r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9fbe85f42e8ae8ae41cc12df5f98b141
949fa36ff0f22f72565fd584bef094dd4de23037
184d3e4df4bce559b4d7c4836372f5fd2de9782a96b04d364230b7d695d737d8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "184D3E4DF4BCE559B4D7C4836372F5FD2DE9782A96B04D364230B7D695D737D8"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13012
Expires: Fri, 27 Jan 2023 19:00:21 GMT
Date: Fri, 27 Jan 2023 15:23:29 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 15:23:29 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 2405562765b49b2782ebd2e2994851d5
be7ac8e558f7875bb1fb86ab5ec674424a5ff269
422cfa907461cb7b93b9089d600052f9e94951e5e0c93d97651905002e48ad3e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "422CFA907461CB7B93B9089D600052F9E94951E5E0C93D97651905002E48AD3E"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15932
Expires: Fri, 27 Jan 2023 19:49:01 GMT
Date: Fri, 27 Jan 2023 15:23:29 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 27 Jan 2023 14:35:23 GMT
content-type: application/json
age: 2886
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 49049f3c92aad686cd7ff28ecd2a5a4f
9cc2bc9c055450dbc4fae93eabe4ef8509b3ff57
02cf421968192286bb174ff0e6c818a843c4eca61a02cd493e6f95bb58a37015
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "02CF421968192286BB174FF0E6C818A843C4ECA61A02CD493E6F95BB58A37015"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2674
Expires: Fri, 27 Jan 2023 16:08:03 GMT
Date: Fri, 27 Jan 2023 15:23:29 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: fax51ZLRXzpub6tsLH5KmnbH+482vzuub+zAhCO9nsqgxmVIHm2SdpRy2qWWkizjqanvgwlLoto=
x-amz-request-id: 30TEXRJ6GEKPEAB4
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 27 Jan 2023 14:49:27 GMT
age: 2042
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 27 Jan 2023 14:41:40 GMT
age: 2509
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 16a7b6a7128312e2f985d30df18c4487
6017bff79ffb525d9c7f9f32b999b74b5dc69602
663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16"
Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2354
Expires: Fri, 27 Jan 2023 16:02:43 GMT
Date: Fri, 27 Jan 2023 15:23:29 GMT
Connection: keep-alive
muratboz.get.to/
200 OK 1.3 kB IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (740)
Hash 4044c32d4ad6698c653756744ce3330c
761531068f07cd9e5ed86af7812e45727adda55c
5b9991792ffa98a2bdf48094203b2cd60b1ace4de5219eed514ac37753d57878
GET / HTTP/1.1
Host: muratboz.get.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
date: Fri, 27 Jan 2023 15:23:29 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
vary: Accept-Encoding
x-powered-by: PHP/8.1.9
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_nVkd6Q782OeuCFqduwreC2frovTUNauwjdiYMufEHTh3AzkiDGdE3D3+9FTGSrdEaaJ4Xq3jjr0VYb+waBEarw==
last-modified: Fri, 27 Jan 2023 15:23:28 GMT
x-cache-miss-from: parking-7649dfd87f-fkmp4
server: NginX
content-encoding: gzip
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Vs+AqnAzm8wQtqlQIkLvQQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: EBcELQmRwDDN5V0KcTh0vmCd4fI=
muratboz.get.to/search/tsc.php?200=NDU0Mjk3Njg2&21=OTEuOTAuNDIuMTU0&681=MTY3NDgzMzAwOTAzZmQwMjExZDM4ZTMzNGIxMTg0ZDBlOTVjMWM4NWU0&crc=c2f97cd27de51bf7998d9790e195fd1d8971f282&cv=1
200 OK 0 B URL HTTP/1.1 muratboz.get.to/search/tsc.php?200=NDU0Mjk3Njg2&21=OTEuOTAuNDIuMTU0&681=MTY3NDgzMzAwOTAzZmQwMjExZDM4ZTMzNGIxMTg0ZDBlOTVjMWM4NWU0&crc=c2f97cd27de51bf7998d9790e195fd1d8971f282&cv=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /search/tsc.php?200=NDU0Mjk3Njg2&21=OTEuOTAuNDIuMTU0&681=MTY3NDgzMzAwOTAzZmQwMjExZDM4ZTMzNGIxMTg0ZDBlOTVjMWM4NWU0&crc=c2f97cd27de51bf7998d9790e195fd1d8971f282&cv=1 HTTP/1.1
Host: muratboz.get.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://muratboz.get.to/
HTTP/1.1 200 OK
date: Fri, 27 Jan 2023 15:23:29 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-powered-by: PHP/8.1.9
x-cache-miss-from: parking-7649dfd87f-xl5wz
server: NginX
muratboz.get.to/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3Dm4--3bW48E0_0&v=ODdmODcyMWFhZmIxMjhiOTcwYTIwYmEwNjQwZmVkODgJMQltdXJhdGJvei5nZXQudG82M2QzZWM3MGMyYTk4Ny4xMTM3MTM3MgltdXJhdGJvei5nZXQudG82M2QzZWM3MGMyYWRiMi44OTc2NzM5NgkxNjc0ODMzMDA5CWFkXzYzXzA=&l=OAk5MDlhYTU4ZTk5Y2YyYWY2ZGI3NjMxMzFlZWEzMmJkNgkwCTM1CTAJZTg4YTA2MDkzNjA4MmQ5NjJhMzcwNGI5Zjg1M2NlMmEJNDU0Mjk3Njg2CWdldAkwCTYzCTYJMgkxNjc0ODMzMDA5CTAuMDAwNTM1CU4JMAkxCTgzMAkxMjA1CTgyMDY4MjAwCTkxLjkwLjQyLjE1NAkw
302 Found 0 B URL HTTP/1.1 muratboz.get.to/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3Dm4--3bW48E0_0&v=ODdmODcyMWFhZmIxMjhiOTcwYTIwYmEwNjQwZmVkODgJMQltdXJhdGJvei5nZXQudG82M2QzZWM3MGMyYTk4Ny4xMTM3MTM3MgltdXJhdGJvei5nZXQudG82M2QzZWM3MGMyYWRiMi44OTc2NzM5NgkxNjc0ODMzMDA5CWFkXzYzXzA=&l=OAk5MDlhYTU4ZTk5Y2YyYWY2ZGI3NjMxMzFlZWEzMmJkNgkwCTM1CTAJZTg4YTA2MDkzNjA4MmQ5NjJhMzcwNGI5Zjg1M2NlMmEJNDU0Mjk3Njg2CWdldAkwCTYzCTYJMgkxNjc0ODMzMDA5CTAuMDAwNTM1CU4JMAkxCTgzMAkxMjA1CTgyMDY4MjAwCTkxLjkwLjQyLjE1NAkw
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3Dm4--3bW48E0_0&v=ODdmODcyMWFhZmIxMjhiOTcwYTIwYmEwNjQwZmVkODgJMQltdXJhdGJvei5nZXQudG82M2QzZWM3MGMyYTk4Ny4xMTM3MTM3MgltdXJhdGJvei5nZXQudG82M2QzZWM3MGMyYWRiMi44OTc2NzM5NgkxNjc0ODMzMDA5CWFkXzYzXzA=&l=OAk5MDlhYTU4ZTk5Y2YyYWY2ZGI3NjMxMzFlZWEzMmJkNgkwCTM1CTAJZTg4YTA2MDkzNjA4MmQ5NjJhMzcwNGI5Zjg1M2NlMmEJNDU0Mjk3Njg2CWdldAkwCTYzCTYJMgkxNjc0ODMzMDA5CTAuMDAwNTM1CU4JMAkxCTgzMAkxMjA1CTgyMDY4MjAwCTkxLjkwLjQyLjE1NAkw HTTP/1.1
Host: muratboz.get.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://muratboz.get.to/
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
date: Fri, 27 Jan 2023 15:23:30 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-powered-by: PHP/8.1.9
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
last-modified: Fri, 27 Jan 2023 15:23:30 GMT
location: /search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3Dm4--3bW48E0_0&v=ODdmODcyMWFhZmIxMjhiOTcwYTIwYmEwNjQwZmVkODgJMQltdXJhdGJvei5nZXQudG82M2QzZWM3MGMyYTk4Ny4xMTM3MTM3MgltdXJhdGJvei5nZXQudG82M2QzZWM3MGMyYWRiMi44OTc2NzM5NgkxNjc0ODMzMDA5CWFkXzYzXzA=&l=OAk5MDlhYTU4ZTk5Y2YyYWY2ZGI3NjMxMzFlZWEzMmJkNgkwCTM1CTAJZTg4YTA2MDkzNjA4MmQ5NjJhMzcwNGI5Zjg1M2NlMmEJNDU0Mjk3Njg2CWdldAkwCTYzCTYJMgkxNjc0ODMzMDA5CTAuMDAwNTM1CU4JMAkxCTgzMAkxMjA1CTgyMDY4MjAwCTkxLjkwLjQyLjE1NAkw
x-cache-miss-from: parking-7649dfd87f-txn6x
server: NginX
muratboz.get.to/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3Dm4--3bW48E0_0&v=ODdmODcyMWFhZmIxMjhiOTcwYTIwYmEwNjQwZmVkODgJMQltdXJhdGJvei5nZXQudG82M2QzZWM3MGMyYTk4Ny4xMTM3MTM3MgltdXJhdGJvei5nZXQudG82M2QzZWM3MGMyYWRiMi44OTc2NzM5NgkxNjc0ODMzMDA5CWFkXzYzXzA=&l=OAk5MDlhYTU4ZTk5Y2YyYWY2ZGI3NjMxMzFlZWEzMmJkNgkwCTM1CTAJZTg4YTA2MDkzNjA4MmQ5NjJhMzcwNGI5Zjg1M2NlMmEJNDU0Mjk3Njg2CWdldAkwCTYzCTYJMgkxNjc0ODMzMDA5CTAuMDAwNTM1CU4JMAkxCTgzMAkxMjA1CTgyMDY4MjAwCTkxLjkwLjQyLjE1NAkw
302 Found 311 B URL HTTP/1.1 muratboz.get.to/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3Dm4--3bW48E0_0&v=ODdmODcyMWFhZmIxMjhiOTcwYTIwYmEwNjQwZmVkODgJMQltdXJhdGJvei5nZXQudG82M2QzZWM3MGMyYTk4Ny4xMTM3MTM3MgltdXJhdGJvei5nZXQudG82M2QzZWM3MGMyYWRiMi44OTc2NzM5NgkxNjc0ODMzMDA5CWFkXzYzXzA=&l=OAk5MDlhYTU4ZTk5Y2YyYWY2ZGI3NjMxMzFlZWEzMmJkNgkwCTM1CTAJZTg4YTA2MDkzNjA4MmQ5NjJhMzcwNGI5Zjg1M2NlMmEJNDU0Mjk3Njg2CWdldAkwCTYzCTYJMgkxNjc0ODMzMDA5CTAuMDAwNTM1CU4JMAkxCTgzMAkxMjA1CTgyMDY4MjAwCTkxLjkwLjQyLjE1NAkw
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 2ccf0de39e7059185099705a01ee12cf
789d426d00c24af6efd6131e13796c98a205fac5
43342593b58a3fbfc1505d807bfd63b101c7a3b7858e0abdc783fbcbb5d78fc4
GET /search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3Dm4--3bW48E0_0&v=ODdmODcyMWFhZmIxMjhiOTcwYTIwYmEwNjQwZmVkODgJMQltdXJhdGJvei5nZXQudG82M2QzZWM3MGMyYTk4Ny4xMTM3MTM3MgltdXJhdGJvei5nZXQudG82M2QzZWM3MGMyYWRiMi44OTc2NzM5NgkxNjc0ODMzMDA5CWFkXzYzXzA=&l=OAk5MDlhYTU4ZTk5Y2YyYWY2ZGI3NjMxMzFlZWEzMmJkNgkwCTM1CTAJZTg4YTA2MDkzNjA4MmQ5NjJhMzcwNGI5Zjg1M2NlMmEJNDU0Mjk3Njg2CWdldAkwCTYzCTYJMgkxNjc0ODMzMDA5CTAuMDAwNTM1CU4JMAkxCTgzMAkxMjA1CTgyMDY4MjAwCTkxLjkwLjQyLjE1NAkw HTTP/1.1
Host: muratboz.get.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://muratboz.get.to/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
date: Fri, 27 Jan 2023 15:23:30 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
x-powered-by: PHP/8.1.9
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
last-modified: Fri, 27 Jan 2023 15:23:30 GMT
location: http://xml.sedodna.com/click?i=m4--3bW48E0_0
x-cache-miss-from: parking-7649dfd87f-bmljp
server: NginX
xml.sedodna.com/click?i=m4--3bW48E0_0
302 Found 0 B URL HTTP/1.1 xml.sedodna.com/click?i=m4--3bW48E0_0
IP
ASN #27257 WEBAIR-INTERNET
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?i=m4--3bW48E0_0 HTTP/1.1
Host: xml.sedodna.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://muratboz.get.to/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Cache-Control: no-store
Content-Length: 0
Age: 0
Connection: keep-alive
Location: https://link.affiliates.cyber.bet/click?b=0&pid=8425&offer_id=53&l=1669392078&sub4=CYBERMAXCAS&sub8=_casino&sub6=1669392078&ref_id=tsgfMQB8QtM
Pragma: no-cache
link.affiliates.cyber.bet/click?b=0&pid=8425&offer_id=53&l=1669392078&sub4=CYBERMAXCAS&sub8=_casino&sub6=1669392078&ref_id=tsgfMQB8QtM
302 Found 0 B URL HTTP/2 link.affiliates.cyber.bet/click?b=0&pid=8425&offer_id=53&l=1669392078&sub4=CYBERMAXCAS&sub8=_casino&sub6=1669392078&ref_id=tsgfMQB8QtM
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?b=0&pid=8425&offer_id=53&l=1669392078&sub4=CYBERMAXCAS&sub8=_casino&sub6=1669392078&ref_id=tsgfMQB8QtM HTTP/1.1
Host: link.affiliates.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://muratboz.get.to/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Fri, 27 Jan 2023 15:23:30 GMT
content-length: 0
location: https://cyber.bet/land/casino_spin_vegas_regform/?cid=63d3ec72c5c3ad00010ca583&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_casino&promocode=CYBERMAXCAS&subid2=&subid3=&aff_bnnr=&aff_land=1669392078&slice=
x-adjust-use-original-forwarded-for: 1
set-cookie: afclick=63d3ec72c5c3ad00010ca583; expires=Sat, 27 Jan 2024 15:23:30 GMT; secure; SameSite=None
afoffers={"53":1674833010}; expires=Sat, 27 Jan 2024 15:23:30 GMT; secure; SameSite=None
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0fE3pK5trOaAWXmiqjP1%2BaEvHhUT0D4yT97VJBkGJvSp29uOsMWaj48aE%2FJO2OhpvHbZWS6LxeUlXdf4rgSLf20w2ktD3YCcuqp6L5KEp%2FxynWy%2BgjC8YsrCEg988wNNgWouk6V0S%2F8BRU8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79027d6b6b1fb4f1-OSL
X-Firefox-Spdy: h2
cyber.bet/land/casino_spin_vegas_regform/js/main.js?v=15
200 OK 1.4 kB URL HTTP/2 cyber.bet/land/casino_spin_vegas_regform/js/main.js?v=15
IP
File type ASCII text, with very long lines (842)
Hash 506b8a4167f171b14e9a919a5436801b
3c2cfbd6208f7b631912fbeb70da0626f9a6f506
0fa666303ff11f62a26a2fd7166653a243fd13458efc9efc9753f8b1157422a4
GET /land/casino_spin_vegas_regform/js/main.js?v=15 HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_spin_vegas_regform/?cid=63d3ec72c5c3ad00010ca583&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_casino&promocode=CYBERMAXCAS&subid2=&subid3=&aff_bnnr=&aff_land=1669392078&slice=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 27 Jan 2023 15:23:30 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=3446
etag: W/"637f4678-d76"
last-modified: Thu, 24 Nov 2022 10:24:56 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2401
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=otU8KqhqRTnHxnuLwFbSwfh1HUDHk3tYFcltij5Q8vVOu31E1jaBuCmKD01G%2F%2ByyCWUoWEomISTrxCmf3fcoHLJXBXunk%2BlIJIWTBGXcJCvqVfShuP4FxGTLIA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79027d6d6dd6b4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2
cyber.bet/land/casino_spin_vegas_regform/js/Utils.js
200 OK 2.1 kB URL HTTP/2 cyber.bet/land/casino_spin_vegas_regform/js/Utils.js
IP
File type ASCII text, with very long lines (1417)
Hash 41d4cc88d52e203f9eb96767e9864c2e
315d6d38246a6038b1f2b1c32486735c54a7c16a
5dee056ea981f067738ac7d981efc9ab776ef7fd91faadc22525eafc3880022f
GET /land/casino_spin_vegas_regform/js/Utils.js HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_spin_vegas_regform/?cid=63d3ec72c5c3ad00010ca583&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_casino&promocode=CYBERMAXCAS&subid2=&subid3=&aff_bnnr=&aff_land=1669392078&slice=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 27 Jan 2023 15:23:30 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=4944
etag: W/"6377a9e0-1350"
last-modified: Fri, 18 Nov 2022 15:50:56 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2401
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jqEKJT4BD%2B6vKh0Cj76yDq%2Fw%2Fx%2F6AnELgW574UB%2BsxscpHr4tgT%2Bw%2FTut6ntnvCXnQa69QT%2FrjL0C0mYcZ3QXNCNfq2cTH12%2BVrrvzbtJ9GMGuVFfvZbMzpNpw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79027d6d6ddfb4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 48f87f021aa43dc85cabc3b624264811
6dcc2e3610ec6ef91768905aae267c984227f54a
0e77dc8ff90169c7db1343058490de4942217f3846ca0586bebd33d32513b305
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 15:23:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
200 OK 31 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
IP
File type ASCII text, with very long lines (65451)
Hash 81182f4b684635f6bdcbdd907ee66f25
a1f2f151df72ede41397c8131bd47a3ce85575b3
be40946c98d9a78a3c7c9ad097d379ab12549a195bd7a4766919a1d3fd987396
GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30774
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 21 Jan 2023 00:57:17 GMT
expires: Sun, 21 Jan 2024 00:57:17 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Mon, 13 May 2019 14:37:17 GMT
content-type: text/javascript; charset=UTF-8
age: 570373
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 48f87f021aa43dc85cabc3b624264811
6dcc2e3610ec6ef91768905aae267c984227f54a
0e77dc8ff90169c7db1343058490de4942217f3846ca0586bebd33d32513b305
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 15:23:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash e900decea613652b9501de51277c1b22
a2a9563dd429bc8c45fa5e9f2c5a7a3da8299685
6710e643184c872e49fa16f7d548e6446b5cb71e19747404fbd58339a3f90926
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=161963
Date: Fri, 27 Jan 2023 15:23:30 GMT
Etag: "63d3ad7c-1d7"
Expires: Sun, 29 Jan 2023 12:22:53 GMT
Last-Modified: Fri, 27 Jan 2023 10:54:52 GMT
Server: ECS (nyb/1D15)
X-Cache: Miss from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: eNwRnsSVzPq2lQyY6Z8sKc8z1_Png6_xT8PnF1S1hMhchRGlKQBfgA==
Age: 5281
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash e900decea613652b9501de51277c1b22
a2a9563dd429bc8c45fa5e9f2c5a7a3da8299685
6710e643184c872e49fa16f7d548e6446b5cb71e19747404fbd58339a3f90926
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 27 Jan 2023 15:23:30 GMT
Etag: "63d3ad7c-1d7"
Last-Modified: Fri, 27 Jan 2023 14:47:47 GMT
Server: ECS (dcb/7F37)
X-Cache: Miss from cloudfront
Via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: IR-j8MSIMlQ1hW649NoUJyEb6jZzBKhEiJ5owxziqRy-8rUVMJIojQ==
Age: 2143
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash e900decea613652b9501de51277c1b22
a2a9563dd429bc8c45fa5e9f2c5a7a3da8299685
6710e643184c872e49fa16f7d548e6446b5cb71e19747404fbd58339a3f90926
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 27 Jan 2023 15:23:30 GMT
Last-Modified: Fri, 27 Jan 2023 14:47:47 GMT
Server: ECS (bsa/EB14)
X-Cache: Miss from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: UtmbToOOdAeD7TuFW4oAcV5FzQFyfdQqsOxlUzmfUrYBXAnBVf-Hfw==
Age: 2143
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 5d26c41823a6e8c5fdcf3c28efbfdd01
2415b281bb7ee36d62aec11e477e4797e8bbc10c
e7c952964c5abd9aa20b354673bedf66a9ddb64c8c9ce0075a6601fe5d28cabe
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 15:23:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash e900decea613652b9501de51277c1b22
a2a9563dd429bc8c45fa5e9f2c5a7a3da8299685
6710e643184c872e49fa16f7d548e6446b5cb71e19747404fbd58339a3f90926
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Fri, 27 Jan 2023 15:23:30 GMT
Etag: "63d3ad7c-1d7"
Server: ECS (dcb/7EEE)
X-Cache: Miss from cloudfront
Via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: xJl_QUN30YqNEC9M96sV2J84yOc4Y4CTnWKRX-APpcnRuGAbJ1sdRQ==
www.googletagmanager.com/gtm.js?id=GTM-NR2G4XB
200 OK 72 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-NR2G4XB
IP
File type Unicode text, UTF-8 text, with very long lines (15106)
Hash e6cf2fca11070251769d341f18de3f3e
887e23fb2bdc7d8859d401d8c9b0ebf973870b27
b2c7afc0b2d7458edd6e2f56e0405c30dd1cf859fc362a5b8dc310ac3db6a4a2
GET /gtm.js?id=GTM-NR2G4XB HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 27 Jan 2023 15:23:31 GMT
expires: Fri, 27 Jan 2023 15:23:31 GMT
cache-control: private, max-age=900
last-modified: Fri, 27 Jan 2023 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 72305
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 5d26c41823a6e8c5fdcf3c28efbfdd01
2415b281bb7ee36d62aec11e477e4797e8bbc10c
e7c952964c5abd9aa20b354673bedf66a9ddb64c8c9ce0075a6601fe5d28cabe
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 15:23:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdnstatic.cyber.bet/js/global.js
200 OK 71 kB URL HTTP/2 cdnstatic.cyber.bet/js/global.js
IP
File type Unicode text, UTF-8 text, with very long lines (5000), with CRLF line terminators
Hash 8943965f22a29b6f800a98e0eaed584f
1cfa4c3d79808cce1785967a637819b88a9d11f5
3655c70a4699f50b8ffedcba2985671c7c8788b6a73e665e45515e6b8e69e3db
GET /js/global.js HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 70834
vary: Accept-Encoding
date: Fri, 27 Jan 2023 15:23:32 GMT
last-modified: Tue, 24 Jan 2023 12:10:35 GMT
etag: "8943965f22a29b6f800a98e0eaed584f"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 0T88sHCOPxOytgAxNSxTUYHSOsiVmZ3EpixxcXHxQu7mox2bt3L4pA==
cache-control: no-store, no-cache, must-revalidate
X-Firefox-Spdy: h2
cdnstatic.cyber.bet/css/global.css
200 OK 4.7 kB URL HTTP/2 cdnstatic.cyber.bet/css/global.css
IP
File type ASCII text, with CRLF line terminators
Hash 1d710fedcd0ddfd6744b7011d3261d07
884abf5c059be6ddcdd9067c24c55f744d6df31f
47db4a55aeef076b5cc2c69bb230028feb69a8575b5a9651a1fa79e51990edb9
GET /css/global.css HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: text/css
content-length: 4746
vary: Accept-Encoding
date: Fri, 27 Jan 2023 15:23:32 GMT
last-modified: Tue, 24 Jan 2023 12:10:32 GMT
etag: "1d710fedcd0ddfd6744b7011d3261d07"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: hGUoMC7qBcSNtE2RGssg1aXFzvtL_W0H-dS5yULPae1ksGtbfRK0vw==
cache-control: no-store, no-cache, must-revalidate
X-Firefox-Spdy: h2
cyber.bet/land/casino_spin_vegas_regform/img/logo.png
200 OK 3.1 kB URL HTTP/2 cyber.bet/land/casino_spin_vegas_regform/img/logo.png
IP
File type PNG image data, 319 x 61, 8-bit colormap, non-interlaced\012- data
Hash 2629d1a123bcff6f4f9730d3c334d0f1
648471b60baebce5a6a83ccebd4a1c198d4da297
1723721ffe474cfdcbf447e300c5804cb66991491fbce776cbb55d8a8cb7c189
GET /land/casino_spin_vegas_regform/img/logo.png HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_spin_vegas_regform/css/style.css?v=17
Cookie: _uc_referrer=http://muratboz.get.to/; _uc_utm_source=affise; _uc_utm_medium=revshare; _uc_utm_campaign=53_casino; _uc_utm_term=; _uc_utm_content=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 27 Jan 2023 15:23:31 GMT
content-type: image/png
content-length: 3083
last-modified: Fri, 18 Nov 2022 15:50:56 GMT
etag: "6377a9e0-c0b"
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 627
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OaUMaGAZfRhjIEQb9e1uUdJdNdTOsLPt7QEMp6LMT0DSjU5FAx2D3R1xXxFVlDMKSNaKtL1KeRlrS0rLgIjrXT2WGjggNDOZxyMMvLyV3%2Bnw8UXzXmGf060b5w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79027d70baeab4f1-OSL
X-Firefox-Spdy: h2
cyber.bet/land/casino_spin_vegas_regform/img/new_spins/wheel_btn_EN_default.png
200 OK 8.7 kB URL HTTP/2 cyber.bet/land/casino_spin_vegas_regform/img/new_spins/wheel_btn_EN_default.png
IP
File type PNG image data, 171 x 171, 8-bit colormap, non-interlaced\012- data
Hash 8802885e8e569bed4d86d83a64f2608b
2dfe0d8f694eb9aaedd62a53e77055aaab417acd
97d5abc9b9b603590133a96dcff31d74c3cce356cef901717fc8225c0dd6e6a6
GET /land/casino_spin_vegas_regform/img/new_spins/wheel_btn_EN_default.png HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_spin_vegas_regform/css/style.css?v=17
Cookie: _uc_referrer=http://muratboz.get.to/; _uc_utm_source=affise; _uc_utm_medium=revshare; _uc_utm_campaign=53_casino; _uc_utm_term=; _uc_utm_content=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 27 Jan 2023 15:23:31 GMT
content-type: image/png
content-length: 8673
last-modified: Fri, 18 Nov 2022 15:50:56 GMT
etag: "6377a9e0-21e1"
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 627
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ziMalCz6V4l0DY5ZnOaj1nZcfmHA0%2BEn7BJgZD66nacx9tkaYvMGcYES0ZWzsbURQGpspTo2dIZvf4fF59%2F9GTobnLKUtcbLqcFXkDYxy3IcuxPGhsGTSWZgnA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79027d70caffb4f1-OSL
X-Firefox-Spdy: h2
cyber.bet/land/casino_spin_vegas_regform/img/new_spins/woman.png
200 OK 106 kB URL HTTP/2 cyber.bet/land/casino_spin_vegas_regform/img/new_spins/woman.png
IP
File type PNG image data, 639 x 1080, 8-bit colormap, non-interlaced\012- data
Size 106 kB (105481 bytes)
Hash a743524dd5c4a4936aab76d7698d6701
eb6922bee45beaf1daab50db7450517e6408e899
e689525b332b5af81c2f23d6b30235eb5bf66f5bdb5017fbc7bbbf39105c58ac
GET /land/casino_spin_vegas_regform/img/new_spins/woman.png HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_spin_vegas_regform/css/style.css?v=17
Cookie: _uc_referrer=http://muratboz.get.to/; _uc_utm_source=affise; _uc_utm_medium=revshare; _uc_utm_campaign=53_casino; _uc_utm_term=; _uc_utm_content=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 27 Jan 2023 15:23:31 GMT
content-type: image/png
content-length: 105481
last-modified: Fri, 18 Nov 2022 15:50:56 GMT
etag: "6377a9e0-19c09"
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 212
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tCcxpf9sTGr02BHIvptH2nW5XKPRRXTyNp9rDTE6jYTI3Fy3jthzsSLMezY1EP8P80KMxla7AbXFIXsDOQX113WvERRo3OF320J%2BYugwpZJ6z2Ax%2BqdETQ36lg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79027d70aad5b4f1-OSL
X-Firefox-Spdy: h2
cyber.bet/land/casino_spin_vegas_regform/img/new_spins/wheel_fields_EN.png
200 OK 43 kB URL HTTP/2 cyber.bet/land/casino_spin_vegas_regform/img/new_spins/wheel_fields_EN.png
IP
File type PNG image data, 491 x 491, 8-bit colormap, non-interlaced\012- data
Hash 7b1c82f0a9cd3f467a05500e6f637d5e
817e1b3c98061dbad016515451285d76cb335c05
e944ae8a5eaa194d7cb2df54e6c131f45e0e46ac11aca4212179237e39f272fb
GET /land/casino_spin_vegas_regform/img/new_spins/wheel_fields_EN.png HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_spin_vegas_regform/css/style.css?v=17
Cookie: _uc_referrer=http://muratboz.get.to/; _uc_utm_source=affise; _uc_utm_medium=revshare; _uc_utm_campaign=53_casino; _uc_utm_term=; _uc_utm_content=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 27 Jan 2023 15:23:31 GMT
content-type: image/png
content-length: 42650
last-modified: Fri, 18 Nov 2022 15:50:56 GMT
etag: "6377a9e0-a69a"
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 627
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HgjvjjNErQLK5HCvsnxSkhvYx8dVMAw6obGHLn55rFWDpXpghMhra8%2BiJnMcasnOkmCuTtcrTuG%2BJCDBgvKKpzkqQmQNsEsgabbtji3kcYuPkk5ETho7rcTTHw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79027d70cafcb4f1-OSL
X-Firefox-Spdy: h2
cyber.bet/land/casino_spin_vegas_regform/img/new_spins/wheel_frame_new.png
200 OK 42 kB URL HTTP/2 cyber.bet/land/casino_spin_vegas_regform/img/new_spins/wheel_frame_new.png
IP
File type PNG image data, 566 x 602, 8-bit colormap, non-interlaced\012- data
Hash 64396b8564ff103f72de0e2cfcc258da
1515c6b6505697593160dfdf0666a22682bcbddc
f1e3cb2c53e4ff0c1f7bae18ea535cac7b2eb1567ab7970ebdd010d49f667588
GET /land/casino_spin_vegas_regform/img/new_spins/wheel_frame_new.png HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_spin_vegas_regform/css/style.css?v=17
Cookie: _uc_referrer=http://muratboz.get.to/; _uc_utm_source=affise; _uc_utm_medium=revshare; _uc_utm_campaign=53_casino; _uc_utm_term=; _uc_utm_content=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 27 Jan 2023 15:23:31 GMT
content-type: image/png
content-length: 41547
last-modified: Fri, 18 Nov 2022 15:50:56 GMT
etag: "6377a9e0-a24b"
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 627
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t6Ph36UAW8hKMEVkpn8sNCV8p43w5vF08SOGdQvUARWWVG%2B%2B02LFEU%2FEFa6Ir%2ByO6M9ouo2zURizpvayfo4vqvlJ4hxrNEzHTN3pCiHRxWgmEm3TpEn3QrikOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79027d70db07b4f1-OSL
X-Firefox-Spdy: h2
cyber.bet/land/casino_spin_vegas_regform/img/new_spins/money.png
200 OK 133 kB URL HTTP/2 cyber.bet/land/casino_spin_vegas_regform/img/new_spins/money.png
IP
File type PNG image data, 915 x 1080, 8-bit colormap, non-interlaced\012- data
Size 133 kB (133229 bytes)
Hash 569ef7d18b3eea67d4a0051cce45e572
8fbf0b969b948ac75bbdfca44e0c14c627f04803
e981cc826d79bea1e43052c2b79ec76f2be21de446e4c5d9ad360bba677ed111
GET /land/casino_spin_vegas_regform/img/new_spins/money.png HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_spin_vegas_regform/css/style.css?v=17
Cookie: _uc_referrer=http://muratboz.get.to/; _uc_utm_source=affise; _uc_utm_medium=revshare; _uc_utm_campaign=53_casino; _uc_utm_term=; _uc_utm_content=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 27 Jan 2023 15:23:31 GMT
content-type: image/png
content-length: 133229
last-modified: Fri, 18 Nov 2022 15:50:56 GMT
etag: "6377a9e0-2086d"
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 212
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lx5oxTytlFFcQKsluH1f%2BarGbiFpVIa15N2ZVOJ8gpcTHuRkOBCkc%2FhWMDEmuFHdq8XnIZ60njc9dYaIcrUZuRIzb3Bc8d2226ARB68nb%2BGRjnfDtT4s1t13PQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79027d70bae3b4f1-OSL
X-Firefox-Spdy: h2
cyber.bet/land/casino_spin_vegas_regform/img/new_spins/cta.png
200 OK 48 kB URL HTTP/2 cyber.bet/land/casino_spin_vegas_regform/img/new_spins/cta.png
IP
File type PNG image data, 657 x 311, 8-bit colormap, non-interlaced\012- data
Hash 571fef164afd2c9966dcef36983faf16
0fb39a94c4f924bb38baac8d36dc9cde5f8914e5
ae37ad8adebfc0e3d2822c36522dd6c3a645d753ff2506d84afd143e2424db83
GET /land/casino_spin_vegas_regform/img/new_spins/cta.png HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_spin_vegas_regform/css/style.css?v=17
Cookie: _uc_referrer=http://muratboz.get.to/; _uc_utm_source=affise; _uc_utm_medium=revshare; _uc_utm_campaign=53_casino; _uc_utm_term=; _uc_utm_content=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 27 Jan 2023 15:23:31 GMT
content-type: image/png
content-length: 48382
last-modified: Fri, 18 Nov 2022 15:50:56 GMT
etag: "6377a9e0-bcfe"
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 627
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JtIrEl8CxUuixHXnf0kLBjmT0RG6wUqiknvCp6ZEEE3gki7DGBJhIXaLISk9z%2FRjVX8zFq5ZnLcDy02TPIGBtTT0bk99ez8jtzWL5W6chE6qJaQe8lHtjIY3fw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79027d70db0bb4f1-OSL
X-Firefox-Spdy: h2
cyber.bet/land/casino_spin_vegas_regform/img/new_spins/bg.jpg
200 OK 282 kB URL HTTP/2 cyber.bet/land/casino_spin_vegas_regform/img/new_spins/bg.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1080, components 3\012- data
Size 282 kB (282217 bytes)
Hash 52b9fcb3e2261f5f091dcdbee9888e62
a1f92c50ad2265c02445bea4e8ca49c7dcc2cf0e
4491bab03cb4a1f8063665f4735997114654509f0c227f62d375d18fe4bfee91
GET /land/casino_spin_vegas_regform/img/new_spins/bg.jpg HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_spin_vegas_regform/css/style.css?v=17
Cookie: _uc_referrer=http://muratboz.get.to/; _uc_utm_source=affise; _uc_utm_medium=revshare; _uc_utm_campaign=53_casino; _uc_utm_term=; _uc_utm_content=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 27 Jan 2023 15:23:31 GMT
content-type: image/jpeg
content-length: 282217
cf-bgj: h2pri
etag: "6377a9e0-44e69"
last-modified: Fri, 18 Nov 2022 15:50:56 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 212
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A3dgIJaWzazVpNJYjD5cYJrXZaK%2FBjB6V0H2VhZvmORVw2aBC%2F0KKN%2BsGPLLTm3HpL6r4t0Yr6MjtH2HoZK2fNFwlS03ezjkC5U6UXp18Q3Pc8GK9f01fCHy3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79027d70aaceb4f1-OSL
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11221
Expires: Fri, 27 Jan 2023 18:30:32 GMT
Date: Fri, 27 Jan 2023 15:23:31 GMT
Connection: keep-alive
cyber.bet/land/casino_spin_vegas_regform/css/style.css?v=17
200 OK 4.8 kB URL HTTP/2 cyber.bet/land/casino_spin_vegas_regform/css/style.css?v=17
IP
File type ASCII text, with very long lines (23149), with no line terminators
Hash dffd9b754f20a8382531512e1b8c79a6
e0aa0c400af5ba33ae934fa46d9414d0e6e00d59
a21e6b147850abc0d33dd21eecae93cc449058007d4202605d283cf138fb764b
GET /land/casino_spin_vegas_regform/css/style.css?v=17 HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_spin_vegas_regform/?cid=63d3ec72c5c3ad00010ca583&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_casino&promocode=CYBERMAXCAS&subid2=&subid3=&aff_bnnr=&aff_land=1669392078&slice=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 27 Jan 2023 15:23:30 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=33453
etag: W/"63824d83-82ad"
last-modified: Sat, 26 Nov 2022 17:31:47 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2401
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M1%2FwwAQQ6sU3F9KxxxA1ogCl8RklwaHoRasV0IVFQHxRqsGjxfVc%2FLp4qMMPM1t7UHbXlvIv%2BvwaDx6U1nDQ98eEFNKjwazpLH%2BPP14vbS78m%2BI%2FDX1yVdzOLA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79027d6d4db7b4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11221
Expires: Fri, 27 Jan 2023 18:30:32 GMT
Date: Fri, 27 Jan 2023 15:23:31 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f238e33-a6e3-479a-920f-92a9c7bf1a06.jpeg
200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f238e33-a6e3-479a-920f-92a9c7bf1a06.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a3d856f57bcfd0bb18253cd77dd6541b
9d9680fb1a9232bb2b42b824dc11633666bfa31a
f2a03384e72a4d3350ee6addc49d6a507837eb195647016ea001e846eaccb0e3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f238e33-a6e3-479a-920f-92a9c7bf1a06.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6055
x-amzn-requestid: dd44b3ab-6248-419a-995a-f3aaf59dae77
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fLRhMFPYIAMF91g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cdfc6d-4df410b022dbbb55297e6ac7;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 03:18:05 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: b0NnMvzF8QzmCB6erAH6gTky4A2vBwI6huYmgX8hLTatYq_NHhQl1A==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 09:15:04 GMT
age: 22107
etag: "9d9680fb1a9232bb2b42b824dc11633666bfa31a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbccadbe9-ae35-4a03-bf17-9342e0629c81.jpeg
200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbccadbe9-ae35-4a03-bf17-9342e0629c81.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6e96f3ea585b5fa8ed6446ed16e2b4b2
f90c205f370a2426dffe3c21b24bfa551b385556
6967ba25887f87200fcb39a3e6f065fd27596b2ebcf0d33a2751c655d6e724f2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbccadbe9-ae35-4a03-bf17-9342e0629c81.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4272
x-amzn-requestid: e051c22b-c2ec-4e59-b29b-ba1464d8015b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fRz28G13oAMFeeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d099c5-48b013ff34b9702a6d2fd560;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 02:53:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3BquvYOvgBWY2JeuOjZH9t1bunnj5yAXmMqyqZKuD6v2xMm8BAG3lw==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 12:35:00 GMT
age: 10111
etag: "f90c205f370a2426dffe3c21b24bfa551b385556"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52fbb3f0-e394-4245-a542-f5d9aa7b93cc.jpeg
200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52fbb3f0-e394-4245-a542-f5d9aa7b93cc.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dc869235086902c4acc379733b6bfdb8
0170f6aa6bd83ddeb60cf1cb65e9f0443d8d4bae
e614e29b14e69209fd4b82a688290f7a3f541909833a6558cf480aca899bab6d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52fbb3f0-e394-4245-a542-f5d9aa7b93cc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9056
x-amzn-requestid: 81cf473d-8dc6-49e7-b012-d0b7dfaec7f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fB4COHTlIAMFtRg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ca3a0e-0848461c054db5c66fde9107;Sampled=0
x-amzn-remapped-date: Fri, 20 Jan 2023 06:51:58 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MApUIVJ9KiOB34nLWUtMNmA8deQVoQ9xyNqSUYXlzdLlGoP9n78C5A==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 06:24:42 GMT
age: 32329
etag: "0170f6aa6bd83ddeb60cf1cb65e9f0443d8d4bae"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cyber.bet/land/casino_spin_vegas_regform/img/new_spins/promo_icon.svg
200 OK 6.4 kB URL HTTP/2 cyber.bet/land/casino_spin_vegas_regform/img/new_spins/promo_icon.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (655)
Hash 4218f3dd00952f6344db7e04c00045f0
4c8c57f5949ed21561de2fa4c6bbdd60d9370d37
11625e9b43edd6d20698e4df07a21eb43d9849557315db82bc00424d5ecd9ac2
GET /land/casino_spin_vegas_regform/img/new_spins/promo_icon.svg HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_spin_vegas_regform/css/style.css?v=17
Cookie: _uc_referrer=http://muratboz.get.to/; _uc_utm_source=affise; _uc_utm_medium=revshare; _uc_utm_campaign=53_casino; _uc_utm_term=; _uc_utm_content=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 27 Jan 2023 15:23:31 GMT
content-type: image/svg+xml
last-modified: Fri, 18 Nov 2022 15:50:56 GMT
etag: W/"6377a9e0-606"
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 627
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uziyEGWN8u586LVB27XMO1pCYuORO5VnuFCf368f49TgzN7KoGYDRQKw8vdNbvWpyIF15%2FthDg3bRw1gnI%2FIWSQH%2Fs%2FvydGudZiBpAP%2BVCzb%2FNJauseTP75z0A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79027d70aad3b4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg
200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 131eb343c5abd61939457d69bd371348
ffb2035cf64fc83f01db5c6f26ffa264b6aac95b
8486eb9dc6325018f8721bc6f37408f260b6e652b145280f2d778d860d3ec2d5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7538
x-amzn-requestid: 113924cc-a196-4dbd-91d9-68c213265afe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e3fobF-ZoAMFjjA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c61302-6b24941a642b22cf21e47dc0;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 03:16:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2P09wOtKPDHjxxAuzcLFMQJwmGN1zNJcH9LA6IJpeaGiaPVRF4y-TA==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 05:20:00 GMT
age: 36211
etag: "ffb2035cf64fc83f01db5c6f26ffa264b6aac95b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg
200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ba0a42dadf6a976df148f652e9cc1844
4d825b74865effa4a858ddcad1d0969671facc07
7276a38c9ba6b13a06f24ab8b802f210f98c5541df53fbcd8e879a14d2957d95
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5943
x-amzn-requestid: 6774f4a4-ed83-49df-868f-4517c2af914b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUXxNF2UIAMFlYw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1a007-75b1e8975c3f4b503e0a1c5b;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 21:32:55 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: KY05WKpINERD5g9o2QLYdsNMSuuy_YKn2Tl7Qkn7YaAOaPTDfLteeA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 21:49:48 GMT
age: 63223
etag: "4d825b74865effa4a858ddcad1d0969671facc07"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 2fd3b5487710791cafa87110d681647a
6f3de59c79cf8f93c3312d917e9bb225a8bb25f9
35c24aa8f70e97185a0a18761f04b283cefecdce3abcd2261ccc6377077730c5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35C24AA8F70E97185A0A18761F04B283CEFECDCE3ABCD2261CCC6377077730C5"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9658
Expires: Fri, 27 Jan 2023 18:04:29 GMT
Date: Fri, 27 Jan 2023 15:23:31 GMT
Connection: keep-alive
cdnstatic.cyber.bet/js/fp.js
200 OK 533 B URL HTTP/2 cdnstatic.cyber.bet/js/fp.js
IP
File type ASCII text, with CRLF line terminators
Hash d1abfbe2c5b50e7f427e41c79197dcd3
01f6142a97168fd15da33334c35ce351d676ed08
7266855231eab7a13a11e53e9df50e1c84582649d9708e9a8f72d62e8af8b569
GET /js/fp.js HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1674833011.1.0.1674833011.60.0.0; _ga=GA1.1.2034160473.1674833011
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 533
last-modified: Tue, 24 Jan 2023 12:10:35 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Fri, 27 Jan 2023 15:23:03 GMT
etag: "d1abfbe2c5b50e7f427e41c79197dcd3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: pwPa97RheUlRYcxvI_INppmhV0L9B0f6JYnprroegFdOT1Ym0nxlfw==
age: 38
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash cbe94bc7052911313fffd1cdad964a74
a96a6606f1d20baeeb4040c9ced3ba2f7bd1aada
430d90ac0a39038dbb5336cf29baf6786ac29491c5a8e4dcce04e93d9fceb5e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 15:23:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cyber.bet
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 17:46:05 GMT
expires: Thu, 25 Jan 2024 17:46:05 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
age: 164246
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash c6c64fc014f993e296f124e4b2f0f175
68d3e62fcd25c05d19894a28f4490cf1d04a44c1
7cee6b4b9234d595e6abd78d1bc14febaf314cdab54cc18e07f92e0b24fe1e79
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 15:23:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
my.rtmark.net/p.js?f=sync&lr=1&partner=ba0d5680aec92ed9c5c9da2be8d0e8a3a577866b71c7089a32ed732bc1246910
200 OK 697 B URL HTTP/2 my.rtmark.net/p.js?f=sync&lr=1&partner=ba0d5680aec92ed9c5c9da2be8d0e8a3a577866b71c7089a32ed732bc1246910
IP
Hash bb07e31c2c066db5c4b3259d1f69a442
db79e9d4a817ce703b11b65faf2ba097228063b2
d96b7a3f7fe0803348c6ea7cd2f02b2a3d96feabac2339d2f89033336f6583a8
GET /p.js?f=sync&lr=1&partner=ba0d5680aec92ed9c5c9da2be8d0e8a3a577866b71c7089a32ed732bc1246910 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 15:23:31 GMT
content-type: text/javascript
content-length: 697
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 280 B IP
Hash d727f096e17e7ce4467ab53ff6c1cd5f
4e45586da1aa3cd2aed10a3bc9462fdca0dd9a84
6ae0fbc2486a839a4864ec8be69ceaa72dd6f39b5b55cccb5eb41f641040b52a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6036
Cache-Control: max-age=100065
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 15:23:31 GMT
Etag: "63d2b8c0-118"
Expires: Sat, 28 Jan 2023 19:11:16 GMT
Last-Modified: Thu, 26 Jan 2023 17:30:40 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 280
cdnstatic.cyber.bet/js/currencyMapping.js
200 OK 4.0 kB URL HTTP/2 cdnstatic.cyber.bet/js/currencyMapping.js
IP
Hash f986e368f8429bb8dad253b6d6e0c304
23307a95840fd1716aebd3649f5203696b8b1a8f
687df031f22b7c76e1f5c54f4e61637c143d71e7434b09649b120c72240dd979
GET /js/currencyMapping.js HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1674833011.1.0.1674833011.60.0.0; _ga=GA1.1.2034160473.1674833011
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 24 Jan 2023 12:10:35 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Fri, 27 Jan 2023 15:23:03 GMT
etag: W/"2a3d85d14eaeaac04949a29f3c94c548"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: kY7cZgJ1Fo4EXqpqCV_dsp54jl-doGDloQLdkeExrRRN2GGyRZMRTA==
age: 35
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 280 B IP
Hash d727f096e17e7ce4467ab53ff6c1cd5f
4e45586da1aa3cd2aed10a3bc9462fdca0dd9a84
6ae0fbc2486a839a4864ec8be69ceaa72dd6f39b5b55cccb5eb41f641040b52a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6037
Cache-Control: max-age=100065
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 15:23:32 GMT
Etag: "63d2b8c0-118"
Expires: Sat, 28 Jan 2023 19:11:17 GMT
Last-Modified: Thu, 26 Jan 2023 17:30:40 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 280
fonts.googleapis.com/css2?family=Montserrat:wght@100;200;300;400;500;600;700;900&display=swap
200 OK 35 kB URL HTTP/2 fonts.googleapis.com/css2?family=Montserrat:wght@100;200;300;400;500;600;700;900&display=swap
IP
Hash b46d7cf9cbae3a7e3028abca41349829
af86149570988e28c704ad9d33e90e8dbb90d967
9243a1f4ea76e17eecc9d25efac6fdbe3622b22c04ec0028e762ea979ce4e490
GET /css2?family=Montserrat:wght@100;200;300;400;500;600;700;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 27 Jan 2023 15:23:30 GMT
date: Fri, 27 Jan 2023 15:23:30 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Fri, 27 Jan 2023 13:45:20 GMT
expires: Fri, 27 Jan 2023 15:45:20 GMT
cache-control: public, max-age=7200
age: 5892
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 61b07ec18bd0517d727603f51ee96cbe
03caefc67f3485fcad58d669cd4e7c8b371acce5
604702d9942ca8804874e6923a37438ce46c913122ed7b700273f46f1029afce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 15:23:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
region1.analytics.google.com/g/collect?v=2&tid=G-8FYNJV02NV>m=2oe1p0&_p=657956326&_gaz=1&cid=2034160473.1674833011&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674833011&sct=1&seg=0&dl=https%3A%2F%2Fcyber.bet%2Fland%2Fcasino_spin_vegas_regform%2F%3Fcid%3D63d3ec72c5c3ad00010ca583%26pid%3D8425%26subid1%3D%26affs%3D1%26sid%3Daffs%26utm_medium%3Drevshare%26utm_source%3Daffise%26utm_campaign%3D53_casino%26promocode%3DCYBERMAXCAS%26subid2%3D%26subid3%3D%26aff_bnnr%3D%26aff_land%3D1669392078%26slice%3D&dr=http%3A%2F%2Fmuratboz.get.to%2F&dt=Cyber.bet%20Wheel%20of%20Fortune&en=page_view&_fv=2&_nsi=1&_ss=2&up.ip=&up.anon_id=&up.score_bot=
204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-8FYNJV02NV>m=2oe1p0&_p=657956326&_gaz=1&cid=2034160473.1674833011&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674833011&sct=1&seg=0&dl=https%3A%2F%2Fcyber.bet%2Fland%2Fcasino_spin_vegas_regform%2F%3Fcid%3D63d3ec72c5c3ad00010ca583%26pid%3D8425%26subid1%3D%26affs%3D1%26sid%3Daffs%26utm_medium%3Drevshare%26utm_source%3Daffise%26utm_campaign%3D53_casino%26promocode%3DCYBERMAXCAS%26subid2%3D%26subid3%3D%26aff_bnnr%3D%26aff_land%3D1669392078%26slice%3D&dr=http%3A%2F%2Fmuratboz.get.to%2F&dt=Cyber.bet%20Wheel%20of%20Fortune&en=page_view&_fv=2&_nsi=1&_ss=2&up.ip=&up.anon_id=&up.score_bot=
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-8FYNJV02NV>m=2oe1p0&_p=657956326&_gaz=1&cid=2034160473.1674833011&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674833011&sct=1&seg=0&dl=https%3A%2F%2Fcyber.bet%2Fland%2Fcasino_spin_vegas_regform%2F%3Fcid%3D63d3ec72c5c3ad00010ca583%26pid%3D8425%26subid1%3D%26affs%3D1%26sid%3Daffs%26utm_medium%3Drevshare%26utm_source%3Daffise%26utm_campaign%3D53_casino%26promocode%3DCYBERMAXCAS%26subid2%3D%26subid3%3D%26aff_bnnr%3D%26aff_land%3D1669392078%26slice%3D&dr=http%3A%2F%2Fmuratboz.get.to%2F&dt=Cyber.bet%20Wheel%20of%20Fortune&en=page_view&_fv=2&_nsi=1&_ss=2&up.ip=&up.anon_id=&up.score_bot= HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cyber.bet
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://cyber.bet
date: Fri, 27 Jan 2023 15:23:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8FYNJV02NV&cid=2034160473.1674833011>m=2oe1p0&aip=1&z=969923044
200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8FYNJV02NV&cid=2034160473.1674833011>m=2oe1p0&aip=1&z=969923044
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8FYNJV02NV&cid=2034160473.1674833011>m=2oe1p0&aip=1&z=969923044 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 27 Jan 2023 15:23:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 1f4c8e17a668764556ab61c7c31e53c7
ada5ee5917ab9faf3d55a6da1d5bfc3077e42de2
8ac89ed8b6650ea140c2eac1b1dd61f8498e97e278e6bd6debfd803a588e2468
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 15:23:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cyber.bet/land/casino_spin_vegas_regform/?cid=63d3ec72c5c3ad00010ca583&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_casino&promocode=CYBERMAXCAS&subid2=&subid3=&aff_bnnr=&aff_land=1669392078&slice=
200 OK 1.2 kB URL HTTP/2 cyber.bet/land/casino_spin_vegas_regform/?cid=63d3ec72c5c3ad00010ca583&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_casino&promocode=CYBERMAXCAS&subid2=&subid3=&aff_bnnr=&aff_land=1669392078&slice=
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 8d689a56f50bfd85041254ccdb5f2c57
986a63172bee4ad86db1efdda3ed8255e571aea5
3e5abde9ab15e4b4820a7f298b0de09605cab941aece8c8627fa7b204942d3f0
GET /land/casino_spin_vegas_regform/?cid=63d3ec72c5c3ad00010ca583&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_casino&promocode=CYBERMAXCAS&subid2=&subid3=&aff_bnnr=&aff_land=1669392078&slice= HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://muratboz.get.to/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 27 Jan 2023 15:23:30 GMT
content-type: text/html
last-modified: Sat, 26 Nov 2022 17:31:47 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N%2BWjgvV8y%2F1fNGowk5MgwQXDHq7GoeICi7iPfDcNzTr5Ii7WnmA3WJ1IUUFU4nRRv7rG9IkXNjhlmp4T10pIGw%2FJcsNt%2F1PrgmETg3eqIXrfVhp1sm%2BHMqKrPA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79027d6c5c89b4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 61b07ec18bd0517d727603f51ee96cbe
03caefc67f3485fcad58d669cd4e7c8b371acce5
604702d9942ca8804874e6923a37438ce46c913122ed7b700273f46f1029afce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 15:23:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Roboto:500,700&display=swap&subset=cyrillic
200 OK 584 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:500,700&display=swap&subset=cyrillic
IP
Hash 69589dc598e6625d84478d7ff954714f
a7d4b8e24eec9b97537633c430470c908f13aa84
8c7cac8dc47c92e5e8b36f694f92577fbac03ea1bb2dc9340724d216ec28aef4
GET /css?family=Roboto:500,700&display=swap&subset=cyrillic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 27 Jan 2023 15:23:30 GMT
date: Fri, 27 Jan 2023 15:23:30 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e7ebbff54ced2c07469b302fc6d44078
f59983c844c398bd37705051ca685b2d07d85726
04eb3bd7658c1112bfc1d0098e8d7f5fafdb10459e3290c0d4e6a17e65a5494f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 15:23:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 36e0cdc0f0045a86fb197e1afb3c218e
8d77a10c49bcb1f2cacbb6854f7176eacc90762e
3c73d490b7c2ee88164728b67d7dc53fac8d48501cabcf58e3752a57e45d4142
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=105252
Date: Fri, 27 Jan 2023 15:23:32 GMT
Etag: "63d2da75-1d7"
Expires: Sat, 28 Jan 2023 20:37:44 GMT
Last-Modified: Thu, 26 Jan 2023 19:54:29 GMT
Server: ECS (dcb/7FA5)
X-Cache: Miss from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 9AXDK1FTuIVamjr3I9WsWfluABZ-aAEoSDwdig9Uoa8bxI2yUbQX3w==
Age: 2595
my.rtmark.net/img.gif?f=sync&partner=ba0d5680aec92ed9c5c9da2be8d0e8a3a577866b71c7089a32ed732bc1246910&ttl=&rurl=https%3A%2F%2Fcyber.bet%2Fland%2Fcasino_spin_vegas_regform%2F%3Fcid%3D63d3ec72c5c3ad00010ca583%26pid%3D8425%26subid1%3D%26affs%3D1%26sid%3Daffs%26utm_medium%3Drevshare%26utm_source%3Daffise%26utm_campaign%3D53_casino%26promocode%3DCYBERMAXCAS%26subid2%3D%26subid3%3D%26aff_bnnr%3D%26aff_land%3D1669392078%26slice%3D
200 OK 43 B URL HTTP/2 my.rtmark.net/img.gif?f=sync&partner=ba0d5680aec92ed9c5c9da2be8d0e8a3a577866b71c7089a32ed732bc1246910&ttl=&rurl=https%3A%2F%2Fcyber.bet%2Fland%2Fcasino_spin_vegas_regform%2F%3Fcid%3D63d3ec72c5c3ad00010ca583%26pid%3D8425%26subid1%3D%26affs%3D1%26sid%3Daffs%26utm_medium%3Drevshare%26utm_source%3Daffise%26utm_campaign%3D53_casino%26promocode%3DCYBERMAXCAS%26subid2%3D%26subid3%3D%26aff_bnnr%3D%26aff_land%3D1669392078%26slice%3D
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /img.gif?f=sync&partner=ba0d5680aec92ed9c5c9da2be8d0e8a3a577866b71c7089a32ed732bc1246910&ttl=&rurl=https%3A%2F%2Fcyber.bet%2Fland%2Fcasino_spin_vegas_regform%2F%3Fcid%3D63d3ec72c5c3ad00010ca583%26pid%3D8425%26subid1%3D%26affs%3D1%26sid%3Daffs%26utm_medium%3Drevshare%26utm_source%3Daffise%26utm_campaign%3D53_casino%26promocode%3DCYBERMAXCAS%26subid2%3D%26subid3%3D%26aff_bnnr%3D%26aff_land%3D1669392078%26slice%3D HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 15:23:32 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=8e4afc35c21c4cc2815e2eec1e1b4306; expires=Sat, 27 Jan 2024 15:23:32 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ff87b4149b62904a89d7e6562e3cb218
cc0e16eead0f9aeaf4bcbaffbaf012a9afaed8fd
933aa984d566020cf3cb1e22541d0f70d59f41257c75a460c22d9c26b38d0d18
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "933AA984D566020CF3CB1E22541D0F70D59F41257C75A460C22D9C26B38D0D18"
Last-Modified: Wed, 25 Jan 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12327
Expires: Fri, 27 Jan 2023 18:48:59 GMT
Date: Fri, 27 Jan 2023 15:23:32 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b3a61265429c61d8343295d26772452c
1364508102e65eeccdf0a50492cf7a6100089334
614b51d326842e8d5d6b2a7661c429bb4d0d7e2f42df3f4fbbb8814fa7172b59
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "614B51D326842E8D5D6B2A7661C429BB4D0D7E2F42DF3F4FBBB8814FA7172B59"
Last-Modified: Thu, 26 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6991
Expires: Fri, 27 Jan 2023 17:20:03 GMT
Date: Fri, 27 Jan 2023 15:23:32 GMT
Connection: keep-alive
backend.cyberbet.academy/api/gql/send?ttl=86400
200 OK 4 B URL HTTP/2 backend.cyberbet.academy/api/gql/send?ttl=86400
IP
File type ASCII text, with no line terminators
Hash 5b3abf9c1aa7556c3a36fea4e695c5d2
3fd967d09a748e1f2b26d6fe562e7155aa87e9de
98c4922bb641c65c7a30b7bcafdf230b9b00b6693631c56146ab25b2786ee4a3
OPTIONS /api/gql/send?ttl=86400 HTTP/1.1
Host: backend.cyberbet.academy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://cyber.bet/
Origin: https://cyber.bet
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 27 Jan 2023 15:23:32 GMT
content-type: application/json; charset=utf-8
content-length: 4
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-headers: origin, content-type, accept
etag: W/"4-P9ln0Jp0jh8rJtb+Vi5xVaqH6d4"
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
backend.cyberbet.academy/api/gql/send?ttl=86400
200 OK 1.7 kB URL HTTP/2 backend.cyberbet.academy/api/gql/send?ttl=86400
IP
File type JSON data\012- , ASCII text, with very long lines (1732), with no line terminators
Hash 7d262be351a12c20d4e65ce60529f9fc
8081b04642d8b42d8af4fe92cf2e496ed15eaca5
a9d1bfc8e3fcf82bc6d372d278866fb7cc002c158e1ed329bd4f94a70a965241
POST /api/gql/send?ttl=86400 HTTP/1.1
Host: backend.cyberbet.academy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cyber.bet/
Content-Type: application/json;charset=utf-8
Origin: https://cyber.bet
Content-Length: 359
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 27 Jan 2023 15:23:32 GMT
content-type: application/json; charset=utf-8
content-length: 1732
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-headers: origin, content-type, accept
etag: W/"6c4-gIGwRkLYtC2K9P6Szy5JbtFerKU"
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
cyber.bet/land/casino_spin_vegas_regform/img/new_spins/wheel_fields_NO.png
200 OK 44 kB URL HTTP/2 cyber.bet/land/casino_spin_vegas_regform/img/new_spins/wheel_fields_NO.png
IP
File type PNG image data, 491 x 491, 8-bit colormap, non-interlaced\012- data
Hash 7c343f929652db4727d6d0facdf5055f
c0aa47df3240b38340024e607cd975429a458aee
32b1424e4f603dd7e780b70abf90fe27fcfd883f1e9a9273b524c375401d59cf
GET /land/casino_spin_vegas_regform/img/new_spins/wheel_fields_NO.png HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_spin_vegas_regform/css/style.css?v=17
Cookie: _uc_referrer=http://muratboz.get.to/; _uc_utm_source=affise; _uc_utm_medium=revshare; _uc_utm_campaign=53_casino; _uc_utm_term=; _uc_utm_content=; _ga_8FYNJV02NV=GS1.1.1674833011.1.0.1674833011.60.0.0; _ga=GA1.2.2034160473.1674833011; _gid=GA1.2.719044120.1674833012; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 27 Jan 2023 15:23:32 GMT
content-type: image/png
content-length: 44060
last-modified: Fri, 18 Nov 2022 15:50:56 GMT
etag: "6377a9e0-ac1c"
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2872
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BH4FHHn2sTfsZ8sNZhi%2Fi9xB7fL21iSrLwJZNsvqKFdp5aSDZRzYI4Sz8KmCjQyFxki3gQZ%2Fw%2FVniJnq1QEap6%2BOkOg%2BeV8%2BdQ0Hj38ee%2FVw5FBvldSpdGkYRA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79027d79a88fb4f1-OSL
X-Firefox-Spdy: h2
cyber.bet/land/casino_spin_vegas_regform/img/new_spins/wheel_btn_NO_hover.png
200 OK 8.7 kB URL HTTP/2 cyber.bet/land/casino_spin_vegas_regform/img/new_spins/wheel_btn_NO_hover.png
IP
File type PNG image data, 171 x 171, 8-bit colormap, non-interlaced\012- data
Hash 81ad0c35eafd4540d52bd29dc889d581
50e5f72ab77fe3ffbaebc8276c92c54236410f93
9b11059ae9b641ec8a2806289b6cdea72c172aa15b1d204b5b2bd4de6c4149e3
GET /land/casino_spin_vegas_regform/img/new_spins/wheel_btn_NO_hover.png HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_spin_vegas_regform/css/style.css?v=17
Cookie: _uc_referrer=http://muratboz.get.to/; _uc_utm_source=affise; _uc_utm_medium=revshare; _uc_utm_campaign=53_casino; _uc_utm_term=; _uc_utm_content=; _ga_8FYNJV02NV=GS1.1.1674833011.1.0.1674833011.60.0.0; _ga=GA1.2.2034160473.1674833011; _gid=GA1.2.719044120.1674833012; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 27 Jan 2023 15:23:32 GMT
content-type: image/png
content-length: 8681
last-modified: Fri, 18 Nov 2022 15:50:56 GMT
etag: "6377a9e0-21e9"
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2872
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qed2uQ6a7ykGeaiI%2FaeDMflQwzj8S03aJ1dUDH1FUogVl7KG3znfMogpsQUOX%2FrbEAjTxXxYF%2BY1AFM05pUkx5KVggmbOLE9JlfmZV2zfDfgdbpOfNhZiAVHlg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79027d79a893b4f1-OSL
X-Firefox-Spdy: h2
cyber.bet/land/casino_spin_vegas_regform/img/new_spins/wheel_btn_NO_pressed.png
200 OK 8.6 kB URL HTTP/2 cyber.bet/land/casino_spin_vegas_regform/img/new_spins/wheel_btn_NO_pressed.png
IP
File type PNG image data, 171 x 171, 8-bit colormap, non-interlaced\012- data
Hash 803fb17b62f12edf813c1e28f10e2c47
8d6771308a61807715b9ba44e0b7ee76102b74cd
2c376cbc3f2fea6037690319782c5a1acb4f5bb7ea3fefcec2df5e93489ba0b7
GET /land/casino_spin_vegas_regform/img/new_spins/wheel_btn_NO_pressed.png HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_spin_vegas_regform/css/style.css?v=17
Cookie: _uc_referrer=http://muratboz.get.to/; _uc_utm_source=affise; _uc_utm_medium=revshare; _uc_utm_campaign=53_casino; _uc_utm_term=; _uc_utm_content=; _ga_8FYNJV02NV=GS1.1.1674833011.1.0.1674833011.60.0.0; _ga=GA1.2.2034160473.1674833011; _gid=GA1.2.719044120.1674833012; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 27 Jan 2023 15:23:32 GMT
content-type: image/png
content-length: 8627
last-modified: Fri, 18 Nov 2022 15:50:56 GMT
etag: "6377a9e0-21b3"
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2872
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L42vXf7fHmwuVyezjLaztZvLWfQMOW7B7vVBJuXbfXlaKOo5NDQnObVksyvP81Fpaw4Ec9wfQS9UKZ09K%2Bl9mfd%2BQ2AcLPOZVRETXbwFWrxFMfIqUUtjqaoNSw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79027d79a898b4f1-OSL
X-Firefox-Spdy: h2
cyber.bet/land/casino_spin_vegas_regform/img/new_spins/wheel_btn_again_NO_default.png
200 OK 9.0 kB URL HTTP/2 cyber.bet/land/casino_spin_vegas_regform/img/new_spins/wheel_btn_again_NO_default.png
IP
File type PNG image data, 171 x 171, 8-bit colormap, non-interlaced\012- data
Hash 2ddcbc5473b9d84e7e28305184fd3fca
3823b1829d9341afc3a02977c0582af9696c0834
dc55323a492b61c4f52674fc1172311e42ae56e3be2ccba0af3b9b7cc8f2230b
GET /land/casino_spin_vegas_regform/img/new_spins/wheel_btn_again_NO_default.png HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_spin_vegas_regform/css/style.css?v=17
Cookie: _uc_referrer=http://muratboz.get.to/; _uc_utm_source=affise; _uc_utm_medium=revshare; _uc_utm_campaign=53_casino; _uc_utm_term=; _uc_utm_content=; _ga_8FYNJV02NV=GS1.1.1674833011.1.0.1674833011.60.0.0; _ga=GA1.2.2034160473.1674833011; _gid=GA1.2.719044120.1674833012; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 27 Jan 2023 15:23:32 GMT
content-type: image/png
content-length: 9007
last-modified: Fri, 18 Nov 2022 15:50:56 GMT
etag: "6377a9e0-232f"
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2872
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t4tHGAbTmQsCPX1HXmg610k3KcyotVOnfYo%2BmG33mpSvUnKLSFbLfgEeT0PBxHnL7Fvf7DfCHQw16Sy31lLD4YYeg6dE10Pz7mkcsWFVe2JPL9NDYLg88NCr5g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79027d79a89ab4f1-OSL
X-Firefox-Spdy: h2
cyber.bet/land/casino_spin_vegas_regform/img/new_spins/wheel_btn_NO_default.png
200 OK 8.7 kB URL HTTP/2 cyber.bet/land/casino_spin_vegas_regform/img/new_spins/wheel_btn_NO_default.png
IP
File type PNG image data, 171 x 171, 8-bit colormap, non-interlaced\012- data
Hash 8802885e8e569bed4d86d83a64f2608b
2dfe0d8f694eb9aaedd62a53e77055aaab417acd
97d5abc9b9b603590133a96dcff31d74c3cce356cef901717fc8225c0dd6e6a6
GET /land/casino_spin_vegas_regform/img/new_spins/wheel_btn_NO_default.png HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_spin_vegas_regform/css/style.css?v=17
Cookie: _uc_referrer=http://muratboz.get.to/; _uc_utm_source=affise; _uc_utm_medium=revshare; _uc_utm_campaign=53_casino; _uc_utm_term=; _uc_utm_content=; _ga_8FYNJV02NV=GS1.1.1674833011.1.0.1674833011.60.0.0; _ga=GA1.2.2034160473.1674833011; _gid=GA1.2.719044120.1674833012; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 27 Jan 2023 15:23:32 GMT
content-type: image/png
content-length: 8673
last-modified: Fri, 18 Nov 2022 15:50:56 GMT
etag: "6377a9e0-21e1"
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2872
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VqsXxbtd%2FbSeUSABP1%2BdJtd4ogZr0VekNSnOTR98N5TDbN2fBXezC91Q6Urb8jOJyV5d%2BS0kenwvzSSPROwJmKpAaarygbUDP%2BmAqU5zegZ8KWjSW9wZtmOLoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79027d79a892b4f1-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 9a156f9e1eec43fbfc3ea11e27aa3091
280292e0c5a0896c45598aa00e3fb607edf0b3a7
419b77a2c7ed19e8d086c82e3c9096d6ed2ab3032bba31afce0499ee83bc233a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 15:23:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cyber.bet/land/casino_spin_vegas_regform/img/new_spins/wheel_btn_again_NO_pressed.png
200 OK 9.0 kB URL HTTP/2 cyber.bet/land/casino_spin_vegas_regform/img/new_spins/wheel_btn_again_NO_pressed.png
IP
File type PNG image data, 171 x 171, 8-bit colormap, non-interlaced\012- data
Hash ef8dcf5e68b9aad3245caaa0ee5531e7
2af9a29201a21fd8d47012f3e280d04c15e6c42c
578482b2f576cb8b8d8d02e43a6bf30d36f28576bd2095df65e7b73853ea12ab
GET /land/casino_spin_vegas_regform/img/new_spins/wheel_btn_again_NO_pressed.png HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_spin_vegas_regform/css/style.css?v=17
Cookie: _uc_referrer=http://muratboz.get.to/; _uc_utm_source=affise; _uc_utm_medium=revshare; _uc_utm_campaign=53_casino; _uc_utm_term=; _uc_utm_content=; _ga_8FYNJV02NV=GS1.1.1674833011.1.0.1674833011.60.0.0; _ga=GA1.2.2034160473.1674833011; _gid=GA1.2.719044120.1674833012; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 27 Jan 2023 15:23:32 GMT
content-type: image/png
content-length: 9031
last-modified: Fri, 18 Nov 2022 15:50:56 GMT
etag: "6377a9e0-2347"
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2872
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IZAHusaGWbe%2Buq1Vuw%2F6Kig2ZKYTFvGp9vgyY3h0R8Hpm1FR2u%2F0uTUMDrXFj%2BiH7Y8Fx%2BgPlMeJpJzQ66tp%2BNqR0ry3k3hpnVnQQSXSxmVNGw90R7I9gVk6Ng%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79027d79a89fb4f1-OSL
X-Firefox-Spdy: h2
cyber.bet/land/casino_spin_vegas_regform/img/new_spins/wheel_btn_again_NO_hover.png
200 OK 8.9 kB URL HTTP/2 cyber.bet/land/casino_spin_vegas_regform/img/new_spins/wheel_btn_again_NO_hover.png
IP
File type PNG image data, 171 x 171, 8-bit colormap, non-interlaced\012- data
Hash 70a9ad06f6525dba221d52e4efeb2c51
97f6c833f73e7695eb5ad221f855a21a7156d647
ab3cac8d97f83bf91fd0a20bb76102ca0b5f6633890ad26a3a3d3950f891d1f1
GET /land/casino_spin_vegas_regform/img/new_spins/wheel_btn_again_NO_hover.png HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_spin_vegas_regform/css/style.css?v=17
Cookie: _uc_referrer=http://muratboz.get.to/; _uc_utm_source=affise; _uc_utm_medium=revshare; _uc_utm_campaign=53_casino; _uc_utm_term=; _uc_utm_content=; _ga_8FYNJV02NV=GS1.1.1674833011.1.0.1674833011.60.0.0; _ga=GA1.2.2034160473.1674833011; _gid=GA1.2.719044120.1674833012; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 27 Jan 2023 15:23:32 GMT
content-type: image/png
content-length: 8921
last-modified: Fri, 18 Nov 2022 15:50:56 GMT
etag: "6377a9e0-22d9"
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2872
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=It8Bd7e%2BDPF60j%2BWyzoY9kHGpyHIaoCy%2FjrEpp7xiIx2lg9PyiXuKw75Y3jbaOsWTA2CaIRR22tKzQI%2BdQCV%2FlGYv0BIy%2FaS49zEOaf2iRvLHo6UFJ3%2FhcLUmg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79027d79a89eb4f1-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 9a156f9e1eec43fbfc3ea11e27aa3091
280292e0c5a0896c45598aa00e3fb607edf0b3a7
419b77a2c7ed19e8d086c82e3c9096d6ed2ab3032bba31afce0499ee83bc233a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 15:23:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 8d5f9a0b757ba384b302d621be900857
e9a6e641dd69d7cddd1b6d30d2db3a43d96535e0
7dd70327c2d63a0f0b8d29f5f93f69054d9aaeb2cb0b2d34892116f7969a579b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 27 Jan 2023 15:23:32 GMT
Etag: "63d31008-1d7"
Last-Modified: Fri, 27 Jan 2023 15:07:36 GMT
Server: ECS (dcb/7FA4)
X-Cache: Miss from cloudfront
Via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: We336ze0U-iYsv1ruCVHefmPR5TIj5brDJjx22qqnEUNSP6pJeTDLQ==
Age: 957
backend.cyberbet.academy/api/affise/land_promocode?promocode=CYBERMAXCAS
200 OK 712 B URL HTTP/2 backend.cyberbet.academy/api/affise/land_promocode?promocode=CYBERMAXCAS
IP
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (710), with no line terminators
Hash cc9dc856478b719988e30efd9922fccb
caa7f35d151bb6293d48255d7e2b6404ab764159
2096f5d36301d0c98e66c6e3dacb312e6674370399b5f6a4ee93ec143d0e665d
GET /api/affise/land_promocode?promocode=CYBERMAXCAS HTTP/1.1
Host: backend.cyberbet.academy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cyber.bet/
Origin: https://cyber.bet
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 27 Jan 2023 15:23:32 GMT
content-type: application/json; charset=utf-8
content-length: 712
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-headers: origin, content-type, accept
etag: W/"2c8-yqfzXRUbtik9SCVdfitkBKt2QVk"
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-113371679-5&cid=2034160473.1674833011&jid=2147322395&_u=YCDACEABBAAAACAFK~&z=554092033
200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-113371679-5&cid=2034160473.1674833011&jid=2147322395&_u=YCDACEABBAAAACAFK~&z=554092033
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-113371679-5&cid=2034160473.1674833011&jid=2147322395&_u=YCDACEABBAAAACAFK~&z=554092033 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 27 Jan 2023 15:23:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ps.l.admedo.com/c819e718-9a80-40f1-b954-13f8b6dff8ac.json
200 OK 54 B URL HTTP/2 ps.l.admedo.com/c819e718-9a80-40f1-b954-13f8b6dff8ac.json
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 1868a00f61221a8d1874ceda2b815caf
cfea9926b0c325482e74961fa182b98ccb400852
2251c54ec6d6a304338dd54e64f058fdd0226017b1a43e4b53deb1f7bf26c313
GET /c819e718-9a80-40f1-b954-13f8b6dff8ac.json HTTP/1.1
Host: ps.l.admedo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cyber.bet
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
content-length: 54
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 01 Feb 2022 13:20:13 GMT
accept-ranges: bytes
server: AmazonS3
date: Fri, 27 Jan 2023 15:22:24 GMT
cache-control: public,max-age=900
etag: "1868a00f61221a8d1874ceda2b815caf"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 95Ro6gJSe9uEiRXcJgqe8eOIto6w3yyrHRH3T8GCOwG-DyyR9PliUg==
age: 146
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-113371679-3&cid=2034160473.1674833011&jid=2047405238&_u=YCDACEAABAAAACABI~&z=440460180
200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-113371679-3&cid=2034160473.1674833011&jid=2047405238&_u=YCDACEAABAAAACABI~&z=440460180
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-113371679-3&cid=2034160473.1674833011&jid=2047405238&_u=YCDACEAABAAAACABI~&z=440460180 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 27 Jan 2023 15:23:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 61f119c4b6311c87501f54da9ad62e7e
479c65a3be3e77ff0af6f26118389cac97852c74
e00fa0353240654d541e2aee878c14feb77837a1b5a4a12fa326ec2cc5a92e59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 15:23:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
backend.cyberbet.academy/api/land_regs/session
200 OK 2 B URL HTTP/2 backend.cyberbet.academy/api/land_regs/session
IP
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /api/land_regs/session HTTP/1.1
Host: backend.cyberbet.academy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://cyber.bet/
Origin: https://cyber.bet
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 27 Jan 2023 15:23:32 GMT
content-type: text/html; charset=utf-8
content-length: 2
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-headers: origin, content-type, accept
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
backend.cyberbet.academy/api/land_regs/session
200 OK 8 B URL HTTP/2 backend.cyberbet.academy/api/land_regs/session
IP
File type ASCII text, with no line terminators
Hash 758d03240938c9a7a4709e26a48a385e
074a01d890236171824843af0482dc38050d0fc7
c852c2aa5cabf215aba5ff49e32623938e1185ee17817b9e797d3f0452da27db
POST /api/land_regs/session HTTP/1.1
Host: backend.cyberbet.academy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cyber.bet/
Content-Type: application/json;charset=utf-8
Origin: https://cyber.bet
Content-Length: 263
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 27 Jan 2023 15:23:33 GMT
content-type: application/json; charset=utf-8
content-length: 8
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-headers: origin, content-type, accept
etag: W/"8-B0oB2JAjYXGCSEOvBILcOAUND8c"
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
cdnstatic.cyber.bet/js/libs/phone/intlTelInput.js
200 OK 148 kB URL HTTP/2 cdnstatic.cyber.bet/js/libs/phone/intlTelInput.js
IP
Size 148 kB (147800 bytes)
Hash a06d77865680fa76765f2f8f3d0674b2
6d6ee4f35011e01fc7f44106bc0a5d80d293f9ee
6e3cdcedf53d5a97f28e654e61349fd17d1a5f10478ca9ab660fa55fee24598f
GET /js/libs/phone/intlTelInput.js HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1674833011.1.0.1674833011.60.0.0; _ga=GA1.2.2034160473.1674833011; _gid=GA1.2.719044120.1674833012; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 24 Jan 2023 12:10:35 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Fri, 27 Jan 2023 15:23:04 GMT
etag: W/"c73ba86bd67306c5889e9aac41e959e0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: xcYVxC-uOIuvgK5iBYFomZiAxT8g3v_TDjvRTVicrReXkFqNjqb8Lw==
age: 55
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 70e3b650cbce0a1ede9abe27cbf28ffd
4e7c2d5ddab88c5246051daf69ccee6e26773c37
3be9091db5b2c669a7bb476b01789fd913e485e14fdc774872f3feb0d02d7971
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6073
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 15:23:33 GMT
Last-Modified: Fri, 27 Jan 2023 13:42:20 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
pool.admedo.com/pixel?id=148776&t=js
302 Found 0 B URL HTTP/2 pool.admedo.com/pixel?id=148776&t=js
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel?id=148776&t=js HTTP/1.1
Host: pool.admedo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Fri, 27 Jan 2023 15:23:33 GMT
location: https://pool.admedo.com/ul_cb/pixel?id=148776&t=js
set-cookie: tuuid=23bc304e-7ea9-45ac-9ed7-9cd45050c4cb; path=/; expires=Sat, 27-Jan-2024 15:23:33 GMT
c=1674833013; path=/; expires=Sat, 27-Jan-2024 15:23:33 GMT
tuuid_lu=1674833013; path=/; expires=Sat, 27-Jan-2024 15:23:33 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pool.admedo.com/ul_cb/pixel?id=148776&t=js
200 OK 0 B URL HTTP/2 pool.admedo.com/ul_cb/pixel?id=148776&t=js
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ul_cb/pixel?id=148776&t=js HTTP/1.1
Host: pool.admedo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cyber.bet/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-length: 0
content-type: text/javascript; charset=UTF-8
date: Fri, 27 Jan 2023 15:23:33 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81aa4520-e26c-4be4-877f-1d3af6c27241.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81aa4520-e26c-4be4-877f-1d3af6c27241.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ed3df3868d4a13270faf944f911637a7
1b69b2433956c79510bc4a013648a5fb12882884
e13e2ca5d6552a96eb972936f553937a5aff566eb37f39b0928f15d3eeab617f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81aa4520-e26c-4be4-877f-1d3af6c27241.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 11372
x-amzn-requestid: d50f0c0e-a383-419a-a3ca-630d5fd32821
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPAw_E_rIAMF0hQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf7b39-64abe6b72176db7d7b67f315;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 06:31:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7AecnloBAOZbROe_gGLZL8AcwRb1rrSIo577CwGZpzyDdtRa-Ae_9Q==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 21:47:08 GMT
age: 63390
etag: "1b69b2433956c79510bc4a013648a5fb12882884"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cyber.bet/land/js/locales/spin/locales.js
200 OK 0 B URL HTTP/2 cyber.bet/land/js/locales/spin/locales.js
IP
GET /land/js/locales/spin/locales.js HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_spin_vegas_regform/?cid=63d3ec72c5c3ad00010ca583&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_casino&promocode=CYBERMAXCAS&subid2=&subid3=&aff_bnnr=&aff_land=1669392078&slice=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 27 Jan 2023 15:23:30 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=11498
etag: W/"6377a497-2cea"
last-modified: Fri, 18 Nov 2022 15:28:23 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3295
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SX1fPXHbEG%2B9ZXXFwJ1x5jEQ8zNoc5YlVKiKdousFGZ7Nyx4GoBZiRCJQT8HOt60LfyIWLx98BZkdSjh2wuTNgtbfaZGaEdwRBC%2B71dV0%2BeWf%2B%2B8Qlh17VQI6A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79027d6d6dddb4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdnstatic.cyber.bet/css/libs/nice-select.css
200 OK 0 B URL HTTP/2 cdnstatic.cyber.bet/css/libs/nice-select.css
IP
GET /css/libs/nice-select.css HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: text/css
last-modified: Tue, 24 Jan 2023 12:10:32 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Fri, 27 Jan 2023 15:23:31 GMT
etag: W/"b83506d101e8a03948d5c01e83da2b8e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: FrL-TXXAq8icJS3hhc8R-VKu9haQtoKKtROZRDACeLOaq_J-t_QUVA==
age: 7
X-Firefox-Spdy: h2
cdnstatic.cyber.bet/js/libs/jquery.nice-select.min.js
200 OK 0 B URL HTTP/2 cdnstatic.cyber.bet/js/libs/jquery.nice-select.min.js
IP
GET /js/libs/jquery.nice-select.min.js HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 24 Jan 2023 12:10:35 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Fri, 27 Jan 2023 15:23:31 GMT
etag: W/"4e2def5093eb4c4281624db4a5aa8f9c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 0CqheJtoep-zHjgbANbfFqXlrLQELVzS7jaOHDTeX85Ugdx0X8um8w==
age: 1
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/@fingerprintjs/fingerprintjs@3/dist/fp.min.js
200 OK 0 B URL HTTP/2 cdn.jsdelivr.net/npm/@fingerprintjs/fingerprintjs@3/dist/fp.min.js
IP
GET /npm/@fingerprintjs/fingerprintjs@3/dist/fp.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 27 Jan 2023 15:23:31 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 3.4.0
x-jsd-version-type: version
etag: W/"86b4-0dT4vbRAvda9ZROiHYU1ptjFWSM"
x-served-by: cache-fra-eddf8230075-FRA, cache-yyz4566-YYZ
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 38573
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZGc6%2BLEtO5anTp8X1kMDgvhuInPxOREdX6K1irgZyiqExmAS%2B3FWVcXqU92%2FJDgklcMh7%2FX43WlD%2BEe1ksWouJSgD4SenfdTkQJMpZaxH8RMRwbjZIAs8N1to3lbjEVrLSQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79027d74ca73b515-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdnstatic.cyber.bet/css/iti/intlTelInput.css
200 OK 0 B URL HTTP/2 cdnstatic.cyber.bet/css/iti/intlTelInput.css
IP
GET /css/iti/intlTelInput.css HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1674833011.1.0.1674833011.60.0.0; _ga=GA1.2.2034160473.1674833011; _gid=GA1.2.719044120.1674833012; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Tue, 24 Jan 2023 12:10:32 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Fri, 27 Jan 2023 15:23:04 GMT
etag: W/"a69aa970266649e0b08c2cb4bc166568"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: tw1KsXPMIEzXPFM-lqg-WgPAmmVP4AK2BUMveUtKhmagPWQLHrdrHw==
age: 58
X-Firefox-Spdy: h2
cyber.bet/graphql/v2
200 OK 0 B IP
POST /graphql/v2 HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cyber.bet/land/casino_spin_vegas_regform/?cid=63d3ec72c5c3ad00010ca583&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_casino&promocode=CYBERMAXCAS&subid2=&subid3=&aff_bnnr=&aff_land=1669392078&slice=
Content-Type: application/json;charset=utf-8
Origin: https://cyber.bet
Content-Length: 51
Connection: keep-alive
Cookie: _uc_referrer=http://muratboz.get.to/; _uc_utm_source=affise; _uc_utm_medium=revshare; _uc_utm_campaign=53_casino; _uc_utm_term=; _uc_utm_content=; _ga_8FYNJV02NV=GS1.1.1674833011.1.0.1674833011.60.0.0; _ga=GA1.1.2034160473.1674833011
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 27 Jan 2023 15:23:32 GMT
content-type: application/json
strict-transport-security: max-age=15724800; includeSubDomains
cb-blocked: no
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0AGOIxdBI9szY2thYM2vTC%2Fm0L7owT1jHNalu0tq43vnzN7swM4XMAr7BN6x7s6Rz7hX%2B0OQCJGnezkzSuGkvhT2aAZaluHbjEawUr%2F35Nu7JnfLVG6wP8NyIA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79027d7508b2b4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2
pj.l.admedo.com/admtracker.lib.min.js
200 OK 0 B URL HTTP/2 pj.l.admedo.com/admtracker.lib.min.js
IP
GET /admtracker.lib.min.js HTTP/1.1
Host: pj.l.admedo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 25 Aug 2020 14:10:14 GMT
server: AmazonS3
content-encoding: gzip
date: Fri, 27 Jan 2023 15:19:55 GMT
cache-control: public,max-age=900
etag: W/"5a420213029638ecea775a40089898aa"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: T9IpYf8QNYxWSAYFYaswXnWH_WO8uDQ5ZeHlQE2Zdnx3ZVQ5oSOaXw==
age: 221
X-Firefox-Spdy: h2
cyber.bet/land/casino_spin_vegas_regform/css/errors.css
200 OK 0 B URL HTTP/2 cyber.bet/land/casino_spin_vegas_regform/css/errors.css
IP
GET /land/casino_spin_vegas_regform/css/errors.css HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_spin_vegas_regform/?cid=63d3ec72c5c3ad00010ca583&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_casino&promocode=CYBERMAXCAS&subid2=&subid3=&aff_bnnr=&aff_land=1669392078&slice=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 27 Jan 2023 15:23:30 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=1399
etag: W/"6377a9e0-577"
last-modified: Fri, 18 Nov 2022 15:50:56 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2401
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eOpOWXaw9lMxJFx42bZVrcr%2FBu%2FfZlAW6EbzC7PhGRaxfQ2rT6BSp3CpNIcjuUS1VOBvQfOuKBuCK%2Fnzqgi8Z8%2BqRrBCnOutltpbQr%2BLlLlHmSKZnoJcsYCmlw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79027d6d4dbab4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2
64.190.63.111
54.230.245.39
139.45.195.8
104.16.87.20
35.210.53.219
23.33.119.27
34.254.83.154