Report - www.yalla-shoots.net/

Report Overview

Visited public
2023-12-03 23:23:29
Tags
URL
www.yalla-shoots.net/
Finishing URL
bizzocasino.com/no/casino/slots?btag=655020_43A7E4A368104753AF901F0D08A5156B&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&utm_term=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&subid=2c1ce2tik37d5i4a10
IP / ASN
172.67.142.227
#13335 CLOUDFLARENET
Title
Nettbaserte Spilleautomater ❱ Spill Spilleautomater for Ekte Penger

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.topcreativeformat.com	unknown	2023-11-21	2023-11-22 20:49:06	2023-12-02 20:11:57	924 B	23 kB	192.243.59.20
a.stonecarv.top	unknown	2023-11-23	2023-12-03 17:37:48	2023-12-03 17:37:48	2.0 kB	30 kB	104.21.4.148
track-eu.customer.io	451044	2011-10-26	2021-05-19 19:12:05	2023-11-23 18:29:20	1.2 kB	449 B	34.120.129.162
tsyndicate.com	13042	2017-03-08	2017-03-16 10:04:54	2023-12-03 08:22:44	483 B	619 B	94.130.164.161
www.yallakora.com	232005	2002-08-14	2012-11-16 03:21:48	2023-07-14 11:37:16	473 B	4.9 kB	104.20.26.67
accommodationcarpetavid.com	unknown	unknown	No data	No data	3.0 kB	4.6 kB	192.243.59.12
vvfal.stonecarv.top	unknown	2023-11-23	2023-12-03 18:45:09	2023-12-03 18:45:09	2.0 kB	4.9 kB	104.21.4.148
platform.bizzocasino.com	unknown	2021-07-01	2022-01-12 14:05:28	2023-11-19 08:10:43	12 kB	172 kB	104.26.8.22
cdn.softswiss.net	412286	2013-07-31	2015-07-09 18:04:37	2023-11-19 23:30:58	26 kB	1.1 MB	104.16.13.151
vvfal.rigelbetelgeuse.top	unknown	2023-05-11	2023-05-11 14:25:20	2023-12-03 05:47:50	608 B	1.0 kB	104.21.22.161
c4457c89-e5ba-4d22-92e5-c2959310ee85.snippet.antillephone.com	580028	1996-09-24	2019-04-26 18:46:17	2023-11-19 23:08:25	2.3 kB	55 kB	54.230.111.125
track.trackingtraffo.com	unknown	2021-12-15	2021-12-15 23:48:04	2023-12-02 18:52:26	1.1 kB	1.1 kB	88.214.195.153
dwmu1hf7ovvid.cloudfront.net	unknown	2008-04-25	2021-07-13 13:43:48	2023-11-22 09:34:51	7.8 kB	279 kB	143.204.42.201
casino.cur.a8r.games	336046	2020-11-02	2021-05-15 17:15:03	2023-11-30 07:30:08	419 B	10 kB	104.18.41.153
cdn.livechatinc.com	6288	2005-10-31	2012-06-22 10:37:34	2023-12-03 05:09:53	1.8 kB	333 kB	23.36.79.16
cdn.cloudimagesb.com	23099	2020-10-06	2021-02-12 17:15:41	2023-12-03 05:12:09	490 B	19 kB	45.133.44.9
media.playamopartners.com	417677	2017-10-30	2018-11-08 16:36:06	2023-11-20 11:52:01	733 B	1.3 kB	13.107.246.67
bizzocasino.com	291590	2021-07-01	2021-07-06 15:20:32	2023-11-20 08:11:02	22 kB	5.6 MB	104.26.9.22
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-12-03 06:08:10	999 B	42 kB	142.250.74.106
www.google.no	25607	2001-02-26	2016-04-05 21:50:59	2023-12-03 06:03:50	590 B	578 B	142.250.74.163
blogger.googleusercontent.com	16485	2008-11-17	2012-05-25 19:41:01	2023-12-03 05:12:16	689 B	8.1 kB	142.250.74.97
violationphysics.click	unknown	2023-02-10	2023-02-11 18:32:06	2023-12-02 11:47:04	926 B	601 B	192.64.81.118
cdn.statically.io	10364	2019-05-05	2019-05-15 10:32:51	2023-12-03 12:51:28	448 B	19 kB	151.101.193.91
proftrafficcounter.com	unknown	2023-11-16	2023-11-21 09:55:14	2023-12-03 05:12:08	459 B	430 B	18.184.210.76
demeanourgrade.com	unknown	unknown	No data	No data	8.4 kB	12 kB	192.243.59.13
cdnstatic.stonecarv.top	unknown	unknown	No data	No data	1.7 kB	25 kB	104.21.4.148
www.toprevenuegate.com	unknown	2023-10-20	2023-10-23 18:22:31	2023-12-02 05:14:39	2.3 kB	4.5 kB	192.243.59.20
www.yalla-shoots.net	unknown	unknown	No data	No data	487 B	33 kB	172.67.142.227
a.sportradarserving.com	2372	2019-05-15	2019-05-18 10:44:07	2023-12-03 12:01:53	1.6 kB	3.3 kB	3.123.91.170
d16vnr1tync57h.cloudfront.net	unknown	2008-04-25	2022-08-30 19:15:05	2023-11-19 23:31:37	2.4 kB	13 kB	143.204.42.80
region1.analytics.google.com	unknown	1997-09-15	2022-03-17 12:26:33	2023-12-03 08:25:07	1.1 kB	426 B	216.239.32.36
ws-cdn001.akamaized.net	188179	2014-03-18	2021-10-21 18:23:57	2023-11-30 07:30:40	455 B	67 kB	23.36.77.10
tracker.ads.sportradar.com	41720	1998-10-30	2019-05-23 10:10:00	2023-12-03 12:03:09	886 B	32 kB	23.36.79.8
cdn.seon.io	212690	2015-03-20	2017-09-06 18:34:18	2023-12-01 16:25:53	412 B	113 kB	54.230.111.94
www.google.com	7	1997-09-15	2015-05-10 13:11:19	2023-11-19 18:48:38	1.4 kB	40 kB	142.250.74.164
media.gemini.media	321198	2017-01-04	2020-12-12 19:57:32	2023-12-02 00:19:20	21 kB	722 kB	172.67.74.224
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-12-03 05:48:43	2.7 kB	49 kB	142.250.74.99
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17 22:46:33	2023-12-03 05:09:13	444 B	9.8 kB	104.17.25.14
6koratv.yalla-shoots.net	unknown	unknown	No data	No data	544 B	195 kB	172.67.142.227
syndication.realsrv.com	9112	2019-02-07	2019-07-03 23:39:52	2023-12-03 12:06:00	505 B	249 B	95.211.229.247
s.pemsrv.com	unknown	2023-08-01	2023-08-04 15:10:46	2023-12-03 18:04:19	495 B	249 B	95.211.229.247
assets.customer.io	19446	2011-10-26	2013-05-31 18:10:41	2023-12-03 04:01:32	423 B	3.3 kB	54.230.111.127
www.gstatic.com	unknown	2008-02-11	2016-07-26 11:37:06	2023-12-03 07:56:40	2.9 kB	433 kB	142.250.74.35
tm.ads.sportradar.com	40177	1998-10-30	2019-07-25 12:47:51	2023-12-03 04:34:24	441 B	36 kB	23.36.79.8
d2j4tzbt95ugsz.cloudfront.net	unknown	2008-04-25	2022-11-21 19:37:31	2023-12-03 07:30:17	482 B	39 kB	143.204.42.107
accounts.livechatinc.com	7698	2005-10-31	2017-07-31 07:50:56	2023-12-03 05:09:57	586 B	1.8 kB	23.36.79.16
conqueredallrightswell.com	unknown	2023-11-14	2023-11-16 20:49:45	2023-12-03 13:59:03	2.6 kB	4.4 kB	173.233.139.164
s.magsrv.com	unknown	2023-08-01	2023-08-04 14:48:00	2023-12-02 18:53:28	495 B	249 B	95.211.229.247
d2i76d1bskcqlp.cloudfront.net	unknown	2008-04-25	2022-03-01 16:03:20	2023-11-19 08:11:15	28 kB	619 kB	54.230.241.11
dueh421xfqdi.cloudfront.net	unknown	2008-04-25	2021-10-20 10:27:49	2023-11-23 13:37:46	1.9 kB	14 kB	54.230.241.92
my.rtmark.net	9054	2014-10-29	2015-02-04 10:54:57	2023-12-02 20:02:45	810 B	678 B	139.45.195.8
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2023-12-03 06:51:04	1.3 kB	254 kB	142.250.74.136
ocsp.r2m03.amazontrust.com	unknown	2007-05-11	2023-02-21 01:06:24	2023-12-03 11:12:04	350 B	942 B	54.230.218.11
bit.ly	8194	2008-05-17	2012-05-30 08:37:18	2023-11-20 06:09:37	429 B	1.1 kB	67.199.248.10
breg.world	unknown	2023-06-30	2023-06-30 17:00:20	2023-11-22 06:05:55	733 B	667 B	3.67.255.104
s.opoxv.com	53756	2019-12-02	2019-12-13 10:21:20	2023-12-03 12:03:09	494 B	249 B	95.211.229.247
api.livechatinc.com	5353	2005-10-31	2013-12-20 15:27:35	2023-12-03 05:09:53	2.7 kB	7.3 kB	23.36.79.16

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-12-03 23:23:15	medium	Client IP	Internal IP	ET DNS Query to a *.top domain - Likely Hostile
2023-12-03 23:23:19	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .world TLD
2023-12-03 23:23:19	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .world TLD

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-12-03	medium	topcreativeformat.com	Sinkholed
2023-12-03	medium	topcreativeformat.com	Sinkholed
2023-12-03	medium	demeanourgrade.com	Sinkholed
2023-12-03	medium	accommodationcarpetavid.com	Sinkholed
2023-12-03	medium	accommodationcarpetavid.com	Sinkholed
2023-12-03	medium	demeanourgrade.com	Sinkholed
2023-12-03	medium	demeanourgrade.com	Sinkholed
2023-12-03	medium	demeanourgrade.com	Sinkholed
2023-12-03	medium	conqueredallrightswell.com	Sinkholed
2023-12-03	medium	conqueredallrightswell.com	Sinkholed
2023-12-03	medium	toprevenuegate.com	Sinkholed
2023-12-03	medium	toprevenuegate.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (47)

	URL	From	Size	First Seen	Last Seen
	unknown	ScriptElement	11 kB	2023-11-15	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-15 19:07 Last Seen2024-08-20 19:25 Times Seen7 Hash bb09cd26ebc9dce1497b72cc01ed0c75 6834d24d422507da72ec9287eb639f0a2130e8aa a85bead11c48ee059b1287ba055d38f15fd1820fd063f2e9366aba37de93903f Loading...

	unknown	ScriptElement	394 B	2023-03-07	2025-05-09
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06 Last Seen2025-05-09 15:06 Times Seen680 Hash 9d6eb340ce0c810328b8866aa3e14118 b60a1e2489912170edee437799255873d46d0abe 3a84e7f9c0e72f5006c5e32ba4426a0ab0b9bad4c8a2ad4c7e1e4357970483fb Loading...

	casino.cur.a8r.games/public/sg.js	ScriptElement	8.5 kB	2023-08-04	2024-08-21
Pretty URL casino.cur.a8r.games/public/sg.js IP 104.18.41.153 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-04 09:14 Last Seen2024-08-21 09:39 Times Seen379 Hash be72d97bb9a3da49c7f777dbd7a91b53 f546597f88dbef2c7bc88e7ff94ebcf74272863e b6b5cc1833da315d0f93fb15fa5589b7b5e9f10965eaebb8cfca11c8847c4fd6 Loading...

	unknown	ScriptElement	574 B	2023-03-07	2025-03-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:39 Last Seen2025-03-20 09:29 Times Seen66 Hash e5198146a9056bfe319edeb53864799f 2c42a5659562980e85beb558e3fbe0137a903544 fde776273bfc42468822df85179bb24a4bed9f0658dba00911423aebf8a7bc35 Loading...

	www.googletagmanager.com/gtag/js?id=G-89BGS3MKPL&l=dataLayer&cx=c	ScriptElement	264 kB	2023-12-04	2023-12-04
Pretty URL www.googletagmanager.com/gtag/js?id=G-89BGS3MKPL&l=dataLayer&cx=c IP 142.250.74.136 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-04 00:23 Last Seen2023-12-04 00:23 Times Seen1 Hash ae61641db5acb3525a27bbc65ae95b68 b72dc1e466983c2e549b2d295e27f5024745f234 495baffa3dd637deed659662167ccc14bd7b9e9c5f51d6703b3d5cb81a575c49 Loading...

	tracker.ads.sportradar.com/dist//sp-3.8.0.js	ScriptElement	75 kB	2023-05-10	2025-05-09
Pretty URL tracker.ads.sportradar.com/dist//sp-3.8.0.js IP 23.36.79.8 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-10 19:16 Last Seen2025-05-09 16:48 Times Seen5292 Hash 143272dddc33395008a84a86ac9c2e96 8a90a07a66c30b4fa28300001cf97db7baba420e 6361e3a49a38d1fdc74ec96bd29ee1ecd7c30045ccb0e5f361413d65cbf5ef87 Loading...

	unknown	ScriptElement	493 B	2023-07-15	2024-08-21
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-15 00:29 Last Seen2024-08-21 09:31 Times Seen152 Hash 85f486625687a5bff11068af75c2d294 84e862563bbc83b4cdf7140f8ff86f13f1b45e84 8fc3db9a8324dd1311f0068335603af059b40ea5e2fbd1a68fa78b71de8d47dc Loading...

	cdn.onesignal.com/sdks/OneSignalSDK.js	ScriptElement	9.2 kB	2023-11-28	2025-03-05
Pretty URL cdn.onesignal.com/sdks/OneSignalSDK.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-28 20:00 Last Seen2025-03-05 01:56 Times Seen4270 Hash a87c48d211877c49b878679b2e3cdab8 e75653dd0156806682e39abe8b1323ed40d840ca 4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f Loading...

	tracker.ads.sportradar.com/dist/tracker.js	ScriptElement	28 kB	2023-09-12	2025-05-09
Pretty URL tracker.ads.sportradar.com/dist/tracker.js IP 23.36.79.8 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-12 11:17 Last Seen2025-05-09 16:48 Times Seen5004 Hash 235331a0761142ae4fd345cdf7c7f9ed f71a2cb5824a7049b2c86f5658f48e17ff7f588c 063237f5f52863c3f711ef56625653397a5650eca2da3fa375dc181985a1badb Loading...

	unknown	ScriptElement	3.3 kB	2024-08-20	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 16:53 Last Seen2024-08-20 16:53 Times Seen1 Hash feaf8f3ad1fa0d7f1da5b1394bef1c75 f0921ea52a17caac23849835ab47762e83ff7f3f 812bf0449432e3c9f87f9c344f2b5f68e6985ce77f79fb37c85d2559b5eaab31 Loading...

	ws-cdn001.akamaized.net/7693683943e78a298c36d469e68b47d8/widgetloader	ScriptElement	224 kB	2023-12-04	2023-12-04
Pretty URL ws-cdn001.akamaized.net/7693683943e78a298c36d469e68b47d8/widgetloader IP 23.36.77.10 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-04 00:23 Last Seen2023-12-04 00:23 Times Seen1 Hash 490bb6e94e7ddd65c6782a6a8847ff28 8df2b6fd0f3f91da77e4abf47d454d76505325d9 1d1a92370e221b39f3c1a02918bd3b5ca91312c002f08500f02691ef7ead7c7d Loading...

	bizzocasino.com/app/styles.84a8b4e837bb8f6f.js	ScriptElement	246 B	2023-05-11	2024-08-21
Pretty URL bizzocasino.com/app/styles.84a8b4e837bb8f6f.js IP 104.26.9.22 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-11 18:32 Last Seen2024-08-21 09:30 Times Seen62 Hash 7108b17f7cfbb9566b7b829cfd07ea76 be541f6306ddd96528ea50e577551d8f2c101364 38483253df6b7d3b059d273206306329f0ff1bf779224a1372134fcc7a3061ac Loading...

	unknown	ScriptElement	341 B	2023-03-07	2025-03-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:39 Last Seen2025-03-20 09:29 Times Seen66 Hash 2d37cf9ee73863911b691f0ac151c1aa a84dd79e1119f4ceec8d67643ccabb8464b04157 336bcfc578695e65c16a2236392c97ae9c6aa77d6f8bd45a130bb15ab320a8b3 Loading...

	unknown	ScriptElement	426 B	2023-03-07	2025-05-09
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:36 Last Seen2025-05-09 15:06 Times Seen531 Hash 6511fa3f7e30db934ae70cdf5eb1bffb 06027e62a2071ae9164f835ab1f4e79816127797 a1155914c10f25434890e72a446669748c3c4a2569fbc39e6625f4dcae502dc7 Loading...

	cdn.seon.io/js/v4/agent.js	ScriptElement	317 kB	2023-04-05	2025-05-09
Pretty URL cdn.seon.io/js/v4/agent.js IP 54.230.111.94 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 13:53 Last Seen2025-05-09 15:06 Times Seen1214 Hash c34c3067f651e0fea2609171ab7bfec0 ab7c479be36ef4d193a5f235e90ad077a95bbfc0 5ebdda80c7f59c8f3237e0fa224a491321f544cf109c939141015c75d0f45312 Loading...

	tm.ads.sportradar.com/dist/tag-manager.js?id=STM-AAAALW	ScriptElement	379 kB	2023-11-22	2024-08-20
Pretty URL tm.ads.sportradar.com/dist/tag-manager.js?id=STM-AAAALW IP 23.36.79.8 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-22 17:09 Last Seen2024-08-20 18:18 Times Seen21 Hash ed8de136293306c42ed4853228cc1dea 293aa748837b2a510748017cf43a0b2b0fa1c82f 100e96f14d4a461b2125ddce9fa0c9a111c7538de9ff473ec62ecfe6608aaef3 Loading...

	bizzocasino.com/configuration.js	ScriptElement	3.7 kB	2023-11-15	2024-08-20
Pretty URL bizzocasino.com/configuration.js IP 104.26.9.22 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-15 19:07 Last Seen2024-08-20 19:25 Times Seen13 Hash 6a5000d6181995cbef2c61f5cecf7e9b a76dfba4288221f7f32cde0c9c252dba672041bc ba9317670687853d6ebb3ed19bda53fc74bedf86828c5133278797827293081c Loading...

	assets.customer.io/assets/track-eu.js	ScriptElement	6.8 kB	2023-08-12	2024-08-21
Pretty URL assets.customer.io/assets/track-eu.js IP 54.230.111.127 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-12 10:23 Last Seen2024-08-21 09:00 Times Seen71 Hash c2e38019d2616906a319c480d401a82a cb0421a60b0b88cf7c39cc590752b5f90d7f09e5 d8892eff20b786c85fb27b2abd61206cdda1b75704d112adabe47b0c39313fc6 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-5W7F767	ScriptElement	205 kB	2023-12-04	2023-12-04
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-5W7F767 IP 142.250.74.136 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-04 00:23 Last Seen2023-12-04 00:23 Times Seen1 Hash 66b275d37958e99822df203158fae517 ca884a3a369933c3ac04000c4706a6bc9b0fcbbf c9dc58eaf39f34af9fa391c6b44f49ad5096c8b5a0c053d3bf9ebd13d8452824 Loading...

	bizzocasino.com/app/polyfills.5b6d96237094aa52.js	ScriptElement	192 kB	2023-11-17	2024-08-20
Pretty URL bizzocasino.com/app/polyfills.5b6d96237094aa52.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-17 19:23 Last Seen2024-08-20 19:03 Times Seen35 Hash d1311c02067a1e5e7560433e3b79e1d8 66ca37aadc758c22a8b3640ebe2c2a99b875e6ff 6531f609e8f36c00668131dce8dfa949c1fef8c4ca1d9997237cfb86d30edb7d Loading...

	unknown	ScriptElement	322 B	2023-03-07	2025-03-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:39 Last Seen2025-03-20 09:29 Times Seen66 Hash d8a0d16da025b1be0ea41a857f0d34fa 4c8279de0c9ec247eac0ee693bc74122728ea968 8727b7929ea1f9eca88c798d390141e50f63e7c39258c80b52e021287566b5df Loading...

	bizzocasino.com/app/runtime.f9284a32f1870fc2.js	ScriptElement	14 kB	2024-08-20	2024-08-20
Pretty URL bizzocasino.com/app/runtime.f9284a32f1870fc2.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 16:53 Last Seen2024-08-20 16:53 Times Seen1 Hash ed166252bbc62f184dbdb50e0c256b9c ae1779029567b4683e0a74d07288c89f0cb318bb 0d9f0adaa40002815acab92d0f711a700a17ada51c460423ef7ac8dac14a2a68 Loading...

	cdn.livechatinc.com/widget/static/js/1.b3e9bd18.chunk.js	ScriptElement	214 kB	2023-11-23	2023-12-04
Pretty URL cdn.livechatinc.com/widget/static/js/1.b3e9bd18.chunk.js IP 23.36.79.16 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-23 11:46 Last Seen2023-12-04 06:27 Times Seen363 Hash a1c381c5236d931e165b5f97bb458c7f ca2fd79d761e9d7895a9ea92e53f1073930bf50d c3fa220489a7130866d79f6a79792aa69ce0ce23ea4ba181a03144002736d5ae Loading...

	track.trackingtraffo.com/pixel/js?auth=886u5crv&event=visit&uid=undefined&tid={TRANSACTION_ID}&cur=undefined&amount=0	ScriptElement	484 B	2023-03-08	2024-12-05
Pretty URL track.trackingtraffo.com/pixel/js?auth=886u5crv&event=visit&uid=undefined&tid={TRANSACTION_ID}&cur=undefined&amount=0 IP 88.214.195.153 ASN #46636 NATCOWEB Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:32 Last Seen2024-12-05 15:37 Times Seen60 Hash abbe43986275122113580952624f27fe f6604c53f79238aa8712805577cb7aa9a730501c a09792344bdf46e21f4b8db6cfb8fd1b56d414f0a53ffe7757cf08b9d47e58ee Loading...

	bizzocasino.com/app/main.1c330892b2ee3ccb.js	ScriptElement	181 kB	2024-08-20	2024-08-20
Pretty URL bizzocasino.com/app/main.1c330892b2ee3ccb.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 16:53 Last Seen2024-08-20 16:53 Times Seen1 Hash 3be7d3ab5e8c47032dac9d85e42ce138 1f2f37990125b15eac57c304eef4742ae609fb24 70a0ebbf86c39871c314befe09b1bb67cf21bdf35064ed3c29145c57df697805 Loading...

	api.livechatinc.com/v3.4/customer/action/get_localization?organization_id=0423be4a-3d48-484e-a65a-2228122b8c26&version=075b79d72a19c7c515c01775c17428ae_fcfbdb5dceb52d5d3615ca8fb7b69c50&language=en&group_id=46&jsonp=__lc_localization	ScriptElement	11 kB	2023-10-15	2024-08-21
Pretty URL api.livechatinc.com/v3.4/customer/action/get_localization?organization_id=0423be4a-3d48-484e-a65a-2228122b8c26&version=075b79d72a19c7c515c01775c17428ae_fcfbdb5dceb52d5d3615ca8fb7b69c50&language=en&group_id=46&jsonp=__lc_localization IP 23.36.79.16 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-15 05:50 Last Seen2024-08-21 04:40 Times Seen33 Hash 22917ce954789b40ac5b957cd48c732e e5dc2075762644ad00120bf89d5aa395e2b0b6cd 6c5abb7c80b8aac573213c1c901e71f75ffe55f2966e547d8f3e13d3141a854a Loading...

	unknown	ScriptElement	164 B	2023-03-07	2024-08-21
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:39 Last Seen2024-08-21 09:30 Times Seen46 Hash 379b63699176d11d3d69a625e092f6cc 27b44b84cd5783e5fd0d3e58bbed5e85982d9474 aebead5a6e2caa2120c294b91147339fefa700c1a4f5afd1efa2000aba962dd9 Loading...

	c4457c89-e5ba-4d22-92e5-c2959310ee85.snippet.antillephone.com/apg-seal.js	ScriptElement	3.5 kB	2024-08-20	2024-08-20
Pretty URL c4457c89-e5ba-4d22-92e5-c2959310ee85.snippet.antillephone.com/apg-seal.js IP 54.230.111.125 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 16:53 Last Seen2024-08-20 16:53 Times Seen1 Hash b80fc481de3f4687c710b0ce3d49be6e 556f5e2b57d4f93a353cad547e1897456c04c140 9f8fa38e223e32325b995555082eaae5bcbfc21c64a9e3b0d95966b0feeda8e5 Loading...

	a.sportradarserving.com/pixel?type=js&aid=1312&id=3945	ScriptElement	1.5 kB	2023-12-04	2023-12-04
Pretty URL a.sportradarserving.com/pixel?type=js&aid=1312&id=3945 IP 3.123.91.170 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-04 00:23 Last Seen2023-12-04 00:23 Times Seen1 Hash b21779f686136ba67591f0574d7c70f3 3aa93736018172a9fb0e8c685aabf752a8561e87 5470a6c15cca3d8193d494207e5499bc735bb1cc7e1383b1c07fe472522c589a Loading...

	bizzocasino.com/app/vendor.c9e29dd2a5cccab8.js	ScriptElement	4.9 MB	2024-08-20	2024-08-20
Pretty URL bizzocasino.com/app/vendor.c9e29dd2a5cccab8.js IP 104.26.9.22 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 16:53 Last Seen2024-08-20 16:53 Times Seen1 Hash 7bd21b6f8a412c0b315795fbeed2e84c 35a55232ec1ef94e980eca0866861283cce74829 bdf01b495e14310486f0b9834a67cc958d08385eb7e19dd2114337e34cefb6fd Loading...

	bizzocasino.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js	ScriptElement	12 kB	2023-03-07	2025-05-10
Pretty URL bizzocasino.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js IP 104.26.9.22 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-10 10:38 Times Seen31255 Hash 88a769d2fe35899fd45a332a0a032cc0 514c6c1d8475d17e412849a4c90159517d0fa10a ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142 Loading...

	my.rtmark.net/p.js?f=sync&lr=1&partner=d52d64e3ae130730ea33c02cfefc955af6fb94275ad1752dd9486271dd6cf068	ScriptElement	697 B	2023-03-07	2025-03-20
Pretty URL my.rtmark.net/p.js?f=sync&lr=1&partner=d52d64e3ae130730ea33c02cfefc955af6fb94275ad1752dd9486271dd6cf068 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:39 Last Seen2025-03-20 09:29 Times Seen64 Hash d0faf6100c68eca3bd5782a5b94fc212 27a475c79e1b4728005805ffe000f54a0101d9af 6378b5c7e59ed7146d4c8a4130e3506701be02869ee31d527599ea60dcaaee6e Loading...

	www.google.com/recaptcha/api.js?render=6LfuX1IiAAAAAI-I-22YsCkMcy74SxhQFgeotAJp	ScriptElement	884 B	2023-11-15	2024-08-20
Pretty URL www.google.com/recaptcha/api.js?render=6LfuX1IiAAAAAI-I-22YsCkMcy74SxhQFgeotAJp IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-15 19:07 Last Seen2024-08-20 19:25 Times Seen10 Hash 07197748d63411a927eb73656b325ffc e2c76b0d218748d15d0258689425c21d449223a7 a3654278ff6eaa0c90b86aa2983376d9ceaa85ab63711d0051346b3a72029fb9 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 7938efd7e906b37e6cf55b22fdd265df	132 kB	2024-08-20 16:53	2025-01-03 06:27
Pretty Observations First Seen2024-08-20 16:53 Last Seen2025-01-03 06:27 Times Seen2 Hash 7938efd7e906b37e6cf55b22fdd265df 92d062d14ad2d0372b296f1b425eb3f5177a3928 1591fa1a6d1f4f264c4804221580858068ff530a317b7466fe84b241b3e12f8a Loading...

	#2 Eval - 4c8cd300c7abcfdb76c87dc785f9f10e	23 kB	2023-11-13 02:09	2024-08-20 19:49
Pretty Observations First Seen2023-11-13 02:09 Last Seen2024-08-20 19:49 Times Seen3 Hash 4c8cd300c7abcfdb76c87dc785f9f10e 1255908dcfdb28fc47ee1435fbfe1488429311b3 c18db56ef9826222626c2288ad87115a5d1da9cb53b85f273120a3262ddc04a7 Loading...

	#3 Eval - f4feef1c4eab4a724de9dd8882e71dfe	109 kB	2024-08-20 16:53	2025-01-03 06:27
Pretty Observations First Seen2024-08-20 16:53 Last Seen2025-01-03 06:27 Times Seen2 Hash f4feef1c4eab4a724de9dd8882e71dfe 6c26b85392b1edba6fd1fac524aaf816c01d5524 e1daeffeb199014675d0f3bf3a0dd800615d1ad1816f8d2dcbd279d3406cb7c8 Loading...

	#4 Eval - d41cb68646c9e9969d88c63592953471	471 B	2024-08-20 16:53	2024-08-20 16:53
Pretty Observations First Seen2024-08-20 16:53 Last Seen2024-08-20 16:53 Times Seen1 Hash d41cb68646c9e9969d88c63592953471 d5c99b79b34a60fb4b5c45d530896cd0623adb1c 69a701db2392f613402a5e3d7b35c6b041fe46a990e42532f6b3d9c597801a73 Loading...

	#5 Eval - d0edb3cd495c2422b26a08b154c6556b	120 B	2023-09-30 00:55	2025-05-09 15:06
Pretty Observations First Seen2023-09-30 00:55 Last Seen2025-05-09 15:06 Times Seen850 Hash d0edb3cd495c2422b26a08b154c6556b 462e1e765ad8a0990197b012df31eddf89f50d11 bbe01cef61b4937d6b71b5ca85c2c3f2b6aa9e76ad55ca32cd20718d0238ab6c Loading...

	#6 Eval - cf876ca4f502b2fa2671272b6f64b213	17 kB	2023-11-07 15:55	2024-08-20 20:32
Pretty Observations First Seen2023-11-07 15:55 Last Seen2024-08-20 20:32 Times Seen3188 Hash cf876ca4f502b2fa2671272b6f64b213 ab94320e0991ce49c95343610f2d38b5e8c8f28a 8d333c3dd690fdf8b52bf7827ca62cf9e923b844bfae8155bf33b5200b376d92 Loading...

	#7 Eval - 17a468ca2a233ea07cea5b7c930c1931	141 kB	2024-08-20 16:53	2025-01-03 06:27
Pretty Observations First Seen2024-08-20 16:53 Last Seen2025-01-03 06:27 Times Seen2 Hash 17a468ca2a233ea07cea5b7c930c1931 2e9c64627b1bd0c9eb437047475faf1a9efbad90 277da3aec0876f308a9fad098795f8156366007b3a5d273b55683e3d8a65e7c4 Loading...

	#8 Eval - cf1dd8609868435e7eb1006b517c1abb	64 B	2023-11-07 15:55	2024-08-20 20:32
Pretty Observations First Seen2023-11-07 15:55 Last Seen2024-08-20 20:32 Times Seen3193 Hash cf1dd8609868435e7eb1006b517c1abb 0fb005e6e00be62e448385d3ff0a2513e49f4806 a01b7ce49084f117d7034cc7571519fd95e62401da4c9976d4275da0dd08f8e9 Loading...

	#9 Eval - 224ac2edd48a4d27399a35d4a94d8f17	22 B	2023-11-07 15:55	2024-08-20 20:32
Pretty Observations First Seen2023-11-07 15:55 Last Seen2024-08-20 20:32 Times Seen3194 Hash 224ac2edd48a4d27399a35d4a94d8f17 33a0fd7fc8561e1cca8737032f7b24d32c47d171 bd86e6f419efd867fc86701b061f5cab02b0f38086c64d9a8e8f00b98bbc96cb Loading...

	#10 Eval - 127ac839a41bdd9ab92ad47b7411cdaf	29 B	2023-03-08 14:23	2025-05-06 08:36
Pretty Observations First Seen2023-03-08 14:23 Last Seen2025-05-06 08:36 Times Seen675 Hash 127ac839a41bdd9ab92ad47b7411cdaf c2f81b12778c909f055c3967caa638b643c4916a b2ebc210c5c379879d07a4a9e046a4ea803d56dcc91d533db817ec272cbcfaf4 Loading...

	#11 Eval - 8d799e5e3b9450dd4c1aef6e122df0de	22 B	2023-11-07 15:55	2024-08-20 20:32
Pretty Observations First Seen2023-11-07 15:55 Last Seen2024-08-20 20:32 Times Seen3187 Hash 8d799e5e3b9450dd4c1aef6e122df0de 1c074fc167af588bc86e54b4ceb4017ce0a7791a e69ebca4238490aa2b0c08845343b95b35a04efaca3e62b2732e1ca661bb3374 Loading...

		Size	First Seen	Last Seen
	#1 Write - 3723d26d8bc39a3c36afebcb4577b989	117 B	2024-08-20 16:53	2024-08-20 16:53
Pretty Observations First Seen2024-08-20 16:53 Last Seen2024-08-20 16:53 Times Seen1 Hash 3723d26d8bc39a3c36afebcb4577b989 682774fb7af6dec980710fcd45bc4e71452a8eae 8f00796bf1ba7e3053e949c8719f764b8252334614948d7942a1745b8e2c39da Loading...

	#2 Write - 0995c9d26cfdf15bb7c7b8b8808f3aa6	6.7 kB	2024-08-20 16:53	2024-08-20 16:53
Pretty Observations First Seen2024-08-20 16:53 Last Seen2024-08-20 16:53 Times Seen1 Hash 0995c9d26cfdf15bb7c7b8b8808f3aa6 144f8a98d072e932668a55904f0775e67e70e1d8 ae3694616eaa20d49dba33bde7593b51689b6bae00beae7692dab1ae02dfb66e Loading...

	#3 Write - 951fddc873e31621dd4b94a7407b785f	117 B	2024-08-20 16:53	2024-08-20 16:53
Pretty Observations First Seen2024-08-20 16:53 Last Seen2024-08-20 16:53 Times Seen1 Hash 951fddc873e31621dd4b94a7407b785f 30325c8b8b2221968c3483817bafd1e360c0942a fe96ec4b23c597345c2c076816b2443c23b3cf3750fd7a7286d4add6ab270224 Loading...

HTTP Transactions (302)

URL IP Response Size

media.gemini.media/img/yallakora/IOSTeams//120//2018/7/25/AlQuwaAlJawiya2018_7_25_15_29.jpg

172.67.74.224

25 kB

URL
media.gemini.media/img/yallakora/IOSTeams//120//2018/7/25/AlQuwaAlJawiya2018_7_25_15_29.jpg
IP
172.67.74.224:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Size
25 kB (24847 bytes)
Hash
22df9efbeb80b7033d9995175fb4f681
3eff53aa28ce7429c52ca0c5820053113f8f7b8e
8202fb4bf0e16a089adb3d29d6f2bb953ff44fe935668c003f17ead1fc79dbe5

HTTP Headers

GET /img/yallakora/IOSTeams//120//2018/7/25/AlQuwaAlJawiya2018_7_25_15_29.jpg HTTP/1.1
Host: media.gemini.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://6ksatv.yalla-shoots.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:06 GMT
content-type: image/jpeg
content-length: 24847
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: https://www.yallakora.com
cache-control: max-age=2592000
cf-bgj: h2pri
etag: "cdcd1d61b24d41:0"
last-modified: Wed, 25 Jul 2018 13:31:48 GMT
x-powered-by: ASP.NET
cf-cache-status: HIT
age: 692663
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IxQcjcuPAR3ZhSgpUaposyr6YMCQyN9Myex8X2XM8gI6%2FsFCWHMe0n0C7jnX7LGXHsFtKvJb%2BbIQCAqk80%2BpEHyMcfXxqBqdwXl0kV%2Fh1tqi%2BRkb3Uc3kUPxYxUm0vzuu%2BnmrA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e339c0db4f4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

media.gemini.media/img/yallakora/IOSTeams//120//2023/10/2/12023_10_2_17_38.jpg

172.67.74.224

21 kB

URL
media.gemini.media/img/yallakora/IOSTeams//120//2023/10/2/12023_10_2_17_38.jpg
IP
172.67.74.224:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Size
21 kB (20748 bytes)
Hash
a99094ca1b490316307df2f081345fe8
743934c2fa93f587c909cf2ff03b61de917ca967
1daef5d444552a11f1bf59551ad8c068510c9cd3022f5b0e0498b9e75ba11b4b

HTTP Headers

GET /img/yallakora/IOSTeams//120//2023/10/2/12023_10_2_17_38.jpg HTTP/1.1
Host: media.gemini.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://6ksatv.yalla-shoots.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:06 GMT
content-type: image/jpeg
content-length: 20748
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: https://www.yallakora.com
cache-control: max-age=2592000
cf-bgj: h2pri
etag: "ee5354153ef5d91:0"
last-modified: Mon, 02 Oct 2023 14:38:17 GMT
x-powered-by: ASP.NET
cf-cache-status: HIT
age: 19657
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZeiK1xXEZckEFou0KoGOf9CvtaEDkpd%2B%2BBCfTIQs8pacyiBu%2FNu0naFkeYt9TnpI5xWlvDmeHXMUrk0cIknTUNcV9PZ8GlOcVSgMfDUvmMFMpow5VybbmqqhcN1ZtasZjqV%2BLA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e339c14b4f4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

media.gemini.media/img/yallakora/IOSTeams//120//2022/4/11/62022_4_11_20_30.jpg

172.67.74.224

19 kB

URL
media.gemini.media/img/yallakora/IOSTeams//120//2022/4/11/62022_4_11_20_30.jpg
IP
172.67.74.224:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Size
19 kB (18867 bytes)
Hash
22a10654c15b436724458b12c816578f
ddf7fded1e2bc7a2efac8fcb8143722f1ce9a5ff
42e7474ce8f56a0adc76cfecf01e0c967ed9e360797672019745b56abf9889cd

HTTP Headers

GET /img/yallakora/IOSTeams//120//2022/4/11/62022_4_11_20_30.jpg HTTP/1.1
Host: media.gemini.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://6ksatv.yalla-shoots.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:06 GMT
content-type: image/jpeg
content-length: 18867
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: https://www.yallakora.com
cache-control: max-age=2592000
cf-bgj: h2pri
etag: "5270113fd24dd81:0"
last-modified: Mon, 11 Apr 2022 18:30:40 GMT
x-powered-by: ASP.NET
cf-cache-status: HIT
age: 623687
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YdvKIgs%2BbOjOiToVJp1hmIK3J8cxd%2FAhODLYixYPyKcCc%2BheH5Ta5VgVjP%2FdXRP%2BHfO7Uyx%2FcS3rjDpZGDB9KxAAINPwJ3tFluTtdUKbirIde379VmCuQCDzHiaJgEVDwrpmFA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e339c15b4f4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

media.gemini.media/img/yallakora/IOSTeams//120//2022/8/24/300500056_10166273120705543_1861851647508377296_n2022_8_24_19_8.jpg

172.67.74.224

15 kB

URL
media.gemini.media/img/yallakora/IOSTeams//120//2022/8/24/300500056_10166273120705543_1861851647508377296_n2022_8_24_19_8.jpg
IP
172.67.74.224:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Size
15 kB (14811 bytes)
Hash
0781d5ebe71f394b02a0b270d956bf1a
63308656e111ca84a512166cbf61ac2220650984
844fbe112c9b43ed78f4de4fc15abbd1ad1bf908c127c7757768d211c2f5ccfd

HTTP Headers

GET /img/yallakora/IOSTeams//120//2022/8/24/300500056_10166273120705543_1861851647508377296_n2022_8_24_19_8.jpg HTTP/1.1
Host: media.gemini.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://6ksatv.yalla-shoots.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:06 GMT
content-type: image/jpeg
content-length: 14811
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: https://www.yallakora.com
cache-control: max-age=2592000
cf-bgj: h2pri
etag: "abee91bdcb7d81:0"
last-modified: Wed, 24 Aug 2022 17:08:18 GMT
x-powered-by: ASP.NET
cf-cache-status: HIT
age: 980444
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hFNZ%2FXXd6cbz7bJ1W8DPMbfyff6lOdWYT9d33EA7zPPuf443d4ot2Jmfojc%2FWjE3K9rT2XiKlkIIrlOpRbhNTZ35exRGP1GlFE2gLiueHwZoepshJxTjRI%2BLkm0zMkerJPOJ7A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e339c13b4f4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

media.gemini.media/img/yallakora/IOSTeams//120//2018/7/24/Smouha2018_7_24_13_32.jpg

172.67.74.224

24 kB

URL
media.gemini.media/img/yallakora/IOSTeams//120//2018/7/24/Smouha2018_7_24_13_32.jpg
IP
172.67.74.224:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Size
24 kB (23450 bytes)
Hash
9c16547d29cf63a1c187c3d0e93d0c84
85ade37c1995a43cd8ce7e10c090af9cf3f621f3
fbd5d9fc2662c8ca035c5e27cc34ae707340449fe53d41de14ace1d3deb27e53

HTTP Headers

GET /img/yallakora/IOSTeams//120//2018/7/24/Smouha2018_7_24_13_32.jpg HTTP/1.1
Host: media.gemini.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://6ksatv.yalla-shoots.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:06 GMT
content-type: image/jpeg
content-length: 23450
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: https://www.yallakora.com
cache-control: max-age=2592000
cf-bgj: h2pri
etag: "1cbdb23e4223d41:0"
last-modified: Tue, 24 Jul 2018 11:34:12 GMT
x-powered-by: ASP.NET
cf-cache-status: HIT
age: 916893
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6TC2WYwoOcN3YbA4APCZBe1ExJIAasBhapNnCbW8ZNna8sgqo27kjUgf4xuFUNAjMepr9He0Wafw0RPZ6AqVfDbGrpTUS4L%2F2VIKYW4lE6v3STYAIGMhKqXd1R7UbBy6Pi7PSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e339c18b4f4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

media.gemini.media/img/yallakora/IOSTeams//120//2021/10/26/Pharco2021_10_26_8_28.jpg

172.67.74.224

12 kB

URL
media.gemini.media/img/yallakora/IOSTeams//120//2021/10/26/Pharco2021_10_26_8_28.jpg
IP
172.67.74.224:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Size
12 kB (12012 bytes)
Hash
473228957a45d2ce8dd93546b8cc11ed
5d5d958a4e105d1afeea71ea9d9d0190978cf26f
fcbea370d8fae646f2f369fdfc887ef2c87438043a971f952b5795f496af5ed0

HTTP Headers

GET /img/yallakora/IOSTeams//120//2021/10/26/Pharco2021_10_26_8_28.jpg HTTP/1.1
Host: media.gemini.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://6ksatv.yalla-shoots.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:06 GMT
content-type: image/jpeg
content-length: 12012
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: https://www.yallakora.com
cache-control: max-age=2592000
cf-bgj: h2pri
etag: "3fe1f6c032cad71:0"
last-modified: Tue, 26 Oct 2021 06:28:56 GMT
x-powered-by: ASP.NET
cf-cache-status: HIT
age: 833973
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EBb9N4iBlvrCn2mOgYBOOwB7mJwtCdc09ckq%2F%2FhD9jsCWxmEh1dr2S1dvKX3WtjqlfrVAcNG9cwTQ%2BPQ40KDTGCOUj%2BHKda5StTF9xigEHxDiec0rbanQrSBv7UNW9Qo7%2FH5Vg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e339c19b4f4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

media.gemini.media/img/yallakora/IOSTeams//120//2021/9/7/Ittihad2021_9_7_16_53.jpg

172.67.74.224

10 kB

URL
media.gemini.media/img/yallakora/IOSTeams//120//2021/9/7/Ittihad2021_9_7_16_53.jpg
IP
172.67.74.224:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Size
10 kB (10444 bytes)
Hash
0ec5d321239dcec5bb2c98dd7af27acb
87483aded95f711656b7835b37034743c6b655c9
4e6df134b88a1d617f3a8e8d45bd4b5f34afe692b2701354504c01045bbf4784

HTTP Headers

GET /img/yallakora/IOSTeams//120//2021/9/7/Ittihad2021_9_7_16_53.jpg HTTP/1.1
Host: media.gemini.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://6ksatv.yalla-shoots.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:06 GMT
content-type: image/jpeg
content-length: 10444
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: https://www.yallakora.com
cache-control: max-age=2592000
cf-bgj: h2pri
etag: "beb1192af8a3d71:0"
last-modified: Tue, 07 Sep 2021 14:53:48 GMT
x-powered-by: ASP.NET
cf-cache-status: HIT
age: 833971
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tFZEFLNdCUAlloKSCC5gKjW3mxlO1YJFC3J%2BQ0nXxpE9RZu%2B3%2B20bQUyJiNskYWUca9Rd9lE6DO98rGURwcciltgYoFaPiUt1eEKh7BKrR8vH7d7P3xy3dOmyAcGuREnilWDAA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e339c1ab4f4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

media.gemini.media/img/yallakora/IOSTeams//120//2021/7/8/CeltaVigo2021_7_8_18_14.jpg

172.67.74.224

6.2 kB

URL
media.gemini.media/img/yallakora/IOSTeams//120//2021/7/8/CeltaVigo2021_7_8_18_14.jpg
IP
172.67.74.224:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Size
6.2 kB (6155 bytes)
Hash
d16547be542f5d93c58e198a14dcf458
e0652a251652f962a0f8e2d6bbfb63c4fa763722
d8741cd8cd7395684b2b82975889a2bdad220344bc1eb6185a4f76989b721ef4

HTTP Headers

GET /img/yallakora/IOSTeams//120//2021/7/8/CeltaVigo2021_7_8_18_14.jpg HTTP/1.1
Host: media.gemini.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://6ksatv.yalla-shoots.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:06 GMT
content-type: image/jpeg
content-length: 6155
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: https://www.yallakora.com
cache-control: max-age=2592000
cf-bgj: h2pri
etag: "9c6fa8511474d71:0"
last-modified: Thu, 08 Jul 2021 16:14:24 GMT
x-powered-by: ASP.NET
cf-cache-status: HIT
age: 101749
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g5CUNY6w7E%2FlE%2F42Xd3%2BkjLF9L%2FkEYTvyaBGoq8itxdRp1OqejDb%2FEVsrmPf0SJXYOYeDLdQisGXBJ%2BmffeOlt5mxKRCUawjPADlrH0OAJfqkNC%2B3eDVtLz42v%2FuYwbodbwzaw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e339c1cb4f4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

media.gemini.media/img/yallakora/IOSTeams//120//2023/8/21/153102023_8_21_18_54.jpg

172.67.74.224

26 kB

URL
media.gemini.media/img/yallakora/IOSTeams//120//2023/8/21/153102023_8_21_18_54.jpg
IP
172.67.74.224:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Size
26 kB (25876 bytes)
Hash
8fe94eda56490dd00ae6694e5dbff9db
a80e1dde2cad784f511cba162600e68f0a29d10c
ff5c3feb14c30745ca9e45bdad34995c18f79a9924cdad1e1d9ed540fb5098c5

HTTP Headers

GET /img/yallakora/IOSTeams//120//2023/8/21/153102023_8_21_18_54.jpg HTTP/1.1
Host: media.gemini.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://6ksatv.yalla-shoots.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:06 GMT
content-type: image/jpeg
content-length: 25876
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: https://www.yallakora.com
cache-control: max-age=2592000
cf-bgj: h2pri
etag: "f020c3c947d4d91:0"
last-modified: Mon, 21 Aug 2023 15:54:37 GMT
x-powered-by: ASP.NET
cf-cache-status: HIT
age: 17382
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oCJsCZEhKMN8ZHOBcLY9eF8SfyOAttEuD0Gi286bVdZcnpQGCdEkw4%2FXHRU3YyKUxz0VERe98DhfGHRodJrdQzCCiOMk7iM0Wd1xxM6EJxiEew5v4gUz3vDgx3l%2FjuySGXSXdg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e339c17b4f4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

media.gemini.media/img/yallakora/IOSTeams//120//2018/10/31/Cadiz2018_10_31_12_21.jpg

172.67.74.224

11 kB

URL
media.gemini.media/img/yallakora/IOSTeams//120//2018/10/31/Cadiz2018_10_31_12_21.jpg
IP
172.67.74.224:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Size
11 kB (11299 bytes)
Hash
60bee6674decc12a0b74a7c54c2fe7c7
a1e5aa4532cddc974652da776e84d385d680f04d
be5cea8fbee6dc2e52f420aafd50b9166d600be4011f57ba401aba0cf41db599

HTTP Headers

GET /img/yallakora/IOSTeams//120//2018/10/31/Cadiz2018_10_31_12_21.jpg HTTP/1.1
Host: media.gemini.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://6ksatv.yalla-shoots.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:06 GMT
content-type: image/jpeg
content-length: 11299
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: https://www.yallakora.com
cache-control: max-age=2592000
cf-bgj: h2pri
etag: "61ff148d371d41:0"
last-modified: Wed, 31 Oct 2018 10:21:56 GMT
x-powered-by: ASP.NET
cf-cache-status: HIT
age: 570967
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=At5784qiJ71q8bUlYx7Gc8t6lmdg%2FyMcJTApz%2FZD3Z6uDPQGWYUnHpZtzSbPC70C7rsug5N%2B5SbG1gpGpj4NVm1xeTq9uuy77SRn749prYzrJou907NBubN9lxpzR%2B9jkF8tOA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e339c1db4f4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

media.gemini.media/img/yallakora/IOSTeams//120//2018/7/29/Villareal2018_7_29_14_53.jpg

172.67.74.224

15 kB

URL
media.gemini.media/img/yallakora/IOSTeams//120//2018/7/29/Villareal2018_7_29_14_53.jpg
IP
172.67.74.224:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Size
15 kB (14812 bytes)
Hash
dc0eeac6c8b50880b025cc57e3de80ac
b0d8caa4bcb7627b4b12580ce71d2ddf4a62c65a
2a4832b3e989cea739372a19a2fa4c65c508a98926dd79ac377b947df92d03aa

HTTP Headers

GET /img/yallakora/IOSTeams//120//2018/7/29/Villareal2018_7_29_14_53.jpg HTTP/1.1
Host: media.gemini.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://6ksatv.yalla-shoots.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:06 GMT
content-type: image/jpeg
content-length: 14812
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: https://www.yallakora.com
cache-control: max-age=2592000
cf-bgj: h2pri
etag: "a1b64c6e3b27d41:0"
last-modified: Sun, 29 Jul 2018 12:55:30 GMT
x-powered-by: ASP.NET
cf-cache-status: HIT
age: 736872
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s6gaCXdekna5sGoTfe2a6gaTtKPPL6aTUCbUEOwN88cSou6YT%2FnTseV96G6YqDnoZsPe73ypEfNsJeknXzT6f3HEb2cnto5G2Mnjz9jq4cv5N%2FFijP7ELNNfF7T6wxr1Z0nxsg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e339c21b4f4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

media.gemini.media/img/yallakora/IOSTeams//120//2019/7/14/Osasuna2019_7_14_16_48.jpg

172.67.74.224

12 kB

URL
media.gemini.media/img/yallakora/IOSTeams//120//2019/7/14/Osasuna2019_7_14_16_48.jpg
IP
172.67.74.224:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Size
12 kB (11780 bytes)
Hash
679ff4c8b83bd8aca90a2bf851c18c53
4611f70e3da426877fdabc6a0e7c8c61bb53e231
f09a9b087bacaf8c799a8b72f40e40c9097d5a09d07ca70668908c1b4d6a6ba7

HTTP Headers

GET /img/yallakora/IOSTeams//120//2019/7/14/Osasuna2019_7_14_16_48.jpg HTTP/1.1
Host: media.gemini.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://6ksatv.yalla-shoots.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:06 GMT
content-type: image/jpeg
content-length: 11780
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: https://www.yallakora.com
cache-control: max-age=2592000
cf-bgj: h2pri
etag: "bc64652a533ad51:0"
last-modified: Sun, 14 Jul 2019 14:48:14 GMT
x-powered-by: ASP.NET
cf-cache-status: HIT
age: 578348
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=04lqh0NsDd9pjDBZeuhRsOvHH5S21FQGLP7s8IYVvP1Ser4N6YtdiPvT9K0HfZtN9T7EmBxHe0dt9TgrXEbPdsmQp5c1DT2%2Fhd8uJk16J1sWfl1caNpELITb31sQsiwy69l19w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e339c22b4f4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

media.gemini.media/img/yallakora/IOSTeams//120//2023/9/27/modern-future12023_9_27_17_39.jpg

172.67.74.224

14 kB

URL
media.gemini.media/img/yallakora/IOSTeams//120//2023/9/27/modern-future12023_9_27_17_39.jpg
IP
172.67.74.224:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Size
14 kB (14457 bytes)
Hash
23881607e2b9bffd3fd421d67e4e4739
a0759f2f92e19913f39e53f2aeab9f5a6341494e
e884376f8eeed1b82082723393c72e8c099508a19ce36e6d936edc0e89945e78

HTTP Headers

GET /img/yallakora/IOSTeams//120//2023/9/27/modern-future12023_9_27_17_39.jpg HTTP/1.1
Host: media.gemini.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://6ksatv.yalla-shoots.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:06 GMT
content-type: image/jpeg
content-length: 14457
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: https://www.yallakora.com
cache-control: max-age=2592000
cf-bgj: h2pri
etag: "d37e677450f1d91:0"
last-modified: Wed, 27 Sep 2023 14:39:43 GMT
x-powered-by: ASP.NET
cf-cache-status: HIT
age: 647464
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6LIumiYp%2BnVXflP%2FGwGNYdvzKJM4WpMlwrCC2ar6SjhbbvtrHxgG95W%2BSCdbK0irQiV8JJCIOYT1Xliz1ZV45O09cv1uS6J368I4L80uuTP%2FY6YLb%2BZWzt%2FKokvBXBeoE8uHZg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e339c23b4f4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

media.gemini.media/img/yallakora/IOSTeams//120//2018/8/18/Mamelodi2018_8_18_23_12.jpg

172.67.74.224

11 kB

URL
media.gemini.media/img/yallakora/IOSTeams//120//2018/8/18/Mamelodi2018_8_18_23_12.jpg
IP
172.67.74.224:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Size
11 kB (11285 bytes)
Hash
0c7909c97a386e4a698edb04996ad331
2047a0472827f1ca9102c30fcd09643590225500
586e5c38d6335ab273a824d7e8d0b12a797fb5107477c7ca326ea8f16eea223d

HTTP Headers

GET /img/yallakora/IOSTeams//120//2018/8/18/Mamelodi2018_8_18_23_12.jpg HTTP/1.1
Host: media.gemini.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://6ksatv.yalla-shoots.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:06 GMT
content-type: image/jpeg
content-length: 11285
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: https://www.yallakora.com
cache-control: max-age=2592000
cf-bgj: h2pri
etag: "4d2d75263837d41:0"
last-modified: Sat, 18 Aug 2018 21:12:20 GMT
x-powered-by: ASP.NET
cf-cache-status: HIT
age: 868622
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cb06vYhRfqNSDpklAPjszbg1cJMOk9LN74Zv6Xhfictu8t4LtZczWVwZG9Tk09clkw5jO0elj2YA2GBnUFhiRzLq2Z9QMR1AuQtxL%2FvY26vMDH6rrSonyzSyM9v2grDRha5Nzw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e339c26b4f4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

media.gemini.media/img/yallakora/IOSTeams//120//2018/7/29/Tottenham2018_7_29_15_28.jpg

172.67.74.224

6.7 kB

URL
media.gemini.media/img/yallakora/IOSTeams//120//2018/7/29/Tottenham2018_7_29_15_28.jpg
IP
172.67.74.224:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Size
6.7 kB (6685 bytes)
Hash
088587c47bbe143717aad3e97805a34b
a364ac014c18c0b5f0f829e23a89e5d6d9d9a0ae
82ce6431d5e63455ec09893d658b6f568ccafb43c5511f4b68cf866303af2cfa

HTTP Headers

GET /img/yallakora/IOSTeams//120//2018/7/29/Tottenham2018_7_29_15_28.jpg HTTP/1.1
Host: media.gemini.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://6ksatv.yalla-shoots.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:06 GMT
content-type: image/jpeg
content-length: 6685
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: https://www.yallakora.com
cache-control: max-age=2592000
cf-bgj: h2pri
etag: "61bff84e4027d41:0"
last-modified: Sun, 29 Jul 2018 13:30:25 GMT
x-powered-by: ASP.NET
cf-cache-status: HIT
age: 570995
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1KVrdkhOSk1zYHvxkbkHCfSE7lCNqrtweFJ415uFQVlUbywAVDbI1lur0g2ZVCWUQrv4IxaOoiysHql9Su2RSmQ%2BJGOEVt36VqiOQhsGOxO9lDSFiq25R1Y%2FvDUv3eScdTxnZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e339c29b4f4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

media.gemini.media/img/yallakora/IOSTeams//120//2018/7/29/Nice2018_7_29_17_14.jpg

172.67.74.224

18 kB

URL
media.gemini.media/img/yallakora/IOSTeams//120//2018/7/29/Nice2018_7_29_17_14.jpg
IP
172.67.74.224:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Size
18 kB (18130 bytes)
Hash
f540dbaa7806255b01fd485172acd5cc
875f5b766486a0954343f0ca88336603053466d8
694ba05a07dd6dd37726339a97da6fd75a3c552d0e88ff6cf96afdcb39f3903d

HTTP Headers

GET /img/yallakora/IOSTeams//120//2018/7/29/Nice2018_7_29_17_14.jpg HTTP/1.1
Host: media.gemini.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://6ksatv.yalla-shoots.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:06 GMT
content-type: image/jpeg
content-length: 18130
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: https://www.yallakora.com
cache-control: max-age=2592000
cf-bgj: h2pri
etag: "417925104f27d41:0"
last-modified: Sun, 29 Jul 2018 15:16:02 GMT
x-powered-by: ASP.NET
cf-cache-status: HIT
age: 478900
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qQU1kDAqpmwR02jw8PvuGlBgYhKdJQ4Rt2qw5qvTa6efLgHOGEuRRuC%2FArnWQsRiO4MxU8gmGLrO%2F5ZnFLts05FIHl0wlJr7YHjIEGAwfiTeMMRi3FnjbYM5r0WNRc1LqcQzhA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e339c1eb4f4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

media.gemini.media/img/yallakora/IOSTeams//120//2018/7/29/Toulouse2018_7_29_17_15.jpg

172.67.74.224

18 kB

URL
media.gemini.media/img/yallakora/IOSTeams//120//2018/7/29/Toulouse2018_7_29_17_15.jpg
IP
172.67.74.224:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Size
18 kB (18120 bytes)
Hash
02e038a3213bdcc5e1f7a2808fa1106b
e49f55d492f260658874fc25cfb17322ec1585cd
bc295d75ac8dd1f8db94d406c3fb57f45800c40920bd40ef351ba69eeee36a79

HTTP Headers

GET /img/yallakora/IOSTeams//120//2018/7/29/Toulouse2018_7_29_17_15.jpg HTTP/1.1
Host: media.gemini.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://6ksatv.yalla-shoots.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:06 GMT
content-type: image/jpeg
content-length: 18120
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: https://www.yallakora.com
cache-control: max-age=2592000
cf-bgj: h2pri
etag: "81ca27314f27d41:0"
last-modified: Sun, 29 Jul 2018 15:16:58 GMT
x-powered-by: ASP.NET
cf-cache-status: HIT
age: 832958
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O9giEszJbHVqie8oz7tmrrqqrIlvyMsVnQ5de%2BXswg96GDtCSeI9QQIr2zi3i74HCjf3k7BnsDNPQx8az1pcbgkVnIA49D6qi9RV%2BKLV8Va6gi2uzPx%2B%2FVhoVD2%2FtZt56q7tJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e339c1fb4f4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

media.gemini.media/img/yallakora/IOSTeams//120//2018/9/10/AstonVilla2018_9_10_12_22.jpg

172.67.74.224

11 kB

URL
media.gemini.media/img/yallakora/IOSTeams//120//2018/9/10/AstonVilla2018_9_10_12_22.jpg
IP
172.67.74.224:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Size
11 kB (10966 bytes)
Hash
61f15de5fc867b9825a9a14221180e11
77e51fcc4167a092984c009701a40bb1ae519ffc
131fa28a94480853cafc4973b556277a3410b7193bc37b09989dfb97cffda234

HTTP Headers

GET /img/yallakora/IOSTeams//120//2018/9/10/AstonVilla2018_9_10_12_22.jpg HTTP/1.1
Host: media.gemini.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://6ksatv.yalla-shoots.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:06 GMT
content-type: image/jpeg
content-length: 10966
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: https://www.yallakora.com
cache-control: max-age=2592000
cf-bgj: h2pri
etag: "c8f5d29f048d41:0"
last-modified: Mon, 10 Sep 2018 10:22:22 GMT
x-powered-by: ASP.NET
cf-cache-status: HIT
age: 897165
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V4kRQgmMjwkxrGdD%2FwjFX%2FK6lY1dm1s%2BCrtkM1hN75kWtZNWjrTlC34DWlDJ14GGQG5AS3zzWmzoAzWUONxE1hQpKSZO0PoWlMukUJaWG5Jrt%2B5Dz2kUhm8LeEvk0O0cl10TDg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e339c2ab4f4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

media.gemini.media/img/yallakora/IOSTeams//120//2018/7/29/Sevilla2018_7_29_14_45.jpg

172.67.74.224

12 kB

URL
media.gemini.media/img/yallakora/IOSTeams//120//2018/7/29/Sevilla2018_7_29_14_45.jpg
IP
172.67.74.224:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Size
12 kB (12352 bytes)
Hash
022d5e79b2d64d7f9cf29b01caf5fd4e
35c222d8bd5550c60ae7b09447e631a43307d6fc
566f4d3323fc5713b4872682b533c13b52151f3a92d78cc7e2cbf70354023a29

HTTP Headers

GET /img/yallakora/IOSTeams//120//2018/7/29/Sevilla2018_7_29_14_45.jpg HTTP/1.1
Host: media.gemini.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://6ksatv.yalla-shoots.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:06 GMT
content-type: image/jpeg
content-length: 12352
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: https://www.yallakora.com
cache-control: max-age=2592000
cf-bgj: h2pri
etag: "21d6bb513a27d41:0"
last-modified: Sun, 29 Jul 2018 12:47:33 GMT
x-powered-by: ASP.NET
cf-cache-status: HIT
age: 832965
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FtF60SI0VWVldBv5ir9C27AttQqCcuEEUxZar1ux6wXJcEzo1aZpJwFS53CZJdZCukiCawSYLLmw8IDa6S%2FlrUjt6xOlLAoM9fsMNSot9JURiG9fdLiOictddmxkvkHXxPyDkA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e339c2db4f4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

media.gemini.media/img/yallakora/IOSTeams//120//2018/7/24/SuperSport2018_7_24_12_40.jpg

172.67.74.224

26 kB

URL
media.gemini.media/img/yallakora/IOSTeams//120//2018/7/24/SuperSport2018_7_24_12_40.jpg
IP
172.67.74.224:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Size
26 kB (26166 bytes)
Hash
cdaf43a926600b0d9ba602c1382788c5
49d37ebf127d4581d2244c0c37ad2cb1aee4fd5f
b2ab48d86631da439d0a36376a319c048ea774879da47babe2b06d0a4ca29c8d

HTTP Headers

GET /img/yallakora/IOSTeams//120//2018/7/24/SuperSport2018_7_24_12_40.jpg HTTP/1.1
Host: media.gemini.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://6ksatv.yalla-shoots.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:06 GMT
content-type: image/jpeg
content-length: 26166
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: https://www.yallakora.com
cache-control: max-age=2592000
cf-bgj: h2pri
etag: "afb87f03a23d41:0"
last-modified: Tue, 24 Jul 2018 10:41:55 GMT
x-powered-by: ASP.NET
cf-cache-status: HIT
age: 650765
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gvSGMAL1%2B9M085C565bAugZ%2FIcHpqpsp4R1oA5aERMm6LlSAQRuFEVYA9oZ%2FHTOid%2F5XJpFwu6DJmW9PcKnVIQ0uuPJig2vd%2BG8kz4kXae44%2FZVv9%2Fhy3b%2Fw1Mz6iMre1hOOeA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e339c25b4f4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

media.gemini.media/img/yallakora/IOSTeams//120//2018/7/29/RealSociedad2018_7_29_14_56.jpg

172.67.74.224

16 kB

URL
media.gemini.media/img/yallakora/IOSTeams//120//2018/7/29/RealSociedad2018_7_29_14_56.jpg
IP
172.67.74.224:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Size
16 kB (16462 bytes)
Hash
1c9c2d2a7176b5fe608faaccfe9674b2
34ecf08ab4976da6126470079ceadb5e20ac2cd8
779042a1660b6ea0dfa8c76e8d1c5d1396017b0b45ad27fff115e4db6f133b47

HTTP Headers

GET /img/yallakora/IOSTeams//120//2018/7/29/RealSociedad2018_7_29_14_56.jpg HTTP/1.1
Host: media.gemini.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://6ksatv.yalla-shoots.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:06 GMT
content-type: image/jpeg
content-length: 16462
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: https://www.yallakora.com
cache-control: max-age=2592000
cf-bgj: h2pri
etag: "417026d13b27d41:0"
last-modified: Sun, 29 Jul 2018 12:58:16 GMT
x-powered-by: ASP.NET
cf-cache-status: HIT
age: 651421
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S2jDEOBjNecYCdoNJSSvMXbyBzmFayBq05TICQsnu4c0ljwgIKTe5XoNikpfa8Xl8cqCA07wfLItw5BS3LEhwZnq56p7mxZ7nJgpgs4x7SxoKhBggh0Tyc8VoAnDPHpxRuGbMA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e339c2cb4f4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

media.gemini.media/img/yallakora/IOSTeams//120//2018/7/24/Zamalek2018_7_24_13_31.jpg

172.67.74.224

14 kB

URL
media.gemini.media/img/yallakora/IOSTeams//120//2018/7/24/Zamalek2018_7_24_13_31.jpg
IP
172.67.74.224:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Size
14 kB (14151 bytes)
Hash
6330e467528abb6c0af596fc6139334d
26a69f4475f22877ae46ab4e656750c457694186
9b1fc7a4486717c0fdc800ac429e54f7fb67ae1b3cba6ef2b634d9d82732c592

HTTP Headers

GET /img/yallakora/IOSTeams//120//2018/7/24/Zamalek2018_7_24_13_31.jpg HTTP/1.1
Host: media.gemini.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://6ksatv.yalla-shoots.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:06 GMT
content-type: image/jpeg
content-length: 14151
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: https://www.yallakora.com
cache-control: max-age=2592000
cf-bgj: h2pri
etag: "9c76bb1a4223d41:0"
last-modified: Tue, 24 Jul 2018 11:33:12 GMT
x-powered-by: ASP.NET
cf-cache-status: HIT
age: 401209
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hxcokRv0THLl42G%2FYZli5WN%2Fq1otjI4ryhS1l%2F9ZoH8H5IGOXrDhxyrFF%2B8dkbltgv%2F5Z625IP0W4mjjEa%2FE8uYfR9gx3uU0KdHLtf7sQ1hNtC3HsnGLUNMQ9pdcr45lA3sUkA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e339c2eb4f4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

media.gemini.media/img/yallakora/IOSTeams//120//2018/7/29/Everton2018_7_29_15_28.jpg

172.67.74.224

16 kB

URL
media.gemini.media/img/yallakora/IOSTeams//120//2018/7/29/Everton2018_7_29_15_28.jpg
IP
172.67.74.224:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Size
16 kB (16346 bytes)
Hash
fa5ce04214f06bcdada1333c7fdd362f
2bad9f062caaecb02c7f40b253a447712db16968
4c256c2de0e4f0df8b434ee57770f0d0cab52bf0dab05c83050c8cee002a0cf0

HTTP Headers

GET /img/yallakora/IOSTeams//120//2018/7/29/Everton2018_7_29_15_28.jpg HTTP/1.1
Host: media.gemini.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://6ksatv.yalla-shoots.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:06 GMT
content-type: image/jpeg
content-length: 16346
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: https://www.yallakora.com
cache-control: max-age=2592000
cf-bgj: h2pri
etag: "e1219f5c4027d41:0"
last-modified: Sun, 29 Jul 2018 13:30:48 GMT
x-powered-by: ASP.NET
cf-cache-status: HIT
age: 827434
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ARYubEZ0TjgqKf5rI7LCfxSaIsuRqm2jg3BtMqLGZ%2FPuJzeBsNuJNj4ybNVkxll0dCsFJ2jqhqGT%2FhWZm%2BEdgjOCeYv0cPSEvyx9gChocjfy7BM94osw2UMV2nYzp4BlKlbIVw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e33ac30b4f4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

media.gemini.media/img/yallakora/IOSTeams//120//2018/7/29/ASRoma2018_7_29_15_7.jpg

172.67.74.224

13 kB

URL
media.gemini.media/img/yallakora/IOSTeams//120//2018/7/29/ASRoma2018_7_29_15_7.jpg
IP
172.67.74.224:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Size
13 kB (13103 bytes)
Hash
693688c61d0b3b671ced12908987317e
ce97bcc15ed14307cc8c3c732a1ff939d1a3c4c5
50ae85df1a485aafa0b3cbca31ff4290eaf046d5d1fb853bc5646fe9119c26cd

HTTP Headers

GET /img/yallakora/IOSTeams//120//2018/7/29/ASRoma2018_7_29_15_7.jpg HTTP/1.1
Host: media.gemini.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://6ksatv.yalla-shoots.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:06 GMT
content-type: image/jpeg
content-length: 13103
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: https://www.yallakora.com
cache-control: max-age=2592000
cf-bgj: h2pri
etag: "81a99e563d27d41:0"
last-modified: Sun, 29 Jul 2018 13:09:10 GMT
x-powered-by: ASP.NET
cf-cache-status: HIT
age: 547366
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZO01beVSr5nQK1HTHghuL5IZOOkOyv%2FEGPaH6HYRRYmZJwDBrTkAg%2BGbqve%2BwGwvHJWRmZgnsEdl3BqxR2fDDI2FkvdGOf1J%2F%2FXLfZFbHwfPEBFdS1WnBBa7IXX7Sk1bfN5%2F3w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e33ac33b4f4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

media.gemini.media/img/yallakora/IOSTeams//120//2018/7/29/Udinese2018_7_29_15_6.jpg

172.67.74.224

16 kB

URL
media.gemini.media/img/yallakora/IOSTeams//120//2018/7/29/Udinese2018_7_29_15_6.jpg
IP
172.67.74.224:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Size
16 kB (16232 bytes)
Hash
2cb77c1db6444d1c3b273ead6cec2415
af068b8b419c16b9074673e0a528712942503f08
0cd6a561169e8267978d965b7fbf40f7f3970b7c1da4eda47c1c66c939d397fe

HTTP Headers

GET /img/yallakora/IOSTeams//120//2018/7/29/Udinese2018_7_29_15_6.jpg HTTP/1.1
Host: media.gemini.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://6ksatv.yalla-shoots.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:06 GMT
content-type: image/jpeg
content-length: 16232
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: https://www.yallakora.com
cache-control: max-age=2592000
cf-bgj: h2pri
etag: "e1be253c3d27d41:0"
last-modified: Sun, 29 Jul 2018 13:08:25 GMT
x-powered-by: ASP.NET
cf-cache-status: HIT
age: 1004402
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b9wtnkLMugh%2By%2FAGh7%2BczNQltdQNct8wrV%2B2np44UaHZqNXE2VSGGe3qNFZ7rBc5GEVm7AoV0rXC7bolZrjEupt%2BpuhnpM4viEO6esg5ebgm2f%2FOXcfb%2BYVJ0rK2M6T3BrY9Mg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e33ac38b4f4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

media.gemini.media/img/yallakora/IOSTeams//120//2018/7/29/ManchesterUnited2018_7_29_15_29.jpg

172.67.74.224

18 kB

URL
media.gemini.media/img/yallakora/IOSTeams//120//2018/7/29/ManchesterUnited2018_7_29_15_29.jpg
IP
172.67.74.224:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Size
18 kB (18104 bytes)
Hash
7512235088a67f2c1762222cdf0fe4d4
f649108b0cf1397dbfc6f601a0a970e126a72099
20254c5ee7d1092b3fc77a7e79981edbd82a6e6b5c3fe190aae86c495b51e89a

HTTP Headers

GET /img/yallakora/IOSTeams//120//2018/7/29/ManchesterUnited2018_7_29_15_29.jpg HTTP/1.1
Host: media.gemini.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://6ksatv.yalla-shoots.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:06 GMT
content-type: image/jpeg
content-length: 18104
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: https://www.yallakora.com
cache-control: max-age=2592000
cf-bgj: h2pri
etag: "c1f05a6a4027d41:0"
last-modified: Sun, 29 Jul 2018 13:31:11 GMT
x-powered-by: ASP.NET
cf-cache-status: HIT
age: 899312
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XvdVf5vnZjmkaCT%2BkdQs%2FilQ62tAEKY%2Ffk87h1JLFsWTRGC3wrthYG%2BLMs8lNEi3LskeZf9TyYgkjqXKxa6hP6uINCOU5aZg%2FcEqtFptwRqdssCYZry0cM70nYLJ3q%2BxTifSkA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e33ac31b4f4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

media.gemini.media/img/yallakora/IOSTeams//120//2023/11/22/32023_11_22_17_39.jpg

172.67.74.224

34 kB

URL
media.gemini.media/img/yallakora/IOSTeams//120//2023/11/22/32023_11_22_17_39.jpg
IP
172.67.74.224:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Size
34 kB (34137 bytes)
Hash
bc6d406005b375474fd9d3b9afb07347
262253ec2fcf5407426a5c2122296b0393bed438
daa86ee024be470fc4af2e912a633e93ee37417f47c90c9933436fe3b5a7a01c

HTTP Headers

GET /img/yallakora/IOSTeams//120//2023/11/22/32023_11_22_17_39.jpg HTTP/1.1
Host: media.gemini.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://6ksatv.yalla-shoots.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:06 GMT
content-type: image/jpeg
content-length: 34137
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: https://www.yallakora.com
cache-control: max-age=2592000
cf-bgj: h2pri
etag: "312c15a5a1dda1:0"
last-modified: Wed, 22 Nov 2023 15:39:11 GMT
x-powered-by: ASP.NET
cf-cache-status: HIT
age: 964760
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M5pxn%2B12yJd7dnrEj%2BPn7aNC3WxsDWy0tzIemYjZUrIlIwK%2BeRyn8QHb8bVMJBbh8unT6XO7ikKbyyHg369Zgu4SA6M8x4KlJhgHLXl1x0DvIUL7Nqd%2F8nUst3nH6UaypfV2Uw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e33ac2fb4f4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

media.gemini.media/img/yallakora/IOSTeams//120//2023/3/6/Nouadhibou12023_3_6_0_5.jpg

172.67.74.224

32 kB

URL
media.gemini.media/img/yallakora/IOSTeams//120//2023/3/6/Nouadhibou12023_3_6_0_5.jpg
IP
172.67.74.224:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Size
32 kB (32482 bytes)
Hash
e686a9436eb8f707129eeed9d050b9ff
7ee3aba89f6fdd9ec27720aea638e055f01c3a45
c5462d4d74abb71df3c0998117dee4cfa8298bcd6b1b318bed39d3f25cb2eb7e

HTTP Headers

GET /img/yallakora/IOSTeams//120//2023/3/6/Nouadhibou12023_3_6_0_5.jpg HTTP/1.1
Host: media.gemini.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://6ksatv.yalla-shoots.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:06 GMT
content-type: image/jpeg
content-length: 32482
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: https://www.yallakora.com
cache-control: max-age=2592000
cf-bgj: h2pri
etag: "8aaaee99ae4fd91:0"
last-modified: Sun, 05 Mar 2023 22:05:30 GMT
x-powered-by: ASP.NET
cf-cache-status: HIT
age: 478896
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y%2BhwCoJ1fQUKz3MTX%2BisZ1gY3Wymo8XM91Ij9nc8BvRUTHNHQPNQPHGaQshs3w%2BrV9ivUIOApPPdF6Gw3D18nN24zpaCs7WUwT9mGmCfsY3RFv1MKxPHUpOIcIZiYA4pV%2FFLlA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e339c27b4f4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

media.gemini.media/img/yallakora/IOSTeams//120//2018/7/29/RealMadrid2018_7_29_14_47.jpg

172.67.74.224

16 kB

URL
media.gemini.media/img/yallakora/IOSTeams//120//2018/7/29/RealMadrid2018_7_29_14_47.jpg
IP
172.67.74.224:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Size
16 kB (16404 bytes)
Hash
2059675d02d95b5a081cb03dab6b799b
92511ff65ed6a40c4ff84f0d5bca63037b7f3ef8
19b7681ad6b2f23f511744340fd8815409918f0a67ccf15edcae821c38bc3cab

HTTP Headers

GET /img/yallakora/IOSTeams//120//2018/7/29/RealMadrid2018_7_29_14_47.jpg HTTP/1.1
Host: media.gemini.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://6ksatv.yalla-shoots.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:06 GMT
content-type: image/jpeg
content-length: 16404
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: https://www.yallakora.com
cache-control: max-age=2592000
cf-bgj: h2pri
etag: "e1e451923a27d41:0"
last-modified: Sun, 29 Jul 2018 12:49:21 GMT
x-powered-by: ASP.NET
cf-cache-status: HIT
age: 901325
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oaKd2UZ2BiwW3YEfXD6Vqe9BFktvTB3M6EXbq1vDfc38G7ZS8ieN7pYHpsqwoD398DW9xlfY2TGe9kV98tHzQBqpuJgYsvWBrzJ%2BCOb3oLgBNxaDmp4aRpzyCYC4OtSwcp5QQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e33bc3eb4f4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

media.gemini.media/img/yallakora/IOSTeams//120//2021/9/23/NahdetBourkan2021_9_23_16_20.jpg

172.67.74.224

30 kB

URL
media.gemini.media/img/yallakora/IOSTeams//120//2021/9/23/NahdetBourkan2021_9_23_16_20.jpg
IP
172.67.74.224:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Size
30 kB (29650 bytes)
Hash
3413f81013b1c26378f9b0c8785cff70
6900fea6dbfc4f0994cd95824b23d457a38317a1
62ec285622d97afdd2e642e5dcb30bdb605c3904e06360405977b9510f097155

HTTP Headers

GET /img/yallakora/IOSTeams//120//2021/9/23/NahdetBourkan2021_9_23_16_20.jpg HTTP/1.1
Host: media.gemini.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://6ksatv.yalla-shoots.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:06 GMT
content-type: image/jpeg
content-length: 29650
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: https://www.yallakora.com
cache-control: max-age=2592000
cf-bgj: h2pri
etag: "dfc5e61f86b0d71:0"
last-modified: Thu, 23 Sep 2021 14:20:13 GMT
x-powered-by: ASP.NET
cf-cache-status: HIT
age: 964084
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s13jLJnerg0BFTwBeZjlYjJobVhhQ59zk439NKdeYKo1FBZEDQZjlXDsPcIGC1Zs348cQwkn0AesjXgTFkbLRsQC6McnGZrSL7buBFxQuV3fKPGOVw9jaaMLBNHqSFBBLhkK6A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e33bc41b4f4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.yallakora.com/pictures/TeamLogo/j19-2-2014-17-48-6.png

104.20.26.67

4.4 kB

URL
www.yallakora.com/pictures/TeamLogo/j19-2-2014-17-48-6.png
IP
104.20.26.67:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 45 x 45, 8-bit/color RGBA, non-interlaced\012- data
Size
4.4 kB (4443 bytes)
Hash
b7b1092590019292b828957ee5632d43
7e626ac8768a9c8d3b838a5d011ad52bbe1c2d7e
f917a984e7c0e8cdb07bbc510761edb0e92fb40d4f771009edc25654c590278b

HTTP Headers

GET /pictures/TeamLogo/j19-2-2014-17-48-6.png HTTP/1.1
Host: www.yallakora.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://6ksatv.yalla-shoots.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:06 GMT
content-type: image/png
content-length: 4443
access-control-allow-origin: https://ads.geminimedia-eg.com
cf-bgj: imgq:85,h2pri
cf-polished: origSize=5795
etag: "dd2f67fb892dcf1:0"
last-modified: Wed, 19 Feb 2014 15:48:06 GMT
x-powered-by: ASP.NET
cache-control: max-age=1382400
cf-cache-status: HIT
age: 85
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e343c4ab500-OSL
X-Firefox-Spdy: h2

media.gemini.media/img/yallakora/IOSTeams//120//2023/11/22/OpRRK6e5-4lOQacKt2023_11_22_18_7.jpg

172.67.74.224

20 kB

URL
media.gemini.media/img/yallakora/IOSTeams//120//2023/11/22/OpRRK6e5-4lOQacKt2023_11_22_18_7.jpg
IP
172.67.74.224:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Size
20 kB (19557 bytes)
Hash
678349eb7c6dfe4d626b3f8209c096a4
2b19894749278953fce5a1af8dfecc677cb725fc
06af434f57a5944bed8f1f74c344043d245a4e1d6a1068ee843d6e88a03ecff7

HTTP Headers

GET /img/yallakora/IOSTeams//120//2023/11/22/OpRRK6e5-4lOQacKt2023_11_22_18_7.jpg HTTP/1.1
Host: media.gemini.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://6ksatv.yalla-shoots.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:06 GMT
content-type: image/jpeg
content-length: 19557
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: https://www.yallakora.com
cache-control: max-age=2592000
cf-bgj: h2pri
etag: "dea4a45e1dda1:0"
last-modified: Wed, 22 Nov 2023 16:07:39 GMT
x-powered-by: ASP.NET
cf-cache-status: HIT
age: 964084
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s4VB%2F9RsNOBzr64O9NU5MNdOdFogvW488Oxc69SIAUU5qVNT3GrK1QXFdYVY%2FDoJzAZXGZ9Ov483jcKPQRZJ4pBqLpzM4KdVHttqA%2Bv9D6DKvZ6%2Fd6rJ9C0zF7yKW%2BMzLZyjsg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e33bc42b4f4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

media.gemini.media/img/yallakora/IOSTeams//120//2018/7/29/Lyon2018_7_29_17_11.jpg

172.67.74.224

12 kB

URL
media.gemini.media/img/yallakora/IOSTeams//120//2018/7/29/Lyon2018_7_29_17_11.jpg
IP
172.67.74.224:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Size
12 kB (12165 bytes)
Hash
ab6260d9310fe4545569204bc863d598
f846eaa84657b033cbb8a21cec46658f78d29cb5
217b8df32927c94361e85b3f75d401dfe422f40bb2e011b505b99a57fd7a5a0f

HTTP Headers

GET /img/yallakora/IOSTeams//120//2018/7/29/Lyon2018_7_29_17_11.jpg HTTP/1.1
Host: media.gemini.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://6ksatv.yalla-shoots.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:06 GMT
content-type: image/jpeg
content-length: 12165
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: https://www.yallakora.com
cache-control: max-age=2592000
cf-bgj: h2pri
etag: "2148aabe4e27d41:0"
last-modified: Sun, 29 Jul 2018 15:13:46 GMT
x-powered-by: ASP.NET
cf-cache-status: HIT
age: 452295
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wp9thUiaTuJhm8ce90pv6UXSKdYdOFNDiuBta3j%2F16WOsWbB2%2FN5YFDLDFQvJiTHIyhov0FP7vqSAjdmxGg8M6YMqaA1pNXHCq2ByZrEz0u3fkPGmVWicnoDxeoMUEO3DFHY%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e33cc49b4f4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

media.gemini.media/img/yallakora/IOSTeams//120//2021/9/5/Lille2021_9_5_15_50.jpg

172.67.74.224

11 kB

URL
media.gemini.media/img/yallakora/IOSTeams//120//2021/9/5/Lille2021_9_5_15_50.jpg
IP
172.67.74.224:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Size
11 kB (11236 bytes)
Hash
7bf886eaebc7f4fc26770db3dfcb2503
734cc6fcafcc2c93c98924f2ab8a44eec61bb7af
3336268d8e682705be900be06e572d86adf70a2a900dda5bf464bd5b4140c101

HTTP Headers

GET /img/yallakora/IOSTeams//120//2021/9/5/Lille2021_9_5_15_50.jpg HTTP/1.1
Host: media.gemini.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://6ksatv.yalla-shoots.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:06 GMT
content-type: image/jpeg
content-length: 11236
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: https://www.yallakora.com
cache-control: max-age=2592000
cf-bgj: h2pri
etag: "2651acfe5ca2d71:0"
last-modified: Sun, 05 Sep 2021 13:50:32 GMT
x-powered-by: ASP.NET
cf-cache-status: HIT
age: 818896
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HvPwU%2BQdDojjT%2B9rHAto6whhhkaNFcJzq6uMzTt3ELVxIloqgQn3aINkLEYhPFzZMhd7WB6ufOx%2Bp0s3i%2BI6A1AYzoay%2BbiotX9332cn7Xcw%2Fls260OdvpWTxu9ZuGllPGXy2A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e33cc51b4f4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

media.gemini.media/img/yallakora/IOSTeams//120//2021/7/14/Juventus12021_7_14_17_22.jpg

172.67.74.224

4.4 kB

URL
media.gemini.media/img/yallakora/IOSTeams//120//2021/7/14/Juventus12021_7_14_17_22.jpg
IP
172.67.74.224:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Size
4.4 kB (4355 bytes)
Hash
b45c96a8087d36c56d3d48373bb01613
29da903bba76865203973fc3adb091b3fb0b3d56
75e5f23880072b2c56d1be5b965ab83359211dc1f2a26361fe9a32a586085089

HTTP Headers

GET /img/yallakora/IOSTeams//120//2021/7/14/Juventus12021_7_14_17_22.jpg HTTP/1.1
Host: media.gemini.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://6ksatv.yalla-shoots.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:06 GMT
content-type: image/jpeg
content-length: 4355
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: https://www.yallakora.com
cache-control: max-age=2592000
cf-bgj: h2pri
etag: "9567561ec478d71:0"
last-modified: Wed, 14 Jul 2021 15:22:54 GMT
x-powered-by: ASP.NET
cf-cache-status: HIT
age: 666040
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=scRAS7yWVGtsomN5KLxb%2B2V29AfsDxAPmqoTVBCnhAxIYTwnUhwJ7w62ZIiMSCqncOmqXH8%2Bwl2NzXepCEgq4AgWYm2hlHVlNct5kB%2Bk2LYGljoziVk71V812r3ja1%2FQEbv8tA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e344c90b4f4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

media.gemini.media/img/yallakora/IOSTeams//120//2018/7/29/RealBetis2018_7_29_14_50.jpg

172.67.74.224

9.5 kB

URL
media.gemini.media/img/yallakora/IOSTeams//120//2018/7/29/RealBetis2018_7_29_14_50.jpg
IP
172.67.74.224:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Size
9.5 kB (9544 bytes)
Hash
036eb8d45066a9022e4325fda9848d26
466bf4d74de6ffe0215740dc4a0c84de2a3a24e7
cf8ffddb6d3379fb86d2adcbe47854557106314d3bb50e1a6739ad559e2b8420

HTTP Headers

GET /img/yallakora/IOSTeams//120//2018/7/29/RealBetis2018_7_29_14_50.jpg HTTP/1.1
Host: media.gemini.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://6ksatv.yalla-shoots.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:06 GMT
content-type: image/jpeg
content-length: 9544
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: https://www.yallakora.com
cache-control: max-age=2592000
cf-bgj: h2pri
etag: "81fc57f23a27d41:0"
last-modified: Sun, 29 Jul 2018 12:52:02 GMT
x-powered-by: ASP.NET
cf-cache-status: HIT
age: 818908
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FTK7rr%2BzYTUTEh6mRrU8O9FgN6qvTkISuWxBTOG2DgcNQBEEMFLtha6ZOzB7gxS1Zx8fJ4QVxzoBM36YME6S%2BU0URX30z0xFeyU9Qd4i%2BSoDNG6cYuQu%2BdR5zuPmhSX300k%2BCw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e344c94b4f4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

media.gemini.media/img/yallakora/IOSTeams//120//2021/9/7/AlSadd2021_9_7_11_27.jpg

172.67.74.224

8.9 kB

URL
media.gemini.media/img/yallakora/IOSTeams//120//2021/9/7/AlSadd2021_9_7_11_27.jpg
IP
172.67.74.224:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Size
8.9 kB (8928 bytes)
Hash
65a752b3515c6de45ca77b8e0bacaad3
b3fcec39272536aaea2eafc2b7a1b1efb3e48d4f
ac29c6391e14a64212bf44833675e5dc74d04deed80afe0b33cfa5caa1606a34

HTTP Headers

GET /img/yallakora/IOSTeams//120//2021/9/7/AlSadd2021_9_7_11_27.jpg HTTP/1.1
Host: media.gemini.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://6ksatv.yalla-shoots.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:06 GMT
content-type: image/jpeg
content-length: 8928
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: https://www.yallakora.com
cache-control: max-age=2592000
cf-bgj: h2pri
etag: "b6a51884caa3d71:0"
last-modified: Tue, 07 Sep 2021 09:27:02 GMT
x-powered-by: ASP.NET
cf-cache-status: HIT
age: 201196
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9INt709UnudhDJwfMWxklO7V4hXrkHiZmxoWnhxstzWnKCU5NFCqAFpHwmNdfHFBd71fvTbTKJvkwr0sGcDL4c7j%2Fp%2BYUZxdnQpPdJ4dDiiulS3i8VsCJJn%2FZD4ysfmuJFlGSw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e344c96b4f4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

media.gemini.media/img/yallakora/IOSTeams//120//2021/9/5/InterMilan2021_9_5_16_40.jpg

172.67.74.224

9.8 kB

URL
media.gemini.media/img/yallakora/IOSTeams//120//2021/9/5/InterMilan2021_9_5_16_40.jpg
IP
172.67.74.224:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Size
9.8 kB (9787 bytes)
Hash
0850b8337b558afbc90638112e7d81f0
2fcb33405381631fbb17b59891b5c3542c743074
a9709526ac57e1931acd4afb6d9cfcfc5caf3a90130b58f297ab6068578b0055

HTTP Headers

GET /img/yallakora/IOSTeams//120//2021/9/5/InterMilan2021_9_5_16_40.jpg HTTP/1.1
Host: media.gemini.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://6ksatv.yalla-shoots.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:06 GMT
content-type: image/jpeg
content-length: 9787
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: https://www.yallakora.com
cache-control: max-age=2592000
cf-bgj: h2pri
etag: "2da54f964a2d71:0"
last-modified: Sun, 05 Sep 2021 14:40:56 GMT
x-powered-by: ASP.NET
cf-cache-status: HIT
age: 987109
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YOuVZUyOA3H455Waszsu6zqDQIfkvNJLisN5TatbWtBJh7kXfqUuGEusBmWO8VA2GTmclDgMQA%2FnTWPYj%2B6mAwKQuD8oJvHlHeNoN3zfYYYBSQS3mSNs%2F%2BMPZsUxpO7XM03qhA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e344c91b4f4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

media.gemini.media/img/yallakora/IOSTeams//120//2018/7/29/LasPalmas2018_7_29_14_59.jpg

172.67.74.224

17 kB

URL
media.gemini.media/img/yallakora/IOSTeams//120//2018/7/29/LasPalmas2018_7_29_14_59.jpg
IP
172.67.74.224:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Size
17 kB (17072 bytes)
Hash
460400bd1da2ed8e1843831a8132887d
af8517d0f0ac1f0bc638572a51e7c915b0a70980
f9c0f10dfb65076b2ce3fbd78e3052f51cfd3dffdd9160d036859ac743ca81ad

HTTP Headers

GET /img/yallakora/IOSTeams//120//2018/7/29/LasPalmas2018_7_29_14_59.jpg HTTP/1.1
Host: media.gemini.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://6ksatv.yalla-shoots.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:06 GMT
content-type: image/jpeg
content-length: 17072
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: https://www.yallakora.com
cache-control: max-age=2592000
cf-bgj: h2pri
etag: "819cb1333c27d41:0"
last-modified: Sun, 29 Jul 2018 13:01:01 GMT
x-powered-by: ASP.NET
cf-cache-status: HIT
age: 832963
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Fa5WiMDVTA%2BQOk0vsxob1Vj5INWH9N1joQSqXina%2F0XHBZCFKZEICs3EaDJ7mkV2MFwSg8yox5b%2FvGA6jirszWIQBJX5wES%2FQa3nf0Ts%2Fda2CqEhiSD6oAxeofNNEFA14mjGg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e344c95b4f4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

media.gemini.media/img/yallakora/IOSTeams//120//2017/6/13/%D8%B4%D8%B9%D8%A7%D8%B1_%D9%86%D8%A7%D8%AF%D9%8A_%D8%A7%D9%84%D9%81%D9%8A%D8%B5%D9%84%D9%8A_2017_6_13_21_29.jpg

172.67.74.224

34 kB

URL
media.gemini.media/img/yallakora/IOSTeams//120//2017/6/13/%D8%B4%D8%B9%D8%A7%D8%B1_%D9%86%D8%A7%D8%AF%D9%8A_%D8%A7%D9%84%D9%81%D9%8A%D8%B5%D9%84%D9%8A_2017_6_13_21_29.jpg
IP
172.67.74.224:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Size
34 kB (34323 bytes)
Hash
0c7f439d51beb0c35ed06dc35e05096a
3423ec82c480f504be04bb8e94f52de288952825
77dc998de9324a11e19c367b69221728e718e1245f740e94342e14036ea1d4d8

HTTP Headers

GET /img/yallakora/IOSTeams//120//2017/6/13/%D8%B4%D8%B9%D8%A7%D8%B1_%D9%86%D8%A7%D8%AF%D9%8A_%D8%A7%D9%84%D9%81%D9%8A%D8%B5%D9%84%D9%8A_2017_6_13_21_29.jpg HTTP/1.1
Host: media.gemini.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://6ksatv.yalla-shoots.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:06 GMT
content-type: image/jpeg
content-length: 34323
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: https://www.yallakora.com
cache-control: max-age=2592000
cf-bgj: h2pri
etag: "66e41c667be4d21:0"
last-modified: Tue, 13 Jun 2017 19:29:39 GMT
x-powered-by: ASP.NET
cf-cache-status: HIT
age: 19657
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YPU4J39%2FjeplZdQN6cEM3P6GGhCd%2Bo2FwisxE%2FXrMoqdMjj5IFulvvrtJxlleI40WVdpB5G6L0YWW6DRoKxe9m0Uq6d7fSUxPzJePXf3k6hGnF5y2A7PIqGTUNcVNJ%2BOIXiZtg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e344c98b4f4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

media.gemini.media/img/yallakora/IOSTeams//120//2021/9/7/SharjahFC2021_9_7_11_29.jpg

172.67.74.224

14 kB

URL
media.gemini.media/img/yallakora/IOSTeams//120//2021/9/7/SharjahFC2021_9_7_11_29.jpg
IP
172.67.74.224:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Size
14 kB (14279 bytes)
Hash
7f112676c24f8821deecead20e146932
74b29c7c65071e73116ea2596bd30c6079f66fe4
bb8072236f64fade1374f98f291a4c8ef1425bb11d9b03a312ac6f60c7512959

HTTP Headers

GET /img/yallakora/IOSTeams//120//2021/9/7/SharjahFC2021_9_7_11_29.jpg HTTP/1.1
Host: media.gemini.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://6ksatv.yalla-shoots.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:06 GMT
content-type: image/jpeg
content-length: 14279
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: https://www.yallakora.com
cache-control: max-age=2592000
cf-bgj: h2pri
etag: "79032d8caa3d71:0"
last-modified: Tue, 07 Sep 2021 09:29:23 GMT
x-powered-by: ASP.NET
cf-cache-status: HIT
age: 16058
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=91Jn1qhQqHzqhyc%2FCnVGzN6hkICICGZRn7g5gts5QxNMt8MvDLP507puun%2FAfpJCa7mtgEfeajISXE8pZs6t2M%2FV9QIB08w9TuXv52S7SOWbaz0Rl1H6cLrxEGxgxExGmUsF3g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e344c99b4f4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/zepto/1.2.0/zepto.min.js

104.17.25.14

8.8 kB

URL
cdnjs.cloudflare.com/ajax/libs/zepto/1.2.0/zepto.min.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (26318)
Size
8.8 kB (8798 bytes)
Hash
50a4556b0089cfa1cb61e88ea23bbcce
6865443a258954fa19b8aa682e1f4c77d42493d1
beb9f5e32ed61fbce010497242a9b6b8219242b5ffc636038e7891510c773725

HTTP Headers

GET /ajax/libs/zepto/1.2.0/zepto.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://6ksatv.yalla-shoots.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:06 GMT
content-type: application/javascript; charset=utf-8
content-length: 8798
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb04043-6712"
last-modified: Mon, 04 May 2020 16:18:11 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 491628
expires: Fri, 22 Nov 2024 23:23:06 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QoTuhxk2QThC1B8z2Hz27PbFy2iejFCdU%2Bxjpw6luJ2K1v4%2Fnn6hBllg6V%2FSmtcqlp9ZIV7DHdcvseVwuyYzCcJNoWqNXcbqbp1CAEAuW2Oemk%2FN8mcAYRQFIAt7PqVG1NGWC%2FB3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 82ff8e345938b52d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

media.gemini.media/img/yallakora/IOSTeams//120//2021/7/15/AGMK2021_7_15_12_44.jpg

172.67.74.224

19 kB

URL
media.gemini.media/img/yallakora/IOSTeams//120//2021/7/15/AGMK2021_7_15_12_44.jpg
IP
172.67.74.224:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Size
19 kB (19426 bytes)
Hash
a07a155c31df5bc0158e4adfbc10ae3a
9d182782667922841a94540612c26f07b41aee6b
17b82b823d6b8395000909cbd5e13f425c839137c2c68be431b621e169750caf

HTTP Headers

GET /img/yallakora/IOSTeams//120//2021/7/15/AGMK2021_7_15_12_44.jpg HTTP/1.1
Host: media.gemini.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://6ksatv.yalla-shoots.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:06 GMT
content-type: image/jpeg
content-length: 19426
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: https://www.yallakora.com
cache-control: max-age=2592000
cf-bgj: h2pri
etag: "7ed748706679d71:0"
last-modified: Thu, 15 Jul 2021 10:44:50 GMT
x-powered-by: ASP.NET
cf-cache-status: HIT
age: 650022
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aPxy8xvjdm117NXLHDoZacLMVvr7BJSpEdVijfro26Qx9N06j3%2BNDcChufLojdo%2BX4ceoB9l7OqbrGFHEFJa44rViMFO%2BdiG%2BA6mBExf06srRAT6XjYa4zEwTWSuK%2BBiGLUKCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e344c9ab4f4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.yalla-shoots.net/

172.67.142.227

32 kB

URL
www.yalla-shoots.net/
IP
172.67.142.227:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (6974)
Size
32 kB (32500 bytes)
Hash
319532ac8abce4260e8fbcb6ad6a5198
d2a6f3b0c3281ce4082d5af49dcde15c901a0272
8ef219acbec8fee9ff3664e8f6417e1046fd9cf742595ec81192be1868ed2c14

HTTP Headers

GET / HTTP/1.1
Host: www.yalla-shoots.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:04 GMT
content-type: text/html; charset=UTF-8
expires: Sun, 03 Dec 2023 23:23:04 GMT
cache-control: private, max-age=0
last-modified: Wed, 29 Nov 2023 11:48:22 GMT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b5vuuixXlPEqfOOQlBvJ117LPgafQi0De53F2vmvZP4AXIzwz%2Fq2ev94fDX0zVBA31F4Ha7xpKl2vHJx7OUY25QOtFQY0OJPtpjYhvMBVZnbckeHCKx8UDv4K4BDxXy9OtRK%2Bk%2FGnA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82ff8e287c9a56c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-NGHF66R8ME

142.250.74.136

93 kB

URL
www.googletagmanager.com/gtag/js?id=G-NGHF66R8ME
IP
142.250.74.136:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (5955)
Size
93 kB (93126 bytes)
Hash
04d2ffc3b52fbabf6e02741da9fa96d7
2c870a369a1f53f8f71d11fe8dc63493ef56a0ba
a3ee4cb3fe0f82039c94927b792a9986f2d27b80bde969a4c6f9d55293149285

HTTP Headers

GET /gtag/js?id=G-NGHF66R8ME HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://6ksatv.yalla-shoots.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 03 Dec 2023 23:23:06 GMT
expires: Sun, 03 Dec 2023 23:23:06 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 93126
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

6koratv.yalla-shoots.net/

172.67.142.227

194 kB

URL
6koratv.yalla-shoots.net/
IP
172.67.142.227:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
194 kB (193832 bytes)
Hash
a8adc91a3815f2852cf327601bb7f942
ad468d39d16ac872b924444e7b2fb4b24aecbcaa
d0444f4c6adb3b1336bd454b17e8394a14a22e971ba43acea9c20ed413b2d1c7

HTTP Headers

GET / HTTP/1.1
Host: 6koratv.yalla-shoots.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.yalla-shoots.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 03 Dec 2023 23:23:05 GMT
content-type: text/html; charset=UTF-8
expires: Sun, 03 Dec 2023 23:23:05 GMT
cache-control: private, max-age=0
last-modified: Thu, 30 Nov 2023 01:17:54 GMT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ggLO1P0OK7u7yANM%2FI%2F9YkQHL%2F12dE172R8%2FFqz30k%2FpBtOHqspz8%2FK%2BmWs6%2FXkWZmD8qWdtTRywVVsICxageEYRAO%2BWaaJVsX0IoMRLyxRKQZ3mPpgLxQXdea6YEU405bJDxfWwH6T8HlU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82ff8e2bebd81c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

cdn.statically.io/gh/albaadani/albaadani/master/mmt.js

151.101.193.91

18 kB

URL
cdn.statically.io/gh/albaadani/albaadani/master/mmt.js
IP
151.101.193.91:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (51679)
Size
18 kB (18086 bytes)
Hash
5c7c4e9266d3bd90e9bdba4ee1f4b5d8
bce9cdec575a3eb8f6a7324e290fd3af20637d50
b02c3188904d9a620795cdfb4f391bbed769407887e41f3bbbf52766bbc22da3

HTTP Headers

GET /gh/albaadani/albaadani/master/mmt.js HTTP/1.1
Host: cdn.statically.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://6ksatv.yalla-shoots.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-encoding: br
access-control-allow-origin: *
access-control-expose-headers: *
age: 84841
cache-control: public, max-age=86400
content-type: application/javascript; charset=utf-8
date: Sun, 03 Dec 2023 23:23:07 GMT
etag: W/"93edbdfc80215a7085bf752197e1c314f2a9bde7c682c803aed9684ed0b31a21"
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT, HIT
x-content-type-options: nosniff
x-served-by: cache-sjc10068-SJC, cache-bma1667-BMA
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 18086
X-Firefox-Spdy: h2

www.topcreativeformat.com/cd9c6d6e167093882e8aae7a0aedb68e/invoke.js

192.243.59.20

11 kB

URL
www.topcreativeformat.com/cd9c6d6e167093882e8aae7a0aedb68e/invoke.js
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

File type
exported SGML document, ASCII text, with very long lines (29601), with no line terminators
Size
11 kB (10905 bytes)
Hash
887aa12faf1934b64571ef77225b3ca2
d3ce53473c934aae6d6afcbf42b2e6b5e2205e6a
7926a3996f43976898112ecb50687a0d30e6700ed961bd4f76ac3c8ddc2c88de

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cd9c6d6e167093882e8aae7a0aedb68e/invoke.js HTTP/1.1
Host: www.topcreativeformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://6ksatv.yalla-shoots.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 03 Dec 2023 23:23:07 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7c01dcd6da1cb46711c58aa922aef5ff
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

ocsp.r2m03.amazontrust.com/

54.230.218.11

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
54.230.218.11:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
ebc0f19a7067085e95ff0e35ee441f4d
23c3d68afd4c1c6cdecce9007aa3bddc793bc52d
6a07099ef655ed036e4a865236f8a6e5549e9a468e207691923634fc51c3186d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Sun, 03 Dec 2023 23:23:07 GMT
Last-Modified: Sun, 03 Dec 2023 22:10:54 GMT
Server: ECAcc (ska/F775)
X-Cache: Miss from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: DnHw3ZqPZGUbZNRAm_a9UrIl7Uw8nXYcD_neWVKRwgqCUNQ5tbnYFQ==
Age: 4333

proftrafficcounter.com/stats

18.184.210.76

40 B

URL
proftrafficcounter.com/stats
IP
18.184.210.76:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
326ac6910fb4ff41fdce198c0fd0cc0a
fd307d431a32678786a529fd11b2b53f1530b9cf
6e18893f3c5f74db6b4c1c8a67dae181a9a899b0cc134731dc8996481afd1e4a

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://6ksatv.yalla-shoots.net
DNT: 1
Connection: keep-alive
Referer: https://6ksatv.yalla-shoots.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:07 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://6ksatv.yalla-shoots.net
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=4dff67fb-2837-4e2b-b807-b61c17c5f8cc:2:1; expires=Wed, 30 Nov 2033 23:23:07 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

www.topcreativeformat.com/f191e2a9dd13b03fa960acf23d27cab8/invoke.js

192.243.59.20

11 kB

URL
www.topcreativeformat.com/f191e2a9dd13b03fa960acf23d27cab8/invoke.js
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

File type
exported SGML document, ASCII text, with very long lines (29628), with no line terminators
Size
11 kB (10913 bytes)
Hash
8f46aae1e84c398b56d94d7964fa9899
92508f1ed4a5dc9e6acece4d2c53be30f6e3f231
5cec8e043a40ab2413772741a674620b8ade74b2922fd83044f1fa53353d535c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /f191e2a9dd13b03fa960acf23d27cab8/invoke.js HTTP/1.1
Host: www.topcreativeformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://6ksatv.yalla-shoots.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 03 Dec 2023 23:23:07 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3bb4a0d627943f34c608866262ac675c
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

bit.ly/3Obk92e

67.199.248.10

369 B

URL
bit.ly/3Obk92e
IP
67.199.248.10:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (320)
Size
369 B (369 bytes)
Hash
86d95bd17cf7aaf3d4be9264a81a514a
dc642be6393f5668c5fad8ac7ab6e3653ea875a7
a2fadb0f1161493961900df89a1e7ea524cf9c691ed183305b900985ea4ce0d3

HTTP Headers

GET /3Obk92e HTTP/1.1
Host: bit.ly
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://6ksatv.yalla-shoots.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 03 Dec 2023 23:23:08 GMT
content-type: text/html; charset=utf-8
content-length: 369
cache-control: private, max-age=90
content-security-policy: referrer always;
location: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiOk23nPuJWYvjsmYzkjHpBCeXSFJe6FJl65VaPNc06YvDHEgJ7leccLdW5XmvcjJSNtwBTNopSGqqBUvr9FnB22kHjkzpUND45R7AepwtUacLVB6VLPIxvraoZrXHuhIh1iX-qk5GoT6B3mESX4i7JCKKgW4cxSPQxBTgOn4yV7G8AiYuYTlST6OeB/s205/Syntax__1_-removebg-preview.png
referrer-policy: unsafe-url
set-cookie: _bit=nb3nn8-63d0b0ee7467c9fec4-00a; Domain=bit.ly; Expires=Fri, 31 May 2024 23:23:08 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

demeanourgrade.com/watch.1697575069030.js?key=cd9c6d6e167093882e8aae7a0aedb68e&kw=%5B%22%D9%8A%D9%84%D8%A7%22%2C%22%D8%B4%D9%88%D8%AA%22%2C%22yalla%22%2C%22shoot%22%2C%22%D8%A3%D9%87%D9%85%22%2C%22%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%22%2C%22%D8%A7%D9%84%D9%8A%D9%88%D9%85%22%2C%22%D8%A8%D8%AB%22%2C%22%D9%85%D8%A8%D8%A7%D8%B4%D8%B1%22%2C%22%D8%AC%D9%88%D8%A7%D9%84%22%2C%22db%22%2C%22a%22%2C%22j%22%5D&refer=https%3A%2F%2F6ksatv.yalla-shoots.net%2F&tz=0&dev=e&res=14.3095&uuid=4dff67fb-2837-4e2b-b807-b61c17c5f8cc%3A2%3A1

192.243.59.13

0 B

URL
demeanourgrade.com/watch.1697575069030.js?key=cd9c6d6e167093882e8aae7a0aedb68e&kw=%5B%22%D9%8A%D9%84%D8%A7%22%2C%22%D8%B4%D9%88%D8%AA%22%2C%22yalla%22%2C%22shoot%22%2C%22%D8%A3%D9%87%D9%85%22%2C%22%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%22%2C%22%D8%A7%D9%84%D9%8A%D9%88%D9%85%22%2C%22%D8%A8%D8%AB%22%2C%22%D9%85%D8%A8%D8%A7%D8%B4%D8%B1%22%2C%22%D8%AC%D9%88%D8%A7%D9%84%22%2C%22db%22%2C%22a%22%2C%22j%22%5D&refer=https%3A%2F%2F6ksatv.yalla-shoots.net%2F&tz=0&dev=e&res=14.3095&uuid=4dff67fb-2837-4e2b-b807-b61c17c5f8cc%3A2%3A1
IP
192.243.59.13:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.1697575069030.js?key=cd9c6d6e167093882e8aae7a0aedb68e&kw=%5B%22%D9%8A%D9%84%D8%A7%22%2C%22%D8%B4%D9%88%D8%AA%22%2C%22yalla%22%2C%22shoot%22%2C%22%D8%A3%D9%87%D9%85%22%2C%22%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%22%2C%22%D8%A7%D9%84%D9%8A%D9%88%D9%85%22%2C%22%D8%A8%D8%AB%22%2C%22%D9%85%D8%A8%D8%A7%D8%B4%D8%B1%22%2C%22%D8%AC%D9%88%D8%A7%D9%84%22%2C%22db%22%2C%22a%22%2C%22j%22%5D&refer=https%3A%2F%2F6ksatv.yalla-shoots.net%2F&tz=0&dev=e&res=14.3095&uuid=4dff67fb-2837-4e2b-b807-b61c17c5f8cc%3A2%3A1 HTTP/1.1
Host: demeanourgrade.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://6ksatv.yalla-shoots.net
DNT: 1
Connection: keep-alive
Referer: https://6ksatv.yalla-shoots.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Sun, 03 Dec 2023 23:23:08 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://6ksatv.yalla-shoots.net
Access-Control-Allow-Origin: https://6ksatv.yalla-shoots.net
Access-Control-Allow-Credentials: true
Location: https://demeanourgrade.com/watch.1697575069030.js?key=cd9c6d6e167093882e8aae7a0aedb68e&kw=%5B%22%D9%8A%D9%84%D8%A7%22%2C%22%D8%B4%D9%88%D8%AA%22%2C%22yalla%22%2C%22shoot%22%2C%22%D8%A3%D9%87%D9%85%22%2C%22%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%22%2C%22%D8%A7%D9%84%D9%8A%D9%88%D9%85%22%2C%22%D8%A8%D8%AB%22%2C%22%D9%85%D8%A8%D8%A7%D8%B4%D8%B1%22%2C%22%D8%AC%D9%88%D8%A7%D9%84%22%2C%22db%22%2C%22a%22%2C%22j%22%5D&refer=https%3A%2F%2F6ksatv.yalla-shoots.net%2F&tz=0&dev=e&res=14.3095&uuid=4dff67fb-2837-4e2b-b807-b61c17c5f8cc%3A2%3A1&shu=4228ae70279eb938f042e074ee9e134d2c806dc344b34d5d608316885e0a4f3099d256b0f48f69c2d044dc71da98c01510f89ec73448ecea78ce700149d43aed38af153d966bb34df7c46e78b58d6b055a40902c5554b4ae1d09b2e2a19011&pst=1701645848&rmtc=t
Set-Cookie: u_pl=21475373; expires=Mon, 04 Dec 2023 23:23:08 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMTQ3NTM3MywiayI6ImNkOWM2ZDZlMTY3MDkzODgyZThhYWU3YTBhZWRiNjhlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozMjY3ODQwLCJwaWQiOjExNzQzNTMsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJlcGVucDNoZ3oiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly82a3NhdHYueWFsbGEtc2hvb3RzLm5ldC8iLCJhciI6W119fQ.3WZ3jVAJctRpX9Q1HQu6C7aELYcK2O_DnnjGAXalkgI; expires=Sun, 03 Dec 2023 23:24:08 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5cc9e320d973660bab1286d90c83345c
Strict-Transport-Security: max-age=0; includeSubdomains

accommodationcarpetavid.com/watch.229892906645.js?key=f191e2a9dd13b03fa960acf23d27cab8&kw=%5B%22%D9%8A%D9%84%D8%A7%22%2C%22%D8%B4%D9%88%D8%AA%22%2C%22yalla%22%2C%22shoot%22%2C%22%D8%A3%D9%87%D9%85%22%2C%22%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%22%2C%22%D8%A7%D9%84%D9%8A%D9%88%D9%85%22%2C%22%D8%A8%D8%AB%22%2C%22%D9%85%D8%A8%D8%A7%D8%B4%D8%B1%22%2C%22%D8%AC%D9%88%D8%A7%D9%84%22%2C%22db%22%2C%22a%22%2C%22j%22%5D&refer=https%3A%2F%2F6ksatv.yalla-shoots.net%2F&tz=0&dev=e&res=14.3095&uuid=4dff67fb-2837-4e2b-b807-b61c17c5f8cc%3A2%3A1

192.243.59.12

0 B

URL
accommodationcarpetavid.com/watch.229892906645.js?key=f191e2a9dd13b03fa960acf23d27cab8&kw=%5B%22%D9%8A%D9%84%D8%A7%22%2C%22%D8%B4%D9%88%D8%AA%22%2C%22yalla%22%2C%22shoot%22%2C%22%D8%A3%D9%87%D9%85%22%2C%22%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%22%2C%22%D8%A7%D9%84%D9%8A%D9%88%D9%85%22%2C%22%D8%A8%D8%AB%22%2C%22%D9%85%D8%A8%D8%A7%D8%B4%D8%B1%22%2C%22%D8%AC%D9%88%D8%A7%D9%84%22%2C%22db%22%2C%22a%22%2C%22j%22%5D&refer=https%3A%2F%2F6ksatv.yalla-shoots.net%2F&tz=0&dev=e&res=14.3095&uuid=4dff67fb-2837-4e2b-b807-b61c17c5f8cc%3A2%3A1
IP
192.243.59.12:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.229892906645.js?key=f191e2a9dd13b03fa960acf23d27cab8&kw=%5B%22%D9%8A%D9%84%D8%A7%22%2C%22%D8%B4%D9%88%D8%AA%22%2C%22yalla%22%2C%22shoot%22%2C%22%D8%A3%D9%87%D9%85%22%2C%22%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%22%2C%22%D8%A7%D9%84%D9%8A%D9%88%D9%85%22%2C%22%D8%A8%D8%AB%22%2C%22%D9%85%D8%A8%D8%A7%D8%B4%D8%B1%22%2C%22%D8%AC%D9%88%D8%A7%D9%84%22%2C%22db%22%2C%22a%22%2C%22j%22%5D&refer=https%3A%2F%2F6ksatv.yalla-shoots.net%2F&tz=0&dev=e&res=14.3095&uuid=4dff67fb-2837-4e2b-b807-b61c17c5f8cc%3A2%3A1 HTTP/1.1
Host: accommodationcarpetavid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://6ksatv.yalla-shoots.net
DNT: 1
Connection: keep-alive
Referer: https://6ksatv.yalla-shoots.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Sun, 03 Dec 2023 23:23:08 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://6ksatv.yalla-shoots.net
Access-Control-Allow-Origin: https://6ksatv.yalla-shoots.net
Access-Control-Allow-Credentials: true
Location: https://accommodationcarpetavid.com/watch.229892906645.js?key=f191e2a9dd13b03fa960acf23d27cab8&kw=%5B%22%D9%8A%D9%84%D8%A7%22%2C%22%D8%B4%D9%88%D8%AA%22%2C%22yalla%22%2C%22shoot%22%2C%22%D8%A3%D9%87%D9%85%22%2C%22%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%22%2C%22%D8%A7%D9%84%D9%8A%D9%88%D9%85%22%2C%22%D8%A8%D8%AB%22%2C%22%D9%85%D8%A8%D8%A7%D8%B4%D8%B1%22%2C%22%D8%AC%D9%88%D8%A7%D9%84%22%2C%22db%22%2C%22a%22%2C%22j%22%5D&refer=https%3A%2F%2F6ksatv.yalla-shoots.net%2F&tz=0&dev=e&res=14.3095&uuid=4dff67fb-2837-4e2b-b807-b61c17c5f8cc%3A2%3A1&shu=10e85f74fdadfcae952d585d2b6ed41e4c65288d767ef9c4c48f7908ed431736252f2cefb4805fbe48b7a57b8aff6b41de69a6d3751ab48dc8eef454535de6bfbb2b0f5d311acc2cda8b65931931324920a9bed5d053564eb9cfd66f140d91&pst=1701645848&rmtc=t
Set-Cookie: u_pl=21399898; expires=Mon, 04 Dec 2023 23:23:08 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMTM5OTg5OCwiayI6ImYxOTFlMmE5ZGQxM2IwM2ZhOTYwYWNmMjNkMjdjYWI4Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozMjQyNDE4LCJwaWQiOjExNzQzNTMsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MTksImFpZCI6NSwicHQiOjQsInBrIjoiZTQ0aG13aDc1IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vNmtzYXR2LnlhbGxhLXNob290cy5uZXQvIiwiYXIiOltdfX0.xfRc1z-qUzXBXfjWZ-HKxix6JljcGSuG8VxeGPyUUTE; expires=Sun, 03 Dec 2023 23:24:08 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7f4b1ba7630dfd286752c3dd1c879bd3
Strict-Transport-Security: max-age=0; includeSubdomains

192.243.59.12

643 B

URL
accommodationcarpetavid.com/watch.229892906645.js?key=f191e2a9dd13b03fa960acf23d27cab8&kw=%5B%22%D9%8A%D9%84%D8%A7%22%2C%22%D8%B4%D9%88%D8%AA%22%2C%22yalla%22%2C%22shoot%22%2C%22%D8%A3%D9%87%D9%85%22%2C%22%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%22%2C%22%D8%A7%D9%84%D9%8A%D9%88%D9%85%22%2C%22%D8%A8%D8%AB%22%2C%22%D9%85%D8%A8%D8%A7%D8%B4%D8%B1%22%2C%22%D8%AC%D9%88%D8%A7%D9%84%22%2C%22db%22%2C%22a%22%2C%22j%22%5D&refer=https%3A%2F%2F6ksatv.yalla-shoots.net%2F&tz=0&dev=e&res=14.3095&uuid=4dff67fb-2837-4e2b-b807-b61c17c5f8cc%3A2%3A1&shu=10e85f74fdadfcae952d585d2b6ed41e4c65288d767ef9c4c48f7908ed431736252f2cefb4805fbe48b7a57b8aff6b41de69a6d3751ab48dc8eef454535de6bfbb2b0f5d311acc2cda8b65931931324920a9bed5d053564eb9cfd66f140d91&pst=1701645848&rmtc=t
IP
192.243.59.12:0
ASN
#39572 DataWeb Global Group B.V.

File type
HTML document text\012- HTML document, ASCII text, with very long lines (604)
Size
643 B (643 bytes)
Hash
f3bde55477ccce3e10a9738a9424e1d1
cbb42a5b5e6d215d77e18b1af8ca2c987a893547
ad5a8a1d51574d8ca4a4c343915835eb705e164c8323bb5713e4d289f558cd01

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.229892906645.js?key=f191e2a9dd13b03fa960acf23d27cab8&kw=%5B%22%D9%8A%D9%84%D8%A7%22%2C%22%D8%B4%D9%88%D8%AA%22%2C%22yalla%22%2C%22shoot%22%2C%22%D8%A3%D9%87%D9%85%22%2C%22%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%22%2C%22%D8%A7%D9%84%D9%8A%D9%88%D9%85%22%2C%22%D8%A8%D8%AB%22%2C%22%D9%85%D8%A8%D8%A7%D8%B4%D8%B1%22%2C%22%D8%AC%D9%88%D8%A7%D9%84%22%2C%22db%22%2C%22a%22%2C%22j%22%5D&refer=https%3A%2F%2F6ksatv.yalla-shoots.net%2F&tz=0&dev=e&res=14.3095&uuid=4dff67fb-2837-4e2b-b807-b61c17c5f8cc%3A2%3A1&shu=10e85f74fdadfcae952d585d2b6ed41e4c65288d767ef9c4c48f7908ed431736252f2cefb4805fbe48b7a57b8aff6b41de69a6d3751ab48dc8eef454535de6bfbb2b0f5d311acc2cda8b65931931324920a9bed5d053564eb9cfd66f140d91&pst=1701645848&rmtc=t HTTP/1.1
Host: accommodationcarpetavid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://6ksatv.yalla-shoots.net
Referer: https://6ksatv.yalla-shoots.net/
DNT: 1
Connection: keep-alive
Cookie: u_pl=21399898; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMTM5OTg5OCwiayI6ImYxOTFlMmE5ZGQxM2IwM2ZhOTYwYWNmMjNkMjdjYWI4Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozMjQyNDE4LCJwaWQiOjExNzQzNTMsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MTksImFpZCI6NSwicHQiOjQsInBrIjoiZTQ0aG13aDc1IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vNmtzYXR2LnlhbGxhLXNob290cy5uZXQvIiwiYXIiOltdfX0.xfRc1z-qUzXBXfjWZ-HKxix6JljcGSuG8VxeGPyUUTE
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 03 Dec 2023 23:23:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://6ksatv.yalla-shoots.net
Access-Control-Allow-Origin: https://6ksatv.yalla-shoots.net
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=4dff67fb-2837-4e2b-b807-b61c17c5f8cc:2:1; expires=Sun, 10 Dec 2023 23:23:08 GMT; secure; SameSite=None
iprc3d307b200bdcbd7511a652630e673b0e=2717340; expires=Tue, 05 Dec 2023 01:23:08 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 04 Dec 2023 23:23:08 GMT; secure; SameSite=None
uncs=1; expires=Mon, 04 Dec 2023 23:23:08 GMT; secure; SameSite=None
pdhtkv5=true; expires=Mon, 04 Dec 2023 23:23:08 GMT; secure; SameSite=None
uncs5=1; expires=Mon, 04 Dec 2023 23:23:08 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f5e017e63faff0bd83f7053cb9d4aff9
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

192.243.59.13

2.1 kB

URL
demeanourgrade.com/watch.1697575069030.js?key=cd9c6d6e167093882e8aae7a0aedb68e&kw=%5B%22%D9%8A%D9%84%D8%A7%22%2C%22%D8%B4%D9%88%D8%AA%22%2C%22yalla%22%2C%22shoot%22%2C%22%D8%A3%D9%87%D9%85%22%2C%22%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%22%2C%22%D8%A7%D9%84%D9%8A%D9%88%D9%85%22%2C%22%D8%A8%D8%AB%22%2C%22%D9%85%D8%A8%D8%A7%D8%B4%D8%B1%22%2C%22%D8%AC%D9%88%D8%A7%D9%84%22%2C%22db%22%2C%22a%22%2C%22j%22%5D&refer=https%3A%2F%2F6ksatv.yalla-shoots.net%2F&tz=0&dev=e&res=14.3095&uuid=4dff67fb-2837-4e2b-b807-b61c17c5f8cc%3A2%3A1&shu=4228ae70279eb938f042e074ee9e134d2c806dc344b34d5d608316885e0a4f3099d256b0f48f69c2d044dc71da98c01510f89ec73448ecea78ce700149d43aed38af153d966bb34df7c46e78b58d6b055a40902c5554b4ae1d09b2e2a19011&pst=1701645848&rmtc=t
IP
192.243.59.13:0
ASN
#39572 DataWeb Global Group B.V.

File type
HTML document text\012- HTML document, ASCII text, with very long lines (2644)
Size
2.1 kB (2102 bytes)
Hash
a142ac90f493ad49ad2f3c935a436353
637e6d6d82bddffa79fad247e1773b93e3915d07
6d674bfb41f497affa95f0ca5a9a66ed0411c66a76166d96fd0c93e9b688df0a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.1697575069030.js?key=cd9c6d6e167093882e8aae7a0aedb68e&kw=%5B%22%D9%8A%D9%84%D8%A7%22%2C%22%D8%B4%D9%88%D8%AA%22%2C%22yalla%22%2C%22shoot%22%2C%22%D8%A3%D9%87%D9%85%22%2C%22%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%22%2C%22%D8%A7%D9%84%D9%8A%D9%88%D9%85%22%2C%22%D8%A8%D8%AB%22%2C%22%D9%85%D8%A8%D8%A7%D8%B4%D8%B1%22%2C%22%D8%AC%D9%88%D8%A7%D9%84%22%2C%22db%22%2C%22a%22%2C%22j%22%5D&refer=https%3A%2F%2F6ksatv.yalla-shoots.net%2F&tz=0&dev=e&res=14.3095&uuid=4dff67fb-2837-4e2b-b807-b61c17c5f8cc%3A2%3A1&shu=4228ae70279eb938f042e074ee9e134d2c806dc344b34d5d608316885e0a4f3099d256b0f48f69c2d044dc71da98c01510f89ec73448ecea78ce700149d43aed38af153d966bb34df7c46e78b58d6b055a40902c5554b4ae1d09b2e2a19011&pst=1701645848&rmtc=t HTTP/1.1
Host: demeanourgrade.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://6ksatv.yalla-shoots.net
Referer: https://6ksatv.yalla-shoots.net/
DNT: 1
Connection: keep-alive
Cookie: u_pl=21475373; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMTQ3NTM3MywiayI6ImNkOWM2ZDZlMTY3MDkzODgyZThhYWU3YTBhZWRiNjhlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozMjY3ODQwLCJwaWQiOjExNzQzNTMsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJlcGVucDNoZ3oiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly82a3NhdHYueWFsbGEtc2hvb3RzLm5ldC8iLCJhciI6W119fQ.3WZ3jVAJctRpX9Q1HQu6C7aELYcK2O_DnnjGAXalkgI
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 03 Dec 2023 23:23:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://6ksatv.yalla-shoots.net
Access-Control-Allow-Origin: https://6ksatv.yalla-shoots.net
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=4dff67fb-2837-4e2b-b807-b61c17c5f8cc:2:1; expires=Sun, 10 Dec 2023 23:23:08 GMT; secure; SameSite=None
iprcbe0a6811b564a61a218c437f58a09b38=3569806; expires=Mon, 04 Dec 2023 03:23:08 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 04 Dec 2023 23:23:08 GMT; secure; SameSite=None
uncs=1; expires=Mon, 04 Dec 2023 23:23:08 GMT; secure; SameSite=None
pdhtkv5=true; expires=Mon, 04 Dec 2023 23:23:08 GMT; secure; SameSite=None
uncs5=1; expires=Mon, 04 Dec 2023 23:23:08 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0a5f1ea0449443a0d66de013cda14c07
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

demeanourgrade.com/watch.1697575069030?key=cd9c6d6e167093882e8aae7a0aedb68e&kw=%5B%22%D9%8A%D9%84%D8%A7%22%2C%22%D8%B4%D9%88%D8%AA%22%2C%22yalla%22%2C%22shoot%22%2C%22%D8%A3%D9%87%D9%85%22%2C%22%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%22%2C%22%D8%A7%D9%84%D9%8A%D9%88%D9%85%22%2C%22%D8%A8%D8%AB%22%2C%22%D9%85%D8%A8%D8%A7%D8%B4%D8%B1%22%2C%22%D8%AC%D9%88%D8%A7%D9%84%22%2C%22db%22%2C%22a%22%2C%22j%22%5D&refer=https%3A%2F%2F6ksatv.yalla-shoots.net%2F&tz=0&dev=e&res=14.3095&uuid=4dff67fb-2837-4e2b-b807-b61c17c5f8cc%3A2%3A1

192.243.59.13

1.6 kB

URL
demeanourgrade.com/watch.1697575069030?key=cd9c6d6e167093882e8aae7a0aedb68e&kw=%5B%22%D9%8A%D9%84%D8%A7%22%2C%22%D8%B4%D9%88%D8%AA%22%2C%22yalla%22%2C%22shoot%22%2C%22%D8%A3%D9%87%D9%85%22%2C%22%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%22%2C%22%D8%A7%D9%84%D9%8A%D9%88%D9%85%22%2C%22%D8%A8%D8%AB%22%2C%22%D9%85%D8%A8%D8%A7%D8%B4%D8%B1%22%2C%22%D8%AC%D9%88%D8%A7%D9%84%22%2C%22db%22%2C%22a%22%2C%22j%22%5D&refer=https%3A%2F%2F6ksatv.yalla-shoots.net%2F&tz=0&dev=e&res=14.3095&uuid=4dff67fb-2837-4e2b-b807-b61c17c5f8cc%3A2%3A1
IP
192.243.59.13:0
ASN
#39572 DataWeb Global Group B.V.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (1264)
Size
1.6 kB (1561 bytes)
Hash
919f89cd553b0f7184f6191b33385748
51053029c18ebd1bf16babc5196b00899b699e93
462dd5bf32c8cb05343ed8b0621e2f931729f714ce71a629ec93ec14efb7a5ec

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.1697575069030?key=cd9c6d6e167093882e8aae7a0aedb68e&kw=%5B%22%D9%8A%D9%84%D8%A7%22%2C%22%D8%B4%D9%88%D8%AA%22%2C%22yalla%22%2C%22shoot%22%2C%22%D8%A3%D9%87%D9%85%22%2C%22%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%22%2C%22%D8%A7%D9%84%D9%8A%D9%88%D9%85%22%2C%22%D8%A8%D8%AB%22%2C%22%D9%85%D8%A8%D8%A7%D8%B4%D8%B1%22%2C%22%D8%AC%D9%88%D8%A7%D9%84%22%2C%22db%22%2C%22a%22%2C%22j%22%5D&refer=https%3A%2F%2F6ksatv.yalla-shoots.net%2F&tz=0&dev=e&res=14.3095&uuid=4dff67fb-2837-4e2b-b807-b61c17c5f8cc%3A2%3A1 HTTP/1.1
Host: demeanourgrade.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://6ksatv.yalla-shoots.net/
Cookie: u_pl=21475373; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMTQ3NTM3MywiayI6ImNkOWM2ZDZlMTY3MDkzODgyZThhYWU3YTBhZWRiNjhlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozMjY3ODQwLCJwaWQiOjExNzQzNTMsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJlcGVucDNoZ3oiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly82a3NhdHYueWFsbGEtc2hvb3RzLm5ldC8iLCJhciI6W119fQ.3WZ3jVAJctRpX9Q1HQu6C7aELYcK2O_DnnjGAXalkgI; uid_id2=4dff67fb-2837-4e2b-b807-b61c17c5f8cc:2:1; iprcbe0a6811b564a61a218c437f58a09b38=3569806; pdhtkv=true; uncs=1; pdhtkv5=true; uncs5=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 03 Dec 2023 23:23:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMTQ3NTM3MywiayI6ImNkOWM2ZDZlMTY3MDkzODgyZThhYWU3YTBhZWRiNjhlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozMjY3ODQwLCJwaWQiOjExNzQzNTMsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJlcGVucDNoZ3oiLCJ0IjoxfSwidSI6eyJ1IjoyLCJhdSI6MiwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjpmYWxzZSwiciI6Imh0dHBzOi8vNmtzYXR2LnlhbGxhLXNob290cy5uZXQvIiwiYXIiOltdfX0.kcAiGp3iMk_rRJ2TTI53rTzYFgb9NrtFeCLZ9RbQ6ww; expires=Sun, 03 Dec 2023 23:24:08 GMT; secure; SameSite=None
uid_id2=4dff67fb-2837-4e2b-b807-b61c17c5f8cc:2:1; expires=Sun, 10 Dec 2023 23:23:08 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 759e87425b50f21465076d48e1b267ad
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiOk23nPuJWYvjsmYzkjHpBCeXSFJe6FJl65VaPNc06YvDHEgJ7leccLdW5XmvcjJSNtwBTNopSGqqBUvr9FnB22kHjkzpUND45R7AepwtUacLVB6VLPIxvraoZrXHuhIh1iX-qk5GoT6B3mESX4i7JCKKgW4cxSPQxBTgOn4yV7G8AiYuYTlST6OeB/s205/Syntax__1_-removebg-preview.png

142.250.74.97

7.6 kB

URL
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiOk23nPuJWYvjsmYzkjHpBCeXSFJe6FJl65VaPNc06YvDHEgJ7leccLdW5XmvcjJSNtwBTNopSGqqBUvr9FnB22kHjkzpUND45R7AepwtUacLVB6VLPIxvraoZrXHuhIh1iX-qk5GoT6B3mESX4i7JCKKgW4cxSPQxBTgOn4yV7G8AiYuYTlST6OeB/s205/Syntax__1_-removebg-preview.png
IP
142.250.74.97:0
ASN
#15169 GOOGLE

File type
PNG image data, 100 x 205, 8-bit/color RGBA, non-interlaced\012- data
Size
7.6 kB (7571 bytes)
Hash
a81604f3138b4772961098ff7aa3763d
6f8348ef6025a08f8b33b0a5769a3dc05d4d5e25
3ce0a7e0af47b7802190770441508532f2bfac395f5490a1dbd38c90105869a7

HTTP Headers

GET /img/b/R29vZ2xl/AVvXsEiOk23nPuJWYvjsmYzkjHpBCeXSFJe6FJl65VaPNc06YvDHEgJ7leccLdW5XmvcjJSNtwBTNopSGqqBUvr9FnB22kHjkzpUND45R7AepwtUacLVB6VLPIxvraoZrXHuhIh1iX-qk5GoT6B3mESX4i7JCKKgW4cxSPQxBTgOn4yV7G8AiYuYTlST6OeB/s205/Syntax__1_-removebg-preview.png HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://6ksatv.yalla-shoots.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/png
vary: Origin
access-control-expose-headers: Content-Length
etag: "v607"
expires: Mon, 04 Dec 2023 23:23:08 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Syntax__1_-removebg-preview.png"
x-content-type-options: nosniff
date: Sun, 03 Dec 2023 23:23:08 GMT
server: fife
content-length: 7571
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

demeanourgrade.com/api/users?token=L3dhdGNoLjE2OTc1NzUwNjkwMzA_ZGV2PWUma2V5PWNkOWM2ZDZlMTY3MDkzODgyZThhYWU3YTBhZWRiNjhlJmt3PSU1QiUyNnF1b3QlM0IlRDklOEElRDklODQlRDglQTclMjZxdW90JTNCJTJDJTI2cXVvdCUzQiVEOCVCNCVEOSU4OCVEOCVBQSUyNnF1b3QlM0IlMkMlMjZxdW90JTNCeWFsbGElMjZxdW90JTNCJTJDJTI2cXVvdCUzQnNob290JTI2cXVvdCUzQiUyQyUyNnF1b3QlM0IlRDglQTMlRDklODclRDklODUlMjZxdW90JTNCJTJDJTI2cXVvdCUzQiVEOSU4NSVEOCVBOCVEOCVBNyVEOCVCMSVEOSU4QSVEOCVBNyVEOCVBQSUyNnF1b3QlM0IlMkMlMjZxdW90JTNCJUQ4JUE3JUQ5JTg0JUQ5JThBJUQ5JTg4JUQ5JTg1JTI2cXVvdCUzQiUyQyUyNnF1b3QlM0IlRDglQTglRDglQUIlMjZxdW90JTNCJTJDJTI2cXVvdCUzQiVEOSU4NSVEOCVBOCVEOCVBNyVEOCVCNCVEOCVCMSUyNnF1b3QlM0IlMkMlMjZxdW90JTNCJUQ4JUFDJUQ5JTg4JUQ4JUE3JUQ5JTg0JTI2cXVvdCUzQiUyQyUyNnF1b3QlM0JkYiUyNnF1b3QlM0IlMkMlMjZxdW90JTNCYSUyNnF1b3QlM0IlMkMlMjZxdW90JTNCaiUyNnF1b3QlM0IlNUQmcHN0PTE3MDE2NDU4NDgmcmVmZXI9aHR0cHMlM0ElMkYlMkY2a3NhdHYueWFsbGEtc2hvb3RzLm5ldCUyRiZyZXM9MTQuMzA5NSZybXRjPXQmc2h1PWQ2YjAzZjNiZTdmMTMyZTQyZDVkN2VhNmRiMGFiYmJlMjk1YjEwMGVlNmI1Y2FiYjZkMWNjZGU3NzFmMTFhZTEwNjQxYjY0ODEwY2Q0NzZkMTRjOWI1NWUwMzJkN2NkODg4NjYxMGRkYmE3ZjBlNzFlNGM0MDY0ODIwYWNkY2QyMmZjYzRmNTQ2ZWY4MDMxY2YwMWUzMDgwZjkyMmJiMjJiYzA0YTcyMWUzNWE3YjAxZWQ5OGU2MTUwYmE1MDcmdHo9MCZ1dWlkPTRkZmY2N2ZiLTI4MzctNGUyYi1iODA3LWI2MWMxN2M1ZjhjYyUzQTIlM0Ex&uuid=4dff67fb-2837-4e2b-b807-b61c17c5f8cc%3A2%3A1&pii=&in=false

192.243.59.13

1.8 kB

URL
demeanourgrade.com/api/users?token=L3dhdGNoLjE2OTc1NzUwNjkwMzA_ZGV2PWUma2V5PWNkOWM2ZDZlMTY3MDkzODgyZThhYWU3YTBhZWRiNjhlJmt3PSU1QiUyNnF1b3QlM0IlRDklOEElRDklODQlRDglQTclMjZxdW90JTNCJTJDJTI2cXVvdCUzQiVEOCVCNCVEOSU4OCVEOCVBQSUyNnF1b3QlM0IlMkMlMjZxdW90JTNCeWFsbGElMjZxdW90JTNCJTJDJTI2cXVvdCUzQnNob290JTI2cXVvdCUzQiUyQyUyNnF1b3QlM0IlRDglQTMlRDklODclRDklODUlMjZxdW90JTNCJTJDJTI2cXVvdCUzQiVEOSU4NSVEOCVBOCVEOCVBNyVEOCVCMSVEOSU4QSVEOCVBNyVEOCVBQSUyNnF1b3QlM0IlMkMlMjZxdW90JTNCJUQ4JUE3JUQ5JTg0JUQ5JThBJUQ5JTg4JUQ5JTg1JTI2cXVvdCUzQiUyQyUyNnF1b3QlM0IlRDglQTglRDglQUIlMjZxdW90JTNCJTJDJTI2cXVvdCUzQiVEOSU4NSVEOCVBOCVEOCVBNyVEOCVCNCVEOCVCMSUyNnF1b3QlM0IlMkMlMjZxdW90JTNCJUQ4JUFDJUQ5JTg4JUQ4JUE3JUQ5JTg0JTI2cXVvdCUzQiUyQyUyNnF1b3QlM0JkYiUyNnF1b3QlM0IlMkMlMjZxdW90JTNCYSUyNnF1b3QlM0IlMkMlMjZxdW90JTNCaiUyNnF1b3QlM0IlNUQmcHN0PTE3MDE2NDU4NDgmcmVmZXI9aHR0cHMlM0ElMkYlMkY2a3NhdHYueWFsbGEtc2hvb3RzLm5ldCUyRiZyZXM9MTQuMzA5NSZybXRjPXQmc2h1PWQ2YjAzZjNiZTdmMTMyZTQyZDVkN2VhNmRiMGFiYmJlMjk1YjEwMGVlNmI1Y2FiYjZkMWNjZGU3NzFmMTFhZTEwNjQxYjY0ODEwY2Q0NzZkMTRjOWI1NWUwMzJkN2NkODg4NjYxMGRkYmE3ZjBlNzFlNGM0MDY0ODIwYWNkY2QyMmZjYzRmNTQ2ZWY4MDMxY2YwMWUzMDgwZjkyMmJiMjJiYzA0YTcyMWUzNWE3YjAxZWQ5OGU2MTUwYmE1MDcmdHo9MCZ1dWlkPTRkZmY2N2ZiLTI4MzctNGUyYi1iODA3LWI2MWMxN2M1ZjhjYyUzQTIlM0Ex&uuid=4dff67fb-2837-4e2b-b807-b61c17c5f8cc%3A2%3A1&pii=&in=false
IP
192.243.59.13:0
ASN
#39572 DataWeb Global Group B.V.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2560)
Size
1.8 kB (1845 bytes)
Hash
3a3c87803b533f1afe55f49fdd89a67a
8988e75dcdafd700776dc51dc65a99dd10328156
2fd832b7f28d6d1b230aba50d37969b9c7b63537d9ee4d904d42509657b088c3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /api/users?token=L3dhdGNoLjE2OTc1NzUwNjkwMzA_ZGV2PWUma2V5PWNkOWM2ZDZlMTY3MDkzODgyZThhYWU3YTBhZWRiNjhlJmt3PSU1QiUyNnF1b3QlM0IlRDklOEElRDklODQlRDglQTclMjZxdW90JTNCJTJDJTI2cXVvdCUzQiVEOCVCNCVEOSU4OCVEOCVBQSUyNnF1b3QlM0IlMkMlMjZxdW90JTNCeWFsbGElMjZxdW90JTNCJTJDJTI2cXVvdCUzQnNob290JTI2cXVvdCUzQiUyQyUyNnF1b3QlM0IlRDglQTMlRDklODclRDklODUlMjZxdW90JTNCJTJDJTI2cXVvdCUzQiVEOSU4NSVEOCVBOCVEOCVBNyVEOCVCMSVEOSU4QSVEOCVBNyVEOCVBQSUyNnF1b3QlM0IlMkMlMjZxdW90JTNCJUQ4JUE3JUQ5JTg0JUQ5JThBJUQ5JTg4JUQ5JTg1JTI2cXVvdCUzQiUyQyUyNnF1b3QlM0IlRDglQTglRDglQUIlMjZxdW90JTNCJTJDJTI2cXVvdCUzQiVEOSU4NSVEOCVBOCVEOCVBNyVEOCVCNCVEOCVCMSUyNnF1b3QlM0IlMkMlMjZxdW90JTNCJUQ4JUFDJUQ5JTg4JUQ4JUE3JUQ5JTg0JTI2cXVvdCUzQiUyQyUyNnF1b3QlM0JkYiUyNnF1b3QlM0IlMkMlMjZxdW90JTNCYSUyNnF1b3QlM0IlMkMlMjZxdW90JTNCaiUyNnF1b3QlM0IlNUQmcHN0PTE3MDE2NDU4NDgmcmVmZXI9aHR0cHMlM0ElMkYlMkY2a3NhdHYueWFsbGEtc2hvb3RzLm5ldCUyRiZyZXM9MTQuMzA5NSZybXRjPXQmc2h1PWQ2YjAzZjNiZTdmMTMyZTQyZDVkN2VhNmRiMGFiYmJlMjk1YjEwMGVlNmI1Y2FiYjZkMWNjZGU3NzFmMTFhZTEwNjQxYjY0ODEwY2Q0NzZkMTRjOWI1NWUwMzJkN2NkODg4NjYxMGRkYmE3ZjBlNzFlNGM0MDY0ODIwYWNkY2QyMmZjYzRmNTQ2ZWY4MDMxY2YwMWUzMDgwZjkyMmJiMjJiYzA0YTcyMWUzNWE3YjAxZWQ5OGU2MTUwYmE1MDcmdHo9MCZ1dWlkPTRkZmY2N2ZiLTI4MzctNGUyYi1iODA3LWI2MWMxN2M1ZjhjYyUzQTIlM0Ex&uuid=4dff67fb-2837-4e2b-b807-b61c17c5f8cc%3A2%3A1&pii=&in=false HTTP/1.1
Host: demeanourgrade.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://demeanourgrade.com/watch.1697575069030?key=cd9c6d6e167093882e8aae7a0aedb68e&kw=%5B%22%D9%8A%D9%84%D8%A7%22%2C%22%D8%B4%D9%88%D8%AA%22%2C%22yalla%22%2C%22shoot%22%2C%22%D8%A3%D9%87%D9%85%22%2C%22%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%22%2C%22%D8%A7%D9%84%D9%8A%D9%88%D9%85%22%2C%22%D8%A8%D8%AB%22%2C%22%D9%85%D8%A8%D8%A7%D8%B4%D8%B1%22%2C%22%D8%AC%D9%88%D8%A7%D9%84%22%2C%22db%22%2C%22a%22%2C%22j%22%5D&refer=https%3A%2F%2F6ksatv.yalla-shoots.net%2F&tz=0&dev=e&res=14.3095&uuid=4dff67fb-2837-4e2b-b807-b61c17c5f8cc%3A2%3A1
Cookie: u_pl=21475373; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMTQ3NTM3MywiayI6ImNkOWM2ZDZlMTY3MDkzODgyZThhYWU3YTBhZWRiNjhlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozMjY3ODQwLCJwaWQiOjExNzQzNTMsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjo1LCJwdCI6NCwicGsiOiJlcGVucDNoZ3oiLCJ0IjoxfSwidSI6eyJ1IjoyLCJhdSI6MiwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjpmYWxzZSwiciI6Imh0dHBzOi8vNmtzYXR2LnlhbGxhLXNob290cy5uZXQvIiwiYXIiOltdfX0.kcAiGp3iMk_rRJ2TTI53rTzYFgb9NrtFeCLZ9RbQ6ww; uid_id2=4dff67fb-2837-4e2b-b807-b61c17c5f8cc:2:1; iprcbe0a6811b564a61a218c437f58a09b38=3569806; pdhtkv=true; uncs=1; pdhtkv5=true; uncs5=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 03 Dec 2023 23:23:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://6ksatv.yalla-shoots.net/
Access-Control-Allow-Origin: https://6ksatv.yalla-shoots.net/
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=4dff67fb-2837-4e2b-b807-b61c17c5f8cc:2:1; expires=Sun, 10 Dec 2023 23:23:08 GMT; secure; SameSite=None
uncs=2; expires=Mon, 04 Dec 2023 23:23:08 GMT; secure; SameSite=None
uncs5=2; expires=Mon, 04 Dec 2023 23:23:08 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3b9c2ac0ca943c8cb0bc6c950d6390cc
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

cdn.cloudimagesb.com/bi/1c/89/88/1c89883ae37abbc4d33a086a364762df/1668176727.jpg

45.133.44.9

18 kB

URL
cdn.cloudimagesb.com/bi/1c/89/88/1c89883ae37abbc4d33a086a364762df/1668176727.jpg
IP
45.133.44.9:0
ASN
#39572 DataWeb Global Group B.V.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 300x250, components 3\012- data
Size
18 kB (18270 bytes)
Hash
d1944449bd2685e185ad4d69c56baca0
0aa7076e1bd4adc5a07a0b3860f0450b9675c485
13ea4f1307e83333c5f99c5c33778cc4b9065d44e5e66c2d52f6894728f56b2b

HTTP Headers

GET /bi/1c/89/88/1c89883ae37abbc4d33a086a364762df/1668176727.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://demeanourgrade.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:09 GMT
content-type: image/jpeg
content-length: 18270
server: nginx/1.21.6
last-modified: Fri, 11 Nov 2022 14:25:36 GMT
etag: "636e5b60-475e"
expires: Tue, 05 Dec 2023 23:23:09 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

conqueredallrightswell.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=21399898

173.233.139.164

1.4 kB

URL
conqueredallrightswell.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=21399898
IP
173.233.139.164:0
ASN
#7979 SERVERS-COM

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (488)
Size
1.4 kB (1405 bytes)
Hash
655f2a0c0bb07341701a5043c3829146
3c45e8d6c12f119a44bffcd6aa973e928561e4e2
df9d8eb1fe295e566c0d59bdbacc8d3f065eefe187e3356bcb6a1dca04f60084

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=21399898 HTTP/1.1
Host: conqueredallrightswell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://6ksatv.yalla-shoots.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 03 Dec 2023 23:23:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=16122660; expires=Mon, 04 Dec 2023 23:23:09 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMjEzOTk4OTgiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly82a3NhdHYueWFsbGEtc2hvb3RzLm5ldC8iLCJhciI6W119fQ.LO7OtpgphXMrmaa5ep3optcPZcQ4Od5JAMSB8SyllLE; expires=Sun, 03 Dec 2023 23:24:09 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: dec0f75d745dab074a8043af0251c8d4
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

conqueredallrightswell.com/api/users?token=L2R5ZmMxazA5P2tleT04NjM3MDViY2JiNGI2YTU1NGRkYjM1OTY2NTM5NWE2ZiZwc2lkPTIxMzk5ODk4JnBzdD0xNzAxNjQ1ODQ5JnJlZmVyPWh0dHBzJTNBJTJGJTJGNmtzYXR2LnlhbGxhLXNob290cy5uZXQlMkYmcm10Yz10JnNodT0xZjRmNzY3ZGYxMWQwYmMyMjIxYjg4NGVjNjBiMGJiOTQ4ZGE4NmNjMTEzMjU5ZmYwYTY5MDhlNDRlODBhZWVhMjQzNmQwYTQxYmJhYjUwZmEwNWIzMDZmZmNjNmQ1N2YxYmFmYWY1N2I1OTdiYzE3YWVhNGFiYTkxZTJlYWI3YjJhM2YyZjM1Mzg3ZmE3NDI2NjQwMTkyODUyYzgwMjU4YzM1MjE3OWFlNmQzYThiODM4OWI5OTg5NWQ2NA%3D%3D&uuid=&pii=&in=false

173.233.137.36

0 B

URL
conqueredallrightswell.com/api/users?token=L2R5ZmMxazA5P2tleT04NjM3MDViY2JiNGI2YTU1NGRkYjM1OTY2NTM5NWE2ZiZwc2lkPTIxMzk5ODk4JnBzdD0xNzAxNjQ1ODQ5JnJlZmVyPWh0dHBzJTNBJTJGJTJGNmtzYXR2LnlhbGxhLXNob290cy5uZXQlMkYmcm10Yz10JnNodT0xZjRmNzY3ZGYxMWQwYmMyMjIxYjg4NGVjNjBiMGJiOTQ4ZGE4NmNjMTEzMjU5ZmYwYTY5MDhlNDRlODBhZWVhMjQzNmQwYTQxYmJhYjUwZmEwNWIzMDZmZmNjNmQ1N2YxYmFmYWY1N2I1OTdiYzE3YWVhNGFiYTkxZTJlYWI3YjJhM2YyZjM1Mzg3ZmE3NDI2NjQwMTkyODUyYzgwMjU4YzM1MjE3OWFlNmQzYThiODM4OWI5OTg5NWQ2NA%3D%3D&uuid=&pii=&in=false
IP
173.233.137.36:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /api/users?token=L2R5ZmMxazA5P2tleT04NjM3MDViY2JiNGI2YTU1NGRkYjM1OTY2NTM5NWE2ZiZwc2lkPTIxMzk5ODk4JnBzdD0xNzAxNjQ1ODQ5JnJlZmVyPWh0dHBzJTNBJTJGJTJGNmtzYXR2LnlhbGxhLXNob290cy5uZXQlMkYmcm10Yz10JnNodT0xZjRmNzY3ZGYxMWQwYmMyMjIxYjg4NGVjNjBiMGJiOTQ4ZGE4NmNjMTEzMjU5ZmYwYTY5MDhlNDRlODBhZWVhMjQzNmQwYTQxYmJhYjUwZmEwNWIzMDZmZmNjNmQ1N2YxYmFmYWY1N2I1OTdiYzE3YWVhNGFiYTkxZTJlYWI3YjJhM2YyZjM1Mzg3ZmE3NDI2NjQwMTkyODUyYzgwMjU4YzM1MjE3OWFlNmQzYThiODM4OWI5OTg5NWQ2NA%3D%3D&uuid=&pii=&in=false HTTP/1.1
Host: conqueredallrightswell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://conqueredallrightswell.com/dyfc1k09?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=16122660
Cookie: u_pl=16122660; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMjEzOTk4OTgiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly82a3NhdHYueWFsbGEtc2hvb3RzLm5ldC8iLCJhciI6W119fQ.LO7OtpgphXMrmaa5ep3optcPZcQ4Od5JAMSB8SyllLE; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx/1.21.6
Date: Sun, 03 Dec 2023 23:23:09 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://violationphysics.click/c9b2l0k.php?key=wkroiqew1c9guvr0kbe2&SUB_ID_SHORT=300eeb5f83d0909b25dd6ff361868c5d&COST_CPA=0.100000&PLACEMENT_ID=16122660&CAMPAIGN_ID=882703&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Windows&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&REMOTE_LANGUAGE=11&BANNER_ID=2569625
Set-Cookie: iprcf76d2ed81ad1cd89b38eb7e41d411407=4641329; expires=Mon, 04 Dec 2023 23:23:09 GMT
pdhtkv=true; expires=Mon, 04 Dec 2023 23:23:09 GMT
uncs=1; expires=Mon, 04 Dec 2023 23:23:09 GMT
pdhtkv28=true; expires=Mon, 04 Dec 2023 23:23:09 GMT
uncs28=1; expires=Mon, 04 Dec 2023 23:23:09 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ec67c753228c84591073159880ec7c44
Strict-Transport-Security: max-age=0; includeSubdomains

violationphysics.click/c9b2l0k.php?key=wkroiqew1c9guvr0kbe2&SUB_ID_SHORT=300eeb5f83d0909b25dd6ff361868c5d&COST_CPA=0.100000&PLACEMENT_ID=16122660&CAMPAIGN_ID=882703&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Windows&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&REMOTE_LANGUAGE=11&BANNER_ID=2569625

192.64.81.118

0 B

URL
violationphysics.click/c9b2l0k.php?key=wkroiqew1c9guvr0kbe2&SUB_ID_SHORT=300eeb5f83d0909b25dd6ff361868c5d&COST_CPA=0.100000&PLACEMENT_ID=16122660&CAMPAIGN_ID=882703&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Windows&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&REMOTE_LANGUAGE=11&BANNER_ID=2569625
IP
192.64.81.118:0
ASN
#19318 IS-AS-1

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /c9b2l0k.php?key=wkroiqew1c9guvr0kbe2&SUB_ID_SHORT=300eeb5f83d0909b25dd6ff361868c5d&COST_CPA=0.100000&PLACEMENT_ID=16122660&CAMPAIGN_ID=882703&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Windows&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&REMOTE_LANGUAGE=11&BANNER_ID=2569625 HTTP/1.1
Host: violationphysics.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://conqueredallrightswell.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx/1.22.0
Date: Sun, 03 Dec 2023 23:23:10 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: uclick=h9ikftir7v; expires=Mon, 04-Dec-2023 23:23:10 GMT; Max-Age=86400; path=/; secure; SameSite=none
uclickhash=h9ikftir7v-h9ikftir7v-hq1m-0-q5a4bl-ftxofe-ft8pdz-464f1f; expires=Mon, 04-Dec-2023 23:23:10 GMT; Max-Age=86400; path=/; secure; SameSite=none
Location: https://vvfal.rigelbetelgeuse.top/?pl=zKByXHsQK0ydGD7DogbGyA&click_id=6a674h9ikftir7v2ee&sub_id=16122660
Strict-Transport-Security: max-age=31536000

vvfal.rigelbetelgeuse.top/?pl=zKByXHsQK0ydGD7DogbGyA&click_id=6a674h9ikftir7v2ee&sub_id=16122660

104.21.22.161

0 B

URL
vvfal.rigelbetelgeuse.top/?pl=zKByXHsQK0ydGD7DogbGyA&click_id=6a674h9ikftir7v2ee&sub_id=16122660
IP
104.21.22.161:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?pl=zKByXHsQK0ydGD7DogbGyA&click_id=6a674h9ikftir7v2ee&sub_id=16122660 HTTP/1.1
Host: vvfal.rigelbetelgeuse.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://conqueredallrightswell.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Sun, 03 Dec 2023 23:23:10 GMT
content-length: 0
location: https://vvfal.stonecarv.top/browser-check/?pl=zKByXHsQK0ydGD7DogbGyA&sm=browser-check&click_id=6a674h9ikftir7v2ee&sub_id=16122660&nrid=c618b213e89e407c88b53c5081dac660&hash=Sj_hsrCUpQPrERIrRE75-g&exp=1701646090
set-cookie: zKByXHsQK0ydGD7DogbGyA=20; max-age=345600; path=/; samesite=lax
__pl=263f82c6-b042-4c9c-8dc2-16713392cc27; expires=Wed, 03 Dec 2025 23:23:10 GMT; path=/; samesite=lax
__cap=1; max-age=3600; path=/; samesite=lax
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q7sHk4iLPfn5i9iHl8Ek%2Ffp6j6qA09n8IFW09%2BEp8PvcGrz5vm9WdeX1RYpTxzY5oimeneDv0kKJvPe94WMDXzWJ1DjhXrxIu8xrySdyFPej%2BM9UG0HaDrSRMh8LDlM6RMmLuzlYqeMzIWC9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82ff8e4f5b097129-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

vvfal.stonecarv.top/favicon.ico

104.21.4.148

0 B

URL
vvfal.stonecarv.top/favicon.ico
IP
104.21.4.148:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: vvfal.stonecarv.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vvfal.stonecarv.top/browser-check/?pl=zKByXHsQK0ydGD7DogbGyA&sm=browser-check&click_id=6a674h9ikftir7v2ee&sub_id=16122660&nrid=c618b213e89e407c88b53c5081dac660&hash=Sj_hsrCUpQPrERIrRE75-g&exp=1701646090
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
date: Sun, 03 Dec 2023 23:23:11 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 2299
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ne6ycsZLtXqhVgE4TgqDJp26i7hbmGHtV5WyeYRlZndtyU6T8Kju7TYvgmVzHE2ebEBCUSUwvAJXs65FPEvD%2BCERiGWzBW8cDXPBuN%2BR8Bhbwzjk2a2mCN894Dm194e9%2FZtgRX%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e52b983568b-OSL
alt-svc: h3=":443"; ma=86400

cdnstatic.stonecarv.top/ps/config.js?id=zKByXHsQK0ydGD7DogbGyA

104.21.4.148

9.5 kB

URL
cdnstatic.stonecarv.top/ps/config.js?id=zKByXHsQK0ydGD7DogbGyA
IP
104.21.4.148:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with CRLF line terminators
Size
9.5 kB (9540 bytes)
Hash
512755a6a34075b4a23c875b7ae24013
f8cecb3663d1d20fcf19a10af2a47d8238636ed3
d9cc92407823fafcd54c6e83fb6b9a51fbf3a4d9c73b2f4da64243d24ce2f81a

HTTP Headers

GET /ps/config.js?id=zKByXHsQK0ydGD7DogbGyA HTTP/1.1
Host: cdnstatic.stonecarv.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vvfal.stonecarv.top/
Cookie: __psu=860eb437-e8f4-42c0-8068-5f80c1466489
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 03 Dec 2023 23:23:11 GMT
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jaf2xqizPP0yR34i3d%2B1G7nUMU2dKWaS6vFPADTP2QwyEW1QcEBqKC2kkWTj3po9ynNpcGBT06fTFMNlf0KqUbXgV%2FgLWfNXoZkfK%2Bzl4aAe6gjuaPHZTsPuCBN8Fre3NDg5QlgZocydSw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e52d999568b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js

142.250.74.35

9.9 kB

URL
www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (38231)
Size
9.9 kB (9934 bytes)
Hash
0541b823dfaf39162ef84cf075c9951b
e0934726455558cc1a59823efada9651e33aafaa
21f1d62f222007068c793f0947d98f4ccb7c1595adb68efeb783390fdd8b5522

HTTP Headers

GET /firebasejs/10.3.1/firebase-messaging-compat.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vvfal.stonecarv.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 9934
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 05:05:32 GMT
expires: Fri, 29 Nov 2024 05:05:32 GMT
cache-control: public, max-age=31536000
age: 325059
last-modified: Thu, 31 Aug 2023 15:20:50 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

vvfal.stonecarv.top/shared-js/assets/static-pl.js?v=2

104.21.4.148

1.7 kB

URL
vvfal.stonecarv.top/shared-js/assets/static-pl.js?v=2
IP
104.21.4.148:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with CRLF line terminators
Size
1.7 kB (1685 bytes)
Hash
7224243dd0b18bb2508a1d77d4b2a0b2
bd833c24aa241861316053fd8bd46a1bef3d343f
920aa94a10634fc23234b5e4f55c428f6311fc7811d3591792381678cb492659

HTTP Headers

GET /shared-js/assets/static-pl.js?v=2 HTTP/1.1
Host: vvfal.stonecarv.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vvfal.stonecarv.top/browser-check/?pl=zKByXHsQK0ydGD7DogbGyA&sm=browser-check&click_id=6a674h9ikftir7v2ee&sub_id=16122660&nrid=c618b213e89e407c88b53c5081dac660&hash=Sj_hsrCUpQPrERIrRE75-g&exp=1701646090
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 03 Dec 2023 23:23:11 GMT
content-type: application/javascript
last-modified: Fri, 01 Dec 2023 10:07:50 GMT
etag: W/"6569b076-dee"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2299
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c3GmIfzs24Kv7f2pZvIQvIGI1ZU1nU%2BkHzIIwzpegQJqZp7ppk7CRNRHFvkZD5R3j%2Fd5syGb7b86mkA2mLphDhRLd8M9inUXl0b5frTCphLC4ZwjhR7evN2QexWt2nDk6ZdN5KL3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e51c8f9568b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

cdnstatic.stonecarv.top/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=zKByXHsQK0ydGD7DogbGyA&sm=browser-check&click_id=6a674h9ikftir7v2ee&sub_id=16122660&appspot=&d=https%3A%2F%2Fcdnstatic.stonecarv.top&timeout=30&tb=true&nrid=c618b213e89e407c88b53c5081dac660

104.21.4.148

13 kB

URL
cdnstatic.stonecarv.top/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=zKByXHsQK0ydGD7DogbGyA&sm=browser-check&click_id=6a674h9ikftir7v2ee&sub_id=16122660&appspot=&d=https%3A%2F%2Fcdnstatic.stonecarv.top&timeout=30&tb=true&nrid=c618b213e89e407c88b53c5081dac660
IP
104.21.4.148:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (31625), with no line terminators
Size
13 kB (13126 bytes)
Hash
3328379be92b646043edecfa95164c16
d1e0e1026e8e01c848793cfcf82426dc654bab91
db407dbe132562448624d359a6b09ef89a9fc64b9ed5dbf1c1d282eb4b7d6e47

HTTP Headers

GET /ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=zKByXHsQK0ydGD7DogbGyA&sm=browser-check&click_id=6a674h9ikftir7v2ee&sub_id=16122660&appspot=&d=https%3A%2F%2Fcdnstatic.stonecarv.top&timeout=30&tb=true&nrid=c618b213e89e407c88b53c5081dac660 HTTP/1.1
Host: cdnstatic.stonecarv.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vvfal.stonecarv.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 03 Dec 2023 23:23:11 GMT
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-cache-status: BYPASS
set-cookie: __psu=860eb437-e8f4-42c0-8068-5f80c1466489; expires=Wed, 03 Dec 2025 23:23:11 GMT; path=/; secure; samesite=none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4pforidmp%2BHkZTkizf%2B%2BgrHyOd3kCCTZ2mjAf9gL31Bs%2FUULN%2BEJIXMffQlbOVmbPw90A4prpHO0DjCh01YGxvt8EY501pfU%2Fv%2BLjjs2AITfMJN5lyuiZF1Qk9YJhkWxCqmJG0XeEDuimg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e524942568b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

a.stonecarv.top/browser-check/assets/style.css

104.21.4.148

24 kB

URL
a.stonecarv.top/browser-check/assets/style.css
IP
104.21.4.148:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with CRLF line terminators
Size
24 kB (24135 bytes)
Hash
dbbbe1075e7b07a61fb591ee63a994e5
92bb2d17d2b576a9a4af857e55863a06e4a75912
be42d6bbc4640b12a38c2925138c046c0e9e8d17edda6a0ae976b36505437402

HTTP Headers

GET /browser-check/assets/style.css HTTP/1.1
Host: a.stonecarv.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.stonecarv.top/browser-check/?pl=zKByXHsQK0ydGD7DogbGyA&sm=browser-check&click_id=6a674h9ikftir7v2ee&sub_id=16122660&nrid=c618b213e89e407c88b53c5081dac660&hash=Sj_hsrCUpQPrERIrRE75-g&exp=1701646090
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 03 Dec 2023 23:23:11 GMT
content-type: text/css
last-modified: Fri, 01 Dec 2023 10:07:50 GMT
etag: W/"6569b076-1f54"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cSTtgB3KUzzJCnzifC5CNj2PhkKChY3VEXd0wwmhwXevXl%2F3u16VBl56ihSVe7vGjjl9tahICVi3mOQ1AoJ7Mz3KoJ%2FQ%2B6yA2GezwX1yANitUvqmwPFtA3rQXEoT4ySEhfU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e549ab2568b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js

142.250.74.35

9.9 kB

URL
www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (38231)
Size
9.9 kB (9934 bytes)
Hash
0541b823dfaf39162ef84cf075c9951b
e0934726455558cc1a59823efada9651e33aafaa
21f1d62f222007068c793f0947d98f4ccb7c1595adb68efeb783390fdd8b5522

HTTP Headers

GET /firebasejs/10.3.1/firebase-messaging-compat.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.stonecarv.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 9934
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 05:05:32 GMT
expires: Fri, 29 Nov 2024 05:05:32 GMT
cache-control: public, max-age=31536000
age: 325059
last-modified: Thu, 31 Aug 2023 15:20:50 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.toprevenuegate.com/zj77nccnbs?key=7c1ef88f2943ca666bff02795f23060d

192.243.59.20

1.3 kB

URL
www.toprevenuegate.com/zj77nccnbs?key=7c1ef88f2943ca666bff02795f23060d
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (380)
Size
1.3 kB (1322 bytes)
Hash
0345d9f35a51fbd01fea22c922128502
0cd5f0307957146c5ea6ad5ebff78b7c4bbadfc9
0f946aeb2bac9e03f901ff65f032dce1fa9ef6343b3e2d28206e6e4de147a9ed

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /zj77nccnbs?key=7c1ef88f2943ca666bff02795f23060d HTTP/1.1
Host: www.toprevenuegate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 03 Dec 2023 23:23:12 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=19854905; expires=Mon, 04 Dec 2023 23:23:12 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxOTg1NDkwNSwiayI6IjdjMWVmODhmMjk0M2NhNjY2YmZmMDI3OTVmMjMwNjBkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyNzIyNjE4LCJwaWQiOjI0MDE2MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxOSwiYWlkIjoyOCwicHQiOjQsInBrIjoiemo3N25jY25icyIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiIiwiYXIiOltdfX0.2FQGO2YhCNPTmdlXXLBtr2hi4zXbhcFHRg0XwRi4mrk; expires=Sun, 03 Dec 2023 23:24:12 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f167d990ffb15611d32922523cf4207c
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

www.toprevenuegate.com/api/users?token=L3pqNzduY2NuYnM_a2V5PTdjMWVmODhmMjk0M2NhNjY2YmZmMDI3OTVmMjMwNjBkJnBzdD0xNzAxNjQ1ODUyJnJtdGM9dCZzaHU9MzQ5ZGE5NDkxMjI2ZjM0NmNhYmEyYjlmNDhiOWRlZDBkMDM5NTQyMjkwNmQxMGUyMzYzNmJkZWYwMzQyZTZmNTlkNWYxZDE2ZDY4OGRlMTA0OWJhOTNmYzA0ZWVlYTdmNzUyM2U4ZDRiMTA1M2Y1NjkxNjViN2I4M2QxYjZjYWY1Zjg5ODU5YWFkMWQxZmRlY2VkM2RjMjBlNzk3NTY2ZjYyNDZkMg%3D%3D&uuid=&pii=&in=false

192.243.61.225

302 Found

0 B

URL User Request GET HTTP/1.1
www.toprevenuegate.com/api/users?token=L3pqNzduY2NuYnM_a2V5PTdjMWVmODhmMjk0M2NhNjY2YmZmMDI3OTVmMjMwNjBkJnBzdD0xNzAxNjQ1ODUyJnJtdGM9dCZzaHU9MzQ5ZGE5NDkxMjI2ZjM0NmNhYmEyYjlmNDhiOWRlZDBkMDM5NTQyMjkwNmQxMGUyMzYzNmJkZWYwMzQyZTZmNTlkNWYxZDE2ZDY4OGRlMTA0OWJhOTNmYzA0ZWVlYTdmNzUyM2U4ZDRiMTA1M2Y1NjkxNjViN2I4M2QxYjZjYWY1Zjg5ODU5YWFkMWQxZmRlY2VkM2RjMjBlNzk3NTY2ZjYyNDZkMg%3D%3D&uuid=&pii=&in=false
IP
192.243.61.225:443
ASN
#39572 DataWeb Global Group B.V.

Certificate
IssuerLet's Encrypt
Subjecttoprevenuegate.com
Fingerprint7D:44:5C:97:A8:B4:D2:87:5C:7C:4E:B7:DA:3A:38:99:85:00:67:40
ValidityFri, 20 Oct 2023 09:02:00 GMT - Thu, 18 Jan 2024 09:01:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /api/users?token=L3pqNzduY2NuYnM_a2V5PTdjMWVmODhmMjk0M2NhNjY2YmZmMDI3OTVmMjMwNjBkJnBzdD0xNzAxNjQ1ODUyJnJtdGM9dCZzaHU9MzQ5ZGE5NDkxMjI2ZjM0NmNhYmEyYjlmNDhiOWRlZDBkMDM5NTQyMjkwNmQxMGUyMzYzNmJkZWYwMzQyZTZmNTlkNWYxZDE2ZDY4OGRlMTA0OWJhOTNmYzA0ZWVlYTdmNzUyM2U4ZDRiMTA1M2Y1NjkxNjViN2I4M2QxYjZjYWY1Zjg5ODU5YWFkMWQxZmRlY2VkM2RjMjBlNzk3NTY2ZjYyNDZkMg%3D%3D&uuid=&pii=&in=false HTTP/1.1
Host: www.toprevenuegate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.toprevenuegate.com/zj77nccnbs?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=19854905
Cookie: u_pl=19854905; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxOTg1NDkwNSwiayI6IjdjMWVmODhmMjk0M2NhNjY2YmZmMDI3OTVmMjMwNjBkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyNzIyNjE4LCJwaWQiOjI0MDE2MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxOSwiYWlkIjoyOCwicHQiOjQsInBrIjoiemo3N25jY25icyIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiIiwiYXIiOltdfX0.2FQGO2YhCNPTmdlXXLBtr2hi4zXbhcFHRg0XwRi4mrk; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx/1.21.6
Date: Sun, 03 Dec 2023 23:23:12 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://track.trackingtraffo.com/pop/imp?auth=pz6uwx&c=IlS7DtRwOkUPsBrUeiLSmhGH4K03grp9zEmUpo4awk0EoBEo2bi6jAnoFx3mzebiPsVJ0JVyRNCfNeLWKfSWFLIbVY9XXUIvT--IwJ8rxNYzpCZsqBdJYNUUCdgh-fn0SZHEuDbPWLEvHaMwX_yhwJvwrSLOpzGBF3GLIVGnYFjoATdNwm8iEzLSpUc8vd5NoyPElFkc2OGOv8mZTi1EG_fIZCmHSJjVKtQwT2Ip6OGC5Pi6P0I46NHoJh_V2Tbf9qxzT2HrdbcpxFf3zmYXgjfQjthqZdNxxYwi3RzO9lSl4XUUs_lR4LVNiYLtGAVqqwr8hoE2tMwtZEn7c2sx4SPiEjiWPAg8UP49viCyMErwgOejBiJNSDzE1S_AUlujbTBOr6xrEdYYQgOjGyf-HQgaBdte110mixr_CXHeH5MRYphCwM_L92syRQ0ZXabPYXNQfJ5bcQKBU3EbpL0yO-bas34PmU9mLZ1DJJDLjRSF8reE3-odHCxE-RDzYT8oGEofODdMR3rd-C_0dJhB8SO06fgts3fekqYQUSFhbHHopea5zSJj8pwsaxcR6LoPlY2_P7wO6CrETzaWUCKuZMN-RUm_yr3xZtdGedt3-quKOH78fWceua4m-Qk47qy6drfebL02mLyb4BpvqH5mHezKMatgp04p_8x7Mg
Set-Cookie: pdhtkv=true; expires=Mon, 04 Dec 2023 23:23:12 GMT
uncs=1; expires=Mon, 04 Dec 2023 23:23:12 GMT
pdhtkv28=true; expires=Mon, 04 Dec 2023 23:23:12 GMT
uncs28=1; expires=Mon, 04 Dec 2023 23:23:12 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: efa6f7d04b9ebf6d83c2f572101da037
Strict-Transport-Security: max-age=0; includeSubdomains

vvfal.stonecarv.top/browser-check/?pl=zKByXHsQK0ydGD7DogbGyA&sm=browser-check&click_id=6a674h9ikftir7v2ee&sub_id=16122660&nrid=c618b213e89e407c88b53c5081dac660&hash=Sj_hsrCUpQPrERIrRE75-g&exp=1701646090

104.21.4.148

1.4 kB

URL
vvfal.stonecarv.top/browser-check/?pl=zKByXHsQK0ydGD7DogbGyA&sm=browser-check&click_id=6a674h9ikftir7v2ee&sub_id=16122660&nrid=c618b213e89e407c88b53c5081dac660&hash=Sj_hsrCUpQPrERIrRE75-g&exp=1701646090
IP
104.21.4.148:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (486), with CRLF line terminators
Size
1.4 kB (1403 bytes)
Hash
34382c77ea000a703ce27632383c9615
17e197daf9dd116e08a2deb43186b5020f3d5aa2
9a88cc8e278a5107f3b2b72f6fc888200929b1252b2dfb5accd17c8c41f22de3

HTTP Headers

GET /browser-check/?pl=zKByXHsQK0ydGD7DogbGyA&sm=browser-check&click_id=6a674h9ikftir7v2ee&sub_id=16122660&nrid=c618b213e89e407c88b53c5081dac660&hash=Sj_hsrCUpQPrERIrRE75-g&exp=1701646090 HTTP/1.1
Host: vvfal.stonecarv.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://conqueredallrightswell.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:10 GMT
content-type: text/html
last-modified: Fri, 01 Dec 2023 10:07:50 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oDmWIqgXXVykfWssVa8wjCUgcwb%2B5P0emX3Z8WGAI2%2F%2BMJOtL1%2BCvsw3jyqy2pGPzTp89uCqVB3pOjdUkrO2Gl4WPbi0q9y%2BLR4cLqfXwrj3ggboO%2FT0bxmk7EyhqLu5SJAAk7wt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82ff8e50c84bb4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnstatic.stonecarv.top/ps/config.js?id=zKByXHsQK0ydGD7DogbGyA

104.21.4.148

232 B

URL
cdnstatic.stonecarv.top/ps/config.js?id=zKByXHsQK0ydGD7DogbGyA
IP
104.21.4.148:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with CRLF line terminators
Size
232 B (232 bytes)
Hash
512755a6a34075b4a23c875b7ae24013
f8cecb3663d1d20fcf19a10af2a47d8238636ed3
d9cc92407823fafcd54c6e83fb6b9a51fbf3a4d9c73b2f4da64243d24ce2f81a

HTTP Headers

GET /ps/config.js?id=zKByXHsQK0ydGD7DogbGyA HTTP/1.1
Host: cdnstatic.stonecarv.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.stonecarv.top/
Cookie: __psu=860eb437-e8f4-42c0-8068-5f80c1466489
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 03 Dec 2023 23:23:11 GMT
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qI2ladAwuKi3Uk7zEwKLFapMq76z4bxeHSNqmimC%2Bliz2g%2BsW1eEvdu8F2Zo0IvA%2BxVkPHtuITo1jWNTvoC10PrZnMhz8XXXntzO4po5JtoihHnV4AL85EUpCmF%2FyhX%2BBxLj7wMPk1%2Fxyg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e557b1c568b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

media.playamopartners.com/redirect.aspx?pid=164550&bid=2058&lpid=933&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&utm_term=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&subid=2c1ce2tik37d5i4a10

13.107.246.67

0 B

URL
media.playamopartners.com/redirect.aspx?pid=164550&bid=2058&lpid=933&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&utm_term=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&subid=2c1ce2tik37d5i4a10
IP
13.107.246.67:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /redirect.aspx?pid=164550&bid=2058&lpid=933&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&utm_term=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&subid=2c1ce2tik37d5i4a10 HTTP/1.1
Host: media.playamopartners.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.toprevenuegate.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 307 Temporary Redirect
cache-control: private,no-cache, no-store
pragma: no-cache
content-type: text/html
location: https://breg.world/casino/slots?btag=655020_43A7E4A368104753AF901F0D08A5156B&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&utm_term=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&subid=2c1ce2tik37d5i4a10
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a164550%2c%22BID%22%3a2058%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701645794232)%5c%2f%22%2c%22CookieTag%22%3a%222058164550451240919C20231232323%22%7d%5d; SameSite=None;; domain=.playamopartners.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%222157130667%7c1%22%7d%5d; domain=.playamopartners.com; expires=Tue, 03-Dec-3022 23:23:14 GMT; path=/; secure; SameSite=Strict
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
x-azure-ref: 04g1tZQAAAABXlbbsokK6Q6V6TpRwonfIU1ZHMjBFREdFMDYwNwA3OGIzMGY1NS05NWIyLTQ4YzgtYjFhOC1mZTNkZmIwNTljZDk=
x-cache: CONFIG_NOCACHE
date: Sun, 03 Dec 2023 23:23:13 GMT
content-length: 0
X-Firefox-Spdy: h2

a.stonecarv.top/browser-check/?pl=zKByXHsQK0ydGD7DogbGyA&sm=browser-check&click_id=6a674h9ikftir7v2ee&sub_id=16122660&nrid=c618b213e89e407c88b53c5081dac660&hash=Sj_hsrCUpQPrERIrRE75-g&exp=1701646090

104.21.4.148

1.9 kB

URL
a.stonecarv.top/browser-check/?pl=zKByXHsQK0ydGD7DogbGyA&sm=browser-check&click_id=6a674h9ikftir7v2ee&sub_id=16122660&nrid=c618b213e89e407c88b53c5081dac660&hash=Sj_hsrCUpQPrERIrRE75-g&exp=1701646090
IP
104.21.4.148:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (486), with CRLF line terminators
Size
1.9 kB (1874 bytes)
Hash
34382c77ea000a703ce27632383c9615
17e197daf9dd116e08a2deb43186b5020f3d5aa2
9a88cc8e278a5107f3b2b72f6fc888200929b1252b2dfb5accd17c8c41f22de3

HTTP Headers

GET /browser-check/?pl=zKByXHsQK0ydGD7DogbGyA&sm=browser-check&click_id=6a674h9ikftir7v2ee&sub_id=16122660&nrid=c618b213e89e407c88b53c5081dac660&hash=Sj_hsrCUpQPrERIrRE75-g&exp=1701646090 HTTP/1.1
Host: a.stonecarv.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vvfal.stonecarv.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 03 Dec 2023 23:23:11 GMT
content-type: text/html
last-modified: Fri, 01 Dec 2023 10:07:50 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=abezXf4swWpJaC1tDhUNCoL53xEc3sCSGVcg6TnrnJew1Pe0Ea3zrdnmOKCe1kzvlVFbUNFxR6AwLA2z%2BD3nVSaPjB7RVi6ZVlzYO%2Fp6LEXeO6Ak87uFj0tNeayw%2FA%2F%2BXrY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82ff8e541a6b568b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

breg.world/casino/slots?btag=655020_43A7E4A368104753AF901F0D08A5156B&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&utm_term=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&subid=2c1ce2tik37d5i4a10

3.67.255.104

302 Found

281 B

URL User Request GET HTTP/2
breg.world/casino/slots?btag=655020_43A7E4A368104753AF901F0D08A5156B&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&utm_term=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&subid=2c1ce2tik37d5i4a10
IP
3.67.255.104:443
ASN
#16509 AMAZON-02

Certificate
IssuerAmazon
Subjectbreg.world
Fingerprint23:D5:98:E2:52:13:DA:CE:73:DD:B3:DE:AF:33:0F:B9:D2:4D:35:82
ValidityFri, 30 Jun 2023 00:00:00 GMT - Sun, 28 Jul 2024 23:59:59 GMT

File type
HTML document, ASCII text
Size
281 B (281 bytes)
Hash
e95f7b10935c47623710b565f16d83c4
0ef12b6cbd3fdb7880350d6be1b8f9870b82d094
ffdc670dd01c61ec51fe96713c9328aa5a7d3adf467dc347a9c02f50c001456d

HTTP Headers

GET /casino/slots?btag=655020_43A7E4A368104753AF901F0D08A5156B&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&utm_term=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&subid=2c1ce2tik37d5i4a10 HTTP/1.1
Host: breg.world
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.toprevenuegate.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Sun, 03 Dec 2023 23:23:14 GMT
content-type: text/html; charset=utf-8
content-length: 281
location: https://bizzocasino.com/casino/slots?btag=655020_43A7E4A368104753AF901F0D08A5156B&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&utm_term=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&subid=2c1ce2tik37d5i4a10
X-Firefox-Spdy: h2

bizzocasino.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

104.26.9.22

4.4 kB

URL
bizzocasino.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP
104.26.9.22:0
ASN
#13335 CLOUDFLARENET

File type
gzip compressed data, from Unix\012- data
Size
4.4 kB (4358 bytes)
Hash
f3fd5e7c70e212ed5456e2f124eecf86
998178166bed1d3211fb4c5dc8d4c5d9ff24b00d
41a3094a45a591e0566064deea404d6cf1f1c51342c6894dc2fad314a41893e0

HTTP Headers

GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: bizzocasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/no/casino/slots?btag=655020_43A7E4A368104753AF901F0D08A5156B&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&utm_term=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&subid=2c1ce2tik37d5i4a10
Cookie: preferred-language=no; btag=655020_43A7E4A368104753AF901F0D08A5156B; subid=2c1ce2tik37d5i4a10; utm_campaign=Ubidex-Bizzo-EU-NotReg-pop-WelPromo; utm_medium=Ubidex; utm_source=retarget; utm_term=Ubidex-Bizzo-EU-NotReg-pop-WelPromo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:15 GMT
content-type: application/javascript
last-modified: Tue, 28 Nov 2023 16:06:21 GMT
etag: W/"65660ffd-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bepPF5dabDka0FKY1vY9a0xam6ELpTO%2FJt1SVt2d%2Fx4tlPH660x4OfWrnZpt2skQWjQsTUjQDSdgaoWxoDv3NjbjP3HSzH7GSf%2BRSjc3gjIC0c3gPIj%2FlRaxwn4%2By4rElQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e70cd41b50c-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Tue, 05 Dec 2023 23:23:15 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto:400,500,700,300,900&display=swap&subset=cyrillic

142.250.74.106

1.3 kB

URL
fonts.googleapis.com/css?family=Roboto:400,500,700,300,900&display=swap&subset=cyrillic
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
gzip compressed data, max compression\012- data
Size
1.3 kB (1252 bytes)
Hash
464472bceabfbed32c8b3dd0a9656f45
e8c12db88ab2f926a062aa66c6d15238fa9ee741
8857233a30c91a1b24418dd844bb4feaaa94bf0d3218bdd78c53417efd1d98bd

HTTP Headers

GET /css?family=Roboto:400,500,700,300,900&display=swap&subset=cyrillic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 03 Dec 2023 23:23:16 GMT
date: Sun, 03 Dec 2023 23:23:16 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600;700;900&display=swap&subset=cyrillic

142.250.74.106

40 kB

URL
fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600;700;900&display=swap&subset=cyrillic
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
gzip compressed data, max compression\012- data
Size
40 kB (39993 bytes)
Hash
c305a34f6a073a4716d811f67c5e674e
fb15e5f52e998af853ad4f306acf115c05cb6e47
87da64240fa59826414456a062c11dc806d3fbd2d481f5261439728de08a4880

HTTP Headers

GET /css2?family=Poppins:wght@300;400;500;600;700;900&display=swap&subset=cyrillic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 03 Dec 2023 23:23:16 GMT
date: Sun, 03 Dec 2023 23:23:16 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

c4457c89-e5ba-4d22-92e5-c2959310ee85.snippet.antillephone.com/sealassets/cfddb3e96ca1f61c856df5e8cfa3a471-bizzocasino.com-f5faf6d82a7be2057527120fa49724355adf2a8c973918d432fa7b70160234e717ac6b01358f27fc0aff52358b79fb11-c3BhY2VyLXNwcml0ZS5wbmc%3D

54.230.111.125

95 B

URL
c4457c89-e5ba-4d22-92e5-c2959310ee85.snippet.antillephone.com/sealassets/cfddb3e96ca1f61c856df5e8cfa3a471-bizzocasino.com-f5faf6d82a7be2057527120fa49724355adf2a8c973918d432fa7b70160234e717ac6b01358f27fc0aff52358b79fb11-c3BhY2VyLXNwcml0ZS5wbmc%3D
IP
54.230.111.125:0
ASN
#16509 AMAZON-02

File type
PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Size
95 B (95 bytes)
Hash
9591c410148e6883727c5339fd1c02cd
3442a95fe890ce4769b36b2ecc611b801a54cfb5
cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323

HTTP Headers

GET /sealassets/cfddb3e96ca1f61c856df5e8cfa3a471-bizzocasino.com-f5faf6d82a7be2057527120fa49724355adf2a8c973918d432fa7b70160234e717ac6b01358f27fc0aff52358b79fb11-c3BhY2VyLXNwcml0ZS5wbmc%3D HTTP/1.1
Host: c4457c89-e5ba-4d22-92e5-c2959310ee85.snippet.antillephone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 95
date: Sun, 03 Dec 2023 23:20:46 GMT
x-powered-by: Express
cache-control: max-age=1200
etag: W/"5f-NEKpX+iQzkdps2suzGEbgBpUz7U"
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 82ff8ac7af8f1c79-FRA
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 6BTe2DVWjhu7IqjlKpu--5xCJYGH-U6FbD3-fj4CkdiJ28Xf0S-pnQ==
age: 150
X-Firefox-Spdy: h2

54.230.111.125

200 OK

49 kB

URL GET HTTP/2
c4457c89-e5ba-4d22-92e5-c2959310ee85.snippet.antillephone.com/sealassets/cfddb3e96ca1f61c856df5e8cfa3a471-bizzocasino.com-f5faf6d82a7be2057527120fa49724355adf2a8c973918d432fa7b70160234e717ac6b01358f27fc0aff52358b79fb11-c3ByaXRlLXNlYWwucG5n?status=valid
IP
54.230.111.125:443
ASN
#16509 AMAZON-02

Requested by
https://bizzocasino.com/no/casino/slots?btag=655020_43A7E4A368104753AF901F0D08A5156B&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&utm_term=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&subid=2c1ce2tik37d5i4a10
Certificate
IssuerStarfield Technologies, Inc.
Subject*.snippet.antillephone.com
FingerprintE5:72:D2:23:23:5B:CF:9D:04:92:91:42:A3:10:C7:14:C1:B6:4C:8C
ValiditySun, 02 Apr 2023 11:55:38 GMT - Fri, 03 May 2024 11:55:38 GMT

File type
PNG image data, 512 x 256, 8-bit/color RGBA, non-interlaced\012- data
Size
49 kB (49397 bytes)
Hash
8ef6782be55b8ce8f5b132d28af8e0d0
cb99df77f4865d9c2f287539a5ca474cf76f7d09
d614922fde9604f8899e47f3cc3d69bf952312b996f7cf1421163996710850fa

HTTP Headers

GET /sealassets/cfddb3e96ca1f61c856df5e8cfa3a471-bizzocasino.com-f5faf6d82a7be2057527120fa49724355adf2a8c973918d432fa7b70160234e717ac6b01358f27fc0aff52358b79fb11-c3ByaXRlLXNlYWwucG5n?status=valid HTTP/1.1
Host: c4457c89-e5ba-4d22-92e5-c2959310ee85.snippet.antillephone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 49397
date: Sun, 03 Dec 2023 23:20:46 GMT
x-powered-by: Express
cache-control: max-age=1200
etag: W/"c0f5-y5nfd/SGXZwvKHU5pcpHTPdvfQk"
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 82ff8ac7a84065a8-FRA
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: br-WRfyj4ZT1nxSsio6IUTbB3gd5dsQMpct2w8mgxf8w4rMn8A3iGw==
age: 150
X-Firefox-Spdy: h2

bizzocasino.com/app/main.83ce3608c729461e.css

104.26.9.22

40 kB

URL
bizzocasino.com/app/main.83ce3608c729461e.css
IP
104.26.9.22:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65536), with no line terminators
Size
40 kB (39496 bytes)
Hash
a100f6d8fa2bede1239cc6650513993b
03381af65f37c7f5a2a8d88b75bde2e99b7cc7c8
babe1882397e4451fcf59226f3ed6c060de8cc38338670ad7c6db66e6f494813

HTTP Headers

GET /app/main.83ce3608c729461e.css HTTP/1.1
Host: bizzocasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/no/casino/slots?btag=655020_43A7E4A368104753AF901F0D08A5156B&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&utm_term=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&subid=2c1ce2tik37d5i4a10
Cookie: preferred-language=no; btag=655020_43A7E4A368104753AF901F0D08A5156B; subid=2c1ce2tik37d5i4a10; utm_campaign=Ubidex-Bizzo-EU-NotReg-pop-WelPromo; utm_medium=Ubidex; utm_source=retarget; utm_term=Ubidex-Bizzo-EU-NotReg-pop-WelPromo
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:16 GMT
content-type: text/css
cf-ray: 82ff8e70bd3bb50c-OSL
cf-cache-status: BYPASS
etag: W/"65682878-27056"
last-modified: Thu, 30 Nov 2023 06:15:20 GMT
set-cookie: is_mobile_device=false
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lWZlWwDOwwbCVbhF%2FaXvjUBcM%2BpKxoB6AkcoB2PM0k%2BAqo5oLs1rBCEPFygP2gNExhmfNsK64H9HV0Goevqmw%2F5LP%2FD2tY2RJfpW65LMl5O5Lk4TmbwUlBIhL2oFS6FSQw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

tm.ads.sportradar.com/dist/tag-manager.js?id=STM-AAAALW

23.36.79.8

36 kB

URL
tm.ads.sportradar.com/dist/tag-manager.js?id=STM-AAAALW
IP
23.36.79.8:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (62081)
Size
36 kB (36139 bytes)
Hash
ed8de136293306c42ed4853228cc1dea
293aa748837b2a510748017cf43a0b2b0fa1c82f
100e96f14d4a461b2125ddce9fa0c9a111c7538de9ff473ec62ecfe6608aaef3

HTTP Headers

GET /dist/tag-manager.js?id=STM-AAAALW HTTP/1.1
Host: tm.ads.sportradar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
apigw-requestid: PY4tZjL-joEEJ4w=
vary: Accept-Encoding
content-encoding: gzip
content-length: 36139
date: Sun, 03 Dec 2023 23:23:16 GMT
cache-control: max-age=900, public
x-n: S
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-5W7F767

142.250.74.136

70 kB

URL
www.googletagmanager.com/gtm.js?id=GTM-5W7F767
IP
142.250.74.136:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (16123)
Size
70 kB (70066 bytes)
Hash
66b275d37958e99822df203158fae517
ca884a3a369933c3ac04000c4706a6bc9b0fcbbf
c9dc58eaf39f34af9fa391c6b44f49ad5096c8b5a0c053d3bf9ebd13d8452824

HTTP Headers

GET /gtm.js?id=GTM-5W7F767 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 03 Dec 2023 23:23:16 GMT
expires: Sun, 03 Dec 2023 23:23:16 GMT
cache-control: private, max-age=900
last-modified: Sun, 03 Dec 2023 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 70066
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

bizzocasino.com/casino/slots?btag=655020_43A7E4A368104753AF901F0D08A5156B&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&utm_term=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&subid=2c1ce2tik37d5i4a10

104.26.9.22

46 kB

URL
bizzocasino.com/casino/slots?btag=655020_43A7E4A368104753AF901F0D08A5156B&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&utm_term=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&subid=2c1ce2tik37d5i4a10
IP
104.26.9.22:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
46 kB (45614 bytes)
Hash
09673069e371d2389c523c465db01d89
cd193a253c9110c0cfcd68be9695777e63ff408f
8a1999d436fdf2f28ce218e5175634f3a106e9080549cf87d6f745b7d36bbded

HTTP Headers

GET /casino/slots?btag=655020_43A7E4A368104753AF901F0D08A5156B&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&utm_term=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&subid=2c1ce2tik37d5i4a10 HTTP/1.1
Host: bizzocasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.toprevenuegate.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Sun, 03 Dec 2023 23:23:14 GMT
content-type: text/html; charset=UTF-8
location: /no/casino/slots?btag=655020_43A7E4A368104753AF901F0D08A5156B&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&utm_term=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&subid=2c1ce2tik37d5i4a10
cf-ray: 82ff8e6978bfb50c-OSL
cf-cache-status: DYNAMIC
cache-control: no-cache, private
access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods: GET, POST, OPTIONS
access-control-expose-headers: Content-Length,Content-Range
set-cookie: preferred-language=no; path=/; secure; httponly; samesite=lax
btag=655020_43A7E4A368104753AF901F0D08A5156B; expires=Wed, 03-Jan-2024 00:00:00 GMT; Max-Age=2594206; path=/; secure; samesite=none
subid=2c1ce2tik37d5i4a10; expires=Wed, 03-Jan-2024 00:00:00 GMT; Max-Age=2594206; path=/; secure; samesite=none
utm_campaign=Ubidex-Bizzo-EU-NotReg-pop-WelPromo; expires=Wed, 03-Jan-2024 00:00:00 GMT; Max-Age=2594206; path=/; secure; samesite=lax
utm_medium=Ubidex; expires=Wed, 03-Jan-2024 00:00:00 GMT; Max-Age=2594206; path=/; secure; samesite=lax
utm_source=retarget; expires=Wed, 03-Jan-2024 00:00:00 GMT; Max-Age=2594206; path=/; secure; samesite=lax
utm_term=Ubidex-Bizzo-EU-NotReg-pop-WelPromo; expires=Wed, 03-Jan-2024 00:00:00 GMT; Max-Age=2594206; path=/; secure; samesite=lax
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gp0i3XE7nk%2BzWidAj6BxRSke%2BhyFTYKd%2FlS5bQEl4TO5KcBt%2BjEbemKNAQhDVIP1Bo4ANhvWwCcCPm6RTKnxxJmsJGWlzUy3nrqqAk1EveeNxW5EoOQqNR6BkH5V0Isw8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2

ws-cdn001.akamaized.net/7693683943e78a298c36d469e68b47d8/widgetloader

23.36.77.10

66 kB

URL
ws-cdn001.akamaized.net/7693683943e78a298c36d469e68b47d8/widgetloader
IP
23.36.77.10:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (43921)
Size
66 kB (66102 bytes)
Hash
490bb6e94e7ddd65c6782a6a8847ff28
8df2b6fd0f3f91da77e4abf47d454d76505325d9
1d1a92370e221b39f3c1a02918bd3b5ca91312c002f08500f02691ef7ead7c7d

HTTP Headers

GET /7693683943e78a298c36d469e68b47d8/widgetloader HTTP/1.1
Host: ws-cdn001.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-security-policy: frame-ancestors 'self' https://st-cdn001.akamaized.net https://ls-cdn001.akamaized.net
cache-control: public, max-age=120, stale-while-revalidate=60, immutable
etag: "1fa233d1f3ecb3f89370d39d3b179988-69706b394b393dcce7df8514a0b4dec7"
content-encoding: gzip
date: Sun, 03 Dec 2023 23:23:16 GMT
content-length: 66102
vary: Accept-Encoding
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-89BGS3MKPL&l=dataLayer&cx=c

142.250.74.136

89 kB

URL
www.googletagmanager.com/gtag/js?id=G-89BGS3MKPL&l=dataLayer&cx=c
IP
142.250.74.136:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (5955)
Size
89 kB (89430 bytes)
Hash
ae61641db5acb3525a27bbc65ae95b68
b72dc1e466983c2e549b2d295e27f5024745f234
495baffa3dd637deed659662167ccc14bd7b9e9c5f51d6703b3d5cb81a575c49

HTTP Headers

GET /gtag/js?id=G-89BGS3MKPL&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 03 Dec 2023 23:23:16 GMT
expires: Sun, 03 Dec 2023 23:23:16 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 89430
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

tracker.ads.sportradar.com/dist/tracker.js

23.36.79.8

6.4 kB

URL
tracker.ads.sportradar.com/dist/tracker.js
IP
23.36.79.8:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (25690)
Size
6.4 kB (6405 bytes)
Hash
235331a0761142ae4fd345cdf7c7f9ed
f71a2cb5824a7049b2c86f5658f48e17ff7f588c
063237f5f52863c3f711ef56625653397a5650eca2da3fa375dc181985a1badb

HTTP Headers

GET /dist/tracker.js HTTP/1.1
Host: tracker.ads.sportradar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 12 Sep 2023 08:33:19 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
etag: "235331a0761142ae4fd345cdf7c7f9ed"
x-amz-cf-pop: AMS58-P6
x-amz-cf-id: tqUMNvEchMPANvIHUidrQXUquf1Sk_5azdOQvrGddvHtdfLvb1pgOw==
vary: Accept-Encoding
content-encoding: gzip
date: Sun, 03 Dec 2023 23:23:17 GMT
content-length: 6405
cache-control: max-age=900, public
X-Firefox-Spdy: h2

s.magsrv.com/tag.php?goal=690f08e992705cf61f1bdfe9b5790416;stackUid=20231203232322331610

95.211.229.247

20 B

URL
s.magsrv.com/tag.php?goal=690f08e992705cf61f1bdfe9b5790416;stackUid=20231203232322331610
IP
95.211.229.247:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
gzip compressed data, max speed, from Unix\012- data
Size
20 B (20 bytes)
Hash
a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

HTTP Headers

GET /tag.php?goal=690f08e992705cf61f1bdfe9b5790416;stackUid=20231203232322331610 HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 03 Dec 2023 23:23:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Accept-CH: 
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

syndication.realsrv.com/tag.php?goal=690f08e992705cf61f1bdfe9b5790416;stackUid=2023120323232233370

95.211.229.247

200 OK

20 B

URL GET HTTP/1.1
syndication.realsrv.com/tag.php?goal=690f08e992705cf61f1bdfe9b5790416;stackUid=2023120323232233370
IP
95.211.229.247:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://bizzocasino.com/no/casino/slots?btag=655020_43A7E4A368104753AF901F0D08A5156B&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&utm_term=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&subid=2c1ce2tik37d5i4a10
Certificate
IssuerLet's Encrypt
Subjectrealsrv.com
Fingerprint33:54:4D:F8:0E:E4:00:D3:20:90:CA:61:C8:CC:4D:D5:CB:BB:83:57
ValidityThu, 05 Oct 2023 15:34:07 GMT - Wed, 03 Jan 2024 15:34:06 GMT

File type
gzip compressed data, max speed, from Unix\012- data
Size
20 B (20 bytes)
Hash
a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

HTTP Headers

GET /tag.php?goal=690f08e992705cf61f1bdfe9b5790416;stackUid=2023120323232233370 HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 03 Dec 2023 23:23:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Accept-CH: 
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

s.pemsrv.com/tag.php?goal=690f08e992705cf61f1bdfe9b5790416;stackUid=20231203232322333744

95.211.229.247

200 OK

20 B

URL GET HTTP/1.1
s.pemsrv.com/tag.php?goal=690f08e992705cf61f1bdfe9b5790416;stackUid=20231203232322333744
IP
95.211.229.247:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://bizzocasino.com/no/casino/slots?btag=655020_43A7E4A368104753AF901F0D08A5156B&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&utm_term=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&subid=2c1ce2tik37d5i4a10
Certificate
IssuerLet's Encrypt
Subjectpemsrv.com
Fingerprint40:E8:94:FF:56:F9:C8:1A:71:42:46:90:F1:80:43:D0:63:BB:7B:54
ValidityThu, 05 Oct 2023 15:33:19 GMT - Wed, 03 Jan 2024 15:33:18 GMT

File type
gzip compressed data, max speed, from Unix\012- data
Size
20 B (20 bytes)
Hash
a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

HTTP Headers

GET /tag.php?goal=690f08e992705cf61f1bdfe9b5790416;stackUid=20231203232322333744 HTTP/1.1
Host: s.pemsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 03 Dec 2023 23:23:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Accept-CH: 
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

assets.customer.io/assets/track-eu.js

54.230.111.127

2.7 kB

URL
assets.customer.io/assets/track-eu.js
IP
54.230.111.127:0
ASN
#16509 AMAZON-02

File type
gzip compressed data, from Unix\012- data
Size
2.7 kB (2678 bytes)
Hash
72cfee3e237e544511b41573de63d680
efdef9d9afa5c56a5a3808c4ffbd12c36d6dc436
eb0694a4b5be3b1ec6efbe7c16ea81b708a69cf17a761520ff8e018491647a05

HTTP Headers

GET /assets/track-eu.js HTTP/1.1
Host: assets.customer.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 11 Aug 2023 18:01:42 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: BtxEHcU0wqf0CjSwoOmTEgSN2I1XVY2j
server: AmazonS3
content-encoding: gzip
date: Sun, 03 Dec 2023 02:20:16 GMT
etag: W/"c2e38019d2616906a319c480d401a82a"
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: h2wxDjjx6ZZQL81V0UA-srtYDYrqO5MYy91YgW80mvJnmijPZx6n3w==
age: 77613
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2

s.opoxv.com/tag.php?goal=690f08e992705cf61f1bdfe9b5790416;stackUid=20231203232322332280

95.211.229.247

20 B

URL
s.opoxv.com/tag.php?goal=690f08e992705cf61f1bdfe9b5790416;stackUid=20231203232322332280
IP
95.211.229.247:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
gzip compressed data, max speed, from Unix\012- data
Size
20 B (20 bytes)
Hash
a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

HTTP Headers

GET /tag.php?goal=690f08e992705cf61f1bdfe9b5790416;stackUid=20231203232322332280 HTTP/1.1
Host: s.opoxv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 03 Dec 2023 23:23:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Accept-CH: 
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

track-eu.customer.io/events/page.gif?name=https%3A%2F%2Fbizzocasino.com%2Fno%2Fcasino%2Fslots%3Fbtag%3D655020_43A7E4A368104753AF901F0D08A5156B%26utm_source%3Dretarget%26utm_medium%3DUbidex%26utm_campaign%3DUbidex-Bizzo-EU-NotReg-pop-WelPromo%26utm_term%3DUbidex-Bizzo-EU-NotReg-pop-WelPromo%26subid%3D2c1ce2tik37d5i4a10&data%5Bbtag%5D=655020_43A7E4A368104753AF901F0D08A5156B&data%5Butm_source%5D=retarget&data%5Butm_medium%5D=Ubidex&data%5Butm_campaign%5D=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&data%5Butm_term%5D=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&data%5Bsubid%5D=2c1ce2tik37d5i4a10&data%5Bwidth%5D=1280&data%5Bheight%5D=1024&data%5Breferrer%5D=https%3A%2F%2Fwww.toprevenuegate.com%2F&c=&s=5729cd2a-443d-d34e-f27b-3db8283c16fe&site_id=9efc4c3b0cc60e451da4&timestamp=1701645802339

34.120.129.162

35 B

URL
track-eu.customer.io/events/page.gif?name=https%3A%2F%2Fbizzocasino.com%2Fno%2Fcasino%2Fslots%3Fbtag%3D655020_43A7E4A368104753AF901F0D08A5156B%26utm_source%3Dretarget%26utm_medium%3DUbidex%26utm_campaign%3DUbidex-Bizzo-EU-NotReg-pop-WelPromo%26utm_term%3DUbidex-Bizzo-EU-NotReg-pop-WelPromo%26subid%3D2c1ce2tik37d5i4a10&data%5Bbtag%5D=655020_43A7E4A368104753AF901F0D08A5156B&data%5Butm_source%5D=retarget&data%5Butm_medium%5D=Ubidex&data%5Butm_campaign%5D=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&data%5Butm_term%5D=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&data%5Bsubid%5D=2c1ce2tik37d5i4a10&data%5Bwidth%5D=1280&data%5Bheight%5D=1024&data%5Breferrer%5D=https%3A%2F%2Fwww.toprevenuegate.com%2F&c=&s=5729cd2a-443d-d34e-f27b-3db8283c16fe&site_id=9efc4c3b0cc60e451da4&timestamp=1701645802339
IP
34.120.129.162:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

HTTP Headers

GET /events/page.gif?name=https%3A%2F%2Fbizzocasino.com%2Fno%2Fcasino%2Fslots%3Fbtag%3D655020_43A7E4A368104753AF901F0D08A5156B%26utm_source%3Dretarget%26utm_medium%3DUbidex%26utm_campaign%3DUbidex-Bizzo-EU-NotReg-pop-WelPromo%26utm_term%3DUbidex-Bizzo-EU-NotReg-pop-WelPromo%26subid%3D2c1ce2tik37d5i4a10&data%5Bbtag%5D=655020_43A7E4A368104753AF901F0D08A5156B&data%5Butm_source%5D=retarget&data%5Butm_medium%5D=Ubidex&data%5Butm_campaign%5D=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&data%5Butm_term%5D=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&data%5Bsubid%5D=2c1ce2tik37d5i4a10&data%5Bwidth%5D=1280&data%5Bheight%5D=1024&data%5Breferrer%5D=https%3A%2F%2Fwww.toprevenuegate.com%2F&c=&s=5729cd2a-443d-d34e-f27b-3db8283c16fe&site_id=9efc4c3b0cc60e451da4&timestamp=1701645802339 HTTP/1.1
Host: track-eu.customer.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
content-disposition: attachment
content-length: 35
content-transfer-encoding: binary
content-type: image/gif
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 23:23:17 GMT
status: 200 OK
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

tracker.ads.sportradar.com/dist//sp-3.8.0.js

23.36.79.8

24 kB

URL
tracker.ads.sportradar.com/dist//sp-3.8.0.js
IP
23.36.79.8:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (65378)
Size
24 kB (24162 bytes)
Hash
143272dddc33395008a84a86ac9c2e96
8a90a07a66c30b4fa28300001cf97db7baba420e
6361e3a49a38d1fdc74ec96bd29ee1ecd7c30045ccb0e5f361413d65cbf5ef87

HTTP Headers

GET /dist//sp-3.8.0.js HTTP/1.1
Host: tracker.ads.sportradar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 12 Sep 2023 08:33:18 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
etag: "143272dddc33395008a84a86ac9c2e96"
x-amz-cf-pop: AMS58-P6
x-amz-cf-id: NvjKmxC0d4BR2KD4D4spbmqotlfMOUtqFNnawQD7DDXgAAd8y4JhYg==
vary: Accept-Encoding
content-encoding: gzip
date: Sun, 03 Dec 2023 23:23:17 GMT
content-length: 24162
cache-control: max-age=900, public
X-Firefox-Spdy: h2

cdn.seon.io/js/v4/agent.js

54.230.111.94

112 kB

URL
cdn.seon.io/js/v4/agent.js
IP
54.230.111.94:0
ASN
#16509 AMAZON-02

File type
gzip compressed data, from Unix\012- data
Size
112 kB (112432 bytes)
Hash
ffe203737d3df6353fdf32aa872ba154
1599ec44a57d10d0d9694a105cb8fbc3dbd9549f
1e610c64c97fdf6cce64f18a94cee6e6515ea2f1dec9a2e5b530fb9da8dbc857

HTTP Headers

GET /js/v4/agent.js HTTP/1.1
Host: cdn.seon.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 20 Dec 2022 16:00:08 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: oBwuMALhSWNlluJ4Z9BGO_.GELHIAD3H
server: AmazonS3
content-encoding: gzip
date: Sun, 03 Dec 2023 22:42:59 GMT
cache-control: max-age=3600
etag: W/"c34c3067f651e0fea2609171ab7bfec0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: uxf7KUYB-fJ2LVD3T51rAbgtp8iMoW20B304uk_oK-fOJVLL1pDjgA==
age: 2428
X-Firefox-Spdy: h2

a.sportradarserving.com/pixel?type=js&aid=1312&id=3945

3.123.91.170

0 B

URL
a.sportradarserving.com/pixel?type=js&aid=1312&id=3945
IP
3.123.91.170:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pixel?type=js&aid=1312&id=3945 HTTP/1.1
Host: a.sportradarserving.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache, no-store, must-revalidate
Date: Sun, 03 Dec 2023 23:23:17 GMT
Location: https://a.sportradarserving.com/ul_cb/pixel?type=js&aid=1312&id=3945
Set-Cookie: zuuid=0e60034f-fc56-4ba5-b453-17a34df0a04f; path=/; expires=Mon, 02-Dec-2024 23:23:17 GMT; domain=sportradarserving.com; samesite=none; secure
c=1701645797; path=/; expires=Mon, 02-Dec-2024 23:23:17 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_lu=1701645797; path=/; expires=Mon, 02-Dec-2024 23:23:17 GMT; domain=sportradarserving.com; samesite=none; secure
Content-Length: 0
Connection: keep-alive

track.trackingtraffo.com/pixel/js?auth=886u5crv&event=visit&uid=undefined&tid={TRANSACTION_ID}&cur=undefined&amount=0

88.214.195.153

484 B

URL
track.trackingtraffo.com/pixel/js?auth=886u5crv&event=visit&uid=undefined&tid={TRANSACTION_ID}&cur=undefined&amount=0
IP
88.214.195.153:0
ASN
#46636 NATCOWEB

File type
ASCII text
Size
484 B (484 bytes)
Hash
abbe43986275122113580952624f27fe
f6604c53f79238aa8712805577cb7aa9a730501c
a09792344bdf46e21f4b8db6cfb8fd1b56d414f0a53ffe7757cf08b9d47e58ee

HTTP Headers

GET /pixel/js?auth=886u5crv&event=visit&uid=undefined&tid={TRANSACTION_ID}&cur=undefined&amount=0 HTTP/1.1
Host: track.trackingtraffo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 03 Dec 2023 23:23:17 GMT
Content-Type: text/javascript
Content-Length: 484
Connection: keep-alive
Cache-Control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
Pragma: no-cache
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Access-Control-Allow-Origin: *

a.sportradarserving.com/ul_cb/pixel?type=js&aid=1312&id=3945

3.123.91.170

1.5 kB

URL
a.sportradarserving.com/ul_cb/pixel?type=js&aid=1312&id=3945
IP
3.123.91.170:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (1527), with no line terminators
Size
1.5 kB (1527 bytes)
Hash
b21779f686136ba67591f0574d7c70f3
3aa93736018172a9fb0e8c685aabf752a8561e87
5470a6c15cca3d8193d494207e5499bc735bb1cc7e1383b1c07fe472522c589a

HTTP Headers

GET /ul_cb/pixel?type=js&aid=1312&id=3945 HTTP/1.1
Host: a.sportradarserving.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bizzocasino.com/
DNT: 1
Connection: keep-alive
Cookie: zuuid=0e60034f-fc56-4ba5-b453-17a34df0a04f; c=1701645797; zuuid_lu=1701645797
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/javascript; charset=UTF-8
Date: Sun, 03 Dec 2023 23:23:17 GMT
Set-Cookie: zuuid=0e60034f-fc56-4ba5-b453-17a34df0a04f; path=/; expires=Mon, 02-Dec-2024 23:23:17 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_lu=1701645797; path=/; expires=Mon, 02-Dec-2024 23:23:17 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_k=1; path=/; expires=Mon, 02-Dec-2024 23:23:17 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_k_lu=1701645797; path=/; expires=Mon, 02-Dec-2024 23:23:17 GMT; domain=sportradarserving.com; samesite=none; secure
bss=!bidswitch,470902997; path=/; expires=Mon, 02-Dec-2024 23:23:17 GMT; domain=sportradarserving.com; samesite=none; secure
cm2=!bidswitch,470974997; path=/; expires=Mon, 02-Dec-2024 23:23:17 GMT; domain=sportradarserving.com; samesite=none; secure
Content-Length: 1527
Connection: keep-alive

track.trackingtraffo.com/pixel?auth=886u5crv&event=visit&uid=undefined&tid=%7BTRANSACTION_ID%7D&cur=undefined&amount=0&site=bizzocasino.com&ln=en-US

88.214.195.153

0 B

URL
track.trackingtraffo.com/pixel?auth=886u5crv&event=visit&uid=undefined&tid=%7BTRANSACTION_ID%7D&cur=undefined&amount=0&site=bizzocasino.com&ln=en-US
IP
88.214.195.153:0
ASN
#46636 NATCOWEB

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pixel?auth=886u5crv&event=visit&uid=undefined&tid=%7BTRANSACTION_ID%7D&cur=undefined&amount=0&site=bizzocasino.com&ln=en-US HTTP/1.1
Host: track.trackingtraffo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 03 Dec 2023 23:23:17 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
Pragma: no-cache
Expires: Sat, 01 Jan 2000 00:00:00 GMT

a.stonecarv.top/shared-js/assets/static-pl.js?v=2

104.21.4.148

1.9 kB

URL
a.stonecarv.top/shared-js/assets/static-pl.js?v=2
IP
104.21.4.148:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with CRLF line terminators
Size
1.9 kB (1910 bytes)
Hash
7224243dd0b18bb2508a1d77d4b2a0b2
bd833c24aa241861316053fd8bd46a1bef3d343f
920aa94a10634fc23234b5e4f55c428f6311fc7811d3591792381678cb492659

HTTP Headers

GET /shared-js/assets/static-pl.js?v=2 HTTP/1.1
Host: a.stonecarv.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.stonecarv.top/browser-check/?pl=zKByXHsQK0ydGD7DogbGyA&sm=browser-check&click_id=6a674h9ikftir7v2ee&sub_id=16122660&nrid=c618b213e89e407c88b53c5081dac660&hash=Sj_hsrCUpQPrERIrRE75-g&exp=1701646090
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 03 Dec 2023 23:23:11 GMT
content-type: application/javascript
last-modified: Fri, 01 Dec 2023 10:07:50 GMT
etag: W/"6569b076-dee"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2660
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wpNiCDyjebtwZvE5Vnx%2BoO7Y%2BLaIWM%2Fr8X6%2FXlgR5L8BdnFutiW6sBpgrtj9JYUpkYgVa8iQt880uQGzRXMr1CkFiK44ADqA7IoOpqGMNwcHtSvpALT9O1edO7RnMUmWZ4g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e549ab5568b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-89BGS3MKPL&cid=229974730.1701645803&gtm=45je3bt0v879152803z8851243229&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=254126593

142.250.74.163

200 OK

42 B

URL GET HTTP/2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-89BGS3MKPL&cid=229974730.1701645803&gtm=45je3bt0v879152803z8851243229&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=254126593
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://bizzocasino.com/no/casino/slots?btag=655020_43A7E4A368104753AF901F0D08A5156B&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&utm_term=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&subid=2c1ce2tik37d5i4a10
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.no
Fingerprint6E:E4:BC:4A:67:5E:46:6A:B3:E4:CA:61:A7:C0:97:AB:14:F0:34:32
ValidityMon, 23 Oct 2023 11:27:27 GMT - Mon, 15 Jan 2024 11:27:26 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-89BGS3MKPL&cid=229974730.1701645803&gtm=45je3bt0v879152803z8851243229&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=254126593 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 23:23:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

casino.cur.a8r.games/public/sg.js

104.18.41.153

9.7 kB

URL
casino.cur.a8r.games/public/sg.js
IP
104.18.41.153:0
ASN
#13335 CLOUDFLARENET

File type
gzip compressed data, from Unix\012- data
Size
9.7 kB (9664 bytes)
Hash
12d95aec269477329d3d638c8472ea25
701df1015d20123c2d5be289aa9be8b2c2629b91
2e378b29bbe6ca5b73bf41670529acdbf6c86436e67ae37fb120ff2214f83ebf

HTTP Headers

GET /public/sg.js HTTP/1.1
Host: casino.cur.a8r.games
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:16 GMT
content-type: text/javascript; charset=utf-8
a8r-request-id: eb694c88-43e9-4bd7-9dd5-df8809bca29f
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Sun, 03 Dec 2023 21:02:53 GMT
cf-cache-status: HIT
age: 4344
expires: Mon, 04 Dec 2023 03:23:16 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e7358520b55-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

my.rtmark.net/img.gif?f=sync&partner=d52d64e3ae130730ea33c02cfefc955af6fb94275ad1752dd9486271dd6cf068&ttl=&rurl=https%3A%2F%2Fbizzocasino.com%2Fno%2Fcasino%2Fslots%3Fbtag%3D655020_43A7E4A368104753AF901F0D08A5156B%26utm_source%3Dretarget%26utm_medium%3DUbidex%26utm_campaign%3DUbidex-Bizzo-EU-NotReg-pop-WelPromo%26utm_term%3DUbidex-Bizzo-EU-NotReg-pop-WelPromo%26subid%3D2c1ce2tik37d5i4a10

139.45.195.8

200 OK

43 B

URL GET HTTP/2
my.rtmark.net/img.gif?f=sync&partner=d52d64e3ae130730ea33c02cfefc955af6fb94275ad1752dd9486271dd6cf068&ttl=&rurl=https%3A%2F%2Fbizzocasino.com%2Fno%2Fcasino%2Fslots%3Fbtag%3D655020_43A7E4A368104753AF901F0D08A5156B%26utm_source%3Dretarget%26utm_medium%3DUbidex%26utm_campaign%3DUbidex-Bizzo-EU-NotReg-pop-WelPromo%26utm_term%3DUbidex-Bizzo-EU-NotReg-pop-WelPromo%26subid%3D2c1ce2tik37d5i4a10
IP
139.45.195.8:443
ASN
#9002 RETN Limited

Requested by
https://bizzocasino.com/no/casino/slots?btag=655020_43A7E4A368104753AF901F0D08A5156B&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&utm_term=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&subid=2c1ce2tik37d5i4a10
Certificate
IssuerLet's Encrypt
Subjectrtmark.net
FingerprintE8:81:4E:79:89:89:BE:CE:75:1F:E0:2A:60:54:8A:A4:11:2E:F7:42
ValiditySat, 07 Oct 2023 15:22:00 GMT - Fri, 05 Jan 2024 15:21:59 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

HTTP Headers

GET /img.gif?f=sync&partner=d52d64e3ae130730ea33c02cfefc955af6fb94275ad1752dd9486271dd6cf068&ttl=&rurl=https%3A%2F%2Fbizzocasino.com%2Fno%2Fcasino%2Fslots%3Fbtag%3D655020_43A7E4A368104753AF901F0D08A5156B%26utm_source%3Dretarget%26utm_medium%3DUbidex%26utm_campaign%3DUbidex-Bizzo-EU-NotReg-pop-WelPromo%26utm_term%3DUbidex-Bizzo-EU-NotReg-pop-WelPromo%26subid%3D2c1ce2tik37d5i4a10 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 03 Dec 2023 23:23:18 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=4c946ace96334af6847057bd5b946579; expires=Mon, 02 Dec 2024 23:23:18 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

platform.bizzocasino.com/api/v2/registration-configurations?desktop=1

104.26.8.22

0 B

URL
platform.bizzocasino.com/api/v2/registration-configurations?desktop=1
IP
104.26.8.22:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /api/v2/registration-configurations?desktop=1 HTTP/1.1
Host: platform.bizzocasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://bizzocasino.com/
Origin: https://bizzocasino.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Sun, 03 Dec 2023 23:23:18 GMT
access-control-allow-origin: https://bizzocasino.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone,LOCATION-SMART-HTML-SESSION-ID,LOCATION-SMART-DEVICE-SESSION-ID
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mjwk%2FsU1%2B%2FJkeVowJFZqt5t18ChJhUa0PtvZ5IB8u1on6XloB8jLVu3ukPfVggjD48kwZlPkqWzQ9aWwq7gwoTURbdnE5Gm%2F9sPXk9lfWW%2B2nYvTNNbRlYYoOoWp6fiYjM7IiY0vj2zUxg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82ff8e80ecc956c4-OSL
X-Firefox-Spdy: h2

platform.bizzocasino.com/api/v2/casino/producer?is_desktop=1&is_live=0&topProducer=1

104.26.8.22

0 B

URL
platform.bizzocasino.com/api/v2/casino/producer?is_desktop=1&is_live=0&topProducer=1
IP
104.26.8.22:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /api/v2/casino/producer?is_desktop=1&is_live=0&topProducer=1 HTTP/1.1
Host: platform.bizzocasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://bizzocasino.com/
Origin: https://bizzocasino.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Sun, 03 Dec 2023 23:23:18 GMT
access-control-allow-origin: https://bizzocasino.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone,LOCATION-SMART-HTML-SESSION-ID,LOCATION-SMART-DEVICE-SESSION-ID
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TpwTKa7DOA9lrCe5iNYtaQJfoK1O9x9o6qQbruq44v9OJXiY9baEgpBdSsWSBjjeHAGDl0n054QNlLdCNQ7hRB18u40CnasC71yb8IgIcKqzFuyFruhwQsW4GXBh6xNeWflTGJtk3EZvYA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82ff8e814d1156c4-OSL
X-Firefox-Spdy: h2

platform.bizzocasino.com/api/data/get-countries

104.26.8.22

0 B

URL
platform.bizzocasino.com/api/data/get-countries
IP
104.26.8.22:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /api/data/get-countries HTTP/1.1
Host: platform.bizzocasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://bizzocasino.com/
Origin: https://bizzocasino.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Sun, 03 Dec 2023 23:23:18 GMT
access-control-allow-origin: https://bizzocasino.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone,LOCATION-SMART-HTML-SESSION-ID,LOCATION-SMART-DEVICE-SESSION-ID
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XK4WlJMx2zxYU%2BWJKRQHHe93iNkIncEYC4Chcutea8wlusFaZtayo6K02ChIS7e6T%2BQ29%2BWWY6RBLAFu5AsnL8igNjGqzzf5oA0nJzRbsMMDKNoREG10lukyMteBFKpRRjBBmiPsli%2Fsew%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82ff8e80fcda56c4-OSL
X-Firefox-Spdy: h2

platform.bizzocasino.com/api/data/provinces

104.26.8.22

0 B

URL
platform.bizzocasino.com/api/data/provinces
IP
104.26.8.22:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /api/data/provinces HTTP/1.1
Host: platform.bizzocasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://bizzocasino.com/
Origin: https://bizzocasino.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Sun, 03 Dec 2023 23:23:18 GMT
access-control-allow-origin: https://bizzocasino.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone,LOCATION-SMART-HTML-SESSION-ID,LOCATION-SMART-DEVICE-SESSION-ID
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QLw9sY0WU6Js9qzM7DrP82mDYXYBlOg%2Fjsc3A1mDZrOyQAlYnUbezKrUlgu0eE7w2op5HalH7zFBaU%2FLkdEmziNErbuMmrYBxetTibyH68URrC03CeMmKLXzoo0OkNcwBW0tmMmumPmWFw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82ff8e80fcdd56c4-OSL
X-Firefox-Spdy: h2

platform.bizzocasino.com/api/v2/ip-data

104.26.8.22

0 B

URL
platform.bizzocasino.com/api/v2/ip-data
IP
104.26.8.22:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /api/v2/ip-data HTTP/1.1
Host: platform.bizzocasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://bizzocasino.com/
Origin: https://bizzocasino.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Sun, 03 Dec 2023 23:23:18 GMT
access-control-allow-origin: https://bizzocasino.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone,LOCATION-SMART-HTML-SESSION-ID,LOCATION-SMART-DEVICE-SESSION-ID
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HSHi5m4xHQuPMDV3vTiwfzMScLmmZuyGtehxwoYeGBOVHgEzap0x9MX1Fyt%2FNuxBwhSR6nA9zyWMKgVcGa3wRA2chdxrQflOIIy%2FXnPHJduMD9jB8TctE5anAsP2%2BJU1XYZxlt1iZE0OMw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82ff8e80eccb56c4-OSL
X-Firefox-Spdy: h2

platform.bizzocasino.com/api/data/get-currencies

104.26.8.22

0 B

URL
platform.bizzocasino.com/api/data/get-currencies
IP
104.26.8.22:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /api/data/get-currencies HTTP/1.1
Host: platform.bizzocasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://bizzocasino.com/
Origin: https://bizzocasino.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Sun, 03 Dec 2023 23:23:18 GMT
access-control-allow-origin: https://bizzocasino.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone,LOCATION-SMART-HTML-SESSION-ID,LOCATION-SMART-DEVICE-SESSION-ID
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tt32cIRZ2V2c%2BiG6O%2FEx6Dnpp4nB598cKMmXOQLgh2h72Grhf4ain5Lw2zi8wTK%2FqZ%2FVIK4QVgcrDOkq3Cg%2B4jHIUdbfqfIG7nvE8Oe484zuumGcTD0Y9mTL9TLAwNNRcObsPNfCZ%2BZCOg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82ff8e80eccf56c4-OSL
X-Firefox-Spdy: h2

platform.bizzocasino.com/api/v2/casino/category?auth=false&categoryRecentlyPlayedEnabled=true

104.26.8.22

0 B

URL
platform.bizzocasino.com/api/v2/casino/category?auth=false&categoryRecentlyPlayedEnabled=true
IP
104.26.8.22:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /api/v2/casino/category?auth=false&categoryRecentlyPlayedEnabled=true HTTP/1.1
Host: platform.bizzocasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://bizzocasino.com/
Origin: https://bizzocasino.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Sun, 03 Dec 2023 23:23:18 GMT
access-control-allow-origin: https://bizzocasino.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone,LOCATION-SMART-HTML-SESSION-ID,LOCATION-SMART-DEVICE-SESSION-ID
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tZYf7DmMs8vZ1uiNCo9%2BIhenFGWEJsRye4%2BXoq6XraEeAjhcdq5oBuqAO9qyDbJ4DAYlme2QzfqWt%2F7LM7lh7asKepR05%2FVYfvZcjvfO9XTws0BJXpMhTY%2F5RUBDsgwODvxzg3dm7jmu%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82ff8e815d1956c4-OSL
X-Firefox-Spdy: h2

platform.bizzocasino.com/api/v2/casino/producer?is_desktop=1&is_live=1&topProducer=1

104.26.8.22

200 OK

0 B

URL GET HTTP/2
platform.bizzocasino.com/api/v2/casino/producer?is_desktop=1&is_live=1&topProducer=1
IP
104.26.8.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bizzocasino.com/no/casino/slots?btag=655020_43A7E4A368104753AF901F0D08A5156B&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&utm_term=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&subid=2c1ce2tik37d5i4a10
Certificate
IssuerCloudflare, Inc.
Subjectbizzocasino.com
FingerprintC6:8D:CF:8A:33:8A:9E:A9:7D:65:61:29:86:23:37:74:4A:9C:A1:0E
ValidityTue, 14 Mar 2023 00:00:00 GMT - Tue, 12 Mar 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /api/v2/casino/producer?is_desktop=1&is_live=1&topProducer=1 HTTP/1.1
Host: platform.bizzocasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://bizzocasino.com/
Origin: https://bizzocasino.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Sun, 03 Dec 2023 23:23:18 GMT
access-control-allow-origin: https://bizzocasino.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone,LOCATION-SMART-HTML-SESSION-ID,LOCATION-SMART-DEVICE-SESSION-ID
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8hebICUZRPF5h00tYTfljoti5b%2BYTO0uLDZXW9Sa3sISLvT5WfMwgFPzFQpwga4TwaY4IuNM8Z7E34MRcnELzxfp301rJSC3CyQiImB54ca82a2wDA4eO3zu8UvJXDRZnLOvdJIpn3xtjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82ff8e815d1856c4-OSL
X-Firefox-Spdy: h2

platform.bizzocasino.com/api/v2/bonuses/tournaments?lang=no&frontendIdentifier_in%5B%5D=oracle-slot-race&frontendIdentifier_in%5B%5D=luxury-table-battle&frontendIdentifier_in%5B%5D=drops-and-wins&frontendIdentifier_in%5B%5D=mystery-drop

104.26.8.22

200 OK

0 B

URL GET HTTP/2
platform.bizzocasino.com/api/v2/bonuses/tournaments?lang=no&frontendIdentifier_in%5B%5D=oracle-slot-race&frontendIdentifier_in%5B%5D=luxury-table-battle&frontendIdentifier_in%5B%5D=drops-and-wins&frontendIdentifier_in%5B%5D=mystery-drop
IP
104.26.8.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bizzocasino.com/no/casino/slots?btag=655020_43A7E4A368104753AF901F0D08A5156B&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&utm_term=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&subid=2c1ce2tik37d5i4a10
Certificate
IssuerCloudflare, Inc.
Subjectbizzocasino.com
FingerprintC6:8D:CF:8A:33:8A:9E:A9:7D:65:61:29:86:23:37:74:4A:9C:A1:0E
ValidityTue, 14 Mar 2023 00:00:00 GMT - Tue, 12 Mar 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /api/v2/bonuses/tournaments?lang=no&frontendIdentifier_in%5B%5D=oracle-slot-race&frontendIdentifier_in%5B%5D=luxury-table-battle&frontendIdentifier_in%5B%5D=drops-and-wins&frontendIdentifier_in%5B%5D=mystery-drop HTTP/1.1
Host: platform.bizzocasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://bizzocasino.com/
Origin: https://bizzocasino.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Sun, 03 Dec 2023 23:23:18 GMT
access-control-allow-origin: https://bizzocasino.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone,LOCATION-SMART-HTML-SESSION-ID,LOCATION-SMART-DEVICE-SESSION-ID
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=auSaTjJ3usK%2BFJ0H4AFvSZPNLhkwFuAXRMmwdcvjygVOCz%2FTVXtL3dgyOMpTPv8IbQ8F9VkoUMPu3cB4JyDMJZ2cl2IkYX1pHLu2cGSTAlpGeJj6fM0eXSZdajDRp99ChhsyAeclaSYucA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82ff8e82ee1156c4-OSL
X-Firefox-Spdy: h2

platform.bizzocasino.com/api/data/get-currencies

104.26.9.22

124 kB

URL
platform.bizzocasino.com/api/data/get-currencies
IP
104.26.9.22:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with very long lines (11036), with no line terminators
Size
124 kB (124033 bytes)
Hash
1b9fd1933dd2cd02eed04e956cc16f79
874cc82c055de959ca7d1da372a3edf51a8fc140
4a1530d33848bd70d1f657f4e3c466acbb9dea9fa2b2481d46ba668f836729ea

HTTP Headers

GET /api/data/get-currencies HTTP/1.1
Host: platform.bizzocasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
client-timezone: UTC
Origin: https://bizzocasino.com
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Cookie: _cioanonid=5729cd2a-443d-d34e-f27b-3db8283c16fe; _ga_89BGS3MKPL=GS1.1.1701645802.1.0.1701645802.60.0.0; _ga=GA1.1.229974730.1701645803; _sp_srt_ses.52c6=*; _sp_srt_id.52c6=181b8daa-ecdb-47c1-89cf-35a8d7654f5f.1701645803.1.1701645803..1220d451-2ad2-4753-970e-24cea0de13a2....0; ubc-code=29ac37f3-360e-4c6c-b8ea-42bbfe59b49b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:18 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: https://bizzocasino.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone,LOCATION-SMART-HTML-SESSION-ID,LOCATION-SMART-DEVICE-SESSION-ID
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dF5LYmyTCB9E5LE2XfBIDL880lajtbUyrZR80V%2BDy%2BgNf7NxnOij2jZ4uhxomJw0N3858tU6B7TkuEwkCxLFP6ua5VSTTa%2FX9120wLPd0xT5eSHYsKFstloxDrVpsjRcrz4LAwDXdkDX9g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82ff8e81d9f4b50c-OSL
content-encoding: br
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js

142.250.74.35

191 kB

URL
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (563)
Size
191 kB (190682 bytes)
Hash
23b9dd721490a4062ba8d01454ef6ba9
efdbb7331585411f7d397dacbf51fd3e95f3031d
4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7

HTTP Headers

GET /recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bizzocasino.com
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 190682
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 03 Dec 2023 11:52:30 GMT
expires: Mon, 02 Dec 2024 11:52:30 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 41449
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

d2i76d1bskcqlp.cloudfront.net/site/upload/promotion/logobizzo.svg

54.230.241.11

28 kB

URL
d2i76d1bskcqlp.cloudfront.net/site/upload/promotion/logobizzo.svg
IP
54.230.241.11:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1630)
Size
28 kB (28170 bytes)
Hash
08daac692f85fd455c531a62ab810fb0
e54254f5656e86e875597fcee9c7a49fffe73fbc
54b1ff78473d6f29579da67dea34233aa643beca21319cfbc55af2b5d1524b94

HTTP Headers

GET /site/upload/promotion/logobizzo.svg HTTP/1.1
Host: d2i76d1bskcqlp.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 28170
date: Sun, 03 Dec 2023 12:37:19 GMT
last-modified: Wed, 18 Jan 2023 09:27:05 GMT
etag: "08daac692f85fd455c531a62ab810fb0"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: nkInWT4Ne-PZSlxB-moIy3I83Jln0bWifM0V8v5qmae3HZbtlcg66g==
age: 38761
X-Firefox-Spdy: h2

www.google.com/recaptcha/api2/anchor?ar=1&k=6LfuX1IiAAAAAI-I-22YsCkMcy74SxhQFgeotAJp&co=aHR0cHM6Ly9iaXp6b2Nhc2luby5jb206NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=mjjsfj6ijl1g

142.250.74.164

34 kB

URL
www.google.com/recaptcha/api2/anchor?ar=1&k=6LfuX1IiAAAAAI-I-22YsCkMcy74SxhQFgeotAJp&co=aHR0cHM6Ly9iaXp6b2Nhc2luby5jb206NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=mjjsfj6ijl1g
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
gzip compressed data\012- data
Size
34 kB (34360 bytes)
Hash
fd8211cda3a00b93ac6d9a5440942360
0f204a2f0466682890cffa6b0a90c87c71d90456
6892d865fa5c00052acb7da199f2063b50fa985dee0ef8c3b507631f5da33ed0

HTTP Headers

GET /recaptcha/api2/anchor?ar=1&k=6LfuX1IiAAAAAI-I-22YsCkMcy74SxhQFgeotAJp&co=aHR0cHM6Ly9iaXp6b2Nhc2luby5jb206NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=mjjsfj6ijl1g HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 03 Dec 2023 23:23:19 GMT
content-security-policy: script-src 'nonce-YdlM0HjLrm4Oi4e9OGRF9A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css

142.250.74.35

25 kB

URL
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (56398), with no line terminators
Size
25 kB (24606 bytes)
Hash
eb4bc511f79f7a1573b45f5775b3a99b
d910fb51ad7316aa54f055079374574698e74b35
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

HTTP Headers

GET /recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24606
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 03 Dec 2023 19:06:15 GMT
expires: Mon, 02 Dec 2024 19:06:15 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
content-type: text/css
vary: Accept-Encoding
age: 15424
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js

142.250.74.35

191 kB

URL
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (563)
Size
191 kB (190682 bytes)
Hash
23b9dd721490a4062ba8d01454ef6ba9
efdbb7331585411f7d397dacbf51fd3e95f3031d
4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7

HTTP Headers

GET /recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 190682
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 03 Dec 2023 11:52:30 GMT
expires: Mon, 02 Dec 2024 11:52:30 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 41449
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

142.250.74.99

8.0 kB

URL
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
IP
142.250.74.99:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 8000, version 1.0\012- data
Size
8.0 kB (8000 bytes)
Hash
72993dddf88a63e8f226656f7de88e57
179f97ec0275f09603a8db94d4380eb584d81cd5
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

HTTP Headers

GET /s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bizzocasino.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:48:42 GMT
expires: Thu, 28 Nov 2024 21:48:42 GMT
cache-control: public, max-age=31536000
age: 351277
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

142.250.74.99

7.8 kB

URL
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP
142.250.74.99:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 7816, version 1.0\012- data
Size
7.8 kB (7816 bytes)
Hash
25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

HTTP Headers

GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bizzocasino.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 20:01:02 GMT
expires: Thu, 28 Nov 2024 20:01:02 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
content-type: font/woff2
age: 357737
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

platform.bizzocasino.com/api/v2/casino/last-winners?limit=5&has_live=0

104.26.8.22

0 B

URL
platform.bizzocasino.com/api/v2/casino/last-winners?limit=5&has_live=0
IP
104.26.8.22:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /api/v2/casino/last-winners?limit=5&has_live=0 HTTP/1.1
Host: platform.bizzocasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://bizzocasino.com/
Origin: https://bizzocasino.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Sun, 03 Dec 2023 23:23:19 GMT
access-control-allow-origin: https://bizzocasino.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone,LOCATION-SMART-HTML-SESSION-ID,LOCATION-SMART-DEVICE-SESSION-ID
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Ao3BZ1kj%2B8jr6dEqFUBPwOqCobvKpkLOdngGdwJ7mlEtVKpFUQwHaIH%2B%2BmpCr3YJgJA%2BQt7r5zpaEBepqtCbaz7jBfIrMI53oBZ8cDUqzEEbqbbWLJ%2FkSlKNEZoSqjKqAb8NRi1CVLXhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82ff8e87e90c56c4-OSL
X-Firefox-Spdy: h2

cdn.livechatinc.com/tracking.js

23.36.79.16

27 kB

URL
cdn.livechatinc.com/tracking.js
IP
23.36.79.16:0
ASN
#20940 Akamai International B.V.

File type
data
Size
27 kB (27131 bytes)
Hash
040dea15dd9a6c28ae756160d224485f
46597206913ee680550f692bc2ce007ee878c634
3a9092e7843cd485aade33f386466a452095937fc31543f73b24b1c93b4f49b1

HTTP Headers

GET /tracking.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Fri, 01 Dec 2023 09:12:25 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: 3CyuQk8hK5meZFX8yufVSUsdG9OUQ4w7
server: AmazonS3
content-encoding: br
etag: W/"040dea15dd9a6c28ae756160d224485f"
vary: Accept-Encoding
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: xemZ-A6vY5vd7X0zM1Y54MmH3oa2uIrcAkgkL7NwKQBJ1QEzlfzWTA==
content-length: 27131
cache-control: max-age=28800
expires: Mon, 04 Dec 2023 07:23:19 GMT
date: Sun, 03 Dec 2023 23:23:19 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
X-Firefox-Spdy: h2

platform.bizzocasino.com/api/user/is-auth

104.26.8.22

0 B

URL
platform.bizzocasino.com/api/user/is-auth
IP
104.26.8.22:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /api/user/is-auth HTTP/1.1
Host: platform.bizzocasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://bizzocasino.com/
Origin: https://bizzocasino.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Sun, 03 Dec 2023 23:23:19 GMT
access-control-allow-origin: https://bizzocasino.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone,LOCATION-SMART-HTML-SESSION-ID,LOCATION-SMART-DEVICE-SESSION-ID
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V32mYGNOpsUgMSAMGkac%2BJ6IlERGHZsgqpdVfWbFcKooYR%2BiCGirhScX3prKqRHuRVlfgy1DUYLcwA6FkT5LN0ZzmsAAlp3PT%2BA4OKmZ4jobelYkLUZXUyDR9thwmoyLvhsJJ%2FwjPl3%2BqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82ff8e88193156c4-OSL
X-Firefox-Spdy: h2

bizzocasino.com/assets/footer/footer-head.png

104.26.9.22

1.7 kB

URL
bizzocasino.com/assets/footer/footer-head.png
IP
104.26.9.22:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 88 x 30, 8-bit/color RGBA, non-interlaced\012- data
Size
1.7 kB (1716 bytes)
Hash
fc93928fb4619868fdd48ced90da63b4
2833e205cdc25a819a9fec774b67d7b55ce60874
6424b9d791c1c089ba2a5c71d0834b1d967407dacf2a13f3c1ad73f1c0c20c69

HTTP Headers

GET /assets/footer/footer-head.png HTTP/1.1
Host: bizzocasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/app/main.83ce3608c729461e.css
Cookie: is_mobile_device=false; preferred-language=no; btag=655020_43A7E4A368104753AF901F0D08A5156B; subid=2c1ce2tik37d5i4a10; utm_campaign=Ubidex-Bizzo-EU-NotReg-pop-WelPromo; utm_medium=Ubidex; utm_source=retarget; utm_term=Ubidex-Bizzo-EU-NotReg-pop-WelPromo; _cioanonid=5729cd2a-443d-d34e-f27b-3db8283c16fe; _ga_89BGS3MKPL=GS1.1.1701645802.1.0.1701645802.60.0.0; _ga=GA1.1.229974730.1701645803; _sp_srt_ses.52c6=*; _sp_srt_id.52c6=181b8daa-ecdb-47c1-89cf-35a8d7654f5f.1701645803.1.1701645803..1220d451-2ad2-4753-970e-24cea0de13a2....0; ubc-code=29ac37f3-360e-4c6c-b8ea-42bbfe59b49b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:19 GMT
content-type: image/png
content-length: 1716
cf-ray: 82ff8e87ee1ab50c-OSL
cf-cache-status: BYPASS
accept-ranges: bytes
etag: "6568287a-6b4"
last-modified: Thu, 30 Nov 2023 06:15:22 GMT
set-cookie: is_mobile_device=false
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pM6jkR%2BoDuzCj4ubmD3%2FNItWw1D2qGBkZ7vGq9f2%2BTYDxcq9LUsAVv3nhpcy%2F6o93Eai8vjUM%2Bk1onu38U8iCWacpJC27gdTOwEj5ceh3L%2BapRzXj7LSXp0%2F996GBihWpw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

bizzocasino.com/app/national-casino.bd72461abedac9c4c71b.ttf?165x9

104.26.9.22

47 kB

URL
bizzocasino.com/app/national-casino.bd72461abedac9c4c71b.ttf?165x9
IP
104.26.9.22:0
ASN
#13335 CLOUDFLARENET

File type
TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, national-casino\012- data
Size
47 kB (47084 bytes)
Hash
f0193169d46b8e2b1a611dac024e28a2
757f5d06351412b3b34d36a0ffbcff14b1693b17
ab3d850f76b61b0f6dedf818a7002fdbed74b272590ab25cd2cb5b392d5d1998

HTTP Headers

GET /app/national-casino.bd72461abedac9c4c71b.ttf?165x9 HTTP/1.1
Host: bizzocasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/app/styles.0a9bea20e8a4c45f.css
Cookie: is_mobile_device=false; preferred-language=no; btag=655020_43A7E4A368104753AF901F0D08A5156B; subid=2c1ce2tik37d5i4a10; utm_campaign=Ubidex-Bizzo-EU-NotReg-pop-WelPromo; utm_medium=Ubidex; utm_source=retarget; utm_term=Ubidex-Bizzo-EU-NotReg-pop-WelPromo; _cioanonid=5729cd2a-443d-d34e-f27b-3db8283c16fe; _ga_89BGS3MKPL=GS1.1.1701645802.1.0.1701645802.60.0.0; _ga=GA1.1.229974730.1701645803; _sp_srt_ses.52c6=*; _sp_srt_id.52c6=181b8daa-ecdb-47c1-89cf-35a8d7654f5f.1701645803.1.1701645803..1220d451-2ad2-4753-970e-24cea0de13a2....0; ubc-code=29ac37f3-360e-4c6c-b8ea-42bbfe59b49b
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:19 GMT
content-type: application/octet-stream
content-length: 47084
cf-ray: 82ff8e87adf6b50c-OSL
cf-cache-status: BYPASS
accept-ranges: bytes
etag: "65682878-b7ec"
last-modified: Thu, 30 Nov 2023 06:15:20 GMT
set-cookie: is_mobile_device=false
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B1HwA%2B0XCu5zxBBVEyLccTF4pHy5XeJ4i7YLNa2gEn9mAYJ6YWNTA80yGtysNyZx8rgYI0wfvdu1u2iagG2BTVVgvRTFQ7uGZKXfZePX4mluUN1WwcptWd7AOAL52vgYYg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

bizzocasino.com/api/footer/get-content?lang=no_NO

104.26.9.22

17 kB

URL
bizzocasino.com/api/footer/get-content?lang=no_NO
IP
104.26.9.22:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with very long lines (5177), with no line terminators
Size
17 kB (16654 bytes)
Hash
646a0cf4ad3c31427e94f8752af3f713
bdf1e0ffa99ee8c7cce4d48da6b86ef952d85e52
f5a177a50520722fd6dc3babddd8002accf5857244bebde4af1c025058e1101b

HTTP Headers

GET /api/footer/get-content?lang=no_NO HTTP/1.1
Host: bizzocasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/no/casino/slots?btag=655020_43A7E4A368104753AF901F0D08A5156B&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&utm_term=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&subid=2c1ce2tik37d5i4a10
Cookie: preferred-language=no; btag=655020_43A7E4A368104753AF901F0D08A5156B; subid=2c1ce2tik37d5i4a10; utm_campaign=Ubidex-Bizzo-EU-NotReg-pop-WelPromo; utm_medium=Ubidex; utm_source=retarget; utm_term=Ubidex-Bizzo-EU-NotReg-pop-WelPromo; _cioanonid=5729cd2a-443d-d34e-f27b-3db8283c16fe; _ga_89BGS3MKPL=GS1.1.1701645802.1.0.1701645802.60.0.0; _ga=GA1.1.229974730.1701645803; _sp_srt_ses.52c6=*; _sp_srt_id.52c6=181b8daa-ecdb-47c1-89cf-35a8d7654f5f.1701645803.1.1701645803..1220d451-2ad2-4753-970e-24cea0de13a2....0; ubc-code=29ac37f3-360e-4c6c-b8ea-42bbfe59b49b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:19 GMT
content-type: application/json
cf-ray: 82ff8e87ee17b50c-OSL
cf-cache-status: DYNAMIC
cache-control: no-cache, private
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods: GET, POST, OPTIONS
access-control-expose-headers: Content-Length,Content-Range
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zzjuxKsn%2BdX53t127qutPsQNnsGHFLbofca%2FjwHhiudTIBkcBC9AurRwnlOlsENHLqguB3o9tOovdDfl6L6hguB8V0N4tvYl%2BPOUPK8BfQRjM7jXRsk5XQT0oOYd7r71Tg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

142.250.74.99

16 kB

URL
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
142.250.74.99:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Size
16 kB (15552 bytes)
Hash
285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 27 Nov 2023 23:42:20 GMT
expires: Tue, 26 Nov 2024 23:42:20 GMT
cache-control: public, max-age=31536000
age: 517259
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/api2/logo_48.png

142.250.74.35

2.2 kB

URL
www.gstatic.com/recaptcha/api2/logo_48.png
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
2.2 kB (2228 bytes)
Hash
ef9941290c50cd3866e2ba6b793f010d
4736508c795667dcea21f8d864233031223b7832
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

HTTP Headers

GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:37:43 GMT
expires: Wed, 06 Dec 2023 21:37:43 GMT
cache-control: public, max-age=604800
age: 351936
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

142.250.74.99

7.7 kB

URL
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
IP
142.250.74.99:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 7748, version 1.0\012- data
Size
7.7 kB (7748 bytes)
Hash
a09f2fccfee35b7247b08a1a266f0328
0da2d17e738f46d2a09e6fb7969da451719a9820
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

HTTP Headers

GET /s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bizzocasino.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 05:13:52 GMT
expires: Fri, 29 Nov 2024 05:13:52 GMT
cache-control: public, max-age=31536000
age: 324567
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

bizzocasino.com/assets/banners/games-search/games-search-image-left.webp

104.26.9.22

46 kB

URL
bizzocasino.com/assets/banners/games-search/games-search-image-left.webp
IP
104.26.9.22:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
46 kB (46506 bytes)
Hash
60749a7b12dc1ff49b830cab90a5564d
5d2c9e33a2248e1355de6cd1de4e83c4ea20d5ad
d6760fd97d417da496a608da40283d7899f03877bb6affae6202fba0aae10c65

HTTP Headers

GET /assets/banners/games-search/games-search-image-left.webp HTTP/1.1
Host: bizzocasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/no/casino/slots?btag=655020_43A7E4A368104753AF901F0D08A5156B&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&utm_term=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&subid=2c1ce2tik37d5i4a10
Cookie: is_mobile_device=false; preferred-language=no; btag=655020_43A7E4A368104753AF901F0D08A5156B; subid=2c1ce2tik37d5i4a10; utm_campaign=Ubidex-Bizzo-EU-NotReg-pop-WelPromo; utm_medium=Ubidex; utm_source=retarget; utm_term=Ubidex-Bizzo-EU-NotReg-pop-WelPromo; _cioanonid=5729cd2a-443d-d34e-f27b-3db8283c16fe; _ga_89BGS3MKPL=GS1.1.1701645802.1.0.1701645802.60.0.0; _ga=GA1.1.229974730.1701645803; _sp_srt_ses.52c6=*; _sp_srt_id.52c6=181b8daa-ecdb-47c1-89cf-35a8d7654f5f.1701645803.1.1701645803..1220d451-2ad2-4753-970e-24cea0de13a2....0; ubc-code=29ac37f3-360e-4c6c-b8ea-42bbfe59b49b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:19 GMT
content-type: image/webp
content-length: 46506
cf-ray: 82ff8e88cea2b50c-OSL
cf-cache-status: BYPASS
accept-ranges: bytes
etag: "6568287a-b5aa"
last-modified: Thu, 30 Nov 2023 06:15:22 GMT
set-cookie: is_mobile_device=false
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GceP5dlPcKyMC1BB3YhNQ%2BpvaanuzeTBlQ9jsWjRHuOT06eh%2FQtMsiYIGDjX%2BK7eHi%2Fjr8SGOZ%2FUPEumE4wnFMVnbufBhDwohzmTkdINBDSvbGbceN1fwmBMsJ6Xs8lu%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

bizzocasino.com/assets/banners/games-search/games-search-image-right.webp

104.26.9.22

59 kB

URL
bizzocasino.com/assets/banners/games-search/games-search-image-right.webp
IP
104.26.9.22:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
59 kB (59226 bytes)
Hash
4cba474cfbc143d30cfb0caaf1cd21ab
95d9bfaf062d40f7912519299363eba01d7e0811
328f751e7bb6a35b9ced5beebfb877f6b5538f17d504840354726e5b63b8e3b8

HTTP Headers

GET /assets/banners/games-search/games-search-image-right.webp HTTP/1.1
Host: bizzocasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/no/casino/slots?btag=655020_43A7E4A368104753AF901F0D08A5156B&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&utm_term=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&subid=2c1ce2tik37d5i4a10
Cookie: is_mobile_device=false; preferred-language=no; btag=655020_43A7E4A368104753AF901F0D08A5156B; subid=2c1ce2tik37d5i4a10; utm_campaign=Ubidex-Bizzo-EU-NotReg-pop-WelPromo; utm_medium=Ubidex; utm_source=retarget; utm_term=Ubidex-Bizzo-EU-NotReg-pop-WelPromo; _cioanonid=5729cd2a-443d-d34e-f27b-3db8283c16fe; _ga_89BGS3MKPL=GS1.1.1701645802.1.0.1701645802.60.0.0; _ga=GA1.1.229974730.1701645803; _sp_srt_ses.52c6=*; _sp_srt_id.52c6=181b8daa-ecdb-47c1-89cf-35a8d7654f5f.1701645803.1.1701645803..1220d451-2ad2-4753-970e-24cea0de13a2....0; ubc-code=29ac37f3-360e-4c6c-b8ea-42bbfe59b49b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:19 GMT
content-type: image/webp
content-length: 59226
cf-ray: 82ff8e88cea5b50c-OSL
cf-cache-status: BYPASS
accept-ranges: bytes
etag: "6568287f-e75a"
last-modified: Thu, 30 Nov 2023 06:15:27 GMT
set-cookie: is_mobile_device=false
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DwtT0BgClz6gANTPcuFuFPGUSu5yhZz%2BAmy5htqo7DVlksPQmPGVUK1Ho4e%2FPes1cqqQhIkYTGHnykvGhyYeXVH67aUxj8ymJurJYJwej0YuL95FDQpcjQaCRGvkiSNA2g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

bizzocasino.com/app/1189.86d431edcfce26c6.js

104.26.9.22

194 kB

URL
bizzocasino.com/app/1189.86d431edcfce26c6.js
IP
104.26.9.22:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (7222), with no line terminators
Size
194 kB (194417 bytes)
Hash
99ea12febbba5f6306662ecbbf9b578c
4afb8b21421d7bf6558a428a31a0be888d93de98
b4e29d1469a2a8770a0ef80ed5de63843d4b453bd894ad24dd0bc78910b9a5f4

HTTP Headers

GET /app/1189.86d431edcfce26c6.js HTTP/1.1
Host: bizzocasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/no/casino/slots?btag=655020_43A7E4A368104753AF901F0D08A5156B&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&utm_term=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&subid=2c1ce2tik37d5i4a10
Cookie: is_mobile_device=false; preferred-language=no; btag=655020_43A7E4A368104753AF901F0D08A5156B; subid=2c1ce2tik37d5i4a10; utm_campaign=Ubidex-Bizzo-EU-NotReg-pop-WelPromo; utm_medium=Ubidex; utm_source=retarget; utm_term=Ubidex-Bizzo-EU-NotReg-pop-WelPromo; _cioanonid=5729cd2a-443d-d34e-f27b-3db8283c16fe; _ga_89BGS3MKPL=GS1.1.1701645802.1.0.1701645802.60.0.0; _ga=GA1.1.229974730.1701645803; _sp_srt_ses.52c6=*; _sp_srt_id.52c6=181b8daa-ecdb-47c1-89cf-35a8d7654f5f.1701645803.1.1701645803..1220d451-2ad2-4753-970e-24cea0de13a2....0; ubc-code=29ac37f3-360e-4c6c-b8ea-42bbfe59b49b
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:19 GMT
content-type: application/javascript
cf-ray: 82ff8e876ddab50c-OSL
cf-cache-status: BYPASS
etag: W/"65682878-1c36"
last-modified: Thu, 30 Nov 2023 06:15:20 GMT
set-cookie: is_mobile_device=false
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hk58IAw4DL9gpcDDA%2FQKV3OOcNPc%2B5ln8tSpcyT%2FEaw4wF5MO1rGf0QvnCduM3FO575hvHgL498tIJ2EQM59NIoNonk1S1sn0OhYcdtXLprwDfSUpUX9EkTv2tAwpkGDZg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

c4457c89-e5ba-4d22-92e5-c2959310ee85.snippet.antillephone.com/54f396e0-b046-49b1-9cb3-0c69281d7ea9-beacon.png

54.230.111.125

68 B

URL
c4457c89-e5ba-4d22-92e5-c2959310ee85.snippet.antillephone.com/54f396e0-b046-49b1-9cb3-0c69281d7ea9-beacon.png
IP
54.230.111.125:0
ASN
#16509 AMAZON-02

File type
PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Size
68 B (68 bytes)
Hash
e679fbd466a2d656f194a5da4fa083cd
2aa795c7607aa6ea41313be88f1b7a9c1ab516b3
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710

HTTP Headers

GET /54f396e0-b046-49b1-9cb3-0c69281d7ea9-beacon.png HTTP/1.1
Host: c4457c89-e5ba-4d22-92e5-c2959310ee85.snippet.antillephone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 68
date: Thu, 30 Nov 2023 21:58:43 GMT
last-modified: Tue, 15 Dec 2020 08:04:53 GMT
etag: "e679fbd466a2d656f194a5da4fa083cd"
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: QeE6-TdSwP289aLJpTKwi3m3ZrFvbPqxsRgOALyeVZUFi3xJhHVF8A==
age: 264278
X-Firefox-Spdy: h2

api.livechatinc.com/v3.6/customer/action/get_dynamic_configuration?license_id=9054575&client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5&url=https%3A%2F%2Fbizzocasino.com%2Fno%2Fcasino%2Fslots%3Fbtag%3D655020_43A7E4A368104753AF901F0D08A5156B%26utm_source%3Dretarget%26utm_medium%3DUbidex%26utm_campaign%3DUbidex-Bizzo-EU-NotReg-pop-WelPromo%26utm_term%3DUbidex-Bizzo-EU-NotReg-pop-WelPromo%26subid%3D2c1ce2tik37d5i4a10&channel_type=code&jsonp=__sd3qqbt5gjs

23.36.79.16

897 B

URL
api.livechatinc.com/v3.6/customer/action/get_dynamic_configuration?license_id=9054575&client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5&url=https%3A%2F%2Fbizzocasino.com%2Fno%2Fcasino%2Fslots%3Fbtag%3D655020_43A7E4A368104753AF901F0D08A5156B%26utm_source%3Dretarget%26utm_medium%3DUbidex%26utm_campaign%3DUbidex-Bizzo-EU-NotReg-pop-WelPromo%26utm_term%3DUbidex-Bizzo-EU-NotReg-pop-WelPromo%26subid%3D2c1ce2tik37d5i4a10&channel_type=code&jsonp=__sd3qqbt5gjs
IP
23.36.79.16:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (897), with no line terminators
Size
897 B (897 bytes)
Hash
d815a2c230f66468982ede712e4237cd
baf73f6375611b9abd8e1d40d915fb50c2778778
38c1b2cc9a17c22ef027d14ab5e131f522714e196150697bb29105a9d1c3da99

HTTP Headers

GET /v3.6/customer/action/get_dynamic_configuration?license_id=9054575&client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5&url=https%3A%2F%2Fbizzocasino.com%2Fno%2Fcasino%2Fslots%3Fbtag%3D655020_43A7E4A368104753AF901F0D08A5156B%26utm_source%3Dretarget%26utm_medium%3DUbidex%26utm_campaign%3DUbidex-Bizzo-EU-NotReg-pop-WelPromo%26utm_term%3DUbidex-Bizzo-EU-NotReg-pop-WelPromo%26subid%3D2c1ce2tik37d5i4a10&channel_type=code&jsonp=__sd3qqbt5gjs HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-security-policy: frame-ancestors https://bizzocasino.com/;
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-frame-options: allow-from https://bizzocasino.com/
content-length: 897
date: Sun, 03 Dec 2023 23:23:20 GMT
X-Firefox-Spdy: h2

platform.bizzocasino.com/api/v3/casino/game?is_desktop=1&has_live=0&category_id=25

104.26.8.22

0 B

URL
platform.bizzocasino.com/api/v3/casino/game?is_desktop=1&has_live=0&category_id=25
IP
104.26.8.22:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /api/v3/casino/game?is_desktop=1&has_live=0&category_id=25 HTTP/1.1
Host: platform.bizzocasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: client-timezone,content-type,x-requested-with
Referer: https://bizzocasino.com/
Origin: https://bizzocasino.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Sun, 03 Dec 2023 23:23:20 GMT
access-control-allow-origin: https://bizzocasino.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone,LOCATION-SMART-HTML-SESSION-ID,LOCATION-SMART-DEVICE-SESSION-ID
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WC1fCulDLeDzdk0dEaDV45FLnIfPbHCUcjkPGA%2B2q5NNvOO7TcnuUVDoLl7g43fWT2Un0EY%2F9bJBVX5G9l5kzSrJRPAWW3VJGhDzIfBHa%2BumE8CBqu8vHErEdd8mJqiweTSuXfKbENNRyw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82ff8e8aaa5f56c4-OSL
X-Firefox-Spdy: h2

cdn.softswiss.net/i/s4/3oaks/more_magic_apple.webp

104.16.13.151

12 kB

URL
cdn.softswiss.net/i/s4/3oaks/more_magic_apple.webp
IP
104.16.13.151:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 190x190, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
12 kB (12328 bytes)
Hash
d9b18c0d349bbffb233c69c3341bacdc
07da82f8420030ee8416f4494a664148454c3a3f
55c74c3e78808e845e23835931673e7455c8c2e7cbb54a2020619c56752ccf1b

HTTP Headers

GET /i/s4/3oaks/more_magic_apple.webp HTTP/1.1
Host: cdn.softswiss.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:20 GMT
content-type: image/webp
content-length: 12328
last-modified: Wed, 17 May 2023 16:00:03 GMT
etag: "6464fa03-3028"
expires: Mon, 04 Dec 2023 07:08:00 GMT
cache-control: max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 56894
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e8b0f777129-OSL
X-Firefox-Spdy: h2

cdn.softswiss.net/i/s4/wazdan/9CoinsGrandDiamondEdition.webp

104.16.13.151

13 kB

URL
cdn.softswiss.net/i/s4/wazdan/9CoinsGrandDiamondEdition.webp
IP
104.16.13.151:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 190x190, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
13 kB (12686 bytes)
Hash
3b1396b150a6f83dce69d2e91318d601
444ae52c71de51695cf33e1555cdffb81d288f25
60ab1c5279abf936875ade0e7afa5fa7204d98a6b6a4b093c200e2ebc375dbcf

HTTP Headers

GET /i/s4/wazdan/9CoinsGrandDiamondEdition.webp HTTP/1.1
Host: cdn.softswiss.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:20 GMT
content-type: image/webp
content-length: 12686
last-modified: Tue, 22 Aug 2023 09:30:03 GMT
etag: "64e4801b-318e"
expires: Mon, 04 Dec 2023 12:45:15 GMT
cache-control: max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 11862
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e8b0f7a7129-OSL
X-Firefox-Spdy: h2

platform.bizzocasino.com/api/v2/casino/last-winners?limit=5&has_live=0

104.26.9.22

11 kB

URL
platform.bizzocasino.com/api/v2/casino/last-winners?limit=5&has_live=0
IP
104.26.9.22:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with very long lines (2224), with no line terminators
Size
11 kB (11280 bytes)
Hash
7a1fba1d07f1f9fe4df49032f2c759ee
58281da02fa750a4805da11bc6396de09897905a
64ecde135c92176b6ce872dc8941d48fcb1cabbd3511a82c5751c0a9c39b5a1c

HTTP Headers

GET /api/v2/casino/last-winners?limit=5&has_live=0 HTTP/1.1
Host: platform.bizzocasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
client-timezone: UTC
Origin: https://bizzocasino.com
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Cookie: _cioanonid=5729cd2a-443d-d34e-f27b-3db8283c16fe; _ga_89BGS3MKPL=GS1.1.1701645802.1.0.1701645802.60.0.0; _ga=GA1.1.229974730.1701645803; _sp_srt_ses.52c6=*; _sp_srt_id.52c6=181b8daa-ecdb-47c1-89cf-35a8d7654f5f.1701645803.1.1701645803..1220d451-2ad2-4753-970e-24cea0de13a2....0; ubc-code=29ac37f3-360e-4c6c-b8ea-42bbfe59b49b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:19 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: https://bizzocasino.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone,LOCATION-SMART-HTML-SESSION-ID,LOCATION-SMART-DEVICE-SESSION-ID
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BSmDlU1wfFxm7xgzH9ZbwLa%2FSGqfYmk8VSiQQT7%2Ff9WI%2B%2FxDB39YJi2vXQK1jG2TLWSBB%2BBS3R6G8whOp5enTYYHeXWvgBPFl8%2FM%2FGUibNQxDt0ml%2FWOwYrIOA4nQfdc2LIlee7%2B8nJXkA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82ff8e884e57b50c-OSL
content-encoding: br
X-Firefox-Spdy: h2

platform.bizzocasino.com/api/user/is-auth

104.26.9.22

11 kB

URL
platform.bizzocasino.com/api/user/is-auth
IP
104.26.9.22:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with no line terminators
Size
11 kB (10905 bytes)
Hash
b9169af20adb2be940a35d3a8f7508cf
568312af24eadcadb00306bb3cd3cc6b2cf494ea
a53e5b90daea1d5c794bf41c3123c69533f9ea6f821e0051413ec99a1883a153

HTTP Headers

GET /api/user/is-auth HTTP/1.1
Host: platform.bizzocasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
client-timezone: UTC
Origin: https://bizzocasino.com
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Cookie: _cioanonid=5729cd2a-443d-d34e-f27b-3db8283c16fe; _ga_89BGS3MKPL=GS1.1.1701645802.1.0.1701645802.60.0.0; _ga=GA1.1.229974730.1701645803; _sp_srt_ses.52c6=*; _sp_srt_id.52c6=181b8daa-ecdb-47c1-89cf-35a8d7654f5f.1701645803.1.1701645803..1220d451-2ad2-4753-970e-24cea0de13a2....0; ubc-code=29ac37f3-360e-4c6c-b8ea-42bbfe59b49b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:19 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: https://bizzocasino.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone,LOCATION-SMART-HTML-SESSION-ID,LOCATION-SMART-DEVICE-SESSION-ID
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WQnBW5treJerhJZI9YWETa90QdwgvoMOe6c%2FoaKrQL9tnvJwmKKKcIbKUDErVOrmMgxUu8lo8g9skZfZAOBHhac5s%2BoDWpR9RXCpoG4Mw7Soh6ss8GrbN3XUW93COZ7eJQvZG17X9oeX2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82ff8e88ae8cb50c-OSL
content-encoding: br
X-Firefox-Spdy: h2

cdn.softswiss.net/i/s4/pragmaticexternal/BuffaloKingMegaways1.webp

104.16.13.151

23 kB

URL
cdn.softswiss.net/i/s4/pragmaticexternal/BuffaloKingMegaways1.webp
IP
104.16.13.151:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 190x190, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
23 kB (23376 bytes)
Hash
fc85f59a3f11eaee5769e0863936d9d3
e29fd3cc2abd09146ab1d30ac5d8b4663234f427
5fb62c170d2b024a846ba2e84b6ab9adae6173b0bbfbc199fd0ada1a8fd8d029

HTTP Headers

GET /i/s4/pragmaticexternal/BuffaloKingMegaways1.webp HTTP/1.1
Host: cdn.softswiss.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:20 GMT
content-type: image/webp
content-length: 23376
last-modified: Thu, 29 Apr 2021 10:10:02 GMT
etag: "608a85fa-5b50"
expires: Mon, 04 Dec 2023 02:22:16 GMT
cache-control: max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 60768
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e8b4f957129-OSL
X-Firefox-Spdy: h2

bizzocasino.com/assets/placeholders/games/190x190.png

104.26.9.22

7.2 kB

URL
bizzocasino.com/assets/placeholders/games/190x190.png
IP
104.26.9.22:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 190 x 190, 8-bit/color RGBA, non-interlaced\012- data
Size
7.2 kB (7227 bytes)
Hash
3e97a9b923d7436191e29f37e75a0c65
c3b209a37a0f9cf9ff9f4915398e5899addb7553
8bc932d63f9c4bdb4cdc070fbbe4a0f598ba35d9dc3b950f6a461afbde95eb73

HTTP Headers

GET /assets/placeholders/games/190x190.png HTTP/1.1
Host: bizzocasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/no/casino/slots?btag=655020_43A7E4A368104753AF901F0D08A5156B&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&utm_term=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&subid=2c1ce2tik37d5i4a10
Cookie: is_mobile_device=false; preferred-language=no; btag=655020_43A7E4A368104753AF901F0D08A5156B; subid=2c1ce2tik37d5i4a10; utm_campaign=Ubidex-Bizzo-EU-NotReg-pop-WelPromo; utm_medium=Ubidex; utm_source=retarget; utm_term=Ubidex-Bizzo-EU-NotReg-pop-WelPromo; _cioanonid=5729cd2a-443d-d34e-f27b-3db8283c16fe; _ga_89BGS3MKPL=GS1.1.1701645802.1.0.1701645802.60.0.0; _ga=GA1.1.229974730.1701645803; _sp_srt_ses.52c6=*; _sp_srt_id.52c6=181b8daa-ecdb-47c1-89cf-35a8d7654f5f.1701645803.1.1701645803..1220d451-2ad2-4753-970e-24cea0de13a2....0; ubc-code=29ac37f3-360e-4c6c-b8ea-42bbfe59b49b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:20 GMT
content-type: image/png
content-length: 7227
cf-ray: 82ff8e8aafd0b50c-OSL
cf-cache-status: BYPASS
accept-ranges: bytes
etag: "65682875-1c3b"
last-modified: Thu, 30 Nov 2023 06:15:17 GMT
set-cookie: is_mobile_device=false
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jluHN2RqyvydTNYpinldBGwHZN8oKvzk0BOsb9FGUgmmM6NQmzIPZAJnNe7zode4%2Fv0Ch7UepZKlIfZS77cRX883IASDHvBCZGMjfyIGyQ8ISbjcrqSSYe0lgVw5%2FbU8Tg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

bizzocasino.com/assets/banners/games-search/games-search-bg.webp

104.26.9.22

120 kB

URL
bizzocasino.com/assets/banners/games-search/games-search-bg.webp
IP
104.26.9.22:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1321x360, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
120 kB (120276 bytes)
Hash
c44f1fd09a57bafedec297660263a605
1ddd77d446311f5f138f11e7c996e7050ca40938
6174163caba3316d69fbe1fd6954a82a1fd28eb26003adb12f963b8afabbc072

HTTP Headers

GET /assets/banners/games-search/games-search-bg.webp HTTP/1.1
Host: bizzocasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/no/casino/slots?btag=655020_43A7E4A368104753AF901F0D08A5156B&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&utm_term=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&subid=2c1ce2tik37d5i4a10
Cookie: is_mobile_device=false; is_mobile_device=false; preferred-language=no; btag=655020_43A7E4A368104753AF901F0D08A5156B; subid=2c1ce2tik37d5i4a10; utm_campaign=Ubidex-Bizzo-EU-NotReg-pop-WelPromo; utm_medium=Ubidex; utm_source=retarget; utm_term=Ubidex-Bizzo-EU-NotReg-pop-WelPromo; _cioanonid=5729cd2a-443d-d34e-f27b-3db8283c16fe; _ga_89BGS3MKPL=GS1.1.1701645802.1.0.1701645802.60.0.0; _ga=GA1.1.229974730.1701645803; _sp_srt_ses.52c6=*; _sp_srt_id.52c6=181b8daa-ecdb-47c1-89cf-35a8d7654f5f.1701645803.1.1701645803..1220d451-2ad2-4753-970e-24cea0de13a2....0; ubc-code=29ac37f3-360e-4c6c-b8ea-42bbfe59b49b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:20 GMT
content-type: image/webp
content-length: 120276
cf-ray: 82ff8e8a7fafb50c-OSL
cf-cache-status: BYPASS
accept-ranges: bytes
etag: "65682875-1d5d4"
last-modified: Thu, 30 Nov 2023 06:15:17 GMT
set-cookie: is_mobile_device=false
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hfdLAbYwrA21vYIKdMVbVBe%2BFXzzF%2B7%2BrecE6ZTeFWKBhmctvSQYz8C8DYsgUdnTImfUZcHWWTEx4BRKvp4tMSPSy6D9RcxrA9tXSPBjJuq7OfoEci7QwBFBs%2FuVLfO9rg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

cdn.softswiss.net/i/s4/3oaks/more_magic_apple.webp

104.16.13.151

12 kB

URL
cdn.softswiss.net/i/s4/3oaks/more_magic_apple.webp
IP
104.16.13.151:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 190x190, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
12 kB (12328 bytes)
Hash
d9b18c0d349bbffb233c69c3341bacdc
07da82f8420030ee8416f4494a664148454c3a3f
55c74c3e78808e845e23835931673e7455c8c2e7cbb54a2020619c56752ccf1b

HTTP Headers

GET /i/s4/3oaks/more_magic_apple.webp HTTP/1.1
Host: cdn.softswiss.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:21 GMT
content-type: image/webp
content-length: 12328
last-modified: Wed, 17 May 2023 16:00:03 GMT
etag: "6464fa03-3028"
expires: Mon, 04 Dec 2023 07:08:00 GMT
cache-control: max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 56895
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e92ac427129-OSL
X-Firefox-Spdy: h2

cdn.softswiss.net/i/s4/endorphina/endorphina2_BookOfLady.webp

104.16.13.151

11 kB

URL
cdn.softswiss.net/i/s4/endorphina/endorphina2_BookOfLady.webp
IP
104.16.13.151:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 190x190, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
11 kB (10614 bytes)
Hash
fc57ce4621699956d485437343dedf23
1b2878c068e673872bb1a9c86b6851df0a4e5b42
a5cd3b2d6fd754b3ffb0980f7b8cc68673a1f3cb3eddac5582598d82a1b1ad5e

HTTP Headers

GET /i/s4/endorphina/endorphina2_BookOfLady.webp HTTP/1.1
Host: cdn.softswiss.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:21 GMT
content-type: image/webp
content-length: 10614
last-modified: Wed, 02 Mar 2022 19:25:02 GMT
etag: "621fc48e-2976"
expires: Sun, 03 Dec 2023 22:08:43 GMT
cache-control: max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 8134
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e92ac467129-OSL
X-Firefox-Spdy: h2

cdn.softswiss.net/i/s4/pragmaticexternal/GoldRush.webp

104.16.13.151

11 kB

URL
cdn.softswiss.net/i/s4/pragmaticexternal/GoldRush.webp
IP
104.16.13.151:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 190x190, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
11 kB (10760 bytes)
Hash
415be32d27c59598697d273307b57856
d95d3cecc08edfd063fcd6d8ecc0fc6cf98c60a8
9497edaf118fba90d4467ab009e270806589a3765b11413ca7a3e77e75d3f600

HTTP Headers

GET /i/s4/pragmaticexternal/GoldRush.webp HTTP/1.1
Host: cdn.softswiss.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:21 GMT
content-type: image/webp
content-length: 10760
last-modified: Tue, 05 May 2020 09:35:16 GMT
etag: "5eb13354-2a08"
expires: Mon, 04 Dec 2023 21:44:52 GMT
cache-control: max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 199
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e92bc497129-OSL
X-Firefox-Spdy: h2

cdn.softswiss.net/i/s4/pragmaticexternal/BuffaloKingMegaways1.webp

104.16.13.151

23 kB

URL
cdn.softswiss.net/i/s4/pragmaticexternal/BuffaloKingMegaways1.webp
IP
104.16.13.151:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 190x190, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
23 kB (23376 bytes)
Hash
fc85f59a3f11eaee5769e0863936d9d3
e29fd3cc2abd09146ab1d30ac5d8b4663234f427
5fb62c170d2b024a846ba2e84b6ab9adae6173b0bbfbc199fd0ada1a8fd8d029

HTTP Headers

GET /i/s4/pragmaticexternal/BuffaloKingMegaways1.webp HTTP/1.1
Host: cdn.softswiss.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:21 GMT
content-type: image/webp
content-length: 23376
last-modified: Thu, 29 Apr 2021 10:10:02 GMT
etag: "608a85fa-5b50"
expires: Mon, 04 Dec 2023 02:22:16 GMT
cache-control: max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 60769
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e92bc4b7129-OSL
X-Firefox-Spdy: h2

cdn.softswiss.net/logos/providers_small/color/belatra.svg

104.16.13.151

14 kB

URL
cdn.softswiss.net/logos/providers_small/color/belatra.svg
IP
104.16.13.151:0
ASN
#13335 CLOUDFLARENET

File type
gzip compressed data, from Unix\012- data
Size
14 kB (14102 bytes)
Hash
303612c6b783499fa1dc21ef1b7025ce
2122d95d710c3deed4b7b8569c6de226e0d529d1
7d7f9d1607a83f619d55ef3083abdeb159865a88d77ca1303b8eec5daf3ea341

HTTP Headers

GET /logos/providers_small/color/belatra.svg HTTP/1.1
Host: cdn.softswiss.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:20 GMT
content-type: image/svg+xml
last-modified: Fri, 02 Jun 2023 09:50:03 GMT
etag: W/"6479bb4b-f6f"
expires: Mon, 04 Dec 2023 05:16:07 GMT
cache-control: max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 58932
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e8d48c97129-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

api.livechatinc.com/v3.4/customer/action/get_configuration?organization_id=0423be4a-3d48-484e-a65a-2228122b8c26&version=300204.12.12.46181.7886.2834.1580.16.3.3.3.250.7550&group_id=46&jsonp=__lc_static_config

23.36.79.16

1.4 kB

URL
api.livechatinc.com/v3.4/customer/action/get_configuration?organization_id=0423be4a-3d48-484e-a65a-2228122b8c26&version=300204.12.12.46181.7886.2834.1580.16.3.3.3.250.7550&group_id=46&jsonp=__lc_static_config
IP
23.36.79.16:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (4115), with no line terminators
Size
1.4 kB (1417 bytes)
Hash
31d209b6bdbd3a8dedbe4a8abbfb6333
d2ccd098be128a01f5f48e80fb83b02a8d58d38c
61025d83bd69e92034f5345678c85e0e3d0c7a97bf6c9b182bd805e6eb41945c

HTTP Headers

GET /v3.4/customer/action/get_configuration?organization_id=0423be4a-3d48-484e-a65a-2228122b8c26&version=300204.12.12.46181.7886.2834.1580.16.3.3.3.250.7550&group_id=46&jsonp=__lc_static_config HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
legacy: 2024-05-31
vary: Accept-Encoding
content-length: 1417
cache-control: public, max-age=86
expires: Sun, 03 Dec 2023 23:24:47 GMT
date: Sun, 03 Dec 2023 23:23:21 GMT
X-Firefox-Spdy: h2

fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJnecmNE.woff2

142.250.74.99

5.5 kB

URL
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJnecmNE.woff2
IP
142.250.74.99:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 5544, version 1.0\012- data
Size
5.5 kB (5544 bytes)
Hash
0ed299a4bb5262e17e2145783b2c18f1
65af2a037a5ef8a8d383d518377ea1f9f6837631
cb8bdeabc838774d9808eb7c4cfcea963b57855e34f84b54797076940c8e5986

HTTP Headers

GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJnecmNE.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bizzocasino.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5544
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:48:53 GMT
expires: Thu, 28 Nov 2024 21:48:53 GMT
cache-control: public, max-age=31536000
age: 351268
last-modified: Wed, 27 Apr 2022 17:03:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

a.sportradarserving.com/pixel?type=js&aid=1312&id=3945

3.123.91.170

0 B

URL
a.sportradarserving.com/pixel?type=js&aid=1312&id=3945
IP
3.123.91.170:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pixel?type=js&aid=1312&id=3945 HTTP/1.1
Host: a.sportradarserving.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Cookie: zuuid=0e60034f-fc56-4ba5-b453-17a34df0a04f; c=1701645797; zuuid_lu=1701645797; zuuid_k=1; zuuid_k_lu=1701645797; bss=!bidswitch,470902997; cm2=!bidswitch,470974997
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/javascript; charset=UTF-8
Date: Sun, 03 Dec 2023 23:23:21 GMT
Content-Length: 0
Connection: keep-alive

cdn.softswiss.net/logos/providers_small/white/printstudios.svg

104.16.13.151

727 B

URL
cdn.softswiss.net/logos/providers_small/white/printstudios.svg
IP
104.16.13.151:0
ASN
#13335 CLOUDFLARENET

File type
gzip compressed data, from Unix\012- data
Size
727 B (727 bytes)
Hash
fa5a30e01cdf2203a00055750031902a
be41f453ec9cdc63d5a6e9cd95ba52c8b3881c87
0f91076a0092efb87719638979d2658590118df06f546b7fdbb6c8599a542984

HTTP Headers

GET /logos/providers_small/white/printstudios.svg HTTP/1.1
Host: cdn.softswiss.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:21 GMT
content-type: image/svg+xml
last-modified: Mon, 10 Jan 2022 11:40:02 GMT
etag: W/"61dc1b12-2ac"
expires: Mon, 04 Dec 2023 16:16:20 GMT
cache-control: max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 25621
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e941d1e7129-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

cdn.softswiss.net/logos/providers_small/white/petersons.svg

104.16.13.151

30 kB

URL
cdn.softswiss.net/logos/providers_small/white/petersons.svg
IP
104.16.13.151:0
ASN
#13335 CLOUDFLARENET

File type
gzip compressed data, from Unix\012- data
Size
30 kB (30172 bytes)
Hash
bf40bb84a127660ac84fbc8107534d8e
c6c66b3434a0e6ba7a0b6cefed667512c36821e5
fead79a24243dafe2ab4698b335adec1e0f0001913fcaf67bd11ba7812dcb797

HTTP Headers

GET /logos/providers_small/white/petersons.svg HTTP/1.1
Host: cdn.softswiss.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:21 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Jan 2022 10:05:02 GMT
etag: W/"61dd564e-109d"
expires: Sun, 03 Dec 2023 16:09:30 GMT
cache-control: max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 59616
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e940d1b7129-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/bgaming.svg

54.230.241.11

2.2 kB

URL
d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/bgaming.svg
IP
54.230.241.11:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1696), with CRLF line terminators
Size
2.2 kB (2221 bytes)
Hash
82fea7565d58eabd4e2cbc1c398e1b36
53fe61fab533e29cb17819def6d4ef7c7792271d
8c087af2fd50edf40ceaa3b9574b03d66ff3a289704c1359aef09b38263f1e71

HTTP Headers

GET /logos/providers_small/color/bgaming.svg HTTP/1.1
Host: d2i76d1bskcqlp.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 2221
date: Sun, 03 Dec 2023 11:17:00 GMT
last-modified: Wed, 29 Sep 2021 07:36:08 GMT
etag: "82fea7565d58eabd4e2cbc1c398e1b36"
x-amz-meta-sha256: 8c087af2fd50edf40ceaa3b9574b03d66ff3a289704c1359aef09b38263f1e71
x-amz-meta-s3b-last-modified: 20210929T073356Z
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: zEN-j4zaw2w07tCjVd4E90zIUsm_PWeOqjmbgYaRSsUcaCoEGON81w==
age: 43583
X-Firefox-Spdy: h2

cdn.softswiss.net/logos/providers_small/white/gamebeat.svg

104.16.13.151

3.0 kB

URL
cdn.softswiss.net/logos/providers_small/white/gamebeat.svg
IP
104.16.13.151:0
ASN
#13335 CLOUDFLARENET

File type
gzip compressed data, from Unix\012- data
Size
3.0 kB (2957 bytes)
Hash
c105cc235960f121fff4ebaa68320b1c
88227427af9e61b9d70239b6d9624d3fcb3e5a0d
bb4dda0a73e8df27e14736a6484d338e72272e47cba9a9d045e79b21824ec7b1

HTTP Headers

GET /logos/providers_small/white/gamebeat.svg HTTP/1.1
Host: cdn.softswiss.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:21 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Jan 2022 10:05:02 GMT
etag: W/"61dd564e-82e"
expires: Sun, 03 Dec 2023 16:25:29 GMT
cache-control: max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 59616
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e92dc5f7129-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

cdn.softswiss.net/logos/providers_small/color/belatra.svg

104.16.13.151

4.2 kB

URL
cdn.softswiss.net/logos/providers_small/color/belatra.svg
IP
104.16.13.151:0
ASN
#13335 CLOUDFLARENET

File type
gzip compressed data, from Unix\012- data
Size
4.2 kB (4193 bytes)
Hash
66e8053fd5a7f199c80986e8905f95bd
0bed4844c883a9e51a1780446919ef5b09f54bc5
d6dd84f869b0ea92d8f1627478d4b0c884e2dffa4e097e82053b03500bf0f620

HTTP Headers

GET /logos/providers_small/color/belatra.svg HTTP/1.1
Host: cdn.softswiss.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:21 GMT
content-type: image/svg+xml
last-modified: Fri, 02 Jun 2023 09:50:03 GMT
etag: W/"6479bb4b-f6f"
expires: Mon, 04 Dec 2023 05:16:07 GMT
cache-control: max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 58933
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e92cc547129-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

cdn.softswiss.net/logos/providers_small/white/playtech.svg

104.16.13.151

2.3 kB

URL
cdn.softswiss.net/logos/providers_small/white/playtech.svg
IP
104.16.13.151:0
ASN
#13335 CLOUDFLARENET

File type
gzip compressed data, from Unix\012- data
Size
2.3 kB (2325 bytes)
Hash
f9e21224cb2ef1c8846ef98adde1663d
9450d3e75d5672d2ba73c4f2a9ad210321672677
c5b6f89af8da0ea719581b9c7a3d9f49b8ac52903584624b379d0ebd031b0b22

HTTP Headers

GET /logos/providers_small/white/playtech.svg HTTP/1.1
Host: cdn.softswiss.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:21 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Jan 2022 10:05:02 GMT
etag: W/"61dd564e-4fa"
expires: Mon, 04 Dec 2023 08:06:58 GMT
cache-control: max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 51418
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e92fc6c7129-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

cdn.softswiss.net/logos/providers_small/color/acerun.svg

104.16.13.151

2.1 kB

URL
cdn.softswiss.net/logos/providers_small/color/acerun.svg
IP
104.16.13.151:0
ASN
#13335 CLOUDFLARENET

File type
gzip compressed data, from Unix\012- data
Size
2.1 kB (2122 bytes)
Hash
5f070c31aac9ab0299d4b819533fc33b
44bd3db2511bb71144b784beabcfb5003eb23165
04532204c9af0ebba514bfea254b806540747e8ebee7b4ba56092a132c859e09

HTTP Headers

GET /logos/providers_small/color/acerun.svg HTTP/1.1
Host: cdn.softswiss.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:21 GMT
content-type: image/svg+xml
last-modified: Tue, 27 Sep 2022 14:10:02 GMT
etag: W/"6333043a-592"
expires: Mon, 04 Dec 2023 16:20:47 GMT
cache-control: max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 24086
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e930c727129-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

cdn.softswiss.net/logos/providers_small/white/adlunam.svg

104.16.13.151

18 kB

URL
cdn.softswiss.net/logos/providers_small/white/adlunam.svg
IP
104.16.13.151:0
ASN
#13335 CLOUDFLARENET

File type
gzip compressed data, from Unix\012- data
Size
18 kB (17511 bytes)
Hash
dc91db16deb33df6dbdc7359194ad2c8
d195837637e5283937988801f99cc182d4b3fdfb
884aa43e4eb7d4d55394f6fa58118309b508cf5c13260656ef6799046f67181c

HTTP Headers

GET /logos/providers_small/white/adlunam.svg HTTP/1.1
Host: cdn.softswiss.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:21 GMT
content-type: image/svg+xml
last-modified: Fri, 21 Jul 2023 06:35:03 GMT
etag: W/"64ba2717-6f1b"
expires: Mon, 04 Dec 2023 06:49:45 GMT
cache-control: max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 59616
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e930c737129-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/nolimit.svg

54.230.241.11

1.0 kB

URL
d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/nolimit.svg
IP
54.230.241.11:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
1.0 kB (1017 bytes)
Hash
70a7487c20b17ebcada97c6f4723f9fa
281c14e4c9183f52e45abab93d8d25a5686f8b75
8eb26554a83e1abaf4fb75dfa9955218388789e3fee59ef4c4c2e5f09de4914c

HTTP Headers

GET /logos/providers_small/color/nolimit.svg HTTP/1.1
Host: d2i76d1bskcqlp.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 1017
date: Sun, 03 Dec 2023 11:48:59 GMT
last-modified: Wed, 29 Sep 2021 07:36:12 GMT
etag: "70a7487c20b17ebcada97c6f4723f9fa"
x-amz-meta-sha256: 8eb26554a83e1abaf4fb75dfa9955218388789e3fee59ef4c4c2e5f09de4914c
x-amz-meta-s3b-last-modified: 20210929T073400Z
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8vZB-w2hOiFPwK4DPXFWCslJOmRrRIKugaB8MwQNNW66ThUvyEIp6Q==
age: 41664
X-Firefox-Spdy: h2

bizzocasino.com/api/seo/get-data?pageUrl=/no/casino/slots

104.26.9.22

5.5 kB

URL
bizzocasino.com/api/seo/get-data?pageUrl=/no/casino/slots
IP
104.26.9.22:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
5.5 kB (5517 bytes)
Hash
2165efda0a82f4b2f1663bf76e09bfd9
07d897ccb3df5e0c95bab7b3c769a5e2f596e29d
1785733b9e736763c8193438e15408b6decc65a34bcb38e2a5148e922bc64086

HTTP Headers

GET /api/seo/get-data?pageUrl=/no/casino/slots HTTP/1.1
Host: bizzocasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/no/casino/slots?btag=655020_43A7E4A368104753AF901F0D08A5156B&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&utm_term=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&subid=2c1ce2tik37d5i4a10
Cookie: preferred-language=no; btag=655020_43A7E4A368104753AF901F0D08A5156B; subid=2c1ce2tik37d5i4a10; utm_campaign=Ubidex-Bizzo-EU-NotReg-pop-WelPromo; utm_medium=Ubidex; utm_source=retarget; utm_term=Ubidex-Bizzo-EU-NotReg-pop-WelPromo; _cioanonid=5729cd2a-443d-d34e-f27b-3db8283c16fe; _ga_89BGS3MKPL=GS1.1.1701645802.1.0.1701645802.60.0.0; _ga=GA1.1.229974730.1701645803; _sp_srt_ses.52c6=*; _sp_srt_id.52c6=181b8daa-ecdb-47c1-89cf-35a8d7654f5f.1701645803.1.1701645803..1220d451-2ad2-4753-970e-24cea0de13a2....0; ubc-code=29ac37f3-360e-4c6c-b8ea-42bbfe59b49b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
date: Sun, 03 Dec 2023 23:23:19 GMT
content-type: text/html; charset=UTF-8
location: /no/api/seo/get-data?pageUrl=%2Fno%2Fcasino%2Fslots
cf-ray: 82ff8e884e58b50c-OSL
cf-cache-status: DYNAMIC
cache-control: no-cache, private
access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods: GET, POST, OPTIONS
access-control-expose-headers: Content-Length,Content-Range
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rZUQqoAGGiLnFBVGJ1sGKRI4Ha0elqqBwGxvrmd%2FGIwvWQtyRC3rr2YpolMtFK2%2BpJ0cXcWZyenM2jvj4b%2F%2B5tCAfuf5Mwahu1XeTtXy3T7afuuAIiTwF%2FisQ%2FpbLGHmLg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2

cdn.softswiss.net/logos/providers_small/color/slotfactory.svg

104.16.13.151

3.2 kB

URL
cdn.softswiss.net/logos/providers_small/color/slotfactory.svg
IP
104.16.13.151:0
ASN
#13335 CLOUDFLARENET

File type
gzip compressed data, from Unix\012- data
Size
3.2 kB (3196 bytes)
Hash
419f0d626834a6d01f08141fbc75b1f9
507c4633ac9abb7243fe438138ed5f0e8e3657dc
e21f24679c863d02cb6dca71597ad42c0ab0320ac25ab1dda488ce7146947d08

HTTP Headers

GET /logos/providers_small/color/slotfactory.svg HTTP/1.1
Host: cdn.softswiss.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:21 GMT
content-type: image/svg+xml
last-modified: Tue, 06 Dec 2022 06:10:03 GMT
etag: W/"638edcbb-1402"
expires: Mon, 04 Dec 2023 06:49:45 GMT
cache-control: max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 59616
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e947d547129-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

cdn.softswiss.net/logos/providers_small/white/amatic.svg

104.16.13.151

8.6 kB

URL
cdn.softswiss.net/logos/providers_small/white/amatic.svg
IP
104.16.13.151:0
ASN
#13335 CLOUDFLARENET

File type
gzip compressed data, from Unix\012- data
Size
8.6 kB (8606 bytes)
Hash
e5c88e4f0ad23c75234f457120886637
f12cd46aaf8b4a24835ce9c532b3adf5a36fff4a
abcf73c550967dcf996ce20a0decc8263b57c8ebd5cb902face25129b0a7ce57

HTTP Headers

GET /logos/providers_small/white/amatic.svg HTTP/1.1
Host: cdn.softswiss.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:21 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Jan 2022 10:05:02 GMT
etag: W/"61dd564e-259"
expires: Sun, 03 Dec 2023 19:42:38 GMT
cache-control: max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 51418
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e930c777129-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.google.com/recaptcha/api2/webworker.js?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed

142.250.74.164

3.9 kB

URL
www.google.com/recaptcha/api2/webworker.js?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
gzip compressed data\012- data
Size
3.9 kB (3884 bytes)
Hash
f5b2808dae1620300ab4ff811ed18e45
1b41edb28771b397ef020accd539b1c242f686dd
fd0ce52b44b79d78c67cf19057a7f8709e5d95d3be701632aa7768c02c3d8072

HTTP Headers

GET /recaptcha/api2/webworker.js?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfuX1IiAAAAAI-I-22YsCkMcy74SxhQFgeotAJp&co=aHR0cHM6Ly9iaXp6b2Nhc2luby5jb206NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=mjjsfj6ijl1g
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/javascript; charset=utf-8
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sun, 03 Dec 2023 23:23:19 GMT
date: Sun, 03 Dec 2023 23:23:19 GMT
cache-control: private, max-age=300
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/pushgaming.svg

54.230.241.11

3.6 kB

URL
d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/pushgaming.svg
IP
54.230.241.11:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
3.6 kB (3623 bytes)
Hash
8b55d1ea747defc67623356adb9a3afb
fb1c1de4d0c9118e9d1150676f9ea05f704483bb
ffd3b7eb969dcf9efd52dc27cf72e7861702d48deff4e211ae69c54a46cad7a7

HTTP Headers

GET /logos/providers_small/color/pushgaming.svg HTTP/1.1
Host: d2i76d1bskcqlp.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 3623
date: Sun, 03 Dec 2023 11:50:16 GMT
last-modified: Wed, 29 Sep 2021 07:36:13 GMT
etag: "8b55d1ea747defc67623356adb9a3afb"
x-amz-meta-sha256: ffd3b7eb969dcf9efd52dc27cf72e7861702d48deff4e211ae69c54a46cad7a7
x-amz-meta-s3b-last-modified: 20210929T073401Z
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: MgZ-XEorjBWZjON8cqdWr8cP6x-QHwJMxNT8Cx1HGSQS5Di2uo9diA==
age: 41587
X-Firefox-Spdy: h2

d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/bsg.svg

54.230.241.11

8.4 kB

URL
d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/bsg.svg
IP
54.230.241.11:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2445), with CRLF line terminators
Size
8.4 kB (8372 bytes)
Hash
c7c357a7d7458fa37a1d7b0f7db81d46
34940a58b0b2773247709e40ff691195d8b609c6
6ce0d77c640c496cb70e967afcbe81555d9346a33bcdcfb5c05398f935bc9533

HTTP Headers

GET /logos/providers_small/color/bsg.svg HTTP/1.1
Host: d2i76d1bskcqlp.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 8372
date: Sun, 03 Dec 2023 11:48:59 GMT
last-modified: Wed, 29 Sep 2021 07:36:09 GMT
etag: "c7c357a7d7458fa37a1d7b0f7db81d46"
x-amz-meta-sha256: 6ce0d77c640c496cb70e967afcbe81555d9346a33bcdcfb5c05398f935bc9533
x-amz-meta-s3b-last-modified: 20210929T073356Z
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: YSrsFIt1Rgpwcg7IgbzeMbfeaMONqrF-Og6zleFpVke-dIwfhBgZNg==
age: 41664
X-Firefox-Spdy: h2

d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/2by2.svg

54.230.241.11

16 kB

URL
d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/2by2.svg
IP
54.230.241.11:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (563), with CRLF line terminators
Size
16 kB (15787 bytes)
Hash
38ff16218e73894f695e322d75843c7f
3726a631d9d30e66f8813858b3604113c549e062
a0da13fba627a7a66ecd383d583437fa2beaee05dc88975ad92bda550c0344d8

HTTP Headers

GET /logos/providers_small/color/2by2.svg HTTP/1.1
Host: d2i76d1bskcqlp.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 15787
date: Sun, 03 Dec 2023 12:40:29 GMT
last-modified: Wed, 29 Sep 2021 07:36:07 GMT
etag: "38ff16218e73894f695e322d75843c7f"
x-amz-meta-sha256: a0da13fba627a7a66ecd383d583437fa2beaee05dc88975ad92bda550c0344d8
x-amz-meta-s3b-last-modified: 20210929T073354Z
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ObbiF0NWlzWzGHXLzT_jBh9zxxe3eK-mAQKgQ9JmAIgfNM3ZBWG7BA==
age: 38574
X-Firefox-Spdy: h2

d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/1x2gaming.svg

54.230.241.11

3.9 kB

URL
d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/1x2gaming.svg
IP
54.230.241.11:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (998), with CRLF line terminators
Size
3.9 kB (3861 bytes)
Hash
df45281343e46c5339f6c20fb8dc115f
51549b45cb65d1eeb059c1a456fbe5e8e0aa7dc9
5771a699180b5c802b9efa342faf9dec1e20e924b9d2dbad1758a1160c2d391d

HTTP Headers

GET /logos/providers_small/color/1x2gaming.svg HTTP/1.1
Host: d2i76d1bskcqlp.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 3861
date: Sun, 03 Dec 2023 11:48:59 GMT
last-modified: Wed, 29 Sep 2021 07:36:07 GMT
etag: "df45281343e46c5339f6c20fb8dc115f"
x-amz-meta-sha256: 5771a699180b5c802b9efa342faf9dec1e20e924b9d2dbad1758a1160c2d391d
x-amz-meta-s3b-last-modified: 20210929T073354Z
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5jHJECkG6DPZIFu3-oOWEaJX-JaSHNgXYMYkeRwzvShCckdRKxowMA==
age: 41664
X-Firefox-Spdy: h2

d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/4thePlayer.svg

54.230.241.11

5.0 kB

URL
d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/4thePlayer.svg
IP
54.230.241.11:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (634), with CRLF line terminators
Size
5.0 kB (5025 bytes)
Hash
29e53671b70a71951079f5d10d920ef3
36847bd3fe386831ccfa34c8aaa167338d3f0ca5
9ae31354f5a6459aa61d4fbaf4563101e036e027f69f34c1e6dea6278f589dac

HTTP Headers

GET /logos/providers_small/color/4thePlayer.svg HTTP/1.1
Host: d2i76d1bskcqlp.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 5025
date: Sun, 03 Dec 2023 11:48:59 GMT
last-modified: Wed, 29 Sep 2021 07:36:07 GMT
etag: "29e53671b70a71951079f5d10d920ef3"
x-amz-meta-sha256: 9ae31354f5a6459aa61d4fbaf4563101e036e027f69f34c1e6dea6278f589dac
x-amz-meta-s3b-last-modified: 20210929T073354Z
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: gNE-TqMEOzyNSrzv48Um-VvjX9xvDU_rcTodemcMoPVUCQr83tQ03g==
age: 41664
X-Firefox-Spdy: h2

d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/bet2tech.svg

54.230.241.11

11 kB

URL
d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/bet2tech.svg
IP
54.230.241.11:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2480), with CRLF line terminators
Size
11 kB (11238 bytes)
Hash
dc2c0dfc952306d4089a00e9e398375d
674a1e2a87cb85565f13111769395714eb8121ed
63e2aa1adec0e0e547a6a279e7a33e56bb049f651cdd7c87dee1b65fd0d42f33

HTTP Headers

GET /logos/providers_small/color/bet2tech.svg HTTP/1.1
Host: d2i76d1bskcqlp.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 11238
date: Sun, 03 Dec 2023 11:48:59 GMT
last-modified: Wed, 29 Sep 2021 07:36:08 GMT
etag: "dc2c0dfc952306d4089a00e9e398375d"
x-amz-meta-sha256: 63e2aa1adec0e0e547a6a279e7a33e56bb049f651cdd7c87dee1b65fd0d42f33
x-amz-meta-s3b-last-modified: 20210929T073355Z
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ARrd1kLKQzkmumYaQBhXCqytYqTF8KxtC3si1E_tBAZx36SoszXGiw==
age: 41664
X-Firefox-Spdy: h2

d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/7mojos.svg

54.230.241.11

18 kB

URL
d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/7mojos.svg
IP
54.230.241.11:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2389), with CRLF line terminators
Size
18 kB (17583 bytes)
Hash
f1faf3d0ec9239f3c5f2fc496cc3f9f0
0eae6cebe84ae05391e9803f1c613fd03b55f549
e743d22c854c6bc4d6119dc713a261dd8e41e6a164aa9f782f362fd9f6e7cc1d

HTTP Headers

GET /logos/providers_small/color/7mojos.svg HTTP/1.1
Host: d2i76d1bskcqlp.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 17583
date: Sun, 03 Dec 2023 11:48:59 GMT
last-modified: Wed, 29 Sep 2021 07:36:07 GMT
etag: "f1faf3d0ec9239f3c5f2fc496cc3f9f0"
x-amz-meta-sha256: e743d22c854c6bc4d6119dc713a261dd8e41e6a164aa9f782f362fd9f6e7cc1d
x-amz-meta-s3b-last-modified: 20210929T073354Z
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: RJ_XcPbNlTA78TV0ucwvf8hspi-m-7EBkB4MzeMzuAd2u3S-pdtZeg==
age: 41664
X-Firefox-Spdy: h2

d16vnr1tync57h.cloudfront.net/logos/providers_small/color/spadegaming.svg

143.204.42.80

1.3 kB

URL
d16vnr1tync57h.cloudfront.net/logos/providers_small/color/spadegaming.svg
IP
143.204.42.80:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1346), with no line terminators
Size
1.3 kB (1346 bytes)
Hash
ebdb7bd7261d52c43e465086e367f0a1
ac506053d264054236c05420f21d586302916f42
457ad2e03f14cc1473a3c8dd8610b7b558985bd5158546345fad0c80a17a1b1d

HTTP Headers

GET /logos/providers_small/color/spadegaming.svg HTTP/1.1
Host: d16vnr1tync57h.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 1346
date: Sun, 03 Dec 2023 19:26:53 GMT
last-modified: Mon, 07 Feb 2022 12:18:30 GMT
etag: "ebdb7bd7261d52c43e465086e367f0a1"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: hE1oR7bTx5ul1Q3UIOUq4XILyDW8CNClXUIu7hhpDLqncOTyQSmcIg==
age: 14190
X-Firefox-Spdy: h2

bizzocasino.com/api/promotion/list?onlyPromotionType=0&lang=no_NO

104.26.9.22

8.7 kB

URL
bizzocasino.com/api/promotion/list?onlyPromotionType=0&lang=no_NO
IP
104.26.9.22:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with very long lines (15260), with no line terminators
Size
8.7 kB (8745 bytes)
Hash
41c0d1f04bc09cecdfa5790a721bc0f8
3b92f14f1f19a006690d9a9c53b68b1bb05e81b8
7f729d8d8051d1cd8f7623872bd406be3d092ed89da7ea4b93039280c8bbab52

HTTP Headers

GET /api/promotion/list?onlyPromotionType=0&lang=no_NO HTTP/1.1
Host: bizzocasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/no/casino/slots?btag=655020_43A7E4A368104753AF901F0D08A5156B&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&utm_term=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&subid=2c1ce2tik37d5i4a10
Cookie: preferred-language=no; btag=655020_43A7E4A368104753AF901F0D08A5156B; subid=2c1ce2tik37d5i4a10; utm_campaign=Ubidex-Bizzo-EU-NotReg-pop-WelPromo; utm_medium=Ubidex; utm_source=retarget; utm_term=Ubidex-Bizzo-EU-NotReg-pop-WelPromo; _cioanonid=5729cd2a-443d-d34e-f27b-3db8283c16fe; _ga_89BGS3MKPL=GS1.1.1701645802.1.0.1701645802.60.0.0; _ga=GA1.1.229974730.1701645803; _sp_srt_ses.52c6=*; _sp_srt_id.52c6=181b8daa-ecdb-47c1-89cf-35a8d7654f5f.1701645803.1.1701645803..1220d451-2ad2-4753-970e-24cea0de13a2....0; ubc-code=29ac37f3-360e-4c6c-b8ea-42bbfe59b49b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:18 GMT
content-type: application/json
cf-ray: 82ff8e80f94bb50c-OSL
cf-cache-status: DYNAMIC
cache-control: no-cache, private
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods: GET, POST, OPTIONS
access-control-expose-headers: Content-Length,Content-Range
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rBBUR97QRrhedVUqPVADfH6STt6pEo0iwAmjzYPrbP7Qo4itHX6sgrcVAThH0wRZnrgv%2F5LkvWhMKcUxO8TcGWAsGPOymZsRBf%2Fq82c6H3Pz1Q0xrafAt6eW4SJxiwt91Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/bangbanggames.svg

54.230.241.11

8.1 kB

URL
d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/bangbanggames.svg
IP
54.230.241.11:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (8148), with no line terminators
Size
8.1 kB (8148 bytes)
Hash
b9313c8f9e3d5e16931666cac1958505
5d53d538958db478e55d286fcfa5ae36fa1cbf1d
01eb73cfdfcf7d9826d6f5abc499becd597b7530abb6dd48a3e62a9c841a498d

HTTP Headers

GET /logos/providers_small/color/bangbanggames.svg HTTP/1.1
Host: d2i76d1bskcqlp.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 8148
date: Sun, 03 Dec 2023 11:48:59 GMT
last-modified: Wed, 23 Feb 2022 20:10:48 GMT
etag: "b9313c8f9e3d5e16931666cac1958505"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: vrpvWruHPw5QcFtBp4ayPvLmULWApHfagunB0iHJCMcNOU4i5h3gEg==
age: 41664
X-Firefox-Spdy: h2

d16vnr1tync57h.cloudfront.net/logos/providers_small/color/oryx.svg

143.204.42.80

629 B

URL
d16vnr1tync57h.cloudfront.net/logos/providers_small/color/oryx.svg
IP
143.204.42.80:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (629), with no line terminators
Size
629 B (629 bytes)
Hash
c359219051cad158d88279406b83b14f
4e89849cffffd460eaccc7d72105f70782cd60a1
cd988616a7acbe64ba360caabf05996c916bcf14697fbb81c9ad67c5ac9c4d31

HTTP Headers

GET /logos/providers_small/color/oryx.svg HTTP/1.1
Host: d16vnr1tync57h.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 629
date: Sun, 03 Dec 2023 01:45:16 GMT
last-modified: Mon, 07 Feb 2022 12:18:30 GMT
etag: "c359219051cad158d88279406b83b14f"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: zkhsm4MJouKecLCuIvNi-VjJFxZYn0He9t4d_tyWnQ-2vrs65YhJUA==
age: 77887
X-Firefox-Spdy: h2

dwmu1hf7ovvid.cloudfront.net/logos/providers_small/color/arcadem.svg

143.204.42.201

5.9 kB

URL
dwmu1hf7ovvid.cloudfront.net/logos/providers_small/color/arcadem.svg
IP
143.204.42.201:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1871), with CRLF line terminators
Size
5.9 kB (5870 bytes)
Hash
034180cc89600f69e8274edd339122fb
f80fdf3500128538fdca9be61003dac9ea565ed4
d960abb2dbff43a96f902121faee8b0a83f7543ac57f9aea349488752df08950

HTTP Headers

GET /logos/providers_small/color/arcadem.svg HTTP/1.1
Host: dwmu1hf7ovvid.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 5870
last-modified: Tue, 15 Jun 2021 13:20:51 GMT
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Sun, 03 Dec 2023 19:20:38 GMT
etag: "034180cc89600f69e8274edd339122fb"
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: NrOhISpOE2qc5Usfo5n2DGAsXNZZSV6EKKN0seePJ8tl3JjXkAdl0w==
age: 14565
X-Firefox-Spdy: h2

d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/betgamestv.svg

54.230.241.11

6.1 kB

URL
d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/betgamestv.svg
IP
54.230.241.11:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3581), with CRLF line terminators
Size
6.1 kB (6051 bytes)
Hash
bfb461b871a3c785ce510bba9a631874
ed977b08c773396bd3fcd783ae108468163ee6e0
de6811c81a40c75a7ff4dd8295b7fda90516cf404f4c88d11cf72b355545b0c0

HTTP Headers

GET /logos/providers_small/color/betgamestv.svg HTTP/1.1
Host: d2i76d1bskcqlp.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 6051
date: Sun, 03 Dec 2023 12:40:29 GMT
last-modified: Wed, 29 Sep 2021 07:36:08 GMT
etag: "bfb461b871a3c785ce510bba9a631874"
x-amz-meta-sha256: de6811c81a40c75a7ff4dd8295b7fda90516cf404f4c88d11cf72b355545b0c0
x-amz-meta-s3b-last-modified: 20210929T073355Z
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: zbgUo5kB-PolGadzqpfRQqYpyfixJXcBGFxQxkPGaBIioN2Wffs9aQ==
age: 38574
X-Firefox-Spdy: h2

cdn.softswiss.net/logos/providers_small/color/apparat.svg

104.16.13.151

1.5 kB

URL
cdn.softswiss.net/logos/providers_small/color/apparat.svg
IP
104.16.13.151:0
ASN
#13335 CLOUDFLARENET

File type
gzip compressed data, from Unix\012- data
Size
1.5 kB (1453 bytes)
Hash
c1e107abbf44a761e0491252b4909f4e
8114cfb5c5c40fcbad542c1ea4da129fac1df18a
06ef514dd9ef271a39673f8c26232fa3e2a3e187319d4564d40efe471f0cc4df

HTTP Headers

GET /logos/providers_small/color/apparat.svg HTTP/1.1
Host: cdn.softswiss.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:21 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Jan 2023 07:50:02 GMT
etag: W/"63ce3c2a-11a"
expires: Sun, 03 Dec 2023 16:15:18 GMT
cache-control: max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 51418
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e931c7b7129-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

dwmu1hf7ovvid.cloudfront.net/site/upload/provider_logo/betsolutions.svg

143.204.42.201

1.1 kB

URL
dwmu1hf7ovvid.cloudfront.net/site/upload/provider_logo/betsolutions.svg
IP
143.204.42.201:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (402), with CRLF line terminators
Size
1.1 kB (1096 bytes)
Hash
6302fc288d10b92450b825a2e9d8e4e4
c7ac7e1edda7412f79fcae44c160f4de0fd57159
1586a13f15cae4b1b784f25aacdfd167a397b9640451f105b16a426366d2d9d3

HTTP Headers

GET /site/upload/provider_logo/betsolutions.svg HTTP/1.1
Host: dwmu1hf7ovvid.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 1096
last-modified: Thu, 24 Aug 2023 11:37:50 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: BQ_iINYzXVLiJT2i5O8qKlTsqqHUHo8X
accept-ranges: bytes
server: AmazonS3
date: Sun, 03 Dec 2023 19:20:38 GMT
etag: "6302fc288d10b92450b825a2e9d8e4e4"
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 3p1se8I88i80di_TYA3994rIr2seFSz_lpaSJH-wkybBE6NDrg8YIQ==
age: 14565
X-Firefox-Spdy: h2

d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/bigtimegaming.svg

54.230.241.11

6.3 kB

URL
d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/bigtimegaming.svg
IP
54.230.241.11:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (1497), with CRLF line terminators
Size
6.3 kB (6338 bytes)
Hash
b2fcb9058bcb35c19bc4c1b93f5b4e7e
179494863882286441303ddec015224a104ce23a
6f101dd4b4e191a73bc87c145da872dee5415c0cf97e24e9b8bd1c94b955e6a5

HTTP Headers

GET /logos/providers_small/color/bigtimegaming.svg HTTP/1.1
Host: d2i76d1bskcqlp.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 6338
date: Sun, 03 Dec 2023 11:50:16 GMT
last-modified: Wed, 29 Sep 2021 07:36:08 GMT
etag: "b2fcb9058bcb35c19bc4c1b93f5b4e7e"
x-amz-meta-sha256: 6f101dd4b4e191a73bc87c145da872dee5415c0cf97e24e9b8bd1c94b955e6a5
x-amz-meta-s3b-last-modified: 20210929T073356Z
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: tsZTetJG6IlwOHGO-RJ0TRetZqX1nSI8raAwBi2-DoUFiefVoawa0A==
age: 41587
X-Firefox-Spdy: h2

dwmu1hf7ovvid.cloudfront.net/logos/providers_small/color/boomerangstudios.svg

143.204.42.201

3.9 kB

URL
dwmu1hf7ovvid.cloudfront.net/logos/providers_small/color/boomerangstudios.svg
IP
143.204.42.201:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with CRLF line terminators
Size
3.9 kB (3917 bytes)
Hash
567f789fd1312ad8a0b7063155796f73
014c8a93000eaf956d7c238d23a3c02b3d43a499
41118e4903e9a2359b3f76151634df9ecab198a460f734bb94f003cd82c7ce0a

HTTP Headers

GET /logos/providers_small/color/boomerangstudios.svg HTTP/1.1
Host: dwmu1hf7ovvid.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 3917
last-modified: Tue, 15 Jun 2021 13:20:52 GMT
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Sun, 03 Dec 2023 19:20:38 GMT
etag: "567f789fd1312ad8a0b7063155796f73"
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Qufb7cgVtus6WbqW6r7ZbAK8-kRIUZwc5bOuEjAfGP3Vx_k_EiQxkA==
age: 14565
X-Firefox-Spdy: h2

d16vnr1tync57h.cloudfront.net/logos/providers_small/color/mascotgaming.svg

143.204.42.80

6.3 kB

URL
d16vnr1tync57h.cloudfront.net/logos/providers_small/color/mascotgaming.svg
IP
143.204.42.80:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (951), with CRLF line terminators
Size
6.3 kB (6292 bytes)
Hash
8e6f479f0cca12567bff7797a9436658
bf212cd7b40efb013b11bcad3527935edd277531
a758b2ede50c24f940cfbbf39c48597aa51698384adbedc830cc4fe74f992d21

HTTP Headers

GET /logos/providers_small/color/mascotgaming.svg HTTP/1.1
Host: d16vnr1tync57h.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 6292
last-modified: Tue, 31 May 2022 14:26:05 GMT
accept-ranges: bytes
server: AmazonS3
date: Sun, 03 Dec 2023 19:20:38 GMT
etag: "8e6f479f0cca12567bff7797a9436658"
x-cache: Hit from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: LK6P_DnZ4XE1_2SbmT4BCjg3MRKO68FNqIelONxvV-K0TXdbGP2Haw==
age: 14565
X-Firefox-Spdy: h2

dwmu1hf7ovvid.cloudfront.net/site/upload/provider_logo/mgagames.svg

143.204.42.201

4.4 kB

URL
dwmu1hf7ovvid.cloudfront.net/site/upload/provider_logo/mgagames.svg
IP
143.204.42.201:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (950)
Size
4.4 kB (4435 bytes)
Hash
b816811f088ef406d8ec067c4f783adf
f22c61624b6eb1b535a73ae29cdf2cfa89eb385c
fbe66f42dbc17e12cf77f7b9becc0e7d0b9eb42baf89b207925442740f2d33e4

HTTP Headers

GET /site/upload/provider_logo/mgagames.svg HTTP/1.1
Host: dwmu1hf7ovvid.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 4435
date: Sun, 03 Dec 2023 14:13:20 GMT
last-modified: Tue, 27 Jun 2023 12:22:16 GMT
etag: "b816811f088ef406d8ec067c4f783adf"
x-amz-server-side-encryption: AES256
x-amz-version-id: 1joN2GIkLrvZJ_Tjb9bfU1Pf9TY7LW1o
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ZbWFlRbFWkjrfBcCPXlD9pCf3oxQ9_vm33yRbxwC60oVEJaK_Kcokw==
age: 33003
X-Firefox-Spdy: h2

d16vnr1tync57h.cloudfront.net/logos/providers_small/color/goldenrock.svg

143.204.42.80

714 B

URL
d16vnr1tync57h.cloudfront.net/logos/providers_small/color/goldenrock.svg
IP
143.204.42.80:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (714), with no line terminators
Size
714 B (714 bytes)
Hash
7569a7b405ecbe21cb2fdb858be36419
f0a6a852da94f699856a293aadaa41a555d1b85a
55c2481a862a33993c87193f7c8c89ce9437449f57ccf9f89b6900ff78f4fc8e

HTTP Headers

GET /logos/providers_small/color/goldenrock.svg HTTP/1.1
Host: d16vnr1tync57h.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 714
last-modified: Mon, 07 Feb 2022 12:18:29 GMT
accept-ranges: bytes
server: AmazonS3
date: Sun, 03 Dec 2023 19:20:38 GMT
etag: "7569a7b405ecbe21cb2fdb858be36419"
x-cache: Hit from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: LK2VOdvh-3sFOvL2mjoYHBe734uD0NYYsKUFVqavxebpitpZfXzO3w==
age: 14565
X-Firefox-Spdy: h2

d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/crazytooth.svg

54.230.241.11

1.5 kB

URL
d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/crazytooth.svg
IP
54.230.241.11:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1497), with no line terminators
Size
1.5 kB (1497 bytes)
Hash
bcb0dd71b078c3b9906de309692055a7
7e17df614ae66525169df3e398186e5ae3b0baed
6786f88721b805313ecbd988092d4ff6050224d9574cb2b259e8ec9d9f0fcd4d

HTTP Headers

GET /logos/providers_small/color/crazytooth.svg HTTP/1.1
Host: d2i76d1bskcqlp.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 1497
date: Sun, 03 Dec 2023 12:40:30 GMT
last-modified: Wed, 29 Sep 2021 07:36:09 GMT
etag: "bcb0dd71b078c3b9906de309692055a7"
x-amz-meta-sha256: 6786f88721b805313ecbd988092d4ff6050224d9574cb2b259e8ec9d9f0fcd4d
x-amz-meta-s3b-last-modified: 20210929T073356Z
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 1OW9yqF_ArKaW_KJvil7Wb6zFwJQ0mpsIVmyr3f-88nzF724Bk9jtg==
age: 38573
X-Firefox-Spdy: h2

platform.bizzocasino.com/api/v3/casino/game?is_desktop=1&has_live=0&category_id=25

104.26.9.22

6.3 kB

URL
platform.bizzocasino.com/api/v3/casino/game?is_desktop=1&has_live=0&category_id=25
IP
104.26.9.22:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with very long lines (22729), with no line terminators
Size
6.3 kB (6294 bytes)
Hash
55ffb5682bb0865ab3d522be1eb855ff
48d4768979f71140332c3b54b373ab0346974c5d
360d3707fd74b346bf47bdc163842874e3c78475737b1073aaa0b6925068bcd6

HTTP Headers

GET /api/v3/casino/game?is_desktop=1&has_live=0&category_id=25 HTTP/1.1
Host: platform.bizzocasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
client-timezone: UTC
Origin: https://bizzocasino.com
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Cookie: _cioanonid=5729cd2a-443d-d34e-f27b-3db8283c16fe; _ga_89BGS3MKPL=GS1.1.1701645802.1.0.1701645802.60.0.0; _ga=GA1.1.229974730.1701645803; _sp_srt_ses.52c6=*; _sp_srt_id.52c6=181b8daa-ecdb-47c1-89cf-35a8d7654f5f.1701645803.1.1701645803..1220d451-2ad2-4753-970e-24cea0de13a2....0; ubc-code=29ac37f3-360e-4c6c-b8ea-42bbfe59b49b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:21 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: https://bizzocasino.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone,LOCATION-SMART-HTML-SESSION-ID,LOCATION-SMART-DEVICE-SESSION-ID
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=74EQ%2BS7ZN1lo0psftDUgYkZtZZe1WgFOcI4kmI18DXUTqtvZIKm9rwYuCXU5kL%2FQQxg3LDo9lsjsnofebSrk6mtRxrwZeWSpyMrvUUfmScJxxNLvY6vJsrYS7vqkpf60foT8u%2FYKBXaHXA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82ff8e8b5853b50c-OSL
content-encoding: br
X-Firefox-Spdy: h2

dwmu1hf7ovvid.cloudfront.net/logos/providers_small/color/pearfiction.svg

143.204.42.201

24 kB

URL
dwmu1hf7ovvid.cloudfront.net/logos/providers_small/color/pearfiction.svg
IP
143.204.42.201:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2285)
Size
24 kB (24433 bytes)
Hash
471a2205beb8229ed4b21c6f8802db30
58466c2b63e70a682ad9ff274ae21459bf983215
424d62edf752c3e2e62d3d32a0eaae96d47b5ea91e615c89371d8495e1e3080b

HTTP Headers

GET /logos/providers_small/color/pearfiction.svg HTTP/1.1
Host: dwmu1hf7ovvid.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 24433
date: Sun, 03 Dec 2023 01:45:16 GMT
last-modified: Tue, 07 Jun 2022 09:56:27 GMT
etag: "471a2205beb8229ed4b21c6f8802db30"
x-amz-version-id: FE4bEsdYtRc5ixd5k8rHj4K0tKpAZv.T
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ARcynLE5SjnFX0ASSuRZTR71qseSMDG3cC-9DVPkxNj7tg_3XDRj2w==
age: 77887
X-Firefox-Spdy: h2

d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/blueprint.svg

54.230.241.11

8.9 kB

URL
d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/blueprint.svg
IP
54.230.241.11:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1559), with CRLF line terminators
Size
8.9 kB (8915 bytes)
Hash
158e1c96b0575a2561f2ec4d20854eaf
f199d2f16daecfdf0583543db90fbdf7946df356
d1a0f57072fad3c119373bf2e6b9ab5c286258766d0bdb8db9e4fb7059f32658

HTTP Headers

GET /logos/providers_small/color/blueprint.svg HTTP/1.1
Host: d2i76d1bskcqlp.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 8915
date: Sun, 03 Dec 2023 14:13:19 GMT
last-modified: Wed, 29 Sep 2021 07:36:09 GMT
etag: "158e1c96b0575a2561f2ec4d20854eaf"
x-amz-meta-sha256: d1a0f57072fad3c119373bf2e6b9ab5c286258766d0bdb8db9e4fb7059f32658
x-amz-meta-s3b-last-modified: 20210929T073356Z
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 0whS0MsY6Phlaeq6WZgLyAv_H4g653yRLvxDoHXKqp1PASUrkaLqNQ==
age: 33004
X-Firefox-Spdy: h2

cdn.softswiss.net/logos/providers_small/white/rfranco.svg

104.16.13.151

27 kB

URL
cdn.softswiss.net/logos/providers_small/white/rfranco.svg
IP
104.16.13.151:0
ASN
#13335 CLOUDFLARENET

File type
gzip compressed data, from Unix\012- data
Size
27 kB (27413 bytes)
Hash
148142ea867afcd70b66659ddef281f1
2d036b3572f442f01fc55671346cdf1ddea192d3
9826d5e355764c24bc8c45976d9882248424eb90c30c563077fe8c84109c72db

HTTP Headers

GET /logos/providers_small/white/rfranco.svg HTTP/1.1
Host: cdn.softswiss.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:21 GMT
content-type: image/svg+xml
last-modified: Tue, 20 Dec 2022 06:20:02 GMT
etag: W/"63a15412-f608"
expires: Sun, 03 Dec 2023 18:25:09 GMT
cache-control: max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 60861
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e946d517129-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

dwmu1hf7ovvid.cloudfront.net/logos/providers_small/color/realdealer.svg

143.204.42.201

2.2 kB

URL
dwmu1hf7ovvid.cloudfront.net/logos/providers_small/color/realdealer.svg
IP
143.204.42.201:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (706), with CRLF line terminators
Size
2.2 kB (2163 bytes)
Hash
7fb1bee88e119fb4074ad7c2632a1924
4146a240877f23f996983f24173097d3317c9041
1a4459de42a69397bebc1a7bcc4d897c4908b7c8e2b5c04b5500c3cb77ab398d

HTTP Headers

GET /logos/providers_small/color/realdealer.svg HTTP/1.1
Host: dwmu1hf7ovvid.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 2163
last-modified: Mon, 28 Jun 2021 10:42:46 GMT
x-amz-version-id: eNvrSyetFqErJ4nFLG422JT1e_Ycc584
accept-ranges: bytes
server: AmazonS3
date: Sun, 03 Dec 2023 19:20:38 GMT
etag: "7fb1bee88e119fb4074ad7c2632a1924"
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ipzbp3QcMs3iYFi7AVeOS-B0CznbVjCJ4RBF_tgSfk1er2TU_UdqSw==
age: 14565
X-Firefox-Spdy: h2

d16vnr1tync57h.cloudfront.net/logos/providers_small/color/avatarux.svg

143.204.42.80

1.7 kB

URL
d16vnr1tync57h.cloudfront.net/logos/providers_small/color/avatarux.svg
IP
143.204.42.80:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1706), with no line terminators
Size
1.7 kB (1706 bytes)
Hash
ccf74cac0e5df0cc91e101ab8abb08f1
d99a3088a3ff7a4b4dc40d2afe87a808a58d8363
dea42465a3026ff89a97001e601e32ba39534a63516475c697c768d95edfdfbd

HTTP Headers

GET /logos/providers_small/color/avatarux.svg HTTP/1.1
Host: d16vnr1tync57h.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 1706
date: Sun, 03 Dec 2023 19:37:04 GMT
last-modified: Mon, 07 Feb 2022 12:18:29 GMT
etag: "ccf74cac0e5df0cc91e101ab8abb08f1"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: xBO2ohiLIdAFobfY2aiI5DTVhCOgq6wZAX5U0kb2PpL6zbruH_-41w==
age: 13579
X-Firefox-Spdy: h2

d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/electricelephant.svg

54.230.241.11

4.9 kB

URL
d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/electricelephant.svg
IP
54.230.241.11:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (4872), with no line terminators
Size
4.9 kB (4872 bytes)
Hash
ef7c03e2a8b4bb9d3bc27a58c371b542
ef460ecfb064e74b6c8fb7996d8fa1282cb8094a
1bd9155db93e57cef089af10fcc9239de456c9c0fdcc28fbfa96af871e306eed

HTTP Headers

GET /logos/providers_small/color/electricelephant.svg HTTP/1.1
Host: d2i76d1bskcqlp.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 4872
date: Sun, 03 Dec 2023 11:50:16 GMT
last-modified: Wed, 29 Sep 2021 07:36:09 GMT
etag: "ef7c03e2a8b4bb9d3bc27a58c371b542"
x-amz-meta-sha256: 1bd9155db93e57cef089af10fcc9239de456c9c0fdcc28fbfa96af871e306eed
x-amz-meta-s3b-last-modified: 20210929T073356Z
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: i9Wxt0ZRVbhmF4ml31dywrz0vT6rA62GXHHwlbs0gpLvGuTYEPmr7Q==
age: 41587
X-Firefox-Spdy: h2

cdn.softswiss.net/logos/providers_small/white/fugaso.svg

104.16.13.151

3.0 kB

URL
cdn.softswiss.net/logos/providers_small/white/fugaso.svg
IP
104.16.13.151:0
ASN
#13335 CLOUDFLARENET

File type
gzip compressed data, from Unix\012- data
Size
3.0 kB (3047 bytes)
Hash
1c33684b1803dda431d1aa2559ae820c
313d8ba782fd627a2e855de363250a35a55b748d
789c8e21bffbe7cdc71e1430e8881bf03c40c44e5e141e91429ff980a1d06639

HTTP Headers

GET /logos/providers_small/white/fugaso.svg HTTP/1.1
Host: cdn.softswiss.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:21 GMT
content-type: image/svg+xml
last-modified: Fri, 15 Jul 2022 10:25:02 GMT
etag: W/"62d1407e-987"
expires: Mon, 04 Dec 2023 01:15:12 GMT
cache-control: max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 24147
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e92cc557129-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

dwmu1hf7ovvid.cloudfront.net/logos/providers_small/color/reflexgaming.svg

143.204.42.201

14 kB

URL
dwmu1hf7ovvid.cloudfront.net/logos/providers_small/color/reflexgaming.svg
IP
143.204.42.201:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (2172), with CRLF line terminators
Size
14 kB (14480 bytes)
Hash
265514c04c0b7011bbf295a4fdc34b4c
cb8ca77a6017976cf79ca619f7c57269b82a20b7
706efd893d33cf7d1f29ff0e712bf47f2940fbb7549b77ef429a29ce0af05fe6

HTTP Headers

GET /logos/providers_small/color/reflexgaming.svg HTTP/1.1
Host: dwmu1hf7ovvid.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 14480
last-modified: Mon, 22 Nov 2021 11:44:04 GMT
x-amz-version-id: OSGb5HwcUEjTJ0OpjjDN5aBinxkJ4EGU
accept-ranges: bytes
server: AmazonS3
date: Sun, 03 Dec 2023 19:20:38 GMT
etag: "265514c04c0b7011bbf295a4fdc34b4c"
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: lRAne5WIUUsjGJfjDzwE2Vwl8sZJ_kmPHgMyKd-Ox6fA1nXnRVGJwA==
age: 14565
X-Firefox-Spdy: h2

cdn.softswiss.net/i/s3/gamebeat/FortuneFive.webp

104.16.13.151

38 kB

URL
cdn.softswiss.net/i/s3/gamebeat/FortuneFive.webp
IP
104.16.13.151:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
38 kB (38488 bytes)
Hash
15297eeeb04ed31b5cd2323f593f3d6a
38cbcc7887b1fef56ff7a43cd58ee91e83cf1328
4a2a315caabd8340cac008af5341863dc2ee8e51544d5ffd5258dbbe26855639

HTTP Headers

GET /i/s3/gamebeat/FortuneFive.webp HTTP/1.1
Host: cdn.softswiss.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:22 GMT
content-type: image/webp
content-length: 38488
last-modified: Wed, 20 Jan 2021 07:10:02 GMT
etag: "6007d74a-9658"
expires: Mon, 04 Dec 2023 20:11:27 GMT
cache-control: max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 11515
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e9a28a97129-OSL
X-Firefox-Spdy: h2

d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/endorphina.svg

54.230.241.11

3.0 kB

URL
d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/endorphina.svg
IP
54.230.241.11:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (568), with CRLF line terminators
Size
3.0 kB (2999 bytes)
Hash
1cda4d5915e7d90371619f57a4f8f47b
0b1d75cde0f4477eac078a4e03e8f6b44ea3ce53
a4ec92837fa598991cec70a80788482f70b2c8e2a02da9f0a451d34f41e0f5ae

HTTP Headers

GET /logos/providers_small/color/endorphina.svg HTTP/1.1
Host: d2i76d1bskcqlp.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 2999
date: Sun, 03 Dec 2023 11:48:59 GMT
last-modified: Wed, 29 Sep 2021 07:36:09 GMT
etag: "1cda4d5915e7d90371619f57a4f8f47b"
x-amz-meta-sha256: a4ec92837fa598991cec70a80788482f70b2c8e2a02da9f0a451d34f41e0f5ae
x-amz-meta-s3b-last-modified: 20210929T073357Z
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: P_OQaMtjJI7SAPl0TMvP0QxLeHtpY4Xf5i3CidNBWmKLmc7eTAdAjw==
age: 41664
X-Firefox-Spdy: h2

cdn.softswiss.net/i/s3/booming/CashPig.webp

104.16.13.151

45 kB

URL
cdn.softswiss.net/i/s3/booming/CashPig.webp
IP
104.16.13.151:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
45 kB (45318 bytes)
Hash
d66d1e7d95969b9fc043908921803ce9
78f70634a25b993f8ce13f449710f5af0970058a
7cb79e6bcd91d5cc2401a937c98617dccbc22a7117ed35d29c759d4f801627b8

HTTP Headers

GET /i/s3/booming/CashPig.webp HTTP/1.1
Host: cdn.softswiss.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:22 GMT
content-type: image/webp
content-length: 45318
last-modified: Thu, 21 Jan 2021 09:45:02 GMT
etag: "60094d1e-b106"
expires: Mon, 04 Dec 2023 01:49:35 GMT
cache-control: max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 58322
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e9a28aa7129-OSL
X-Firefox-Spdy: h2

bizzocasino.com/no/api/seo/get-data?pageUrl=%2Fno%2Fcasino%2Fslots

104.26.9.22

26 kB

URL
bizzocasino.com/no/api/seo/get-data?pageUrl=%2Fno%2Fcasino%2Fslots
IP
104.26.9.22:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with very long lines (4323), with no line terminators
Size
26 kB (25752 bytes)
Hash
3cd0cc4cf024d986940fca86c58e60fe
ac01769ffda9850dc1a280aea77076e80a25fd9c
cbc1fc5f8adbbf25189f02b5e52d71d8d0130b110aa5fb633f4af7c9b86038bf

HTTP Headers

GET /no/api/seo/get-data?pageUrl=%2Fno%2Fcasino%2Fslots HTTP/1.1
Host: bizzocasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
Referer: https://bizzocasino.com/no/casino/slots?btag=655020_43A7E4A368104753AF901F0D08A5156B&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&utm_term=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&subid=2c1ce2tik37d5i4a10
DNT: 1
Connection: keep-alive
Cookie: preferred-language=no; btag=655020_43A7E4A368104753AF901F0D08A5156B; subid=2c1ce2tik37d5i4a10; utm_campaign=Ubidex-Bizzo-EU-NotReg-pop-WelPromo; utm_medium=Ubidex; utm_source=retarget; utm_term=Ubidex-Bizzo-EU-NotReg-pop-WelPromo; _cioanonid=5729cd2a-443d-d34e-f27b-3db8283c16fe; _ga_89BGS3MKPL=GS1.1.1701645802.1.0.1701645802.60.0.0; _ga=GA1.1.229974730.1701645803; _sp_srt_ses.52c6=*; _sp_srt_id.52c6=181b8daa-ecdb-47c1-89cf-35a8d7654f5f.1701645803.1.1701645803..1220d451-2ad2-4753-970e-24cea0de13a2....0; ubc-code=29ac37f3-360e-4c6c-b8ea-42bbfe59b49b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:20 GMT
content-type: application/json
cf-ray: 82ff8e8a4f9fb50c-OSL
cf-cache-status: DYNAMIC
cache-control: max-age=0, must-revalidate, private
expires: Sun, 03 Dec 2023 23:23:20 GMT
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods: GET, POST, OPTIONS
access-control-expose-headers: Content-Length,Content-Range
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e4BB7X7u9G4xMENp68Tz1%2Bz%2FpxuNN6l92zNiQwQNgPauArlX4jPXKNR05RgelNQwf%2F5oYXuRIGZmrYjhcMwmhR84GKCcNzlR1THwT8EX42Wl0Hsa0L5B8sVYRsxy3lsErQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

dwmu1hf7ovvid.cloudfront.net/logos/providers_small/color/goldcoinstudios.svg

143.204.42.201

133 kB

URL
dwmu1hf7ovvid.cloudfront.net/logos/providers_small/color/goldcoinstudios.svg
IP
143.204.42.201:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (12930)
Size
133 kB (133069 bytes)
Hash
dd827ca5519977c07b68e9e676a49027
5705373168156ba34cb80b2a0d588797f51c5a6f
89ec3df342f52e6bc8c9d800f8572ae1bc92658c7ea878a756d8951ff15660b9

HTTP Headers

GET /logos/providers_small/color/goldcoinstudios.svg HTTP/1.1
Host: dwmu1hf7ovvid.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 133069
date: Sun, 03 Dec 2023 01:45:16 GMT
last-modified: Tue, 05 Apr 2022 09:10:00 GMT
etag: "dd827ca5519977c07b68e9e676a49027"
x-amz-version-id: KQny1EEoUHt8g4ZdeAAcFj1lZ4cTymXn
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: AelhfJDfNadAO3ooxj28w3qjN4r5llMg9A8a8piw13z0ahvHDSX6DA==
age: 77887
X-Firefox-Spdy: h2

d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/eyecon.svg

54.230.241.11

1.9 kB

URL
d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/eyecon.svg
IP
54.230.241.11:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1947), with no line terminators
Size
1.9 kB (1947 bytes)
Hash
e2d21564eb463b6768920758ffd2cdc2
d20336fe5bea1ab209a83c812eab81abc9e6dc67
cc89579da14dfd49801973795ada59d95d29eaf1b414016bdf493ee3a23c1603

HTTP Headers

GET /logos/providers_small/color/eyecon.svg HTTP/1.1
Host: d2i76d1bskcqlp.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 1947
date: Sun, 03 Dec 2023 12:40:30 GMT
last-modified: Wed, 29 Sep 2021 07:36:09 GMT
etag: "e2d21564eb463b6768920758ffd2cdc2"
x-amz-meta-sha256: cc89579da14dfd49801973795ada59d95d29eaf1b414016bdf493ee3a23c1603
x-amz-meta-s3b-last-modified: 20210929T073357Z
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ywc07TciDyDtRidb8DsrAzZZk6A2uD9diVc5K0EuwQIAZkwkfdktKQ==
age: 38573
X-Firefox-Spdy: h2

cdn.softswiss.net/i/s3/playngo/BookofDead.webp

104.16.13.151

30 kB

URL
cdn.softswiss.net/i/s3/playngo/BookofDead.webp
IP
104.16.13.151:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
30 kB (29884 bytes)
Hash
251d600e5c61d02b046464f36da5635c
0e4228736f1cba3731f8850c1dd537af66c0f4bc
6825bb5648c6bcfb893642d600e5448c9f5d70068ea9244bfb53705bd0a8fda3

HTTP Headers

GET /i/s3/playngo/BookofDead.webp HTTP/1.1
Host: cdn.softswiss.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:22 GMT
content-type: image/webp
content-length: 29884
last-modified: Thu, 27 Jun 2019 06:47:05 GMT
etag: "5d146669-74bc"
expires: Mon, 04 Dec 2023 00:21:18 GMT
cache-control: max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 33086
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e9a28b17129-OSL
X-Firefox-Spdy: h2

cdn.softswiss.net/logos/providers_small/white/hacksaw.svg

104.16.13.151

2.4 kB

URL
cdn.softswiss.net/logos/providers_small/white/hacksaw.svg
IP
104.16.13.151:0
ASN
#13335 CLOUDFLARENET

File type
gzip compressed data, from Unix\012- data
Size
2.4 kB (2417 bytes)
Hash
fa9b3461c69d9f6b635e215a88958efe
560477d701bb589d036ad6b3ed036858466fc475
4982c5ca3eddcb11ebfd8a2a46ccb9d5ca2ae29f3c806318e1638e31547641c1

HTTP Headers

GET /logos/providers_small/white/hacksaw.svg HTTP/1.1
Host: cdn.softswiss.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:20 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Jan 2022 10:05:02 GMT
etag: W/"61dd564e-1f5"
expires: Sun, 03 Dec 2023 19:42:38 GMT
cache-control: max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 54751
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e8c98707129-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

dwmu1hf7ovvid.cloudfront.net/logos/providers_small/color/candlebets.svg

143.204.42.201

6.7 kB

URL
dwmu1hf7ovvid.cloudfront.net/logos/providers_small/color/candlebets.svg
IP
143.204.42.201:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1240), with CRLF line terminators
Size
6.7 kB (6691 bytes)
Hash
de18ba856a6eab5a05dbed126163a264
f8122b0344728144a960f1866d17c71b8b8b2461
8d96a45804798ac4cdf7aa02060038e6aa67e049635463a9b0f62cf5f311a955

HTTP Headers

GET /logos/providers_small/color/candlebets.svg HTTP/1.1
Host: dwmu1hf7ovvid.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 6691
last-modified: Tue, 15 Jun 2021 13:20:52 GMT
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Sun, 03 Dec 2023 19:20:38 GMT
etag: "de18ba856a6eab5a05dbed126163a264"
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: HbovtlbKaWKmB1yb9FrY6iesuf-0RzfPAfl7mtMyHCjYKVxN03y0Mg==
age: 14565
X-Firefox-Spdy: h2

d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/foxium.svg

54.230.241.11

1.2 kB

URL
d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/foxium.svg
IP
54.230.241.11:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
1.2 kB (1154 bytes)
Hash
32a01258153aa6fcaf1882409ae25419
1db64711b280f09f61a73fde7b85589cb9fb3513
50bf35e4a3fb64cb56c5a715752c7e2818a6ff509838cd0b7d176433198e3346

HTTP Headers

GET /logos/providers_small/color/foxium.svg HTTP/1.1
Host: d2i76d1bskcqlp.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 1154
date: Sun, 03 Dec 2023 12:40:30 GMT
last-modified: Wed, 29 Sep 2021 07:36:10 GMT
etag: "32a01258153aa6fcaf1882409ae25419"
x-amz-meta-sha256: 50bf35e4a3fb64cb56c5a715752c7e2818a6ff509838cd0b7d176433198e3346
x-amz-meta-s3b-last-modified: 20210929T073357Z
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: QsBtpPo-tvdNSfDEWGzUhdthFlr06S6etQ-lO4OR54jTbpF64GpHeA==
age: 38573
X-Firefox-Spdy: h2

cdn.softswiss.net/i/s3/platipus/wildspindeluxe.webp

104.16.13.151

34 kB

URL
cdn.softswiss.net/i/s3/platipus/wildspindeluxe.webp
IP
104.16.13.151:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
34 kB (33850 bytes)
Hash
eaec5f661d8b34b5de7866551071fa2a
68cb4cdbe2cffac5d92cb936ea1abe1092486797
8fbfc3ea6a7b3411138b1df40e449033da7c07662eff7b83fe607e6686755af2

HTTP Headers

GET /i/s3/platipus/wildspindeluxe.webp HTTP/1.1
Host: cdn.softswiss.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:22 GMT
content-type: image/webp
content-length: 33850
last-modified: Wed, 19 Apr 2023 10:20:03 GMT
etag: "643fc053-843a"
expires: Mon, 04 Dec 2023 13:55:18 GMT
cache-control: max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 24367
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e9a28ac7129-OSL
X-Firefox-Spdy: h2

dueh421xfqdi.cloudfront.net/img/payment-iq-cryptocurrency-litecoin.svg

54.230.241.92

2.0 kB

URL
dueh421xfqdi.cloudfront.net/img/payment-iq-cryptocurrency-litecoin.svg
IP
54.230.241.92:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
2.0 kB (1955 bytes)
Hash
8c91edb86e4201b14ba655250a221520
37aa735bb6ca862093601c9272017b8abc58a582
7f7a1ee93c3641f87151e64e040b3a4e33cf921fdd4cd21c4e7dca4f966f6978

HTTP Headers

GET /img/payment-iq-cryptocurrency-litecoin.svg HTTP/1.1
Host: dueh421xfqdi.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 1955
vary: Accept-Encoding
date: Sun, 03 Dec 2023 23:23:23 GMT
last-modified: Fri, 06 May 2022 12:42:27 GMT
etag: "8c91edb86e4201b14ba655250a221520"
x-amz-meta-s3cmd-attrs: atime:1651840650/ctime:1651840649/gid:2033007316/gname:AGCSOFT%5CDomain%20Users/md5:8c91edb86e4201b14ba655250a221520/mode:33188/mtime:1651840646/uid:1501083981/uname:yevhen.karavanchenko
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7EgpehzZMYUtLNIr6mo-BgfESuUrKy82tOAKJdZ1JxA-Dk6Kcq7b_Q==
X-Firefox-Spdy: h2

dwmu1hf7ovvid.cloudfront.net/logos/providers_small/color/gamesinc.svg

143.204.42.201

572 B

URL
dwmu1hf7ovvid.cloudfront.net/logos/providers_small/color/gamesinc.svg
IP
143.204.42.201:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (571)
Size
572 B (572 bytes)
Hash
400f0c9897e7931095c2c86f3fdec668
52170926f191667602191bfba28f914c4913247e
0a48d355291e29b87940394b8e0a4ffd0e3b2d6b51fdfb3ba59213020817ade4

HTTP Headers

GET /logos/providers_small/color/gamesinc.svg HTTP/1.1
Host: dwmu1hf7ovvid.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 572
date: Sun, 03 Dec 2023 19:37:04 GMT
last-modified: Sat, 15 Jan 2022 09:24:29 GMT
etag: "400f0c9897e7931095c2c86f3fdec668"
x-amz-version-id: B0MCtGtnJsL.FD.ohaN.kLAATBXtPp.d
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: dPgDAgiVZvMSh0eGK3QFA-GSh1Muh1VJtjWMcH5Rd9PNjh-JmaKx9A==
age: 13578
X-Firefox-Spdy: h2

d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/gameart.svg

54.230.241.11

1.9 kB

URL
d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/gameart.svg
IP
54.230.241.11:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1272), with CRLF line terminators
Size
1.9 kB (1908 bytes)
Hash
b12f1f1dec53b6777db9065601d7ce85
e08c4635bd3c7791aeccb12f4390d6ec56b3960c
09172a15c0d8b64b35b56ddd8eec60355b437868e3da3453e5de28f8234cd11e

HTTP Headers

GET /logos/providers_small/color/gameart.svg HTTP/1.1
Host: d2i76d1bskcqlp.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 1908
date: Sun, 03 Dec 2023 11:50:16 GMT
last-modified: Wed, 29 Sep 2021 07:36:10 GMT
etag: "b12f1f1dec53b6777db9065601d7ce85"
x-amz-meta-sha256: 09172a15c0d8b64b35b56ddd8eec60355b437868e3da3453e5de28f8234cd11e
x-amz-meta-s3b-last-modified: 20210929T073357Z
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: xVDU0IqHWpIaVC6O4fUllhWWCQDcaN_hTMcY9r2zwylc4HYUSa6HdQ==
age: 41587
X-Firefox-Spdy: h2

cdn.softswiss.net/i/s3/evolution/GonzosQuest.webp

104.16.13.151

28 kB

URL
cdn.softswiss.net/i/s3/evolution/GonzosQuest.webp
IP
104.16.13.151:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
28 kB (27574 bytes)
Hash
b234be33eebb65e9fc3d93279f8c0097
d6b3724498b7b479a0f9ba8584027cff4e692049
c1eb8d16080ec9a180d27cd8ddfd6a61df2d460fa5c26e864f379520be6ce03e

HTTP Headers

GET /i/s3/evolution/GonzosQuest.webp HTTP/1.1
Host: cdn.softswiss.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:22 GMT
content-type: image/webp
content-length: 27574
last-modified: Thu, 16 Dec 2021 07:10:02 GMT
etag: "61bae64a-6bb6"
expires: Mon, 04 Dec 2023 09:10:11 GMT
cache-control: max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 11515
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e9a28b47129-OSL
X-Firefox-Spdy: h2

cdn.softswiss.net/logos/providers_small/color/readyplay.svg

104.16.13.151

8.5 kB

URL
cdn.softswiss.net/logos/providers_small/color/readyplay.svg
IP
104.16.13.151:0
ASN
#13335 CLOUDFLARENET

File type
gzip compressed data, from Unix\012- data
Size
8.5 kB (8528 bytes)
Hash
64c30a1f69998be624557e33e30671c0
3c57fab7d8d8434e5d4b24e13c5f7dd9a3d23942
c746cfa5cbe3140fc3c8307978eb56989b16864e674419b69e932510f4730775

HTTP Headers

GET /logos/providers_small/color/readyplay.svg HTTP/1.1
Host: cdn.softswiss.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:21 GMT
content-type: image/svg+xml
last-modified: Thu, 13 Apr 2023 09:15:02 GMT
etag: W/"6437c816-122b"
expires: Mon, 04 Dec 2023 04:52:32 GMT
cache-control: max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 24086
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e943d2e7129-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

dwmu1hf7ovvid.cloudfront.net/logos/providers_small/color/retrogaming.svg

143.204.42.201

8.6 kB

URL
dwmu1hf7ovvid.cloudfront.net/logos/providers_small/color/retrogaming.svg
IP
143.204.42.201:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2027), with CRLF line terminators
Size
8.6 kB (8607 bytes)
Hash
647419ada2b25cecade63e1868a7f9df
a307e103648e4c2d26187dc2d8f733d0899885dd
c26b47d875e47a4ba2053520d2aaad0335505ce8c00864bd975b0ecb74760992

HTTP Headers

GET /logos/providers_small/color/retrogaming.svg HTTP/1.1
Host: dwmu1hf7ovvid.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 8607
last-modified: Tue, 06 Jul 2021 11:25:55 GMT
x-amz-version-id: S0.QbC4SMUWDf9eorbwDv_9OZj9z_Lrh
accept-ranges: bytes
server: AmazonS3
date: Sun, 03 Dec 2023 19:20:38 GMT
etag: "647419ada2b25cecade63e1868a7f9df"
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: HpBV5ZTt4ENwSJdEFWH8Wb62yrlG-Z0WmHv2IlcFyUOrRIH-tv130A==
age: 14565
X-Firefox-Spdy: h2

bizzocasino.com/assets/placeholders/games/380x380.png

104.26.9.22

17 kB

URL
bizzocasino.com/assets/placeholders/games/380x380.png
IP
104.26.9.22:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 380 x 380, 8-bit/color RGBA, non-interlaced\012- data
Size
17 kB (16738 bytes)
Hash
7a25be88a946c6732d116c7e9b8ffa3c
ea9cb9cc44556f38ed4e045be296239367c049ee
ef0ae454fb2b7b50df49ca8dedc0f01daee845600aed1ec546c952a7a4a12e03

HTTP Headers

GET /assets/placeholders/games/380x380.png HTTP/1.1
Host: bizzocasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/no/casino/slots?btag=655020_43A7E4A368104753AF901F0D08A5156B&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&utm_term=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&subid=2c1ce2tik37d5i4a10
Cookie: is_mobile_device=false; is_mobile_device=false; preferred-language=no; btag=655020_43A7E4A368104753AF901F0D08A5156B; subid=2c1ce2tik37d5i4a10; utm_campaign=Ubidex-Bizzo-EU-NotReg-pop-WelPromo; utm_medium=Ubidex; utm_source=retarget; utm_term=Ubidex-Bizzo-EU-NotReg-pop-WelPromo; _cioanonid=5729cd2a-443d-d34e-f27b-3db8283c16fe; _ga_89BGS3MKPL=GS1.1.1701645802.1.0.1701645802.60.0.0; _ga=GA1.1.229974730.1701645803; _sp_srt_ses.52c6=*; _sp_srt_id.52c6=181b8daa-ecdb-47c1-89cf-35a8d7654f5f.1701645803.1.1701645803..1220d451-2ad2-4753-970e-24cea0de13a2....0; ubc-code=29ac37f3-360e-4c6c-b8ea-42bbfe59b49b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:22 GMT
content-type: image/png
content-length: 16738
cf-ray: 82ff8e99e954b50c-OSL
cf-cache-status: BYPASS
accept-ranges: bytes
etag: "6568287f-4162"
last-modified: Thu, 30 Nov 2023 06:15:27 GMT
set-cookie: is_mobile_device=false
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YGJ8G1cBIw17JximVwHsb7kMHEBV7YMNNptJ5AsnvE%2BmAdiRVttgPRuagnSW4pEAYgI5SYy6iaIZtPtoE5FwBvEDM6ho0wwnEZ74WLwPqv9GCbtTuNlFTB3Cxqd2vNe4%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/gamevy.svg

54.230.241.11

1.6 kB

URL
d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/gamevy.svg
IP
54.230.241.11:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
1.6 kB (1625 bytes)
Hash
069e4e97b05f1128c96c13653ebc37fc
b726eb50503145feb731ccebfe9a11303a39495a
53b53ffb4d7b8c2d8b450846667ca1a48fbda274ed37cc71eb5228b275acf8fe

HTTP Headers

GET /logos/providers_small/color/gamevy.svg HTTP/1.1
Host: d2i76d1bskcqlp.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 1625
date: Sun, 03 Dec 2023 11:48:59 GMT
last-modified: Wed, 29 Sep 2021 07:36:10 GMT
etag: "069e4e97b05f1128c96c13653ebc37fc"
x-amz-meta-sha256: 53b53ffb4d7b8c2d8b450846667ca1a48fbda274ed37cc71eb5228b275acf8fe
x-amz-meta-s3b-last-modified: 20210929T073357Z
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7qx6pYNTASdazkaE7D8ppgEOePjG3shjzX7jeMcsgT0f_h1xfDIC5A==
age: 41664
X-Firefox-Spdy: h2

cdn.softswiss.net/i/s3/popiplay/WildWildSteel.webp

104.16.13.151

20 kB

URL
cdn.softswiss.net/i/s3/popiplay/WildWildSteel.webp
IP
104.16.13.151:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
20 kB (19504 bytes)
Hash
492a74ff7afee2483de9192ef7fea683
17b1436a021be3687eba22238e5f1890bd446f3b
d0af9567cfc138cf062bd11eb0fe64c6ddc9eb6745ecfd57179dc7119af9a753

HTTP Headers

GET /i/s3/popiplay/WildWildSteel.webp HTTP/1.1
Host: cdn.softswiss.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:22 GMT
content-type: image/webp
content-length: 19504
last-modified: Tue, 15 Nov 2022 13:20:03 GMT
etag: "63739203-4c30"
expires: Mon, 04 Dec 2023 20:11:27 GMT
cache-control: max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 11515
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e9a28b57129-OSL
X-Firefox-Spdy: h2

cdn.softswiss.net/logos/providers_small/white/prospectgaming.svg

104.16.13.151

23 kB

URL
cdn.softswiss.net/logos/providers_small/white/prospectgaming.svg
IP
104.16.13.151:0
ASN
#13335 CLOUDFLARENET

File type
gzip compressed data, from Unix\012- data
Size
23 kB (23081 bytes)
Hash
008319f0d89b7464199e8ee5893b39a1
af716bf1a01c79546d9148f4ad082f18ab7950ed
9aed211239f72d5767e55fb90a5c7e216d8c062348e4d1f24fa1b35f9a37184f

HTTP Headers

GET /logos/providers_small/white/prospectgaming.svg HTTP/1.1
Host: cdn.softswiss.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:21 GMT
content-type: image/svg+xml
last-modified: Fri, 21 Jul 2023 06:40:03 GMT
etag: W/"64ba2843-c047"
expires: Mon, 04 Dec 2023 01:28:06 GMT
cache-control: max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 59616
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e942d257129-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

dwmu1hf7ovvid.cloudfront.net/logos/providers_small/color/winfast.svg

143.204.42.201

12 kB

URL
dwmu1hf7ovvid.cloudfront.net/logos/providers_small/color/winfast.svg
IP
143.204.42.201:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (3469)
Size
12 kB (12544 bytes)
Hash
6ec57ff2a7113bedd52177d98109feb5
f974b89f3d6b67a9b561cb75e8208487dff6a17a
92d5f93971f9628c1e203150b19a31eb531df1282f16f6c5329719454ced8b98

HTTP Headers

GET /logos/providers_small/color/winfast.svg HTTP/1.1
Host: dwmu1hf7ovvid.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 12544
date: Sun, 03 Dec 2023 01:45:16 GMT
last-modified: Fri, 30 Sep 2022 13:52:29 GMT
etag: "6ec57ff2a7113bedd52177d98109feb5"
x-amz-server-side-encryption: AES256
x-amz-version-id: AxqHl2Vap8IUmkQAtoDagkztHjOVyOoY
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: JymeetkKNMlD_yYk3a6qvbjtR6kmUXwzs5LWmiPIOOXt4aZraJGGZA==
age: 77887
X-Firefox-Spdy: h2

d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/fortunefactory.svg

54.230.241.11

6.1 kB

URL
d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/fortunefactory.svg
IP
54.230.241.11:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
6.1 kB (6096 bytes)
Hash
52a00cb614005d9b09d634ebb4cf92de
431995e9fbdb2c86764deca40f65f2c9dd29a602
9e323a2b7a3ec240f6bfc456feb75dedad2105cbbdc09b6cec70da58c418f638

HTTP Headers

GET /logos/providers_small/color/fortunefactory.svg HTTP/1.1
Host: d2i76d1bskcqlp.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 6096
date: Sun, 03 Dec 2023 12:40:30 GMT
last-modified: Wed, 29 Sep 2021 07:36:10 GMT
etag: "52a00cb614005d9b09d634ebb4cf92de"
x-amz-meta-sha256: 9e323a2b7a3ec240f6bfc456feb75dedad2105cbbdc09b6cec70da58c418f638
x-amz-meta-s3b-last-modified: 20210929T073357Z
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: yZh8weddTryFlTlepQEahbd_pVqA7ZZUU-l59-rnAw6cG4XdOVyW1A==
age: 38573
X-Firefox-Spdy: h2

cdn.softswiss.net/i/s3/booming/BurningClassics.webp

104.16.13.151

24 kB

URL
cdn.softswiss.net/i/s3/booming/BurningClassics.webp
IP
104.16.13.151:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
24 kB (24044 bytes)
Hash
bd9308982d446c112af9d2c67bec3d6b
68f5f0f8eae312a0be1dd3657767283de10afc5c
ffa07b72b66913f11569f20ff46c8cb28c0aca036130dfdabdfb5ce3c3a3d219

HTTP Headers

GET /i/s3/booming/BurningClassics.webp HTTP/1.1
Host: cdn.softswiss.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:22 GMT
content-type: image/webp
content-length: 24044
last-modified: Thu, 16 Jul 2020 08:30:04 GMT
etag: "5f10100c-5dec"
expires: Mon, 04 Dec 2023 14:18:23 GMT
cache-control: max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 20577
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e9a28b67129-OSL
X-Firefox-Spdy: h2

platform.bizzocasino.com/api/v2/registration-configurations?desktop=1

104.26.9.22

2.5 kB

URL
platform.bizzocasino.com/api/v2/registration-configurations?desktop=1
IP
104.26.9.22:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with no line terminators
Size
2.5 kB (2467 bytes)
Hash
d92c3b9712f95c37ab363ce30fdc9d6a
35e166c2945e752d132cf1ed1ffc9cb16719f1d3
020e1fa52610cb6c907f9dcaf4ecf4a17a0c94c32445f494a19c4df2cf0683ad

HTTP Headers

GET /api/v2/registration-configurations?desktop=1 HTTP/1.1
Host: platform.bizzocasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
client-timezone: UTC
Origin: https://bizzocasino.com
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Cookie: _cioanonid=5729cd2a-443d-d34e-f27b-3db8283c16fe; _ga_89BGS3MKPL=GS1.1.1701645802.1.0.1701645802.60.0.0; _ga=GA1.1.229974730.1701645803; _sp_srt_ses.52c6=*; _sp_srt_id.52c6=181b8daa-ecdb-47c1-89cf-35a8d7654f5f.1701645803.1.1701645803..1220d451-2ad2-4753-970e-24cea0de13a2....0; ubc-code=29ac37f3-360e-4c6c-b8ea-42bbfe59b49b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:18 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: https://bizzocasino.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,client-timezone,LOCATION-SMART-HTML-SESSION-ID,LOCATION-SMART-DEVICE-SESSION-ID
access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h74EGbAd%2FHVoX16CvvZw5oxcDGw97WIdullmcp4lxrc7P06E99wQ2Dto75OXTKFhB88nUubCOvo1dV%2FHaiQkow0jyIMwPDRo7XV5p7L7QKfVtrBxfR8piTl1lCmj1yKXc%2BR9UyWbPjdSlw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82ff8e81499db50c-OSL
content-encoding: br
X-Firefox-Spdy: h2

dwmu1hf7ovvid.cloudfront.net/logos/providers_small/color/wizard.svg

143.204.42.201

809 B

URL
dwmu1hf7ovvid.cloudfront.net/logos/providers_small/color/wizard.svg
IP
143.204.42.201:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (705)
Size
809 B (809 bytes)
Hash
ab075183fe1ec5518b51f0f5a717d872
b2f8ed0dfafac5d3917f5da5e032fb339599ec92
4c8789c4dd123a9c8967d34c5ed0ccf13fe4cd55cff72a4d17a4a1a4162cd638

HTTP Headers

GET /logos/providers_small/color/wizard.svg HTTP/1.1
Host: dwmu1hf7ovvid.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 809
date: Sun, 03 Dec 2023 01:45:16 GMT
last-modified: Tue, 31 May 2022 14:50:11 GMT
etag: "ab075183fe1ec5518b51f0f5a717d872"
x-amz-version-id: jvN88JzzSwB6MIk2UycTes32mAzqBEdr
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 4jZ3wZWAZYoyZVhUbRQRXaFEY-3eQibY8FmUYYmzJGYiOOFYLtPRaw==
age: 77887
X-Firefox-Spdy: h2

d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/igrosoft.svg

54.230.241.11

2.4 kB

URL
d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/igrosoft.svg
IP
54.230.241.11:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1116), with CRLF line terminators
Size
2.4 kB (2427 bytes)
Hash
357ded5118e8110c44638d3b5ed56530
644079707dddb92969d32b7c5ee76c90f01533f6
89ec14efcb9eda2841330bc6b4de5c2ab3dd71a4992c2cf0ac7f02f81dda7378

HTTP Headers

GET /logos/providers_small/color/igrosoft.svg HTTP/1.1
Host: d2i76d1bskcqlp.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 2427
date: Sun, 03 Dec 2023 11:48:59 GMT
last-modified: Wed, 29 Sep 2021 07:36:11 GMT
etag: "357ded5118e8110c44638d3b5ed56530"
x-amz-meta-sha256: 89ec14efcb9eda2841330bc6b4de5c2ab3dd71a4992c2cf0ac7f02f81dda7378
x-amz-meta-s3b-last-modified: 20210929T073358Z
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 37Mwb1ODMykIzH9prjM55_-g_ZlFoyIVlzLK7jNGzj1iY9Uyn7mWpQ==
age: 41664
X-Firefox-Spdy: h2

cdn.softswiss.net/i/s3/zillion/EgyptsSun.webp

104.16.13.151

30 kB

URL
cdn.softswiss.net/i/s3/zillion/EgyptsSun.webp
IP
104.16.13.151:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
30 kB (30192 bytes)
Hash
7d51310f46eb03369500e0c280401904
f0168aafe78ae2bd4b6a237a4a1660ea3a17c85d
8db68939e76024ff954ed3142c03d151748b53694cb14a27a439dac0fdfc7196

HTTP Headers

GET /i/s3/zillion/EgyptsSun.webp HTTP/1.1
Host: cdn.softswiss.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:22 GMT
content-type: image/webp
content-length: 30192
last-modified: Fri, 13 Oct 2023 13:40:03 GMT
etag: "652948b3-75f0"
expires: Mon, 04 Dec 2023 01:49:35 GMT
cache-control: max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 20577
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e9a28b77129-OSL
X-Firefox-Spdy: h2

cdn.softswiss.net/logos/providers_small/white/spribe.svg

104.16.13.151

2.2 kB

URL
cdn.softswiss.net/logos/providers_small/white/spribe.svg
IP
104.16.13.151:0
ASN
#13335 CLOUDFLARENET

File type
gzip compressed data, from Unix\012- data
Size
2.2 kB (2242 bytes)
Hash
1cf51a8675965f0b02bcb5534f4dc288
0c06b1c806c9e582447bf28931422cda43cad796
144acc5f1a3ad1f11f80054e113321a04fd4760665939ceab0f039a15236cd05

HTTP Headers

GET /logos/providers_small/white/spribe.svg HTTP/1.1
Host: cdn.softswiss.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:21 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Jan 2022 10:05:02 GMT
etag: W/"61dd564e-6a8"
expires: Sun, 03 Dec 2023 20:00:50 GMT
cache-control: max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 60861
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e94ad757129-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

dwmu1hf7ovvid.cloudfront.net/logos/providers_small/color/zillion.svg

143.204.42.201

2.3 kB

URL
dwmu1hf7ovvid.cloudfront.net/logos/providers_small/color/zillion.svg
IP
143.204.42.201:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1622), with CRLF line terminators
Size
2.3 kB (2297 bytes)
Hash
57fb0792fc4b0e9553767fd52a36127f
68f9dd9f2ff664c506b788ef35443e03ad7c0f6e
ecbe95bc2df9bf40ee881d4f599a83585ba918d2fbb985350e95e6ffba05416a

HTTP Headers

GET /logos/providers_small/color/zillion.svg HTTP/1.1
Host: dwmu1hf7ovvid.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 2297
date: Sun, 03 Dec 2023 11:43:00 GMT
last-modified: Fri, 09 Jul 2021 12:40:34 GMT
etag: "57fb0792fc4b0e9553767fd52a36127f"
x-amz-version-id: sfaRLKovSJ_9ulGTOmtbmxr2FUH06cVE
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: hirhHluGWCg1Bz8KkjMdDkZ6N1YNltuNIfOB88HmXn1UPmfUPpW0FA==
age: 42023
X-Firefox-Spdy: h2

d2j4tzbt95ugsz.cloudfront.net/site/upload/provider_logo/Neko-games-logo.svg

143.204.42.107

39 kB

URL
d2j4tzbt95ugsz.cloudfront.net/site/upload/provider_logo/Neko-games-logo.svg
IP
143.204.42.107:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (38718), with no line terminators
Size
39 kB (38718 bytes)
Hash
7119817ac1a466079b9b068d472eaf4d
f5e6d2f480178b87eda423eebebf5ec4d40183f3
c57efeb917e9042b4578af41d9ee4544ebd89e2341c66e6e052af00d89c307f0

HTTP Headers

GET /site/upload/provider_logo/Neko-games-logo.svg HTTP/1.1
Host: d2j4tzbt95ugsz.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 38718
date: Sun, 03 Dec 2023 12:40:31 GMT
last-modified: Tue, 31 Jan 2023 08:32:37 GMT
etag: "7119817ac1a466079b9b068d472eaf4d"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: BBrR784mCT7VxrjSqDkjGvzxgLawhRSnLYfgMdGbR-9eamYt6dv88g==
age: 38572
X-Firefox-Spdy: h2

d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/habanero.svg

54.230.241.11

6.9 kB

URL
d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/habanero.svg
IP
54.230.241.11:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3034), with CRLF line terminators
Size
6.9 kB (6923 bytes)
Hash
39c006fc230a39f9c4748aa25827bcea
d894d1c4c8b9fed4cebf253f2ba72865c24c7079
89629871666c142bc45df90d7056cb4e4701cf302f97937c6a6c68752765a255

HTTP Headers

GET /logos/providers_small/color/habanero.svg HTTP/1.1
Host: d2i76d1bskcqlp.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 6923
date: Sun, 03 Dec 2023 11:50:16 GMT
last-modified: Wed, 29 Sep 2021 07:36:10 GMT
etag: "39c006fc230a39f9c4748aa25827bcea"
x-amz-meta-sha256: 89629871666c142bc45df90d7056cb4e4701cf302f97937c6a6c68752765a255
x-amz-meta-s3b-last-modified: 20210929T073358Z
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: lnmoZzKHmeBmyubityo0t-z07UAjkzlE4YcZUXHcXosbXL3rJDkRsQ==
age: 41587
X-Firefox-Spdy: h2

cdn.softswiss.net/i/s3/platipus/coincharge.webp

104.16.13.151

38 kB

URL
cdn.softswiss.net/i/s3/platipus/coincharge.webp
IP
104.16.13.151:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
38 kB (38514 bytes)
Hash
2ed15dbfe0b2b9cc48fc507040ba8ed3
d1ad6f8caf9eb9193d666ed44440f049c1bdc357
754244987cf894f1a111c18a98fd32ad2da4def4cfbe04d9d5d289713f508671

HTTP Headers

GET /i/s3/platipus/coincharge.webp HTTP/1.1
Host: cdn.softswiss.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:22 GMT
content-type: image/webp
content-length: 38514
last-modified: Wed, 04 Oct 2023 15:50:04 GMT
etag: "651d89ac-9672"
expires: Sun, 03 Dec 2023 17:25:55 GMT
cache-control: max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 24367
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e9a28b87129-OSL
X-Firefox-Spdy: h2

dueh421xfqdi.cloudfront.net/img/payment-iq-ecopayz-ecopayz.svg

54.230.241.92

2.7 kB

URL
dueh421xfqdi.cloudfront.net/img/payment-iq-ecopayz-ecopayz.svg
IP
54.230.241.92:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (652), with CRLF line terminators
Size
2.7 kB (2706 bytes)
Hash
ec6e2f4f2e966e4d8de4f3ad6447da05
8357d1f3e1955c51def18d0b4374854f116f22af
cd9a6b8b6e92379aaa5c07b52c5e47b979d924c3a7a8d66339773b5f6e1aeb63

HTTP Headers

GET /img/payment-iq-ecopayz-ecopayz.svg HTTP/1.1
Host: dueh421xfqdi.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 2706
x-amz-id-2: ktKgYrrnAdIvgDs9RehkRUH+vuDchfLy6jLl+vIxnOozBhP8gHMekrVU+aDYEL4WuXOli7ltCr8=
x-amz-request-id: 1KDW393MG72ZY7F6
date: Sun, 03 Dec 2023 23:23:23 GMT
last-modified: Mon, 07 Aug 2023 13:47:12 GMT
etag: "ec6e2f4f2e966e4d8de4f3ad6447da05"
x-amz-server-side-encryption: AES256
x-amz-meta-s3cmd-attrs: atime:1691416027/ctime:1691416026/gid:20/gname:staff/md5:ec6e2f4f2e966e4d8de4f3ad6447da05/mode:33188/mtime:1691416025/uid:501/uname:nikitaschekin
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 4cBB1T0atvVaEPsSh_FduVMeKaXaKG_AHhfY4Fbgdyn-_nHpcs-hMQ==
X-Firefox-Spdy: h2

dwmu1hf7ovvid.cloudfront.net/site/upload/provider_logo/amigo_gaming.svg

143.204.42.201

8.2 kB

URL
dwmu1hf7ovvid.cloudfront.net/site/upload/provider_logo/amigo_gaming.svg
IP
143.204.42.201:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (8018)
Size
8.2 kB (8243 bytes)
Hash
13589cf7860839d29e4cf66b716dffea
2d23672dea1af3deeca1000f617897e56eaee9c1
913a160a4bba269724522e7000b4b70b5cb7c17ffd230996757a2e23f1a44d3f

HTTP Headers

GET /site/upload/provider_logo/amigo_gaming.svg HTTP/1.1
Host: dwmu1hf7ovvid.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 8243
last-modified: Tue, 23 May 2023 11:45:37 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: iAOmXRReOfUXMCJCokQM9nIqIyIQL5JO
accept-ranges: bytes
server: AmazonS3
date: Sun, 03 Dec 2023 19:20:38 GMT
etag: "13589cf7860839d29e4cf66b716dffea"
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: zFpyN2O4q-UBmIY5LU9gv1fA4zz8WBjELKUehfF6heVK1ycvzzZcIw==
age: 14565
X-Firefox-Spdy: h2

api.livechatinc.com/v3.4/customer/action/get_localization?organization_id=0423be4a-3d48-484e-a65a-2228122b8c26&version=075b79d72a19c7c515c01775c17428ae_fcfbdb5dceb52d5d3615ca8fb7b69c50&language=en&group_id=46&jsonp=__lc_localization

23.36.79.16

3.8 kB

URL
api.livechatinc.com/v3.4/customer/action/get_localization?organization_id=0423be4a-3d48-484e-a65a-2228122b8c26&version=075b79d72a19c7c515c01775c17428ae_fcfbdb5dceb52d5d3615ca8fb7b69c50&language=en&group_id=46&jsonp=__lc_localization
IP
23.36.79.16:0
ASN
#20940 Akamai International B.V.

File type
Unicode text, UTF-8 text, with very long lines (11083), with no line terminators
Size
3.8 kB (3840 bytes)
Hash
22917ce954789b40ac5b957cd48c732e
e5dc2075762644ad00120bf89d5aa395e2b0b6cd
6c5abb7c80b8aac573213c1c901e71f75ffe55f2966e547d8f3e13d3141a854a

HTTP Headers

GET /v3.4/customer/action/get_localization?organization_id=0423be4a-3d48-484e-a65a-2228122b8c26&version=075b79d72a19c7c515c01775c17428ae_fcfbdb5dceb52d5d3615ca8fb7b69c50&language=en&group_id=46&jsonp=__lc_localization HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
legacy: 2024-05-31
vary: Accept-Encoding
cache-control: public, max-age=85
expires: Sun, 03 Dec 2023 23:24:47 GMT
date: Sun, 03 Dec 2023 23:23:22 GMT
content-length: 3840
X-Firefox-Spdy: h2

d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/gamomat.svg

54.230.241.11

7.4 kB

URL
d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/gamomat.svg
IP
54.230.241.11:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (875), with CRLF line terminators
Size
7.4 kB (7390 bytes)
Hash
8ad6a3553a56953b0769a05812cac980
76f7a7f5411d163f129a6d7108859b4885112106
ea2f051075dabe96c614608c349a4a797a9b7bb405cdb625818d836a18613290

HTTP Headers

GET /logos/providers_small/color/gamomat.svg HTTP/1.1
Host: d2i76d1bskcqlp.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 7390
date: Sun, 03 Dec 2023 11:48:59 GMT
last-modified: Wed, 29 Sep 2021 07:36:10 GMT
etag: "8ad6a3553a56953b0769a05812cac980"
x-amz-meta-sha256: ea2f051075dabe96c614608c349a4a797a9b7bb405cdb625818d836a18613290
x-amz-meta-s3b-last-modified: 20210929T073358Z
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: aC8OFofSGJsNZV_D3IBtwcFwtzBzgBjhvjmw2kiS3APUUcWROo7aeA==
age: 41664
X-Firefox-Spdy: h2

cdn.softswiss.net/i/s3/popiplay/SweetPunks.webp

104.16.13.151

26 kB

URL
cdn.softswiss.net/i/s3/popiplay/SweetPunks.webp
IP
104.16.13.151:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
26 kB (26344 bytes)
Hash
4fcb44adb3fde6b4dd9b30d4a58f9a7a
bc3530249c57552d9aaaa9cc3daa0e13f4768355
843d20564615f3eff018ad662b050bd3f760c123399bf54edc28108082fbea31

HTTP Headers

GET /i/s3/popiplay/SweetPunks.webp HTTP/1.1
Host: cdn.softswiss.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:22 GMT
content-type: image/webp
content-length: 26344
last-modified: Tue, 03 Oct 2023 16:05:04 GMT
etag: "651c3bb0-66e8"
expires: Mon, 04 Dec 2023 00:01:28 GMT
cache-control: max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 68800
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e9a28bb7129-OSL
X-Firefox-Spdy: h2

dueh421xfqdi.cloudfront.net/img/payment-iq-cryptocurrency-ripple.svg

54.230.241.92

1.2 kB

URL
dueh421xfqdi.cloudfront.net/img/payment-iq-cryptocurrency-ripple.svg
IP
54.230.241.92:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
1.2 kB (1228 bytes)
Hash
a1e8e28871215cbde7bf27116b157863
9b9d8ac4f0cb064ee240c46a4399d5a4afced532
5a395dcd8cddd8c95b41105eff08d8384359c6e29a0221071b17dd76a6988526

HTTP Headers

GET /img/payment-iq-cryptocurrency-ripple.svg HTTP/1.1
Host: dueh421xfqdi.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 1228
vary: Accept-Encoding
date: Sun, 03 Dec 2023 23:23:23 GMT
last-modified: Thu, 28 Jul 2022 12:07:13 GMT
etag: "a1e8e28871215cbde7bf27116b157863"
x-amz-meta-s3cmd-attrs: atime:1659010003/ctime:1659010009/gid:20/gname:staff/md5:a1e8e28871215cbde7bf27116b157863/mode:33188/mtime:1659009991/uid:501/uname:nikitaschekin
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: DPaT5cjyjUrzoJVTJBQhVFlE4fVrYRyHYfZo4WBGwVudgRitxFeq7g==
X-Firefox-Spdy: h2

cdn.softswiss.net/logos/providers_small/white/fugaso.svg

104.16.13.151

5.5 kB

URL
cdn.softswiss.net/logos/providers_small/white/fugaso.svg
IP
104.16.13.151:0
ASN
#13335 CLOUDFLARENET

File type
gzip compressed data, from Unix\012- data
Size
5.5 kB (5536 bytes)
Hash
9269f19a41e4a3d4587e942cfef5f4ec
8f307ecd4646a9038eeea5caa03f99495cac2ad3
a77383795b2badf17eaf6c6bf81af11a0c1d53081e5de9ff691cfb53bccf14c6

HTTP Headers

GET /logos/providers_small/white/fugaso.svg HTTP/1.1
Host: cdn.softswiss.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:20 GMT
content-type: image/svg+xml
last-modified: Fri, 15 Jul 2022 10:25:02 GMT
etag: W/"62d1407e-987"
expires: Mon, 04 Dec 2023 01:15:12 GMT
cache-control: max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 24146
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e8d68ef7129-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/goldenhero.svg

54.230.241.11

22 kB

URL
d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/goldenhero.svg
IP
54.230.241.11:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (2998), with CRLF line terminators
Size
22 kB (21883 bytes)
Hash
e3f2ae35bc05fc3daae03a33615dca2d
3760e0f0aaf528b126bb107c285f045e232469cc
d19e661956387b2258141d2f1e2fc217173af35ee293082a211ce9b07362249d

HTTP Headers

GET /logos/providers_small/color/goldenhero.svg HTTP/1.1
Host: d2i76d1bskcqlp.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 21883
date: Sun, 03 Dec 2023 11:48:59 GMT
last-modified: Wed, 29 Sep 2021 07:36:10 GMT
etag: "e3f2ae35bc05fc3daae03a33615dca2d"
x-amz-meta-sha256: d19e661956387b2258141d2f1e2fc217173af35ee293082a211ce9b07362249d
x-amz-meta-s3b-last-modified: 20210929T073358Z
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: uElAX16LhkhilnxasZWTiCJK9mN2GtYWkS7N33mnXrNk16j-A3jtTg==
age: 41664
X-Firefox-Spdy: h2

cdn.softswiss.net/i/s3/amigo/WildfireJoker.webp

104.16.13.151

20 kB

URL
cdn.softswiss.net/i/s3/amigo/WildfireJoker.webp
IP
104.16.13.151:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
20 kB (20278 bytes)
Hash
f53d69cb8e1aa1b00c908b29995f6682
fd5f19c50e083646eeab715cfb3eb7d7df6c0366
c092d76766d2683ced5176114dbfefa74d7cfd4f167c979c152146956cf5e278

HTTP Headers

GET /i/s3/amigo/WildfireJoker.webp HTTP/1.1
Host: cdn.softswiss.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:22 GMT
content-type: image/webp
content-length: 20278
last-modified: Fri, 15 Sep 2023 12:40:04 GMT
etag: "650450a4-4f36"
expires: Mon, 04 Dec 2023 17:40:25 GMT
cache-control: max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 20577
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e9a28ba7129-OSL
X-Firefox-Spdy: h2

dueh421xfqdi.cloudfront.net/img/payment-iq-jeton-jeton.svg

54.230.241.92

5.5 kB

URL
dueh421xfqdi.cloudfront.net/img/payment-iq-jeton-jeton.svg
IP
54.230.241.92:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (5347), with CRLF line terminators
Size
5.5 kB (5454 bytes)
Hash
364fab25b65b27e259b39a9d26c93f9f
4c3273a2e7386c9f82241ecf18e091eabe8bb527
848d629baeeb43c44b7171790a27e57ff9c073603db5e5601a8499a1cbed6203

HTTP Headers

GET /img/payment-iq-jeton-jeton.svg HTTP/1.1
Host: dueh421xfqdi.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 5454
x-amz-id-2: aqfEsXF9o2yNxkZssqjwhG7INLlLFPVVllNc+V0Xbt/00kWPigqhmEHaPSfYtNropsHT5tI9KTE=
x-amz-request-id: 1KDKZGK9GVT9Y66B
date: Sun, 03 Dec 2023 23:23:23 GMT
last-modified: Wed, 22 Sep 2021 12:02:05 GMT
etag: "364fab25b65b27e259b39a9d26c93f9f"
x-amz-meta-s3cmd-attrs: md5:364fab25b65b27e259b39a9d26c93f9f
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5iVpUlsQeaczoLA2KwazM3TSOkp1bFuM37tQsY5eTWIfrCjnYgAT2g==
X-Firefox-Spdy: h2

dwmu1hf7ovvid.cloudfront.net/site/upload/provider_logo/Games-Global-svg.svg

143.204.42.201

41 kB

URL
dwmu1hf7ovvid.cloudfront.net/site/upload/provider_logo/Games-Global-svg.svg
IP
143.204.42.201:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (24983)
Size
41 kB (41121 bytes)
Hash
d2b8fca1b02c7e06f2d79d92410c54f9
b2b34d5a491bd8670160dc72a54ab8f83bc73edf
17bdbf0beb4d6eced6ef0fbc7c82a25f086ed794627c5fde561441f97dade3ad

HTTP Headers

GET /site/upload/provider_logo/Games-Global-svg.svg HTTP/1.1
Host: dwmu1hf7ovvid.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 41121
date: Sun, 03 Dec 2023 12:28:12 GMT
last-modified: Tue, 18 Apr 2023 14:33:10 GMT
etag: "d2b8fca1b02c7e06f2d79d92410c54f9"
x-amz-server-side-encryption: AES256
x-amz-version-id: P8_2a77JES42pAsoyrLIghOcTn6QeAdi
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: _HCZtGglf4RyFDYnlC3Q8UvFsRpr66f7QnZtJAM_MCCFyX2lYM5CWg==
age: 39311
X-Firefox-Spdy: h2

d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/irondogstudio.svg

54.230.241.11

14 kB

URL
d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/irondogstudio.svg
IP
54.230.241.11:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4373), with CRLF line terminators
Size
14 kB (14229 bytes)
Hash
865bab5f3994bafea627609b277f1c1b
7acd376d5e68438dfe3d4047bf881069871fdf8c
0e9de5bd8db7184489850be233be00cdf06fe9b7d6fb3a0bbfa02a4ac5ee378e

HTTP Headers

GET /logos/providers_small/color/irondogstudio.svg HTTP/1.1
Host: d2i76d1bskcqlp.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 14229
date: Sun, 03 Dec 2023 11:48:59 GMT
last-modified: Wed, 29 Sep 2021 07:36:11 GMT
etag: "865bab5f3994bafea627609b277f1c1b"
x-amz-meta-sha256: 0e9de5bd8db7184489850be233be00cdf06fe9b7d6fb3a0bbfa02a4ac5ee378e
x-amz-meta-s3b-last-modified: 20210929T073359Z
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5ggfO9-IYtln5yWeOdoH5leTZqrupha68rJIWLNV-eXESnxY5A10wg==
age: 41664
X-Firefox-Spdy: h2

cdn.softswiss.net/i/s3/evolution/FinnandtheCandySpinNoBB.webp

104.16.13.151

37 kB

URL
cdn.softswiss.net/i/s3/evolution/FinnandtheCandySpinNoBB.webp
IP
104.16.13.151:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
37 kB (36924 bytes)
Hash
8c14ee421baf862303bf359f107ad083
c5667535dd700f957896ce7b7a774e0072a84412
8613585437f41e8716a5664e0352822a5c447d3af1cb102345fc1a294078594a

HTTP Headers

GET /i/s3/evolution/FinnandtheCandySpinNoBB.webp HTTP/1.1
Host: cdn.softswiss.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:22 GMT
content-type: image/webp
content-length: 36924
last-modified: Tue, 10 Oct 2023 15:30:03 GMT
etag: "65256dfb-903c"
expires: Mon, 04 Dec 2023 17:40:25 GMT
cache-control: max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 20577
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e9a28b97129-OSL
X-Firefox-Spdy: h2

cdn.softswiss.net/logos/providers_small/white/aurumsignaturestudios.svg

104.16.13.151

7.3 kB

URL
cdn.softswiss.net/logos/providers_small/white/aurumsignaturestudios.svg
IP
104.16.13.151:0
ASN
#13335 CLOUDFLARENET

File type
gzip compressed data, from Unix\012- data
Size
7.3 kB (7254 bytes)
Hash
6fb2100b06fd81b4e15e3cd67fae6bb0
7a06e94b488663adc00ffbabfd1e5289e1122a27
ba94dbad9bc4cd115d41cdf0c53481bfa9ccbbbfac09f96b22274f99cbbd6e7a

HTTP Headers

GET /logos/providers_small/white/aurumsignaturestudios.svg HTTP/1.1
Host: cdn.softswiss.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:21 GMT
content-type: image/svg+xml
last-modified: Mon, 06 Jun 2022 14:00:02 GMT
etag: W/"629e0862-2ff1"
expires: Mon, 04 Dec 2023 07:01:08 GMT
cache-control: max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 58933
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e931c807129-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/gameburgerstudios.svg

54.230.241.11

49 kB

URL
d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/gameburgerstudios.svg
IP
54.230.241.11:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (48803), with no line terminators
Size
49 kB (48803 bytes)
Hash
4c3023720781a16fb40f2ca28a9f1e0f
c1d1f2e61175f09bdabe36b70eb6197520c18af8
0c85ae93036ce5f2690a0f00c39e27daefa4e698414737e8b3ed5d9e015be250

HTTP Headers

GET /logos/providers_small/color/gameburgerstudios.svg HTTP/1.1
Host: d2i76d1bskcqlp.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 48803
date: Sun, 03 Dec 2023 12:40:30 GMT
last-modified: Wed, 29 Sep 2021 07:36:10 GMT
etag: "4c3023720781a16fb40f2ca28a9f1e0f"
x-amz-meta-sha256: 0c85ae93036ce5f2690a0f00c39e27daefa4e698414737e8b3ed5d9e015be250
x-amz-meta-s3b-last-modified: 20210929T073357Z
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: AYvC7PtlFBu3JftiRGr5D_UmOo1ZctkK0jEZ7amUZYuuYAq_KpOYmA==
age: 38573
X-Firefox-Spdy: h2

cdn.softswiss.net/i/s3/zillion/GoldenDragon.webp

104.16.13.151

27 kB

URL
cdn.softswiss.net/i/s3/zillion/GoldenDragon.webp
IP
104.16.13.151:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
27 kB (27242 bytes)
Hash
297beef199c858955a1ff47fd21efebf
e0b35781cb4b3db997e1edfa20d1ec612ed46e3e
feef599b64d0229fe60d48dd114b3ebfc3cac3cf5f8fecfe235c19cceab67bdb

HTTP Headers

GET /i/s3/zillion/GoldenDragon.webp HTTP/1.1
Host: cdn.softswiss.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:22 GMT
content-type: image/webp
content-length: 27242
last-modified: Mon, 01 May 2023 07:25:03 GMT
etag: "644f694f-6a6a"
expires: Mon, 04 Dec 2023 20:11:29 GMT
cache-control: max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 11513
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e9a58cf7129-OSL
X-Firefox-Spdy: h2

cdn.softswiss.net/logos/providers_small/color/popiplay.svg

104.16.13.151

45 kB

URL
cdn.softswiss.net/logos/providers_small/color/popiplay.svg
IP
104.16.13.151:0
ASN
#13335 CLOUDFLARENET

File type
gzip compressed data, from Unix\012- data
Size
45 kB (44582 bytes)
Hash
cd5c1108a8c628aab5ab1f77a803ccbd
7e29b399a354e462523c55394b2e48aa3ef1e3ef
3eb37cfd6675eb5aa7c7a2f4b4a9f49e42a10dfc4a9eb1a46484b5ef404454ad

HTTP Headers

GET /logos/providers_small/color/popiplay.svg HTTP/1.1
Host: cdn.softswiss.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:21 GMT
content-type: image/svg+xml
last-modified: Tue, 15 Nov 2022 13:35:02 GMT
etag: W/"63739586-e131"
expires: Sun, 03 Dec 2023 16:09:30 GMT
cache-control: max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 59616
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e92ec667129-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/lucky.svg

54.230.241.11

2.0 kB

URL
d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/lucky.svg
IP
54.230.241.11:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (479), with CRLF line terminators
Size
2.0 kB (2048 bytes)
Hash
be66872c215ae1ce089478174a053ec4
de1f9a82e14e7eb04d2db2392d1c092b45bb8959
f72ffb5a146cfd83e28a594b5bfb7d1567b40c4b759c81ed5ea639c0e98072c8

HTTP Headers

GET /logos/providers_small/color/lucky.svg HTTP/1.1
Host: d2i76d1bskcqlp.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 2048
date: Sun, 03 Dec 2023 11:48:59 GMT
last-modified: Wed, 29 Sep 2021 07:36:11 GMT
etag: "be66872c215ae1ce089478174a053ec4"
x-amz-meta-sha256: f72ffb5a146cfd83e28a594b5bfb7d1567b40c4b759c81ed5ea639c0e98072c8
x-amz-meta-s3b-last-modified: 20210929T073359Z
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ZeWfzBR1LvQA2D6jWkwbu1TxDsmJQI_Qh16CyiYa4qF54C2guDJpeQ==
age: 41664
X-Firefox-Spdy: h2

cdn.softswiss.net/i/s3/amigo/BurningPhoenix.webp

104.16.13.151

28 kB

URL
cdn.softswiss.net/i/s3/amigo/BurningPhoenix.webp
IP
104.16.13.151:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
28 kB (28036 bytes)
Hash
06d3866b768bfdadbe03bfc714f9d127
5b47e236588f78be7ca247de14269d45aa5729be
be5a4002c8bfd91880b25cacf31ca5f82dcd6ccd8b2b1e11c1e30ad031a426e5

HTTP Headers

GET /i/s3/amigo/BurningPhoenix.webp HTTP/1.1
Host: cdn.softswiss.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:22 GMT
content-type: image/webp
content-length: 28036
last-modified: Mon, 28 Aug 2023 14:50:04 GMT
etag: "64ecb41c-6d84"
expires: Mon, 04 Dec 2023 14:18:24 GMT
cache-control: max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 20577
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e9a58d07129-OSL
X-Firefox-Spdy: h2

d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/leapgaming.svg

54.230.241.11

1.1 kB

URL
d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/leapgaming.svg
IP
54.230.241.11:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
1.1 kB (1136 bytes)
Hash
56e19cc10392bd9a4a4e41a67f4d165c
470a4bda4773a011cfb7000ecea0081236d01d13
fb518ef6fb3419dcc4dddcd393c206ea856e3d6e2697d9bdb53f184c91eb5b92

HTTP Headers

GET /logos/providers_small/color/leapgaming.svg HTTP/1.1
Host: d2i76d1bskcqlp.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 1136
date: Sun, 03 Dec 2023 11:50:16 GMT
last-modified: Wed, 29 Sep 2021 07:36:11 GMT
etag: "56e19cc10392bd9a4a4e41a67f4d165c"
x-amz-meta-sha256: fb518ef6fb3419dcc4dddcd393c206ea856e3d6e2697d9bdb53f184c91eb5b92
x-amz-meta-s3b-last-modified: 20210929T073359Z
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: n31t3CYtB_McMc0yH52_SpittakgSQKdh3JVqBTsLawiG9FgD4N5fA==
age: 41587
X-Firefox-Spdy: h2

cdn.softswiss.net/i/s3/playngo/reactoonztwo.webp

104.16.13.151

35 kB

URL
cdn.softswiss.net/i/s3/playngo/reactoonztwo.webp
IP
104.16.13.151:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
35 kB (35396 bytes)
Hash
b4bf1c6e2bb1218a4b31ddfe3e15cedc
8aae271b515bc3cecbf2b6c1b361861c6ab9833a
05913b4a2c31112f0de9d7b8e74ba1ca154e4ea3e88abcce1b71d9c4dd3818de

HTTP Headers

GET /i/s3/playngo/reactoonztwo.webp HTTP/1.1
Host: cdn.softswiss.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:22 GMT
content-type: image/webp
content-length: 35396
last-modified: Wed, 23 Sep 2020 09:30:04 GMT
etag: "5f6b159c-8a44"
expires: Mon, 04 Dec 2023 07:44:06 GMT
cache-control: max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 20577
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e9a68d87129-OSL
X-Firefox-Spdy: h2

cdn.softswiss.net/logos/providers_small/white/relax.svg

104.16.13.151

3.1 kB

URL
cdn.softswiss.net/logos/providers_small/white/relax.svg
IP
104.16.13.151:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (10067), with no line terminators
Size
3.1 kB (3149 bytes)
Hash
a0a4d7409afa35ee4cf8f8bd3b0135ac
3a6d88c62fedcb1089cb3ebbab921c0892eeceb3
3a0d16191b8dcde8e44a59508275f8f4956e335e7e52e911a23dac666e7fc36b

HTTP Headers

GET /logos/providers_small/white/relax.svg HTTP/1.1
Host: cdn.softswiss.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:21 GMT
content-type: image/svg+xml
last-modified: Tue, 11 Jan 2022 10:05:02 GMT
etag: W/"61dd564e-484"
expires: Mon, 04 Dec 2023 10:57:27 GMT
cache-control: max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 25621
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e944d407129-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/jftw.svg

54.230.241.11

4.7 kB

URL
d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/jftw.svg
IP
54.230.241.11:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (821), with CRLF line terminators
Size
4.7 kB (4709 bytes)
Hash
f3d2023ff6db08978c3b7df857eb48b9
b395ad5a54c0a72fe96c4fd1636ce7696c7b2cc0
75fd6b574ecea55f0554cb393fdac7a46aa6ebe11dd52f00a243cae57a4c47a8

HTTP Headers

GET /logos/providers_small/color/jftw.svg HTTP/1.1
Host: d2i76d1bskcqlp.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 4709
date: Sun, 03 Dec 2023 12:40:31 GMT
last-modified: Wed, 29 Sep 2021 07:36:11 GMT
etag: "f3d2023ff6db08978c3b7df857eb48b9"
x-amz-meta-sha256: 75fd6b574ecea55f0554cb393fdac7a46aa6ebe11dd52f00a243cae57a4c47a8
x-amz-meta-s3b-last-modified: 20210929T073359Z
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 3fO1b3aqOIB0ktVDwEbhuZbZkX6OwRhwvvw1uNgykb9nMRC6bFOb0Q==
age: 38572
X-Firefox-Spdy: h2

cdn.softswiss.net/i/s3/platipus/ultradisco.webp

104.16.13.151

38 kB

URL
cdn.softswiss.net/i/s3/platipus/ultradisco.webp
IP
104.16.13.151:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
38 kB (38516 bytes)
Hash
82cd5c506117e6185c736448a32c6a9a
92ba814c99ef23910634dd54e3ff7f5528f8bcb5
7cb8cedad5f17447e0ee177bac860867702d9c615e9c6d07d67e79067b40c124

HTTP Headers

GET /i/s3/platipus/ultradisco.webp HTTP/1.1
Host: cdn.softswiss.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:22 GMT
content-type: image/webp
content-length: 38516
last-modified: Wed, 01 Nov 2023 09:00:04 GMT
etag: "65421394-9674"
expires: Mon, 04 Dec 2023 00:00:51 GMT
cache-control: max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 11513
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e9a68da7129-OSL
X-Firefox-Spdy: h2

d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/leander.svg

54.230.241.11

1.8 kB

URL
d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/leander.svg
IP
54.230.241.11:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
1.8 kB (1766 bytes)
Hash
7627b428a00ac8ee1f61ce88381c79f1
b2a9fe2ac7252645babcf42df809bb608975d080
92dbeec39bc83395bcd3547d5f269677a591aae1c1db40fb015ad4a18098d6a4

HTTP Headers

GET /logos/providers_small/color/leander.svg HTTP/1.1
Host: d2i76d1bskcqlp.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 1766
date: Sun, 03 Dec 2023 11:48:59 GMT
last-modified: Wed, 29 Sep 2021 07:36:11 GMT
etag: "7627b428a00ac8ee1f61ce88381c79f1"
x-amz-meta-sha256: 92dbeec39bc83395bcd3547d5f269677a591aae1c1db40fb015ad4a18098d6a4
x-amz-meta-s3b-last-modified: 20210929T073359Z
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rJY1o4YnUdWs_Eu3uKyob-R_N6MFrLHrqKZIT_Z2DTmMcLDR5u6ScA==
age: 41664
X-Firefox-Spdy: h2

cdn.softswiss.net/i/s3/popiplay/KeysToTheSea.webp

104.16.13.151

23 kB

URL
cdn.softswiss.net/i/s3/popiplay/KeysToTheSea.webp
IP
104.16.13.151:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
23 kB (22644 bytes)
Hash
137ff7d0739ee90b391e5f9b27a7ebc3
9cd191172240f4204179f0b770e759e90e81dfce
0933a185361485207ea9b722b41cc6a4fcc3be227b8d74a103bda7c7b12c0332

HTTP Headers

GET /i/s3/popiplay/KeysToTheSea.webp HTTP/1.1
Host: cdn.softswiss.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:22 GMT
content-type: image/webp
content-length: 22644
last-modified: Thu, 29 Jun 2023 08:45:03 GMT
etag: "649d448f-5874"
expires: Mon, 04 Dec 2023 20:11:29 GMT
cache-control: max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 11513
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e9a68db7129-OSL
X-Firefox-Spdy: h2

d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/kagaming.svg

54.230.241.11

13 kB

URL
d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/kagaming.svg
IP
54.230.241.11:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1586), with CRLF line terminators
Size
13 kB (13384 bytes)
Hash
72c57b85087a631ba88b568c31513e47
0b8abf372c1a0899c84278d693752e180f918309
5c8fff38ce0f344ffe0cb6fccfcaae83bec06c678902cc4520775f8c1782c454

HTTP Headers

GET /logos/providers_small/color/kagaming.svg HTTP/1.1
Host: d2i76d1bskcqlp.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 13384
date: Sun, 03 Dec 2023 11:48:59 GMT
last-modified: Wed, 29 Sep 2021 07:36:11 GMT
etag: "72c57b85087a631ba88b568c31513e47"
x-amz-meta-sha256: 5c8fff38ce0f344ffe0cb6fccfcaae83bec06c678902cc4520775f8c1782c454
x-amz-meta-s3b-last-modified: 20210929T073359Z
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9ivOPgJ81RyhbyE40e6a_IQOJMxuqkn8nZnXaRCmS-ED3EYonzyhdQ==
age: 41664
X-Firefox-Spdy: h2

cdn.softswiss.net/i/s3/playngo/LegacyofDead.webp

104.16.13.151

35 kB

URL
cdn.softswiss.net/i/s3/playngo/LegacyofDead.webp
IP
104.16.13.151:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
35 kB (34734 bytes)
Hash
c313d8cf2f4eab29ab49746e9f623865
3d892957b4e8c9ccd2991bd5a50686a3876e10e5
1d7581b9b967bd5ed8786f77b178097c5c555e899eeb7e1dcfbd5d9dc5d28ef3

HTTP Headers

GET /i/s3/playngo/LegacyofDead.webp HTTP/1.1
Host: cdn.softswiss.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:22 GMT
content-type: image/webp
content-length: 34734
last-modified: Tue, 24 Dec 2019 09:20:03 GMT
etag: "5e01d843-87ae"
expires: Mon, 04 Dec 2023 03:17:29 GMT
cache-control: max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 59779
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e9a88e97129-OSL
X-Firefox-Spdy: h2

d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/merkur.svg

54.230.241.11

12 kB

URL
d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/merkur.svg
IP
54.230.241.11:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5108), with CRLF line terminators
Size
12 kB (12276 bytes)
Hash
072d433977a41beeb45c467d0a05b9f3
2852849516d9da5748c3c6525f7407e0fe3fad1a
bf7464b6af19e39588ba080df43d2a8003cbfa5446ff3f2b8214784cb19af2b9

HTTP Headers

GET /logos/providers_small/color/merkur.svg HTTP/1.1
Host: d2i76d1bskcqlp.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 12276
date: Sun, 03 Dec 2023 14:13:20 GMT
last-modified: Wed, 29 Sep 2021 07:36:12 GMT
etag: "072d433977a41beeb45c467d0a05b9f3"
x-amz-meta-sha256: bf7464b6af19e39588ba080df43d2a8003cbfa5446ff3f2b8214784cb19af2b9
x-amz-meta-s3b-last-modified: 20210929T073359Z
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: I5RrG7onHSa3J4-iTPWNaDCMsXksNVJNAeA6eot_1fI0oGjvGxERJw==
age: 33003
X-Firefox-Spdy: h2

cdn.softswiss.net/i/s3/truelab/DrRocktheRiffReactor.webp

104.16.13.151

30 kB

URL
cdn.softswiss.net/i/s3/truelab/DrRocktheRiffReactor.webp
IP
104.16.13.151:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
30 kB (29900 bytes)
Hash
7a8681721108c1f1157a33ae26bdc92e
861d0177662a21ca0a1ef31c8a23fb21050a0af6
91c3c4c50ff6f0d4f8a1117630bd4b2bba614626f0a35bf8d1c5b9ffb53abfea

HTTP Headers

GET /i/s3/truelab/DrRocktheRiffReactor.webp HTTP/1.1
Host: cdn.softswiss.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:22 GMT
content-type: image/webp
content-length: 29900
last-modified: Thu, 03 Aug 2023 07:40:04 GMT
etag: "64cb59d4-74cc"
expires: Mon, 04 Dec 2023 14:18:25 GMT
cache-control: max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 20576
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e9a88e87129-OSL
X-Firefox-Spdy: h2

d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/mancala.svg

54.230.241.11

2.7 kB

URL
d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/mancala.svg
IP
54.230.241.11:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1242), with CRLF line terminators
Size
2.7 kB (2699 bytes)
Hash
ae2d63c487d542a20c75812515f5c70f
156cb6cfa0844aae8d12352605c8a3130314679b
8932a6f0725fd6aa3e6720ca12782bf7bf7b415fb0818d29614f0a496104bc26

HTTP Headers

GET /logos/providers_small/color/mancala.svg HTTP/1.1
Host: d2i76d1bskcqlp.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 2699
date: Sun, 03 Dec 2023 11:48:59 GMT
last-modified: Wed, 29 Sep 2021 07:36:11 GMT
etag: "ae2d63c487d542a20c75812515f5c70f"
x-amz-meta-sha256: 8932a6f0725fd6aa3e6720ca12782bf7bf7b415fb0818d29614f0a496104bc26
x-amz-meta-s3b-last-modified: 20210929T073359Z
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: FnIBUUxzqLdUOyyH-SK7DOdGjB0GJfj3T1RuDs3aYBNfuD0Nox7vsw==
age: 41664
X-Firefox-Spdy: h2

cdn.softswiss.net/i/s3/gamzix/CoinWinHoldTheSpin.webp

104.16.13.151

32 kB

URL
cdn.softswiss.net/i/s3/gamzix/CoinWinHoldTheSpin.webp
IP
104.16.13.151:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
32 kB (32074 bytes)
Hash
a0a81cd6258aa5c5230f477269da07f8
7b30cbb7675664c7e5b3f03245e8e8bd671bde73
d4573defafa228076277b3cb7b96de63699b8b8fcd07f5fbead58a0b63b87ff2

HTTP Headers

GET /i/s3/gamzix/CoinWinHoldTheSpin.webp HTTP/1.1
Host: cdn.softswiss.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:22 GMT
content-type: image/webp
content-length: 32074
last-modified: Tue, 08 Aug 2023 11:00:04 GMT
etag: "64d22034-7d4a"
expires: Mon, 04 Dec 2023 01:49:35 GMT
cache-control: max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 20576
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e9ad9097129-OSL
X-Firefox-Spdy: h2

d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/mrslotty.svg

54.230.241.11

3.7 kB

URL
d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/mrslotty.svg
IP
54.230.241.11:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (433), with CRLF line terminators
Size
3.7 kB (3685 bytes)
Hash
ab88d93d26350035986b56a2d06f87d8
50e72d901ceefd041e3a459a74cb216c71bf6436
08f4ea8ad9b93f737af1cd0e1a10db088a09490438e853f0609442780f2fbc11

HTTP Headers

GET /logos/providers_small/color/mrslotty.svg HTTP/1.1
Host: d2i76d1bskcqlp.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 3685
date: Sun, 03 Dec 2023 11:48:59 GMT
last-modified: Wed, 29 Sep 2021 07:36:12 GMT
etag: "ab88d93d26350035986b56a2d06f87d8"
x-amz-meta-sha256: 08f4ea8ad9b93f737af1cd0e1a10db088a09490438e853f0609442780f2fbc11
x-amz-meta-s3b-last-modified: 20210929T073400Z
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: lJmKZXaGQFOqAonwTEXjMYOHrCmCdqLkNGbNnaJW18eCp7JULsg-MA==
age: 41664
X-Firefox-Spdy: h2

cdn.softswiss.net/i/s3/bsg/RiseofTriton.webp

104.16.13.151

41 kB

URL
cdn.softswiss.net/i/s3/bsg/RiseofTriton.webp
IP
104.16.13.151:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
41 kB (41190 bytes)
Hash
3f0730a63e085be9eb92f0b52cbb3457
f9706b237907f855a6f58ec905271c95ad0111d2
afa4f5f193969bfbd87e8addadb14b73b0f25db07a58e87d87a8b07f33bd52b9

HTTP Headers

GET /i/s3/bsg/RiseofTriton.webp HTTP/1.1
Host: cdn.softswiss.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:22 GMT
content-type: image/webp
content-length: 41190
last-modified: Tue, 26 Sep 2023 16:15:04 GMT
etag: "65130388-a0e6"
expires: Mon, 04 Dec 2023 08:20:29 GMT
cache-control: max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e9b092c7129-OSL
X-Firefox-Spdy: h2

d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/neonvalley.svg

54.230.241.11

21 kB

URL
d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/neonvalley.svg
IP
54.230.241.11:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4408), with CRLF line terminators
Size
21 kB (20631 bytes)
Hash
d2b5801d86b3317e065e261f8f0cf1e1
537619743b924df04800ad6acdbe5e8264b81f46
0d0e49f3411dbd4c369f57c3f88a0baa5a0e5136796e4b55aaa545be64656d66

HTTP Headers

GET /logos/providers_small/color/neonvalley.svg HTTP/1.1
Host: d2i76d1bskcqlp.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 20631
date: Sun, 03 Dec 2023 12:40:31 GMT
last-modified: Wed, 29 Sep 2021 07:36:12 GMT
etag: "d2b5801d86b3317e065e261f8f0cf1e1"
x-amz-meta-sha256: 0d0e49f3411dbd4c369f57c3f88a0baa5a0e5136796e4b55aaa545be64656d66
x-amz-meta-s3b-last-modified: 20210929T073400Z
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: vixwafod_xolcj3kssYfIQsnuw6kegttYnKdfQozDWvOWpC1rvLN9g==
age: 38572
X-Firefox-Spdy: h2

cdn.softswiss.net/i/s3/onlyplay/HotandSpicyJackpot.webp

104.16.13.151

40 kB

URL
cdn.softswiss.net/i/s3/onlyplay/HotandSpicyJackpot.webp
IP
104.16.13.151:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
40 kB (39972 bytes)
Hash
6921bc81010098bd49bdfb13312d10f8
ff7d75e7f8e29280018387eb75bc4e52038ad78a
1c63cbfc8c2e98dc57fe065f7257b03b3807a932d0d00848d8b0b4ead83b16c8

HTTP Headers

GET /i/s3/onlyplay/HotandSpicyJackpot.webp HTTP/1.1
Host: cdn.softswiss.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:22 GMT
content-type: image/webp
content-length: 39972
last-modified: Wed, 27 Oct 2021 15:05:02 GMT
etag: "61796a9e-9c24"
expires: Mon, 04 Dec 2023 20:11:30 GMT
cache-control: max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 11512
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e9b29387129-OSL
X-Firefox-Spdy: h2

d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/netent.svg

54.230.241.11

1.3 kB

URL
d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/netent.svg
IP
54.230.241.11:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (404), with CRLF line terminators
Size
1.3 kB (1293 bytes)
Hash
d600b0c2dc6d9b77807f5c6d7c6a0c67
4c1809cf7f3132653a7c38a6ee1c39624ff9a2c4
f665b9af8b3649c6e2c0687891aff8f8f225516a47183f12f0b3b3ed6a09b514

HTTP Headers

GET /logos/providers_small/color/netent.svg HTTP/1.1
Host: d2i76d1bskcqlp.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 1293
date: Sun, 03 Dec 2023 11:48:59 GMT
last-modified: Wed, 29 Sep 2021 07:36:12 GMT
etag: "d600b0c2dc6d9b77807f5c6d7c6a0c67"
x-amz-meta-sha256: f665b9af8b3649c6e2c0687891aff8f8f225516a47183f12f0b3b3ed6a09b514
x-amz-meta-s3b-last-modified: 20210929T073400Z
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: WpliUbsssGSqENbmZIvPVBTjXr4BcQYXWyNSyI2gUgPNtK_0mN57Sw==
age: 41664
X-Firefox-Spdy: h2

cdn.softswiss.net/i/s3/gamzix/OlympusofLuckHoldtheSpin.webp

104.16.13.151

30 kB

URL
cdn.softswiss.net/i/s3/gamzix/OlympusofLuckHoldtheSpin.webp
IP
104.16.13.151:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
30 kB (29570 bytes)
Hash
a41496ad3e2d21343accbd2e2d32577b
c92010503052a117aa2abecef54b741ae78f72d0
c521aea4f8f6a6eac764c5da64b2cdb699cc799d759a2951e20f1228f0a6df11

HTTP Headers

GET /i/s3/gamzix/OlympusofLuckHoldtheSpin.webp HTTP/1.1
Host: cdn.softswiss.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:22 GMT
content-type: image/webp
content-length: 29570
last-modified: Mon, 23 Oct 2023 15:55:04 GMT
etag: "65369758-7382"
expires: Mon, 04 Dec 2023 01:49:35 GMT
cache-control: max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 58322
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e9b59607129-OSL
X-Firefox-Spdy: h2

d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/northernlights.svg

54.230.241.11

9.9 kB

URL
d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/northernlights.svg
IP
54.230.241.11:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1190), with CRLF line terminators
Size
9.9 kB (9869 bytes)
Hash
e22a4fde02fc8e107f43db25863663b0
3968b7180f75a6270983b98330434202ea70858f
6642a7ca43823e89c9e4da14e7f7054014ff0e0352092b26bde837768b640663

HTTP Headers

GET /logos/providers_small/color/northernlights.svg HTTP/1.1
Host: d2i76d1bskcqlp.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 9869
date: Sun, 03 Dec 2023 12:40:31 GMT
last-modified: Wed, 29 Sep 2021 07:36:12 GMT
etag: "e22a4fde02fc8e107f43db25863663b0"
x-amz-meta-sha256: 6642a7ca43823e89c9e4da14e7f7054014ff0e0352092b26bde837768b640663
x-amz-meta-s3b-last-modified: 20210929T073400Z
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 6wGzrIu3mG-O3ZEV_xf4SxmqMAExiqb1DoOQf2wjhGHtT1GrV0zcGA==
age: 38572
X-Firefox-Spdy: h2

cdn.softswiss.net/i/s3/onlyplay/JokerCoins.webp

104.16.13.151

32 kB

URL
cdn.softswiss.net/i/s3/onlyplay/JokerCoins.webp
IP
104.16.13.151:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
32 kB (32460 bytes)
Hash
60542114c2c66790f41a098e77411629
7af9e874846f51e35587a2ad3d28052554d72903
a3c83265c3b5eb5dbcacd8762b6b81e00c61e5092691cbcb3ded630c7e2f74c2

HTTP Headers

GET /i/s3/onlyplay/JokerCoins.webp HTTP/1.1
Host: cdn.softswiss.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:22 GMT
content-type: image/webp
content-length: 32460
last-modified: Wed, 15 Dec 2021 17:05:02 GMT
etag: "61ba203e-7ecc"
expires: Mon, 04 Dec 2023 14:18:25 GMT
cache-control: max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 20576
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e9b59617129-OSL
X-Firefox-Spdy: h2

d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/nucleus.svg

54.230.241.11

88 kB

URL
d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/nucleus.svg
IP
54.230.241.11:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Size
88 kB (87980 bytes)
Hash
9e41930d406e6fb09fb1f339c835c3a0
b796b7d7f764ad3b1ace3359eeee517e3eeaec32
bd9819096ab28747096385674b23b96ef8c0c45e5113c77079309049130c1c23

HTTP Headers

GET /logos/providers_small/color/nucleus.svg HTTP/1.1
Host: d2i76d1bskcqlp.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 87980
date: Sun, 03 Dec 2023 11:48:59 GMT
last-modified: Wed, 29 Sep 2021 07:36:12 GMT
etag: "9e41930d406e6fb09fb1f339c835c3a0"
x-amz-meta-sha256: bd9819096ab28747096385674b23b96ef8c0c45e5113c77079309049130c1c23
x-amz-meta-s3b-last-modified: 20210929T073400Z
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 62fUoYIXxeSlV41OlbDSA6tuepGlX3cAazi8KvgT3WsNdK6-d8shQA==
age: 41664
X-Firefox-Spdy: h2

cdn.softswiss.net/i/s3/truelab/BookofTruth.webp

104.16.13.151

24 kB

URL
cdn.softswiss.net/i/s3/truelab/BookofTruth.webp
IP
104.16.13.151:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 380x380, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
24 kB (23732 bytes)
Hash
8d2192279d9116bb146ec493e0f75c68
c1662cf022953b30b3387b9ad2fabd55ecd1b01a
7c1067c753f1f71d7a567dcac4e9a398af3c9cfe9bb05cd2979699fa757a5c53

HTTP Headers

GET /i/s3/truelab/BookofTruth.webp HTTP/1.1
Host: cdn.softswiss.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:22 GMT
content-type: image/webp
content-length: 23732
last-modified: Thu, 08 Jul 2021 12:25:03 GMT
etag: "60e6ee9f-5cb4"
expires: Mon, 04 Dec 2023 20:11:30 GMT
cache-control: max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 11512
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e9ba99c7129-OSL
X-Firefox-Spdy: h2

d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/pulse8.svg

54.230.241.11

44 kB

URL
d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/pulse8.svg
IP
54.230.241.11:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (9176), with CRLF line terminators
Size
44 kB (44186 bytes)
Hash
d09a4167f175ea46dccf2cceb78f1d38
ea2c8e8ece76afc8e93874508f602c7d3968ce28
cea518b47a06463d43b4ff708670ec78efb937b64c19cf34da308f187eaa6a94

HTTP Headers

GET /logos/providers_small/color/pulse8.svg HTTP/1.1
Host: d2i76d1bskcqlp.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 44186
date: Sun, 03 Dec 2023 12:40:31 GMT
last-modified: Wed, 29 Sep 2021 07:36:13 GMT
etag: "d09a4167f175ea46dccf2cceb78f1d38"
x-amz-meta-sha256: cea518b47a06463d43b4ff708670ec78efb937b64c19cf34da308f187eaa6a94
x-amz-meta-s3b-last-modified: 20210929T073401Z
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: FpPXLtgwXDKXMf_GF4gawMoBz6c8lcOS8YFkCV8dais60C67hfqKHg==
age: 38572
X-Firefox-Spdy: h2

d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/quickspin.svg

54.230.241.11

2.1 kB

URL
d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/quickspin.svg
IP
54.230.241.11:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
2.1 kB (2084 bytes)
Hash
ebb63b3ffe9b2016c0842d384fc725a6
a606852e52d85424fa9c05cb99abfceb28d3d13e
10074367345d55b67f4c1839e16b573cd8db94d67b862c26e72ef6c1e79c4047

HTTP Headers

GET /logos/providers_small/color/quickspin.svg HTTP/1.1
Host: d2i76d1bskcqlp.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 2084
date: Sun, 03 Dec 2023 12:40:31 GMT
last-modified: Wed, 29 Sep 2021 07:36:13 GMT
etag: "ebb63b3ffe9b2016c0842d384fc725a6"
x-amz-meta-sha256: 10074367345d55b67f4c1839e16b573cd8db94d67b862c26e72ef6c1e79c4047
x-amz-meta-s3b-last-modified: 20210929T073402Z
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: beTeaeV-HNAf16qXSXlnBU9fbYIHDn0VpA6pQHOUQO0ReqvDwENZnw==
age: 38572
X-Firefox-Spdy: h2

d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/rabcat.svg

54.230.241.11

2.1 kB

URL
d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/rabcat.svg
IP
54.230.241.11:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (905), with CRLF line terminators
Size
2.1 kB (2107 bytes)
Hash
b4d160c3f7754cc6871dd7a47d303ca4
913753c969e178538faf1e1c3e6d33b7784aa5ed
9c3242b85fa9d2e4083eef5ebe79ee159b54d42795eeb83956cbbbb303286ea3

HTTP Headers

GET /logos/providers_small/color/rabcat.svg HTTP/1.1
Host: d2i76d1bskcqlp.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 2107
date: Sun, 03 Dec 2023 12:40:31 GMT
last-modified: Wed, 29 Sep 2021 07:36:13 GMT
etag: "b4d160c3f7754cc6871dd7a47d303ca4"
x-amz-meta-sha256: 9c3242b85fa9d2e4083eef5ebe79ee159b54d42795eeb83956cbbbb303286ea3
x-amz-meta-s3b-last-modified: 20210929T073402Z
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: jHwT775wFGPN9OahYaA8gh7s5idUD2Y06pgIu-ooyVOKWfDa_kNRbA==
age: 38572
X-Firefox-Spdy: h2

d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/realistic.svg

54.230.241.11

10 kB

URL
d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/realistic.svg
IP
54.230.241.11:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4556), with CRLF line terminators
Size
10 kB (10397 bytes)
Hash
b03fc4c34a03ea0e3a97d7c891aa42fa
96496c7563353a793bd2612f3e7b75be2b9fe805
2c81182cee7fe655da9c72c92f3e9db6133ac9098f8180bb286a9b10030a11a6

HTTP Headers

GET /logos/providers_small/color/realistic.svg HTTP/1.1
Host: d2i76d1bskcqlp.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 10397
date: Sun, 03 Dec 2023 12:40:32 GMT
last-modified: Wed, 29 Sep 2021 07:36:13 GMT
etag: "b03fc4c34a03ea0e3a97d7c891aa42fa"
x-amz-meta-sha256: 2c81182cee7fe655da9c72c92f3e9db6133ac9098f8180bb286a9b10030a11a6
x-amz-meta-s3b-last-modified: 20210929T073402Z
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: MdsVibrVssRI5PsGPdR15GuiFI_Uuy9GFOe-FLDIeG6G-e2Jvx4m-g==
age: 38571
X-Firefox-Spdy: h2

d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/redrake.svg

54.230.241.11

4.9 kB

URL
d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/redrake.svg
IP
54.230.241.11:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2148), with CRLF line terminators
Size
4.9 kB (4934 bytes)
Hash
c97bdd738c683e6779d3f01836d92fe5
69d489e3e37062afae600116667a1e40fe91a00f
84a30c271f98fda38c3dc4400ecf49a496907bd9deedae16286d1b7861580294

HTTP Headers

GET /logos/providers_small/color/redrake.svg HTTP/1.1
Host: d2i76d1bskcqlp.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 4934
date: Sun, 03 Dec 2023 12:40:32 GMT
last-modified: Wed, 29 Sep 2021 07:36:13 GMT
etag: "c97bdd738c683e6779d3f01836d92fe5"
x-amz-meta-sha256: 84a30c271f98fda38c3dc4400ecf49a496907bd9deedae16286d1b7861580294
x-amz-meta-s3b-last-modified: 20210929T073402Z
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7PWtDauU0f5gBFqfgHMdDHYYYFgbHcbodeDhGBBN4kKskjGfPZiM5Q==
age: 38571
X-Firefox-Spdy: h2

d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/reelplay.svg

54.230.241.11

31 kB

URL
d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/reelplay.svg
IP
54.230.241.11:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (29250), with CRLF line terminators
Size
31 kB (30947 bytes)
Hash
921b9656358c862c831459201b9d5933
cf7242c104493113e9ffb07ac879d33e935d77a9
fc05f1aa695ae27f536c3726f799652d1dfa2bb1304bb48da98dcdeb4bcf94fa

HTTP Headers

GET /logos/providers_small/color/reelplay.svg HTTP/1.1
Host: d2i76d1bskcqlp.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 30947
date: Sun, 03 Dec 2023 11:48:59 GMT
last-modified: Wed, 29 Sep 2021 07:36:13 GMT
etag: "921b9656358c862c831459201b9d5933"
x-amz-meta-sha256: fc05f1aa695ae27f536c3726f799652d1dfa2bb1304bb48da98dcdeb4bcf94fa
x-amz-meta-s3b-last-modified: 20210929T073402Z
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 1_Kdk7Ej6IfWsOC8sv0HijwGqxD42mMhiQsndixJouvcNkzizxDgug==
age: 41664
X-Firefox-Spdy: h2

d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/redtiger.svg

54.230.241.11

16 kB

URL
d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/redtiger.svg
IP
54.230.241.11:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (15734), with CRLF line terminators
Size
16 kB (16175 bytes)
Hash
b0933bd30504ebe3eb222a2003a392a0
7d43dfca640287b4727aae3205177d157a2976cf
addb3097e728926ddcbe2a49f86476060ac935e544e361d201d69d203afaa43d

HTTP Headers

GET /logos/providers_small/color/redtiger.svg HTTP/1.1
Host: d2i76d1bskcqlp.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 16175
date: Sun, 03 Dec 2023 11:48:59 GMT
last-modified: Wed, 29 Sep 2021 07:36:13 GMT
etag: "b0933bd30504ebe3eb222a2003a392a0"
x-amz-meta-sha256: addb3097e728926ddcbe2a49f86476060ac935e544e361d201d69d203afaa43d
x-amz-meta-s3b-last-modified: 20210929T073402Z
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: R0_8eimnI4u8H55Nv5yknW8Wbcko7JYVsR394lO5xUnTqHGzMuPJFg==
age: 41664
X-Firefox-Spdy: h2

d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/slingshot.svg

54.230.241.11

9.2 kB

URL
d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/slingshot.svg
IP
54.230.241.11:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
9.2 kB (9239 bytes)
Hash
25fd0a6d47a5e7884ea1cb51f3656ed5
ae3bca8dc8eef3bbb8f5ff40f43ccd8f5666f5e3
01e1f6518c4d0ea6c8869b47e9ec2da3bc83990b4653685463609586ef591646

HTTP Headers

GET /logos/providers_small/color/slingshot.svg HTTP/1.1
Host: d2i76d1bskcqlp.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 9239
date: Sun, 03 Dec 2023 12:40:32 GMT
last-modified: Wed, 29 Sep 2021 07:36:14 GMT
etag: "25fd0a6d47a5e7884ea1cb51f3656ed5"
x-amz-meta-sha256: 01e1f6518c4d0ea6c8869b47e9ec2da3bc83990b4653685463609586ef591646
x-amz-meta-s3b-last-modified: 20210929T073403Z
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: mj1GG7oHEL6E_gEwy9dhY8-NchwJHeQlTUxDTcEhi-tzjYGP1blMeA==
age: 38571
X-Firefox-Spdy: h2

d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/smartsoft.svg

54.230.241.11

13 kB

URL
d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/smartsoft.svg
IP
54.230.241.11:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, ASCII text, with very long lines (1378)
Size
13 kB (13024 bytes)
Hash
43bedb6c053f5d33707750264b3ec902
4b8fd71f299ef886252351789639acc166d6cfa5
0bfa94d7b280f32c94376840b43bcfb624aa851db541b08148a6bb8c002dc005

HTTP Headers

GET /logos/providers_small/color/smartsoft.svg HTTP/1.1
Host: d2i76d1bskcqlp.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 13024
date: Sun, 03 Dec 2023 11:48:59 GMT
last-modified: Wed, 23 Feb 2022 20:10:48 GMT
etag: "43bedb6c053f5d33707750264b3ec902"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: cdtWPdC2obGpSjAhPnQ0HnEcVx1JB8GQ6CGctQjnbSmgc6PaiN5u2g==
age: 41664
X-Firefox-Spdy: h2

d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/slotmill.svg

54.230.241.11

15 kB

URL
d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/slotmill.svg
IP
54.230.241.11:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (10521)
Size
15 kB (14903 bytes)
Hash
063782d3840525ba1dc73d86973a38b5
60a608319b96434aa155a000deafc47f9b59833b
9b0da6b800afbeaf0b8622ab4d33acf4a37c182ae789ce21bcd5a6b808a28ba8

HTTP Headers

GET /logos/providers_small/color/slotmill.svg HTTP/1.1
Host: d2i76d1bskcqlp.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 14903
date: Sun, 03 Dec 2023 11:48:59 GMT
last-modified: Wed, 23 Feb 2022 20:10:48 GMT
etag: "063782d3840525ba1dc73d86973a38b5"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: BXh8qU8UemFN39_uB-otSiNV2xr65Bg_QVxlztalDOV_6brrSLZhtw==
age: 41664
X-Firefox-Spdy: h2

d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/spearhead.svg

54.230.241.11

7.8 kB

URL
d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/spearhead.svg
IP
54.230.241.11:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2000), with CRLF line terminators
Size
7.8 kB (7833 bytes)
Hash
7bd98cc0a8a3b9c9ee113f0bb0024e36
368b3a3fc992175c8a18764b6591c261c7ffb4a6
3784e0da8f5753f990f3e725ef46486d7d60f54869eb5f93d4f91ddb4ef16553

HTTP Headers

GET /logos/providers_small/color/spearhead.svg HTTP/1.1
Host: d2i76d1bskcqlp.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 7833
date: Sun, 03 Dec 2023 12:40:32 GMT
last-modified: Wed, 29 Sep 2021 07:36:14 GMT
etag: "7bd98cc0a8a3b9c9ee113f0bb0024e36"
x-amz-meta-sha256: 3784e0da8f5753f990f3e725ef46486d7d60f54869eb5f93d4f91ddb4ef16553
x-amz-meta-s3b-last-modified: 20210929T073403Z
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: SCTmA8boq_Ukkj-HOdC5zIDG-zJSdY372TSNF2sLfsy3RmrolYDeKA==
age: 38571
X-Firefox-Spdy: h2

d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/swintt.svg

54.230.241.11

578 B

URL
d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/swintt.svg
IP
54.230.241.11:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (578), with no line terminators
Size
578 B (578 bytes)
Hash
ee89585910b6fbe9fb1fe2f710bff973
80e4512ed6677238fab65c70e0d758c052c2e7e7
a81ce26aa512ad21d7fe941c622d7a05478cc9690c5cae7faf8bdb2688bb11b6

HTTP Headers

GET /logos/providers_small/color/swintt.svg HTTP/1.1
Host: d2i76d1bskcqlp.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 578
date: Sun, 03 Dec 2023 11:48:59 GMT
last-modified: Wed, 29 Sep 2021 07:36:14 GMT
etag: "ee89585910b6fbe9fb1fe2f710bff973"
x-amz-meta-sha256: a81ce26aa512ad21d7fe941c622d7a05478cc9690c5cae7faf8bdb2688bb11b6
x-amz-meta-s3b-last-modified: 20210929T073403Z
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: QQfbN74x-BkMNoFYSR2XxSvpRzkCarvQ1CZxDB00LbHfl0BGLUdX9w==
age: 41664
X-Firefox-Spdy: h2

d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/switchstudios.svg

54.230.241.11

2.7 kB

URL
d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/switchstudios.svg
IP
54.230.241.11:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (742), with CRLF line terminators
Size
2.7 kB (2655 bytes)
Hash
5845f540f32c9f6729117edf580ebc77
1bab16822ec4f0928e2843491a6099a53aa44d6c
9e7a3ae1e9291e726990e0d7316f049e5fbfc2d4fff762c590046925b7e813b9

HTTP Headers

GET /logos/providers_small/color/switchstudios.svg HTTP/1.1
Host: d2i76d1bskcqlp.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 2655
date: Sun, 03 Dec 2023 12:40:32 GMT
last-modified: Wed, 29 Sep 2021 07:36:14 GMT
etag: "5845f540f32c9f6729117edf580ebc77"
x-amz-meta-sha256: 9e7a3ae1e9291e726990e0d7316f049e5fbfc2d4fff762c590046925b7e813b9
x-amz-meta-s3b-last-modified: 20210929T073403Z
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Cp3z0qMxpn6di8QWJIi2jng5SGd6S28xtN639h7EhCTMHX5X8F2bbg==
age: 38571
X-Firefox-Spdy: h2

d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/thunderkick.svg

54.230.241.11

1.3 kB

URL
d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/thunderkick.svg
IP
54.230.241.11:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (772), with CRLF line terminators
Size
1.3 kB (1325 bytes)
Hash
676f7ebdb3e0f3d8babea977edd73fe7
92deabbedae2fc16bc90fcf79694b26b93acc233
406dd98e7212eccdb2fc98fc03491a3a0c1152f703f5d209b385460c0cf0c9a4

HTTP Headers

GET /logos/providers_small/color/thunderkick.svg HTTP/1.1
Host: d2i76d1bskcqlp.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 1325
date: Sun, 03 Dec 2023 11:50:16 GMT
last-modified: Wed, 29 Sep 2021 07:36:14 GMT
etag: "676f7ebdb3e0f3d8babea977edd73fe7"
x-amz-meta-sha256: 406dd98e7212eccdb2fc98fc03491a3a0c1152f703f5d209b385460c0cf0c9a4
x-amz-meta-s3b-last-modified: 20210929T073403Z
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: HVY-rl7_NbF7uL15tpAS1z09E1wa9qwAYsrH0Fud4w47lwHW7BXo5g==
age: 41587
X-Firefox-Spdy: h2

d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/technology.svg

54.230.241.11

2.2 kB

URL
d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/technology.svg
IP
54.230.241.11:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (734), with CRLF line terminators
Size
2.2 kB (2222 bytes)
Hash
439749215f264107c827b5963a130ddc
dbca1792c510fb217afd88d6025808c43401c626
7ee3aba4c300761d77017c88ae6082b468b395be284ae485a4254a40b6b3c575

HTTP Headers

GET /logos/providers_small/color/technology.svg HTTP/1.1
Host: d2i76d1bskcqlp.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 2222
date: Sun, 03 Dec 2023 11:48:59 GMT
last-modified: Wed, 29 Sep 2021 07:36:14 GMT
etag: "439749215f264107c827b5963a130ddc"
x-amz-meta-sha256: 7ee3aba4c300761d77017c88ae6082b468b395be284ae485a4254a40b6b3c575
x-amz-meta-s3b-last-modified: 20210929T073403Z
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: VK0KPxhsByAumF6vofvNDwcVMGwWrCQs2VAlrmyXHnF73zEVSGnP-w==
age: 41664
X-Firefox-Spdy: h2

d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/tripleedgestudios.svg

54.230.241.11

3.7 kB

URL
d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/tripleedgestudios.svg
IP
54.230.241.11:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
3.7 kB (3700 bytes)
Hash
334f2b59f1b30ccc7c6af4e845d0ae6a
7935f891c743e714155d16c6bd5ed5da90e6f3fa
cb6ba5d51d82b224da48b5ce5f1f8db29cf45ceeb1d769d0c5b130aeec986fa5

HTTP Headers

GET /logos/providers_small/color/tripleedgestudios.svg HTTP/1.1
Host: d2i76d1bskcqlp.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 3700
date: Sun, 03 Dec 2023 12:40:32 GMT
last-modified: Wed, 29 Sep 2021 07:36:14 GMT
etag: "334f2b59f1b30ccc7c6af4e845d0ae6a"
x-amz-meta-sha256: cb6ba5d51d82b224da48b5ce5f1f8db29cf45ceeb1d769d0c5b130aeec986fa5
x-amz-meta-s3b-last-modified: 20210929T073404Z
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: w5KNw2bAVGhXmDFlIJeP0dbEx083TbjRuLoWRU4Hiq5gkmd8nhkWOA==
age: 38571
X-Firefox-Spdy: h2

d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/yggdrasil.svg

54.230.241.11

6.7 kB

URL
d2i76d1bskcqlp.cloudfront.net/logos/providers_small/color/yggdrasil.svg
IP
54.230.241.11:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4664), with CRLF line terminators
Size
6.7 kB (6709 bytes)
Hash
3a1c4a385552aa39635f74a3ed9a1a43
1be432b0eddcc3430239e7e7b21a143745e84591
49fbc6a4b76e31f129e03d3020dd7ed37247a9cf60a2ae1757fe8dad335910c4

HTTP Headers

GET /logos/providers_small/color/yggdrasil.svg HTTP/1.1
Host: d2i76d1bskcqlp.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 6709
date: Sun, 03 Dec 2023 11:48:59 GMT
last-modified: Wed, 29 Sep 2021 07:36:15 GMT
etag: "3a1c4a385552aa39635f74a3ed9a1a43"
x-amz-meta-sha256: 49fbc6a4b76e31f129e03d3020dd7ed37247a9cf60a2ae1757fe8dad335910c4
x-amz-meta-s3b-last-modified: 20210929T073404Z
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: EzbX3gyC81DpWKTdQdvQsPghTKGJEZ1Eezs3QwtmVmH_imlspKwNjw==
age: 41664
X-Firefox-Spdy: h2

cdn.livechatinc.com/widget/static/js/0.560086b6.chunk.js

23.36.79.16

15 kB

URL
cdn.livechatinc.com/widget/static/js/0.560086b6.chunk.js
IP
23.36.79.16:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (47599), with no line terminators
Size
15 kB (14880 bytes)
Hash
1ac03d967e46fcf63e261e02fe3ac706
6ed4f32f5bee5e2aaf28a057ca0a8a83ad404b99
37e38fc2a4947983da3a03b38d58f6a734e61530fd9bcb6dca05bc48ed1f73ca

HTTP Headers

GET /widget/static/js/0.560086b6.chunk.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 31 Jul 2023 10:32:01 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: x4bp2rNlF.2.Kjwsgr0x4zgcAMUxyD_n
server: AmazonS3
content-encoding: br
etag: W/"1ac03d967e46fcf63e261e02fe3ac706"
vary: Accept-Encoding
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: iO68LFTKsE5oAk4sskP39JIOp4J8EIfoiByZsATnWjmW3TwnZVjTpg==
content-length: 14880
cache-control: max-age=31536000
expires: Mon, 02 Dec 2024 23:23:23 GMT
date: Sun, 03 Dec 2023 23:23:23 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
X-Firefox-Spdy: h2

cdn.livechatinc.com/widget/static/js/1.b3e9bd18.chunk.js

23.36.79.16

66 kB

URL
cdn.livechatinc.com/widget/static/js/1.b3e9bd18.chunk.js
IP
23.36.79.16:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (65462)
Size
66 kB (66442 bytes)
Hash
a1c381c5236d931e165b5f97bb458c7f
ca2fd79d761e9d7895a9ea92e53f1073930bf50d
c3fa220489a7130866d79f6a79792aa69ce0ce23ea4ba181a03144002736d5ae

HTTP Headers

GET /widget/static/js/1.b3e9bd18.chunk.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 23 Nov 2023 10:38:14 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: RWJiCAzhtwX6bpdOAENKLtzWJ..6vb_F
server: AmazonS3
content-encoding: br
etag: W/"a1c381c5236d931e165b5f97bb458c7f"
vary: Accept-Encoding
x-amz-cf-pop: AMS58-P4
x-amz-cf-id: 8HAcOpSlqP2Tm8HGEWooKO3A3UyCcAvtfqlNI-WPJU8I7G3-vMSAVg==
content-length: 66442
cache-control: max-age=31536000
expires: Mon, 02 Dec 2024 23:23:23 GMT
date: Sun, 03 Dec 2023 23:23:23 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
X-Firefox-Spdy: h2

cdn.livechatinc.com/widget/static/js/iframe.bb4ab153.chunk.js

23.36.79.16

222 kB

URL
cdn.livechatinc.com/widget/static/js/iframe.bb4ab153.chunk.js
IP
23.36.79.16:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (65457)
Size
222 kB (222200 bytes)
Hash
5eea972ba892e91b5afa4c0055c8931a
468657ec85fc8c1637ff5411e8a79528dbded746
7940d8af9045467b193030f86b21ef9949600e11c524a110186cacb3cb84644c

HTTP Headers

GET /widget/static/js/iframe.bb4ab153.chunk.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 01 Dec 2023 09:12:28 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: 5YEJ2U9AQDXGnhO4_TkuMnKZpb8ReKEa
server: AmazonS3
content-encoding: br
etag: W/"5eea972ba892e91b5afa4c0055c8931a"
vary: Accept-Encoding
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: SsTe0Py_YVD6mXmoAEK5PuN0ljvlzNp1sVM5GMXjDgSrSIwPw7_d8g==
content-length: 222200
cache-control: max-age=31536000
expires: Mon, 02 Dec 2024 23:23:23 GMT
date: Sun, 03 Dec 2023 23:23:23 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-89BGS3MKPL&gtm=45je3bt0v879152803&_p=1701645802013&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=229974730.1701645803&ul=en-us&sr=1280x1024&_eu=AEA&_s=2&sid=1701645802&sct=1&seg=0&dl=https%3A%2F%2Fbizzocasino.com%2Fno%2Fcasino%2Fslots%3Fbtag%3D655020_43A7E4A368104753AF901F0D08A5156B%26utm_source%3Dretarget%26utm_medium%3DUbidex%26utm_campaign%3DUbidex-Bizzo-EU-NotReg-pop-WelPromo%26utm_term%3DUbidex-Bizzo-EU-NotReg-pop-WelPromo%26subid%3D2c1ce2tik37d5i4a10&dr=https%3A%2F%2Fwww.toprevenuegate.com%2F&dt=Nettbaserte%20Spilleautomater%20%E2%9D%B1%20Spill%20Spilleautomater%20for%20Ekte%20Penger&en=scroll&epn.percent_scrolled=90&tfd=9909

216.239.32.36

0 B

URL
region1.analytics.google.com/g/collect?v=2&tid=G-89BGS3MKPL&gtm=45je3bt0v879152803&_p=1701645802013&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=229974730.1701645803&ul=en-us&sr=1280x1024&_eu=AEA&_s=2&sid=1701645802&sct=1&seg=0&dl=https%3A%2F%2Fbizzocasino.com%2Fno%2Fcasino%2Fslots%3Fbtag%3D655020_43A7E4A368104753AF901F0D08A5156B%26utm_source%3Dretarget%26utm_medium%3DUbidex%26utm_campaign%3DUbidex-Bizzo-EU-NotReg-pop-WelPromo%26utm_term%3DUbidex-Bizzo-EU-NotReg-pop-WelPromo%26subid%3D2c1ce2tik37d5i4a10&dr=https%3A%2F%2Fwww.toprevenuegate.com%2F&dt=Nettbaserte%20Spilleautomater%20%E2%9D%B1%20Spill%20Spilleautomater%20for%20Ekte%20Penger&en=scroll&epn.percent_scrolled=90&tfd=9909
IP
216.239.32.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-89BGS3MKPL&gtm=45je3bt0v879152803&_p=1701645802013&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=229974730.1701645803&ul=en-us&sr=1280x1024&_eu=AEA&_s=2&sid=1701645802&sct=1&seg=0&dl=https%3A%2F%2Fbizzocasino.com%2Fno%2Fcasino%2Fslots%3Fbtag%3D655020_43A7E4A368104753AF901F0D08A5156B%26utm_source%3Dretarget%26utm_medium%3DUbidex%26utm_campaign%3DUbidex-Bizzo-EU-NotReg-pop-WelPromo%26utm_term%3DUbidex-Bizzo-EU-NotReg-pop-WelPromo%26subid%3D2c1ce2tik37d5i4a10&dr=https%3A%2F%2Fwww.toprevenuegate.com%2F&dt=Nettbaserte%20Spilleautomater%20%E2%9D%B1%20Spill%20Spilleautomater%20for%20Ekte%20Penger&en=scroll&epn.percent_scrolled=90&tfd=9909 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bizzocasino.com
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/3 204 No Content
access-control-allow-origin: https://bizzocasino.com
date: Sun, 03 Dec 2023 23:23:23 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

accounts.livechatinc.com/v2/customer/0423be4a-3d48-484e-a65a-2228122b8c26/46/token

23.36.79.16

195 B

URL
accounts.livechatinc.com/v2/customer/0423be4a-3d48-484e-a65a-2228122b8c26/46/token
IP
23.36.79.16:0
ASN
#20940 Akamai International B.V.

File type
JSON data\012- , ASCII text
Size
195 B (195 bytes)
Hash
bffc594d9b1addda86dabd00bbcc2bbe
81676771415de00ea243fb47dc6efd393d2aaaf4
379c75f2cee05caedef8618971b18f07dc8cf2d206b600b73f1f81c6bb33ec52

HTTP Headers

POST /v2/customer/0423be4a-3d48-484e-a65a-2228122b8c26/46/token HTTP/1.1
Host: accounts.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 225
Origin: https://secure.livechatinc.com
DNT: 1
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://secure.livechatinc.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: application/json
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
content-length: 195
date: Sun, 03 Dec 2023 23:23:23 GMT
set-cookie: __lc_cid=dceac166-51c8-4ad1-b179-b08f211974ba; Path=/v2/customer/0423be4a-3d48-484e-a65a-2228122b8c26/46/token; Domain=accounts.livechatinc.com; Expires=Wed, 03 Dec 2025 23:23:23 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None
__lc_cst=5287ad807564037f9b5b4b6fabe9d9368d59ca1517c35c0977d2294ed2da7028a8372a769786f244113db0dd29fb5aadf313f09cc003a5af138100c9cf0a; Path=/v2/customer/0423be4a-3d48-484e-a65a-2228122b8c26/46/token; Domain=accounts.livechatinc.com; Expires=Wed, 03 Dec 2025 23:23:23 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None
__lc_cid=dceac166-51c8-4ad1-b179-b08f211974ba; Path=/licence/g9054575_46/; Domain=accounts.livechatinc.com; Expires=Wed, 03 Dec 2025 23:23:23 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None
__lc_cst=5287ad807564037f9b5b4b6fabe9d9368d59ca1517c35c0977d2294ed2da7028a8372a769786f244113db0dd29fb5aadf313f09cc003a5af138100c9cf0a; Path=/licence/g9054575_46/; Domain=accounts.livechatinc.com; Expires=Wed, 03 Dec 2025 23:23:23 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None
__oauth_redirect_detector=counter=1&t=1701645833&tag=abef36d581f329c843a7704766b6c4612ef84421; Path=/; Expires=Sun, 03 Dec 2023 23:23:53 GMT; HttpOnly; Secure; SameSite=None
X-Firefox-Spdy: h2

cdn.softswiss.net/logos/providers_small/color/octoplay.svg

104.16.13.151

7.4 kB

URL
cdn.softswiss.net/logos/providers_small/color/octoplay.svg
IP
104.16.13.151:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (11656)
Size
7.4 kB (7442 bytes)
Hash
a76a6cf70bffb23b63d4eee035f5732a
bb4e6887ff92e4bf4e7fcb9eac06c3fd3a1cc3fd
7d8357908ef4805ee43c2bb969a2998f4455434312e044863861d6afc18887e0

HTTP Headers

GET /logos/providers_small/color/octoplay.svg HTTP/1.1
Host: cdn.softswiss.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:21 GMT
content-type: image/svg+xml
last-modified: Mon, 08 May 2023 12:35:03 GMT
etag: W/"6458ec77-522c"
expires: Sun, 03 Dec 2023 20:00:50 GMT
cache-control: max-age=86400
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 33100
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff8e93fd0d7129-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

api.livechatinc.com/v3.5/customer/action/check_goals?organization_id=0423be4a-3d48-484e-a65a-2228122b8c26

23.36.79.16

2 B

URL
api.livechatinc.com/v3.5/customer/action/check_goals?organization_id=0423be4a-3d48-484e-a65a-2228122b8c26
IP
23.36.79.16:0
ASN
#20940 Akamai International B.V.

File type
JSON data\012- , ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

HTTP Headers

POST /v3.5/customer/action/check_goals?organization_id=0423be4a-3d48-484e-a65a-2228122b8c26 HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Authorization: Bearer dal:cTSRbp2fQzyTq2woF7r1vw
Content-Length: 290
Origin: https://secure.livechatinc.com
DNT: 1
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://secure.livechatinc.com
content-type: application/json
vary: Accept-Encoding
content-length: 2
date: Sun, 03 Dec 2023 23:23:24 GMT
X-Firefox-Spdy: h2

bizzocasino.com/assets/favicon.png

104.26.9.22

200 OK

38 kB

URL GET HTTP/2
bizzocasino.com/assets/favicon.png
IP
104.26.9.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bizzocasino.com/no/casino/slots?btag=655020_43A7E4A368104753AF901F0D08A5156B&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&utm_term=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&subid=2c1ce2tik37d5i4a10
Certificate
IssuerCloudflare, Inc.
Subjectbizzocasino.com
FingerprintC6:8D:CF:8A:33:8A:9E:A9:7D:65:61:29:86:23:37:74:4A:9C:A1:0E
ValidityTue, 14 Mar 2023 00:00:00 GMT - Tue, 12 Mar 2024 23:59:59 GMT

File type
PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced\012- data
Size
38 kB (38098 bytes)
Hash
73c0aee64f13a266b6b742c486fe1337
ccd750b9fd381a26be739ac360338ac561053e89
1c3abd9ad5e3c51ce047428580299ebff7a1a8359e973c34cb37fd1491146478

HTTP Headers

GET /assets/favicon.png HTTP/1.1
Host: bizzocasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/no/casino/slots?btag=655020_43A7E4A368104753AF901F0D08A5156B&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&utm_term=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&subid=2c1ce2tik37d5i4a10
Cookie: preferred-language=no; btag=655020_43A7E4A368104753AF901F0D08A5156B; subid=2c1ce2tik37d5i4a10; utm_campaign=Ubidex-Bizzo-EU-NotReg-pop-WelPromo; utm_medium=Ubidex; utm_source=retarget; utm_term=Ubidex-Bizzo-EU-NotReg-pop-WelPromo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:16 GMT
content-type: image/png
content-length: 38098
cf-ray: 82ff8e74882bb50c-OSL
cf-cache-status: BYPASS
accept-ranges: bytes
etag: "6568287a-94d2"
last-modified: Thu, 30 Nov 2023 06:15:22 GMT
set-cookie: is_mobile_device=false
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LWTq3W0pZn8MrdVbvx6fNjY7JecRHx23OSuCcnOeb%2F2OwZmS1zcZ9KFPshVs%2BqhVyV88%2FvZhm7joiqIe7NA161MpQR9ykF%2Bfl4cKIfdRe%2B%2BymHG5b%2FsPN41HZj3Z3ogcuA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2

bizzocasino.com/app/styles.84a8b4e837bb8f6f.js

104.26.9.22

200 OK

246 B

URL GET HTTP/2
bizzocasino.com/app/styles.84a8b4e837bb8f6f.js
IP
104.26.9.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bizzocasino.com/no/casino/slots?btag=655020_43A7E4A368104753AF901F0D08A5156B&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&utm_term=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&subid=2c1ce2tik37d5i4a10
Certificate
IssuerCloudflare, Inc.
Subjectbizzocasino.com
FingerprintC6:8D:CF:8A:33:8A:9E:A9:7D:65:61:29:86:23:37:74:4A:9C:A1:0E
ValidityTue, 14 Mar 2023 00:00:00 GMT - Tue, 12 Mar 2024 23:59:59 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
246 B (246 bytes)
Hash
460ac15fa15fd833fd7ef35d2f36d92e
00407ddfc70e8f69ca6834520a083297d8f4a84e
eadc3234c79373fbae84252771d3684ad890acd9a50da05f21897bf16191fae3

HTTP Headers

GET /app/styles.84a8b4e837bb8f6f.js HTTP/1.1
Host: bizzocasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/no/casino/slots?btag=655020_43A7E4A368104753AF901F0D08A5156B&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&utm_term=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&subid=2c1ce2tik37d5i4a10
Cookie: is_mobile_device=false; preferred-language=no; btag=655020_43A7E4A368104753AF901F0D08A5156B; subid=2c1ce2tik37d5i4a10; utm_campaign=Ubidex-Bizzo-EU-NotReg-pop-WelPromo; utm_medium=Ubidex; utm_source=retarget; utm_term=Ubidex-Bizzo-EU-NotReg-pop-WelPromo; _cioanonid=5729cd2a-443d-d34e-f27b-3db8283c16fe; _ga_89BGS3MKPL=GS1.1.1701645802.1.0.1701645802.60.0.0; _ga=GA1.1.229974730.1701645803; _sp_srt_ses.52c6=*; _sp_srt_id.52c6=181b8daa-ecdb-47c1-89cf-35a8d7654f5f.1701645803.1.1701645803..1220d451-2ad2-4753-970e-24cea0de13a2....0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:17 GMT
content-type: application/javascript
cf-ray: 82ff8e798c3cb50c-OSL
cf-cache-status: BYPASS
etag: W/"65682879-f6"
last-modified: Thu, 30 Nov 2023 06:15:21 GMT
set-cookie: is_mobile_device=false
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ikkyUFjBtZRq7a79Jhcql30dS0tjGztvI5Nx8hWWbT%2FKAQfUceSZV%2Bb5e4%2Ff108utv5PEZMAFcqqlP52MBE4t1CR8duTdORCKFlFHB9PuVuZ%2Baj08U%2F3JSbKTzhxEdYV9w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

bizzocasino.com/app/vendor.c9e29dd2a5cccab8.js

104.26.9.22

200 OK

4.9 MB

URL GET HTTP/2
bizzocasino.com/app/vendor.c9e29dd2a5cccab8.js
IP
104.26.9.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bizzocasino.com/no/casino/slots?btag=655020_43A7E4A368104753AF901F0D08A5156B&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&utm_term=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&subid=2c1ce2tik37d5i4a10
Certificate
IssuerCloudflare, Inc.
Subjectbizzocasino.com
FingerprintC6:8D:CF:8A:33:8A:9E:A9:7D:65:61:29:86:23:37:74:4A:9C:A1:0E
ValidityTue, 14 Mar 2023 00:00:00 GMT - Tue, 12 Mar 2024 23:59:59 GMT

File type

Size
4.9 MB (4906800 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /app/vendor.c9e29dd2a5cccab8.js HTTP/1.1
Host: bizzocasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/no/casino/slots?btag=655020_43A7E4A368104753AF901F0D08A5156B&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&utm_term=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&subid=2c1ce2tik37d5i4a10
Cookie: is_mobile_device=false; preferred-language=no; btag=655020_43A7E4A368104753AF901F0D08A5156B; subid=2c1ce2tik37d5i4a10; utm_campaign=Ubidex-Bizzo-EU-NotReg-pop-WelPromo; utm_medium=Ubidex; utm_source=retarget; utm_term=Ubidex-Bizzo-EU-NotReg-pop-WelPromo; _cioanonid=5729cd2a-443d-d34e-f27b-3db8283c16fe; _ga_89BGS3MKPL=GS1.1.1701645802.1.0.1701645802.60.0.0; _ga=GA1.1.229974730.1701645803; _sp_srt_ses.52c6=*; _sp_srt_id.52c6=181b8daa-ecdb-47c1-89cf-35a8d7654f5f.1701645803.1.1701645803..1220d451-2ad2-4753-970e-24cea0de13a2....0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:17 GMT
content-type: application/javascript
cf-ray: 82ff8e799c43b50c-OSL
cf-cache-status: BYPASS
etag: W/"6568287e-4adf30"
last-modified: Thu, 30 Nov 2023 06:15:26 GMT
set-cookie: is_mobile_device=false
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bWXc8PRU0aAq1pnDubo8pWs0NHrzNTgqW0friTn63GSAQaYvBG2ngSHhVrMXJ4LxMoXUOrqgIPGwK6CUNRpBLstE3zjMiCqvtdCi3HFxrZ2yU0pt8yoJLS2eyoQ3Ssc5zw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

tsyndicate.com/api/v1/retargeting/set/a77cc63a-6181-4fc8-be35-59425b45b474

94.130.164.161

200 OK

43 B

URL GET HTTP/2
tsyndicate.com/api/v1/retargeting/set/a77cc63a-6181-4fc8-be35-59425b45b474
IP
94.130.164.161:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://bizzocasino.com/no/casino/slots?btag=655020_43A7E4A368104753AF901F0D08A5156B&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&utm_term=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&subid=2c1ce2tik37d5i4a10
Certificate
IssuerLet's Encrypt
Subjecttsyndicate.com
FingerprintF2:3C:80:FB:F4:C8:BF:02:DD:BF:23:DD:27:74:AB:0B:89:F6:13:5E
ValiditySun, 12 Nov 2023 09:06:58 GMT - Sat, 10 Feb 2024 09:06:57 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ba036c43037cfe89320d1ef7b64cd43f
88c72d3e26047eb1e45e5564a76427734f120efe
42cb846e07917f6731406e500f24aeb2e88c42cda124eaa59e08c5331cad8bcb

HTTP Headers

GET /api/v1/retargeting/set/a77cc63a-6181-4fc8-be35-59425b45b474 HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 03 Dec 2023 23:23:17 GMT
content-type: image/gif
content-length: 43
pragma: no-cache
expires: 0
vary: *
x-api-version: 1
x-request-id: a85353bf2ba09ff4
set-cookie: ts_rt_a77cc63a-6181-4fc8-be35-59425b45b474=AAMC; expires=Mon, 02 Dec 2024 23:23:17 GMT; path=/; HttpOnly; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
X-Firefox-Spdy: h2

bizzocasino.com/configuration.js

104.26.9.22

200 OK

3.7 kB

URL GET HTTP/2
bizzocasino.com/configuration.js
IP
104.26.9.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bizzocasino.com/no/casino/slots?btag=655020_43A7E4A368104753AF901F0D08A5156B&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&utm_term=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&subid=2c1ce2tik37d5i4a10
Certificate
IssuerCloudflare, Inc.
Subjectbizzocasino.com
FingerprintC6:8D:CF:8A:33:8A:9E:A9:7D:65:61:29:86:23:37:74:4A:9C:A1:0E
ValidityTue, 14 Mar 2023 00:00:00 GMT - Tue, 12 Mar 2024 23:59:59 GMT

File type
ASCII text, with very long lines (4102), with no line terminators
Size
3.7 kB (3730 bytes)
Hash
a18530294ead588be922ae0cf8c53b0c
20e92bca0c298ac2258cfab2ed7d70c555c99004
f8b23106a7328217e8c1f9d3baa92c28f5793d6b5c235fb866ac82afb75183ae

HTTP Headers

GET /configuration.js HTTP/1.1
Host: bizzocasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/no/casino/slots?btag=655020_43A7E4A368104753AF901F0D08A5156B&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&utm_term=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&subid=2c1ce2tik37d5i4a10
Cookie: preferred-language=no; btag=655020_43A7E4A368104753AF901F0D08A5156B; subid=2c1ce2tik37d5i4a10; utm_campaign=Ubidex-Bizzo-EU-NotReg-pop-WelPromo; utm_medium=Ubidex; utm_source=retarget; utm_term=Ubidex-Bizzo-EU-NotReg-pop-WelPromo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:23:16 GMT
content-type: text/javascript; charset=UTF-8
cf-ray: 82ff8e72eedeb50c-OSL
cf-cache-status: BYPASS
cache-control: no-cache, no-store, private
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods: GET, POST, OPTIONS
access-control-expose-headers: Content-Length,Content-Range
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wfa1TAcWMwGFvaXI2k1TKDQ0t%2BQlwBbM%2FXmYVxV41%2BzGDYlGfRrQozavx9ZTiyrJLnNiGx8r9ErWMwiT2qmOAajZA9%2F9yuR8jvXgow23MHIUwy%2FPWTJPH%2FnZ4td%2B2IxxjA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

d2i76d1bskcqlp.cloudfront.net/flags/no.svg

54.230.241.11

200 OK

321 B

URL GET HTTP/2
d2i76d1bskcqlp.cloudfront.net/flags/no.svg
IP
54.230.241.11:443
ASN
#16509 AMAZON-02

Requested by
https://bizzocasino.com/no/casino/slots?btag=655020_43A7E4A368104753AF901F0D08A5156B&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&utm_term=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&subid=2c1ce2tik37d5i4a10
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (354), with no line terminators
Size
321 B (321 bytes)
Hash
d18bfc89aa5eb30dd12f2380619c8f86
7b2877aa02155d80107cdfe8258b99c91e6a4279
39243cf56fc05035f04c9f69089153a76549a209f9cab9985d09366382feec89

HTTP Headers

GET /flags/no.svg HTTP/1.1
Host: d2i76d1bskcqlp.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 321
date: Sun, 03 Dec 2023 14:02:18 GMT
last-modified: Wed, 29 Sep 2021 07:35:11 GMT
etag: "0b41df77e951a30bbfccfd0a3714a1a3"
x-amz-meta-sha256: c59f156ddd70507f05267dc35e2e4f3e44467b9ef414995abb91589dc486dd6a
x-amz-meta-s3b-last-modified: 20210929T073231Z
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: RXldZ3ySMHbmbXsELLTDAeGGh1pONuinHWR9ozH3pJN1Na5yz0b3sw==
age: 33662
X-Firefox-Spdy: h2

c4457c89-e5ba-4d22-92e5-c2959310ee85.snippet.antillephone.com/apg-seal.js

54.230.111.125

200 OK

3.5 kB

URL GET HTTP/2
c4457c89-e5ba-4d22-92e5-c2959310ee85.snippet.antillephone.com/apg-seal.js
IP
54.230.111.125:443
ASN
#16509 AMAZON-02

Requested by
https://bizzocasino.com/no/casino/slots?btag=655020_43A7E4A368104753AF901F0D08A5156B&utm_source=retarget&utm_medium=Ubidex&utm_campaign=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&utm_term=Ubidex-Bizzo-EU-NotReg-pop-WelPromo&subid=2c1ce2tik37d5i4a10
Certificate
IssuerStarfield Technologies, Inc.
Subject*.snippet.antillephone.com
FingerprintE5:72:D2:23:23:5B:CF:9D:04:92:91:42:A3:10:C7:14:C1:B6:4C:8C
ValiditySun, 02 Apr 2023 11:55:38 GMT - Fri, 03 May 2024 11:55:38 GMT

File type
ASCII text, with very long lines (3633), with no line terminators
Size
3.5 kB (3549 bytes)
Hash
8981cea06bd1da4642ffa9cc8a14162a
7203835ac313056787e49e6c1a8abaebe14f5b97
b6a6c5f26b2b4a39f645a559c83884d113ad0d508f72006caa866048dd93673b

HTTP Headers

GET /apg-seal.js HTTP/1.1
Host: c4457c89-e5ba-4d22-92e5-c2959310ee85.snippet.antillephone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bizzocasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
date: Sun, 03 Dec 2023 23:20:45 GMT
x-powered-by: Express
cache-control: max-age=300
etag: W/"ddd-VW9eK1fU+To1PK1UfhiXRWwEwUA"
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 82ff8ac6adbf9960-FRA
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: JUYxyK1b2RpPh3WI0KPMp1j_bjiq0peQHZ4mKuwUDoN9OicX-tUEeQ==
age: 151
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (47)

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML