r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9fbe85f42e8ae8ae41cc12df5f98b141
949fa36ff0f22f72565fd584bef094dd4de23037
184d3e4df4bce559b4d7c4836372f5fd2de9782a96b04d364230b7d695d737d8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "184D3E4DF4BCE559B4D7C4836372F5FD2DE9782A96B04D364230B7D695D737D8"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12411
Expires: Fri, 27 Jan 2023 03:04:47 GMT
Date: Thu, 26 Jan 2023 23:37:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2405562765b49b2782ebd2e2994851d5
be7ac8e558f7875bb1fb86ab5ec674424a5ff269
422cfa907461cb7b93b9089d600052f9e94951e5e0c93d97651905002e48ad3e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "422CFA907461CB7B93B9089D600052F9E94951E5E0C93D97651905002E48AD3E"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14308
Expires: Fri, 27 Jan 2023 03:36:24 GMT
Date: Thu, 26 Jan 2023 23:37:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 69f73ac59327cd9ad7d99816ccfcc03e
c54844f82dbee0d5ee4c8ce344eb0139373e6c6b
e81c685b2d8f0e31b89e5cfc911a2c5a99a556646830ac5a8468d991b5e871a3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E81C685B2D8F0E31B89E5CFC911A2C5A99A556646830AC5A8468D991B5E871A3"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7100
Expires: Fri, 27 Jan 2023 01:36:17 GMT
Date: Thu, 26 Jan 2023 23:37:57 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 26 Jan 2023 23:35:18 GMT
content-type: application/json
age: 159
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 2esJScy5Uv3ccIL2oa0bDkDPXm9wqENIB5mATeXMCDGkOS/bx8BURnhI3U78Y6nF4WUwCDl48zk=
x-amz-request-id: 644NGP3AXJBYN8H4
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 26 Jan 2023 23:20:18 GMT
age: 1059
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 23:37:57 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 26 Jan 2023 23:24:53 GMT
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
age: 784
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c398b6b39d11d25b8ae9bc5cd94a1c98
640aa8c399ced71d0c2a9f5a90fbaf091b01d642
a6f07f7c6a4746acc25457c726701df33120628dfb578bc4982448d8efee5855
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A6F07F7C6A4746ACC25457C726701DF33120628DFB578BC4982448D8EFEE5855"
Last-Modified: Tue, 24 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8743
Expires: Fri, 27 Jan 2023 02:03:40 GMT
Date: Thu, 26 Jan 2023 23:37:57 GMT
Connection: keep-alive
push.services.mozilla.com/
54.184.253.181101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.184.253.181:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 1yRoClWy6Xo+Hsq7Oj87Ww==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: q/2Exx33TVj4zaSDXvVB6zQXgOs=
ww1.yokkasoft.net/
64.190.63.136200 OK 1.3 kB IP 64.190.63.136:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (692)
Hash 1783ab4251f909ad3a57757f86d84fd9
2c8660b467fee24b7b38d4a57ad400c06500473a
2025094ad3c3ea820b55e5211ffcc1c0855901d69d8763eed51dc6830d9a9aaf
GET / HTTP/1.1
Host: ww1.yokkasoft.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
date: Thu, 26 Jan 2023 23:37:58 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
vary: Accept-Encoding
x-powered-by: PHP/8.1.9
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_Byime2k5H75LO09hEuH1xhqkR+IbC5co+0D4GG3Y9Nw2svMn4jAueS1tjbk/Z5UkFKsDWhn+UHZcfF1PBHcu9w==
last-modified: Thu, 26 Jan 2023 23:37:57 GMT
x-cache-miss-from: parking-7649dfd87f-bmljp
server: NginX
content-encoding: gzip
img.sedoparking.com/images/js_preloader.gif
205.234.175.175200 OK 4.3 kB URL HTTP/1.1 img.sedoparking.com/images/js_preloader.gif
IP 205.234.175.175:0
File type GIF image data, version 89a, 16 x 16\012- data
Hash 90c93102a88c2ab94bff1575b7a6e86e
56d71bf13de464534643db9d127629a0a3bf677a
5f6ad7031600056b578a6e8c6b34bc718d13125cc8256aa4a9050e549576f81a
GET /images/js_preloader.gif HTTP/1.1
Host: img.sedoparking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww1.yokkasoft.net/
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 23:37:58 GMT
Content-Type: image/gif
Content-Length: 4254
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Expires: Thu, 02 Feb 2023 23:37:58 GMT
X-CFHash: "90c93102a88c2ab94bff1575b7a6e86e"
X-CFF: B
Last-Modified: Fri, 15 Mar 2019 12:24:07 GMT
X-CF3: M
CF4Age: 0
x-cf-tsc: 1672141863
CF4ttl: 31536000.000
X-CF2: H
Server: CFS 0215
X-CF-ReqID: 7e3c7529e030564f9fad0bdcb9c27c24
X-CF1: 11696:fA.arn1:cf:cacheN.arn1-01:H
Accept-Ranges: bytes
ww1.yokkasoft.net/search/tsc.php?200=NDU1ODQ5NDAy&21=OTEuOTAuNDIuMTU0&681=MTY3NDc3NjI3OGZhY2Q3OWU1NWYwZGFhNmQ1Njc2NThhYzQ4Njc5NDU4&crc=7e440a36ef19cd002e971b7a23d6e1cdd3b00dce&cv=1
64.190.63.136200 OK 0 B URL HTTP/1.1 ww1.yokkasoft.net/search/tsc.php?200=NDU1ODQ5NDAy&21=OTEuOTAuNDIuMTU0&681=MTY3NDc3NjI3OGZhY2Q3OWU1NWYwZGFhNmQ1Njc2NThhYzQ4Njc5NDU4&crc=7e440a36ef19cd002e971b7a23d6e1cdd3b00dce&cv=1
IP 64.190.63.136:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /search/tsc.php?200=NDU1ODQ5NDAy&21=OTEuOTAuNDIuMTU0&681=MTY3NDc3NjI3OGZhY2Q3OWU1NWYwZGFhNmQ1Njc2NThhYzQ4Njc5NDU4&crc=7e440a36ef19cd002e971b7a23d6e1cdd3b00dce&cv=1 HTTP/1.1
Host: ww1.yokkasoft.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww1.yokkasoft.net/
HTTP/1.1 200 OK
date: Thu, 26 Jan 2023 23:37:58 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-powered-by: PHP/8.1.9
x-cache-miss-from: parking-7649dfd87f-24nt6
server: NginX
ww1.yokkasoft.net/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D5UJA%2A%2AVYS8g_0&v=Y2FhYjc0MjRiNzUwNDMyMWM2NzEzM2Y2OWMwMmJjMzEJMQl3dzEueW9ra2Fzb2Z0Lm5ldDYzZDMwZWQ1MjU0NGQyLjE4NjkzMTEzCXd3MS55b2trYXNvZnQubmV0NjNkMzBlZDUyNTQ5ZTguMzQ5MDQzODgJMTY3NDc3NjI3OAlhZF82M18w&l=OAkxNTlkMzU5MzEzNThiYmFlZjI0MDA5YzFiMzdjZGEwZgkwCTM1CTAJYTYzYjEzYjUyNGIwNjNiZDc2YzM2ZmEwODQ4ZDZkMjAJNDU1ODQ5NDAyCXlva2thc29mdAkwCTYzCTYJMgkxNjc0Nzc2Mjc4CTAuMDAwNTUyCU4JMAkwCTAJMTIwNQk0MzgyMjg0MzgJOTEuOTAuNDIuMTU0CTA%3D
64.190.63.136302 Found 0 B URL HTTP/1.1 ww1.yokkasoft.net/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D5UJA%2A%2AVYS8g_0&v=Y2FhYjc0MjRiNzUwNDMyMWM2NzEzM2Y2OWMwMmJjMzEJMQl3dzEueW9ra2Fzb2Z0Lm5ldDYzZDMwZWQ1MjU0NGQyLjE4NjkzMTEzCXd3MS55b2trYXNvZnQubmV0NjNkMzBlZDUyNTQ5ZTguMzQ5MDQzODgJMTY3NDc3NjI3OAlhZF82M18w&l=OAkxNTlkMzU5MzEzNThiYmFlZjI0MDA5YzFiMzdjZGEwZgkwCTM1CTAJYTYzYjEzYjUyNGIwNjNiZDc2YzM2ZmEwODQ4ZDZkMjAJNDU1ODQ5NDAyCXlva2thc29mdAkwCTYzCTYJMgkxNjc0Nzc2Mjc4CTAuMDAwNTUyCU4JMAkwCTAJMTIwNQk0MzgyMjg0MzgJOTEuOTAuNDIuMTU0CTA%3D
IP 64.190.63.136:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D5UJA%2A%2AVYS8g_0&v=Y2FhYjc0MjRiNzUwNDMyMWM2NzEzM2Y2OWMwMmJjMzEJMQl3dzEueW9ra2Fzb2Z0Lm5ldDYzZDMwZWQ1MjU0NGQyLjE4NjkzMTEzCXd3MS55b2trYXNvZnQubmV0NjNkMzBlZDUyNTQ5ZTguMzQ5MDQzODgJMTY3NDc3NjI3OAlhZF82M18w&l=OAkxNTlkMzU5MzEzNThiYmFlZjI0MDA5YzFiMzdjZGEwZgkwCTM1CTAJYTYzYjEzYjUyNGIwNjNiZDc2YzM2ZmEwODQ4ZDZkMjAJNDU1ODQ5NDAyCXlva2thc29mdAkwCTYzCTYJMgkxNjc0Nzc2Mjc4CTAuMDAwNTUyCU4JMAkwCTAJMTIwNQk0MzgyMjg0MzgJOTEuOTAuNDIuMTU0CTA%3D HTTP/1.1
Host: ww1.yokkasoft.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww1.yokkasoft.net/
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
date: Thu, 26 Jan 2023 23:37:58 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-powered-by: PHP/8.1.9
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
last-modified: Thu, 26 Jan 2023 23:37:58 GMT
location: /search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D5UJA%2A%2AVYS8g_0&v=Y2FhYjc0MjRiNzUwNDMyMWM2NzEzM2Y2OWMwMmJjMzEJMQl3dzEueW9ra2Fzb2Z0Lm5ldDYzZDMwZWQ1MjU0NGQyLjE4NjkzMTEzCXd3MS55b2trYXNvZnQubmV0NjNkMzBlZDUyNTQ5ZTguMzQ5MDQzODgJMTY3NDc3NjI3OAlhZF82M18w&l=OAkxNTlkMzU5MzEzNThiYmFlZjI0MDA5YzFiMzdjZGEwZgkwCTM1CTAJYTYzYjEzYjUyNGIwNjNiZDc2YzM2ZmEwODQ4ZDZkMjAJNDU1ODQ5NDAyCXlva2thc29mdAkwCTYzCTYJMgkxNjc0Nzc2Mjc4CTAuMDAwNTUyCU4JMAkwCTAJMTIwNQk0MzgyMjg0MzgJOTEuOTAuNDIuMTU0CTA%3D
x-cache-miss-from: parking-7649dfd87f-fkmp4
server: NginX
ww1.yokkasoft.net/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D5UJA%2A%2AVYS8g_0&v=Y2FhYjc0MjRiNzUwNDMyMWM2NzEzM2Y2OWMwMmJjMzEJMQl3dzEueW9ra2Fzb2Z0Lm5ldDYzZDMwZWQ1MjU0NGQyLjE4NjkzMTEzCXd3MS55b2trYXNvZnQubmV0NjNkMzBlZDUyNTQ5ZTguMzQ5MDQzODgJMTY3NDc3NjI3OAlhZF82M18w&l=OAkxNTlkMzU5MzEzNThiYmFlZjI0MDA5YzFiMzdjZGEwZgkwCTM1CTAJYTYzYjEzYjUyNGIwNjNiZDc2YzM2ZmEwODQ4ZDZkMjAJNDU1ODQ5NDAyCXlva2thc29mdAkwCTYzCTYJMgkxNjc0Nzc2Mjc4CTAuMDAwNTUyCU4JMAkwCTAJMTIwNQk0MzgyMjg0MzgJOTEuOTAuNDIuMTU0CTA%3D
64.190.63.136302 Found 311 B URL HTTP/1.1 ww1.yokkasoft.net/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D5UJA%2A%2AVYS8g_0&v=Y2FhYjc0MjRiNzUwNDMyMWM2NzEzM2Y2OWMwMmJjMzEJMQl3dzEueW9ra2Fzb2Z0Lm5ldDYzZDMwZWQ1MjU0NGQyLjE4NjkzMTEzCXd3MS55b2trYXNvZnQubmV0NjNkMzBlZDUyNTQ5ZTguMzQ5MDQzODgJMTY3NDc3NjI3OAlhZF82M18w&l=OAkxNTlkMzU5MzEzNThiYmFlZjI0MDA5YzFiMzdjZGEwZgkwCTM1CTAJYTYzYjEzYjUyNGIwNjNiZDc2YzM2ZmEwODQ4ZDZkMjAJNDU1ODQ5NDAyCXlva2thc29mdAkwCTYzCTYJMgkxNjc0Nzc2Mjc4CTAuMDAwNTUyCU4JMAkwCTAJMTIwNQk0MzgyMjg0MzgJOTEuOTAuNDIuMTU0CTA%3D
IP 64.190.63.136:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash d2f061da5d38ffc366a277df8e221640
e86c4fab53e105b5fd65aa8c346c2a4642809d12
3ded19ca76cec632933e1c62ab752650445c00540d8588028f92972bbe7a6fb7
GET /search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D5UJA%2A%2AVYS8g_0&v=Y2FhYjc0MjRiNzUwNDMyMWM2NzEzM2Y2OWMwMmJjMzEJMQl3dzEueW9ra2Fzb2Z0Lm5ldDYzZDMwZWQ1MjU0NGQyLjE4NjkzMTEzCXd3MS55b2trYXNvZnQubmV0NjNkMzBlZDUyNTQ5ZTguMzQ5MDQzODgJMTY3NDc3NjI3OAlhZF82M18w&l=OAkxNTlkMzU5MzEzNThiYmFlZjI0MDA5YzFiMzdjZGEwZgkwCTM1CTAJYTYzYjEzYjUyNGIwNjNiZDc2YzM2ZmEwODQ4ZDZkMjAJNDU1ODQ5NDAyCXlva2thc29mdAkwCTYzCTYJMgkxNjc0Nzc2Mjc4CTAuMDAwNTUyCU4JMAkwCTAJMTIwNQk0MzgyMjg0MzgJOTEuOTAuNDIuMTU0CTA%3D HTTP/1.1
Host: ww1.yokkasoft.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww1.yokkasoft.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
date: Thu, 26 Jan 2023 23:37:58 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
x-powered-by: PHP/8.1.9
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
last-modified: Thu, 26 Jan 2023 23:37:58 GMT
location: http://xml.sedodna.com/click?i=5UJA**VYS8g_0
x-cache-miss-from: parking-7649dfd87f-8jz64
server: NginX
xml.sedodna.com/click?i=5UJA**VYS8g_0
173.239.53.32302 Found 0 B URL HTTP/1.1 xml.sedodna.com/click?i=5UJA**VYS8g_0
IP 173.239.53.32:0
ASN #27257 WEBAIR-INTERNET
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?i=5UJA**VYS8g_0 HTTP/1.1
Host: xml.sedodna.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww1.yokkasoft.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Cache-Control: no-store
Content-Length: 0
Age: 0
Connection: keep-alive
Location: https://link.affiliates.cyber.bet/click?b=0&pid=8425&offer_id=53&l=1666276955&sub4=CYBERMAXCAS&sub8=_casino&sub6=1666276955&ref_id=2o043B6WGrI
Pragma: no-cache
link.affiliates.cyber.bet/click?b=0&pid=8425&offer_id=53&l=1666276955&sub4=CYBERMAXCAS&sub8=_casino&sub6=1666276955&ref_id=2o043B6WGrI
172.66.40.100302 Found 0 B URL HTTP/2 link.affiliates.cyber.bet/click?b=0&pid=8425&offer_id=53&l=1666276955&sub4=CYBERMAXCAS&sub8=_casino&sub6=1666276955&ref_id=2o043B6WGrI
IP 172.66.40.100:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?b=0&pid=8425&offer_id=53&l=1666276955&sub4=CYBERMAXCAS&sub8=_casino&sub6=1666276955&ref_id=2o043B6WGrI HTTP/1.1
Host: link.affiliates.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ww1.yokkasoft.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 26 Jan 2023 23:37:58 GMT
content-length: 0
location: https://cyber.bet/land/casino_red_pbn868/?cid=63d30ed64ea1cd00010fa3d7&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_casino&promocode=CYBERMAXCAS&subid2=&subid3=&aff_bnnr=&aff_land=1666276955
x-adjust-use-original-forwarded-for: 1
access-control-allow-origin: *
set-cookie: afclick=63d30ed64ea1cd00010fa3d7; expires=Fri, 26 Jan 2024 23:37:58 GMT; secure; SameSite=None
afoffers={"53":1674776278}; expires=Fri, 26 Jan 2024 23:37:58 GMT; secure; SameSite=None
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EomIYGF%2B5ycbwMj%2FxEA8aZRd7C6MzaD%2BxmWylOTfxpwTXdwhucI2H4hXtNOKE52nWHEJOPJZ35npuJVxhc4jFLmaktDh2xIWb9scbtlJSuFzyIj6w0%2F%2FRCUV0dBRAUEesOZEA0aXTmmvyNk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78fd145e0d8db4eb-OSL
X-Firefox-Spdy: h2
cyber.bet/land/casino_red_pbn868/css/style.css?v=1
172.66.40.100200 OK 1.4 kB URL HTTP/2 cyber.bet/land/casino_red_pbn868/css/style.css?v=1
IP 172.66.40.100:0
File type ASCII text, with very long lines (3797), with no line terminators
Hash 74bb1d5bdfa241f268aee9a06d9e6ee7
6217b14c5e2af63356159ddf1fbf7980684f0ba7
27fa22116f7098d0e0440d057b84583d17a670a0bdcab5a48ed810b42923ca06
Analyzer Verdict Alert fortinet Malware
GET /land/casino_red_pbn868/css/style.css?v=1 HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_red_pbn868/?cid=63d30ed64ea1cd00010fa3d7&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_casino&promocode=CYBERMAXCAS&subid2=&subid3=&aff_bnnr=&aff_land=1666276955
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:37:58 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=6020
etag: W/"63502f95-1784"
last-modified: Wed, 19 Oct 2022 17:10:45 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4740
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sRirzKWd9%2F%2BpJX9B4Rn3%2FRJfkGKKECRFe7mU2gH%2BpBC%2FwGXHBD7wlEN0%2F%2BCnOex6PGyDrHS7qWR9f9VgI%2BPXzDJ16kJpFJ3NGsS%2FQX7hPqd6MEoiFQMQU4ZHhA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fd145f6eafb4eb-OSL
content-encoding: br
X-Firefox-Spdy: h2
cyber.bet/land/casino_red_pbn868/css/form.css
172.66.40.100200 OK 2.0 kB URL HTTP/2 cyber.bet/land/casino_red_pbn868/css/form.css
IP 172.66.40.100:0
File type ASCII text, with very long lines (6780), with no line terminators
Hash 2f35fd6bc3f771c506256a8df6987be8
96397c9f2de2336adb6afc3122aafa0f4a693f89
143c59d54b473e682f0bff58a0bf15d1871e90ccd8e7ba73e8071d428a37a119
GET /land/casino_red_pbn868/css/form.css HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_red_pbn868/?cid=63d30ed64ea1cd00010fa3d7&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_casino&promocode=CYBERMAXCAS&subid2=&subid3=&aff_bnnr=&aff_land=1666276955
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:37:58 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=9305
etag: W/"63502f95-2459"
last-modified: Wed, 19 Oct 2022 17:10:45 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4740
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1wIxGRHcwgGkHwciO1KZfEDwRa0tTORfI1hEyXcQPPbS1V%2FpUZOSJ3W%2FjJrkTlGg6ysqPSK7N%2BqLT1vVDTfcczz3CF100LLV7lJ6AFcCr6O0FXqiw5IAPq4G%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fd145f6eb2b4eb-OSL
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2fd3b5487710791cafa87110d681647a
6f3de59c79cf8f93c3312d917e9bb225a8bb25f9
35c24aa8f70e97185a0a18761f04b283cefecdce3abcd2261ccc6377077730c5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35C24AA8F70E97185A0A18761F04B283CEFECDCE3ABCD2261CCC6377077730C5"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11817
Expires: Fri, 27 Jan 2023 02:54:56 GMT
Date: Thu, 26 Jan 2023 23:37:59 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c5c753e9f57be16e80f9d89df98d1818
9d4a172cc16beb64439ed3600377baad217be967
b00339d8e7490d7140522fdde843e0b168d3e19a624665dbd516da0425f32655
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "B00339D8E7490D7140522FDDE843E0B168D3E19A624665DBD516DA0425F32655"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3866
Expires: Fri, 27 Jan 2023 00:42:25 GMT
Date: Thu, 26 Jan 2023 23:37:59 GMT
Connection: keep-alive
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
142.250.74.74200 OK 31 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP 142.250.74.74:0
File type ASCII text, with very long lines (65451)
Hash 903bc7a7e510f87aa5d0201eb59a0832
ac9aa4dd94cde1bcba9037e94087138b127e41fc
41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 21 Jan 2023 15:00:01 GMT
expires: Sun, 21 Jan 2024 15:00:01 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 463078
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdnstatic.cyber.bet/css/payments.css
54.230.111.100200 OK 699 B URL HTTP/2 cdnstatic.cyber.bet/css/payments.css
IP 54.230.111.100:0
File type ASCII text, with CRLF line terminators
Hash 70e2a5d4745300aed2bfccf31551eb7f
c913b11b1f043706b73941110c33543f3c942cfb
f33896366d0d98962fd3e5b79963449dd3c1c3ea48e617e5b6d6bdb46e0c7022
GET /css/payments.css HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: text/css
content-length: 699
last-modified: Tue, 24 Jan 2023 12:10:32 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Thu, 26 Jan 2023 23:37:59 GMT
etag: "70e2a5d4745300aed2bfccf31551eb7f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: VYkK_L-zcxWc8MIvzSbCDmwZQTDj_Yco7RtzdM-RFeYOWTxp-MT9Zg==
age: 12
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2ebcc7cd4c50e87a984668828c1e612e
f693d36335f333e3647f9fb2460e34dd73e17421
27f1d63422ccd02a6af514c2c0a36ac6f4e0d6f74ad6d9fc8c32e8ea487ffe15
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 23:37:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
my.rtmark.net/p.js?f=sync&lr=1&partner=8e97412bbf131fc32a987c97dde0d541fb4fd37a10ecec825f7a91e7042f6f9f
139.45.195.8200 OK 697 B URL HTTP/2 my.rtmark.net/p.js?f=sync&lr=1&partner=8e97412bbf131fc32a987c97dde0d541fb4fd37a10ecec825f7a91e7042f6f9f
IP 139.45.195.8:0
Hash 5d4584e4549c2c67b3b1014412127d86
878b05105062900e6df717dba698aab39b9476d8
383fd07eb50f0e9605a08083c372046f06511da2037d6dd5c0301bb8478ec55b
GET /p.js?f=sync&lr=1&partner=8e97412bbf131fc32a987c97dde0d541fb4fd37a10ecec825f7a91e7042f6f9f HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 23:37:59 GMT
content-type: text/javascript
content-length: 697
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2ebcc7cd4c50e87a984668828c1e612e
f693d36335f333e3647f9fb2460e34dd73e17421
27f1d63422ccd02a6af514c2c0a36ac6f4e0d6f74ad6d9fc8c32e8ea487ffe15
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 23:37:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 82e3abc4a7b17efedca67cf215f4bb60
e20e55d87591af7db3a4bcfc429048f85e389b85
df8901d4d87686fb11e17986f5d53cf513f675b4dd71f0a2e35c7ffbefa7fb9e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 23:37:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9002
Expires: Fri, 27 Jan 2023 02:08:01 GMT
Date: Thu, 26 Jan 2023 23:37:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9002
Expires: Fri, 27 Jan 2023 02:08:01 GMT
Date: Thu, 26 Jan 2023 23:37:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9002
Expires: Fri, 27 Jan 2023 02:08:01 GMT
Date: Thu, 26 Jan 2023 23:37:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9002
Expires: Fri, 27 Jan 2023 02:08:01 GMT
Date: Thu, 26 Jan 2023 23:37:59 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b7a0759c043594fbe85af422b59b8227
a05cfaad16078f42218dae233da38f6f5dff8487
e898d6ef1b3998fb9322a8fc190069ec5f7b3582bfe8397a2367497d84a27549
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11568
x-amzn-requestid: 79b70f1f-a157-4dd4-8743-825714195b3c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e9T3UGA3oAMFSlQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c86695-36e60aba09c152c73b8aefcb;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 21:37:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: zt4bgV2C6Wb_Ufa5mZ7-UDTfCvhXJggPJw9668v5DEmyBnWZ-aNrCg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 23:01:22 GMT
age: 2197
etag: "a05cfaad16078f42218dae233da38f6f5dff8487"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5623b111-3a93-4843-8a40-550089a3d3eb.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5623b111-3a93-4843-8a40-550089a3d3eb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a5de6b54196befa95e9291a051c645d0
e3100707a4e9b1d5c30223d31f58cd6ee8ad010b
5bcc3dd7011df4e17d7ef86d892fedeca14b0d0eabbe782fecf35c9a82b25e40
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5623b111-3a93-4843-8a40-550089a3d3eb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7804
x-amzn-requestid: 4cd6ed50-202c-4e57-94db-cc6585dca5b1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fLQWuH20oAMFxzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cdfa91-05441777646d154650c97512;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 03:10:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: D6nD7sD6FQavjUir9rxJlh9U2reSno5qNQ0qQdG4iS6hscVfSHdBCQ==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 22:01:13 GMT
age: 5806
etag: "e3100707a4e9b1d5c30223d31f58cd6ee8ad010b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23169a26-33f3-4f92-9612-02bf2555d37c.jpeg
34.120.237.76200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23169a26-33f3-4f92-9612-02bf2555d37c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7d2506ac511dfbea29e29ab14ba10f85
b2e2972ffa82b103c62ffde0fca99454e12d95e6
fbe6f833114208d84033ba691a74da18d641e38f0f327c752333a339f1baae34
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23169a26-33f3-4f92-9612-02bf2555d37c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5263
x-amzn-requestid: ea2f25ff-f62a-4850-a9d1-72f26d817faf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fLzOkGtWoAMFV0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ce325d-39e5ed054ead447d3cedf047;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 07:08:13 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: BcMB1y0etnIGvZr54EllkdEOlahZGTjgrw2-3FYu3WET2f5lDLV1dw==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 21:24:02 GMT
age: 8037
etag: "b2e2972ffa82b103c62ffde0fca99454e12d95e6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47dfbf8f-d762-4550-83d7-2992a8c8fe66.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47dfbf8f-d762-4550-83d7-2992a8c8fe66.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bad60daf652c598a06510ff955137b69
235bf4642e726bb6a303fe1b69238e2e973414cb
d655c5ac17274a30a89c31674e14dc9c1b6bc39bfff94db1c9ff0d8006bb673b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47dfbf8f-d762-4550-83d7-2992a8c8fe66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12508
x-amzn-requestid: 68787c38-72fe-4d8a-9521-aeb9efa56b05
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fBYWyGIHoAMF-LQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ca075e-1ee9488d2dd0437728beac94;Sampled=0
x-amzn-remapped-date: Fri, 20 Jan 2023 03:15:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 2RZzMCqjRpKbm-g_6vAq1YV4LQ5RAB9HrkKCQx_ah4C6PnAzHZpKCg==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 18:49:04 GMT
age: 17335
etag: "235bf4642e726bb6a303fe1b69238e2e973414cb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd33883a9-7857-4110-892f-73f67db692bc.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd33883a9-7857-4110-892f-73f67db692bc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a85badd84c0542610b94f22c4f265511
5b490095b5e02d9fef4b762888353998b645dfc9
23d6d9848caf36f0556438c371f112b40dcbf9b08b8b27bd37d4d73960c701c1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd33883a9-7857-4110-892f-73f67db692bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9482
x-amzn-requestid: 825c5e6b-8fda-445e-9ed3-f5d634943c00
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fIZd0HqkIAMFn7g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ccd5f1-2b31fe3001a1b04a406ff7ff;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 06:21:37 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: i5KrM3iFZQcfmxq0qPhIUYRIqfWbEF8k9qmZAq8Fq_MTRX34HKiU8w==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 05:18:54 GMT
age: 65945
etag: "5b490095b5e02d9fef4b762888353998b645dfc9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbccadbe9-ae35-4a03-bf17-9342e0629c81.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbccadbe9-ae35-4a03-bf17-9342e0629c81.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6e96f3ea585b5fa8ed6446ed16e2b4b2
f90c205f370a2426dffe3c21b24bfa551b385556
6967ba25887f87200fcb39a3e6f065fd27596b2ebcf0d33a2751c655d6e724f2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbccadbe9-ae35-4a03-bf17-9342e0629c81.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4272
x-amzn-requestid: e051c22b-c2ec-4e59-b29b-ba1464d8015b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fRz28G13oAMFeeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d099c5-48b013ff34b9702a6d2fd560;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 02:53:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: X4SfAYS0JvW4sUNqSuBERNBwaI_xgKugxZ76_fsih_LSnImMC7Pnzg==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 12:54:20 GMT
age: 38619
etag: "f90c205f370a2426dffe3c21b24bfa551b385556"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:100,200,300,400,500,600,700,800,900&display=swap
142.250.74.106200 OK 73 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto:100,200,300,400,500,600,700,800,900&display=swap
IP 142.250.74.106:0
Hash 405a1d66352c50de55d265f304aa76e6
d3be29500271c6568e03b7eb76283bc5249af75c
e6feb798bf5c654da313af9b70c5332e055627355ac51b4fa1c6b30bc550d212
GET /css?family=Roboto:100,200,300,400,500,600,700,800,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 26 Jan 2023 23:37:59 GMT
date: Thu, 26 Jan 2023 23:37:59 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdnstatic.cyber.bet/css/global.css
54.230.111.100200 OK 4.7 kB URL HTTP/2 cdnstatic.cyber.bet/css/global.css
IP 54.230.111.100:0
File type ASCII text, with CRLF line terminators
Hash 1d710fedcd0ddfd6744b7011d3261d07
884abf5c059be6ddcdd9067c24c55f744d6df31f
47db4a55aeef076b5cc2c69bb230028feb69a8575b5a9651a1fa79e51990edb9
GET /css/global.css HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: text/css
content-length: 4746
vary: Accept-Encoding
date: Thu, 26 Jan 2023 23:38:00 GMT
last-modified: Tue, 24 Jan 2023 12:10:32 GMT
etag: "1d710fedcd0ddfd6744b7011d3261d07"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: m0mqdJJbRbO49QJiEZ1SViDtinV-qAFBBp3tvY5ikt2jvi7K-MhW1Q==
cache-control: no-store, no-cache, must-revalidate
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 82e3abc4a7b17efedca67cf215f4bb60
e20e55d87591af7db3a4bcfc429048f85e389b85
df8901d4d87686fb11e17986f5d53cf513f675b4dd71f0a2e35c7ffbefa7fb9e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 23:37:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cyber.bet/land/casino_red_pbn868/img/bg.jpg
172.66.40.100200 OK 85 kB URL HTTP/2 cyber.bet/land/casino_red_pbn868/img/bg.jpg
IP 172.66.40.100:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x939, components 3\012- data
Hash 98ba8ffcbd9e5560948fced0272a2f75
64d51f93a51c26638a66468801643e9edd8935c8
c2635b22ca2e9b3d82330a2bc4c6688f2e0a8901f12baaaa321182cb0bba2912
GET /land/casino_red_pbn868/img/bg.jpg HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_red_pbn868/css/style.css?v=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:37:59 GMT
content-type: image/jpeg
content-length: 84557
cf-bgj: h2pri
etag: "63502f95-14a4d"
last-modified: Wed, 19 Oct 2022 17:10:45 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4741
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Yep9D0eHwnI7hrMZ%2FNgG1engPkEjInvNIibTZ4%2FsCmFURfHLwm6u4zoe9Q92XoypmoWzfeydosHfOWRWzTZwd0s9joRa0cpqSoc9jNkpEbN1P56ZA5yC7n5%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fd1461984eb4eb-OSL
X-Firefox-Spdy: h2
cyber.bet/land/casino_red_pbn868/img/input.png
172.66.40.100200 OK 10 kB URL HTTP/2 cyber.bet/land/casino_red_pbn868/img/input.png
IP 172.66.40.100:0
File type PNG image data, 684 x 134, 8-bit/color RGBA, non-interlaced\012- data
Hash 029eb00d46a95ea9be209224c3d913db
6437f53a0ac6d920ce054424e379bc4035890d9f
2edf7d5caba07cf65cf390191d6e21b25a0510b09ea2809df2630515e7bccb7f
GET /land/casino_red_pbn868/img/input.png HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_red_pbn868/css/form.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:37:59 GMT
content-type: image/png
content-length: 10123
last-modified: Wed, 19 Oct 2022 17:10:45 GMT
etag: "63502f95-278b"
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4741
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZuYeUDeZjeM6TkdlMU2bVL4xNvaR7vasGZwUtftt72c40vxqVF3qHetx%2F4VlQjvFdYVITRTL5iWg0h0VeXpWQ7Zx7e1JnSvC%2FI1dHH6zx6H8ErMqzFggB9cNrA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fd1461a85ab4eb-OSL
X-Firefox-Spdy: h2
cyber.bet/land/casino_red_pbn868/img/left.png
172.66.40.100200 OK 110 kB URL HTTP/2 cyber.bet/land/casino_red_pbn868/img/left.png
IP 172.66.40.100:0
File type PNG image data, 989 x 972, 8-bit colormap, non-interlaced\012- data
Size 110 kB (110461 bytes)
Hash d6890ff06451abd5164dad583ab8383c
0391a449f196bf9ad13d577c5f390d2767ccd182
60c8d0be6f5252f41ebf504c5c4597fd460f31bd2b695884f69cc789168821cb
GET /land/casino_red_pbn868/img/left.png HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_red_pbn868/css/style.css?v=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:37:59 GMT
content-type: image/png
content-length: 110461
last-modified: Wed, 19 Oct 2022 17:10:45 GMT
etag: "63502f95-1af7d"
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3230
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uEtHwFmPSNzb6M%2B9miuON5F80qrXRvK18g%2BpL8E5rNdQx7uREQJpgXNjMnLOrgnZjGR991cp%2FpCTiK4RyGJK7eAstk%2F0P3tf6VITHq62SbjsskfWj4TKiUfO3A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fd14619850b4eb-OSL
X-Firefox-Spdy: h2
cyber.bet/land/casino_red_pbn868/img/right.png
172.66.40.100200 OK 121 kB URL HTTP/2 cyber.bet/land/casino_red_pbn868/img/right.png
IP 172.66.40.100:0
File type PNG image data, 1122 x 1045, 8-bit colormap, non-interlaced\012- data
Size 121 kB (121073 bytes)
Hash 1259004f61333ce5779efb3823458094
cc58a5562320e0dd696765532a5a910c51a6eee1
3b65805319f0f56c6ada3b09a76162b8293682d2e5a0fb2ba00a395dadbf36fc
GET /land/casino_red_pbn868/img/right.png HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_red_pbn868/css/style.css?v=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:37:59 GMT
content-type: image/png
content-length: 121073
last-modified: Wed, 19 Oct 2022 17:10:45 GMT
etag: "63502f95-1d8f1"
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3230
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4dwFc3hUEJv1iwXPDpu4Ty5ELywMNSDdYVVOdaZ3I5b5HOIiOqyRFXvlqstLI41dcODvY2iYt0CRWx1QzTECw9r%2F6NSMA8z42Dwe%2FNU9IInzH0wEw4C0mQ7%2Bag%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fd1461a856b4eb-OSL
X-Firefox-Spdy: h2
cyber.bet/land/casino_red_pbn868/img/promo.png
172.66.40.100200 OK 13 kB URL HTTP/2 cyber.bet/land/casino_red_pbn868/img/promo.png
IP 172.66.40.100:0
File type PNG image data, 684 x 134, 8-bit/color RGBA, non-interlaced\012- data
Hash 5798187ffb0edc7c4525a1415d9e03db
240b77c6c3c8c2a75d133c14907805d85def5588
93a1d190fd9a50423a0f7518a9147a2ef4cf969478056c6001c1124a0a1fe830
GET /land/casino_red_pbn868/img/promo.png HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_red_pbn868/css/form.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:37:59 GMT
content-type: image/png
content-length: 13216
last-modified: Wed, 19 Oct 2022 17:10:45 GMT
etag: "63502f95-33a0"
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4741
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UTt0B3txYOqsmoY5o5s%2BKE4dsRK0NDgsZNA4zUVYmnaRigifPdlYh4BOKiCbPkVHTCIXqw3w9AnjFFb38oTuwqPyS%2FYmebiY%2Fak8MelSM8edqwKy4c4Kpsg8PQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fd1461a861b4eb-OSL
X-Firefox-Spdy: h2
cdnstatic.cyber.bet/js/global.js
54.230.111.100200 OK 71 kB URL HTTP/2 cdnstatic.cyber.bet/js/global.js
IP 54.230.111.100:0
File type Unicode text, UTF-8 text, with very long lines (5000), with CRLF line terminators
Hash 8943965f22a29b6f800a98e0eaed584f
1cfa4c3d79808cce1785967a637819b88a9d11f5
3655c70a4699f50b8ffedcba2985671c7c8788b6a73e665e45515e6b8e69e3db
GET /js/global.js HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 70834
vary: Accept-Encoding
date: Thu, 26 Jan 2023 23:38:00 GMT
last-modified: Tue, 24 Jan 2023 12:10:35 GMT
etag: "8943965f22a29b6f800a98e0eaed584f"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: oriap_1t1hr5ntzeOFw664WR6XnQw5G6B1dRGI_cCNdBUpJk5qynOA==
cache-control: no-store, no-cache, must-revalidate
X-Firefox-Spdy: h2
cyber.bet/land/casino_red_pbn868/img/cb_picked.png
172.66.40.100200 OK 3.2 kB URL HTTP/2 cyber.bet/land/casino_red_pbn868/img/cb_picked.png
IP 172.66.40.100:0
File type PNG image data, 82 x 80, 8-bit/color RGBA, non-interlaced\012- data
Hash 774fc89cb9c8f999121c719e5f9f29df
d7d8ce07db925dc13908ea8c2c587fbb597c9eef
b1dd144f891842f0c1f19fff5c6ee14e4ab6ae491c7cac4aa2c2d7f156885bcb
GET /land/casino_red_pbn868/img/cb_picked.png HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_red_pbn868/css/form.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:37:59 GMT
content-type: image/png
content-length: 3193
last-modified: Wed, 19 Oct 2022 17:10:45 GMT
etag: "63502f95-c79"
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4741
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=niZJXsojKK0f2iWhm5%2FjKu49te%2BiaqTFn7cQV0oO%2FguQV7X8ehnbGdpxS2IPA4cuh2mLf4is2y5qJVkWL0J2i6%2Fo9WDnB0f%2BXoTqYZkIdpbLEW%2BFQS%2BQ6KQyUA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fd1461b873b4eb-OSL
X-Firefox-Spdy: h2
cyber.bet/land/casino_red_pbn868/img/cta.png
172.66.40.100200 OK 99 kB URL HTTP/2 cyber.bet/land/casino_red_pbn868/img/cta.png
IP 172.66.40.100:0
File type PNG image data, 1076 x 266, 8-bit/color RGBA, non-interlaced\012- data
Hash 6af15da4b150dd671aa73c54a5d000b2
1292d7e77d7ea538594b8f43527c1464a73e3ac6
383559b3e7496fbf5f0d7ebf89bb9fd90e149fee99bca2a0007224fed63ca51b
GET /land/casino_red_pbn868/img/cta.png HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_red_pbn868/css/form.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:37:59 GMT
content-type: image/png
content-length: 98590
last-modified: Wed, 19 Oct 2022 17:10:45 GMT
etag: "63502f95-1811e"
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4741
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BQehg4kpRm%2FurMEIF6QfFKzpyhHtATgE%2B%2BQkl%2FisYHdBY5T%2FCRYUK3%2FiXaUp52cfgXfy28MBBHwqRzLwU2xwMXAQb3LjWa0sacsnNDWvWsyBjzsE35UbEqCJRA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fd1461d882b4eb-OSL
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c5c753e9f57be16e80f9d89df98d1818
9d4a172cc16beb64439ed3600377baad217be967
b00339d8e7490d7140522fdde843e0b168d3e19a624665dbd516da0425f32655
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "B00339D8E7490D7140522FDDE843E0B168D3E19A624665DBD516DA0425F32655"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3866
Expires: Fri, 27 Jan 2023 00:42:25 GMT
Date: Thu, 26 Jan 2023 23:37:59 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d9bf2793558044193d7e5d27708a9144
5a8f73462cfda6544cc3efe488854c3cd80bb0a7
e1db5ce5f130aa6d6a1bf18da60fee5c6bb76625a26aef0fee67702e7209ef7e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 23:37:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d9bf2793558044193d7e5d27708a9144
5a8f73462cfda6544cc3efe488854c3cd80bb0a7
e1db5ce5f130aa6d6a1bf18da60fee5c6bb76625a26aef0fee67702e7209ef7e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 23:37:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cyber.bet/land/casino_red_pbn868/css/common.css
172.66.40.100200 OK 1.1 kB URL HTTP/2 cyber.bet/land/casino_red_pbn868/css/common.css
IP 172.66.40.100:0
File type ASCII text, with very long lines (1985), with no line terminators
Hash 7e09ea33c7fda42db32e0ced9feb3073
0da1de2c2eab69a7a59a65605b82d55de775b2ba
91a5b9ccd16192fdc7899a01affd2e8d08586312b4c7767d376197b8f760269d
GET /land/casino_red_pbn868/css/common.css HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_red_pbn868/?cid=63d30ed64ea1cd00010fa3d7&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_casino&promocode=CYBERMAXCAS&subid2=&subid3=&aff_bnnr=&aff_land=1666276955
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:37:58 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=2676
etag: W/"63502f95-a74"
last-modified: Wed, 19 Oct 2022 17:10:45 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4740
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GD7UerqB0wHU2%2BQ8yOkMzPC8VT%2FtPGAfAt2VqtT3ENJRe6NS5m6B3yxeUvmOgBiHWjMvRBazrnV8vhQB0YyZLlWjqEwKgpicgxmGNvDPRsv9GZQX3etqDRWxgA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fd145f6eaeb4eb-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d9bf2793558044193d7e5d27708a9144
5a8f73462cfda6544cc3efe488854c3cd80bb0a7
e1db5ce5f130aa6d6a1bf18da60fee5c6bb76625a26aef0fee67702e7209ef7e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 23:37:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cyber.bet/land/casino_red_pbn868/img/logo.svg
172.66.40.100200 OK 1.8 kB URL HTTP/2 cyber.bet/land/casino_red_pbn868/img/logo.svg
IP 172.66.40.100:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1777), with CRLF line terminators
Hash 61dc6fe3d6df31c5acb08905b7d154f0
262b74440f89cc431c881fef72e71bc20bdaa5e2
8f35d99924dd4fd67a4eaba92f204fa2280273d1b33b0c60a4facdf3c645c3ba
Analyzer Verdict Alert fortinet Malware
GET /land/casino_red_pbn868/img/logo.svg HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_red_pbn868/css/common.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:37:59 GMT
content-type: image/svg+xml
last-modified: Wed, 19 Oct 2022 17:10:45 GMT
etag: W/"63502f95-b67"
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4741
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mlWm%2B44SMWr0PvOHutLkURh%2F4NEfhclONpyil8IFPQEp9eU219Myl%2BRODq4BwFZTk9%2BazxsBr3NteA1g5ihLwslJrSHxlOqzT8e5ONaGtx5VUqXfMnYzxqdhDA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fd1461a857b4eb-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cyber.bet
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 19:33:54 GMT
expires: Thu, 25 Jan 2024 19:33:54 GMT
cache-control: public, max-age=31536000
age: 101045
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
my.rtmark.net/p.js?f=sync&lr=1&partner=ba0d5680aec92ed9c5c9da2be8d0e8a3a577866b71c7089a32ed732bc1246910
139.45.195.8200 OK 697 B URL HTTP/2 my.rtmark.net/p.js?f=sync&lr=1&partner=ba0d5680aec92ed9c5c9da2be8d0e8a3a577866b71c7089a32ed732bc1246910
IP 139.45.195.8:0
Hash bb07e31c2c066db5c4b3259d1f69a442
db79e9d4a817ce703b11b65faf2ba097228063b2
d96b7a3f7fe0803348c6ea7cd2f02b2a3d96feabac2339d2f89033336f6583a8
GET /p.js?f=sync&lr=1&partner=ba0d5680aec92ed9c5c9da2be8d0e8a3a577866b71c7089a32ed732bc1246910 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 23:37:59 GMT
content-type: text/javascript
content-length: 697
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15752, version 1.0\012- data
Hash b20371a6daf29d4a1f2e85dbbf40fb20
0355a01c1ccb45cb728e7e07c41c8ebf456f70bb
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cyber.bet
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15752
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 20 Jan 2023 01:49:59 GMT
expires: Sat, 20 Jan 2024 01:49:59 GMT
cache-control: public, max-age=31536000
age: 596880
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cyber.bet
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 24 Jan 2023 13:09:06 GMT
expires: Wed, 24 Jan 2024 13:09:06 GMT
cache-control: public, max-age=31536000
age: 210533
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cyber.bet
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 07:51:59 GMT
expires: Thu, 25 Jan 2024 07:51:59 GMT
cache-control: public, max-age=31536000
age: 143160
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdnstatic.cyber.bet/js/fp.js
54.230.111.100200 OK 533 B URL HTTP/2 cdnstatic.cyber.bet/js/fp.js
IP 54.230.111.100:0
File type ASCII text, with CRLF line terminators
Hash d1abfbe2c5b50e7f427e41c79197dcd3
01f6142a97168fd15da33334c35ce351d676ed08
7266855231eab7a13a11e53e9df50e1c84582649d9708e9a8f72d62e8af8b569
GET /js/fp.js HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 533
last-modified: Tue, 24 Jan 2023 12:10:35 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Thu, 26 Jan 2023 23:37:44 GMT
etag: "d1abfbe2c5b50e7f427e41c79197dcd3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 52yDdlZKaGCUmpMgicF6dwGJ22KL9ZqzLJo3LQewPDY4nREF70M-7A==
age: 18
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ab1f619b339f20e3cf015bbd0852bfc4
fe6276a4b15d53fa73c9f3d10917f7b5f7f78a3e
a76a0883d555c365d4f52b7445fd0c051512d0a920c065e265cf0e59c8370498
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A76A0883D555C365D4F52B7445FD0C051512D0A920C065E265CF0E59C8370498"
Last-Modified: Tue, 24 Jan 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7850
Expires: Fri, 27 Jan 2023 01:48:49 GMT
Date: Thu, 26 Jan 2023 23:37:59 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d9bf2793558044193d7e5d27708a9144
5a8f73462cfda6544cc3efe488854c3cd80bb0a7
e1db5ce5f130aa6d6a1bf18da60fee5c6bb76625a26aef0fee67702e7209ef7e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 23:37:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdnstatic.cyber.bet/js/geoMapping.js
54.230.111.100200 OK 443 B URL HTTP/2 cdnstatic.cyber.bet/js/geoMapping.js
IP 54.230.111.100:0
File type ASCII text, with CRLF line terminators
Hash 2f6043a16c26cde9a190dbb829b5519c
791479cfced1a000ef6411990f1c4bba615b6b4c
f9dfb0c2f94be90f2cdeb66286b36cdeb5d8fb0fbb9f28b1e1d3d99a3780306a
GET /js/geoMapping.js HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1674776279.1.0.1674776279.60.0.0; _ga=GA1.1.921309120.1674776279
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 443
last-modified: Tue, 24 Jan 2023 12:10:35 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Thu, 26 Jan 2023 23:37:10 GMT
etag: "2f6043a16c26cde9a190dbb829b5519c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Pe5go4EcEidlh5U2L7rXocKqE7qlNePPdW742Lgs-yTA8UVub8TwxA==
age: 53
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/@fingerprintjs/fingerprintjs@3/dist/fp.min.js
151.101.65.229200 OK 14 kB URL HTTP/2 cdn.jsdelivr.net/npm/@fingerprintjs/fingerprintjs@3/dist/fp.min.js
IP 151.101.65.229:0
File type Unicode text, UTF-8 text, with very long lines (34150)
Hash 992ef8564e775838114b9722cfaca166
d695319ec9e83f5a2ed894ecff5e7497f0bb9fa7
974c0527a326c8a38b0a5475d5a9d159e3a1a4a4a0688888d9d525b74ebc3930
GET /npm/@fingerprintjs/fingerprintjs@3/dist/fp.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 3.4.0
x-jsd-version-type: version
etag: W/"86b4-0dT4vbRAvda9ZROiHYU1ptjFWSM"
content-encoding: gzip
accept-ranges: bytes
date: Thu, 26 Jan 2023 23:37:59 GMT
age: 32539
x-served-by: cache-fra-eddf8230075-FRA, cache-bma1648-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 14453
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6c8342bd4fcc0db7060b187118f686de
7f2a458bd4b51bef290206cfcef7989190885334
5e504c57fc750b802d5706b163f50b9bd853de71bd77414f06612c1100c82223
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5E504C57FC750B802D5706B163F50B9BD853DE71BD77414F06612C1100C82223"
Last-Modified: Thu, 26 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6042
Expires: Fri, 27 Jan 2023 01:18:41 GMT
Date: Thu, 26 Jan 2023 23:37:59 GMT
Connection: keep-alive
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP 104.18.20.226:0
Hash 3e77ae320e165f5d95ceb2c8c9a34a1b
6ab085926ff3001bdcbdcf0a5e2ebc00261f244c
1c49aca6f49a4a7f3ffa376b6daac8e9610c14735754f63a8e9f25a1ebc2429c
POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 23:37:59 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "1F968C5AE9318D9AA61B735B12F0409BCC827A6C"
Expires: Fri, 27 Jan 2023 10:00:00 GMT
Last-Modified: Thu, 26 Jan 2023 22:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 3435
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78fd1463ed7ab500-OSL
notix.io/ent/current/enot.min.js
139.45.240.92200 OK 43 kB URL HTTP/2 notix.io/ent/current/enot.min.js
IP 139.45.240.92:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 7617b4607a99d793bbc68015674baa9a
264e16f829e53469168b38966789b3b1d78f0359
fc7026a10d6c9834ddec96a97bbdf04fa0fac28a084fbc8a6835e36ee4f4bbe2
GET /ent/current/enot.min.js HTTP/1.1
Host: notix.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 23:37:51 GMT
content-type: application/javascript
last-modified: Mon, 23 Jan 2023 08:06:44 GMT
etag: W/"63ce4014-1324f"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
scripts.prdredir.com/safeframe
172.64.135.33200 OK 3.7 kB URL HTTP/2 scripts.prdredir.com/safeframe
IP 172.64.135.33:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a3ba29b469f0f0f7c7e9a3f62da06e21
9d8fa9f4fe308da30907c7443bc9506371f80250
8e0fc1225febcbbf7df5a169ff026318dab145e5bdee23c6b0dc57b606170a2b
GET /safeframe HTTP/1.1
Host: scripts.prdredir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:37:59 GMT
content-type: text/html; charset=utf-8
status: 200 OK
cache-control: no-cache
referrer-policy: strict-origin-when-cross-origin
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 7d26935d-d2df-4fd3-9dbf-d902f9467348
x-download-options: noopen
x-runtime: 0.002384
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LITIIpdkkPKYnxowRoKbtdEvTeq8%2BgNBz7ErLdPjs2wqOK57xVzgTqaYuXHXQKDuk%2FawlfMXVHkcOVKn7Qf8jdkOrSCYp%2BHisIaZqoSs8FNelcTAEgds7D1qxW687hdlZc1%2FObiNjw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78fd14629cc1f3f3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
notix.io/event
139.45.240.92200 OK 0 B IP 139.45.240.92:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1
Host: notix.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://cyber.bet/
Origin: https://cyber.bet
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 23:37:52 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://cyber.bet
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
my.rtmark.net/img.gif?f=sync&partner=8e97412bbf131fc32a987c97dde0d541fb4fd37a10ecec825f7a91e7042f6f9f&ttl=&rurl=https%3A%2F%2Fcyber.bet%2Fland%2Fcasino_red_pbn868%2F%3Fcid%3D63d30ed64ea1cd00010fa3d7%26pid%3D8425%26subid1%3D%26affs%3D1%26sid%3Daffs%26utm_medium%3Drevshare%26utm_source%3Daffise%26utm_campaign%3D53_casino%26promocode%3DCYBERMAXCAS%26subid2%3D%26subid3%3D%26aff_bnnr%3D%26aff_land%3D1666276955
139.45.195.8200 OK 43 B URL HTTP/2 my.rtmark.net/img.gif?f=sync&partner=8e97412bbf131fc32a987c97dde0d541fb4fd37a10ecec825f7a91e7042f6f9f&ttl=&rurl=https%3A%2F%2Fcyber.bet%2Fland%2Fcasino_red_pbn868%2F%3Fcid%3D63d30ed64ea1cd00010fa3d7%26pid%3D8425%26subid1%3D%26affs%3D1%26sid%3Daffs%26utm_medium%3Drevshare%26utm_source%3Daffise%26utm_campaign%3D53_casino%26promocode%3DCYBERMAXCAS%26subid2%3D%26subid3%3D%26aff_bnnr%3D%26aff_land%3D1666276955
IP 139.45.195.8:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /img.gif?f=sync&partner=8e97412bbf131fc32a987c97dde0d541fb4fd37a10ecec825f7a91e7042f6f9f&ttl=&rurl=https%3A%2F%2Fcyber.bet%2Fland%2Fcasino_red_pbn868%2F%3Fcid%3D63d30ed64ea1cd00010fa3d7%26pid%3D8425%26subid1%3D%26affs%3D1%26sid%3Daffs%26utm_medium%3Drevshare%26utm_source%3Daffise%26utm_campaign%3D53_casino%26promocode%3DCYBERMAXCAS%26subid2%3D%26subid3%3D%26aff_bnnr%3D%26aff_land%3D1666276955 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 23:37:59 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=8a8131482f5b45998a1525161bab631a; expires=Fri, 26 Jan 2024 23:37:59 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
notix.io/event
139.45.240.92200 OK 0 B IP 139.45.240.92:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1
Host: notix.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://cyber.bet/
Origin: https://cyber.bet
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 23:37:52 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://cyber.bet
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
notix.io/event
139.45.240.92200 OK 0 B IP 139.45.240.92:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1
Host: notix.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://cyber.bet/
Origin: https://cyber.bet
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 23:37:52 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://cyber.bet
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8FYNJV02NV&cid=921309120.1674776279>m=2oe1p0&aip=1&z=570659833
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8FYNJV02NV&cid=921309120.1674776279>m=2oe1p0&aip=1&z=570659833
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8FYNJV02NV&cid=921309120.1674776279>m=2oe1p0&aip=1&z=570659833 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 26 Jan 2023 23:37:59 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
notix.io/event
139.45.240.92200 OK 15 B IP 139.45.240.92:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 28ec1eee5f4049e3c4f2135069c1d2c8
3505519507ca1c2a089c46e100b80408ca278421
edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b
POST /event HTTP/1.1
Host: notix.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 63
Origin: https://cyber.bet
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 23:37:52 GMT
content-type: application/json; charset=utf-8
content-length: 15
access-control-allow-origin: https://cyber.bet
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
notix.io/event
139.45.240.92200 OK 15 B IP 139.45.240.92:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 28ec1eee5f4049e3c4f2135069c1d2c8
3505519507ca1c2a089c46e100b80408ca278421
edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b
POST /event HTTP/1.1
Host: notix.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 80
Origin: https://cyber.bet
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 23:37:52 GMT
content-type: application/json; charset=utf-8
content-length: 15
access-control-allow-origin: https://cyber.bet
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
notix.io/event
139.45.240.92200 OK 15 B IP 139.45.240.92:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 28ec1eee5f4049e3c4f2135069c1d2c8
3505519507ca1c2a089c46e100b80408ca278421
edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b
POST /event HTTP/1.1
Host: notix.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 1408
Origin: https://cyber.bet
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 23:37:52 GMT
content-type: application/json; charset=utf-8
content-length: 15
access-control-allow-origin: https://cyber.bet
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b3a61265429c61d8343295d26772452c
1364508102e65eeccdf0a50492cf7a6100089334
614b51d326842e8d5d6b2a7661c429bb4d0d7e2f42df3f4fbbb8814fa7172b59
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "614B51D326842E8D5D6B2A7661C429BB4D0D7E2F42DF3F4FBBB8814FA7172B59"
Last-Modified: Thu, 26 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5012
Expires: Fri, 27 Jan 2023 01:01:32 GMT
Date: Thu, 26 Jan 2023 23:38:00 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c8a0d6bc80301700d6fb1d520beb8b49
f33a1a1e491fcd6ca31360b28b092457a2d48f23
ef0535b52ccb717c1200d5974ea8841b92f655234d67ace0e71c1ec7f5fbb3f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 23:38:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
my.rtmark.net/img.gif?f=sync&partner=ba0d5680aec92ed9c5c9da2be8d0e8a3a577866b71c7089a32ed732bc1246910&ttl=&rurl=https%3A%2F%2Fcyber.bet%2Fland%2Fcasino_red_pbn868%2F%3Fcid%3D63d30ed64ea1cd00010fa3d7%26pid%3D8425%26subid1%3D%26affs%3D1%26sid%3Daffs%26utm_medium%3Drevshare%26utm_source%3Daffise%26utm_campaign%3D53_casino%26promocode%3DCYBERMAXCAS%26subid2%3D%26subid3%3D%26aff_bnnr%3D%26aff_land%3D1666276955
139.45.195.8200 OK 43 B URL HTTP/2 my.rtmark.net/img.gif?f=sync&partner=ba0d5680aec92ed9c5c9da2be8d0e8a3a577866b71c7089a32ed732bc1246910&ttl=&rurl=https%3A%2F%2Fcyber.bet%2Fland%2Fcasino_red_pbn868%2F%3Fcid%3D63d30ed64ea1cd00010fa3d7%26pid%3D8425%26subid1%3D%26affs%3D1%26sid%3Daffs%26utm_medium%3Drevshare%26utm_source%3Daffise%26utm_campaign%3D53_casino%26promocode%3DCYBERMAXCAS%26subid2%3D%26subid3%3D%26aff_bnnr%3D%26aff_land%3D1666276955
IP 139.45.195.8:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /img.gif?f=sync&partner=ba0d5680aec92ed9c5c9da2be8d0e8a3a577866b71c7089a32ed732bc1246910&ttl=&rurl=https%3A%2F%2Fcyber.bet%2Fland%2Fcasino_red_pbn868%2F%3Fcid%3D63d30ed64ea1cd00010fa3d7%26pid%3D8425%26subid1%3D%26affs%3D1%26sid%3Daffs%26utm_medium%3Drevshare%26utm_source%3Daffise%26utm_campaign%3D53_casino%26promocode%3DCYBERMAXCAS%26subid2%3D%26subid3%3D%26aff_bnnr%3D%26aff_land%3D1666276955 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: ID=8a8131482f5b45998a1525161bab631a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 23:38:00 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=8a8131482f5b45998a1525161bab631a; expires=Fri, 26 Jan 2024 23:38:00 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
backend.cyberbet.academy/api/gql/send?ttl=86400
54.246.139.70200 OK 4 B URL HTTP/2 backend.cyberbet.academy/api/gql/send?ttl=86400
IP 54.246.139.70:0
File type ASCII text, with no line terminators
Hash 5b3abf9c1aa7556c3a36fea4e695c5d2
3fd967d09a748e1f2b26d6fe562e7155aa87e9de
98c4922bb641c65c7a30b7bcafdf230b9b00b6693631c56146ab25b2786ee4a3
OPTIONS /api/gql/send?ttl=86400 HTTP/1.1
Host: backend.cyberbet.academy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://cyber.bet/
Origin: https://cyber.bet
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:38:00 GMT
content-type: application/json; charset=utf-8
content-length: 4
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-headers: origin, content-type, accept
etag: W/"4-P9ln0Jp0jh8rJtb+Vi5xVaqH6d4"
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
backend.cyberbet.academy/api/gql/send?ttl=86400
54.246.139.70200 OK 1.7 kB URL HTTP/2 backend.cyberbet.academy/api/gql/send?ttl=86400
IP 54.246.139.70:0
File type JSON data\012- , ASCII text, with very long lines (1732), with no line terminators
Hash 7d262be351a12c20d4e65ce60529f9fc
8081b04642d8b42d8af4fe92cf2e496ed15eaca5
a9d1bfc8e3fcf82bc6d372d278866fb7cc002c158e1ed329bd4f94a70a965241
POST /api/gql/send?ttl=86400 HTTP/1.1
Host: backend.cyberbet.academy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cyber.bet/
Content-Type: application/json;charset=utf-8
Origin: https://cyber.bet
Content-Length: 359
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:38:00 GMT
content-type: application/json; charset=utf-8
content-length: 1732
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-headers: origin, content-type, accept
etag: W/"6c4-gIGwRkLYtC2K9P6Szy5JbtFerKU"
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/Ixty6-fFKeo
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/Ixty6-fFKeo
IP 142.250.74.131:0
Hash 26fb57737bd90e0f558411eaa55a026c
c9b93dedea9cf70455316c2eca83aa7a2dad5f9f
60afa7214ad6a089e3f56de9c370ee2e634bea291c15c5c08b5abb4eeca6b946
POST /s/gts1p5/Ixty6-fFKeo HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 23:38:00 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
region1.analytics.google.com/g/collect?v=2&tid=G-8FYNJV02NV>m=2oe1p0&_p=970265425&_gaz=1&cid=921309120.1674776279&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674776279&sct=1&seg=0&dl=https%3A%2F%2Fcyber.bet%2Fland%2Fcasino_red_pbn868%2F%3Fcid%3D63d30ed64ea1cd00010fa3d7%26pid%3D8425%26subid1%3D%26affs%3D1%26sid%3Daffs%26utm_medium%3Drevshare%26utm_source%3Daffise%26utm_campaign%3D53_casino%26promocode%3DCYBERMAXCAS%26subid2%3D%26subid3%3D%26aff_bnnr%3D%26aff_land%3D1666276955&dr=http%3A%2F%2Fww1.yokkasoft.net%2F&dt=Casino%20Games%20on%20Cyber.Bet&en=page_view&_fv=2&_nsi=1&_ss=2&up.ip=&up.anon_id=&up.score_bot=
216.239.34.36204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-8FYNJV02NV>m=2oe1p0&_p=970265425&_gaz=1&cid=921309120.1674776279&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674776279&sct=1&seg=0&dl=https%3A%2F%2Fcyber.bet%2Fland%2Fcasino_red_pbn868%2F%3Fcid%3D63d30ed64ea1cd00010fa3d7%26pid%3D8425%26subid1%3D%26affs%3D1%26sid%3Daffs%26utm_medium%3Drevshare%26utm_source%3Daffise%26utm_campaign%3D53_casino%26promocode%3DCYBERMAXCAS%26subid2%3D%26subid3%3D%26aff_bnnr%3D%26aff_land%3D1666276955&dr=http%3A%2F%2Fww1.yokkasoft.net%2F&dt=Casino%20Games%20on%20Cyber.Bet&en=page_view&_fv=2&_nsi=1&_ss=2&up.ip=&up.anon_id=&up.score_bot=
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-8FYNJV02NV>m=2oe1p0&_p=970265425&_gaz=1&cid=921309120.1674776279&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674776279&sct=1&seg=0&dl=https%3A%2F%2Fcyber.bet%2Fland%2Fcasino_red_pbn868%2F%3Fcid%3D63d30ed64ea1cd00010fa3d7%26pid%3D8425%26subid1%3D%26affs%3D1%26sid%3Daffs%26utm_medium%3Drevshare%26utm_source%3Daffise%26utm_campaign%3D53_casino%26promocode%3DCYBERMAXCAS%26subid2%3D%26subid3%3D%26aff_bnnr%3D%26aff_land%3D1666276955&dr=http%3A%2F%2Fww1.yokkasoft.net%2F&dt=Casino%20Games%20on%20Cyber.Bet&en=page_view&_fv=2&_nsi=1&_ss=2&up.ip=&up.anon_id=&up.score_bot= HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cyber.bet
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://cyber.bet
date: Thu, 26 Jan 2023 23:38:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 1f4c8e17a668764556ab61c7c31e53c7
ada5ee5917ab9faf3d55a6da1d5bfc3077e42de2
8ac89ed8b6650ea140c2eac1b1dd61f8498e97e278e6bd6debfd803a588e2468
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 23:38:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cyber.bet/land/casino_red_pbn868/favicon.ico
172.66.40.100200 OK 1.6 kB URL HTTP/2 cyber.bet/land/casino_red_pbn868/favicon.ico
IP 172.66.40.100:0
File type MS Windows icon resource - 3 icons, 48x48, 8 bits/pixel, 32x32, 8 bits/pixel\012- data
Hash 17a799a063ba59bdb49052df98bdbf0f
b4d7962428eb5bcdf840b5324c7fba217887a205
1517466775ffd844bbae0c0ddca9c5360446581544c2667b17a94119c707a665
GET /land/casino_red_pbn868/favicon.ico HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_red_pbn868/?cid=63d30ed64ea1cd00010fa3d7&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_casino&promocode=CYBERMAXCAS&subid2=&subid3=&aff_bnnr=&aff_land=1666276955
Cookie: _uc_referrer=http://ww1.yokkasoft.net/; _uc_utm_source=affise; _uc_utm_medium=revshare; _uc_utm_campaign=53_casino; _uc_utm_term=; _uc_utm_content=; __adm_tid=tid-2cfd8c5eb.2be193eea; _ga_8FYNJV02NV=GS1.1.1674776279.1.0.1674776279.60.0.0; _ga=GA1.1.921309120.1674776279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:37:59 GMT
content-type: image/x-icon
last-modified: Wed, 19 Oct 2022 17:10:45 GMT
etag: W/"63502f95-1cee"
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3362
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gmlvgs%2F7XF1nhbL1qSZ8LYo98ke4zXRUOVkrehT1PHOS6EUfEJ6DfcabBsPJWYuSEhWcie2b37Xnw2SiPB7D9B%2B1k55g6XXGn%2B134lQtNvDSZie8Tg%2FuiFHOtg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fd14654ac1b4eb-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdnstatic.cyber.bet/img/input.png
54.230.111.100200 OK 10 kB URL HTTP/2 cdnstatic.cyber.bet/img/input.png
IP 54.230.111.100:0
File type PNG image data, 684 x 134, 8-bit/color RGBA, non-interlaced\012- data
Hash 029eb00d46a95ea9be209224c3d913db
6437f53a0ac6d920ce054424e379bc4035890d9f
2edf7d5caba07cf65cf390191d6e21b25a0510b09ea2809df2630515e7bccb7f
GET /img/input.png HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdnstatic.cyber.bet/css/global.css
Cookie: _ga_8FYNJV02NV=GS1.1.1674776279.1.0.1674776279.60.0.0; _ga=GA1.2.921309120.1674776279; _gid=GA1.2.1865623238.1674776280; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 10123
last-modified: Thu, 07 Apr 2022 09:30:15 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Thu, 26 Jan 2023 23:37:21 GMT
etag: "029eb00d46a95ea9be209224c3d913db"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: PHFrWVHhGoqYJGWyxFuSYNTNk6nFmQnuT3DcfZWdjjiw4QB0AQpTYA==
age: 50
X-Firefox-Spdy: h2
backend.cyberbet.academy/api/affise/land_promocode?promocode=CYBERMAXCAS
54.246.139.70200 OK 712 B URL HTTP/2 backend.cyberbet.academy/api/affise/land_promocode?promocode=CYBERMAXCAS
IP 54.246.139.70:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (710), with no line terminators
Hash cc9dc856478b719988e30efd9922fccb
caa7f35d151bb6293d48255d7e2b6404ab764159
2096f5d36301d0c98e66c6e3dacb312e6674370399b5f6a4ee93ec143d0e665d
GET /api/affise/land_promocode?promocode=CYBERMAXCAS HTTP/1.1
Host: backend.cyberbet.academy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cyber.bet/
Origin: https://cyber.bet
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:38:00 GMT
content-type: application/json; charset=utf-8
content-length: 712
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-headers: origin, content-type, accept
etag: W/"2c8-yqfzXRUbtik9SCVdfitkBKt2QVk"
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 1f4c8e17a668764556ab61c7c31e53c7
ada5ee5917ab9faf3d55a6da1d5bfc3077e42de2
8ac89ed8b6650ea140c2eac1b1dd61f8498e97e278e6bd6debfd803a588e2468
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 23:38:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
alexatracker.com/jscode/bQIA.js?sub1=&sub2=&sub3=&sub4=&sub5=&prid=63d30ed64ea1cd00010fa3d7
172.67.204.112200 OK 0 B URL HTTP/2 alexatracker.com/jscode/bQIA.js?sub1=&sub2=&sub3=&sub4=&sub5=&prid=63d30ed64ea1cd00010fa3d7
IP 172.67.204.112:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /jscode/bQIA.js?sub1=&sub2=&sub3=&sub4=&sub5=&prid=63d30ed64ea1cd00010fa3d7 HTTP/1.1
Host: alexatracker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:38:00 GMT
content-type: application/json; charset=UTF-8
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
cf-cache-status: BYPASS
set-cookie: trbarid=2ca5edf579c7ba7ff2c4955da03e226d2755e9c25a9fc2c4acca7b62179c24faa%3A2%3A%7Bi%3A0%3Bs%3A7%3A%22trbarid%22%3Bi%3A1%3Bi%3A2628718994136436440%3B%7D; expires=Thu, 30-Jan-2025 23:38:00 GMT; Max-Age=63504000; path=/; secure; HttpOnly; SameSite=None
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G05tqd1m49ASdwRfk0zojEkbmIEdQK55gORg6bAszPuIuaWaSEOMintTt9Tf5mWTYUbHolOLooF%2B8T1TsxwTeLsyG8B%2F9gMaNAs7PYgim1Qzh4iFzo10mhre5LSK%2B5elSSBz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fd14676c721bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnstatic.cyber.bet/css/img/flags.png
54.230.111.100200 OK 71 kB URL HTTP/2 cdnstatic.cyber.bet/css/img/flags.png
IP 54.230.111.100:0
File type PNG image data, 5652 x 15, 8-bit/color RGBA, non-interlaced\012- data
Hash 416250f60d785a2e02f17e054d2e4e44
21572c9751e5a3dc20395befa0fcb349c32c4811
0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55
GET /css/img/flags.png HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdnstatic.cyber.bet/css/iti/intlTelInput.css
Cookie: _ga_8FYNJV02NV=GS1.1.1674776279.1.0.1674776279.60.0.0; _ga=GA1.2.921309120.1674776279; _gid=GA1.2.1865623238.1674776280; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 70857
last-modified: Fri, 20 Jan 2023 12:33:46 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Thu, 26 Jan 2023 23:38:00 GMT
etag: "416250f60d785a2e02f17e054d2e4e44"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: fSaJ6fSWzWbgr4AOgw5_Pmdz9wdpAS7YhcfXtwZIR7-nset0b1kQHw==
age: 26
X-Firefox-Spdy: h2
static.cyber.bet//wt/ry/aa27642b-8721-4fd0-8c84-c3e841f603b4.svg
172.66.40.100200 OK 3.5 kB URL HTTP/2 static.cyber.bet//wt/ry/aa27642b-8721-4fd0-8c84-c3e841f603b4.svg
IP 172.66.40.100:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1498)
Hash 564f30d71caa4f20ef5b194d9561cc14
1c409d040de03336b35593ac305ea5eea3394c32
423e88929ae4b13879234acb4113bcc62a0540451ba536bd86417d569d56188c
GET //wt/ry/aa27642b-8721-4fd0-8c84-c3e841f603b4.svg HTTP/1.1
Host: static.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1674776279.1.0.1674776279.60.0.0; _ga=GA1.2.921309120.1674776279; _gid=GA1.2.1865623238.1674776280; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:38:00 GMT
content-type: image/svg+xml
cache-control: public, max-age=31536000
last-modified: Sun, 27 Nov 2022 13:15:26 GMT
x-imgix-id: befd1e5b23a603e2ad9e7e0e220abae092937310
x-imgix-render-farm: 02.552
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10033-SJC, cache-bma1648-BMA
x-cache: HIT, MISS
vary: Accept-Encoding
cf-cache-status: HIT
age: 723405
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rGGZsMUrnc6gJm6VBl2ETT%2Fwd3tDYOJg7y1S5nsVm1pfTWEFPpJg%2BsPFGsqF38ks5Sg%2FzLfLqUdaaVuE9at7KCJD1AXQiEegxIC2OVu%2FF6Kta6lj1iRjNOnla28QIDHsx%2B0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78fd1467eca5b4eb-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.cyber.bet//rp/gc/3a3b6125-5608-486b-8f79-4497ca3badfe.svg
172.66.40.100200 OK 37 kB URL HTTP/2 static.cyber.bet//rp/gc/3a3b6125-5608-486b-8f79-4497ca3badfe.svg
IP 172.66.40.100:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (4530)
Hash 437659891dd715fb09b271551adf5340
b384845b91398bc9770b60406b396dace05512ee
3cf8b43438c354aea71f40b37234eb4a46f290009f3e4f70e83022062f9d350d
GET //rp/gc/3a3b6125-5608-486b-8f79-4497ca3badfe.svg HTTP/1.1
Host: static.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1674776279.1.0.1674776279.60.0.0; _ga=GA1.2.921309120.1674776279; _gid=GA1.2.1865623238.1674776280; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:38:00 GMT
content-type: image/svg+xml
cache-control: public, max-age=31536000
last-modified: Tue, 15 Feb 2022 14:00:10 GMT
x-imgix-id: 854adac84f9266f0b69e2c7ea9353daa4bedcf8d
x-imgix-render-farm: 02.552
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10068-SJC, cache-bma1650-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
cf-cache-status: HIT
age: 40922
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ewdnFwM9rrBNhDes9JcnesT8nL7Ls0id1HVCxj6UcIiRToXbBDmPtWqN4q0jaZ%2BlgvGoPSBult2aM8N%2Fl7uKG33r0OGvcTZyWQEHQUjlZvH5NaCSASEJtG2rjxscDftcoI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78fd1467ecabb4eb-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 3ebf9d7211aba4c70b84fb470a61b414
28fe29a24e47d6abda88eeeb5e22eddda03c7fca
a8276e099d9d8452b65b70d161a459fae25afb37cea7eff9cc5563b7de972acc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 23:38:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.cyber.bet//fw/ex/770b02e2-890b-47f9-9097-5ce9131c6dae.svg
172.66.40.100200 OK 4.4 kB URL HTTP/2 static.cyber.bet//fw/ex/770b02e2-890b-47f9-9097-5ce9131c6dae.svg
IP 172.66.40.100:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (8222)
Hash a9b55fb5ef1436a2e38ed50b040a0fe7
85bc2b49eed920747900c619121ed0f82c5eb761
885584166bb2e752befccca1dc5a15723d4738546053d1cb05fc8f6f5a988619
GET //fw/ex/770b02e2-890b-47f9-9097-5ce9131c6dae.svg HTTP/1.1
Host: static.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1674776279.1.0.1674776279.60.0.0; _ga=GA1.2.921309120.1674776279; _gid=GA1.2.1865623238.1674776280; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:38:00 GMT
content-type: image/svg+xml
cache-control: public, max-age=31536000
last-modified: Tue, 15 Feb 2022 13:53:49 GMT
x-imgix-id: 3071167306fd7e404ce6c9d0b6695258dcb9f78c
x-imgix-render-farm: 02.552
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10063-SJC, cache-bma1621-BMA
x-cache: HIT, MISS
vary: Accept-Encoding
cf-cache-status: HIT
age: 40922
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=keNa5AjeJVIW5oFkyn%2FqCxBGGb4LLXkLUj3yi%2BT3us7CpYBEuIqs6AMr4p1%2ByBWjlcIVVaoe7f26Wa%2FmTXCATgwFqedEeYtUhIuxGozZe%2BRGfdOTmpyAas4TF9jFmZ4eyF4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78fd1467ecafb4eb-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.cyber.bet//vw/ul/f38ce5a4-5465-4e1b-9b88-e542693f572d.svg
172.66.40.100200 OK 2.7 kB URL HTTP/2 static.cyber.bet//vw/ul/f38ce5a4-5465-4e1b-9b88-e542693f572d.svg
IP 172.66.40.100:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1100)
Hash 0cb926e3e9e2b0035dbf5458b5c54e57
30728e1c80e9bda968c2e434cf1f5e966fa854bb
803729400d7c15d4f2d2ba884c82142aa4084aedb3562ebc4c156555b890dbee
GET //vw/ul/f38ce5a4-5465-4e1b-9b88-e542693f572d.svg HTTP/1.1
Host: static.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1674776279.1.0.1674776279.60.0.0; _ga=GA1.2.921309120.1674776279; _gid=GA1.2.1865623238.1674776280; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:38:00 GMT
content-type: image/svg+xml
cache-control: public, max-age=31536000
last-modified: Tue, 15 Feb 2022 14:02:28 GMT
x-imgix-id: be499ee77bb9f13f4e61b37ea512299d94aa8c27
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10068-SJC, cache-maa10242-MAA
x-cache: HIT, MISS
vary: Accept-Encoding
cf-cache-status: HIT
age: 533709
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ATTDfYpN0n9rSqeEFI11dfOQC9gOuFsEt52Ga4TBjXFKOAXlSlVkFPHJRZuAFGSURnBcsuYOpJ3EP0C7kDgsM9wqBVcBArp45q%2FkLIL88wcwWT%2F%2BVOu8k%2F9oaX3H3f5TrCU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78fd1467fcbdb4eb-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.cyber.bet//ct/pt/c85e2438-91ec-44f1-86b9-a8968e2be0a4.svg
172.66.40.100200 OK 2.1 kB URL HTTP/2 static.cyber.bet//ct/pt/c85e2438-91ec-44f1-86b9-a8968e2be0a4.svg
IP 172.66.40.100:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (869)
Hash b3e05fef0289e3cfcd7532e64148d11f
bc3bc8ceec1074d02b034fc8a413f3031d9cb0b3
a5828e3937ccf24d0210849b945aad580a3f3eab96f5a57a1d41c1573f4fa4ac
GET //ct/pt/c85e2438-91ec-44f1-86b9-a8968e2be0a4.svg HTTP/1.1
Host: static.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1674776279.1.0.1674776279.60.0.0; _ga=GA1.2.921309120.1674776279; _gid=GA1.2.1865623238.1674776280; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:38:00 GMT
content-type: image/svg+xml
cache-control: public, max-age=31536000
last-modified: Tue, 15 Feb 2022 13:52:12 GMT
x-imgix-features: {"linux_painter":"0","tannhauser_routing":"0","tannhauser_shield":"0"}
x-imgix-id: a52b6d3a19f01fc91c01ef38ea74345ce0cc3d68
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10055-SJC, cache-hel1410027-HEL
x-cache: MISS, HIT
vary: Accept-Encoding
cf-cache-status: HIT
age: 40922
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k3rChboVFmrYdTXcfyFrC%2FRHijLFJH4bXA39B98rkJJsQ%2BJyTpPvFsoDZRu5G%2F0aWhj83j2kCzR6z%2Flg2%2FPSKuYpuVNRW5lTSUy1f9qlPRBuXswiwFvKdaywK9lo1HiYo4g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78fd1467ecb0b4eb-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-113371679-5&cid=921309120.1674776279&jid=1868619074&_u=YCDACEABBAAAACAFK~&z=1158234871
216.58.207.228200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-113371679-5&cid=921309120.1674776279&jid=1868619074&_u=YCDACEABBAAAACAFK~&z=1158234871
IP 216.58.207.228:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-113371679-5&cid=921309120.1674776279&jid=1868619074&_u=YCDACEABBAAAACAFK~&z=1158234871 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 26 Jan 2023 23:38:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
backend.cyberbet.academy/api/land_regs/session
54.246.139.70200 OK 2 B URL HTTP/2 backend.cyberbet.academy/api/land_regs/session
IP 54.246.139.70:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /api/land_regs/session HTTP/1.1
Host: backend.cyberbet.academy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://cyber.bet/
Origin: https://cyber.bet
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:38:00 GMT
content-type: text/html; charset=utf-8
content-length: 2
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-headers: origin, content-type, accept
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
static.cyber.bet//rg/xl/324c146b-3f35-4a0f-88ce-5f2b13d51113.svg
172.66.40.100200 OK 3.8 kB URL HTTP/2 static.cyber.bet//rg/xl/324c146b-3f35-4a0f-88ce-5f2b13d51113.svg
IP 172.66.40.100:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (7079)
Hash aa55e340b9e43eef50a44fd2a7cc87af
4c84f2ed1827bb57b4e5f5e9d3968c56d7887963
9918d9f56b40f59fed251707d210a25a59f1c811da62328165c42298c2f1faf6
GET //rg/xl/324c146b-3f35-4a0f-88ce-5f2b13d51113.svg HTTP/1.1
Host: static.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1674776279.1.0.1674776279.60.0.0; _ga=GA1.2.921309120.1674776279; _gid=GA1.2.1865623238.1674776280; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:38:00 GMT
content-type: image/svg+xml
cache-control: public, max-age=31536000
last-modified: Tue, 15 Feb 2022 13:59:51 GMT
x-imgix-id: c912ac4741157f0c624624a3b61b365f5d2f134f
x-imgix-render-farm: 01.1064
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10082-SJC, cache-bma1655-BMA
x-cache: HIT, MISS
vary: Accept-Encoding
cf-cache-status: HIT
age: 723405
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cwre9vVfKVPwimu87fmMHXQH%2FcrkV00cFAX24UVVcMCfUKUp%2FLkqDsegzCZwi0tau%2BjilM23OBQZ7tndR988x0LoYZkVpuWIlIljQsrcYm%2B2h7zDeV7LsQXlwVreK8Sq%2F%2FA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78fd1467ecacb4eb-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 11b11a34f7de8e82aed9ce9aa61a948d
8062b890e99fbdaf23dca1504fc69be6e342aecb
74953ce419e3c98e4940faff47764c52aa45d37d085a776af5928d7343f90aa7
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 26 Jan 2023 23:38:00 GMT
Etag: "63d1be8c-1d7"
Last-Modified: Thu, 26 Jan 2023 23:28:27 GMT
Server: ECS (dcb/7F5B)
X-Cache: Miss from cloudfront
Via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: mrezys4MAB5wvTko5GCFKQHike3HMXGWv3o7C2Kz4KpHCmgb8h5aBA==
Age: 573
cdnstatic.cyber.bet/js/libs/phone/intlTelInput.js
54.230.111.100200 OK 76 kB URL HTTP/2 cdnstatic.cyber.bet/js/libs/phone/intlTelInput.js
IP 54.230.111.100:0
Hash a546b5f03d6aa04e754695fcc9d4b33e
4574644a9af33c86749b3d117e4f36982f4caf1d
f18f21a534220984c6152de7def4a0b59668aa2fdd81786f808fab485befc965
GET /js/libs/phone/intlTelInput.js HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1674776279.1.0.1674776279.60.0.0; _ga=GA1.2.921309120.1674776279; _gid=GA1.2.1865623238.1674776280; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 24 Jan 2023 12:10:35 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Thu, 26 Jan 2023 23:37:47 GMT
etag: W/"c73ba86bd67306c5889e9aac41e959e0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: O0XNW9E1my3skx16Xmnc0PvyC9B2FHcaRp2P81O8CG8qudNZtSZNtQ==
age: 25
X-Firefox-Spdy: h2
backend.cyberbet.academy/api/land_regs/session
54.246.139.70200 OK 7 B URL HTTP/2 backend.cyberbet.academy/api/land_regs/session
IP 54.246.139.70:0
File type ASCII text, with no line terminators
Hash d9310a44e73e68b31ea56f89682b6745
9b0b560ffc34cf165b5175f9bff653b04b2ba96d
a1cdc9bf42cdb955cabb49bda3c8831f008e453dd66ca4a9ae572d309f9187db
POST /api/land_regs/session HTTP/1.1
Host: backend.cyberbet.academy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cyber.bet/
Content-Type: application/json;charset=utf-8
Origin: https://cyber.bet
Content-Length: 255
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:38:00 GMT
content-type: application/json; charset=utf-8
content-length: 7
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-headers: origin, content-type, accept
etag: W/"7-mwtWD/w0zxZbUXX5v/ZTsEsrqW0"
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 1ca3538a32a8fde407c95ce889bf3c61
3cf974da1b67520ed2cc2063856205e6e23ce4f4
7e60775bfea1a4e8f4461e4eb33d2976d6d34a20eba7a026e6875b8ebde3ad51
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=89959
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 23:38:00 GMT
Etag: "63d1cb3f-116"
Expires: Sat, 28 Jan 2023 00:37:19 GMT
Last-Modified: Thu, 26 Jan 2023 00:37:19 GMT
Server: nginx
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7dadb09e9141bcf0df8ea89fc6a61354
7063ed393e240a7cd97a3a312927235d0f14568e
7d30c6c36b852938dc7127bca46aafe9bcc9459cbfa4af5ca32295b19dfdb252
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5465
Cache-Control: max-age=112686
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 23:38:00 GMT
Etag: "63d20ead-1d7"
Expires: Sat, 28 Jan 2023 06:56:06 GMT
Last-Modified: Thu, 26 Jan 2023 05:25:01 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
pool.admedo.com/pixel?id=148776&t=js
35.210.53.219302 Found 0 B URL HTTP/2 pool.admedo.com/pixel?id=148776&t=js
IP 35.210.53.219:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel?id=148776&t=js HTTP/1.1
Host: pool.admedo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Thu, 26 Jan 2023 23:38:00 GMT
location: https://pool.admedo.com/ul_cb/pixel?id=148776&t=js
set-cookie: tuuid=198148bf-67b4-47d5-b77c-9c0155d73776; path=/; expires=Fri, 26-Jan-2024 23:38:00 GMT
c=1674776280; path=/; expires=Fri, 26-Jan-2024 23:38:00 GMT
tuuid_lu=1674776280; path=/; expires=Fri, 26-Jan-2024 23:38:00 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pool.admedo.com/ul_cb/pixel?id=148776&t=js
35.210.53.219200 OK 0 B URL HTTP/2 pool.admedo.com/ul_cb/pixel?id=148776&t=js
IP 35.210.53.219:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ul_cb/pixel?id=148776&t=js HTTP/1.1
Host: pool.admedo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cyber.bet/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-length: 0
content-type: text/javascript; charset=UTF-8
date: Thu, 26 Jan 2023 23:38:00 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 1ca3538a32a8fde407c95ce889bf3c61
3cf974da1b67520ed2cc2063856205e6e23ce4f4
7e60775bfea1a4e8f4461e4eb33d2976d6d34a20eba7a026e6875b8ebde3ad51
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=89959
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 23:38:01 GMT
Etag: "63d1cb3f-116"
Expires: Sat, 28 Jan 2023 00:37:20 GMT
Last-Modified: Thu, 26 Jan 2023 00:37:19 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 77ee11fc32a54a6d1f919ccd7ef00c8d
3391dbe1835e7fc0a85d3cc3f190b11639d7bf35
9a75fea2800f0365dc548a49dc56652d68112ff2415260854e994f23b1d759fa
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1344
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 23:38:01 GMT
Last-Modified: Thu, 26 Jan 2023 23:15:37 GMT
Server: ECS (amb/6BA4)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 77ee11fc32a54a6d1f919ccd7ef00c8d
3391dbe1835e7fc0a85d3cc3f190b11639d7bf35
9a75fea2800f0365dc548a49dc56652d68112ff2415260854e994f23b1d759fa
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1344
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 23:38:01 GMT
Last-Modified: Thu, 26 Jan 2023 23:15:37 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 279
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81aa4520-e26c-4be4-877f-1d3af6c27241.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81aa4520-e26c-4be4-877f-1d3af6c27241.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ed3df3868d4a13270faf944f911637a7
1b69b2433956c79510bc4a013648a5fb12882884
e13e2ca5d6552a96eb972936f553937a5aff566eb37f39b0928f15d3eeab617f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81aa4520-e26c-4be4-877f-1d3af6c27241.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 11372
x-amzn-requestid: d50f0c0e-a383-419a-a3ca-630d5fd32821
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPAw_E_rIAMF0hQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf7b39-64abe6b72176db7d7b67f315;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 06:31:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: P--KVawXg_IYJa8S3gcxIL5XZZGwRbhclRRRMUFlWmMAqzVus7RdnA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 21:47:08 GMT
age: 6657
etag: "1b69b2433956c79510bc4a013648a5fb12882884"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
gml-grp.com/C.ashx?btag=a_19851b_2181c_&affid=5253&siteid=19851&adid=2181&c=
188.114.97.1302 Found 0 B URL HTTP/2 gml-grp.com/C.ashx?btag=a_19851b_2181c_&affid=5253&siteid=19851&adid=2181&c=
IP 188.114.97.1:0
GET /C.ashx?btag=a_19851b_2181c_&affid=5253&siteid=19851&adid=2181&c= HTTP/1.1
Host: gml-grp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://adtraffic.agency/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 26 Jan 2023 23:38:01 GMT
content-type: text/html; charset=utf-8
cache-control: private
location: //gml-grp.com/C.ashx?btag=a_19851b_2181c_&affid=5253&siteid=19851&adid=2181&c=&AutoR=1
x-aspnet-version: 4.0.30319
set-cookie: CEK=a; expires=Wed, 26-Apr-2023 23:38:01 GMT; path=/; SameSite=None; Secure
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CynRK%2BBLJM3TGOLdZEb18fP6v7ZrR88fYuVBAdRuq0fj5%2BVl3WVJChV5e5TvU%2FWsqiDYOMe5rtk5QxE0HofgpFhqDvPhkkXgoOY511f3wVJJBHlTr%2B37QbWSvp9DIg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78fd146cea67b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
zeniocloud.com/bQIA.js?prid=63d30ed64ea1cd00010fa3d7&sub2=
167.114.67.56200 OK 0 B URL HTTP/2 zeniocloud.com/bQIA.js?prid=63d30ed64ea1cd00010fa3d7&sub2=
IP 167.114.67.56:0
GET /bQIA.js?prid=63d30ed64ea1cd00010fa3d7&sub2= HTTP/1.1
Host: zeniocloud.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 26 Jan 2023 23:38:00 GMT
content-type: text/html; charset=UTF-8
content-encoding: gzip
X-Firefox-Spdy: h2
cdnstatic.cyber.bet/css/libs/nice-select.css
54.230.111.100200 OK 0 B URL HTTP/2 cdnstatic.cyber.bet/css/libs/nice-select.css
IP 54.230.111.100:0
GET /css/libs/nice-select.css HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: text/css
last-modified: Tue, 24 Jan 2023 12:10:32 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Thu, 26 Jan 2023 23:37:59 GMT
etag: W/"b83506d101e8a03948d5c01e83da2b8e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ioSNQ4u-Wa4z4cZEJNnDrwpNIZpiCFR42aZl34TVtGWv-FIv9j8HNQ==
age: 26
X-Firefox-Spdy: h2
cdnstatic.cyber.bet/js/payments.js
54.230.111.100200 OK 0 B URL HTTP/2 cdnstatic.cyber.bet/js/payments.js
IP 54.230.111.100:0
GET /js/payments.js HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 24 Jan 2023 12:10:36 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Thu, 26 Jan 2023 23:37:59 GMT
etag: W/"86e0165b432077320adbf690e339604e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: OTortTWyVNRtDUp0lvSxxaPaB8DYZnmY4nBeRJzfccpiFRaDCq6cXw==
age: 12
X-Firefox-Spdy: h2
cyber.bet/graphql/v2
172.66.40.100200 OK 0 B IP 172.66.40.100:0
POST /graphql/v2 HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cyber.bet/land/casino_red_pbn868/?cid=63d30ed64ea1cd00010fa3d7&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_casino&promocode=CYBERMAXCAS&subid2=&subid3=&aff_bnnr=&aff_land=1666276955
Content-Type: application/json;charset=utf-8
Origin: https://cyber.bet
Content-Length: 51
Connection: keep-alive
Cookie: _uc_referrer=http://ww1.yokkasoft.net/; _uc_utm_source=affise; _uc_utm_medium=revshare; _uc_utm_campaign=53_casino; _uc_utm_term=; _uc_utm_content=; __adm_tid=tid-2cfd8c5eb.2be193eea; _ga_8FYNJV02NV=GS1.1.1674776279.1.0.1674776279.60.0.0; _ga=GA1.1.921309120.1674776279
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:37:59 GMT
content-type: application/json
strict-transport-security: max-age=15724800; includeSubDomains
cb-blocked: no
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XLg4nHrJwzucjqXKWdrYcu4SDntB3snwBLsTP%2BsVYahKYxQ8HvOAUuMuTDNnVBDJAo4EqpFY%2FT8nl7x4QJO4Tc65lZli18Mq2QfIdtpjFJq3alwc8gtdEIPeCg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78fd14639999b4eb-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.cyber.bet//nj/mq/749129a1-2b84-46a8-bfc2-36c7fb837f56.svg
172.66.40.100200 OK 0 B URL HTTP/2 static.cyber.bet//nj/mq/749129a1-2b84-46a8-bfc2-36c7fb837f56.svg
IP 172.66.40.100:0
GET //nj/mq/749129a1-2b84-46a8-bfc2-36c7fb837f56.svg HTTP/1.1
Host: static.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1674776279.1.0.1674776279.60.0.0; _ga=GA1.2.921309120.1674776279; _gid=GA1.2.1865623238.1674776280; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:38:00 GMT
content-type: image/svg+xml
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 04:06:38 GMT
x-imgix-id: 58d927587a2791fa5ee8dc913a6ff0f83e28f73b
x-imgix-render-farm: 02.552
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10051-SJC, cache-bma1681-BMA
x-cache: MISS, HIT
vary: Accept-Encoding
cf-cache-status: HIT
age: 40922
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IlkABHe%2BloEtvVv%2Fjq8QzL%2F7Qu4YMbh%2Fn5bsSL%2BZ8LTCVjxq2TmRLbmnRSCKspX%2FEIkc1njX4P4bulrvOhIhs6gOTbLPCoHF%2Bri7Bs4a6Ahz6PrQ8mmYiU1gluxrm9Dejjo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78fd1467ec9bb4eb-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.cyber.bet//hi/an/6ce04cc3-d308-42ee-8f2d-04e0a81e7319.svg
172.66.40.100200 OK 0 B URL HTTP/2 static.cyber.bet//hi/an/6ce04cc3-d308-42ee-8f2d-04e0a81e7319.svg
IP 172.66.40.100:0
GET //hi/an/6ce04cc3-d308-42ee-8f2d-04e0a81e7319.svg HTTP/1.1
Host: static.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1674776279.1.0.1674776279.60.0.0; _ga=GA1.2.921309120.1674776279; _gid=GA1.2.1865623238.1674776280; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:38:00 GMT
content-type: image/svg+xml
cache-control: public, max-age=31536000
last-modified: Fri, 13 May 2022 15:59:53 GMT
x-imgix-id: 0d9a0eb61d73b4e7f1e6f9d63934aa27a4dabba7
x-imgix-render-farm: 02.552
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10077-SJC, cache-bma1665-BMA
x-cache: HIT, MISS
vary: Accept-Encoding
cf-cache-status: HIT
age: 173338
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uSFToFb94q6XQ6hs9N6RlCdkz0wmEILGCG8Qo2rZMgXC4drvFcDNuW2%2BP%2B2Vsl0c1oCBy93HF13uy1q7utoC82Rxed9UDk2g59Uywu5zY5A9TU%2BsgnF%2F4s%2Bb5u7ccMhBPQI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78fd1467ec98b4eb-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.cyber.bet//rz/ah/a55f56cd-663f-4587-9ba0-7780f4fffe06.svg
172.66.40.100200 OK 0 B URL HTTP/2 static.cyber.bet//rz/ah/a55f56cd-663f-4587-9ba0-7780f4fffe06.svg
IP 172.66.40.100:0
GET //rz/ah/a55f56cd-663f-4587-9ba0-7780f4fffe06.svg HTTP/1.1
Host: static.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1674776279.1.0.1674776279.60.0.0; _ga=GA1.2.921309120.1674776279; _gid=GA1.2.1865623238.1674776280; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:38:00 GMT
content-type: image/svg+xml
cache-control: public, max-age=31536000
last-modified: Tue, 15 Feb 2022 14:00:23 GMT
x-imgix-id: 124d84afd81dd36ff5dd18c8efb73ffa18bdb828
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10066-SJC, cache-maa10232-MAA
x-cache: HIT, HIT
vary: Accept-Encoding
cf-cache-status: HIT
age: 173338
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BqML6U4yelYqgadfPKsA2UxlJx82R0KkAhRIe9%2Bo48md9d6Ci3ATmv60mPQfkPvPM3a8iGR6r2vaMSyJNMCRiHCa9kkrFmjdUXhR6IajEnA%2B3OFgDdBhhUXrmtdLzhqz4x8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78fd1467eca6b4eb-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdnstatic.cyber.bet/js/libs/jquery.nice-select.min.js
54.230.111.100200 OK 0 B URL HTTP/2 cdnstatic.cyber.bet/js/libs/jquery.nice-select.min.js
IP 54.230.111.100:0
GET /js/libs/jquery.nice-select.min.js HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 24 Jan 2023 12:10:35 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Thu, 26 Jan 2023 23:37:10 GMT
etag: W/"4e2def5093eb4c4281624db4a5aa8f9c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 1DNCm5wBoZcLEd39lT1gy4p9GzmG2TCKCYvCz12MI2zPwcsV05ZLOw==
age: 59
X-Firefox-Spdy: h2
adjs.media/resources/content/cyberbet.js
188.114.96.1200 OK 0 B URL HTTP/2 adjs.media/resources/content/cyberbet.js
IP 188.114.96.1:0
GET /resources/content/cyberbet.js HTTP/1.1
Host: adjs.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:37:59 GMT
content-type: text/javascript; charset=utf-8
status: 200 OK
cache-control: no-cache
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 3d39c306-725a-4f92-afb1-621dd3306b91
x-download-options: noopen
etag: W/"bd06ea929f643a4924378f7eca9deb90"
x-runtime: 0.003021
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gEmrs5%2BNyKrga6VJfL1pgB6Rih15%2FAQUcbzVQ5fnY2VWJVAr1k4a%2BuHnHGSVXMP94mrQS%2FaL%2B4cjuaUVDoExm%2FzDLaKO9mxKu4cQvPp2w7vlf6AYEOuTWyqFm2i2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78fd145fca7bb518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnstatic.cyber.bet/js/currencyMapping.js
54.230.111.100200 OK 0 B URL HTTP/2 cdnstatic.cyber.bet/js/currencyMapping.js
IP 54.230.111.100:0
GET /js/currencyMapping.js HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 24 Jan 2023 12:10:35 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Thu, 26 Jan 2023 23:37:59 GMT
etag: W/"2a3d85d14eaeaac04949a29f3c94c548"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ibj9OurYRDaPBZ-aT1_kMnfAVFSeKGJ97X7l03zizmpaiG25F5-s9A==
age: 7
X-Firefox-Spdy: h2
cyber.bet/land/js/locales/base/locales.js
172.66.40.100200 OK 0 B URL HTTP/2 cyber.bet/land/js/locales/base/locales.js
IP 172.66.40.100:0
GET /land/js/locales/base/locales.js HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_red_pbn868/?cid=63d30ed64ea1cd00010fa3d7&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_casino&promocode=CYBERMAXCAS&subid2=&subid3=&aff_bnnr=&aff_land=1666276955
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:37:58 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=22124
etag: W/"636c24bc-566c"
last-modified: Wed, 09 Nov 2022 22:07:56 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4775
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HPrmrVCFxdOp5V7%2BUMOu4PtsVaDvcnLYeyBjq2ez4t%2FFcxviZ5GyAVRBGMCRZCKUrNn%2BRn1zWgNCGSo0MqyI9e083DaxRLKZ0E5bcU%2FNmTQNdcUklQ1zsF9Gpg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fd145f6eb4b4eb-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdnstatic.cyber.bet/css/iti/intlTelInput.css
54.230.111.100200 OK 0 B URL HTTP/2 cdnstatic.cyber.bet/css/iti/intlTelInput.css
IP 54.230.111.100:0
GET /css/iti/intlTelInput.css HTTP/1.1
Host: cdnstatic.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1674776279.1.0.1674776279.60.0.0; _ga=GA1.2.921309120.1674776279; _gid=GA1.2.1865623238.1674776280; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Tue, 24 Jan 2023 12:10:32 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Thu, 26 Jan 2023 23:37:47 GMT
etag: W/"a69aa970266649e0b08c2cb4bc166568"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: L15PWiA665GQJV0YDrBchVq6g0hWMvuTV4OV3vt01vMTXdWDkTW16g==
age: 22
X-Firefox-Spdy: h2
static.cyber.bet//xb/uj/c55700c6-fd25-4428-ab94-d164b9de3298.svg
172.66.40.100200 OK 0 B URL HTTP/2 static.cyber.bet//xb/uj/c55700c6-fd25-4428-ab94-d164b9de3298.svg
IP 172.66.40.100:0
GET //xb/uj/c55700c6-fd25-4428-ab94-d164b9de3298.svg HTTP/1.1
Host: static.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1674776279.1.0.1674776279.60.0.0; _ga=GA1.2.921309120.1674776279; _gid=GA1.2.1865623238.1674776280; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:38:00 GMT
content-type: image/svg+xml
cache-control: public, max-age=31536000
last-modified: Tue, 30 Aug 2022 12:06:01 GMT
x-imgix-id: 9bdf3c27132191386bea4ec4bc43098d462dc9fd
x-imgix-render-farm: 02.552
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10022-SJC, cache-bma1631-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
cf-cache-status: HIT
age: 723405
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J1Nlj1TQMmmTGt33X84jRTNrZBkIic7BFxaMMY7096pqU5KNg2AmDpYfnsAtlfq9Q8SmDaNAma0oh1uX4Mf%2BIpL89SXWPtXn7EiMcyXsbQINUzbk7kou9uUtQEXoSASC3Fs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78fd1467ec94b4eb-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.cyber.bet//wf/sp/611bc275-0144-4101-8422-c5e1f672bc87.svg
172.66.40.100200 OK 0 B URL HTTP/2 static.cyber.bet//wf/sp/611bc275-0144-4101-8422-c5e1f672bc87.svg
IP 172.66.40.100:0
GET //wf/sp/611bc275-0144-4101-8422-c5e1f672bc87.svg HTTP/1.1
Host: static.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1674776279.1.0.1674776279.60.0.0; _ga=GA1.2.921309120.1674776279; _gid=GA1.2.1865623238.1674776280; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:38:00 GMT
content-type: image/svg+xml
cache-control: public, max-age=31536000
last-modified: Tue, 15 Feb 2022 14:02:39 GMT
x-imgix-id: 75c58e24d4ac8f5051021d0ef9be81344e6a26d6
x-imgix-render-farm: 01.1064
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10029-SJC, cache-bma1653-BMA
x-cache: HIT, MISS
vary: Accept-Encoding
cf-cache-status: HIT
age: 723405
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aQJInyudeHkAUGjvxRTb%2BqpXSwSX2JG3bkGhF2C7Maw%2Fkd4g3FYNsG8AQ8Mf0abwK5DYs%2B8QUraXm70oBnyb8XJpYSzb4Tl7xaGekDO4jBgxYBFPV1isznsv%2BGYJZGbj%2B1Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78fd1467fcbeb4eb-OSL
content-encoding: br
X-Firefox-Spdy: h2
adtraffic.agency/redirect?click_id=LjfPBfudAf95ZHJV
172.67.133.173200 OK 0 B URL HTTP/2 adtraffic.agency/redirect?click_id=LjfPBfudAf95ZHJV
IP 172.67.133.173:0
GET /redirect?click_id=LjfPBfudAf95ZHJV HTTP/1.1
Host: adtraffic.agency
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:38:01 GMT
content-type: text/html; charset=utf-8
status: 200 OK
cache-control: no-cache
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 169ba863-3313-4a7a-b4d3-a16cbfdf3229
x-download-options: noopen
x-runtime: 0.007108
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UI2f%2BA8YOGoIA2clKj9GQjp7v5c5FtTTO9HpYB1VpWL%2B8AEx8rSkcAcnGxZXRpV21ZBtkXsFutYooEpNceAZmQlyBGvWIEQqps5QeVGAl7cziMVfTFWz%2F3hFMCg3zhQSwakL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78fd146ad92c0b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cyber.bet/land/casino_red_pbn868/?cid=63d30ed64ea1cd00010fa3d7&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_casino&promocode=CYBERMAXCAS&subid2=&subid3=&aff_bnnr=&aff_land=1666276955
172.66.40.100200 OK 0 B URL HTTP/2 cyber.bet/land/casino_red_pbn868/?cid=63d30ed64ea1cd00010fa3d7&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_casino&promocode=CYBERMAXCAS&subid2=&subid3=&aff_bnnr=&aff_land=1666276955
IP 172.66.40.100:0
GET /land/casino_red_pbn868/?cid=63d30ed64ea1cd00010fa3d7&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_casino&promocode=CYBERMAXCAS&subid2=&subid3=&aff_bnnr=&aff_land=1666276955 HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ww1.yokkasoft.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:37:58 GMT
content-type: text/html
last-modified: Fri, 04 Nov 2022 16:57:42 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ow3%2BFpKM3cgdOSGMfg3qOWAHQizoyY98GlTwU7oV8vdPJyLeRpz%2Bu9ZCMMT46gb2eDUUG4B0dbGdtT2ZCUMw9qmLqK45ArGiESmh5FDXEFEb0R3qMHCdkTmo%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78fd145e8e18b4eb-OSL
content-encoding: br
X-Firefox-Spdy: h2
scripts.prdredir.com/scripts/k_cyberbet.js
172.64.135.33200 OK 0 B URL HTTP/2 scripts.prdredir.com/scripts/k_cyberbet.js
IP 172.64.135.33:0
GET /scripts/k_cyberbet.js HTTP/1.1
Host: scripts.prdredir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:37:59 GMT
content-type: text/javascript; charset=utf-8
status: 200 OK
cache-control: no-cache
access-control-allow-origin: *
x-request-id: 2c920f5f-ad0a-4a0f-9694-44cc8f0d7789
etag: W/"95d838de11136e7964ca0eaa375bf294"
x-runtime: 0.008109
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5TtR3PleMBfe2bwHoxjnzgXJGGd8%2FwfiDxffmy%2FAayMdy6OGvHJSJkK3gV3wfO2rY9TwxWeUQHR5fs%2F2S4Oxkrdpwn%2BEQUQudvvmpNTaxlw0q%2F0QI6fapsRNY5uYbGhyrs6Slabv3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78fd14608bcaf3f3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.cyber.bet//us/va/9e380f15-f52c-4b37-9e1a-ee1e29eda72f.svg
172.66.40.100200 OK 0 B URL HTTP/2 static.cyber.bet//us/va/9e380f15-f52c-4b37-9e1a-ee1e29eda72f.svg
IP 172.66.40.100:0
GET //us/va/9e380f15-f52c-4b37-9e1a-ee1e29eda72f.svg HTTP/1.1
Host: static.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1674776279.1.0.1674776279.60.0.0; _ga=GA1.2.921309120.1674776279; _gid=GA1.2.1865623238.1674776280; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:38:00 GMT
content-type: image/svg+xml
cache-control: public, max-age=31536000
last-modified: Tue, 15 Feb 2022 14:01:52 GMT
x-imgix-id: 5009dab7bf9c2c57dfc23b32759803b69d7d3cb3
x-imgix-render-farm: 01.1064
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10049-SJC, cache-bma1666-BMA
x-cache: HIT, MISS
vary: Accept-Encoding
cf-cache-status: HIT
age: 173338
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yVQofD7xfNgBKCc6EY%2BMoEoHSgDCYgaUOMoDc3U0sfHowk2oUbD%2FkK%2Bpfr6FjDoWwZ1J4O6MeMWfx71jbx8Dm6FK2eDCBInt0jL5g%2B3YCdZE3Yiyjr9GdgLO5jpftJBl%2BDI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78fd1467eca8b4eb-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.cyber.bet//fs/kc/17bc1130-a40d-4486-8805-8edc5e3ab5e0.svg
172.66.40.100200 OK 0 B URL HTTP/2 static.cyber.bet//fs/kc/17bc1130-a40d-4486-8805-8edc5e3ab5e0.svg
IP 172.66.40.100:0
GET //fs/kc/17bc1130-a40d-4486-8805-8edc5e3ab5e0.svg HTTP/1.1
Host: static.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/
Cookie: _ga_8FYNJV02NV=GS1.1.1674776279.1.0.1674776279.60.0.0; _ga=GA1.2.921309120.1674776279; _gid=GA1.2.1865623238.1674776280; _gat_UA-113371679-3=1; _gat_UA-113371679-5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:38:00 GMT
content-type: image/svg+xml
cache-control: public, max-age=31536000
last-modified: Sat, 26 Nov 2022 04:32:34 GMT
x-imgix-id: eaa9a5ceb4ef9ff91d93849720aab7cfa394d578
x-imgix-render-farm: 02.552
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10054-SJC, cache-bma1648-BMA
x-cache: HIT, MISS
vary: Accept-Encoding
cf-cache-status: HIT
age: 173338
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Au0soJ0GEM5PKiEspBljxmWVczHy49rSGKK36s%2BCGQScMEEqU5ia7ZuMMA7LzPBsfSKMl6Bs1K822ncKhwpVUGvWcpY4LsypVIp1GtAxPseNTH79xtKnSRVHDjJQyjuCwxc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78fd1467fcc1b4eb-OSL
content-encoding: br
X-Firefox-Spdy: h2