Overview

URL bizzoreg.com/casino/slots
IP104.26.3.121
ASNCLOUDFLARENET
Location United States
Report completed2022-09-06 12:06:44 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-06 2 c4457c89-e5ba-4d22-92e5-c2959310ee85.snippet.antillephone.com/sealassets/c8 (...) Malware
2022-09-06 2 c4457c89-e5ba-4d22-92e5-c2959310ee85.snippet.antillephone.com/apg-seal.js Malware
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

URL api.livechatinc.com/v3.3/customer/action/check_goals?license_id=9054575
IP  23.36.79.16
Magic gzip compressed data, max compression\012- data
Size 687
MD5 1cda8952e05ddca59e26836b02f920d0
SHA1 29d8f786a85835468f0098f5220595cdf161b1d4
SHA256 7261211afec41e231bec1e3283ca658f43b3f394e9ad011eb076a2ae9f513d18
Analyzer Analysed Verdict Comment
VirusTotal 0/0


Passive DNS (55)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS platform.bizzocasino.com (24) 0 2022-01-12 13:05:28 UTC 2022-09-06 08:35:50 UTC 172.67.68.182 Domain (bizzocasino.com) ranked at: 291590
mnemonic passive DNS accounts.livechatinc.com (1) 7698 2017-07-31 05:50:56 UTC 2022-09-06 05:34:05 UTC 23.36.79.16
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-09-06 04:42:27 UTC 143.204.55.27
mnemonic passive DNS ocsp.digicert.com (2) 86 2012-05-21 07:02:23 UTC 2022-09-06 06:14:31 UTC 93.184.220.29
mnemonic passive DNS bizzocasino.com (22) 291590 2021-07-06 13:20:32 UTC 2022-09-06 07:13:14 UTC 172.67.68.182
mnemonic passive DNS fonts.gstatic.com (1) 0 2014-08-29 13:43:22 UTC 2022-09-06 04:40:06 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS track.trackingtraffo.com (1) 0 2021-12-15 22:48:04 UTC 2022-09-06 10:02:32 UTC 88.214.206.175 Unknown ranking
mnemonic passive DNS cdn.livechatinc.com (4) 6288 2012-06-22 08:37:34 UTC 2022-09-06 05:45:24 UTC 23.36.79.16
mnemonic passive DNS r3.o.lencr.org (6) 344 2020-12-02 08:52:13 UTC 2022-09-06 04:41:22 UTC 23.36.76.226
mnemonic passive DNS cdn.softswiss.net (30) 412286 2015-07-09 16:04:37 UTC 2022-09-06 08:35:52 UTC 104.17.116.131
mnemonic passive DNS a.sportradarserving.com (4) 2372 2019-05-18 08:44:07 UTC 2022-09-06 05:01:08 UTC 35.156.185.100
mnemonic passive DNS zz.connextra.com (1) 14652 2014-03-20 17:05:16 UTC 2022-09-06 08:35:49 UTC 104.88.23.60
mnemonic passive DNS tags.feedad.com (1) 26948 2019-10-23 18:30:02 UTC 2022-09-06 06:18:26 UTC 216.239.32.21
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-06 05:16:49 UTC 143.204.55.49
mnemonic passive DNS main.exdynsrv.com (1) 91821 2017-01-30 11:01:34 UTC 2022-09-06 08:33:34 UTC 95.211.229.246
mnemonic passive DNS ocsp.entrust.net (1) 1208 2013-07-24 12:09:14 UTC 2022-09-06 04:39:51 UTC 104.110.10.32
mnemonic passive DNS www.google-analytics.com (1) 40 2012-10-03 01:04:21 UTC 2022-09-06 06:14:56 UTC 216.239.38.178
mnemonic passive DNS bizzoreg.com (2) 0 2021-07-30 10:10:29 UTC 2022-09-06 08:36:04 UTC 172.67.68.203 Unknown ranking
mnemonic passive DNS c4457c89-e5ba-4d22-92e5-c2959310ee85.snippet.antillephone.com (4) 580028 2019-04-26 16:46:17 UTC 2022-09-06 08:35:49 UTC 54.230.111.60
mnemonic passive DNS www.googletagmanager.com (1) 75 2012-12-25 14:52:06 UTC 2022-09-06 04:39:51 UTC 142.250.74.72
mnemonic passive DNS casino.cur.a8r.games (1) 336046 2021-05-15 15:15:03 UTC 2022-09-06 09:56:42 UTC 172.64.145.200
mnemonic passive DNS sentry.softlabs.com (1) 0 2021-11-03 07:02:43 UTC 2022-09-06 08:35:51 UTC 172.67.71.55 Unknown ranking
mnemonic passive DNS ocsp.pki.goog (10) 175 2017-06-14 07:23:31 UTC 2022-09-06 04:40:10 UTC 142.250.74.3
mnemonic passive DNS ocsp.sectigo.com (5) 487 2018-12-17 11:31:55 UTC 2022-09-06 07:27:18 UTC 172.64.155.188
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-06 04:40:31 UTC 34.117.237.239
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-06 04:43:30 UTC 35.163.196.193
mnemonic passive DNS region1.google-analytics.com (1) 0 2022-03-17 11:26:33 UTC 2022-09-06 04:51:59 UTC 216.239.34.36 Domain (google-analytics.com) ranked at: 8401
mnemonic passive DNS assets.customer.io (1) 19446 2013-05-31 16:10:41 UTC 2022-09-06 08:35:49 UTC 54.230.111.79
mnemonic passive DNS tm.ads.sportradar.com (1) 40177 2019-07-25 10:47:51 UTC 2022-09-06 05:15:06 UTC 23.36.79.43
mnemonic passive DNS tsyndicate.com (1) 13042 2017-03-16 09:04:54 UTC 2022-09-06 06:02:57 UTC 78.46.40.103
mnemonic passive DNS tag.growthbuddy.app (1) 470040 2020-11-30 13:00:05 UTC 2022-09-06 08:35:49 UTC 52.49.49.188
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-06 04:01:54 UTC 34.120.237.76
mnemonic passive DNS secure.livechatinc.com (1) 6541 2012-08-20 19:27:12 UTC 2022-09-06 04:44:00 UTC 23.36.79.16
mnemonic passive DNS ctrack.trafficjunky.net (1) 27301 2014-03-23 22:43:38 UTC 2022-09-06 04:58:42 UTC 66.254.114.89
mnemonic passive DNS www.google.com (1) 7 2017-01-29 11:48:58 UTC 2022-09-06 08:44:16 UTC 142.250.74.164
mnemonic passive DNS d2i76d1bskcqlp.cloudfront.net (134) 0 2022-03-01 15:03:20 UTC 2022-09-06 07:13:14 UTC 54.230.245.22 Unknown ranking
mnemonic passive DNS track-eu.customer.io (1) 451044 2021-05-19 17:12:05 UTC 2022-09-06 07:13:14 UTC 34.120.129.162
mnemonic passive DNS bizzoreg.com (2) 0 2021-07-30 10:10:29 UTC 2022-09-06 08:36:04 UTC 104.26.3.121 Unknown ranking
mnemonic passive DNS fonts.googleapis.com (2) 8877 2014-07-21 13:19:55 UTC 2022-09-06 05:20:18 UTC 142.250.74.10
mnemonic passive DNS main.realsrv.com (1) 91110 2019-02-11 13:11:59 UTC 2022-09-06 08:33:34 UTC 95.211.229.246
mnemonic passive DNS main.exoclick.com (1) 33599 2015-09-01 10:25:49 UTC 2022-09-06 04:58:42 UTC 95.211.229.246
mnemonic passive DNS my.rtmark.net (2) 9054 2017-08-22 14:11:49 UTC 2022-09-06 10:00:53 UTC 139.45.195.8
mnemonic passive DNS e1.o.lencr.org (1) 6159 2021-08-20 07:36:30 UTC 2022-09-06 04:54:53 UTC 23.36.76.226
mnemonic passive DNS cdn.seon.io (1) 212690 2019-10-28 00:43:56 UTC 2022-09-06 08:35:49 UTC 54.230.111.40
mnemonic passive DNS ws-cdn001.akamaized.net (1) 188179 2021-10-21 16:23:57 UTC 2022-09-06 08:35:49 UTC 23.36.77.8
mnemonic passive DNS tracker.ads.sportradar.com (2) 41720 2019-05-23 08:10:00 UTC 2022-09-06 05:43:48 UTC 23.36.79.43
mnemonic passive DNS platform.bizzocasino.com (24) 0 2022-01-12 13:05:28 UTC 2022-09-06 08:35:50 UTC 104.26.8.22 Domain (bizzocasino.com) ranked at: 291590
mnemonic passive DNS api.livechatinc.com (5) 5353 2013-12-20 14:27:35 UTC 2022-09-06 04:49:47 UTC 23.36.79.16
mnemonic passive DNS match.sharethrough.com (2) 604 2015-12-22 22:55:59 UTC 2022-09-06 04:39:58 UTC 18.193.205.227
mnemonic passive DNS cdn.onesignal.com (1) 3015 2015-04-22 13:41:50 UTC 2022-09-06 05:33:24 UTC 104.18.226.52
mnemonic passive DNS ocsp.sca1b.amazontrust.com (3) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 143.204.42.156
mnemonic passive DNS x.bidswitch.net (6) 286 2017-08-28 15:21:00 UTC 2022-09-06 04:42:30 UTC 3.122.47.104
mnemonic passive DNS secure.adnxs.com (3) 396 2012-05-22 16:37:37 UTC 2022-09-06 04:43:28 UTC 37.252.173.38
mnemonic passive DNS api.feedad.com (1) 5296 2017-12-20 17:42:46 UTC 2022-09-06 06:18:26 UTC 216.239.34.21
mnemonic passive DNS main.exosrv.com (1) 206751 2016-11-30 11:41:20 UTC 2022-09-06 08:35:49 UTC 95.211.229.245


Recent reports on same IP/ASN/Domain/Screenshot

Last 4 reports on IP: 104.26.3.121

Date UQ / IDS / BL URL IP
2022-09-13 08:07:25 +0000
0 - 0 - 1 bizzoreg.com/cz 104.26.3.121
2022-09-10 03:54:13 +0000
0 - 0 - 1 bizzoreg.com/en_au/promotions/first-deposit-bonus 104.26.3.121
2022-09-06 12:06:44 +0000
0 - 0 - 2 bizzoreg.com/casino/slots 104.26.3.121
2022-09-01 18:09:01 +0000
0 - 0 - 2 bizzoreg.com/ 104.26.3.121

Last 5 reports on ASN: CLOUDFLARENET

Date UQ / IDS / BL URL IP
2022-11-29 02:08:24 +0000
10 - 0 - 10 web2substantiation-deep.xyz/service/ 104.21.58.205
2022-11-29 02:07:53 +0000
8 - 0 - 24 natflixuserapp.com/bbbe7ef28a0018c4484eaa8b2d (...) 172.67.169.24
2022-11-29 02:07:41 +0000
8 - 0 - 24 natflixuserapp.com/fe51510c80bfd6e5d78a164cd5 (...) 172.67.169.24
2022-11-29 02:07:16 +0000
14 - 0 - 30 agileprofessional.com.br/wp-content/auth/a2b3 (...) 172.67.222.251
2022-11-29 02:05:35 +0000
1 - 0 - 4 www.rogetraffic.buzz/doc/ 104.21.31.192

Last 5 reports on domain: bizzoreg.com

Date UQ / IDS / BL URL IP
2022-11-26 08:59:06 +0000
0 - 0 - 2 bizzoreg.com/es/registration 104.26.2.121
2022-11-10 14:43:48 +0000
0 - 0 - 2 bizzoreg.com/cz 104.26.2.121
2022-10-15 02:38:59 +0000
0 - 0 - 2 bizzoreg.com/en_ca?btag=667527_92289C8C53FD46 (...) 104.26.2.121
2022-09-19 15:04:36 +0000
0 - 0 - 2 bizzoreg.com/tournaments/awesome-christmas-race 104.26.2.121
2022-09-13 08:07:25 +0000
0 - 0 - 1 bizzoreg.com/cz 104.26.3.121

No other reports with similar screenshot



JavaScript

Executed Scripts (47)


Executed Evals (5)

#1 JavaScript::Eval (size: 15240, repeated: 1) - SHA256: ce618dcb0df0f3e769e393465621ac047d8ae9dadb57b3a495b3d370137126dc

                                        (function() {
    var dN = function(a, d) {
            g(293, d, ((d.y7.push(d.h.slice()), d).h[293] = void 0, a))
        },
        aC = function(a, d) {
            return d[a] << 24 | d[(a | 0) + 1] << 16 | d[(a | 0) + 2] << 8 | d[(a | 0) + 3]
        },
        I = function(a) {
            return a.j ? Y(a, a.F) : B(8, true, a)
        },
        vk = function(a, d, A, T, S) {
            Q(((T = Z(d, (T = k((a &= (S = a & 4, 3), d)), A = k(d), T)), S && (T = w("" + T)), a) && Q(l(2, T.length), A, d), T), A, d)
        },
        T2 = function(a, d, A, T) {
            return (T = G[a.substring(0, 3) + "_"]) ? T(a.substring(3), d, A) : As(d, a)
        },
        Z = function(a, d) {
            if (a = a.h[d], void 0 === a) throw [z, 30, d];
            if (a.value) return a.create();
            return (a.create(2 * d * d + 98 * d + 22), a).prototype
        },
        oC = function(a, d, A, T, S) {
            if (S = a[0], S == b) d.T = 25, d.B(a);
            else if (S == n) {
                T = a[1];
                try {
                    A = d.u || d.B(a)
                } catch (v) {
                    N(d, v), A = d.u
                }
                T(A)
            } else if (S == sE) d.B(a);
            else if (S == m) d.B(a);
            else if (S == ur) {
                try {
                    for (A = 0; A < d.P.length; A++) try {
                        T = d.P[A], T[0][T[1]](T[2])
                    } catch (v) {}
                } catch (v) {}(0, a[1])((d.P = [], function(v, u) {
                    d.s(v, true, u)
                }), function(v) {
                    ((v = !d.X.length, P)([EE], d), v) && t(d, true, false)
                })
            } else {
                if (S == qv) return A = a[2], g(456, d, a[6]), g(156, d, A), d.B(a);
                S == EE ? (d.V = [], d.h = null, d.o = []) : S == gN && "loading" === H.document.readyState && (d.N = function(v, u) {
                    function E() {
                        u || (u = true, v())
                    }
                    H.document.addEventListener((u = false, "DOMContentLoaded"), E, W), H.addEventListener("load", E, W)
                })
            }
        },
        h = function(a, d, A, T, S, v) {
            if (!A.i) {
                if (d = (S = Z(A, ((v = void 0, d && d[0] === z) && (v = d[2], a = d[1], d = void 0), 154)), 0 == S.length && (T = Z(A, 145) >> 3, S.push(a, T >> 8 & 255, T & 255), void 0 != v && S.push(v & 255)), a = "", d && (d.message && (a += d.message), d.stack && (a += ":" + d.stack)), Z(A, 223)), 3 < d) {
                    A.I = (v = (a = (a = a.slice(0, (d | 0) - 3), d -= (a.length | 0) + 3, w(a)), A.I), A);
                    try {
                        Q(l(2, a.length).concat(a), 359, A, 9)
                    } finally {
                        A.I = v
                    }
                }
                g(223, A, d)
            }
        },
        Lm = function(a, d, A, T, S, v) {
            if (!d.u) {
                d.J++;
                try {
                    for (v = d.D, S = void 0, T = 0; --a;) try {
                        if (A = void 0, d.j) S = Y(d, d.j);
                        else {
                            if (T = Z(d, 293), T >= v) break;
                            S = Z(d, (A = k((g(145, d, T), d)), A))
                        }
                        y(d, false, false, (S && S.call ? S(d, a) : h(0, [z, 21, A], d), a))
                    } catch (u) {
                        Z(d, 55) ? h(22, u, d) : g(55, d, u)
                    }
                    if (!a) {
                        if (d.vt) {
                            Lm(762072175116, (d.J--, d));
                            return
                        }
                        h(0, [z, 33], d)
                    }
                } catch (u) {
                    try {
                        h(22, u, d)
                    } catch (E) {
                        N(d, E)
                    }
                }
                d.J--
            }
        },
        p, $m = function(a, d, A, T, S, v, u, E) {
            return (u = (A = [(S = Ym, -83), 98, -35, 80, 47, 9, A, -54, 57, (v = d & 7, 16)], K)[a.v](a.ct), u[a.v] = function(q) {
                E = (v += 6 + 7 * d, v &= 7, q)
            }, u).concat = function(q) {
                return ((q = (E = (q = (q = T % 16 + 1, -q * E + 46 * E * E - 1012 * E + (S() | 0) * q + A[v + 51 & 7] * T * q) + v - 4508 * T * E - 92 * T * T * E + 2 * T * T * q, void 0), A[q]), A)[(v + 21 & 7) + (d & 2)] = q, A)[v + (d & 2)] = 98, q
            }, u
        },
        G, Bk = function(a, d, A, T) {
            return Z(a, (g(293, (Lm(A, ((T = Z(a, 293), a.o) && T < a.D ? (g(293, a, a.D), dN(d, a)) : g(293, a, d), a)), a), T), 156))
        },
        N = function(a, d) {
            a.u = ((a.u ? a.u + "~" : "E:") + d.message + ":" + d.stack).slice(0, 2048)
        },
        P = function(a, d) {
            d.X.splice(0, 0, a)
        },
        X = function(a, d) {
            for (d = []; a--;) d.push(255 * Math.random() | 0);
            return d
        },
        RC = function(a, d, A, T) {
            A = (T = k(a), k)(a), Q(l(d, Z(a, T)), A, a)
        },
        k = function(a, d) {
            if (a.j) return Y(a, a.F);
            return (d = B(8, true, a), d & 128) && (d ^= 128, a = B(2, true, a), d = (d << 2) + (a | 0)), d
        },
        Vi = function(a, d, A, T) {
            function S() {}
            return A = T2(a, function(v) {
                S && (d && e(d), T = v, S(), S = void 0)
            }, (T = void 0, !!d))[0], {
                invoke: function(v, u, E, q) {
                    function L() {
                        T(function(R) {
                            e(function() {
                                v(R)
                            })
                        }, E)
                    }
                    if (!u) return u = A(E), v && v(u), u;
                    T ? L() : (q = S, S = function() {
                        e((q(), L))
                    })
                }
            }
        },
        Cm = function(a, d, A) {
            if ("object" == (A = typeof a, A))
                if (a) {
                    if (a instanceof Array) return "array";
                    if (a instanceof Object) return A;
                    if ("[object Window]" == (d = Object.prototype.toString.call(a), d)) return "object";
                    if ("[object Array]" == d || "number" == typeof a.length && "undefined" != typeof a.splice && "undefined" != typeof a.propertyIsEnumerable && !a.propertyIsEnumerable("splice")) return "array";
                    if ("[object Function]" == d || "undefined" != typeof a.call && "undefined" != typeof a.propertyIsEnumerable && !a.propertyIsEnumerable("call")) return "function"
                } else return "null";
            else if ("function" == A && "undefined" == typeof a.call) return "object";
            return A
        },
        IC = function(a, d, A) {
            if (3 == a.length) {
                for (A = 0; 3 > A; A++) d[A] += a[A];
                for (A = (a = [13, 8, 13, 12, 16, 5, 3, 10, 15], 0); 9 > A; A++) d[3](d, A % 3, a[A])
            }
        },
        g = function(a, d, A) {
            if (293 == a || 145 == a) d.h[a] ? d.h[a].concat(A) : d.h[a] = FT(A, d);
            else {
                if (d.i && 328 != a) return;
                171 == a || 359 == a || 50 == a || 154 == a || 294 == a ? d.h[a] || (d.h[a] = $m(d, 78, A, a)) : d.h[a] = $m(d, 9, A, a)
            }
            328 == a && (d.C = B(32, false, d), d.Y = void 0)
        },
        km = function(a, d) {
            return K[a](K.prototype, {
                replace: d,
                parent: d,
                splice: d,
                prototype: d,
                call: d,
                console: d,
                floor: d,
                stack: d,
                length: d,
                document: d,
                pop: d,
                propertyIsEnumerable: d
            })
        },
        As = function(a, d) {
            return a(function(A) {
                A(d)
            }), [function() {
                return d
            }]
        },
        l = function(a, d, A, T) {
            for (T = (A = [], (a | 0) - 1); 0 <= T; T--) A[(a | 0) - 1 - (T | 0)] = d >> 8 * T & 255;
            return A
        },
        Q = function(a, d, A, T, S, v) {
            if (A.I == A)
                for (S = Z(A, d), 359 == d ? (d = function(u, E, q, L, R) {
                        if (q = (R = S.length, R | 0) - 4 >> 3, S.lq != q) {
                            E = (L = (q << 3) - 4, S.lq = q, [0, 0, v[1], v[2]]);
                            try {
                                S.DB = Z7(aC((L | 0) + 4, S), aC(L, S), E)
                            } catch (V) {
                                throw V;
                            }
                        }
                        S.push(S.DB[R & 7] ^ u)
                    }, v = Z(A, 294)) : d = function(u) {
                        S.push(u)
                    }, T && d(T & 255), A = a.length, T = 0; T < A; T++) d(a[T])
        },
        B = function(a, d, A, T, S, v, u, E, q, L, R, V, C, D) {
            if ((C = Z(A, 293), C) >= A.D) throw [z, 31];
            for (D = (v = C, L = a, S = 0, A).ah.length; 0 < L;) q = v % 8, R = v >> 3, V = 8 - (q | 0), V = V < L ? V : L, T = A.o[R], d && (E = A, E.Y != v >> 6 && (E.Y = v >> 6, u = Z(E, 328), E.g = Z7(E.Y, E.C, [0, 0, u[1], u[2]])), T ^= A.g[R & D]), v += V, S |= (T >> 8 - (q | 0) - (V | 0) & (1 << V) - 1) << (L | 0) - (V | 0), L -= V;
            return g(293, A, (d = S, (C | 0) + (a | 0))), d
        },
        wN = function(a, d, A) {
            return d.s(function(T) {
                A = T
            }, false, a), A
        },
        D7 = function(a, d, A, T, S, v) {
            for (v = (T = (((d = k((A = a[rN] || {}, a)), A).h$ = k(a), A).K = [], a.I) == a ? (I(a) | 0) - 1 : 1, k(a)), S = 0; S < T; S++) A.K.push(k(a));
            for (; T--;) A.K[T] = Z(a, A.K[T]);
            return A.Ih = Z(a, v), A.L = Z(a, d), A
        },
        Y = function(a, d) {
            return (d = d.create().shift(), a).j.create().length || a.F.create().length || (a.j = void 0, a.F = void 0), d
        },
        Js = function(a, d, A, T) {
            for (; a.X.length;) {
                a.N = null, A = a.X.pop();
                try {
                    T = oC(A, a)
                } catch (S) {
                    N(a, S)
                }
                if (d && a.N) {
                    (d = a.N, d)(function() {
                        t(a, true, true)
                    });
                    break
                }
            }
            return T
        },
        H = this || self,
        W = {
            passive: true,
            capture: true
        },
        Z7 = function(a, d, A, T, S) {
            for (T = A[S = 0, 2] | 0, A = A[3] | 0; 15 > S; S++) a = a >>> 8 | a << 24, a += d | 0, d = d << 3 | d >>> 29, a ^= T + 823, A = A >>> 8 | A << 24, A += T | 0, T = T << 3 | T >>> 29, d ^= a, A ^= S + 823, T ^= A;
            return [d >>> 24 & 255, d >>> 16 & 255, d >>> 8 & 255, d >>> 0 & 255, a >>> 24 & 255, a >>> 16 & 255, a >>> 8 & 255, a >>> 0 & 255]
        },
        e = H.requestIdleCallback ? function(a) {
            requestIdleCallback(function() {
                a()
            }, {
                timeout: 4
            })
        } : H.setImmediate ? function(a) {
            setImmediate(a)
        } : function(a) {
            setTimeout(a, 0)
        },
        OE = function(a, d, A, T) {
            for (T = k(d), A = 0; 0 < a; a--) A = A << 8 | I(d);
            g(T, d, A)
        },
        Qi = function(a, d) {
            ((d.push(a[0] << 24 | a[1] << 16 | a[2] << 8 | a[3]), d).push(a[4] << 24 | a[5] << 16 | a[6] << 8 | a[7]), d).push(a[8] << 24 | a[9] << 16 | a[10] << 8 | a[11])
        },
        lr = function(a) {
            return a
        },
        G2 = function(a, d, A, T, S, v) {
            function u() {
                if (a.I == a) {
                    if (a.h) {
                        var E = [qv, T, d, void 0, S, v, arguments];
                        if (2 == A) var q = t(a, !(P(E, a), 1), false);
                        else if (1 == A) {
                            var L = !a.X.length;
                            (P(E, a), L) && t(a, false, false)
                        } else q = oC(E, a);
                        return q
                    }
                    S && v && S.removeEventListener(v, u, W)
                }
            }
            return u
        },
        xm = function(a, d, A, T, S) {
            for (S = (T = (d.Yb = (d.ct = km((d.M5 = (d.ah = (d.ra = UE, d[n]), z2), d.v), {get: function() {
                        return this.concat()
                    }
                }), K[d.v](d.ct, {
                    value: {
                        value: {}
                    }
                })), 0), []); 128 > T; T++) S[T] = String.fromCharCode(T);
            t(d, ((P((P([(g((g(27, (g(476, d, (g(294, d, (g(209, (g(175, (g(409, d, (g(233, d, (g(55, (g(215, (g(256, d, (g(282, (g(123, (g(161, (g(248, (g((g(45, d, (g(482, d, (g(354, d, (g(54, d, (g(359, (g(87, (g(154, d, (g(171, (d.SQ = (g(1, d, (g(376, (g(9, d, (g((g(223, (g(474, d, (g(353, d, (d.f0 = (g(372, d, (g((g(156, (g(423, (g(414, d, (g(34, (g((g(50, (d.mL = (g(((g((d.C0 = (d.V = ((d.uq = ((d.U = false, d).G = 8001, false), d).F = void 0, d.u = void 0, d.Y = void 0, []), d.T = (d.R = void 0, d.C = void 0, d.W = (d.y7 = (d.J = 0, []), (d.h = [], d).I = (d.D = ((T = window.performance || {}, d).zo = 0, 0), d), 0), d.jQ = function(v) {
                this.I = v
            }, d.o = [], d.H = (d.j = void 0, 1), d.P = [], d.g = (d.X = [], void 0), d.N = null, 25), (d.i = false, d.Z = 0, T).timeOrigin || (T.timing || {}).navigationStart || 0), d.S = (d.A = 0, 0), 293), d, 0), g)(145, d, 0), 19), d, function(v, u, E, q) {
                if (u = v.y7.pop()) {
                    for (q = I(v); 0 < q; q--) E = k(v), u[E] = v.h[E];
                    v.h = (u[223] = v.h[u[154] = v.h[154], 223], u)
                } else g(293, v, v.D)
            }), 0), d), []), 391), d, function(v, u, E, q) {
                (E = (q = k(v), I(v)), u = k(v), g)(u, v, Z(v, q) >>> E)
            }), d), function(v, u, E, q) {
                !y(v, false, true, u) && (u = D7(v), E = u.L, q = u.Ih, v.I == v || E == v.jQ && q == v) && (g(u.h$, v, E.apply(q, u.K)), v.S = v.l())
            }), function(v, u, E, q, L) {
                q = Z(v, (L = Z((E = (q = (u = k((L = k(v), E = k(v), v)), k)(v), Z(v, E)), u = Z(v, u), v.I), L), q)), 0 !== L && (q = G2(v, q, 1, u, L, E), L.addEventListener(E, q, W), g(372, v, [L, E, q]))
            })), d), function(v, u, E, q, L) {
                (E = (u = (q = k(v), k(v)), k(v)), v).I == v && (L = Z(v, q), E = Z(v, E), u = Z(v, u), L[u] = E, 328 == q && (v.Y = void 0, 2 == u && (v.C = B(32, false, v), v.Y = void 0)))
            }), d), {}), 511), d, function(v, u, E, q, L, R, V, C, D, O, r, F) {
                function x(J, U) {
                    for (; D < J;) R |= I(v) << D, D += 8;
                    return R >>= (D -= (U = R & (1 << J) - 1, J), J), U
                }
                for (F = (r = (u = (E = k(v), D = R = 0, x(3) | 0) + 1, x(5)), C = 0), L = []; F < r; F++) q = x(1), L.push(q), C += q ? 0 : 1;
                for (F = (V = (C = ((C | 0) - 1).toString(2).length, []), 0); F < r; F++) L[F] || (V[F] = x(C));
                for (C = 0; C < r; C++) L[C] && (V[C] = k(v));
                for (O = []; u--;) O.push(Z(v, k(v)));
                g(E, v, function(J, U, M, S3, c) {
                    for (U = (S3 = [], 0), M = []; U < r; U++) {
                        if (!(c = V[U], L)[U]) {
                            for (; c >= M.length;) M.push(k(J));
                            c = M[c]
                        }
                        S3.push(c)
                    }(J.j = FT(O.slice(), J), J).F = FT(S3, J)
                })
            }), 0)), 0), function(v, u, E, q) {
                u = k((q = k((E = k(v), v)), v)), g(u, v, Z(v, E) || Z(v, q))
            })), function(v) {
                RC(v, 1)
            })), d), 2048), 199), d, function(v, u, E, q, L, R, V) {
                for (q = (V = (R = (L = nm((u = k(v), v)), E = "", Z(v, 189)), R).length, 0); L--;) q = ((q | 0) + (nm(v) | 0)) % V, E += S[R[q]];
                g(u, v, E)
            }), 0)), d), function(v, u, E) {
                (u = (E = k(v), k(v)), g)(u, v, "" + Z(v, E))
            }), function(v) {
                RC(v, 4)
            })), 0), d), [160, 0, 0]), [])), d), function(v, u, E, q) {
                (u = (q = Z((E = (u = k(v), k(v)), v), E), Z(v, u)), g)(E, v, q + u)
            }), d), X(4)), function(v) {
                OE(4, v)
            })), function(v, u, E) {
                (E = Z((u = (E = k(v), k(v)), v), E), E = Cm(E), g)(u, v, E)
            })), function() {})), function(v, u, E, q) {
                E = Z(v, (u = Z((q = (u = (E = k(v), k)(v), k)(v), v), u), E)), g(q, v, E[u])
            })), 480), d, function(v, u, E, q, L, R) {
                if (!y(v, true, true, u)) {
                    if (q = (R = (u = Z((q = k((u = k((R = k((E = k(v), v)), v)), v)), v), u), Z)(v, R), Z(v, q)), v = Z(v, E), "object" == Cm(v)) {
                        for (L in E = [], v) E.push(L);
                        v = E
                    }
                    for (E = (u = (L = v.length, 0 < u ? u : 1), 0); E < L; E += u) R(v.slice(E, (E | 0) + (u | 0)), q)
                }
            }), d), function(v) {
                vk(4, v)
            }), d), function(v, u, E) {
                y(v, false, true, u) || (u = k(v), E = k(v), g(E, v, function(q) {
                    return eval(q)
                }(br(Z(v.I, u)))))
            }), d), H), d), function(v, u) {
                v = (u = k(v), Z(v.I, u)), v[0].removeEventListener(v[1], v[2], W)
            }), d)), d), function(v, u, E, q, L) {
                for (L = (q = (u = nm((E = k(v), v)), []), 0); L < u; L++) q.push(I(v));
                g(E, v, q)
            }), d), 348), function(v, u, E, q, L) {
                u = Z(v, (L = Z((L = (q = (u = k((E = k(v), v)), k(v)), k(v)), v), L), u)), q = Z(v, q), g(E, v, G2(v, q, L, u))
            })), function(v, u, E) {
                0 != Z((E = Z(v, (u = k(v), E = k(v), E)), v), u) && g(293, v, E)
            })), d), function(v, u, E, q) {
                u = (q = k((E = k(v), v)), k)(v), E = Z(v, E), q = Z(v, q), g(u, v, +(E == q))
            }), d), function(v, u, E, q) {
                u = Z(v, (q = (q = (u = k(v), k)(v), E = k(v), Z(v, q)), u)), g(E, v, u in q | 0)
            }), [0, 0, 0])), function(v) {
                vk(3, v)
            })), d), function(v, u) {
                dN((u = Z(v, k(v)), u), v.I)
            }), 471), d, function(v, u, E, q, L, R) {
                y(v, false, true, u) || (R = D7(v.I), E = R.Ih, u = R.h$, q = R.L, R = R.K, L = R.length, E = 0 == L ? new E[q] : 1 == L ? new E[q](R[0]) : 2 == L ? new E[q](R[0], R[1]) : 3 == L ? new E[q](R[0], R[1], R[2]) : 4 == L ? new E[q](R[0], R[1], R[2], R[3]) : 2(), g(u, v, E))
            }), gN)], d), [m, A]), d), P)([ur, a], d), true), true)
        },
        Nv = function(a, d) {
            if ((d = (a = null, H.trustedTypes), !d) || !d.createPolicy) return a;
            try {
                a = d.createPolicy("bg", {
                    createHTML: lr,
                    createScript: lr,
                    createScriptURL: lr
                })
            } catch (A) {
                H.console && H.console.error(A.message)
            }
            return a
        },
        FT = function(a, d, A) {
            return ((A = K[d.v](d.Yb), A)[d.v] = function() {
                return a
            }, A).concat = function(T) {
                a = T
            }, A
        },
        f = function(a, d, A) {
            A = this;
            try {
                xm(d, this, a)
            } catch (T) {
                N(this, T), d(function(S) {
                    S(A.u)
                })
            }
        },
        t = function(a, d, A, T, S, v) {
            if (a.X.length) {
                a.uq = (a.U && 0(), a.U = true, d);
                try {
                    S = a.l(), a.Z = S, a.S = S, a.R = 0, v = Js(a, d), T = a.l() - a.Z, a.W += T, T < (A ? 0 : 10) || 0 >= a.T-- || (T = Math.floor(T), a.V.push(254 >= T ? T : 254))
                } finally {
                    a.U = false
                }
                return v
            }
        },
        mq = function(a, d, A, T) {
            try {
                T = a[((d | 0) + 2) % 3], a[d] = (a[d] | 0) - (a[((d | 0) + 1) % 3] | 0) - (T | 0) ^ (1 == d ? T << A : T >>> A)
            } catch (S) {
                throw S;
            }
        },
        y = function(a, d, A, T, S, v, u, E, q) {
            if (((((u = (v = (A || a.R++, 0 < a.A && a.U && a.uq && 1 >= a.J && !a.j && !a.N && (!A || 1 < a.G - T)) && 0 == document.hidden, q = d ? 255 : A ? 5 : 2, E = (d = 4 == a.R) || v ? a.l() : a.S, E) - a.S, S = u >> 14, a.C) && (a.C ^= S * (u << 2)), a).I = S || a.I, a).H += S, d) || v) a.R = 0, a.S = E;
            if (!v || E - a.Z < a.A - q) return false;
            return g(293, (d = (a.G = T, Z(a, A ? 145 : 293)), a), a.D), a.X.push([sE, d, A ? T + 1 : T]), a.N = e, true
        },
        nm = function(a, d) {
            return d = I(a), d & 128 && (d = d & 127 | I(a) << 7), d
        },
        w = function(a, d, A, T, S) {
            for (S = d = (A = (a = a.replace(/\r\n/g, "\n"), []), 0); S < a.length; S++) T = a.charCodeAt(S), 128 > T ? A[d++] = T : (2048 > T ? A[d++] = T >> 6 | 192 : (55296 == (T & 64512) && S + 1 < a.length && 56320 == (a.charCodeAt(S + 1) & 64512) ? (T = 65536 + ((T & 1023) << 10) + (a.charCodeAt(++S) & 1023), A[d++] = T >> 18 | 240, A[d++] = T >> 12 & 63 | 128) : A[d++] = T >> 12 | 224, A[d++] = T >> 6 & 63 | 128), A[d++] = T & 63 | 128);
            return A
        },
        rN = String.fromCharCode(105, 110, 116, 101, 103, 67, 104, 101, 99, 107, 66, 121, 112, 97, 115, 115),
        gN = (f.prototype.J$ = void 0, f.prototype.ZB = void 0, []),
        ur = (f.prototype.O = "toString", f.prototype.vt = false, []),
        sE = [],
        qv = [],
        b = [],
        EE = [],
        z = {},
        m = [],
        n = [],
        Ym = (p = (((Qi, X, function() {})(mq), function() {})(IC), f.prototype.v = "create", f.prototype), void 0),
        K = z.constructor;
    (p.l = ((p.N5 = function(a, d, A) {
        return (d = ((d ^= d << 13, d ^= d >> 17, d) ^ d << 5) & A) || (d = 1), a ^ d
    }, (p.FG = function() {
        return Math.floor(this.W + (this.l() - this.Z))
    }, p.s = function(a, d, A, T, S) {
        if ((A = "array" === Cm(A) ? A : [A], this).u) a(this.u);
        else try {
            S = !this.X.length, T = [], P([b, T, A], this), P([n, a, T], this), d && !S || t(this, d, true)
        } catch (v) {
            N(this, v), a(this.u)
        }
    }, p.oh = function(a, d, A, T, S, v) {
        for (v = [], A = 0, T = 0; A < a.length; A++)
            for (S = S << d | a[A], T += d; 7 < T;) T -= 8, v.push(S >> T & 255);
        return v
    }, p).p0 = function() {
        return Math.floor(this.l())
    }, p).Bt = function(a, d, A, T, S) {
        for (S = T = 0; T < a.length; T++) S += a.charCodeAt(T), S += S << 10, S ^= S >> 6;
        return T = new Number((a = (S += S << 3, S ^= S >> 11, S) + (S << 15) >>> 0, a) & (1 << d) - 1), T[0] = (a >>> d) % A, T
    }, (window.performance || {}).now ? function() {
        return this.C0 + window.performance.now()
    } : function() {
        return +new Date
    }), f.prototype).B = function(a, d) {
        return d = (a = (Ym = function() {
                return d == a ? 22 : 49
            }, {}), {}),
            function(A, T, S, v, u, E, q, L, R, V, C, D, O, r, F) {
                d = (D = d, a);
                try {
                    if (r = A[0], r == m) {
                        E = A[1];
                        try {
                            for (L = (u = (q = atob(E), C = 0), []); C < q.length; C++) V = q.charCodeAt(C), 255 < V && (L[u++] = V & 255, V >>= 8), L[u++] = V;
                            g(328, (this.D = (this.o = L, this.o).length << 3, this), [0, 0, 0])
                        } catch (x) {
                            h(17, x, this);
                            return
                        }
                        Lm(8001, this)
                    } else if (r == b) A[1].push(Z(this, 359).length, Z(this, 171).length, Z(this, 223), Z(this, 50).length), g(156, this, A[2]), this.h[143] && Bk(this, Z(this, 143), 8001);
                    else {
                        if (r == n) {
                            this.I = (S = (R = l(2, (u = A[2], (Z(this, 171).length | 0) + 2)), this.I), this);
                            try {
                                v = Z(this, 154), 0 < v.length && Q(l(2, v.length).concat(v), 171, this, 10), Q(l(1, this.H), 171, this, 109), Q(l(1, this[n].length), 171, this), q = 0, q -= (Z(this, 171).length | 0) + 5, F = Z(this, 359), q += Z(this, 9) & 2047, 4 < F.length && (q -= (F.length | 0) + 3), 0 < q && Q(l(2, q).concat(X(q)), 171, this, 15), 4 < F.length && Q(l(2, F.length).concat(F), 171, this, 156)
                            } finally {
                                this.I = S
                            }
                            if (((L = X(2).concat(Z(this, 171)), L[1] = L[0] ^ 6, L)[3] = L[1] ^ R[0], L)[4] = L[1] ^ R[1], T = this.XG(L)) T = "!" + T;
                            else
                                for (q = 0, T = ""; q < L.length; q++) O = L[q][this.O](16), 1 == O.length && (O = "0" + O), T += O;
                            return Z(this, (g(223, ((C = T, Z(this, 359)).length = u.shift(), Z(this, 171).length = u.shift(), this), u.shift()), 50)).length = u.shift(), C
                        }
                        if (r == sE) Bk(this, A[1], A[2]);
                        else if (r == qv) return Bk(this, A[1], 8001)
                    }
                } finally {
                    d = D
                }
            }
    }();
    var UE, z2 = ((f.prototype.UJ = (f.prototype[ur] = [0, 0, 1, 1, 0, 1, 1], 0), f.prototype.eQ = 0, f).prototype.XG = function(a, d, A, T) {
            if (T = window.btoa) {
                for (d = 0, A = ""; d < a.length; d += 8192) A += String.fromCharCode.apply(null, a.slice(d, d + 8192));
                a = T(A).replace(/\+/g, "-").replace(/\//g, "_").replace(/=/g, "")
            } else a = void 0;
            return a
        }, /./),
        Pk = m.pop.bind(f.prototype[b]),
        br = function(a, d) {
            return (d = Nv()) && 1 === a.eval(d.createScript("1")) ? function(A) {
                return d.createScript(A)
            } : function(A) {
                return "" + A
            }
        }(((UE = km(f.prototype.v, (z2[f.prototype.O] = Pk, {get: Pk
        })), f).prototype.K0 = void 0, H));
    (40 < (G = H.botguard || (H.botguard = {}), G.m) || (G.m = 41, G.bg = Vi, G.a = T2), G).JBK_ = function(a, d, A) {
        return A = new f(a, d), [function(T) {
            return wN(T, A)
        }]
    };
}).call(this);
                                    

#2 JavaScript::Eval (size: 64, repeated: 1) - SHA256: 39945446d246f3f25b4031c3e1013556170253a2778898fd73ac117b92a8ef08

                                        0,
function(v, u, E) {
    g((E = (u = (E = k(v), k(v)), v.h[E]) && Z(v, E), u), v, E)
}
                                    

#3 JavaScript::Eval (size: 22, repeated: 1) - SHA256: cd93a2e97e281c2ffd8a8cad4cded814970dbc8963ea8286919b51022ae4f566

                                        0,
function(v) {
    OE(2, v)
}
                                    

#4 JavaScript::Eval (size: 15534, repeated: 1) - SHA256: a9c1dd73fa7ed90838301c93418b2c92bf1274928fee89eb257d02e97173cae1

                                        /* Anti-spam. Want to say hello? Contact (base64) Ym90Z3VhcmQtY29udGFjdEBnb29nbGUuY29t */
(function() {
    var A = function(d) {
            return d
        },
        u = function(d, a) {
            if (!(d = (a = null, T.trustedTypes), d) || !d.createPolicy) return a;
            try {
                a = d.createPolicy("bg", {
                    createHTML: A,
                    createScript: A,
                    createScriptURL: A
                })
            } catch (v) {
                T.console && T.console.error(v.message)
            }
            return a
        },
        T = this || self;
    (0, eval)(function(d, a) {
        return (a = u()) && 1 === d.eval(a.createScript("1")) ? function(v) {
            return a.createScript(v)
        } : function(v) {
            return "" + v
        }
    }(T)(Array(7824 * Math.random() | 0).join("\n") + '(function(){var dN=function(a,d){g(293,d,((d.y7.push(d.h.slice()),d).h[293]=void 0,a))},aC=function(a,d){return d[a]<<24|d[(a|0)+1]<<16|d[(a|0)+2]<<8|d[(a|0)+3]},I=function(a){return a.j?Y(a,a.F):B(8,true,a)},vk=function(a,d,A,T,S){Q(((T=Z(d,(T=k((a&=(S=a&4,3),d)),A=k(d),T)),S&&(T=w(""+T)),a)&&Q(l(2,T.length),A,d),T),A,d)},T2=function(a,d,A,T){return(T=G[a.substring(0,3)+"_"])?T(a.substring(3),d,A):As(d,a)},Z=function(a,d){if(a=a.h[d],void 0===a)throw[z,30,d];if(a.value)return a.create();return(a.create(2*d*d+98*d+22),a).prototype},oC=function(a,d,A,T,S){if(S=a[0],S==b)d.T=25,d.B(a);else if(S==n){T=a[1];try{A=d.u||d.B(a)}catch(v){N(d,v),A=d.u}T(A)}else if(S==sE)d.B(a);else if(S==m)d.B(a);else if(S==ur){try{for(A=0;A<d.P.length;A++)try{T=d.P[A],T[0][T[1]](T[2])}catch(v){}}catch(v){}(0,a[1])((d.P=[],function(v,u){d.s(v,true,u)}),function(v){((v=!d.X.length,P)([EE],d),v)&&t(d,true,false)})}else{if(S==qv)return A=a[2],g(456,d,a[6]),g(156,d,A),d.B(a);S==EE?(d.V=[],d.h=null,d.o=[]):S==gN&&"loading"===H.document.readyState&&(d.N=function(v,u){function E(){u||(u=true,v())}H.document.addEventListener((u=false,"DOMContentLoaded"),E,W),H.addEventListener("load",E,W)})}},h=function(a,d,A,T,S,v){if(!A.i){if(d=(S=Z(A,((v=void 0,d&&d[0]===z)&&(v=d[2],a=d[1],d=void 0),154)),0==S.length&&(T=Z(A,145)>>3,S.push(a,T>>8&255,T&255),void 0!=v&&S.push(v&255)),a="",d&&(d.message&&(a+=d.message),d.stack&&(a+=":"+d.stack)),Z(A,223)),3<d){A.I=(v=(a=(a=a.slice(0,(d|0)-3),d-=(a.length|0)+3,w(a)),A.I),A);try{Q(l(2,a.length).concat(a),359,A,9)}finally{A.I=v}}g(223,A,d)}},Lm=function(a,d,A,T,S,v){if(!d.u){d.J++;try{for(v=d.D,S=void 0,T=0;--a;)try{if(A=void 0,d.j)S=Y(d,d.j);else{if(T=Z(d,293),T>=v)break;S=Z(d,(A=k((g(145,d,T),d)),A))}y(d,false,false,(S&&S.call?S(d,a):h(0,[z,21,A],d),a))}catch(u){Z(d,55)?h(22,u,d):g(55,d,u)}if(!a){if(d.vt){Lm(762072175116,(d.J--,d));return}h(0,[z,33],d)}}catch(u){try{h(22,u,d)}catch(E){N(d,E)}}d.J--}},p,$m=function(a,d,A,T,S,v,u,E){return(u=(A=[(S=Ym,-83),98,-35,80,47,9,A,-54,57,(v=d&7,16)],K)[a.v](a.ct),u[a.v]=function(q){E=(v+=6+7*d,v&=7,q)},u).concat=function(q){return((q=(E=(q=(q=T%16+1,-q*E+46*E*E-1012*E+(S()|0)*q+A[v+51&7]*T*q)+v-4508*T*E-92*T*T*E+2*T*T*q,void 0),A[q]),A)[(v+21&7)+(d&2)]=q,A)[v+(d&2)]=98,q},u},G,Bk=function(a,d,A,T){return Z(a,(g(293,(Lm(A,((T=Z(a,293),a.o)&&T<a.D?(g(293,a,a.D),dN(d,a)):g(293,a,d),a)),a),T),156))},N=function(a,d){a.u=((a.u?a.u+"~":"E:")+d.message+":"+d.stack).slice(0,2048)},P=function(a,d){d.X.splice(0,0,a)},X=function(a,d){for(d=[];a--;)d.push(255*Math.random()|0);return d},RC=function(a,d,A,T){A=(T=k(a),k)(a),Q(l(d,Z(a,T)),A,a)},k=function(a,d){if(a.j)return Y(a,a.F);return(d=B(8,true,a),d&128)&&(d^=128,a=B(2,true,a),d=(d<<2)+(a|0)),d},Vi=function(a,d,A,T){function S(){}return A=T2(a,function(v){S&&(d&&e(d),T=v,S(),S=void 0)},(T=void 0,!!d))[0],{invoke:function(v,u,E,q){function L(){T(function(R){e(function(){v(R)})},E)}if(!u)return u=A(E),v&&v(u),u;T?L():(q=S,S=function(){e((q(),L))})}}},Cm=function(a,d,A){if("object"==(A=typeof a,A))if(a){if(a instanceof Array)return"array";if(a instanceof Object)return A;if("[object Window]"==(d=Object.prototype.toString.call(a),d))return"object";if("[object Array]"==d||"number"==typeof a.length&&"undefined"!=typeof a.splice&&"undefined"!=typeof a.propertyIsEnumerable&&!a.propertyIsEnumerable("splice"))return"array";if("[object Function]"==d||"undefined"!=typeof a.call&&"undefined"!=typeof a.propertyIsEnumerable&&!a.propertyIsEnumerable("call"))return"function"}else return"null";else if("function"==A&&"undefined"==typeof a.call)return"object";return A},IC=function(a,d,A){if(3==a.length){for(A=0;3>A;A++)d[A]+=a[A];for(A=(a=[13,8,13,12,16,5,3,10,15],0);9>A;A++)d[3](d,A%3,a[A])}},g=function(a,d,A){if(293==a||145==a)d.h[a]?d.h[a].concat(A):d.h[a]=FT(A,d);else{if(d.i&&328!=a)return;171==a||359==a||50==a||154==a||294==a?d.h[a]||(d.h[a]=$m(d,78,A,a)):d.h[a]=$m(d,9,A,a)}328==a&&(d.C=B(32,false,d),d.Y=void 0)},km=function(a,d){return K[a](K.prototype,{replace:d,parent:d,splice:d,prototype:d,call:d,console:d,floor:d,stack:d,length:d,document:d,pop:d,propertyIsEnumerable:d})},As=function(a,d){return a(function(A){A(d)}),[function(){return d}]},l=function(a,d,A,T){for(T=(A=[],(a|0)-1);0<=T;T--)A[(a|0)-1-(T|0)]=d>>8*T&255;return A},Q=function(a,d,A,T,S,v){if(A.I==A)for(S=Z(A,d),359==d?(d=function(u,E,q,L,R){if(q=(R=S.length,R|0)-4>>3,S.lq!=q){E=(L=(q<<3)-4,S.lq=q,[0,0,v[1],v[2]]);try{S.DB=Z7(aC((L|0)+4,S),aC(L,S),E)}catch(V){throw V;}}S.push(S.DB[R&7]^u)},v=Z(A,294)):d=function(u){S.push(u)},T&&d(T&255),A=a.length,T=0;T<A;T++)d(a[T])},B=function(a,d,A,T,S,v,u,E,q,L,R,V,C,D){if((C=Z(A,293),C)>=A.D)throw[z,31];for(D=(v=C,L=a,S=0,A).ah.length;0<L;)q=v%8,R=v>>3,V=8-(q|0),V=V<L?V:L,T=A.o[R],d&&(E=A,E.Y!=v>>6&&(E.Y=v>>6,u=Z(E,328),E.g=Z7(E.Y,E.C,[0,0,u[1],u[2]])),T^=A.g[R&D]),v+=V,S|=(T>>8-(q|0)-(V|0)&(1<<V)-1)<<(L|0)-(V|0),L-=V;return g(293,A,(d=S,(C|0)+(a|0))),d},wN=function(a,d,A){return d.s(function(T){A=T},false,a),A},D7=function(a,d,A,T,S,v){for(v=(T=(((d=k((A=a[rN]||{},a)),A).h$=k(a),A).K=[],a.I)==a?(I(a)|0)-1:1,k(a)),S=0;S<T;S++)A.K.push(k(a));for(;T--;)A.K[T]=Z(a,A.K[T]);return A.Ih=Z(a,v),A.L=Z(a,d),A},Y=function(a,d){return(d=d.create().shift(),a).j.create().length||a.F.create().length||(a.j=void 0,a.F=void 0),d},Js=function(a,d,A,T){for(;a.X.length;){a.N=null,A=a.X.pop();try{T=oC(A,a)}catch(S){N(a,S)}if(d&&a.N){(d=a.N,d)(function(){t(a,true,true)});break}}return T},H=this||self,W={passive:true,capture:true},Z7=function(a,d,A,T,S){for(T=A[S=0,2]|0,A=A[3]|0;15>S;S++)a=a>>>8|a<<24,a+=d|0,d=d<<3|d>>>29,a^=T+823,A=A>>>8|A<<24,A+=T|0,T=T<<3|T>>>29,d^=a,A^=S+823,T^=A;return[d>>>24&255,d>>>16&255,d>>>8&255,d>>>0&255,a>>>24&255,a>>>16&255,a>>>8&255,a>>>0&255]},e=H.requestIdleCallback?function(a){requestIdleCallback(function(){a()},{timeout:4})}:H.setImmediate?function(a){setImmediate(a)}:function(a){setTimeout(a,0)},OE=function(a,d,A,T){for(T=k(d),A=0;0<a;a--)A=A<<8|I(d);g(T,d,A)},Qi=function(a,d){((d.push(a[0]<<24|a[1]<<16|a[2]<<8|a[3]),d).push(a[4]<<24|a[5]<<16|a[6]<<8|a[7]),d).push(a[8]<<24|a[9]<<16|a[10]<<8|a[11])},lr=function(a){return a},G2=function(a,d,A,T,S,v){function u(){if(a.I==a){if(a.h){var E=[qv,T,d,void 0,S,v,arguments];if(2==A)var q=t(a,!(P(E,a),1),false);else if(1==A){var L=!a.X.length;(P(E,a),L)&&t(a,false,false)}else q=oC(E,a);return q}S&&v&&S.removeEventListener(v,u,W)}}return u},xm=function(a,d,A,T,S){for(S=(T=(d.Yb=(d.ct=km((d.M5=(d.ah=(d.ra=UE,d[n]),z2),d.v),{get:function(){return this.concat()}}),K[d.v](d.ct,{value:{value:{}}})),0),[]);128>T;T++)S[T]=String.fromCharCode(T);t(d,((P((P([(g((g(27,(g(476,d,(g(294,d,(g(209,(g(175,(g(409,d,(g(233,d,(g(55,(g(215,(g(256,d,(g(282,(g(123,(g(161,(g(248,(g((g(45,d,(g(482,d,(g(354,d,(g(54,d,(g(359,(g(87,(g(154,d,(g(171,(d.SQ=(g(1,d,(g(376,(g(9,d,(g((g(223,(g(474,d,(g(353,d,(d.f0=(g(372,d,(g((g(156,(g(423,(g(414,d,(g(34,(g((g(50,(d.mL=(g(((g((d.C0=(d.V=((d.uq=((d.U=false,d).G=8001,false),d).F=void 0,d.u=void 0,d.Y=void 0,[]),d.T=(d.R=void 0,d.C=void 0,d.W=(d.y7=(d.J=0,[]),(d.h=[],d).I=(d.D=((T=window.performance||{},d).zo=0,0),d),0),d.jQ=function(v){this.I=v},d.o=[],d.H=(d.j=void 0,1),d.P=[],d.g=(d.X=[],void 0),d.N=null,25),(d.i=false,d.Z=0,T).timeOrigin||(T.timing||{}).navigationStart||0),d.S=(d.A=0,0),293),d,0),g)(145,d,0),19),d,function(v,u,E,q){if(u=v.y7.pop()){for(q=I(v);0<q;q--)E=k(v),u[E]=v.h[E];v.h=(u[223]=v.h[u[154]=v.h[154],223],u)}else g(293,v,v.D)}),0),d),[]),391),d,function(v,u,E,q){(E=(q=k(v),I(v)),u=k(v),g)(u,v,Z(v,q)>>>E)}),d),function(v,u,E,q){!y(v,false,true,u)&&(u=D7(v),E=u.L,q=u.Ih,v.I==v||E==v.jQ&&q==v)&&(g(u.h$,v,E.apply(q,u.K)),v.S=v.l())}),function(v,u,E,q,L){q=Z(v,(L=Z((E=(q=(u=k((L=k(v),E=k(v),v)),k)(v),Z(v,E)),u=Z(v,u),v.I),L),q)),0!==L&&(q=G2(v,q,1,u,L,E),L.addEventListener(E,q,W),g(372,v,[L,E,q]))})),d),function(v,u,E,q,L){(E=(u=(q=k(v),k(v)),k(v)),v).I==v&&(L=Z(v,q),E=Z(v,E),u=Z(v,u),L[u]=E,328==q&&(v.Y=void 0,2==u&&(v.C=B(32,false,v),v.Y=void 0)))}),d),{}),511),d,function(v,u,E,q,L,R,V,C,D,O,r,F){function x(J,U){for(;D<J;)R|=I(v)<<D,D+=8;return R>>=(D-=(U=R&(1<<J)-1,J),J),U}for(F=(r=(u=(E=k(v),D=R=0,x(3)|0)+1,x(5)),C=0),L=[];F<r;F++)q=x(1),L.push(q),C+=q?0:1;for(F=(V=(C=((C|0)-1).toString(2).length,[]),0);F<r;F++)L[F]||(V[F]=x(C));for(C=0;C<r;C++)L[C]&&(V[C]=k(v));for(O=[];u--;)O.push(Z(v,k(v)));g(E,v,function(J,U,M,S3,c){for(U=(S3=[],0),M=[];U<r;U++){if(!(c=V[U],L)[U]){for(;c>=M.length;)M.push(k(J));c=M[c]}S3.push(c)}(J.j=FT(O.slice(),J),J).F=FT(S3,J)})}),0)),0),function(v,u,E,q){u=k((q=k((E=k(v),v)),v)),g(u,v,Z(v,E)||Z(v,q))})),function(v){RC(v,1)})),d),2048),199),d,function(v,u,E,q,L,R,V){for(q=(V=(R=(L=nm((u=k(v),v)),E="",Z(v,189)),R).length,0);L--;)q=((q|0)+(nm(v)|0))%V,E+=S[R[q]];g(u,v,E)}),0)),d),function(v,u,E){(u=(E=k(v),k(v)),g)(u,v,""+Z(v,E))}),function(v){RC(v,4)})),0),d),[160,0,0]),[])),d),function(v,u,E,q){(u=(q=Z((E=(u=k(v),k(v)),v),E),Z(v,u)),g)(E,v,q+u)}),d),X(4)),function(v){OE(4,v)})),function(v,u,E){(E=Z((u=(E=k(v),k(v)),v),E),E=Cm(E),g)(u,v,E)})),function(){})),function(v,u,E,q){E=Z(v,(u=Z((q=(u=(E=k(v),k)(v),k)(v),v),u),E)),g(q,v,E[u])})),480),d,function(v,u,E,q,L,R){if(!y(v,true,true,u)){if(q=(R=(u=Z((q=k((u=k((R=k((E=k(v),v)),v)),v)),v),u),Z)(v,R),Z(v,q)),v=Z(v,E),"object"==Cm(v)){for(L in E=[],v)E.push(L);v=E}for(E=(u=(L=v.length,0<u?u:1),0);E<L;E+=u)R(v.slice(E,(E|0)+(u|0)),q)}}),d),function(v){vk(4,v)}),d),function(v,u,E){y(v,false,true,u)||(u=k(v),E=k(v),g(E,v,function(q){return eval(q)}(br(Z(v.I,u)))))}),d),H),d),function(v,u){v=(u=k(v),Z(v.I,u)),v[0].removeEventListener(v[1],v[2],W)}),d)),d),function(v,u,E,q,L){for(L=(q=(u=nm((E=k(v),v)),[]),0);L<u;L++)q.push(I(v));g(E,v,q)}),d),348),function(v,u,E,q,L){u=Z(v,(L=Z((L=(q=(u=k((E=k(v),v)),k(v)),k(v)),v),L),u)),q=Z(v,q),g(E,v,G2(v,q,L,u))})),function(v,u,E){0!=Z((E=Z(v,(u=k(v),E=k(v),E)),v),u)&&g(293,v,E)})),d),function(v,u,E,q){u=(q=k((E=k(v),v)),k)(v),E=Z(v,E),q=Z(v,q),g(u,v,+(E==q))}),d),function(v,u,E,q){u=Z(v,(q=(q=(u=k(v),k)(v),E=k(v),Z(v,q)),u)),g(E,v,u in q|0)}),[0,0,0])),function(v){vk(3,v)})),d),function(v,u){dN((u=Z(v,k(v)),u),v.I)}),471),d,function(v,u,E,q,L,R){y(v,false,true,u)||(R=D7(v.I),E=R.Ih,u=R.h$,q=R.L,R=R.K,L=R.length,E=0==L?new E[q]:1==L?new E[q](R[0]):2==L?new E[q](R[0],R[1]):3==L?new E[q](R[0],R[1],R[2]):4==L?new E[q](R[0],R[1],R[2],R[3]):2(),g(u,v,E))}),gN)],d),[m,A]),d),P)([ur,a],d),true),true)},Nv=function(a,d){if((d=(a=null,H.trustedTypes),!d)||!d.createPolicy)return a;try{a=d.createPolicy("bg",{createHTML:lr,createScript:lr,createScriptURL:lr})}catch(A){H.console&&H.console.error(A.message)}return a},FT=function(a,d,A){return((A=K[d.v](d.Yb),A)[d.v]=function(){return a},A).concat=function(T){a=T},A},f=function(a,d,A){A=this;try{xm(d,this,a)}catch(T){N(this,T),d(function(S){S(A.u)})}},t=function(a,d,A,T,S,v){if(a.X.length){a.uq=(a.U&&0(),a.U=true,d);try{S=a.l(),a.Z=S,a.S=S,a.R=0,v=Js(a,d),T=a.l()-a.Z,a.W+=T,T<(A?0:10)||0>=a.T--||(T=Math.floor(T),a.V.push(254>=T?T:254))}finally{a.U=false}return v}},mq=function(a,d,A,T){try{T=a[((d|0)+2)%3],a[d]=(a[d]|0)-(a[((d|0)+1)%3]|0)-(T|0)^(1==d?T<<A:T>>>A)}catch(S){throw S;}},y=function(a,d,A,T,S,v,u,E,q){if(((((u=(v=(A||a.R++,0<a.A&&a.U&&a.uq&&1>=a.J&&!a.j&&!a.N&&(!A||1<a.G-T))&&0==document.hidden,q=d?255:A?5:2,E=(d=4==a.R)||v?a.l():a.S,E)-a.S,S=u>>14,a.C)&&(a.C^=S*(u<<2)),a).I=S||a.I,a).H+=S,d)||v)a.R=0,a.S=E;if(!v||E-a.Z<a.A-q)return false;return g(293,(d=(a.G=T,Z(a,A?145:293)),a),a.D),a.X.push([sE,d,A?T+1:T]),a.N=e,true},nm=function(a,d){return d=I(a),d&128&&(d=d&127|I(a)<<7),d},w=function(a,d,A,T,S){for(S=d=(A=(a=a.replace(/\\r\\n/g,"\\n"),[]),0);S<a.length;S++)T=a.charCodeAt(S),128>T?A[d++]=T:(2048>T?A[d++]=T>>6|192:(55296==(T&64512)&&S+1<a.length&&56320==(a.charCodeAt(S+1)&64512)?(T=65536+((T&1023)<<10)+(a.charCodeAt(++S)&1023),A[d++]=T>>18|240,A[d++]=T>>12&63|128):A[d++]=T>>12|224,A[d++]=T>>6&63|128),A[d++]=T&63|128);return A},rN=String.fromCharCode(105,110,116,101,103,67,104,101,99,107,66,121,112,97,115,115),gN=(f.prototype.J$=void 0,f.prototype.ZB=void 0,[]),ur=(f.prototype.O="toString",f.prototype.vt=false,[]),sE=[],qv=[],b=[],EE=[],z={},m=[],n=[],Ym=(p=(((Qi,X,function(){})(mq),function(){})(IC),f.prototype.v="create",f.prototype),void 0),K=z.constructor;(p.l=((p.N5=function(a,d,A){return(d=((d^=d<<13,d^=d>>17,d)^d<<5)&A)||(d=1),a^d},(p.FG=function(){return Math.floor(this.W+(this.l()-this.Z))},p.s=function(a,d,A,T,S){if((A="array"===Cm(A)?A:[A],this).u)a(this.u);else try{S=!this.X.length,T=[],P([b,T,A],this),P([n,a,T],this),d&&!S||t(this,d,true)}catch(v){N(this,v),a(this.u)}},p.oh=function(a,d,A,T,S,v){for(v=[],A=0,T=0;A<a.length;A++)for(S=S<<d|a[A],T+=d;7<T;)T-=8,v.push(S>>T&255);return v},p).p0=function(){return Math.floor(this.l())},p).Bt=function(a,d,A,T,S){for(S=T=0;T<a.length;T++)S+=a.charCodeAt(T),S+=S<<10,S^=S>>6;return T=new Number((a=(S+=S<<3,S^=S>>11,S)+(S<<15)>>>0,a)&(1<<d)-1),T[0]=(a>>>d)%A,T},(window.performance||{}).now?function(){return this.C0+window.performance.now()}:function(){return+new Date}),f.prototype).B=function(a,d){return d=(a=(Ym=function(){return d==a?22:49},{}),{}),function(A,T,S,v,u,E,q,L,R,V,C,D,O,r,F){d=(D=d,a);try{if(r=A[0],r==m){E=A[1];try{for(L=(u=(q=atob(E),C=0),[]);C<q.length;C++)V=q.charCodeAt(C),255<V&&(L[u++]=V&255,V>>=8),L[u++]=V;g(328,(this.D=(this.o=L,this.o).length<<3,this),[0,0,0])}catch(x){h(17,x,this);return}Lm(8001,this)}else if(r==b)A[1].push(Z(this,359).length,Z(this,171).length,Z(this,223),Z(this,50).length),g(156,this,A[2]),this.h[143]&&Bk(this,Z(this,143),8001);else{if(r==n){this.I=(S=(R=l(2,(u=A[2],(Z(this,171).length|0)+2)),this.I),this);try{v=Z(this,154),0<v.length&&Q(l(2,v.length).concat(v),171,this,10),Q(l(1,this.H),171,this,109),Q(l(1,this[n].length),171,this),q=0,q-=(Z(this,171).length|0)+5,F=Z(this,359),q+=Z(this,9)&2047,4<F.length&&(q-=(F.length|0)+3),0<q&&Q(l(2,q).concat(X(q)),171,this,15),4<F.length&&Q(l(2,F.length).concat(F),171,this,156)}finally{this.I=S}if(((L=X(2).concat(Z(this,171)),L[1]=L[0]^6,L)[3]=L[1]^R[0],L)[4]=L[1]^R[1],T=this.XG(L))T="!"+T;else for(q=0,T="";q<L.length;q++)O=L[q][this.O](16),1==O.length&&(O="0"+O),T+=O;return Z(this,(g(223,((C=T,Z(this,359)).length=u.shift(),Z(this,171).length=u.shift(),this),u.shift()),50)).length=u.shift(),C}if(r==sE)Bk(this,A[1],A[2]);else if(r==qv)return Bk(this,A[1],8001)}}finally{d=D}}}();var UE,z2=((f.prototype.UJ=(f.prototype[ur]=[0,0,1,1,0,1,1],0),f.prototype.eQ=0,f).prototype.XG=function(a,d,A,T){if(T=window.btoa){for(d=0,A="";d<a.length;d+=8192)A+=String.fromCharCode.apply(null,a.slice(d,d+8192));a=T(A).replace(/\\+/g,"-").replace(/\\//g,"_").replace(/=/g,"")}else a=void 0;return a},/./),Pk=m.pop.bind(f.prototype[b]),br=function(a,d){return(d=Nv())&&1===a.eval(d.createScript("1"))?function(A){return d.createScript(A)}:function(A){return""+A}}(((UE=km(f.prototype.v,(z2[f.prototype.O]=Pk,{get:Pk})),f).prototype.K0=void 0,H));(40<(G=H.botguard||(H.botguard={}),G.m)||(G.m=41,G.bg=Vi,G.a=T2),G).JBK_=function(a,d,A){return A=new f(a,d),[function(T){return wN(T,A)}]};}).call(this);'));
}).call(this);
                                    

#5 JavaScript::Eval (size: 22, repeated: 1) - SHA256: 2b178043315259c8c0c79d91143d9568ece94a693fae9da6cdfd15b371441570

                                        0,
function(v) {
    OE(1, v)
}
                                    

Executed Writes (3)

#1 JavaScript::Write (size: 184, repeated: 1) - SHA256: 9e1c99833a39f42fdcc131a611c618bdda2e0854ac5842b13d55747d0fb2b8ca

                                        <!-- Segment Pixel - BizzoCasino Homepage - DO NOT MODIFY --> <script src="https://secure.adnxs.com/seg?add=30624960&t=1" type="text/javascript"></script> <!-- End of Segment Pixel -->
                                    

#2 JavaScript::Write (size: 6238, repeated: 1) - SHA256: 066b35636b628adb23aafbe9289149a0839e997da96df1177847a57e020b7417

                                        < !DOCTYPE html >
    < html >
    < head >
    < link rel = "stylesheet"
href = "https://fonts.googleapis.com/css?family=Noto+Sans:400,700&subset=latin-ext&display=swap" > < /link> < style >
    * {
        font - family: 'Noto Sans', sans - serif;
        box - sizing: border - box; - webkit - font - smoothing: antialiased; - moz - osx - font - smoothing: grayscale; - webkit - tap - highlight - color: transparent;
    }
body {
    margin: 0;
} < /style> < style data - emotion = "css-global 1yzzujv" > .css - 1 yzzujv {
        max - width: 100 % ;
        position: absolute;
        bottom: 0;
        z - index: 2;
        display: -webkit - box;
        display: -webkit - flex;
        display: -ms - flexbox;
        display: flex; - webkit - align - items: flex - end; - webkit - box - align: flex - end; - ms - flex - align: flex - end;
        align - items: flex - end;
        will - change: width, height, transform, opacity; - webkit - backface - visibility: hidden;
        backface - visibility: hidden;
        padding: 0.5e m 0.5e m 1e m 1e m;
        right: 0; - webkit - box - pack: end; - ms - flex - pack: end; - webkit - justify - content: flex - end;
        justify - content: flex - end;
        --primary - color: #2000F0;--secondary-color:# FFFFFF;
        --tertiary - color: # E3E3E3;
    } < /style><style data-emotion="css-global 1aasxu6">.css-1aasxu6{display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;-webkit-flex-direction:column;-ms-flex-direction:column;flex-direction:column;min-width:0;--primary-color:#2000F0;--secondary-color:#FFFFFF;--tertiary-color:#E3E3E3;}</style > < style data - emotion = "css-global 1g9ek8d" > .css - 1 g9ek8d {
        display: -webkit - box;display: -webkit - flex;display: -ms - flexbox;display: flex;min - width: 0;--primary - color: #2000F0;--secondary-color:# FFFFFF;--tertiary - color: # E3E3E3;
    } < /style><style data-emotion="css-global 197w67f">.css-197w67f{display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;width:60px;height:60px;box-shadow:0 4px 12px rgba(0,0,0,0.3);border-radius:50%;background:#FFFFFF;-webkit-box-pack:center;-ms-flex-pack:center;-webkit-justify-content:center;justify-content:center;margin-left:auto;--primary-color:#2000F0;--secondary-color:#FFFFFF;--tertiary-color:#E3E3E3;position:relative;background:var(--primary-color);color:#FFFFFF;background-color:#16C935;}.css-197w67f:hover{cursor:pointer;}</style > < style data - emotion = "css-global 2jkngm" > .css - 2 jkngm {
        -webkit - appearance: none; - moz - appearance: none; - ms - appearance: none;
        appearance: none;
        background: transparent;
        border: 0;
        display: inline - block;
        margin: 0;
        padding: 0.5e m;
        color: inherit;
        cursor: pointer;
        --primary - color: #2000F0;--secondary-color:# FFFFFF;
        --tertiary - color: # E3E3E3;
        padding: 0.5e m;
        padding: 0;
        display: -webkit - box;
        display: -webkit - flex;
        display: -ms - flexbox;
        display: flex; - webkit - box - pack: center; - ms - flex - pack: center; - webkit - justify - content: center;
        justify - content: center; - webkit - align - items: center; - webkit - box - align: center; - ms - flex - align: center;
        align - items: center;
        border - radius: 6 px;
        --primary - color: #2000F0;--secondary-color:# FFFFFF;
        --tertiary - color: # E3E3E3;
        padding: 0;
        width: 100 % ;
        display: -webkit - box;
        display: -webkit - flex;
        display: -ms - flexbox;
        display: flex; - webkit - box - pack: center; - ms - flex - pack: center; - webkit - justify - content: center;
        justify - content: center; - webkit - align - items: center; - webkit - box - align: center; - ms - flex - align: center;
        align - items: center;
    }.css - 2 jkngm: disabled {
        cursor: not - allowed;
    } < /style><style data-emotion="css-global eiheq7">.css-eiheq7{position:relative;display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;width:32px;height:32px;-webkit-align-items:center;-webkit-box-align:center;-ms-flex-align:center;align-items:center;-webkit-box-pack:center;-ms-flex-pack:center;-webkit-justify-content:center;justify-content:center;--primary-color:#2000F0;--secondary-color:#FFFFFF;--tertiary-color:#E3E3E3;}</style > < style data - emotion = "css-global 1mpchac" > .css - 1 mpchac {
        display: inline - block; - webkit - flex - shrink: 0; - ms - flex - negative: 0;flex - shrink: 0;width: 1e m;height: 1e m;font - size: 2 rem; - webkit - user - select: none; - moz - user - select: none; - ms - user - select: none;user - select: none;fill: currentColor;
    } < /style><style data-emotion="css-global 1adcsh3">.css-1adcsh3{opacity:1;-webkit-transform:scale(1);-moz-transform:scale(1);-ms-transform:scale(1);transform:scale(1);transform-origin:50% 50%;-webkit-transition:200ms cubic-bezier(0.18, 0.89, 0.32, 1.28) 50ms;transition:200ms cubic-bezier(0.18, 0.89, 0.32, 1.28) 50ms;--primary-color:#2000F0;--secondary-color:#FFFFFF;--tertiary-color:#E3E3E3;}</style > < style data - emotion = "css-global 1o92iqh" > .css - 1 o92iqh {
        position: absolute;z - index: 1;left: 0;right: 0;bottom: 1 px; - webkit - transition: opacity 150 ms cubic - bezier(0.33, 0, 0.67, 1) 50 ms;transition: opacity 150 ms cubic - bezier(0.33, 0, 0.67, 1) 50 ms;display: -webkit - box;display: -webkit - flex;display: -ms - flexbox;display: flex;width: 32 px;height: 32 px; - webkit - align - items: center; - webkit - box - align: center; - ms - flex - align: center;align - items: center; - webkit - box - pack: center; - ms - flex - pack: center; - webkit - justify - content: center;justify - content: center;opacity: 0;--primary - color: #2000F0;--secondary-color:# FFFFFF;--tertiary - color: # E3E3E3;
    } < /style><style data-emotion="css "></style >
    < /head> < body > < div dir = "ltr"
role = "main"
data - lc - id = "0"
data - lc - event = "mouseover:3kl6ukqpb0d;focus:y3dltvog2ob;blur:a4v3mu67jxr"
class = "css-1yzzujv eqd5v0k0" > < div class = "css-1aasxu6 ek650k30" > < div class = "css-1g9ek8d e108e6fy0" > < /div><div class="css-1g9ek8d e108e6fy0"><div data-lc-id="1" data-lc-event="click:po6uo3mhesf;mouseleave:xer18hmqzi;mouseenter:bvl08nagysd;focus:5nqwjs2wq43;blur:vcgazogk36g" class="css-197w67f e1ybl9g10"><button aria-label="Open LiveChat chat widget" data-lc-id="2" data-lc-event="click:c8sv4y0rdng;focus:yxeij4j3msi;blur:j48wrjdib5" class="e1mwfyk10 css-2jkngm e1m5b1js0" type="button"><div aria-hidden="true" class="css-eiheq7 e1dmt1bi1"><svg color="inherit" viewBox="0 0 32 32" class="css-1mpchac"><path fill="#3B326F" d="M12.63,26.46H8.83a6.61,6.61,0,0,1-6.65-6.07,89.05,89.05,0,0,1,0-11.2A6.5,6.5,0,0,1,8.23,3.25a121.62,121.62,0,0,1,15.51,0A6.51,6.51,0,0,1,29.8,9.19a77.53,77.53,0,0,1,0,11.2,6.61,6.61,0,0,1-6.66,6.07H19.48L12.63,31V26.46"></path > < path fill = "#16C935"
d = "M19.57,21.68h3.67a2.08,2.08,0,0,0,2.11-1.81,89.86,89.86,0,0,0,0-10.38,1.9,1.9,0,0,0-1.84-1.74,113.15,113.15,0,0,0-15,0A1.9,1.9,0,0,0,6.71,9.49a74.92,74.92,0,0,0-.06,10.38,2,2,0,0,0,2.1,1.81h3.81V26.5Z"
class = "css-1adcsh3 e1nep2br0" > < /path></svg > < div class = "css-1o92iqh e1dmt1bi0" > < /div></div > < /button></div > < /div></div > < /div></body >
    < /html>
                                    

#3 JavaScript::Write (size: 190, repeated: 1) - SHA256: 743f6492a5beb847167322304f93922a25b48b4fda556b6039418e53930e9df1

                                        <!-- AppNexus Sync pixel START--><img src="https://secure.adnxs.com/getuidnb?https%3A//zz.connextra.com/sync/data/uid/3bc1d7fd2e/%24UID" width="1" height="1"/><!--AppNexus Sync pixel: END-->
                                    


HTTP Transactions (311)


Request Response
                                        
                                            GET /casino/slots HTTP/1.1 
Host: bizzoreg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         172.67.68.203
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Date: Tue, 06 Sep 2022 12:06:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://bizzoreg.com/casino/slots
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=28jBd5kV3CFOOd9lNxds%2BrVZcRLB2yu0OmIfErfRhUU0g6WsMobtobM59Oq%2FvApdof%2FcyeBvrnxeX0yTScDT1TvZfK1fnO2YtLUTDzerfYd%2BoyXfiaSG8VnkhbUDfg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7467144598dfb524-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   178
Md5:    bd2695f4b079c71dbddde3436286fb9c
Sha1:   733c05da132193d6cf1d8e242d12e2525c03bab4
Sha256: 2e04a18ff185ba5b16f762a0538339bc4049aceaef9738edd43af77d2ceb788b
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.27
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 06 Sep 2022 11:32:26 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 9iKXus2xCRq1X-m_dIrG8UTb6X1deSnDrGZDArXu1swwYNODU9ZI-w==
Age: 2046


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    91dd975a7b17b2922dd23c0e49314e40
Sha1:   57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
Sha256: 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F610984FB0A75B3A31424FAA860CBC8172C7F21804DF1DC14FBB685B7C456F29"
Last-Modified: Sat, 03 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2178
Expires: Tue, 06 Sep 2022 12:42:50 GMT
Date: Tue, 06 Sep 2022 12:06:32 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.49
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 06 Sep 2022 01:15:18 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 9VLn-THiMTJO6ybljCslnKG6S5F18b-rIxeQKFTDLEiPTwUnTRMSDA==
age: 39075
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    742edb4038f38bc533514982f3d2e861
Sha1:   cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
Sha256: b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 06 Sep 2022 12:06:32 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.27
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 06 Sep 2022 11:38:18 GMT
Cache-Control: max-age=3600
Expires: Tue, 06 Sep 2022 12:38:18 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: E0_Bt_9Vw1PUPg5lfLihr9-62qmdmnW4zmpAcCgvpm1iTxwH3P-Gtw==
Age: 1695


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6595
Cache-Control: max-age=165006
Date: Tue, 06 Sep 2022 12:06:33 GMT
Etag: "6316ff94-1d7"
Expires: Thu, 08 Sep 2022 09:56:39 GMT
Last-Modified: Tue, 06 Sep 2022 08:06:44 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 2xX2G0cCjgUZRJcxKNpzNg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         35.163.196.193
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: R/3P0phaqfrBnlECzuPc5GS7oJg=

                                        
                                            GET /assets/loader.gif HTTP/1.1 
Host: bizzocasino.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/casino/slots
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.68.182
HTTP/2 200 OK
content-type: image/gif
                                        
date: Tue, 06 Sep 2022 12:06:33 GMT
content-length: 226410
last-modified: Thu, 01 Sep 2022 07:41:48 GMT
etag: "6310623c-3746a"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1797
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FF30zS6Hnkq0Hng4d6pwYapryW0%2BD8suRbK69wUn7LNMEl%2B2pxeClrfiU4iH3dSQxTQDPPUu9zImZ9JPgFyZUkOz4THWaZ%2BrN2VMVtXBynaRpj2HTuAk160f5W%2FUu%2Bb72A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7467144db853b512-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 300 x 300\012- data
Size:   226410
Md5:    53684e7cd922afc2ada4d7a223ca2cf1
Sha1:   69bfbb4a548cd152977cd6d004863e4d4c9e7272
Sha256: 4aa82add5b485c28e85dcc9162fa5d279fdcb306e9c417667f842d0edc345f1b
                                        
                                            GET /app/styles.2ac83e5d2a7e6951.css HTTP/1.1 
Host: bizzocasino.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/casino/slots
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.68.182
HTTP/2 200 OK
content-type: text/css
                                        
date: Tue, 06 Sep 2022 12:06:33 GMT
last-modified: Thu, 01 Sep 2022 07:41:47 GMT
vary: Accept-Encoding
etag: W/"6310623b-3a036"
cache-control: max-age=14400
cf-cache-status: HIT
age: 610
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yvYVx1J3RJMPm1eccIU8MfHhzGamW4vB1UUrfCxOmEyIl2toeeX%2BHlkO3MSCX1AA64hBcQehsS2U8LVgqBiibed1xHv4Jutu1pRVnwc3DnvUwxZ1%2FVcDDxBMsdo5CbUoeg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7467144da84bb512-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   42609
Md5:    f1e9103aeaac4071c978a27e22cadf89
Sha1:   6c05fc3cf9f22b89ef0272f216739c1f6ad8ff32
Sha256: f1fe88abede2d9527ff8cc60a5a7f7ef0674def73361522da053b578339f7d66
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Sep 2022 12:06:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         143.204.42.156
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 06 Sep 2022 12:06:33 GMT
Last-Modified: Tue, 06 Sep 2022 11:16:57 GMT
Server: ECS (dcb/7F14)
X-Cache: Miss from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: wbnJ3GdVVb9yvhnWQfan1n0Dx1mL3hRXOsp8Kt91Qc6W8zbEaTATNw==
Age: 2976

                                        
                                            GET /sealassets/c8095e80f04a33bd8927512e5905df4c-bizzocasino.com-f5faf6d82a7be2057527120fa49724355adf2a8c973918d432fa7b70160234e717ac6b01358f27fc0aff52358b79fb11-c3BhY2VyLXNwcml0ZS5wbmc%3D HTTP/1.1 
Host: c4457c89-e5ba-4d22-92e5-c2959310ee85.snippet.antillephone.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.111.60
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 95
date: Tue, 06 Sep 2022 12:04:02 GMT
x-powered-by: Express
cache-control: max-age=1200
etag: W/"5f-NEKpX+iQzkdps2suzGEbgBpUz7U"
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7467109e7db39208-FRA
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: vknRcx9HumFJ8Sw_eMybfc8W1WNJrW_ljtHVARpIPkqN3nJVutiDww==
age: 152
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Size:   95
Md5:    9591c410148e6883727c5339fd1c02cd
Sha1:   3442a95fe890ce4769b36b2ecc611b801a54cfb5
Sha256: cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /sealassets/c8095e80f04a33bd8927512e5905df4c-bizzocasino.com-f5faf6d82a7be2057527120fa49724355adf2a8c973918d432fa7b70160234e717ac6b01358f27fc0aff52358b79fb11-c3ByaXRlLXNlYWwucG5n?status=valid HTTP/1.1 
Host: c4457c89-e5ba-4d22-92e5-c2959310ee85.snippet.antillephone.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.111.60
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 49397
date: Tue, 06 Sep 2022 12:04:02 GMT
x-powered-by: Express
cache-control: max-age=1200
etag: W/"c0f5-y5nfd/SGXZwvKHU5pcpHTPdvfQk"
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7467109e1e7d9bfa-FRA
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: esmvAvbVRaCfXHqaZZf810ueDD9y024GuYOxQFMZkr2VLRLSdTpoNw==
age: 152
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 512 x 256, 8-bit/color RGBA, non-interlaced\012- data
Size:   49397
Md5:    8ef6782be55b8ce8f5b132d28af8e0d0
Sha1:   cb99df77f4865d9c2f287539a5ca474cf76f7d09
Sha256: d614922fde9604f8899e47f3cc3d69bf952312b996f7cf1421163996710850fa
                                        
                                            GET /dist/tag-manager.js?id=STM-AAAALW HTTP/1.1 
Host: tm.ads.sportradar.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: application/javascript
                                        
apigw-requestid: YCRqDj6WjoEEPuQ=
vary: Accept-Encoding
content-encoding: gzip
content-length: 37167
date: Tue, 06 Sep 2022 12:06:34 GMT
cache-control: max-age=900, public
x-n: S
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (62063)
Size:   37167
Md5:    bd4292ddbc63f9243a33edcc270bb481
Sha1:   17614ee4c63d3d263411789464323b3a83827ef1
Sha256: 2976e049043d50dc0014df9e9856efb89b57d30e71ef4a600175e917e713f88d
                                        
                                            GET /css?family=Roboto:400,500,700,300,900&display=swap&subset=cyrillic HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 06 Sep 2022 12:06:33 GMT
date: Tue, 06 Sep 2022 12:06:33 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1221
Md5:    3bf3bcc493e1a7ee1639b6e93da51c8a
Sha1:   32e352afa421ccaa136a9d0bd067c08e47143696
Sha256: de6ed6ebea637fdef37d8dff2d301ca48ffc8bdb16858565c8881bc15527e5a8
                                        
                                            GET /7693683943e78a298c36d469e68b47d8/widgetloader HTTP/1.1 
Host: ws-cdn001.akamaized.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.77.8
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
content-security-policy: frame-ancestors 'self' https://st-cdn001.akamaized.net https://ls-cdn001.akamaized.net
cache-control: public, max-age=120, stale-while-revalidate=60, immutable
etag: "cc079b27caa06e641f6f57ee730579a5-60f16dbed18f5ba209713c26dcd7c435"
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
x-ing-v: 2
content-length: 58923
date: Tue, 06 Sep 2022 12:06:34 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (40386)
Size:   58923
Md5:    e5212026fd08670d1d67b32b9ab01c45
Sha1:   5ebb2f71bc13ebe1e980fb1494c1913a6d528f9d
Sha256: 6e9dd43c0e6bfb4e8f14b31083a749da22a9e6ca20f4d57cf179e0c254aa4f6a
                                        
                                            GET /gtm.js?id=GTM-5W7F767 HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.72
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 06 Sep 2022 12:06:34 GMT
expires: Tue, 06 Sep 2022 12:06:34 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 51174
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (15296)
Size:   51174
Md5:    d7bf21767a9800f8b1606cbc4aab065c
Sha1:   f50cabe2cee5765475432793242c4498d2837f61
Sha256: 72cdd234bf2937b291ada706cef3303c376f5b0e6e82bd994a4cf404291b6bdf
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Sep 2022 12:06:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bizzocasino.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 19:32:09 GMT
expires: Thu, 31 Aug 2023 19:32:09 GMT
cache-control: public, max-age=31536000
age: 491665
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Size:   7884
Md5:    9212f6f9860f9fc6c69b02fedf6db8c3
Sha1:   ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
Sha256: 7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Sep 2022 12:06:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /dist/tracker.js HTTP/1.1 
Host: tracker.ads.sportradar.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Wed, 20 Jan 2021 14:51:32 GMT
accept-ranges: bytes
server: AmazonS3
etag: "5ff82a1c468a89919e9437d33e0402cb"
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: Mv-8IIBmcp0vFVq9YXTT57-4Gu93F_tfPtH40iL3OhfxGj6YljmI4g==
vary: Accept-Encoding
content-encoding: gzip
content-length: 11553
date: Tue, 06 Sep 2022 12:06:34 GMT
cache-control: max-age=900, public
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (34755)
Size:   11553
Md5:    b34b13d85152f71b7fd15289c78c0583
Sha1:   0bb20191b022bbd0e75f2bbce7f6332886079c2c
Sha256: 7a3fc57394ecc6745eb6e18745aa1e5e5d05cb2237c4d0d754ab43d33863a84c
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Sep 2022 12:06:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   2188
Md5:    58c4a973dc0b34e9d72d7f2968aabfe5
Sha1:   c571a7f4c6d4ded34867536f87b6dfcb70f7c61a
Sha256: 339736b236971c777832764ff8ab34aa3eeb86f7a22ed27a5ad518577744a0d4
                                        
                                            GET /dist//sp-2.14.0.js HTTP/1.1 
Host: tracker.ads.sportradar.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Wed, 20 Jan 2021 14:51:32 GMT
accept-ranges: bytes
server: AmazonS3
etag: "8dba669b94e3865c9205ef8fd15ee4d1"
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: 6MAdKqhhdwmf90BjAZCPWoRdIY0PXmNu5YyIRIUIEiZBK48TayCg9w==
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 06 Sep 2022 12:06:34 GMT
content-length: 30370
cache-control: max-age=900, public
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (64903)
Size:   30370
Md5:    44f237857b8d03f32b53fe551e83c95a
Sha1:   91536fe6c60d947d29dfcb5f04d09b752b5ccf03
Sha256: a5e10dc2f3c729300afe8fe24aa430f57d91fdefa8112c0b35dd424ba612caa7
                                        
                                            GET /tag.php?goal=690f08e992705cf61f1bdfe9b5790416 HTTP/1.1 
Host: main.realsrv.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         95.211.229.246
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Tue, 06 Sep 2022 12:06:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: goals=a%3A1%3A%7Bi%3A95968%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-09-06%22%3B%7D%7D; expires=Wed, 06 Sep 2023 12:06:34 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
Content-Encoding: gzip


--- Additional Info ---
Magic:  data
Size:   69255
Md5:    5cd163a53c30580ab5990222644114ac
Sha1:   7dd12d633a14bc603c66cf42bb2c88e26b8327a2
Sha256: a5b48202d4ce0298b60550693d52b5132f402842549ee4514b40d650c94b177e
                                        
                                            GET /tag.php?goal=690f08e992705cf61f1bdfe9b5790416 HTTP/1.1 
Host: main.exdynsrv.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         95.211.229.246
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Tue, 06 Sep 2022 12:06:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: goals=a%3A1%3A%7Bi%3A95968%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-09-06%22%3B%7D%7D; expires=Wed, 06 Sep 2023 12:06:34 GMT; path=/; domain=.exdynsrv.com; Secure; SameSite=none
Content-Encoding: gzip

                                        
                                            GET /app/main.50fcf697708e7845.css HTTP/1.1 
Host: bizzocasino.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/casino/slots
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.68.182
HTTP/2 200 OK
content-type: text/css
                                        
date: Tue, 06 Sep 2022 12:06:33 GMT
last-modified: Thu, 01 Sep 2022 07:41:42 GMT
vary: Accept-Encoding
etag: W/"63106236-31a9"
cache-control: max-age=14400
cf-cache-status: HIT
age: 610
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3y9TrGbN3wX9EQDS1pmXkifR1%2F38k%2Fm9oiVa2RRrORHIGfBXMR343ZTvCgFtYATLVfh6kseoWdvsPSmxaSTTlz%2BN0xMl3%2BCX0IqlDUNJKxCwUCsdhOcQiW%2B9b3aKa4J%2B9w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7467144da848b512-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (12713), with no line terminators
Size:   19152
Md5:    968aa633ad48e0a7669d730114b3958e
Sha1:   337d5bb9a5bbfd3ae51359db12be5d2f32e0c1d7
Sha256: cb2243da4c8050d9d5fe823f97590371fc0e26e341faea853cc8d3ddadab5b9a
                                        
                                            GET /api/v1/retargeting/set/a77cc63a-6181-4fc8-be35-59425b45b474 HTTP/1.1 
Host: tsyndicate.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         78.46.40.103
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
                                        
server: nginx
date: Tue, 06 Sep 2022 12:06:34 GMT
content-length: 35
pragma: no-cache
expires: 0
vary: *
x-api-version: 1
x-request-id: 6984455abd3967d5
set-cookie: ts_rt_a77cc63a-6181-4fc8-be35-59425b45b474=AAMC; expires=Wed, 06 Sep 2023 12:06:34 GMT; path=/; HttpOnly; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   35
Md5:    c2196de8ba412c60c22ab491af7b1409
Sha1:   5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
Sha256: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "29E460217878AECC9FD7BA2A1EE8EA425CD133B443A3D953BF5A7013CA970134"
Last-Modified: Sat, 03 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10807
Expires: Tue, 06 Sep 2022 15:06:41 GMT
Date: Tue, 06 Sep 2022 12:06:34 GMT
Connection: keep-alive

                                        
                                            GET /tag.js?id=DV-4182611165 HTTP/1.1 
Host: tag.growthbuddy.app
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         52.49.49.188
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Tue, 06 Sep 2022 12:06:34 GMT
set-cookie: INGRESSCOOKIE=1662465995.619.54.85883|5f2e1b57d78510d04b0cf9036879032b; Path=/; Secure; HttpOnly
vary: Accept-Encoding
cache-control: public, max-age=7200
x-content-type-options: nosniff
etag: "1378-o315UJ4EOqJDXqC2xDzBS1NJlus"
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (4956)
Size:   1957
Md5:    e57ef5f735e9345ed8caad892fc67793
Sha1:   774e4efa4fa09505e2e824103288a8af2c4b27a0
Sha256: 0a310323f324b21973507406cf1a3cdbdb02bd93fd68b0e4a142402127779e66
                                        
                                            GET /app/runtime.14f323a6738447c8.esm.js HTTP/1.1 
Host: bizzocasino.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/casino/slots
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.68.182
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 06 Sep 2022 12:06:34 GMT
last-modified: Thu, 01 Sep 2022 07:41:46 GMT
vary: Accept-Encoding
etag: W/"6310623a-db6"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aE3pN%2FD%2FhUBkiWlT%2FR%2BO49w7DKO6KFlOao6v5IsnotuduJzpXzLkAqn7yxWQ6KGUrMBCq0NejroKD09Dwzx406VVuUa3V0rPw7kohzxF9JdneB8XTtueldO%2BcUM%2Bs7dsog%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 746714515d22b512-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3510), with no line terminators
Size:   3565
Md5:    a401501291b9a1a59824bb5175afa9fe
Sha1:   ebbf511ed15c3f67eeed0132a2c66eee9b1b6664
Sha256: a1f3ffbf814d8bac0bed13a44a622e50593c01895b32decae9f47ba996205ee6
                                        
                                            POST / HTTP/1.1 
Host: ocsp.entrust.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.110.10.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
ETag: "919DF1F99FFD389AAEBB9DEC258C39F43F5E483DE392B27935C4D7E22F0697B5"
Last-Modified: Tue, 06 Sep 2022 10:00:00 UTC
Content-Length: 1586
Cache-Control: public, no-transform, must-revalidate, max-age=3043
Expires: Tue, 06 Sep 2022 12:57:17 GMT
Date: Tue, 06 Sep 2022 12:06:34 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1586
Md5:    ab47d879ff6ebccef024865550d5fa97
Sha1:   38f7437845310847da9a65a0293c14bc958ff30d
Sha256: 919df1f99ffd389aaebb9dec258c39f43f5e483de392b27935c4d7e22f0697b5
                                        
                                            GET /pixel?type=js&aid=1312&id=3945 HTTP/1.1 
Host: a.sportradarserving.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         35.156.185.100
HTTP/1.1 302 Moved Temporarily
                                        
Cache-Control: no-cache, no-store, must-revalidate
Date: Tue, 06 Sep 2022 12:06:34 GMT
Location: https://a.sportradarserving.com/ul_cb/pixel?type=js&aid=1312&id=3945
Set-Cookie: zuuid=a14d637d-86b3-4199-9472-18d534d3b911; path=/; expires=Wed, 06-Sep-2023 12:06:34 GMT; domain=sportradarserving.com; samesite=none; secure c=1662465994; path=/; expires=Wed, 06-Sep-2023 12:06:34 GMT; domain=sportradarserving.com; samesite=none; secure zuuid_lu=1662465994; path=/; expires=Wed, 06-Sep-2023 12:06:34 GMT; domain=sportradarserving.com; samesite=none; secure
Content-Length: 0
Connection: keep-alive

                                        
                                            GET /sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId= HTTP/1.1 
Host: a.sportradarserving.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         35.156.185.100
HTTP/1.1 302 Moved Temporarily
                                        
Cache-Control: no-cache, no-store, must-revalidate
Date: Tue, 06 Sep 2022 12:06:34 GMT
Location: https://a.sportradarserving.com/ul_cb/sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId=
Set-Cookie: zuuid=e6a0effc-a93c-428c-8864-4386263bc1a7; path=/; expires=Wed, 06-Sep-2023 12:06:34 GMT; domain=sportradarserving.com; samesite=none; secure c=1662465994; path=/; expires=Wed, 06-Sep-2023 12:06:34 GMT; domain=sportradarserving.com; samesite=none; secure zuuid_lu=1662465994; path=/; expires=Wed, 06-Sep-2023 12:06:34 GMT; domain=sportradarserving.com; samesite=none; secure
Content-Length: 0
Connection: keep-alive

                                        
                                            GET /ul_cb/sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId= HTTP/1.1 
Host: a.sportradarserving.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bizzocasino.com/
Connection: keep-alive
Cookie: zuuid=e6a0effc-a93c-428c-8864-4386263bc1a7; c=1662465994; zuuid_lu=1662465994
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         35.156.185.100
HTTP/1.1 302 Moved Temporarily
                                        
Cache-Control: no-cache, no-store, must-revalidate
Date: Tue, 06 Sep 2022 12:06:34 GMT
Location: https://x.bidswitch.net/syncd?dsp_id=409&user_group=1&user_id=e6a0effc-a93c-428c-8864-4386263bc1a7&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3De6a0effc-a93c-428c-8864-4386263bc1a7
Set-Cookie: zuuid=e6a0effc-a93c-428c-8864-4386263bc1a7; path=/; expires=Wed, 06-Sep-2023 12:06:34 GMT; domain=sportradarserving.com; samesite=none; secure zuuid_lu=1662465994; path=/; expires=Wed, 06-Sep-2023 12:06:34 GMT; domain=sportradarserving.com; samesite=none; secure zuuid_k=1; path=/; expires=Wed, 06-Sep-2023 12:06:34 GMT; domain=sportradarserving.com; samesite=none; secure zuuid_k_lu=1662465994; path=/; expires=Wed, 06-Sep-2023 12:06:34 GMT; domain=sportradarserving.com; samesite=none; secure
Content-Length: 0
Connection: keep-alive

                                        
                                            GET /ul_cb/pixel?type=js&aid=1312&id=3945 HTTP/1.1 
Host: a.sportradarserving.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bizzocasino.com/
Connection: keep-alive
Cookie: zuuid=e6a0effc-a93c-428c-8864-4386263bc1a7; c=1662465994; zuuid_lu=1662465994
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         35.156.185.100
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
Cache-Control: no-cache, no-store, must-revalidate
Date: Tue, 06 Sep 2022 12:06:34 GMT
Set-Cookie: zuuid=e6a0effc-a93c-428c-8864-4386263bc1a7; path=/; expires=Wed, 06-Sep-2023 12:06:34 GMT; domain=sportradarserving.com; samesite=none; secure zuuid_lu=1662465994; path=/; expires=Wed, 06-Sep-2023 12:06:34 GMT; domain=sportradarserving.com; samesite=none; secure zuuid_k=1; path=/; expires=Wed, 06-Sep-2023 12:06:34 GMT; domain=sportradarserving.com; samesite=none; secure zuuid_k_lu=1662465994; path=/; expires=Wed, 06-Sep-2023 12:06:34 GMT; domain=sportradarserving.com; samesite=none; secure bss=!bidswitch,431723194; path=/; expires=Wed, 06-Sep-2023 12:06:34 GMT; domain=sportradarserving.com; samesite=none; secure cm2=!bidswitch,431795194; path=/; expires=Wed, 06-Sep-2023 12:06:34 GMT; domain=sportradarserving.com; samesite=none; secure
Content-Length: 2325
Connection: keep-alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (2325), with no line terminators
Size:   2325
Md5:    5f1ca30b5e59a673c0940963262ac1fb
Sha1:   96f5a947117d6f3e4b6ab42b62ef7eae5bbf090f
Sha256: bda78d3f5637bef2f988815fb6581fc649953cc0fa46b1b76abd6819b3ecf103
                                        
                                            GET /app/polyfills.beb1d8c966475571.esm.js HTTP/1.1 
Host: bizzocasino.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/casino/slots
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.68.182
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 06 Sep 2022 12:06:34 GMT
last-modified: Thu, 01 Sep 2022 07:41:50 GMT
vary: Accept-Encoding
etag: W/"6310623e-2d660"
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FMASmUouEaNf7IsKSqn3g%2FgFIQHD8AKLbJnA%2BtuXtfiGCZf4lpF%2FvJt398t47T8n637tlYi5Jm6RhdvQDqv0ikIKfNYMotcgc5s3U84n7OkHi%2BBpyOuzwPkg3BZQ4YxauQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 746714515d21b512-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   63351
Md5:    dff36927f5340d43c7a04dbd549eae2a
Sha1:   77b2e3d7cf1814fc551ced2592f0703b034c5469
Sha256: 2b496179f56450bbae8a9fd76b83c2c48ddfadc753dd07b5d472f5326dabea5d
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6215
Expires: Tue, 06 Sep 2022 13:50:09 GMT
Date: Tue, 06 Sep 2022 12:06:34 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6215
Expires: Tue, 06 Sep 2022 13:50:09 GMT
Date: Tue, 06 Sep 2022 12:06:34 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6214
Expires: Tue, 06 Sep 2022 13:50:09 GMT
Date: Tue, 06 Sep 2022 12:06:35 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6214
Expires: Tue, 06 Sep 2022 13:50:09 GMT
Date: Tue, 06 Sep 2022 12:06:35 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F326e03cd-e1aa-45a4-8a6b-bdd21f21012c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5377
x-amzn-requestid: 2adc68e8-1889-4233-8ac4-e2a8d44ccbdd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X_4XzF1FoAMF3AA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63163a98-5918897d7de556f75bbfab34;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 18:06:16 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: DpNb6dBygeDbRbFWIkeXYVddcgxlSVuq4y73JvG315Xp-wkwiDhZyQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 18:09:25 GMT
age: 64630
etag: "b5a7380f294876dd308c7fde294f36a425c1be01"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5377
Md5:    c4b2d6a516e93799b54fe2bbd6630f86
Sha1:   b5a7380f294876dd308c7fde294f36a425c1be01
Sha256: 7463878d8967ff31d7ce20d5a4408c23ad59123032a990c21a47df0881edcb86
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F228f042c-3a57-45c7-84c2-4aaaa1dd2f07.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10694
x-amzn-requestid: c3d2f71c-927d-41f6-93ab-bf041374a9f1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAWsgHQOIAMFvSA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166b1c-5d2efd595cdf300972f4fb79;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:33:16 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: eikhT8BkN5e163S6QriQybdyPNTKDTf3BCsHifNwfBJfrWv7LqgL8Q==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 22:02:23 GMT
etag: "1c16eb50bc2490b4ebff6775ef611fdcb282f9f9"
age: 50652
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10694
Md5:    19b452d6541a6028e7d3f90529477077
Sha1:   1c16eb50bc2490b4ebff6775ef611fdcb282f9f9
Sha256: f4763a0f464067991c2c484c384df4fe791d7df6e3d6ad15650a954db537249f
                                        
                                            POST /s/gts1d4/Bz2q3fRhivk HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Sep 2022 12:06:35 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ad09c5e-a115-4ff7-9742-809e93046365.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4426
x-amzn-requestid: b5b68557-e46d-41cd-9b11-d996aabc0de7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzfYTHHFIAMFjFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631145ce-1d3504367cf6ef724a345564;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 23:52:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: bSBSzzRMdrVdoV3Ld8hYWq2AwO7Mswcwa8Tk_AKa44j1SlrFugNqpg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 21:48:06 GMT
age: 51509
etag: "fc766bca874a352a4acb569577d4cf6527f4f074"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4426
Md5:    c81f3df885bdee8cac46ea9495e6b63b
Sha1:   fc766bca874a352a4acb569577d4cf6527f4f074
Sha256: e21473f88c613ca33ba6bbe1e0cab338274a06744cdcb088f14873c972445b36
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa58df54c-7833-44ce-9519-a44b50319614.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5775
x-amzn-requestid: dc0a6d9c-5aec-44a3-be54-69cec17f9de1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAYfxE0noAMFz0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166dfe-6c8ec4b03fc761d81c988132;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:45:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: z3WamVQsZqAoYnfPZ0rgyYXGzs1jsv56D1oF4Wzva-H-T8a-xPU8mg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 22:00:00 GMT
age: 50795
etag: "3aea6a5aaf5ccda356d7e0941b33a7c2e2b13e80"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5775
Md5:    1a87857b93f99eab3118aae97a1c9d22
Sha1:   3aea6a5aaf5ccda356d7e0941b33a7c2e2b13e80
Sha256: 97ce11c0e0efe83d6568f173f9235160157c52b4ab4299823d508c072f113ddc
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106059e1-95ed-4ffb-b6d2-7b4f160333ed.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12683
x-amzn-requestid: 6127e5b6-72f6-40df-b400-41a1f147f6da
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xz8XmEe0IAMFQDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63117430-2b27a2683d2d320172cef32e;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 03:10:40 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Mj_IT5g7hGu2AunKK7mvierv5BQ8cAxhnbGaUNsL6hRNu6MRAzIBDw==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 04:36:52 GMT
age: 26983
etag: "720d3624a76d060b8e2699e9aa7a320e3efd4878"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   12683
Md5:    ec466c0d472e43c11d36bf6fce068205
Sha1:   720d3624a76d060b8e2699e9aa7a320e3efd4878
Sha256: 5553fc24713aae808f5ab81671551b0ae719435f3ced9f25df97d8edf6bfe86f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1756524-f0d1-4149-aa44-603b827f87d4.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6656
x-amzn-requestid: 2703eaf4-1a5a-41a6-859b-47255865efb0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAX-3F2ZIAMFpLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166d2b-6df026de5a9230ed429d08c1;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:42:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: FIIvB2jeQ_PBDzi8XRN0jnNxze3OwDbz8TBaIcadRvmQd2EFhCwX7Q==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 21:45:42 GMT
age: 51653
etag: "5fc951e5236edd282d4975853ca35dab2e55fb17"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6656
Md5:    983e705542fa78b4d5c876e0c1eada7e
Sha1:   5fc951e5236edd282d4975853ca35dab2e55fb17
Sha256: fa6e478fc213f6cb6c9f33c96c51105262c857bfe313b3d310755be30b1feeb3
                                        
                                            GET /public/sg.js HTTP/1.1 
Host: casino.cur.a8r.games
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.64.145.200
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
                                        
date: Tue, 06 Sep 2022 12:06:33 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Tue, 06 Sep 2022 11:27:11 GMT
cf-cache-status: HIT
age: 409
expires: Tue, 06 Sep 2022 16:06:33 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 7467144e1dd41c0e-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   2713
Md5:    7fcf9e3605669c2964523bf9c4164a19
Sha1:   7764601878ced42dc587a179b043c0d813686f49
Sha256: 4f7178aba3f0a9218fe7096cecb50fa7c1fcaca725a4a81c95c7659c17f3ec83
                                        
                                            POST /s/gts1d4/mhuqZ1vnJhs HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Sep 2022 12:06:35 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /1.1/web/usersyncs?b=8461718b-151b-486e-8ea2-a9b349f07f98&u=e6a0effc-a93c-428c-8864-4386263bc1a7 HTTP/1.1 
Host: api.feedad.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         216.239.34.21
HTTP/2 200 OK
content-type: image/gif
                                        
set-cookie: fa_8461718b-151b-486e-8ea2-a9b349f07f98_u=e6a0effc-a93c-428c-8864-4386263bc1a7; Domain=.feedad.com; Path=/; Max-Age=2592000; HttpOnly; SameSite=None; Secure
x-cloud-trace-context: 5faaebd13fe900957bd2ec451c55a242
date: Tue, 06 Sep 2022 12:06:35 GMT
server: Google Frontend
content-length: 42
expires: Tue, 06 Sep 2022 12:06:35 GMT
cache-control: private
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            GET /1/usersyncs?b=8461718b-151b-486e-8ea2-a9b349f07f98&u=e6a0effc-a93c-428c-8864-4386263bc1a7 HTTP/1.1 
Host: tags.feedad.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         216.239.32.21
HTTP/2 200 OK
content-type: image/gif
                                        
set-cookie: fa_8461718b-151b-486e-8ea2-a9b349f07f98_u=e6a0effc-a93c-428c-8864-4386263bc1a7; Domain=.feedad.com; Path=/; Max-Age=2592000; HttpOnly; SameSite=None; Secure
x-cloud-trace-context: b320c0098200951c63f83aa5abf7b62b
date: Tue, 06 Sep 2022 12:06:35 GMT
server: Google Frontend
content-length: 42
expires: Tue, 06 Sep 2022 12:06:35 GMT
cache-control: private
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            GET /assets/favicon.png HTTP/1.1 
Host: bizzocasino.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/casino/slots
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.68.182
HTTP/2 200 OK
content-type: image/png
                                        
date: Tue, 06 Sep 2022 12:06:35 GMT
content-length: 38098
last-modified: Thu, 01 Sep 2022 07:41:40 GMT
etag: "63106234-94d2"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5074
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hYU%2BUUUAhAykfZbix7XT071dloFMYXOuN2VaWQh59He1TFFJPwoPfi2aTpfp%2FThb541Npi22AIvxfM20XIW%2FgsOXpcynkshs4GM4VP96lGgrc3IGu8T1DguQOqL2wSsYlg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 746714557b3cb512-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced\012- data
Size:   38098
Md5:    73c0aee64f13a266b6b742c486fe1337
Sha1:   ccd750b9fd381a26be739ac360338ac561053e89
Sha256: 1c3abd9ad5e3c51ce047428580299ebff7a1a8359e973c34cb37fd1491146478
                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         216.239.38.178
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Tue, 06 Sep 2022 10:41:12 GMT
expires: Tue, 06 Sep 2022 12:41:12 GMT
cache-control: public, max-age=7200
age: 5123
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   20006
Md5:    56f5d7f608e25d64207135f045f988cb
Sha1:   901eb59372ae330ae85e1384da93479b21ae1082
Sha256: 1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
                                        
                                            GET /tag.php?goal=690f08e992705cf61f1bdfe9b5790416 HTTP/1.1 
Host: main.exosrv.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         95.211.229.245
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Tue, 06 Sep 2022 12:06:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: goals=a%3A1%3A%7Bi%3A95968%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-09-06%22%3B%7D%7D; expires=Wed, 06 Sep 2023 12:06:35 GMT; path=/; domain=.exosrv.com; Secure; SameSite=none
Content-Encoding: gzip

                                        
                                            GET /tag.php?goal=690f08e992705cf61f1bdfe9b5790416 HTTP/1.1 
Host: main.exoclick.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         95.211.229.246
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Tue, 06 Sep 2022 12:06:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: goals=a%3A1%3A%7Bi%3A95968%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-09-06%22%3B%7D%7D; expires=Wed, 06 Sep 2023 12:06:35 GMT; path=/; domain=.exoclick.com; Secure; SameSite=none
Content-Encoding: gzip

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3309
Cache-Control: 'max-age=158059'
Date: Tue, 06 Sep 2022 12:06:35 GMT
Last-Modified: Tue, 06 Sep 2022 11:11:26 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 313

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Sep 2022 12:06:35 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 03 Sep 2022 01:56:49 GMT
Expires: Sat, 10 Sep 2022 01:56:48 GMT
Etag: "af20df57e6e3376e0d1f607f45e87e96e11797c3"
Cache-Control: max-age=308412,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 746714561b90b4ee-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Sep 2022 12:06:35 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 03 Sep 2022 01:56:49 GMT
Expires: Sat, 10 Sep 2022 01:56:48 GMT
Etag: "af20df57e6e3376e0d1f607f45e87e96e11797c3"
Cache-Control: max-age=308412,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 746714561b6b0b31-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         143.204.42.156
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 06 Sep 2022 12:06:35 GMT
Last-Modified: Tue, 06 Sep 2022 11:00:56 GMT
Server: ECS (nyb/1D29)
X-Cache: Miss from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: vBmjza4by6xYt6oRy24bIu8tEra_BqwBJgBa8Qc9EnK3WErkmyqnQg==
Age: 3939

                                        
                                            GET /ctrack?action=list&type=add&id=notregistered&context=Bizzocasino.com&cookiename=notregistered&age=500000&maxcookiecount=10 HTTP/1.1 
Host: ctrack.trafficjunky.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         66.254.114.89
HTTP/1.1 200 OK
content-type: image/gif
                                        
server: openresty
date: Tue, 06 Sep 2022 12:06:35 GMT
content-length: 35
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Sun, 22 Jan 1984 03:00:00 GMT
p3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
pragma: no-cache
set-cookie: tj_UUID=03e5610b977c4b8ba2f44366780e17bc; Path=/; Domain=trafficjunky.net; Expires=Thu, 06 Oct 2022 12:06:35 GMT; Secure; SameSite=None tj_UUID_v2=03e5610b-977c-4b8b-a2f4-4366780e17bc; Path=/; Domain=trafficjunky.net; Expires=Thu, 06 Oct 2022 12:06:35 GMT; Secure; SameSite=None 00eeb7d7a7bd81d86b2f272dd250c93c=notregistered; Path=/; Domain=trafficjunky.net; Expires=Sat, 19 Aug 2023 17:26:35 GMT; Secure; SameSite=None
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-headers: Content-Type
access-control-max-age: 86400
x-request-id: 631737CB-42FE725901BB535E-8BD8FD93


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   35
Md5:    28d6814f309ea289f847c69cf91194c6
Sha1:   0f4e929dd5bb2564f7ab9c76338e04e292a42ace
Sha256: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
                                        
                                            POST /g/collect?v=2&tid=G-89BGS3MKPL&gtm=2oe8v0&_p=633762861&cid=1636264602.1662465989&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1662465989&sct=1&seg=0&dl=https%3A%2F%2Fbizzocasino.com%2Fcasino%2Fslots&dt=Online%20Slots%20%E2%9D%B1%20Play%20Slot%20Machine%20Games%20for%20Real%20Money&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1 
Host: region1.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bizzocasino.com
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

                                         
                                         216.239.34.36
HTTP/2 204 No Content
content-type: text/plain
                                        
access-control-allow-origin: https://bizzocasino.com
date: Tue, 06 Sep 2022 12:06:35 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            GET /syncd?dsp_id=409&user_group=1&user_id=e6a0effc-a93c-428c-8864-4386263bc1a7&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3De6a0effc-a93c-428c-8864-4386263bc1a7 HTTP/1.1 
Host: x.bidswitch.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bizzocasino.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         3.122.47.104
HTTP/1.1 302 Moved Temporarily
                                        
Cache-Control: no-cache, no-store, must-revalidate
Date: Tue, 06 Sep 2022 12:06:35 GMT
Location: https://x.bidswitch.net/ul_cb/syncd?dsp_id=409&user_group=1&user_id=e6a0effc-a93c-428c-8864-4386263bc1a7&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3De6a0effc-a93c-428c-8864-4386263bc1a7
Set-Cookie: tuuid=cb47028e-91ff-49cc-ba2b-b8e061a1bfbe; path=/; expires=Wed, 06-Sep-2023 12:06:35 GMT; domain=.bidswitch.net; samesite=none; secure c=1662465995; path=/; expires=Wed, 06-Sep-2023 12:06:35 GMT; domain=.bidswitch.net; samesite=none; secure tuuid_lu=1662465995; path=/; expires=Wed, 06-Sep-2023 12:06:35 GMT; domain=.bidswitch.net; samesite=none; secure c=1662465995; path=/; expires=Wed, 06-Sep-2023 12:06:35 GMT; domain=.bidswitch.net; samesite=none; secure
Content-Length: 0
Connection: keep-alive

                                        
                                            GET /sync?dsp_id=409&expires=14&user_group=2&user_id=e6a0effc-a93c-428c-8864-4386263bc1a7&cb=8e31575e-1715-4364-b924-650a4389ce76 HTTP/1.1 
Host: x.bidswitch.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         3.122.47.104
HTTP/1.1 302 Moved Temporarily
                                        
Cache-Control: no-cache, no-store, must-revalidate
Date: Tue, 06 Sep 2022 12:06:35 GMT
Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=e6a0effc-a93c-428c-8864-4386263bc1a7&cb=8e31575e-1715-4364-b924-650a4389ce76
Set-Cookie: tuuid=6f46ea62-23a8-492b-9cf7-7712d8d43b40; path=/; expires=Wed, 06-Sep-2023 12:06:35 GMT; domain=.bidswitch.net; samesite=none; secure c=1662465995; path=/; expires=Wed, 06-Sep-2023 12:06:35 GMT; domain=.bidswitch.net; samesite=none; secure tuuid_lu=1662465995; path=/; expires=Wed, 06-Sep-2023 12:06:35 GMT; domain=.bidswitch.net; samesite=none; secure c=1662465995; path=/; expires=Wed, 06-Sep-2023 12:06:35 GMT; domain=.bidswitch.net; samesite=none; secure
Content-Length: 0
Connection: keep-alive

                                        
                                            GET /sync?dsp_id=409&expires=14&user_group=2&user_id=e6a0effc-a93c-428c-8864-4386263bc1a7&cb=3769a23f-ab4d-4529-b482-9fd356e80f54 HTTP/1.1 
Host: x.bidswitch.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         3.122.47.104
HTTP/1.1 302 Moved Temporarily
                                        
Cache-Control: no-cache, no-store, must-revalidate
Date: Tue, 06 Sep 2022 12:06:35 GMT
Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=e6a0effc-a93c-428c-8864-4386263bc1a7&cb=3769a23f-ab4d-4529-b482-9fd356e80f54
Set-Cookie: tuuid=8193a258-d48b-466a-a05e-663f477fa6e5; path=/; expires=Wed, 06-Sep-2023 12:06:35 GMT; domain=.bidswitch.net; samesite=none; secure c=1662465995; path=/; expires=Wed, 06-Sep-2023 12:06:35 GMT; domain=.bidswitch.net; samesite=none; secure tuuid_lu=1662465995; path=/; expires=Wed, 06-Sep-2023 12:06:35 GMT; domain=.bidswitch.net; samesite=none; secure c=1662465995; path=/; expires=Wed, 06-Sep-2023 12:06:35 GMT; domain=.bidswitch.net; samesite=none; secure
Content-Length: 0
Connection: keep-alive

                                        
                                            GET /app/vendor.15fdc09ad653237a.esm.js HTTP/1.1 
Host: bizzocasino.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/casino/slots
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.68.182
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 06 Sep 2022 12:06:34 GMT
last-modified: Thu, 01 Sep 2022 07:41:51 GMT
vary: Accept-Encoding
etag: W/"6310623f-28582b"
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gg4zguk%2FapOozHbY3BS8jQQ%2FIuxrr87B078KdChftVS2GPAdwQp2eTtXGk1QA7jCMetJQVdbrgoLBEumcn9BxgIozDUYb36lL1t%2FZKKt4ItK0hJhtCJth24zTNQPBRsXmA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 746714515d24b512-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65451)
Size:   648560
Md5:    4c17f43c7fffbbf61058337752281e3b
Sha1:   bcbe463c6f818b2437322a809fe4048598a11ac3
Sha256: 0017c5463c387527a7c67e3e836fb6a96654525eabc6f02a38ffbe151fed8fb5
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Sep 2022 12:06:35 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 03 Sep 2022 01:56:49 GMT
Expires: Sat, 10 Sep 2022 01:56:48 GMT
Etag: "af20df57e6e3376e0d1f607f45e87e96e11797c3"
Cache-Control: max-age=308412,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7467145618610b55-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Sep 2022 12:06:35 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 03 Sep 2022 01:56:49 GMT
Expires: Sat, 10 Sep 2022 01:56:48 GMT
Etag: "af20df57e6e3376e0d1f607f45e87e96e11797c3"
Cache-Control: max-age=308412,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 746714564e20b518-OSL

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Sep 2022 12:06:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /pixel?auth=5g3u7sq7&event=visit&uid=undefined&tid=%7BTRANSACTION_ID%7D&cur=undefined&amount=undefined&site=bizzocasino.com&ln=en-US HTTP/1.1 
Host: track.trackingtraffo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         88.214.206.175
HTTP/1.1 200 OK
                                        
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 06 Sep 2022 12:06:35 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
Pragma: no-cache
Expires: Sat, 01 Jan 2000 00:00:00 GMT

                                        
                                            GET /syncd?dsp_id=409&user_id=e6a0effc-a93c-428c-8864-4386263bc1a7&user_group=2&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D HTTP/1.1 
Host: x.bidswitch.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         3.122.47.104
HTTP/1.1 302 Moved Temporarily
                                        
Cache-Control: no-cache, no-store, must-revalidate
Date: Tue, 06 Sep 2022 12:06:35 GMT
Location: https://x.bidswitch.net/ul_cb/syncd?dsp_id=409&user_id=e6a0effc-a93c-428c-8864-4386263bc1a7&user_group=2&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D
Set-Cookie: tuuid=e8ae0aab-68a1-43f2-95a9-911d82209dc9; path=/; expires=Wed, 06-Sep-2023 12:06:35 GMT; domain=.bidswitch.net; samesite=none; secure c=1662465995; path=/; expires=Wed, 06-Sep-2023 12:06:35 GMT; domain=.bidswitch.net; samesite=none; secure tuuid_lu=1662465995; path=/; expires=Wed, 06-Sep-2023 12:06:35 GMT; domain=.bidswitch.net; samesite=none; secure c=1662465995; path=/; expires=Wed, 06-Sep-2023 12:06:35 GMT; domain=.bidswitch.net; samesite=none; secure
Content-Length: 0
Connection: keep-alive

                                        
                                            GET /recaptcha/api.js?render=6Lfp3sIbAAAAAJ37H0nwMOrTaY-Qv4xUHUwkqVeu HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.164
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
expires: Tue, 06 Sep 2022 12:06:35 GMT
date: Tue, 06 Sep 2022 12:06:35 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 584
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (884), with no line terminators
Size:   584
Md5:    a65b5f055812a5ec3958226fce88c81f
Sha1:   c8dc8af4d3d1bab8bf855a8fc496c1f3e3faea51
Sha256: da73761b3738350574e7cd17353d0bf66cc45ee439e4735786b3d41a5972dd5e
                                        
                                            GET /sync?dsp_id=409&expires=14&user_group=2&user_id=e6a0effc-a93c-428c-8864-4386263bc1a7&cb=5665db73-b626-493e-bbde-7a9baf70f5d5 HTTP/1.1 
Host: x.bidswitch.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         3.122.47.104
HTTP/1.1 302 Moved Temporarily
                                        
Cache-Control: no-cache, no-store, must-revalidate
Date: Tue, 06 Sep 2022 12:06:35 GMT
Location: //match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=e6a0effc-a93c-428c-8864-4386263bc1a7&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
Content-Length: 0
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Sep 2022 12:06:35 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 05 Sep 2022 06:25:21 GMT
Expires: Mon, 12 Sep 2022 06:25:20 GMT
Etag: "6cecdd7246361b80f2464910ba31ee1f4381ee7d"
Cache-Control: max-age=497324,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 746714576d35b4ee-OSL

                                        
                                            GET /p.js?f=sync&lr=1&partner=d52d64e3ae130730ea33c02cfefc955af6fb94275ad1752dd9486271dd6cf068 HTTP/1.1 
Host: my.rtmark.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.195.8
HTTP/2 200 OK
content-type: text/javascript
                                        
server: nginx
date: Tue, 06 Sep 2022 12:06:35 GMT
content-length: 697
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   697
Md5:    d0faf6100c68eca3bd5782a5b94fc212
Sha1:   27a475c79e1b4728005805ffe000f54a0101d9af
Sha256: 6378b5c7e59ed7146d4c8a4130e3506701be02869ee31d527599ea60dcaaee6e
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Sep 2022 12:06:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            OPTIONS /api/v2/ip-data HTTP/1.1 
Host: platform.bizzocasino.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://bizzocasino.com/
Origin: https://bizzocasino.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         172.67.68.182
HTTP/2 204 No Content
                                        
date: Tue, 06 Sep 2022 12:06:35 GMT
access-control-allow-origin: https://bizzocasino.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gFik%2BEYDsFqg9nBkUiVcxRzGpORknSAe%2FCkHeAeYUVtSg6bWKjEgQr6KIXeZlUiNUT6m2v5CSKti4hKtKjdiE58JBtM3pKaGKqFMAOOeKZ9T6XDhz5Hh%2FRGiyygwHe2ndC7Fbcc1PPKIvg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74671457ae07b512-OSL
X-Firefox-Spdy: h2

                                        
                                            OPTIONS /api/data/get-countries HTTP/1.1 
Host: platform.bizzocasino.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://bizzocasino.com/
Origin: https://bizzocasino.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         172.67.68.182
HTTP/2 204 No Content
                                        
date: Tue, 06 Sep 2022 12:06:35 GMT
access-control-allow-origin: https://bizzocasino.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PDORFoe5tLVVn6uUqfS%2FPLhhEBtqQwqTomAau17cG2fXeyVteww1EjS2LIop%2BLt%2BEGQQ8i%2FhoTK3YNLUwKboAy%2BvTuDeWJqdmZBKWOyUi1yihtpoYyybmrkarRMv6KuSnTxCT9mDYD0slg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74671457be2cb512-OSL
X-Firefox-Spdy: h2

                                        
                                            OPTIONS /api/v2/configurations HTTP/1.1 
Host: platform.bizzocasino.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://bizzocasino.com/
Origin: https://bizzocasino.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

                                         
                                         104.26.8.22
HTTP/2 204 No Content
                                        
date: Tue, 06 Sep 2022 12:06:35 GMT
access-control-allow-origin: https://bizzocasino.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6ZpkX721BlMGqfKzku2YPb4gxxjlO7yFOkF7XYfGbfPnk55qALNbY08IxZ%2FYsEMf1s8%2BQnvNQvt2E55SrpPqHduihpWfb4txuJR2xAYx8p5cW21diFar5BLbBpbRgxnjE%2FzLk3fgRC7E8g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74671457cb9a0b39-OSL
X-Firefox-Spdy: h2

                                        
                                            OPTIONS /api/v2/casino/producer?is_desktop=1&is_live=0 HTTP/1.1 
Host: platform.bizzocasino.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://bizzocasino.com/
Origin: https://bizzocasino.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         104.26.8.22
HTTP/2 204 No Content
                                        
date: Tue, 06 Sep 2022 12:06:35 GMT
access-control-allow-origin: https://bizzocasino.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dZV4%2B7rZqG8%2Fm2ojvBmuDizPoqLY11HwmCMg5GdVd7KrpYOYdczgPCq6ibKRNVtpQLe8q91fsK3NBV2yCURsFVxxdyIUFdgaMhiPJwbtJ%2FXyuGAtBYEZHTVTdM2pD72tBFjpDIT6Gk2hZw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74671457dbab0b39-OSL
X-Firefox-Spdy: h2

                                        
                                            OPTIONS /api/v2/casino/producer?is_desktop=1&is_live=1 HTTP/1.1 
Host: platform.bizzocasino.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://bizzocasino.com/
Origin: https://bizzocasino.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         104.26.8.22
HTTP/2 204 No Content
                                        
date: Tue, 06 Sep 2022 12:06:35 GMT
access-control-allow-origin: https://bizzocasino.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aVNE2vOGi5wMHCS7X7gVpIRpMWGHslx5THHcuUfwjb6OAySEylBe3NrwRofGx3QDu9BH7VuMQr4%2FDXvjdvkUhKeiGx2hYK8b709p63qtiXbScs%2BOwqHCOfNIOa0SZGB%2BBYzwj5YSXjWFHg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74671457dbad0b39-OSL
X-Firefox-Spdy: h2

                                        
                                            OPTIONS /api/data/get-currencies HTTP/1.1 
Host: platform.bizzocasino.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://bizzocasino.com/
Origin: https://bizzocasino.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         172.67.68.182
HTTP/2 204 No Content
                                        
date: Tue, 06 Sep 2022 12:06:35 GMT
access-control-allow-origin: https://bizzocasino.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VFHVzToCQcKsjlouV6YiGUc9c9w1YZr6onfSxyVS0qFr6MiF8TOWQtT30%2FFcXcmmBl3DhRviQHA5PBO5Vu01E2k0rNvKR1JAtBNAH%2FGBQUkNSd%2FcdFaebDvh7pBQ7y6F0C3vpiTkWGcqUw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74671457ae0bb512-OSL
X-Firefox-Spdy: h2

                                        
                                            OPTIONS /api/v2/casino/category?auth=false HTTP/1.1 
Host: platform.bizzocasino.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://bizzocasino.com/
Origin: https://bizzocasino.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         104.26.8.22
HTTP/2 204 No Content
                                        
date: Tue, 06 Sep 2022 12:06:35 GMT
access-control-allow-origin: https://bizzocasino.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GgqptC8tNBzvBjsJzI0lu8eSHRnmPVS9fK%2BzNC%2FFfsuJgqtcNX1renoAZeu3GhOZ9tuiEWS7Of5YgqJOBjq46JrMiFH5ioMYj2Rpy3RhLIn42DZXx3zhl9wE2SIN2E%2B59o%2FgfEbUC3ygBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74671457ebb70b39-OSL
X-Firefox-Spdy: h2

                                        
                                            OPTIONS /api/data/provinces HTTP/1.1 
Host: platform.bizzocasino.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://bizzocasino.com/
Origin: https://bizzocasino.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         104.26.8.22
HTTP/2 204 No Content
                                        
date: Tue, 06 Sep 2022 12:06:35 GMT
access-control-allow-origin: https://bizzocasino.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SrsIrv4DEJ%2F2GFyOEZpgFtd%2Butsy2Kkmh8%2BpstsddHM8l%2BoCpofAXbJgnxj2nn3t5cH9Jm%2FDq0X9Ep1svf4PF%2BbpVZwsWYyCVJ0N6vwEkpx44bboJ5QecgI%2Btxi9tRez9Ji9maptN26Qtg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74671457cb9b0b39-OSL
X-Firefox-Spdy: h2

                                        
                                            GET /api/data/get-countries HTTP/1.1 
Host: platform.bizzocasino.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
client-timezone: UTC
Origin: https://bizzocasino.com
Connection: keep-alive
Referer: https://bizzocasino.com/
Cookie: _sp_srt_ses.52c6=*; _sp_srt_id.52c6=05a49ea4-5204-483b-ad89-48b85129dd7c.1662465989.1.1662465989.1662465989.7d7a1782-da6b-4f8f-b80e-9c3ec26c41f5; _ga_89BGS3MKPL=GS1.1.1662465989.1.0.1662465989.0.0.0; _ga=GA1.2.1636264602.1662465989; DV_TRACK=e6a624bf-b83b-4fe1-84f0-fa4601c2601f; _gid=GA1.2.329749136.1662465990; _gat_UA-207151463-1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         172.67.68.182
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
                                        
date: Tue, 06 Sep 2022 12:06:35 GMT
vary: Accept-Encoding
x-powered-by: PHP/7.4.30
access-control-allow-origin: https://bizzocasino.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UkChKkO68lPOY%2BXC%2BEyFYQenTReHb66dRHjuLeqkJlg8eNdvUGb2SJE8mGXt4b9OQVtaxcIIJTaB%2BboViO%2B5zLAIsxsxlnPc0zZsOoMzQnOyRULDxd59RbrpMcSTM%2FIA3CAYxMR6afUVZA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 746714587f14b512-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Size:   162426
Md5:    f33909b2d477f34e5baedcdf728525f5
Sha1:   d6e87f446f0b420d134b9b8e524a740baa238309
Sha256: fd2dbb1f7eed10e6c59f1120f08bf36edcd2950c2b60941a722296c09c2008e3
                                        
                                            GET /api/v2/configurations HTTP/1.1 
Host: platform.bizzocasino.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
client-timezone: UTC
Origin: https://bizzocasino.com
Connection: keep-alive
Referer: https://bizzocasino.com/
Cookie: _sp_srt_ses.52c6=*; _sp_srt_id.52c6=05a49ea4-5204-483b-ad89-48b85129dd7c.1662465989.1.1662465989.1662465989.7d7a1782-da6b-4f8f-b80e-9c3ec26c41f5; _ga_89BGS3MKPL=GS1.1.1662465989.1.0.1662465989.0.0.0; _ga=GA1.2.1636264602.1662465989; DV_TRACK=e6a624bf-b83b-4fe1-84f0-fa4601c2601f; _gid=GA1.2.329749136.1662465990; _gat_UA-207151463-1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         172.67.68.182
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
                                        
date: Tue, 06 Sep 2022 12:06:35 GMT
vary: Accept-Encoding
x-powered-by: PHP/7.4.30
access-control-allow-origin: https://bizzocasino.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ul%2BwgvmOL6ESoGP2EIXaY2GUeBRl5rJGaDMY7cODvrO3mn9YIFHw5DYitAYbdWQDXgNalvlUSK7jvR5YQ2SwGULjvLQ4je03eOXtZ4jjzoA47Q302RB6txrxpizUOkCX4ajACYGx3EpiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 746714588f2cb512-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Size:   6160
Md5:    ea1c595dbe994eb5f7949d623cc88b8a
Sha1:   c982432f4e8816eda5ddec9f6de504593323c479
Sha256: 9c77e5484220b33166631bf16e14fa473a9e8e7f1df3b824e03636bde90837a1
                                        
                                            GET /api/v2/ip-data HTTP/1.1 
Host: platform.bizzocasino.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
client-timezone: UTC
Origin: https://bizzocasino.com
Connection: keep-alive
Referer: https://bizzocasino.com/
Cookie: _sp_srt_ses.52c6=*; _sp_srt_id.52c6=05a49ea4-5204-483b-ad89-48b85129dd7c.1662465989.1.1662465989.1662465989.7d7a1782-da6b-4f8f-b80e-9c3ec26c41f5; _ga_89BGS3MKPL=GS1.1.1662465989.1.0.1662465989.0.0.0; _ga=GA1.2.1636264602.1662465989; DV_TRACK=e6a624bf-b83b-4fe1-84f0-fa4601c2601f; _gid=GA1.2.329749136.1662465990; _gat_UA-207151463-1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         172.67.68.182
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
                                        
date: Tue, 06 Sep 2022 12:06:35 GMT
vary: Accept-Encoding
x-powered-by: PHP/7.4.30
access-control-allow-origin: https://bizzocasino.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oWucXihO6IgSG9twbBJgXvfB3Rx08s7%2BPRqcwz7UWs1a2jxWm%2BHIjJ7NwiuPbRnHrPVEQ%2BbVarcvZ%2FozTBBSMXDC65AkiQKZP3DFm3RhZz%2FRIHBbZK3PPkrx6uB%2FzSnCcex09MFZRdBfAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 746714585efcb512-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (693), with no line terminators
Size:   376
Md5:    2c098aaf03de232c9acdd60c16976810
Sha1:   053cc2c38568b3fcaad3af820bf525f9ac522e65
Sha256: a9ea49108d6c4b78b3de10884fe763c0fb944a8114b040be25d8be89bddc2458
                                        
                                            GET /api/promotion/tournaments?lang=en_GB HTTP/1.1 
Host: bizzocasino.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://bizzocasino.com/casino/slots
Cookie: _sp_srt_ses.52c6=*; _sp_srt_id.52c6=05a49ea4-5204-483b-ad89-48b85129dd7c.1662465989.1.1662465989.1662465989.7d7a1782-da6b-4f8f-b80e-9c3ec26c41f5; _ga_89BGS3MKPL=GS1.1.1662465989.1.0.1662465989.0.0.0; _ga=GA1.2.1636264602.1662465989; DV_TRACK=e6a624bf-b83b-4fe1-84f0-fa4601c2601f; _gid=GA1.2.329749136.1662465990; _gat_UA-207151463-1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.68.182
HTTP/2 200 OK
content-type: application/json
                                        
date: Tue, 06 Sep 2022 12:06:35 GMT
vary: Accept-Encoding
x-powered-by: PHP/7.4.29
cache-control: max-age=0, must-revalidate, private
expires: Tue, 06 Sep 2022 12:06:35 GMT
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mhWGx7BXm1luKn6ulnj56s5rM41KxtvFuf6FDKPJLbs41xDOLM1oM3mOzKlFDln0B2pGRD2HDetZ%2FWnuAs1gulaS0tNphoG0Dd%2BrvXmOwXicChqlCMXGr4czvxsfZJz6dQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74671457ce4db512-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (5621), with no line terminators
Size:   1642
Md5:    6c4ef0fc3953b12ce7e63d389a9a639a
Sha1:   e1660a797808cce8abe078a129eef695225549a0
Sha256: 97bc78189709baaf023d39041fece7c43d9ec35f6dc28a2313b3e791faf10ac0
                                        
                                            GET /ul_cb/sync?dsp_id=409&expires=14&user_group=2&user_id=e6a0effc-a93c-428c-8864-4386263bc1a7&cb=3769a23f-ab4d-4529-b482-9fd356e80f54 HTTP/1.1 
Host: x.bidswitch.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bizzocasino.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         3.122.47.104
HTTP/1.1 302 Moved Temporarily
                                        
Cache-Control: no-cache, no-store, must-revalidate
Date: Tue, 06 Sep 2022 12:06:35 GMT
Location: //match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=e6a0effc-a93c-428c-8864-4386263bc1a7&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
Content-Length: 0
Connection: keep-alive

                                        
                                            GET /api/v2/casino/category?auth=false HTTP/1.1 
Host: platform.bizzocasino.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
client-timezone: UTC
Origin: https://bizzocasino.com
Connection: keep-alive
Referer: https://bizzocasino.com/
Cookie: _sp_srt_ses.52c6=*; _sp_srt_id.52c6=05a49ea4-5204-483b-ad89-48b85129dd7c.1662465989.1.1662465989.1662465989.7d7a1782-da6b-4f8f-b80e-9c3ec26c41f5; _ga_89BGS3MKPL=GS1.1.1662465989.1.0.1662465989.0.0.0; _ga=GA1.2.1636264602.1662465989; DV_TRACK=e6a624bf-b83b-4fe1-84f0-fa4601c2601f; _gid=GA1.2.329749136.1662465990; _gat_UA-207151463-1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         172.67.68.182
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
                                        
date: Tue, 06 Sep 2022 12:06:35 GMT
vary: Accept-Encoding
x-powered-by: PHP/7.4.30
access-control-allow-origin: https://bizzocasino.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DHSm7%2BxA7t1i4faCddGHiSw4QfFzt33kICMs1HgncPz%2F2q9wDo0OUKIBW31z%2B7aaY06ZzTEo784RRRMHZJ2QDfp6g1Pqzz%2F8q%2FmLTtRJVfyDsIJNVl8YwgwDQHr6BoFhnUGNAcQrBmJy1A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74671458af63b512-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (2051), with no line terminators
Size:   472
Md5:    0fc9b6725245f809a52167ae32cd084b
Sha1:   d2534c175b2ed63371103c6c3e25303425ef8c1a
Sha256: b62e6f47560da973a77b2045d6cad122787e8f4a739446f442b2b6acaa85cb3d
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         143.204.42.156
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 06 Sep 2022 12:06:36 GMT
Last-Modified: Tue, 06 Sep 2022 10:18:32 GMT
Server: ECS (nyb/1D14)
X-Cache: Miss from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: cjX07u5FsXg6GSQoPwLzuPDpqVFIjtRl0sm6VUA26YH-ztMnXpPhIA==
Age: 6484

                                        
                                            GET /api/v2/bonuses/tournaments?lang=en&frontendIdentifier_in%5B%5D=oracle-slot-race&frontendIdentifier_in%5B%5D=luxury-table-battle HTTP/1.1 
Host: platform.bizzocasino.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
client-timezone: UTC
Origin: https://bizzocasino.com
Connection: keep-alive
Referer: https://bizzocasino.com/
Cookie: _sp_srt_ses.52c6=*; _sp_srt_id.52c6=05a49ea4-5204-483b-ad89-48b85129dd7c.1662465989.1.1662465989.1662465989.7d7a1782-da6b-4f8f-b80e-9c3ec26c41f5; _ga_89BGS3MKPL=GS1.1.1662465989.1.0.1662465989.0.0.0; _ga=GA1.2.1636264602.1662465989; DV_TRACK=e6a624bf-b83b-4fe1-84f0-fa4601c2601f; _gid=GA1.2.329749136.1662465990; _gat_UA-207151463-1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         172.67.68.182
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
                                        
date: Tue, 06 Sep 2022 12:06:36 GMT
vary: Accept-Encoding
x-powered-by: PHP/7.4.30
access-control-allow-origin: https://bizzocasino.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2FbecqE%2FWUOBD6XcP3Aa2xl70%2F4Ln3WcmSVrX5pXqEM%2BvV%2FWO6BtGhki7JJSY8yr6qAMmRK4Ier%2Bh9LDTfpUQw7HotDKBITRoaNUTDDJ6C3z2BBb0Guy42oPtyQ1WXl1LLuyapWfeNQFNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7467145ada44b512-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (802), with no line terminators
Size:   22503
Md5:    04d8014dd196d571e00346562a90fb68
Sha1:   09f7a988cefd12bfdfb8b0e40c1c7875399814e8
Sha256: 2e42131cad1d28568dcc3fce6ba225e71d2349148e5f79ef5100c5f129850193
                                        
                                            GET /img.gif?f=sync&partner=d52d64e3ae130730ea33c02cfefc955af6fb94275ad1752dd9486271dd6cf068&ttl=&rurl=https%3A%2F%2Fbizzocasino.com%2Fcasino%2Fslots HTTP/1.1 
Host: my.rtmark.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.195.8
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Tue, 06 Sep 2022 12:06:36 GMT
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=5ceb20933e9b4856bb6c3f5071000a87; expires=Wed, 06 Sep 2023 12:06:36 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    b4491705564909da7f9eaf749dbbfbb1
Sha1:   279315d507855c6a4351e1e2c2f39dd9cd2fccd8
Sha256: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
                                        
                                            GET /api/data/get-currencies HTTP/1.1 
Host: platform.bizzocasino.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
client-timezone: UTC
Origin: https://bizzocasino.com
Connection: keep-alive
Referer: https://bizzocasino.com/
Cookie: _sp_srt_ses.52c6=*; _sp_srt_id.52c6=05a49ea4-5204-483b-ad89-48b85129dd7c.1662465989.1.1662465989.1662465989.7d7a1782-da6b-4f8f-b80e-9c3ec26c41f5; _ga_89BGS3MKPL=GS1.1.1662465989.1.0.1662465989.0.0.0; _ga=GA1.2.1636264602.1662465989; DV_TRACK=e6a624bf-b83b-4fe1-84f0-fa4601c2601f; _gid=GA1.2.329749136.1662465990; _gat_UA-207151463-1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         172.67.68.182
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
                                        
date: Tue, 06 Sep 2022 12:06:35 GMT
vary: Accept-Encoding
x-powered-by: PHP/7.4.30
access-control-allow-origin: https://bizzocasino.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rX5B8%2FMB49swbUHm7HUuwjYUM%2BG%2FQUE0YMsD8tXJ0oeafMEjOwO5bNF2Ba1%2BTp3n5cTffu8EOqa6AO%2BCMrOtnZN7ToffFQxNpK%2FxZDRpOSZQB1ToQX8hkaOrDzIGY57xxPSURu1MOBlBeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 746714589f57b512-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (9389), with no line terminators
Size:   950
Md5:    dd5b299014a33727427ea15aa6280fba
Sha1:   af1914c69231f0cf94d96c40be5a2a61ff0000df
Sha256: 439c96606acb4dd58e8177ec7949604db21112f8fdf0f033768e666e588735c4
                                        
                                            GET /sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=e6a0effc-a93c-428c-8864-4386263bc1a7&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy= HTTP/1.1 
Host: match.sharethrough.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bizzocasino.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         18.193.205.227
HTTP/2 204 No Content
                                        
date: Tue, 06 Sep 2022 12:06:36 GMT
X-Firefox-Spdy: h2

                                        
                                            GET /sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=e6a0effc-a93c-428c-8864-4386263bc1a7&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy= HTTP/1.1 
Host: match.sharethrough.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bizzocasino.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         18.193.205.227
HTTP/2 204 No Content
                                        
date: Tue, 06 Sep 2022 12:06:36 GMT
X-Firefox-Spdy: h2

                                        
                                            POST /BizzoCasino/dcs/tagController/tagData/b00c73e99d55 HTTP/1.1 
Host: zz.connextra.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 41
Origin: https://bizzocasino.com
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.88.23.60
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-credentials: true
access-control-allow-origin: https://bizzocasino.com
vary: Origin
p3p: CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
content-length: 0
date: Tue, 06 Sep 2022 12:06:36 GMT
set-cookie: CxtId=d301f779-4f67-423f-9e9e-e69ccc30f45c; Domain=.connextra.com; Expires=Thu, 05-Sep-2024 12:06:36 GMT; Path=/; Secure; SameSite=None BizzoCasino=P%7Chomepage%7C1%7C202209061306; Domain=.connextra.com; Expires=Wed, 06-Sep-2023 12:06:36 GMT; Path=/; Secure; HttpOnly; SameSite=None
X-Firefox-Spdy: h2

                                        
                                            GET /assets/bizzo-logo.svg HTTP/1.1 
Host: bizzocasino.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/casino/slots
Cookie: _sp_srt_ses.52c6=*; _sp_srt_id.52c6=05a49ea4-5204-483b-ad89-48b85129dd7c.1662465989.1.1662465989.1662465989.7d7a1782-da6b-4f8f-b80e-9c3ec26c41f5; _ga_89BGS3MKPL=GS1.1.1662465989.1.0.1662465989.0.0.0; _ga=GA1.2.1636264602.1662465989; DV_TRACK=e6a624bf-b83b-4fe1-84f0-fa4601c2601f; _gid=GA1.2.329749136.1662465990; _gat_UA-207151463-1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.68.182
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Tue, 06 Sep 2022 12:06:36 GMT
last-modified: Thu, 01 Sep 2022 07:41:52 GMT
vary: Accept-Encoding
etag: W/"63106240-6df1"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5959
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=isz5WABm4Yqh1t8%2FE6R83RKuDqYOdTP%2BiXwzRgErSAshnEvUf%2FppAAwCjGoABh1fx8%2BZTng22PvmKdR5xy7iwVimKlTCsI9vPAG9DkFQ65hP%2FTNzN5jD7pM58gFcptsdcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7467145dcf3cb512-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1635)
Size:   14519
Md5:    30e066f011bfa3d3afbfca869d660645
Sha1:   50905cee00d1798bedc99558e9da7c4b3e42c545
Sha256: 78d91547c5df2ca0babcf2633d6053d66ca84b2ddec74c800d64056d3d09455e
                                        
                                            GET /app/common.173fe4ce0d3b6746.esm.js HTTP/1.1 
Host: bizzocasino.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/casino/slots
Cookie: _sp_srt_ses.52c6=*; _sp_srt_id.52c6=05a49ea4-5204-483b-ad89-48b85129dd7c.1662465989.1.1662465989.1662465989.7d7a1782-da6b-4f8f-b80e-9c3ec26c41f5; _ga_89BGS3MKPL=GS1.1.1662465989.1.0.1662465989.0.0.0; _ga=GA1.2.1636264602.1662465989; DV_TRACK=e6a624bf-b83b-4fe1-84f0-fa4601c2601f; _gid=GA1.2.329749136.1662465990; _gat_UA-207151463-1=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.68.182
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 06 Sep 2022 12:06:36 GMT
last-modified: Thu, 01 Sep 2022 07:41:50 GMT
vary: Accept-Encoding
etag: W/"6310623e-7a33"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Frf%2Fo53gGTwr0pJdELPV2J%2FQ574jp25zcSB0mBcGun7Cu1EsVHJAfxtzutL21NdI4%2B%2BKvVkHwfERj8w8QD0iFEuMGpPb26zNoGpVtgwtT06%2FVapq5zOI8Skl9WilIj3SBA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7467145ddf4fb512-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (31283), with no line terminators
Size:   16703
Md5:    964b9d5df7da02d1952f23cd87141e53
Sha1:   6b6fc0275dfb855360fad2b747f29079cc89082a
Sha256: 75091357ca686eb30c6d2e452f01d72318ec960fcba082985daa03c23a639bae
                                        
                                            GET /assets/footer/footer-head.png HTTP/1.1 
Host: bizzocasino.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/casino/slots
Cookie: _sp_srt_ses.52c6=*; _sp_srt_id.52c6=05a49ea4-5204-483b-ad89-48b85129dd7c.1662465989.1.1662465989.1662465989.7d7a1782-da6b-4f8f-b80e-9c3ec26c41f5; _ga_89BGS3MKPL=GS1.1.1662465989.1.0.1662465989.0.0.0; _ga=GA1.2.1636264602.1662465989; DV_TRACK=e6a624bf-b83b-4fe1-84f0-fa4601c2601f; _gid=GA1.2.329749136.1662465990; _gat_UA-207151463-1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.68.182
HTTP/2 200 OK
content-type: image/png
                                        
date: Tue, 06 Sep 2022 12:06:36 GMT
content-length: 1716
last-modified: Thu, 01 Sep 2022 07:41:52 GMT
etag: "63106240-6b4"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1797
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HWrfbL4nSIUnHP24Uzed7RsOwp1CE%2FUIx3bK5HJr1BCUtYgaoZ2Qtgc3Cw1AXiZWttbmum3HWrsNbVTmaSxwlrkKVYO2TRZlH8jTTX437Yz%2BQo6VeaZCAgrkYAtb1nSDSw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7467145e2fb5b512-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 88 x 30, 8-bit/color RGBA, non-interlaced\012- data
Size:   1716
Md5:    fc93928fb4619868fdd48ced90da63b4
Sha1:   2833e205cdc25a819a9fec774b67d7b55ce60874
Sha256: 6424b9d791c1c089ba2a5c71d0834b1d967407dacf2a13f3c1ad73f1c0c20c69
                                        
                                            GET /54f396e0-b046-49b1-9cb3-0c69281d7ea9-beacon.png HTTP/1.1 
Host: c4457c89-e5ba-4d22-92e5-c2959310ee85.snippet.antillephone.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.111.60
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 68
last-modified: Tue, 15 Dec 2020 08:04:53 GMT
accept-ranges: bytes
server: AmazonS3
date: Sat, 13 Aug 2022 23:26:57 GMT
cache-control: no-cache, no-store, must-revalidate
etag: "e679fbd466a2d656f194a5da4fa083cd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: fxiWmsQaQyqdL2934Z3QGdKWFuNUu1rdW6JFXi9PKLFRbs9SjLU_jQ==
age: 2032981
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Size:   68
Md5:    e679fbd466a2d656f194a5da4fa083cd
Sha1:   2aa795c7607aa6ea41313be88f1b7a9c1ab516b3
Sha256: f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
                                        
                                            GET /app/717.f7c18f4ec09d52e4.esm.js HTTP/1.1 
Host: bizzocasino.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/casino/slots
Cookie: _sp_srt_ses.52c6=*; _sp_srt_id.52c6=05a49ea4-5204-483b-ad89-48b85129dd7c.1662465989.1.1662465989.1662465989.7d7a1782-da6b-4f8f-b80e-9c3ec26c41f5; _ga_89BGS3MKPL=GS1.1.1662465989.1.0.1662465989.0.0.0; _ga=GA1.2.1636264602.1662465989; DV_TRACK=e6a624bf-b83b-4fe1-84f0-fa4601c2601f; _gid=GA1.2.329749136.1662465990; _gat_UA-207151463-1=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.68.182
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 06 Sep 2022 12:06:36 GMT
last-modified: Thu, 01 Sep 2022 07:41:50 GMT
vary: Accept-Encoding
etag: W/"6310623e-412b"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5959
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wAXLelTe1Zir5YGc8s%2BiClGpN8ZBgeTUcEuuEsACjhJAoY3ze32OyGphSm8xxFSQMnfO5aBgs7CcdPLIsyXcbSCiJdO1k81Ho568B9BleGjTBidwWYWrRhB%2B8RLXOblHXA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7467145ddf4cb512-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (16683), with no line terminators
Size:   5924
Md5:    9bdd154c3182ee93be4e9292c689ecab
Sha1:   a8f1cc4eda6a4967799ee8effed3d857abffe8a8
Sha256: a14e3c88a4adec7bb484f96eae2a091df1879f889f19007b92667b377bdad414
                                        
                                            GET /tracking.js HTTP/1.1 
Host: cdn.livechatinc.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.79.16
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
last-modified: Thu, 01 Sep 2022 14:04:09 GMT
x-amz-version-id: UYKKGTF3dQKOE_ePnSPZ3k7YnXZnco.Q
server: AmazonS3
content-encoding: br
etag: W/"f4171ed4d15a2019f2f052cb238ce516"
vary: Accept-Encoding
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: EUG3D4KfHo3U2lN_eentmJk0SAz12YzFGQ0_XvE7HFSuqgj_8ZTGjg==
content-length: 25676
cache-control: max-age=28800
expires: Tue, 06 Sep 2022 20:06:36 GMT
date: Tue, 06 Sep 2022 12:06:36 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   25676
Md5:    5f2358a99550d4776547cb972073bd61
Sha1:   8aa911d2bf317392eb9e9dc894c311ae57e83d14
Sha256: aabffd826b1e615440082abba276f12e163e4ac2e00d6419aa58cf4366caf0d2
                                        
                                            GET /seg?add=30624960&t=1 HTTP/1.1 
Host: secure.adnxs.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         37.252.173.38
HTTP/1.1 307 Redirection
Content-Type: text/html; charset=utf-8
                                        
Server: nginx/1.21.3
Date: Tue, 06 Sep 2022 12:06:36 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D30624960%26t%3D1
AN-X-Request-Uuid: 16d6bf83-f351-4d88-8b86-7496c33f89da
Set-Cookie: uuid2=5329681579839911443; SameSite=None; Path=/; Max-Age=7776000; Expires=Mon, 05-Dec-2022 12:06:36 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com

                                        
                                            GET /getuidnb?https%3A//zz.connextra.com/sync/data/uid/3bc1d7fd2e/%24UID HTTP/1.1 
Host: secure.adnxs.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         37.252.173.38
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.21.3
Date: Tue, 06 Sep 2022 12:06:36 GMT
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: d516c7be-f01a-488a-8b95-2629e7d5f9cd
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    592ebefc7104d681d57852665e9ad514
Sha1:   15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
Sha256: 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "165D897CB6411FDEFB6CCEAD79645EA8D568EA95A71DA4C5ACE3EF0751819902"
Last-Modified: Sun, 04 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14378
Expires: Tue, 06 Sep 2022 16:06:14 GMT
Date: Tue, 06 Sep 2022 12:06:36 GMT
Connection: keep-alive

                                        
                                            GET /assets/banners/games-search/games-search-image-right.webp HTTP/1.1 
Host: bizzocasino.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/casino/slots
Cookie: _sp_srt_ses.52c6=*; _sp_srt_id.52c6=05a49ea4-5204-483b-ad89-48b85129dd7c.1662465989.1.1662465989.1662465989.7d7a1782-da6b-4f8f-b80e-9c3ec26c41f5; _ga_89BGS3MKPL=GS1.1.1662465989.1.0.1662465989.0.0.0; _ga=GA1.2.1636264602.1662465989; DV_TRACK=e6a624bf-b83b-4fe1-84f0-fa4601c2601f; _gid=GA1.2.329749136.1662465990; _gat_UA-207151463-1=1; _cioanonid=7f28bf17-fea0-72b9-0144-e90739ee17d7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.68.182
HTTP/2 200 OK
content-type: image/webp
                                        
date: Tue, 06 Sep 2022 12:06:36 GMT
content-length: 59226
last-modified: Thu, 01 Sep 2022 07:41:52 GMT
etag: "63106240-e75a"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1795
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XAqcUJumsteA8CpSz9EWjBtKE%2B62%2BpDtGAl6zgb%2FDRCVa8Go2CFnNkEaGBa8KAf%2BmJQIezM75fMem%2BlUgjbqtrSZbTNttfiRuyUMw4zjnAERuCAIqOXeD61Q0BIT8ZaLlw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7467145ed88ab512-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   59226
Md5:    4cba474cfbc143d30cfb0caaf1cd21ab
Sha1:   95d9bfaf062d40f7912519299363eba01d7e0811
Sha256: 328f751e7bb6a35b9ced5beebfb877f6b5538f17d504840354726e5b63b8e3b8
                                        
                                            GET /assets/banners/games-search/games-search-image-left.webp HTTP/1.1 
Host: bizzocasino.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/casino/slots
Cookie: _sp_srt_ses.52c6=*; _sp_srt_id.52c6=05a49ea4-5204-483b-ad89-48b85129dd7c.1662465989.1.1662465989.1662465989.7d7a1782-da6b-4f8f-b80e-9c3ec26c41f5; _ga_89BGS3MKPL=GS1.1.1662465989.1.0.1662465989.0.0.0; _ga=GA1.2.1636264602.1662465989; DV_TRACK=e6a624bf-b83b-4fe1-84f0-fa4601c2601f; _gid=GA1.2.329749136.1662465990; _gat_UA-207151463-1=1; _cioanonid=7f28bf17-fea0-72b9-0144-e90739ee17d7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.68.182
HTTP/2 200 OK
content-type: image/webp
                                        
date: Tue, 06 Sep 2022 12:06:36 GMT
content-length: 46506
last-modified: Thu, 01 Sep 2022 07:41:40 GMT
etag: "63106234-b5aa"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1795
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IwGEA7RmIaXsCekLlMVF6j4Y0gqG1pbdsdBCA9pWkplbozu9rxdytOpChhRYXT3QhF%2F2NhR47%2BBu4b8XaB1xKbrdm1sx2AapIySQUBypgi9itU2KtMA8ghjmVs6CedLUJg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7467145ed886b512-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   46506
Md5:    60749a7b12dc1ff49b830cab90a5564d
Sha1:   5d2c9e33a2248e1355de6cd1de4e83c4ea20d5ad
Sha256: d6760fd97d417da496a608da40283d7899f03877bb6affae6202fba0aae10c65
                                        
                                            POST /s/gts1d4/1ZxcQTeKQE0 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Sep 2022 12:06:36 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            OPTIONS /api/user/is-auth HTTP/1.1 
Host: platform.bizzocasino.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://bizzocasino.com/
Origin: https://bizzocasino.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         104.26.8.22
HTTP/2 204 No Content
                                        
date: Tue, 06 Sep 2022 12:06:36 GMT
access-control-allow-origin: https://bizzocasino.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KBb7fH9LnRBFad%2Byss%2BLC5s7d41ojKdihY8XfEIFmbgIXfDtRH9ZL%2Bwae6seVoA57K2IW9u0yTxbHmgnEmrNb1G2yBQfRAQbne%2FnKKCqsvtepAdzSaHS9fOlj%2FjCimr%2BGSx8q0BWiKhrFA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7467145ecb730b39-OSL
X-Firefox-Spdy: h2

                                        
                                            GET /app/national-casino.43560e9be334e28bf33f.ttf?l1lc9r HTTP/1.1 
Host: bizzocasino.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/app/styles.2ac83e5d2a7e6951.css
Cookie: _sp_srt_ses.52c6=*; _sp_srt_id.52c6=05a49ea4-5204-483b-ad89-48b85129dd7c.1662465989.1.1662465989.1662465989.7d7a1782-da6b-4f8f-b80e-9c3ec26c41f5; _ga_89BGS3MKPL=GS1.1.1662465989.1.0.1662465989.0.0.0; _ga=GA1.2.1636264602.1662465989; DV_TRACK=e6a624bf-b83b-4fe1-84f0-fa4601c2601f; _gid=GA1.2.329749136.1662465990; _gat_UA-207151463-1=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.68.182
HTTP/2 200 OK
content-type: application/octet-stream
                                        
date: Tue, 06 Sep 2022 12:06:36 GMT
content-length: 45520
last-modified: Thu, 01 Sep 2022 07:41:50 GMT
etag: "6310623e-b1d0"
cache-control: max-age=14400
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RlKQYeTOLXLLvbsq1GqhLteMNO7SXmeWJ34u3iKyaRZirnZDFldGI9O37LnFoA4aukjsrMzHuY2hl82pNpfuCu8V8Y4xbG38RFQKuwW6nc9XwIaRTZBsFUbXebcty%2FkBgA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7467145def68b512-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, national-casino\012- data
Size:   45520
Md5:    43560e9be334e28bf33fe43cfc88efc3
Sha1:   491d12bd3c88b681d4bcf3b83da0af7ca1aa723b
Sha256: 8a568d26f70a3f143c096bcb6fe5ce956cbf0683b6b0bc3fc7862149db5fdcc5
                                        
                                            GET /events/page.gif?name=https%3A%2F%2Fbizzocasino.com%2Fcasino%2Fslots&data%5Bwidth%5D=1280&data%5Bheight%5D=939&c=&s=7f28bf17-fea0-72b9-0144-e90739ee17d7&site_id=9efc4c3b0cc60e451da4&timestamp=1662465991082 HTTP/1.1 
Host: track-eu.customer.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.129.162
HTTP/2 200 OK
content-type: image/gif
                                        
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
content-disposition: attachment
content-length: 35
content-transfer-encoding: binary
date: Tue, 06 Sep 2022 12:06:36 GMT
status: 200 OK
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   35
Md5:    28d6814f309ea289f847c69cf91194c6
Sha1:   0f4e929dd5bb2564f7ab9c76338e04e292a42ace
Sha256: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
                                        
                                            OPTIONS /api/v3/casino/game?is_desktop=1&has_live=0&category_id=25 HTTP/1.1 
Host: platform.bizzocasino.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://bizzocasino.com/
Origin: https://bizzocasino.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         104.26.8.22
HTTP/2 204 No Content
                                        
date: Tue, 06 Sep 2022 12:06:36 GMT
access-control-allow-origin: https://bizzocasino.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L1RtIG2isgTwYOd7bdPzApwryaJuTl1MrmwORF%2F3axb3M8Yx97YJoEHewuASIyBnpfDlrgEjBZ2PC3dSkKgRcB2pG17Ydg%2FqG7RYwBrbJ5oEwNRScWhKAiSmDhFySjoL71n3gwWSB26dmg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7467145f4c2c0b39-OSL
X-Firefox-Spdy: h2

                                        
                                            POST /api/9/store/?sentry_key=913196a6014545bda28200a38ba9826a&sentry_version=7 HTTP/1.1 
Host: sentry.softlabs.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bizzocasino.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://bizzocasino.com
Content-Length: 3463
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.71.55
HTTP/2 200 OK
content-type: application/json
                                        
date: Tue, 06 Sep 2022 12:06:36 GMT
content-length: 41
access-control-allow-origin: https://bizzocasino.com
access-control-expose-headers: retry-after, x-sentry-rate-limits, x-sentry-error
vary: Origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=otELnpJ%2BI%2FpXCAK4btg8Rh0DZTSj0Xrg9Xf5BBnhFEm6ClU45KocAdR3DqQjY5asWvlTUT%2BLCmR3WnocIDhiqy3tkfRp4MNiyxqGlbavRFR1BAdhjOV24m2vLn5CCdXQGHxfpyw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7467145efc0fb505-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   41
Md5:    d69370fd7f8a6cc06c01b3ae938a627c
Sha1:   7576a49fffa10e66f578a893be323341737f4b56
Sha256: 6ce9e67d55ce8f7fb0f05d4fdccc1b190a031d13655c593bf5a9acd573b9a66e
                                        
                                            GET /v3.3/customer/action/get_dynamic_configuration?license_id=9054575&url=https%3A%2F%2Fbizzocasino.com%2Fcasino%2Fslots&channel_type=code&jsonp=__sfjdzde8ml9 HTTP/1.1 
Host: api.livechatinc.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.16
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
content-security-policy: frame-ancestors https://bizzocasino.com/;
legacy: 2023-06-30
vary: Accept-Encoding
x-frame-options: allow-from https://bizzocasino.com/
content-length: 625
date: Tue, 06 Sep 2022 12:06:36 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (625), with no line terminators
Size:   625
Md5:    f6057608751e9915120e9c8f3a0a4a5f
Sha1:   b46717d7006e4dc76eaea7214328e16a1fb8edb2
Sha256: ca8e7bfc964ea95d3d1845a5390b10f708c898e43dbcdc0bfcc9e0517b3f96d5
                                        
                                            POST /s/gts1d4/1ZxcQTeKQE0 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Sep 2022 12:06:36 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /assets/banners/games-search/games-search-bg.webp HTTP/1.1 
Host: bizzocasino.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/casino/slots
Cookie: _sp_srt_ses.52c6=*; _sp_srt_id.52c6=05a49ea4-5204-483b-ad89-48b85129dd7c.1662465989.1.1662465989.1662465989.7d7a1782-da6b-4f8f-b80e-9c3ec26c41f5; _ga_89BGS3MKPL=GS1.1.1662465989.1.0.1662465989.0.0.0; _ga=GA1.2.1636264602.1662465989; DV_TRACK=e6a624bf-b83b-4fe1-84f0-fa4601c2601f; _gid=GA1.2.329749136.1662465990; _gat_UA-207151463-1=1; _cioanonid=7f28bf17-fea0-72b9-0144-e90739ee17d7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.68.182
HTTP/2 200 OK
content-type: image/webp
                                        
date: Tue, 06 Sep 2022 12:06:37 GMT
content-length: 120276
last-modified: Thu, 01 Sep 2022 07:41:52 GMT
etag: "63106240-1d5d4"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1797
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q0SwNnt6lvGAmQX1%2F5ZEjky%2FBxz4WIn6HUVuJkmK4iWdeHzdw3YQ5rZ3%2BsKiAWsk5fjh1AbFWzN6ppEexefQnwIxzrNI8JDfvkr1cjg3SfwBFS3ZJy2m5qOVZD8%2FWSjssg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 746714619c88b512-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 1321x360, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   120276
Md5:    c44f1fd09a57bafedec297660263a605
Sha1:   1ddd77d446311f5f138f11e7c996e7050ca40938
Sha256: 6174163caba3316d69fbe1fd6954a82a1fd28eb26003adb12f963b8afabbc072
                                        
                                            GET /api/seo/get-data?pageUrl=/casino/slots HTTP/1.1 
Host: bizzocasino.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://bizzocasino.com/casino/slots
Cookie: _sp_srt_ses.52c6=*; _sp_srt_id.52c6=05a49ea4-5204-483b-ad89-48b85129dd7c.1662465989.1.1662465989.1662465989.7d7a1782-da6b-4f8f-b80e-9c3ec26c41f5; _ga_89BGS3MKPL=GS1.1.1662465989.1.0.1662465989.0.0.0; _ga=GA1.2.1636264602.1662465989; DV_TRACK=e6a624bf-b83b-4fe1-84f0-fa4601c2601f; _gid=GA1.2.329749136.1662465990; _gat_UA-207151463-1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.68.182
HTTP/2 200 OK
content-type: application/json
                                        
date: Tue, 06 Sep 2022 12:06:36 GMT
vary: Accept-Encoding
x-powered-by: PHP/7.4.29
cache-control: max-age=0, must-revalidate, private
expires: Tue, 06 Sep 2022 12:06:36 GMT
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uK3LM5fRs8iw5Jd0RT%2FyAOA9WlMeJt4q4mSftjC%2BZL2bbmvmjxwBpylzBNoVH4mcezKiApl8uFm4cAP33ga5MkCs3yduJRegGN2lExWJsCb3mT6QnhkbPfQEtNmwaXtx5w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7467145e7808b512-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (13676), with no line terminators
Size:   11621
Md5:    8b40800ed15cecd36e9e099168aac43f
Sha1:   bc6aabaddc275ac489cce2241127ecac1ef80024
Sha256: c3b104f8bea0376d20c307b655a1b853de3ab7eba84e4e8f9bc8252729c914aa
                                        
                                            GET /i/s4/habanero/TGBlackjackAmerican.webp HTTP/1.1 
Host: cdn.softswiss.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.116.131
HTTP/2 200 OK
content-type: image/webp
                                        
date: Tue, 06 Sep 2022 12:06:37 GMT
content-length: 8966
last-modified: Thu, 27 Jun 2019 06:47:08 GMT
etag: "5d14666c-2306"
expires: Wed, 07 Sep 2022 07:05:05 GMT
cache-control: max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 9290
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7467146209251c02-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 190x190, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   8966
Md5:    edec5ab490698abecdb30b6b3bd13394
Sha1:   cb33fe6b25824fedde25c7b657622524cd2b55fe
Sha256: 64a40d454362136393b84e389df2d339bb22a6f1f707d8d1861aa2f1497de3d0
                                        
                                            GET /i/s4/infin/RoyalCoinsHoldandWin.webp HTTP/1.1 
Host: cdn.softswiss.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.116.131
HTTP/2 200 OK
content-type: image/webp
                                        
date: Tue, 06 Sep 2022 12:06:37 GMT
content-length: 6716
last-modified: Mon, 30 Aug 2021 07:20:02 GMT
etag: "612c86a2-1a3c"
expires: Tue, 06 Sep 2022 15:22:16 GMT
cache-control: max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 64920
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74671462092c1c02-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 190x190, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   6716
Md5:    0701afbaccef1de01bf221f44c6a3539
Sha1:   bf17a4ba84ea76729a49b5dcfc28eff4e4718e79
Sha256: df1c29a7ef4bc2ca2b9acf0f583b2600f5efe7d414c593232f4d4bd5c529df9f
                                        
                                            GET /bounce?%2Fseg%3Fadd%3D30624960%26t%3D1 HTTP/1.1 
Host: secure.adnxs.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bizzocasino.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         37.252.173.38
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Server: nginx/1.21.3
Date: Tue, 06 Sep 2022 12:06:37 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 586f7426-7342-42f8-b772-9c0cd9ec6538
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2C'$wr%Oh!]tbP6j2F-XstGt!@DT`$eaqg; SameSite=None; Path=/; Max-Age=7776000; Expires=Mon, 05-Dec-2022 12:06:37 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com

                                        
                                            GET /i/s4/yggdrasil/BigBenjiBonanza.webp HTTP/1.1 
Host: cdn.softswiss.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.116.131
HTTP/2 200 OK
content-type: image/webp
                                        
date: Tue, 06 Sep 2022 12:06:37 GMT
content-length: 14846
last-modified: Fri, 27 May 2022 13:55:02 GMT
etag: "6290d836-39fe"
expires: Tue, 06 Sep 2022 13:29:28 GMT
cache-control: max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 54602
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7467146229461c02-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 190x190, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   14846
Md5:    d8a90de086e9ab6dbecd44e940c7e5cf
Sha1:   ac8424e7ca7d4aec626f59065b19117b4c0e2435
Sha256: ad71e54cf848ed6952352c475035b7fe126125e78d36b984f2ed5e772486f33c
                                        
                                            GET /i/s4/elk/MysticOrbs.webp HTTP/1.1 
Host: cdn.softswiss.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.116.131
HTTP/2 200 OK
content-type: image/webp
                                        
date: Tue, 06 Sep 2022 12:06:37 GMT
content-length: 9616
last-modified: Mon, 27 Dec 2021 13:35:02 GMT
etag: "61c9c106-2590"
expires: Tue, 06 Sep 2022 14:01:28 GMT
cache-control: max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 56463
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7467146229441c02-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 190x190, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   9616
Md5:    bea228aa80054ca291b6f60342e431ea
Sha1:   e0cd79655f570f5ac9998a0c67ccaf0e46ce5da0
Sha256: 8cf92d406e7bab14b9f9bbe6fe728a52da0c721410b77d833c5214bcb714872f
                                        
                                            GET /i/s4/pragmaticexternal/SweetBonanza.webp HTTP/1.1 
Host: cdn.softswiss.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.116.131
HTTP/2 200 OK
content-type: image/webp
                                        
date: Tue, 06 Sep 2022 12:06:37 GMT
content-length: 15128
last-modified: Tue, 05 May 2020 09:35:16 GMT
etag: "5eb13354-3b18"
expires: Tue, 06 Sep 2022 14:05:43 GMT
cache-control: max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 77158
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74671462294b1c02-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 190x190, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   15128
Md5:    431f460fd8ed5a8d33e5aa16895b95bb
Sha1:   037697205c862d57db1b40e7ea562f756810a7d0
Sha256: 83bd83a85daf6b55cd937da71fd768c2565702a36cf957a824f02db695b0a466
                                        
                                            GET /v3.3/customer/action/get_configuration?license_id=9054575&version=298133.12.12.41649.1209.1285.266.16.3.3.3.244&group_id=46&jsonp=__lc_static_config HTTP/1.1 
Host: api.livechatinc.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.16
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
content-encoding: gzip
legacy: 2023-06-30
vary: Accept-Encoding
content-length: 1354
cache-control: public, max-age=600
expires: Tue, 06 Sep 2022 12:16:37 GMT
date: Tue, 06 Sep 2022 12:06:37 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3892), with no line terminators
Size:   1354
Md5:    ae62c64732f73730ec3ea672a94145d2
Sha1:   b6e426c87a015656d9a074d529bb8f41d3e35d7e
Sha256: 1996c30db1e304144b9e101b00680fc1150ecec57ed9a6f2a1a4f312513108a8
                                        
                                            GET /flags/gb.svg HTTP/1.1 
Host: d2i76d1bskcqlp.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.245.22
HTTP/2 200 OK
content-type: image/svg+xml
                                        
content-length: 538
date: Tue, 06 Sep 2022 11:21:59 GMT
last-modified: Wed, 29 Sep 2021 07:35:06 GMT
etag: "d3ddd6025a06a78535b0d432d14905bf"
x-amz-meta-sha256: 825310f9bcc8892559317bfc87fc28d5d7bad06c02d562b5740aafcf4b040803
x-amz-meta-s3b-last-modified: 20210929T073222Z
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _3xgkcbtcBXAipqiQdAOy8dWo0hv_aXczZc8jNlLq64AgmpUwFXwpA==
age: 2679
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text
Size:   538
Md5:    d3ddd6025a06a78535b0d432d14905bf
Sha1:   2b5148a18b90f933e47bf895c26d61a52d21d9d8
Sha256: 825310f9bcc8892559317bfc87fc28d5d7bad06c02d562b5740aafcf4b040803
                                        
                                            GET /logos/providers_small/nationalcasino/alchemygaming.svg HTTP/1.1 
Host: d2i76d1bskcqlp.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.245.22
HTTP/2 200 OK
content-type: image/svg+xml
                                        
content-length: 1506
date: Tue, 06 Sep 2022 11:58:51 GMT
last-modified: Mon, 02 May 2022 08:00:24 GMT
etag: "e12001f665ac6ed8702468ec4e708dbf"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rXyWOEF0UPo57ino3bwfihA9dt635WTRGxUwlwXV6ejTbWTsbjiXTQ==
age: 467
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1506
Md5:    e12001f665ac6ed8702468ec4e708dbf
Sha1:   3b7b33d6b8d0eda61da211c9e5348b64ce1544ea
Sha256: 4df23c3ba8eb0d1cea1d0b6b3540e6017165e29b8c9185c188f660f6eb749b24
                                        
                                            GET /logos/providers_small/nationalcasino/amatic.svg HTTP/1.1 
Host: d2i76d1bskcqlp.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.245.22
HTTP/2 200 OK
content-type: image/svg+xml
                                        
content-length: 1639
last-modified: Wed, 29 Sep 2021 07:36:15 GMT
x-amz-meta-sha256: 0b95f8f18ada9bd0b7f8f5595b8732a4d6332c7549b56300d95ce1c9d008304e
x-amz-meta-s3b-last-modified: 20210929T073405Z
accept-ranges: bytes
server: AmazonS3
date: Tue, 06 Sep 2022 11:58:51 GMT
etag: "bbbff38f7f4683544d87af50cac277cc"
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: mI3VRibwf6GQS7MsLaYog-UcDGqxa_p3xLkWrdmltUd0h22TahYbQQ==
age: 467
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1096), with CRLF line terminators
Size:   1639
Md5:    bbbff38f7f4683544d87af50cac277cc
Sha1:   ffe903a9d8ef3319e545be14f91aed2ce089b46d
Sha256: 0b95f8f18ada9bd0b7f8f5595b8732a4d6332c7549b56300d95ce1c9d008304e
                                        
                                            GET /logos/providers_small/nationalcasino/arcadem.svg HTTP/1.1 
Host: d2i76d1bskcqlp.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.245.22
HTTP/2 200 OK
content-type: image/svg+xml
                                        
content-length: 5870
date: Tue, 06 Sep 2022 08:33:39 GMT
last-modified: Wed, 29 Sep 2021 07:36:16 GMT
etag: "034180cc89600f69e8274edd339122fb"
x-amz-meta-sha256: d960abb2dbff43a96f902121faee8b0a83f7543ac57f9aea349488752df08950
x-amz-meta-s3b-last-modified: 20210929T073405Z
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ZEB2D7L4Jz9h7Td0ibA3EwCvQsU58WWcErsDf0MhkU-h7zNapQ-Z5A==
age: 12779
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1871), with CRLF line terminators
Size:   5870
Md5:    034180cc89600f69e8274edd339122fb
Sha1:   f80fdf3500128538fdca9be61003dac9ea565ed4
Sha256: d960abb2dbff43a96f902121faee8b0a83f7543ac57f9aea349488752df08950
                                        
                                            GET /logos/providers_small/nationalcasino/avatarux.svg HTTP/1.1 
Host: d2i76d1bskcqlp.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.245.22
HTTP/2 200 OK
content-type: image/svg+xml
                                        
content-length: 2295
last-modified: Thu, 02 Dec 2021 06:39:16 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 06 Sep 2022 11:58:51 GMT
etag: "1646131daf33d2ae00d207b23975875e"
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: uM5g_N2YIglARaadoB0DdMomDuSJvDrahnkLxrx5tCrkgG7ElgvAMA==
age: 467
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (973), with CRLF line terminators
Size:   2295
Md5:    1646131daf33d2ae00d207b23975875e
Sha1:   0e86175ec28d2789190103b89258af1c6449daba
Sha256: d62127b338bedd7de0073bc7589f709eb51d1bec2d7eceefc953c95f1461471c
                                        
                                            GET /logos/providers_small/nationalcasino/bangbanggames.svg HTTP/1.1 
Host: d2i76d1bskcqlp.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.245.22
HTTP/2 200 OK
content-type: image/svg+xml
                                        
content-length: 8148
last-modified: Tue, 01 Mar 2022 17:19:05 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 06 Sep 2022 11:58:51 GMT
etag: "b9313c8f9e3d5e16931666cac1958505"
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: DcSdGyamGwQ4IAMKFE3DgyvqvnAfkv7Ir7sWqT-KaTvUo3qaiUtaug==
age: 467
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (8148), with no line terminators
Size:   8148
Md5:    b9313c8f9e3d5e16931666cac1958505
Sha1:   5d53d538958db478e55d286fcfa5ae36fa1cbf1d
Sha256: 01eb73cfdfcf7d9826d6f5abc499becd597b7530abb6dd48a3e62a9c841a498d
                                        
                                            GET /logos/providers_small/nationalcasino/bbgames.svg HTTP/1.1 
Host: d2i76d1bskcqlp.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.245.22
HTTP/2 200 OK
content-type: image/svg+xml
                                        
content-length: 7794
last-modified: Wed, 29 Sep 2021 07:36:16 GMT
x-amz-meta-sha256: 0d1ade539b3b18f6adf893cc6df69da498936e43b6d85f1dfb7df414ae936253
x-amz-meta-s3b-last-modified: 20210929T073406Z
accept-ranges: bytes
server: AmazonS3
date: Tue, 06 Sep 2022 06:41:29 GMT
etag: "ef2f45e803f6ee04eb10ebf0f8712dfd"
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: VH1G412HkbmO_LCH8atmLHWevjAH7V5tZ28jyhp_6CwZJp187N0-4g==
age: 19509
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (3544), with CRLF line terminators
Size:   7794
Md5:    ef2f45e803f6ee04eb10ebf0f8712dfd
Sha1:   8549342bd4893b4095d2c1e579c098667f3f186c
Sha256: 0d1ade539b3b18f6adf893cc6df69da498936e43b6d85f1dfb7df414ae936253
                                        
                                            GET /logos/providers_small/nationalcasino/belatra.svg HTTP/1.1 
Host: d2i76d1bskcqlp.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.245.22
HTTP/2 200 OK
content-type: image/svg+xml
                                        
content-length: 2724
last-modified: Wed, 29 Sep 2021 07:36:16 GMT
x-amz-meta-sha256: b28e7027cf0dea5e325732b1be1afc0e22daa07a0bc9902fe01c0cd391ad9c16
x-amz-meta-s3b-last-modified: 20210929T073406Z
accept-ranges: bytes
server: AmazonS3
date: Tue, 06 Sep 2022 11:36:45 GMT
etag: "5a15affd0cf53516021f7ba7e4b9d272"
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: bUgHgicRDb1L7gN5OW0Cd1gsFAetpHts-SDKPUzfhzUOoVPaQHSFMw==
age: 1793
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2179), with CRLF line terminators
Size:   2724
Md5:    5a15affd0cf53516021f7ba7e4b9d272
Sha1: