| link.cetus.homes/Fresh?ad_campaign_id=kik%2029.12.2&keyword=bom447566375 |  188.114.96.1 | 301 Moved Permanently | 0 B |
URL HTTP/1.1link.cetus.homes/Fresh?ad_campaign_id=kik%2029.12.2&keyword=bom447566375 IP188.114.96.1:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /Fresh?ad_campaign_id=kik%2029.12.2&keyword=bom447566375 HTTP/1.1
Host: link.cetus.homes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 16 Jan 2023 00:35:53 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 16 Jan 2023 01:35:53 GMT
Location: https://link.cetus.homes/Fresh?ad_campaign_id=kik%2029.12.2&keyword=bom447566375
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C55A1GjCOXP88ofaSCFV2FcbV0jYmGlz924joUI8GGS0w1%2Bo2%2FMgmzObcOha913MkemLaoQ0vCII8sNlt0Mp8qBLJiiYIST3SWWUUsj%2F04LRudKyp43GZ9HBaQgrJV9c0ntR"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78a2c6152819fac0-OSL
alt-svc: h2=":443"; ma=60
|
|
| r3.o.lencr.org/ |  23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash3063227f59d1935298b0620fa7919145 478e1d8bef04b1f95381cac01829c03b6779d420 619281d3b9753bc6d2845786da75e8566687362769517aacf90f953ffbb8407c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "619281D3B9753BC6D2845786DA75E8566687362769517AACF90F953FFBB8407C"
Last-Modified: Sat, 14 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7735
Expires: Mon, 16 Jan 2023 02:44:49 GMT
Date: Mon, 16 Jan 2023 00:35:54 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash2258cd6b877a3aca8f4c84074e65ac4b 4e46c70941f8e497e8afc8d078644e7f81761a1c faac4e0d123f2112b58953c104ea746cd53047fc1ada0ef5d669feecf78ddfff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FAAC4E0D123F2112B58953C104EA746CD53047FC1ADA0EF5D669FEECF78DDFFF"
Last-Modified: Sat, 14 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4540
Expires: Mon, 16 Jan 2023 01:51:34 GMT
Date: Mon, 16 Jan 2023 00:35:54 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashd6e2abd68203014e8e24d4a9e20e980a 5edbbb1a36083d5077b90b82e7aa10049e90c5d6 88cf8dae194a5e92a8c36a4c54ae71a609eaaed6e99d3986b3834c40d2fceeaa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "88CF8DAE194A5E92A8C36A4C54AE71A609EAAED6E99D3986B3834C40D2FCEEAA"
Last-Modified: Sun, 15 Jan 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3457
Expires: Mon, 16 Jan 2023 01:33:31 GMT
Date: Mon, 16 Jan 2023 00:35:54 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ |  35.241.9.150 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash14cd9a0afb6ba9a763651d5112760d1e 75d7b104ab9ab11fbb73c3f348b43b0119b5adfa 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 15 Jan 2023 23:42:08 GMT
content-type: application/json
age: 3226
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash7b922915ebf1fa3639b333f994c74f24 144a3f80b98fd0652d4614f24cf6cbbee40f8938 adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ZcJqIvMUZ9Z6QQq8G0H34yOjC3kLjh9QaVN1S7dEyoEAzGpF7NnSyYSwSyxoOS3lcLC7mrK7mnE=
x-amz-request-id: W8YM04P706RYF605
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 15 Jan 2023 23:55:35 GMT
age: 2419
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 16 Jan 2023 00:35:54 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 35.241.9.150 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Expires, Last-Modified, Alert, Content-Type, Content-Length, ETag, Pragma, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 16 Jan 2023 00:33:45 GMT
age: 129
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ |  93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hashe5f9cfd32ba0e755eba2eba2bca5bc3c 012c01ac7a06da9f57e0e1c24658a4bd40e82518 ffd7fc715a11f6579f953c2f0f65128000733620fcc777cd0a4c5bb895c64ad2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1285
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 00:35:54 GMT
Last-Modified: Mon, 16 Jan 2023 00:14:29 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
|
|
| fresh.casino/img/preloader-basic.gif |  45.12.31.250 | 200 OK | 37 kB |
URL HTTP/2fresh.casino/img/preloader-basic.gif IP45.12.31.250:0 ASN#209242 Cloudflare London, LLC
File typeGIF image data, version 89a, 400 x 300\012- data Hashc745630fadc8a38ede0a023f028ab740 f20da803b06968c593343c0a72fa7a10d9259d75 413cfa0acc92b7b81b281ce87a9aa5d963ad19197abb9d4205646de71eeae9e4
GET /img/preloader-basic.gif HTTP/1.1
Host: fresh.casino
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fresh.casino/en/registration?affb_id=c_10&al_id=92acfbff4c82e812b918f49eb84fb12c&stag=193565_63c49bea2ffa281d08310bdd&subid=s8hnpa1r4vl
Cookie: __cf_bm=0zyKdKPIPz5_ZwE27EhKWgDzuomPBd5ziQpkcpSukj0-1673829354-0-AZnisdc6FQ2LXfSqVlTgUsxtGnVltgDJS9HXd7MMePTEYYCXtcbWqUeBjBp2arAEXwsWgd2ecwiPmO9itJVXCIc=; statapi_client_id=16738293553534004; first_visit_sended=1673829355356
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 16 Jan 2023 00:35:54 GMT
content-type: image/gif
content-length: 37393
cf-bgj: imgq:85,h2pri
cf-polished: origSize=39472
cache-control: public, max-age=2592000
etag: "63bd282e-9a30"
expires: Wed, 15 Feb 2023 00:35:54 GMT
last-modified: Tue, 10 Jan 2023 08:56:14 GMT
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-ingress: K8J-INT
x-priority-class: 100
x-unique-id: AC46F6EB:B3D6_5CDE314A:01BB_63BFE684_20F153:030C
cf-cache-status: HIT
age: 285777
accept-ranges: bytes
server: cloudflare
cf-ray: 78a2c61c5cbf0b41-OSL
X-Firefox-Spdy: h2
|
|
| fresh.casino/messenger/styles.messenger.css | 45.12.31.250 | 200 OK | 14 kB |
URL HTTP/2fresh.casino/messenger/styles.messenger.css IP45.12.31.250:0 ASN#209242 Cloudflare London, LLC
File typeASCII text, with very long lines (65536), with no line terminators Hashd76d9a6a4255bfd67de2744441b8a906 c28a5b04fe37728199e5d427c2f13af7bb10de83 d9a2a9ee1cbb538c972e5a894bdda716a3d9474c68a72a6c7d470c7d8a2857d2
GET /messenger/styles.messenger.css HTTP/1.1
Host: fresh.casino
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fresh.casino/en/registration?affb_id=c_10&al_id=92acfbff4c82e812b918f49eb84fb12c&stag=193565_63c49bea2ffa281d08310bdd&subid=s8hnpa1r4vl
Cookie: __cf_bm=0zyKdKPIPz5_ZwE27EhKWgDzuomPBd5ziQpkcpSukj0-1673829354-0-AZnisdc6FQ2LXfSqVlTgUsxtGnVltgDJS9HXd7MMePTEYYCXtcbWqUeBjBp2arAEXwsWgd2ecwiPmO9itJVXCIc=; statapi_client_id=16738293553534004; first_visit_sended=1673829355356
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 16 Jan 2023 00:35:55 GMT
content-type: text/css
last-modified: Fri, 09 Dec 2022 23:39:16 GMT
etag: W/"6393c724-14909"
x-back: msg
strict-transport-security: max-age=15768000
x-priority-class: 10
x-unique-id: 8D654C36:8528_5CDE314A:01BB_63C49BE6_80C4F6:2838
x-ingress: K8J-INT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 78a2c61c5cc40b41-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| push.services.mozilla.com/ | 52.39.93.175 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP52.39.93.175:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: B2VIv9pXzfbk4MDo6DkaUw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Qu80zkz3fl226xMcoExv30TksjM=
|
|
| fresh.casino/js/pixels.js | 45.12.31.250 | 200 OK | 47 kB |
URL HTTP/2fresh.casino/js/pixels.js IP45.12.31.250:0 ASN#209242 Cloudflare London, LLC
Hash570c5d48f7e5cef277d5606c512d75df 38853333b0e89e16df002fd8ce616aed78af1932 749eab3ec9ed1858ce1797c9b29472e50cf36f2c7e10c883f6342232323e4d00
GET /js/pixels.js HTTP/1.1
Host: fresh.casino
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fresh.casino/en/registration?affb_id=c_10&al_id=92acfbff4c82e812b918f49eb84fb12c&stag=193565_63c49bea2ffa281d08310bdd&subid=s8hnpa1r4vl
Cookie: __cf_bm=0zyKdKPIPz5_ZwE27EhKWgDzuomPBd5ziQpkcpSukj0-1673829354-0-AZnisdc6FQ2LXfSqVlTgUsxtGnVltgDJS9HXd7MMePTEYYCXtcbWqUeBjBp2arAEXwsWgd2ecwiPmO9itJVXCIc=; statapi_client_id=16738293553534004; first_visit_sended=1673829355356
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 16 Jan 2023 00:35:54 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=597
cache-control: public, max-age=2592000
etag: W/"63bd282e-136"
expires: Wed, 15 Feb 2023 00:35:54 GMT
last-modified: Tue, 10 Jan 2023 08:56:14 GMT
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-ingress: K8J-INT
x-priority-class: 10
x-unique-id: AC46F735:A576_5CDE314A:01BB_63BFE62A_20E595:27E4
cf-cache-status: HIT
age: 299024
server: cloudflare
cf-ray: 78a2c61c5cc10b41-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| fresh.casino/messenger/chunk.messenger.js | 45.12.31.250 | 200 OK | 94 kB |
URL HTTP/2fresh.casino/messenger/chunk.messenger.js IP45.12.31.250:0 ASN#209242 Cloudflare London, LLC
File typeUnicode text, UTF-8 text, with very long lines (18919) Hash992812b112d55ecac9d839e7787633e7 cd35cee9dff685a80b8c10c9180ca9ee2e6b0a27 ff9103df04a6d0935270f64ca56ae0031313452cf2182b33c091631df61b0e6e
GET /messenger/chunk.messenger.js HTTP/1.1
Host: fresh.casino
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fresh.casino/en/registration?affb_id=c_10&al_id=92acfbff4c82e812b918f49eb84fb12c&stag=193565_63c49bea2ffa281d08310bdd&subid=s8hnpa1r4vl
Cookie: __cf_bm=0zyKdKPIPz5_ZwE27EhKWgDzuomPBd5ziQpkcpSukj0-1673829354-0-AZnisdc6FQ2LXfSqVlTgUsxtGnVltgDJS9HXd7MMePTEYYCXtcbWqUeBjBp2arAEXwsWgd2ecwiPmO9itJVXCIc=; statapi_client_id=16738293553534004; first_visit_sended=1673829355356
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 16 Jan 2023 00:35:55 GMT
content-type: application/javascript
last-modified: Fri, 09 Dec 2022 23:39:16 GMT
etag: W/"6393c724-49767"
x-back: msg
strict-transport-security: max-age=15768000
x-priority-class: 10
x-unique-id: 8D654C2B:C9A4_5CDE314A:01BB_63C49BE6_80C4F7:2838
x-ingress: K8J-INT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 78a2c61c5cc30b41-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash6b6a65d2536cc8f99e68793ae265b595 f65e75f8419bd83e26f49def7fa2604db5f77b4d 94b31f7663e4917e8e97079202ef9fa340766f1ebfc2601360618d947f7dabc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94B31F7663E4917E8E97079202EF9FA340766F1EBFC2601360618D947F7DABC9"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8812
Expires: Mon, 16 Jan 2023 03:02:48 GMT
Date: Mon, 16 Jan 2023 00:35:56 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash6b6a65d2536cc8f99e68793ae265b595 f65e75f8419bd83e26f49def7fa2604db5f77b4d 94b31f7663e4917e8e97079202ef9fa340766f1ebfc2601360618d947f7dabc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94B31F7663E4917E8E97079202EF9FA340766F1EBFC2601360618D947F7DABC9"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8812
Expires: Mon, 16 Jan 2023 03:02:48 GMT
Date: Mon, 16 Jan 2023 00:35:56 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash6b6a65d2536cc8f99e68793ae265b595 f65e75f8419bd83e26f49def7fa2604db5f77b4d 94b31f7663e4917e8e97079202ef9fa340766f1ebfc2601360618d947f7dabc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94B31F7663E4917E8E97079202EF9FA340766F1EBFC2601360618D947F7DABC9"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8812
Expires: Mon, 16 Jan 2023 03:02:48 GMT
Date: Mon, 16 Jan 2023 00:35:56 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc61a852-27cd-4c47-99a2-22005149e4db.jpeg | 34.120.237.76 | 200 OK | 6.6 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc61a852-27cd-4c47-99a2-22005149e4db.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash0c204188905d07e146caa8476bdaf21c 26752a333f129794638937744246d817b82bd6d1 15c7043740a63067834deaf30be55873dc6793729af644ea5acf6d2c54bd82ff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc61a852-27cd-4c47-99a2-22005149e4db.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6647
x-amzn-requestid: 8fe2da86-9c9b-470b-a21d-b485efd0ab8e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ezbMHG-RoAMFtJA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c4724d-0de93e8264539ad9172315d6;Sampled=0
x-amzn-remapped-date: Sun, 15 Jan 2023 21:38:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: DmsAv10Nls5pPHkjljNzbeyJXS1GLWKCfKeLjw_HD5UP4RPproSSEA==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 15 Jan 2023 21:54:30 GMT
age: 9686
etag: "26752a333f129794638937744246d817b82bd6d1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| fresh.casino/registration?affb_id=c_10&al_id=92acfbff4c82e812b918f49eb84fb12c&stag=193565_63c49bea2ffa281d08310bdd&subid=s8hnpa1r4vl | 45.12.31.250 | 302 Found | 43 kB |
URL HTTP/2fresh.casino/registration?affb_id=c_10&al_id=92acfbff4c82e812b918f49eb84fb12c&stag=193565_63c49bea2ffa281d08310bdd&subid=s8hnpa1r4vl IP45.12.31.250:0 ASN#209242 Cloudflare London, LLC
Hash85b74675df553dfd178278e407c935e0 107e00aff29e4051d13b50bccf61470886295823 eb2c8edac40b636ba5ed7756fe1eba63ae80d63722ee2fe8bd94a76d4acc7eaf
GET /registration?affb_id=c_10&al_id=92acfbff4c82e812b918f49eb84fb12c&stag=193565_63c49bea2ffa281d08310bdd&subid=s8hnpa1r4vl HTTP/1.1
Host: fresh.casino
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Mon, 16 Jan 2023 00:35:54 GMT
content-type: text/html
location: https://fresh.casino/en/registration?affb_id=c_10&al_id=92acfbff4c82e812b918f49eb84fb12c&stag=193565_63c49bea2ffa281d08310bdd&subid=s8hnpa1r4vl
x-location-3: 302
strict-transport-security: max-age=15768000
x-priority-class: 100
x-unique-id: 8D654C96:7A44_5CDE314A:01BB_63C49BE5_80C4E9:2838
x-ingress: K8J-INT
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=0zyKdKPIPz5_ZwE27EhKWgDzuomPBd5ziQpkcpSukj0-1673829354-0-AZnisdc6FQ2LXfSqVlTgUsxtGnVltgDJS9HXd7MMePTEYYCXtcbWqUeBjBp2arAEXwsWgd2ecwiPmO9itJVXCIc=; path=/; expires=Mon, 16-Jan-23 01:05:54 GMT; domain=.fresh.casino; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 78a2c61aec390b41-OSL
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcdba5086-6c46-4cc7-9087-e85f89cbe947.jpeg | 34.120.237.76 | 200 OK | 9.2 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcdba5086-6c46-4cc7-9087-e85f89cbe947.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashad1a79b09348c4959a8ac05513efcb78 10c0a66add63c868ff332022f588e65f4ac1ec15 8a123746389e6b480669b8d6882f7edce290f1c226cd6744e23bac94b8de6d32
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcdba5086-6c46-4cc7-9087-e85f89cbe947.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9176
x-amzn-requestid: 1d5746ff-7de6-4a54-87d2-d15330d1bb58
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: etlL8HiPoAMFrIg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c21be5-044d012445cf23c01cb07a89;Sampled=0
x-amzn-remapped-date: Sat, 14 Jan 2023 03:05:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rlWcTZTEG0kynoJM9bd9eba8kiPvodkF7ewyDV7JaR9qPjiNMApa1g==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 16 Jan 2023 00:20:11 GMT
age: 945
etag: "10c0a66add63c868ff332022f588e65f4ac1ec15"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F031beac7-577d-46b4-abf3-76a36e6f7182.jpeg | 34.120.237.76 | 200 OK | 7.9 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F031beac7-577d-46b4-abf3-76a36e6f7182.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash85f62aebc69d59c3eaad9a43e622e4ea e04b7bd84d25d3b390191fd87ba6c90543809278 cf8258090bfd5649eb80d65865a4bde16ff6e6722c2a61c387a8ebda2e4bac63
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F031beac7-577d-46b4-abf3-76a36e6f7182.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7943
x-amzn-requestid: fd719e7c-aca3-4612-8b16-3e64b9113aff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: etktkG6voAMFgQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c21b23-098cf567257d803e3c70fc0a;Sampled=0
x-amzn-remapped-date: Sat, 14 Jan 2023 03:01:55 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: O5_73URQbtfc-Vdn0Ts1anUH4BTyzPfj3cd0bj4FBxRO4woOlXdQJA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 15 Jan 2023 11:55:15 GMT
age: 45641
etag: "e04b7bd84d25d3b390191fd87ba6c90543809278"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F11096c9a-daab-44fd-bdba-e72808f67f65.jpeg | 34.120.237.76 | 200 OK | 8.4 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F11096c9a-daab-44fd-bdba-e72808f67f65.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashd5b5c747b75121f322c4845a137d725a 6fd2ad86b28ad36b81e96df3e7f78f19e151d77b aaf3622cdb5e7e5f5284145705759414c40ea3b60a055d1ae7c5f9048e708086
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F11096c9a-daab-44fd-bdba-e72808f67f65.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8395
x-amzn-requestid: b849f092-bdb9-4c1b-8000-f090773f8991
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ezbONHQuIAMF1lA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c4725a-3c5bcf043d435e59609c5bd6;Sampled=0
x-amzn-remapped-date: Sun, 15 Jan 2023 21:38:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mL0GM1YfHTO-ct7mkACe8PECZ6a0p1PDMFmddGOz-cO4S6y7-v__5g==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sun, 15 Jan 2023 21:54:19 GMT
age: 9697
etag: "6fd2ad86b28ad36b81e96df3e7f78f19e151d77b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| fresh.casino/batch.js?lang=en | 45.12.31.250 | 200 OK | 395 kB |
URL HTTP/2fresh.casino/batch.js?lang=en IP45.12.31.250:0 ASN#209242 Cloudflare London, LLC
File typeASCII text, with very long lines (65535) Size395 kB (394650 bytes) Hash2a79d9327e4a36a5aa5797a9802bc2ad 20057ffccd25dff31b4749169b7f87e8761833ff 527d786d581486f9bb008b9d2a62b6be93edd90b0b776a63c078a222e3f831b9
GET /batch.js?lang=en HTTP/1.1
Host: fresh.casino
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fresh.casino/en/registration?affb_id=c_10&al_id=92acfbff4c82e812b918f49eb84fb12c&stag=193565_63c49bea2ffa281d08310bdd&subid=s8hnpa1r4vl
Cookie: __cf_bm=0zyKdKPIPz5_ZwE27EhKWgDzuomPBd5ziQpkcpSukj0-1673829354-0-AZnisdc6FQ2LXfSqVlTgUsxtGnVltgDJS9HXd7MMePTEYYCXtcbWqUeBjBp2arAEXwsWgd2ecwiPmO9itJVXCIc=; statapi_client_id=16738293553534004; first_visit_sended=1673829355356
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 16 Jan 2023 00:35:55 GMT
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
strict-transport-security: max-age=15768000
x-priority-class: 10
x-unique-id: 8D654C71:98E8_5CDE314A:01BB_63C49BEB_80AB0D:0360
x-ingress: K8J-INT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 78a2c61c5cc00b41-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| region1.google-analytics.com/g/collect?v=2&tid=G-JZR69FF327>m=2oe1a1&_p=1939226610&cid=2044772349.1673829356&ul=en-us&sr=1280x1024&_s=1&sid=1673829356&sct=1&seg=0&dl=https%3A%2F%2Ffresh.casino%2Fen%2Fregistration%3Faffb_id%3Dc_10%26al_id%3D92acfbff4c82e812b918f49eb84fb12c%26stag%3D193565_63c49bea2ffa281d08310bdd%26subid%3Ds8hnpa1r4vl&dt=Registration%20at%20Fresh%20Casino&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 | 216.239.34.36 | 204 No Content | 0 B |
URL HTTP/2region1.google-analytics.com/g/collect?v=2&tid=G-JZR69FF327>m=2oe1a1&_p=1939226610&cid=2044772349.1673829356&ul=en-us&sr=1280x1024&_s=1&sid=1673829356&sct=1&seg=0&dl=https%3A%2F%2Ffresh.casino%2Fen%2Fregistration%3Faffb_id%3Dc_10%26al_id%3D92acfbff4c82e812b918f49eb84fb12c%26stag%3D193565_63c49bea2ffa281d08310bdd%26subid%3Ds8hnpa1r4vl&dt=Registration%20at%20Fresh%20Casino&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 IP216.239.34.36:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-JZR69FF327>m=2oe1a1&_p=1939226610&cid=2044772349.1673829356&ul=en-us&sr=1280x1024&_s=1&sid=1673829356&sct=1&seg=0&dl=https%3A%2F%2Ffresh.casino%2Fen%2Fregistration%3Faffb_id%3Dc_10%26al_id%3D92acfbff4c82e812b918f49eb84fb12c%26stag%3D193565_63c49bea2ffa281d08310bdd%26subid%3Ds8hnpa1r4vl&dt=Registration%20at%20Fresh%20Casino&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fresh.casino
Connection: keep-alive
Referer: https://fresh.casino/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://fresh.casino
date: Mon, 16 Jan 2023 00:35:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| fresh.casino/img/icons/favicon-16x16.png | 45.12.31.250 | 200 OK | 229 B |
URL HTTP/2fresh.casino/img/icons/favicon-16x16.png IP45.12.31.250:0 ASN#209242 Cloudflare London, LLC
File typePNG image data, 16 x 16, 4-bit colormap, non-interlaced\012- data Hash4838ed5da3cb8924c6f57b8a7107613b d5965645bdc0ecc33c8ea581574dc3fbb3f49cff 6e22522b66522de1f7caddca7174faf47f543fd1815f8cfb4ddaabd4b68f0889
GET /img/icons/favicon-16x16.png HTTP/1.1
Host: fresh.casino
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fresh.casino/en/registration?affb_id=c_10&al_id=92acfbff4c82e812b918f49eb84fb12c&stag=193565_63c49bea2ffa281d08310bdd&subid=s8hnpa1r4vl
Cookie: __cf_bm=0zyKdKPIPz5_ZwE27EhKWgDzuomPBd5ziQpkcpSukj0-1673829354-0-AZnisdc6FQ2LXfSqVlTgUsxtGnVltgDJS9HXd7MMePTEYYCXtcbWqUeBjBp2arAEXwsWgd2ecwiPmO9itJVXCIc=; statapi_client_id=16738293553534004; first_visit_sended=1673829355356; domain_manager_session=eyJpdiI6IlVTeWpobnlmVnJVWVlPRWpPZkhzVkE9PSIsInZhbHVlIjoiSFpZcVFZV2wxa0x6c3h6ZFM0R2tDcklISXZyTG04cEltOURXRVZrelhOSk5KS2NkYTk3U1ZKYm9pTHFldlZCUiIsIm1hYyI6IjY3MGQxMjIzYzY5ZWViZTlmNGUxYzUwMmNmOWEwNjM3NjYxZTQ1OTM2NTIyMTliZmU1MGM2ZWFiOGVkMTUwMzQifQ%3D%3D; statapi_session_id=1673829355355; statapi_device_id=16738293554836384; _ga_JZR69FF327=GS1.1.1673829356.1.0.1673829356.0.0.0; _ga=GA1.1.2044772349.1673829356
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 16 Jan 2023 00:35:56 GMT
content-type: image/png
content-length: 229
cf-bgj: imgq:85,h2pri
cf-polished: origSize=405
cache-control: public, max-age=2592000
etag: "63aab6fb-195"
expires: Wed, 15 Feb 2023 00:35:56 GMT
last-modified: Tue, 27 Dec 2022 09:12:27 GMT
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-ingress: K8J-INT
x-priority-class: 20
x-unique-id: AC46F2F3:91B8_5CDE314A:01BB_63B73321_765305:01D8
cf-cache-status: HIT
age: 864352
accept-ranges: bytes
server: cloudflare
cf-ray: 78a2c62598f80b41-OSL
X-Firefox-Spdy: h2
|
|
| fresh.casino/img/icons/android-icon-192x192.png | 45.12.31.250 | 200 OK | 1.2 kB |
URL HTTP/2fresh.casino/img/icons/android-icon-192x192.png IP45.12.31.250:0 ASN#209242 Cloudflare London, LLC
File typePNG image data, 192 x 192, 8-bit colormap, non-interlaced\012- data Hash7ed60878a22d2c558e4f937ad1e4e70a a32769943a16c51037ab800df5b4109000f3c3ef bdb7b94f6d55c7f97daee493a3fbd78bbece8ac0cf951cf6d703af104f4d38f9
GET /img/icons/android-icon-192x192.png HTTP/1.1
Host: fresh.casino
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fresh.casino/en/registration?affb_id=c_10&al_id=92acfbff4c82e812b918f49eb84fb12c&stag=193565_63c49bea2ffa281d08310bdd&subid=s8hnpa1r4vl
Cookie: __cf_bm=0zyKdKPIPz5_ZwE27EhKWgDzuomPBd5ziQpkcpSukj0-1673829354-0-AZnisdc6FQ2LXfSqVlTgUsxtGnVltgDJS9HXd7MMePTEYYCXtcbWqUeBjBp2arAEXwsWgd2ecwiPmO9itJVXCIc=; statapi_client_id=16738293553534004; first_visit_sended=1673829355356; domain_manager_session=eyJpdiI6IlVTeWpobnlmVnJVWVlPRWpPZkhzVkE9PSIsInZhbHVlIjoiSFpZcVFZV2wxa0x6c3h6ZFM0R2tDcklISXZyTG04cEltOURXRVZrelhOSk5KS2NkYTk3U1ZKYm9pTHFldlZCUiIsIm1hYyI6IjY3MGQxMjIzYzY5ZWViZTlmNGUxYzUwMmNmOWEwNjM3NjYxZTQ1OTM2NTIyMTliZmU1MGM2ZWFiOGVkMTUwMzQifQ%3D%3D; statapi_session_id=1673829355355; statapi_device_id=16738293554836384; _ga_JZR69FF327=GS1.1.1673829356.1.0.1673829356.0.0.0; _ga=GA1.1.2044772349.1673829356
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 16 Jan 2023 00:35:56 GMT
content-type: image/png
content-length: 1188
cf-bgj: imgq:85,h2pri
cf-polished: origSize=3558
cache-control: public, max-age=2592000
etag: "63bd282e-de6"
expires: Wed, 15 Feb 2023 00:35:56 GMT
last-modified: Tue, 10 Jan 2023 08:56:14 GMT
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-ingress: K8J-INT
x-priority-class: 20
x-unique-id: A29E94E7:C300_5CDE314A:01BB_63BFE693_20FCA8:27E4
cf-cache-status: HIT
age: 289799
accept-ranges: bytes
server: cloudflare
cf-ray: 78a2c62598f70b41-OSL
X-Firefox-Spdy: h2
|
|
| ocsp.globalsign.com/gseccovsslca2018 | 151.101.130.133 | 200 OK | 939 B |
URL HTTP/1.1ocsp.globalsign.com/gseccovsslca2018 IP151.101.130.133:0
Hash9daac9b1eed09eabdf636be73d67ee7e 0d4b06538a6d1e38a9b57c0b006d2e1a8b37eebc 996700d983d8ecdf3495e060cec408d102c49b5321f58207bb316ee2a679cfb8
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 939
Server: nginx
Content-Type: application/ocsp-response
Expires: Thu, 19 Jan 2023 22:32:53 GMT
ETag: "0d4b06538a6d1e38a9b57c0b006d2e1a8b37eebc"
Last-Modified: Sun, 15 Jan 2023 22:32:54 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Mon, 16 Jan 2023 00:35:56 GMT
Age: 671
X-Served-By: cache-qpg1244-QPG, cache-bma1626-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 5, 25
X-Timer: S1673829357.526299,VS0,VE0
|
|
| mc.yandex.ru/metrika/watch.js |  87.250.251.119 | 200 OK | 58 kB |
URL HTTP/2mc.yandex.ru/metrika/watch.js IP87.250.251.119:0
File typeUnicode text, UTF-8 (with BOM) text, with very long lines (549) Hashde2358897e7c404f08d51cca8e09c2b0 72b0520b2c87601502afa1c5ade8db417f0ff66e e5d6dac73a736f73f293f24148181b57af832e22fa98529219fb16711e13d1d0
GET /metrika/watch.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fresh.casino/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 58069
date: Mon, 16 Jan 2023 00:35:56 GMT
access-control-allow-origin: *
etag: "63bfb9f8-e2d5"
expires: Mon, 16 Jan 2023 01:35:56 GMT
last-modified: Thu, 12 Jan 2023 10:42:48 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| mc.yandex.ru/watch/49165012/1?wmode=7&page-url=https%3A%2F%2Ffresh.casino%2Fen%2Fregistration%3Faffb_id%3Dc_10%26al_id%3D92acfbff4c82e812b918f49eb84fb12c%26stag%3D193565_63c49bea2ffa281d08310bdd%26subid%3Ds8hnpa1r4vl&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afp%3A1560%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A953%3Acn%3A1%3Adp%3A0%3Als%3A369746931933%3Ahid%3A166426218%3Az%3A0%3Ai%3A20230116003557%3Aet%3A1673829357%3Ac%3A1%3Arn%3A18931861%3Arqn%3A1%3Au%3A1673829357188942474%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C0%2C70%2C1%2C1098%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Ans%3A1673829354154%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1673829357%3At%3ARegistration%20at%20Fresh%20Casino&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29 | 87.250.251.119 | 200 OK | 454 B |
URL HTTP/2mc.yandex.ru/watch/49165012/1?wmode=7&page-url=https%3A%2F%2Ffresh.casino%2Fen%2Fregistration%3Faffb_id%3Dc_10%26al_id%3D92acfbff4c82e812b918f49eb84fb12c%26stag%3D193565_63c49bea2ffa281d08310bdd%26subid%3Ds8hnpa1r4vl&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afp%3A1560%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A953%3Acn%3A1%3Adp%3A0%3Als%3A369746931933%3Ahid%3A166426218%3Az%3A0%3Ai%3A20230116003557%3Aet%3A1673829357%3Ac%3A1%3Arn%3A18931861%3Arqn%3A1%3Au%3A1673829357188942474%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C0%2C70%2C1%2C1098%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Ans%3A1673829354154%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1673829357%3At%3ARegistration%20at%20Fresh%20Casino&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29 IP87.250.251.119:0
File typeJSON data\012- , ASCII text, with very long lines (454), with no line terminators Hashb1ef7409e60f5be06eb790b257118d1c 607c11cecb2c970998f8d6e6e071bd8075b6c9fa f099b66ae63f29afa375236c8e0346c9c7e9facc9cd32d623d25b9a70f0dfcbd
GET /watch/49165012/1?wmode=7&page-url=https%3A%2F%2Ffresh.casino%2Fen%2Fregistration%3Faffb_id%3Dc_10%26al_id%3D92acfbff4c82e812b918f49eb84fb12c%26stag%3D193565_63c49bea2ffa281d08310bdd%26subid%3Ds8hnpa1r4vl&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afp%3A1560%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A953%3Acn%3A1%3Adp%3A0%3Als%3A369746931933%3Ahid%3A166426218%3Az%3A0%3Ai%3A20230116003557%3Aet%3A1673829357%3Ac%3A1%3Arn%3A18931861%3Arqn%3A1%3Au%3A1673829357188942474%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C0%2C70%2C1%2C1098%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Ans%3A1673829354154%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1673829357%3At%3ARegistration%20at%20Fresh%20Casino&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fresh.casino
Referer: https://fresh.casino/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 454
date: Mon, 16 Jan 2023 00:35:56 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://fresh.casino
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Mon, 16-Jan-2023 00:35:56 GMT
last-modified: Mon, 16-Jan-2023 00:35:56 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| mc.yandex.ru/watch/49165012/1?page-url=https%3A%2F%2Ffresh.casino%2Fen%2Fregistration%3Faffb_id%3Dc_10%26al_id%3D92acfbff4c82e812b918f49eb84fb12c%26stag%3D193565_63c49bea2ffa281d08310bdd%26subid%3Ds8hnpa1r4vl&charset=utf-8&hittoken=1673829356_318c22759131ab11689d9441c8529be4e2d63599965268260ea2b60da1e5621a&browser-info=pa%3A1%3Aar%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A953%3Acn%3A1%3Adp%3A0%3Als%3A369746931933%3Ahid%3A166426218%3Az%3A0%3Ai%3A20230116003557%3Aet%3A1673829358%3Ac%3A1%3Arn%3A408274752%3Arqn%3A2%3Au%3A1673829357188942474%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Aco%3A0%3Ans%3A1673829354154%3Ast%3A1673829358&t=gdpr(14)mc(p-1-up-1)clc(0-0-0)rqnt(2)aw(1)ti(2) | 87.250.251.119 | 200 OK | 43 B |
URL HTTP/2mc.yandex.ru/watch/49165012/1?page-url=https%3A%2F%2Ffresh.casino%2Fen%2Fregistration%3Faffb_id%3Dc_10%26al_id%3D92acfbff4c82e812b918f49eb84fb12c%26stag%3D193565_63c49bea2ffa281d08310bdd%26subid%3Ds8hnpa1r4vl&charset=utf-8&hittoken=1673829356_318c22759131ab11689d9441c8529be4e2d63599965268260ea2b60da1e5621a&browser-info=pa%3A1%3Aar%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A953%3Acn%3A1%3Adp%3A0%3Als%3A369746931933%3Ahid%3A166426218%3Az%3A0%3Ai%3A20230116003557%3Aet%3A1673829358%3Ac%3A1%3Arn%3A408274752%3Arqn%3A2%3Au%3A1673829357188942474%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Aco%3A0%3Ans%3A1673829354154%3Ast%3A1673829358&t=gdpr(14)mc(p-1-up-1)clc(0-0-0)rqnt(2)aw(1)ti(2) IP87.250.251.119:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashdf3e567d6f16d040326c7a0ea29a4f41 ea7df583983133b62712b5e73bffbcd45cc53736 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/49165012/1?page-url=https%3A%2F%2Ffresh.casino%2Fen%2Fregistration%3Faffb_id%3Dc_10%26al_id%3D92acfbff4c82e812b918f49eb84fb12c%26stag%3D193565_63c49bea2ffa281d08310bdd%26subid%3Ds8hnpa1r4vl&charset=utf-8&hittoken=1673829356_318c22759131ab11689d9441c8529be4e2d63599965268260ea2b60da1e5621a&browser-info=pa%3A1%3Aar%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A953%3Acn%3A1%3Adp%3A0%3Als%3A369746931933%3Ahid%3A166426218%3Az%3A0%3Ai%3A20230116003557%3Aet%3A1673829358%3Ac%3A1%3Arn%3A408274752%3Arqn%3A2%3Au%3A1673829357188942474%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Aco%3A0%3Ans%3A1673829354154%3Ast%3A1673829358&t=gdpr(14)mc(p-1-up-1)clc(0-0-0)rqnt(2)aw(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 36
Origin: https://fresh.casino
Connection: keep-alive
Referer: https://fresh.casino/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Mon, 16 Jan 2023 00:35:57 GMT
access-control-allow-origin: https://fresh.casino
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Mon, 16-Jan-2023 00:35:57 GMT
last-modified: Mon, 16-Jan-2023 00:35:57 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| fresh.casino/batch?cms[]=api/cms/settings | 45.12.31.250 | 200 OK | 0 B |
URL HTTP/2fresh.casino/batch?cms[]=api/cms/settings IP45.12.31.250:0 ASN#209242 Cloudflare London, LLC
GET /batch?cms[]=api/cms/settings HTTP/1.1
Host: fresh.casino
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fresh.casino/en/registration?affb_id=c_10&al_id=92acfbff4c82e812b918f49eb84fb12c&stag=193565_63c49bea2ffa281d08310bdd&subid=s8hnpa1r4vl
Connection: keep-alive
Cookie: __cf_bm=0zyKdKPIPz5_ZwE27EhKWgDzuomPBd5ziQpkcpSukj0-1673829354-0-AZnisdc6FQ2LXfSqVlTgUsxtGnVltgDJS9HXd7MMePTEYYCXtcbWqUeBjBp2arAEXwsWgd2ecwiPmO9itJVXCIc=; statapi_client_id=16738293553534004; first_visit_sended=1673829355356
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 16 Jan 2023 00:35:55 GMT
content-type: application/json; charset=utf-8
strict-transport-security: max-age=15768000
x-priority-class: 1
x-unique-id: 8D654C17:E236_5CDE314A:01BB_63C49BEE_80B3C3:2833
x-ingress: K8J-INT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 78a2c61c6ccb0b41-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| src.maxclientstatapi.com/sdk.js | 188.114.96.1 | 200 OK | 0 B |
URL HTTP/2src.maxclientstatapi.com/sdk.js IP188.114.96.1:0
GET /sdk.js HTTP/1.1
Host: src.maxclientstatapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fresh.casino/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 00:35:55 GMT
content-type: application/javascript
cache-control: max-age=14400
cf-bgj: minify
etag: W/"63c15d99-365b"
last-modified: Fri, 13 Jan 2023 13:33:13 GMT
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U9zpQnFqCk0q9FfSEhJv1WV2I1Vpia8Fg%2Bfu1RTNdSHdM%2FiHc6WRcyOGOSoBEHsAeYIT6QlZG9EkCxOy9Af3Wpll%2B6S0KKr%2ByFD6W%2FmfC7LSTf4%2BQInlbNTve7LDFdyNddlz5oss9PyX%2Bcs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78a2c61cba7b1bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fresh.casino/js/profile~serv.key | 45.12.31.250 | 200 OK | 0 B |
URL HTTP/2fresh.casino/js/profile~serv.key IP45.12.31.250:0 ASN#209242 Cloudflare London, LLC
POST /js/profile~serv.key HTTP/1.1
Host: fresh.casino
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: multipart/form-data; boundary=---------------------------285812701221029251772579044606
Content-Length: 260
Origin: https://fresh.casino
Connection: keep-alive
Referer: https://fresh.casino/en/registration?affb_id=c_10&al_id=92acfbff4c82e812b918f49eb84fb12c&stag=193565_63c49bea2ffa281d08310bdd&subid=s8hnpa1r4vl
Cookie: __cf_bm=0zyKdKPIPz5_ZwE27EhKWgDzuomPBd5ziQpkcpSukj0-1673829354-0-AZnisdc6FQ2LXfSqVlTgUsxtGnVltgDJS9HXd7MMePTEYYCXtcbWqUeBjBp2arAEXwsWgd2ecwiPmO9itJVXCIc=; statapi_client_id=16738293553534004; first_visit_sended=1673829355356
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 16 Jan 2023 00:35:55 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
set-cookie: domain_manager_session=eyJpdiI6IlVTeWpobnlmVnJVWVlPRWpPZkhzVkE9PSIsInZhbHVlIjoiSFpZcVFZV2wxa0x6c3h6ZFM0R2tDcklISXZyTG04cEltOURXRVZrelhOSk5KS2NkYTk3U1ZKYm9pTHFldlZCUiIsIm1hYyI6IjY3MGQxMjIzYzY5ZWViZTlmNGUxYzUwMmNmOWEwNjM3NjYxZTQ1OTM2NTIyMTliZmU1MGM2ZWFiOGVkMTUwMzQifQ%3D%3D; expires=Mon, 16-Jan-2023 02:35:50 GMT; Max-Age=7200; path=/; httponly
vary: Accept-Encoding
strict-transport-security: max-age=15768000
x-priority-class: 100
x-unique-id: A29EDE77:B4FC_5CDE314A:01BB_63C49BEE_80B3C8:2833
x-ingress: K8J-INT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 78a2c61c6cd40b41-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| fresh.casino/assets/227550/css/main.ce620483.css | 45.12.31.250 | 200 OK | 0 B |
URL HTTP/2fresh.casino/assets/227550/css/main.ce620483.css IP45.12.31.250:0 ASN#209242 Cloudflare London, LLC
GET /assets/227550/css/main.ce620483.css HTTP/1.1
Host: fresh.casino
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fresh.casino/en/registration?affb_id=c_10&al_id=92acfbff4c82e812b918f49eb84fb12c&stag=193565_63c49bea2ffa281d08310bdd&subid=s8hnpa1r4vl
Cookie: __cf_bm=0zyKdKPIPz5_ZwE27EhKWgDzuomPBd5ziQpkcpSukj0-1673829354-0-AZnisdc6FQ2LXfSqVlTgUsxtGnVltgDJS9HXd7MMePTEYYCXtcbWqUeBjBp2arAEXwsWgd2ecwiPmO9itJVXCIc=; statapi_client_id=16738293553534004; first_visit_sended=1673829355356
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 16 Jan 2023 00:35:54 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=593841
cache-control: public, max-age=2592000
etag: W/"63c13cfc-2345b"
expires: Wed, 15 Feb 2023 00:35:54 GMT
last-modified: Fri, 13 Jan 2023 11:14:04 GMT
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-ingress: K8J-INT
x-priority-class: 10
x-unique-id: A29E94C2:3752_5CDE314A:01BB_63C13D87_23FD3B:0321
cf-cache-status: HIT
age: 217095
server: cloudflare
cf-ray: 78a2c61c5cbd0b41-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| fresh.casino/assets/227550/main.8a874d92.js | 45.12.31.250 | 200 OK | 0 B |
URL HTTP/2fresh.casino/assets/227550/main.8a874d92.js IP45.12.31.250:0 ASN#209242 Cloudflare London, LLC
GET /assets/227550/main.8a874d92.js HTTP/1.1
Host: fresh.casino
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fresh.casino/en/registration?affb_id=c_10&al_id=92acfbff4c82e812b918f49eb84fb12c&stag=193565_63c49bea2ffa281d08310bdd&subid=s8hnpa1r4vl
Cookie: __cf_bm=0zyKdKPIPz5_ZwE27EhKWgDzuomPBd5ziQpkcpSukj0-1673829354-0-AZnisdc6FQ2LXfSqVlTgUsxtGnVltgDJS9HXd7MMePTEYYCXtcbWqUeBjBp2arAEXwsWgd2ecwiPmO9itJVXCIc=; statapi_client_id=16738293553534004; first_visit_sended=1673829355356
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 16 Jan 2023 00:35:54 GMT
content-type: application/javascript
cf-bgj: minify
cache-control: public, max-age=2592000
etag: W/"63c13cfc-3e445"
expires: Wed, 15 Feb 2023 00:35:54 GMT
last-modified: Fri, 13 Jan 2023 11:14:04 GMT
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-ingress: K8J-INT
x-priority-class: 10
x-unique-id: AC46F293:C220_5CDE314A:01BB_63C13D82_23FF84:27F9
cf-cache-status: HIT
age: 217095
server: cloudflare
cf-ray: 78a2c61c5cc80b41-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| mc.yandex.ru/watch/49165012?wmode=7&page-url=https%3A%2F%2Ffresh.casino%2Fen%2Fregistration%3Faffb_id%3Dc_10%26al_id%3D92acfbff4c82e812b918f49eb84fb12c%26stag%3D193565_63c49bea2ffa281d08310bdd%26subid%3Ds8hnpa1r4vl&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afp%3A1560%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A953%3Acn%3A1%3Adp%3A0%3Als%3A369746931933%3Ahid%3A166426218%3Az%3A0%3Ai%3A20230116003557%3Aet%3A1673829357%3Ac%3A1%3Arn%3A18931861%3Arqn%3A1%3Au%3A1673829357188942474%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C0%2C70%2C1%2C1098%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Ans%3A1673829354154%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1673829357%3At%3ARegistration%20at%20Fresh%20Casino&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) | 87.250.251.119 | 302 Found | 0 B |
URL HTTP/2mc.yandex.ru/watch/49165012?wmode=7&page-url=https%3A%2F%2Ffresh.casino%2Fen%2Fregistration%3Faffb_id%3Dc_10%26al_id%3D92acfbff4c82e812b918f49eb84fb12c%26stag%3D193565_63c49bea2ffa281d08310bdd%26subid%3Ds8hnpa1r4vl&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afp%3A1560%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A953%3Acn%3A1%3Adp%3A0%3Als%3A369746931933%3Ahid%3A166426218%3Az%3A0%3Ai%3A20230116003557%3Aet%3A1673829357%3Ac%3A1%3Arn%3A18931861%3Arqn%3A1%3Au%3A1673829357188942474%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C0%2C70%2C1%2C1098%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Ans%3A1673829354154%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1673829357%3At%3ARegistration%20at%20Fresh%20Casino&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) IP87.250.251.119:0
GET /watch/49165012?wmode=7&page-url=https%3A%2F%2Ffresh.casino%2Fen%2Fregistration%3Faffb_id%3Dc_10%26al_id%3D92acfbff4c82e812b918f49eb84fb12c%26stag%3D193565_63c49bea2ffa281d08310bdd%26subid%3Ds8hnpa1r4vl&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afp%3A1560%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A953%3Acn%3A1%3Adp%3A0%3Als%3A369746931933%3Ahid%3A166426218%3Az%3A0%3Ai%3A20230116003557%3Aet%3A1673829357%3Ac%3A1%3Arn%3A18931861%3Arqn%3A1%3Au%3A1673829357188942474%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C0%2C70%2C1%2C1098%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Ans%3A1673829354154%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1673829357%3At%3ARegistration%20at%20Fresh%20Casino&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fresh.casino
Connection: keep-alive
Referer: https://fresh.casino/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/49165012/1?wmode=7&page-url=https%3A%2F%2Ffresh.casino%2Fen%2Fregistration%3Faffb_id%3Dc_10%26al_id%3D92acfbff4c82e812b918f49eb84fb12c%26stag%3D193565_63c49bea2ffa281d08310bdd%26subid%3Ds8hnpa1r4vl&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afp%3A1560%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A953%3Acn%3A1%3Adp%3A0%3Als%3A369746931933%3Ahid%3A166426218%3Az%3A0%3Ai%3A20230116003557%3Aet%3A1673829357%3Ac%3A1%3Arn%3A18931861%3Arqn%3A1%3Au%3A1673829357188942474%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C0%2C70%2C1%2C1098%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Ans%3A1673829354154%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1673829357%3At%3ARegistration%20at%20Fresh%20Casino&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Mon, 16 Jan 2023 00:35:56 GMT
access-control-allow-origin: https://fresh.casino
set-cookie: yabs-sid=1733496541673829356; Path=/; SameSite=None; Secure
i=wfonVPFpAkpJFbISoyHwOUmZevRsxUPvhG9EPz6hQlF919V+G/AQfE9X40FQEM/GyIDzrLLSGMomM5M5pZ0jjbxxvzE=; Expires=Thu, 13-Jan-2033 00:35:40 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=5013218301673829356; Expires=Tue, 16-Jan-2024 00:35:56 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=5013218301673829356; Expires=Tue, 16-Jan-2024 00:35:56 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1705365356.yc.1673829356#1705365356.yrts.1673829356#1705365356.yrtsi.1673829356; Expires=Tue, 16-Jan-2024 00:35:56 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Mon, 16-Jan-2023 00:35:56 GMT
last-modified: Mon, 16-Jan-2023 00:35:56 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| fresh.casino/assets/227550/runtime.8a874d92.js | 45.12.31.250 | 200 OK | 0 B |
URL HTTP/2fresh.casino/assets/227550/runtime.8a874d92.js IP45.12.31.250:0 ASN#209242 Cloudflare London, LLC
GET /assets/227550/runtime.8a874d92.js HTTP/1.1
Host: fresh.casino
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fresh.casino/en/registration?affb_id=c_10&al_id=92acfbff4c82e812b918f49eb84fb12c&stag=193565_63c49bea2ffa281d08310bdd&subid=s8hnpa1r4vl
Cookie: __cf_bm=0zyKdKPIPz5_ZwE27EhKWgDzuomPBd5ziQpkcpSukj0-1673829354-0-AZnisdc6FQ2LXfSqVlTgUsxtGnVltgDJS9HXd7MMePTEYYCXtcbWqUeBjBp2arAEXwsWgd2ecwiPmO9itJVXCIc=; statapi_client_id=16738293553534004; first_visit_sended=1673829355356
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 16 Jan 2023 00:35:54 GMT
content-type: application/javascript
cf-bgj: minify
cache-control: public, max-age=2592000
etag: W/"63c13cfc-aa7"
expires: Wed, 15 Feb 2023 00:35:54 GMT
last-modified: Fri, 13 Jan 2023 11:14:04 GMT
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-ingress: K8J-INT
x-priority-class: 10
x-unique-id: AC46F247:5738_5CDE314A:01BB_63C13D82_23FF6B:27F9
cf-cache-status: HIT
age: 217095
server: cloudflare
cf-ray: 78a2c61c5cc50b41-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| fresh.casino/assets/227550/chunk-vendors.8a874d92.js | 45.12.31.250 | 200 OK | 0 B |
URL HTTP/2fresh.casino/assets/227550/chunk-vendors.8a874d92.js IP45.12.31.250:0 ASN#209242 Cloudflare London, LLC
GET /assets/227550/chunk-vendors.8a874d92.js HTTP/1.1
Host: fresh.casino
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fresh.casino/en/registration?affb_id=c_10&al_id=92acfbff4c82e812b918f49eb84fb12c&stag=193565_63c49bea2ffa281d08310bdd&subid=s8hnpa1r4vl
Cookie: __cf_bm=0zyKdKPIPz5_ZwE27EhKWgDzuomPBd5ziQpkcpSukj0-1673829354-0-AZnisdc6FQ2LXfSqVlTgUsxtGnVltgDJS9HXd7MMePTEYYCXtcbWqUeBjBp2arAEXwsWgd2ecwiPmO9itJVXCIc=; statapi_client_id=16738293553534004; first_visit_sended=1673829355356
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 16 Jan 2023 00:35:54 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=1395411
cache-control: public, max-age=2592000
etag: W/"63c13cfc-69702"
expires: Wed, 15 Feb 2023 00:35:54 GMT
last-modified: Fri, 13 Jan 2023 11:14:04 GMT
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-ingress: K8J-INT
x-priority-class: 10
x-unique-id: AC46F25E:8C7E_5CDE314A:01BB_63C13E3F_2428A9:27F9
cf-cache-status: HIT
age: 217095
server: cloudflare
cf-ray: 78a2c61c5cc60b41-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| freshcasino.life/c872d6aed?subid=s8hnpa1r4vl | 188.114.97.1 | 302 Found | 0 B |
URL HTTP/2freshcasino.life/c872d6aed?subid=s8hnpa1r4vl IP188.114.97.1:0
GET /c872d6aed?subid=s8hnpa1r4vl HTTP/1.1
Host: freshcasino.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Mon, 16 Jan 2023 00:35:54 GMT
content-type: text/html; charset=utf-8
location: https://fresh.casino/registration?affb_id=c_10&al_id=92acfbff4c82e812b918f49eb84fb12c&stag=193565_63c49bea2ffa281d08310bdd&subid=s8hnpa1r4vl
set-cookie: 4a44dc15364204a80fe8=63c49bea2ffa281d08310bdd; Expires=Wed, 15 Feb 2023 00:35:54 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GVVT9UUMTD2MEVVu7XzfIugNmpFeycIgFZkl3WKcqfkI%2BPbjF5MPwb6nrXMYnWYvt%2Fc%2FHx4a4mPfUnKOWi1FF%2FMKzJLYRo7I1VSzTdfmzii3a59MM5shpdIyf75Zy2FizJ63"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78a2c619398eb509-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fresh.casino/en/registration?affb_id=c_10&al_id=92acfbff4c82e812b918f49eb84fb12c&stag=193565_63c49bea2ffa281d08310bdd&subid=s8hnpa1r4vl | 45.12.31.250 | 200 OK | 0 B |
URL HTTP/2fresh.casino/en/registration?affb_id=c_10&al_id=92acfbff4c82e812b918f49eb84fb12c&stag=193565_63c49bea2ffa281d08310bdd&subid=s8hnpa1r4vl IP45.12.31.250:0 ASN#209242 Cloudflare London, LLC
GET /en/registration?affb_id=c_10&al_id=92acfbff4c82e812b918f49eb84fb12c&stag=193565_63c49bea2ffa281d08310bdd&subid=s8hnpa1r4vl HTTP/1.1
Host: fresh.casino
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __cf_bm=0zyKdKPIPz5_ZwE27EhKWgDzuomPBd5ziQpkcpSukj0-1673829354-0-AZnisdc6FQ2LXfSqVlTgUsxtGnVltgDJS9HXd7MMePTEYYCXtcbWqUeBjBp2arAEXwsWgd2ecwiPmO9itJVXCIc=
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
date: Mon, 16 Jan 2023 00:35:54 GMT
content-type: text/html
x-app-lang: en
x-app-version: 227550
strict-transport-security: max-age=15768000
x-priority-class: 100
x-unique-id: 8D654CEA:2F44_5CDE314A:01BB_63C49BE6_80C4EB:2838
x-ingress: K8J-INT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 78a2c61b5c600b41-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| fresh.maxclientstatapi.com/experiments | 188.114.96.1 | 200 OK | 0 B |
URL HTTP/2fresh.maxclientstatapi.com/experiments IP188.114.96.1:0
GET /experiments HTTP/1.1
Host: fresh.maxclientstatapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fresh.casino
Connection: keep-alive
Referer: https://fresh.casino/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 16 Jan 2023 00:35:55 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9jU35H5P9GBjm4R99hvoBrelFX3vFRrLchyAS6fpqWp3JTMC9%2B%2Frmyp5x15Entfc9Mc7HRe1NYmZzvzecSfAJxuZ7PHKuDpJW52nlX8MSveXiPSRvjtzSrfIWVHBtYXa%2FUuH9QcJ%2FL7WgxoHRw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78a2c61fe9a5fab4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| link.cetus.homes/Fresh?ad_campaign_id=kik%2029.12.2&keyword=bom447566375 | 188.114.97.1 | 302 Found | 0 B |
URL HTTP/2link.cetus.homes/Fresh?ad_campaign_id=kik%2029.12.2&keyword=bom447566375 IP188.114.97.1:0
GET /Fresh?ad_campaign_id=kik%2029.12.2&keyword=bom447566375 HTTP/1.1
Host: link.cetus.homes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Mon, 16 Jan 2023 00:35:54 GMT
content-type: text/html; charset=UTF-8
location: https://freshcasino.life/c872d6aed?subid=s8hnpa1r4vl
cache-control: no-cache, no-store, must-revalidate,post-check=0,pre-check=0
expires: 0
last-modified: Mon, 16 Jan 2023 00:35:54 GMT
pragma: no-cache
set-cookie: _subid=s8hnpa1r4vl;Expires=Thursday, 16-Feb-2023 00:35:54 GMT;Max-Age=2678400;Path=/
ac5bc=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjMxNzlcIjoxNjczODI5MzU0fSxcImNhbXBhaWduc1wiOntcIjIzOTFcIjoxNjczODI5MzU0fSxcInRpbWVcIjoxNjczODI5MzU0fSJ9.foy5Z16BlgSSg7vXT7jF0bXAy0BLyv_gkGm4Jyaj66A;Expires=Saturday, 01-Feb-2076 01:11:48 GMT;Max-Age=1673915754;Path=/
vary: Accept-Encoding
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MTdCgrVwkSxgHuwfPzzHPdsc2mxVnlQq6hKB%2FpVtznovJjLpNf6SQD4ZeP%2FaX6bg2K6A3x1XEVAwhSlmd2N7zoXETUF90AdweCEFkG%2FVZ73Ej6asSjHKQwHeAh9TMGC5ANfr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78a2c61719c6b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fresh.casino/assets/227550/css/chunk-vendors.e072b274.css | 45.12.31.250 | 200 OK | 0 B |
URL HTTP/2fresh.casino/assets/227550/css/chunk-vendors.e072b274.css IP45.12.31.250:0 ASN#209242 Cloudflare London, LLC
GET /assets/227550/css/chunk-vendors.e072b274.css HTTP/1.1
Host: fresh.casino
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fresh.casino/en/registration?affb_id=c_10&al_id=92acfbff4c82e812b918f49eb84fb12c&stag=193565_63c49bea2ffa281d08310bdd&subid=s8hnpa1r4vl
Cookie: __cf_bm=0zyKdKPIPz5_ZwE27EhKWgDzuomPBd5ziQpkcpSukj0-1673829354-0-AZnisdc6FQ2LXfSqVlTgUsxtGnVltgDJS9HXd7MMePTEYYCXtcbWqUeBjBp2arAEXwsWgd2ecwiPmO9itJVXCIc=; statapi_client_id=16738293553534004; first_visit_sended=1673829355356
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 16 Jan 2023 00:35:54 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=6778
cache-control: public, max-age=2592000
etag: W/"63c13cfc-431"
expires: Wed, 15 Feb 2023 00:35:54 GMT
last-modified: Fri, 13 Jan 2023 11:14:04 GMT
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-ingress: K8J-INT
x-priority-class: 10
x-unique-id: AC46F2C8:B89E_5CDE314A:01BB_63C13D8A_23F616:27F3
cf-cache-status: HIT
age: 217095
server: cloudflare
cf-ray: 78a2c61c5cbc0b41-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| fresh.maxclientstatapi.com/time | 188.114.96.1 | 200 OK | 0 B |
URL HTTP/2fresh.maxclientstatapi.com/time IP188.114.96.1:0
GET /time HTTP/1.1
Host: fresh.maxclientstatapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fresh.casino
Connection: keep-alive
Referer: https://fresh.casino/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 00:35:55 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=367%2B377zVufIDKvDNpd%2BjK1r3ETqDPmKGMzxUbjp7JBvgz8PhTsXUdUvUnUaW%2B4ZZO%2FSRXzf%2FEHnFd3LVmhDy14OFXX2377A2hP8%2B5QPlj7oWVms%2BSnlK3xFLTR%2BjwGUyihhsz37ouqMyk2AGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78a2c61ee951fab4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
0.0.0.0