11 kB URL HTTP/2 biamo.bet/api/v1/bootstrap
IP 18.65.39.71:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (64622), with no line terminators
Hash ff28fe4c7ed3aa33f82a3d6e239491ae
7212e476afba2ed48344327910c4c75c9fe90d86
366f495f247ed987b520afa76cb0a36a04c92a6d7092df429c2584f56a0f6c4e
GET /api/v1/bootstrap HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://biamo.bet/no/signup?faff=2910ce55bd524eeb6fcf68766a7e972a&sub=-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3
Connection: keep-alive
Cookie: sitelang=no; _aff=system%3Dfaff%26id%3D2910ce55bd524eeb6fcf68766a7e972a%26data%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3%26params%3Dfaff%253D2910ce55bd524eeb6fcf68766a7e972a%2526sub%253D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; faff=faff%3D2910ce55bd524eeb6fcf68766a7e972a%26sub%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; _gcl_au=1.1.1627695547.1663078614; _ga_4L2GVL08BD=GS1.1.1663078614.1.0.1663078614.0.0.0; _ga=GA1.1.881031737.1663078614
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/json; encoding=utf-8
content-length: 11203
server: nginx
date: Tue, 13 Sep 2022 14:17:07 GMT
x-geo-detected: nor
content-encoding: gzip
x-accept-language: en-US
strict-transport-security: max-age=31536000; includeSubdomains; preload
cache-control: max-age=0, no-cache, no-store, must-revalidate, private, private,no-store,no-cache,max-age=0
x-monitor: bff8fb57bcbfa445bf9fa60c030563dc,msec:1663078627.886
x-cache: Miss from cloudfront
via: 1.1 a4583a5b47f0a64ec35be32f95ac1b46.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
x-amz-cf-id: BlblJUOUEglCf5jbMQLkmnod2mwXfXjNB7xIri7AMnhPSLOgYT0T9Q==
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-4L2GVL08BD>m=2oe970&_p=191034865&cid=881031737.1663078614&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663078614&sct=1&seg=0&dl=https%3A%2F%2Fbiamo.bet%2Fno%2Fsignup%3Ffaff%3D2910ce55bd524eeb6fcf68766a7e972a%26sub%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3&dt=BiamoBet&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-4L2GVL08BD>m=2oe970&_p=191034865&cid=881031737.1663078614&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663078614&sct=1&seg=0&dl=https%3A%2F%2Fbiamo.bet%2Fno%2Fsignup%3Ffaff%3D2910ce55bd524eeb6fcf68766a7e972a%26sub%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3&dt=BiamoBet&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-4L2GVL08BD>m=2oe970&_p=191034865&cid=881031737.1663078614&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663078614&sct=1&seg=0&dl=https%3A%2F%2Fbiamo.bet%2Fno%2Fsignup%3Ffaff%3D2910ce55bd524eeb6fcf68766a7e972a%26sub%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3&dt=BiamoBet&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://biamo.bet
Connection: keep-alive
Referer: https://biamo.bet/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://biamo.bet
date: Tue, 13 Sep 2022 14:17:08 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
biamo.bet/favicon.ico
18.65.39.71200 OK 15 kB IP 18.65.39.71:0
File type MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash bc1b2ae91c374de1684329e7b6c81265
dba7b2d486959ea41b55fc9be393041dc1359ac2
8a128c6eba8735bc7b90384c4ff777c8ad40dc5a7f26edf2ffb0349b8f7168cd
GET /favicon.ico HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biamo.bet/no/signup?faff=2910ce55bd524eeb6fcf68766a7e972a&sub=-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3
Cookie: sitelang=no; _aff=system%3Dfaff%26id%3D2910ce55bd524eeb6fcf68766a7e972a%26data%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3%26params%3Dfaff%253D2910ce55bd524eeb6fcf68766a7e972a%2526sub%253D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; faff=faff%3D2910ce55bd524eeb6fcf68766a7e972a%26sub%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; _gcl_au=1.1.1627695547.1663078614; _ga_4L2GVL08BD=GS1.1.1663078614.1.0.1663078614.0.0.0; _ga=GA1.1.881031737.1663078614
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/x-icon
content-length: 15086
server: nginx
date: Tue, 13 Sep 2022 14:17:08 GMT
last-modified: Mon, 05 Sep 2022 07:22:17 GMT
etag: "6315a3a9-3aee"
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
accept-ranges: bytes
x-cache: Miss from cloudfront
via: 1.1 a4583a5b47f0a64ec35be32f95ac1b46.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
x-amz-cf-id: kfD-JDnTQFBGzcxs50PRJy16R9irjP2LqDNtQ_s0rz5d7xmuglnNAw==
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biamo.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Tue, 13 Sep 2022 12:41:12 GMT
expires: Tue, 13 Sep 2022 14:41:12 GMT
cache-control: public, max-age=7200
age: 5756
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/gtm/optimize.js?id=OPT-TPW6QGT
142.250.74.174200 OK 41 kB URL HTTP/2 www.google-analytics.com/gtm/optimize.js?id=OPT-TPW6QGT
IP 142.250.74.174:0
File type ASCII text, with very long lines (1615)
Hash 14f3e1e24a3a371f3672dd61c7c3d7bd
0aac7aab3e3d53c48528ce17074c2fa4e79e3776
4168214f0b925428b83e1753cef562c40cb61edd64b13c2571bf958a54ca637d
GET /gtm/optimize.js?id=OPT-TPW6QGT HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biamo.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 13 Sep 2022 14:17:08 GMT
expires: Tue, 13 Sep 2022 14:17:08 GMT
cache-control: private, max-age=900
last-modified: Tue, 13 Sep 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 41210
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
biamo.bet/ngsw-worker.js
18.65.39.71200 OK 16 kB IP 18.65.39.71:0
File type Algol 68 source text\012- Pascal source, ASCII text
Hash 09cd55f6b7468db705edbeddc80fea57
09db6f70345a5c3c03bc71dc33cd2b4c43445aed
45ae56f6dd0799da08cd056b79bc21c24f0c024a026efe8127ba37835c77f4a6
GET /ngsw-worker.js HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: sitelang=no; _aff=system%3Dfaff%26id%3D2910ce55bd524eeb6fcf68766a7e972a%26data%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3%26params%3Dfaff%253D2910ce55bd524eeb6fcf68766a7e972a%2526sub%253D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; faff=faff%3D2910ce55bd524eeb6fcf68766a7e972a%26sub%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; _gcl_au=1.1.1627695547.1663078614; _ga_4L2GVL08BD=GS1.1.1663078614.1.0.1663078614.0.0.0; _ga=GA1.1.881031737.1663078614
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Tue, 13 Sep 2022 14:17:08 GMT
last-modified: Mon, 05 Sep 2022 07:24:56 GMT
etag: W/"6315a448-103ae"
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 a4583a5b47f0a64ec35be32f95ac1b46.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
x-amz-cf-id: gDEMSagOFFOy8ey2V59NG5sW4HA8iEW6aC4FWaQpAHQGyxw1IckEHA==
X-Firefox-Spdy: h2
lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0=w100
142.250.74.142302 Found 337 B URL HTTP/2 lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0=w100
IP 142.250.74.142:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 66a43eafe19fd2e9782007272dd06ced
9d5112f8b4482ef224d10b0d0a17bfaf053e8e23
f432da756645f1aa0bdfff17c86556d7343c5ae482f941597552d9701560d6bb
GET /u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0=w100 HTTP/1.1
Host: lh3.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://accounts.google.com/ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en
cache-control: private
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 13 Sep 2022 14:17:08 GMT
server: fife
content-length: 337
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 7c85e22b75dd559a6c65736bae63c5bd
eb57470991666108a01b8ee0adf707e1c1dc8642
bd05cc5dfc5ddd554cc9ac5395035ce302b0b74343d199a64b2dbdcac0070944
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 14:17:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/10847281060/?random=1482062296&cv=9&fst=1663078615198&num=1&npa=1&label=4clwCIT13ZkDEKS_sbQo&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=13&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F11641679.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D11641679%3Btype%3Dusers00%3Bcat%3Dall_u0%3Bord%3D8990194622948%3Bgtm%3D2wg970%3Bauiddc%3D1627695547.1663078614%3B~oref%3Dhttps%253A%252F%252Fbiamo.bet%252Fno%252Fsignup%253Ffaff%253D2910ce55bd524eeb6fcf68766a7e972a%2526sub%253D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=5JAgY4H4EJGP-cAP2tqR0AM&sscte=1&crd=
216.58.207.194302 Found 42 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/10847281060/?random=1482062296&cv=9&fst=1663078615198&num=1&npa=1&label=4clwCIT13ZkDEKS_sbQo&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=13&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F11641679.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D11641679%3Btype%3Dusers00%3Bcat%3Dall_u0%3Bord%3D8990194622948%3Bgtm%3D2wg970%3Bauiddc%3D1627695547.1663078614%3B~oref%3Dhttps%253A%252F%252Fbiamo.bet%252Fno%252Fsignup%253Ffaff%253D2910ce55bd524eeb6fcf68766a7e972a%2526sub%253D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=5JAgY4H4EJGP-cAP2tqR0AM&sscte=1&crd=
IP 216.58.207.194:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/viewthroughconversion/10847281060/?random=1482062296&cv=9&fst=1663078615198&num=1&npa=1&label=4clwCIT13ZkDEKS_sbQo&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=13&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F11641679.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D11641679%3Btype%3Dusers00%3Bcat%3Dall_u0%3Bord%3D8990194622948%3Bgtm%3D2wg970%3Bauiddc%3D1627695547.1663078614%3B~oref%3Dhttps%253A%252F%252Fbiamo.bet%252Fno%252Fsignup%253Ffaff%253D2910ce55bd524eeb6fcf68766a7e972a%2526sub%253D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=5JAgY4H4EJGP-cAP2tqR0AM&sscte=1&crd= HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://11641679.fls.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 13 Sep 2022 14:17:08 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://www.google.com/pagead/1p-conversion/10847281060/?random=1482062296&cv=9&fst=1663078615198&num=1&npa=1&label=4clwCIT13ZkDEKS_sbQo&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=13&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F11641679.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D11641679%3Btype%3Dusers00%3Bcat%3Dall_u0%3Bord%3D8990194622948%3Bgtm%3D2wg970%3Bauiddc%3D1627695547.1663078614%3B~oref%3Dhttps%253A%252F%252Fbiamo.bet%252Fno%252Fsignup%253Ffaff%253D2910ce55bd524eeb6fcf68766a7e972a%2526sub%253D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=5JAgY4H4EJGP-cAP2tqR0AM&random=2104535954&resp=GooglemKTybQhCsO
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 13-Sep-2022 14:32:08 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
biamo.bet/ngsw.json?ngsw-cache-bust=0.6569661780743958
18.65.39.71200 OK 3.2 kB URL HTTP/2 biamo.bet/ngsw.json?ngsw-cache-bust=0.6569661780743958
IP 18.65.39.71:0
Hash ac367b4147931b02f1fff069c86fcedf
3869b74564010950efbbd7957b15970b97fa827e
774816a81b1db5d5c2baa478bc895438eae3e721d0480f354d7efc2a185e9501
GET /ngsw.json?ngsw-cache-bust=0.6569661780743958 HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://biamo.bet/ngsw-worker.js
Connection: keep-alive
Cookie: sitelang=no; _aff=system%3Dfaff%26id%3D2910ce55bd524eeb6fcf68766a7e972a%26data%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3%26params%3Dfaff%253D2910ce55bd524eeb6fcf68766a7e972a%2526sub%253D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; faff=faff%3D2910ce55bd524eeb6fcf68766a7e972a%26sub%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; _gcl_au=1.1.1627695547.1663078614; _ga_4L2GVL08BD=GS1.1.1663078614.1.0.1663078614.0.0.0; _ga=GA1.2.881031737.1663078614; _gid=GA1.2.1344981336.1663078615; _gat_UA-199659057-1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/json
server: nginx
date: Tue, 13 Sep 2022 14:17:08 GMT
last-modified: Mon, 05 Sep 2022 07:25:05 GMT
etag: W/"6315a451-1f18"
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 a4583a5b47f0a64ec35be32f95ac1b46.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
x-amz-cf-id: xTLjjO2R7Y_s9NQL-1S4CFjnkycjdQdWTcgmJiIUSB9IyTZHB6dbuQ==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 7c85e22b75dd559a6c65736bae63c5bd
eb57470991666108a01b8ee0adf707e1c1dc8642
bd05cc5dfc5ddd554cc9ac5395035ce302b0b74343d199a64b2dbdcac0070944
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 14:17:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
accounts.google.com/ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en
216.58.207.237302 Found 411 B URL HTTP/2 accounts.google.com/ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en
IP 216.58.207.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (385)
Hash 282c867875c06542a6014dbf82feb4a1
e11432271d9cd8187909d1735e491951c941c584
d55d3008d7ac4ec9c3c723719695cc4d832d1873bf0e24b7215a5bed8dd3dc16
GET /ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 13 Sep 2022 14:17:08 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S419667908%3A1663078628454496&continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWp2F9Qd1K7GGmB3u3UJc8X_x7g1SjkD8j5xt57JEeBJ_aIF6zDfaXfa_1BW3RLu1dYfclOnZw
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-iIkXS_mqlxLQs9ZTlcUSIw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 411
server: GSE
set-cookie: __Host-GAPS=1:RMrsX2i8m5yHbEJoxnmG9P0KtzKH4g:_YAdSvtcnd2_57UZ;Path=/;Expires=Thu, 12-Sep-2024 14:17:08 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
biamo.bet/static/dist/974.f30a90cb0ba9f426.js
18.65.39.71200 OK 1.3 kB URL HTTP/2 biamo.bet/static/dist/974.f30a90cb0ba9f426.js
IP 18.65.39.71:0
Hash 5946813ae481b8659f50d6fdf0f62aec
d7bfec1e7dc532a9e2bfb9f2205a020a4ab7d63f
b50810f3c9c728ff531619e1a75991d0265c240739afad6dd1b3a2edfdf9d763
GET /static/dist/974.f30a90cb0ba9f426.js HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biamo.bet/no/signup?faff=2910ce55bd524eeb6fcf68766a7e972a&sub=-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3
Cookie: sitelang=no; _aff=system%3Dfaff%26id%3D2910ce55bd524eeb6fcf68766a7e972a%26data%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3%26params%3Dfaff%253D2910ce55bd524eeb6fcf68766a7e972a%2526sub%253D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; faff=faff%3D2910ce55bd524eeb6fcf68766a7e972a%26sub%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; _gcl_au=1.1.1627695547.1663078614; _ga_4L2GVL08BD=GS1.1.1663078614.1.0.1663078614.0.0.0; _ga=GA1.1.881031737.1663078614
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Tue, 13 Sep 2022 14:17:08 GMT
last-modified: Mon, 05 Sep 2022 07:24:56 GMT
etag: W/"6315a448-911"
expires: Wed, 14 Sep 2022 14:17:08 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 a4583a5b47f0a64ec35be32f95ac1b46.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
x-amz-cf-id: q6jY-KnkUgeren-s5FiRJ10VQiBouzdXYQeaBtt7NoXXTlnVlVe8qQ==
X-Firefox-Spdy: h2
www.google.com/pagead/1p-conversion/10847281060/?random=1482062296&cv=9&fst=1663078615198&num=1&npa=1&label=4clwCIT13ZkDEKS_sbQo&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=13&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F11641679.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D11641679%3Btype%3Dusers00%3Bcat%3Dall_u0%3Bord%3D8990194622948%3Bgtm%3D2wg970%3Bauiddc%3D1627695547.1663078614%3B~oref%3Dhttps%253A%252F%252Fbiamo.bet%252Fno%252Fsignup%253Ffaff%253D2910ce55bd524eeb6fcf68766a7e972a%2526sub%253D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=5JAgY4H4EJGP-cAP2tqR0AM&random=2104535954&resp=GooglemKTybQhCsO
142.250.74.164302 Found 42 B URL HTTP/2 www.google.com/pagead/1p-conversion/10847281060/?random=1482062296&cv=9&fst=1663078615198&num=1&npa=1&label=4clwCIT13ZkDEKS_sbQo&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=13&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F11641679.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D11641679%3Btype%3Dusers00%3Bcat%3Dall_u0%3Bord%3D8990194622948%3Bgtm%3D2wg970%3Bauiddc%3D1627695547.1663078614%3B~oref%3Dhttps%253A%252F%252Fbiamo.bet%252Fno%252Fsignup%253Ffaff%253D2910ce55bd524eeb6fcf68766a7e972a%2526sub%253D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=5JAgY4H4EJGP-cAP2tqR0AM&random=2104535954&resp=GooglemKTybQhCsO
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-conversion/10847281060/?random=1482062296&cv=9&fst=1663078615198&num=1&npa=1&label=4clwCIT13ZkDEKS_sbQo&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=13&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F11641679.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D11641679%3Btype%3Dusers00%3Bcat%3Dall_u0%3Bord%3D8990194622948%3Bgtm%3D2wg970%3Bauiddc%3D1627695547.1663078614%3B~oref%3Dhttps%253A%252F%252Fbiamo.bet%252Fno%252Fsignup%253Ffaff%253D2910ce55bd524eeb6fcf68766a7e972a%2526sub%253D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=5JAgY4H4EJGP-cAP2tqR0AM&random=2104535954&resp=GooglemKTybQhCsO HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://11641679.fls.doubleclick.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 13 Sep 2022 14:17:08 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-conversion/10847281060/?random=1482062296&cv=9&fst=1663078615198&num=1&npa=1&label=4clwCIT13ZkDEKS_sbQo&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=13&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F11641679.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D11641679%3Btype%3Dusers00%3Bcat%3Dall_u0%3Bord%3D8990194622948%3Bgtm%3D2wg970%3Bauiddc%3D1627695547.1663078614%3B~oref%3Dhttps%253A%252F%252Fbiamo.bet%252Fno%252Fsignup%253Ffaff%253D2910ce55bd524eeb6fcf68766a7e972a%2526sub%253D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=5JAgY4H4EJGP-cAP2tqR0AM&random=2104535954&resp=GooglemKTybQhCsO&ipr=y&prhg=0
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
biamo.bet/gstatic/wlc/icons/close.svg
18.65.39.71200 OK 503 B URL HTTP/2 biamo.bet/gstatic/wlc/icons/close.svg
IP 18.65.39.71:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash ac730c3d13a7b81d3739b363958e730c
f96a917c03c0db067823a4d64fe211119045f1a3
60d94f21623d219d540791f241bdaee7f156c211190d944e1b2e8cbf1c69e0de
GET /gstatic/wlc/icons/close.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://biamo.bet/no/signup?faff=2910ce55bd524eeb6fcf68766a7e972a&sub=-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3
Cache-Control: public, max-age=31536000
Connection: keep-alive
Cookie: sitelang=no; _aff=system%3Dfaff%26id%3D2910ce55bd524eeb6fcf68766a7e972a%26data%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3%26params%3Dfaff%253D2910ce55bd524eeb6fcf68766a7e972a%2526sub%253D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; faff=faff%3D2910ce55bd524eeb6fcf68766a7e972a%26sub%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; _gcl_au=1.1.1627695547.1663078614; _ga_4L2GVL08BD=GS1.1.1663078614.1.0.1663078614.0.0.0; _ga=GA1.2.881031737.1663078614; _gid=GA1.2.1344981336.1663078615; _gat_UA-199659057-1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 503
server: nginx
date: Tue, 13 Sep 2022 14:17:09 GMT
last-modified: Tue, 15 Jun 2021 15:03:48 GMT
etag: "60c8c154-1f7"
expires: Tue, 13 Sep 2022 15:17:09 GMT
cache-control: max-age=3600
strict-transport-security: max-age=31536000
x-content-type-options: nosniff, nosniff
accept-ranges: bytes
x-cache: Miss from cloudfront
via: 1.1 a4583a5b47f0a64ec35be32f95ac1b46.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
x-amz-cf-id: ZXgk7IlbH43hlA2Ut74mG8KP1ZzpycxFnQKnKxkmnSa2_oMOgBgt_w==
X-Firefox-Spdy: h2
www.google.no/pagead/1p-conversion/10847281060/?random=1482062296&cv=9&fst=1663078615198&num=1&npa=1&label=4clwCIT13ZkDEKS_sbQo&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=13&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F11641679.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D11641679%3Btype%3Dusers00%3Bcat%3Dall_u0%3Bord%3D8990194622948%3Bgtm%3D2wg970%3Bauiddc%3D1627695547.1663078614%3B~oref%3Dhttps%253A%252F%252Fbiamo.bet%252Fno%252Fsignup%253Ffaff%253D2910ce55bd524eeb6fcf68766a7e972a%2526sub%253D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=5JAgY4H4EJGP-cAP2tqR0AM&random=2104535954&resp=GooglemKTybQhCsO&ipr=y&prhg=0
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-conversion/10847281060/?random=1482062296&cv=9&fst=1663078615198&num=1&npa=1&label=4clwCIT13ZkDEKS_sbQo&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=13&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F11641679.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D11641679%3Btype%3Dusers00%3Bcat%3Dall_u0%3Bord%3D8990194622948%3Bgtm%3D2wg970%3Bauiddc%3D1627695547.1663078614%3B~oref%3Dhttps%253A%252F%252Fbiamo.bet%252Fno%252Fsignup%253Ffaff%253D2910ce55bd524eeb6fcf68766a7e972a%2526sub%253D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=5JAgY4H4EJGP-cAP2tqR0AM&random=2104535954&resp=GooglemKTybQhCsO&ipr=y&prhg=0
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-conversion/10847281060/?random=1482062296&cv=9&fst=1663078615198&num=1&npa=1&label=4clwCIT13ZkDEKS_sbQo&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=13&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F11641679.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D11641679%3Btype%3Dusers00%3Bcat%3Dall_u0%3Bord%3D8990194622948%3Bgtm%3D2wg970%3Bauiddc%3D1627695547.1663078614%3B~oref%3Dhttps%253A%252F%252Fbiamo.bet%252Fno%252Fsignup%253Ffaff%253D2910ce55bd524eeb6fcf68766a7e972a%2526sub%253D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=5JAgY4H4EJGP-cAP2tqR0AM&random=2104535954&resp=GooglemKTybQhCsO&ipr=y&prhg=0 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://11641679.fls.doubleclick.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 13 Sep 2022 14:17:09 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
biamo.bet/static/fonts/montserrat/Montserrat-400.woff2
18.65.39.71200 OK 89 kB URL HTTP/2 biamo.bet/static/fonts/montserrat/Montserrat-400.woff2
IP 18.65.39.71:0
File type Web Open Font Format (Version 2), TrueType, length 88804, version 1.0\012- data
Hash 6c8807219b0ecffdf96122b80df3e62c
135edfb07b1d07d329434bcf54bac05adf2599be
e617708035d1a5f61ca23a9efcaa30f7b65649b560a3dd7477282230a8840879
GET /static/fonts/montserrat/Montserrat-400.woff2 HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://biamo.bet/static/dist/styles.50b1e882979ab36a.css
Connection: keep-alive
Cookie: sitelang=no; _aff=system%3Dfaff%26id%3D2910ce55bd524eeb6fcf68766a7e972a%26data%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3%26params%3Dfaff%253D2910ce55bd524eeb6fcf68766a7e972a%2526sub%253D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; faff=faff%3D2910ce55bd524eeb6fcf68766a7e972a%26sub%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; _gcl_au=1.1.1627695547.1663078614; _ga_4L2GVL08BD=GS1.1.1663078614.1.0.1663078614.0.0.0; _ga=GA1.2.881031737.1663078614; _gid=GA1.2.1344981336.1663078615; _gat_UA-199659057-1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 88804
server: nginx
date: Tue, 13 Sep 2022 14:17:09 GMT
last-modified: Mon, 05 Sep 2022 07:22:17 GMT
etag: "6315a3a9-15ae4"
expires: Wed, 14 Sep 2022 14:17:09 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
accept-ranges: bytes
x-cache: Miss from cloudfront
via: 1.1 a4583a5b47f0a64ec35be32f95ac1b46.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
x-amz-cf-id: Y7BGzotT08j1J95RDa9SfmMvqo-C6hrvQKRvHyP32lSltoGzCc4TkQ==
X-Firefox-Spdy: h2
biamo.bet/static/dist/694.049b8bfccbe10ed4.js
18.65.39.71200 OK 19 kB URL HTTP/2 biamo.bet/static/dist/694.049b8bfccbe10ed4.js
IP 18.65.39.71:0
Hash 25835d635753c79661ae564ca9dc465f
6a03ae5827bf5c693fa7efbf0094faa27199c19b
a80198002809287a493e374cafa2f992edb7c061933185bb29e43d1d87c3269a
GET /static/dist/694.049b8bfccbe10ed4.js HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://biamo.bet/ngsw-worker.js
Connection: keep-alive
Cookie: sitelang=no; _aff=system%3Dfaff%26id%3D2910ce55bd524eeb6fcf68766a7e972a%26data%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3%26params%3Dfaff%253D2910ce55bd524eeb6fcf68766a7e972a%2526sub%253D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; faff=faff%3D2910ce55bd524eeb6fcf68766a7e972a%26sub%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; _gcl_au=1.1.1627695547.1663078614; _ga_4L2GVL08BD=GS1.1.1663078614.1.0.1663078614.0.0.0; _ga=GA1.2.881031737.1663078614; _gid=GA1.2.1344981336.1663078615; _gat_UA-199659057-1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Tue, 13 Sep 2022 14:17:09 GMT
last-modified: Mon, 05 Sep 2022 07:24:56 GMT
etag: W/"6315a448-14395"
expires: Wed, 14 Sep 2022 14:17:09 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 a4583a5b47f0a64ec35be32f95ac1b46.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
x-amz-cf-id: frmEj6JYn1PnB5kAJhRuasyZ7Q_d_kgjPqTHXesJYvQLhE9f2TU0kg==
X-Firefox-Spdy: h2
biamo.bet/static/dist/common.a0a49549731d9364.js
18.65.39.71200 OK 939 B URL HTTP/2 biamo.bet/static/dist/common.a0a49549731d9364.js
IP 18.65.39.71:0
Hash c665ad83ab2a771ca4ad28aa2a087795
30c0e19f8336196b6fffc82252ae878cb6ac1050
b26d1a976ab455a05577a63c4de0854f815dcd4ca7d9374a95060fd9c463239d
GET /static/dist/common.a0a49549731d9364.js HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://biamo.bet/ngsw-worker.js
Connection: keep-alive
Cookie: sitelang=no; _aff=system%3Dfaff%26id%3D2910ce55bd524eeb6fcf68766a7e972a%26data%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3%26params%3Dfaff%253D2910ce55bd524eeb6fcf68766a7e972a%2526sub%253D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; faff=faff%3D2910ce55bd524eeb6fcf68766a7e972a%26sub%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; _gcl_au=1.1.1627695547.1663078614; _ga_4L2GVL08BD=GS1.1.1663078614.1.0.1663078614.0.0.0; _ga=GA1.2.881031737.1663078614; _gid=GA1.2.1344981336.1663078615; _gat_UA-199659057-1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Tue, 13 Sep 2022 14:17:09 GMT
last-modified: Mon, 05 Sep 2022 07:24:56 GMT
etag: W/"6315a448-729"
expires: Wed, 14 Sep 2022 14:17:09 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 a4583a5b47f0a64ec35be32f95ac1b46.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
x-amz-cf-id: bo9i-1p5Z7oHdfVnzBP8lhJ9UsL_USg866Oo1p3wS3UnZHEzIAmG8A==
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 940 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash 64ced829387c2249f9a18f179819ddd9
f7bed8d03d26eb5e825419c45948b19b9588fbe9
998fe15d7982fcf18b06348fd3f177e9cdd36cfea2c4d73a9c82b66f6f0295d9
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 14:17:10 GMT
Content-Type: application/ocsp-response
Content-Length: 940
Connection: keep-alive
Expires: Sat, 17 Sep 2022 12:26:52 GMT
ETag: "f7bed8d03d26eb5e825419c45948b19b9588fbe9"
Last-Modified: Tue, 13 Sep 2022 12:26:53 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 493
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74a181426c7f0b59-OSL
biamo.bet/no/signup?faff=2910ce55bd524eeb6fcf68766a7e972a&sub=-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3
18.65.39.71200 OK 86 kB URL HTTP/2 biamo.bet/no/signup?faff=2910ce55bd524eeb6fcf68766a7e972a&sub=-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3
IP 18.65.39.71:0
Hash c392ee8e7e49d2a41b36956f91ad41d3
36aad33a9117647b2605628e941727b32d481ed1
ff28831df66d30859505d1312ee0efa757916e337e961d6344de59d06bd3a83b
GET /no/signup?faff=2910ce55bd524eeb6fcf68766a7e972a&sub=-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3 HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
server: nginx
date: Tue, 13 Sep 2022 14:17:06 GMT
set-cookie: sitelang=no; expires=Thu, 13-Oct-2022 14:17:06 GMT; Max-Age=2592000; path=/
_aff=system%3Dfaff%26id%3D2910ce55bd524eeb6fcf68766a7e972a%26data%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3%26params%3Dfaff%253D2910ce55bd524eeb6fcf68766a7e972a%2526sub%253D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; expires=Tue, 20-Sep-2022 14:17:06 GMT; Max-Age=604800; path=/; domain=biamo.bet
faff=faff%3D2910ce55bd524eeb6fcf68766a7e972a%26sub%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; expires=Tue, 20-Sep-2022 14:17:06 GMT; Max-Age=604800; path=/; domain=biamo.bet
sitelang=no; expires=Thu, 13-Oct-2022 14:17:06 GMT; Max-Age=2592000; path=/
x-geo-detected: nor
x-accept-language: en-US
strict-transport-security: max-age=31536000; includeSubdomains; preload
cache-control: private,no-store,no-cache,max-age=0
x-monitor: bff8fb57bcbfa445bf9fa60c030563dc,msec:1663078626.909
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 a4583a5b47f0a64ec35be32f95ac1b46.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
x-amz-cf-id: WkT3bQICLFI3RM9LPUxSBK4kF4gAq-7tIbsGCOr4-_bTWmSOkLYXLA==
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefa6ec5a-4e0b-4c94-b9da-4836fbaa107b.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefa6ec5a-4e0b-4c94-b9da-4836fbaa107b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e407da4d97d497925b1ab523fd416787
166741631fb93d109b18dde6d316b3fa3276aa8f
707460c02438da6114e35e0b6569d42c0f3fb747f8cb51002f4d52bedbcffa61
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefa6ec5a-4e0b-4c94-b9da-4836fbaa107b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8485
x-amzn-requestid: a56c9282-2786-4ae7-9fc2-0468bcc820a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQ1k_FM1oAMFZ2Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d02ec-753cc4f121c9b77d22bb82b5;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 21:34:36 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 2jR7F56GE_qqbRBWjNDiDBgWbCYv-Ac6kvC1LI0HciQkKGTeNDYlyw==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 22:16:59 GMT
age: 57612
etag: "166741631fb93d109b18dde6d316b3fa3276aa8f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6b50df-cdcd-4b44-9ed3-90a502ea29ad.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6b50df-cdcd-4b44-9ed3-90a502ea29ad.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 239262b6ab17cb19414c35cd4f761092
48eddcf9838e980e67cc8f9cbb05b475df2f0331
cd27cbce632d769288d9c33c5c8e887ba02df5677f10f7a6d03139b590ba24b4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6b50df-cdcd-4b44-9ed3-90a502ea29ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9815
x-amzn-requestid: 89243e57-94eb-4c6b-903f-aa01df030ecc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YUIxnEAjoAMF_Ig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e54d6-199403e2695b214711f5117f;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 21:36:23 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: gUhO_jZ9W_10cAK-2lOVSmQ9r1DIZvNDaqpJs5oc6lt85qAkWbBcXg==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:48:14 GMT
age: 59338
etag: "48eddcf9838e980e67cc8f9cbb05b475df2f0331"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0afb7a6-50b1-4622-b497-1cd872b91e83.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0afb7a6-50b1-4622-b497-1cd872b91e83.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1b3f38b1294f2f10537cba5a856ed04a
2a6c1f297d97f4248d77eba6736b4d937bda582b
9c8de94c3cb87a1a2c967b010c715387bbc09fa92dd67bab988d367603a0cece
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0afb7a6-50b1-4622-b497-1cd872b91e83.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 12838
x-amzn-requestid: ad4ebca9-e16d-4fce-ab16-b3b3477c8c06
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X3rT7H86IAMF1kA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6312f27f-5bf5c45d6c2be4973f0f946a;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 06:21:51 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 0y9HXQIrrRjMoaTo3_00lFQMJ5eIywY_22cbVXml0RZjpvfQVctKTg==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 14:02:39 GMT
age: 874
etag: "2a6c1f297d97f4248d77eba6736b4d937bda582b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
biamo.bet/static/dist/897.0e98f5c5a49496fa.js
18.65.39.71200 OK 100 kB URL HTTP/2 biamo.bet/static/dist/897.0e98f5c5a49496fa.js
IP 18.65.39.71:0
Hash a59b76ac93aaf38fdb394584e094886c
26a8f6372b69589b48220912a70aeb6dc3385a8e
cafd552c4b851b013693b03b1a0f2957dc2782eccca5f13d2d63c1fdb3ffa049
GET /static/dist/897.0e98f5c5a49496fa.js HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://biamo.bet/ngsw-worker.js
Connection: keep-alive
Cookie: sitelang=no; _aff=system%3Dfaff%26id%3D2910ce55bd524eeb6fcf68766a7e972a%26data%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3%26params%3Dfaff%253D2910ce55bd524eeb6fcf68766a7e972a%2526sub%253D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; faff=faff%3D2910ce55bd524eeb6fcf68766a7e972a%26sub%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; _gcl_au=1.1.1627695547.1663078614; _ga_4L2GVL08BD=GS1.1.1663078614.1.0.1663078614.0.0.0; _ga=GA1.2.881031737.1663078614; _gid=GA1.2.1344981336.1663078615; _gat_UA-199659057-1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Tue, 13 Sep 2022 14:17:09 GMT
last-modified: Mon, 05 Sep 2022 07:24:56 GMT
etag: W/"6315a448-c1b1"
expires: Wed, 14 Sep 2022 14:17:09 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 a4583a5b47f0a64ec35be32f95ac1b46.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
x-amz-cf-id: BGrcLJ8fAG02BtQm7AS9TuHsv34B8U_ay_nd9iNis1y6a7Ip8EFQ2g==
X-Firefox-Spdy: h2
biamo.bet/gstatic/wlc/icons/burger.svg
18.65.39.71200 OK 286 B URL HTTP/2 biamo.bet/gstatic/wlc/icons/burger.svg
IP 18.65.39.71:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 8a4a2f2ec90e0c4277377f72d223e5cf
68da0fffd589e9a6b54150459b711c4f2ecc1ba2
0f5520d15c1ad9affe0925ff222b771c0744bbae3830898dd6b0c210c6c7d908
GET /gstatic/wlc/icons/burger.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://biamo.bet/no
Cache-Control: public, max-age=31536000
Connection: keep-alive
Cookie: sitelang=no; _aff=system%3Dfaff%26id%3D2910ce55bd524eeb6fcf68766a7e972a%26data%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3%26params%3Dfaff%253D2910ce55bd524eeb6fcf68766a7e972a%2526sub%253D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; faff=faff%3D2910ce55bd524eeb6fcf68766a7e972a%26sub%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; _gcl_au=1.1.1627695547.1663078614; _ga_4L2GVL08BD=GS1.1.1663078614.1.0.1663078614.0.0.0; _ga=GA1.2.881031737.1663078614; _gid=GA1.2.1344981336.1663078615; _gat_UA-199659057-1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 286
server: nginx
date: Tue, 13 Sep 2022 14:17:13 GMT
last-modified: Tue, 15 Jun 2021 15:03:48 GMT
etag: "60c8c154-11e"
expires: Tue, 13 Sep 2022 15:17:13 GMT
cache-control: max-age=3600
strict-transport-security: max-age=31536000
x-content-type-options: nosniff, nosniff
accept-ranges: bytes
x-cache: Miss from cloudfront
via: 1.1 a4583a5b47f0a64ec35be32f95ac1b46.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
x-amz-cf-id: qmcdiXK3ETkCB-oivkx3kS1cx4zud0R9HJWgW85JeJHDgKfxHFIqCQ==
X-Firefox-Spdy: h2
biamo.bet/gstatic/wlc/icons/arrow.svg
18.65.39.71200 OK 518 B URL HTTP/2 biamo.bet/gstatic/wlc/icons/arrow.svg
IP 18.65.39.71:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (416)
Hash 7ef3f4c150646655684bd8cb2fd60d6a
a1dd46b281e3ee312ac6556a2ca9ebdb570c59c4
5433e8091e1c5da9299321d1f82052a0965c72aa3f4186a3f18c037147e5a3ae
GET /gstatic/wlc/icons/arrow.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://biamo.bet/no
Cache-Control: public, max-age=31536000
Connection: keep-alive
Cookie: sitelang=no; _aff=system%3Dfaff%26id%3D2910ce55bd524eeb6fcf68766a7e972a%26data%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3%26params%3Dfaff%253D2910ce55bd524eeb6fcf68766a7e972a%2526sub%253D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; faff=faff%3D2910ce55bd524eeb6fcf68766a7e972a%26sub%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; _gcl_au=1.1.1627695547.1663078614; _ga_4L2GVL08BD=GS1.1.1663078614.1.0.1663078614.0.0.0; _ga=GA1.2.881031737.1663078614; _gid=GA1.2.1344981336.1663078615; _gat_UA-199659057-1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 518
server: nginx
date: Tue, 13 Sep 2022 14:17:13 GMT
last-modified: Tue, 10 Aug 2021 14:40:46 GMT
etag: "61128fee-206"
expires: Tue, 13 Sep 2022 15:17:13 GMT
cache-control: max-age=3600
strict-transport-security: max-age=31536000
x-content-type-options: nosniff, nosniff
accept-ranges: bytes
x-cache: Miss from cloudfront
via: 1.1 a4583a5b47f0a64ec35be32f95ac1b46.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
x-amz-cf-id: SxCnvZNRTwzUtgCzh7c-KQaIspB0_l5B7cADEP7OJ3jN4Az5q-ISsw==
X-Firefox-Spdy: h2
biamo.bet/gstatic/wlc/icons/search.svg
18.65.39.71200 OK 860 B URL HTTP/2 biamo.bet/gstatic/wlc/icons/search.svg
IP 18.65.39.71:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (748)
Hash f9c5968467a712fdc812fb79fa44c76d
69962486adc24cb1f37dd2e56a9ff96ac01271d8
ea7164946a79d56f93ccb5fcabb0c8e88d9319f89803275c804030e85db385ff
GET /gstatic/wlc/icons/search.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://biamo.bet/no
Cache-Control: public, max-age=31536000
Connection: keep-alive
Cookie: sitelang=no; _aff=system%3Dfaff%26id%3D2910ce55bd524eeb6fcf68766a7e972a%26data%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3%26params%3Dfaff%253D2910ce55bd524eeb6fcf68766a7e972a%2526sub%253D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; faff=faff%3D2910ce55bd524eeb6fcf68766a7e972a%26sub%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; _gcl_au=1.1.1627695547.1663078614; _ga_4L2GVL08BD=GS1.1.1663078614.1.0.1663078614.0.0.0; _ga=GA1.2.881031737.1663078614; _gid=GA1.2.1344981336.1663078615; _gat_UA-199659057-1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 860
server: nginx
date: Tue, 13 Sep 2022 14:17:13 GMT
last-modified: Tue, 15 Jun 2021 15:03:48 GMT
etag: "60c8c154-35c"
expires: Tue, 13 Sep 2022 15:17:13 GMT
cache-control: max-age=3600
strict-transport-security: max-age=31536000
x-content-type-options: nosniff, nosniff
accept-ranges: bytes
x-cache: Miss from cloudfront
via: 1.1 a4583a5b47f0a64ec35be32f95ac1b46.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
x-amz-cf-id: 5_FP85fAkILo5ztLozZSD8GzghDIoNg8GUZWSZL_GAg3ilXpthKLKQ==
X-Firefox-Spdy: h2
biamo.bet/api/v1/states?lang=no
18.65.39.71200 OK 1.2 kB URL HTTP/2 biamo.bet/api/v1/states?lang=no
IP 18.65.39.71:0
Hash 23c72ec4b75d0a584c3a4024a4a56246
61ff8b29dcabf01b9b123880fe644c6e21457079
980d4d8214379eaa3d1b4c68f2ce29788372cfc5f034480628ecb4d160551706
GET /api/v1/states?lang=no HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://biamo.bet/no
X-UA-Fingerprint: 491bbba3f842eac3ad0e975f1a7068c6
Connection: keep-alive
Cookie: sitelang=no; _aff=system%3Dfaff%26id%3D2910ce55bd524eeb6fcf68766a7e972a%26data%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3%26params%3Dfaff%253D2910ce55bd524eeb6fcf68766a7e972a%2526sub%253D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; faff=faff%3D2910ce55bd524eeb6fcf68766a7e972a%26sub%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; _gcl_au=1.1.1627695547.1663078614; _ga_4L2GVL08BD=GS1.1.1663078614.1.0.1663078614.0.0.0; _ga=GA1.2.881031737.1663078614; _gid=GA1.2.1344981336.1663078615; _gat_UA-199659057-1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=utf-8
server: nginx
date: Tue, 13 Sep 2022 14:17:09 GMT
x-geo-detected: nor
x-accept-language: en-US
strict-transport-security: max-age=31536000; includeSubdomains; preload
cache-control: no-cache, no-store, private,no-store,no-cache,max-age=0
x-monitor: bff8fb57bcbfa445bf9fa60c030563dc,msec:1663078629.978
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 a4583a5b47f0a64ec35be32f95ac1b46.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
x-amz-cf-id: c1_HOgmZi6MtkkhIFMiFPRGv54wqjo_cSxvH0BOo3VwUuE2RghKQ3g==
X-Firefox-Spdy: h2
biamo.bet/static/dist/226.13a75e6db59207ae.js
18.65.39.71200 OK 31 kB URL HTTP/2 biamo.bet/static/dist/226.13a75e6db59207ae.js
IP 18.65.39.71:0
Hash 5f1a33b7c431b2175bb6298be0f88397
b3986011c658c816643330b23062baad4c759c00
72d5d009b8496742dcbb6e99b685a6101af6c15bce209723ae502e4791eb5c50
GET /static/dist/226.13a75e6db59207ae.js HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://biamo.bet/ngsw-worker.js
Connection: keep-alive
Cookie: sitelang=no; _aff=system%3Dfaff%26id%3D2910ce55bd524eeb6fcf68766a7e972a%26data%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3%26params%3Dfaff%253D2910ce55bd524eeb6fcf68766a7e972a%2526sub%253D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; faff=faff%3D2910ce55bd524eeb6fcf68766a7e972a%26sub%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; _gcl_au=1.1.1627695547.1663078614; _ga_4L2GVL08BD=GS1.1.1663078614.1.0.1663078614.0.0.0; _ga=GA1.2.881031737.1663078614; _gid=GA1.2.1344981336.1663078615; _gat_UA-199659057-1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Tue, 13 Sep 2022 14:17:09 GMT
last-modified: Mon, 05 Sep 2022 07:24:56 GMT
etag: W/"6315a448-31d08"
expires: Wed, 14 Sep 2022 14:17:09 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 a4583a5b47f0a64ec35be32f95ac1b46.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
x-amz-cf-id: Yy_hlWGwOLm1WegbJFbcmIVr8n1e6z6B_lI1Jo7KKg8rf-rrcDY2LA==
X-Firefox-Spdy: h2
biamo.bet/api/v1/bonuses?lang=no
18.65.39.71503 Service Unavailable 190 B URL HTTP/2 biamo.bet/api/v1/bonuses?lang=no
IP 18.65.39.71:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3267dd8f0e96711dd54dbb1f5676b447
202602c4ec4a5e2498e3d24a3ed025ce70bf749c
b429e25e7813a9e2b90dcec11d9cb5287751246128dd6c76a7349774829c5554
GET /api/v1/bonuses?lang=no HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://biamo.bet/no
X-UA-Fingerprint: 491bbba3f842eac3ad0e975f1a7068c6
Connection: keep-alive
Cookie: sitelang=no; _aff=system%3Dfaff%26id%3D2910ce55bd524eeb6fcf68766a7e972a%26data%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3%26params%3Dfaff%253D2910ce55bd524eeb6fcf68766a7e972a%2526sub%253D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; faff=faff%3D2910ce55bd524eeb6fcf68766a7e972a%26sub%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; _gcl_au=1.1.1627695547.1663078614; _ga_4L2GVL08BD=GS1.1.1663078614.1.0.1663078620.0.0.0; _ga=GA1.2.881031737.1663078614; _gid=GA1.2.1344981336.1663078615; _gat_UA-199659057-1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 503 Service Unavailable
content-type: text/html
content-length: 190
server: nginx
date: Tue, 13 Sep 2022 14:17:14 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-cache: Error from cloudfront
via: 1.1 a4583a5b47f0a64ec35be32f95ac1b46.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
x-amz-cf-id: INeZA7JXqvg6DMYpFYBAJFXNeKzRfy0sFhC-dFSMuEbebtVLQqru3g==
X-Firefox-Spdy: h2
biamo.bet/gstatic/merchants/svg/black/goldcoin.svg
18.65.39.71404 Not Found 146 B URL HTTP/2 biamo.bet/gstatic/merchants/svg/black/goldcoin.svg
IP 18.65.39.71:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /gstatic/merchants/svg/black/goldcoin.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://biamo.bet/no
Cache-Control: public, max-age=31536000
Connection: keep-alive
Cookie: sitelang=no; _aff=system%3Dfaff%26id%3D2910ce55bd524eeb6fcf68766a7e972a%26data%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3%26params%3Dfaff%253D2910ce55bd524eeb6fcf68766a7e972a%2526sub%253D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; faff=faff%3D2910ce55bd524eeb6fcf68766a7e972a%26sub%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; _gcl_au=1.1.1627695547.1663078614; _ga_4L2GVL08BD=GS1.1.1663078614.1.0.1663078614.0.0.0; _ga=GA1.2.881031737.1663078614; _gid=GA1.2.1344981336.1663078615; _gat_UA-199659057-1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: text/html
content-length: 146
server: nginx
date: Tue, 13 Sep 2022 14:17:14 GMT
x-cache: Error from cloudfront
via: 1.1 a4583a5b47f0a64ec35be32f95ac1b46.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
x-amz-cf-id: mfXj1Esca8ZmPz-2hEJDBPFX_gHpbUiKxuanOWu6isg7-gNLkr7JCw==
X-Firefox-Spdy: h2
biamo.bet/static/images/categories/new.svg
18.65.39.71200 OK 2.3 kB URL HTTP/2 biamo.bet/static/images/categories/new.svg
IP 18.65.39.71:0
File type SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 10661f7fb6df51c463593a1221131ba2
047c971c0b6828e346ef4855cb343673ceb70dc5
3bc2db4c2d3bf3d5cdeb69ad627c4cb7e2e418289db1d423b174bf13a9168786
GET /static/images/categories/new.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://biamo.bet/no
Cache-Control: public, max-age=31536000
Connection: keep-alive
Cookie: sitelang=no; _aff=system%3Dfaff%26id%3D2910ce55bd524eeb6fcf68766a7e972a%26data%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3%26params%3Dfaff%253D2910ce55bd524eeb6fcf68766a7e972a%2526sub%253D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; faff=faff%3D2910ce55bd524eeb6fcf68766a7e972a%26sub%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; _gcl_au=1.1.1627695547.1663078614; _ga_4L2GVL08BD=GS1.1.1663078614.1.0.1663078614.0.0.0; _ga=GA1.2.881031737.1663078614; _gid=GA1.2.1344981336.1663078615; _gat_UA-199659057-1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
date: Tue, 13 Sep 2022 14:17:14 GMT
last-modified: Mon, 05 Sep 2022 07:22:17 GMT
etag: W/"6315a3a9-1bad"
expires: Wed, 14 Sep 2022 14:17:14 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 a4583a5b47f0a64ec35be32f95ac1b46.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
x-amz-cf-id: h39V4mPluSKN7-5jdI4gj5bjPKequOPjrIMZFk_S5R0Xjmu1oXg2iw==
X-Firefox-Spdy: h2
biamo.bet/gstatic/merchants/svg/black/gamesinc.svg
18.65.39.71404 Not Found 146 B URL HTTP/2 biamo.bet/gstatic/merchants/svg/black/gamesinc.svg
IP 18.65.39.71:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /gstatic/merchants/svg/black/gamesinc.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://biamo.bet/no
Cache-Control: public, max-age=31536000
Connection: keep-alive
Cookie: sitelang=no; _aff=system%3Dfaff%26id%3D2910ce55bd524eeb6fcf68766a7e972a%26data%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3%26params%3Dfaff%253D2910ce55bd524eeb6fcf68766a7e972a%2526sub%253D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; faff=faff%3D2910ce55bd524eeb6fcf68766a7e972a%26sub%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; _gcl_au=1.1.1627695547.1663078614; _ga_4L2GVL08BD=GS1.1.1663078614.1.0.1663078614.0.0.0; _ga=GA1.2.881031737.1663078614; _gid=GA1.2.1344981336.1663078615; _gat_UA-199659057-1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: text/html
content-length: 146
server: nginx
date: Tue, 13 Sep 2022 14:17:14 GMT
x-cache: Error from cloudfront
via: 1.1 a4583a5b47f0a64ec35be32f95ac1b46.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
x-amz-cf-id: BsEHTwdOLPFsVm2JnrKKmuYHJUXnHD3gdBPQ8Jh2fIrXFdOalFu7gg==
X-Firefox-Spdy: h2
biamo.bet/flog
18.65.39.71200 OK 0 B IP 18.65.39.71:0
POST /flog HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://biamo.bet/no/signup?faff=2910ce55bd524eeb6fcf68766a7e972a&sub=-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3
Content-Type: text/plain;charset=UTF-8
Origin: https://biamo.bet
Content-Length: 114
Connection: keep-alive
Cookie: sitelang=no; _aff=system%3Dfaff%26id%3D2910ce55bd524eeb6fcf68766a7e972a%26data%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3%26params%3Dfaff%253D2910ce55bd524eeb6fcf68766a7e972a%2526sub%253D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; faff=faff%3D2910ce55bd524eeb6fcf68766a7e972a%26sub%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; _gcl_au=1.1.1627695547.1663078614; _ga_4L2GVL08BD=GS1.1.1663078614.1.0.1663078614.0.0.0; _ga=GA1.1.881031737.1663078614
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
server: nginx
date: Tue, 13 Sep 2022 14:17:07 GMT
last-modified: Tuesday, 13-Sep-2022 14:17:07 GMT
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
x-cache: Miss from cloudfront
via: 1.1 a4583a5b47f0a64ec35be32f95ac1b46.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
x-amz-cf-id: 1e88GhbdqFbwp2Bg3kgsM7nxiLpRQh8RJ5ja65yL37M1vC32WZK1YQ==
X-Firefox-Spdy: h2
biamo.bet/static/dist/915.87a6e6453c56402b.js
18.65.39.71200 OK 0 B URL HTTP/2 biamo.bet/static/dist/915.87a6e6453c56402b.js
IP 18.65.39.71:0
GET /static/dist/915.87a6e6453c56402b.js HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://biamo.bet/ngsw-worker.js
Connection: keep-alive
Cookie: sitelang=no; _aff=system%3Dfaff%26id%3D2910ce55bd524eeb6fcf68766a7e972a%26data%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3%26params%3Dfaff%253D2910ce55bd524eeb6fcf68766a7e972a%2526sub%253D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; faff=faff%3D2910ce55bd524eeb6fcf68766a7e972a%26sub%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; _gcl_au=1.1.1627695547.1663078614; _ga_4L2GVL08BD=GS1.1.1663078614.1.0.1663078614.0.0.0; _ga=GA1.2.881031737.1663078614; _gid=GA1.2.1344981336.1663078615; _gat_UA-199659057-1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Tue, 13 Sep 2022 14:17:09 GMT
last-modified: Mon, 05 Sep 2022 07:24:56 GMT
etag: W/"6315a448-4f5"
expires: Wed, 14 Sep 2022 14:17:09 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 a4583a5b47f0a64ec35be32f95ac1b46.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
x-amz-cf-id: tnMGB3VyUWezGCfMTp20gm3FcHpAlPxvV-7qDVkHQP9WgDF3zUGy0Q==
X-Firefox-Spdy: h2
biamo.bet/static/languages/no.json
18.65.39.71200 OK 0 B URL HTTP/2 biamo.bet/static/languages/no.json
IP 18.65.39.71:0
GET /static/languages/no.json HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://biamo.bet/no/signup?faff=2910ce55bd524eeb6fcf68766a7e972a&sub=-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3
Connection: keep-alive
Cookie: sitelang=no; _aff=system%3Dfaff%26id%3D2910ce55bd524eeb6fcf68766a7e972a%26data%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3%26params%3Dfaff%253D2910ce55bd524eeb6fcf68766a7e972a%2526sub%253D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; faff=faff%3D2910ce55bd524eeb6fcf68766a7e972a%26sub%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; _gcl_au=1.1.1627695547.1663078614; _ga_4L2GVL08BD=GS1.1.1663078614.1.0.1663078614.0.0.0; _ga=GA1.2.881031737.1663078614; _gid=GA1.2.1344981336.1663078615; _gat_UA-199659057-1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/json
server: nginx
date: Tue, 13 Sep 2022 14:17:09 GMT
last-modified: Mon, 05 Sep 2022 07:24:59 GMT
etag: W/"6315a44b-a7bd"
expires: Wed, 14 Sep 2022 14:17:09 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 a4583a5b47f0a64ec35be32f95ac1b46.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
x-amz-cf-id: 7Fd-hlfjEeMV6w-Cvxic_NeZ9pf7nwez3SuKqfO_QK8MquIJf94vLQ==
X-Firefox-Spdy: h2
gobacktothefuture.biz/sw/w1s.js
62.210.6.153200 OK 0 B URL HTTP/2 gobacktothefuture.biz/sw/w1s.js
IP 62.210.6.153:0
GET /sw/w1s.js HTTP/1.1
Host: gobacktothefuture.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0.youngmedias.biz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 14:17:03 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
expires: Wed, 13 Sep 2023 14:17:03 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
biamo.bet/static/dist/322.d55b3283ee8bee53.js
18.65.39.71200 OK 0 B URL HTTP/2 biamo.bet/static/dist/322.d55b3283ee8bee53.js
IP 18.65.39.71:0
GET /static/dist/322.d55b3283ee8bee53.js HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://biamo.bet/ngsw-worker.js
Connection: keep-alive
Cookie: sitelang=no; _aff=system%3Dfaff%26id%3D2910ce55bd524eeb6fcf68766a7e972a%26data%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3%26params%3Dfaff%253D2910ce55bd524eeb6fcf68766a7e972a%2526sub%253D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; faff=faff%3D2910ce55bd524eeb6fcf68766a7e972a%26sub%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; _gcl_au=1.1.1627695547.1663078614; _ga_4L2GVL08BD=GS1.1.1663078614.1.0.1663078614.0.0.0; _ga=GA1.2.881031737.1663078614; _gid=GA1.2.1344981336.1663078615; _gat_UA-199659057-1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Tue, 13 Sep 2022 14:17:09 GMT
last-modified: Mon, 05 Sep 2022 07:24:56 GMT
etag: W/"6315a448-20332"
expires: Wed, 14 Sep 2022 14:17:09 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 a4583a5b47f0a64ec35be32f95ac1b46.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
x-amz-cf-id: VQPqSzZ_CSrYjzoC_aE86lRzSVxOVcF1iRpw03mqlOUmplV9cUY3GQ==
X-Firefox-Spdy: h2
biamo.bet/static/images/categories/videopoker.svg
18.65.39.71200 OK 0 B URL HTTP/2 biamo.bet/static/images/categories/videopoker.svg
IP 18.65.39.71:0
GET /static/images/categories/videopoker.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://biamo.bet/no
Cache-Control: public, max-age=31536000
Connection: keep-alive
Cookie: sitelang=no; _aff=system%3Dfaff%26id%3D2910ce55bd524eeb6fcf68766a7e972a%26data%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3%26params%3Dfaff%253D2910ce55bd524eeb6fcf68766a7e972a%2526sub%253D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; faff=faff%3D2910ce55bd524eeb6fcf68766a7e972a%26sub%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; _gcl_au=1.1.1627695547.1663078614; _ga_4L2GVL08BD=GS1.1.1663078614.1.0.1663078614.0.0.0; _ga=GA1.2.881031737.1663078614; _gid=GA1.2.1344981336.1663078615; _gat_UA-199659057-1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
date: Tue, 13 Sep 2022 14:17:14 GMT
last-modified: Mon, 05 Sep 2022 07:22:17 GMT
etag: W/"6315a3a9-d48"
expires: Wed, 14 Sep 2022 14:17:14 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 a4583a5b47f0a64ec35be32f95ac1b46.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
x-amz-cf-id: GWUyY3hDT9DyuOXadHNpALUSzXQmD5ys207zQ5RVDhFGyZl2JuAjuw==
X-Firefox-Spdy: h2
biamo.bet/static/images/categories/other.svg
18.65.39.71200 OK 0 B URL HTTP/2 biamo.bet/static/images/categories/other.svg
IP 18.65.39.71:0
GET /static/images/categories/other.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://biamo.bet/no
Cache-Control: public, max-age=31536000
Connection: keep-alive
Cookie: sitelang=no; _aff=system%3Dfaff%26id%3D2910ce55bd524eeb6fcf68766a7e972a%26data%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3%26params%3Dfaff%253D2910ce55bd524eeb6fcf68766a7e972a%2526sub%253D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; faff=faff%3D2910ce55bd524eeb6fcf68766a7e972a%26sub%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; _gcl_au=1.1.1627695547.1663078614; _ga_4L2GVL08BD=GS1.1.1663078614.1.0.1663078614.0.0.0; _ga=GA1.2.881031737.1663078614; _gid=GA1.2.1344981336.1663078615; _gat_UA-199659057-1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
date: Tue, 13 Sep 2022 14:17:14 GMT
last-modified: Mon, 05 Sep 2022 07:22:17 GMT
etag: W/"6315a3a9-86f"
expires: Wed, 14 Sep 2022 14:17:14 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 a4583a5b47f0a64ec35be32f95ac1b46.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
x-amz-cf-id: P1OtuEhzclvUZKtvcyPk1yP4k6nIA3qXkK8uUKw_Z79LKRuAlqQ4mQ==
X-Firefox-Spdy: h2
biamo.bet/static/images/categories/cayetano.svg
18.65.39.71200 OK 0 B URL HTTP/2 biamo.bet/static/images/categories/cayetano.svg
IP 18.65.39.71:0
GET /static/images/categories/cayetano.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://biamo.bet/no
Cache-Control: public, max-age=31536000
Connection: keep-alive
Cookie: sitelang=no; _aff=system%3Dfaff%26id%3D2910ce55bd524eeb6fcf68766a7e972a%26data%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3%26params%3Dfaff%253D2910ce55bd524eeb6fcf68766a7e972a%2526sub%253D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; faff=faff%3D2910ce55bd524eeb6fcf68766a7e972a%26sub%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; _gcl_au=1.1.1627695547.1663078614; _ga_4L2GVL08BD=GS1.1.1663078614.1.0.1663078614.0.0.0; _ga=GA1.2.881031737.1663078614; _gid=GA1.2.1344981336.1663078615; _gat_UA-199659057-1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
date: Tue, 13 Sep 2022 14:17:14 GMT
last-modified: Mon, 05 Sep 2022 07:22:17 GMT
etag: W/"6315a3a9-79e"
expires: Wed, 14 Sep 2022 14:17:14 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 a4583a5b47f0a64ec35be32f95ac1b46.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
x-amz-cf-id: RpLAC70JBanEUtpdVg8Ek7bI_FzmzWp01zB3zO07S-pXuiM7yuO0GA==
X-Firefox-Spdy: h2
0.youngmedias.biz/?p=mfrdoojrgq5gi3bpgmztamrv
185.177.93.164200 OK 0 B URL HTTP/2 0.youngmedias.biz/?p=mfrdoojrgq5gi3bpgmztamrv
IP 185.177.93.164:0
ASN #39572 DataWeb Global Group B.V.
Analyzer Verdict Alert quad9 Sinkholed
GET /?p=mfrdoojrgq5gi3bpgmztamrv HTTP/1.1
Host: 0.youngmedias.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://youngmedias.biz/
Cookie: uuid=04c17c2e-3bd0-40a0-8d74-534188e62ed1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 14:17:02 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
set-cookie: uuid=04c17c2e-3bd0-40a0-8d74-534188e62ed1; expires=Thu, 13-Oct-2022 14:17:02 GMT; Max-Age=2592000; path=/; domain=0.youngmedias.biz
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
8.youngmedias.biz/?p=mfrdoojrgq5gi3bpgmztamrv
185.177.93.164200 OK 0 B URL HTTP/2 8.youngmedias.biz/?p=mfrdoojrgq5gi3bpgmztamrv
IP 185.177.93.164:0
ASN #39572 DataWeb Global Group B.V.
Analyzer Verdict Alert quad9 Sinkholed
GET /?p=mfrdoojrgq5gi3bpgmztamrv HTTP/1.1
Host: 8.youngmedias.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.youngmedias.biz/
Cookie: uuid=04c17c2e-3bd0-40a0-8d74-534188e62ed1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 14:17:04 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
set-cookie: uuid=04c17c2e-3bd0-40a0-8d74-534188e62ed1; expires=Thu, 13-Oct-2022 14:17:04 GMT; Max-Age=2592000; path=/; domain=8.youngmedias.biz
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
biamo.bet/static/images/categories/baccaratglobal.svg
18.65.39.71200 OK 0 B URL HTTP/2 biamo.bet/static/images/categories/baccaratglobal.svg
IP 18.65.39.71:0
GET /static/images/categories/baccaratglobal.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://biamo.bet/no
Cache-Control: public, max-age=31536000
Connection: keep-alive
Cookie: sitelang=no; _aff=system%3Dfaff%26id%3D2910ce55bd524eeb6fcf68766a7e972a%26data%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3%26params%3Dfaff%253D2910ce55bd524eeb6fcf68766a7e972a%2526sub%253D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; faff=faff%3D2910ce55bd524eeb6fcf68766a7e972a%26sub%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; _gcl_au=1.1.1627695547.1663078614; _ga_4L2GVL08BD=GS1.1.1663078614.1.0.1663078614.0.0.0; _ga=GA1.2.881031737.1663078614; _gid=GA1.2.1344981336.1663078615; _gat_UA-199659057-1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
date: Tue, 13 Sep 2022 14:17:14 GMT
last-modified: Mon, 05 Sep 2022 07:22:17 GMT
etag: W/"6315a3a9-135f"
expires: Wed, 14 Sep 2022 14:17:14 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 a4583a5b47f0a64ec35be32f95ac1b46.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
x-amz-cf-id: qp1F7gAQ29O-Km0OSCdjbnr4M88G8P3bar_HrQDquodyJt14LkwGCw==
X-Firefox-Spdy: h2
biamo.bet/api/v1/wins?lang=no&limit=20&min=1&slim=1
18.65.39.71200 OK 0 B URL HTTP/2 biamo.bet/api/v1/wins?lang=no&limit=20&min=1&slim=1
IP 18.65.39.71:0
GET /api/v1/wins?lang=no&limit=20&min=1&slim=1 HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://biamo.bet/no
X-UA-Fingerprint: 491bbba3f842eac3ad0e975f1a7068c6
Connection: keep-alive
Cookie: sitelang=no; _aff=system%3Dfaff%26id%3D2910ce55bd524eeb6fcf68766a7e972a%26data%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3%26params%3Dfaff%253D2910ce55bd524eeb6fcf68766a7e972a%2526sub%253D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; faff=faff%3D2910ce55bd524eeb6fcf68766a7e972a%26sub%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; _gcl_au=1.1.1627695547.1663078614; _ga_4L2GVL08BD=GS1.1.1663078614.1.0.1663078614.0.0.0; _ga=GA1.2.881031737.1663078614; _gid=GA1.2.1344981336.1663078615; _gat_UA-199659057-1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=utf-8
server: nginx
date: Tue, 13 Sep 2022 14:17:14 GMT
x-geo-detected: nor
expires: Tue, 13 Sep 2022 14:17:24 GMT
x-accept-language: en-US
strict-transport-security: max-age=31536000; includeSubdomains; preload
cache-control: private,no-store,no-cache,max-age=0
x-monitor: bff8fb57bcbfa445bf9fa60c030563dc,msec:1663078634.099
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 a4583a5b47f0a64ec35be32f95ac1b46.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
x-amz-cf-id: oe3F-abuzyRB5IYAvROwVQKPnXuEI5q9QTAdTcJlZzwiW245u6ZBGw==
X-Firefox-Spdy: h2
youngmedias.biz/?p=mfrdoojrgq5gi3bpgmztamrv
185.177.93.164200 OK 0 B URL HTTP/2 youngmedias.biz/?p=mfrdoojrgq5gi3bpgmztamrv
IP 185.177.93.164:0
ASN #39572 DataWeb Global Group B.V.
Analyzer Verdict Alert quad9 Sinkholed
GET /?p=mfrdoojrgq5gi3bpgmztamrv HTTP/1.1
Host: youngmedias.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 14:17:02 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
set-cookie: uuid=04c17c2e-3bd0-40a0-8d74-534188e62ed1; expires=Thu, 13-Oct-2022 14:17:02 GMT; Max-Age=2592000; path=/; domain=youngmedias.biz
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
biamo.bet/static/dist/271.a5efaedcac45e53b.js
18.65.39.71200 OK 0 B URL HTTP/2 biamo.bet/static/dist/271.a5efaedcac45e53b.js
IP 18.65.39.71:0
GET /static/dist/271.a5efaedcac45e53b.js HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://biamo.bet/ngsw-worker.js
Connection: keep-alive
Cookie: sitelang=no; _aff=system%3Dfaff%26id%3D2910ce55bd524eeb6fcf68766a7e972a%26data%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3%26params%3Dfaff%253D2910ce55bd524eeb6fcf68766a7e972a%2526sub%253D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; faff=faff%3D2910ce55bd524eeb6fcf68766a7e972a%26sub%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; _gcl_au=1.1.1627695547.1663078614; _ga_4L2GVL08BD=GS1.1.1663078614.1.0.1663078614.0.0.0; _ga=GA1.2.881031737.1663078614; _gid=GA1.2.1344981336.1663078615; _gat_UA-199659057-1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Tue, 13 Sep 2022 14:17:09 GMT
last-modified: Mon, 05 Sep 2022 07:24:56 GMT
etag: W/"6315a448-890b"
expires: Wed, 14 Sep 2022 14:17:09 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 a4583a5b47f0a64ec35be32f95ac1b46.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
x-amz-cf-id: peDPGWMlD5frpoFhievmDrLHApO1dPHrFKQ4UEsrC3igFmL0cl-iVA==
X-Firefox-Spdy: h2
biamo.bet/static/images/categories/slots.svg
18.65.39.71200 OK 0 B URL HTTP/2 biamo.bet/static/images/categories/slots.svg
IP 18.65.39.71:0
GET /static/images/categories/slots.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://biamo.bet/no
Cache-Control: public, max-age=31536000
Connection: keep-alive
Cookie: sitelang=no; _aff=system%3Dfaff%26id%3D2910ce55bd524eeb6fcf68766a7e972a%26data%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3%26params%3Dfaff%253D2910ce55bd524eeb6fcf68766a7e972a%2526sub%253D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; faff=faff%3D2910ce55bd524eeb6fcf68766a7e972a%26sub%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; _gcl_au=1.1.1627695547.1663078614; _ga_4L2GVL08BD=GS1.1.1663078614.1.0.1663078614.0.0.0; _ga=GA1.2.881031737.1663078614; _gid=GA1.2.1344981336.1663078615; _gat_UA-199659057-1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
date: Tue, 13 Sep 2022 14:17:14 GMT
last-modified: Mon, 05 Sep 2022 07:22:17 GMT
etag: W/"6315a3a9-1bbd"
expires: Wed, 14 Sep 2022 14:17:14 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 a4583a5b47f0a64ec35be32f95ac1b46.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
x-amz-cf-id: XNtLEC2TvIQx64XfQ6Naz6BjM5UWyeUvvJhROEq11gdr65YvLAkLXg==
X-Firefox-Spdy: h2
biamo.bet/static/images/categories/popular.svg
18.65.39.71200 OK 0 B URL HTTP/2 biamo.bet/static/images/categories/popular.svg
IP 18.65.39.71:0
GET /static/images/categories/popular.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://biamo.bet/no
Cache-Control: public, max-age=31536000
Connection: keep-alive
Cookie: sitelang=no; _aff=system%3Dfaff%26id%3D2910ce55bd524eeb6fcf68766a7e972a%26data%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3%26params%3Dfaff%253D2910ce55bd524eeb6fcf68766a7e972a%2526sub%253D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; faff=faff%3D2910ce55bd524eeb6fcf68766a7e972a%26sub%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; _gcl_au=1.1.1627695547.1663078614; _ga_4L2GVL08BD=GS1.1.1663078614.1.0.1663078614.0.0.0; _ga=GA1.2.881031737.1663078614; _gid=GA1.2.1344981336.1663078615; _gat_UA-199659057-1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
date: Tue, 13 Sep 2022 14:17:14 GMT
last-modified: Mon, 05 Sep 2022 07:22:17 GMT
etag: W/"6315a3a9-660"
expires: Wed, 14 Sep 2022 14:17:14 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 a4583a5b47f0a64ec35be32f95ac1b46.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
x-amz-cf-id: C4DLL53NWmV9YhUiFj9SE9IdfYppUyRkT8jGF-KDNouDqqmhKb8QWw==
X-Firefox-Spdy: h2
gobacktothefuture.biz/sw/w1s.js
62.210.6.153200 OK 0 B URL HTTP/2 gobacktothefuture.biz/sw/w1s.js
IP 62.210.6.153:0
GET /sw/w1s.js HTTP/1.1
Host: gobacktothefuture.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.youngmedias.biz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 14:17:04 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
expires: Wed, 13 Sep 2023 14:17:04 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
9.youngmedias.biz/?p=mfrdoojrgq5gi3bpgmztamrv
185.177.93.164200 OK 0 B URL HTTP/2 9.youngmedias.biz/?p=mfrdoojrgq5gi3bpgmztamrv
IP 185.177.93.164:0
ASN #39572 DataWeb Global Group B.V.
Analyzer Verdict Alert quad9 Sinkholed
GET /?p=mfrdoojrgq5gi3bpgmztamrv HTTP/1.1
Host: 9.youngmedias.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.youngmedias.biz/
Cookie: uuid=04c17c2e-3bd0-40a0-8d74-534188e62ed1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 14:17:04 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
set-cookie: uuid=04c17c2e-3bd0-40a0-8d74-534188e62ed1; expires=Thu, 13-Oct-2022 14:17:04 GMT; Max-Age=2592000; path=/; domain=9.youngmedias.biz
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
zeniocloud.com/LAIA.js?sub1=biamobet
167.114.67.56200 OK 0 B URL HTTP/2 zeniocloud.com/LAIA.js?sub1=biamobet
IP 167.114.67.56:0
Analyzer Verdict Alert fortinet Phishing
GET /LAIA.js?sub1=biamobet HTTP/1.1
Host: zeniocloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biamo.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Tue, 13 Sep 2022 14:17:07 GMT
content-type: text/html; charset=UTF-8
content-encoding: gzip
X-Firefox-Spdy: h2
8ecdd967-7052-405b-9d9a-e69a1824663d.snippet.antillephone.com/apg-seal.js
143.204.55.73200 OK 0 B URL HTTP/2 8ecdd967-7052-405b-9d9a-e69a1824663d.snippet.antillephone.com/apg-seal.js
IP 143.204.55.73:0
GET /apg-seal.js HTTP/1.1
Host: 8ecdd967-7052-405b-9d9a-e69a1824663d.snippet.antillephone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://biamo.bet/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
date: Tue, 13 Sep 2022 14:12:36 GMT
x-powered-by: Express
cache-control: max-age=300
etag: W/"c7b-qW5+te6CZ/ER8P3+6ogOFVGVPxg"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74a17a8e5ee5bb8f-FRA
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: b77jkOSWmQnGYIMyQZEcnIiKbzbpTtjXyCyIvzTaAzRWRCKnAa2a7A==
age: 277
X-Firefox-Spdy: h2
biamo.bet/flog
18.65.39.71200 OK 0 B IP 18.65.39.71:0
POST /flog HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://biamo.bet/no
Content-Type: text/plain;charset=UTF-8
Origin: https://biamo.bet
Content-Length: 211
Connection: keep-alive
Cookie: sitelang=no; _aff=system%3Dfaff%26id%3D2910ce55bd524eeb6fcf68766a7e972a%26data%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3%26params%3Dfaff%253D2910ce55bd524eeb6fcf68766a7e972a%2526sub%253D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; faff=faff%3D2910ce55bd524eeb6fcf68766a7e972a%26sub%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; _gcl_au=1.1.1627695547.1663078614; _ga_4L2GVL08BD=GS1.1.1663078614.1.0.1663078614.0.0.0; _ga=GA1.2.881031737.1663078614; _gid=GA1.2.1344981336.1663078615; _gat_UA-199659057-1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
server: nginx
date: Tue, 13 Sep 2022 14:17:13 GMT
last-modified: Tuesday, 13-Sep-2022 14:17:13 GMT
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
x-cache: Miss from cloudfront
via: 1.1 a4583a5b47f0a64ec35be32f95ac1b46.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
x-amz-cf-id: b7W8DLnI3Be7sgYL66Q_1rvttqLzc_NWqGyqJvrsZN9VBCmxIxOfoA==
X-Firefox-Spdy: h2
biamo.bet/static/images/categories/pokerglobal.svg
18.65.39.71200 OK 0 B URL HTTP/2 biamo.bet/static/images/categories/pokerglobal.svg
IP 18.65.39.71:0
GET /static/images/categories/pokerglobal.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://biamo.bet/no
Cache-Control: public, max-age=31536000
Connection: keep-alive
Cookie: sitelang=no; _aff=system%3Dfaff%26id%3D2910ce55bd524eeb6fcf68766a7e972a%26data%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3%26params%3Dfaff%253D2910ce55bd524eeb6fcf68766a7e972a%2526sub%253D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; faff=faff%3D2910ce55bd524eeb6fcf68766a7e972a%26sub%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; _gcl_au=1.1.1627695547.1663078614; _ga_4L2GVL08BD=GS1.1.1663078614.1.0.1663078614.0.0.0; _ga=GA1.2.881031737.1663078614; _gid=GA1.2.1344981336.1663078615; _gat_UA-199659057-1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
date: Tue, 13 Sep 2022 14:17:14 GMT
last-modified: Mon, 05 Sep 2022 07:22:17 GMT
etag: W/"6315a3a9-14c4"
expires: Wed, 14 Sep 2022 14:17:14 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 a4583a5b47f0a64ec35be32f95ac1b46.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
x-amz-cf-id: Ths0kVYwrn3rVo_5ecpO4aP7VEK4L_MPpCGryA8_hIsHkd3NvEaF7A==
X-Firefox-Spdy: h2
gobacktothefuture.biz/sw/w1s.js
62.210.6.153200 OK 0 B URL HTTP/2 gobacktothefuture.biz/sw/w1s.js
IP 62.210.6.153:0
GET /sw/w1s.js HTTP/1.1
Host: gobacktothefuture.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://youngmedias.biz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 14:17:02 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
expires: Wed, 13 Sep 2023 14:17:02 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
biamo.bet/static/images/logo.svg
18.65.39.71200 OK 0 B URL HTTP/2 biamo.bet/static/images/logo.svg
IP 18.65.39.71:0
GET /static/images/logo.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biamo.bet/static/css/app.loader.css
Cookie: sitelang=no; _aff=system%3Dfaff%26id%3D2910ce55bd524eeb6fcf68766a7e972a%26data%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3%26params%3Dfaff%253D2910ce55bd524eeb6fcf68766a7e972a%2526sub%253D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; faff=faff%3D2910ce55bd524eeb6fcf68766a7e972a%26sub%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; _gcl_au=1.1.1627695547.1663078614; _ga_4L2GVL08BD=GS1.1.1663078614.1.0.1663078614.0.0.0; _ga=GA1.1.881031737.1663078614
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
date: Tue, 13 Sep 2022 14:17:07 GMT
last-modified: Mon, 05 Sep 2022 07:22:17 GMT
etag: W/"6315a3a9-205d"
expires: Wed, 14 Sep 2022 14:17:07 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 a4583a5b47f0a64ec35be32f95ac1b46.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
x-amz-cf-id: jwPLKuTa23zsC1PkFxL8UalghEZiYrUOQzyH7irTBWnRudAjrXl7JA==
X-Firefox-Spdy: h2
biamo.bet/static/dist/runtime.751d40599e271b67.js
18.65.39.71200 OK 0 B URL HTTP/2 biamo.bet/static/dist/runtime.751d40599e271b67.js
IP 18.65.39.71:0
GET /static/dist/runtime.751d40599e271b67.js HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biamo.bet/no/signup?faff=2910ce55bd524eeb6fcf68766a7e972a&sub=-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3
Cookie: sitelang=no; _aff=system%3Dfaff%26id%3D2910ce55bd524eeb6fcf68766a7e972a%26data%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3%26params%3Dfaff%253D2910ce55bd524eeb6fcf68766a7e972a%2526sub%253D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; faff=faff%3D2910ce55bd524eeb6fcf68766a7e972a%26sub%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Tue, 13 Sep 2022 14:17:07 GMT
last-modified: Mon, 05 Sep 2022 07:24:56 GMT
etag: W/"6315a448-1089"
expires: Wed, 14 Sep 2022 14:17:07 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 a4583a5b47f0a64ec35be32f95ac1b46.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
x-amz-cf-id: yj_MxdPZ7Rzewe92Y9cKuBjt_FhBRGEl-zjXqGoclfe94q3CcY4CNQ==
X-Firefox-Spdy: h2
biamo.bet/static/images/categories/tablegames.svg
18.65.39.71200 OK 0 B URL HTTP/2 biamo.bet/static/images/categories/tablegames.svg
IP 18.65.39.71:0
GET /static/images/categories/tablegames.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://biamo.bet/no
Cache-Control: public, max-age=31536000
Connection: keep-alive
Cookie: sitelang=no; _aff=system%3Dfaff%26id%3D2910ce55bd524eeb6fcf68766a7e972a%26data%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3%26params%3Dfaff%253D2910ce55bd524eeb6fcf68766a7e972a%2526sub%253D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; faff=faff%3D2910ce55bd524eeb6fcf68766a7e972a%26sub%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; _gcl_au=1.1.1627695547.1663078614; _ga_4L2GVL08BD=GS1.1.1663078614.1.0.1663078614.0.0.0; _ga=GA1.2.881031737.1663078614; _gid=GA1.2.1344981336.1663078615; _gat_UA-199659057-1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
date: Tue, 13 Sep 2022 14:17:14 GMT
last-modified: Mon, 05 Sep 2022 07:22:17 GMT
etag: W/"6315a3a9-14de"
expires: Wed, 14 Sep 2022 14:17:14 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 a4583a5b47f0a64ec35be32f95ac1b46.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
x-amz-cf-id: NKVnYRR7r8SQ2jmpCCF4dDtdIk2bfnc5WDsomrKjpqzmDUCi8hMCwg==
X-Firefox-Spdy: h2
biamo.bet/static/dist/459.ca6644c327050bd3.js
18.65.39.71200 OK 0 B URL HTTP/2 biamo.bet/static/dist/459.ca6644c327050bd3.js
IP 18.65.39.71:0
GET /static/dist/459.ca6644c327050bd3.js HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://biamo.bet/ngsw-worker.js
Connection: keep-alive
Cookie: sitelang=no; _aff=system%3Dfaff%26id%3D2910ce55bd524eeb6fcf68766a7e972a%26data%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3%26params%3Dfaff%253D2910ce55bd524eeb6fcf68766a7e972a%2526sub%253D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; faff=faff%3D2910ce55bd524eeb6fcf68766a7e972a%26sub%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; _gcl_au=1.1.1627695547.1663078614; _ga_4L2GVL08BD=GS1.1.1663078614.1.0.1663078614.0.0.0; _ga=GA1.2.881031737.1663078614; _gid=GA1.2.1344981336.1663078615; _gat_UA-199659057-1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Tue, 13 Sep 2022 14:17:09 GMT
last-modified: Mon, 05 Sep 2022 07:24:56 GMT
etag: W/"6315a448-3e7b"
expires: Wed, 14 Sep 2022 14:17:09 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 a4583a5b47f0a64ec35be32f95ac1b46.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
x-amz-cf-id: eSY_J8T817n9jYqModqor73_VxDB_pZPitT-admaJtX1KdrZCYlSIg==
X-Firefox-Spdy: h2
biamo.bet/static/images/categories/rouletteglobal.svg
18.65.39.71200 OK 0 B URL HTTP/2 biamo.bet/static/images/categories/rouletteglobal.svg
IP 18.65.39.71:0
GET /static/images/categories/rouletteglobal.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://biamo.bet/no
Cache-Control: public, max-age=31536000
Connection: keep-alive
Cookie: sitelang=no; _aff=system%3Dfaff%26id%3D2910ce55bd524eeb6fcf68766a7e972a%26data%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3%26params%3Dfaff%253D2910ce55bd524eeb6fcf68766a7e972a%2526sub%253D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; faff=faff%3D2910ce55bd524eeb6fcf68766a7e972a%26sub%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; _gcl_au=1.1.1627695547.1663078614; _ga_4L2GVL08BD=GS1.1.1663078614.1.0.1663078614.0.0.0; _ga=GA1.2.881031737.1663078614; _gid=GA1.2.1344981336.1663078615; _gat_UA-199659057-1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
date: Tue, 13 Sep 2022 14:17:14 GMT
last-modified: Mon, 05 Sep 2022 07:22:17 GMT
etag: W/"6315a3a9-b70"
expires: Wed, 14 Sep 2022 14:17:14 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 a4583a5b47f0a64ec35be32f95ac1b46.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
x-amz-cf-id: HFm2GHG0ZSpDSdbf7IcrhzSAprc6ziDr5_MkuWVYamz-zPq1gg3gdA==
X-Firefox-Spdy: h2
gobacktothefuture.biz/sw/w1s.js
62.210.6.153200 OK 0 B URL HTTP/2 gobacktothefuture.biz/sw/w1s.js
IP 62.210.6.153:0
GET /sw/w1s.js HTTP/1.1
Host: gobacktothefuture.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.youngmedias.biz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 14:17:03 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
expires: Wed, 13 Sep 2023 14:17:03 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
biamo.bet/static/dist/667.7473d20317cc494c.js
18.65.39.71200 OK 0 B URL HTTP/2 biamo.bet/static/dist/667.7473d20317cc494c.js
IP 18.65.39.71:0
GET /static/dist/667.7473d20317cc494c.js HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://biamo.bet/ngsw-worker.js
Connection: keep-alive
Cookie: sitelang=no; _aff=system%3Dfaff%26id%3D2910ce55bd524eeb6fcf68766a7e972a%26data%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3%26params%3Dfaff%253D2910ce55bd524eeb6fcf68766a7e972a%2526sub%253D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; faff=faff%3D2910ce55bd524eeb6fcf68766a7e972a%26sub%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; _gcl_au=1.1.1627695547.1663078614; _ga_4L2GVL08BD=GS1.1.1663078614.1.0.1663078614.0.0.0; _ga=GA1.2.881031737.1663078614; _gid=GA1.2.1344981336.1663078615; _gat_UA-199659057-1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Tue, 13 Sep 2022 14:17:13 GMT
last-modified: Mon, 05 Sep 2022 07:24:56 GMT
etag: W/"6315a448-22338"
expires: Wed, 14 Sep 2022 14:17:13 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 a4583a5b47f0a64ec35be32f95ac1b46.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
x-amz-cf-id: 5V39deleKu77ajmBMVd44qxC64l9j8Q_WgbMOhiGTBfOoz2CmF2CCA==
X-Firefox-Spdy: h2
biamo.bet/static/images/categories/virtualsports.svg
18.65.39.71200 OK 0 B URL HTTP/2 biamo.bet/static/images/categories/virtualsports.svg
IP 18.65.39.71:0
GET /static/images/categories/virtualsports.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://biamo.bet/no
Cache-Control: public, max-age=31536000
Connection: keep-alive
Cookie: sitelang=no; _aff=system%3Dfaff%26id%3D2910ce55bd524eeb6fcf68766a7e972a%26data%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3%26params%3Dfaff%253D2910ce55bd524eeb6fcf68766a7e972a%2526sub%253D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; faff=faff%3D2910ce55bd524eeb6fcf68766a7e972a%26sub%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; _gcl_au=1.1.1627695547.1663078614; _ga_4L2GVL08BD=GS1.1.1663078614.1.0.1663078614.0.0.0; _ga=GA1.2.881031737.1663078614; _gid=GA1.2.1344981336.1663078615; _gat_UA-199659057-1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
date: Tue, 13 Sep 2022 14:17:14 GMT
last-modified: Mon, 05 Sep 2022 07:22:17 GMT
etag: W/"6315a3a9-813"
expires: Wed, 14 Sep 2022 14:17:14 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 a4583a5b47f0a64ec35be32f95ac1b46.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
x-amz-cf-id: bNPclfD9NZfQrua43at4K79YiDFlNM8Cp4GQIm7tU9xA5xQHN3ggZg==
X-Firefox-Spdy: h2
2.youngmedias.biz/?p=mfrdoojrgq5gi3bpgmztamrv
185.177.93.164200 OK 0 B URL HTTP/2 2.youngmedias.biz/?p=mfrdoojrgq5gi3bpgmztamrv
IP 185.177.93.164:0
ASN #39572 DataWeb Global Group B.V.
Analyzer Verdict Alert quad9 Sinkholed
GET /?p=mfrdoojrgq5gi3bpgmztamrv HTTP/1.1
Host: 2.youngmedias.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.youngmedias.biz/
Cookie: uuid=04c17c2e-3bd0-40a0-8d74-534188e62ed1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 14:17:03 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
set-cookie: uuid=04c17c2e-3bd0-40a0-8d74-534188e62ed1; expires=Thu, 13-Oct-2022 14:17:03 GMT; Max-Age=2592000; path=/; domain=2.youngmedias.biz
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
gobacktothefuture.biz/sw/w1s.js
62.210.6.153200 OK 0 B URL HTTP/2 gobacktothefuture.biz/sw/w1s.js
IP 62.210.6.153:0
GET /sw/w1s.js HTTP/1.1
Host: gobacktothefuture.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.youngmedias.biz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 14:17:03 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
expires: Wed, 13 Sep 2023 14:17:03 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
3.youngmedias.biz/?p=mfrdoojrgq5gi3bpgmztamrv
185.177.93.164200 OK 0 B URL HTTP/2 3.youngmedias.biz/?p=mfrdoojrgq5gi3bpgmztamrv
IP 185.177.93.164:0
ASN #39572 DataWeb Global Group B.V.
Analyzer Verdict Alert quad9 Sinkholed
GET /?p=mfrdoojrgq5gi3bpgmztamrv HTTP/1.1
Host: 3.youngmedias.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.youngmedias.biz/
Cookie: uuid=04c17c2e-3bd0-40a0-8d74-534188e62ed1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 14:17:03 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
set-cookie: uuid=04c17c2e-3bd0-40a0-8d74-534188e62ed1; expires=Thu, 13-Oct-2022 14:17:03 GMT; Max-Age=2592000; path=/; domain=3.youngmedias.biz
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
gobacktothefuture.biz/sw/w1s.js
62.210.6.153200 OK 0 B URL HTTP/2 gobacktothefuture.biz/sw/w1s.js
IP 62.210.6.153:0
GET /sw/w1s.js HTTP/1.1
Host: gobacktothefuture.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.youngmedias.biz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 14:17:04 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
expires: Wed, 13 Sep 2023 14:17:04 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
biamo.bet/gstatic/wlc/icons/age-restrictions.svg
18.65.39.71200 OK 0 B URL HTTP/2 biamo.bet/gstatic/wlc/icons/age-restrictions.svg
IP 18.65.39.71:0
GET /gstatic/wlc/icons/age-restrictions.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://biamo.bet/no
Cache-Control: public, max-age=31536000
Connection: keep-alive
Cookie: sitelang=no; _aff=system%3Dfaff%26id%3D2910ce55bd524eeb6fcf68766a7e972a%26data%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3%26params%3Dfaff%253D2910ce55bd524eeb6fcf68766a7e972a%2526sub%253D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; faff=faff%3D2910ce55bd524eeb6fcf68766a7e972a%26sub%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; _gcl_au=1.1.1627695547.1663078614; _ga_4L2GVL08BD=GS1.1.1663078614.1.0.1663078614.0.0.0; _ga=GA1.2.881031737.1663078614; _gid=GA1.2.1344981336.1663078615; _gat_UA-199659057-1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
date: Tue, 13 Sep 2022 14:17:13 GMT
last-modified: Tue, 10 Aug 2021 14:40:46 GMT
etag: W/"61128fee-a9f"
expires: Tue, 13 Sep 2022 15:17:13 GMT
cache-control: max-age=3600
strict-transport-security: max-age=31536000
x-content-type-options: nosniff, nosniff
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 a4583a5b47f0a64ec35be32f95ac1b46.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
x-amz-cf-id: RYE2A9A8YpsEOqQrmejqy_dSHYW6aay2O09yKrSF5Ic3wvFw96t2EA==
X-Firefox-Spdy: h2
biamo.bet/gstatic/wlc/icons/european/v1/sportsbook.svg
18.65.39.71200 OK 0 B URL HTTP/2 biamo.bet/gstatic/wlc/icons/european/v1/sportsbook.svg
IP 18.65.39.71:0
GET /gstatic/wlc/icons/european/v1/sportsbook.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://biamo.bet/no
Cache-Control: public, max-age=31536000
Connection: keep-alive
Cookie: sitelang=no; _aff=system%3Dfaff%26id%3D2910ce55bd524eeb6fcf68766a7e972a%26data%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3%26params%3Dfaff%253D2910ce55bd524eeb6fcf68766a7e972a%2526sub%253D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; faff=faff%3D2910ce55bd524eeb6fcf68766a7e972a%26sub%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; _gcl_au=1.1.1627695547.1663078614; _ga_4L2GVL08BD=GS1.1.1663078614.1.0.1663078614.0.0.0; _ga=GA1.2.881031737.1663078614; _gid=GA1.2.1344981336.1663078615; _gat_UA-199659057-1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
date: Tue, 13 Sep 2022 14:17:13 GMT
last-modified: Tue, 15 Jun 2021 15:03:48 GMT
etag: W/"60c8c154-4b2"
expires: Tue, 13 Sep 2022 15:17:13 GMT
cache-control: max-age=3600
strict-transport-security: max-age=31536000
x-content-type-options: nosniff, nosniff
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 a4583a5b47f0a64ec35be32f95ac1b46.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
x-amz-cf-id: NDu1NaVH1rQ05C31q8JE5JgfP8kKAGAmizRryC0lV1C7NSnRSAtg0g==
X-Firefox-Spdy: h2
biamo.bet/gstatic/wlc/icons/european/v1/casino.svg
18.65.39.71200 OK 0 B URL HTTP/2 biamo.bet/gstatic/wlc/icons/european/v1/casino.svg
IP 18.65.39.71:0
GET /gstatic/wlc/icons/european/v1/casino.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://biamo.bet/no
Cache-Control: public, max-age=31536000
Connection: keep-alive
Cookie: sitelang=no; _aff=system%3Dfaff%26id%3D2910ce55bd524eeb6fcf68766a7e972a%26data%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3%26params%3Dfaff%253D2910ce55bd524eeb6fcf68766a7e972a%2526sub%253D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; faff=faff%3D2910ce55bd524eeb6fcf68766a7e972a%26sub%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; _gcl_au=1.1.1627695547.1663078614; _ga_4L2GVL08BD=GS1.1.1663078614.1.0.1663078614.0.0.0; _ga=GA1.2.881031737.1663078614; _gid=GA1.2.1344981336.1663078615; _gat_UA-199659057-1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
date: Tue, 13 Sep 2022 14:17:14 GMT
last-modified: Tue, 15 Jun 2021 15:03:48 GMT
etag: W/"60c8c154-9d0"
expires: Tue, 13 Sep 2022 15:17:14 GMT
cache-control: max-age=3600
strict-transport-security: max-age=31536000
x-content-type-options: nosniff, nosniff
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 a4583a5b47f0a64ec35be32f95ac1b46.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
x-amz-cf-id: ZUlU-OiyfhSnXXwUU495z04aThruox3jDVbNPqpx-tHAKzszVgQN_g==
X-Firefox-Spdy: h2
biamo.bet/gstatic/wlc/icons/filter-merchants.svg
18.65.39.71200 OK 0 B URL HTTP/2 biamo.bet/gstatic/wlc/icons/filter-merchants.svg
IP 18.65.39.71:0
GET /gstatic/wlc/icons/filter-merchants.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://biamo.bet/no
Cache-Control: public, max-age=31536000
Connection: keep-alive
Cookie: sitelang=no; _aff=system%3Dfaff%26id%3D2910ce55bd524eeb6fcf68766a7e972a%26data%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3%26params%3Dfaff%253D2910ce55bd524eeb6fcf68766a7e972a%2526sub%253D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; faff=faff%3D2910ce55bd524eeb6fcf68766a7e972a%26sub%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; _gcl_au=1.1.1627695547.1663078614; _ga_4L2GVL08BD=GS1.1.1663078614.1.0.1663078614.0.0.0; _ga=GA1.2.881031737.1663078614; _gid=GA1.2.1344981336.1663078615; _gat_UA-199659057-1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
date: Tue, 13 Sep 2022 14:17:14 GMT
last-modified: Tue, 10 Aug 2021 14:40:46 GMT
etag: W/"61128fee-8c1"
expires: Tue, 13 Sep 2022 15:17:14 GMT
cache-control: max-age=3600
strict-transport-security: max-age=31536000
x-content-type-options: nosniff, nosniff
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 a4583a5b47f0a64ec35be32f95ac1b46.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
x-amz-cf-id: i-ODvAghWZX3xzIQDaNPNf6E8eB0yDk1gbD7YWCEHzMbbM0BjLOb6w==
X-Firefox-Spdy: h2
biamo.bet/static/images/categories/scratchcards.svg
18.65.39.71200 OK 0 B URL HTTP/2 biamo.bet/static/images/categories/scratchcards.svg
IP 18.65.39.71:0
GET /static/images/categories/scratchcards.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://biamo.bet/no
Cache-Control: public, max-age=31536000
Connection: keep-alive
Cookie: sitelang=no; _aff=system%3Dfaff%26id%3D2910ce55bd524eeb6fcf68766a7e972a%26data%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3%26params%3Dfaff%253D2910ce55bd524eeb6fcf68766a7e972a%2526sub%253D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; faff=faff%3D2910ce55bd524eeb6fcf68766a7e972a%26sub%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; _gcl_au=1.1.1627695547.1663078614; _ga_4L2GVL08BD=GS1.1.1663078614.1.0.1663078614.0.0.0; _ga=GA1.2.881031737.1663078614; _gid=GA1.2.1344981336.1663078615; _gat_UA-199659057-1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
date: Tue, 13 Sep 2022 14:17:14 GMT
last-modified: Mon, 05 Sep 2022 07:22:17 GMT
etag: W/"6315a3a9-80b"
expires: Wed, 14 Sep 2022 14:17:14 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 a4583a5b47f0a64ec35be32f95ac1b46.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
x-amz-cf-id: xrZph3gpUIzAbNbkw4LiKNDy3MwlnkwtS9SNSZmzPS_JIsXTfQXf7g==
X-Firefox-Spdy: h2
biamo.bet/static/images/categories/blackjacks.svg
18.65.39.71200 OK 0 B URL HTTP/2 biamo.bet/static/images/categories/blackjacks.svg
IP 18.65.39.71:0
GET /static/images/categories/blackjacks.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://biamo.bet/no
Cache-Control: public, max-age=31536000
Connection: keep-alive
Cookie: sitelang=no; _aff=system%3Dfaff%26id%3D2910ce55bd524eeb6fcf68766a7e972a%26data%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3%26params%3Dfaff%253D2910ce55bd524eeb6fcf68766a7e972a%2526sub%253D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; faff=faff%3D2910ce55bd524eeb6fcf68766a7e972a%26sub%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; _gcl_au=1.1.1627695547.1663078614; _ga_4L2GVL08BD=GS1.1.1663078614.1.0.1663078614.0.0.0; _ga=GA1.2.881031737.1663078614; _gid=GA1.2.1344981336.1663078615; _gat_UA-199659057-1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
date: Tue, 13 Sep 2022 14:17:14 GMT
last-modified: Mon, 05 Sep 2022 07:22:17 GMT
etag: W/"6315a3a9-4db"
expires: Wed, 14 Sep 2022 14:17:14 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 a4583a5b47f0a64ec35be32f95ac1b46.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
x-amz-cf-id: 87TpgrNuCPiCifibx27p7X2rWwlup9l5fOmNbHhXIpSpjQopySuR3w==
X-Firefox-Spdy: h2
biamo.bet/static/images/categories/bigtimegaming.svg
18.65.39.71200 OK 0 B URL HTTP/2 biamo.bet/static/images/categories/bigtimegaming.svg
IP 18.65.39.71:0
GET /static/images/categories/bigtimegaming.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://biamo.bet/no
Cache-Control: public, max-age=31536000
Connection: keep-alive
Cookie: sitelang=no; _aff=system%3Dfaff%26id%3D2910ce55bd524eeb6fcf68766a7e972a%26data%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3%26params%3Dfaff%253D2910ce55bd524eeb6fcf68766a7e972a%2526sub%253D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; faff=faff%3D2910ce55bd524eeb6fcf68766a7e972a%26sub%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; _gcl_au=1.1.1627695547.1663078614; _ga_4L2GVL08BD=GS1.1.1663078614.1.0.1663078614.0.0.0; _ga=GA1.2.881031737.1663078614; _gid=GA1.2.1344981336.1663078615; _gat_UA-199659057-1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
date: Tue, 13 Sep 2022 14:17:14 GMT
last-modified: Mon, 05 Sep 2022 07:22:17 GMT
etag: W/"6315a3a9-38ab"
expires: Wed, 14 Sep 2022 14:17:14 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 a4583a5b47f0a64ec35be32f95ac1b46.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
x-amz-cf-id: fAX-4LJ8MJIC-S7NHRQoLuVyzI_ONORiCj8wZ1proKAAyIfdboNCHw==
X-Firefox-Spdy: h2
biamo.bet/static/images/categories/buyfeature.svg
18.65.39.71200 OK 0 B URL HTTP/2 biamo.bet/static/images/categories/buyfeature.svg
IP 18.65.39.71:0
GET /static/images/categories/buyfeature.svg HTTP/1.1
Host: biamo.bet
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://biamo.bet/no
Cache-Control: public, max-age=31536000
Connection: keep-alive
Cookie: sitelang=no; _aff=system%3Dfaff%26id%3D2910ce55bd524eeb6fcf68766a7e972a%26data%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3%26params%3Dfaff%253D2910ce55bd524eeb6fcf68766a7e972a%2526sub%253D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; faff=faff%3D2910ce55bd524eeb6fcf68766a7e972a%26sub%3D-7EBRQCgQAAAE9ATQD1AEQBAEbAAIP4pAgYxENGhENIhENMhENWgNOTwdubDEfYmlhbW__c3JhZ0FMSG4AA3k3; _gcl_au=1.1.1627695547.1663078614; _ga_4L2GVL08BD=GS1.1.1663078614.1.0.1663078614.0.0.0; _ga=GA1.2.881031737.1663078614; _gid=GA1.2.1344981336.1663078615; _gat_UA-199659057-1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
date: Tue, 13 Sep 2022 14:17:14 GMT
last-modified: Mon, 05 Sep 2022 07:22:17 GMT
etag: W/"6315a3a9-9e5"
expires: Wed, 14 Sep 2022 14:17:14 GMT
cache-control: max-age=86400
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 a4583a5b47f0a64ec35be32f95ac1b46.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
x-amz-cf-id: 4K6ESG5HCIE_Gcfsazgr-LrUCMkYG6QEDKABld8HqHv11-2kqAITnA==
X-Firefox-Spdy: h2