au3v.org/
64.225.91.73200 OK 329 B IP 64.225.91.73:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash ecbcb8bae64098de3e587487b474f8b8
e275409fb40ea27c3826af493f70faf147d0f995
2597a3f2418586d8a9fb0764743a84486ba066c6af3ff194922fb6c65a783688
GET / HTTP/1.1
Host: au3v.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 01 Feb 2023 11:18:56 GMT
content-type: text/html
last-modified: Wed, 12 Jan 2022 17:20:45 GMT
etag: W/"61df0ded-1ad"
content-encoding: gzip
transfer-encoding: chunked
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7e05c8461bd2dc5a149f71e2c465ea29
705983959c887e243cb55a8a1796757b579ee977
4d9ea085d5dda9dabed11af9847c2b0aa6182358673b356a4e2bd631e22a9922
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D9EA085D5DDA9DABED11AF9847C2B0AA6182358673B356A4E2BD631E22A9922"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5767
Expires: Wed, 01 Feb 2023 12:55:03 GMT
Date: Wed, 01 Feb 2023 11:18:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0c35c3ec659d3a26ea97e68d787bb043
d97e3672244efec5b7814f2d8a734cd1a9387854
4c946a026114ff05316d92277750facf3d5f5d162839149da0b7fb1a4cff6b5e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C946A026114FF05316D92277750FACF3D5F5D162839149DA0B7FB1A4CFF6B5E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11528
Expires: Wed, 01 Feb 2023 14:31:04 GMT
Date: Wed, 01 Feb 2023 11:18:56 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Retry-After, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 01 Feb 2023 10:36:01 GMT
content-type: application/json
age: 2575
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 09ee4b0fe6cf4ca5ed31b24452338d00
7e62b6e20f0d4737f4a8d94f9818a0883027839e
56da08e18a408d7313de4e598984a251a0ecf85bbba98b421be9aebeb98835af
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56DA08E18A408D7313DE4E598984A251A0ECF85BBBA98B421BE9AEBEB98835AF"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3215
Expires: Wed, 01 Feb 2023 12:12:31 GMT
Date: Wed, 01 Feb 2023 11:18:56 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: E5QXmFWJLB5guyoez7GylAwXdOeU1VolxDC17IGf8HWZcKVOTy8DsO6llB1j1/zaJVzzUMYXfyg=
x-amz-request-id: AMJEF5Z65WG9EQAD
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 01 Feb 2023 10:51:32 GMT
age: 1644
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
104.17.25.14200 OK 28 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (65451)
Hash 4b5f47439b640180cc3450f7de05d0d8
5a0dc9bcab80ddc409dd35fcb00a88fe6846fee2
1f85e8b327f42c17c025d69849914068536d9aa95412fe473ae90ffb2f4ebd82
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://au3v.org
Connection: keep-alive
Referer: http://au3v.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 11:18:56 GMT
content-type: application/javascript; charset=utf-8
content-length: 27958
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb09ed3-15d84"
last-modified: Mon, 04 May 2020 23:01:39 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1096795
expires: Mon, 22 Jan 2024 11:18:56 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7AVA9x0CDLzJNMGr26NxN6vXk4gO3EId5Q1kxcIsN6I6eHYCTeJVbRsKL5LKVCkz86q%2BJT9oSw3%2BE4DrN0Z7e6W75YI6XB0xnHaT1OwpgkFDleHF%2FUttoIBA%2FDmagbr1ftq%2BtdWX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 792a4a09ba02b4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 11:18:56 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f3ab7ac3ea01eea8173330d3b18ec0bc
1ac3e96ca2d5a4aece2870640f733fd626cd8118
6c28e8c6433cbc7b8f629b0df31d7a51ad74149740b57b4fd5d37795dbfc4c0c
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "6C28E8C6433CBC7B8F629B0DF31D7A51AD74149740B57B4FD5D37795DBFC4C0C"
Last-Modified: Tue, 31 Jan 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8632
Expires: Wed, 01 Feb 2023 13:42:48 GMT
Date: Wed, 01 Feb 2023 11:18:56 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 01 Feb 2023 10:41:42 GMT
age: 2234
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
au3v.org/favicon.ico
64.225.91.73200 OK 329 B IP 64.225.91.73:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash ecbcb8bae64098de3e587487b474f8b8
e275409fb40ea27c3826af493f70faf147d0f995
2597a3f2418586d8a9fb0764743a84486ba066c6af3ff194922fb6c65a783688
GET /favicon.ico HTTP/1.1
Host: au3v.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://au3v.org/
HTTP/1.1 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 01 Feb 2023 11:18:56 GMT
content-type: text/html
last-modified: Wed, 12 Jan 2022 17:20:45 GMT
etag: W/"61df0ded-1ad"
content-encoding: gzip
transfer-encoding: chunked
domaincntrol.com/?orighost=http://au3v.org/
172.67.68.176200 OK 21 B URL HTTP/2 domaincntrol.com/?orighost=http://au3v.org/
IP 172.67.68.176:0
File type ASCII text, with no line terminators
Hash 7158171c3d9c7acf053e1a9fb17fce78
da21185457e262ced3397af642596d98722c86bf
005e9506124db0d5bd48e2d17bc8b39f722702dc1a29df50f9d35b4f83fac51b
GET /?orighost=http://au3v.org/ HTTP/1.1
Host: domaincntrol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://au3v.org
Connection: keep-alive
Referer: http://au3v.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 11:18:56 GMT
content-type: text/javascript;charset=UTF-8
content-length: 21
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k0yhH0Yf0uoE0uIrvtvoJHVrsxSA1a0P4fuiKU1KChRZasDpwRo8cDj%2FOxW8wAR8EbDCQJvrxbPqeGwIYJ%2BAX692t5wuJwPR7BqTJnN6PLze0twnb2mnSvVR%2Benks%2BIykco%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792a4a0ad8630afa-OSL
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5795
Expires: Wed, 01 Feb 2023 12:55:31 GMT
Date: Wed, 01 Feb 2023 11:18:56 GMT
Connection: keep-alive
push.services.mozilla.com/
52.40.156.208101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.40.156.208:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: MLyYaWrfFSv4HNg05tYzng==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: csfGcy4f5X+Pr4g3MDsfZsueOO4=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11498
Expires: Wed, 01 Feb 2023 14:30:36 GMT
Date: Wed, 01 Feb 2023 11:18:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11498
Expires: Wed, 01 Feb 2023 14:30:36 GMT
Date: Wed, 01 Feb 2023 11:18:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11498
Expires: Wed, 01 Feb 2023 14:30:36 GMT
Date: Wed, 01 Feb 2023 11:18:58 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49ea501c-c491-40c1-82ec-c750680af9df.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49ea501c-c491-40c1-82ec-c750680af9df.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e4354120b504a8b1d1c3f4e206eb4611
ba854dec74347525b20dbf3b4e5c13876d56aa1c
bc921fe78a71864819998207c13b5c3ca7913275a4503119c5d105ad7827c377
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49ea501c-c491-40c1-82ec-c750680af9df.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9282
x-amzn-requestid: f448477b-b445-46fa-8aee-8c5c527ee95b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: feqp8FuToAMFxDw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d5be3f-30fbf0dd70d17878651809a0;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 00:30:55 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XGTtVMp42cyJ-Xmh0D-ECG50tJe_AZWIir602PjdJ1CwsAygJpbJyA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 04:00:34 GMT
age: 26304
etag: "ba854dec74347525b20dbf3b4e5c13876d56aa1c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb48b6dde-a831-4a2a-91f4-75df52be0b31.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb48b6dde-a831-4a2a-91f4-75df52be0b31.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d2189ff7eee65e0fde9be79c994b1d1e
c82caabf73415755643b9ab874364162e798f58c
f0d08ab954f728a73a30d22c874019789d55b64a6160d5dafe4d08249f2e9ed4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb48b6dde-a831-4a2a-91f4-75df52be0b31.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6773
x-amzn-requestid: b3b6b388-dd50-4a4d-83e0-219b0d285f4c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: foee_GcdoAMFRWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9aac6-286883827020ff9a1412030c;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 23:56:54 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 59jJ-7FGO_UqZi7pUGx6h9imXp1a5bOeAbKFkDQBC91qQ2lnyyl11w==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 00:13:02 GMT
etag: "c82caabf73415755643b9ab874364162e798f58c"
content-type: image/jpeg
age: 39956
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d72f205-6434-46dc-85c2-d0bf41653e1f.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d72f205-6434-46dc-85c2-d0bf41653e1f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6544847aa1270cea1c780e4ee562f2a2
7be75a9f2e5f9e945f60a20a5da70849ad32f72d
d820b25b833d644358c0d9d5a3dc05817770095c06a098a6fc8ed9b7230c80e3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d72f205-6434-46dc-85c2-d0bf41653e1f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8415
x-amzn-requestid: 0d44aaae-d472-410f-9438-7527da366b10
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ffCuGHRqoAMFxeg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d5e4c0-7e7330ab2de5c1ba3e87df4b;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 03:15:12 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: fr2OB2bcdPtbbHXp2z2l7duVX--MbbazfFJAh_V7qqUMMFEme5bRpw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 06:46:49 GMT
age: 16329
etag: "7be75a9f2e5f9e945f60a20a5da70849ad32f72d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82a4ade3-0c43-4f21-9738-0bc1dbb9a6a6.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82a4ade3-0c43-4f21-9738-0bc1dbb9a6a6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 27e95b7912edc909d6b031e36fe83534
eb27fae0bb17dbe0929a620002195233ef50c1d0
b32e7e1a2eee367c5bf9e99bcb38f4c74c4e9e7bdfe7fb0f8f2a657060c0624c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82a4ade3-0c43-4f21-9738-0bc1dbb9a6a6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8597
x-amzn-requestid: e7bf4ac9-d86d-4ee9-9e10-8a42e5dfe2c6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fcRaNEW4IAMFatA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d4c90d-7731312f630b00ba028836ca;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 07:04:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: z3ZJ7bq6LuJd-9I9D22VIs0avctNGVDKnYmt-fxevCheQibivmUomQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 13:15:35 GMT
age: 79403
etag: "eb27fae0bb17dbe0929a620002195233ef50c1d0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3366ef4f8733cb9c89a5c88f63a0a441
7da46843b6d885f38a4759a08e6c899906ab7b97
7114397ee5c251cc5cb46f3433c2cc17ff68a08e0872e227671198e9b61eba0a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9600
x-amzn-requestid: 48094e1a-d550-4a91-b87c-4a08505f7cce
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVsWcFN7IAMF2pg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d2275c-5ced593a7e2126c9494563df;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 07:10:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: aZOeDFqBJQoGwLpIs-GpPvY0FKGCAOXY6MgzG32qzX-kVzUCKKv-kw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 02:29:58 GMT
age: 31740
etag: "7da46843b6d885f38a4759a08e6c899906ab7b97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc960001-158a-4a74-b6ce-f28cd110ca9c.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc960001-158a-4a74-b6ce-f28cd110ca9c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 23db22ce2120fbb0ae6109e1a046062d
2068c8d9a5bc30a17be658e198e26c64a80703cf
f307ba6c4929d9f0c9354334b7baea878da379138489d9689bb777c4da308dab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc960001-158a-4a74-b6ce-f28cd110ca9c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8735
x-amzn-requestid: f466c962-7b12-4923-a4be-7ff9fce372a0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: foJaWFP_IAMF9wA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9890e-7a8c027d58f5b9132bb68a33;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 21:33:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: XtqfgDxskGIUmZdRj2nrGDpo9KvECk528eLZV29xNx3h7CLOu49mnQ==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 21:42:19 GMT
age: 48999
etag: "2068c8d9a5bc30a17be658e198e26c64a80703cf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ww2.au3v.org/
64.190.63.136200 OK 1.3 kB IP 64.190.63.136:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (672)
Hash f187465ce2d1b6205ffd2e6764c27691
6d8a9474996ec975d83f3a005902a3a0d7e76da9
2bfbeadc7376343195f8bf3f8fedd7b589877f13eca1787860bb6673025a54c1
GET / HTTP/1.1
Host: ww2.au3v.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://au3v.org/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
date: Wed, 01 Feb 2023 11:18:59 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
vary: Accept-Encoding
x-powered-by: PHP/8.1.9
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_fg6E6V1KR5oIkAkHcm7jYLwddcTA5EB71LDNZKYEggmqrTAZfXdb/UYPjZiFXgrGOtYwqCT7gEZ7VIZwVDjewQ==
last-modified: Wed, 01 Feb 2023 11:18:57 GMT
x-cache-miss-from: parking-668bc7f5cc-h9jtf
server: NginX
content-encoding: gzip
img.sedoparking.com/images/js_preloader.gif
205.234.175.175200 OK 4.3 kB URL HTTP/1.1 img.sedoparking.com/images/js_preloader.gif
IP 205.234.175.175:0
File type GIF image data, version 89a, 16 x 16\012- data
Hash 90c93102a88c2ab94bff1575b7a6e86e
56d71bf13de464534643db9d127629a0a3bf677a
5f6ad7031600056b578a6e8c6b34bc718d13125cc8256aa4a9050e549576f81a
GET /images/js_preloader.gif HTTP/1.1
Host: img.sedoparking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww2.au3v.org/
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 11:18:59 GMT
Content-Type: image/gif
Content-Length: 4254
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Expires: Wed, 08 Feb 2023 11:18:59 GMT
X-CFHash: "90c93102a88c2ab94bff1575b7a6e86e"
X-CFF: B
Last-Modified: Fri, 15 Mar 2019 12:24:07 GMT
X-CF3: M
CF4Age: 0
x-cf-tsc: 1672141863
CF4ttl: 31536000.000
X-CF2: H
Server: CFS 0215
X-CF-ReqID: f66db6feb9df5aeda593b36db09e9877
X-CF1: 11696:fA.arn1:cf:cacheN.arn1-01:H
Accept-Ranges: bytes
ww2.au3v.org/search/tsc.php?200=NDU4OTYxMTk1&21=OTEuOTAuNDIuMTU0&681=MTY3NTI1MDMzOWIyMDNiYmQ1Nzc1ZTc2YThjMWEyMGI5ZTAwNDVkOGM2&crc=11dad834a0c9b3fd16482169ade8787b2021d44d&cv=1
64.190.63.136200 OK 0 B URL HTTP/1.1 ww2.au3v.org/search/tsc.php?200=NDU4OTYxMTk1&21=OTEuOTAuNDIuMTU0&681=MTY3NTI1MDMzOWIyMDNiYmQ1Nzc1ZTc2YThjMWEyMGI5ZTAwNDVkOGM2&crc=11dad834a0c9b3fd16482169ade8787b2021d44d&cv=1
IP 64.190.63.136:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /search/tsc.php?200=NDU4OTYxMTk1&21=OTEuOTAuNDIuMTU0&681=MTY3NTI1MDMzOWIyMDNiYmQ1Nzc1ZTc2YThjMWEyMGI5ZTAwNDVkOGM2&crc=11dad834a0c9b3fd16482169ade8787b2021d44d&cv=1 HTTP/1.1
Host: ww2.au3v.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww2.au3v.org/
HTTP/1.1 200 OK
date: Wed, 01 Feb 2023 11:18:59 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-powered-by: PHP/8.1.9
x-cache-miss-from: parking-668bc7f5cc-5pzkw
server: NginX
ww2.au3v.org/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DARVKVC62Cw4_0&v=ZGJiYTE1MTVlMzJlZTAyNzNmYWE1NTNhNWRkNDhlNjAJMQl3dzIuYXUzdi5vcmc2M2RhNGFhMTE5MjhmOC4xNzQ1MzE0Nwl3dzIuYXUzdi5vcmc2M2RhNGFhMTE5MmI5Ny4wMDgyNzM3OAkxNjc1MjUwMzM5CWFkXzYzXzA=&l=OAk3OGFlOTFhMjFjYWE1NGYyNWMyZWRiM2U0ODRkODFmMQkwCTM1CTAJNDM5MTdmN2YxOTE4NzJlYmU1ODY0ZTAzMGMyNDJhMDAJNDU4OTYxMTk1CWF1M3YJMAk2Mwk2CTIJMTY3NTI1MDMzOQkwLjAwMDM0MQlOCTAJMQk4MzAJMTIwNQkzNzc5NDUxNTEJOTEuOTAuNDIuMTU0CTA%3D
64.190.63.136302 Found 0 B URL HTTP/1.1 ww2.au3v.org/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DARVKVC62Cw4_0&v=ZGJiYTE1MTVlMzJlZTAyNzNmYWE1NTNhNWRkNDhlNjAJMQl3dzIuYXUzdi5vcmc2M2RhNGFhMTE5MjhmOC4xNzQ1MzE0Nwl3dzIuYXUzdi5vcmc2M2RhNGFhMTE5MmI5Ny4wMDgyNzM3OAkxNjc1MjUwMzM5CWFkXzYzXzA=&l=OAk3OGFlOTFhMjFjYWE1NGYyNWMyZWRiM2U0ODRkODFmMQkwCTM1CTAJNDM5MTdmN2YxOTE4NzJlYmU1ODY0ZTAzMGMyNDJhMDAJNDU4OTYxMTk1CWF1M3YJMAk2Mwk2CTIJMTY3NTI1MDMzOQkwLjAwMDM0MQlOCTAJMQk4MzAJMTIwNQkzNzc5NDUxNTEJOTEuOTAuNDIuMTU0CTA%3D
IP 64.190.63.136:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DARVKVC62Cw4_0&v=ZGJiYTE1MTVlMzJlZTAyNzNmYWE1NTNhNWRkNDhlNjAJMQl3dzIuYXUzdi5vcmc2M2RhNGFhMTE5MjhmOC4xNzQ1MzE0Nwl3dzIuYXUzdi5vcmc2M2RhNGFhMTE5MmI5Ny4wMDgyNzM3OAkxNjc1MjUwMzM5CWFkXzYzXzA=&l=OAk3OGFlOTFhMjFjYWE1NGYyNWMyZWRiM2U0ODRkODFmMQkwCTM1CTAJNDM5MTdmN2YxOTE4NzJlYmU1ODY0ZTAzMGMyNDJhMDAJNDU4OTYxMTk1CWF1M3YJMAk2Mwk2CTIJMTY3NTI1MDMzOQkwLjAwMDM0MQlOCTAJMQk4MzAJMTIwNQkzNzc5NDUxNTEJOTEuOTAuNDIuMTU0CTA%3D HTTP/1.1
Host: ww2.au3v.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww2.au3v.org/
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
date: Wed, 01 Feb 2023 11:18:59 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-powered-by: PHP/8.1.9
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
last-modified: Wed, 01 Feb 2023 11:18:59 GMT
location: /search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DARVKVC62Cw4_0&v=ZGJiYTE1MTVlMzJlZTAyNzNmYWE1NTNhNWRkNDhlNjAJMQl3dzIuYXUzdi5vcmc2M2RhNGFhMTE5MjhmOC4xNzQ1MzE0Nwl3dzIuYXUzdi5vcmc2M2RhNGFhMTE5MmI5Ny4wMDgyNzM3OAkxNjc1MjUwMzM5CWFkXzYzXzA=&l=OAk3OGFlOTFhMjFjYWE1NGYyNWMyZWRiM2U0ODRkODFmMQkwCTM1CTAJNDM5MTdmN2YxOTE4NzJlYmU1ODY0ZTAzMGMyNDJhMDAJNDU4OTYxMTk1CWF1M3YJMAk2Mwk2CTIJMTY3NTI1MDMzOQkwLjAwMDM0MQlOCTAJMQk4MzAJMTIwNQkzNzc5NDUxNTEJOTEuOTAuNDIuMTU0CTA%3D
x-cache-miss-from: parking-668bc7f5cc-c5kvx
server: NginX
ww2.au3v.org/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DARVKVC62Cw4_0&v=ZGJiYTE1MTVlMzJlZTAyNzNmYWE1NTNhNWRkNDhlNjAJMQl3dzIuYXUzdi5vcmc2M2RhNGFhMTE5MjhmOC4xNzQ1MzE0Nwl3dzIuYXUzdi5vcmc2M2RhNGFhMTE5MmI5Ny4wMDgyNzM3OAkxNjc1MjUwMzM5CWFkXzYzXzA=&l=OAk3OGFlOTFhMjFjYWE1NGYyNWMyZWRiM2U0ODRkODFmMQkwCTM1CTAJNDM5MTdmN2YxOTE4NzJlYmU1ODY0ZTAzMGMyNDJhMDAJNDU4OTYxMTk1CWF1M3YJMAk2Mwk2CTIJMTY3NTI1MDMzOQkwLjAwMDM0MQlOCTAJMQk4MzAJMTIwNQkzNzc5NDUxNTEJOTEuOTAuNDIuMTU0CTA%3D
64.190.63.136302 Found 311 B URL HTTP/1.1 ww2.au3v.org/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DARVKVC62Cw4_0&v=ZGJiYTE1MTVlMzJlZTAyNzNmYWE1NTNhNWRkNDhlNjAJMQl3dzIuYXUzdi5vcmc2M2RhNGFhMTE5MjhmOC4xNzQ1MzE0Nwl3dzIuYXUzdi5vcmc2M2RhNGFhMTE5MmI5Ny4wMDgyNzM3OAkxNjc1MjUwMzM5CWFkXzYzXzA=&l=OAk3OGFlOTFhMjFjYWE1NGYyNWMyZWRiM2U0ODRkODFmMQkwCTM1CTAJNDM5MTdmN2YxOTE4NzJlYmU1ODY0ZTAzMGMyNDJhMDAJNDU4OTYxMTk1CWF1M3YJMAk2Mwk2CTIJMTY3NTI1MDMzOQkwLjAwMDM0MQlOCTAJMQk4MzAJMTIwNQkzNzc5NDUxNTEJOTEuOTAuNDIuMTU0CTA%3D
IP 64.190.63.136:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 1f86a552f1f446a9f6427fe4ca406c70
a20f4c938ea39d779445c82c33e03e88adee21c7
a64456da52a074ad925e3d20c568c4abc9266756ad83b785a61b53b33b15b1f3
GET /search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DARVKVC62Cw4_0&v=ZGJiYTE1MTVlMzJlZTAyNzNmYWE1NTNhNWRkNDhlNjAJMQl3dzIuYXUzdi5vcmc2M2RhNGFhMTE5MjhmOC4xNzQ1MzE0Nwl3dzIuYXUzdi5vcmc2M2RhNGFhMTE5MmI5Ny4wMDgyNzM3OAkxNjc1MjUwMzM5CWFkXzYzXzA=&l=OAk3OGFlOTFhMjFjYWE1NGYyNWMyZWRiM2U0ODRkODFmMQkwCTM1CTAJNDM5MTdmN2YxOTE4NzJlYmU1ODY0ZTAzMGMyNDJhMDAJNDU4OTYxMTk1CWF1M3YJMAk2Mwk2CTIJMTY3NTI1MDMzOQkwLjAwMDM0MQlOCTAJMQk4MzAJMTIwNQkzNzc5NDUxNTEJOTEuOTAuNDIuMTU0CTA%3D HTTP/1.1
Host: ww2.au3v.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww2.au3v.org/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
date: Wed, 01 Feb 2023 11:18:59 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
x-powered-by: PHP/8.1.9
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
last-modified: Wed, 01 Feb 2023 11:18:59 GMT
location: http://xml.sedodna.com/click?i=ARVKVC62Cw4_0
x-cache-miss-from: parking-668bc7f5cc-5pzkw
server: NginX
xml.sedodna.com/click?i=ARVKVC62Cw4_0
173.239.53.32302 Found 0 B URL HTTP/1.1 xml.sedodna.com/click?i=ARVKVC62Cw4_0
IP 173.239.53.32:0
ASN #27257 WEBAIR-INTERNET
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?i=ARVKVC62Cw4_0 HTTP/1.1
Host: xml.sedodna.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww2.au3v.org/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Cache-Control: no-store
Content-Length: 0
Age: 0
Connection: keep-alive
Location: http://orest-vlv.com/zcvisitor/38217d27-a222-11ed-8616-0a0e2c5b0e1d/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=382f5fdc-a222-11ed-8616-0a0e2c5b0e1d
Pragma: no-cache
orest-vlv.com/zcvisitor/38217d27-a222-11ed-8616-0a0e2c5b0e1d/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=382f5fdc-a222-11ed-8616-0a0e2c5b0e1d
52.7.54.238200 1.1 kB URL HTTP/1.1 orest-vlv.com/zcvisitor/38217d27-a222-11ed-8616-0a0e2c5b0e1d/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=382f5fdc-a222-11ed-8616-0a0e2c5b0e1d
IP 52.7.54.238:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash da43f24f339ca40d1449174881f42ca9
68fbff456b42f365362b68418379b5ee28aa1927
d485e876b8037e48e47df53e60a298fb824b6f556671b07e0fc0afc06251d01d
GET /zcvisitor/38217d27-a222-11ed-8616-0a0e2c5b0e1d/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=382f5fdc-a222-11ed-8616-0a0e2c5b0e1d HTTP/1.1
Host: orest-vlv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww2.au3v.org/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Date: Wed, 01 Feb 2023 11:18:59 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server: jjQnZNtD
orest-vlv.com/zcredirect?visitid=38217d27-a222-11ed-8616-0a0e2c5b0e1d&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
52.7.54.238200 282 B URL HTTP/1.1 orest-vlv.com/zcredirect?visitid=38217d27-a222-11ed-8616-0a0e2c5b0e1d&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
IP 52.7.54.238:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 0668588f1576b3a87ab18bf7e835f38e
a20f683031b37d17a831d50d3d2ccee51a98767a
aa68b4ff32a643005e383d0e2e63fd406690cd077cf0a847269bee206a8cbf96
GET /zcredirect?visitid=38217d27-a222-11ed-8616-0a0e2c5b0e1d&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false HTTP/1.1
Host: orest-vlv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://orest-vlv.com/zcvisitor/38217d27-a222-11ed-8616-0a0e2c5b0e1d/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=382f5fdc-a222-11ed-8616-0a0e2c5b0e1d
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Date: Wed, 01 Feb 2023 11:18:59 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
Server: JtIMYLRk
orest-vlv.com/favicon.ico
52.7.54.238404 653 B URL HTTP/1.1 orest-vlv.com/favicon.ico
IP 52.7.54.238:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (649), with no line terminators
Hash ba2732b1b2fa2626ffaa15f62f9e7d66
203d4e7fbb1d80449d6e4e1f3ae7a9bf8625debe
879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8
GET /favicon.ico HTTP/1.1
Host: orest-vlv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://orest-vlv.com/zcredirect?visitid=38217d27-a222-11ed-8616-0a0e2c5b0e1d&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
HTTP/1.1 404
Date: Wed, 01 Feb 2023 11:19:00 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 653
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Content-Language: en
Server: pHXNYpAa
xml-v4.gipostart-2.co/click?i=iodcxDa*gmE_0
173.239.53.32302 Found 0 B URL HTTP/1.1 xml-v4.gipostart-2.co/click?i=iodcxDa*gmE_0
IP 173.239.53.32:0
ASN #27257 WEBAIR-INTERNET
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?i=iodcxDa*gmE_0 HTTP/1.1
Host: xml-v4.gipostart-2.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://orest-vlv.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Cache-Control: no-store
Content-Length: 0
Age: 0
Connection: keep-alive
Location: https://link.affiliates.cyber.bet/click?b=0&pid=8425&offer_id=53&l=1666276955&sub4=CYBERMAXCAS&sub8=_casino&sub6=1666276955&ref_id=Z7I2CLf3VZ4
Pragma: no-cache
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 0c470b2c6a6d6e0ae8981ff565585af4
281b9f337005160bb8e5372ed0580aaf41605063
c399e11efc5307df36aeb02791be06dd34ad65b6eaa26ce49ef5835b779cf314
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1646
Cache-Control: max-age=135182
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 11:19:00 GMT
Etag: "63d9b144-117"
Expires: Fri, 03 Feb 2023 00:52:02 GMT
Last-Modified: Wed, 01 Feb 2023 00:24:36 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 279
link.affiliates.cyber.bet/click?b=0&pid=8425&offer_id=53&l=1666276955&sub4=CYBERMAXCAS&sub8=_casino&sub6=1666276955&ref_id=Z7I2CLf3VZ4
172.66.43.156302 Found 0 B URL HTTP/2 link.affiliates.cyber.bet/click?b=0&pid=8425&offer_id=53&l=1666276955&sub4=CYBERMAXCAS&sub8=_casino&sub6=1666276955&ref_id=Z7I2CLf3VZ4
IP 172.66.43.156:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?b=0&pid=8425&offer_id=53&l=1666276955&sub4=CYBERMAXCAS&sub8=_casino&sub6=1666276955&ref_id=Z7I2CLf3VZ4 HTTP/1.1
Host: link.affiliates.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://orest-vlv.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 01 Feb 2023 11:19:00 GMT
content-length: 0
location: https://cyber.bet/land/casino_red_pbn868/?cid=63da4aa48002f10001b4598a&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_casino&promocode=CYBERMAXCAS&subid2=&subid3=&aff_bnnr=&aff_land=1666276955
x-adjust-use-original-forwarded-for: 1
access-control-allow-origin: *
set-cookie: afclick=63da4aa48002f10001b4598a; expires=Thu, 01 Feb 2024 11:19:00 GMT; secure; SameSite=None
afoffers={"53":1675250340}; expires=Thu, 01 Feb 2024 11:19:00 GMT; secure; SameSite=None
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ElI1Kbi%2FJXpfmdXeBe%2BMWXLSAhS%2BIe8VXigvNMcog9MwXqkEzLHOKlo27iSxg%2By5H1D%2BW2hXvhqiJIc6CY1ba3FGC1fwBUxUSOygZQiX8RcMNPzOGyUI2kRrXbL1j6%2BJR%2BB9XWAg6P48OZs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792a4a239c91b4fd-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 0dea93a9adb1e26a6ebfaf2e12c22cd5
e286810b718e374858f11adf0aae18dc65f27d66
73dafa5cd629cdf850ca05894932507c209713024ef27ce7597cb25365f2150e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 11:19:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 0dea93a9adb1e26a6ebfaf2e12c22cd5
e286810b718e374858f11adf0aae18dc65f27d66
73dafa5cd629cdf850ca05894932507c209713024ef27ce7597cb25365f2150e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 11:19:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
142.250.74.42200 OK 31 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP 142.250.74.42:0
File type ASCII text, with very long lines (65451)
Hash 903bc7a7e510f87aa5d0201eb59a0832
ac9aa4dd94cde1bcba9037e94087138b127e41fc
41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 23:28:56 GMT
expires: Wed, 31 Jan 2024 23:28:56 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
age: 42604
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8179d438e94b57f316b42eff0bc16d25
14d828fae8cc42cae983f3032ec998cabe68cd6d
cdbf3bcc6c2dee36250054306df4d5298a5f00c2b901615417a83fd328ec8e3a
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "CDBF3BCC6C2DEE36250054306DF4D5298A5F00C2B901615417A83FD328EC8E3A"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9770
Expires: Wed, 01 Feb 2023 14:01:50 GMT
Date: Wed, 01 Feb 2023 11:19:00 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash e395abd9ba7cd2840cd00a3a92c66589
ec7291f28dc95abf40c7571b71a22eb6d4683ab8
67a1c3aa191e033e1e3e7497d4498485a65948132f568b7404bb5495bab94328
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2381
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 11:19:00 GMT
Last-Modified: Wed, 01 Feb 2023 10:39:19 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 280
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e2d2b00ed4a3970f9b7c4561eec1f2ba
5d51d00a750a05bcad6aac56b5dcd410afff7591
20f4ee50766ee62c45e9a18f9646a856c1ae9b702a055c7d9131026dce630c42
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "20F4EE50766EE62C45E9A18F9646A856C1AE9B702A055C7D9131026DCE630C42"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3304
Expires: Wed, 01 Feb 2023 12:14:04 GMT
Date: Wed, 01 Feb 2023 11:19:00 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 0dea93a9adb1e26a6ebfaf2e12c22cd5
e286810b718e374858f11adf0aae18dc65f27d66
73dafa5cd629cdf850ca05894932507c209713024ef27ce7597cb25365f2150e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 11:19:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 10e7f6603f4a4577e78ec94093b0ba65
e195ac1a56ff314fdacc25611768fdcd35d326ef
0314c415f02fc3f96ba10ce5ea5f5c67bb142b7f7525509fb846736ab7d02515
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 01 Feb 2023 11:19:00 GMT
Last-Modified: Wed, 01 Feb 2023 10:22:56 GMT
Server: ECS (dcb/7EA2)
X-Cache: Miss from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Zt6HYPeszc_33aX7YszQKDcyhin8A-caj4_mMiTegqiMgcB0w3LuJg==
Age: 3364
cdnstatic.cyber.bet/css/payments.css
54.230.111.5200 OK 699 B URL HTTP/2 cdnstatic.cyber.bet/css/payments.css
IP 54.230.111.5:0
File type ASCII text, with CRLF line terminators
Hash 70e2a5d4745300aed2bfccf31551eb7f
c913b11b1f043706b73941110c33543f3c942cfb
f33896366d0d98962fd3e5b79963449dd3c1c3ea48e617e5b6d6bdb46e0c7022
GET /css/payments.css HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: text/css
content-length: 699
last-modified: Tue, 24 Jan 2023 12:10:32 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Wed, 01 Feb 2023 11:18:48 GMT
etag: "70e2a5d4745300aed2bfccf31551eb7f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: etdqjPjFZOPu57MIol8ybJPB9bWFbkhf3ju65a2nIxKrKsSQjC_HfQ==
age: 12
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c004ef398fc2138876eac9e202e6e7c9
9b695108fe043113ee8dc3369be58234f1a73323
ab71d4c6d64f3c7a0114070414615b26843c22de34b0f04c9ad932ca112031c7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 11:19:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
my.rtmark.net/p.js?f=sync&lr=1&partner=8e97412bbf131fc32a987c97dde0d541fb4fd37a10ecec825f7a91e7042f6f9f
139.45.195.8200 OK 697 B URL HTTP/2 my.rtmark.net/p.js?f=sync&lr=1&partner=8e97412bbf131fc32a987c97dde0d541fb4fd37a10ecec825f7a91e7042f6f9f
IP 139.45.195.8:0
Hash 5d4584e4549c2c67b3b1014412127d86
878b05105062900e6df717dba698aab39b9476d8
383fd07eb50f0e9605a08083c372046f06511da2037d6dd5c0301bb8478ec55b
GET /p.js?f=sync&lr=1&partner=8e97412bbf131fc32a987c97dde0d541fb4fd37a10ecec825f7a91e7042f6f9f HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 11:19:00 GMT
content-type: text/javascript
content-length: 697
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-NR2G4XB
142.250.74.168200 OK 72 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-NR2G4XB
IP 142.250.74.168:0
File type Unicode text, UTF-8 text, with very long lines (15106)
Hash a59f34c27860b0399ebb57db013611ed
09203606c96f676090f2847701417be0bd59b2e6
e6b9e09f3ccbf2fde22e8c5e61ff05e2900b6b991e2926fbee9b1367445d5138
GET /gtm.js?id=GTM-NR2G4XB HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 01 Feb 2023 11:19:00 GMT
expires: Wed, 01 Feb 2023 11:19:00 GMT
cache-control: private, max-age=900
last-modified: Wed, 01 Feb 2023 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 72021
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 0b03afb76529d41add60c5daac95b0e5
8a1635989a4d8f6ade117b2eaa2caf4c738b9b6b
6cb7083dac48fdfd4b053ad9b2120267ccc7fdf8a85839673fbda32d1e5c94f5
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Wed, 01 Feb 2023 11:19:00 GMT
Etag: "63d8f37d-1d7"
Server: ECS (dcb/7F83)
X-Cache: Miss from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ifB9LRCyZwJFWAjOvGcdLI1DrSG9ZKZc1EVRHYrxdWb2RD-htWohkg==
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 0b03afb76529d41add60c5daac95b0e5
8a1635989a4d8f6ade117b2eaa2caf4c738b9b6b
6cb7083dac48fdfd4b053ad9b2120267ccc7fdf8a85839673fbda32d1e5c94f5
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=171350
Date: Wed, 01 Feb 2023 11:19:00 GMT
Etag: "63da44fa-1d7"
Expires: Fri, 03 Feb 2023 10:54:50 GMT
Last-Modified: Wed, 01 Feb 2023 10:54:50 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: e4Mduu9tikXFB_FmepPh6NgrekCaFy6iY8kSKP5VBTYpO-UbanysrQ==
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c004ef398fc2138876eac9e202e6e7c9
9b695108fe043113ee8dc3369be58234f1a73323
ab71d4c6d64f3c7a0114070414615b26843c22de34b0f04c9ad932ca112031c7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 11:19:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8179d438e94b57f316b42eff0bc16d25
14d828fae8cc42cae983f3032ec998cabe68cd6d
cdbf3bcc6c2dee36250054306df4d5298a5f00c2b901615417a83fd328ec8e3a
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "CDBF3BCC6C2DEE36250054306DF4D5298A5F00C2B901615417A83FD328EC8E3A"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9769
Expires: Wed, 01 Feb 2023 14:01:50 GMT
Date: Wed, 01 Feb 2023 11:19:01 GMT
Connection: keep-alive
cdnstatic.cyber.bet/js/global.js
54.230.111.5200 OK 71 kB URL HTTP/2 cdnstatic.cyber.bet/js/global.js
IP 54.230.111.5:0
File type Unicode text, UTF-8 text, with very long lines (5000), with CRLF line terminators
Hash 8943965f22a29b6f800a98e0eaed584f
1cfa4c3d79808cce1785967a637819b88a9d11f5
3655c70a4699f50b8ffedcba2985671c7c8788b6a73e665e45515e6b8e69e3db
GET /js/global.js HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 70834
vary: Accept-Encoding
date: Wed, 01 Feb 2023 11:19:01 GMT
last-modified: Tue, 24 Jan 2023 12:10:35 GMT
etag: "8943965f22a29b6f800a98e0eaed584f"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 2-9dJNPB8LyLmkZrPldSOuoqC4ALfQ31kuV_pk2PZbeucUT1rssREA==
cache-control: no-store, no-cache, must-revalidate
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash e395abd9ba7cd2840cd00a3a92c66589
ec7291f28dc95abf40c7571b71a22eb6d4683ab8
67a1c3aa191e033e1e3e7497d4498485a65948132f568b7404bb5495bab94328
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2382
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 11:19:01 GMT
Last-Modified: Wed, 01 Feb 2023 10:39:19 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 280
cdnstatic.cyber.bet/css/global.css
54.230.111.5200 OK 4.7 kB URL HTTP/2 cdnstatic.cyber.bet/css/global.css
IP 54.230.111.5:0
File type ASCII text, with CRLF line terminators
Hash 1d710fedcd0ddfd6744b7011d3261d07
884abf5c059be6ddcdd9067c24c55f744d6df31f
47db4a55aeef076b5cc2c69bb230028feb69a8575b5a9651a1fa79e51990edb9
GET /css/global.css HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: text/css
content-length: 4746
vary: Accept-Encoding
date: Wed, 01 Feb 2023 11:19:02 GMT
last-modified: Tue, 24 Jan 2023 12:10:32 GMT
etag: "1d710fedcd0ddfd6744b7011d3261d07"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Dhdg3j96WRHuToq_gI2-mcIELL6IXqcjnBQ5ZVyiauD6d9fuw4zv_g==
cache-control: no-store, no-cache, must-revalidate
X-Firefox-Spdy: h2
cyber.bet/land/casino_red_pbn868/img/bg.jpg
172.66.43.156200 OK 85 kB URL HTTP/2 cyber.bet/land/casino_red_pbn868/img/bg.jpg
IP 172.66.43.156:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x939, components 3\012- data
Hash 98ba8ffcbd9e5560948fced0272a2f75
64d51f93a51c26638a66468801643e9edd8935c8
c2635b22ca2e9b3d82330a2bc4c6688f2e0a8901f12baaaa321182cb0bba2912
GET /land/casino_red_pbn868/img/bg.jpg HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_red_pbn868/css/style.css?v=1
Cookie: _ga_8FYNJV02NV=GS1.1.1675250362.1.0.1675250362.60.0.0; _ga=GA1.1.188777560.1675250362; __adm_tid=tid-2e6f9f091.435933926
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 11:19:01 GMT
content-type: image/jpeg
content-length: 84557
cf-bgj: h2pri
etag: "63502f95-14a4d"
last-modified: Wed, 19 Oct 2022 17:10:45 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 7176
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O038e1yEnrVWnWHbxNny1Vl5X8sGudosEW5MuHm%2FaoJHY9jIQYlK9uoIV6GmskVJDyGAvY3fARL87RvqZOS8Y4qCC3QsZromkRLTOgkprWpVn6IkyXk%2F8f65Hw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792a4a285beab4fd-OSL
X-Firefox-Spdy: h2
cyber.bet/land/casino_red_pbn868/img/right.png
172.66.43.156200 OK 121 kB URL HTTP/2 cyber.bet/land/casino_red_pbn868/img/right.png
IP 172.66.43.156:0
File type PNG image data, 1122 x 1045, 8-bit colormap, non-interlaced\012- data
Size 121 kB (121073 bytes)
Hash 1259004f61333ce5779efb3823458094
cc58a5562320e0dd696765532a5a910c51a6eee1
3b65805319f0f56c6ada3b09a76162b8293682d2e5a0fb2ba00a395dadbf36fc
GET /land/casino_red_pbn868/img/right.png HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_red_pbn868/css/style.css?v=1
Cookie: _ga_8FYNJV02NV=GS1.1.1675250362.1.0.1675250362.60.0.0; _ga=GA1.1.188777560.1675250362; __adm_tid=tid-2e6f9f091.435933926
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 11:19:01 GMT
content-type: image/png
content-length: 121073
last-modified: Wed, 19 Oct 2022 17:10:45 GMT
etag: "63502f95-1d8f1"
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6971
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iatGV9t%2BEs4EZYhtvhLACqJ7LhM6pwHTDpZn10Zjnj1YD42Ps4u5o5HgGDur8MgfffkXKPyLVsmO3ZdnxFRX%2BC4ed29fa1iqORX97nF5YeV%2BUBmeBYLrUeDWig%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792a4a285bf3b4fd-OSL
X-Firefox-Spdy: h2
cyber.bet/land/casino_red_pbn868/img/input.png
172.66.43.156200 OK 10 kB URL HTTP/2 cyber.bet/land/casino_red_pbn868/img/input.png
IP 172.66.43.156:0
File type PNG image data, 684 x 134, 8-bit/color RGBA, non-interlaced\012- data
Hash 029eb00d46a95ea9be209224c3d913db
6437f53a0ac6d920ce054424e379bc4035890d9f
2edf7d5caba07cf65cf390191d6e21b25a0510b09ea2809df2630515e7bccb7f
GET /land/casino_red_pbn868/img/input.png HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_red_pbn868/css/form.css
Cookie: _ga_8FYNJV02NV=GS1.1.1675250362.1.0.1675250362.60.0.0; _ga=GA1.1.188777560.1675250362; __adm_tid=tid-2e6f9f091.435933926
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 11:19:01 GMT
content-type: image/png
content-length: 10123
last-modified: Wed, 19 Oct 2022 17:10:45 GMT
etag: "63502f95-278b"
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 7176
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kt4r%2FwYXfn%2FAqFd55kve7ifIZ12wolC%2FswUFM6YrpBmeNidRGWBqfUezxYPlEyGJAh%2B%2BGmeFe3cUH%2FiGESh97h39O2UBSeLxvtdHvT%2FIV3axqI82caSkweOwXg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792a4a285bfab4fd-OSL
X-Firefox-Spdy: h2
cyber.bet/land/casino_red_pbn868/img/left.png
172.66.43.156200 OK 110 kB URL HTTP/2 cyber.bet/land/casino_red_pbn868/img/left.png
IP 172.66.43.156:0
File type PNG image data, 989 x 972, 8-bit colormap, non-interlaced\012- data
Size 110 kB (110461 bytes)
Hash d6890ff06451abd5164dad583ab8383c
0391a449f196bf9ad13d577c5f390d2767ccd182
60c8d0be6f5252f41ebf504c5c4597fd460f31bd2b695884f69cc789168821cb
GET /land/casino_red_pbn868/img/left.png HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_red_pbn868/css/style.css?v=1
Cookie: _ga_8FYNJV02NV=GS1.1.1675250362.1.0.1675250362.60.0.0; _ga=GA1.1.188777560.1675250362; __adm_tid=tid-2e6f9f091.435933926
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 11:19:01 GMT
content-type: image/png
content-length: 110461
last-modified: Wed, 19 Oct 2022 17:10:45 GMT
etag: "63502f95-1af7d"
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6971
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QU2tmvtXZNcJxcWHT6MYgBWlpcqAqMiKeRdi3LvBLX%2BnPNb%2Ff65gvcIcZfBhCg0LqfhyWqXuIAgW5s%2BntJNvtPHWLkR0ePlNF9yFotdW%2BXI6sRk0hNYUeC%2B1VA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792a4a285bf1b4fd-OSL
X-Firefox-Spdy: h2
cyber.bet/land/casino_red_pbn868/img/cb_picked.png
172.66.43.156200 OK 3.2 kB URL HTTP/2 cyber.bet/land/casino_red_pbn868/img/cb_picked.png
IP 172.66.43.156:0
File type PNG image data, 82 x 80, 8-bit/color RGBA, non-interlaced\012- data
Hash 774fc89cb9c8f999121c719e5f9f29df
d7d8ce07db925dc13908ea8c2c587fbb597c9eef
b1dd144f891842f0c1f19fff5c6ee14e4ab6ae491c7cac4aa2c2d7f156885bcb
GET /land/casino_red_pbn868/img/cb_picked.png HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_red_pbn868/css/form.css
Cookie: _ga_8FYNJV02NV=GS1.1.1675250362.1.0.1675250362.60.0.0; _ga=GA1.1.188777560.1675250362; __adm_tid=tid-2e6f9f091.435933926
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 11:19:01 GMT
content-type: image/png
content-length: 3193
last-modified: Wed, 19 Oct 2022 17:10:45 GMT
etag: "63502f95-c79"
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 7176
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4z7hscAEMaMpUZpJSFXHaAVjF1AfBJG6JkPeG4E2S1pRIuV%2B0NpVIjgTgpQsnL%2FPFcrPFw7HIvhC34n0z3vjAgmUqA8%2BmfhUXBuj7uOiUOhR1UbACeAdA%2BmPRw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792a4a286c01b4fd-OSL
X-Firefox-Spdy: h2
cyber.bet/land/casino_red_pbn868/img/promo.png
172.66.43.156200 OK 13 kB URL HTTP/2 cyber.bet/land/casino_red_pbn868/img/promo.png
IP 172.66.43.156:0
File type PNG image data, 684 x 134, 8-bit/color RGBA, non-interlaced\012- data
Hash 5798187ffb0edc7c4525a1415d9e03db
240b77c6c3c8c2a75d133c14907805d85def5588
93a1d190fd9a50423a0f7518a9147a2ef4cf969478056c6001c1124a0a1fe830
GET /land/casino_red_pbn868/img/promo.png HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_red_pbn868/css/form.css
Cookie: _ga_8FYNJV02NV=GS1.1.1675250362.1.0.1675250362.60.0.0; _ga=GA1.1.188777560.1675250362; __adm_tid=tid-2e6f9f091.435933926
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 11:19:01 GMT
content-type: image/png
content-length: 13216
last-modified: Wed, 19 Oct 2022 17:10:45 GMT
etag: "63502f95-33a0"
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 7176
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G17mX9It481ptD3if%2FCDHOLsllCBgFZrx8KT8%2BQr%2FBBmisynk7Elfpwk98sALGr5VggeZGY4DX3MGlngWcdBPo2R9hL4%2BJ64Vw5%2BFViyCvcMAhtjDfF8B7tkcg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792a4a286bfdb4fd-OSL
X-Firefox-Spdy: h2
cyber.bet/land/casino_red_pbn868/img/cta.png
172.66.43.156200 OK 99 kB URL HTTP/2 cyber.bet/land/casino_red_pbn868/img/cta.png
IP 172.66.43.156:0
File type PNG image data, 1076 x 266, 8-bit/color RGBA, non-interlaced\012- data
Hash 6af15da4b150dd671aa73c54a5d000b2
1292d7e77d7ea538594b8f43527c1464a73e3ac6
383559b3e7496fbf5f0d7ebf89bb9fd90e149fee99bca2a0007224fed63ca51b
GET /land/casino_red_pbn868/img/cta.png HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_red_pbn868/css/form.css
Cookie: _ga_8FYNJV02NV=GS1.1.1675250362.1.0.1675250362.60.0.0; _ga=GA1.1.188777560.1675250362; __adm_tid=tid-2e6f9f091.435933926
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 11:19:01 GMT
content-type: image/png
content-length: 98590
last-modified: Wed, 19 Oct 2022 17:10:45 GMT
etag: "63502f95-1811e"
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 7176
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d2F1wAf5%2F6ymptX%2FrN9XZrVdkxSHAN5BUkRtk1eF7bUN1ICgSYhNIhN%2F1o5DI4Qq9yr36czg5U7FmFBdTtr94ZiRXyqCPe2qr2fiiCszwe4k2clUSKZHuJF08g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792a4a286c10b4fd-OSL
X-Firefox-Spdy: h2
cdnstatic.cyber.bet/js/fp.js
54.230.111.5200 OK 533 B URL HTTP/2 cdnstatic.cyber.bet/js/fp.js
IP 54.230.111.5:0
File type ASCII text, with CRLF line terminators
Hash d1abfbe2c5b50e7f427e41c79197dcd3
01f6142a97168fd15da33334c35ce351d676ed08
7266855231eab7a13a11e53e9df50e1c84582649d9708e9a8f72d62e8af8b569
GET /js/fp.js HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1675250362.1.0.1675250362.60.0.0; _ga=GA1.1.188777560.1675250362
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 533
last-modified: Tue, 24 Jan 2023 12:10:35 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Wed, 01 Feb 2023 11:18:49 GMT
etag: "d1abfbe2c5b50e7f427e41c79197dcd3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: CoqYh3plDqVM-7pREgmMvyQ760HkIe5hKvVjC0BOi5zRPTW4vvKDMw==
age: 24
X-Firefox-Spdy: h2
cdnstatic.cyber.bet/js/geoMapping.js
54.230.111.5200 OK 443 B URL HTTP/2 cdnstatic.cyber.bet/js/geoMapping.js
IP 54.230.111.5:0
File type ASCII text, with CRLF line terminators
Hash 2f6043a16c26cde9a190dbb829b5519c
791479cfced1a000ef6411990f1c4bba615b6b4c
f9dfb0c2f94be90f2cdeb66286b36cdeb5d8fb0fbb9f28b1e1d3d99a3780306a
GET /js/geoMapping.js HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1675250362.1.0.1675250362.60.0.0; _ga=GA1.1.188777560.1675250362
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 443
last-modified: Tue, 24 Jan 2023 12:10:35 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Wed, 01 Feb 2023 11:18:50 GMT
etag: "2f6043a16c26cde9a190dbb829b5519c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: fnu5hktW5mTiwQeignxz2ZP1fDvF3vy6tGDZq_svv8Rxy1DkKgGVZA==
age: 12
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 789b41f1f8027d4275a66ac9cb2f124d
c5eff6750f9a50fc52a7a6ec6e30a7afaf28fc79
e053b0b29fc44721473ed39ddfe41064f09b56b3531c765228fa322d599e770f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 11:19:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 789b41f1f8027d4275a66ac9cb2f124d
c5eff6750f9a50fc52a7a6ec6e30a7afaf28fc79
e053b0b29fc44721473ed39ddfe41064f09b56b3531c765228fa322d599e770f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 11:19:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15752, version 1.0\012- data
Hash b20371a6daf29d4a1f2e85dbbf40fb20
0355a01c1ccb45cb728e7e07c41c8ebf456f70bb
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cyber.bet
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15752
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 12:46:53 GMT
expires: Wed, 31 Jan 2024 12:46:53 GMT
cache-control: public, max-age=31536000
age: 81128
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 789b41f1f8027d4275a66ac9cb2f124d
c5eff6750f9a50fc52a7a6ec6e30a7afaf28fc79
e053b0b29fc44721473ed39ddfe41064f09b56b3531c765228fa322d599e770f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 11:19:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 789b41f1f8027d4275a66ac9cb2f124d
c5eff6750f9a50fc52a7a6ec6e30a7afaf28fc79
e053b0b29fc44721473ed39ddfe41064f09b56b3531c765228fa322d599e770f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 11:19:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 789b41f1f8027d4275a66ac9cb2f124d
c5eff6750f9a50fc52a7a6ec6e30a7afaf28fc79
e053b0b29fc44721473ed39ddfe41064f09b56b3531c765228fa322d599e770f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 11:19:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cyber.bet
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 03:13:04 GMT
expires: Fri, 26 Jan 2024 03:13:04 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 547557
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cyber.bet
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 12:46:12 GMT
expires: Mon, 29 Jan 2024 12:46:12 GMT
cache-control: public, max-age=31536000
age: 253969
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f3ab2abde49bc0a3438f7ca4e56dd50f
688e824a4a83e5e90fe18f40f9052abfd167e7cd
5352452226490c941d97ac6a1bb67954eb2ffd4e2efd6599e76fc1ee25bf866b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5352452226490C941D97AC6A1BB67954EB2FFD4E2EFD6599E76FC1EE25BF866B"
Last-Modified: Sun, 29 Jan 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16334
Expires: Wed, 01 Feb 2023 15:51:15 GMT
Date: Wed, 01 Feb 2023 11:19:01 GMT
Connection: keep-alive
my.rtmark.net/p.js?f=sync&lr=1&partner=ba0d5680aec92ed9c5c9da2be8d0e8a3a577866b71c7089a32ed732bc1246910
139.45.195.8200 OK 697 B URL HTTP/2 my.rtmark.net/p.js?f=sync&lr=1&partner=ba0d5680aec92ed9c5c9da2be8d0e8a3a577866b71c7089a32ed732bc1246910
IP 139.45.195.8:0
Hash bb07e31c2c066db5c4b3259d1f69a442
db79e9d4a817ce703b11b65faf2ba097228063b2
d96b7a3f7fe0803348c6ea7cd2f02b2a3d96feabac2339d2f89033336f6583a8
GET /p.js?f=sync&lr=1&partner=ba0d5680aec92ed9c5c9da2be8d0e8a3a577866b71c7089a32ed732bc1246910 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 11:19:01 GMT
content-type: text/javascript
content-length: 697
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cyber.bet
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 19:34:21 GMT
expires: Thu, 25 Jan 2024 19:34:21 GMT
cache-control: public, max-age=31536000
age: 575080
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cyber.bet
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 14:07:32 GMT
expires: Thu, 25 Jan 2024 14:07:32 GMT
cache-control: public, max-age=31536000
age: 594689
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/@fingerprintjs/fingerprintjs@3/dist/fp.min.js
151.101.65.229200 OK 14 kB URL HTTP/2 cdn.jsdelivr.net/npm/@fingerprintjs/fingerprintjs@3/dist/fp.min.js
IP 151.101.65.229:0
File type Unicode text, UTF-8 text, with very long lines (34150)
Hash 992ef8564e775838114b9722cfaca166
d695319ec9e83f5a2ed894ecff5e7497f0bb9fa7
974c0527a326c8a38b0a5475d5a9d159e3a1a4a4a0688888d9d525b74ebc3930
GET /npm/@fingerprintjs/fingerprintjs@3/dist/fp.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 3.4.0
x-jsd-version-type: version
etag: W/"86b4-0dT4vbRAvda9ZROiHYU1ptjFWSM"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 01 Feb 2023 11:19:01 GMT
age: 31383
x-served-by: cache-fra-eddf8230075-FRA, cache-bma1667-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 14453
X-Firefox-Spdy: h2
cyber.bet/land/casino_red_pbn868/img/logo.svg
172.66.43.156200 OK 5.4 kB URL HTTP/2 cyber.bet/land/casino_red_pbn868/img/logo.svg
IP 172.66.43.156:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1777), with CRLF line terminators
Hash e3cac19f4cffe8b0d6a7d574fabf80a3
1f7e8f0dcb02e9cf447919f04ece346edb1a3b6f
8d79659ce5fde8316fc55d880ed86d5862d19cca436af0d2a8598766a8304dc8
Analyzer Verdict Alert fortinet Malware
GET /land/casino_red_pbn868/img/logo.svg HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_red_pbn868/css/common.css
Cookie: _ga_8FYNJV02NV=GS1.1.1675250362.1.0.1675250362.60.0.0; _ga=GA1.1.188777560.1675250362; __adm_tid=tid-2e6f9f091.435933926
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 11:19:01 GMT
content-type: image/svg+xml
last-modified: Wed, 19 Oct 2022 17:10:45 GMT
etag: W/"63502f95-b67"
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 7176
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gffevt%2FaGItW6vgxk%2FmsR0%2B1sXB2FXRDKGcfYpHPQQam5rKBKWyaV0tNKdSP4%2FoU6T3VzsJKMpSjh6pRcn2X%2Fbne2G8oq48BKZhKsDrDdyI%2BZnsvpZAnSO6bIA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792a4a285bf6b4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP 104.18.21.226:0
Hash dfae63935238ce8b1aea007517061fb4
02d8ae5d2c9f21fdd5c174de5dc49b5f15b0469d
3480a831d72a623801317199fbf00ce363647b6f169d34ce60b6ed69afde23d6
POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 11:19:01 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "1B7757C5203E7BC9FD1AAF74713CED067D625665"
Expires: Wed, 01 Feb 2023 22:00:00 GMT
Last-Modified: Wed, 01 Feb 2023 10:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1309
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 792a4a29bf8eb518-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fc7341b2b3c07810dbda66c8db53fad3
962ea79919c530657a68db6877f1b95b9705e59e
b2f9d21c9564bf36bb789da7a27c3a1336651443741c926ec5d36d4ad2abc45c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B2F9D21C9564BF36BB789DA7A27C3A1336651443741C926EC5D36D4AD2ABC45C"
Last-Modified: Tue, 31 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11242
Expires: Wed, 01 Feb 2023 14:26:23 GMT
Date: Wed, 01 Feb 2023 11:19:01 GMT
Connection: keep-alive
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Wed, 01 Feb 2023 09:46:59 GMT
expires: Wed, 01 Feb 2023 11:46:59 GMT
cache-control: public, max-age=7200
age: 5522
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cyber.bet/land/casino_red_pbn868/css/style.css?v=1
172.66.43.156200 OK 1.4 kB URL HTTP/2 cyber.bet/land/casino_red_pbn868/css/style.css?v=1
IP 172.66.43.156:0
File type ASCII text, with very long lines (3797), with no line terminators
Hash 500552ae564a362a7168501f9ba45077
cf7b6ef9e567359cb668a816cfa8aa60453e2ea7
b2048963bf6126626c6859f0a679377d9f906f7ca73b2dba7cbe6190b9c7b13c
Analyzer Verdict Alert fortinet Malware
GET /land/casino_red_pbn868/css/style.css?v=1 HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_red_pbn868/?cid=63da4aa48002f10001b4598a&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_casino&promocode=CYBERMAXCAS&subid2=&subid3=&aff_bnnr=&aff_land=1666276955
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 11:19:00 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=6020
etag: W/"63502f95-1784"
last-modified: Wed, 19 Oct 2022 17:10:45 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 7176
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HNlWzi%2BBFF7%2BlsXVK6HinCCzbI2EvAioNtUmFsBVEHFtBYilzSsCqvpmcHkbSY7iudBKFOHuTHVo%2FVzaJNae1LHDpbBF3hG3sfKUadcc5LCiHDRtTo2fG2rkEA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792a4a24fee2b4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2
my.rtmark.net/img.gif?f=sync&partner=8e97412bbf131fc32a987c97dde0d541fb4fd37a10ecec825f7a91e7042f6f9f&ttl=&rurl=https%3A%2F%2Fcyber.bet%2Fland%2Fcasino_red_pbn868%2F%3Fcid%3D63da4aa48002f10001b4598a%26pid%3D8425%26subid1%3D%26affs%3D1%26sid%3Daffs%26utm_medium%3Drevshare%26utm_source%3Daffise%26utm_campaign%3D53_casino%26promocode%3DCYBERMAXCAS%26subid2%3D%26subid3%3D%26aff_bnnr%3D%26aff_land%3D1666276955
139.45.195.8200 OK 43 B URL HTTP/2 my.rtmark.net/img.gif?f=sync&partner=8e97412bbf131fc32a987c97dde0d541fb4fd37a10ecec825f7a91e7042f6f9f&ttl=&rurl=https%3A%2F%2Fcyber.bet%2Fland%2Fcasino_red_pbn868%2F%3Fcid%3D63da4aa48002f10001b4598a%26pid%3D8425%26subid1%3D%26affs%3D1%26sid%3Daffs%26utm_medium%3Drevshare%26utm_source%3Daffise%26utm_campaign%3D53_casino%26promocode%3DCYBERMAXCAS%26subid2%3D%26subid3%3D%26aff_bnnr%3D%26aff_land%3D1666276955
IP 139.45.195.8:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /img.gif?f=sync&partner=8e97412bbf131fc32a987c97dde0d541fb4fd37a10ecec825f7a91e7042f6f9f&ttl=&rurl=https%3A%2F%2Fcyber.bet%2Fland%2Fcasino_red_pbn868%2F%3Fcid%3D63da4aa48002f10001b4598a%26pid%3D8425%26subid1%3D%26affs%3D1%26sid%3Daffs%26utm_medium%3Drevshare%26utm_source%3Daffise%26utm_campaign%3D53_casino%26promocode%3DCYBERMAXCAS%26subid2%3D%26subid3%3D%26aff_bnnr%3D%26aff_land%3D1666276955 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 11:19:01 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=42b57cc960974c589c2a058483412bde; expires=Thu, 01 Feb 2024 11:19:01 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8FYNJV02NV&cid=188777560.1675250362>m=2oe1u0&aip=1&z=1696818530
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8FYNJV02NV&cid=188777560.1675250362>m=2oe1u0&aip=1&z=1696818530
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8FYNJV02NV&cid=188777560.1675250362>m=2oe1u0&aip=1&z=1696818530 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 01 Feb 2023 11:19:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
notix.io/event
139.45.240.92200 OK 26 kB IP 139.45.240.92:0
Hash 8568ee7c88c8f85cd325bcc86baefe71
6956eebe60105213a12ebd7fb358fdb64320f7f6
4414db4113ba8e20a36e2e14bc927f297167162184874ecf7c25489dd9ae67f8
OPTIONS /event HTTP/1.1
Host: notix.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://cyber.bet/
Origin: https://cyber.bet
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 11:18:56 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://cyber.bet
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 4a1c315f637e41293820773d650c12f3
f28e2314c4888386cb8ce3c4e2fba928b999f134
b2a81e11574f61804cf613a15225cc32f10aec859b5ee9af3ef0ae421f81c30f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 01 Feb 2023 11:19:01 GMT
Last-Modified: Wed, 01 Feb 2023 09:50:54 GMT
Server: ECS (nyb/1D29)
X-Cache: Miss from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: cF1X8wGJ4DURIi0NCfU3IdgCCWIkOZLx2JCmIa1y_t0C1gucVocsAg==
Age: 5287
notix.io/event
139.45.240.92200 OK 0 B IP 139.45.240.92:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1
Host: notix.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://cyber.bet/
Origin: https://cyber.bet
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 11:18:56 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://cyber.bet
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b4c9a8ce96aa57d27a6bd55df00f08ac
180302ed4863fb5b22b45ab0cc7c770a12a8c63d
3707163ad693f536f95ed3331f045060ad51b12e95d55690d341a4a93e7f1d12
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 11:19:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
notix.io/event
139.45.240.92200 OK 0 B IP 139.45.240.92:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1
Host: notix.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://cyber.bet/
Origin: https://cyber.bet
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 11:18:56 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://cyber.bet
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
notix.io/event
139.45.240.92200 OK 15 B IP 139.45.240.92:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 28ec1eee5f4049e3c4f2135069c1d2c8
3505519507ca1c2a089c46e100b80408ca278421
edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b
POST /event HTTP/1.1
Host: notix.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 80
Origin: https://cyber.bet
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 11:18:55 GMT
content-type: application/json; charset=utf-8
content-length: 15
access-control-allow-origin: https://cyber.bet
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:100,200,300,400,500,600,700,800,900&display=swap
142.250.74.106200 OK 822 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:100,200,300,400,500,600,700,800,900&display=swap
IP 142.250.74.106:0
Hash c2ef05aa01837b552a8e8b06199d855b
c142c889cc7299823591a9d40f4fbe80cd0c411f
d1cf22e5ff02ea082c4d9f599ac35d1241c868aad6f460c0e6f9851704f96140
GET /css?family=Roboto:100,200,300,400,500,600,700,800,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 01 Feb 2023 11:19:00 GMT
date: Wed, 01 Feb 2023 11:19:00 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
notix.io/event
139.45.240.92200 OK 15 B IP 139.45.240.92:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 28ec1eee5f4049e3c4f2135069c1d2c8
3505519507ca1c2a089c46e100b80408ca278421
edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b
POST /event HTTP/1.1
Host: notix.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 63
Origin: https://cyber.bet
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 11:18:55 GMT
content-type: application/json; charset=utf-8
content-length: 15
access-control-allow-origin: https://cyber.bet
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 46e2bec06a11406d5cdcec9c0e76911d
edc777878dca7029c70577edae741264a22ab010
21f7443ebf888a28fb0f0010d1c83ca833b42c06f7d2c755f83a4b418de96854
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 11:19:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cyber.bet/graphql/v2
172.66.43.156200 OK 87 B IP 172.66.43.156:0
File type JSON data\012- , ASCII text, with no line terminators
Hash ff330e32d87218c222d8fd239067d320
8155d995d438360d36e7915eea9e3e0a48a1223b
c0a1e58590ba43a7b34e4e3596946a03ee7dfa546b9c6ddf22757f0a9645c3be
POST /graphql/v2 HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cyber.bet/land/casino_red_pbn868/?cid=63da4aa48002f10001b4598a&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_casino&promocode=CYBERMAXCAS&subid2=&subid3=&aff_bnnr=&aff_land=1666276955
Content-Type: application/json;charset=utf-8
Origin: https://cyber.bet
Content-Length: 51
Connection: keep-alive
Cookie: _ga_8FYNJV02NV=GS1.1.1675250362.1.0.1675250362.60.0.0; _ga=GA1.1.188777560.1675250362; __adm_tid=tid-2e6f9f091.435933926
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 11:19:01 GMT
content-type: application/json
strict-transport-security: max-age=15724800; includeSubDomains
cb-blocked: no
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ofOxA%2B2XJTL7OLlJfAMuayYNq3g4Z3TFwQB7wfPb2i9sYOumOEaXdJqYGZ%2FXyiQfhMWYJOOpnrlqe%2BmWrdkOwNvwA1qw3WNimlrmEWH5UplReWpuzxks3RCFVg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792a4a293d54b4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2
cyber.bet/land/js/locales/base/locales.js
172.66.43.156200 OK 5.2 kB URL HTTP/2 cyber.bet/land/js/locales/base/locales.js
IP 172.66.43.156:0
File type Unicode text, UTF-8 text, with very long lines (16549), with no line terminators
Hash 14b9ea1691074e99a967741c2699b6e3
eebd1ee7a1f48c6144508fb71bb91184072dd7f0
2815eea8a002a580c0ca68fc6df4728e6b20720b0f208750bd664f1535c7747a
GET /land/js/locales/base/locales.js HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_red_pbn868/?cid=63da4aa48002f10001b4598a&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_casino&promocode=CYBERMAXCAS&subid2=&subid3=&aff_bnnr=&aff_land=1666276955
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 11:19:00 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=22124
etag: W/"636c24bc-566c"
last-modified: Wed, 09 Nov 2022 22:07:56 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 7176
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vKEUvMIyK4bbQvnqF1zJS2ld%2B1fFLobnHfAOsLBE4lFmP6rKA5YOc8BVtQnGFK92JKo5gkcvplM%2F4OaWCzaLbpSXaoNehh0wQFgEGYW6vWaBtxOq90EDjcvjlA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792a4a24fee5b4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 46e2bec06a11406d5cdcec9c0e76911d
edc777878dca7029c70577edae741264a22ab010
21f7443ebf888a28fb0f0010d1c83ca833b42c06f7d2c755f83a4b418de96854
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 11:19:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
my.rtmark.net/img.gif?f=sync&partner=ba0d5680aec92ed9c5c9da2be8d0e8a3a577866b71c7089a32ed732bc1246910&ttl=&rurl=https%3A%2F%2Fcyber.bet%2Fland%2Fcasino_red_pbn868%2F%3Fcid%3D63da4aa48002f10001b4598a%26pid%3D8425%26subid1%3D%26affs%3D1%26sid%3Daffs%26utm_medium%3Drevshare%26utm_source%3Daffise%26utm_campaign%3D53_casino%26promocode%3DCYBERMAXCAS%26subid2%3D%26subid3%3D%26aff_bnnr%3D%26aff_land%3D1666276955
139.45.195.8200 OK 43 B URL HTTP/2 my.rtmark.net/img.gif?f=sync&partner=ba0d5680aec92ed9c5c9da2be8d0e8a3a577866b71c7089a32ed732bc1246910&ttl=&rurl=https%3A%2F%2Fcyber.bet%2Fland%2Fcasino_red_pbn868%2F%3Fcid%3D63da4aa48002f10001b4598a%26pid%3D8425%26subid1%3D%26affs%3D1%26sid%3Daffs%26utm_medium%3Drevshare%26utm_source%3Daffise%26utm_campaign%3D53_casino%26promocode%3DCYBERMAXCAS%26subid2%3D%26subid3%3D%26aff_bnnr%3D%26aff_land%3D1666276955
IP 139.45.195.8:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /img.gif?f=sync&partner=ba0d5680aec92ed9c5c9da2be8d0e8a3a577866b71c7089a32ed732bc1246910&ttl=&rurl=https%3A%2F%2Fcyber.bet%2Fland%2Fcasino_red_pbn868%2F%3Fcid%3D63da4aa48002f10001b4598a%26pid%3D8425%26subid1%3D%26affs%3D1%26sid%3Daffs%26utm_medium%3Drevshare%26utm_source%3Daffise%26utm_campaign%3D53_casino%26promocode%3DCYBERMAXCAS%26subid2%3D%26subid3%3D%26aff_bnnr%3D%26aff_land%3D1666276955 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: ID=42b57cc960974c589c2a058483412bde
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 11:19:01 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=42b57cc960974c589c2a058483412bde; expires=Thu, 01 Feb 2024 11:19:01 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
cyber.bet/land/casino_red_pbn868/favicon.ico
172.66.43.156200 OK 2.1 kB URL HTTP/2 cyber.bet/land/casino_red_pbn868/favicon.ico
IP 172.66.43.156:0
File type MS Windows icon resource - 3 icons, 48x48, 8 bits/pixel, 32x32, 8 bits/pixel\012- data
Hash 25497e49230376d3f2788997164abbaf
8eca1c7e35e6fb2b43fe55d23f9256a3065e7bca
b21e9914a29270cbd3f81d946806f6fc44ed4a9367cbe8b2546ca1c56b4aebca
GET /land/casino_red_pbn868/favicon.ico HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_red_pbn868/?cid=63da4aa48002f10001b4598a&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_casino&promocode=CYBERMAXCAS&subid2=&subid3=&aff_bnnr=&aff_land=1666276955
Cookie: _ga_8FYNJV02NV=GS1.1.1675250362.1.0.1675250362.60.0.0; _ga=GA1.1.188777560.1675250362; __adm_tid=tid-2e6f9f091.435933926; _uc_referrer=http://orest-vlv.com/; _uc_utm_source=affise; _uc_utm_medium=revshare; _uc_utm_campaign=53_casino; _uc_utm_term=; _uc_utm_content=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 11:19:01 GMT
content-type: image/x-icon
last-modified: Wed, 19 Oct 2022 17:10:45 GMT
etag: W/"63502f95-1cee"
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 7171
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FqlrPB7V2CSfZMvKdnRzlDzRIktZ3XrrsJl6qzKGJPosgsK2jvwh23HThq1bCexAgZa%2FHhen%2FX4iD32JyQazIz4a8%2F%2FSOmjfgSN0DHWJGMvCD7hAQzXrjHGGpw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792a4a2b4870b4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 991dde88c08b8d3c16bd3afac119bafb
171bc1de8418aaa736da9b6cf6001568c7938936
ef525faa5ae17cd14d8e59a409ce70fb6016922d7f388f32249a9d0c44175d50
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF525FAA5AE17CD14D8E59A409CE70FB6016922D7F388F32249A9D0C44175D50"
Last-Modified: Wed, 01 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13900
Expires: Wed, 01 Feb 2023 15:10:41 GMT
Date: Wed, 01 Feb 2023 11:19:01 GMT
Connection: keep-alive
backend.cyberbet.academy/api/gql/send?ttl=86400
34.254.83.154200 OK 4 B URL HTTP/2 backend.cyberbet.academy/api/gql/send?ttl=86400
IP 34.254.83.154:0
File type ASCII text, with no line terminators
Hash 5b3abf9c1aa7556c3a36fea4e695c5d2
3fd967d09a748e1f2b26d6fe562e7155aa87e9de
98c4922bb641c65c7a30b7bcafdf230b9b00b6693631c56146ab25b2786ee4a3
OPTIONS /api/gql/send?ttl=86400 HTTP/1.1
Host: backend.cyberbet.academy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://cyber.bet/
Origin: https://cyber.bet
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 11:19:01 GMT
content-type: application/json; charset=utf-8
content-length: 4
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-headers: origin, content-type, accept
etag: W/"4-P9ln0Jp0jh8rJtb+Vi5xVaqH6d4"
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
backend.cyberbet.academy/api/gql/send?ttl=86400
34.254.83.154200 OK 1.7 kB URL HTTP/2 backend.cyberbet.academy/api/gql/send?ttl=86400
IP 34.254.83.154:0
File type JSON data\012- , ASCII text, with very long lines (1732), with no line terminators
Hash 7d262be351a12c20d4e65ce60529f9fc
8081b04642d8b42d8af4fe92cf2e496ed15eaca5
a9d1bfc8e3fcf82bc6d372d278866fb7cc002c158e1ed329bd4f94a70a965241
POST /api/gql/send?ttl=86400 HTTP/1.1
Host: backend.cyberbet.academy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cyber.bet/
Content-Type: application/json;charset=utf-8
Origin: https://cyber.bet
Content-Length: 359
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 11:19:02 GMT
content-type: application/json; charset=utf-8
content-length: 1732
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-headers: origin, content-type, accept
etag: W/"6c4-gIGwRkLYtC2K9P6Szy5JbtFerKU"
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
alexatracker.com/jscode/bQIA.js?sub1=&sub2=&sub3=&sub4=&sub5=&prid=63da4aa48002f10001b4598a
104.21.85.99200 OK 0 B URL HTTP/2 alexatracker.com/jscode/bQIA.js?sub1=&sub2=&sub3=&sub4=&sub5=&prid=63da4aa48002f10001b4598a
IP 104.21.85.99:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /jscode/bQIA.js?sub1=&sub2=&sub3=&sub4=&sub5=&prid=63da4aa48002f10001b4598a HTTP/1.1
Host: alexatracker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 11:19:02 GMT
content-type: application/json; charset=UTF-8
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
cf-cache-status: BYPASS
set-cookie: trbarid=45a904a060a64ced7e34b492d3ef7af2c1c3eea45df98c8e6911b4bf3fbe7042a%3A2%3A%7Bi%3A0%3Bs%3A7%3A%22trbarid%22%3Bi%3A1%3Bi%3A777265004941036197%3B%7D; expires=Wed, 05-Feb-2025 11:19:01 GMT; Max-Age=63503999; path=/; secure; HttpOnly; SameSite=None
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i%2BOwQ46MFZhMlwq9Hk1ZKk%2FnwjnsrFD2cHWdcuYP9qBKENwSnGTzVaRo60dqTEt4o96eJTfYTwgLhUOlz5tfljwGmtAoKW9i703IDj9AHIajcgBT%2BzoO7%2BLgzh%2FyylPoYDzF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792a4a2c78cab511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnstatic.cyber.bet/img/input.png
54.230.111.5200 OK 10 kB URL HTTP/2 cdnstatic.cyber.bet/img/input.png
IP 54.230.111.5:0
File type PNG image data, 684 x 134, 8-bit/color RGBA, non-interlaced\012- data
Hash 029eb00d46a95ea9be209224c3d913db
6437f53a0ac6d920ce054424e379bc4035890d9f
2edf7d5caba07cf65cf390191d6e21b25a0510b09ea2809df2630515e7bccb7f
GET /img/input.png HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdnstatic.cyber.bet/css/global.css
Cookie: _ga_8FYNJV02NV=GS1.1.1675250362.1.0.1675250362.60.0.0; _ga=GA1.2.188777560.1675250362; _gid=GA1.2.883688926.1675250363; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 10123
last-modified: Thu, 07 Apr 2022 09:30:15 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Wed, 01 Feb 2023 11:18:51 GMT
etag: "029eb00d46a95ea9be209224c3d913db"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: IZ5X0RVcPEJ3V6Lxv0__QxQgCDjEECK1scMgybSKQVpveobjJwkDJg==
age: 23
X-Firefox-Spdy: h2
backend.cyberbet.academy/api/affise/land_promocode?promocode=CYBERMAXCAS
34.254.83.154200 OK 712 B URL HTTP/2 backend.cyberbet.academy/api/affise/land_promocode?promocode=CYBERMAXCAS
IP 34.254.83.154:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (710), with no line terminators
Hash cc9dc856478b719988e30efd9922fccb
caa7f35d151bb6293d48255d7e2b6404ab764159
2096f5d36301d0c98e66c6e3dacb312e6674370399b5f6a4ee93ec143d0e665d
GET /api/affise/land_promocode?promocode=CYBERMAXCAS HTTP/1.1
Host: backend.cyberbet.academy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cyber.bet/
Origin: https://cyber.bet
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 11:19:02 GMT
content-type: application/json; charset=utf-8
content-length: 712
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-headers: origin, content-type, accept
etag: W/"2c8-yqfzXRUbtik9SCVdfitkBKt2QVk"
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
static.cyber.bet//xb/uj/c55700c6-fd25-4428-ab94-d164b9de3298.svg
172.66.43.156200 OK 5.2 kB URL HTTP/2 static.cyber.bet//xb/uj/c55700c6-fd25-4428-ab94-d164b9de3298.svg
IP 172.66.43.156:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (9515)
Hash 320e9262f009dd4b52b89ff6b8d42f4f
bdc6596d0f25efed9d06da45bf3e556f77ee810a
0f90e997bfc1b589824b4d06b6ba46ef631a090c454b320c6dd062ba2d5bc29d
GET //xb/uj/c55700c6-fd25-4428-ab94-d164b9de3298.svg HTTP/1.1
Host: static.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1675250362.1.0.1675250362.60.0.0; _ga=GA1.2.188777560.1675250362; _gid=GA1.2.883688926.1675250363; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 11:19:02 GMT
content-type: image/svg+xml
cache-control: public, max-age=31536000
last-modified: Tue, 30 Aug 2022 12:06:01 GMT
x-imgix-id: 9bdf3c27132191386bea4ec4bc43098d462dc9fd
x-imgix-render-farm: 02.552
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10022-SJC, cache-bma1631-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1197467
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ev9uIfr%2FPgq6iQ9jC1fHyvaju3aGdjQKL6Ewz0%2BuT949QLBXdgZ%2BKRkHHqhe4t9aluD5MPVhd%2FLSpIe70h98tBP2R3HgfjzENmD%2BZ8fy2MEX6%2Bchh212FhrKw5KU8ihDc%2B0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792a4a2e5d9cb4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.cyber.bet//nj/mq/749129a1-2b84-46a8-bfc2-36c7fb837f56.svg
172.66.43.156200 OK 4.2 kB URL HTTP/2 static.cyber.bet//nj/mq/749129a1-2b84-46a8-bfc2-36c7fb837f56.svg
IP 172.66.43.156:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1143)
Hash c0213f8fdbc5436a6ef035c1677448c4
c4f6851aa05b121cc361df7a315a0c481a372c7d
69d50e3b73c9f5f69f8d3e9f9e2ad09703a0b7163aadc668e05b70c6dca4f1d5
GET //nj/mq/749129a1-2b84-46a8-bfc2-36c7fb837f56.svg HTTP/1.1
Host: static.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1675250362.1.0.1675250362.60.0.0; _ga=GA1.2.188777560.1675250362; _gid=GA1.2.883688926.1675250363; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 11:19:02 GMT
content-type: image/svg+xml
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 04:06:38 GMT
x-imgix-id: 58d927587a2791fa5ee8dc913a6ff0f83e28f73b
x-imgix-render-farm: 02.552
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10051-SJC, cache-bma1681-BMA
x-cache: MISS, HIT
vary: Accept-Encoding
cf-cache-status: HIT
age: 514984
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=icaYhKh16VIfejGmCZWLOrca%2Bkzt55S0nKm%2BJU3zgwSJ7t3UNi%2BXnsMb6HAlN6kwHqA1tnhR108a5o%2BfM8m9aj0aGAuL8YmsrZrBK6tjhYxabauQ9bVKp2odJuBQ254MSVE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792a4a2e5da0b4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdnstatic.cyber.bet/js/payments.js
54.230.111.5200 OK 75 kB URL HTTP/2 cdnstatic.cyber.bet/js/payments.js
IP 54.230.111.5:0
Hash 6194e6652b79f15dfd67fcc240b27381
49b0ed89740c8d11f43f7a591c695d3549362bed
0c9aa2293917868ae9c74b36c1b86cecf269b4cf1ee3cdd57ba535e39207fed6
GET /js/payments.js HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 24 Jan 2023 12:10:36 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Wed, 01 Feb 2023 11:18:48 GMT
etag: W/"86e0165b432077320adbf690e339604e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ph5SFk9jwl26DZ6yFRaIr8QAVj8J7M1Uq-b_a1Lhf1N4-fwZkV4wsQ==
age: 26
X-Firefox-Spdy: h2
static.cyber.bet//rz/ah/a55f56cd-663f-4587-9ba0-7780f4fffe06.svg
172.66.43.156200 OK 2.3 kB URL HTTP/2 static.cyber.bet//rz/ah/a55f56cd-663f-4587-9ba0-7780f4fffe06.svg
IP 172.66.43.156:0
Hash de44c682b3eebfe4db9f76a577096c85
fee90dd480ebedbdea2e6ff79c8bfe7a1f6ce8a8
e69e2971aa1952f41ecc86a5c912a85b9997138ba9f557b28c14e97a3f265eab
GET //rz/ah/a55f56cd-663f-4587-9ba0-7780f4fffe06.svg HTTP/1.1
Host: static.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1675250362.1.0.1675250362.60.0.0; _ga=GA1.2.188777560.1675250362; _gid=GA1.2.883688926.1675250363; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 11:19:02 GMT
content-type: image/svg+xml
cache-control: public, max-age=31536000
last-modified: Tue, 15 Feb 2022 14:00:23 GMT
x-imgix-id: 124d84afd81dd36ff5dd18c8efb73ffa18bdb828
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10066-SJC, cache-maa10232-MAA
x-cache: HIT, HIT
vary: Accept-Encoding
cf-cache-status: HIT
age: 647400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hLAgOUUE7BGirB72GvxEXgaNSiWjfhbaU%2BoCGwtJ1Lslms304ZvYLIWcGB8hDh4hXoqL34VfTy7TSLZm2psD2wEYT3t6ULY2PkkJFunjlh17BLYIbIat9GzJfaEkJUPFO64%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792a4a2e5da3b4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdnstatic.cyber.bet/js/libs/jquery.nice-select.min.js
54.230.111.5200 OK 4.5 kB URL HTTP/2 cdnstatic.cyber.bet/js/libs/jquery.nice-select.min.js
IP 54.230.111.5:0
Hash 8c9ab6f39f9b12ce59bb004edc54d360
11c5fe6f2725727c0d1c80206c2a0c570257a7bc
c66ba57e53cc6eadb9597497b1d8abfc816ab6a5231245b81b05b246c28dadb2
GET /js/libs/jquery.nice-select.min.js HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 24 Jan 2023 12:10:35 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Wed, 01 Feb 2023 11:19:00 GMT
etag: W/"4e2def5093eb4c4281624db4a5aa8f9c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: qwK2zyfiuHmRdS545fISADOPkP4bHeakXb3RcOsYw9LZdpz-ot8WXA==
age: 3
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 597b80b9b677a90b26e577958566b92c
11d3c076a1eeeacdef203f0385d0786d08f6ad9c
408a21c9450492b13a0c2a10950f837910b996a6fb81c0162bd07fad042a71c7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6062
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 11:19:02 GMT
Etag: "63d9b43d-116"
Last-Modified: Wed, 01 Feb 2023 09:38:00 GMT
Server: ECS (amb/6BC8)
X-Cache: HIT
Content-Length: 278
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a327176edf538c07784f9b0da660c22d
4a56cfcac291dfe1cc177bd3eff976f106731834
aae92a95f747be0bca6982ed7e3e58af8ac74ff69c799b55046ab38474e149dd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 11:19:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a327176edf538c07784f9b0da660c22d
4a56cfcac291dfe1cc177bd3eff976f106731834
aae92a95f747be0bca6982ed7e3e58af8ac74ff69c799b55046ab38474e149dd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 11:19:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
backend.cyberbet.academy/api/land_regs/session
34.254.83.154200 OK 2 B URL HTTP/2 backend.cyberbet.academy/api/land_regs/session
IP 34.254.83.154:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /api/land_regs/session HTTP/1.1
Host: backend.cyberbet.academy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://cyber.bet/
Origin: https://cyber.bet
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 11:19:02 GMT
content-type: text/html; charset=utf-8
content-length: 2
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-headers: origin, content-type, accept
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
static.cyber.bet//vw/ul/f38ce5a4-5465-4e1b-9b88-e542693f572d.svg
172.66.43.156200 OK 2.7 kB URL HTTP/2 static.cyber.bet//vw/ul/f38ce5a4-5465-4e1b-9b88-e542693f572d.svg
IP 172.66.43.156:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1100)
Hash 0cb926e3e9e2b0035dbf5458b5c54e57
30728e1c80e9bda968c2e434cf1f5e966fa854bb
803729400d7c15d4f2d2ba884c82142aa4084aedb3562ebc4c156555b890dbee
GET //vw/ul/f38ce5a4-5465-4e1b-9b88-e542693f572d.svg HTTP/1.1
Host: static.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1675250362.1.0.1675250362.60.0.0; _ga=GA1.2.188777560.1675250362; _gid=GA1.2.883688926.1675250363; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 11:19:02 GMT
content-type: image/svg+xml
cache-control: public, max-age=31536000
last-modified: Tue, 15 Feb 2022 14:02:28 GMT
x-imgix-id: be499ee77bb9f13f4e61b37ea512299d94aa8c27
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10068-SJC, cache-maa10242-MAA
x-cache: HIT, MISS
vary: Accept-Encoding
cf-cache-status: HIT
age: 1007771
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sngzvh6fQiZxxciedaGwG0%2BjFp923yju37%2FVwQoaSnmM%2FJZyeE66BtwUtb9yhIlbbi%2FYgn1eQUr4C%2B7R8zqqBC5f9CyOHPmG98t1k7FJLDOXdT%2BtRniUb%2B0aRwoZJvTVNb0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792a4a2e6daab4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2
adjs.media/resources/content/cyberbet.js
104.21.57.187200 OK 3.4 kB URL HTTP/2 adjs.media/resources/content/cyberbet.js
IP 104.21.57.187:0
File type ASCII text, with very long lines (2884)
Hash cb6805c7c59e8817045f1586c43d0eac
3ed1cd5762fcefe0caf6064714c30f0076821bd6
73e1838d82552807dac6d07debd6521a4fb210cabc275c302437dc4d977fc323
GET /resources/content/cyberbet.js HTTP/1.1
Host: adjs.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 11:19:01 GMT
content-type: text/javascript; charset=utf-8
status: 200 OK
cache-control: no-cache
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 7b3b4237-674a-4bde-bc87-ff9bf78e0122
x-download-options: noopen
etag: W/"bd06ea929f643a4924378f7eca9deb90"
x-runtime: 0.002299
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PZf9FPCGo1zwyI4oKcLpVuRwR3euJJcVgWMXEIfCcBc1JPTnyjEpQnzaxP9r%2FCf0IW5peSjjhTR%2BRGcQe0bjySlb1Y2RRFjOPL1edxLcLlXHZiW59BK3FooCUuPE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792a4a261b5cb506-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e0bc98d03057dabba1334b62bea0975b
b358a8123908fe4b1c94a1273cac45c4e23b212e
10ef320ba825ca0e17d039b66fd2f321f4d2c687a8734d226fa25e9b45e109d9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 11:19:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
backend.cyberbet.academy/api/land_regs/session
34.254.83.154200 OK 8 B URL HTTP/2 backend.cyberbet.academy/api/land_regs/session
IP 34.254.83.154:0
File type ASCII text, with no line terminators
Hash 758d03240938c9a7a4709e26a48a385e
074a01d890236171824843af0482dc38050d0fc7
c852c2aa5cabf215aba5ff49e32623938e1185ee17817b9e797d3f0452da27db
POST /api/land_regs/session HTTP/1.1
Host: backend.cyberbet.academy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cyber.bet/
Content-Type: application/json;charset=utf-8
Origin: https://cyber.bet
Content-Length: 255
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 11:19:02 GMT
content-type: application/json; charset=utf-8
content-length: 8
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-headers: origin, content-type, accept
etag: W/"8-B0oB2JAjYXGCSEOvBILcOAUND8c"
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 597b80b9b677a90b26e577958566b92c
11d3c076a1eeeacdef203f0385d0786d08f6ad9c
408a21c9450492b13a0c2a10950f837910b996a6fb81c0162bd07fad042a71c7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6062
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 11:19:02 GMT
Last-Modified: Wed, 01 Feb 2023 09:38:00 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 278
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 199bb3686e2305492a8e928b187b107a
ab037860b21a7d474e2031d3cfe0c64b7081ac50
f168ac90c2d2d9f55f3589842036633df71aafd87b686a6f91b1a676faab63a1
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=131046
Date: Wed, 01 Feb 2023 11:19:02 GMT
Etag: "63d9a78c-1d7"
Expires: Thu, 02 Feb 2023 23:43:08 GMT
Last-Modified: Tue, 31 Jan 2023 23:43:08 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 3JzZTSI6-rkd3aXVf7N6GnSlj6v7hZUuSLX6gyl2Lf2J5lj-EwoHJQ==
cdnstatic.cyber.bet/css/iti/intlTelInput.css
54.230.111.5200 OK 3.2 kB URL HTTP/2 cdnstatic.cyber.bet/css/iti/intlTelInput.css
IP 54.230.111.5:0
Hash a1ac08ac08b191f6a6b6f5a301ad1871
4d0cbebe67fc46e03766fefc69e0c9c4bba20aa5
5fdc235e9df5d6588b96d1debf0e9ef7e8da9bb5ce1a4c3d195ca4e0b86132de
GET /css/iti/intlTelInput.css HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1675250362.1.0.1675250362.60.0.0; _ga=GA1.2.188777560.1675250362; _gid=GA1.2.883688926.1675250363; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Tue, 24 Jan 2023 12:10:32 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Wed, 01 Feb 2023 11:18:51 GMT
etag: W/"a69aa970266649e0b08c2cb4bc166568"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: apGXf7uQGov3Er8gcQQ7unlEGWaAjVGOzZ5cGGy8w_lZx5rBQMImGg==
age: 16
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash c777675e41e9045ce88ced5783717ae7
4f86fa976ada60cd81fdad71213e80f47b3f4d9d
1df71004b318cee0b1c86ee9f76b8b4d25723d512af9a7443e69a4d69c6ef329
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2983
Cache-Control: max-age=159573
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 11:19:02 GMT
Etag: "63da0b54-116"
Expires: Fri, 03 Feb 2023 07:38:35 GMT
Last-Modified: Wed, 01 Feb 2023 06:48:52 GMT
Server: ECS (amb/6BC0)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash c777675e41e9045ce88ced5783717ae7
4f86fa976ada60cd81fdad71213e80f47b3f4d9d
1df71004b318cee0b1c86ee9f76b8b4d25723d512af9a7443e69a4d69c6ef329
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2983
Cache-Control: max-age=159573
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 11:19:02 GMT
Etag: "63da0b54-116"
Expires: Fri, 03 Feb 2023 07:38:35 GMT
Last-Modified: Wed, 01 Feb 2023 06:48:52 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash e4d70e712631ab396e01046bc154b92a
e50dc9f7405b4a90213851bb03b06d63ba666c6c
62e3a9d11a4cde244300ec267387d299e457098d331ef7570d127ef117c3b188
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5050
Cache-Control: max-age=100795
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 11:19:02 GMT
Etag: "63d91da7-117"
Expires: Thu, 02 Feb 2023 15:18:57 GMT
Last-Modified: Tue, 31 Jan 2023 13:54:47 GMT
Server: ECS (amb/6BC0)
X-Cache: HIT
Content-Length: 279
br.betano.com/?btag=a_19851b_2181c_[CustomMergeFields]&siteid=19851
104.17.85.89302 Found 0 B URL HTTP/2 br.betano.com/?btag=a_19851b_2181c_[CustomMergeFields]&siteid=19851
IP 104.17.85.89:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?btag=a_19851b_2181c_[CustomMergeFields]&siteid=19851 HTTP/1.1
Host: br.betano.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://adtraffic.agency/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 01 Feb 2023 11:19:02 GMT
content-length: 0
location: /myaccount/ban/country-341629?alt=true
x-farm: 12
x-cacheable-status: 302
age: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-store
cf-cache-status: DYNAMIC
set-cookie: sticky=stx56.599
__cf_bm=c5Rjq2DIENWJwisRBPFSPVzJz2rz6TeWFrKtJb4LSjQ-1675250342-0-AbfQ75fo5JP3HNdzVAWMAoirW8w+mr7+nHnbIwltQb5keNkBancO0hB/u+cJOgCvCkpTJ8EZL6Q+eSsY7qcHVp0=; path=/; expires=Wed, 01-Feb-23 11:49:02 GMT; domain=.betano.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 792a4a327fd4b50f-OSL
X-Firefox-Spdy: h2
gml-grp.com/C.ashx?btag=a_19851b_2181c_&affid=5253&siteid=19851&adid=2181&c=&AutoR=1
188.114.97.1302 Found 666 B URL HTTP/2 gml-grp.com/C.ashx?btag=a_19851b_2181c_&affid=5253&siteid=19851&adid=2181&c=&AutoR=1
IP 188.114.97.1:0
Hash d29ce24a18ea346c5e08826931918eb7
d6224dc32803fa6c0d827e6a983494eed26e1108
9bac936764c6afa3a775af0249df9f8649ea21df2bf24dc57d3797fff6f3e6ae
GET /C.ashx?btag=a_19851b_2181c_&affid=5253&siteid=19851&adid=2181&c=&AutoR=1 HTTP/1.1
Host: gml-grp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://adtraffic.agency/
Connection: keep-alive
Cookie: CEK=a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Wed, 01 Feb 2023 11:19:02 GMT
content-type: text/html; charset=utf-8
location: https://br.betano.com?btag=a_19851b_2181c_[CustomMergeFields]&siteid=19851
cache-control: private
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
x-aspnet-version: 4.0.30319
set-cookie: XYZ=3&1&148&&&&0&1&&b4aa6056-83f6-4154-8b83-34294b51e5ca&&a_19851b_2181&; expires=Tue, 02-May-2023 11:19:02 GMT; path=/; SameSite=None; Secure
A_2181=a=2181&r=0&fv=0&lv=0&vc=0&fc=20230201&lc=20230201111902&cc=1; expires=Tue, 02-May-2023 11:19:02 GMT; path=/; SameSite=None; Secure
PM_20=c=&s=19851&ad=2181&md=0&pm=20&d=20230201111902&ip=2728320643&r=0&ref=https://adtraffic.agency/&RedirectParams=btag%3da_19851b_2181c_%5bCustomMergeFields%5d%26siteid%3d19851; expires=Tue, 02-May-2023 11:19:02 GMT; path=/; SameSite=None; Secure
CEK=a; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; SameSite=None; Secure
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u9mt%2FOzHvmII%2F%2BmDCgr%2FklXBzvdvhXhAh%2FDujFBtFHpQK8tu1lb2HnizVhbhE5mzoQ8l41FLA3FL9o7Uvt8sIlC1oGB9EIO9OPUKNRb0d%2BmSbpIrqT9WFgzrcLEaVg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792a4a319b03b4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pool.admedo.com/pixel?id=148776&t=js
35.210.53.219302 Found 0 B URL HTTP/2 pool.admedo.com/pixel?id=148776&t=js
IP 35.210.53.219:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel?id=148776&t=js HTTP/1.1
Host: pool.admedo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Wed, 01 Feb 2023 11:19:03 GMT
location: https://pool.admedo.com/ul_cb/pixel?id=148776&t=js
set-cookie: tuuid=340c3336-e63a-415d-9156-5070a312d955; path=/; expires=Thu, 01-Feb-2024 11:19:03 GMT
c=1675250343; path=/; expires=Thu, 01-Feb-2024 11:19:03 GMT
tuuid_lu=1675250343; path=/; expires=Thu, 01-Feb-2024 11:19:03 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pool.admedo.com/ul_cb/pixel?id=148776&t=js
35.210.53.219200 OK 0 B URL HTTP/2 pool.admedo.com/ul_cb/pixel?id=148776&t=js
IP 35.210.53.219:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ul_cb/pixel?id=148776&t=js HTTP/1.1
Host: pool.admedo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cyber.bet/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-length: 0
content-type: text/javascript; charset=UTF-8
date: Wed, 01 Feb 2023 11:19:03 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57810a89-c2fa-4da6-8c38-d7ab4682343c.jpeg
34.120.237.76200 OK 4.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57810a89-c2fa-4da6-8c38-d7ab4682343c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 23fba3309226071f6f44081c3a92bc0b
21119ea71d26ab157ec491f9cf68918d63310fb4
b29c1f3f6966e08bd3954275c8d2a3ae44a352b41e5d3f04203b55f65708fafc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57810a89-c2fa-4da6-8c38-d7ab4682343c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 4588
x-amzn-requestid: 1d726cce-35c6-42d7-a592-8f22f1bd310a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmJr4GXvoAMFXvA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8bcb2-71af755c24ba2e9a39f17451;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:01:06 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: DzgQlPECoiRf-pZjVVk-EsjIl0kVj0b-BfiWBgUEFamma1pYDUMP6A==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 14:29:26 GMT
age: 74979
etag: "21119ea71d26ab157ec491f9cf68918d63310fb4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdnstatic.cyber.bet/js/libs/phone/utils.js
54.230.111.5200 OK 0 B URL HTTP/2 cdnstatic.cyber.bet/js/libs/phone/utils.js
IP 54.230.111.5:0
GET /js/libs/phone/utils.js HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1675250362.1.0.1675250362.60.0.0; _ga=GA1.2.188777560.1675250362; _gid=GA1.2.883688926.1675250363; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 24 Jan 2023 12:10:35 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Wed, 01 Feb 2023 11:18:14 GMT
etag: W/"8f3a2154b225b6257161c4dfc9b89c9c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: qNFxSZk-2laK-QILsN_7W48cQZjIRcQPDZ_tEJr4U96ubq7XGz8Dvw==
age: 59
X-Firefox-Spdy: h2
zeniocloud.com/bQIA.js?prid=63da4aa48002f10001b4598a&sub2=
167.114.67.56200 OK 0 B URL HTTP/2 zeniocloud.com/bQIA.js?prid=63da4aa48002f10001b4598a&sub2=
IP 167.114.67.56:0
GET /bQIA.js?prid=63da4aa48002f10001b4598a&sub2= HTTP/1.1
Host: zeniocloud.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 01 Feb 2023 11:19:01 GMT
content-type: text/html; charset=UTF-8
content-encoding: gzip
X-Firefox-Spdy: h2
static.cyber.bet//wt/ry/aa27642b-8721-4fd0-8c84-c3e841f603b4.svg
172.66.43.156200 OK 0 B URL HTTP/2 static.cyber.bet//wt/ry/aa27642b-8721-4fd0-8c84-c3e841f603b4.svg
IP 172.66.43.156:0
GET //wt/ry/aa27642b-8721-4fd0-8c84-c3e841f603b4.svg HTTP/1.1
Host: static.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1675250362.1.0.1675250362.60.0.0; _ga=GA1.2.188777560.1675250362; _gid=GA1.2.883688926.1675250363; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 11:19:02 GMT
content-type: image/svg+xml
cache-control: public, max-age=31536000
last-modified: Sun, 27 Nov 2022 13:15:26 GMT
x-imgix-id: befd1e5b23a603e2ad9e7e0e220abae092937310
x-imgix-render-farm: 02.552
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10033-SJC, cache-bma1648-BMA
x-cache: HIT, MISS
vary: Accept-Encoding
cf-cache-status: HIT
age: 1197467
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QdobOr9neMvxbGm4K5R6QC8lx4xvSsq4YT2KhWkIo1f8IK6%2BbBA3DDqWLuzkadr%2FNjizQeLivN4Nr5u%2BkcmF%2BEtUoxxpsaq7pouQQl044SpgkcTFhoeOGZgF5khkM9jcxeE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792a4a2e5da2b4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2
cyber.bet/land/casino_red_pbn868/css/form.css
172.66.43.156200 OK 0 B URL HTTP/2 cyber.bet/land/casino_red_pbn868/css/form.css
IP 172.66.43.156:0
GET /land/casino_red_pbn868/css/form.css HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_red_pbn868/?cid=63da4aa48002f10001b4598a&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_casino&promocode=CYBERMAXCAS&subid2=&subid3=&aff_bnnr=&aff_land=1666276955
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 11:19:00 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=9305
etag: W/"63502f95-2459"
last-modified: Wed, 19 Oct 2022 17:10:45 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 7176
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D%2FwCvcfFK3J45PIZ9sQV6TjHkYSahjTHMvx5jgR8bXufb7KRiOgxnkUxBWB6GNVW5ZKb%2B29fzQ4irotLButPYGJ5ykPyTxvyIAUsHjERzoY2de2l25Ij1mRoug%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792a4a24fee3b4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2
br.betano.com/myaccount/ban/country-341629?alt=true
104.17.85.89200 OK 0 B URL HTTP/2 br.betano.com/myaccount/ban/country-341629?alt=true
IP 104.17.85.89:0
GET /myaccount/ban/country-341629?alt=true HTTP/1.1
Host: br.betano.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://adtraffic.agency/
Connection: keep-alive
Cookie: __cf_bm=c5Rjq2DIENWJwisRBPFSPVzJz2rz6TeWFrKtJb4LSjQ-1675250342-0-AbfQ75fo5JP3HNdzVAWMAoirW8w+mr7+nHnbIwltQb5keNkBancO0hB/u+cJOgCvCkpTJ8EZL6Q+eSsY7qcHVp0=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 11:19:02 GMT
content-type: text/html; charset=utf-8
content-security-policy: frame-ancestors https://*.betano.com:*
x-farm: BR-MYACCOUNT11
age: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-store
set-cookie: __RequestVerificationToken=q360ylgU7cXIcNc9RCgQhF9xAMRmUWX6uqj4e6IKeLzxaPRpyMTwiEwveDigpuMtYlVBS0q9NNL-EpIXGey9KzVvb0066ymuMcS1LHunhBM1; path=/; secure; HttpOnly
sticky=stx4.881
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 792a4a32f8a7b50f-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.cyber.bet//fw/ex/770b02e2-890b-47f9-9097-5ce9131c6dae.svg
172.66.43.156200 OK 0 B URL HTTP/2 static.cyber.bet//fw/ex/770b02e2-890b-47f9-9097-5ce9131c6dae.svg
IP 172.66.43.156:0
GET //fw/ex/770b02e2-890b-47f9-9097-5ce9131c6dae.svg HTTP/1.1
Host: static.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1675250362.1.0.1675250362.60.0.0; _ga=GA1.2.188777560.1675250362; _gid=GA1.2.883688926.1675250363; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 11:19:02 GMT
content-type: image/svg+xml
cache-control: public, max-age=31536000
last-modified: Tue, 15 Feb 2022 13:53:49 GMT
x-imgix-id: 3071167306fd7e404ce6c9d0b6695258dcb9f78c
x-imgix-render-farm: 02.552
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10063-SJC, cache-bma1621-BMA
x-cache: HIT, MISS
vary: Accept-Encoding
cf-cache-status: HIT
age: 514984
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mr%2FlUIkjTV3dUSzkWllbEFR6PhzecG6E9UMQfzIj%2B5CAjQc4CtfyrQQJuc9XuD34uw4bU%2FdQbjj4cLxZkZKwdar10v8pjZikycQWz8DprDWljOYYzzaKxsd8%2BOcZW0aC5Nk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792a4a2e6da8b4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.cyber.bet//hi/an/6ce04cc3-d308-42ee-8f2d-04e0a81e7319.svg
172.66.43.156200 OK 0 B URL HTTP/2 static.cyber.bet//hi/an/6ce04cc3-d308-42ee-8f2d-04e0a81e7319.svg
IP 172.66.43.156:0
GET //hi/an/6ce04cc3-d308-42ee-8f2d-04e0a81e7319.svg HTTP/1.1
Host: static.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1675250362.1.0.1675250362.60.0.0; _ga=GA1.2.188777560.1675250362; _gid=GA1.2.883688926.1675250363; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 11:19:02 GMT
content-type: image/svg+xml
cache-control: public, max-age=31536000
last-modified: Fri, 13 May 2022 15:59:53 GMT
x-imgix-id: 0d9a0eb61d73b4e7f1e6f9d63934aa27a4dabba7
x-imgix-render-farm: 02.552
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10077-SJC, cache-bma1665-BMA
x-cache: HIT, MISS
vary: Accept-Encoding
cf-cache-status: HIT
age: 647400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NBvyhTQX6l3Py%2B%2BLrFDJw4vf8XZ5vjUJFKk%2BNQ7JcFU2ww5hEfT%2BGPEKa%2BlSnlDd%2FRAj9YsqXTVdJdWePb4hlJi8dgDMgkAbo7dr2D0q2pjKJLc1YAzh9TIic94m3HRpIsA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792a4a2e5d9eb4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2
cyber.bet/land/casino_red_pbn868/css/common.css
172.66.43.156200 OK 0 B URL HTTP/2 cyber.bet/land/casino_red_pbn868/css/common.css
IP 172.66.43.156:0
GET /land/casino_red_pbn868/css/common.css HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_red_pbn868/?cid=63da4aa48002f10001b4598a&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_casino&promocode=CYBERMAXCAS&subid2=&subid3=&aff_bnnr=&aff_land=1666276955
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 11:19:00 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=2676
etag: W/"63502f95-a74"
last-modified: Wed, 19 Oct 2022 17:10:45 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 7176
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rAjrKDfcsq%2BmzUlVVCdteX6Y9Wl6Vn8Wxm9tdr9KuJR6HN0IEx8WpZ8m5MixuepJ7DgqCNXJweh5aPH4%2Bc3g3J0Xey6tKf%2BqkTzonZYk3BwuOoHxLHHs7zzN3g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792a4a24fedfb4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.cyber.bet//fs/kc/17bc1130-a40d-4486-8805-8edc5e3ab5e0.svg
172.66.43.156200 OK 0 B URL HTTP/2 static.cyber.bet//fs/kc/17bc1130-a40d-4486-8805-8edc5e3ab5e0.svg
IP 172.66.43.156:0
GET //fs/kc/17bc1130-a40d-4486-8805-8edc5e3ab5e0.svg HTTP/1.1
Host: static.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1675250362.1.0.1675250362.60.0.0; _ga=GA1.2.188777560.1675250362; _gid=GA1.2.883688926.1675250363; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 11:19:02 GMT
content-type: image/svg+xml
cache-control: public, max-age=31536000
last-modified: Sat, 26 Nov 2022 04:32:34 GMT
x-imgix-id: eaa9a5ceb4ef9ff91d93849720aab7cfa394d578
x-imgix-render-farm: 02.552
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10054-SJC, cache-bma1648-BMA
x-cache: HIT, MISS
vary: Accept-Encoding
cf-cache-status: HIT
age: 647400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zwYQMfxomIDeZkUBILBkO61vxiK9srZbWorBbcBqtZkQihv5lQKHNpklNOFRmqOr%2FlcrQoG4fmHzGBcHmGSipvIx65Qr8OC0i3aaFbjdLeCNk7FUm4hwaju9Iq%2BfZY9w%2BlM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792a4a2e7dcdb4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdnstatic.cyber.bet/js/libs/phone/intlTelInput.js
54.230.111.5200 OK 0 B URL HTTP/2 cdnstatic.cyber.bet/js/libs/phone/intlTelInput.js
IP 54.230.111.5:0
GET /js/libs/phone/intlTelInput.js HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1675250362.1.0.1675250362.60.0.0; _ga=GA1.2.188777560.1675250362; _gid=GA1.2.883688926.1675250363; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 24 Jan 2023 12:10:35 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Wed, 01 Feb 2023 11:18:51 GMT
etag: W/"c73ba86bd67306c5889e9aac41e959e0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: QDeYmqspHZK4hlQAdwoJT3WKt0Eb-4oOxgDUq9sL9HV6NkeBESlidg==
age: 15
X-Firefox-Spdy: h2
cyber.bet/land/casino_red_pbn868/?cid=63da4aa48002f10001b4598a&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_casino&promocode=CYBERMAXCAS&subid2=&subid3=&aff_bnnr=&aff_land=1666276955
172.66.43.156200 OK 0 B URL HTTP/2 cyber.bet/land/casino_red_pbn868/?cid=63da4aa48002f10001b4598a&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_casino&promocode=CYBERMAXCAS&subid2=&subid3=&aff_bnnr=&aff_land=1666276955
IP 172.66.43.156:0
GET /land/casino_red_pbn868/?cid=63da4aa48002f10001b4598a&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_casino&promocode=CYBERMAXCAS&subid2=&subid3=&aff_bnnr=&aff_land=1666276955 HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://orest-vlv.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 11:19:00 GMT
content-type: text/html
last-modified: Fri, 04 Nov 2022 16:57:42 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QMNrP7gBtv5fWtRCwMbFXKE1u%2BVeBPVEzH6UiI3LsvCoo7aux5Je2sLvj3sFpNVQaQCQdmqZl2SwD1St6ZXKrWnR0m5hn2G6esbz9lS7MZERZJAq2vJ%2FmNN8Xg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792a4a242d7bb4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdnstatic.cyber.bet/css/libs/nice-select.css
54.230.111.5200 OK 0 B URL HTTP/2 cdnstatic.cyber.bet/css/libs/nice-select.css
IP 54.230.111.5:0
GET /css/libs/nice-select.css HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: text/css
last-modified: Tue, 24 Jan 2023 12:10:32 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Wed, 01 Feb 2023 11:18:26 GMT
etag: W/"b83506d101e8a03948d5c01e83da2b8e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: om-PmFoIw1kE5VaH1cYZIGmcQSqy1mtUcihm1rvE1RBciNW1RBIFsQ==
age: 35
X-Firefox-Spdy: h2
notix.io/ent/current/enot.min.js
139.45.240.92200 OK 0 B URL HTTP/2 notix.io/ent/current/enot.min.js
IP 139.45.240.92:0
GET /ent/current/enot.min.js HTTP/1.1
Host: notix.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 11:18:55 GMT
content-type: application/javascript
last-modified: Wed, 01 Feb 2023 09:48:32 GMT
etag: W/"63da3570-14283"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
pj.l.admedo.com/admtracker.lib.min.js
54.230.111.20200 OK 0 B URL HTTP/2 pj.l.admedo.com/admtracker.lib.min.js
IP 54.230.111.20:0
GET /admtracker.lib.min.js HTTP/1.1
Host: pj.l.admedo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 25 Aug 2020 14:10:14 GMT
server: AmazonS3
content-encoding: gzip
date: Wed, 01 Feb 2023 11:16:45 GMT
cache-control: public,max-age=900
etag: W/"5a420213029638ecea775a40089898aa"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: YeyRl0PBg5XvWHAmBh7qc8U5vmUknn4PjXB1WHivsxenBzCo2cF4eg==
age: 140
X-Firefox-Spdy: h2
static.cyber.bet//us/va/9e380f15-f52c-4b37-9e1a-ee1e29eda72f.svg
172.66.43.156200 OK 0 B URL HTTP/2 static.cyber.bet//us/va/9e380f15-f52c-4b37-9e1a-ee1e29eda72f.svg
IP 172.66.43.156:0
GET //us/va/9e380f15-f52c-4b37-9e1a-ee1e29eda72f.svg HTTP/1.1
Host: static.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1675250362.1.0.1675250362.60.0.0; _ga=GA1.2.188777560.1675250362; _gid=GA1.2.883688926.1675250363; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 11:19:02 GMT
content-type: image/svg+xml
cache-control: public, max-age=31536000
last-modified: Tue, 15 Feb 2022 14:01:52 GMT
x-imgix-id: 5009dab7bf9c2c57dfc23b32759803b69d7d3cb3
x-imgix-render-farm: 01.1064
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10049-SJC, cache-bma1666-BMA
x-cache: HIT, MISS
vary: Accept-Encoding
cf-cache-status: HIT
age: 647400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oqbL0BLWPO4Fj23B9NUvO5n0ZFq445Fbexv34YzKobTQVP6FM5guwpRwDjxnYZF1AC%2BQPsszTLma8dLooLSEtbGE6p0vADL%2BUKMoZGb%2F%2BqSa4F0b9tcunAXu7oJKjECymsA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792a4a2e5da4b4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.cyber.bet//rp/gc/3a3b6125-5608-486b-8f79-4497ca3badfe.svg
172.66.43.156200 OK 0 B URL HTTP/2 static.cyber.bet//rp/gc/3a3b6125-5608-486b-8f79-4497ca3badfe.svg
IP 172.66.43.156:0
GET //rp/gc/3a3b6125-5608-486b-8f79-4497ca3badfe.svg HTTP/1.1
Host: static.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1675250362.1.0.1675250362.60.0.0; _ga=GA1.2.188777560.1675250362; _gid=GA1.2.883688926.1675250363; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 11:19:02 GMT
content-type: image/svg+xml
cache-control: public, max-age=31536000
last-modified: Tue, 15 Feb 2022 14:00:10 GMT
x-imgix-id: 854adac84f9266f0b69e2c7ea9353daa4bedcf8d
x-imgix-render-farm: 02.552
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10068-SJC, cache-bma1650-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
cf-cache-status: HIT
age: 514984
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ayz%2FdObEJDAL2YxKV7x5iodm%2FI04O5U53%2BF8dBRoWgMELqjtYxGtbvsASkceQ5Hd%2Fom7voxxFrFH9mPnZHzAlK9OpWSJ0LyNgJTN4%2B7%2FYL0PmWufkpaHV90qww1IsJ4On%2B8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792a4a2e6da6b4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2
gml-grp.com/C.ashx?btag=a_19851b_2181c_&affid=5253&siteid=19851&adid=2181&c=
188.114.97.1302 Found 0 B URL HTTP/2 gml-grp.com/C.ashx?btag=a_19851b_2181c_&affid=5253&siteid=19851&adid=2181&c=
IP 188.114.97.1:0
GET /C.ashx?btag=a_19851b_2181c_&affid=5253&siteid=19851&adid=2181&c= HTTP/1.1
Host: gml-grp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://adtraffic.agency/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 01 Feb 2023 11:19:02 GMT
content-type: text/html; charset=utf-8
cache-control: private
location: //gml-grp.com/C.ashx?btag=a_19851b_2181c_&affid=5253&siteid=19851&adid=2181&c=&AutoR=1
x-aspnet-version: 4.0.30319
set-cookie: CEK=a; expires=Tue, 02-May-2023 11:19:02 GMT; path=/; SameSite=None; Secure
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OhO%2FF%2BKXGm6BfnBMpUD9BzIJDTxMraN%2BQcDdGwFrmgongzFve%2BirKJ6gDAN2esQ43ifoMVySJ%2FpJMw5WwBN8mxzLyABjRTREz7uAvWHFNiPFO7jS9zt%2FdTpNyUQA5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792a4a313a78b4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2