az.bkin-8443.space/420.html
104.21.81.37301 Moved Permanently 0 B URL HTTP/1.1 az.bkin-8443.space/420.html
IP 104.21.81.37:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /420.html HTTP/1.1
Host: az.bkin-8443.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 06 Sep 2022 15:58:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 06 Sep 2022 16:58:01 GMT
Location: https://az.bkin-8443.space/420.html
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2ujI%2BDh75PAlhBz7ws7dfbkJam5qGVO84ReOOzKp2UIo9q1OtLjZw1hUreHPHXMUnA%2Fs%2F3fiX%2Bn0Rc7PqnpUeEv3%2BmgDrUYG9wDAQu%2F2ApvBtzJoi6U%2FhB9yjrdVo9uELmAUhTU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7468675c4b85b51e-OSL
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 06 Sep 2022 15:04:19 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 48yG7V-Mpb0gJNANxDpQ3PMFuSZqYoY4UiA_kavx4uarM7du6EOpew==
Age: 3222
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b9adda4796e3cda8d92753c46964621c
5f1eba1f6085b23dea088a91fe6f8947172f9f62
a0577a8fcfa81b3f86d99566eb4429655b93a238ffd1a3752bc9aae3d969deea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A0577A8FCFA81B3F86D99566EB4429655B93A238FFD1A3752BC9AAE3D969DEEA"
Last-Modified: Tue, 06 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7819
Expires: Tue, 06 Sep 2022 18:08:20 GMT
Date: Tue, 06 Sep 2022 15:58:01 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 06 Sep 2022 01:15:18 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: T5ie0I3J5SBKxU1MAFy_vJxZas6c-RCcxvKtegpP4GwHKsyAx0a7hQ==
age: 52964
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 15:58:01 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Tue, 06 Sep 2022 15:38:18 GMT
Expires: Tue, 06 Sep 2022 16:34:52 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Eu_nk1DswsHwK_N7jOTy1jMv74bRYZVQwMQkE63oTI5kDM8t8EmXlA==
Age: 1184
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e8952752ad4a452a575522a7eb737217
c5554fa2af05d7a7117032b0f99352de08988346
8c182bed7bbd843774a2136823b30a4cb707e2a5386f71d01640aa3558888bf7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 531
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 15:58:02 GMT
Last-Modified: Tue, 06 Sep 2022 15:49:11 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
34.210.39.83101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.210.39.83:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: HzR1U119ylqffRrfNCRUNw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: EpJfT59cnuwlyw3CWkfojqEhlV0=
az.bkin-8443.space/420.html
104.21.81.37302 Found 12 kB URL HTTP/2 az.bkin-8443.space/420.html
IP 104.21.81.37:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4018)
Hash 4dd5714064e55e62d7ed162f55e2864f
8f1beb75872ec6e6ae5df3ca6c3c8accfcb23b3f
8a92ad2039034f12ae512ba4fe22949bc529322a2cfa6f11087cdeb26b8dc15e
Analyzer Verdict Alert fortinet Malware
GET /420.html HTTP/1.1
Host: az.bkin-8443.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: antibot_uid=1af7b4916f9d7d4a10dd64c5c9ab7e8e; antibot_country=NO; antibot_lang=en; antibot_ptr=s919042154.blix.com; antibot_a9531063f4d6b0aa370a30fbb0eda4aa=d5612d160ee76d4cce5f22e8a8baa5e8; lastcid=1662479881.8725
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Tue, 06 Sep 2022 15:58:03 GMT
content-type: text/html; charset=UTF-8
location: https://promo.20bet.partners/redirect.aspx?pid=11600&bid=1971&lpid=293
set-cookie: antibot_hits=2; expires=Wed, 07-Sep-2022 15:58:03 GMT; Max-Age=86400; path=/
antibot_unique_20220906=1; expires=Wed, 07-Sep-2022 15:58:03 GMT; Max-Age=86400; path=/
lastcid=0; expires=Tue, 06-Sep-2022 15:56:23 GMT; Max-Age=0; path=/
4ea436624a0b3b625b833141b837205a=0; expires=Tue, 06-Sep-2022 16:58:03 GMT; Max-Age=3600; path=/
expires: Fri, 16 Sep 2022 15:58:03 GMT
last-modified: Tue, 06 Sep 2022 15:58:03 GMT
cache-control: public, max-age=864000
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Drz3213IwWSaj%2F2bOssI4RwNCK1km5fxiOuwnsC8GMC5DU5MeuyIHqD98wzUcbMJOaHKn3MYCDLcF%2FmLgsQvvi6xaJ2PGSNRGjtdBAoFmOfBKNryOTaTNJAzXMhrgXJ8XlA%2BQb8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 746867653dca0b31-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 40441d063c1cbf0b3ee6b587016a4626
346307f663a858fc0493312e3ad1fa0e1d9ae694
8ac57a9b86c04b4dff945c8b5b32b6284cdfa7c5da4b21278c73407ebaf62354
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1637
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 15:58:03 GMT
Last-Modified: Tue, 06 Sep 2022 15:30:46 GMT
Server: ECS (amb/6BB8)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2717
Expires: Tue, 06 Sep 2022 16:43:21 GMT
Date: Tue, 06 Sep 2022 15:58:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2717
Expires: Tue, 06 Sep 2022 16:43:21 GMT
Date: Tue, 06 Sep 2022 15:58:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2717
Expires: Tue, 06 Sep 2022 16:43:21 GMT
Date: Tue, 06 Sep 2022 15:58:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2717
Expires: Tue, 06 Sep 2022 16:43:21 GMT
Date: Tue, 06 Sep 2022 15:58:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2717
Expires: Tue, 06 Sep 2022 16:43:21 GMT
Date: Tue, 06 Sep 2022 15:58:04 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed40d152-6303-4f00-ad80-054a81ea5425.webp
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed40d152-6303-4f00-ad80-054a81ea5425.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0efc32eccbf76ac0d89f324d09a7fd1f
f8589eb3907582137d8b9373af745d80eddbf1bb
ee0f5e56c97e50e1c20801ad0a5379982feef16a11137f784f404d14e9c65824
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed40d152-6303-4f00-ad80-054a81ea5425.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6482
x-amzn-requestid: 5e5b342b-0224-4916-8656-237b4c90ae66
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAX-5FaYIAMFzjw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166d2b-412f897b451130af70026eab;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:42:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: kD_wcIHwmUDV9M9Pl2NtUwRw0CElnHhX6NGZ5PQlnchvdxpLAZhm0w==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 21:46:42 GMT
etag: "f8589eb3907582137d8b9373af745d80eddbf1bb"
content-type: image/jpeg
age: 65482
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79118911-9148-4daf-8809-5e20fe16c9eb.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79118911-9148-4daf-8809-5e20fe16c9eb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 21826f85e6f926272f6a770645040b4a
21aad3ec92f4e1a353601d0c5ab8b60f44ea418f
adb23b43d5f65606cfb5fc69c3d410f10df39575f69abc0d786cfbe564819cae
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79118911-9148-4daf-8809-5e20fe16c9eb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11650
x-amzn-requestid: 83dd95be-9176-4798-94f9-c538bfcc8c49
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YBJxTE0GIAMF7SA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6316bcd4-4d5b7d8b28221944331a0f14;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 03:21:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: mFE-xzX9i8VCcgNNoNFHCJ6BRlFkqOg9VxEYo9v7QNHa2Yyjbb9ytQ==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 06:56:07 GMT
age: 32517
etag: "21aad3ec92f4e1a353601d0c5ab8b60f44ea418f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1756524-f0d1-4149-aa44-603b827f87d4.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1756524-f0d1-4149-aa44-603b827f87d4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 983e705542fa78b4d5c876e0c1eada7e
5fc951e5236edd282d4975853ca35dab2e55fb17
fa6e478fc213f6cb6c9f33c96c51105262c857bfe313b3d310755be30b1feeb3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1756524-f0d1-4149-aa44-603b827f87d4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6656
x-amzn-requestid: 2703eaf4-1a5a-41a6-859b-47255865efb0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAX-3F2ZIAMFpLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166d2b-6df026de5a9230ed429d08c1;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:42:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: FIIvB2jeQ_PBDzi8XRN0jnNxze3OwDbz8TBaIcadRvmQd2EFhCwX7Q==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 21:44:33 GMT
age: 65611
etag: "5fc951e5236edd282d4975853ca35dab2e55fb17"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf271bbd-cebf-41d8-a0c3-8f16d4423a79.jpeg
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf271bbd-cebf-41d8-a0c3-8f16d4423a79.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8ce50dfa23e7f34ff68cc6426c2823f7
b1685694999272feb4d9fc39296418cd95480678
4df89827b1b34bb577f28f281ed85067a2e34dd48923b9bae1561e81f67be49b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf271bbd-cebf-41d8-a0c3-8f16d4423a79.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7152
x-amzn-requestid: 2571ff54-e2f8-4072-8a26-3d0dd4cd3523
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAWsfHz_IAMFaXQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166b1c-6a598849314cdc433f9f82f7;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:33:16 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: I6xmRiAaxHPKpBlCPaRWoMiISlrXRrltO57N3NayiuIvv3gCWTWCZQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 21:53:35 GMT
age: 65069
etag: "b1685694999272feb4d9fc39296418cd95480678"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc4b02d0f-9da0-42dc-a234-02e974e7d286.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc4b02d0f-9da0-42dc-a234-02e974e7d286.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8c23179b2131543088771e3fa84ff231
ae50ae4aecd962b698c19f2863857b51cea7fcec
660900ca69b1787a734c1dbe3d6b9b19656912b4bc4715964c4325edff57f008
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc4b02d0f-9da0-42dc-a234-02e974e7d286.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7855
x-amzn-requestid: d7c8054c-d7d3-4b76-815d-36c3a2e1f6a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAYn6FwzoAMF40g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166e32-3ededbf27f83503978e0d775;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:46:26 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: QFEoJOq9eyhQH3KTlAB_ctOvGWRfAkPMHiZUa34wae07KaezXFodBg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 21:57:14 GMT
age: 64850
etag: "ae50ae4aecd962b698c19f2863857b51cea7fcec"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106059e1-95ed-4ffb-b6d2-7b4f160333ed.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106059e1-95ed-4ffb-b6d2-7b4f160333ed.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ec466c0d472e43c11d36bf6fce068205
720d3624a76d060b8e2699e9aa7a320e3efd4878
5553fc24713aae808f5ab81671551b0ae719435f3ced9f25df97d8edf6bfe86f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106059e1-95ed-4ffb-b6d2-7b4f160333ed.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12683
x-amzn-requestid: 6127e5b6-72f6-40df-b400-41a1f147f6da
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xz8XmEe0IAMFQDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63117430-2b27a2683d2d320172cef32e;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 03:10:40 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Mj_IT5g7hGu2AunKK7mvierv5BQ8cAxhnbGaUNsL6hRNu6MRAzIBDw==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 04:31:02 GMT
age: 41222
etag: "720d3624a76d060b8e2699e9aa7a320e3efd4878"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 77bf26dcec732e368e68222be04965a7
fde950716f6fd21cb3b9e73b7237c583d7916f1e
52e1d130790757ebe0228d95da402996147dd2cfd581fc1d071b90875a14f955
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6124
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 15:58:04 GMT
Last-Modified: Tue, 06 Sep 2022 14:16:00 GMT
Server: ECS (amb/6B7A)
X-Cache: HIT
Content-Length: 471
20media.world/promotions/first-deposit-casino?btag=656524_A3A6890430B74AC4B1D2449B8E4D7414
104.26.3.3302 Found 117 B URL HTTP/2 20media.world/promotions/first-deposit-casino?btag=656524_A3A6890430B74AC4B1D2449B8E4D7414
IP 104.26.3.3:0
File type HTML document, ASCII text
Hash dc15e3b4919c03f24473a2c8be0040b7
3abdf22691277f7ff65d5a2f405a73628fcf42c6
7b079fd6b36c2d852b4cd2f379ce020bd1189c1bcd61e1d835f41b96019b5c03
GET /promotions/first-deposit-casino?btag=656524_A3A6890430B74AC4B1D2449B8E4D7414 HTTP/1.1
Host: 20media.world
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Tue, 06 Sep 2022 15:58:04 GMT
content-type: text/html; charset=UTF-8
location: https://app.adjust.com/js8txs6?btag=656524_A3A6890430B74AC4B1D2449B8E4D7414&label=656524_A3A6890430B74AC4B1D2449B8E4D7414&redirect=https%3A%2F%2F20bet.com%2Fpromotions%2Ffirst-deposit-casino%3Fbtag%3D656524_A3A6890430B74AC4B1D2449B8E4D7414
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rnVVbnofHGzq%2FYUWMJINF4d036OsLFHyZLlrq37%2F%2BfvORPOUoq1u0dWtgmQhWeeou5yOb5vrYJanl4BfTAuYIwkNMSEZ2hDLbe4G3DbRPGFQ4Mp9VZWPecUDe7laJtU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7468676afad4b503-OSL
X-Firefox-Spdy: h2
20bet.com/assets/loader.gif
104.22.35.208200 OK 403 kB URL HTTP/2 20bet.com/assets/loader.gif
IP 104.22.35.208:0
File type GIF image data, version 89a, 400 x 400\012- data
Size 403 kB (402680 bytes)
Hash 8529d23ed344b353f7b89b4c90b1aa82
5433dc4344e9fc4f3b516febe6c9df5e9fec1657
d8a42ccb018c64bda5b2cac2f522c7895ce66055455e9eb9a0425dd7cfe18771
GET /assets/loader.gif HTTP/1.1
Host: 20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/promotions/first-deposit-casino?btag=656524_A3A6890430B74AC4B1D2449B8E4D7414
Cookie: preferred-language=en; btag=656524_A3A6890430B74AC4B1D2449B8E4D7414
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 15:58:07 GMT
content-type: image/gif
content-length: 402680
last-modified: Fri, 02 Sep 2022 09:36:59 GMT
etag: "6311cebb-624f8"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6861
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74686783dc479932-ARN
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c0498832f97967e1fbaa64eba7c65094
2dcaaa99759c7b3279d75f4f934bf05a1c4ca8e7
63621ee746f1a80c3c6167ca190e5008e3e79db0bc8f0e5cb0e5dccc11ceb822
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 15:58:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c0498832f97967e1fbaa64eba7c65094
2dcaaa99759c7b3279d75f4f934bf05a1c4ca8e7
63621ee746f1a80c3c6167ca190e5008e3e79db0bc8f0e5cb0e5dccc11ceb822
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 15:58:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c0498832f97967e1fbaa64eba7c65094
2dcaaa99759c7b3279d75f4f934bf05a1c4ca8e7
63621ee746f1a80c3c6167ca190e5008e3e79db0bc8f0e5cb0e5dccc11ceb822
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 15:58:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
20bet.com/static/js/app-692ed3cf06.js
104.22.35.208200 OK 501 B URL HTTP/2 20bet.com/static/js/app-692ed3cf06.js
IP 104.22.35.208:0
File type ASCII text, with very long lines (1212)
Hash f49ff09b49ce8d70fdf172806f8cf1f0
bb48a7ca6ce533f7b37a918908c850cfb82e4856
b36b787299a38fa0ccef9ed68a8a1fd37f638f3730474c81d347acbd783b2ee3
GET /static/js/app-692ed3cf06.js HTTP/1.1
Host: 20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/promotions/first-deposit-casino?btag=656524_A3A6890430B74AC4B1D2449B8E4D7414
Cookie: preferred-language=en; btag=656524_A3A6890430B74AC4B1D2449B8E4D7414
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 15:58:07 GMT
content-type: application/javascript
last-modified: Wed, 31 Aug 2022 06:07:00 GMT
etag: W/"630efa84-4bd"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1562
vary: Accept-Encoding
server: cloudflare
cf-ray: 74686783dc4b9932-ARN
content-encoding: br
X-Firefox-Spdy: h2
c4457c89-e5ba-4d22-92e5-c2959310ee85.snippet.antillephone.com/sealassets/8e55c698b278ff1ef4c833e53901a803-20bet.com-f5faf6d82a7be2057527120fa49724355adf2a8c973918d432fa7b70160234e717ac6b01358f27fc0aff52358b79fb11-c3ByaXRlLXNlYWwucG5n?status=valid
54.230.111.125200 OK 49 kB URL HTTP/2 c4457c89-e5ba-4d22-92e5-c2959310ee85.snippet.antillephone.com/sealassets/8e55c698b278ff1ef4c833e53901a803-20bet.com-f5faf6d82a7be2057527120fa49724355adf2a8c973918d432fa7b70160234e717ac6b01358f27fc0aff52358b79fb11-c3ByaXRlLXNlYWwucG5n?status=valid
IP 54.230.111.125:0
File type PNG image data, 512 x 256, 8-bit/color RGBA, non-interlaced\012- data
Hash 8ef6782be55b8ce8f5b132d28af8e0d0
cb99df77f4865d9c2f287539a5ca474cf76f7d09
d614922fde9604f8899e47f3cc3d69bf952312b996f7cf1421163996710850fa
GET /sealassets/8e55c698b278ff1ef4c833e53901a803-20bet.com-f5faf6d82a7be2057527120fa49724355adf2a8c973918d432fa7b70160234e717ac6b01358f27fc0aff52358b79fb11-c3ByaXRlLXNlYWwucG5n?status=valid HTTP/1.1
Host: c4457c89-e5ba-4d22-92e5-c2959310ee85.snippet.antillephone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 49397
x-powered-by: Express
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74685eafac589250-FRA
date: Tue, 06 Sep 2022 15:57:06 GMT
cache-control: max-age=1200
etag: W/"c0f5-y5nfd/SGXZwvKHU5pcpHTPdvfQk"
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: dP54aQ-xUG9chHmnHvjbFajkwC0vq-413VdVL8ohZ1cVbG4Pt8MO9Q==
age: 62
X-Firefox-Spdy: h2
tm.ads.sportradar.com/dist/tag-manager.js?id=STM-AAAACT
23.36.79.43200 OK 31 kB URL HTTP/2 tm.ads.sportradar.com/dist/tag-manager.js?id=STM-AAAACT
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Hash 0251bbcc02c98cc8347f19baaccacf83
fd1873bc9c359f3659d575973d7c4ea83d63b987
3f16f0d1896e5e10748df413a3344fee95579c7e6b77378a34e6008af04576bd
GET /dist/tag-manager.js?id=STM-AAAACT HTTP/1.1
Host: tm.ads.sportradar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
apigw-requestid: YC0hOhkfDoEEMFA=
vary: Accept-Encoding
content-encoding: gzip
content-length: 30881
date: Tue, 06 Sep 2022 15:58:08 GMT
cache-control: max-age=900, public
x-n: S
X-Firefox-Spdy: h2
20bet.com/app/styles.666b55852577885a.css
104.22.35.208200 OK 29 kB URL HTTP/2 20bet.com/app/styles.666b55852577885a.css
IP 104.22.35.208:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 8b921fee3a962169be2541040a200683
9ab464053230188f4cf0ea7f614fb8f03867ef2b
24e25dc52f162e0401f41e9853943dd648c41ac500b2920fdf9327b94b6b8e00
GET /app/styles.666b55852577885a.css HTTP/1.1
Host: 20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/promotions/first-deposit-casino?btag=656524_A3A6890430B74AC4B1D2449B8E4D7414
Cookie: preferred-language=en; btag=656524_A3A6890430B74AC4B1D2449B8E4D7414
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 15:58:08 GMT
content-type: text/css
last-modified: Fri, 02 Sep 2022 09:36:21 GMT
vary: Accept-Encoding
etag: W/"6311ce95-21625"
cache-control: max-age=14400
cf-cache-status: EXPIRED
server: cloudflare
cf-ray: 74686783cc329932-ARN
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash eb53024bbd41c1d8f88fa7b9becb704a
c87f5ac53cff6e3436c15551f8092f1e0215cb79
f2f589c71f9426ead1c60e4707982aa501b785a6040c95214db905a5cff8a777
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 15:58:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a89d52065930f3b201a027fd7cd1d0fe
262e5b31bdb345ce3a6e926e1c0b6184f7628ea8
2bba2fdcad4bda371c8263c81d81a9063e4541df1a653208eb41234ed1d2bfcf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4655
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 15:58:08 GMT
Last-Modified: Tue, 06 Sep 2022 14:40:33 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
20bet.com/configuration.js
104.22.35.208200 OK 17 kB URL HTTP/2 20bet.com/configuration.js
IP 104.22.35.208:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 8b477a8e2ae12e5692c29b695ae2afd4
ab3cf91066dddeb4eab4094eef584894da534330
5f0076602c11e019ea001a3f92d7765d3034d6ada72bb560886fe5713fad8e40
GET /configuration.js HTTP/1.1
Host: 20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/promotions/first-deposit-casino?btag=656524_A3A6890430B74AC4B1D2449B8E4D7414
Cookie: preferred-language=en; btag=656524_A3A6890430B74AC4B1D2449B8E4D7414
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 15:58:08 GMT
content-type: text/javascript; charset=UTF-8
x-powered-by: PHP/7.4.29
cache-control: max-age=0, must-revalidate, private
expires: Tue, 06 Sep 2022 15:58:08 GMT
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: BYPASS
vary: Accept-Encoding
server: cloudflare
cf-ray: 74686783cc3c9932-ARN
content-encoding: br
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-55HKBB7
142.250.74.72200 OK 57 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-55HKBB7
IP 142.250.74.72:0
File type ASCII text, with very long lines (23120)
Hash 31ea907382075a4db3422761a85dbaef
3e066c9f921debf33dd408e97c1528c25435840d
fe962d859642ace81b9a69134772e2f7c184aa43a09cfd9c2044bcb527facdeb
GET /gtm.js?id=GTM-55HKBB7 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 06 Sep 2022 15:58:08 GMT
expires: Tue, 06 Sep 2022 15:58:08 GMT
cache-control: private, max-age=900
last-modified: Tue, 06 Sep 2022 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 57107
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a89d52065930f3b201a027fd7cd1d0fe
262e5b31bdb345ce3a6e926e1c0b6184f7628ea8
2bba2fdcad4bda371c8263c81d81a9063e4541df1a653208eb41234ed1d2bfcf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4655
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 15:58:08 GMT
Last-Modified: Tue, 06 Sep 2022 14:40:33 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
20bet.com/assets/favicon.png
104.22.35.208200 OK 9.3 kB URL HTTP/2 20bet.com/assets/favicon.png
IP 104.22.35.208:0
File type PNG image data, 129 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash 76d3202979d99d33720b7b189cf8bc23
81cba7c933e4e332ea31208c388307d49bf1c1c8
7731ec4a0f05418aaf44b5d3b8010c5470303578fed1331bc18089fc802b2a96
GET /assets/favicon.png HTTP/1.1
Host: 20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/promotions/first-deposit-casino?btag=656524_A3A6890430B74AC4B1D2449B8E4D7414
Cookie: preferred-language=en; btag=656524_A3A6890430B74AC4B1D2449B8E4D7414
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 15:58:08 GMT
content-type: image/png
content-length: 9320
last-modified: Fri, 02 Sep 2022 09:37:22 GMT
etag: "6311ced2-2468"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6698
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74686786788d9932-ARN
X-Firefox-Spdy: h2
20bet.com/assets/favicon.png
104.22.35.208200 OK 9.3 kB URL HTTP/2 20bet.com/assets/favicon.png
IP 104.22.35.208:0
File type PNG image data, 129 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash 76d3202979d99d33720b7b189cf8bc23
81cba7c933e4e332ea31208c388307d49bf1c1c8
7731ec4a0f05418aaf44b5d3b8010c5470303578fed1331bc18089fc802b2a96
GET /assets/favicon.png HTTP/1.1
Host: 20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/promotions/first-deposit-casino?btag=656524_A3A6890430B74AC4B1D2449B8E4D7414
Cookie: preferred-language=en; btag=656524_A3A6890430B74AC4B1D2449B8E4D7414
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 15:58:08 GMT
content-type: image/png
content-length: 9320
last-modified: Fri, 02 Sep 2022 09:37:22 GMT
etag: "6311ced2-2468"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6698
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74686786788a9932-ARN
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 62c739a1335c5cf0fd4e783db6cdf14b
4f4a2acf32a7b7d8d86f7d0b037cdd16d59704ff
de1d42a2f47b8a7f1fed1880f1b485f63a5e07ede87fee3194cabeab056cf6f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 15:58:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
c4457c89-e5ba-4d22-92e5-c2959310ee85.snippet.antillephone.com/apg-seal.js
54.230.111.125200 OK 1.8 kB URL HTTP/2 c4457c89-e5ba-4d22-92e5-c2959310ee85.snippet.antillephone.com/apg-seal.js
IP 54.230.111.125:0
Hash 522a60c3527c5e4b121bdcd6a68de451
60cbb386918789fe622d566b76b28dad38a8f316
6cfc20b4ce44fd361e14ac02b05cca9e38ff32dc90238fa8986d5e5ca10824c5
Analyzer Verdict Alert fortinet Malware
GET /apg-seal.js HTTP/1.1
Host: c4457c89-e5ba-4d22-92e5-c2959310ee85.snippet.antillephone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
date: Tue, 06 Sep 2022 15:57:06 GMT
x-powered-by: Express
cache-control: max-age=300
etag: W/"e0f-oLjxz4rswfE0ViUrohM7PvB1N2M"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 746866045fd49250-FRA
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 1t9ZIM8Q6xnGwc9ZSuKUiVSW-jnAElDy4xTd1xJ_c0OmOWkNedWYXQ==
age: 62
X-Firefox-Spdy: h2
tracker.ads.sportradar.com/dist/tracker.js
23.36.79.43200 OK 12 kB URL HTTP/2 tracker.ads.sportradar.com/dist/tracker.js
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (34755)
Hash b34b13d85152f71b7fd15289c78c0583
0bb20191b022bbd0e75f2bbce7f6332886079c2c
7a3fc57394ecc6745eb6e18745aa1e5e5d05cb2237c4d0d754ab43d33863a84c
GET /dist/tracker.js HTTP/1.1
Host: tracker.ads.sportradar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 20 Jan 2021 14:51:32 GMT
accept-ranges: bytes
server: AmazonS3
etag: "5ff82a1c468a89919e9437d33e0402cb"
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: lilTPTQwiFh0VJWkVzsVkg926mhW28TGKyOiSnBsA59oGt4a5kFU3Q==
vary: Accept-Encoding
content-encoding: gzip
content-length: 11553
date: Tue, 06 Sep 2022 15:58:08 GMT
cache-control: max-age=900, public
X-Firefox-Spdy: h2
tracker.ads.sportradar.com/dist//sp-2.14.0.js
23.36.79.43200 OK 30 kB URL HTTP/2 tracker.ads.sportradar.com/dist//sp-2.14.0.js
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (64903)
Hash 44f237857b8d03f32b53fe551e83c95a
91536fe6c60d947d29dfcb5f04d09b752b5ccf03
a5e10dc2f3c729300afe8fe24aa430f57d91fdefa8112c0b35dd424ba612caa7
GET /dist//sp-2.14.0.js HTTP/1.1
Host: tracker.ads.sportradar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 20 Jan 2021 14:51:32 GMT
accept-ranges: bytes
server: AmazonS3
etag: "8dba669b94e3865c9205ef8fd15ee4d1"
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: BkEJYEd4ZgXvhrOZMYkJ33TO6-1fCSrXqN0YSeRsYveNKSz-gUQW2g==
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 06 Sep 2022 15:58:08 GMT
content-length: 30370
cache-control: max-age=900, public
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 8806f7ce565af1530efafb651b2e8a35
608bccc6a3939255a804bfc115b455c38f649df7
50f63773b0f936c5105b7c01cee4b064c771a6d454adb61dcdb5f85d8a185e58
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 06 Sep 2022 15:58:08 GMT
Last-Modified: Tue, 06 Sep 2022 14:23:15 GMT
Server: ECS (nyb/1D2B)
X-Cache: Miss from cloudfront
Via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: U53VdEcVGWTWo6TshV6MCnu02t6tq-G1yyAaTVBM-hzherYXf3YfVA==
Age: 5693
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ad55e99613c40a0234eb408d845519cd
dcee5af0984a53cca80fe7a70bea8e24d1f2c951
4338839157b91c4172dba72dd6c2cf92e1348470beb2c6c2a2b08d61cce7db40
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4338839157B91C4172DBA72DD6C2CF92E1348470BEB2C6C2A2B08D61CCE7DB40"
Last-Modified: Tue, 06 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18245
Expires: Tue, 06 Sep 2022 21:02:13 GMT
Date: Tue, 06 Sep 2022 15:58:08 GMT
Connection: keep-alive
vars.hotjar.com/box-1ada912494ba7fc7aca15fcef1c2a7ae.html
143.204.55.101200 OK 1.0 kB URL HTTP/2 vars.hotjar.com/box-1ada912494ba7fc7aca15fcef1c2a7ae.html
IP 143.204.55.101:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2431), with no line terminators
Hash 0b3d3f4206ab84d8861a8cc4b2ddbe66
4561b7c0419b65db5c1314be2143bd1734e88d89
ec42652b198c82469afbe5e6e69312a25425c1fd38d379cf3761b328ecd48e4a
GET /box-1ada912494ba7fc7aca15fcef1c2a7ae.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1044
date: Wed, 13 Jul 2022 08:33:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "0b3d3f4206ab84d8861a8cc4b2ddbe66"
last-modified: Wed, 13 Jul 2022 08:32:20 GMT
strict-transport-security: max-age=86400; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: kcoFm6xuSKXIFvabTQq2KPw2lEpOukn6g2yJE6GPYWLOoZ6_h6yNXA==
age: 4778702
X-Firefox-Spdy: h2
zz.connextra.com/dcs/tagController/tag/d3ea3fb1f9d4/homepage
104.85.191.64200 OK 16 kB URL HTTP/2 zz.connextra.com/dcs/tagController/tag/d3ea3fb1f9d4/homepage
IP 104.85.191.64:0
File type HTML document text\012- exported SGML document, ASCII text, with very long lines (2407)
Hash a48b7d649ea4ff6d54adcc1966fdf787
d8d4c0645613806cf861cfa1d793e40aca2748f0
1479166998807326fbc3aa71ab41a46597b3dc39c6e9c9b372c0a0286030add0
GET /dcs/tagController/tag/d3ea3fb1f9d4/homepage HTTP/1.1
Host: zz.connextra.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-encoding: gzip
content-type: text/javascript;charset=utf-8
content-length: 16263
cache-control: must-revalidate, max-age=206
expires: Tue, 06 Sep 2022 16:01:34 GMT
date: Tue, 06 Sep 2022 15:58:08 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash b4c6f4a27ccd386b3469d9c9d33e1be4
8b056428007da80a092fbe3b9e9b78d205897e37
bd0ee36a5cae44c498ce019dc2d052436cb08c867b72cafe6c6efbbffcae3a5b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 06 Sep 2022 15:58:08 GMT
Last-Modified: Tue, 06 Sep 2022 14:20:31 GMT
Server: ECS (nyb/1D1C)
X-Cache: Miss from cloudfront
Via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 2aeL_ECjsLM_71mFwRfxVfR7GQaTa8gfG8hb6Ip2r8AQ7reveB_mMw==
Age: 5857
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash ab47d879ff6ebccef024865550d5fa97
38f7437845310847da9a65a0293c14bc958ff30d
919df1f99ffd389aaebb9dec258c39f43f5e483de392b27935c4d7e22f0697b5
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "919DF1F99FFD389AAEBB9DEC258C39F43F5E483DE392B27935C4D7E22F0697B5"
Last-Modified: Tue, 06 Sep 2022 10:00:00 UTC
Content-Length: 1586
Cache-Control: public, no-transform, must-revalidate, max-age=3502
Expires: Tue, 06 Sep 2022 16:56:30 GMT
Date: Tue, 06 Sep 2022 15:58:08 GMT
Connection: keep-alive
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash ab47d879ff6ebccef024865550d5fa97
38f7437845310847da9a65a0293c14bc958ff30d
919df1f99ffd389aaebb9dec258c39f43f5e483de392b27935c4d7e22f0697b5
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "919DF1F99FFD389AAEBB9DEC258C39F43F5E483DE392B27935C4D7E22F0697B5"
Last-Modified: Tue, 06 Sep 2022 10:00:00 UTC
Content-Length: 1586
Cache-Control: public, no-transform, must-revalidate, max-age=3507
Expires: Tue, 06 Sep 2022 16:56:35 GMT
Date: Tue, 06 Sep 2022 15:58:08 GMT
Connection: keep-alive
a.sportradarserving.com/sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId=
35.156.185.100302 Moved Temporarily 0 B URL HTTP/1.1 a.sportradarserving.com/sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId=
IP 35.156.185.100:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId= HTTP/1.1
Host: a.sportradarserving.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache, no-store, must-revalidate
Date: Tue, 06 Sep 2022 15:58:08 GMT
Location: https://a.sportradarserving.com/ul_cb/sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId=
Set-Cookie: zuuid=ec0605f0-7637-477a-b3b9-bb8f8231ac6f; path=/; expires=Wed, 06-Sep-2023 15:58:08 GMT; domain=sportradarserving.com; samesite=none; secure
c=1662479888; path=/; expires=Wed, 06-Sep-2023 15:58:08 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_lu=1662479888; path=/; expires=Wed, 06-Sep-2023 15:58:08 GMT; domain=sportradarserving.com; samesite=none; secure
Content-Length: 0
Connection: keep-alive
a.sportradarserving.com/pixel?type=js&aid=1121&id=1859
35.156.185.100302 Moved Temporarily 0 B URL HTTP/1.1 a.sportradarserving.com/pixel?type=js&aid=1121&id=1859
IP 35.156.185.100:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel?type=js&aid=1121&id=1859 HTTP/1.1
Host: a.sportradarserving.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache, no-store, must-revalidate
Date: Tue, 06 Sep 2022 15:58:08 GMT
Location: https://a.sportradarserving.com/ul_cb/pixel?type=js&aid=1121&id=1859
Set-Cookie: zuuid=29be567b-a476-4ef2-81af-8f8b8c29b7f4; path=/; expires=Wed, 06-Sep-2023 15:58:08 GMT; domain=sportradarserving.com; samesite=none; secure
c=1662479888; path=/; expires=Wed, 06-Sep-2023 15:58:08 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_lu=1662479888; path=/; expires=Wed, 06-Sep-2023 15:58:08 GMT; domain=sportradarserving.com; samesite=none; secure
Content-Length: 0
Connection: keep-alive
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 0583b5e4e11150bddb456ff7206a1765
a4c7af9a69e3c5a19ecd7aea7ce1c9394533f919
2ac020896df10ed00cb2a236c22681c1f41b3e8fb2b70a6e18b6a938c8fb9874
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 15:58:09 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 04 Sep 2022 12:04:38 GMT
Expires: Sun, 11 Sep 2022 12:04:37 GMT
Etag: "a4c7af9a69e3c5a19ecd7aea7ce1c9394533f919"
Cache-Control: max-age=417388,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 746867891df9b529-OSL
20bet.com/app/runtime.1db12f9d83191ab4.esm.js
104.22.35.208200 OK 193 kB URL HTTP/2 20bet.com/app/runtime.1db12f9d83191ab4.esm.js
IP 104.22.35.208:0
File type ASCII text, with very long lines (5176), with no line terminators
Size 193 kB (192881 bytes)
Hash 22463f7cea33bfaf6dc177474d871d13
f2d9822f40d02d49dbf74e58b44fb89e4b215804
10c1cc2cf245ffc2e5db454ae7c65de550993f80bc8906983a69883a0bbf3858
GET /app/runtime.1db12f9d83191ab4.esm.js HTTP/1.1
Host: 20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/promotions/first-deposit-casino?btag=656524_A3A6890430B74AC4B1D2449B8E4D7414
Cookie: preferred-language=en; btag=656524_A3A6890430B74AC4B1D2449B8E4D7414; _sp_srt_ses.1d36=*; _sp_srt_id.1d36=1ecc1146-1500-4950-b40d-51d0c49b877c.1662479883.1.1662479883.1662479883.6587ec78-8ee0-40d2-af86-0014c7842f6a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 15:58:08 GMT
content-type: application/javascript
last-modified: Fri, 02 Sep 2022 09:36:40 GMT
vary: Accept-Encoding
etag: W/"6311cea8-1438"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6614
server: cloudflare
cf-ray: 746867878a199932-ARN
content-encoding: br
X-Firefox-Spdy: h2
track.trackingtraffo.com/pixel/js?auth=q1wumswr&event=visit&uid=undefined&tid={TRANSACTION_ID}&cur=undefined&amount=undefined
88.214.195.156200 OK 492 B URL HTTP/1.1 track.trackingtraffo.com/pixel/js?auth=q1wumswr&event=visit&uid=undefined&tid={TRANSACTION_ID}&cur=undefined&amount=undefined
IP 88.214.195.156:0
Hash 3756cad2f2f81943455eecd9491da8ec
157eae8c2012f0024834d48b1b4d08d461da9d7b
bb32cb34f8853772cba14cede98cb887fca7a412811488a79899a8620527cb9b
GET /pixel/js?auth=q1wumswr&event=visit&uid=undefined&tid={TRANSACTION_ID}&cur=undefined&amount=undefined HTTP/1.1
Host: track.trackingtraffo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 06 Sep 2022 15:58:09 GMT
Content-Type: text/javascript
Content-Length: 492
Connection: keep-alive
Cache-Control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
Pragma: no-cache
Expires: Sat, 01 Jan 2000 00:00:00 GMT
tag.growthbuddy.app/tag.js?id=DV-02355017850611493202
52.19.162.115200 OK 2.0 kB URL HTTP/2 tag.growthbuddy.app/tag.js?id=DV-02355017850611493202
IP 52.19.162.115:0
File type ASCII text, with very long lines (4966)
Hash b6e25997407245f0f6095b9865dc3828
bee1656f82ca83a9315759c80a5e3e91b53eabc7
94c80d2b5cf48e280ce2d53a629a003576a7f1b303b7b397103afc0ab1129ab7
GET /tag.js?id=DV-02355017850611493202 HTTP/1.1
Host: tag.growthbuddy.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 06 Sep 2022 15:58:08 GMT
content-type: application/javascript; charset=utf-8
set-cookie: INGRESSCOOKIE=1662479889.582.49.391950|5f2e1b57d78510d04b0cf9036879032b; Path=/; Secure; HttpOnly
vary: Accept-Encoding
cache-control: public, max-age=7200
x-content-type-options: nosniff
etag: "1382-4YuDa3owVc9r2LUx5CM7dj7oB9U"
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
platform.20bet.com/api/market-group-sorting/get-all-ordered
104.22.35.208204 No Content 0 B URL HTTP/2 platform.20bet.com/api/market-group-sorting/get-all-ordered
IP 104.22.35.208:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/market-group-sorting/get-all-ordered HTTP/1.1
Host: platform.20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://20bet.com/
Origin: https://20bet.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Tue, 06 Sep 2022 15:58:09 GMT
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7468678b4fe39932-ARN
X-Firefox-Spdy: h2
20bet.com/push-worker.js
104.22.35.208404 Not Found 7.5 kB IP 104.22.35.208:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4744), with CRLF, LF line terminators
Hash 39ef6441f6519930f3f9c53a22019002
1af5398d35cc70376f878c2bfe2f65925399f09d
2bf8b2cb12fc0cd96fc66fd1ceb998d126f10a71b17cb04557566113b7efc7dd
GET /push-worker.js HTTP/1.1
Host: 20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: preferred-language=en; btag=656524_A3A6890430B74AC4B1D2449B8E4D7414
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
date: Tue, 06 Sep 2022 15:58:08 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.29
cache-control: max-age=0, must-revalidate, private
expires: Tue, 06 Sep 2022 15:58:08 GMT
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: BYPASS
server: cloudflare
cf-ray: 74686786f9379932-ARN
content-encoding: br
X-Firefox-Spdy: h2
20bet.com/app/common.9fee8e38091ae3ff.css
104.22.35.208200 OK 682 B URL HTTP/2 20bet.com/app/common.9fee8e38091ae3ff.css
IP 104.22.35.208:0
File type ASCII text, with very long lines (2188), with no line terminators
Hash 489de15ccfb53119a92e456b8c42bffd
7d787b75cb9865b0ff9cef0dadfe49742bbbe87f
cf7b9b55f9089ff05e0cbc465085cd522a443cd5ca1773cfe7d5d3866a00b704
GET /app/common.9fee8e38091ae3ff.css HTTP/1.1
Host: 20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/promotions/first-deposit-casino?btag=656524_A3A6890430B74AC4B1D2449B8E4D7414
Cookie: preferred-language=en; btag=656524_A3A6890430B74AC4B1D2449B8E4D7414; _sp_srt_ses.1d36=*; _sp_srt_id.1d36=1ecc1146-1500-4950-b40d-51d0c49b877c.1662479883.1.1662479883.1662479883.6587ec78-8ee0-40d2-af86-0014c7842f6a; DV_TRACK=6872b45b-6988-41f6-97c5-3a537a80fcdd; _ga_J9LNZYMXZE=GS1.1.1662479883.1.0.1662479883.0.0.0; _ga=GA1.1.1053374442.1662479883
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 15:58:09 GMT
content-type: text/css
last-modified: Fri, 02 Sep 2022 09:36:44 GMT
vary: Accept-Encoding
etag: W/"6311ceac-88c"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
server: cloudflare
cf-ray: 7468678a9ee79932-ARN
content-encoding: br
X-Firefox-Spdy: h2
platform.20bet.com/api/sport/list/-1/0/en
104.22.35.208204 No Content 0 B URL HTTP/2 platform.20bet.com/api/sport/list/-1/0/en
IP 104.22.35.208:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/sport/list/-1/0/en HTTP/1.1
Host: platform.20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://20bet.com/
Origin: https://20bet.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Tue, 06 Sep 2022 15:58:09 GMT
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7468678b3fdf9932-ARN
X-Firefox-Spdy: h2
20bet.com/app/polyfills.4743b5f1698ee308.esm.js
104.22.35.208200 OK 36 kB URL HTTP/2 20bet.com/app/polyfills.4743b5f1698ee308.esm.js
IP 104.22.35.208:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 03115e9557f6e83e44487f65b2f6b873
be31829683c6b7c8f9e7ae83e1747fb2dc22f7e0
d0047347ba996cf0e03766175a02ac616ee9ee50918096d58ef994bd01f845f1
GET /app/polyfills.4743b5f1698ee308.esm.js HTTP/1.1
Host: 20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/promotions/first-deposit-casino?btag=656524_A3A6890430B74AC4B1D2449B8E4D7414
Cookie: preferred-language=en; btag=656524_A3A6890430B74AC4B1D2449B8E4D7414; _sp_srt_ses.1d36=*; _sp_srt_id.1d36=1ecc1146-1500-4950-b40d-51d0c49b877c.1662479883.1.1662479883.1662479883.6587ec78-8ee0-40d2-af86-0014c7842f6a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 15:58:08 GMT
content-type: application/javascript
last-modified: Fri, 02 Sep 2022 09:36:44 GMT
vary: Accept-Encoding
etag: W/"6311ceac-17348"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6614
server: cloudflare
cf-ray: 746867878a179932-ARN
content-encoding: br
X-Firefox-Spdy: h2
20bet.com/app/6485.83a5f1d2e8af3f67.esm.js
104.22.35.208200 OK 534 B URL HTTP/2 20bet.com/app/6485.83a5f1d2e8af3f67.esm.js
IP 104.22.35.208:0
File type ASCII text, with very long lines (1023), with no line terminators
Hash 292931448f8479ca95f5dbb5adad1fe8
c7ad543db88628d37cb8441a01b3ff4e43345f09
8d9ddc762ea31577c9b227c40f027aaf15c097a390198e2d4c26442517f15162
GET /app/6485.83a5f1d2e8af3f67.esm.js HTTP/1.1
Host: 20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/promotions/first-deposit-casino?btag=656524_A3A6890430B74AC4B1D2449B8E4D7414
Cookie: preferred-language=en; btag=656524_A3A6890430B74AC4B1D2449B8E4D7414; _sp_srt_ses.1d36=*; _sp_srt_id.1d36=1ecc1146-1500-4950-b40d-51d0c49b877c.1662479883.1.1662479883.1662479883.6587ec78-8ee0-40d2-af86-0014c7842f6a; DV_TRACK=6872b45b-6988-41f6-97c5-3a537a80fcdd; _ga_J9LNZYMXZE=GS1.1.1662479883.1.0.1662479883.0.0.0; _ga=GA1.1.1053374442.1662479883
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 15:58:09 GMT
content-type: application/javascript
last-modified: Fri, 02 Sep 2022 09:36:20 GMT
etag: W/"6311ce94-3ff"
cache-control: max-age=14400
cf-cache-status: EXPIRED
vary: Accept-Encoding
server: cloudflare
cf-ray: 7468678abf089932-ARN
content-encoding: br
X-Firefox-Spdy: h2
casino.cur.a8r.games/public/sg.js
104.18.42.56200 OK 2.2 kB URL HTTP/2 casino.cur.a8r.games/public/sg.js
IP 104.18.42.56:0
Hash 345601e2959efa03ff7eaa5eb3f6dff8
b378495da4375dedc86451be86406dee6d1cb596
a4cada8069c600a3632278ff6114340ab641ac651d5ad79a54af31eadca32212
GET /public/sg.js HTTP/1.1
Host: casino.cur.a8r.games
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 06 Sep 2022 15:58:08 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Tue, 06 Sep 2022 15:27:16 GMT
cf-cache-status: HIT
age: 517
expires: Tue, 06 Sep 2022 19:58:08 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 746867845aa30b02-OSL
X-Firefox-Spdy: h2
platform.20bet.com/api/data/provinces
104.22.35.208204 No Content 0 B URL HTTP/2 platform.20bet.com/api/data/provinces
IP 104.22.35.208:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/data/provinces HTTP/1.1
Host: platform.20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://20bet.com/
Origin: https://20bet.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Tue, 06 Sep 2022 15:58:09 GMT
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7468678b78179932-ARN
X-Firefox-Spdy: h2
a.sportradarserving.com/ul_cb/pixel?type=js&aid=1121&id=1859
35.156.185.100200 OK 2.3 kB URL HTTP/1.1 a.sportradarserving.com/ul_cb/pixel?type=js&aid=1121&id=1859
IP 35.156.185.100:0
File type ASCII text, with very long lines (2325), with no line terminators
Hash d287c21a503663250c6b208e762643e8
bcc482247b1b95041bac235e5eac95983630f6fb
6ef877bc3d82f242d3480f21614f5e5cafa05c873cdea50c5af99f255321fbcb
GET /ul_cb/pixel?type=js&aid=1121&id=1859 HTTP/1.1
Host: a.sportradarserving.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20bet.com/
Connection: keep-alive
Cookie: zuuid=29be567b-a476-4ef2-81af-8f8b8c29b7f4; c=1662479888; zuuid_lu=1662479888
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/javascript; charset=UTF-8
Date: Tue, 06 Sep 2022 15:58:09 GMT
Set-Cookie: zuuid=29be567b-a476-4ef2-81af-8f8b8c29b7f4; path=/; expires=Wed, 06-Sep-2023 15:58:09 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_lu=1662479889; path=/; expires=Wed, 06-Sep-2023 15:58:09 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_k=1; path=/; expires=Wed, 06-Sep-2023 15:58:09 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_k_lu=1662479889; path=/; expires=Wed, 06-Sep-2023 15:58:09 GMT; domain=sportradarserving.com; samesite=none; secure
cm2=!bidswitch,431809089; path=/; expires=Wed, 06-Sep-2023 15:58:09 GMT; domain=sportradarserving.com; samesite=none; secure
bss=!bidswitch,431737089; path=/; expires=Wed, 06-Sep-2023 15:58:09 GMT; domain=sportradarserving.com; samesite=none; secure
Content-Length: 2325
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 21d1b5be072df45253749eeb3290be82
4ac9978797c085289b9fcc2fe9a57b619e1c78c9
9ea779e1ad86a4a7c403b574908e2dc60d079b366ab1cf439b34c73c9a9c64c9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 15:58:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
platform.20bet.com/api/market-descriptions/get-all-markets/en
104.22.35.208204 No Content 0 B URL HTTP/2 platform.20bet.com/api/market-descriptions/get-all-markets/en
IP 104.22.35.208:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/market-descriptions/get-all-markets/en HTTP/1.1
Host: platform.20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://20bet.com/
Origin: https://20bet.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Tue, 06 Sep 2022 15:58:09 GMT
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7468678b2fc49932-ARN
X-Firefox-Spdy: h2
platform.20bet.com/api/status
104.22.35.208204 No Content 0 B URL HTTP/2 platform.20bet.com/api/status
IP 104.22.35.208:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/status HTTP/1.1
Host: platform.20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://20bet.com/
Origin: https://20bet.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Tue, 06 Sep 2022 15:58:09 GMT
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7468678b3fc79932-ARN
X-Firefox-Spdy: h2
platform.20bet.com/api/match-statuses/get-all/en
104.22.35.208204 No Content 0 B URL HTTP/2 platform.20bet.com/api/match-statuses/get-all/en
IP 104.22.35.208:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/match-statuses/get-all/en HTTP/1.1
Host: platform.20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://20bet.com/
Origin: https://20bet.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Tue, 06 Sep 2022 15:58:09 GMT
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7468678b3fc69932-ARN
X-Firefox-Spdy: h2
www.google.com/recaptcha/api.js?render=6Ley_-AUAAAAABKS0CxGrXn7WcIrUtA7OZDmjlTZ
142.250.74.164200 OK 584 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6Ley_-AUAAAAABKS0CxGrXn7WcIrUtA7OZDmjlTZ
IP 142.250.74.164:0
File type ASCII text, with very long lines (884), with no line terminators
Hash b4b4fa3c1e868607281acc7596015e05
3aa0e03f6974f0f7c2e11e471d98a33e12cdb33f
17f33f01a6ee02237345af11070a4d46e72c3fd0fb02dde6b6153447a81d46ef
GET /recaptcha/api.js?render=6Ley_-AUAAAAABKS0CxGrXn7WcIrUtA7OZDmjlTZ HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
expires: Tue, 06 Sep 2022 15:58:09 GMT
date: Tue, 06 Sep 2022 15:58:09 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 584
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
platform.20bet.com/api/market-descriptions/get-all-outcomes/en
104.22.35.208204 No Content 0 B URL HTTP/2 platform.20bet.com/api/market-descriptions/get-all-outcomes/en
IP 104.22.35.208:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/market-descriptions/get-all-outcomes/en HTTP/1.1
Host: platform.20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://20bet.com/
Origin: https://20bet.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Tue, 06 Sep 2022 15:58:09 GMT
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7468678b1fae9932-ARN
X-Firefox-Spdy: h2
20bet.com/app/main.ade23308abf2ae2d.esm.js
104.22.35.208200 OK 339 kB URL HTTP/2 20bet.com/app/main.ade23308abf2ae2d.esm.js
IP 104.22.35.208:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 339 kB (338665 bytes)
Hash 72cf6d2fd9711d5628ab362a63b14c31
741492735faa89477f03455405e1b6f8dae44edb
0cbc65988b0c9c8af59619f468e65c4792fc5dc80e03a317832413798d679488
GET /app/main.ade23308abf2ae2d.esm.js HTTP/1.1
Host: 20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/promotions/first-deposit-casino?btag=656524_A3A6890430B74AC4B1D2449B8E4D7414
Cookie: preferred-language=en; btag=656524_A3A6890430B74AC4B1D2449B8E4D7414; _sp_srt_ses.1d36=*; _sp_srt_id.1d36=1ecc1146-1500-4950-b40d-51d0c49b877c.1662479883.1.1662479883.1662479883.6587ec78-8ee0-40d2-af86-0014c7842f6a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 15:58:08 GMT
content-type: application/javascript
last-modified: Fri, 02 Sep 2022 09:36:21 GMT
vary: Accept-Encoding
etag: W/"6311ce95-143271"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6614
server: cloudflare
cf-ray: 746867878a149932-ARN
content-encoding: br
X-Firefox-Spdy: h2
platform.20bet.com/api/sport/list/-1/0/en
104.22.35.208200 OK 5.1 kB URL HTTP/2 platform.20bet.com/api/sport/list/-1/0/en
IP 104.22.35.208:0
File type JSON data\012- , ASCII text, with very long lines (22030), with no line terminators
Hash 1b05f7846bb6607da1a8d3473120d745
500ce74864172cb02d394cea49227275ef9063b6
b417f7f27a8ff4599da14ba170e2e63aa137f432c614224ba8b979704351fbff
GET /api/sport/list/-1/0/en HTTP/1.1
Host: platform.20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
client-timezone: UTC
Origin: https://20bet.com
Connection: keep-alive
Referer: https://20bet.com/
Cookie: _sp_srt_ses.1d36=*; _sp_srt_id.1d36=1ecc1146-1500-4950-b40d-51d0c49b877c.1662479883.1.1662479883.1662479883.6587ec78-8ee0-40d2-af86-0014c7842f6a; DV_TRACK=6872b45b-6988-41f6-97c5-3a537a80fcdd; _ga_J9LNZYMXZE=GS1.1.1662479883.1.0.1662479883.0.0.0; _ga=GA1.1.1053374442.1662479883
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 15:58:09 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.30
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7468678ba84a9932-ARN
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/Bz2q3fRhivk
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/Bz2q3fRhivk
IP 142.250.74.3:0
Hash 507f79431a7656757f20237b3664dabc
1ce1f5023b7a6a93a8601f5f36f985ed6b69cde1
d5eb9ec3ccdae9be7f29bf9724f66c1904bd2c78d575e10d811c0a7087620d59
POST /s/gts1d4/Bz2q3fRhivk HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 15:58:09 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/mhuqZ1vnJhs
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/mhuqZ1vnJhs
IP 142.250.74.3:0
Hash e4233a8bf32e70b0fef55de3be56a78a
5eb7b6e14d9d2409e3884baa56ed3df125ca6973
7a4cb27a2ca86764be184e36fa6ae78df7d82eabfa93183933fbf9da992bd644
POST /s/gts1d4/mhuqZ1vnJhs HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 15:58:09 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
platform.20bet.com/api/data/get-countries
104.22.35.208200 OK 4.4 kB URL HTTP/2 platform.20bet.com/api/data/get-countries
IP 104.22.35.208:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 8d4c64113100c11ceed39e382ac45f28
105ce4778732c35379a84db05d54989b87e33876
42f852f223d4b043271131abfe3862c363aa34fbb8fb342f5fcbe5ea39733af7
GET /api/data/get-countries HTTP/1.1
Host: platform.20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
client-timezone: UTC
Origin: https://20bet.com
Connection: keep-alive
Referer: https://20bet.com/
Cookie: _sp_srt_ses.1d36=*; _sp_srt_id.1d36=1ecc1146-1500-4950-b40d-51d0c49b877c.1662479883.1.1662479883.1662479883.6587ec78-8ee0-40d2-af86-0014c7842f6a; DV_TRACK=6872b45b-6988-41f6-97c5-3a537a80fcdd; _ga_J9LNZYMXZE=GS1.1.1662479883.1.0.1662479883.0.0.0; _ga=GA1.1.1053374442.1662479883
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 15:58:09 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.30
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7468678ba8499932-ARN
content-encoding: br
X-Firefox-Spdy: h2
api.feedad.com/1.1/web/usersyncs?b=8461718b-151b-486e-8ea2-a9b349f07f98&u=29be567b-a476-4ef2-81af-8f8b8c29b7f4
216.239.32.21200 OK 42 B URL HTTP/2 api.feedad.com/1.1/web/usersyncs?b=8461718b-151b-486e-8ea2-a9b349f07f98&u=29be567b-a476-4ef2-81af-8f8b8c29b7f4
IP 216.239.32.21:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /1.1/web/usersyncs?b=8461718b-151b-486e-8ea2-a9b349f07f98&u=29be567b-a476-4ef2-81af-8f8b8c29b7f4 HTTP/1.1
Host: api.feedad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/gif
set-cookie: fa_8461718b-151b-486e-8ea2-a9b349f07f98_u=29be567b-a476-4ef2-81af-8f8b8c29b7f4; Domain=.feedad.com; Path=/; Max-Age=2592000; HttpOnly; SameSite=None; Secure
x-cloud-trace-context: d28f39cc7c879d259a38d14ec0e4795d
date: Tue, 06 Sep 2022 15:58:09 GMT
server: Google Frontend
content-length: 42
expires: Tue, 06 Sep 2022 15:58:09 GMT
cache-control: private
X-Firefox-Spdy: h2
tags.feedad.com/1/usersyncs?b=8461718b-151b-486e-8ea2-a9b349f07f98&u=29be567b-a476-4ef2-81af-8f8b8c29b7f4
216.239.38.21200 OK 42 B URL HTTP/2 tags.feedad.com/1/usersyncs?b=8461718b-151b-486e-8ea2-a9b349f07f98&u=29be567b-a476-4ef2-81af-8f8b8c29b7f4
IP 216.239.38.21:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /1/usersyncs?b=8461718b-151b-486e-8ea2-a9b349f07f98&u=29be567b-a476-4ef2-81af-8f8b8c29b7f4 HTTP/1.1
Host: tags.feedad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/gif
set-cookie: fa_8461718b-151b-486e-8ea2-a9b349f07f98_u=29be567b-a476-4ef2-81af-8f8b8c29b7f4; Domain=.feedad.com; Path=/; Max-Age=2592000; HttpOnly; SameSite=None; Secure
x-cloud-trace-context: 9ceecad86b89ba40cdc71ece1887ce46
date: Tue, 06 Sep 2022 15:58:09 GMT
server: Google Frontend
content-length: 42
expires: Tue, 06 Sep 2022 15:58:09 GMT
cache-control: private
X-Firefox-Spdy: h2
20bet.com/assets/logo_white.webp
104.22.35.208200 OK 23 kB URL HTTP/2 20bet.com/assets/logo_white.webp
IP 104.22.35.208:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 9c47bad4be0d152b3c4e9541eab4b30c
c4a098a961540d81cef7d459b07a62359cee7e5e
36c3917aaa5ff44fb95709cccb6adca4dcb9fbb4416f5b8685c32c73b8525d0d
GET /assets/logo_white.webp HTTP/1.1
Host: 20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/promotions/first-deposit-casino?btag=656524_A3A6890430B74AC4B1D2449B8E4D7414
Cookie: preferred-language=en; btag=656524_A3A6890430B74AC4B1D2449B8E4D7414; _sp_srt_ses.1d36=*; _sp_srt_id.1d36=1ecc1146-1500-4950-b40d-51d0c49b877c.1662479883.1.1662479883.1662479883.6587ec78-8ee0-40d2-af86-0014c7842f6a; DV_TRACK=6872b45b-6988-41f6-97c5-3a537a80fcdd; _ga_J9LNZYMXZE=GS1.1.1662479883.1.0.1662479883.0.0.0; _ga=GA1.1.1053374442.1662479883
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 15:58:09 GMT
content-type: image/webp
content-length: 23194
last-modified: Fri, 02 Sep 2022 09:36:59 GMT
etag: "6311cebb-5a9a"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3407
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7468678e0bf19932-ARN
X-Firefox-Spdy: h2
20bet.com/app/326.5536a59ff425b07b.esm.js
104.22.35.208200 OK 16 kB URL HTTP/2 20bet.com/app/326.5536a59ff425b07b.esm.js
IP 104.22.35.208:0
File type ASCII text, with very long lines (618), with no line terminators
Hash c2b7a5c5b63128a919b99eaf87b10266
0302e5c5a0c8b37f1030ef7d1751a4fdc0ec53cc
f5d57331466acfd035f70d035f9971645eee95f88d80d37e14b4586cb92f0fef
GET /app/326.5536a59ff425b07b.esm.js HTTP/1.1
Host: 20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/promotions/first-deposit-casino?btag=656524_A3A6890430B74AC4B1D2449B8E4D7414
Cookie: preferred-language=en; btag=656524_A3A6890430B74AC4B1D2449B8E4D7414; _sp_srt_ses.1d36=*; _sp_srt_id.1d36=1ecc1146-1500-4950-b40d-51d0c49b877c.1662479883.1.1662479883.1662479883.6587ec78-8ee0-40d2-af86-0014c7842f6a; DV_TRACK=6872b45b-6988-41f6-97c5-3a537a80fcdd; _ga_J9LNZYMXZE=GS1.1.1662479883.1.0.1662479883.0.0.0; _ga=GA1.1.1053374442.1662479883
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 15:58:09 GMT
content-type: application/javascript
last-modified: Fri, 02 Sep 2022 09:36:25 GMT
etag: W/"6311ce99-26a"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1250
vary: Accept-Encoding
server: cloudflare
cf-ray: 7468678e3c359932-ARN
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://20bet.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Sep 2022 02:02:22 GMT
expires: Sun, 03 Sep 2023 02:02:22 GMT
cache-control: public, max-age=31536000
age: 309347
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
platform.20bet.com/api/market-descriptions/get-all-markets/en
104.22.35.208200 OK 27 kB URL HTTP/2 platform.20bet.com/api/market-descriptions/get-all-markets/en
IP 104.22.35.208:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 41f73b88b63d95eca30f08af1a430d68
315b240917b6ffa927ed058e8e11ab66fae6cc85
5ee5657dbdb1639a862c71218f4b13cbacf6f5c3736ba4337b5a99324983af5f
GET /api/market-descriptions/get-all-markets/en HTTP/1.1
Host: platform.20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
client-timezone: UTC
Origin: https://20bet.com
Connection: keep-alive
Referer: https://20bet.com/
Cookie: _sp_srt_ses.1d36=*; _sp_srt_id.1d36=1ecc1146-1500-4950-b40d-51d0c49b877c.1662479883.1.1662479883.1662479883.6587ec78-8ee0-40d2-af86-0014c7842f6a; DV_TRACK=6872b45b-6988-41f6-97c5-3a537a80fcdd; _ga_J9LNZYMXZE=GS1.1.1662479883.1.0.1662479883.0.0.0; _ga=GA1.1.1053374442.1662479883
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 15:58:09 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.30
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7468678be8979932-ARN
content-encoding: br
X-Firefox-Spdy: h2
platform.20bet.com/api/v2/ip-data
104.22.35.208200 OK 721 B URL HTTP/2 platform.20bet.com/api/v2/ip-data
IP 104.22.35.208:0
File type JSON data\012- , ASCII text, with very long lines (693), with no line terminators
Hash 360493fe3185a6eeb29b6640d83eef23
d26950f653b65ce13c6a6f8e04ac18dcbf58e135
53e14aa44ad8407da24ecc3404cbf7f1d61019245189fb0f60862dd9d07b3659
GET /api/v2/ip-data HTTP/1.1
Host: platform.20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
client-timezone: UTC
Origin: https://20bet.com
Connection: keep-alive
Referer: https://20bet.com/
Cookie: _sp_srt_ses.1d36=*; _sp_srt_id.1d36=1ecc1146-1500-4950-b40d-51d0c49b877c.1662479883.1.1662479883.1662479883.6587ec78-8ee0-40d2-af86-0014c7842f6a; DV_TRACK=6872b45b-6988-41f6-97c5-3a537a80fcdd; _ga_J9LNZYMXZE=GS1.1.1662479883.1.0.1662479883.0.0.0; _ga=GA1.1.1053374442.1662479883
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 15:58:09 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.30
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7468678b98419932-ARN
content-encoding: br
X-Firefox-Spdy: h2
platform.20bet.com/api/user/is-auth
104.22.35.208204 No Content 0 B URL HTTP/2 platform.20bet.com/api/user/is-auth
IP 104.22.35.208:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/user/is-auth HTTP/1.1
Host: platform.20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://20bet.com/
Origin: https://20bet.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Tue, 06 Sep 2022 15:58:09 GMT
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7468678f7de49932-ARN
X-Firefox-Spdy: h2
platform.20bet.com/api/match-statuses/get-all/en
104.22.35.208200 OK 1.4 kB URL HTTP/2 platform.20bet.com/api/match-statuses/get-all/en
IP 104.22.35.208:0
File type JSON data\012- , ASCII text, with very long lines (6171), with no line terminators
Hash 465335ad3774c681c7378c937fee0e23
c37ae0c813d844712d16f647332d54f56d60453a
49dd2a4e4777bcfdfce068cfe6f7b56504187838f5703fc6a25b59dd631b6789
GET /api/match-statuses/get-all/en HTTP/1.1
Host: platform.20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
client-timezone: UTC
Origin: https://20bet.com
Connection: keep-alive
Referer: https://20bet.com/
Cookie: _sp_srt_ses.1d36=*; _sp_srt_id.1d36=1ecc1146-1500-4950-b40d-51d0c49b877c.1662479883.1.1662479883.1662479883.6587ec78-8ee0-40d2-af86-0014c7842f6a; DV_TRACK=6872b45b-6988-41f6-97c5-3a537a80fcdd; _ga_J9LNZYMXZE=GS1.1.1662479883.1.0.1662479883.0.0.0; _ga=GA1.1.1053374442.1662479883
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 15:58:09 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.30
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7468678bf8af9932-ARN
content-encoding: br
X-Firefox-Spdy: h2
sentry.softlabs.com/api/9/store/?sentry_key=913196a6014545bda28200a38ba9826a&sentry_version=7
172.67.71.55200 OK 41 B URL HTTP/2 sentry.softlabs.com/api/9/store/?sentry_key=913196a6014545bda28200a38ba9826a&sentry_version=7
IP 172.67.71.55:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 188c8509841ac8a9593355801b8d0a40
a720494a861035de45d511dec0c31c78ffc5e281
7e4b93a3f859fdba7b2392ce57db275e09887506d74a5ab9d68d27403def436a
POST /api/9/store/?sentry_key=913196a6014545bda28200a38ba9826a&sentry_version=7 HTTP/1.1
Host: sentry.softlabs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20bet.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://20bet.com
Content-Length: 2943
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 06 Sep 2022 15:58:09 GMT
content-type: application/json
content-length: 41
access-control-allow-origin: https://20bet.com
access-control-expose-headers: x-sentry-rate-limits, x-sentry-error, retry-after
vary: Origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jwS3fqcuOEJBOo84S0YjJgn%2BhcauEfSI6Px0s%2Bq7axoRcTbvcMGAOHqKsiNJVbv50cZIeACy7rbT5H3P7dN6sNkKeOMrjmFgekqe50aYYsS0BuLRrV%2FjqXL25YuFhheefwJWErk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7468678f5e38b509-OSL
X-Firefox-Spdy: h2
cdn.livechatinc.com/tracking.js
23.36.79.17200 OK 26 kB URL HTTP/2 cdn.livechatinc.com/tracking.js
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash 5f2358a99550d4776547cb972073bd61
8aa911d2bf317392eb9e9dc894c311ae57e83d14
aabffd826b1e615440082abba276f12e163e4ac2e00d6419aa58cf4366caf0d2
GET /tracking.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
last-modified: Thu, 01 Sep 2022 14:04:09 GMT
x-amz-version-id: UYKKGTF3dQKOE_ePnSPZ3k7YnXZnco.Q
server: AmazonS3
content-encoding: br
etag: W/"f4171ed4d15a2019f2f052cb238ce516"
vary: Accept-Encoding
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: NiZvMx_vc2BZHJpQzNMNcbogeyAGFhrQLewaG7j0g1I_FXoGDY_qnQ==
content-length: 25676
cache-control: max-age=28800
expires: Tue, 06 Sep 2022 23:58:09 GMT
date: Tue, 06 Sep 2022 15:58:09 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
X-Firefox-Spdy: h2
api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=9054575&url=https%3A%2F%2F20bet.com%2Fpromotions%2Ffirst-deposit-casino%3Fbtag%3D656524_A3A6890430B74AC4B1D2449B8E4D7414&channel_type=code&jsonp=__5kjpykeyjka
23.36.79.17200 OK 625 B URL HTTP/2 api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=9054575&url=https%3A%2F%2F20bet.com%2Fpromotions%2Ffirst-deposit-casino%3Fbtag%3D656524_A3A6890430B74AC4B1D2449B8E4D7414&channel_type=code&jsonp=__5kjpykeyjka
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (625), with no line terminators
Hash d7173b69918b4427dc3edb6ecb91d5e6
0429b435a10d3decec5741489de34ca97d4a5e49
6dc193f0d729b986cf0193b783e0b8abcfec494792f107f1d51b70901b2f9628
GET /v3.3/customer/action/get_dynamic_configuration?license_id=9054575&url=https%3A%2F%2F20bet.com%2Fpromotions%2Ffirst-deposit-casino%3Fbtag%3D656524_A3A6890430B74AC4B1D2449B8E4D7414&channel_type=code&jsonp=__5kjpykeyjka HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-security-policy: frame-ancestors https://20bet.com/;
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
vary: Accept-Encoding
x-frame-options: allow-from https://20bet.com/
content-length: 625
date: Tue, 06 Sep 2022 15:58:10 GMT
X-Firefox-Spdy: h2
c4457c89-e5ba-4d22-92e5-c2959310ee85.snippet.antillephone.com/54f396e0-b046-49b1-9cb3-0c69281d7ea9-beacon.png
54.230.111.125200 OK 68 B URL HTTP/2 c4457c89-e5ba-4d22-92e5-c2959310ee85.snippet.antillephone.com/54f396e0-b046-49b1-9cb3-0c69281d7ea9-beacon.png
IP 54.230.111.125:0
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Hash e679fbd466a2d656f194a5da4fa083cd
2aa795c7607aa6ea41313be88f1b7a9c1ab516b3
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
GET /54f396e0-b046-49b1-9cb3-0c69281d7ea9-beacon.png HTTP/1.1
Host: c4457c89-e5ba-4d22-92e5-c2959310ee85.snippet.antillephone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 68
last-modified: Tue, 15 Dec 2020 08:04:53 GMT
accept-ranges: bytes
server: AmazonS3
date: Sat, 13 Aug 2022 23:26:57 GMT
cache-control: no-cache, no-store, must-revalidate
etag: "e679fbd466a2d656f194a5da4fa083cd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: --TiwoFusVHdWTnYo5Zv3lNS1x5fY28FPon4CYOzJ1sGQbgEy6FxaA==
age: 2046875
X-Firefox-Spdy: h2
20bet.com/api/seo/get-data?pageUrl=/promotions/first-deposit-casino
104.22.35.208200 OK 2.1 kB URL HTTP/2 20bet.com/api/seo/get-data?pageUrl=/promotions/first-deposit-casino
IP 104.22.35.208:0
File type JSON data\012- , ASCII text, with very long lines (4515), with no line terminators
Hash 1962603134be72001a49f9293cbf1d23
66b77db2abd718fecbac3c302520a6efd34f635b
ff42ccc19164f1690e43bd04819676e884734cb0857d46fdc52da59f6779a740
GET /api/seo/get-data?pageUrl=/promotions/first-deposit-casino HTTP/1.1
Host: 20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://20bet.com/promotions/first-deposit-casino?btag=656524_A3A6890430B74AC4B1D2449B8E4D7414
Cookie: preferred-language=en; btag=656524_A3A6890430B74AC4B1D2449B8E4D7414; _sp_srt_ses.1d36=*; _sp_srt_id.1d36=1ecc1146-1500-4950-b40d-51d0c49b877c.1662479883.1.1662479883.1662479883.6587ec78-8ee0-40d2-af86-0014c7842f6a; DV_TRACK=6872b45b-6988-41f6-97c5-3a537a80fcdd; _ga_J9LNZYMXZE=GS1.1.1662479883.1.0.1662479883.0.0.0; _ga=GA1.1.1053374442.1662479883
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 15:58:10 GMT
content-type: application/json
vary: Accept-Encoding
x-powered-by: PHP/7.4.29
cache-control: max-age=0, must-revalidate, private
expires: Tue, 06 Sep 2022 15:58:10 GMT
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7468678ebce29932-ARN
content-encoding: br
X-Firefox-Spdy: h2
api.livechatinc.com/v3.3/customer/action/get_localization?license_id=9054575&version=ff93808ef52c6dd040640c4853b854bd&language=en&group_id=24&jsonp=__lc_localization
23.36.79.17200 OK 3.8 kB URL HTTP/2 api.livechatinc.com/v3.3/customer/action/get_localization?license_id=9054575&version=ff93808ef52c6dd040640c4853b854bd&language=en&group_id=24&jsonp=__lc_localization
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (10855), with no line terminators
Hash 90496f5489197d6329e4a1724baac913
b05f8c26e827877f2e5930e1af0b8145fa45a307
b08b6783533f02ddfe54df4f74a25700b2d7a889ecec51f1da2f7f5b58b0a269
GET /v3.3/customer/action/get_localization?license_id=9054575&version=ff93808ef52c6dd040640c4853b854bd&language=en&group_id=24&jsonp=__lc_localization HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
vary: Accept-Encoding
cache-control: public, max-age=600
expires: Tue, 06 Sep 2022 16:08:10 GMT
date: Tue, 06 Sep 2022 15:58:10 GMT
content-length: 3776
X-Firefox-Spdy: h2
static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
172.64.156.26200 OK 0 B URL HTTP/2 static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
IP 172.64.156.26:0
GET /beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://20bet.com
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 06 Sep 2022 15:58:08 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2021.12.0
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 746867840fcafabc-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:400,500,700,300,900&display=swap&subset=cyrillic
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:400,500,700,300,900&display=swap&subset=cyrillic
IP 142.250.74.10:0
GET /css?family=Roboto:400,500,700,300,900&display=swap&subset=cyrillic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 06 Sep 2022 15:58:08 GMT
date: Tue, 06 Sep 2022 15:58:08 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
platform.20bet.com/api/v2/configurations
104.22.35.208200 OK 0 B URL HTTP/2 platform.20bet.com/api/v2/configurations
IP 104.22.35.208:0
GET /api/v2/configurations HTTP/1.1
Host: platform.20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
client-timezone: UTC
Origin: https://20bet.com
Connection: keep-alive
Referer: https://20bet.com/
Cookie: _sp_srt_ses.1d36=*; _sp_srt_id.1d36=1ecc1146-1500-4950-b40d-51d0c49b877c.1662479883.1.1662479883.1662479883.6587ec78-8ee0-40d2-af86-0014c7842f6a; DV_TRACK=6872b45b-6988-41f6-97c5-3a537a80fcdd; _ga_J9LNZYMXZE=GS1.1.1662479883.1.0.1662479883.0.0.0; _ga=GA1.1.1053374442.1662479883
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 15:58:09 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.30
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7468678b98369932-ARN
content-encoding: br
X-Firefox-Spdy: h2
platform.20bet.com/api/data/get-currencies
104.22.35.208200 OK 0 B URL HTTP/2 platform.20bet.com/api/data/get-currencies
IP 104.22.35.208:0
GET /api/data/get-currencies HTTP/1.1
Host: platform.20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
client-timezone: UTC
Origin: https://20bet.com
Connection: keep-alive
Referer: https://20bet.com/
Cookie: _sp_srt_ses.1d36=*; _sp_srt_id.1d36=1ecc1146-1500-4950-b40d-51d0c49b877c.1662479883.1.1662479883.1662479883.6587ec78-8ee0-40d2-af86-0014c7842f6a; DV_TRACK=6872b45b-6988-41f6-97c5-3a537a80fcdd; _ga_J9LNZYMXZE=GS1.1.1662479883.1.0.1662479883.0.0.0; _ga=GA1.1.1053374442.1662479883
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 15:58:09 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.30
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7468678bc8699932-ARN
content-encoding: br
X-Firefox-Spdy: h2
az.bkin-8443.space/420.html
104.21.81.37200 OK 0 B URL HTTP/2 az.bkin-8443.space/420.html
IP 104.21.81.37:0
Analyzer Verdict Alert fortinet Malware
GET /420.html HTTP/1.1
Host: az.bkin-8443.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Tue, 06 Sep 2022 15:58:01 GMT
content-type: text/html; charset=UTF-8
set-cookie: antibot_uid=1af7b4916f9d7d4a10dd64c5c9ab7e8e; expires=Wed, 06-Sep-2023 15:58:01 GMT; Max-Age=31536000; path=/
antibot_country=NO; expires=Fri, 16-Sep-2022 15:58:01 GMT; Max-Age=864000; path=/
antibot_lang=en; expires=Fri, 16-Sep-2022 15:58:01 GMT; Max-Age=864000; path=/
antibot_ptr=s919042154.blix.com; expires=Fri, 16-Sep-2022 15:58:01 GMT; Max-Age=864000; path=/
x-robots-tag: noindex
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate
link: </antibot/ab.php>; rel=dns-prefetch
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dq16aQSAMK1aS048NvXHRT%2Bvdc0QdtXK%2FrJ6MJcsTkXvXcqD4ChaBPeMOhmsXE32jNfw%2FFEnWB333CGOnLnfWNKOvJ%2BBw%2F2ReRAo1V4tWxIlJ1Esdz8X2CVqDYzNXJ%2FdsSCRO8U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7468675d5fb50b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
20bet.com/promotions/first-deposit-casino?btag=656524_A3A6890430B74AC4B1D2449B8E4D7414
104.22.35.208302 Found 0 B URL HTTP/2 20bet.com/promotions/first-deposit-casino?btag=656524_A3A6890430B74AC4B1D2449B8E4D7414
IP 104.22.35.208:0
GET /promotions/first-deposit-casino?btag=656524_A3A6890430B74AC4B1D2449B8E4D7414 HTTP/1.1
Host: 20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Tue, 06 Sep 2022 15:58:04 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.29
cache-control: no-cache, private
location: /en_ee/promotions/first-deposit-casino?btag=656524_A3A6890430B74AC4B1D2449B8E4D7414
set-cookie: preferred-language=en_ee; path=/; secure; httponly; samesite=lax
btag=656524_A3A6890430B74AC4B1D2449B8E4D7414; expires=Thu, 06-Oct-2022 00:00:00 GMT; Max-Age=2534516; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7468676c7a4a16a1-ARN
X-Firefox-Spdy: h2
cdn.seon.io/js/v4/agent.js
54.230.111.74200 OK 0 B URL HTTP/2 cdn.seon.io/js/v4/agent.js
IP 54.230.111.74:0
GET /js/v4/agent.js HTTP/1.1
Host: cdn.seon.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 26 Jul 2022 13:57:26 GMT
x-amz-version-id: JuoCBi0JA7SmY.L7C7g9V8KK_xQqURYe
server: AmazonS3
content-encoding: gzip
date: Tue, 06 Sep 2022 15:15:21 GMT
cache-control: max-age=3600
etag: W/"c18b12cd862430e805cb05fd6309033f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: HypbNVfwhwuETiR6EBsqWy7-joZT4xpe44EEtviUxcJX7J4a0m2vlQ==
age: 2574
X-Firefox-Spdy: h2
20bet.com/app/main.5904f30341952ea6.css
104.22.35.208200 OK 0 B URL HTTP/2 20bet.com/app/main.5904f30341952ea6.css
IP 104.22.35.208:0
GET /app/main.5904f30341952ea6.css HTTP/1.1
Host: 20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/promotions/first-deposit-casino?btag=656524_A3A6890430B74AC4B1D2449B8E4D7414
Cookie: preferred-language=en; btag=656524_A3A6890430B74AC4B1D2449B8E4D7414
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 15:58:08 GMT
content-type: text/css
last-modified: Fri, 02 Sep 2022 09:36:44 GMT
vary: Accept-Encoding
etag: W/"6311ceac-3d373"
cache-control: max-age=14400
cf-cache-status: EXPIRED
server: cloudflare
cf-ray: 74686783cc319932-ARN
content-encoding: br
X-Firefox-Spdy: h2
20bet.com/app/vendor.84e9046d17e9905a.esm.js
104.22.35.208200 OK 0 B URL HTTP/2 20bet.com/app/vendor.84e9046d17e9905a.esm.js
IP 104.22.35.208:0
GET /app/vendor.84e9046d17e9905a.esm.js HTTP/1.1
Host: 20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/promotions/first-deposit-casino?btag=656524_A3A6890430B74AC4B1D2449B8E4D7414
Cookie: preferred-language=en; btag=656524_A3A6890430B74AC4B1D2449B8E4D7414; _sp_srt_ses.1d36=*; _sp_srt_id.1d36=1ecc1146-1500-4950-b40d-51d0c49b877c.1662479883.1.1662479883.1662479883.6587ec78-8ee0-40d2-af86-0014c7842f6a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 15:58:08 GMT
content-type: application/javascript
last-modified: Fri, 02 Sep 2022 09:36:41 GMT
vary: Accept-Encoding
etag: W/"6311cea9-14edbe"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6614
server: cloudflare
cf-ray: 746867878a1b9932-ARN
content-encoding: br
X-Firefox-Spdy: h2
platform.20bet.com/api/market-descriptions/get-all-outcomes/en
104.22.35.208200 OK 0 B URL HTTP/2 platform.20bet.com/api/market-descriptions/get-all-outcomes/en
IP 104.22.35.208:0
GET /api/market-descriptions/get-all-outcomes/en HTTP/1.1
Host: platform.20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
client-timezone: UTC
Origin: https://20bet.com
Connection: keep-alive
Referer: https://20bet.com/
Cookie: _sp_srt_ses.1d36=*; _sp_srt_id.1d36=1ecc1146-1500-4950-b40d-51d0c49b877c.1662479883.1.1662479883.1662479883.6587ec78-8ee0-40d2-af86-0014c7842f6a; DV_TRACK=6872b45b-6988-41f6-97c5-3a537a80fcdd; _ga_J9LNZYMXZE=GS1.1.1662479883.1.0.1662479883.0.0.0; _ga=GA1.1.1053374442.1662479883
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 15:58:09 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.30
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7468678c18d59932-ARN
content-encoding: br
X-Firefox-Spdy: h2
assets.customer.io/assets/track.js
54.230.111.79200 OK 0 B URL HTTP/2 assets.customer.io/assets/track.js
IP 54.230.111.79:0
GET /assets/track.js HTTP/1.1
Host: assets.customer.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 03 Aug 2022 22:26:20 GMT
server: AmazonS3
content-encoding: gzip
date: Mon, 05 Sep 2022 18:58:17 GMT
etag: W/"45a1bcb0150002229030f0ce628bd1a7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: C19XlAtcmVL7K_k8NK4AH5GgKvHsoY-iAwMQDlkDq31oNteS0REUXA==
age: 75592
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:300,400,500&subset=cyrillic-ext
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,500&subset=cyrillic-ext
IP 142.250.74.10:0
GET /css?family=Roboto:300,400,500&subset=cyrillic-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 06 Sep 2022 15:58:08 GMT
date: Tue, 06 Sep 2022 15:58:08 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
20bet.com/api/translation/get?locale=en_GB
104.22.35.208200 OK 0 B URL HTTP/2 20bet.com/api/translation/get?locale=en_GB
IP 104.22.35.208:0
GET /api/translation/get?locale=en_GB HTTP/1.1
Host: 20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/promotions/first-deposit-casino?btag=656524_A3A6890430B74AC4B1D2449B8E4D7414
Cookie: preferred-language=en; btag=656524_A3A6890430B74AC4B1D2449B8E4D7414
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 15:58:08 GMT
content-type: application/json
vary: Accept-Encoding
x-powered-by: PHP/7.4.29
cache-control: max-age=0, must-revalidate, private
expires: Tue, 06 Sep 2022 15:58:08 GMT
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74686784fe029932-ARN
content-encoding: br
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-2053477.js?sv=6
54.230.111.8200 OK 0 B URL HTTP/2 static.hotjar.com/c/hotjar-2053477.js?sv=6
IP 54.230.111.8:0
GET /c/hotjar-2053477.js?sv=6 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=604800; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
date: Tue, 06 Sep 2022 15:58:08 GMT
cache-control: max-age=60
etag: W/826d9f4ca6910b66bd7d0f24b0dfac6c
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: T-LpdOC2CmjsfhTFTCvTuWztLuY0Nlk445F5nCSbT8sWt8mrrA_gAA==
age: 2
X-Firefox-Spdy: h2
aswpsdkus.com/notify/v1/ua-sdk.min.js
34.160.158.95200 OK 0 B URL HTTP/2 aswpsdkus.com/notify/v1/ua-sdk.min.js
IP 34.160.158.95:0
GET /notify/v1/ua-sdk.min.js HTTP/1.1
Host: aswpsdkus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-guploader-uploadid: ADPycdukZH3s1rWEQBy7dpPDbH-ghBEs0UvtbnkBVSdAzD3_lTIUCL3vrZqEeNCr65WwCOTZjOfpO-AkhVLpO2IMCyGjCg
x-goog-generation: 1661795824566829
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 42547
content-encoding: gzip
x-goog-hash: crc32c=a8SXJw==, md5=sqlzQK8S6r8fFW8JZ4O0ug==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 42547
server: UploadServer
date: Tue, 06 Sep 2022 15:53:43 GMT
expires: Tue, 06 Sep 2022 15:58:43 GMT
cache-control: public,max-age=300,no-transform
age: 265
last-modified: Mon, 29 Aug 2022 17:57:04 GMT
etag: "b2a97340af12eabf1f156f096783b4ba"
content-type: application/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
platform.20bet.com/api/user/is-auth
104.22.35.208200 OK 0 B URL HTTP/2 platform.20bet.com/api/user/is-auth
IP 104.22.35.208:0
GET /api/user/is-auth HTTP/1.1
Host: platform.20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
client-timezone: UTC
Origin: https://20bet.com
Connection: keep-alive
Referer: https://20bet.com/
Cookie: _sp_srt_ses.1d36=*; _sp_srt_id.1d36=1ecc1146-1500-4950-b40d-51d0c49b877c.1662479883.1.1662479883.1662479883.6587ec78-8ee0-40d2-af86-0014c7842f6a; DV_TRACK=6872b45b-6988-41f6-97c5-3a537a80fcdd; _ga_J9LNZYMXZE=GS1.1.1662479883.1.0.1662479883.0.0.0; _ga=GA1.1.1053374442.1662479883
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 15:58:09 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.30
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7468678fbe479932-ARN
content-encoding: br
X-Firefox-Spdy: h2
platform.20bet.com/api/tournaments/bet-tournament/get-active?fields%5B%5D=tournaments&fields%5B%5D=leaderboards&fields%5B%5D=authorizedUsers
104.22.35.208200 OK 0 B URL HTTP/2 platform.20bet.com/api/tournaments/bet-tournament/get-active?fields%5B%5D=tournaments&fields%5B%5D=leaderboards&fields%5B%5D=authorizedUsers
IP 104.22.35.208:0
GET /api/tournaments/bet-tournament/get-active?fields%5B%5D=tournaments&fields%5B%5D=leaderboards&fields%5B%5D=authorizedUsers HTTP/1.1
Host: platform.20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
client-timezone: UTC
Origin: https://20bet.com
Connection: keep-alive
Referer: https://20bet.com/
Cookie: _sp_srt_ses.1d36=*; _sp_srt_id.1d36=1ecc1146-1500-4950-b40d-51d0c49b877c.1662479883.1.1662479883.1662479883.6587ec78-8ee0-40d2-af86-0014c7842f6a; DV_TRACK=6872b45b-6988-41f6-97c5-3a537a80fcdd; _ga_J9LNZYMXZE=GS1.1.1662479883.1.0.1662479883.0.0.0; _ga=GA1.1.1053374442.1662479883
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 15:58:09 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.30
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7468678bc86f9932-ARN
content-encoding: br
X-Firefox-Spdy: h2
cdn.onesignal.com/sdks/OneSignalSDK.js
104.18.226.52200 OK 0 B URL HTTP/2 cdn.onesignal.com/sdks/OneSignalSDK.js
IP 104.18.226.52:0
GET /sdks/OneSignalSDK.js HTTP/1.1
Host: cdn.onesignal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20bet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 06 Sep 2022 15:58:08 GMT
content-type: application/javascript
etag: W/"ae63ef8ff03da61fffaa7f165729897a"
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 2914
expires: Fri, 09 Sep 2022 15:58:08 GMT
cache-control: public, max-age=259200
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
cf-ray: 746867840d6bb503-OSL
content-encoding: br
X-Firefox-Spdy: h2
platform.20bet.com/api/status
104.22.35.208200 OK 0 B URL HTTP/2 platform.20bet.com/api/status
IP 104.22.35.208:0
GET /api/status HTTP/1.1
Host: platform.20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
client-timezone: UTC
Origin: https://20bet.com
Connection: keep-alive
Referer: https://20bet.com/
Cookie: _sp_srt_ses.1d36=*; _sp_srt_id.1d36=1ecc1146-1500-4950-b40d-51d0c49b877c.1662479883.1.1662479883.1662479883.6587ec78-8ee0-40d2-af86-0014c7842f6a; DV_TRACK=6872b45b-6988-41f6-97c5-3a537a80fcdd; _ga_J9LNZYMXZE=GS1.1.1662479883.1.0.1662479883.0.0.0; _ga=GA1.1.1053374442.1662479883
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 15:58:09 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.30
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7468678be8999932-ARN
content-encoding: br
X-Firefox-Spdy: h2
platform.20bet.com/api/market-group-sorting/get-all-ordered
104.22.35.208200 OK 0 B URL HTTP/2 platform.20bet.com/api/market-group-sorting/get-all-ordered
IP 104.22.35.208:0
GET /api/market-group-sorting/get-all-ordered HTTP/1.1
Host: platform.20bet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
client-timezone: UTC
Origin: https://20bet.com
Connection: keep-alive
Referer: https://20bet.com/
Cookie: _sp_srt_ses.1d36=*; _sp_srt_id.1d36=1ecc1146-1500-4950-b40d-51d0c49b877c.1662479883.1.1662479883.1662479883.6587ec78-8ee0-40d2-af86-0014c7842f6a; DV_TRACK=6872b45b-6988-41f6-97c5-3a537a80fcdd; _ga_J9LNZYMXZE=GS1.1.1662479883.1.0.1662479883.0.0.0; _ga=GA1.1.1053374442.1662479883
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 15:58:09 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.30
access-control-allow-origin: https://20bet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7468678b98399932-ARN
content-encoding: br
X-Firefox-Spdy: h2