Report - walter-larence.com/f8756588-2326-45d7-95cb-b12d9dfbaa63

Report Overview

Submitted URL
walter-larence.com/f8756588-2326-45d7-95cb-b12d9dfbaa63
IP
18.193.146.82
ASN
#16509 AMAZON-02
Submitted
2022-11-30 07:34:34
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
walter-larence.com	208176	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	386 B	880 B	18.193.146.82
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	5.2 kB	93.184.220.29
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	6.3 kB	17 kB	142.250.74.131
api.trafficguard.ai	35142	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	521 B	4.2 kB	34.120.121.20
www.google.no	25607	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	515 B	694 B	142.250.74.163
sdk-cdn.optimove.net	23584	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	815 B	26 kB	35.201.79.141
stream-683.optimove.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	1.5 kB	107.154.132.121
www.palmsbet.com	205486	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	590 B	9.7 kB	104.26.6.160
click.trafficguard.ai	106951	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	797 B	1.6 kB	35.201.93.108
stats.g.doubleclick.net	96	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	607 B	711 B	64.233.165.154
s2.adform.net	4693	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	388 B	452 B	37.157.2.247
adservice.google.com	76	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	748 B	997 B	142.250.74.2
realtime-683.optimove.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	1.5 kB	107.154.132.121
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	382 B	74 kB	142.250.74.72
adservice.google.no	96969	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	738 B	1.1 kB	142.250.74.98
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	680 B	18 kB	104.18.32.68
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
tgtag.io	35595	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	370 B	24 kB	34.120.230.83
connect.facebook.net	139	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	374 B	35 kB	31.13.72.12
region1.google-analytics.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	960 B	563 B	216.239.34.36
bg.search.etargetnet.com	312870	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	382 B	1.1 kB	195.168.10.173
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
www.palmsbet.top	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	406 B	308 kB	78.128.8.67
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	373 B	21 kB	216.58.207.206
www.facebook.com	99	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	755 B	349 B	31.13.72.36
sdkuaservice.optimove.net	38822	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	455 B	615 B	34.102.240.186
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	44.237.93.5
512974245.fls.doubleclick.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	745 B	1.2 kB	142.250.74.70
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	6.2 kB	23.36.76.226
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	46 kB	34.120.237.76
support.palmsbet.com	390324	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	623 B	161 kB	78.128.60.140
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	419 B	1.9 kB	142.250.74.106
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	516 B	694 B	142.250.74.132
track.adform.net	3564	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.8 kB	1.8 kB	37.157.6.252

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-30	medium	walter-larence.com/f8756588-2326-45d7-95cb-b12d9dfbaa63	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (28)

	URL	Size	First Seen	Last Seen
	www.palmsbet.com/bg/pages/new-free-spins-everyday/?marketingCode=PB-0115&tgclid=02010001-89d9-4a19-8a00-015063870785	341 B	2023-03-07	2023-09-17
Pretty URL www.palmsbet.com/bg/pages/new-free-spins-everyday/?marketingCode=PB-0115&tgclid=02010001-89d9-4a19-8a00-015063870785 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59:42 Last Seen2023-09-17 09:14:05 Times Seen106 Hash 5e9ed7a18696f9b7182fb8f1c08be46b 1a24b49762f246a4a2c7e73cf1e3ccb971f25bbd 1e9823d571bcd1138a9dae0664827fcb816c423d1cb6941389c74d7e711bb516 Loading...

	www.palmsbet.com/scripts/jquery.touchSwipe.min.js	20 kB	2023-03-07	2024-05-02
Pretty URL www.palmsbet.com/scripts/jquery.touchSwipe.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2024-05-02 04:41:25 Times Seen1357 Hash f60ff05469d1757996d85f4172d4ff4d 69c8c9f0e0fbd9bd9fd1df6c1a18067256d46c73 a10d7edb8fd307f469beaaa75a725e4bdae24a1b867f5bc7960f01e25c99d8e1 Loading...

	track.adform.net/serving/scripts/trackpoint/async/	80 kB	2023-03-08	2023-08-22
Pretty URL track.adform.net/serving/scripts/trackpoint/async/ IP 37.157.6.252 ASN #198622 Adform A/S Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:31:25 Last Seen2023-08-22 11:18:40 Times Seen317 Hash 83eb5fafaa212c785f7393188ff817aa b5a60e05523c4f55e93610169b2c6da627553fc6 45d4d6fe0a9cae467c6d81caef5edd008c13b70ba403979f979fb86d400378c7 Loading...

	sdk-cdn.optimove.net/websdk/sdk-v2.0.js	49 kB	2023-03-07	2023-03-17
Pretty URL sdk-cdn.optimove.net/websdk/sdk-v2.0.js IP 35.201.79.141 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:10 Last Seen2023-03-17 10:40:59 Times Seen1 Hash 763bf6946756f39b98b57a6d2f63d0fc 8ff78f733c928d93aeb0ebeb0a64e8fd327cf53e ea72d65510bac7fef3b1e6751e4498724db58a44048c20418e4ab0b150b8f5ca Loading...

	connect.facebook.net/en_US/fbevents.js	105 kB	2023-03-08	2023-11-28
Pretty URL connect.facebook.net/en_US/fbevents.js IP 31.13.72.12 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:10 Last Seen2023-11-28 17:55:58 Times Seen32 Hash a6ef7927128284961f4cadd572969f09 57e21033749687e69de710a0be6d4244edf1fe51 d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b Loading...

	sdk-cdn.optimove.net/webconfig/f6a9d2d8264c44578514f5b495966bf8/web-configuration.1.0.0.js	105 kB	2023-03-11	2023-03-11
Pretty URL sdk-cdn.optimove.net/webconfig/f6a9d2d8264c44578514f5b495966bf8/web-configuration.1.0.0.js IP 35.201.79.141 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:26:01 Last Seen2023-03-11 22:53:25 Times Seen1 Hash ab6b9c46938e1ff61db8ac40201a27fd 53f35e797532449630c3baa4f4e0c15ba810d0e8 31ece1c3ecc3041911dd067b978b66ff34780fa1c6a84d2f2ac09595a3bf9d12 Loading...

	www.palmsbet.com/affiliate/?marketingCode=PB-0115&banID=&brand=ecasino&ns=wffpm6p01tlbo7rk2767fuig&clickid=wffpm6p01tlbo7rk2767fuig&pages=new-free-spins-everyday	141 B	2023-03-07	2023-04-05
Pretty URL www.palmsbet.com/affiliate/?marketingCode=PB-0115&banID=&brand=ecasino&ns=wffpm6p01tlbo7rk2767fuig&clickid=wffpm6p01tlbo7rk2767fuig&pages=new-free-spins-everyday IP 104.26.6.160 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59:42 Last Seen2023-04-05 01:52:35 Times Seen20 Hash 8cf0d2fe46ea3e75d1aea4708a499488 a37f980aa8b855df6489ca02e5af5dddddf81f9a a1a8f8141097ad0e2373121faf95e8fbbe5411b87c422ade042f84bc3daeac21 Loading...

	www.palmsbet.com/scripts/init.min.js?v=13.2.5.5	12 kB	2023-03-07	2023-09-17
Pretty URL www.palmsbet.com/scripts/init.min.js?v=13.2.5.5 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59:42 Last Seen2023-09-17 09:14:06 Times Seen182 Hash ca334ff65b6a9b901c3cced53c428859 03958d996ef9d273213c06c1426a644614afd225 10cd77a8fc1a1c097181884ec32999c90ede84ca0f659be37dbd1d60548f24c4 Loading...

	www.palmsbet.com/bg/pages/new-free-spins-everyday/?marketingCode=PB-0115&tgclid=02010001-89d9-4a19-8a00-015063870785	1.6 kB	2023-03-11	2023-03-11
Pretty URL www.palmsbet.com/bg/pages/new-free-spins-everyday/?marketingCode=PB-0115&tgclid=02010001-89d9-4a19-8a00-015063870785 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:53:25 Last Seen2023-03-11 22:53:25 Times Seen1 Hash e7e3fe01b3b936ea0b5f5443821d7c9c e7afaa148418c59353d9321c4446229a26010500 08b11cc60940536df4bae776cf55b2a77ff4740c15c96ddd266bf09b114dd24f Loading...

	http:blank	708 B	2023-03-11	2023-03-11
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:53:25 Last Seen2023-03-11 22:53:25 Times Seen1 Hash f4896109e0a9387631d4304bb67e2f3d 4de716b9a3866b23eceb1fcf3f85ad5c7bab7d88 b71ce12bfda7e2ee48c312fdf954868cd2e2b274edb449e313253db3b9786d84 Loading...

	www.palmsbet.com/scripts/jquery.ctdata.js?v=1.635821123.1.1	16 kB	2023-03-07	2023-03-12
Pretty URL www.palmsbet.com/scripts/jquery.ctdata.js?v=1.635821123.1.1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59:42 Last Seen2023-03-12 18:12:42 Times Seen1 Hash 9a7efb9b7b85a762cd32d4641b6794ad 367bcc0ad038d630b95192044dbf0df5d286e250 b97c1f79875686cfe870a9a35c5e68655eb52aae26db7cee8f7176a3609250df Loading...

	www.palmsbet.com/bg/pages/new-free-spins-everyday/?marketingCode=PB-0115&tgclid=02010001-89d9-4a19-8a00-015063870785	1.4 kB	2023-03-09	2023-03-11
Pretty URL www.palmsbet.com/bg/pages/new-free-spins-everyday/?marketingCode=PB-0115&tgclid=02010001-89d9-4a19-8a00-015063870785 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 01:46:11 Last Seen2023-03-11 22:53:25 Times Seen1 Hash ea6742bd310e363e146daa1d70932b20 30302f785ac899443dc1ee7e190fa144284c942a 719da6bba4a8c131950139cb0804b6c9302a8ecd3984e2298ff08da7f99893f0 Loading...

	tgtag.io/tg.js?pid=tg-g-007125-001	78 kB	2023-03-11	2023-03-11
Pretty URL tgtag.io/tg.js?pid=tg-g-007125-001 IP 34.120.230.83 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 16:10:50 Last Seen2023-03-11 22:53:25 Times Seen1 Hash fa233e788b00e963c3c066289a600a5c f45d7ba3f92f0a189034d4244de3e7b7ae975b4f 1dbd9705859e231db905143d1bf0a00a4775250764708819649929888d0ef4d3 Loading...

	www.palmsbet.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1669780800	41 kB	2023-03-11	2023-03-11
Pretty URL www.palmsbet.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1669780800 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:53:25 Last Seen2023-03-11 22:53:25 Times Seen1 Hash 8e8df52ca9e345677dda4589b7c8fb99 c28a35e3447fa24fd29fdc29ad9b2873171a0447 2343c231d7567739538e9fda3d984c1cafaca2cdbfca83a1b04bebab1e16bf80 Loading...

	www.googletagmanager.com/gtag/js?id=G-JRG87C8CG6&l=dataLayer&cx=c	220 kB	2023-03-11	2023-03-11
Pretty URL www.googletagmanager.com/gtag/js?id=G-JRG87C8CG6&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:53:25 Last Seen2023-03-11 22:53:25 Times Seen1 Hash 55c0e279732b6d7bb206ccabce955b19 7df3fe9e93791edd904b1ab58edecca333653887 af988c20d1ba522b709f535194b868c1835484c014c8ebece52197eed7be54ad Loading...

	www.palmsbet.com/scripts/custom.min.js?ver=1669793669837	95 kB	2023-03-11	2023-03-11
Pretty URL www.palmsbet.com/scripts/custom.min.js?ver=1669793669837 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:53:25 Last Seen2023-03-11 22:53:25 Times Seen1 Hash e78b2527b012147da8143fae71569a21 faf30710f1ab2b1106e416a7709747e3c1967120 7a4469a8afef91bde84f7f482925e2d4d3ad4413b654cadace5ab9af78f7304d Loading...

	track.adform.net/Serving/TrackPoint/?pm=2130909&ADFPageName=WebsiteName%7CSectionName%7CSubSection%7CPageName&ADFdivider=%7C&ord=84099030885&ADFtpmode=2&loc=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fnew-free-spins-everyday%2F%3FmarketingCode%3DPB-0115%26tgclid%3D02010001-89d9-4a19-8a00-015063870785&CPref=https%3A%2F%2Fwww.palmsbet.com%2F&Set1=en-US%7Cen-US%7C1280x1024%7C24	143 B	2023-03-07	2023-04-05
Pretty URL track.adform.net/Serving/TrackPoint/?pm=2130909&ADFPageName=WebsiteName%7CSectionName%7CSubSection%7CPageName&ADFdivider=%7C&ord=84099030885&ADFtpmode=2&loc=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fnew-free-spins-everyday%2F%3FmarketingCode%3DPB-0115%26tgclid%3D02010001-89d9-4a19-8a00-015063870785&CPref=https%3A%2F%2Fwww.palmsbet.com%2F&Set1=en-US%7Cen-US%7C1280x1024%7C24 IP 37.157.6.252 ASN #198622 Adform A/S Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59:42 Last Seen2023-04-05 01:52:35 Times Seen29 Hash ac85d2c997b3f5e1e7ef149366314ae6 0dc97a787c9e8cc8a20fa1ceacc3cad6c1813117 2cb28c9975c6810c04af98601f68a5464fe4929be832e4ba3866e367777155eb Loading...

	http:blank	600 B	2023-03-09	2023-03-11
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 01:46:11 Last Seen2023-03-11 22:53:25 Times Seen1 Hash 8aac0a189634c51d11a24b688b73ba96 c90fb59bb39fef40b8f7c42451581a7d64369167 4434226672e1c77fc693fbd4a2e145a806222a98082a6514963dcd0d9f38f9f4 Loading...

	bg.search.etargetnet.com/j/?h=a10d7cc080adb592	154 B	2023-03-11	2023-03-11
Pretty URL bg.search.etargetnet.com/j/?h=a10d7cc080adb592 IP 195.168.10.173 ASN #5578 SWAN, a.s. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:53:25 Last Seen2023-03-11 22:53:25 Times Seen1 Hash d14f745c1ca53d9b17b16e720a5547e2 9d2f595d6e407ac6c7418c00c40324e20adcca19 d00c7333b941f378c63255070378c2aff680ba8dd99ae1f8128a8f46069813cb Loading...

	www.palmsbet.com/scripts/tab-changes.js?v=1669793670267	2.3 kB	2023-03-07	2023-09-17
Pretty URL www.palmsbet.com/scripts/tab-changes.js?v=1669793670267 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59:42 Last Seen2023-09-17 09:14:05 Times Seen114 Hash ba13a046eb6675504d302089ca3da833 57c98951979844da1387df31a1a6b010fde86a3f 9db56cd2ede27233110647b8b4e459e90f00210012c4f5373fc894daf8bc9aa2 Loading...

	www.palmsbet.com/bg/pages/new-free-spins-everyday/?marketingCode=PB-0115&tgclid=02010001-89d9-4a19-8a00-015063870785	831 B	2023-03-07	2023-09-17
Pretty URL www.palmsbet.com/bg/pages/new-free-spins-everyday/?marketingCode=PB-0115&tgclid=02010001-89d9-4a19-8a00-015063870785 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59:42 Last Seen2023-09-17 09:14:05 Times Seen106 Hash 560bac8e455828b0dc18867c6cd9da8b e2a4b0d6a4311c0e34e6233fc6b19b31e5f3172e 3ed5000e5dd3b1a4c8b0da26e131122d6cf65cf1b5ca3f0fb68f85923b512caa Loading...

	www.palmsbet.com/bg/pages/new-free-spins-everyday/?marketingCode=PB-0115&tgclid=02010001-89d9-4a19-8a00-015063870785	482 B	2023-03-07	2023-09-17
Pretty URL www.palmsbet.com/bg/pages/new-free-spins-everyday/?marketingCode=PB-0115&tgclid=02010001-89d9-4a19-8a00-015063870785 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59:42 Last Seen2023-09-17 09:14:05 Times Seen102 Hash fe73caa22b8f6c03742a7ffc028a58ff e60417d12e8953b2b85256bcafa881297160fe36 17bc2ec491a3a53968625e018de6dfb9d3d96c441ce67578c843383f1aeafe6c Loading...

	www.palmsbet.com/bg/pages/new-free-spins-everyday/?marketingCode=PB-0115&tgclid=02010001-89d9-4a19-8a00-015063870785	486 B	2023-03-07	2023-09-17
Pretty URL www.palmsbet.com/bg/pages/new-free-spins-everyday/?marketingCode=PB-0115&tgclid=02010001-89d9-4a19-8a00-015063870785 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59:42 Last Seen2023-09-17 09:14:05 Times Seen102 Hash 4bf0aa2f78f73e506c9c41e11b2ed668 765f0150868fd4bf93e9dd5aa08120deea76d17f fed9a303461e7fb3eb2dcdd78d767d0e1a2b74269040d3600801a8ee48430df1 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-05-07
Pretty URL www.google-analytics.com/analytics.js IP 216.58.207.206 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-05-07 19:59:08 Times Seen1643 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	www.palmsbet.com/scripts/jquery-3.6.0.min.js	90 kB	2023-03-07	2024-05-07
Pretty URL www.palmsbet.com/scripts/jquery-3.6.0.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:13 Last Seen2024-05-07 22:40:39 Times Seen267544 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

	connect.facebook.net/signals/config/1297212827064514?v=2.9.89&r=stable	300 kB	2023-03-11	2023-03-11
Pretty URL connect.facebook.net/signals/config/1297212827064514?v=2.9.89&r=stable IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:53:25 Last Seen2023-03-11 22:53:25 Times Seen1 Hash 12d18bdbd4ed9e0f13e89063ab516196 0d230dc3087e245b9434d4c23bdd4b21e1aba373 110133051ae2d16b4b60a2f7c0c40f6e5c4d9068ba5a20a683444d61a727f395 Loading...

	www.palmsbet.com/scripts/banner-default.js?v=960.1.1?v=1669793670266	9.7 kB	2023-03-07	2023-09-17
Pretty URL www.palmsbet.com/scripts/banner-default.js?v=960.1.1?v=1669793670266 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59:42 Last Seen2023-09-17 09:14:05 Times Seen111 Hash c2445e7c5b2725bd4a0a7bf9d4b47a42 5cb511abcefb3afb4352edb712b70c49b967bf9c 8f44a77c10b749fc6176d074eb2760aae3e945225264878bb95615cc3b7becbb Loading...

	www.palmsbet.com/bg/pages/new-free-spins-everyday/?marketingCode=PB-0115&tgclid=02010001-89d9-4a19-8a00-015063870785	398 B	2023-03-07	2023-09-17
Pretty URL www.palmsbet.com/bg/pages/new-free-spins-everyday/?marketingCode=PB-0115&tgclid=02010001-89d9-4a19-8a00-015063870785 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59:42 Last Seen2023-09-17 09:14:05 Times Seen106 Hash 251a94ead46a2087e9b63b61610e48e4 f5c3b3f68055117c6be373bc58a20bc6cb11fe70 b7a2547e06d5ad19132f839bbad92fb9319dec4f287af0adedf16a996a6bbff2 Loading...

HTTP Transactions (75)

URL IP Response Size

walter-larence.com/f8756588-2326-45d7-95cb-b12d9dfbaa63

18.193.146.82

302

0 B

URL HTTP/1.1
walter-larence.com/f8756588-2326-45d7-95cb-b12d9dfbaa63
IP
18.193.146.82:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /f8756588-2326-45d7-95cb-b12d9dfbaa63 HTTP/1.1
Host: walter-larence.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 
Server: nginx
Date: Wed, 30 Nov 2022 07:34:23 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://www.palmsbet.com/affiliate/?marketingCode=PB-0115&banID=&brand=ecasino&ns=wffpm6p01tlbo7rk2767fuig&clickid=wffpm6p01tlbo7rk2767fuig&pages=new-free-spins-everyday
Pragma: no-cache
Set-Cookie: f8756588-2326-45d7-95cb-b12d9dfbaa63-v4=UuIP2Hl3nw6KC8yP2TIr8KcVyjFrnDfhkMSZSLxnE_g; Max-Age=86400; Expires=Thu, 01-Dec-2022 07:34:23 GMT; Domain=walter-larence.com; Path=/; HttpOnly
cc-v4=lp8uFsHdpX94GW4K26XvISOagjBuX%2BLiaD6ouVpN8zh%2FCYTG40AxRYp09wzMTi1JjQybmjjFuoIxpfCjZANq3BU6QOTUEl%2B5Gos3VsatcYmWTHtxTgNM3g4hqgYkxopR%2BuPTmRbcqzfx0XQkQBqQ1A%3D%3D; Max-Age=31536000; Expires=Thu, 30-Nov-2023 07:34:23 GMT; Domain=walter-larence.com; Path=/; HttpOnly

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2d2e7649ce9e9ba6fc8b68aa89352e3c
0153d1d3d830a457043e16bb40d48a0b9ddef4b8
8eed57c91b42ef7b2d5eff1309e306e23e13c3de21219af24a693cbf3e8977fc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8EED57C91B42EF7B2D5EFF1309E306E23E13C3DE21219AF24A693CBF3E8977FC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2935
Expires: Wed, 30 Nov 2022 08:23:18 GMT
Date: Wed, 30 Nov 2022 07:34:23 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6d9d34c96b9a826ae5676640c966469c
8052a16d41a637e420478b7de1ff5a2dc951fccd
f18ac558cb786126bb7efb159e03353d268d5f5796bcfd2691a349dfc68d863c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F18AC558CB786126BB7EFB159E03353D268D5F5796BCFD2691A349DFC68D863C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7162
Expires: Wed, 30 Nov 2022 09:33:45 GMT
Date: Wed, 30 Nov 2022 07:34:23 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
4ed065cb23b5fca1a179dd73b3c5b7b2
4422eb24688f5e056fc1b18b127c7f63b1dbf5e0
b723d770d0dec7441d8505dc5a4e7d34f55c9f564ec52f20d9b70c7c3a0d9d35

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4959
Cache-Control: max-age=101967
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 07:34:23 GMT
Etag: "6385df6f-1d7"
Expires: Thu, 01 Dec 2022 11:53:50 GMT
Last-Modified: Tue, 29 Nov 2022 10:31:11 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: Ika6kKNABzGMRWFbF2xGRhQPZXR+vhgo4Ft8cctgWxgUUY0AK2cF7dLHWce7hhaoS5eaTYkfSfA=
x-amz-request-id: TT5K1Q96HF4TG047
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 30 Nov 2022 06:45:07 GMT
age: 2956
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 30 Nov 2022 07:19:40 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 883
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 07:34:23 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
a0e046c4f79862c55298459a3951bd34
0d5250ddf669839b821d3a6d9286e6b5a1eeabaa
be7b659d6e84f64fc24561e57fd1ed1da9bcbbd7998418d8526d26e763c168be

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=131570
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 07:34:23 GMT
Etag: "63866671-117"
Expires: Thu, 01 Dec 2022 20:07:13 GMT
Last-Modified: Tue, 29 Nov 2022 20:07:13 GMT
Server: nginx
Content-Length: 279

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 30 Nov 2022 07:11:14 GMT
cache-control: public,max-age=3600
age: 1389
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
a0e046c4f79862c55298459a3951bd34
0d5250ddf669839b821d3a6d9286e6b5a1eeabaa
be7b659d6e84f64fc24561e57fd1ed1da9bcbbd7998418d8526d26e763c168be

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=131570
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 07:34:23 GMT
Etag: "63866671-117"
Expires: Thu, 01 Dec 2022 20:07:13 GMT
Last-Modified: Tue, 29 Nov 2022 20:07:13 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
3c8c689bd654417640d85f3da51af313
85123b6d46230a23d03768bf304b386e5d301305
516138ca79703b45e904d32d7dde1c1e9fd35995b9f1bb1331c547542745676d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4962
Cache-Control: max-age=96907
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 07:34:23 GMT
Etag: "6385cba8-1d7"
Expires: Thu, 01 Dec 2022 10:29:30 GMT
Last-Modified: Tue, 29 Nov 2022 09:06:48 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cedb667bbb0962323a4aa4a1cd743d45
4b24c2d5c8ed42d94842aed2b4fca9f0b65b5dcb
4e601f86c7823504dbdd364b07092e329bc388e61a3dcdcfa023985bce687d79

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4E601F86C7823504DBDD364B07092E329BC388E61A3DCDCFA023985BCE687D79"
Last-Modified: Mon, 28 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Wed, 30 Nov 2022 13:34:24 GMT
Date: Wed, 30 Nov 2022 07:34:24 GMT
Connection: keep-alive

push.services.mozilla.com/

44.237.93.5

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
44.237.93.5:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: iUej4VPeO6irWgcpU/oHug==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: NShZVUhVs5diS2G1JFg2x3Kp6os=

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3105
Expires: Wed, 30 Nov 2022 08:26:10 GMT
Date: Wed, 30 Nov 2022 07:34:25 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3105
Expires: Wed, 30 Nov 2022 08:26:10 GMT
Date: Wed, 30 Nov 2022 07:34:25 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3105
Expires: Wed, 30 Nov 2022 08:26:10 GMT
Date: Wed, 30 Nov 2022 07:34:25 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48df8a6f-5803-4ce0-ab84-1efc8ca3e251.jpeg

34.120.237.76

200 OK

8.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48df8a6f-5803-4ce0-ab84-1efc8ca3e251.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.9 kB (8885 bytes)
Hash
8825a2c5c0d98323f489e0b816b7f1d8
05f46985ea4ace57460120876da8e19db08857b3
1d12590a78b32146d6f1d107fb93bdb6cb45228d15babd087c0111495d7138e1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48df8a6f-5803-4ce0-ab84-1efc8ca3e251.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8885
x-amzn-requestid: 67e1ba67-b4fb-42c8-985d-f34164101c7b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhIGGtloAMFxjw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867bcd-295995bb1123430c55659fe3;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:38:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: d64lSE184IwrwZKVC8KOUINEBclth9b7xRGV9T1uNfAptgXz0bxKhw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:14:25 GMT
age: 33600
etag: "05f46985ea4ace57460120876da8e19db08857b3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13e1db4e-7108-464a-85b6-24ac0c4609f9.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.3 kB (9330 bytes)
Hash
bbe350ea797a0fec5a19a450fc5de4b4
2f3a39a528d3b759060203931de33c12303592e1
4d661dac2e19e07ae15d0f8cf00bd268c6c2defb2f5e4de38fcb6e7031dfd605

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13e1db4e-7108-464a-85b6-24ac0c4609f9.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9330
x-amzn-requestid: 3fad352d-7664-43e0-9395-e840f671ca61
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgFQFIdoAMFSmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a21-5e9847852f8435231d401fe6;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: mCEtSOenWKxay4vNy5mN9cexxXKXKt7TMuLaLw-M86tLKwQ2MwuxPg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:11:32 GMT
age: 33773
etag: "2f3a39a528d3b759060203931de33c12303592e1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29e8368b-e5a8-4256-a456-b724e13819e4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10068 bytes)
Hash
f621857774e4b4adda95f58081644859
639165dc66d171b8266f22cd495181427112bc80
341fd33d3d9486079c182d60e21c355244b6597e6e09ba51ecee2e331b38ca2e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29e8368b-e5a8-4256-a456-b724e13819e4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10068
x-amzn-requestid: 7f386e94-3c17-44a1-a36b-3d0eeff4623d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhGvEQQoAMFihA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867bc4-5069acfd038ffb2c124b7bd8;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:38:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Ec2HkhHmHE2ddGBpLsJ5Rn7SCMjyR5kzaTyrguDoI9xOohgsCi08CQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:44:26 GMT
age: 35399
etag: "639165dc66d171b8266f22cd495181427112bc80"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.palmsbet.com/affiliate/?marketingCode=PB-0115&banID=&brand=ecasino&ns=wffpm6p01tlbo7rk2767fuig&clickid=wffpm6p01tlbo7rk2767fuig&pages=new-free-spins-everyday

104.26.6.160

200 OK

8.7 kB

URL HTTP/2
www.palmsbet.com/affiliate/?marketingCode=PB-0115&banID=&brand=ecasino&ns=wffpm6p01tlbo7rk2767fuig&clickid=wffpm6p01tlbo7rk2767fuig&pages=new-free-spins-everyday
IP
104.26.6.160:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1639), with CRLF line terminators
Size
8.7 kB (8717 bytes)
Hash
5f9b7d0f3a1287e7da06248a170b714d
00572a60cf02d2a0b07046ae38e32c7ca1b6fe03
f826439e732b8dcaa6847d22b99309a03725e961f16b12a3036fa7da58aacc97

HTTP Headers

GET /affiliate/?marketingCode=PB-0115&banID=&brand=ecasino&ns=wffpm6p01tlbo7rk2767fuig&clickid=wffpm6p01tlbo7rk2767fuig&pages=new-free-spins-everyday HTTP/1.1
Host: www.palmsbet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Wed, 30 Nov 2022 07:34:23 GMT
content-type: text/html
last-modified: Tue, 23 Nov 2021 13:23:59 GMT
cache-control: no-store
access-control-allow-credentials: true
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'none'
x-xss-protection: 1
x-frame-options: DENY
strict-transport-security: max-age=63072000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HRHhRnL8fZZlYtapdyq7b%2FXJuqA45NH3%2F%2Fnxmu10QcVOdcQZ45S7O4Ie84FJ8EpdzujKyB%2FeugDc%2F3Wr1ecpMTpskRq1AmG1DORzmbmrIRtOJ49X8BXW%2BYJwimGLOw%2BfoE8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7721e67cebd3b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde294fb7-e851-4e57-83be-aa3374862dcb.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.0 kB (7971 bytes)
Hash
9e135c29a8769eb12ef8c26f99097400
87447d20e9c0a6a6aeefe6ca107f93cd3598cd0d
ce41ff79c382efc54aa2fd3ab64293d2d2b706a7f21585f4bd8bbcd9a3566126

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde294fb7-e851-4e57-83be-aa3374862dcb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7971
x-amzn-requestid: e47d10e4-2b60-4998-b5fa-5b145e60aac2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhgWHgGoAMFcLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867c68-5b9710a07b0a59730e73dce4;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:40:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: OURSF_raDXrHV3-3ScaEdorNpW9ZKSIQjv6WUCQYHhruGz372BU_QA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:11:32 GMT
age: 33773
etag: "87447d20e9c0a6a6aeefe6ca107f93cd3598cd0d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.8 kB (4803 bytes)
Hash
cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iFHoIAMF2-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CJiSRzIK7-rQE81gaP2We0LhgKX1YmuJKEGYEqW34Bm1KMx6NB8yhQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 23:32:45 GMT
age: 28900
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4/3NyyQ-iGzDY

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/3NyyQ-iGzDY
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
1f535ee4e819ac7b7578739db9cd3e95
2b9af45e349a4e0e8bef83869b5114d6c4639321
ecd3415462178f0d44b25b5a8d13b55a6d14f3f97f4f98c999bc8f35cdfa0c77

HTTP Headers

POST /s/gts1d4/3NyyQ-iGzDY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 07:34:29 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

click.trafficguard.ai/?organisation_id=palmsbet_affiliate&property_id=tg-007126-001&source_id=PB-0115&campaign_id=&site_id=&partner_click_id=wffpm6p01tlbo7rk2767fuig&keyword=wffpm6p01tlbo7rk2767fuig&click_time=2022-11-30%2009-34-24&destination_url=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fnew-free-spins-everyday%2F%3FmarketingCode%3DPB-0115

35.201.93.108

302 Found

300 B

URL HTTP/2
click.trafficguard.ai/?organisation_id=palmsbet_affiliate&property_id=tg-007126-001&source_id=PB-0115&campaign_id=&site_id=&partner_click_id=wffpm6p01tlbo7rk2767fuig&keyword=wffpm6p01tlbo7rk2767fuig&click_time=2022-11-30%2009-34-24&destination_url=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fnew-free-spins-everyday%2F%3FmarketingCode%3DPB-0115
IP
35.201.93.108:0
ASN
#15169 GOOGLE

File type
HTML document, ASCII text, with no line terminators
Size
300 B (300 bytes)
Hash
21703a5ed4c4b4f56aad76cee4b0ceb9
120d820b86e9d878c8b2c7c139cf7894e1a2cf21
300927d9a38cfcc64412e1c999c3a8bbe33f1774b2f50594e5df4e356df01394

HTTP Headers

GET /?organisation_id=palmsbet_affiliate&property_id=tg-007126-001&source_id=PB-0115&campaign_id=&site_id=&partner_click_id=wffpm6p01tlbo7rk2767fuig&keyword=wffpm6p01tlbo7rk2767fuig&click_time=2022-11-30%2009-34-24&destination_url=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fnew-free-spins-everyday%2F%3FmarketingCode%3DPB-0115 HTTP/1.1
Host: click.trafficguard.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.palmsbet.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
expect-ct: max-age=0, report-uri="https://trafficguard.report-uri.com/r/d/ct/reportOnly"
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: geid=0c010045-46e3-4a4d-b500-268863870785; Domain=.trafficguard.ai; Path=/; Expires=Thu, 30 Nov 2023 07:34:29 GMT; HttpOnly; Secure; SameSite=None
geid-legacy=0c010045-46e3-4a4d-b500-268863870785; Domain=.trafficguard.ai; Path=/; Expires=Thu, 30 Nov 2023 07:34:29 GMT; HttpOnly
DC_27f0dd1cd8fd1ea7a1331b53d10294e0=YBcx/OqBG22pZSxyFkFSHKaS71uirLlShk8cXu4pwwTm/7f4jqIU9SfxspfZaMUIRbJ9C6mlw+YXJoiewv+enXulaJJ0qvYamLdQaMT10gxlHYdHXzYkExSCdbqS9I08lBkwIt/E; Domain=.trafficguard.ai; Path=/; Expires=Thu, 01 Dec 2022 07:34:29 GMT; HttpOnly; Secure; SameSite=None
DC_27f0dd1cd8fd1ea7a1331b53d10294e0-legacy=YBcx/OqBG22pZSxyFkFSHKaS71uirLlShk8cXu4pwwTm/7f4jqIU9SfxspfZaMUIRbJ9C6mlw+YXJoiewv+enXulaJJ0qvYamLdQaMT10gxlHYdHXzYkExSCdbqS9I08lBkwIt/E; Domain=.trafficguard.ai; Path=/; Expires=Thu, 01 Dec 2022 07:34:29 GMT; HttpOnly
location: https://www.palmsbet.com/bg/pages/new-free-spins-everyday/?marketingCode=PB-0115&tgclid=02010001-89d9-4a19-8a00-015063870785
vary: Accept
content-type: text/html; charset=utf-8
content-length: 300
date: Wed, 30 Nov 2022 07:34:29 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4/3NyyQ-iGzDY

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/3NyyQ-iGzDY
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
1f535ee4e819ac7b7578739db9cd3e95
2b9af45e349a4e0e8bef83869b5114d6c4639321
ecd3415462178f0d44b25b5a8d13b55a6d14f3f97f4f98c999bc8f35cdfa0c77

HTTP Headers

POST /s/gts1d4/3NyyQ-iGzDY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 07:34:29 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

support.palmsbet.com/affiliate/?marketingCode=PB-0115&banID=&brand=ecasino&ns=wffpm6p01tlbo7rk2767fuig&clickid=wffpm6p01tlbo7rk2767fuig&pages=new-free-spins-everyday&or_ref=

78.128.60.140

302 Found

160 kB

URL HTTP/2
support.palmsbet.com/affiliate/?marketingCode=PB-0115&banID=&brand=ecasino&ns=wffpm6p01tlbo7rk2767fuig&clickid=wffpm6p01tlbo7rk2767fuig&pages=new-free-spins-everyday&or_ref=
IP
78.128.60.140:0
ASN
#31083 Telepoint Ltd

File type
data
Size
160 kB (160393 bytes)
Hash
481bb8ccb90efaefccbe688e1f746c31
df9484373e9a61129e40387392880332e8a9c56e
4b65460e6257c1edf058acc34c53eeb1c2b18f8769ae6b75afc461eb90756266

HTTP Headers

GET /affiliate/?marketingCode=PB-0115&banID=&brand=ecasino&ns=wffpm6p01tlbo7rk2767fuig&clickid=wffpm6p01tlbo7rk2767fuig&pages=new-free-spins-everyday&or_ref= HTTP/1.1
Host: support.palmsbet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.palmsbet.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site

HTTP/2 302 Found
content-encoding: gzip
vary: Accept-Encoding,Origin
set-cookie: affClick=%7B%22marketingCode%22%3A%22PB-0115%22%2C%22banID%22%3A%22%22%2C%22clickid%22%3A%22wffpm6p01tlbo7rk2767fuig%22%2C%22ns%22%3A%22wffpm6p01tlbo7rk2767fuig%22%7D; expires=Fri, 30-Dec-2022 07:34:29 GMT; Max-Age=2592000; path=/; domain=palmsbet.com
marketingCode=PB-0115; expires=Fri, 30-Dec-2022 07:34:29 GMT; Max-Age=2592000; path=/; domain=palmsbet.com
location: https://click.trafficguard.ai/?organisation_id=palmsbet_affiliate&property_id=tg-007126-001&source_id=PB-0115&campaign_id=&site_id=&partner_click_id=wffpm6p01tlbo7rk2767fuig&keyword=wffpm6p01tlbo7rk2767fuig&click_time=2022-11-30 09-34-24&destination_url=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fnew-free-spins-everyday%2F%3FmarketingCode%3DPB-0115
content-type: text/html; charset=UTF-8
date: Wed, 30 Nov 2022 07:34:24 GMT
server: Apache
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
146dac10a93604a686550631e14eefb9
b4af601ce6d515d9ec124938ce626060e0d43099
bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 07:34:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
33f732b4dfbd5fb3ed7345eba2896fe6
2652f214cf7127302cc65b1d4e42f48a80907d5d
904ce722469d356f8ec20c14bd51ca3ce459012ea0869f7d14821a963310a494

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 07:34:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtm.js?id=GTM-W23TMFB

142.250.74.72

200 OK

73 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-W23TMFB
IP
142.250.74.72:0
ASN
#15169 GOOGLE

File type
Unicode text, UTF-8 text, with very long lines (8066)
Size
73 kB (72806 bytes)
Hash
6a910866ce882bd9809a41e7778cc357
3e6b944ade82313a43a663375f7ca483a7a0b842
d31d08dd744c55d1807715a2afdde9fcf882bf237db6f7a84deed66a5fa401cf

HTTP Headers

GET /gtm.js?id=GTM-W23TMFB HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.palmsbet.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 07:34:29 GMT
expires: Wed, 30 Nov 2022 07:34:29 GMT
cache-control: private, max-age=900
last-modified: Wed, 30 Nov 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 72806
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

3.9 kB

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
3.9 kB (3908 bytes)
Hash
240950020775ece6ff6579ded9be7d77
67d16d7760428f26465f0e6218b5e3e69a98f3b6
465d11c41fb6df47b25c59487421ad5ff1b32924971dd3afcddee9c2ab2f203a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 07:34:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/s/gts1d4/X8hj4uttkxY

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/X8hj4uttkxY
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c4ae147c1be2aca49b635d2046ce8ac1
a0bba966e43293ad7bf4f69e08207b017af768ed
a7c94481a9670a488873367ba497ded4de3ad9b154107a920116ef39c2e45963

HTTP Headers

POST /s/gts1d4/X8hj4uttkxY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 07:34:30 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap

142.250.74.106

200 OK

1.1 kB

URL HTTP/2
fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
data
Size
1.1 kB (1129 bytes)
Hash
c2e418236eea5202567a5d7b804af980
310889c7445ffbaad0f1e1c514014c1e1c246c80
eae4ff08e478d7a845d207427913ff07834675c7db4edd4540af79ea497d8b36

HTTP Headers

GET /css2?family=Roboto:wght@400;500;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.palmsbet.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 30 Nov 2022 07:34:29 GMT
date: Wed, 30 Nov 2022 07:34:29 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

tgtag.io/tg.js?pid=tg-g-007125-001

34.120.230.83

200 OK

23 kB

URL HTTP/2
tgtag.io/tg.js?pid=tg-g-007125-001
IP
34.120.230.83:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (65536), with no line terminators
Size
23 kB (22911 bytes)
Hash
cfffd74b48546d88c118bff3b99e69e9
225eb858efa2879a3ae972217570002b789de2ee
01ef1b99f097840ede7da334f0eb707c36e6c347e94945fe3af0130662eba15d

HTTP Headers

GET /tg.js?pid=tg-g-007125-001 HTTP/1.1
Host: tgtag.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.palmsbet.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-guploader-uploadid: ADPycdsS6k0XOGcAPlUdTqKQ0-9P6e--MJ65C4LEScEfTx0PInRng8nT7EJ_sJifMkLsx0XWTYjPzZ7Mda8QT9H-SiWixVSdMFyt
x-goog-generation: 1669119975750510
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 22911
content-encoding: gzip
x-goog-hash: crc32c=gZfjqw==, md5=z//XS0hUbYjBGL/zuZ5p6Q==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 22911
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Access-Control-Allow-Origin
server: UploadServer
date: Tue, 29 Nov 2022 12:29:46 GMT
expires: Wed, 30 Nov 2022 12:29:46 GMT
cache-control: public, no-transform, max-age=86400, s-maxage=86400
age: 68684
last-modified: Tue, 22 Nov 2022 12:26:15 GMT
etag: "cfffd74b48546d88c118bff3b99e69e9"
content-type: application/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4/X8hj4uttkxY

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/X8hj4uttkxY
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c4ae147c1be2aca49b635d2046ce8ac1
a0bba966e43293ad7bf4f69e08207b017af768ed
a7c94481a9670a488873367ba497ded4de3ad9b154107a920116ef39c2e45963

HTTP Headers

POST /s/gts1d4/X8hj4uttkxY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 07:34:30 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4b470d898d2b9f278b6ec072b3f336cf
1570b2d97beb377b0a424044be2075ec0a262851
b73f51f344b0c221e7bcc239083809a5a1030f9893db5b9ddb7741df1bde495b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 07:34:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/s/gts1d4/vKqCWYpZukg

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/vKqCWYpZukg
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
98fd631c320a5500c1f238f44733838e
2f8b1cee6ecd77750b4462f75d03a1b22a0ff0a0
c4e144cd4939b782a6e4ff0af2246c5947d0e2a55606593623ab78399183e5d4

HTTP Headers

POST /s/gts1d4/vKqCWYpZukg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 07:34:30 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

512974245.fls.doubleclick.net/activityi;src=512974245;type=invmedia;cat=allvi0;ord=1;num=3681252616532;gtm=2wgbs0;auiddc=1567728239.1669793669;~oref=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fnew-free-spins-everyday%2F%3FmarketingCode%3DPB-0115%26tgclid%3D02010001-89d9-4a19-8a00-015063870785?

142.250.74.70

200 OK

316 B

URL HTTP/2
512974245.fls.doubleclick.net/activityi;src=512974245;type=invmedia;cat=allvi0;ord=1;num=3681252616532;gtm=2wgbs0;auiddc=1567728239.1669793669;~oref=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fnew-free-spins-everyday%2F%3FmarketingCode%3DPB-0115%26tgclid%3D02010001-89d9-4a19-8a00-015063870785?
IP
142.250.74.70:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (570), with no line terminators
Size
316 B (316 bytes)
Hash
bc0f2f54dd41677d115292c736b7689d
6be36ef05471d80e7205905ad5a98bd9a5ee5129
d849c23403219a124f8f164d49cdb48a780b988c7de8940ac41354e5dc54e08d

HTTP Headers

GET /activityi;src=512974245;type=invmedia;cat=allvi0;ord=1;num=3681252616532;gtm=2wgbs0;auiddc=1567728239.1669793669;~oref=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fnew-free-spins-everyday%2F%3FmarketingCode%3DPB-0115%26tgclid%3D02010001-89d9-4a19-8a00-015063870785? HTTP/1.1
Host: 512974245.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.palmsbet.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 30 Nov 2022 07:34:30 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 316
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 30-Nov-2022 07:49:30 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

1.1 kB

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
1.1 kB (1078 bytes)
Hash
218c441b31d4161b1c0c7c52cc0088c3
b2cac1f26201620c614265d49dd16645ae6559c3
da7cb1be3cca976b2479dab3aa369a83282b2dd273e80881c22bd1441d828d9f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 07:34:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
cd528f6c2c45e38c52095a73a9cd8c68
dca2df874a830edac932136d474453c18d933024
4c7e75aaccb4b74e227ada3b56829f52cb7f14ad05454f7bd6eccf3e94185218

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 07:34:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

api.trafficguard.ai/tg-g-007125-001/api/v4/client-side/validate/event

34.120.121.20

200 OK

3.1 kB

URL HTTP/2
api.trafficguard.ai/tg-g-007125-001/api/v4/client-side/validate/event
IP
34.120.121.20:0
ASN
#15169 GOOGLE

File type
data
Size
3.1 kB (3144 bytes)
Hash
23027ff772628c3ce0e7f582e4b270a3
3e59b9bce3ce79c657436ead87755a74b39af757
cdc425a69f01a8b70be04a7631b5a08bd15f7426daf48b61afa0aa5457e8f885

HTTP Headers

POST /tg-g-007125-001/api/v4/client-side/validate/event HTTP/1.1
Host: api.trafficguard.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.palmsbet.com/
Content-Type: application/x-www-form-urlencoded;charset=UTF-8
Content-Length: 2399
Origin: https://www.palmsbet.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
expect-ct: max-age=0, report-uri="https://trafficguard.report-uri.com/r/d/ct/reportOnly"
x-xss-protection: 0
x-content-type-options: nosniff
access-control-allow-origin: https://www.palmsbet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Requested-With, Access-Control-Allow-Origin, Access-Control-Allow-Credentials
set-cookie: geid=09010030-08aa-4478-b500-04c663870786; Domain=.trafficguard.ai; Path=/; Expires=Thu, 30 Nov 2023 07:34:30 GMT; HttpOnly; Secure; SameSite=None
geid-legacy=09010030-08aa-4478-b500-04c663870786; Domain=.trafficguard.ai; Path=/; Expires=Thu, 30 Nov 2023 07:34:30 GMT; HttpOnly
content-type: application/json; charset=utf-8
content-length: 61
etag: W/"3d-+VrgqwIBqu+GaYyaxm1oD9TgRqA"
date: Wed, 30 Nov 2022 07:34:30 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

adservice.google.com/ddm/fls/i/src=512974245;type=invmedia;cat=allvi0;ord=1;num=3681252616532;gtm=2wgbs0;auiddc=1567728239.1669793669;~oref=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fnew-free-spins-everyday%2F%3FmarketingCode%3DPB-0115%26tgclid%3D02010001-89d9-4a19-8a00-015063870785

142.250.74.2

200 OK

317 B

URL HTTP/2
adservice.google.com/ddm/fls/i/src=512974245;type=invmedia;cat=allvi0;ord=1;num=3681252616532;gtm=2wgbs0;auiddc=1567728239.1669793669;~oref=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fnew-free-spins-everyday%2F%3FmarketingCode%3DPB-0115%26tgclid%3D02010001-89d9-4a19-8a00-015063870785
IP
142.250.74.2:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (569), with no line terminators
Size
317 B (317 bytes)
Hash
c7344454c01755bf1a485e40ca194853
883b66410e50df150f8810a976ab7ca10abb66f5
fcfb8155251baff15e8c66a2359d8b399db52b9851dfddbd3d3b11a418c6b78a

HTTP Headers

GET /ddm/fls/i/src=512974245;type=invmedia;cat=allvi0;ord=1;num=3681252616532;gtm=2wgbs0;auiddc=1567728239.1669793669;~oref=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fnew-free-spins-everyday%2F%3FmarketingCode%3DPB-0115%26tgclid%3D02010001-89d9-4a19-8a00-015063870785 HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://512974245.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 30 Nov 2022 07:34:30 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 317
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4/vKqCWYpZukg

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/vKqCWYpZukg
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
98fd631c320a5500c1f238f44733838e
2f8b1cee6ecd77750b4462f75d03a1b22a0ff0a0
c4e144cd4939b782a6e4ff0af2246c5947d0e2a55606593623ab78399183e5d4

HTTP Headers

POST /s/gts1d4/vKqCWYpZukg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 07:34:30 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
cd528f6c2c45e38c52095a73a9cd8c68
dca2df874a830edac932136d474453c18d933024
4c7e75aaccb4b74e227ada3b56829f52cb7f14ad05454f7bd6eccf3e94185218

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 07:34:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3402a11f28d369c1ad537c8e44ba5568
17c9fc852ca71dc4d46f786537adda4ee0e9a3ef
dd142866516f3293fab9f67f092d37b70c39fc58512734c8e88dab5c5faf7264

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 07:34:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

adservice.google.no/ddm/fls/i/src=512974245;type=invmedia;cat=allvi0;ord=1;num=3681252616532;gtm=2wgbs0;auiddc=1567728239.1669793669;~oref=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fnew-free-spins-everyday%2F%3FmarketingCode%3DPB-0115%26tgclid%3D02010001-89d9-4a19-8a00-015063870785

142.250.74.98

200 OK

85 B

URL HTTP/2
adservice.google.no/ddm/fls/i/src=512974245;type=invmedia;cat=allvi0;ord=1;num=3681252616532;gtm=2wgbs0;auiddc=1567728239.1669793669;~oref=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fnew-free-spins-everyday%2F%3FmarketingCode%3DPB-0115%26tgclid%3D02010001-89d9-4a19-8a00-015063870785
IP
142.250.74.98:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Size
85 B (85 bytes)
Hash
4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb

HTTP Headers

GET /ddm/fls/i/src=512974245;type=invmedia;cat=allvi0;ord=1;num=3681252616532;gtm=2wgbs0;auiddc=1567728239.1669793669;~oref=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fnew-free-spins-everyday%2F%3FmarketingCode%3DPB-0115%26tgclid%3D02010001-89d9-4a19-8a00-015063870785 HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 30 Nov 2022 07:34:30 GMT
expires: Wed, 30 Nov 2022 07:34:30 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3402a11f28d369c1ad537c8e44ba5568
17c9fc852ca71dc4d46f786537adda4ee0e9a3ef
dd142866516f3293fab9f67f092d37b70c39fc58512734c8e88dab5c5faf7264

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 07:34:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.palmsbet.top/uploads/40-100FS_1920x600_bg.jpg

78.128.8.67

200 OK

308 kB

URL HTTP/2
www.palmsbet.top/uploads/40-100FS_1920x600_bg.jpg
IP
78.128.8.67:0
ASN
#31083 Telepoint Ltd

File type
JPEG image data, progressive, precision 8, 1920x600, components 3\012- data
Size
308 kB (308032 bytes)
Hash
55736382775243c5e481ef7b6d1c4b46
eb3106bb4a63e4af01701a427e528d80720c1262
7b9c4d4cce3c3fd971c463dd43891f945f60b59b5b51fe1ea0885e663ff6c2ee

HTTP Headers

GET /uploads/40-100FS_1920x600_bg.jpg HTTP/1.1
Host: www.palmsbet.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.palmsbet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 07 Dec 2022 07:34:31 GMT
content-type: image/jpeg
last-modified: Mon, 17 Oct 2022 06:53:42 GMT
accept-ranges: bytes
content-length: 308032
date: Wed, 30 Nov 2022 07:34:31 GMT
server: LiteSpeed
access-control-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="39,43,46", h3-Q039=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-23=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
c3c6fcc1a6ec6e438b371359a220d437
646d2c502eb3579d0c394dbdd16ef10f60f43063
5e75d86847b64e661c218e63d1b4b2c4a9ade7506b3b50fce16dd39ebaa5c5fe

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4980
Cache-Control: max-age=98336
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 07:34:30 GMT
Etag: "6385d132-1d7"
Expires: Thu, 01 Dec 2022 10:53:26 GMT
Last-Modified: Tue, 29 Nov 2022 09:30:26 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
eacb9365a3f376b65d82ce111de73ae5
13df90d1a00481469916e2facf9d3b3d178e8bb8
58a55d3cef32a31b312230ecc7701e5fd284c608b096069cff0cfb47858b3509

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4991
Cache-Control: max-age=135429
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 07:34:31 GMT
Etag: "6386620d-1d7"
Expires: Thu, 01 Dec 2022 21:11:40 GMT
Last-Modified: Tue, 29 Nov 2022 19:48:29 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471

www.google-analytics.com/analytics.js

216.58.207.206

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
216.58.207.206:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.palmsbet.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Wed, 30 Nov 2022 06:41:08 GMT
expires: Wed, 30 Nov 2022 08:41:08 GMT
cache-control: public, max-age=7200
age: 3203
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

connect.facebook.net/en_US/fbevents.js

31.13.72.12

200 OK

34 kB

URL HTTP/2
connect.facebook.net/en_US/fbevents.js
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
data
Size
34 kB (33842 bytes)
Hash
cbe3addf9d45d7f4db52259dc1795508
46e0c769254e753049e227104410492864339f48
82c697cc03a356e12d6892ae48041be8f703cc95cf65364b7454b1087200961c

HTTP Headers

GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.palmsbet.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: sG63SkOf518vNGiDMWxXME3A+DK7+XgjNhhZfpPLO+5tiSb5CsgasEG3uSTjGewSaOSFDpwCl0hnDOePIn5PzA==
priority: u=3,i
content-length: 27340
x-fb-trip-id: 1904183273
date: Wed, 30 Nov 2022 07:34:31 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

region1.google-analytics.com/g/collect?v=2&tid=G-JRG87C8CG6&gtm=2oebs0&_p=779041217&cid=831053755.1669793669&ul=en-us&sr=1280x1024&_s=1&sid=1669793669&sct=1&seg=0&dl=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fnew-free-spins-everyday%2F%3FmarketingCode%3DPB-0115%26tgclid%3D02010001-89d9-4a19-8a00-015063870785&dr=https%3A%2F%2Fwww.palmsbet.com%2F&dt=Palms%20Bet%20-%20%D1%81%D0%BF%D0%BE%D1%80%D1%82%D0%BD%D0%B8%20%D0%B7%D0%B0%D0%BB%D0%BE%D0%B7%D0%B8%20%D0%B8%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BA%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE&en=page_view&_fv=1&_nsi=1&_ss=1

216.239.34.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-JRG87C8CG6&gtm=2oebs0&_p=779041217&cid=831053755.1669793669&ul=en-us&sr=1280x1024&_s=1&sid=1669793669&sct=1&seg=0&dl=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fnew-free-spins-everyday%2F%3FmarketingCode%3DPB-0115%26tgclid%3D02010001-89d9-4a19-8a00-015063870785&dr=https%3A%2F%2Fwww.palmsbet.com%2F&dt=Palms%20Bet%20-%20%D1%81%D0%BF%D0%BE%D1%80%D1%82%D0%BD%D0%B8%20%D0%B7%D0%B0%D0%BB%D0%BE%D0%B7%D0%B8%20%D0%B8%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BA%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE&en=page_view&_fv=1&_nsi=1&_ss=1
IP
216.239.34.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-JRG87C8CG6&gtm=2oebs0&_p=779041217&cid=831053755.1669793669&ul=en-us&sr=1280x1024&_s=1&sid=1669793669&sct=1&seg=0&dl=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fnew-free-spins-everyday%2F%3FmarketingCode%3DPB-0115%26tgclid%3D02010001-89d9-4a19-8a00-015063870785&dr=https%3A%2F%2Fwww.palmsbet.com%2F&dt=Palms%20Bet%20-%20%D1%81%D0%BF%D0%BE%D1%80%D1%82%D0%BD%D0%B8%20%D0%B7%D0%B0%D0%BB%D0%BE%D0%B7%D0%B8%20%D0%B8%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BA%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.palmsbet.com/
Origin: https://www.palmsbet.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://www.palmsbet.com
date: Wed, 30 Nov 2022 07:34:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
c3c6fcc1a6ec6e438b371359a220d437
646d2c502eb3579d0c394dbdd16ef10f60f43063
5e75d86847b64e661c218e63d1b4b2c4a9ade7506b3b50fce16dd39ebaa5c5fe

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4981
Cache-Control: max-age=98336
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 07:34:31 GMT
Etag: "6385d132-1d7"
Expires: Thu, 01 Dec 2022 10:53:27 GMT
Last-Modified: Tue, 29 Nov 2022 09:30:26 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5d950b70d3b1532276ed817249b72618
dca7faf727b8afdd481c8f8bcc3e9129fdadadc3
afe3fbe5f269179e18a66ca806664b7f96b903150b364129e2f2b30087198e34

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 07:34:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-99030406-1&cid=831053755.1669793669&jid=255375619&gjid=1570338059&_gid=1430365406.1669793670&_u=YCDAgEABAAAAAEAAI~&z=1214279799

64.233.165.154

200 OK

4 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-99030406-1&cid=831053755.1669793669&jid=255375619&gjid=1570338059&_gid=1430365406.1669793670&_u=YCDAgEABAAAAAEAAI~&z=1214279799
IP
64.233.165.154:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-99030406-1&cid=831053755.1669793669&jid=255375619&gjid=1570338059&_gid=1430365406.1669793670&_u=YCDAgEABAAAAAEAAI~&z=1214279799 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.palmsbet.com/
Content-Type: text/plain
Content-Length: 0
Origin: https://www.palmsbet.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://www.palmsbet.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 30 Nov 2022 07:34:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5d950b70d3b1532276ed817249b72618
dca7faf727b8afdd481c8f8bcc3e9129fdadadc3
afe3fbe5f269179e18a66ca806664b7f96b903150b364129e2f2b30087198e34

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 07:34:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.facebook.com/tr/?id=1297212827064514&ev=PageView&dl=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fnew-free-spins-everyday%2F%3FmarketingCode%3DPB-0115%26tgclid%3D02010001-89d9-4a19-8a00-015063870785&rl=https%3A%2F%2Fwww.palmsbet.com%2F&if=false&ts=1669793670190&sw=1280&sh=1024&v=2.9.89&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1669793670189.251993331&it=1669793669967&coo=false&rqm=GET

31.13.72.36

200 OK

0 B

URL HTTP/2
www.facebook.com/tr/?id=1297212827064514&ev=PageView&dl=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fnew-free-spins-everyday%2F%3FmarketingCode%3DPB-0115%26tgclid%3D02010001-89d9-4a19-8a00-015063870785&rl=https%3A%2F%2Fwww.palmsbet.com%2F&if=false&ts=1669793670190&sw=1280&sh=1024&v=2.9.89&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1669793670189.251993331&it=1669793669967&coo=false&rqm=GET
IP
31.13.72.36:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tr/?id=1297212827064514&ev=PageView&dl=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fnew-free-spins-everyday%2F%3FmarketingCode%3DPB-0115%26tgclid%3D02010001-89d9-4a19-8a00-015063870785&rl=https%3A%2F%2Fwww.palmsbet.com%2F&if=false&ts=1669793670190&sw=1280&sh=1024&v=2.9.89&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1669793670189.251993331&it=1669793669967&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.palmsbet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin: 
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Wed, 30 Nov 2022 07:34:31 GMT
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8f58cd30443a495eed3ec0d9827550c1
fd0f53d2acc63ae015b7b42155136ade5841ebc7
333a3cae36081ea37371e32dc9587faacfda5970daa476b3b36cd6f587ce1594

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 07:34:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-99030406-1&cid=831053755.1669793669&jid=255375619&_u=YCDAgEABAAAAAEAAI~&z=1628519501

142.250.74.163

200 OK

42 B

URL HTTP/2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-99030406-1&cid=831053755.1669793669&jid=255375619&_u=YCDAgEABAAAAAEAAI~&z=1628519501
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-99030406-1&cid=831053755.1669793669&jid=255375619&_u=YCDAgEABAAAAAEAAI~&z=1628519501 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.palmsbet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 30 Nov 2022 07:34:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-99030406-1&cid=831053755.1669793669&jid=255375619&_u=YCDAgEABAAAAAEAAI~&z=1628519501

142.250.74.132

200 OK

42 B

URL HTTP/2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-99030406-1&cid=831053755.1669793669&jid=255375619&_u=YCDAgEABAAAAAEAAI~&z=1628519501
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-99030406-1&cid=831053755.1669793669&jid=255375619&_u=YCDAgEABAAAAAEAAI~&z=1628519501 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.palmsbet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 30 Nov 2022 07:34:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
579792b4967de213eb972b9c019e0ebd
7be6f21e99cd795223dd27562bb95cf2be368f80
599fbdca15c154ed6e4be13dd53ad1bf00877a9847e3cd2208718ad0e41fd975

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 07:34:31 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 27 Nov 2022 15:29:14 GMT
Expires: Sun, 04 Dec 2022 15:29:13 GMT
Etag: "7be6f21e99cd795223dd27562bb95cf2be368f80"
Cache-Control: max-age=373481,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7721e6ae3af4b4f4-OSL

sdk-cdn.optimove.net/websdk/sdk-v2.0.js

35.201.79.141

200 OK

16 kB

URL HTTP/2
sdk-cdn.optimove.net/websdk/sdk-v2.0.js
IP
35.201.79.141:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (48491)
Size
16 kB (16535 bytes)
Hash
29d13246b2ba53847a79715d95699630
3ec5c543a282c21c2c7f9a5e1d09a3ca8eeada4d
72c3f3249b441974d9a6c232a6775b7952ebdd237402b1bdb7483691db29160b

HTTP Headers

GET /websdk/sdk-v2.0.js HTTP/1.1
Host: sdk-cdn.optimove.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.palmsbet.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-guploader-uploadid: ADPycduqroecWJRsysFb4BDckcsqoocynXw2DSGbOuxVv7XkZVUGxBS3Zhxz7aYgxrWZ385sEDIufcIr_ph-Im3-xerATCvoMNTx
x-goog-generation: 1659950707998011
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 16535
content-encoding: gzip
x-goog-hash: crc32c=xz9KiA==, md5=KdEyRrK6U4R6eXFdlWmWMA==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 16535
server: UploadServer
date: Tue, 29 Nov 2022 08:12:38 GMT
age: 84113
last-modified: Mon, 08 Aug 2022 09:25:08 GMT
etag: "29d13246b2ba53847a79715d95699630"
content-type: application/javascript
cache-control: public,max-age=3600,no-transform
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

sdk-cdn.optimove.net/webconfig/f6a9d2d8264c44578514f5b495966bf8/web-configuration.1.0.0.js

35.201.79.141

200 OK

7.4 kB

URL HTTP/2
sdk-cdn.optimove.net/webconfig/f6a9d2d8264c44578514f5b495966bf8/web-configuration.1.0.0.js
IP
35.201.79.141:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (65536), with no line terminators
Size
7.4 kB (7395 bytes)
Hash
6ef5502de1551676a78d22248a8789f2
8c19ee7439e77ac78c7d29ba0f4f6c0d6e0e8825
d8d17a8442df6d3a826404b111678d75f47b0175d63619a7bb4b8c77920829d5

HTTP Headers

GET /webconfig/f6a9d2d8264c44578514f5b495966bf8/web-configuration.1.0.0.js HTTP/1.1
Host: sdk-cdn.optimove.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.palmsbet.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-guploader-uploadid: ADPycduybiazYuyYxewSNyPsCh87PI8LNr77dLgrwokhrQhOfENrjqKAufhqJGqoeOgKGXJ2HASobXMCd0Zi4bV8k-wvhHyoZjFx
x-goog-generation: 1668781807960534
x-goog-metageneration: 3
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 7395
content-encoding: gzip
x-goog-hash: crc32c=d05O7w==, md5=bvVQLeFVFnanjSIkioeJ8g==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 7395
server: UploadServer
date: Wed, 30 Nov 2022 07:30:58 GMT
age: 213
last-modified: Fri, 18 Nov 2022 14:30:08 GMT
etag: "6ef5502de1551676a78d22248a8789f2"
content-type: application/json
cache-control: public,max-age=300,no-transform
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

17 kB

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
17 kB (16682 bytes)
Hash
a630cff794f2c34269071e9cf3c8469b
7c5549e115a325af353f17d134b362d8bb049c9e
efc6e008e85df43a77ebc3dcf01acfc77a58e54cac85f2f18dc516848977d16a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 07:34:31 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 27 Nov 2022 15:29:14 GMT
Expires: Sun, 04 Dec 2022 15:29:13 GMT
Etag: "7be6f21e99cd795223dd27562bb95cf2be368f80"
Cache-Control: max-age=373481,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7721e6aedbc4b4f4-OSL

stream-683.optimove.net/

107.154.132.121

204 No Content

0 B

URL HTTP/2
stream-683.optimove.net/
IP
107.154.132.121:0
ASN
#19551 INCAPSULA

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS / HTTP/1.1
Host: stream-683.optimove.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-request-id
Referer: https://www.palmsbet.com/
Origin: https://www.palmsbet.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
vary: Access-Control-Request-Headers
access-control-allow-headers: content-type,x-request-id
access-control-max-age: 86400
content-length: 0
date: Wed, 30 Nov 2022 07:34:31 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
set-cookie: visid_incap_2816538=gcoImEJPQXKD8q+WIBwFEF4Hh2MAAAAAQUIPAAAAAADEVKDsyJvrGXrE61pLE+cO; expires=Wed, 29 Nov 2023 22:33:35 GMT; HttpOnly; path=/; Domain=.optimove.net
incap_ses_721_2816538=4s6/deeoOWjGNyTx84EBCocHh2MAAAAACZBUp0MCtGAZ/6mRaunxhA==; path=/; Domain=.optimove.net
x-cdn: Imperva
x-iinfo: 14-66052665-66052671 NNNY CT(1 13 0) RT(1669793671031 30) q(0 0 0 0) r(0 0) U6
X-Firefox-Spdy: h2

sdkuaservice.optimove.net/

34.102.240.186

200 OK

361 B

URL HTTP/2
sdkuaservice.optimove.net/
IP
34.102.240.186:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text
Size
361 B (361 bytes)
Hash
3083d0e97d9681d8731856bcc2d38dc0
0d962f0c4fd88ef4e6613e5ea47e5998f13ac636
eb902e82d3845ac4d70e6edd86509b810996391fce4434547483a457b34f0e1f

HTTP Headers

GET / HTTP/1.1
Host: sdkuaservice.optimove.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.palmsbet.com/
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Origin: https://www.palmsbet.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-powered-by: Express
access-control-allow-origin: *
content-type: application/json
date: Wed, 30 Nov 2022 07:34:31 GMT
content-length: 361
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

realtime-683.optimove.net/reportEvent

107.154.132.121

204 No Content

0 B

URL HTTP/2
realtime-683.optimove.net/reportEvent
IP
107.154.132.121:0
ASN
#19551 INCAPSULA

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /reportEvent HTTP/1.1
Host: realtime-683.optimove.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-request-id
Referer: https://www.palmsbet.com/
Origin: https://www.palmsbet.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
vary: Access-Control-Request-Headers
access-control-allow-headers: content-type,x-request-id
access-control-max-age: 86400
content-length: 0
date: Wed, 30 Nov 2022 07:34:31 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
set-cookie: visid_incap_2819049=j+rHFyGNSe61+nlbJ6goIV4Hh2MAAAAAQUIPAAAAAADHio6sSIG52beXH+XYADxD; expires=Wed, 29 Nov 2023 22:33:35 GMT; HttpOnly; path=/; Domain=.optimove.net
incap_ses_721_2819049=XYjbLpWggjTRNyTx84EBCocHh2MAAAAA/OOdBt3SXcgUmPdNgAdH7Q==; path=/; Domain=.optimove.net
x-cdn: Imperva
x-iinfo: 14-66052665-66052676 NNNY CT(2 11 0) RT(1669793671031 180) q(0 0 0 0) r(0 0) U6
X-Firefox-Spdy: h2

track.adform.net/Serving/TrackPoint/?CC=1&pm=2130909&ADFPageName=WebsiteName%7CSectionName%7CSubSection%7CPageName&ADFdivider=%7C&ord=84099030885&ADFtpmode=2&loc=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fnew-free-spins-everyday%2F%3FmarketingCode%3DPB-0115%26tgclid%3D02010001-89d9-4a19-8a00-015063870785&CPref=https%3A%2F%2Fwww.palmsbet.com%2F&Set1=en-US%7Cen-US%7C1280x1024%7C24

37.157.6.252

200 OK

202 B

URL HTTP/2
track.adform.net/Serving/TrackPoint/?CC=1&pm=2130909&ADFPageName=WebsiteName%7CSectionName%7CSubSection%7CPageName&ADFdivider=%7C&ord=84099030885&ADFtpmode=2&loc=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fnew-free-spins-everyday%2F%3FmarketingCode%3DPB-0115%26tgclid%3D02010001-89d9-4a19-8a00-015063870785&CPref=https%3A%2F%2Fwww.palmsbet.com%2F&Set1=en-US%7Cen-US%7C1280x1024%7C24
IP
37.157.6.252:0
ASN
#198622 Adform A/S

File type
ASCII text, with CRLF line terminators
Size
202 B (202 bytes)
Hash
0910f1abc8fcd706ba1278cad9a23fe3
38de7284014fd13ae7fdbd53646123d38cc7be1f
768de2d43497a5871d7097af63cb3fb25a18923887e5303a2d3d092bc750b911

HTTP Headers

GET /Serving/TrackPoint/?CC=1&pm=2130909&ADFPageName=WebsiteName%7CSectionName%7CSubSection%7CPageName&ADFdivider=%7C&ord=84099030885&ADFtpmode=2&loc=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fnew-free-spins-everyday%2F%3FmarketingCode%3DPB-0115%26tgclid%3D02010001-89d9-4a19-8a00-015063870785&CPref=https%3A%2F%2Fwww.palmsbet.com%2F&Set1=en-US%7Cen-US%7C1280x1024%7C24 HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.palmsbet.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 07:34:31 GMT
content-type: text/javascript; charset=utf-8
content-length: 202
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2484e281de15404ef0a0df84a8d55d70
b4a654a212cd203213412375f5c02089ddecfaa2
b385bd2a89d2126c1d58461c99ea18b06fbe9f332052931d14e2505f8b0fefd9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B385BD2A89D2126C1D58461C99EA18B06FBE9F332052931D14E2505F8B0FEFD9"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19741
Expires: Wed, 30 Nov 2022 13:03:33 GMT
Date: Wed, 30 Nov 2022 07:34:32 GMT
Connection: keep-alive

bg.search.etargetnet.com/j/?h=a10d7cc080adb592

195.168.10.173

200 OK

20 B

URL HTTP/1.1
bg.search.etargetnet.com/j/?h=a10d7cc080adb592
IP
195.168.10.173:0
ASN
#5578 SWAN, a.s.

File type
data
Size
20 B (20 bytes)
Hash
a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

HTTP Headers

GET /j/?h=a10d7cc080adb592 HTTP/1.1
Host: bg.search.etargetnet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.palmsbet.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 07:34:32 GMT
Content-Type: application/javascript; charset=windows-1250
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
access-control-allow-origin: https://www.palmsbet.com
access-control-allow-credentials: true
Expires: Wed, 30 Nov 2022 09:34:32 GMT
Pragma: cache
Cache-Control: max-age=7200
X-Protected-By: Bee/0.61
Set-Cookie: euvh=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; samesite=none; domain=.etargetnet.com; secure
euvh=A; expires=Sat, 31-Dec-2022 07:34:32 GMT; Max-Age=2678400; path=/; samesite=none; domain=.etargetnet.com; secure
ckf=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; samesite=none; domain=.etargetnet.com; secure
ckf=1; expires=Thu, 30-Nov-2023 07:34:32 GMT; Max-Age=31536000; path=/; samesite=none; domain=.etargetnet.com; secure
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM", policyref="/w3c/p3p.xml"
Y-Protected-By: Bulbasaur/blade2-01.etarget.sk
Content-Encoding: gzip

s2.adform.net/banners/scripts/st/trackpoint-async.js

37.157.2.247

200 OK

0 B

URL HTTP/2
s2.adform.net/banners/scripts/st/trackpoint-async.js
IP
37.157.2.247:0
ASN
#198622 Adform A/S

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /banners/scripts/st/trackpoint-async.js HTTP/1.1
Host: s2.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.palmsbet.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 07:34:31 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 29 Nov 2022 10:23:25 GMT
x-rgw-object-type: Normal
etag: W/"83eb5fafaa212c785f7393188ff817aa"
x-amz-request-id: tx00000b607f2982f72f17d-006385e0d3-3293868f-default
access-control-allow-origin: *
cache-control: public, max-age=604800
x-cache-status: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

track.adform.net/Serving/TrackPoint/?pm=2130909&ADFPageName=WebsiteName%7CSectionName%7CSubSection%7CPageName&ADFdivider=%7C&ord=84099030885&ADFtpmode=2&loc=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fnew-free-spins-everyday%2F%3FmarketingCode%3DPB-0115%26tgclid%3D02010001-89d9-4a19-8a00-015063870785&CPref=https%3A%2F%2Fwww.palmsbet.com%2F&Set1=en-US%7Cen-US%7C1280x1024%7C24

37.157.6.252

302 Found

0 B

URL HTTP/2
track.adform.net/Serving/TrackPoint/?pm=2130909&ADFPageName=WebsiteName%7CSectionName%7CSubSection%7CPageName&ADFdivider=%7C&ord=84099030885&ADFtpmode=2&loc=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fnew-free-spins-everyday%2F%3FmarketingCode%3DPB-0115%26tgclid%3D02010001-89d9-4a19-8a00-015063870785&CPref=https%3A%2F%2Fwww.palmsbet.com%2F&Set1=en-US%7Cen-US%7C1280x1024%7C24
IP
37.157.6.252:0
ASN
#198622 Adform A/S

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /Serving/TrackPoint/?pm=2130909&ADFPageName=WebsiteName%7CSectionName%7CSubSection%7CPageName&ADFdivider=%7C&ord=84099030885&ADFtpmode=2&loc=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fnew-free-spins-everyday%2F%3FmarketingCode%3DPB-0115%26tgclid%3D02010001-89d9-4a19-8a00-015063870785&CPref=https%3A%2F%2Fwww.palmsbet.com%2F&Set1=en-US%7Cen-US%7C1280x1024%7C24 HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.palmsbet.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 30 Nov 2022 07:34:31 GMT
content-type: text/html; charset=utf-8
location: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2130909&ADFPageName=WebsiteName%7CSectionName%7CSubSection%7CPageName&ADFdivider=%7C&ord=84099030885&ADFtpmode=2&loc=https%3A%2F%2Fwww.palmsbet.com%2Fbg%2Fpages%2Fnew-free-spins-everyday%2F%3FmarketingCode%3DPB-0115%26tgclid%3D02010001-89d9-4a19-8a00-015063870785&CPref=https%3A%2F%2Fwww.palmsbet.com%2F&Set1=en-US%7Cen-US%7C1280x1024%7C24
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-origin: *
set-cookie: C=1; domain=adform.net; expires=Fri, 30-Dec-2022 07:34:31 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

stream-683.optimove.net/

107.154.132.121

200 OK

0 B

URL HTTP/2
stream-683.optimove.net/
IP
107.154.132.121:0
ASN
#19551 INCAPSULA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST / HTTP/1.1
Host: stream-683.optimove.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.palmsbet.com/
Content-Type: application/json
X-Request-ID: 36687e78-5b93-4770-b871-c0b1f13a82bf
Origin: https://www.palmsbet.com
Content-Length: 672
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-powered-by: Express
access-control-allow-origin: *
content-type: application/json; charset=utf-8
etag: W/"31-Jc+4R2J7nCAo9Nvg9VbH8fkDeOE"
date: Wed, 30 Nov 2022 07:34:31 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
set-cookie: visid_incap_2816538=/2Sp51dNTpSyJb1RLcTsEYcHh2MAAAAAQUIPAAAAAAB8LwOf4mI/S6EhGyubteL4; expires=Wed, 29 Nov 2023 22:33:35 GMT; HttpOnly; path=/; Domain=.optimove.net
incap_ses_721_2816538=eMZQD1WMN3S5PyTx84EBCocHh2MAAAAAIIExFtYU5W/QRs1TFz6JwQ==; path=/; Domain=.optimove.net
x-cdn: Imperva
content-encoding: gzip
x-iinfo: 14-66052665-66052671 PNYy RT(1669793671031 70) q(0 0 0 -1) r(0 0) U6
X-Firefox-Spdy: h2

realtime-683.optimove.net/reportEvent

107.154.132.121

200 OK

0 B

URL HTTP/2
realtime-683.optimove.net/reportEvent
IP
107.154.132.121:0
ASN
#19551 INCAPSULA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /reportEvent HTTP/1.1
Host: realtime-683.optimove.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.palmsbet.com/
Content-Type: application/json
X-Request-ID: 6c7d0e9d-0627-4b72-89e6-9d33fa96bb29
Origin: https://www.palmsbet.com
Content-Length: 672
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With,Content-Type
content-type: application/json
date: Wed, 30 Nov 2022 07:34:31 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
set-cookie: visid_incap_2819049=N9grj9FuRj2ijRWz89jwzYcHh2MAAAAAQUIPAAAAAAA3PZF41Ch/npptKLufy1bp; expires=Wed, 29 Nov 2023 22:33:35 GMT; HttpOnly; path=/; Domain=.optimove.net
incap_ses_721_2819049=rhQFJ1xeoHHEPyTx84EBCocHh2MAAAAAq+qOMgvKHUN7EV0e40X5pQ==; path=/; Domain=.optimove.net
x-cdn: Imperva
content-encoding: gzip
x-iinfo: 14-66052665-66052676 PNYy RT(1669793671031 222) q(0 0 0 -1) r(0 0) U6
X-Firefox-Spdy: h2

track.adform.net/serving/scripts/trackpoint/async/

37.157.6.252

301 Moved Permanently

0 B

URL HTTP/2
track.adform.net/serving/scripts/trackpoint/async/
IP
37.157.6.252:0
ASN
#198622 Adform A/S

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /serving/scripts/trackpoint/async/ HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.palmsbet.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 30 Nov 2022 07:34:31 GMT
content-type: text/html
location: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (28)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations