super-stars-wallpapers.blogspot.hk/
187 B URL super-stars-wallpapers.blogspot.hk/
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 24f2261fd4f024388dc6417cf552d1d8
4d21e9259607e7c814901518babd35f510a29fa4
4c133cb30a22aeaea7541a2ce16d105aab3204b6c1ccb00e0fffedb0337acc3f
GET / HTTP/1.1
Host: super-stars-wallpapers.blogspot.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
location: https://super-stars-wallpapers.blogspot.com/
content-type: text/html; charset=UTF-8
content-encoding: gzip
date: Sun, 03 Dec 2023 23:34:41 GMT
expires: Sun, 03 Dec 2023 23:34:41 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 187
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
super-stars-wallpapers.blogspot.com/
36 kB URL super-stars-wallpapers.blogspot.com/
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3514)
Hash f6903debafe4b7d3a6b6920a3aa6f754
b95d37a650fab4976bc885153077c68092864191
eab0a964aad74b7bbbad3febb69e2e3b89cac82f28074e585b9de51234b4a6c9
GET / HTTP/1.1
Host: super-stars-wallpapers.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Sun, 03 Dec 2023 23:34:42 GMT
date: Sun, 03 Dec 2023 23:34:42 GMT
cache-control: private, max-age=0
last-modified: Tue, 07 Nov 2023 05:25:20 GMT
etag: W/"2b8e7265944e07ace7e5641fd3a85ca96e7f1d54545aebb6f21defec39edc647"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 36069
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
super-stars-wallpapers.blogspot.com/js/cookienotice.js
2.0 kB URL super-stars-wallpapers.blogspot.com/js/cookienotice.js
IP
Hash a705132a2174f88e196ec3610d68faa8
3bad57a48d973a678fec600d45933010f6edc659
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
GET /js/cookienotice.js HTTP/1.1
Host: super-stars-wallpapers.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://super-stars-wallpapers.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 2026
date: Sun, 03 Dec 2023 23:34:42 GMT
expires: Sun, 10 Dec 2023 23:34:42 GMT
cache-control: public, max-age=604800
last-modified: Sun, 03 Dec 2023 20:49:43 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.blogger.com/static/v1/widgets/3566091532-css_bundle_v2.css
7.8 kB URL www.blogger.com/static/v1/widgets/3566091532-css_bundle_v2.css
IP
File type ASCII text, with very long lines (35959)
Hash 1e32420a7b6ddbdcb7def8b3141c4d1e
a1be54d42ff1f95244c9653539f90318f5bc0580
a9ca837900b6ae007386d400f659c233120b8af7d93407fd6475c9180d9e83d2
GET /static/v1/widgets/3566091532-css_bundle_v2.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://super-stars-wallpapers.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 7756
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 12:58:11 GMT
expires: Thu, 28 Nov 2024 12:58:11 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 29 Nov 2023 01:58:19 GMT
content-type: text/css
vary: Accept-Encoding
age: 383791
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
resources.blogblog.com/img/widgets/subscribe-yahoo.png
580 B URL resources.blogblog.com/img/widgets/subscribe-yahoo.png
IP
File type PNG image data, 91 x 17, 8-bit colormap, non-interlaced\012- data
Hash 79f602b6ac18bee79b4e2353a6674010
28accf82263aa1a11bb821439d4d185865662530
bbf9b924cc32bff4738bb54d86905476349f90c8b20f748633e56f64379d553e
GET /img/widgets/subscribe-yahoo.png HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://super-stars-wallpapers.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 23:58:04 GMT
expires: Wed, 06 Dec 2023 23:58:04 GMT
cache-control: public, max-age=604800
last-modified: Wed, 29 Nov 2023 17:00:16 GMT
content-type: image/png
age: 344198
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
apis.google.com/js/platform.js
22 kB URL apis.google.com/js/platform.js
IP
File type ASCII text, with very long lines (2664)
Hash fd67324a3d81895bdf76b073089663b1
5abb1b0a36c645085e31830e6647faa790ad4e91
8eaa06f95fa0ac44c2c186f200874f2f3ebc3aaa92412f0d0c096f517d3581d1
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://super-stars-wallpapers.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-length: 21930
date: Sun, 03 Dec 2023 23:34:42 GMT
expires: Sun, 03 Dec 2023 23:34:42 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "bccfddc1dce4fb76"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
set-cookie: NID=511=PUyMWciU11_CxEp4d5NLCMQtPhzLgDjGae3qutgOAHT3q2S9Mp7E7f9gIrdnIdL18jNTPqm0UlWlwzPHWCVtrfyZdAM6TkJVRVVBzRC8JUsQ0LunogIFLwtbrtj9dTWm0r7Ds_oF5Ga-oG-Yib0JU7c0LvR9t3sz0QY4tKAiRdY; expires=Mon, 03-Jun-2024 23:34:42 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
resources.blogblog.com/img/widgets/arrow_dropdown.gif
141 B URL resources.blogblog.com/img/widgets/arrow_dropdown.gif
IP
File type GIF image data, version 89a, 13 x 10\012- data
Hash 2964a07d60a4e76b299130fb1b4115f6
3b72dcc19f3ad685513eaba612e07e0ed495f2e1
28ab89f0285c48d2faed701905c185c302f2b389584a52ceaa76a91ea64dc3a7
GET /img/widgets/arrow_dropdown.gif HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://super-stars-wallpapers.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 141
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 18:41:09 GMT
expires: Wed, 06 Dec 2023 18:41:09 GMT
cache-control: public, max-age=604800
last-modified: Wed, 29 Nov 2023 04:57:29 GMT
content-type: image/gif
age: 363213
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
resources.blogblog.com/img/icon_feed12.png
500 B URL resources.blogblog.com/img/icon_feed12.png
IP
File type PNG image data, 12 x 12, 8-bit colormap, non-interlaced\012- data
Hash 44e7355a788fd1082deff0018883758e
50e3a28a44978e85d13c30522e0c71c8d0b24675
3cd341f37642f8a58b0fe14c2645913449c0ffe10be6ba0986275bfef29bc319
GET /img/icon_feed12.png HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://super-stars-wallpapers.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 500
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 16:33:32 GMT
expires: Wed, 06 Dec 2023 16:33:32 GMT
cache-control: public, max-age=604800
last-modified: Wed, 29 Nov 2023 10:56:25 GMT
content-type: image/png
age: 370870
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
resources.blogblog.com/img/widgets/subscribe-netvibes.png
1.4 kB URL resources.blogblog.com/img/widgets/subscribe-netvibes.png
IP
File type PNG image data, 91 x 17, 8-bit colormap, non-interlaced\012- data
Hash c52a5f4ecb6be5d7e93b23ef4122ee4e
4e698a5f455daf3a8ea1e219b1998079f0546716
71b8ad79c680b3e5d452a792c3b418b23f739a0a34005e0f37ec674f4c78cb5d
GET /img/widgets/subscribe-netvibes.png HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://super-stars-wallpapers.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 1445
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 11:21:58 GMT
expires: Thu, 07 Dec 2023 11:21:58 GMT
cache-control: public, max-age=604800
last-modified: Wed, 29 Nov 2023 17:00:16 GMT
content-type: image/png
age: 303164
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js
28 kB URL cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js
IP
File type ASCII text, with very long lines (65451)
Hash 12108007906290015100837a6a61e9f4
1d6ae46f2ffa213dede37a521b011ec1cd8d1ad3
c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4
GET /ajax/libs/jquery/3.5.0/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://super-stars-wallpapers.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://super-stars-wallpapers.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:34:42 GMT
content-type: application/javascript; charset=utf-8
content-length: 27964
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-15d95"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 847317
expires: Fri, 22 Nov 2024 23:34:42 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J6dJgeJrgr8qs%2BCTD444M6c%2BfQhGGIXBbslRVfV8NShlTq2AG2LrKssJMjxz7%2B8RkdJ%2FVeETe%2B1ZAmjx9gmSMjxJsz3sMuj1WTW3s3PZ7bPPiOIAuduWLlx9u5kPWS%2FCupyLipH1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 82ff9f35996956a8-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
3.bp.blogspot.com/-ZZSacDHLWlM/VhvlKTMjbLI/AAAAAAAAF2M/UDzU4rrvcaI/s1600/btn_close.gif
362 B URL 3.bp.blogspot.com/-ZZSacDHLWlM/VhvlKTMjbLI/AAAAAAAAF2M/UDzU4rrvcaI/s1600/btn_close.gif
IP
File type GIF image data, version 89a, 52 x 15\012- data
Hash fd2c05a8c327ace309722b0a5fc4faf3
f446e97c43f8830be9f60644563dd846abe6b8e8
0450e2e1aa3c8b5435690d841f3e573c4f521864e1f8e01a5b6dbcdac922c8b4
GET /-ZZSacDHLWlM/VhvlKTMjbLI/AAAAAAAAF2M/UDzU4rrvcaI/s1600/btn_close.gif HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://super-stars-wallpapers.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="btn_close.gif"
x-content-type-options: nosniff
server: fife
content-length: 362
x-xss-protection: 0
date: Sun, 03 Dec 2023 19:39:20 GMT
expires: Mon, 04 Dec 2023 19:39:20 GMT
cache-control: public, max-age=86400, no-transform
age: 14122
etag: "v1764"
content-type: image/gif
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/325989852-widgets.js
59 kB URL www.blogger.com/static/v1/widgets/325989852-widgets.js
IP
File type ASCII text, with very long lines (2258)
Hash 2aaaea7286ee481cbc12cfd76e10c0cf
6e8576cb84ac125faa0bc0a5fe5508166cc4eed8
4bfa00cdbc7a40f5dad3dfc3a21dada224e61e358e78d7b262bab098bccbc580
GET /static/v1/widgets/325989852-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://super-stars-wallpapers.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 59316
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 14:08:07 GMT
expires: Fri, 29 Nov 2024 14:08:07 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 29 Nov 2023 05:57:17 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 293195
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/1/jquery.min.js
33 kB URL ajax.googleapis.com/ajax/libs/jquery/1/jquery.min.js
IP
File type ASCII text, with very long lines (32086)
Hash 8101d596b2b8fa35fe3a634ea342d7c3
d6c1f41972de07b09bfa63d2e50f9ab41ec372bd
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
GET /ajax/libs/jquery/1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://super-stars-wallpapers.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33434
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 03 Dec 2023 09:31:13 GMT
expires: Mon, 02 Dec 2024 09:31:13 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 50609
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.gstatic.com/charts/loader.js
18 kB URL www.gstatic.com/charts/loader.js
IP
File type ASCII text, with very long lines (2186)
Hash 32bc41d964faa1b95d9c61fc443df579
02d3f83dac14fe996babbfe332779ed182d39d1c
369ae154eab37b7ada7776b934833183bb053ebd1d0255f70ef8944f65cabb0c
GET /charts/loader.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://super-stars-wallpapers.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-credentials: true
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gviz"
report-to: {"group":"gviz","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gviz"}]}
content-length: 18534
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 03 Dec 2023 23:22:17 GMT
expires: Mon, 04 Dec 2023 00:22:17 GMT
cache-control: public, max-age=3600
last-modified: Tue, 04 Apr 2023 17:52:30 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 746
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
53 kB URL pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP
File type ASCII text, with very long lines (3968)
Hash 3d9bf9b7167547c47de1badf00c0229c
639fc72e635df4033e932fcee9b5d4eb941379bf
b16528e0a1279c7311545d50b27b225f6cb149659977136ecb05e37e0ebeb107
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://super-stars-wallpapers.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 03 Dec 2023 23:34:43 GMT
expires: Sun, 03 Dec 2023 23:34:43 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 15548816854578406889
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 52675
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/google_top_exp.js
42 B URL pagead2.googlesyndication.com/pagead/js/google_top_exp.js
IP
Hash 7f5f2be159837d73b72a4b37616bce44
c93d7f25b530b05c26440d3352213b683d03dcc3
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
GET /pagead/js/google_top_exp.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://super-stars-wallpapers.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 42
x-xss-protection: 0
date: Sun, 03 Dec 2023 05:09:38 GMT
expires: Sun, 17 Dec 2023 05:09:38 GMT
cache-control: public, max-age=1209600
age: 66305
etag: 13036835877489095579
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.coKrc9A11Ng.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw/cb=gapi.loaded_0?le=scs
61 kB URL apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.coKrc9A11Ng.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw/cb=gapi.loaded_0?le=scs
IP
File type ASCII text, with very long lines (1505)
Hash 71aaa92f748ba3c48d6edfb40204d614
ad1ca8c338494256d564ee7857707f758e03948b
215f3b01f5decd286eb88ac2dc56b997e6cd2ce8f47998dfa9e2917f8b890982
GET /_/scs/abc-static/_/js/k=gapi.lb.en.coKrc9A11Ng.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://super-stars-wallpapers.blogspot.com/
Cookie: NID=511=PUyMWciU11_CxEp4d5NLCMQtPhzLgDjGae3qutgOAHT3q2S9Mp7E7f9gIrdnIdL18jNTPqm0UlWlwzPHWCVtrfyZdAM6TkJVRVVBzRC8JUsQ0LunogIFLwtbrtj9dTWm0r7Ds_oF5Ga-oG-Yib0JU7c0LvR9t3sz0QY4tKAiRdY
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 60962
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 02:45:42 GMT
expires: Fri, 29 Nov 2024 02:45:42 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 08 Nov 2023 22:37:21 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 334141
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
fonts.gstatic.com/s/cherrycreamsoda/v21/UMBIrOxBrW6w2FFyi9paG0fdVdRciQd9A98.woff2
24 kB URL fonts.gstatic.com/s/cherrycreamsoda/v21/UMBIrOxBrW6w2FFyi9paG0fdVdRciQd9A98.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 24236, version 1.0\012- data
Hash 0caf6947dd9d590934bb7a28548893b9
e7d4be7452b4c60635726fa7578e5b6aecdf185d
5c2d691a9e7ca08b1fccf8dae98e55b58eca6673080c7cb8a2a5972ef71a97d4
GET /s/cherrycreamsoda/v21/UMBIrOxBrW6w2FFyi9paG0fdVdRciQd9A98.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://super-stars-wallpapers.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://super-stars-wallpapers.blogspot.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 10:05:48 GMT
expires: Fri, 29 Nov 2024 10:05:48 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 19 Apr 2022 18:58:30 GMT
content-type: font/woff2
age: 307735
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
themes.googleusercontent.com/image?id=1N3a-kmJ4ABC9Vn7ix7pZVv7tOBByyNMJO2BIiT6-2HKT23Cb3zL6Ev1OeMzfiMVbOCeM
76 kB URL themes.googleusercontent.com/image?id=1N3a-kmJ4ABC9Vn7ix7pZVv7tOBByyNMJO2BIiT6-2HKT23Cb3zL6Ev1OeMzfiMVbOCeM
IP
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=9, manufacturer=Canon, model=Canon EOS 5D, orientation=upper-left, xresolution=141, yresolution=149, resolutionunit=2, software=Adobe Photoshop CS3 Windows, datetime=2010:02:26 01:15:39], baseline, precision 8, 1800x1800, components 3\012- data
Hash b1eab6ae4adab1d7df40bd1ed0d409b6
6632eae870506fbb29fb9880941344dc6861099a
d3931b7e220aaa5208187b2b33a4e4205327d5a05f8856c4c81ef9942628ea9e
GET /image?id=1N3a-kmJ4ABC9Vn7ix7pZVv7tOBByyNMJO2BIiT6-2HKT23Cb3zL6Ev1OeMzfiMVbOCeM HTTP/1.1
Host: themes.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://super-stars-wallpapers.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v1"
expires: Mon, 04 Dec 2023 23:34:43 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
x-content-type-options: nosniff
date: Sun, 03 Dec 2023 23:34:43 GMT
server: fife
content-length: 75487
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.blogger.com/dyn-css/authorization.css?targetBlogID=7692815643402796476&zx=0092646f-95b0-49aa-a056-7659d390cc02
21 B URL www.blogger.com/dyn-css/authorization.css?targetBlogID=7692815643402796476&zx=0092646f-95b0-49aa-a056-7659d390cc02
IP
File type very short file (no magic)
Hash 68b329da9893e34099c7d8ad5cb9c940
adc83b19e793491b1c6ea0fd8b46cd9f32e592fc
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
GET /dyn-css/authorization.css?targetBlogID=7692815643402796476&zx=0092646f-95b0-49aa-a056-7659d390cc02 HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://super-stars-wallpapers.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 03 Dec 2023 23:34:43 GMT
last-modified: Sun, 03 Dec 2023 23:34:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5968755210637644&plah=super-stars-wallpapers.blogspot.com
138 kB URL pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5968755210637644&plah=super-stars-wallpapers.blogspot.com
IP
File type ASCII text, with very long lines (2175)
Size 138 kB (137676 bytes)
Hash 12dbe4f61af8dea6c1f942e38cee74be
0e099eeb2732b4df0c0911893d306dce2613e43c
a821db78ac8fd101f69aab76c728f404f8199dadbfafdbb2b572fe53d114fccb
GET /pagead/managed/js/adsense/m202311280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5968755210637644&plah=super-stars-wallpapers.blogspot.com HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://super-stars-wallpapers.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 03 Dec 2023 23:34:43 GMT
expires: Sun, 03 Dec 2023 23:34:43 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 11829071796932350874
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 137676
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiAyrS_DX6lNkihqA3mXv8OoKPKP6wJBjiZ4tGFGNBJ2utXdtw-qW0GAAfnlLSxpLogPGEt13lmKmSFpjifROTBS3_ERWibONTMIkmIwIx6lS2nCY_ScOWV_3c9scYf2uZtGzMxo5Yho0K8P1AhEmx6PmxUdzJSEYDACKlkgO74cDW0TqZN5svjhkbR2EM/s72-c/Untitled%20design%20%281%29.png
12 kB URL blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiAyrS_DX6lNkihqA3mXv8OoKPKP6wJBjiZ4tGFGNBJ2utXdtw-qW0GAAfnlLSxpLogPGEt13lmKmSFpjifROTBS3_ERWibONTMIkmIwIx6lS2nCY_ScOWV_3c9scYf2uZtGzMxo5Yho0K8P1AhEmx6PmxUdzJSEYDACKlkgO74cDW0TqZN5svjhkbR2EM/s72-c/Untitled%20design%20%281%29.png
IP
File type PNG image data, 72 x 72, 8-bit/color RGB, non-interlaced\012- data
Hash d4c574f5345c0aa4ce2c133c817060c8
4b98a90e8e1da57338ea5a2b9ec19cccfad33ee7
de971328c8f3805b3fb631adab3d0334bb2656416f281ec24a8c52fd048ce09f
GET /img/b/R29vZ2xl/AVvXsEiAyrS_DX6lNkihqA3mXv8OoKPKP6wJBjiZ4tGFGNBJ2utXdtw-qW0GAAfnlLSxpLogPGEt13lmKmSFpjifROTBS3_ERWibONTMIkmIwIx6lS2nCY_ScOWV_3c9scYf2uZtGzMxo5Yho0K8P1AhEmx6PmxUdzJSEYDACKlkgO74cDW0TqZN5svjhkbR2EM/s72-c/Untitled%20design%20%281%29.png HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://super-stars-wallpapers.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
vary: Origin
access-control-expose-headers: Content-Length
etag: "v20"
expires: Mon, 04 Dec 2023 23:34:43 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Untitled design (1).png"
x-content-type-options: nosniff
date: Sun, 03 Dec 2023 23:34:43 GMT
server: fife
content-length: 12026
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.blogger.com/navbar.g?targetBlogID=7692815643402796476&blogName=super+stars+wallpapers&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=https://super-stars-wallpapers.blogspot.com/search&blogLocale=in&v=2&homepageUrl=https://super-stars-wallpapers.blogspot.com/&vt=8030895519098766179&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.coKrc9A11Ng.O%2Fd%3D1%2Frs%3DAHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw%2Fm%3D__features__
2.6 kB URL www.blogger.com/navbar.g?targetBlogID=7692815643402796476&blogName=super+stars+wallpapers&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=https://super-stars-wallpapers.blogspot.com/search&blogLocale=in&v=2&homepageUrl=https://super-stars-wallpapers.blogspot.com/&vt=8030895519098766179&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.coKrc9A11Ng.O%2Fd%3D1%2Frs%3DAHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw%2Fm%3D__features__
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3172)
Hash 082489324c517167530ee238391f5392
8581b8830cd24919f85e2445ed2ceb497cb29518
2aab45473c8f0d937bb162102d90d3a191e7c3c8e9a3e926a5bf9080a1fa4371
GET /navbar.g?targetBlogID=7692815643402796476&blogName=super+stars+wallpapers&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=https://super-stars-wallpapers.blogspot.com/search&blogLocale=in&v=2&homepageUrl=https://super-stars-wallpapers.blogspot.com/&vt=8030895519098766179&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.coKrc9A11Ng.O%2Fd%3D1%2Frs%3DAHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw%2Fm%3D__features__ HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://super-stars-wallpapers.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 03 Dec 2023 23:34:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 2598
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiAyrS_DX6lNkihqA3mXv8OoKPKP6wJBjiZ4tGFGNBJ2utXdtw-qW0GAAfnlLSxpLogPGEt13lmKmSFpjifROTBS3_ERWibONTMIkmIwIx6lS2nCY_ScOWV_3c9scYf2uZtGzMxo5Yho0K8P1AhEmx6PmxUdzJSEYDACKlkgO74cDW0TqZN5svjhkbR2EM/w200-h150-p-k-no-nu/Untitled%20design%20%281%29.png
59 kB URL blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiAyrS_DX6lNkihqA3mXv8OoKPKP6wJBjiZ4tGFGNBJ2utXdtw-qW0GAAfnlLSxpLogPGEt13lmKmSFpjifROTBS3_ERWibONTMIkmIwIx6lS2nCY_ScOWV_3c9scYf2uZtGzMxo5Yho0K8P1AhEmx6PmxUdzJSEYDACKlkgO74cDW0TqZN5svjhkbR2EM/w200-h150-p-k-no-nu/Untitled%20design%20%281%29.png
IP
File type PNG image data, 200 x 150, 8-bit/color RGB, non-interlaced\012- data
Hash b4ae157208ce7e9223e33965f2b9a9ab
603255277b0eb1a8b515ace3baf2a8dad384cc61
54cad8d6b08c4d21d9f011a049dc8bf0a525dd7254ad26f93253efb65756d43e
GET /img/b/R29vZ2xl/AVvXsEiAyrS_DX6lNkihqA3mXv8OoKPKP6wJBjiZ4tGFGNBJ2utXdtw-qW0GAAfnlLSxpLogPGEt13lmKmSFpjifROTBS3_ERWibONTMIkmIwIx6lS2nCY_ScOWV_3c9scYf2uZtGzMxo5Yho0K8P1AhEmx6PmxUdzJSEYDACKlkgO74cDW0TqZN5svjhkbR2EM/w200-h150-p-k-no-nu/Untitled%20design%20%281%29.png HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://super-stars-wallpapers.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
vary: Origin
access-control-expose-headers: Content-Length
etag: "v20"
expires: Mon, 04 Dec 2023 23:34:43 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Untitled design (1).png"
x-content-type-options: nosniff
date: Sun, 03 Dec 2023 23:34:43 GMT
server: fife
content-length: 58880
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
apis.google.com/js/platform:gapi.iframes.style.common.js
22 kB URL apis.google.com/js/platform:gapi.iframes.style.common.js
IP
File type ASCII text, with very long lines (2664)
Hash b970f4ece0f21dae7d57dcbbbe1eb48b
52ab98370d3fc4bfd4c1b23cb3ed5dc1e37d779a
53dbcf2ac8d4a8d0a0fc4d5a15778fd36664923c87a60891a87bf8ec45535a91
GET /js/platform:gapi.iframes.style.common.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.blogger.com/
Cookie: NID=511=PUyMWciU11_CxEp4d5NLCMQtPhzLgDjGae3qutgOAHT3q2S9Mp7E7f9gIrdnIdL18jNTPqm0UlWlwzPHWCVtrfyZdAM6TkJVRVVBzRC8JUsQ0LunogIFLwtbrtj9dTWm0r7Ds_oF5Ga-oG-Yib0JU7c0LvR9t3sz0QY4tKAiRdY
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 21940
date: Sun, 03 Dec 2023 23:34:43 GMT
expires: Sun, 03 Dec 2023 23:34:43 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "f3d0fc258127dfc5"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
resources.blogblog.com/img/navbar/icons_orange.png
915 B URL resources.blogblog.com/img/navbar/icons_orange.png
IP
File type PNG image data, 46 x 20, 8-bit colormap, non-interlaced\012- data
Hash 87f25844d23ac1ee03604e668f5c1797
85d440947d70a78672740ff7e8062f68ce9d99a3
d70c36f2f61b735573caa3dd5a1602e19916701bb88d99ff4527cd2c89fa8b72
GET /img/navbar/icons_orange.png HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 915
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 04:00:55 GMT
expires: Thu, 07 Dec 2023 04:00:55 GMT
cache-control: public, max-age=604800
last-modified: Wed, 29 Nov 2023 10:56:25 GMT
content-type: image/png
age: 329628
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
resources.blogblog.com/img/navbar/arrows-blue.png
104 B URL resources.blogblog.com/img/navbar/arrows-blue.png
IP
File type PNG image data, 19 x 4, 8-bit/color RGBA, non-interlaced\012- data
Hash 38c95719e05f4184a301768d8de91e09
d0ed1147d46f2cf592584239a5a101d6f2abb588
259ece79a45ad7ecbcf6fb0669de61aa6a01ebedaba47a7e88283435e0e6b1be
GET /img/navbar/arrows-blue.png HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 104
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 11:08:39 GMT
expires: Wed, 06 Dec 2023 11:08:39 GMT
cache-control: public, max-age=604800
last-modified: Wed, 29 Nov 2023 07:57:28 GMT
content-type: image/png
age: 390364
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
veh-ev.info/wp-content/uploads/2022/12/Dont-forget-to-click.gif
670 B URL veh-ev.info/wp-content/uploads/2022/12/Dont-forget-to-click.gif
IP
Hash 914e5bb26fce5891388b2282a1104d8a
329e57dc8f9283b74abe66cf24be1e1a21cc9654
b5e438a907826d49424805f9611c75bf6364ddd5fe8300d7653e0a136086db3f
GET /wp-content/uploads/2022/12/Dont-forget-to-click.gif HTTP/1.1
Host: veh-ev.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://super-stars-wallpapers.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Sun, 03 Dec 2023 23:34:43 GMT
content-type: text/html
location: https://www.veh-ev.info/wp-content/uploads/2022/12/Dont-forget-to-click.gif
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BUyIfJB2vpgfjV0gvWqsTJca0mur6t9thS5LAcNHlmDuAhk%2FXltR8i1i0ZOILpAu3PNZ7ukIgR%2FteyBmOdbDcUCJ%2Fqt1J%2F50ibI50yVfShZ4mgXnqgNeWuil4wT%2FsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff9f376f3c568d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.coKrc9A11Ng.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw/cb=gapi.loaded_0?le=scs
46 kB URL apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.coKrc9A11Ng.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw/cb=gapi.loaded_0?le=scs
IP
File type ASCII text, with very long lines (1505)
Hash a5139ae5276fac825f580dd8b48d0f72
2820e165c330673129cebdc8e7cf806e1620c0a0
2170ad362c9ba9f7ff9b642d2a9d72a263fff1cd47de3664c55d6a7462c4cbc3
GET /_/scs/abc-static/_/js/k=gapi.lb.en.coKrc9A11Ng.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.blogger.com/
Cookie: NID=511=PUyMWciU11_CxEp4d5NLCMQtPhzLgDjGae3qutgOAHT3q2S9Mp7E7f9gIrdnIdL18jNTPqm0UlWlwzPHWCVtrfyZdAM6TkJVRVVBzRC8JUsQ0LunogIFLwtbrtj9dTWm0r7Ds_oF5Ga-oG-Yib0JU7c0LvR9t3sz0QY4tKAiRdY
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 45499
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 23:12:04 GMT
expires: Thu, 28 Nov 2024 23:12:04 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 08 Nov 2023 22:37:21 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 346960
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hutremindbond.com/43aa57950d91f3e2a4b5dc805a4a6fe1/invoke.js
11 kB URL hutremindbond.com/43aa57950d91f3e2a4b5dc805a4a6fe1/invoke.js
IP
File type exported SGML document, ASCII text, with very long lines (29631), with no line terminators
Hash 0da29fde2f1114b395dc60098301055b
9c3696946906d3a7c95cbb0a685358e0582c760d
8f3f22e8d22706cd546dd7e79618a4a680654fe7efa71ccdd1f4cfdcd0aacca1
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /43aa57950d91f3e2a4b5dc805a4a6fe1/invoke.js HTTP/1.1
Host: hutremindbond.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://super-stars-wallpapers.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 03 Dec 2023 23:34:44 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 67d23016d6f9ffeb32078b08192a6c3e
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
2.bp.blogspot.com/-yNE4A_H3C2o/U1E6RPYNEpI/AAAAAAAADRQ/UOP1mUKaxGE/s1600/line.png
735 B URL 2.bp.blogspot.com/-yNE4A_H3C2o/U1E6RPYNEpI/AAAAAAAADRQ/UOP1mUKaxGE/s1600/line.png
IP
File type PNG image data, 371 x 5, 8-bit/color RGBA, non-interlaced\012- data
Hash 15ded568eb1e378aa000ab4fc9622c7e
71889b7db45f87fd62dae699575cc2d1dc1aec35
92dc3b64537e4a7710d452daaba3ed22fda5e21df2db4ccfbd81c129df9d5116
GET /-yNE4A_H3C2o/U1E6RPYNEpI/AAAAAAAADRQ/UOP1mUKaxGE/s1600/line.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://super-stars-wallpapers.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="line.png"
x-content-type-options: nosniff
server: fife
content-length: 735
x-xss-protection: 0
date: Sun, 03 Dec 2023 21:18:16 GMT
expires: Mon, 04 Dec 2023 21:18:16 GMT
cache-control: public, max-age=86400, no-transform
age: 8188
etag: "vd15"
content-type: image/png
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ocsp.r2m03.amazontrust.com/
471 B URL ocsp.r2m03.amazontrust.com/
IP
Hash ebc0f19a7067085e95ff0e35ee441f4d
23c3d68afd4c1c6cdecce9007aa3bddc793bc52d
6a07099ef655ed036e4a865236f8a6e5549e9a468e207691923634fc51c3186d
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Sun, 03 Dec 2023 23:34:44 GMT
Last-Modified: Sun, 03 Dec 2023 22:10:46 GMT
Server: ECAcc (ska/F749)
X-Cache: Miss from cloudfront
Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: mS6nL-WlLDflUizhoM1AKmfPjPGeX75GuFwwvWN7gDGGDI_LP6AfXg==
Age: 5038
hutremindbond.com/43aa57950d91f3e2a4b5dc805a4a6fe1/invoke.js
11 kB URL hutremindbond.com/43aa57950d91f3e2a4b5dc805a4a6fe1/invoke.js
IP
File type exported SGML document, ASCII text, with very long lines (29607), with no line terminators
Hash d0b10af7e6a239361b6b1c0f6463d476
be5d1c62d902f6a0a3d99f3c15311a97af10ac6c
ee7e6ea218aeb978df22d12f53f5657446dec1b1cb080c183cef48acc730172c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /43aa57950d91f3e2a4b5dc805a4a6fe1/invoke.js HTTP/1.1
Host: hutremindbond.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://super-stars-wallpapers.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 03 Dec 2023 23:34:44 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d0a89f196853123beb438c777c9bb034
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
proftrafficcounter.com/stats
40 B URL proftrafficcounter.com/stats
IP
File type ASCII text, with no line terminators
Hash 74f4072a796ddabf87500b61df022a46
1ab6eea5de6ff0e12bea9e29b5cbcd979f753dbe
2607249865fa95c15995ca8bea36ca7e6a25be3ece88a797b0dbca0c6177b0bd
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://super-stars-wallpapers.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://super-stars-wallpapers.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:34:44 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://super-stars-wallpapers.blogspot.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=13fc2838-4669-4452-8847-a2f835e23c4a:1:1; expires=Wed, 30 Nov 2033 23:34:44 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
proftrafficcounter.com/stats
40 B URL proftrafficcounter.com/stats
IP
File type ASCII text, with no line terminators
Hash 2a30e2981c9b3613ce09f572361a24b5
a6b5295770807d979887accca8746d17d8c9bafd
8d911f86602d18a9a86b1fd4decee528f3d6a2b8ff9821ec253bfd8598e1b3bc
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://super-stars-wallpapers.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://super-stars-wallpapers.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:34:44 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://super-stars-wallpapers.blogspot.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=5b42a502-1042-41d3-b415-ef616d024951:3:1; expires=Wed, 30 Nov 2033 23:34:44 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
hutremindbond.com/c5c44a2656e42ce87f6e9d7b1715693a/invoke.js
11 kB URL hutremindbond.com/c5c44a2656e42ce87f6e9d7b1715693a/invoke.js
IP
File type exported SGML document, ASCII text, with very long lines (29601), with no line terminators
Hash fe92bac078a9310b3e3ea6e1ebe256c3
ae6722a4da7786e1f892fbcc409222b0e1fd0dde
0d2c0a8ac7bcc2d27c35b17363d84cc01fc154c449f4e835ed8cf7633ae01176
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /c5c44a2656e42ce87f6e9d7b1715693a/invoke.js HTTP/1.1
Host: hutremindbond.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://super-stars-wallpapers.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 03 Dec 2023 23:34:44 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 76731bd65a72f4e912ee5ea4f1ce7a63
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
hutremindbond.com/c5c44a2656e42ce87f6e9d7b1715693a/invoke.js
11 kB URL hutremindbond.com/c5c44a2656e42ce87f6e9d7b1715693a/invoke.js
IP
File type exported SGML document, ASCII text, with very long lines (29592), with no line terminators
Hash 7587d469076bccf91965753c1778ba3a
cf8755f06e2d2a717bd9a361dad1bc3260f5fe0b
054189dbce592665bd99e1bd6f9dcb58ff67de0345624c7888325a1e5fa56437
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /c5c44a2656e42ce87f6e9d7b1715693a/invoke.js HTTP/1.1
Host: hutremindbond.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://super-stars-wallpapers.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 03 Dec 2023 23:34:44 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6c2f167b2a1bf8204967f498efa3ba1e
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.veh-ev.info/wp-content/uploads/2022/12/Dont-forget-to-click.gif
11 kB URL www.veh-ev.info/wp-content/uploads/2022/12/Dont-forget-to-click.gif
IP
Hash 653c198144bd517a20fc183df3eceeed
7bd0d0a6445f0e84d3cf8e8d5cc9c0d41cf92041
0a379b168fe3180d5369e41df6e141b7cb7a7c5ac20a012b12ee2ea6b9b9f974
GET /wp-content/uploads/2022/12/Dont-forget-to-click.gif HTTP/1.1
Host: www.veh-ev.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://super-stars-wallpapers.blogspot.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
date: Sun, 03 Dec 2023 23:34:43 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: max-age=14400, must-revalidate
link: <https://www.veh-ev.info/wp-json/>; rel="https://api.w.org/"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8NGTzc%2F3LHllSn8tluxUHlYgsLCPy%2BcD%2Bd1n3yfnfQktICa5z1FZpT%2FBAuj8pPItjtSt43a2WN3E4rDqiPWXpUq%2FCpLdjeDDNzyaoB5696lLuOw9Ogi1cGrI%2Bh1iIC0YHUk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82ff9f3a3e1e56c3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
heartlessrigid.com/watch.920856738885.js?key=c5c44a2656e42ce87f6e9d7b1715693a&kw=%5B%22super%22%2C%22stars%22%2C%22wallpapers%22%5D&refer=https%3A%2F%2Fsuper-stars-wallpapers.blogspot.com%2F&tz=0&dev=e&res=14.3095&uuid=5b42a502-1042-41d3-b415-ef616d024951%3A3%3A1
0 B URL heartlessrigid.com/watch.920856738885.js?key=c5c44a2656e42ce87f6e9d7b1715693a&kw=%5B%22super%22%2C%22stars%22%2C%22wallpapers%22%5D&refer=https%3A%2F%2Fsuper-stars-wallpapers.blogspot.com%2F&tz=0&dev=e&res=14.3095&uuid=5b42a502-1042-41d3-b415-ef616d024951%3A3%3A1
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /watch.920856738885.js?key=c5c44a2656e42ce87f6e9d7b1715693a&kw=%5B%22super%22%2C%22stars%22%2C%22wallpapers%22%5D&refer=https%3A%2F%2Fsuper-stars-wallpapers.blogspot.com%2F&tz=0&dev=e&res=14.3095&uuid=5b42a502-1042-41d3-b415-ef616d024951%3A3%3A1 HTTP/1.1
Host: heartlessrigid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://super-stars-wallpapers.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://super-stars-wallpapers.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Sun, 03 Dec 2023 23:34:44 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://super-stars-wallpapers.blogspot.com
Access-Control-Allow-Origin: https://super-stars-wallpapers.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://heartlessrigid.com/watch.920856738885.js?key=c5c44a2656e42ce87f6e9d7b1715693a&kw=%5B%22super%22%2C%22stars%22%2C%22wallpapers%22%5D&refer=https%3A%2F%2Fsuper-stars-wallpapers.blogspot.com%2F&tz=0&dev=e&res=14.3095&uuid=5b42a502-1042-41d3-b415-ef616d024951%3A3%3A1&shu=1e742b25e0f9833f10546bead2d37ac1bb2abdc4d0701d63a6ac540176d3e6ad27df98f415a7d8e7962c5eb10423c1b29ff99529d402186b4a551a0a96182491de09b31cdb8204480f754b3f03e137bf8e4c1fc2305edd39ce4490d432bec0&pst=1701646544&rmtc=t
Set-Cookie: u_pl=18008452; expires=Mon, 04 Dec 2023 23:34:44 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODAwODQ1MiwiayI6ImM1YzQ0YTI2NTZlNDJjZTg3ZjZlOWQ3YjE3MTU2OTNhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDkxNjQxLCJwaWQiOjU0NDg2MSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6ImRkZ3dtMzU0IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vc3VwZXItc3RhcnMtd2FsbHBhcGVycy5ibG9nc3BvdC5jb20vIiwiYXIiOltdfX0.qVm_LJ9pLppLHgZ7M2Y8dn2MeSJ2fveZ0R7f_ZPltdY; expires=Sun, 03 Dec 2023 23:35:44 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d3d551890e4c43beb61b5eb62707154f
Strict-Transport-Security: max-age=0; includeSubdomains
hutremindbond.com/c5c44a2656e42ce87f6e9d7b1715693a/invoke.js
11 kB URL hutremindbond.com/c5c44a2656e42ce87f6e9d7b1715693a/invoke.js
IP
File type exported SGML document, ASCII text, with very long lines (29613), with no line terminators
Hash f2172ad36e94cd00cdb8f0ac6c352392
aded66a2d851f7d6aa8ac328d53323158999ac17
806583a45c26ece0023ff2e14e1aec98704678c9c03f2232664fd085add2acce
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /c5c44a2656e42ce87f6e9d7b1715693a/invoke.js HTTP/1.1
Host: hutremindbond.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://super-stars-wallpapers.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 03 Dec 2023 23:34:44 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1a7d6e11c0c28f99382f5dc37b523143
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
pronedynastyimpertinence.com/watch.1006573088768.js?key=43aa57950d91f3e2a4b5dc805a4a6fe1&kw=%5B%22super%22%2C%22stars%22%2C%22wallpapers%22%5D&refer=https%3A%2F%2Fsuper-stars-wallpapers.blogspot.com%2F&tz=0&dev=e&res=14.3095&uuid=13fc2838-4669-4452-8847-a2f835e23c4a%3A1%3A1&shu=688f57f4e413e6b06e733b82453b1d24a4a87e8ae2bc02b3a419f67dd82e7515a941f8b05b36c663fb84fea26e892c9d6448fbae50a6cb1d444e5d98e4654bf29a30c9391051365944be406ca98dfc91d471abdb0f3148b67f746fb4202576&pst=1701646544&rmtc=t
2.1 kB URL pronedynastyimpertinence.com/watch.1006573088768.js?key=43aa57950d91f3e2a4b5dc805a4a6fe1&kw=%5B%22super%22%2C%22stars%22%2C%22wallpapers%22%5D&refer=https%3A%2F%2Fsuper-stars-wallpapers.blogspot.com%2F&tz=0&dev=e&res=14.3095&uuid=13fc2838-4669-4452-8847-a2f835e23c4a%3A1%3A1&shu=688f57f4e413e6b06e733b82453b1d24a4a87e8ae2bc02b3a419f67dd82e7515a941f8b05b36c663fb84fea26e892c9d6448fbae50a6cb1d444e5d98e4654bf29a30c9391051365944be406ca98dfc91d471abdb0f3148b67f746fb4202576&pst=1701646544&rmtc=t
IP
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document, ASCII text, with very long lines (2654)
Hash 8c908e06bb60222f067a5a78581db22e
a10dd95e47ab8f037f6527839cc81847fd3a84c2
34e1bc33706cfce262efb0145dc4ea6b5c585f1a401fed7225f4d449a3b31ae7
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /watch.1006573088768.js?key=43aa57950d91f3e2a4b5dc805a4a6fe1&kw=%5B%22super%22%2C%22stars%22%2C%22wallpapers%22%5D&refer=https%3A%2F%2Fsuper-stars-wallpapers.blogspot.com%2F&tz=0&dev=e&res=14.3095&uuid=13fc2838-4669-4452-8847-a2f835e23c4a%3A1%3A1&shu=688f57f4e413e6b06e733b82453b1d24a4a87e8ae2bc02b3a419f67dd82e7515a941f8b05b36c663fb84fea26e892c9d6448fbae50a6cb1d444e5d98e4654bf29a30c9391051365944be406ca98dfc91d471abdb0f3148b67f746fb4202576&pst=1701646544&rmtc=t HTTP/1.1
Host: pronedynastyimpertinence.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://super-stars-wallpapers.blogspot.com
Referer: https://super-stars-wallpapers.blogspot.com/
DNT: 1
Connection: keep-alive
Cookie: u_pl=18011603; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODAxMTYwMywiayI6IjQzYWE1Nzk1MGQ5MWYzZTJhNGI1ZGM4MDVhNGE2ZmUxIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDkxNjQxLCJwaWQiOjU0NDg2MSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjIzLCJwdCI6NCwicGsiOiJoODNoaGt3cjFuIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vc3VwZXItc3RhcnMtd2FsbHBhcGVycy5ibG9nc3BvdC5jb20vIiwiYXIiOltdfX0.TRV2axJMZ1hLNTPD1qXH38OW66cvyx-tldbnndqJUN0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 03 Dec 2023 23:34:45 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://super-stars-wallpapers.blogspot.com
Access-Control-Allow-Origin: https://super-stars-wallpapers.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=13fc2838-4669-4452-8847-a2f835e23c4a:1:1; expires=Sun, 10 Dec 2023 23:34:44 GMT; secure; SameSite=None
iprc680496d60dd7f058fce48c7992475ad7=3569808; expires=Mon, 04 Dec 2023 03:34:45 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 04 Dec 2023 23:34:45 GMT; secure; SameSite=None
uncs=1; expires=Mon, 04 Dec 2023 23:34:45 GMT; secure; SameSite=None
pdhtkv23=true; expires=Mon, 04 Dec 2023 23:34:45 GMT; secure; SameSite=None
uncs23=1; expires=Mon, 04 Dec 2023 23:34:45 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5e8cebfaaa7bbcd9500c763207076645
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
skiofficerdemote.com/watch.436294736194.js?key=43aa57950d91f3e2a4b5dc805a4a6fe1&kw=%5B%22super%22%2C%22stars%22%2C%22wallpapers%22%5D&refer=https%3A%2F%2Fsuper-stars-wallpapers.blogspot.com%2F&tz=0&dev=e&res=14.3095&uuid=5b42a502-1042-41d3-b415-ef616d024951%3A3%3A1
0 B URL skiofficerdemote.com/watch.436294736194.js?key=43aa57950d91f3e2a4b5dc805a4a6fe1&kw=%5B%22super%22%2C%22stars%22%2C%22wallpapers%22%5D&refer=https%3A%2F%2Fsuper-stars-wallpapers.blogspot.com%2F&tz=0&dev=e&res=14.3095&uuid=5b42a502-1042-41d3-b415-ef616d024951%3A3%3A1
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /watch.436294736194.js?key=43aa57950d91f3e2a4b5dc805a4a6fe1&kw=%5B%22super%22%2C%22stars%22%2C%22wallpapers%22%5D&refer=https%3A%2F%2Fsuper-stars-wallpapers.blogspot.com%2F&tz=0&dev=e&res=14.3095&uuid=5b42a502-1042-41d3-b415-ef616d024951%3A3%3A1 HTTP/1.1
Host: skiofficerdemote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://super-stars-wallpapers.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://super-stars-wallpapers.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Sun, 03 Dec 2023 23:34:45 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://super-stars-wallpapers.blogspot.com
Access-Control-Allow-Origin: https://super-stars-wallpapers.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://skiofficerdemote.com/watch.436294736194.js?key=43aa57950d91f3e2a4b5dc805a4a6fe1&kw=%5B%22super%22%2C%22stars%22%2C%22wallpapers%22%5D&refer=https%3A%2F%2Fsuper-stars-wallpapers.blogspot.com%2F&tz=0&dev=e&res=14.3095&uuid=5b42a502-1042-41d3-b415-ef616d024951%3A3%3A1&shu=82bd31d43f8547909d0fb797925b3e073ecad92e386626e6b5f0ac5ceab7122bd5934f597ae21d20c95dc2e3c50a7fd67e772786fcb30835b417f4192e12eb77cfa09171c7463f7e7934687908f20da4f956616dbf0ad036014a67638fa025&pst=1701646545&rmtc=t
Set-Cookie: u_pl=18011603; expires=Mon, 04 Dec 2023 23:34:45 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODAxMTYwMywiayI6IjQzYWE1Nzk1MGQ5MWYzZTJhNGI1ZGM4MDVhNGE2ZmUxIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDkxNjQxLCJwaWQiOjU0NDg2MSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjIzLCJwdCI6NCwicGsiOiJoODNoaGt3cjFuIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vc3VwZXItc3RhcnMtd2FsbHBhcGVycy5ibG9nc3BvdC5jb20vIiwiYXIiOltdfX0.TRV2axJMZ1hLNTPD1qXH38OW66cvyx-tldbnndqJUN0; expires=Sun, 03 Dec 2023 23:35:45 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0f7e2413ed5ad8caf1861b2335f862d9
Strict-Transport-Security: max-age=0; includeSubdomains
heartlessrigid.com/watch.920856738885.js?key=c5c44a2656e42ce87f6e9d7b1715693a&kw=%5B%22super%22%2C%22stars%22%2C%22wallpapers%22%5D&refer=https%3A%2F%2Fsuper-stars-wallpapers.blogspot.com%2F&tz=0&dev=e&res=14.3095&uuid=5b42a502-1042-41d3-b415-ef616d024951%3A3%3A1&shu=1e742b25e0f9833f10546bead2d37ac1bb2abdc4d0701d63a6ac540176d3e6ad27df98f415a7d8e7962c5eb10423c1b29ff99529d402186b4a551a0a96182491de09b31cdb8204480f754b3f03e137bf8e4c1fc2305edd39ce4490d432bec0&pst=1701646544&rmtc=t
644 B URL heartlessrigid.com/watch.920856738885.js?key=c5c44a2656e42ce87f6e9d7b1715693a&kw=%5B%22super%22%2C%22stars%22%2C%22wallpapers%22%5D&refer=https%3A%2F%2Fsuper-stars-wallpapers.blogspot.com%2F&tz=0&dev=e&res=14.3095&uuid=5b42a502-1042-41d3-b415-ef616d024951%3A3%3A1&shu=1e742b25e0f9833f10546bead2d37ac1bb2abdc4d0701d63a6ac540176d3e6ad27df98f415a7d8e7962c5eb10423c1b29ff99529d402186b4a551a0a96182491de09b31cdb8204480f754b3f03e137bf8e4c1fc2305edd39ce4490d432bec0&pst=1701646544&rmtc=t
IP
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document, ASCII text, with very long lines (604)
Hash 68581a06a9aa25335fcbe89616f947fd
56c5cc21fa11c06e6be941e5b7d01ee5d96d6266
c911af0fd1a23883592a7ddff932c09a80ed362dcf425e9064ac19c05c166c0f
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /watch.920856738885.js?key=c5c44a2656e42ce87f6e9d7b1715693a&kw=%5B%22super%22%2C%22stars%22%2C%22wallpapers%22%5D&refer=https%3A%2F%2Fsuper-stars-wallpapers.blogspot.com%2F&tz=0&dev=e&res=14.3095&uuid=5b42a502-1042-41d3-b415-ef616d024951%3A3%3A1&shu=1e742b25e0f9833f10546bead2d37ac1bb2abdc4d0701d63a6ac540176d3e6ad27df98f415a7d8e7962c5eb10423c1b29ff99529d402186b4a551a0a96182491de09b31cdb8204480f754b3f03e137bf8e4c1fc2305edd39ce4490d432bec0&pst=1701646544&rmtc=t HTTP/1.1
Host: heartlessrigid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://super-stars-wallpapers.blogspot.com
Referer: https://super-stars-wallpapers.blogspot.com/
DNT: 1
Connection: keep-alive
Cookie: u_pl=18008452; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODAwODQ1MiwiayI6ImM1YzQ0YTI2NTZlNDJjZTg3ZjZlOWQ3YjE3MTU2OTNhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDkxNjQxLCJwaWQiOjU0NDg2MSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6ImRkZ3dtMzU0IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vc3VwZXItc3RhcnMtd2FsbHBhcGVycy5ibG9nc3BvdC5jb20vIiwiYXIiOltdfX0.qVm_LJ9pLppLHgZ7M2Y8dn2MeSJ2fveZ0R7f_ZPltdY
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 03 Dec 2023 23:34:45 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://super-stars-wallpapers.blogspot.com
Access-Control-Allow-Origin: https://super-stars-wallpapers.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=5b42a502-1042-41d3-b415-ef616d024951:3:1; expires=Sun, 10 Dec 2023 23:34:45 GMT; secure; SameSite=None
iprc0fa8555cdb804a61c836abd03cb0195d=2717340; expires=Tue, 05 Dec 2023 01:34:45 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 04 Dec 2023 23:34:45 GMT; secure; SameSite=None
uncs=1; expires=Mon, 04 Dec 2023 23:34:45 GMT; secure; SameSite=None
pdhtkv5=true; expires=Mon, 04 Dec 2023 23:34:45 GMT; secure; SameSite=None
uncs5=1; expires=Mon, 04 Dec 2023 23:34:45 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7de6981c6d401ba5bccf3e5859b231d0
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
hutremindbond.com/c5c44a2656e42ce87f6e9d7b1715693a/invoke.js
11 kB URL hutremindbond.com/c5c44a2656e42ce87f6e9d7b1715693a/invoke.js
IP
File type exported SGML document, ASCII text, with very long lines (29613), with no line terminators
Hash d5d4f149aa8899564b6011bd8d9e5cf2
5d850194afd402036031dbc7d6952d00efd7e6ad
d6101c154189a663235ce2868949fdda06d3448e13d2dcdcc3fee66886cbdd8f
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /c5c44a2656e42ce87f6e9d7b1715693a/invoke.js HTTP/1.1
Host: hutremindbond.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://super-stars-wallpapers.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 03 Dec 2023 23:34:45 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: da466ce7716ce3e79ae58af79f908cd0
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
nanhermione.com/watch.1246144184657.js?key=c5c44a2656e42ce87f6e9d7b1715693a&kw=%5B%22super%22%2C%22stars%22%2C%22wallpapers%22%5D&refer=https%3A%2F%2Fsuper-stars-wallpapers.blogspot.com%2F&tz=0&dev=e&res=14.3095&uuid=5b42a502-1042-41d3-b415-ef616d024951%3A3%3A1
0 B URL nanhermione.com/watch.1246144184657.js?key=c5c44a2656e42ce87f6e9d7b1715693a&kw=%5B%22super%22%2C%22stars%22%2C%22wallpapers%22%5D&refer=https%3A%2F%2Fsuper-stars-wallpapers.blogspot.com%2F&tz=0&dev=e&res=14.3095&uuid=5b42a502-1042-41d3-b415-ef616d024951%3A3%3A1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /watch.1246144184657.js?key=c5c44a2656e42ce87f6e9d7b1715693a&kw=%5B%22super%22%2C%22stars%22%2C%22wallpapers%22%5D&refer=https%3A%2F%2Fsuper-stars-wallpapers.blogspot.com%2F&tz=0&dev=e&res=14.3095&uuid=5b42a502-1042-41d3-b415-ef616d024951%3A3%3A1 HTTP/1.1
Host: nanhermione.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://super-stars-wallpapers.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://super-stars-wallpapers.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Sun, 03 Dec 2023 23:34:45 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://super-stars-wallpapers.blogspot.com
Access-Control-Allow-Origin: https://super-stars-wallpapers.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://nanhermione.com/watch.1246144184657.js?key=c5c44a2656e42ce87f6e9d7b1715693a&kw=%5B%22super%22%2C%22stars%22%2C%22wallpapers%22%5D&refer=https%3A%2F%2Fsuper-stars-wallpapers.blogspot.com%2F&tz=0&dev=e&res=14.3095&uuid=5b42a502-1042-41d3-b415-ef616d024951%3A3%3A1&shu=40f1290fecb97fb7155043c0f394074814091f333e845b9abf02bc0991854099e4a1ce49ac9d885fc804e7addbfdfdf6663869f726e9757e807e4cc99af185b956c5e142145fc8a76d340ccdff015d681d6491819b5127f6cc546fadf120&pst=1701646545&rmtc=t
Set-Cookie: u_pl=18008452; expires=Mon, 04 Dec 2023 23:34:45 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODAwODQ1MiwiayI6ImM1YzQ0YTI2NTZlNDJjZTg3ZjZlOWQ3YjE3MTU2OTNhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDkxNjQxLCJwaWQiOjU0NDg2MSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6ImRkZ3dtMzU0IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vc3VwZXItc3RhcnMtd2FsbHBhcGVycy5ibG9nc3BvdC5jb20vIiwiYXIiOltdfX0.qVm_LJ9pLppLHgZ7M2Y8dn2MeSJ2fveZ0R7f_ZPltdY; expires=Sun, 03 Dec 2023 23:35:45 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0771db7c6529deb6d83cadc1e6ca8b1c
Strict-Transport-Security: max-age=0; includeSubdomains
skiofficerdemote.com/watch.436294736194?key=43aa57950d91f3e2a4b5dc805a4a6fe1&kw=%5B%22super%22%2C%22stars%22%2C%22wallpapers%22%5D&refer=https%3A%2F%2Fsuper-stars-wallpapers.blogspot.com%2F&tz=0&dev=e&res=14.3095&uuid=5b42a502-1042-41d3-b415-ef616d024951%3A3%3A1
1.5 kB URL skiofficerdemote.com/watch.436294736194?key=43aa57950d91f3e2a4b5dc805a4a6fe1&kw=%5B%22super%22%2C%22stars%22%2C%22wallpapers%22%5D&refer=https%3A%2F%2Fsuper-stars-wallpapers.blogspot.com%2F&tz=0&dev=e&res=14.3095&uuid=5b42a502-1042-41d3-b415-ef616d024951%3A3%3A1
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (732)
Hash 84bac2a9e120a9aa711e4be5935684af
5d27dc5ed8830e92bb3d65890ce8ab47cc9c5fae
6e14c62c559999bdad00429a17bbdd63239d9df7d6c7fdece7b1f3a300c2189f
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /watch.436294736194?key=43aa57950d91f3e2a4b5dc805a4a6fe1&kw=%5B%22super%22%2C%22stars%22%2C%22wallpapers%22%5D&refer=https%3A%2F%2Fsuper-stars-wallpapers.blogspot.com%2F&tz=0&dev=e&res=14.3095&uuid=5b42a502-1042-41d3-b415-ef616d024951%3A3%3A1 HTTP/1.1
Host: skiofficerdemote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://super-stars-wallpapers.blogspot.com/
Cookie: u_pl=18011603; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODAxMTYwMywiayI6IjQzYWE1Nzk1MGQ5MWYzZTJhNGI1ZGM4MDVhNGE2ZmUxIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDkxNjQxLCJwaWQiOjU0NDg2MSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjIzLCJwdCI6NCwicGsiOiJoODNoaGt3cjFuIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vc3VwZXItc3RhcnMtd2FsbHBhcGVycy5ibG9nc3BvdC5jb20vIiwiYXIiOltdfX0.TRV2axJMZ1hLNTPD1qXH38OW66cvyx-tldbnndqJUN0
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 03 Dec 2023 23:34:45 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODAxMTYwMywiayI6IjQzYWE1Nzk1MGQ5MWYzZTJhNGI1ZGM4MDVhNGE2ZmUxIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDkxNjQxLCJwaWQiOjU0NDg2MSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjIzLCJwdCI6NCwicGsiOiJoODNoaGt3cjFuIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3N1cGVyLXN0YXJzLXdhbGxwYXBlcnMuYmxvZ3Nwb3QuY29tLyIsImFyIjpbXX19.gqWFpn7y_HpJnECFlLkNjLvJsvsWtLrZWMNC7h6ugqk; expires=Sun, 03 Dec 2023 23:35:45 GMT; secure; SameSite=None
uid_id2=5b42a502-1042-41d3-b415-ef616d024951:3:1; expires=Sun, 10 Dec 2023 23:34:45 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b66c755f4af5c5cf4194878839c5ae9c
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
wheelstweakautopsy.com/watch.80307858740?key=c5c44a2656e42ce87f6e9d7b1715693a&kw=%5B%22super%22%2C%22stars%22%2C%22wallpapers%22%5D&refer=https%3A%2F%2Fsuper-stars-wallpapers.blogspot.com%2F&tz=0&dev=e&res=14.3095&uuid=5b42a502-1042-41d3-b415-ef616d024951%3A3%3A1
1.5 kB URL wheelstweakautopsy.com/watch.80307858740?key=c5c44a2656e42ce87f6e9d7b1715693a&kw=%5B%22super%22%2C%22stars%22%2C%22wallpapers%22%5D&refer=https%3A%2F%2Fsuper-stars-wallpapers.blogspot.com%2F&tz=0&dev=e&res=14.3095&uuid=5b42a502-1042-41d3-b415-ef616d024951%3A3%3A1
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (736)
Hash d26ed8db9d6275b258e4e958e6e377d9
54c6f92a687a2b9c82c7282ae4307b4d3d4fd41b
2e5d7c55fd2e661f87e62783e9e7176abcb139a54c8995a2a50ecebd3b9c9e0e
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /watch.80307858740?key=c5c44a2656e42ce87f6e9d7b1715693a&kw=%5B%22super%22%2C%22stars%22%2C%22wallpapers%22%5D&refer=https%3A%2F%2Fsuper-stars-wallpapers.blogspot.com%2F&tz=0&dev=e&res=14.3095&uuid=5b42a502-1042-41d3-b415-ef616d024951%3A3%3A1 HTTP/1.1
Host: wheelstweakautopsy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://super-stars-wallpapers.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 03 Dec 2023 23:34:45 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=18008452; expires=Mon, 04 Dec 2023 23:34:45 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODAwODQ1MiwiayI6ImM1YzQ0YTI2NTZlNDJjZTg3ZjZlOWQ3YjE3MTU2OTNhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDkxNjQxLCJwaWQiOjU0NDg2MSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6ImRkZ3dtMzU0IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vc3VwZXItc3RhcnMtd2FsbHBhcGVycy5ibG9nc3BvdC5jb20vIiwiYXIiOltdfX0.qVm_LJ9pLppLHgZ7M2Y8dn2MeSJ2fveZ0R7f_ZPltdY; expires=Sun, 03 Dec 2023 23:35:45 GMT; secure; SameSite=None
uid_id2=5b42a502-1042-41d3-b415-ef616d024951:3:1; expires=Sun, 10 Dec 2023 23:34:45 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6a86f68ed8f41a702eb42b58e4a5f616
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
nanhermione.com/watch.1246144184657?key=c5c44a2656e42ce87f6e9d7b1715693a&kw=%5B%22super%22%2C%22stars%22%2C%22wallpapers%22%5D&refer=https%3A%2F%2Fsuper-stars-wallpapers.blogspot.com%2F&tz=0&dev=e&res=14.3095&uuid=5b42a502-1042-41d3-b415-ef616d024951%3A3%3A1
1.4 kB URL nanhermione.com/watch.1246144184657?key=c5c44a2656e42ce87f6e9d7b1715693a&kw=%5B%22super%22%2C%22stars%22%2C%22wallpapers%22%5D&refer=https%3A%2F%2Fsuper-stars-wallpapers.blogspot.com%2F&tz=0&dev=e&res=14.3095&uuid=5b42a502-1042-41d3-b415-ef616d024951%3A3%3A1
IP
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (728)
Hash 3fda5320244f0ed27feff66ac348c5f6
cc64fa7097b27d77bd2ac90c464477359e1514c0
04e5aa4eb703bf202bcc9ded4a5c19167c888d91e12cc33171b5cee6aeb5532c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /watch.1246144184657?key=c5c44a2656e42ce87f6e9d7b1715693a&kw=%5B%22super%22%2C%22stars%22%2C%22wallpapers%22%5D&refer=https%3A%2F%2Fsuper-stars-wallpapers.blogspot.com%2F&tz=0&dev=e&res=14.3095&uuid=5b42a502-1042-41d3-b415-ef616d024951%3A3%3A1 HTTP/1.1
Host: nanhermione.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://super-stars-wallpapers.blogspot.com/
Cookie: u_pl=18008452; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODAwODQ1MiwiayI6ImM1YzQ0YTI2NTZlNDJjZTg3ZjZlOWQ3YjE3MTU2OTNhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDkxNjQxLCJwaWQiOjU0NDg2MSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6ImRkZ3dtMzU0IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vc3VwZXItc3RhcnMtd2FsbHBhcGVycy5ibG9nc3BvdC5jb20vIiwiYXIiOltdfX0.qVm_LJ9pLppLHgZ7M2Y8dn2MeSJ2fveZ0R7f_ZPltdY
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 03 Dec 2023 23:34:45 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODAwODQ1MiwiayI6ImM1YzQ0YTI2NTZlNDJjZTg3ZjZlOWQ3YjE3MTU2OTNhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDkxNjQxLCJwaWQiOjU0NDg2MSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6ImRkZ3dtMzU0IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3N1cGVyLXN0YXJzLXdhbGxwYXBlcnMuYmxvZ3Nwb3QuY29tLyIsImFyIjpbXX19.vHinKwMh1uXRtiNYwvebSTOep9BhafW7-7WpbU1tGjM; expires=Sun, 03 Dec 2023 23:35:45 GMT; secure; SameSite=None
uid_id2=5b42a502-1042-41d3-b415-ef616d024951:3:1; expires=Sun, 10 Dec 2023 23:34:45 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 42780ebc4fdaca17dc1e8f2630666b6f
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
jeanspurrcleopatra.com/watch.438297356691?key=c5c44a2656e42ce87f6e9d7b1715693a&kw=%5B%22super%22%2C%22stars%22%2C%22wallpapers%22%5D&refer=https%3A%2F%2Fsuper-stars-wallpapers.blogspot.com%2F&tz=0&dev=e&res=14.3095&uuid=5b42a502-1042-41d3-b415-ef616d024951%3A3%3A1
1.4 kB URL jeanspurrcleopatra.com/watch.438297356691?key=c5c44a2656e42ce87f6e9d7b1715693a&kw=%5B%22super%22%2C%22stars%22%2C%22wallpapers%22%5D&refer=https%3A%2F%2Fsuper-stars-wallpapers.blogspot.com%2F&tz=0&dev=e&res=14.3095&uuid=5b42a502-1042-41d3-b415-ef616d024951%3A3%3A1
IP
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (720)
Hash 2a18370db847fb17f82fceb6e6e2c3d1
17240be5d767cf6fedcd844986c7b24e287a29f3
3fd65cabe9ba3241126a2dc5b07c2faa84bf7e20ff3fbe465fb762a526230c81
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /watch.438297356691?key=c5c44a2656e42ce87f6e9d7b1715693a&kw=%5B%22super%22%2C%22stars%22%2C%22wallpapers%22%5D&refer=https%3A%2F%2Fsuper-stars-wallpapers.blogspot.com%2F&tz=0&dev=e&res=14.3095&uuid=5b42a502-1042-41d3-b415-ef616d024951%3A3%3A1 HTTP/1.1
Host: jeanspurrcleopatra.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://super-stars-wallpapers.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 03 Dec 2023 23:34:45 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=18008452; expires=Mon, 04 Dec 2023 23:34:45 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODAwODQ1MiwiayI6ImM1YzQ0YTI2NTZlNDJjZTg3ZjZlOWQ3YjE3MTU2OTNhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDkxNjQxLCJwaWQiOjU0NDg2MSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6ImRkZ3dtMzU0IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vc3VwZXItc3RhcnMtd2FsbHBhcGVycy5ibG9nc3BvdC5jb20vIiwiYXIiOltdfX0.qVm_LJ9pLppLHgZ7M2Y8dn2MeSJ2fveZ0R7f_ZPltdY; expires=Sun, 03 Dec 2023 23:35:45 GMT; secure; SameSite=None
uid_id2=5b42a502-1042-41d3-b415-ef616d024951:3:1; expires=Sun, 10 Dec 2023 23:34:45 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ea2db96b86dc1eed83c185c3c37cbe52
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
wheelstweakautopsy.com/api/users?token=L3dhdGNoLjgwMzA3ODU4NzQwP2Rldj1lJmtleT1jNWM0NGEyNjU2ZTQyY2U4N2Y2ZTlkN2IxNzE1NjkzYSZrdz0lNUIlMjZxdW90JTNCc3VwZXIlMjZxdW90JTNCJTJDJTI2cXVvdCUzQnN0YXJzJTI2cXVvdCUzQiUyQyUyNnF1b3QlM0J3YWxscGFwZXJzJTI2cXVvdCUzQiU1RCZwc3Q9MTcwMTY0NjU0NSZyZWZlcj1odHRwcyUzQSUyRiUyRnN1cGVyLXN0YXJzLXdhbGxwYXBlcnMuYmxvZ3Nwb3QuY29tJTJGJnJlcz0xNC4zMDk1JnJtdGM9dCZzaHU9Y2YzOTJiN2UyOTc0NTY1ZDNmYWYwN2EzZmZmYTk3OTM0Y2UyOWI1OTJjNTI5ODVjMjdhZGZjZWQ3OTUwZjNjMTY3ZmI2MWM0ODc1ZjU1NDdlNjhhNjZiY2EzMGNhNDg5ODFhMDFhZWRhNzI2Zjg5NTFhNDM0ZDkwOWQ0MWFjYjI5ZDEyMWEwMWYwN2FhNDFkOTNkMzVmODVjNWMzMWI4MzA1OTY4MTJlZDBiNzRlYWMwMDAzODQ3ZGI4ZjQyZjc2YjA2NGJiJnR6PTAmdXVpZD01YjQyYTUwMi0xMDQyLTQxZDMtYjQxNS1lZjYxNmQwMjQ5NTElM0EzJTNBMQ%3D%3D&uuid=5b42a502-1042-41d3-b415-ef616d024951%3A3%3A1&pii=&in=false
1.8 kB URL wheelstweakautopsy.com/api/users?token=L3dhdGNoLjgwMzA3ODU4NzQwP2Rldj1lJmtleT1jNWM0NGEyNjU2ZTQyY2U4N2Y2ZTlkN2IxNzE1NjkzYSZrdz0lNUIlMjZxdW90JTNCc3VwZXIlMjZxdW90JTNCJTJDJTI2cXVvdCUzQnN0YXJzJTI2cXVvdCUzQiUyQyUyNnF1b3QlM0J3YWxscGFwZXJzJTI2cXVvdCUzQiU1RCZwc3Q9MTcwMTY0NjU0NSZyZWZlcj1odHRwcyUzQSUyRiUyRnN1cGVyLXN0YXJzLXdhbGxwYXBlcnMuYmxvZ3Nwb3QuY29tJTJGJnJlcz0xNC4zMDk1JnJtdGM9dCZzaHU9Y2YzOTJiN2UyOTc0NTY1ZDNmYWYwN2EzZmZmYTk3OTM0Y2UyOWI1OTJjNTI5ODVjMjdhZGZjZWQ3OTUwZjNjMTY3ZmI2MWM0ODc1ZjU1NDdlNjhhNjZiY2EzMGNhNDg5ODFhMDFhZWRhNzI2Zjg5NTFhNDM0ZDkwOWQ0MWFjYjI5ZDEyMWEwMWYwN2FhNDFkOTNkMzVmODVjNWMzMWI4MzA1OTY4MTJlZDBiNzRlYWMwMDAzODQ3ZGI4ZjQyZjc2YjA2NGJiJnR6PTAmdXVpZD01YjQyYTUwMi0xMDQyLTQxZDMtYjQxNS1lZjYxNmQwMjQ5NTElM0EzJTNBMQ%3D%3D&uuid=5b42a502-1042-41d3-b415-ef616d024951%3A3%3A1&pii=&in=false
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2490)
Hash 12f6f5bce7a4a6b070ea7ac2babdf988
1d5b30fecbea3d8b044577237b814742b21286b6
7152ffb45f351b9e52101ab578538b9f8920f41b0c01f6b94ab3a1ac35aacbc5
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /api/users?token=L3dhdGNoLjgwMzA3ODU4NzQwP2Rldj1lJmtleT1jNWM0NGEyNjU2ZTQyY2U4N2Y2ZTlkN2IxNzE1NjkzYSZrdz0lNUIlMjZxdW90JTNCc3VwZXIlMjZxdW90JTNCJTJDJTI2cXVvdCUzQnN0YXJzJTI2cXVvdCUzQiUyQyUyNnF1b3QlM0J3YWxscGFwZXJzJTI2cXVvdCUzQiU1RCZwc3Q9MTcwMTY0NjU0NSZyZWZlcj1odHRwcyUzQSUyRiUyRnN1cGVyLXN0YXJzLXdhbGxwYXBlcnMuYmxvZ3Nwb3QuY29tJTJGJnJlcz0xNC4zMDk1JnJtdGM9dCZzaHU9Y2YzOTJiN2UyOTc0NTY1ZDNmYWYwN2EzZmZmYTk3OTM0Y2UyOWI1OTJjNTI5ODVjMjdhZGZjZWQ3OTUwZjNjMTY3ZmI2MWM0ODc1ZjU1NDdlNjhhNjZiY2EzMGNhNDg5ODFhMDFhZWRhNzI2Zjg5NTFhNDM0ZDkwOWQ0MWFjYjI5ZDEyMWEwMWYwN2FhNDFkOTNkMzVmODVjNWMzMWI4MzA1OTY4MTJlZDBiNzRlYWMwMDAzODQ3ZGI4ZjQyZjc2YjA2NGJiJnR6PTAmdXVpZD01YjQyYTUwMi0xMDQyLTQxZDMtYjQxNS1lZjYxNmQwMjQ5NTElM0EzJTNBMQ%3D%3D&uuid=5b42a502-1042-41d3-b415-ef616d024951%3A3%3A1&pii=&in=false HTTP/1.1
Host: wheelstweakautopsy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wheelstweakautopsy.com/watch.80307858740?key=c5c44a2656e42ce87f6e9d7b1715693a&kw=%5B%22super%22%2C%22stars%22%2C%22wallpapers%22%5D&refer=https%3A%2F%2Fsuper-stars-wallpapers.blogspot.com%2F&tz=0&dev=e&res=14.3095&uuid=5b42a502-1042-41d3-b415-ef616d024951%3A3%3A1
Cookie: u_pl=18008452; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODAwODQ1MiwiayI6ImM1YzQ0YTI2NTZlNDJjZTg3ZjZlOWQ3YjE3MTU2OTNhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDkxNjQxLCJwaWQiOjU0NDg2MSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6ImRkZ3dtMzU0IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vc3VwZXItc3RhcnMtd2FsbHBhcGVycy5ibG9nc3BvdC5jb20vIiwiYXIiOltdfX0.qVm_LJ9pLppLHgZ7M2Y8dn2MeSJ2fveZ0R7f_ZPltdY; uid_id2=5b42a502-1042-41d3-b415-ef616d024951:3:1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 03 Dec 2023 23:34:45 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://super-stars-wallpapers.blogspot.com/
Access-Control-Allow-Origin: https://super-stars-wallpapers.blogspot.com/
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=5b42a502-1042-41d3-b415-ef616d024951:3:1; expires=Sun, 10 Dec 2023 23:34:45 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 04 Dec 2023 23:34:45 GMT; secure; SameSite=None
uncs=1; expires=Mon, 04 Dec 2023 23:34:45 GMT; secure; SameSite=None
pdhtkv5=true; expires=Mon, 04 Dec 2023 23:34:45 GMT; secure; SameSite=None
uncs5=1; expires=Mon, 04 Dec 2023 23:34:45 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5cfeefa7861a4f21ee02441cee3f02ef
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
skiofficerdemote.com/api/users?token=L3dhdGNoLjQzNjI5NDczNjE5ND9kZXY9ZSZrZXk9NDNhYTU3OTUwZDkxZjNlMmE0YjVkYzgwNWE0YTZmZTEma3c9JTVCJTI2cXVvdCUzQnN1cGVyJTI2cXVvdCUzQiUyQyUyNnF1b3QlM0JzdGFycyUyNnF1b3QlM0IlMkMlMjZxdW90JTNCd2FsbHBhcGVycyUyNnF1b3QlM0IlNUQmcHN0PTE3MDE2NDY1NDUmcmVmZXI9aHR0cHMlM0ElMkYlMkZzdXBlci1zdGFycy13YWxscGFwZXJzLmJsb2dzcG90LmNvbSUyRiZyZXM9MTQuMzA5NSZybXRjPXQmc2h1PTIzZTczYTAyYmQ3MDkwMzZkNmQ5NTVhNzkwMDUzOWQwNmM2ZmI4OTM5ZTU4OTIwODg1ZjVhM2IyNzk1YWU0M2JkZWM1OWMwOGQ4NWQ4YmY4ZGU4ZDJkNzU2ZjUyMjMzNzNhN2YzNWYwYTE0ZGUwNGQ5NWQyZmUwYWU1Y2E1MWU1ZWIxOTgyMTE0NWNlMzhhYTA0MjVlYzZmZjY5MzJjYzhmM2YzNjQyYTAwNjA0NDYxYzk3NDljZTgxNjQyODgzODBiJnR6PTAmdXVpZD01YjQyYTUwMi0xMDQyLTQxZDMtYjQxNS1lZjYxNmQwMjQ5NTElM0EzJTNBMQ%3D%3D&uuid=5b42a502-1042-41d3-b415-ef616d024951%3A3%3A1&pii=&in=false
1.8 kB URL skiofficerdemote.com/api/users?token=L3dhdGNoLjQzNjI5NDczNjE5ND9kZXY9ZSZrZXk9NDNhYTU3OTUwZDkxZjNlMmE0YjVkYzgwNWE0YTZmZTEma3c9JTVCJTI2cXVvdCUzQnN1cGVyJTI2cXVvdCUzQiUyQyUyNnF1b3QlM0JzdGFycyUyNnF1b3QlM0IlMkMlMjZxdW90JTNCd2FsbHBhcGVycyUyNnF1b3QlM0IlNUQmcHN0PTE3MDE2NDY1NDUmcmVmZXI9aHR0cHMlM0ElMkYlMkZzdXBlci1zdGFycy13YWxscGFwZXJzLmJsb2dzcG90LmNvbSUyRiZyZXM9MTQuMzA5NSZybXRjPXQmc2h1PTIzZTczYTAyYmQ3MDkwMzZkNmQ5NTVhNzkwMDUzOWQwNmM2ZmI4OTM5ZTU4OTIwODg1ZjVhM2IyNzk1YWU0M2JkZWM1OWMwOGQ4NWQ4YmY4ZGU4ZDJkNzU2ZjUyMjMzNzNhN2YzNWYwYTE0ZGUwNGQ5NWQyZmUwYWU1Y2E1MWU1ZWIxOTgyMTE0NWNlMzhhYTA0MjVlYzZmZjY5MzJjYzhmM2YzNjQyYTAwNjA0NDYxYzk3NDljZTgxNjQyODgzODBiJnR6PTAmdXVpZD01YjQyYTUwMi0xMDQyLTQxZDMtYjQxNS1lZjYxNmQwMjQ5NTElM0EzJTNBMQ%3D%3D&uuid=5b42a502-1042-41d3-b415-ef616d024951%3A3%3A1&pii=&in=false
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2525)
Hash 5d559f189c26bfb1e1d808802b22eac1
93f267aeea338eb0529905819dd0305945e30696
2c0561e74a250894956401f605e5acf8da1dd29f898506c64579b2e303a35c9c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /api/users?token=L3dhdGNoLjQzNjI5NDczNjE5ND9kZXY9ZSZrZXk9NDNhYTU3OTUwZDkxZjNlMmE0YjVkYzgwNWE0YTZmZTEma3c9JTVCJTI2cXVvdCUzQnN1cGVyJTI2cXVvdCUzQiUyQyUyNnF1b3QlM0JzdGFycyUyNnF1b3QlM0IlMkMlMjZxdW90JTNCd2FsbHBhcGVycyUyNnF1b3QlM0IlNUQmcHN0PTE3MDE2NDY1NDUmcmVmZXI9aHR0cHMlM0ElMkYlMkZzdXBlci1zdGFycy13YWxscGFwZXJzLmJsb2dzcG90LmNvbSUyRiZyZXM9MTQuMzA5NSZybXRjPXQmc2h1PTIzZTczYTAyYmQ3MDkwMzZkNmQ5NTVhNzkwMDUzOWQwNmM2ZmI4OTM5ZTU4OTIwODg1ZjVhM2IyNzk1YWU0M2JkZWM1OWMwOGQ4NWQ4YmY4ZGU4ZDJkNzU2ZjUyMjMzNzNhN2YzNWYwYTE0ZGUwNGQ5NWQyZmUwYWU1Y2E1MWU1ZWIxOTgyMTE0NWNlMzhhYTA0MjVlYzZmZjY5MzJjYzhmM2YzNjQyYTAwNjA0NDYxYzk3NDljZTgxNjQyODgzODBiJnR6PTAmdXVpZD01YjQyYTUwMi0xMDQyLTQxZDMtYjQxNS1lZjYxNmQwMjQ5NTElM0EzJTNBMQ%3D%3D&uuid=5b42a502-1042-41d3-b415-ef616d024951%3A3%3A1&pii=&in=false HTTP/1.1
Host: skiofficerdemote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://skiofficerdemote.com/watch.436294736194?key=43aa57950d91f3e2a4b5dc805a4a6fe1&kw=%5B%22super%22%2C%22stars%22%2C%22wallpapers%22%5D&refer=https%3A%2F%2Fsuper-stars-wallpapers.blogspot.com%2F&tz=0&dev=e&res=14.3095&uuid=5b42a502-1042-41d3-b415-ef616d024951%3A3%3A1
Cookie: u_pl=18011603; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODAxMTYwMywiayI6IjQzYWE1Nzk1MGQ5MWYzZTJhNGI1ZGM4MDVhNGE2ZmUxIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDkxNjQxLCJwaWQiOjU0NDg2MSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjIzLCJwdCI6NCwicGsiOiJoODNoaGt3cjFuIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3N1cGVyLXN0YXJzLXdhbGxwYXBlcnMuYmxvZ3Nwb3QuY29tLyIsImFyIjpbXX19.gqWFpn7y_HpJnECFlLkNjLvJsvsWtLrZWMNC7h6ugqk; uid_id2=5b42a502-1042-41d3-b415-ef616d024951:3:1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 03 Dec 2023 23:34:45 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://super-stars-wallpapers.blogspot.com/
Access-Control-Allow-Origin: https://super-stars-wallpapers.blogspot.com/
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=5b42a502-1042-41d3-b415-ef616d024951:3:1; expires=Sun, 10 Dec 2023 23:34:45 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 04 Dec 2023 23:34:45 GMT; secure; SameSite=None
uncs=1; expires=Mon, 04 Dec 2023 23:34:45 GMT; secure; SameSite=None
pdhtkv23=true; expires=Mon, 04 Dec 2023 23:34:45 GMT; secure; SameSite=None
uncs23=1; expires=Mon, 04 Dec 2023 23:34:45 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: cd3bcac501aa4046abff5a2c8bab930d
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
conqueredallrightswell.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=18008452
1.4 kB URL conqueredallrightswell.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=18008452
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (512)
Hash 429984dc17b5db9557ce066270283435
1692bf3df0547c103bf54f0b4efde9c20e7c67f3
a999fcb36c7b79613cb6cad580158409e958934261b14c0f7337a47443ded387
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=18008452 HTTP/1.1
Host: conqueredallrightswell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://super-stars-wallpapers.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 03 Dec 2023 23:34:45 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=16122660; expires=Mon, 04 Dec 2023 23:34:45 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTgwMDg0NTIiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9zdXBlci1zdGFycy13YWxscGFwZXJzLmJsb2dzcG90LmNvbS8iLCJhciI6W119fQ.EEzhjmr_iHhaQL-pgORELURd0tUOJHukJbtm9Gx06BY; expires=Sun, 03 Dec 2023 23:35:45 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f6a27f60c75a935ff40a22f4fb8d7b32
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
conqueredallrightswell.com/api/users?token=L2R5ZmMxazA5P2tleT04NjM3MDViY2JiNGI2YTU1NGRkYjM1OTY2NTM5NWE2ZiZwc2lkPTE4MDA4NDUyJnBzdD0xNzAxNjQ2NTQ1JnJlZmVyPWh0dHBzJTNBJTJGJTJGc3VwZXItc3RhcnMtd2FsbHBhcGVycy5ibG9nc3BvdC5jb20lMkYmcm10Yz10JnNodT1iOTIwNjMwOTIxYTQ3YmM3Y2Q0YjkzMTE3MDY2Y2M3MTU0MWU3NWYyZmZlMDJmZmY3YzkyNTMwNDE2MmM5MDE1NjAwMzZlMDllYWU4MzYwZTlmNzg5ZGRmOWVmYzM5NTIwOWM0NmJkNTAxMTcyY2RlMTQyN2M4OGJhZTBkYjhjZjdmNDVkYzY5ZDYxNWFjYTQ3MDEyYTQ2NGFiMTgyZGI4NGI2ODU0NTY1NGEwZmQ4ZmQ3MmU4NWU0MWU5NzA3ZmI4Ng%3D%3D&uuid=&pii=&in=false
0 B URL conqueredallrightswell.com/api/users?token=L2R5ZmMxazA5P2tleT04NjM3MDViY2JiNGI2YTU1NGRkYjM1OTY2NTM5NWE2ZiZwc2lkPTE4MDA4NDUyJnBzdD0xNzAxNjQ2NTQ1JnJlZmVyPWh0dHBzJTNBJTJGJTJGc3VwZXItc3RhcnMtd2FsbHBhcGVycy5ibG9nc3BvdC5jb20lMkYmcm10Yz10JnNodT1iOTIwNjMwOTIxYTQ3YmM3Y2Q0YjkzMTE3MDY2Y2M3MTU0MWU3NWYyZmZlMDJmZmY3YzkyNTMwNDE2MmM5MDE1NjAwMzZlMDllYWU4MzYwZTlmNzg5ZGRmOWVmYzM5NTIwOWM0NmJkNTAxMTcyY2RlMTQyN2M4OGJhZTBkYjhjZjdmNDVkYzY5ZDYxNWFjYTQ3MDEyYTQ2NGFiMTgyZGI4NGI2ODU0NTY1NGEwZmQ4ZmQ3MmU4NWU0MWU5NzA3ZmI4Ng%3D%3D&uuid=&pii=&in=false
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /api/users?token=L2R5ZmMxazA5P2tleT04NjM3MDViY2JiNGI2YTU1NGRkYjM1OTY2NTM5NWE2ZiZwc2lkPTE4MDA4NDUyJnBzdD0xNzAxNjQ2NTQ1JnJlZmVyPWh0dHBzJTNBJTJGJTJGc3VwZXItc3RhcnMtd2FsbHBhcGVycy5ibG9nc3BvdC5jb20lMkYmcm10Yz10JnNodT1iOTIwNjMwOTIxYTQ3YmM3Y2Q0YjkzMTE3MDY2Y2M3MTU0MWU3NWYyZmZlMDJmZmY3YzkyNTMwNDE2MmM5MDE1NjAwMzZlMDllYWU4MzYwZTlmNzg5ZGRmOWVmYzM5NTIwOWM0NmJkNTAxMTcyY2RlMTQyN2M4OGJhZTBkYjhjZjdmNDVkYzY5ZDYxNWFjYTQ3MDEyYTQ2NGFiMTgyZGI4NGI2ODU0NTY1NGEwZmQ4ZmQ3MmU4NWU0MWU5NzA3ZmI4Ng%3D%3D&uuid=&pii=&in=false HTTP/1.1
Host: conqueredallrightswell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://conqueredallrightswell.com/dyfc1k09?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=16122660
Cookie: u_pl=16122660; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTgwMDg0NTIiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9zdXBlci1zdGFycy13YWxscGFwZXJzLmJsb2dzcG90LmNvbS8iLCJhciI6W119fQ.EEzhjmr_iHhaQL-pgORELURd0tUOJHukJbtm9Gx06BY; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.21.6
Date: Sun, 03 Dec 2023 23:34:46 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://violationphysics.click/c9b2l0k.php?key=wkroiqew1c9guvr0kbe2&SUB_ID_SHORT=3003e93aba92ca0c12c3d05ba42940db&COST_CPA=0.100000&PLACEMENT_ID=16122660&CAMPAIGN_ID=882703&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Windows&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&REMOTE_LANGUAGE=11&BANNER_ID=2569625
Set-Cookie: iprc3c9443d27b3994a4fb6081daac8108f8=4641329; expires=Mon, 04 Dec 2023 23:34:46 GMT
pdhtkv=true; expires=Mon, 04 Dec 2023 23:34:46 GMT
uncs=1; expires=Mon, 04 Dec 2023 23:34:46 GMT
pdhtkv28=true; expires=Mon, 04 Dec 2023 23:34:46 GMT
uncs28=1; expires=Mon, 04 Dec 2023 23:34:46 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d7267fb9664e2b70e2a6fe99ae67e306
Strict-Transport-Security: max-age=0; includeSubdomains
violationphysics.click/c9b2l0k.php?key=wkroiqew1c9guvr0kbe2&SUB_ID_SHORT=3003e93aba92ca0c12c3d05ba42940db&COST_CPA=0.100000&PLACEMENT_ID=16122660&CAMPAIGN_ID=882703&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Windows&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&REMOTE_LANGUAGE=11&BANNER_ID=2569625
0 B URL violationphysics.click/c9b2l0k.php?key=wkroiqew1c9guvr0kbe2&SUB_ID_SHORT=3003e93aba92ca0c12c3d05ba42940db&COST_CPA=0.100000&PLACEMENT_ID=16122660&CAMPAIGN_ID=882703&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Windows&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&REMOTE_LANGUAGE=11&BANNER_ID=2569625
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c9b2l0k.php?key=wkroiqew1c9guvr0kbe2&SUB_ID_SHORT=3003e93aba92ca0c12c3d05ba42940db&COST_CPA=0.100000&PLACEMENT_ID=16122660&CAMPAIGN_ID=882703&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Windows&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&REMOTE_LANGUAGE=11&BANNER_ID=2569625 HTTP/1.1
Host: violationphysics.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://conqueredallrightswell.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.22.0
Date: Sun, 03 Dec 2023 23:34:47 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: uclick=h9ikb71ng6; expires=Mon, 04-Dec-2023 23:34:47 GMT; Max-Age=86400; path=/; secure; SameSite=none
uclickhash=h9ikb71ng6-h9ikb71ng6-hq1m-0-q5a4bl-ftxofe-ft8pdz-65bc14; expires=Mon, 04-Dec-2023 23:34:47 GMT; Max-Age=86400; path=/; secure; SameSite=none
Location: https://vvfal.rigelbetelgeuse.top/?pl=zKByXHsQK0ydGD7DogbGyA&click_id=18885h9ikb71ng6203&sub_id=16122660
Strict-Transport-Security: max-age=31536000
vvfal.rigelbetelgeuse.top/?pl=zKByXHsQK0ydGD7DogbGyA&click_id=18885h9ikb71ng6203&sub_id=16122660
0 B URL vvfal.rigelbetelgeuse.top/?pl=zKByXHsQK0ydGD7DogbGyA&click_id=18885h9ikb71ng6203&sub_id=16122660
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?pl=zKByXHsQK0ydGD7DogbGyA&click_id=18885h9ikb71ng6203&sub_id=16122660 HTTP/1.1
Host: vvfal.rigelbetelgeuse.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://conqueredallrightswell.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Sun, 03 Dec 2023 23:34:47 GMT
content-length: 0
location: https://vvfal.stonecarv.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=18885h9ikb71ng6203&sub_id=16122660&nrid=9d08814d4aec4f069d6b64f925e3b4dc&hash=FZ95mzOuuo0OleciGdClWg&exp=1701646787
set-cookie: zKByXHsQK0ydGD7DogbGyA=5; max-age=345600; path=/; samesite=lax
__pl=620d8f98-e2db-42b2-ac70-8a6e5339bd68; expires=Wed, 03 Dec 2025 23:34:47 GMT; path=/; samesite=lax
__cap=1; max-age=3600; path=/; samesite=lax
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=50Ni87uXJJLVYYdFy3oeQxKyLOaK5hISUtiH928ogoETtaZ%2Fhq9%2BR1vXflmiDOj9c1GUrniHb03au7XoklMK8TDv%2F%2FLYIV08bgT3%2FwVtWdc6YtKGWon3jXFnWc0z%2BSXpHo9lt%2Fr24LQMnE8G"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82ff9f5319d1b4fd-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
vvfal.stonecarv.top/eyes-robot/assets/1.png
11 kB URL vvfal.stonecarv.top/eyes-robot/assets/1.png
IP
File type PNG image data, 179 x 278, 8-bit colormap, non-interlaced\012- data
Hash a6fa8154cc36da494df7b5103329c15a
3a2310088bcec14f7c0187f8409a5af5395665e8
967b8859fedb2c63afc8ae6ae2839fdd40f0e26af85adc6605a629f3c0ed0837
GET /eyes-robot/assets/1.png HTTP/1.1
Host: vvfal.stonecarv.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vvfal.stonecarv.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=18885h9ikb71ng6203&sub_id=16122660&nrid=9d08814d4aec4f069d6b64f925e3b4dc&hash=FZ95mzOuuo0OleciGdClWg&exp=1701646787
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 03 Dec 2023 23:34:47 GMT
content-type: image/png
content-length: 10591
last-modified: Fri, 01 Dec 2023 10:07:50 GMT
etag: "6569b076-295f"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2995
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cV2rqaiLElEYaDAUwL281HnX4a3lDS6e3tdCi9i6LMgZA5ldHMRb14Dr7MoejHT9eVQNxcPjJLfy42%2Bx1S6UQ%2FLpu2TFUt%2FH1ISWpW2Ey5mrAn2kB6LRUMWpKPBf345qGp0oQcqd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff9f552ca9b524-OSL
alt-svc: h3=":443"; ma=86400
vvfal.stonecarv.top/eyes-robot/assets/2.png
1.1 kB URL vvfal.stonecarv.top/eyes-robot/assets/2.png
IP
File type PNG image data, 94 x 19, 8-bit colormap, non-interlaced\012- data
Hash d708fbf0358752a082f5a394b74adda8
231c1527b4b039eb3af7d7e9eb5587ed87f6ea81
09d12e3c0e65fda26b9073e70e02fb24fa6941a4a3b1b81211b6470f00769ea5
GET /eyes-robot/assets/2.png HTTP/1.1
Host: vvfal.stonecarv.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vvfal.stonecarv.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=18885h9ikb71ng6203&sub_id=16122660&nrid=9d08814d4aec4f069d6b64f925e3b4dc&hash=FZ95mzOuuo0OleciGdClWg&exp=1701646787
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 03 Dec 2023 23:34:47 GMT
content-type: image/png
content-length: 1061
last-modified: Fri, 01 Dec 2023 10:07:50 GMT
etag: "6569b076-425"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2995
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F93DSr8UWBGcVCET5YAa4pMZTJHunX4nP%2ByAqVV0zBqElClWKTy3xOpEMDsKel%2FnuXGnDhc9ursL6f8pKq3Lzu5p8J7lSJ9ZcDCFvG9qyU7noufD1wkbztMDH2K%2F6QLgDVzZTdQP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff9f552cabb524-OSL
alt-svc: h3=":443"; ma=86400
vvfal.stonecarv.top/eyes-robot/assets/trls.js
13 kB URL vvfal.stonecarv.top/eyes-robot/assets/trls.js
IP
File type Unicode text, UTF-8 text, with very long lines (362), with CRLF line terminators
Hash 0cdacbfa8d68265ac3893b159a75682a
a85878b59036d00ac878739dc187305bc29df8c3
2fb2aad4f3b3426df4bb5633b627f529940bd06d0690f6b11cfcf42f0fea3e4b
GET /eyes-robot/assets/trls.js HTTP/1.1
Host: vvfal.stonecarv.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vvfal.stonecarv.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=18885h9ikb71ng6203&sub_id=16122660&nrid=9d08814d4aec4f069d6b64f925e3b4dc&hash=FZ95mzOuuo0OleciGdClWg&exp=1701646787
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 03 Dec 2023 23:34:47 GMT
content-type: application/javascript
last-modified: Fri, 01 Dec 2023 10:07:50 GMT
etag: W/"6569b076-2af6"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2995
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yzm1msEOUwxs7g9EdCmhfJDX6Xu0lnT5r59Bd3j4FgOCP5ED7S4dn4FcF06Na59HzSHN46NiNK3U5ntu81mRieqqXp8FumU4rzAqZF8hAVjfY3I7oPTfIDMBzQZny3O6LZT1gPCh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff9f551ca5b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
vvfal.stonecarv.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=18885h9ikb71ng6203&sub_id=16122660&nrid=9d08814d4aec4f069d6b64f925e3b4dc&hash=FZ95mzOuuo0OleciGdClWg&exp=1701646787
445 B URL vvfal.stonecarv.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=18885h9ikb71ng6203&sub_id=16122660&nrid=9d08814d4aec4f069d6b64f925e3b4dc&hash=FZ95mzOuuo0OleciGdClWg&exp=1701646787
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash d091598187b0c2607db0dc04029e3457
0594d408ea97d509719300d8e4c19ce49078f55b
9f40361e807d9f0d4bbb68b5e68f9626231ae6b04fb26262190529eff247ddf8
GET /eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=18885h9ikb71ng6203&sub_id=16122660&nrid=9d08814d4aec4f069d6b64f925e3b4dc&hash=FZ95mzOuuo0OleciGdClWg&exp=1701646787 HTTP/1.1
Host: vvfal.stonecarv.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://conqueredallrightswell.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:34:47 GMT
content-type: text/html
last-modified: Fri, 01 Dec 2023 10:07:50 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tdi8yYfr3CFhdd5Q%2F%2Bhw4Y1l9%2BbrLA%2Fkyj7nk8QP9VcDOF2Qe8VaWNhx62zK3d%2BYSEALRTjNrtkatcHNkoAP1BTrQ9F%2FsuJZ6asC8ZauB8liOqO9vnoFR5xC6hIe7V2rvGnez%2B0y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82ff9f53da9a56b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cdnstatic.stonecarv.top/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=18885h9ikb71ng6203&sub_id=16122660&appspot=&d=https%3A%2F%2Fcdnstatic.stonecarv.top&timeout=30&tb=true&nrid=9d08814d4aec4f069d6b64f925e3b4dc
23 kB URL cdnstatic.stonecarv.top/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=18885h9ikb71ng6203&sub_id=16122660&appspot=&d=https%3A%2F%2Fcdnstatic.stonecarv.top&timeout=30&tb=true&nrid=9d08814d4aec4f069d6b64f925e3b4dc
IP
File type Unicode text, UTF-8 text, with very long lines (31622), with no line terminators
Hash df791f923cb11762a0890f25bdf236de
9b17c8f14d137a85015ad49190751accdf618956
ebb6766356aef9e95f5ee0917d44719ae18de3ba38d676ccd162eff77a6a8b39
GET /ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=18885h9ikb71ng6203&sub_id=16122660&appspot=&d=https%3A%2F%2Fcdnstatic.stonecarv.top&timeout=30&tb=true&nrid=9d08814d4aec4f069d6b64f925e3b4dc HTTP/1.1
Host: cdnstatic.stonecarv.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vvfal.stonecarv.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 03 Dec 2023 23:34:47 GMT
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-cache-status: BYPASS
set-cookie: __psu=d3dddbe0-3db4-4517-8c09-2aaf39dfa86f; expires=Wed, 03 Dec 2025 23:34:47 GMT; path=/; secure; samesite=none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x0O6IfI%2FNlJCl6vWleFWYl4PCB17CVEVw8ll6iPxsiUp9C1djswL5DVmbNX7KcnpZR0fkIeHpNJ9La3Jw8H3YQCnoEO6VplYZ29YS5mYA1zBwi7iJz9xIbhTZqy3Eiwh8W0BuCbURC93BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff9f557d2eb524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js
9.9 kB URL www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js
IP
File type ASCII text, with very long lines (38231)
Hash 0541b823dfaf39162ef84cf075c9951b
e0934726455558cc1a59823efada9651e33aafaa
21f1d62f222007068c793f0947d98f4ccb7c1595adb68efeb783390fdd8b5522
GET /firebasejs/10.3.1/firebase-messaging-compat.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vvfal.stonecarv.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 9934
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 05:05:32 GMT
expires: Fri, 29 Nov 2024 05:05:32 GMT
cache-control: public, max-age=31536000
age: 325756
last-modified: Thu, 31 Aug 2023 15:20:50 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Early-Data: accepted
a.stonecarv.top/eyes-robot/assets/2.png
1.1 kB URL a.stonecarv.top/eyes-robot/assets/2.png
IP
File type PNG image data, 94 x 19, 8-bit colormap, non-interlaced\012- data
Hash d708fbf0358752a082f5a394b74adda8
231c1527b4b039eb3af7d7e9eb5587ed87f6ea81
09d12e3c0e65fda26b9073e70e02fb24fa6941a4a3b1b81211b6470f00769ea5
GET /eyes-robot/assets/2.png HTTP/1.1
Host: a.stonecarv.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.stonecarv.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=18885h9ikb71ng6203&sub_id=16122660&nrid=9d08814d4aec4f069d6b64f925e3b4dc&hash=FZ95mzOuuo0OleciGdClWg&exp=1701646787
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 03 Dec 2023 23:34:48 GMT
content-type: image/png
content-length: 1061
last-modified: Fri, 01 Dec 2023 10:07:50 GMT
etag: "6569b076-425"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2816
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kLZ%2B26eNmBk2Z2ul5aARg3IxAHXZg3LBfDWkWeZ02A2rdAOTlBsf7HVnMGpHRRCid8r7f7J3JhOp%2FT8rCyja5c0xVWPqAEPiw0py4J%2BwM2URJdXYs6EiW1JSBDV%2FfgEy%2FDY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff9f57eee3b524-OSL
alt-svc: h3=":443"; ma=86400
a.stonecarv.top/eyes-robot/assets/1.png
11 kB URL a.stonecarv.top/eyes-robot/assets/1.png
IP
File type PNG image data, 179 x 278, 8-bit colormap, non-interlaced\012- data
Hash a6fa8154cc36da494df7b5103329c15a
3a2310088bcec14f7c0187f8409a5af5395665e8
967b8859fedb2c63afc8ae6ae2839fdd40f0e26af85adc6605a629f3c0ed0837
GET /eyes-robot/assets/1.png HTTP/1.1
Host: a.stonecarv.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.stonecarv.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=18885h9ikb71ng6203&sub_id=16122660&nrid=9d08814d4aec4f069d6b64f925e3b4dc&hash=FZ95mzOuuo0OleciGdClWg&exp=1701646787
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 03 Dec 2023 23:34:48 GMT
content-type: image/png
content-length: 10591
last-modified: Fri, 01 Dec 2023 10:07:50 GMT
etag: "6569b076-295f"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2816
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oI9wG%2BFnFLAkvKYWvoWUWkItfSeNgJ4K01Hz7vozzi8Hm%2Bl31Y8ZSbkCesMGkRA34mMwdRjw04XEF3HG561N7VJlqUNviFnTQ9vv91wGZL0JHe7cmsoC7a4Cz94CSBQmHbg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff9f57eee1b524-OSL
alt-svc: h3=":443"; ma=86400
a.stonecarv.top/eyes-robot/assets/trls.js
13 kB URL a.stonecarv.top/eyes-robot/assets/trls.js
IP
File type Unicode text, UTF-8 text, with very long lines (362), with CRLF line terminators
Hash 0cdacbfa8d68265ac3893b159a75682a
a85878b59036d00ac878739dc187305bc29df8c3
2fb2aad4f3b3426df4bb5633b627f529940bd06d0690f6b11cfcf42f0fea3e4b
GET /eyes-robot/assets/trls.js HTTP/1.1
Host: a.stonecarv.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.stonecarv.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=18885h9ikb71ng6203&sub_id=16122660&nrid=9d08814d4aec4f069d6b64f925e3b4dc&hash=FZ95mzOuuo0OleciGdClWg&exp=1701646787
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 03 Dec 2023 23:34:48 GMT
content-type: application/javascript
last-modified: Fri, 01 Dec 2023 10:07:50 GMT
etag: W/"6569b076-2af6"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2816
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5GpPdgt94nSl2s8xeARDP7cATJNhtEfep8R6Gw%2Fi%2F1njwW%2F7BWB6pluJi4H1a3EiYkQBGJrYYX82MwtmGjg4a%2F12Z5Jg7U7xbZwdef%2F%2F15GXOH3H%2B7gfVlcJYXb%2B%2FFU7bOM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff9f57eedab524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
a.stonecarv.top/favicon.ico
0 B URL a.stonecarv.top/favicon.ico
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: a.stonecarv.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.stonecarv.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=18885h9ikb71ng6203&sub_id=16122660&nrid=9d08814d4aec4f069d6b64f925e3b4dc&hash=FZ95mzOuuo0OleciGdClWg&exp=1701646787
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Sun, 03 Dec 2023 23:34:48 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 3357
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FOjM4IaV%2FjRmrllMXuj%2BegS%2F4GGbBmbBveBn%2F5tMF8VXNCdeK2r7qkkVvlYbt%2Fk%2FkkRTP9Lm4FrOWVE630OjBWEhIcLm4tSWCavb7KIh5PzsMtLJEPewfP%2FXHWgZnMn5B1I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff9f586f5bb524-OSL
alt-svc: h3=":443"; ma=86400
cdnstatic.stonecarv.top/ps/config.js?id=zKByXHsQK0ydGD7DogbGyA
9.5 kB URL cdnstatic.stonecarv.top/ps/config.js?id=zKByXHsQK0ydGD7DogbGyA
IP
File type ASCII text, with CRLF line terminators
Hash 512755a6a34075b4a23c875b7ae24013
f8cecb3663d1d20fcf19a10af2a47d8238636ed3
d9cc92407823fafcd54c6e83fb6b9a51fbf3a4d9c73b2f4da64243d24ce2f81a
GET /ps/config.js?id=zKByXHsQK0ydGD7DogbGyA HTTP/1.1
Host: cdnstatic.stonecarv.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.stonecarv.top/
Cookie: __psu=d3dddbe0-3db4-4517-8c09-2aaf39dfa86f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 03 Dec 2023 23:34:48 GMT
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f3Cbd%2Bs67DgIjQmYCOF6SZn9TPlbwuxAFGyj8xZCKWF2P8NjoBlvZlsvtbX%2FBxD5u4XB65%2B65QtpP7U9KLkRhijQZgMury4k4Ey%2BFZ3EulZUE2Yokzcky%2B9anGZMd7vngylYoMcPOfo1rA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff9f587f61b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js
9.9 kB URL www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js
IP
File type ASCII text, with very long lines (38231)
Hash 0541b823dfaf39162ef84cf075c9951b
e0934726455558cc1a59823efada9651e33aafaa
21f1d62f222007068c793f0947d98f4ccb7c1595adb68efeb783390fdd8b5522
GET /firebasejs/10.3.1/firebase-messaging-compat.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.stonecarv.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 9934
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 05:05:32 GMT
expires: Fri, 29 Nov 2024 05:05:32 GMT
cache-control: public, max-age=31536000
age: 325756
last-modified: Thu, 31 Aug 2023 15:20:50 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.toprevenuegate.com/zj77nccnbs?key=7c1ef88f2943ca666bff02795f23060d
1.3 kB URL www.toprevenuegate.com/zj77nccnbs?key=7c1ef88f2943ca666bff02795f23060d
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (420)
Hash f0b1458d441b0eb1a701a211be4f9b29
b77aed1c623b05e5bbcb1d55cbb3ac870aff42a0
0e95806ba40cd31a0952899343ea0844ae9b50b0b2fbd5d59c520f3ced9ed911
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /zj77nccnbs?key=7c1ef88f2943ca666bff02795f23060d HTTP/1.1
Host: www.toprevenuegate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 03 Dec 2023 23:34:48 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=19854905; expires=Mon, 04 Dec 2023 23:34:48 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxOTg1NDkwNSwiayI6IjdjMWVmODhmMjk0M2NhNjY2YmZmMDI3OTVmMjMwNjBkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyNzIyNjE4LCJwaWQiOjI0MDE2MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxOSwiYWlkIjoyOCwicHQiOjQsInBrIjoiemo3N25jY25icyIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiIiwiYXIiOltdfX0.2FQGO2YhCNPTmdlXXLBtr2hi4zXbhcFHRg0XwRi4mrk; expires=Sun, 03 Dec 2023 23:35:48 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3d0f4e33e3250f6fbaf88b4c033f8bb7
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.toprevenuegate.com/api/users?token=L3pqNzduY2NuYnM_a2V5PTdjMWVmODhmMjk0M2NhNjY2YmZmMDI3OTVmMjMwNjBkJnBzdD0xNzAxNjQ2NTQ4JnJtdGM9dCZzaHU9MmViNTcyODhmNGYzMzY3NjExYWMzYWFhNDczOGEzMGZiOWI5MWYzZTQ2ZGUyMGE0MWQ4NTA1ZWUxZmE5OGU4OGQ0ODk3OTZmYjdhOTFlNThiODUyNzM1NmY2YjUyZjYyZTBkY2MwYjkzM2EzYTE4NzFkYzMzNDZkNWYyMzY0YWY3MDVhNDcwMDhhZDVkNjE3NGI4ZTdlYmVlZThjNmZlNzk4ZWJiMWY0OTllNzhmMjE1ZDE5ODk1NzE0YTU2ZTMwN2UwNmQ2&uuid=&pii=&in=false
0 B URL www.toprevenuegate.com/api/users?token=L3pqNzduY2NuYnM_a2V5PTdjMWVmODhmMjk0M2NhNjY2YmZmMDI3OTVmMjMwNjBkJnBzdD0xNzAxNjQ2NTQ4JnJtdGM9dCZzaHU9MmViNTcyODhmNGYzMzY3NjExYWMzYWFhNDczOGEzMGZiOWI5MWYzZTQ2ZGUyMGE0MWQ4NTA1ZWUxZmE5OGU4OGQ0ODk3OTZmYjdhOTFlNThiODUyNzM1NmY2YjUyZjYyZTBkY2MwYjkzM2EzYTE4NzFkYzMzNDZkNWYyMzY0YWY3MDVhNDcwMDhhZDVkNjE3NGI4ZTdlYmVlZThjNmZlNzk4ZWJiMWY0OTllNzhmMjE1ZDE5ODk1NzE0YTU2ZTMwN2UwNmQ2&uuid=&pii=&in=false
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /api/users?token=L3pqNzduY2NuYnM_a2V5PTdjMWVmODhmMjk0M2NhNjY2YmZmMDI3OTVmMjMwNjBkJnBzdD0xNzAxNjQ2NTQ4JnJtdGM9dCZzaHU9MmViNTcyODhmNGYzMzY3NjExYWMzYWFhNDczOGEzMGZiOWI5MWYzZTQ2ZGUyMGE0MWQ4NTA1ZWUxZmE5OGU4OGQ0ODk3OTZmYjdhOTFlNThiODUyNzM1NmY2YjUyZjYyZTBkY2MwYjkzM2EzYTE4NzFkYzMzNDZkNWYyMzY0YWY3MDVhNDcwMDhhZDVkNjE3NGI4ZTdlYmVlZThjNmZlNzk4ZWJiMWY0OTllNzhmMjE1ZDE5ODk1NzE0YTU2ZTMwN2UwNmQ2&uuid=&pii=&in=false HTTP/1.1
Host: www.toprevenuegate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.toprevenuegate.com/zj77nccnbs?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=19854905
Cookie: u_pl=19854905; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxOTg1NDkwNSwiayI6IjdjMWVmODhmMjk0M2NhNjY2YmZmMDI3OTVmMjMwNjBkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyNzIyNjE4LCJwaWQiOjI0MDE2MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxOSwiYWlkIjoyOCwicHQiOjQsInBrIjoiemo3N25jY25icyIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiIiwiYXIiOltdfX0.2FQGO2YhCNPTmdlXXLBtr2hi4zXbhcFHRg0XwRi4mrk; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.19.5
Date: Sun, 03 Dec 2023 23:34:49 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://adpointrtb.com/script/s2iurl.php?stamat=m%7C%2C%2CQ2djtiJyoGU3BZ-GH0dEdHP3xP.ec7%2CH49TiZd_sQbySqve6rBxni6qQTLkiTr2iTVIzmMdA8KL60Y6pGNYEMRMm0jHlU89lH5nFOtR3nwfcKyCL1KA4OlPW7d8XynqNyEV6cRPBYrMIloQ_4v1L9cxfxmQXpd4eqFQgVulPCGMdhwu6HNo3UUwtWgkeEyO-SyJTvUG32cwytuBfsRrNrpo7FDM55-2GXMR7yRL0iz8_kmnQ0kDU0o5MjpsSJlHVvR2mi64eteUhF0BzVPFAOiKT5NypNIiz1K6Pm1vn-gG5zOgu5yp3vFG1-MtcHMAFrlvGitMVXS3wWtNYmcY1BQSoZdyAsEQF1W414et1c7wkt4BMW_atBTS1pM7uJRx_Ry7my1IBYvDX6SKONnxFRUyeLF7yvT0yZX0XR341boW2Sjd9pO93-_Y4h7e1Th0W3H2yduI1PUqs9WjSJ2TxXjY6UO6tFEXd4QswEqPrP_osF0u98e96mPmrCuBc6yzrUuEpIGR7Dp5zgN_SfIcia6iFW-gyOQGCl2GQY0W48nBv6ngJo6w-KI48heSQSfdwM4nRFyMc0iaSfI0GNQxukFbWHRdQ1vyYk7aReI6bmSSeQxrklkG8P6smHjnGQkwz1N2aDcKssZzYbrzVl66rVfLOydN4zeDyrFzCf-TWKpPEz_Mf7EDpwGW0z76qQhn4_bnGuUyP9CpSdd_40AZpRR3RjOLRl61k0HZJogkRcgHPymsgL7gyw%2C%2C&csid=1506755&s1=19854905&md=0&crid=23745634
Set-Cookie: pdhtkv=true; expires=Mon, 04 Dec 2023 23:34:49 GMT
uncs=1; expires=Mon, 04 Dec 2023 23:34:49 GMT
pdhtkv28=true; expires=Mon, 04 Dec 2023 23:34:49 GMT
uncs28=1; expires=Mon, 04 Dec 2023 23:34:49 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 91f5ff688099f31ce656db530d291068
Strict-Transport-Security: max-age=0; includeSubdomains
adpointrtb.com/favicon.ico
0 B URL adpointrtb.com/favicon.ico
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: adpointrtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 03 Dec 2023 23:34:50 GMT
content-type: image/x-icon
content-length: 0
last-modified: Thu, 10 Dec 2020 09:27:58 GMT
etag: "5fd1ea1e-0"
via: 1.1 google
cache-control: max-age=14400
cf-cache-status: HIT
age: 5100
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oBcun0bVqwfYoxi4%2BRhYkK1l1zRSJi%2BM9Qu2ZkovCHyFI9YCRmb9ec9r3S%2FsY%2F1YMzCeSjrwrQZMsJdU1h1sVhqKfKxEOq10JWnIeCkNIgCJeUO26XdbaNJcaOTnzAQwMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff9f6448d456af-OSL
alt-svc: h3=":443"; ma=86400
adpointrtb.com/script/s2iurl.php?stamat=m%7C%2C%2CQ2djtiJyoGU3BZ-GH0dEdHP3xP.ec7%2CH49TiZd_sQbySqve6rBxni6qQTLkiTr2iTVIzmMdA8KL60Y6pGNYEMRMm0jHlU89lH5nFOtR3nwfcKyCL1KA4OlPW7d8XynqNyEV6cRPBYrMIloQ_4v1L9cxfxmQXpd4eqFQgVulPCGMdhwu6HNo3UUwtWgkeEyO-SyJTvUG32cwytuBfsRrNrpo7FDM55-2GXMR7yRL0iz8_kmnQ0kDU0o5MjpsSJlHVvR2mi64eteUhF0BzVPFAOiKT5NypNIiz1K6Pm1vn-gG5zOgu5yp3vFG1-MtcHMAFrlvGitMVXS3wWtNYmcY1BQSoZdyAsEQF1W414et1c7wkt4BMW_atBTS1pM7uJRx_Ry7my1IBYvDX6SKONnxFRUyeLF7yvT0yZX0XR341boW2Sjd9pO93-_Y4h7e1Th0W3H2yduI1PUqs9WjSJ2TxXjY6UO6tFEXd4QswEqPrP_osF0u98e96mPmrCuBc6yzrUuEpIGR7Dp5zgN_SfIcia6iFW-gyOQGCl2GQY0W48nBv6ngJo6w-KI48heSQSfdwM4nRFyMc0iaSfI0GNQxukFbWHRdQ1vyYk7aReI6bmSSeQxrklkG8P6smHjnGQkwz1N2aDcKssZzYbrzVl66rVfLOydN4zeDyrFzCf-TWKpPEz_Mf7EDpwGW0z76qQhn4_bnGuUyP9CpSdd_40AZpRR3RjOLRl61k0HZJogkRcgHPymsgL7gyw%2C%2C&csid=1506755&s1=19854905&md=0&crid=23745634&treqn=42346345&rpn=1&cbrandom=0.17196203554510447&cbtitle=&cbiframe=0&cbWidth=1280&cbHeight=1024&cbdescription=&cbkeywords=&cbref=https%3A%2F%2Fwww.toprevenuegate.com%2F
302 Found 1.3 MB URL User Request GET HTTP/3 adpointrtb.com/script/s2iurl.php?stamat=m%7C%2C%2CQ2djtiJyoGU3BZ-GH0dEdHP3xP.ec7%2CH49TiZd_sQbySqve6rBxni6qQTLkiTr2iTVIzmMdA8KL60Y6pGNYEMRMm0jHlU89lH5nFOtR3nwfcKyCL1KA4OlPW7d8XynqNyEV6cRPBYrMIloQ_4v1L9cxfxmQXpd4eqFQgVulPCGMdhwu6HNo3UUwtWgkeEyO-SyJTvUG32cwytuBfsRrNrpo7FDM55-2GXMR7yRL0iz8_kmnQ0kDU0o5MjpsSJlHVvR2mi64eteUhF0BzVPFAOiKT5NypNIiz1K6Pm1vn-gG5zOgu5yp3vFG1-MtcHMAFrlvGitMVXS3wWtNYmcY1BQSoZdyAsEQF1W414et1c7wkt4BMW_atBTS1pM7uJRx_Ry7my1IBYvDX6SKONnxFRUyeLF7yvT0yZX0XR341boW2Sjd9pO93-_Y4h7e1Th0W3H2yduI1PUqs9WjSJ2TxXjY6UO6tFEXd4QswEqPrP_osF0u98e96mPmrCuBc6yzrUuEpIGR7Dp5zgN_SfIcia6iFW-gyOQGCl2GQY0W48nBv6ngJo6w-KI48heSQSfdwM4nRFyMc0iaSfI0GNQxukFbWHRdQ1vyYk7aReI6bmSSeQxrklkG8P6smHjnGQkwz1N2aDcKssZzYbrzVl66rVfLOydN4zeDyrFzCf-TWKpPEz_Mf7EDpwGW0z76qQhn4_bnGuUyP9CpSdd_40AZpRR3RjOLRl61k0HZJogkRcgHPymsgL7gyw%2C%2C&csid=1506755&s1=19854905&md=0&crid=23745634&treqn=42346345&rpn=1&cbrandom=0.17196203554510447&cbtitle=&cbiframe=0&cbWidth=1280&cbHeight=1024&cbdescription=&cbkeywords=&cbref=https%3A%2F%2Fwww.toprevenuegate.com%2F
IP
Certificate IssuerGoogle Trust Services LLC
Subjectadpointrtb.com
Fingerprint62:90:6D:7F:B8:3B:C9:43:DC:50:C7:C6:9A:80:84:89:55:21:4C:E3
ValidityMon, 16 Oct 2023 20:59:40 GMT - Sun, 14 Jan 2024 20:59:39 GMT
Size 1.3 MB (1318700 bytes)
Hash 2d8b07cd6af7d9942358805f0e179a27
ef21a955f08675dabda818ab661e36191051a077
97964888f06654d41303f5bd77a53aee8096b8f390176a98074630952d490909
GET /script/s2iurl.php?stamat=m%7C%2C%2CQ2djtiJyoGU3BZ-GH0dEdHP3xP.ec7%2CH49TiZd_sQbySqve6rBxni6qQTLkiTr2iTVIzmMdA8KL60Y6pGNYEMRMm0jHlU89lH5nFOtR3nwfcKyCL1KA4OlPW7d8XynqNyEV6cRPBYrMIloQ_4v1L9cxfxmQXpd4eqFQgVulPCGMdhwu6HNo3UUwtWgkeEyO-SyJTvUG32cwytuBfsRrNrpo7FDM55-2GXMR7yRL0iz8_kmnQ0kDU0o5MjpsSJlHVvR2mi64eteUhF0BzVPFAOiKT5NypNIiz1K6Pm1vn-gG5zOgu5yp3vFG1-MtcHMAFrlvGitMVXS3wWtNYmcY1BQSoZdyAsEQF1W414et1c7wkt4BMW_atBTS1pM7uJRx_Ry7my1IBYvDX6SKONnxFRUyeLF7yvT0yZX0XR341boW2Sjd9pO93-_Y4h7e1Th0W3H2yduI1PUqs9WjSJ2TxXjY6UO6tFEXd4QswEqPrP_osF0u98e96mPmrCuBc6yzrUuEpIGR7Dp5zgN_SfIcia6iFW-gyOQGCl2GQY0W48nBv6ngJo6w-KI48heSQSfdwM4nRFyMc0iaSfI0GNQxukFbWHRdQ1vyYk7aReI6bmSSeQxrklkG8P6smHjnGQkwz1N2aDcKssZzYbrzVl66rVfLOydN4zeDyrFzCf-TWKpPEz_Mf7EDpwGW0z76qQhn4_bnGuUyP9CpSdd_40AZpRR3RjOLRl61k0HZJogkRcgHPymsgL7gyw%2C%2C&csid=1506755&s1=19854905&md=0&crid=23745634&treqn=42346345&rpn=1&cbrandom=0.17196203554510447&cbtitle=&cbiframe=0&cbWidth=1280&cbHeight=1024&cbdescription=&cbkeywords=&cbref=https%3A%2F%2Fwww.toprevenuegate.com%2F HTTP/1.1
Host: adpointrtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Sun, 03 Dec 2023 23:34:50 GMT
content-type: text/html; charset=utf-8
location: https://record.ibetaffiliates.com/_1LOEjeN3o8q22a5QkwDt8GNd7ZgqdRLk/3/
access-control-allow-origin: *
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Euy0iW2oR7eRTvWX6IUeXANaop9igD9DM9R03QO1G%2FBb3HvX84EwJQJ0vg%2B6TU9aOHDZocnsSPY%2BIKb2SgkiVxhluCWGVjYvBaSTAmG5sVhC9k6jva3iAAVgdFyB8w0U%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82ff9f63987556af-OSL
alt-svc: h3=":443"; ma=86400
www.ibet.com/assets/backlistedIP-9ed3b537.js
200 OK 38 kB URL GET HTTP/2 www.ibet.com/assets/backlistedIP-9ed3b537.js
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerAmazon
Subjectibet.com
Fingerprint3B:AD:BE:27:EB:34:85:82:2F:7E:9B:BC:BE:33:AE:64:4D:23:C0:85
ValidityTue, 14 Mar 2023 00:00:00 GMT - Thu, 11 Apr 2024 23:59:59 GMT
File type gzip compressed data, from Unix\012- data
Hash 169dff8c87afe6801fed68a75533c905
3e10c7e103f498bbc2c9d9e0940fdc746442d126
52db025bce6c04d43d5d3af68553208cdf059df679b83d102da4d8ec8e15c5a5
GET /assets/backlistedIP-9ed3b537.js HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/assets/index-30e5ec17.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 29 Nov 2023 06:40:00 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Sun, 03 Dec 2023 09:23:22 GMT
etag: W/"8b0c80725daa24516dbd0130f58d6eb1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 648da69bb4c2221c403be08a06311d98.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: M71EwdqSMevy8jkd4K1MZpER2EJesYWfABL79HeNIetDc2co89qH7w==
age: 60809
cache-control: public, max-age=63072000
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Poppins:ital,wght@0,400;0,500;0,600;0,700;0,800;1,900&display=swap
200 OK 1.1 kB URL GET HTTP/2 fonts.googleapis.com/css2?family=Poppins:ital,wght@0,400;0,500;0,600;0,700;0,800;1,900&display=swap
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type gzip compressed data, max compression\012- data
Hash 2e7e879ef978d451c1ed6511ab80dd3b
6d409f5a02cd6eab9bd59332327e7b3f3189c5d3
a1a4bc43ff013faec3517566cd44309adec00598aaa7f4ab2af800df93d130b0
GET /css2?family=Poppins:ital,wght@0,400;0,500;0,600;0,700;0,800;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 03 Dec 2023 23:34:51 GMT
date: Sun, 03 Dec 2023 23:34:51 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
static.zdassets.com/web_widget/messenger/latest/web-widget-main-0345ad6.js
200 OK 242 kB URL GET HTTP/2 static.zdassets.com/web_widget/messenger/latest/web-widget-main-0345ad6.js
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerLet's Encrypt
Subjectzdassets.com
Fingerprint5F:75:10:F4:97:EA:C8:48:F9:4F:E6:19:19:A3:13:24:44:C1:E7:3C
ValidityMon, 23 Oct 2023 13:35:25 GMT - Sun, 21 Jan 2024 13:35:24 GMT
File type ASCII text, with very long lines (65307)
Size 242 kB (242478 bytes)
Hash 9bf48d8c4bfd9e228c1cfc260b39519b
4054de80e600a049b6261dd8a172d43d047820b0
2c3391b3367fab5d69bc80c43ae6659dac469373c823a7f709147d48fad19bcf
GET /web_widget/messenger/latest/web-widget-main-0345ad6.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:34:51 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: vBelavEzM+F4Ko+4zGWcfhsix/dqnW0c5dM2hXHExsV321LPz971FRwckA88OeSALRfoF/dRz8w=
x-amz-request-id: 5NG07683BG19B9SP
x-amz-replication-status: COMPLETED
last-modified: Mon, 06 Nov 2023 00:52:49 GMT
etag: W/"9bf48d8c4bfd9e228c1cfc260b39519b"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Tue, 05 Nov 2024 00:52:48 GMT
x-amz-version-id: MAWFo55nmJzTCV22.OVVsjgzwIcuk5qx
cf-cache-status: HIT
age: 680894
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2Fzj7bqqrO4LP3b%2Fu66dpNhB3nmXxox80ystSbRyXlmji22Q7jZEU%2FTduvU2CzcQUUKMe3FHmNvtzd2Yjk5%2BuvHI9DxypBpaDn6CDd62HMA6l8OBjj83%2ByTmFUOe5OoMq7nfCj8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 82ff9f6c39c75690-OSL
content-encoding: br
X-Firefox-Spdy: h2
ekr.zdassets.com/compose/a6120dcf-e9e8-4bb6-a19e-078213479153
200 OK 104 kB URL GET HTTP/2 ekr.zdassets.com/compose/a6120dcf-e9e8-4bb6-a19e-078213479153
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerLet's Encrypt
Subjectzdassets.com
Fingerprint5F:75:10:F4:97:EA:C8:48:F9:4F:E6:19:19:A3:13:24:44:C1:E7:3C
ValidityMon, 23 Oct 2023 13:35:25 GMT - Sun, 21 Jan 2024 13:35:24 GMT
File type JSON data\012- , ASCII text, with very long lines (1134), with no line terminators
Size 104 kB (104102 bytes)
Hash 32fc0fe12189c89e3462db2497b03f53
011134ddb3bf6a96beb6b8b66a3301e4553d2437
991c34f960adf6799ca89393db08e39969b7eb250cdbedac0d14f29f43c5438e
GET /compose/a6120dcf-e9e8-4bb6-a19e-078213479153 HTTP/1.1
Host: ekr.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ibet.com/
Origin: https://www.ibet.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:34:51 GMT
content-type: application/json; charset=utf-8
status: 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-expose-headers:
access-control-max-age: 7200
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cdn-cache-control: max-age=60
vary: Accept, Origin, Accept-Encoding
cache-control: max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
etag: W/"991c34f960adf6799ca89393db08e399"
x-request-id: 825455910f7d33ef-SEA, 825455910f7d33ef-SEA
x-runtime: 0.010788
x-zendesk-zorg: yes
cf-cache-status: HIT
age: 15
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QblvP6Vjlaij3khN5lYD7bwAW3DhsJ6PWCx1qE022M7nae9KIiOY4xy665FWZH8%2FHIcZUoy0MtZThDQbUm3gZWimXbfeLNIy%2BjEOoiwkZhPhuZMRdn5rA7b%2B7i5Tn3ZyLjw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 82ff9f6bdbae56c0-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
200 OK 191 kB URL GET HTTP/2 www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type ASCII text, with very long lines (563)
Size 191 kB (190682 bytes)
Hash 23b9dd721490a4062ba8d01454ef6ba9
efdbb7331585411f7d397dacbf51fd3e95f3031d
4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7
GET /recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ibet.com
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 190682
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 03 Dec 2023 11:52:30 GMT
expires: Mon, 02 Dec 2024 11:52:30 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 42141
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
w9lc5y04.apicdn.sanity.io/v1/data/query/production/?query=%0A%20%20%20%20*%5B_type%20%3D%3D%20%27market%27%20%26%26%20id%20%3D%3D%20%27NO%27%5D%5B0%5D%7Blicenses%5B%5D%7BlogoName%2C%22image%22%3Alogo.asset-%3Eurl%2C%22url%22%3Aurl.current%7D%7D%20%0A%20%20
200 OK 129 B URL GET HTTP/2 w9lc5y04.apicdn.sanity.io/v1/data/query/production/?query=%0A%20%20%20%20*%5B_type%20%3D%3D%20%27market%27%20%26%26%20id%20%3D%3D%20%27NO%27%5D%5B0%5D%7Blicenses%5B%5D%7BlogoName%2C%22image%22%3Alogo.asset-%3Eurl%2C%22url%22%3Aurl.current%7D%7D%20%0A%20%20
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerSectigo Limited
Subject*.apicdn.sanity.io
FingerprintA5:1C:16:FF:52:AD:72:FC:C8:DD:BF:3A:CC:96:55:F4:B5:CA:F5:49
ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 279e25fad4c2ee2317c314cbe9763419
b97dab5d41f0d1f2c3749f4c9fc9694a596ece44
d00bb6e3d71161cb364606d8cf7ed16a32223d1e746d699053e2d46273d6a655
GET /v1/data/query/production/?query=%0A%20%20%20%20*%5B_type%20%3D%3D%20%27market%27%20%26%26%20id%20%3D%3D%20%27NO%27%5D%5B0%5D%7Blicenses%5B%5D%7BlogoName%2C%22image%22%3Alogo.asset-%3Eurl%2C%22url%22%3Aurl.current%7D%7D%20%0A%20%20 HTTP/1.1
Host: w9lc5y04.apicdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ibet.com
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=utf-8
date: Sun, 03 Dec 2023 22:39:26 GMT
server-timing: api;dur=10
x-sanity-shard: gcp-eu-w1-01-prod-1046
access-control-allow-origin: https://www.ibet.com
access-control-expose-headers: Content-Type, Content-Length, ETag, X-Sanity-Deprecated, X-Sanity-Warning
access-control-max-age: 600
strict-transport-security: max-age=63072000; includeSubDomains; preload
apicdn-cache-control: public, max-age=60, s-maxage=3600, stale-while-revalidate=60, stale-if-error=7200
content-encoding: br
x-sanity-age: 3325
cache-control: public, max-age=60, s-maxage=60, stale-while-revalidate=15, stale-if-error=7200
vary: accept-encoding, origin
accept-ranges: bytes
content-length: 129
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
w9lc5y04.apicdn.sanity.io/v1/data/query/production/?query=%0A%20%20%20%20*%5B_type%20%3D%3D%20%27staticPage%27%20%26%26%20pageCategory%20match%20%22information%22%20%26%26%20!(%22NO%22%20in%20excludedMarkets%5B%5D-%3Eid)%5D%20%7C%20order(_createdAt%20asc)%7B...%2C%22onlyShowMarkets%22%3A%20onlyShowMarkets%5B%5D%20-%3E%20id%7D%20%0A%20%20
200 OK 3.3 kB URL GET HTTP/2 w9lc5y04.apicdn.sanity.io/v1/data/query/production/?query=%0A%20%20%20%20*%5B_type%20%3D%3D%20%27staticPage%27%20%26%26%20pageCategory%20match%20%22information%22%20%26%26%20!(%22NO%22%20in%20excludedMarkets%5B%5D-%3Eid)%5D%20%7C%20order(_createdAt%20asc)%7B...%2C%22onlyShowMarkets%22%3A%20onlyShowMarkets%5B%5D%20-%3E%20id%7D%20%0A%20%20
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerSectigo Limited
Subject*.apicdn.sanity.io
FingerprintA5:1C:16:FF:52:AD:72:FC:C8:DD:BF:3A:CC:96:55:F4:B5:CA:F5:49
ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (13538), with no line terminators
Hash d2c2d64c4984db123dafc929ad06b170
a21d4592a38b31e9cb4a2360b62afb9c8196debf
9eaf3ba226476635f96796a4443234a5a1a4b14df55b95ecf150990914824c34
GET /v1/data/query/production/?query=%0A%20%20%20%20*%5B_type%20%3D%3D%20%27staticPage%27%20%26%26%20pageCategory%20match%20%22information%22%20%26%26%20!(%22NO%22%20in%20excludedMarkets%5B%5D-%3Eid)%5D%20%7C%20order(_createdAt%20asc)%7B...%2C%22onlyShowMarkets%22%3A%20onlyShowMarkets%5B%5D%20-%3E%20id%7D%20%0A%20%20 HTTP/1.1
Host: w9lc5y04.apicdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ibet.com
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=utf-8
date: Sun, 03 Dec 2023 22:38:29 GMT
server-timing: api;dur=28
x-sanity-shard: gcp-eu-w1-01-prod-1046
access-control-allow-origin: https://www.ibet.com
access-control-expose-headers: Content-Type, Content-Length, ETag, X-Sanity-Deprecated, X-Sanity-Warning
access-control-max-age: 600
strict-transport-security: max-age=63072000; includeSubDomains; preload
apicdn-cache-control: public, max-age=60, s-maxage=3600, stale-while-revalidate=60, stale-if-error=7200
content-encoding: br
x-sanity-age: 3382
cache-control: public, max-age=60, s-maxage=60, stale-while-revalidate=15, stale-if-error=7200
vary: accept-encoding, origin
accept-ranges: bytes
content-length: 3300
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/en-us-json-0345ad6.js
200 OK 3.1 kB URL GET HTTP/2 static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/en-us-json-0345ad6.js
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerLet's Encrypt
Subjectzdassets.com
Fingerprint5F:75:10:F4:97:EA:C8:48:F9:4F:E6:19:19:A3:13:24:44:C1:E7:3C
ValidityMon, 23 Oct 2023 13:35:25 GMT - Sun, 21 Jan 2024 13:35:24 GMT
File type Unicode text, UTF-8 text, with very long lines (16197), with no line terminators
Hash 2d7a163ff937b4b9ea7ab13e6c8dfadf
62a58250b9a97b31a4785e7910b9ab7c15d8690f
c7cb8909e7bd8908268de5793534d73028ccceed62364ef9d1b04bf1e40e41ad
GET /web_widget/messenger/latest/web-widget-locales/messenger/en-us-json-0345ad6.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:34:51 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: qZFLuR4kjTOJ4X6pKBpHTui6s7i5iQiwp8gWBhmslcxwoAx9FWXKb9Sc0ZhAo/pqa9sJSapEysNsHH8DC8bD8g==
x-amz-request-id: 5NGF411GQRJVD72J
x-amz-replication-status: COMPLETED
last-modified: Mon, 06 Nov 2023 00:52:51 GMT
etag: W/"2d7a163ff937b4b9ea7ab13e6c8dfadf"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Tue, 05 Nov 2024 00:52:50 GMT
x-amz-version-id: SVieg7ebyluTA_U51KpD8k4UW9CnNoR3
cf-cache-status: HIT
age: 837479
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=evvgCqX0QPQf38FGwB1u%2BdGBmM27avAePkS%2BEo0WN%2FTCcMjhKqt6CVTov3NAHetvhIAiPazhZeO%2BZuJ8%2FpRhtsaiYQrk%2FFvYOhJXcx8Z9vV%2FX1OpdSWgQEmfYwfWomkUAKJB4%2FQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 82ff9f6d8b3b5690-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
200 OK 25 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
IP
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lez22YkAAAAAN9nQzcmAGTdF-scvWXe7SQRP5t2&co=aHR0cHM6Ly93d3cuaWJldC5jb206NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=c2coqpl3gdy6
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type ASCII text, with very long lines (56398), with no line terminators
Hash eb4bc511f79f7a1573b45f5775b3a99b
d910fb51ad7316aa54f055079374574698e74b35
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
GET /recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24606
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 03 Dec 2023 19:06:15 GMT
expires: Mon, 02 Dec 2024 19:06:15 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
content-type: text/css
vary: Accept-Encoding
age: 16117
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
200 OK 191 kB URL GET HTTP/2 www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type ASCII text, with very long lines (563)
Size 191 kB (190682 bytes)
Hash 23b9dd721490a4062ba8d01454ef6ba9
efdbb7331585411f7d397dacbf51fd3e95f3031d
4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7
GET /recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 190682
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 03 Dec 2023 11:52:30 GMT
expires: Mon, 02 Dec 2024 11:52:30 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 42142
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
d1w3v8ahdm9uzk.cloudfront.net/prod/api/v1/player/access/context
200 OK 370 B URL GET HTTP/2 d1w3v8ahdm9uzk.cloudfront.net/prod/api/v1/player/access/context
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT
File type JSON data\012- , ASCII text
Hash a9058bcafaa20f452059d17d71366809
36aafe52e527968827415e32b53af7d537ac2ff9
181dd6c8374efe4830ed13c69dc30510b272911f318ab3ca6e0f1d80f421ca15
GET /prod/api/v1/player/access/context HTTP/1.1
Host: d1w3v8ahdm9uzk.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ibet.com
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/json
content-length: 370
date: Sun, 03 Dec 2023 23:34:52 GMT
x-amzn-requestid: 1f6236d1-8fca-4d96-8720-8e2e9bbaba3e
access-control-allow-origin: *
x-amz-apigw-id: PY-IcGJkDoEEakQ=
x-amzn-trace-id: Root=1-656d109c-177f28781374ccb42b0f9aa1
via: 1.1 fc6bcc0c05113295fc38d1c274344ae4.cloudfront.net (CloudFront), 1.1 5e29eae3156522edc7886df59287259c.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-pop: ARN1-C1, ARN56-P1
x-amz-cf-id: lR08j0860uNqm761YFVbjUNVEFsGn3pxrXjJLYaBuwQMeydqEu10DQ==
X-Firefox-Spdy: h2
www.ibet.com/fonts/OpenSans-SemiBold.ttf
200 OK 95 kB URL GET HTTP/2 www.ibet.com/fonts/OpenSans-SemiBold.ttf
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerAmazon
Subjectibet.com
Fingerprint3B:AD:BE:27:EB:34:85:82:2F:7E:9B:BC:BE:33:AE:64:4D:23:C0:85
ValidityTue, 14 Mar 2023 00:00:00 GMT - Thu, 11 Apr 2024 23:59:59 GMT
File type gzip compressed data, from Unix\012- data
Hash 35e4d8ba6d303431606c2c3e33df3033
00e310f500a663d821d7e8266ff2131cfd64b33d
c540601e9dbb0a3d4c751116a6bc0b146f10ad65a2aa44ea9b8a35a62c4cab0a
GET /fonts/OpenSans-SemiBold.ttf HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: font/ttf
last-modified: Wed, 29 Nov 2023 06:40:01 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Sun, 03 Dec 2023 09:23:22 GMT
etag: W/"ba5cde21eeea0d57ab7efefc99596cce"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 648da69bb4c2221c403be08a06311d98.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: ioFU31AtajIHsKJ4U1JLgyV4tgQdkjYvzEVTbiJBrO85O3j_bQKE0Q==
age: 77373
cache-control: public, max-age=63072000
X-Firefox-Spdy: h2
static.zdassets.com/web_widget/messenger/latest/web-widget-4852-0345ad6.js
200 OK 63 kB URL GET HTTP/2 static.zdassets.com/web_widget/messenger/latest/web-widget-4852-0345ad6.js
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerLet's Encrypt
Subjectzdassets.com
Fingerprint5F:75:10:F4:97:EA:C8:48:F9:4F:E6:19:19:A3:13:24:44:C1:E7:3C
ValidityMon, 23 Oct 2023 13:35:25 GMT - Sun, 21 Jan 2024 13:35:24 GMT
File type ASCII text, with very long lines (65307)
Hash ea51d3eb674c1f286144bbe26ba05c86
290e1d8b1c4d22825f2a275999b8552cf3361529
3e53f18a73c934fe1c7f3c4aa74c209a907f0ac4bd954d1747a4e82207591917
GET /web_widget/messenger/latest/web-widget-4852-0345ad6.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:34:51 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: /+Qy09rCveMHskIZI+PJKetU3q6Nkqz5jjPjqH/ZfgNUiEx2byBIqEjrFqMpsyKr8rZtjFRl1WU=
x-amz-request-id: JMDS7988V7JWXH58
x-amz-replication-status: COMPLETED
last-modified: Mon, 06 Nov 2023 00:52:49 GMT
etag: W/"ea51d3eb674c1f286144bbe26ba05c86"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Tue, 05 Nov 2024 00:52:48 GMT
x-amz-version-id: LLGa90fsv7bQUGdN2N0k5kLPN0aE.36G
cf-cache-status: HIT
age: 506022
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CsZRh9XKvx%2F6PUWz7%2BctS2eBzh%2BtA2nTwR0plrzFk2Y%2B2icSN%2BwYDB7SgnANy%2F6QaXxtwu5TEsFt6rB3tkYdngoY1znnGc%2BYphSjMyMAUO99eCWwvlcqa3h5v9ZeVMra6H9PcWI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 82ff9f6d8b3c5690-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.ibet.com/assets/index-60a5f78a.css
200 OK 28 kB URL GET HTTP/2 www.ibet.com/assets/index-60a5f78a.css
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerAmazon
Subjectibet.com
Fingerprint3B:AD:BE:27:EB:34:85:82:2F:7E:9B:BC:BE:33:AE:64:4D:23:C0:85
ValidityTue, 14 Mar 2023 00:00:00 GMT - Thu, 11 Apr 2024 23:59:59 GMT
File type gzip compressed data, from Unix\012- data
Hash e5499d02d90e71ab2cb07599675e3a02
7796549a3dc73cc9b62dbfbd8e18d78f4b820d47
79134639de92a91297345bf68a59a5e35575af5ca906f2d316f0dfe5277c9eb6
GET /assets/index-60a5f78a.css HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Wed, 29 Nov 2023 06:40:01 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Sun, 03 Dec 2023 09:23:22 GMT
etag: W/"05deac096551787dca12f46f0e3a3414"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 648da69bb4c2221c403be08a06311d98.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: YfVtSLQUVG_PwIwIi0Mkn0Ctu3P0CZNI2jgdelEQLW_p-4YA5diJsQ==
age: 60827
cache-control: public, max-age=63072000
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
200 OK 191 kB URL GET HTTP/2 www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type ASCII text, with very long lines (563)
Size 191 kB (190682 bytes)
Hash 23b9dd721490a4062ba8d01454ef6ba9
efdbb7331585411f7d397dacbf51fd3e95f3031d
4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7
GET /recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 190682
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 03 Dec 2023 11:52:30 GMT
expires: Mon, 02 Dec 2024 11:52:30 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 42142
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/api2/logo_48.png
200 OK 2.2 kB URL GET HTTP/3 www.gstatic.com/recaptcha/api2/logo_48.png
IP
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lez22YkAAAAAN9nQzcmAGTdF-scvWXe7SQRP5t2&co=aHR0cHM6Ly93d3cuaWJldC5jb206NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=c2coqpl3gdy6
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash ef9941290c50cd3866e2ba6b793f010d
4736508c795667dcea21f8d864233031223b7832
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:37:43 GMT
expires: Wed, 06 Dec 2023 21:37:43 GMT
cache-control: public, max-age=604800
age: 352629
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.google.com/recaptcha/api2/webworker.js?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed
200 OK 318 B URL GET HTTP/3 www.google.com/recaptcha/api2/webworker.js?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed
IP
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lez22YkAAAAAN9nQzcmAGTdF-scvWXe7SQRP5t2&co=aHR0cHM6Ly93d3cuaWJldC5jb206NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=c2coqpl3gdy6
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type gzip compressed data\012- data
Hash 467afb6b725dcb10e905929e46da0be0
95d445f48ffe4b71a7956a12a0885e8fb09824c7
cc89b1ba1e8c2310e33fc3dbc8b9966bbcd1a429531d50c5dddc6075893d2283
GET /recaptcha/api2/webworker.js?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lez22YkAAAAAN9nQzcmAGTdF-scvWXe7SQRP5t2&co=aHR0cHM6Ly93d3cuaWJldC5jb206NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=c2coqpl3gdy6
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/javascript; charset=utf-8
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sun, 03 Dec 2023 23:34:52 GMT
date: Sun, 03 Dec 2023 23:34:52 GMT
cache-control: private, max-age=300
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.ibet.com/assets/AffiliateId-c3403b19.js
200 OK 213 B URL GET HTTP/2 www.ibet.com/assets/AffiliateId-c3403b19.js
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerAmazon
Subjectibet.com
Fingerprint3B:AD:BE:27:EB:34:85:82:2F:7E:9B:BC:BE:33:AE:64:4D:23:C0:85
ValidityTue, 14 Mar 2023 00:00:00 GMT - Thu, 11 Apr 2024 23:59:59 GMT
Hash 0575a74ef921837b7cbd8a45bb00f579
31eb43089e6d420274d4018c63a3a4f0422579f0
17a9c1c162a3ba1b865de2e00b72922afa9dcc880634ec2c02c89137151200b8
GET /assets/AffiliateId-c3403b19.js HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/assets/index-30e5ec17.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 213
last-modified: Wed, 29 Nov 2023 06:40:00 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Sun, 03 Dec 2023 06:47:50 GMT
etag: "0575a74ef921837b7cbd8a45bb00f579"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 648da69bb4c2221c403be08a06311d98.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: 25D7ZsnrTzE6kYRZQXNF8Z4xVYD96UjG5AbaB__lNHAGYff1USOR9g==
age: 60827
cache-control: public, max-age=63072000
X-Firefox-Spdy: h2
www.ibet.com/assets/ScrollToTopOnRouteChange-b7b9872e.js
200 OK 154 B URL GET HTTP/2 www.ibet.com/assets/ScrollToTopOnRouteChange-b7b9872e.js
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerAmazon
Subjectibet.com
Fingerprint3B:AD:BE:27:EB:34:85:82:2F:7E:9B:BC:BE:33:AE:64:4D:23:C0:85
ValidityTue, 14 Mar 2023 00:00:00 GMT - Thu, 11 Apr 2024 23:59:59 GMT
Hash cb2a3a1b32fe146170d6a5b87b0f7f7f
0d2aeb9d573b0880079266a623bc09cd043f6718
ec8723b358dafee702ecc688b28bf8ec6eb775e17fc5fda87896b0b225677332
GET /assets/ScrollToTopOnRouteChange-b7b9872e.js HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/assets/index-30e5ec17.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 154
last-modified: Wed, 29 Nov 2023 06:40:00 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Sun, 03 Dec 2023 11:01:16 GMT
etag: "cb2a3a1b32fe146170d6a5b87b0f7f7f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 648da69bb4c2221c403be08a06311d98.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: LMyDHw4ipcy-uF_iOnfhu3I1vFy5Hzi0xzaOLgR9Mb2WmLsmLvk3ug==
age: 45231
cache-control: public, max-age=63072000
X-Firefox-Spdy: h2
www.ibet.com/assets/MaxAttemptsModal-dd620200.js
200 OK 842 B URL GET HTTP/2 www.ibet.com/assets/MaxAttemptsModal-dd620200.js
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerAmazon
Subjectibet.com
Fingerprint3B:AD:BE:27:EB:34:85:82:2F:7E:9B:BC:BE:33:AE:64:4D:23:C0:85
ValidityTue, 14 Mar 2023 00:00:00 GMT - Thu, 11 Apr 2024 23:59:59 GMT
File type Java source, ASCII text, with very long lines (841)
Hash dc8a4b0a4f97e6de8408e2e9bc3fc5ae
73a05aa1d1d491779dd9d34bd7a076b997b650ab
cf334e8d200a09c0534e275c39ff430bb7e1fd3a140392776c9a35f788933efe
GET /assets/MaxAttemptsModal-dd620200.js HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 842
last-modified: Wed, 29 Nov 2023 06:40:00 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Sun, 03 Dec 2023 06:47:50 GMT
etag: "dc8a4b0a4f97e6de8408e2e9bc3fc5ae"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 648da69bb4c2221c403be08a06311d98.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: oWFLVC8qhwEWwTS6ZXOAmsrdbvv6EBB2tGSFvQj2JH4lsJ_Li_w_Lg==
age: 60827
cache-control: public, max-age=63072000
X-Firefox-Spdy: h2
www.ibet.com/assets/styles-f8a3902f.js
200 OK 332 B URL GET HTTP/2 www.ibet.com/assets/styles-f8a3902f.js
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerAmazon
Subjectibet.com
Fingerprint3B:AD:BE:27:EB:34:85:82:2F:7E:9B:BC:BE:33:AE:64:4D:23:C0:85
ValidityTue, 14 Mar 2023 00:00:00 GMT - Thu, 11 Apr 2024 23:59:59 GMT
File type Java source, ASCII text, with very long lines (331)
Hash 334dcc6ed1956f27a3a2b6268d69ea68
67c64ba08ccc30a3b0570d193df8ce59f9b4c768
b00ee5d93c1fe3c66e8074688373526445bbead72dae0ff920e34ab7c6607804
GET /assets/styles-f8a3902f.js HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 332
last-modified: Wed, 29 Nov 2023 06:40:01 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Sun, 03 Dec 2023 11:01:16 GMT
etag: "334dcc6ed1956f27a3a2b6268d69ea68"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 648da69bb4c2221c403be08a06311d98.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: nymL_17XEgMUqAoHwoBQNWm-B2X7VY7B38gEteufEEFbhgU5XfPtoQ==
age: 45231
cache-control: public, max-age=63072000
X-Firefox-Spdy: h2
www.ibet.com/assets/constants-ce1ae330.js
200 OK 353 B URL GET HTTP/2 www.ibet.com/assets/constants-ce1ae330.js
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerAmazon
Subjectibet.com
Fingerprint3B:AD:BE:27:EB:34:85:82:2F:7E:9B:BC:BE:33:AE:64:4D:23:C0:85
ValidityTue, 14 Mar 2023 00:00:00 GMT - Thu, 11 Apr 2024 23:59:59 GMT
File type Java source, ASCII text, with very long lines (352)
Hash 2297fefb1bb194fe4ea1a41702e9d025
89423abe6c45d14e2aa323cc32c05a6e1a6f0926
29a4bfacf6dc172499fd03a76caca200b712415cc029c59bb0429992912b09e8
GET /assets/constants-ce1ae330.js HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 353
last-modified: Wed, 29 Nov 2023 06:40:01 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Sun, 03 Dec 2023 06:48:55 GMT
etag: "2297fefb1bb194fe4ea1a41702e9d025"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 648da69bb4c2221c403be08a06311d98.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: alsALO11EYyVKLQ9dV-2CYNkeakoVmqXWWzG5Tz911MX5XS89Uyzgw==
age: 60827
cache-control: public, max-age=63072000
X-Firefox-Spdy: h2
www.ibet.com/assets/useLiveChat.hooks-f83ca73c.js
200 OK 100 B URL GET HTTP/2 www.ibet.com/assets/useLiveChat.hooks-f83ca73c.js
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerAmazon
Subjectibet.com
Fingerprint3B:AD:BE:27:EB:34:85:82:2F:7E:9B:BC:BE:33:AE:64:4D:23:C0:85
ValidityTue, 14 Mar 2023 00:00:00 GMT - Thu, 11 Apr 2024 23:59:59 GMT
Hash e77021857d3bbd13fee524a93ce91151
7056644d3cd5bbe173dac97df69289f5acedb546
ca74e8fd116839f1290ca08b66f3bd64197d38190322439a2734dcf5549c8747
GET /assets/useLiveChat.hooks-f83ca73c.js HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 100
last-modified: Wed, 29 Nov 2023 06:40:01 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Sun, 03 Dec 2023 06:48:55 GMT
etag: "e77021857d3bbd13fee524a93ce91151"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 648da69bb4c2221c403be08a06311d98.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: q1b-BqW8HJAcd-L3rHSAywnLmPzR-1X9EKm8pCFEQury2QV4zOJu-g==
age: 60827
cache-control: public, max-age=63072000
X-Firefox-Spdy: h2
www.ibet.com/assets/ButtonAuth-b5d864f6.js
200 OK 506 B URL GET HTTP/2 www.ibet.com/assets/ButtonAuth-b5d864f6.js
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerAmazon
Subjectibet.com
Fingerprint3B:AD:BE:27:EB:34:85:82:2F:7E:9B:BC:BE:33:AE:64:4D:23:C0:85
ValidityTue, 14 Mar 2023 00:00:00 GMT - Thu, 11 Apr 2024 23:59:59 GMT
File type Java source, ASCII text, with very long lines (505)
Hash 7f4b32411376323ef4e3f24630d1f916
579bb21c66986d2684ba158ee651d681a4f98084
a59474e327aaf4ed81365e8995f557868cb52e038d2ffd59cea03ab3aa09f84a
GET /assets/ButtonAuth-b5d864f6.js HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 506
last-modified: Wed, 29 Nov 2023 06:40:00 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Sun, 03 Dec 2023 06:47:50 GMT
etag: "7f4b32411376323ef4e3f24630d1f916"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 648da69bb4c2221c403be08a06311d98.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: BQF7d9LW8bExIUKxYyaoKlyeGuP05De-aJpWYe1xQne6euKD9oaFPg==
age: 60827
cache-control: public, max-age=63072000
X-Firefox-Spdy: h2
www.ibet.com/assets/ExternalLink-a6f0c675.js
200 OK 225 B URL GET HTTP/2 www.ibet.com/assets/ExternalLink-a6f0c675.js
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerAmazon
Subjectibet.com
Fingerprint3B:AD:BE:27:EB:34:85:82:2F:7E:9B:BC:BE:33:AE:64:4D:23:C0:85
ValidityTue, 14 Mar 2023 00:00:00 GMT - Thu, 11 Apr 2024 23:59:59 GMT
Hash 00d93f8e5ee6bab0a74a73217a9a40d8
254d8018bea89e95c92fb1fe065a122a347cc933
1bec3afa784cd84bffe195103734e328b1ac9bab4556e195889c7e1dc924584c
GET /assets/ExternalLink-a6f0c675.js HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 225
last-modified: Wed, 29 Nov 2023 06:40:00 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Sun, 03 Dec 2023 06:47:50 GMT
etag: "00d93f8e5ee6bab0a74a73217a9a40d8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 648da69bb4c2221c403be08a06311d98.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: cX2KLeieNLyXfB806iruKlgODO4sLZRKL6lyB7VLgr5SnmHtyPaWDw==
age: 60827
cache-control: public, max-age=63072000
X-Firefox-Spdy: h2
www.ibet.com/assets/MaxAttemptsModal-dd620200.js
200 OK 842 B URL GET HTTP/2 www.ibet.com/assets/MaxAttemptsModal-dd620200.js
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerAmazon
Subjectibet.com
Fingerprint3B:AD:BE:27:EB:34:85:82:2F:7E:9B:BC:BE:33:AE:64:4D:23:C0:85
ValidityTue, 14 Mar 2023 00:00:00 GMT - Thu, 11 Apr 2024 23:59:59 GMT
File type Java source, ASCII text, with very long lines (841)
Hash dc8a4b0a4f97e6de8408e2e9bc3fc5ae
73a05aa1d1d491779dd9d34bd7a076b997b650ab
cf334e8d200a09c0534e275c39ff430bb7e1fd3a140392776c9a35f788933efe
GET /assets/MaxAttemptsModal-dd620200.js HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/assets/index-30e5ec17.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 842
last-modified: Wed, 29 Nov 2023 06:40:00 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Sun, 03 Dec 2023 06:47:50 GMT
etag: "dc8a4b0a4f97e6de8408e2e9bc3fc5ae"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 648da69bb4c2221c403be08a06311d98.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: T7tPc_MSz-X4aa8iiymkRg7O6gW2X-gtTY26AvI5A9wGrzXL9Ew1cw==
age: 60827
cache-control: public, max-age=63072000
X-Firefox-Spdy: h2
www.ibet.com/js/iovation/loader.js
200 OK 2.0 kB URL GET HTTP/2 www.ibet.com/js/iovation/loader.js
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerAmazon
Subjectibet.com
Fingerprint3B:AD:BE:27:EB:34:85:82:2F:7E:9B:BC:BE:33:AE:64:4D:23:C0:85
ValidityTue, 14 Mar 2023 00:00:00 GMT - Thu, 11 Apr 2024 23:59:59 GMT
File type gzip compressed data, from Unix\012- data
Hash aac23fda84fb7232830a24ec3f024622
5476959d8f0f4d8e6d56c5ab42285936a2594c50
3b0317ef54dc13522f04b0dab1b839f6eb076c45e430e7477ab734b659a3f4cf
GET /js/iovation/loader.js HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 29 Nov 2023 06:40:01 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Sun, 03 Dec 2023 09:23:24 GMT
etag: W/"345143e355b88a10dd5e7e47b83f2348"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 648da69bb4c2221c403be08a06311d98.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: dH-oL8QnZLLuxEhjqXL-a3_IsCQqh0cq5FLR1rEtKw7unUyjtV9CNQ==
age: 60827
cache-control: public, max-age=63072000
X-Firefox-Spdy: h2
www.ibet.com/assets/StaticPageFromCMS-efd42385.js
200 OK 18 kB URL GET HTTP/2 www.ibet.com/assets/StaticPageFromCMS-efd42385.js
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerAmazon
Subjectibet.com
Fingerprint3B:AD:BE:27:EB:34:85:82:2F:7E:9B:BC:BE:33:AE:64:4D:23:C0:85
ValidityTue, 14 Mar 2023 00:00:00 GMT - Thu, 11 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (24026)
Hash f2e6f01a0356297e3e8706ba00d26677
31b46d1752c7fcff34c2ecd1ded8d580e7f59a47
bfb7e45f885cb040e1089462dcc946edd6e7ab973bb5f3a7cffe1af4393aada9
GET /assets/StaticPageFromCMS-efd42385.js HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 29 Nov 2023 06:40:00 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
date: Sun, 03 Dec 2023 06:41:01 GMT
etag: W/"f2e6f01a0356297e3e8706ba00d26677"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 648da69bb4c2221c403be08a06311d98.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: W9XGAz3bNlP8btJIG-zlTXDCjNCCR_rlQ360CPjQM8GuKfux9iOX7g==
age: 60832
cache-control: public, max-age=63072000
X-Firefox-Spdy: h2
www.ibet.com/assets/ExternalLink-a6f0c675.js
200 OK 225 B URL GET HTTP/2 www.ibet.com/assets/ExternalLink-a6f0c675.js
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerAmazon
Subjectibet.com
Fingerprint3B:AD:BE:27:EB:34:85:82:2F:7E:9B:BC:BE:33:AE:64:4D:23:C0:85
ValidityTue, 14 Mar 2023 00:00:00 GMT - Thu, 11 Apr 2024 23:59:59 GMT
Hash 00d93f8e5ee6bab0a74a73217a9a40d8
254d8018bea89e95c92fb1fe065a122a347cc933
1bec3afa784cd84bffe195103734e328b1ac9bab4556e195889c7e1dc924584c
GET /assets/ExternalLink-a6f0c675.js HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/assets/CookiesNotification-d32d680f.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 225
last-modified: Wed, 29 Nov 2023 06:40:00 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Sun, 03 Dec 2023 06:47:50 GMT
etag: "00d93f8e5ee6bab0a74a73217a9a40d8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 648da69bb4c2221c403be08a06311d98.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: -8hhehux0tcHJifGmzyTQojHV0_USpz0v7A4MPWvEmEu9AxIPKWAcw==
age: 60827
cache-control: public, max-age=63072000
X-Firefox-Spdy: h2
www.ibet.com/assets/BlockContent-93a6cf91.js
200 OK 3.8 kB URL GET HTTP/2 www.ibet.com/assets/BlockContent-93a6cf91.js
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerAmazon
Subjectibet.com
Fingerprint3B:AD:BE:27:EB:34:85:82:2F:7E:9B:BC:BE:33:AE:64:4D:23:C0:85
ValidityTue, 14 Mar 2023 00:00:00 GMT - Thu, 11 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (5198)
Hash 1db4c2f5aa861d0026a7bbbdc169c010
50246f2d7458c060f6e143cd35c7e223c1bc8710
9fe19a83ebc72ecf1172c0fed92690137f7e9198ed58f11261e48f6638149daf
GET /assets/BlockContent-93a6cf91.js HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 29 Nov 2023 06:40:00 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
date: Sun, 03 Dec 2023 06:48:55 GMT
etag: W/"1db4c2f5aa861d0026a7bbbdc169c010"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 648da69bb4c2221c403be08a06311d98.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: RNoGDo9kTXXxWvFFcygaIX22Eu_WS20tf0SY9I9WiqOPMwIUfAFiOw==
age: 60827
cache-control: public, max-age=63072000
X-Firefox-Spdy: h2
www.ibet.com/assets/ButtonAuth-b5d864f6.js
200 OK 506 B URL GET HTTP/2 www.ibet.com/assets/ButtonAuth-b5d864f6.js
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerAmazon
Subjectibet.com
Fingerprint3B:AD:BE:27:EB:34:85:82:2F:7E:9B:BC:BE:33:AE:64:4D:23:C0:85
ValidityTue, 14 Mar 2023 00:00:00 GMT - Thu, 11 Apr 2024 23:59:59 GMT
File type Java source, ASCII text, with very long lines (505)
Hash 7f4b32411376323ef4e3f24630d1f916
579bb21c66986d2684ba158ee651d681a4f98084
a59474e327aaf4ed81365e8995f557868cb52e038d2ffd59cea03ab3aa09f84a
GET /assets/ButtonAuth-b5d864f6.js HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/assets/index-fbfbf194.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 506
last-modified: Wed, 29 Nov 2023 06:40:00 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Sun, 03 Dec 2023 06:47:50 GMT
etag: "7f4b32411376323ef4e3f24630d1f916"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 648da69bb4c2221c403be08a06311d98.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: wMakUWwXU2WL3cjunyY7bTQiCq-r87fazFsEFsPkrScc3OeBiHbbDA==
age: 60827
cache-control: public, max-age=63072000
X-Firefox-Spdy: h2
www.ibet.com/assets/index-e5fc44ce.css
200 OK 64 B URL GET HTTP/2 www.ibet.com/assets/index-e5fc44ce.css
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerAmazon
Subjectibet.com
Fingerprint3B:AD:BE:27:EB:34:85:82:2F:7E:9B:BC:BE:33:AE:64:4D:23:C0:85
ValidityTue, 14 Mar 2023 00:00:00 GMT - Thu, 11 Apr 2024 23:59:59 GMT
Hash 778d509cc7840959ba2e8cda2296b305
012226239a50c7c16ecd6c743a40763b59a0e22c
e5fc44ce35d212a668da83a33e02b3f100ccba3b1833eb0568db195f28454f8f
GET /assets/index-e5fc44ce.css HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 64
last-modified: Wed, 29 Nov 2023 06:40:01 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Sun, 03 Dec 2023 06:47:51 GMT
etag: "778d509cc7840959ba2e8cda2296b305"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 648da69bb4c2221c403be08a06311d98.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: H_DCL_EzTXMlnYIm23CtuFhExkk8fJZO9KSHkWvaaEuSP_cSxkshHQ==
age: 60622
cache-control: public, max-age=63072000
X-Firefox-Spdy: h2
www.ibet.com/assets/transition-fc19594c.js
200 OK 7.4 kB URL GET HTTP/2 www.ibet.com/assets/transition-fc19594c.js
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerAmazon
Subjectibet.com
Fingerprint3B:AD:BE:27:EB:34:85:82:2F:7E:9B:BC:BE:33:AE:64:4D:23:C0:85
ValidityTue, 14 Mar 2023 00:00:00 GMT - Thu, 11 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (10338)
Hash 79a5c2211ad9dedb6be4c4e910d4eb90
73adc8d37acde0a1985b1e2e78c8ba3f6a19ffb9
60438a07bb95ca018a9fcb7a9c126ad640aa2353023646994a14927cb70e859f
GET /assets/transition-fc19594c.js HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/assets/index-bf854176.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 29 Nov 2023 06:40:01 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
date: Sun, 03 Dec 2023 06:08:34 GMT
etag: W/"79a5c2211ad9dedb6be4c4e910d4eb90"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 648da69bb4c2221c403be08a06311d98.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: YO6Q6D9bAUJqH9etYcCYLTgxZ4rp58hYmWn1XTpX7tb4xoFvz1oYog==
age: 63016
cache-control: public, max-age=63072000
X-Firefox-Spdy: h2
www.ibet.com/assets/transition-fc19594c.js
200 OK 38 kB URL GET HTTP/2 www.ibet.com/assets/transition-fc19594c.js
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerAmazon
Subjectibet.com
Fingerprint3B:AD:BE:27:EB:34:85:82:2F:7E:9B:BC:BE:33:AE:64:4D:23:C0:85
ValidityTue, 14 Mar 2023 00:00:00 GMT - Thu, 11 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (10338)
Hash 79a5c2211ad9dedb6be4c4e910d4eb90
73adc8d37acde0a1985b1e2e78c8ba3f6a19ffb9
60438a07bb95ca018a9fcb7a9c126ad640aa2353023646994a14927cb70e859f
GET /assets/transition-fc19594c.js HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 29 Nov 2023 06:40:01 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
date: Sun, 03 Dec 2023 06:08:34 GMT
etag: W/"79a5c2211ad9dedb6be4c4e910d4eb90"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 648da69bb4c2221c403be08a06311d98.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: Or8LWkw5N7NBSNqcJXIzMv-6Tt2eqeK4sHnf8UDBVGB3RLG6C2mgKg==
age: 63016
cache-control: public, max-age=63072000
X-Firefox-Spdy: h2
www.ibet.com/assets/CookiesNotification-d32d680f.js
200 OK 87 kB URL GET HTTP/2 www.ibet.com/assets/CookiesNotification-d32d680f.js
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerAmazon
Subjectibet.com
Fingerprint3B:AD:BE:27:EB:34:85:82:2F:7E:9B:BC:BE:33:AE:64:4D:23:C0:85
ValidityTue, 14 Mar 2023 00:00:00 GMT - Thu, 11 Apr 2024 23:59:59 GMT
File type Java source, ASCII text, with very long lines (5512)
Hash 682f8094d05ef8356869e279435c7891
84d7cd5de14df38e0ba05a469ec0f34f5b60c9d9
af92d311ea9bd199b06a2b85586d787708ec295b18937b574047410603c45218
GET /assets/CookiesNotification-d32d680f.js HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 29 Nov 2023 06:40:00 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
date: Sun, 03 Dec 2023 06:48:55 GMT
etag: W/"682f8094d05ef8356869e279435c7891"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 648da69bb4c2221c403be08a06311d98.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: 09DcBNJbCbUKPbJw5BSXdRczIONyTH_ucNB7KXQRSQQ32gWfC552-w==
age: 60827
cache-control: public, max-age=63072000
X-Firefox-Spdy: h2
www.ibet.com/iojs/5.7.0/mM0sp8Erj2GlCHJLX6SgFKsKcD68gIN_z1-m9vV_lm0/dyn_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
200 OK 1.5 kB URL GET HTTP/2 www.ibet.com/iojs/5.7.0/mM0sp8Erj2GlCHJLX6SgFKsKcD68gIN_z1-m9vV_lm0/dyn_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerAmazon
Subjectibet.com
Fingerprint3B:AD:BE:27:EB:34:85:82:2F:7E:9B:BC:BE:33:AE:64:4D:23:C0:85
ValidityTue, 14 Mar 2023 00:00:00 GMT - Thu, 11 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (1029)
Hash 9f3e1adf113b079a9098a721f7502687
a7649954da7cbe7324f4a1c5d5a6336a00c929bc
6b87f1443543a849a21f81528c5bbda2f356cc9045382b31e64b437f349856d1
GET /iojs/5.7.0/mM0sp8Erj2GlCHJLX6SgFKsKcD68gIN_z1-m9vV_lm0/dyn_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
content-length: 1486
date: 2023-Dec-03 23:34:52
cache-control: no-cache, private
pragma: no-cache
expires: 0
p3p: CP="NON DSP COR CURa"
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-WoW64, ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
vary: Accept-Encoding, User-Agent
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 648da69bb4c2221c403be08a06311d98.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: djwEq-EcMs9McHHlRqZZUXz8Uxo5KxmgLM61LMTxwyz1ABj3O99LjA==
X-Firefox-Spdy: h2
www.ibet.com/assets/index-fbfbf194.js
200 OK 31 kB URL GET HTTP/2 www.ibet.com/assets/index-fbfbf194.js
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerAmazon
Subjectibet.com
Fingerprint3B:AD:BE:27:EB:34:85:82:2F:7E:9B:BC:BE:33:AE:64:4D:23:C0:85
ValidityTue, 14 Mar 2023 00:00:00 GMT - Thu, 11 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (51100)
Hash 53ad023220ef0ac6b81cfdd6b3666243
b422a98c27635ccc402c28fb54702f9860722406
c8fc75f2b360aa79b79333a4351c13303c8beef55348bd26d040cd8725edbd7d
GET /assets/index-fbfbf194.js HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/assets/index-30e5ec17.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 29 Nov 2023 06:40:01 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
date: Sun, 03 Dec 2023 06:41:01 GMT
etag: W/"53ad023220ef0ac6b81cfdd6b3666243"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 648da69bb4c2221c403be08a06311d98.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: dJOFkvjdpy_PuQ2dCAUqkCQBF2GtBVKF7_GY2wHkS5o9-CLIuIRTiA==
age: 60832
cache-control: public, max-age=63072000
X-Firefox-Spdy: h2
www.ibet.com/assets/FooterPartnersView-80850708.js
200 OK 605 B URL GET HTTP/2 www.ibet.com/assets/FooterPartnersView-80850708.js
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerAmazon
Subjectibet.com
Fingerprint3B:AD:BE:27:EB:34:85:82:2F:7E:9B:BC:BE:33:AE:64:4D:23:C0:85
ValidityTue, 14 Mar 2023 00:00:00 GMT - Thu, 11 Apr 2024 23:59:59 GMT
File type Java source, ASCII text, with very long lines (604)
Hash be887513c52adc20ce776d44c0e562b8
9db0f75412fc7756feb3e96051da8dba30bbeb48
c53e02497d1f18c286ebd2388190ed2e78c811f813bef200dc2d88c4bd4e0f2b
GET /assets/FooterPartnersView-80850708.js HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/assets/index-bf854176.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 605
last-modified: Wed, 29 Nov 2023 06:40:00 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Sun, 03 Dec 2023 06:47:51 GMT
etag: "be887513c52adc20ce776d44c0e562b8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 648da69bb4c2221c403be08a06311d98.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: MbUOm38D1F13gWtPtNQIgmqvP73B59AY0393ehFjEwbHDjQ1LcI7xw==
age: 60828
cache-control: public, max-age=63072000
X-Firefox-Spdy: h2
www.ibet.com/assets/useWindowDimensions-232dcae8.js
200 OK 312 B URL GET HTTP/2 www.ibet.com/assets/useWindowDimensions-232dcae8.js
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerAmazon
Subjectibet.com
Fingerprint3B:AD:BE:27:EB:34:85:82:2F:7E:9B:BC:BE:33:AE:64:4D:23:C0:85
ValidityTue, 14 Mar 2023 00:00:00 GMT - Thu, 11 Apr 2024 23:59:59 GMT
File type Java source, ASCII text, with very long lines (311)
Hash d4f90a100519dc543f547d6fb019c821
2cb5aeefb3be3c4246280ab7080de61f81a53d02
f93ab82733dc761dfe916bc396b543d59e9cd47810d05c327e3566a8396bfca0
GET /assets/useWindowDimensions-232dcae8.js HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/assets/index-2629c06f.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 312
last-modified: Wed, 29 Nov 2023 06:40:01 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Sun, 03 Dec 2023 06:48:56 GMT
etag: "d4f90a100519dc543f547d6fb019c821"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 648da69bb4c2221c403be08a06311d98.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: _Ir5OdZAA-P22TCDivmtEIeTuioyfqTRgRDut-S9efHbiFIlt3bKRg==
age: 60784
cache-control: public, max-age=63072000
X-Firefox-Spdy: h2
w9lc5y04.apicdn.sanity.io/v1/data/query/production/?query=%0A%20%20%20%20%20%20*%5B_type%20%3D%3D%20%27paymentMethod%27%20%26%26%20markets%5B%5D-%3Eid%20match%20%22NO%22%5D%20%7C%20order(_createdAt%20desc)%20%0A%20%20%20%20%20%20%0A%7B%0A%20%20name%2C%0A%20%20%22image%22%3Aimage.asset-%3Eurl%2C%0A%20%20altTag%0A%7D%0A%0A%20%20%20%20
200 OK 675 B URL GET HTTP/3 w9lc5y04.apicdn.sanity.io/v1/data/query/production/?query=%0A%20%20%20%20%20%20*%5B_type%20%3D%3D%20%27paymentMethod%27%20%26%26%20markets%5B%5D-%3Eid%20match%20%22NO%22%5D%20%7C%20order(_createdAt%20desc)%20%0A%20%20%20%20%20%20%0A%7B%0A%20%20name%2C%0A%20%20%22image%22%3Aimage.asset-%3Eurl%2C%0A%20%20altTag%0A%7D%0A%0A%20%20%20%20
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerSectigo Limited
Subject*.apicdn.sanity.io
FingerprintA5:1C:16:FF:52:AD:72:FC:C8:DD:BF:3A:CC:96:55:F4:B5:CA:F5:49
ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (1673), with no line terminators
Hash b3c0976bc43c3422800bf0d568f2aaa9
c475121c60b85a532e014e5c398258f217c9a0c0
6e9ddb74fbf1dd5d86b7a9a4dc66335a56d00a7f6fb833dc37ca5ba917631fb8
GET /v1/data/query/production/?query=%0A%20%20%20%20%20%20*%5B_type%20%3D%3D%20%27paymentMethod%27%20%26%26%20markets%5B%5D-%3Eid%20match%20%22NO%22%5D%20%7C%20order(_createdAt%20desc)%20%0A%20%20%20%20%20%20%0A%7B%0A%20%20name%2C%0A%20%20%22image%22%3Aimage.asset-%3Eurl%2C%0A%20%20altTag%0A%7D%0A%0A%20%20%20%20 HTTP/1.1
Host: w9lc5y04.apicdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ibet.com
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json; charset=utf-8
date: Sun, 03 Dec 2023 23:33:38 GMT
server-timing: api;dur=72
x-sanity-shard: gcp-eu-w1-01-prod-1046
access-control-allow-origin: https://www.ibet.com
access-control-expose-headers: Content-Type, Content-Length, ETag, X-Sanity-Deprecated, X-Sanity-Warning
access-control-max-age: 600
strict-transport-security: max-age=63072000; includeSubDomains; preload
apicdn-cache-control: public, max-age=60, s-maxage=3600, stale-while-revalidate=60, stale-if-error=7200
content-encoding: br
x-sanity-age: 74
cache-control: public, max-age=60, s-maxage=60, stale-while-revalidate=15, stale-if-error=7200
vary: accept-encoding, origin
accept-ranges: bytes
content-length: 675
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.ibet.com/assets/ToastNotificationContainer-e01f1417.js
200 OK 5.7 kB URL GET HTTP/2 www.ibet.com/assets/ToastNotificationContainer-e01f1417.js
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerAmazon
Subjectibet.com
Fingerprint3B:AD:BE:27:EB:34:85:82:2F:7E:9B:BC:BE:33:AE:64:4D:23:C0:85
ValidityTue, 14 Mar 2023 00:00:00 GMT - Thu, 11 Apr 2024 23:59:59 GMT
File type Java source, ASCII text, with very long lines (2182)
Hash 1022721d038e17660867c8a7bbd31f37
04b6d7e82248207e3af74ee7b4bbdc3d77791d7c
80b1bd7b36524305c2364547592b160050c015c0a9c9aff825b8d9f5f35e9629
GET /assets/ToastNotificationContainer-e01f1417.js HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/assets/index-30e5ec17.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 29 Nov 2023 06:40:00 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
date: Sun, 03 Dec 2023 06:08:34 GMT
etag: W/"1022721d038e17660867c8a7bbd31f37"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 648da69bb4c2221c403be08a06311d98.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: o7bxG7ybWKhWoMq3lD_FS5UDQPUB59_r2DrfcUA5VroM_PmkrhH3Iw==
age: 63016
cache-control: public, max-age=63072000
X-Firefox-Spdy: h2
cdn.sanity.io/images/w9lc5y04/production/9f33e182639c1e9af62e0aeb241e5e974caf6ec9-363x362.svg
200 OK 1.4 kB URL GET HTTP/2 cdn.sanity.io/images/w9lc5y04/production/9f33e182639c1e9af62e0aeb241e5e974caf6ec9-363x362.svg
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerSectigo Limited
Subject*.sanity.io
FingerprintFB:EF:74:F7:DD:DD:15:CD:83:CC:0E:50:DC:6F:81:65:7C:A3:1C:46
ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1037)
Hash 4d1b911ce531e7cceb79677e8ccb322e
fbf0b3495f1d2a96324886a55db37fc989924cd3
22c928957dec51cdba02b096b7aa0a7f52bb6e0538169531ca7d581522099f16
GET /images/w9lc5y04/production/9f33e182639c1e9af62e0aeb241e5e974caf6ec9-363x362.svg HTTP/1.1
Host: cdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-b3-traceid: d5b96c08d7469fa3ca6a8553b73e696f
x-b3-parentspanid: 70a6d7084e0f2a7e
x-b3-spanid: 6ec175b3f21f22ef
x-b3-sampled: 0
x-sanity-asset-storage: gcs-default
content-security-policy: script-src 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
xkey: project-w9lc5y04-production
content-encoding: br
x-varnish-age: 0
accept-ranges: bytes
via: 1.1 google
content-length: 1353
date: Thu, 09 Nov 2023 21:17:57 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
age: 2081816
last-modified: Fri, 21 Apr 2023 11:17:00 GMT
content-type: image/svg+xml
vary: origin, accept-encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
w9lc5y04.apicdn.sanity.io/v1/data/query/production/?query=%0A%20%20%20%20%20%20*%5B_type%20%3D%3D%20%27paymentMethod%27%20%26%26%20markets%5B%5D-%3Eid%20match%20%22NO%22%5D%20%7C%20order(_createdAt%20desc)%20%0A%20%20%20%20%20%20%0A%7B%0A%20%20name%2C%0A%20%20%22image%22%3Aimage.asset-%3Eurl%2C%0A%20%20altTag%0A%7D%0A%0A%20%20%20%20
200 OK 674 B URL GET HTTP/3 w9lc5y04.apicdn.sanity.io/v1/data/query/production/?query=%0A%20%20%20%20%20%20*%5B_type%20%3D%3D%20%27paymentMethod%27%20%26%26%20markets%5B%5D-%3Eid%20match%20%22NO%22%5D%20%7C%20order(_createdAt%20desc)%20%0A%20%20%20%20%20%20%0A%7B%0A%20%20name%2C%0A%20%20%22image%22%3Aimage.asset-%3Eurl%2C%0A%20%20altTag%0A%7D%0A%0A%20%20%20%20
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerSectigo Limited
Subject*.apicdn.sanity.io
FingerprintA5:1C:16:FF:52:AD:72:FC:C8:DD:BF:3A:CC:96:55:F4:B5:CA:F5:49
ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (1673), with no line terminators
Hash e755936a376b138744541c9b91ca740d
3f4fedd110b9d4f5740c5b2a4053f2b582ac98c1
64939c2eec1b770ac82a94bc72acda202bc43dbc3c0735350ba8ff01b1b2e9cb
GET /v1/data/query/production/?query=%0A%20%20%20%20%20%20*%5B_type%20%3D%3D%20%27paymentMethod%27%20%26%26%20markets%5B%5D-%3Eid%20match%20%22NO%22%5D%20%7C%20order(_createdAt%20desc)%20%0A%20%20%20%20%20%20%0A%7B%0A%20%20name%2C%0A%20%20%22image%22%3Aimage.asset-%3Eurl%2C%0A%20%20altTag%0A%7D%0A%0A%20%20%20%20 HTTP/1.1
Host: w9lc5y04.apicdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ibet.com
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json; charset=utf-8
date: Sun, 03 Dec 2023 23:31:33 GMT
server-timing: api;dur=77
x-sanity-shard: gcp-eu-w1-01-prod-1046
access-control-allow-origin: https://www.ibet.com
access-control-expose-headers: Content-Type, Content-Length, ETag, X-Sanity-Deprecated, X-Sanity-Warning
access-control-max-age: 600
strict-transport-security: max-age=63072000; includeSubDomains; preload
apicdn-cache-control: public, max-age=60, s-maxage=3600, stale-while-revalidate=60, stale-if-error=7200
content-encoding: br
x-sanity-age: 200
cache-control: public, max-age=60, s-maxage=60, stale-while-revalidate=15, stale-if-error=7200
vary: accept-encoding, origin
accept-ranges: bytes
content-length: 674
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
w9lc5y04.apicdn.sanity.io/v1/data/query/production/?query=*%5B_type%20%3D%3D%20%22market%22%20%26%26%20active%5D%7B%27flagUrl%27%3A%20flag.asset-%3Eurl%2C%20...%7D
200 OK 4.6 kB URL GET HTTP/3 w9lc5y04.apicdn.sanity.io/v1/data/query/production/?query=*%5B_type%20%3D%3D%20%22market%22%20%26%26%20active%5D%7B%27flagUrl%27%3A%20flag.asset-%3Eurl%2C%20...%7D
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerSectigo Limited
Subject*.apicdn.sanity.io
FingerprintA5:1C:16:FF:52:AD:72:FC:C8:DD:BF:3A:CC:96:55:F4:B5:CA:F5:49
ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (23460), with no line terminators
Hash e873a9dfdfead42e7e12fa8fda75a3a0
24764dc91d308d4c46c2b1639d9d9034f45a6e22
437d0f20fdaf76a429fb33a7a34048bb2e22c4cdbf4119e60428c488548a19de
GET /v1/data/query/production/?query=*%5B_type%20%3D%3D%20%22market%22%20%26%26%20active%5D%7B%27flagUrl%27%3A%20flag.asset-%3Eurl%2C%20...%7D HTTP/1.1
Host: w9lc5y04.apicdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ibet.com
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json; charset=utf-8
date: Sun, 03 Dec 2023 23:10:16 GMT
server-timing: api;dur=35
x-sanity-shard: gcp-eu-w1-01-prod-1046
access-control-allow-origin: https://www.ibet.com
access-control-expose-headers: Content-Type, Content-Length, ETag, X-Sanity-Deprecated, X-Sanity-Warning
access-control-max-age: 600
strict-transport-security: max-age=63072000; includeSubDomains; preload
apicdn-cache-control: public, max-age=60, s-maxage=3600, stale-while-revalidate=60, stale-if-error=7200
content-encoding: br
x-sanity-age: 1476
cache-control: public, max-age=60, s-maxage=60, stale-while-revalidate=15, stale-if-error=7200
vary: accept-encoding, origin
accept-ranges: bytes
content-length: 4607
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
mpsnare.iesnare.com/general5/mM0sp8Erj2GlCHJLX6SgFKsKcD68gIN_z1-m9vV_lm0/wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
200 OK 19 kB URL GET HTTP/1.1 mpsnare.iesnare.com/general5/mM0sp8Erj2GlCHJLX6SgFKsKcD68gIN_z1-m9vV_lm0/wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerDigiCert Inc
Subjectmpsnare.iesnare.com
Fingerprint76:12:1D:E6:DA:A3:5F:1E:E7:FC:3D:15:6F:B5:5D:0A:2E:F1:A2:D5
ValidityMon, 01 May 2023 00:00:00 GMT - Wed, 29 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (1100)
Hash 3569dea87ef2646c4ad7a77d54381c80
8d12fa05ce6f5a41d5453f5d20ccc9b8529ffb8c
fe111fdccb04cb31a630d65a1dc25818e936d5a875b6aaeb11b7d586c3b2a96c
GET /general5/mM0sp8Erj2GlCHJLX6SgFKsKcD68gIN_z1-m9vV_lm0/wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false HTTP/1.1
Host: mpsnare.iesnare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 03 Dec 2023 23:34:53 GMT
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: io_token_7c6a6574-f011-4c9a-abdd-9894a102ccef=LXvpJcWOd3rWjJfMroDyd93HO9+RC6eYliHFx8ZY4rM=;Path=/;Expires=Mon, 02-Dec-2024 23:34:53 GMT;Max-Age=31536000;Secure;HttpOnly;SameSite=None
Cache-Control: no-cache, private
Pragma: no-cache
Expires: 0
p3p: CP="NON DSP COR CURa"
Accept-CH: Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-WoW64, ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip
www.ibet.com/assets/ExpandMore-fd96bb78.js
200 OK 5.5 kB URL GET HTTP/2 www.ibet.com/assets/ExpandMore-fd96bb78.js
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerAmazon
Subjectibet.com
Fingerprint3B:AD:BE:27:EB:34:85:82:2F:7E:9B:BC:BE:33:AE:64:4D:23:C0:85
ValidityTue, 14 Mar 2023 00:00:00 GMT - Thu, 11 Apr 2024 23:59:59 GMT
File type Java source, ASCII text, with very long lines (3073)
Hash f02c011429b6e2c319a3b961c5f7a4cb
b745839dd46f459eb43b7fa7f3b730f440faf1a4
5d685941c134053c5f23ee341a34d77924f88ad1e5d2bb4cd3b05378caf672f3
GET /assets/ExpandMore-fd96bb78.js HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/assets/index-fbfbf194.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 29 Nov 2023 06:40:00 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
date: Sun, 03 Dec 2023 04:01:12 GMT
etag: W/"f02c011429b6e2c319a3b961c5f7a4cb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 648da69bb4c2221c403be08a06311d98.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: YOHz0aXJqup66hWhWALKWto0Q2rGOUfCo65y5c0z_HpAMFbqt9S2tw==
age: 71084
cache-control: public, max-age=63072000
X-Firefox-Spdy: h2
w9lc5y04.apicdn.sanity.io/v1/data/query/production/?query=*%5B_type%20%3D%3D%20%22homePage%22%20%26%26%20%27NO%27%20in%20market%5B%5D-%3Eid%20%26%26%20!(_id%20in%20path(%27drafts.**%27))%5D%5B0%5D%7B%0A%20%20%20%20%20%22banner%22%3A%7B%0A%20%20%20%20%20%20%20%20%22list%22%3Abanners%5B%5D-%3E%7B%0A%20%20%20%20%20%20%20%20%20%20%20_id%2C%0A%20%20%20%20%20%20%20%20%20%20%20%22description%22%3Adescription.no%2C%0A%20%20%20%20%20%20%20%20%20%20%20%22title%22%3Atitle.no%2C%0A%20%20%20%20%20%20%20%20%20%20%20%22greeting%22%3Agreeting.no%2C%0A%20%20%20%20%20%20%20%20%20%20%20%22button%22%3A%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%22type%22%3Abutton.type%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%22label%22%3Abutton.label.no%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%22param%22%3Abutton.param%0A%20%20%20%20%20%20%20%20%20%20%20%7D%2C%0A%20%20%20%20%20%20%20%20%20%20%20%22urlAction%22%3A%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20%22slug%22%3A%20urlAction.anonymousSlug%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20%22absoluteUrl%22%3A%20urlAction.anonymousAbsoluteUrl%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20%22openNewTab%22%3A%20urlAction.anonymousOpenNewTab%0A%20%20%20%20%20%20%20%20%20%20%7D%2C%0A%20%20%20%20%20%20%20%20%20%20%20%22img%22%3A%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%22img1x%22%3Aimg.img1x.asset-%3Eurl%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%22img2x%22%3Aimg.img2x.asset-%3Eurl%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%22img3x%22%3Aimg.img3x.asset-%3Eurl%2C%0A%20%20%20%20%20%20%20%20%20%20%20%7D%2C%20%20%20%20%20%20%20%20%20%20%20%0A%20%20%20%20%20%20%20%20%20%20%20%22imgPortrait%22%3A%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%22img1x%22%3AimgPortrait.img1x.asset-%3Eurl%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%22img2x%22%3AimgPortrait.img2x.asset-%3Eurl%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%22img3x%22%3AimgPortrait.img3x.asset-%3Eurl%2C%0A%20%20%20%20%20%20%20%20%20%20%20%7D%2C%0A%20%20%20%20%20%20%20%20%20%20%20startDate%2C%0A%20%20%20%20%20%20%20%20%20%20%20endDate%2C%0A%20%20%20%20%20%20%20%20%20%20%20authorized%2C%0A%20%20%20%20%20%20%20%20%20%20%20isClickable%0A%20%20%20%20%20%20%20%20%7D%2C%0A%20%20%20%20%20%20%20%20%22options%22%3A%7B%22duration%22%3AbannersDuration%7D%20%20%20%20%20%20%20%20%0A%20%20%20%20%20%7D%2C%0A%20%20%20%20%20%22verticals%22%3Averticals%5B%5D-%3E%7B%0A%20%20%20%20%20%20%20%20%20%20%22title%22%3Atitle.no%2C%20type%2C%20authorized%2C%20%22subtitle%22%3Asubtitle.no%2C%20%22description%22%3Adescription.no%2C%20%0A%20%20%20%20%20%20%20%20%20%20items%5B%5D-%3E%7B%20%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20id%2C%20%22label%22%3Acoalesce(title.no%2Cname)%2C%20image%7B%22img1x%22%3Aimg1x.asset-%3Eurl%2C%22img2x%22%3Aimg2x.asset-%3Eurl%2C%22img3x%22%3Aimg3x.asset-%3Eurl%7D%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20lobbyGridSizes%7B%22verticalImg1x%22%3AverticalImg1x.asset-%3Eurl%2C%22verticalImg2x%22%3AverticalImg2x.asset-%3Eurl%2C%22verticalImg3x%22%3AverticalImg3x.asset-%3Eurl%7D%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%22provider%22%3Acoalesce(provider-%3Eprovider.id%2Cprovider)%0A%20%20%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%20%20%7D%2C%0A%20%20%7D
200 OK 12 kB URL GET HTTP/3 w9lc5y04.apicdn.sanity.io/v1/data/query/production/?query=*%5B_type%20%3D%3D%20%22homePage%22%20%26%26%20%27NO%27%20in%20market%5B%5D-%3Eid%20%26%26%20!(_id%20in%20path(%27drafts.**%27))%5D%5B0%5D%7B%0A%20%20%20%20%20%22banner%22%3A%7B%0A%20%20%20%20%20%20%20%20%22list%22%3Abanners%5B%5D-%3E%7B%0A%20%20%20%20%20%20%20%20%20%20%20_id%2C%0A%20%20%20%20%20%20%20%20%20%20%20%22description%22%3Adescription.no%2C%0A%20%20%20%20%20%20%20%20%20%20%20%22title%22%3Atitle.no%2C%0A%20%20%20%20%20%20%20%20%20%20%20%22greeting%22%3Agreeting.no%2C%0A%20%20%20%20%20%20%20%20%20%20%20%22button%22%3A%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%22type%22%3Abutton.type%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%22label%22%3Abutton.label.no%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%22param%22%3Abutton.param%0A%20%20%20%20%20%20%20%20%20%20%20%7D%2C%0A%20%20%20%20%20%20%20%20%20%20%20%22urlAction%22%3A%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20%22slug%22%3A%20urlAction.anonymousSlug%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20%22absoluteUrl%22%3A%20urlAction.anonymousAbsoluteUrl%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20%22openNewTab%22%3A%20urlAction.anonymousOpenNewTab%0A%20%20%20%20%20%20%20%20%20%20%7D%2C%0A%20%20%20%20%20%20%20%20%20%20%20%22img%22%3A%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%22img1x%22%3Aimg.img1x.asset-%3Eurl%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%22img2x%22%3Aimg.img2x.asset-%3Eurl%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%22img3x%22%3Aimg.img3x.asset-%3Eurl%2C%0A%20%20%20%20%20%20%20%20%20%20%20%7D%2C%20%20%20%20%20%20%20%20%20%20%20%0A%20%20%20%20%20%20%20%20%20%20%20%22imgPortrait%22%3A%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%22img1x%22%3AimgPortrait.img1x.asset-%3Eurl%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%22img2x%22%3AimgPortrait.img2x.asset-%3Eurl%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%22img3x%22%3AimgPortrait.img3x.asset-%3Eurl%2C%0A%20%20%20%20%20%20%20%20%20%20%20%7D%2C%0A%20%20%20%20%20%20%20%20%20%20%20startDate%2C%0A%20%20%20%20%20%20%20%20%20%20%20endDate%2C%0A%20%20%20%20%20%20%20%20%20%20%20authorized%2C%0A%20%20%20%20%20%20%20%20%20%20%20isClickable%0A%20%20%20%20%20%20%20%20%7D%2C%0A%20%20%20%20%20%20%20%20%22options%22%3A%7B%22duration%22%3AbannersDuration%7D%20%20%20%20%20%20%20%20%0A%20%20%20%20%20%7D%2C%0A%20%20%20%20%20%22verticals%22%3Averticals%5B%5D-%3E%7B%0A%20%20%20%20%20%20%20%20%20%20%22title%22%3Atitle.no%2C%20type%2C%20authorized%2C%20%22subtitle%22%3Asubtitle.no%2C%20%22description%22%3Adescription.no%2C%20%0A%20%20%20%20%20%20%20%20%20%20items%5B%5D-%3E%7B%20%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20id%2C%20%22label%22%3Acoalesce(title.no%2Cname)%2C%20image%7B%22img1x%22%3Aimg1x.asset-%3Eurl%2C%22img2x%22%3Aimg2x.asset-%3Eurl%2C%22img3x%22%3Aimg3x.asset-%3Eurl%7D%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20lobbyGridSizes%7B%22verticalImg1x%22%3AverticalImg1x.asset-%3Eurl%2C%22verticalImg2x%22%3AverticalImg2x.asset-%3Eurl%2C%22verticalImg3x%22%3AverticalImg3x.asset-%3Eurl%7D%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%22provider%22%3Acoalesce(provider-%3Eprovider.id%2Cprovider)%0A%20%20%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%20%20%7D%2C%0A%20%20%7D
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerSectigo Limited
Subject*.apicdn.sanity.io
FingerprintA5:1C:16:FF:52:AD:72:FC:C8:DD:BF:3A:CC:96:55:F4:B5:CA:F5:49
ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (57209), with no line terminators
Hash 44c6a6f08bf9595cd5fa270ee34ae7c8
66f29c10f21a015b8fb7ef26c528386042807e64
9dc9d63d3f9c7fc56ab2475349aa9903c6efc93f4e5904e78ac2d33d274e6a6d
GET /v1/data/query/production/?query=*%5B_type%20%3D%3D%20%22homePage%22%20%26%26%20%27NO%27%20in%20market%5B%5D-%3Eid%20%26%26%20!(_id%20in%20path(%27drafts.**%27))%5D%5B0%5D%7B%0A%20%20%20%20%20%22banner%22%3A%7B%0A%20%20%20%20%20%20%20%20%22list%22%3Abanners%5B%5D-%3E%7B%0A%20%20%20%20%20%20%20%20%20%20%20_id%2C%0A%20%20%20%20%20%20%20%20%20%20%20%22description%22%3Adescription.no%2C%0A%20%20%20%20%20%20%20%20%20%20%20%22title%22%3Atitle.no%2C%0A%20%20%20%20%20%20%20%20%20%20%20%22greeting%22%3Agreeting.no%2C%0A%20%20%20%20%20%20%20%20%20%20%20%22button%22%3A%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%22type%22%3Abutton.type%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%22label%22%3Abutton.label.no%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%22param%22%3Abutton.param%0A%20%20%20%20%20%20%20%20%20%20%20%7D%2C%0A%20%20%20%20%20%20%20%20%20%20%20%22urlAction%22%3A%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20%22slug%22%3A%20urlAction.anonymousSlug%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20%22absoluteUrl%22%3A%20urlAction.anonymousAbsoluteUrl%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20%22openNewTab%22%3A%20urlAction.anonymousOpenNewTab%0A%20%20%20%20%20%20%20%20%20%20%7D%2C%0A%20%20%20%20%20%20%20%20%20%20%20%22img%22%3A%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%22img1x%22%3Aimg.img1x.asset-%3Eurl%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%22img2x%22%3Aimg.img2x.asset-%3Eurl%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%22img3x%22%3Aimg.img3x.asset-%3Eurl%2C%0A%20%20%20%20%20%20%20%20%20%20%20%7D%2C%20%20%20%20%20%20%20%20%20%20%20%0A%20%20%20%20%20%20%20%20%20%20%20%22imgPortrait%22%3A%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%22img1x%22%3AimgPortrait.img1x.asset-%3Eurl%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%22img2x%22%3AimgPortrait.img2x.asset-%3Eurl%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%22img3x%22%3AimgPortrait.img3x.asset-%3Eurl%2C%0A%20%20%20%20%20%20%20%20%20%20%20%7D%2C%0A%20%20%20%20%20%20%20%20%20%20%20startDate%2C%0A%20%20%20%20%20%20%20%20%20%20%20endDate%2C%0A%20%20%20%20%20%20%20%20%20%20%20authorized%2C%0A%20%20%20%20%20%20%20%20%20%20%20isClickable%0A%20%20%20%20%20%20%20%20%7D%2C%0A%20%20%20%20%20%20%20%20%22options%22%3A%7B%22duration%22%3AbannersDuration%7D%20%20%20%20%20%20%20%20%0A%20%20%20%20%20%7D%2C%0A%20%20%20%20%20%22verticals%22%3Averticals%5B%5D-%3E%7B%0A%20%20%20%20%20%20%20%20%20%20%22title%22%3Atitle.no%2C%20type%2C%20authorized%2C%20%22subtitle%22%3Asubtitle.no%2C%20%22description%22%3Adescription.no%2C%20%0A%20%20%20%20%20%20%20%20%20%20items%5B%5D-%3E%7B%20%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20id%2C%20%22label%22%3Acoalesce(title.no%2Cname)%2C%20image%7B%22img1x%22%3Aimg1x.asset-%3Eurl%2C%22img2x%22%3Aimg2x.asset-%3Eurl%2C%22img3x%22%3Aimg3x.asset-%3Eurl%7D%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20lobbyGridSizes%7B%22verticalImg1x%22%3AverticalImg1x.asset-%3Eurl%2C%22verticalImg2x%22%3AverticalImg2x.asset-%3Eurl%2C%22verticalImg3x%22%3AverticalImg3x.asset-%3Eurl%7D%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%22provider%22%3Acoalesce(provider-%3Eprovider.id%2Cprovider)%0A%20%20%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%20%20%7D%2C%0A%20%20%7D HTTP/1.1
Host: w9lc5y04.apicdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ibet.com
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json; charset=utf-8
date: Sun, 03 Dec 2023 23:05:18 GMT
server-timing: api;dur=700
x-sanity-shard: gcp-eu-w1-01-prod-1046
access-control-allow-origin: https://www.ibet.com
access-control-expose-headers: Content-Type, Content-Length, ETag, X-Sanity-Deprecated, X-Sanity-Warning
access-control-max-age: 600
strict-transport-security: max-age=63072000; includeSubDomains; preload
apicdn-cache-control: public, max-age=60, s-maxage=3600, stale-while-revalidate=60, stale-if-error=7200
content-encoding: br
x-sanity-age: 1774
cache-control: public, max-age=60, s-maxage=60, stale-while-revalidate=15, stale-if-error=7200
vary: accept-encoding, origin
accept-ranges: bytes
content-length: 11691
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.ibet.com/assets/index-bf854176.js
200 OK 43 kB URL GET HTTP/2 www.ibet.com/assets/index-bf854176.js
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerAmazon
Subjectibet.com
Fingerprint3B:AD:BE:27:EB:34:85:82:2F:7E:9B:BC:BE:33:AE:64:4D:23:C0:85
ValidityTue, 14 Mar 2023 00:00:00 GMT - Thu, 11 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash dbf7e4f6ebebd8ed12aeba26ab81ec6e
16c1de9a2cf7a06d32e23a5d2ffbe858792efb0d
9f63a812861c29ffe48498ff85930531295b2fbb20196a66278e055fd841cc24
GET /assets/index-bf854176.js HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/assets/index-30e5ec17.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 29 Nov 2023 06:40:01 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
date: Sun, 03 Dec 2023 06:41:01 GMT
etag: W/"dbf7e4f6ebebd8ed12aeba26ab81ec6e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 648da69bb4c2221c403be08a06311d98.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: fRL2BICNLul_frOSd9-1iDCenjFTNwdjbo-IcP2A10ic6NK696MWvA==
age: 60832
cache-control: public, max-age=63072000
X-Firefox-Spdy: h2
www.ibet.com/iojs/5.7.0/mM0sp8Erj2GlCHJLX6SgFKsKcD68gIN_z1-m9vV_lm0/logo.js
200 OK 505 B URL GET HTTP/2 www.ibet.com/iojs/5.7.0/mM0sp8Erj2GlCHJLX6SgFKsKcD68gIN_z1-m9vV_lm0/logo.js
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerAmazon
Subjectibet.com
Fingerprint3B:AD:BE:27:EB:34:85:82:2F:7E:9B:BC:BE:33:AE:64:4D:23:C0:85
ValidityTue, 14 Mar 2023 00:00:00 GMT - Thu, 11 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (377)
Hash 27ea29da76c0df133f9a3e0b7318be35
250fc27a8fe60f984ef73252c7464dd0d6088031
c14bc11156a9d7fa87253fb4f85a466bdd4a032cda7362f0b7a7bdd15f7af183
GET /iojs/5.7.0/mM0sp8Erj2GlCHJLX6SgFKsKcD68gIN_z1-m9vV_lm0/logo.js HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
content-length: 505
date: Sun, 03 Dec 2023 23:34:53 GMT
last-modified: Tue, 06 May 2014 00:01:40 GMT
expires: Mon, 02 Dec 2024 23:34:53 GMT
cache-control: private
p3p: CP="NON DSP COR CURa"
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-WoW64, ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
vary: Accept-Encoding, User-Agent
x-cache: Miss from cloudfront
via: 1.1 648da69bb4c2221c403be08a06311d98.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: OOCfW4VQz_dfpSBnUCr0OceUtZ3zzWekMrQEMemPmNtnYdYLmne5mQ==
X-Firefox-Spdy: h2
cdn.sanity.io/images/w9lc5y04/production/f79a900918e75cc2561144d8be61f4ab5b53f6fc-70x60.svg
200 OK 628 B URL GET HTTP/2 cdn.sanity.io/images/w9lc5y04/production/f79a900918e75cc2561144d8be61f4ab5b53f6fc-70x60.svg
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerSectigo Limited
Subject*.sanity.io
FingerprintFB:EF:74:F7:DD:DD:15:CD:83:CC:0E:50:DC:6F:81:65:7C:A3:1C:46
ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 6a996fd4cd4f21b7281eae672b2132f9
ba16128797fb681a0e24a697801924f697e31531
c2e2fbf1ee4ef44a84ee1f1ad258357a577fa9dda384cce30090778ea07388a0
GET /images/w9lc5y04/production/f79a900918e75cc2561144d8be61f4ab5b53f6fc-70x60.svg HTTP/1.1
Host: cdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-b3-traceid: 0d5ea22f8fd0db21ae574415c89741be
x-b3-parentspanid: b0f3e823e54b4222
x-b3-spanid: f201b736e25901f1
x-b3-sampled: 0
x-sanity-asset-storage: gcs-default
content-security-policy: script-src 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
xkey: project-w9lc5y04-production
content-encoding: br
vha6-origin: image-varnish-ssd-5
x-varnish-age: 3739
accept-ranges: bytes
content-length: 628
via: 1.1 google
date: Thu, 09 Nov 2023 20:28:44 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
last-modified: Fri, 21 Apr 2023 11:23:00 GMT
content-type: image/svg+xml
vary: origin, accept-encoding
age: 2084769
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.ibet.com/assets/index-2629c06f.js
200 OK 44 kB URL GET HTTP/2 www.ibet.com/assets/index-2629c06f.js
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerAmazon
Subjectibet.com
Fingerprint3B:AD:BE:27:EB:34:85:82:2F:7E:9B:BC:BE:33:AE:64:4D:23:C0:85
ValidityTue, 14 Mar 2023 00:00:00 GMT - Thu, 11 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (34758)
Hash dde10a5e845f279d8fc4f75e7a6c9065
02fcebc29c8596bcaeb6a67294d4aec2bd002429
72eb15d130bac628bf9a98120743929c5adaeebddb02f234a4781f0697a7b5cd
GET /assets/index-2629c06f.js HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/assets/AppRoutes-8f87b6d0.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 29 Nov 2023 06:40:01 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
date: Sun, 03 Dec 2023 06:48:56 GMT
etag: W/"dde10a5e845f279d8fc4f75e7a6c9065"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 648da69bb4c2221c403be08a06311d98.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: pkKvAqcybV5ZOMTYpO2hO_gyJe1U6A2qmAt-l54Kd91B7Hlre3c78Q==
age: 60783
cache-control: public, max-age=63072000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-E0JKRGC2KE&l=dataLayer&cx=c
200 OK 90 kB URL GET HTTP/3 www.googletagmanager.com/gtag/js?id=G-E0JKRGC2KE&l=dataLayer&cx=c
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
File type ASCII text, with very long lines (4179)
Hash 4f577248a7b8494b36a3089a439bc9a8
7ed71c9b94ed3e19e140bf18dcb81806b229bb35
483c9cdbe19960a44edfec5e7e446871cbf6feae9da087c993bebd90a31213f1
GET /gtag/js?id=G-E0JKRGC2KE&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 03 Dec 2023 23:34:53 GMT
expires: Sun, 03 Dec 2023 23:34:53 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 89900
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cdn.sanity.io/images/w9lc5y04/production/e905e2573a77a48c99e5e58886cd31e222f31ebf-474x106.png
200 OK 6.3 kB URL GET HTTP/3 cdn.sanity.io/images/w9lc5y04/production/e905e2573a77a48c99e5e58886cd31e222f31ebf-474x106.png
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerSectigo Limited
Subject*.sanity.io
FingerprintFB:EF:74:F7:DD:DD:15:CD:83:CC:0E:50:DC:6F:81:65:7C:A3:1C:46
ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT
File type PNG image data, 474 x 106, 8-bit/color RGBA, non-interlaced\012- data
Hash 3bef3b68c1c547a1cb7ec6b2dfef9b3d
392d3b682d7ce2286e508f6f6d2b1d6740607420
bcb5b82ace1eb6134ee26d47dbac9a236c8289aac737841144709c639d128c8a
GET /images/w9lc5y04/production/e905e2573a77a48c99e5e58886cd31e222f31ebf-474x106.png HTTP/1.1
Host: cdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 6338
x-b3-traceid: 215faca9bd8f4a7c487dcc5a003cabcd
x-b3-parentspanid: 5e55b2ab968e7396
x-b3-spanid: e95781c65e02dee1
x-b3-sampled: 0
x-sanity-asset-storage: gcs-default
content-security-policy: script-src 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
xkey: project-w9lc5y04-production
x-varnish-age: 0
accept-ranges: bytes
via: 1.1 google
date: Mon, 13 Nov 2023 04:05:07 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
last-modified: Thu, 09 Feb 2023 13:16:17 GMT
content-type: image/png
vary: origin
age: 1798186
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cdn.sanity.io/images/w9lc5y04/production/ad7d8c466475535ca8c0a94019fe003de7e8f69a-318x78.png
200 OK 5.2 kB URL GET HTTP/3 cdn.sanity.io/images/w9lc5y04/production/ad7d8c466475535ca8c0a94019fe003de7e8f69a-318x78.png
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerSectigo Limited
Subject*.sanity.io
FingerprintFB:EF:74:F7:DD:DD:15:CD:83:CC:0E:50:DC:6F:81:65:7C:A3:1C:46
ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT
File type PNG image data, 318 x 78, 8-bit/color RGBA, non-interlaced\012- data
Hash 54f08de44053ac484ef92bd1b2490323
fbfd97517c2b1e30611014c9938e5ac6f75e3315
68d588a5d493dc1ad73240aa42bbf23a7b522f8ab1c42b8718ce05a027293ac7
GET /images/w9lc5y04/production/ad7d8c466475535ca8c0a94019fe003de7e8f69a-318x78.png HTTP/1.1
Host: cdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 5240
x-b3-traceid: e876243471bb7a09b02c4c4588030605
x-b3-parentspanid: c2699287d8171688
x-b3-spanid: 4b163c8fa47816cc
x-b3-sampled: 0
x-sanity-asset-storage: gcs-default
content-security-policy: script-src 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
xkey: project-w9lc5y04-production
x-varnish-age: 0
accept-ranges: bytes
via: 1.1 google
date: Wed, 15 Nov 2023 21:54:36 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
last-modified: Fri, 25 Nov 2022 13:38:56 GMT
content-type: image/png
vary: origin
age: 1561217
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cdn.sanity.io/images/w9lc5y04/production/bbf27568b61d4113e6c772dce2e018abda0fcc0c-87x34.svg
200 OK 1.5 kB URL GET HTTP/3 cdn.sanity.io/images/w9lc5y04/production/bbf27568b61d4113e6c772dce2e018abda0fcc0c-87x34.svg
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerSectigo Limited
Subject*.sanity.io
FingerprintFB:EF:74:F7:DD:DD:15:CD:83:CC:0E:50:DC:6F:81:65:7C:A3:1C:46
ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2523)
Hash b454c14cd7724ba5c786d844b8045411
7457cdbdb0879c41b75d54ba0894ed9469151f66
f3b59c99ebd081d8c37f746fe2137aaafe99c8aeaff9156dadf904bfe8703083
GET /images/w9lc5y04/production/bbf27568b61d4113e6c772dce2e018abda0fcc0c-87x34.svg HTTP/1.1
Host: cdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
x-b3-traceid: 87c94d741549cf8f3c59b783b005849f
x-b3-parentspanid: 9017cd3a1bad5024
x-b3-spanid: bec5ae5e91954fe1
x-b3-sampled: 0
x-sanity-asset-storage: gcs-default
content-security-policy: script-src 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
xkey: project-w9lc5y04-production
content-encoding: br
x-varnish-age: 5416
accept-ranges: bytes
content-length: 1454
via: 1.1 google
date: Mon, 13 Nov 2023 22:16:47 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
last-modified: Wed, 20 Jul 2022 10:00:20 GMT
content-type: image/svg+xml
vary: origin, accept-encoding
age: 1732686
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cdn.sanity.io/images/w9lc5y04/production/f67978d0d803de85c8b792095ff232bdf21a26b5-939x123.png
200 OK 9.2 kB URL GET HTTP/3 cdn.sanity.io/images/w9lc5y04/production/f67978d0d803de85c8b792095ff232bdf21a26b5-939x123.png
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerSectigo Limited
Subject*.sanity.io
FingerprintFB:EF:74:F7:DD:DD:15:CD:83:CC:0E:50:DC:6F:81:65:7C:A3:1C:46
ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT
File type PNG image data, 939 x 123, 8-bit/color RGBA, non-interlaced\012- data
Hash 754253bc2896000f397250c87f47b56b
c3e41cf210831a78faa0b7916b7951d546b6c874
9eaee53ffcde0da1cd985fcf81add1ed1c500936a492a1f5f216c1901e76422a
GET /images/w9lc5y04/production/f67978d0d803de85c8b792095ff232bdf21a26b5-939x123.png HTTP/1.1
Host: cdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 9162
x-b3-traceid: 7b4f9d52b2f31262ad135a2de652ac0e
x-b3-parentspanid: 84ff6b31bc7c74f4
x-b3-spanid: 24870b2f2ceaf4a9
x-b3-sampled: 0
x-sanity-asset-storage: gcs-default
content-security-policy: script-src 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
xkey: project-w9lc5y04-production
x-varnish-age: 0
accept-ranges: bytes
via: 1.1 google
date: Mon, 13 Nov 2023 04:05:08 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
age: 1798185
last-modified: Thu, 09 Feb 2023 09:50:35 GMT
content-type: image/png
vary: origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.ibet.com/assets/StaticPageFromCMS-efd42385.js
200 OK 54 kB URL GET HTTP/2 www.ibet.com/assets/StaticPageFromCMS-efd42385.js
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerAmazon
Subjectibet.com
Fingerprint3B:AD:BE:27:EB:34:85:82:2F:7E:9B:BC:BE:33:AE:64:4D:23:C0:85
ValidityTue, 14 Mar 2023 00:00:00 GMT - Thu, 11 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (24026)
Hash f2e6f01a0356297e3e8706ba00d26677
31b46d1752c7fcff34c2ecd1ded8d580e7f59a47
bfb7e45f885cb040e1089462dcc946edd6e7ab973bb5f3a7cffe1af4393aada9
GET /assets/StaticPageFromCMS-efd42385.js HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/assets/AppRoutes-8f87b6d0.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 29 Nov 2023 06:40:00 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
date: Sun, 03 Dec 2023 06:41:01 GMT
etag: W/"f2e6f01a0356297e3e8706ba00d26677"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 648da69bb4c2221c403be08a06311d98.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: fF0XaDpSYEa6VjMO-y8VuQVXpJxRnTfp5S538k26Wc7GVXm8DSEB0g==
age: 60832
cache-control: public, max-age=63072000
X-Firefox-Spdy: h2
cdn.sanity.io/images/w9lc5y04/production/55d86f60b146584dbf41fcd8444f32cad91ce0ae-270x93.png
200 OK 1.8 kB URL GET HTTP/3 cdn.sanity.io/images/w9lc5y04/production/55d86f60b146584dbf41fcd8444f32cad91ce0ae-270x93.png
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerSectigo Limited
Subject*.sanity.io
FingerprintFB:EF:74:F7:DD:DD:15:CD:83:CC:0E:50:DC:6F:81:65:7C:A3:1C:46
ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT
File type PNG image data, 270 x 93, 8-bit colormap, non-interlaced\012- data
Hash e4b9e11554e481b113004a5fa1bcd3ca
55d86f60b146584dbf41fcd8444f32cad91ce0ae
5bff602b52530e6bf9e7328c551a062ffb4153b63b1a22a3e2701270b24cf694
GET /images/w9lc5y04/production/55d86f60b146584dbf41fcd8444f32cad91ce0ae-270x93.png HTTP/1.1
Host: cdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 1819
x-b3-traceid: 015ce4f80c06ab7f3f1843533c19d57d
x-b3-parentspanid: 66a59a046a4820ff
x-b3-spanid: 594be8e65bab2116
x-b3-sampled: 0
x-sanity-asset-storage: gcs-default
content-security-policy: script-src 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
xkey: project-w9lc5y04-production
x-varnish-age: 0
accept-ranges: bytes
via: 1.1 google
date: Wed, 15 Nov 2023 21:54:36 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
last-modified: Wed, 14 Jul 2021 11:39:31 GMT
content-type: image/png
vary: origin
age: 1561217
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cdn.sanity.io/images/w9lc5y04/production/88e4d86bc5cb6dec2d8f3ddd49a6dcf20aa80bb9-134x30.png
200 OK 1.8 kB URL GET HTTP/3 cdn.sanity.io/images/w9lc5y04/production/88e4d86bc5cb6dec2d8f3ddd49a6dcf20aa80bb9-134x30.png
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerSectigo Limited
Subject*.sanity.io
FingerprintFB:EF:74:F7:DD:DD:15:CD:83:CC:0E:50:DC:6F:81:65:7C:A3:1C:46
ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT
File type PNG image data, 134 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash bfe0f5f1695f21c5a835ec8e38369f61
c2eed378138e81b9be9f01bda31ece67f43518ea
e8bcf31b58f300e6735d0278632d2a884680db805a9e5f8c53fc865eb82745d4
GET /images/w9lc5y04/production/88e4d86bc5cb6dec2d8f3ddd49a6dcf20aa80bb9-134x30.png HTTP/1.1
Host: cdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 1813
x-b3-traceid: 9ee9ea4b09c3a71e0eeaaa7a5b14d2dc
x-b3-parentspanid: 898678021acd7c60
x-b3-spanid: eac92d3ea8f3f16b
x-b3-sampled: 0
x-sanity-asset-storage: gcs-default
content-security-policy: script-src 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
xkey: project-w9lc5y04-production
vha6-origin: image-varnish-ssd-7
x-varnish-age: 41
accept-ranges: bytes
via: 1.1 google
date: Mon, 13 Nov 2023 23:34:33 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
last-modified: Thu, 09 Feb 2023 10:06:03 GMT
content-type: image/png
vary: origin
age: 1728020
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cdn.sanity.io/images/w9lc5y04/production/d6a6f0ddcb6ad69046e43cbf379c27d839b47e1f-560x107.png
200 OK 3.3 kB URL GET HTTP/3 cdn.sanity.io/images/w9lc5y04/production/d6a6f0ddcb6ad69046e43cbf379c27d839b47e1f-560x107.png
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerSectigo Limited
Subject*.sanity.io
FingerprintFB:EF:74:F7:DD:DD:15:CD:83:CC:0E:50:DC:6F:81:65:7C:A3:1C:46
ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT
File type PNG image data, 560 x 107, 8-bit colormap, non-interlaced\012- data
Hash e83e505077311e5f9cd28570d22b274c
d6a6f0ddcb6ad69046e43cbf379c27d839b47e1f
f0571891d0bb64899275389561c72cf12622f87bc6921910c0fea86108c13fae
GET /images/w9lc5y04/production/d6a6f0ddcb6ad69046e43cbf379c27d839b47e1f-560x107.png HTTP/1.1
Host: cdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 3304
x-b3-traceid: faf01e76e65c3b58257dd97fbf86fafb
x-b3-parentspanid: 767126fb98ce918e
x-b3-spanid: ddb10a2a7eab9995
x-b3-sampled: 0
x-sanity-asset-storage: gcs-default
content-security-policy: script-src 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
xkey: project-w9lc5y04-production
vha6-origin: image-varnish-ssd-7
x-varnish-age: 1023
accept-ranges: bytes
via: 1.1 google
date: Mon, 13 Nov 2023 04:07:04 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
last-modified: Wed, 14 Jul 2021 11:37:21 GMT
content-type: image/png
vary: origin
age: 1798069
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cdn.sanity.io/images/w9lc5y04/production/4f666106b0eefc833c9a500656be9f1365890511-256x90.png
200 OK 2.9 kB URL GET HTTP/3 cdn.sanity.io/images/w9lc5y04/production/4f666106b0eefc833c9a500656be9f1365890511-256x90.png
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerSectigo Limited
Subject*.sanity.io
FingerprintFB:EF:74:F7:DD:DD:15:CD:83:CC:0E:50:DC:6F:81:65:7C:A3:1C:46
ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT
File type PNG image data, 256 x 90, 8-bit/color RGBA, non-interlaced\012- data
Hash 9823573a804e67abba05de26d2f9078c
3e7748db9a99b4adc19b89bce656e25cac1e27ae
d3c47f8b3616b4817dca9d7df45fb627a43a70cc0230b40c31c7a5a82efe5ddb
GET /images/w9lc5y04/production/4f666106b0eefc833c9a500656be9f1365890511-256x90.png HTTP/1.1
Host: cdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 2948
x-b3-traceid: 972d40c26c33ff47c23a90b8e06ca5e8
x-b3-parentspanid: 720b7ee14dff9817
x-b3-spanid: f1c9442871d01613
x-b3-sampled: 0
x-sanity-asset-storage: gcs-default
content-security-policy: script-src 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
xkey: project-w9lc5y04-production
x-varnish-age: 0
accept-ranges: bytes
via: 1.1 google
date: Wed, 15 Nov 2023 21:54:36 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
last-modified: Thu, 09 Feb 2023 10:09:12 GMT
content-type: image/png
vary: origin
age: 1561217
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
tm.ads.sportradar.com/dist/tag-manager.js?id=STM-AAAAUT
200 OK 36 kB URL GET HTTP/2 tm.ads.sportradar.com/dist/tag-manager.js?id=STM-AAAAUT
IP
ASN #20940 Akamai International B.V.
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerLet's Encrypt
Subjecttracker.ads.sportradar.com
Fingerprint2F:44:31:30:BF:6C:CE:CE:AD:55:13:9C:95:C2:98:BB:35:19:22:5B
ValidityThu, 05 Oct 2023 12:16:46 GMT - Wed, 03 Jan 2024 12:16:45 GMT
File type ASCII text, with very long lines (62152)
Hash 1df7453898c8118279fbcc6a199d5236
908c49d36c5857beb9346071c97aa4e214325619
065a85979a620e87d0f598fe8e88dcc630308209a307cf975b9dd3a16a388188
GET /dist/tag-manager.js?id=STM-AAAAUT HTTP/1.1
Host: tm.ads.sportradar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
apigw-requestid: PY6H_ghkDoEEM-w=
vary: Accept-Encoding
content-encoding: gzip
content-length: 36118
date: Sun, 03 Dec 2023 23:34:53 GMT
cache-control: max-age=900, public
x-n: S
X-Firefox-Spdy: h2
mpsnare.iesnare.com/star
0 B IP
Certificate IssuerDigiCert Inc
Subjectmpsnare.iesnare.com
Fingerprint76:12:1D:E6:DA:A3:5F:1E:E7:FC:3D:15:6F:B5:5D:0A:2E:F1:A2:D5
ValidityMon, 01 May 2023 00:00:00 GMT - Wed, 29 May 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /star HTTP/1.1
Host: mpsnare.iesnare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://www.ibet.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: peg/0XI9unmV4x2+pGyD+A==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Server: nginx
Date: Sun, 03 Dec 2023 23:34:53 GMT
Connection: upgrade
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Accept: Kqto5e6TPqyP2RxRE4A6UUXqQ10=
Upgrade: WebSocket
cdn.sanity.io/images/w9lc5y04/production/204f43696505a927f0d8f8d1e89381b2544d018c-292x113.png
200 OK 2.0 kB URL GET HTTP/3 cdn.sanity.io/images/w9lc5y04/production/204f43696505a927f0d8f8d1e89381b2544d018c-292x113.png
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerSectigo Limited
Subject*.sanity.io
FingerprintFB:EF:74:F7:DD:DD:15:CD:83:CC:0E:50:DC:6F:81:65:7C:A3:1C:46
ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT
File type PNG image data, 292 x 113, 8-bit/color RGBA, non-interlaced\012- data
Hash 521e051f55b449a1735091a2b252d770
ca5f26cebe1843935b67a78c111d013006967b08
bdc51c1ea61698aa15ef423a8438cb2dd9e22f133b10e2c1a71369cf5aef8f7f
GET /images/w9lc5y04/production/204f43696505a927f0d8f8d1e89381b2544d018c-292x113.png HTTP/1.1
Host: cdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: image/png
content-length: 1983
x-b3-traceid: c58432528cdf50d763b203d802c9273a
x-b3-parentspanid: 3247365049bfd7ab
x-b3-spanid: cd05ad8bcd2e567d
x-b3-sampled: 0
vary: origin
x-sanity-asset-storage: gcs-default
content-security-policy: script-src 'none'
x-content-type-options: nosniff
last-modified: Thu, 09 Feb 2023 10:31:23 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
date: Sun, 03 Dec 2023 23:34:53 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
xkey: project-w9lc5y04-production
x-varnish-age: 0
accept-ranges: bytes
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.ibet.com/assets/CookiesNotification-d32d680f.js
200 OK 10 kB URL GET HTTP/2 www.ibet.com/assets/CookiesNotification-d32d680f.js
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerAmazon
Subjectibet.com
Fingerprint3B:AD:BE:27:EB:34:85:82:2F:7E:9B:BC:BE:33:AE:64:4D:23:C0:85
ValidityTue, 14 Mar 2023 00:00:00 GMT - Thu, 11 Apr 2024 23:59:59 GMT
File type Java source, ASCII text, with very long lines (5512)
Hash 682f8094d05ef8356869e279435c7891
84d7cd5de14df38e0ba05a469ec0f34f5b60c9d9
af92d311ea9bd199b06a2b85586d787708ec295b18937b574047410603c45218
GET /assets/CookiesNotification-d32d680f.js HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/assets/index-30e5ec17.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 29 Nov 2023 06:40:00 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
date: Sun, 03 Dec 2023 06:48:55 GMT
etag: W/"682f8094d05ef8356869e279435c7891"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 648da69bb4c2221c403be08a06311d98.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: JYlABvprMbBYIPhwVw3hP06iDxqrgh_Xyjdx1KUKBHSJoMCN2cbWFQ==
age: 60827
cache-control: public, max-age=63072000
X-Firefox-Spdy: h2
tracker.ads.sportradar.com/dist/tracker.js
200 OK 6.4 kB URL GET HTTP/2 tracker.ads.sportradar.com/dist/tracker.js
IP
ASN #20940 Akamai International B.V.
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerLet's Encrypt
Subjecttracker.ads.sportradar.com
Fingerprint2F:44:31:30:BF:6C:CE:CE:AD:55:13:9C:95:C2:98:BB:35:19:22:5B
ValidityThu, 05 Oct 2023 12:16:46 GMT - Wed, 03 Jan 2024 12:16:45 GMT
File type ASCII text, with very long lines (25690)
Hash 235331a0761142ae4fd345cdf7c7f9ed
f71a2cb5824a7049b2c86f5658f48e17ff7f588c
063237f5f52863c3f711ef56625653397a5650eca2da3fa375dc181985a1badb
GET /dist/tracker.js HTTP/1.1
Host: tracker.ads.sportradar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 12 Sep 2023 08:33:19 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
etag: "235331a0761142ae4fd345cdf7c7f9ed"
x-amz-cf-pop: AMS58-P6
x-amz-cf-id: VXIh_gCUtucyYHhCg81QlrVxUxdnyy6WQm1or6vbPe3ihHH54ZiQEQ==
vary: Accept-Encoding
content-encoding: gzip
content-length: 6405
date: Sun, 03 Dec 2023 23:34:53 GMT
cache-control: max-age=900, public
X-Firefox-Spdy: h2
cdn.sanity.io/images/w9lc5y04/production/0541486e094af64bc1c7d198c09d281b56f78727-64x64.png
200 OK 1.0 kB URL GET HTTP/3 cdn.sanity.io/images/w9lc5y04/production/0541486e094af64bc1c7d198c09d281b56f78727-64x64.png
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerSectigo Limited
Subject*.sanity.io
FingerprintFB:EF:74:F7:DD:DD:15:CD:83:CC:0E:50:DC:6F:81:65:7C:A3:1C:46
ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash c54b1baea0fee1c28f161b98caca9b6f
73b98cda447fa00944f7922509f1c40435f9a2c3
84ae01ad9032bb57c873dac068aaad998c5b813259b1a0b200cede6061d9044f
GET /images/w9lc5y04/production/0541486e094af64bc1c7d198c09d281b56f78727-64x64.png HTTP/1.1
Host: cdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 1009
x-b3-traceid: 34128887324e3359b5ba108d185b5773
x-b3-parentspanid: a1bc627a707026ff
x-b3-spanid: 1b7080b8d639f484
x-b3-sampled: 0
x-sanity-asset-storage: gcs-default
content-security-policy: script-src 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
xkey: project-w9lc5y04-production
vha6-origin: image-varnish-ssd-7
x-varnish-age: 1946
accept-ranges: bytes
via: 1.1 google
date: Wed, 15 Nov 2023 21:22:10 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
last-modified: Mon, 28 Feb 2022 12:12:47 GMT
content-type: image/png
vary: origin
age: 1563163
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
tracker.ads.sportradar.com/dist//sp-3.8.0.js
200 OK 24 kB URL GET HTTP/2 tracker.ads.sportradar.com/dist//sp-3.8.0.js
IP
ASN #20940 Akamai International B.V.
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerLet's Encrypt
Subjecttracker.ads.sportradar.com
Fingerprint2F:44:31:30:BF:6C:CE:CE:AD:55:13:9C:95:C2:98:BB:35:19:22:5B
ValidityThu, 05 Oct 2023 12:16:46 GMT - Wed, 03 Jan 2024 12:16:45 GMT
File type ASCII text, with very long lines (65378)
Hash 143272dddc33395008a84a86ac9c2e96
8a90a07a66c30b4fa28300001cf97db7baba420e
6361e3a49a38d1fdc74ec96bd29ee1ecd7c30045ccb0e5f361413d65cbf5ef87
GET /dist//sp-3.8.0.js HTTP/1.1
Host: tracker.ads.sportradar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 12 Sep 2023 08:33:18 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
etag: "143272dddc33395008a84a86ac9c2e96"
x-amz-cf-pop: AMS58-P6
x-amz-cf-id: nikS6Wo-aKJF4RdU9KTw9mjPc9Hvzu9Ss9lL9CrciBkjeaCsNT24rw==
vary: Accept-Encoding
content-encoding: gzip
date: Sun, 03 Dec 2023 23:34:53 GMT
content-length: 24162
cache-control: max-age=900, public
X-Firefox-Spdy: h2
cdn.sanity.io/images/w9lc5y04/production/339b04379fecd02a83642bf31b3256bbd645aee3-1050x525.jpg?q=75&auto=format
200 OK 48 kB URL GET HTTP/3 cdn.sanity.io/images/w9lc5y04/production/339b04379fecd02a83642bf31b3256bbd645aee3-1050x525.jpg?q=75&auto=format
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerSectigo Limited
Subject*.sanity.io
FingerprintFB:EF:74:F7:DD:DD:15:CD:83:CC:0E:50:DC:6F:81:65:7C:A3:1C:46
ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1050x525, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1aa56952b33e25b6476c7924608c9c8f
70a2dc7079fdc25c7179a634cf4d46b0d04bd257
b0ad5379dc2281cb4a8991f56a7a4a7c87e0637b63c35dd18d303379b1eb466f
GET /images/w9lc5y04/production/339b04379fecd02a83642bf31b3256bbd645aee3-1050x525.jpg?q=75&auto=format HTTP/1.1
Host: cdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 47806
x-b3-traceid: 97442d60d034ea67b3d1fd78c100c7bd
x-b3-parentspanid: 2fd583ad17d6a2f3
x-b3-spanid: 1321fb27f3011100
x-b3-sampled: 0
x-sanity-asset-storage: gcs-default
content-security-policy: script-src 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
xkey: project-w9lc5y04-production
x-varnish-age: 0
accept-ranges: bytes
via: 1.1 google
date: Thu, 23 Nov 2023 22:50:34 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
last-modified: Fri, 06 Jan 2023 16:47:22 GMT
content-type: image/webp
vary: origin, accept
age: 866659
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cdn.sanity.io/images/w9lc5y04/production/331cd7dc70a89a7ba3e3cecc25dd78867a1a7861-1000x500.jpg?q=75&auto=format
200 OK 40 kB URL GET HTTP/3 cdn.sanity.io/images/w9lc5y04/production/331cd7dc70a89a7ba3e3cecc25dd78867a1a7861-1000x500.jpg?q=75&auto=format
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerSectigo Limited
Subject*.sanity.io
FingerprintFB:EF:74:F7:DD:DD:15:CD:83:CC:0E:50:DC:6F:81:65:7C:A3:1C:46
ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1000x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 534b4166231142a3f3f7cc526dc0d899
fd4d94e2c9c956215a36de7e63a3e57912c97e65
a29af7ab7a2e25b3e79d00a10518b67ba26d66862f8bd1071d7d15ab0ed54e00
GET /images/w9lc5y04/production/331cd7dc70a89a7ba3e3cecc25dd78867a1a7861-1000x500.jpg?q=75&auto=format HTTP/1.1
Host: cdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 40146
x-b3-traceid: 12e6a0388c6c9c97698d699fc9f3ce01
x-b3-parentspanid: f0a7b890d3b6bd94
x-b3-spanid: 69e529b944b2b3f3
x-b3-sampled: 0
x-sanity-asset-storage: gcs-default
content-security-policy: script-src 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
xkey: project-w9lc5y04-production
x-varnish-age: 0
accept-ranges: bytes
via: 1.1 google
date: Fri, 24 Nov 2023 07:40:14 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
last-modified: Mon, 06 Feb 2023 11:44:12 GMT
content-type: image/webp
vary: origin, accept
age: 834879
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cdn.sanity.io/images/w9lc5y04/production/ae4c61489686c9a6dfee3e56408f5e0c975c1808-750x708.jpg?q=75&auto=format
200 OK 64 kB URL GET HTTP/3 cdn.sanity.io/images/w9lc5y04/production/ae4c61489686c9a6dfee3e56408f5e0c975c1808-750x708.jpg?q=75&auto=format
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerSectigo Limited
Subject*.sanity.io
FingerprintFB:EF:74:F7:DD:DD:15:CD:83:CC:0E:50:DC:6F:81:65:7C:A3:1C:46
ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 750x708, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a456c13732f2e73cace1b3f563f0ad91
1e8877cc2ea7ac8d09d2a920558bc12db9e2afee
0c6bcec0f8c19ef4bf3ff20c12b7519b74ef22e4fbf1c7a0250462a9b247d928
GET /images/w9lc5y04/production/ae4c61489686c9a6dfee3e56408f5e0c975c1808-750x708.jpg?q=75&auto=format HTTP/1.1
Host: cdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 64200
x-b3-traceid: 97bd1d4683c69a14380614f9cc97fcbf
x-b3-parentspanid: 92adacdba40010d4
x-b3-spanid: c45cc0f61ff95feb
x-b3-sampled: 0
x-sanity-asset-storage: gcs-default
content-security-policy: script-src 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
xkey: project-w9lc5y04-production
vha6-origin: image-varnish-ssd-1
x-varnish-age: 677
accept-ranges: bytes
via: 1.1 google
date: Thu, 30 Nov 2023 15:43:10 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
last-modified: Thu, 30 Nov 2023 15:41:30 GMT
content-type: image/webp
vary: origin, accept
age: 287503
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cdn.sanity.io/images/w9lc5y04/production/adc1de14adff5ba822aed68b93c941ca1f5ae201-1708x884.jpg?q=75&auto=format
200 OK 148 kB URL GET HTTP/3 cdn.sanity.io/images/w9lc5y04/production/adc1de14adff5ba822aed68b93c941ca1f5ae201-1708x884.jpg?q=75&auto=format
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerSectigo Limited
Subject*.sanity.io
FingerprintFB:EF:74:F7:DD:DD:15:CD:83:CC:0E:50:DC:6F:81:65:7C:A3:1C:46
ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1708x884, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 148 kB (147602 bytes)
Hash 219794110cb8bd45c726ae39af1fe20d
b22d66aad042bc71a2cf30b128ad7e2056b73960
17f68a7e7da7c6910368fb9d66bb11a502db58a687222eb264225e64a9b3b830
GET /images/w9lc5y04/production/adc1de14adff5ba822aed68b93c941ca1f5ae201-1708x884.jpg?q=75&auto=format HTTP/1.1
Host: cdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 147602
x-b3-traceid: faf5233d6edb98ffd011f79ea579ee94
x-b3-parentspanid: 0b60cc3c54a6c9c9
x-b3-spanid: 4a1bf4b19de692eb
x-b3-sampled: 0
x-sanity-asset-storage: gcs-default
content-security-policy: script-src 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
xkey: project-w9lc5y04-production
vha6-origin: image-varnish-ssd-0
x-varnish-age: 748
accept-ranges: bytes
via: 1.1 google
date: Thu, 30 Nov 2023 15:42:20 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
last-modified: Thu, 30 Nov 2023 15:41:15 GMT
content-type: image/webp
vary: origin, accept
age: 287553
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cdn.sanity.io/images/w9lc5y04/production/9764c26b4b3f850db750782a1da7df9f421f0707-750x708.jpg?q=75&auto=format
200 OK 57 kB URL GET HTTP/3 cdn.sanity.io/images/w9lc5y04/production/9764c26b4b3f850db750782a1da7df9f421f0707-750x708.jpg?q=75&auto=format
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerSectigo Limited
Subject*.sanity.io
FingerprintFB:EF:74:F7:DD:DD:15:CD:83:CC:0E:50:DC:6F:81:65:7C:A3:1C:46
ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 750x708, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ccf172f9009825c95bece8357e5373c6
298ed9696e6d747992b55d5f0149124af1a0a52c
0555631352fac627177f7a37ce05909117ee146ea2df623373db7463bf894610
GET /images/w9lc5y04/production/9764c26b4b3f850db750782a1da7df9f421f0707-750x708.jpg?q=75&auto=format HTTP/1.1
Host: cdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 57330
x-b3-traceid: 16093e8c4a05a89f00b4add7a1baa204
x-b3-parentspanid: 142a0d73f60d5d37
x-b3-spanid: a897b8867a9bb03d
x-b3-sampled: 0
x-sanity-asset-storage: gcs-default
content-security-policy: script-src 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
xkey: project-w9lc5y04-production
vha6-origin: image-varnish-ssd-1
x-varnish-age: 21
accept-ranges: bytes
via: 1.1 google
date: Thu, 30 Nov 2023 14:07:42 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
last-modified: Thu, 30 Nov 2023 14:06:35 GMT
content-type: image/webp
vary: origin, accept
age: 293231
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cdn.sanity.io/images/w9lc5y04/production/d74c7dd39d54d5e0a09eeed03af125cbcf0b0af0-750x708.jpg?q=75&auto=format
200 OK 83 kB URL GET HTTP/3 cdn.sanity.io/images/w9lc5y04/production/d74c7dd39d54d5e0a09eeed03af125cbcf0b0af0-750x708.jpg?q=75&auto=format
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerSectigo Limited
Subject*.sanity.io
FingerprintFB:EF:74:F7:DD:DD:15:CD:83:CC:0E:50:DC:6F:81:65:7C:A3:1C:46
ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 750x708, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9044214d79b4809d79e43acb3f158065
af9b3b5dea2822790b1923140598bfd869938d41
bcce1ce87d3d54b2809dcaf901ecce48f6d25dae89ce6826e44cd0d653ddef97
GET /images/w9lc5y04/production/d74c7dd39d54d5e0a09eeed03af125cbcf0b0af0-750x708.jpg?q=75&auto=format HTTP/1.1
Host: cdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 83428
x-b3-traceid: 2b429dbf4fc53d8e0f7891acb876c5ef
x-b3-parentspanid: 2f565d15ec540560
x-b3-spanid: 25e3be2b5e5d2e5d
x-b3-sampled: 0
x-sanity-asset-storage: gcs-default
content-security-policy: script-src 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
xkey: project-w9lc5y04-production
x-varnish-age: 93
accept-ranges: bytes
via: 1.1 google
date: Thu, 30 Nov 2023 15:33:30 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
last-modified: Thu, 30 Nov 2023 15:33:14 GMT
content-type: image/webp
vary: origin, accept
age: 288083
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cdn.sanity.io/images/w9lc5y04/production/b743b34d1958522ba4b21db889dff8309b780081-1708x884.jpg?q=75&auto=format
200 OK 152 kB URL GET HTTP/3 cdn.sanity.io/images/w9lc5y04/production/b743b34d1958522ba4b21db889dff8309b780081-1708x884.jpg?q=75&auto=format
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerSectigo Limited
Subject*.sanity.io
FingerprintFB:EF:74:F7:DD:DD:15:CD:83:CC:0E:50:DC:6F:81:65:7C:A3:1C:46
ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1708x884, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 152 kB (152040 bytes)
Hash 5c86d7ea35b5e6f5a55f7180d2190d9f
f6c767a5d59c5b9df172ec128c6754a2970cf971
6acdffcf12e8a2a3ce8945d74f16ff2e2c343f4fa9e3877de51ed3a1812fde38
GET /images/w9lc5y04/production/b743b34d1958522ba4b21db889dff8309b780081-1708x884.jpg?q=75&auto=format HTTP/1.1
Host: cdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 152040
x-b3-traceid: c6183593ca418151144bdea87e975f6b
x-b3-parentspanid: d290dc9623f7518f
x-b3-spanid: c01b61ea3c2608a6
x-b3-sampled: 0
x-sanity-asset-storage: gcs-default
content-security-policy: script-src 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
xkey: project-w9lc5y04-production
x-varnish-age: 13
accept-ranges: bytes
via: 1.1 google
date: Thu, 30 Nov 2023 14:07:49 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
last-modified: Thu, 30 Nov 2023 14:06:16 GMT
content-type: image/webp
vary: origin, accept
age: 293224
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cdn.sanity.io/images/w9lc5y04/production/6626ea1783ba621920eb6dededa8c7fe4ee7dfca-1000x500.jpg?q=75&auto=format
200 OK 42 kB URL GET HTTP/3 cdn.sanity.io/images/w9lc5y04/production/6626ea1783ba621920eb6dededa8c7fe4ee7dfca-1000x500.jpg?q=75&auto=format
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerSectigo Limited
Subject*.sanity.io
FingerprintFB:EF:74:F7:DD:DD:15:CD:83:CC:0E:50:DC:6F:81:65:7C:A3:1C:46
ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1000x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 552b6be5ff8e452f59f7578fee02bbb6
587680dd11ec6973b433f70cfbf7c83ab197b72d
986c681592b53c84d445d4ae161b29aa12c04baa97703b899909eb86360e2885
GET /images/w9lc5y04/production/6626ea1783ba621920eb6dededa8c7fe4ee7dfca-1000x500.jpg?q=75&auto=format HTTP/1.1
Host: cdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 41708
x-b3-traceid: 68a3858677edbee29e79634221de3d50
x-b3-parentspanid: a2ebe57789105896
x-b3-spanid: 94eaf1d0dd9d9eb7
x-b3-sampled: 0
x-sanity-asset-storage: gcs-default
content-security-policy: script-src 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
xkey: project-w9lc5y04-production
x-varnish-age: 0
accept-ranges: bytes
via: 1.1 google
date: Thu, 23 Nov 2023 10:58:09 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
last-modified: Mon, 06 Feb 2023 11:48:35 GMT
content-type: image/webp
vary: origin, accept
age: 909404
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
api.fouanalytics.com/s/pp.js
200 OK 80 kB URL GET HTTP/2 api.fouanalytics.com/s/pp.js
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerLet's Encrypt
Subjectfouanalytics.com
Fingerprint6A:6F:F4:F8:96:F5:AF:BD:04:DA:3B:26:07:70:F4:17:1F:A7:43:82
ValidityTue, 07 Nov 2023 01:56:38 GMT - Mon, 05 Feb 2024 01:56:37 GMT
File type ASCII text, with very long lines (15322)
Hash 2d891a51ede7a7e3d19465c6554de567
f6f7071c856fe8288ba205f73b930ce06cdda9d2
1d20c481e50170ca79ba8d1e25956a4dd11088bdd7ccd13cdd0b45f96b20c535
GET /s/pp.js HTTP/1.1
Host: api.fouanalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:34:53 GMT
content-type: text/javascript
etag: W/"6564c871-3bdb"
cache-control: max-age=86400
cf-cache-status: HIT
age: 22608
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8oC7ytpZ471mv2Q%2B9eH9c3VL%2Fl4DxjuJKcu2T9XbUB4fJtD1gvPj43OjIqOTaOLd5Tzi0cfSToY9AMqpKQj2OfQmOYu20st2JY%2F0YsDqqUGvOONtkHwLHaWuO6V2REQIwsQNZ0kqRw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff9f7a5e8a6407-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.sanity.io/images/w9lc5y04/production/1b6486db2b76134b2881d14b8bec4b629eb7b5b9-1708x884.jpg?q=75&auto=format
200 OK 185 kB URL GET HTTP/3 cdn.sanity.io/images/w9lc5y04/production/1b6486db2b76134b2881d14b8bec4b629eb7b5b9-1708x884.jpg?q=75&auto=format
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerSectigo Limited
Subject*.sanity.io
FingerprintFB:EF:74:F7:DD:DD:15:CD:83:CC:0E:50:DC:6F:81:65:7C:A3:1C:46
ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1708x884, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 185 kB (184910 bytes)
Hash 246696a01603de298a6c8f4325b17858
14e988776ad26f2a6799283a6d9e530b3decfca7
5fe300eb60b17054f23334d750ffeb0e57fa344d66cf0d89279f473af46accef
GET /images/w9lc5y04/production/1b6486db2b76134b2881d14b8bec4b629eb7b5b9-1708x884.jpg?q=75&auto=format HTTP/1.1
Host: cdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 184910
x-b3-traceid: c0fde551d597b2a85aab658f0449b0b0
x-b3-parentspanid: 71374548a09b239e
x-b3-spanid: 48595fe3f58d1ee
x-b3-sampled: 0
x-sanity-asset-storage: gcs-default
content-security-policy: script-src 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
xkey: project-w9lc5y04-production
x-varnish-age: 37
accept-ranges: bytes
via: 1.1 google
date: Thu, 30 Nov 2023 15:33:51 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
last-modified: Thu, 30 Nov 2023 15:33:03 GMT
content-type: image/webp
vary: origin, accept
age: 288062
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cdn.sanity.io/images/w9lc5y04/production/a528f6b846099a98652feb6a665fd0683432d289-1708x884.jpg?q=75&auto=format
200 OK 172 kB URL GET HTTP/3 cdn.sanity.io/images/w9lc5y04/production/a528f6b846099a98652feb6a665fd0683432d289-1708x884.jpg?q=75&auto=format
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerSectigo Limited
Subject*.sanity.io
FingerprintFB:EF:74:F7:DD:DD:15:CD:83:CC:0E:50:DC:6F:81:65:7C:A3:1C:46
ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1708x884, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 172 kB (172048 bytes)
Hash 2ae621f9cf8a8b5d4a627798fe95dd0f
cf0176377852d472fa883a551841a6026c013d40
d86c9f93bac9790469971e5f92ec072a8fa8321e97d9b01900757b38dc5a7cb9
GET /images/w9lc5y04/production/a528f6b846099a98652feb6a665fd0683432d289-1708x884.jpg?q=75&auto=format HTTP/1.1
Host: cdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 172048
x-b3-traceid: b48f0420749b9690dc1b941956a95042
x-b3-parentspanid: fbbcc667fb84ddad
x-b3-spanid: b35560e85293f8c5
x-b3-sampled: 0
x-sanity-asset-storage: gcs-default
content-security-policy: script-src 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
xkey: project-w9lc5y04-production
vha6-origin: image-varnish-ssd-6
x-varnish-age: 123
accept-ranges: bytes
via: 1.1 google
date: Thu, 30 Nov 2023 15:33:00 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
last-modified: Thu, 30 Nov 2023 15:31:48 GMT
content-type: image/webp
vary: origin, accept
age: 288113
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cdn.sanity.io/images/w9lc5y04/production/29f5cc9b0f3be4684ecbe0c28e68adf4a37b1425-750x708.jpg?q=75&auto=format
200 OK 76 kB URL GET HTTP/3 cdn.sanity.io/images/w9lc5y04/production/29f5cc9b0f3be4684ecbe0c28e68adf4a37b1425-750x708.jpg?q=75&auto=format
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerSectigo Limited
Subject*.sanity.io
FingerprintFB:EF:74:F7:DD:DD:15:CD:83:CC:0E:50:DC:6F:81:65:7C:A3:1C:46
ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 750x708, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 38344a576ce70a33b9996fe7ff4c1da8
bfc48ba9af33d84513dd9142dcf97e645bb54ed1
f6bbe6a21b67b3f21835888f328bafce973ca57cd5a01d895787f1e9321b7c83
GET /images/w9lc5y04/production/29f5cc9b0f3be4684ecbe0c28e68adf4a37b1425-750x708.jpg?q=75&auto=format HTTP/1.1
Host: cdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 76098
x-b3-traceid: dc9565bc5c92865a31bc72c1522c8510
x-b3-parentspanid: 32d24c2e6c1fe5e9
x-b3-spanid: 44b551cbd8e83ca4
x-b3-sampled: 0
x-sanity-asset-storage: gcs-default
content-security-policy: script-src 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
xkey: project-w9lc5y04-production
vha6-origin: image-varnish-ssd-7
x-varnish-age: 200
accept-ranges: bytes
via: 1.1 google
date: Thu, 30 Nov 2023 14:02:53 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
last-modified: Thu, 30 Nov 2023 14:01:55 GMT
content-type: image/webp
vary: origin, accept
age: 293520
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.ibet.com/assets/index-fbfbf194.js
200 OK 218 kB URL GET HTTP/2 www.ibet.com/assets/index-fbfbf194.js
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerAmazon
Subjectibet.com
Fingerprint3B:AD:BE:27:EB:34:85:82:2F:7E:9B:BC:BE:33:AE:64:4D:23:C0:85
ValidityTue, 14 Mar 2023 00:00:00 GMT - Thu, 11 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (51100)
Size 218 kB (218316 bytes)
Hash 53ad023220ef0ac6b81cfdd6b3666243
b422a98c27635ccc402c28fb54702f9860722406
c8fc75f2b360aa79b79333a4351c13303c8beef55348bd26d040cd8725edbd7d
GET /assets/index-fbfbf194.js HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 29 Nov 2023 06:40:01 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
date: Sun, 03 Dec 2023 06:41:01 GMT
etag: W/"53ad023220ef0ac6b81cfdd6b3666243"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 648da69bb4c2221c403be08a06311d98.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: DPg5opTQ0kIcYNySTon54IMpiRJBZUiXX37HVudYjaGsmjmp347gAQ==
age: 60832
cache-control: public, max-age=63072000
X-Firefox-Spdy: h2
www.ibet.com/assets/red-arrow-icon-12f65a39.svg
200 OK 211 B URL GET HTTP/2 www.ibet.com/assets/red-arrow-icon-12f65a39.svg
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerAmazon
Subjectibet.com
Fingerprint3B:AD:BE:27:EB:34:85:82:2F:7E:9B:BC:BE:33:AE:64:4D:23:C0:85
ValidityTue, 14 Mar 2023 00:00:00 GMT - Thu, 11 Apr 2024 23:59:59 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 6e6ced8ea34274f7493b4b58b951f9e1
bd975570f829526ab8fb770af5932504166abaea
12f65a396e79c4a782411e4c89709d983607e157ba7e0198f50a9b1d2fa4699d
GET /assets/red-arrow-icon-12f65a39.svg HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Cookie: _gcl_au=1.1.1324385100.1701646499; _ga_E0JKRGC2KE=GS1.1.1701646499.1.0.1701646499.0.0.0; _ga=GA1.1.292610295.1701646499
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 211
last-modified: Wed, 29 Nov 2023 06:40:01 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Sun, 03 Dec 2023 11:01:17 GMT
etag: "6e6ced8ea34274f7493b4b58b951f9e1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 648da69bb4c2221c403be08a06311d98.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: X01Jg9PEDauHtDTWcAhkygcGsWSUAGet5XePJn1iv9EaLj5tTIax-Q==
age: 45229
cache-control: public, max-age=63072000
X-Firefox-Spdy: h2
www.ibet.com/assets/AppRoutes-8f87b6d0.js
200 OK 524 kB URL GET HTTP/2 www.ibet.com/assets/AppRoutes-8f87b6d0.js
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerAmazon
Subjectibet.com
Fingerprint3B:AD:BE:27:EB:34:85:82:2F:7E:9B:BC:BE:33:AE:64:4D:23:C0:85
ValidityTue, 14 Mar 2023 00:00:00 GMT - Thu, 11 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (15074)
Size 524 kB (524086 bytes)
Hash e9efe364c26a34d796ccff1ab357c9fd
30a09f20c8eb8cccb02b59b53589c3f01399abc6
fb64869aa59685d29d36b075c2988d9b54fc9634cb9b6793e69bd6ebac72bf9e
GET /assets/AppRoutes-8f87b6d0.js HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 29 Nov 2023 06:40:00 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
date: Sun, 03 Dec 2023 06:48:55 GMT
etag: W/"e9efe364c26a34d796ccff1ab357c9fd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 648da69bb4c2221c403be08a06311d98.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: vff0jYV_CzpB6We4PAMA0-ekVaP4HEYF8nOQ5ZRIPPEwW9XOYFeG4g==
age: 60827
cache-control: public, max-age=63072000
X-Firefox-Spdy: h2
www.ibet.com/assets/red-bg-mob-11275b36.png
200 OK 335 kB URL GET HTTP/2 www.ibet.com/assets/red-bg-mob-11275b36.png
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerAmazon
Subjectibet.com
Fingerprint3B:AD:BE:27:EB:34:85:82:2F:7E:9B:BC:BE:33:AE:64:4D:23:C0:85
ValidityTue, 14 Mar 2023 00:00:00 GMT - Thu, 11 Apr 2024 23:59:59 GMT
File type JPEG image data, baseline, precision 8, 1060x1186, components 3\012- data
Size 335 kB (335236 bytes)
Hash b4fab880fcb4f77672ea9137447fb844
2253421b22961954592a9b8502ce811e5b66d0f2
11275b361a1372299e54affce15080d5ae42e29982638bc0028e7424a2e13b74
GET /assets/red-bg-mob-11275b36.png HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Cookie: _gcl_au=1.1.1324385100.1701646499; _ga_E0JKRGC2KE=GS1.1.1701646499.1.0.1701646499.0.0.0; _ga=GA1.1.292610295.1701646499
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 335236
last-modified: Wed, 29 Nov 2023 06:40:01 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Sun, 03 Dec 2023 06:48:57 GMT
etag: "b4fab880fcb4f77672ea9137447fb844"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 648da69bb4c2221c403be08a06311d98.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: b8SLwqzrQRIdGKcxhjZhoisvVrX9C3gku-IwHWcv0oOllDfvQyZcXw==
age: 60448
cache-control: public, max-age=63072000
X-Firefox-Spdy: h2
www.ibet.com/assets/arrow-icon-98999300.svg
200 OK 224 B URL GET HTTP/2 www.ibet.com/assets/arrow-icon-98999300.svg
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerAmazon
Subjectibet.com
Fingerprint3B:AD:BE:27:EB:34:85:82:2F:7E:9B:BC:BE:33:AE:64:4D:23:C0:85
ValidityTue, 14 Mar 2023 00:00:00 GMT - Thu, 11 Apr 2024 23:59:59 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 6fc363a8879cd29635e49f9c88e4b688
9909fc3d18310518614d6443a323306a73d55688
98999300be9d6fdd47c0db074e8e7e966c6ded407184cc6d8369d156ef00ae3a
GET /assets/arrow-icon-98999300.svg HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Cookie: _gcl_au=1.1.1324385100.1701646499; _ga_E0JKRGC2KE=GS1.1.1701646499.1.0.1701646499.0.0.0; _ga=GA1.1.292610295.1701646499
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 224
last-modified: Wed, 29 Nov 2023 06:40:00 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Sun, 03 Dec 2023 11:01:17 GMT
etag: "6fc363a8879cd29635e49f9c88e4b688"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 648da69bb4c2221c403be08a06311d98.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: tPwom7QOrYtjy-fY5YorY1JXJn8BKxdaOnY3M6-3gC4KmIEPhYsZgQ==
age: 45229
cache-control: public, max-age=63072000
X-Firefox-Spdy: h2
www.ibet.com/assets/red-bg-desktop-da827fb1.png
200 OK 1.9 MB URL GET HTTP/2 www.ibet.com/assets/red-bg-desktop-da827fb1.png
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerAmazon
Subjectibet.com
Fingerprint3B:AD:BE:27:EB:34:85:82:2F:7E:9B:BC:BE:33:AE:64:4D:23:C0:85
ValidityTue, 14 Mar 2023 00:00:00 GMT - Thu, 11 Apr 2024 23:59:59 GMT
File type PNG image data, 2880 x 1100, 8-bit/color RGBA, non-interlaced\012- data
Size 1.9 MB (1865669 bytes)
Hash 87239eec12f918ba6c8b112e743f7c1b
89e69d386e949092caef144f7d864bc7e73c341a
da827fb13a7defb7ae8677cdfebdb92a2cdfd5735dc5ace7cff18e29c1735ff5
GET /assets/red-bg-desktop-da827fb1.png HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Cookie: _gcl_au=1.1.1324385100.1701646499; _ga_E0JKRGC2KE=GS1.1.1701646499.1.0.1701646499.0.0.0; _ga=GA1.1.292610295.1701646499
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1865669
last-modified: Wed, 29 Nov 2023 06:40:01 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Sun, 03 Dec 2023 11:01:17 GMT
etag: "87239eec12f918ba6c8b112e743f7c1b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 648da69bb4c2221c403be08a06311d98.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: 6vHRSuT-lta07Q3mBr6-axW0q9MG3t5fm9DY3ausm_ir3j02HM76zQ==
age: 45229
cache-control: public, max-age=63072000
X-Firefox-Spdy: h2
cdn.sanity.io/images/w9lc5y04/production/95a1e6d5e0967886358d18b94d0fe2a06bfc266c-232x417.jpg?q=75&auto=format
200 OK 9.3 kB URL GET HTTP/3 cdn.sanity.io/images/w9lc5y04/production/95a1e6d5e0967886358d18b94d0fe2a06bfc266c-232x417.jpg?q=75&auto=format
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerSectigo Limited
Subject*.sanity.io
FingerprintFB:EF:74:F7:DD:DD:15:CD:83:CC:0E:50:DC:6F:81:65:7C:A3:1C:46
ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 232x417, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b924ecd30b52e1e60987d510fd3cb905
c5f9378e4ee9b08de8e6da81108b40ad094cecd6
4ee2a839fcfc5d60735abad4c69768c3c07491731c39163a880e590ebe8dbc7a
GET /images/w9lc5y04/production/95a1e6d5e0967886358d18b94d0fe2a06bfc266c-232x417.jpg?q=75&auto=format HTTP/1.1
Host: cdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 9276
x-b3-traceid: 2349706cbc0a7793ec0e6cd6e1eb387a
x-b3-parentspanid: 51c19fd1d3bfac3f
x-b3-spanid: 2a29686fe316396d
x-b3-sampled: 0
x-sanity-asset-storage: gcs-default
content-security-policy: script-src 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
xkey: project-w9lc5y04-production
x-varnish-age: 18420
accept-ranges: bytes
via: 1.1 google
date: Thu, 23 Nov 2023 16:06:38 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
age: 890896
last-modified: Wed, 01 Feb 2023 15:02:39 GMT
content-type: image/webp
vary: origin, accept
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.ibet.com/assets/online-casino-84d39742.svg
200 OK 9.3 kB URL GET HTTP/2 www.ibet.com/assets/online-casino-84d39742.svg
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerAmazon
Subjectibet.com
Fingerprint3B:AD:BE:27:EB:34:85:82:2F:7E:9B:BC:BE:33:AE:64:4D:23:C0:85
ValidityTue, 14 Mar 2023 00:00:00 GMT - Thu, 11 Apr 2024 23:59:59 GMT
File type gzip compressed data, from Unix\012- data
Hash 258a4d1d8a44bcc6611efc84834bae10
e19e9bea2e182d766d9397a3dee90cdffc93ea0e
08e6df1b0d6ea2102e6f2b6ce221435555031079c9bca1a452aac69185361b28
GET /assets/online-casino-84d39742.svg HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Cookie: _gcl_au=1.1.1324385100.1701646499; _ga_E0JKRGC2KE=GS1.1.1701646499.1.0.1701646499.0.0.0; _ga=GA1.1.292610295.1701646499
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Wed, 29 Nov 2023 06:40:01 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Sun, 03 Dec 2023 09:22:01 GMT
etag: W/"09f50f31ee12cbbf106822919d865a1a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 648da69bb4c2221c403be08a06311d98.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: o6vFCazlmbpwsIZSCx7i__f-j2rFbwNcQAFoYZwS4bl7FmkyFPn7LQ==
age: 60784
cache-control: public, max-age=63072000
X-Firefox-Spdy: h2
www.ibet.com/assets/money-comes-f69b01fb.svg
200 OK 9.4 kB URL GET HTTP/2 www.ibet.com/assets/money-comes-f69b01fb.svg
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerAmazon
Subjectibet.com
Fingerprint3B:AD:BE:27:EB:34:85:82:2F:7E:9B:BC:BE:33:AE:64:4D:23:C0:85
ValidityTue, 14 Mar 2023 00:00:00 GMT - Thu, 11 Apr 2024 23:59:59 GMT
File type gzip compressed data, from Unix\012- data
Hash 9f0c6c91da2de47991c77731e1d48d6a
ee2cefd95d988b1736536c0e70f3b51156b78d2d
ad31be070d06dd60991db5abb46f67d9c15bd0b5e5f91ba2198f43901e5a213a
GET /assets/money-comes-f69b01fb.svg HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Cookie: _gcl_au=1.1.1324385100.1701646499; _ga_E0JKRGC2KE=GS1.1.1701646499.1.0.1701646499.0.0.0; _ga=GA1.1.292610295.1701646499
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Wed, 29 Nov 2023 06:40:01 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Sun, 03 Dec 2023 09:22:01 GMT
etag: W/"789ceb0c85dafd8d24f2b66daf6057ba"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 648da69bb4c2221c403be08a06311d98.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: rxn6nn0BYy0fBLokDRMKdNkj0Q8sXF7jwyZRqyw29qyBxfV9IW8FsQ==
age: 60135
cache-control: public, max-age=63072000
X-Firefox-Spdy: h2
cdn.sanity.io/images/w9lc5y04/production/5689655205501f01021396c790a3c8250ead70ad-232x417.jpg?q=75&auto=format
200 OK 14 kB URL GET HTTP/3 cdn.sanity.io/images/w9lc5y04/production/5689655205501f01021396c790a3c8250ead70ad-232x417.jpg?q=75&auto=format
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerSectigo Limited
Subject*.sanity.io
FingerprintFB:EF:74:F7:DD:DD:15:CD:83:CC:0E:50:DC:6F:81:65:7C:A3:1C:46
ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 232x417, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c0cccaeddf376fc0b7e090a5666e3bef
3fbeaee41329a0d6ea91036abacd83769308d540
2443ac2b2bdb18ce1992b25af8528beaff362f49236db74f59e4e269a1c60a2f
GET /images/w9lc5y04/production/5689655205501f01021396c790a3c8250ead70ad-232x417.jpg?q=75&auto=format HTTP/1.1
Host: cdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 13938
x-b3-traceid: 3e8f3948f2d84226deb850df8bcd2e55
x-b3-parentspanid: 264d582a658b71bd
x-b3-spanid: fda4b32a96b4cc2c
x-b3-sampled: 0
x-sanity-asset-storage: gcs-default
content-security-policy: script-src 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
xkey: project-w9lc5y04-production
vha6-origin: image-varnish-ssd-7
x-varnish-age: 4424
accept-ranges: bytes
via: 1.1 google
date: Thu, 16 Nov 2023 06:24:12 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
last-modified: Wed, 01 Feb 2023 15:00:22 GMT
content-type: image/webp
vary: origin, accept
age: 1530642
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cdn.sanity.io/images/w9lc5y04/production/70b612b84199e3a1a2d8f79bc9ea6d437819878a-360x648.jpg?q=75&auto=format
200 OK 19 kB URL GET HTTP/3 cdn.sanity.io/images/w9lc5y04/production/70b612b84199e3a1a2d8f79bc9ea6d437819878a-360x648.jpg?q=75&auto=format
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerSectigo Limited
Subject*.sanity.io
FingerprintFB:EF:74:F7:DD:DD:15:CD:83:CC:0E:50:DC:6F:81:65:7C:A3:1C:46
ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 360x648, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a86d01dfa52919cf06dce7ea800f780b
6a7c96d0a2a2e51f917dfea824f3e6eabc8a8f36
2cc14e7d6ea6180f360f24ddc7643f5d72dbf788a23d1b50e1b8ad6977a1c397
GET /images/w9lc5y04/production/70b612b84199e3a1a2d8f79bc9ea6d437819878a-360x648.jpg?q=75&auto=format HTTP/1.1
Host: cdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 18774
x-b3-traceid: 47077938da464f73c3f4bcc846256774
x-b3-parentspanid: 1271c8d341300266
x-b3-spanid: 6a07e4e78cfccb3c
x-b3-sampled: 0
x-sanity-asset-storage: gcs-default
content-security-policy: script-src 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
xkey: project-w9lc5y04-production
vha6-origin: image-varnish-ssd-6
x-varnish-age: 6798
accept-ranges: bytes
via: 1.1 google
date: Thu, 23 Nov 2023 05:24:07 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
last-modified: Mon, 19 Apr 2021 11:35:37 GMT
content-type: image/webp
vary: origin, accept
age: 929447
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.ibet.com/assets/ExpandMore-fd96bb78.js
200 OK 11 kB URL GET HTTP/2 www.ibet.com/assets/ExpandMore-fd96bb78.js
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerAmazon
Subjectibet.com
Fingerprint3B:AD:BE:27:EB:34:85:82:2F:7E:9B:BC:BE:33:AE:64:4D:23:C0:85
ValidityTue, 14 Mar 2023 00:00:00 GMT - Thu, 11 Apr 2024 23:59:59 GMT
File type Java source, ASCII text, with very long lines (3073)
Hash f02c011429b6e2c319a3b961c5f7a4cb
b745839dd46f459eb43b7fa7f3b730f440faf1a4
5d685941c134053c5f23ee341a34d77924f88ad1e5d2bb4cd3b05378caf672f3
GET /assets/ExpandMore-fd96bb78.js HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 29 Nov 2023 06:40:00 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
date: Sun, 03 Dec 2023 04:01:12 GMT
etag: W/"f02c011429b6e2c319a3b961c5f7a4cb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 648da69bb4c2221c403be08a06311d98.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: Udla679Btf5atOyin6N9SJDX-pTL9nrS0-SeKbZUvboh_0YEyb3IPA==
age: 71084
cache-control: public, max-age=63072000
X-Firefox-Spdy: h2
cdn.sanity.io/images/w9lc5y04/production/81f04e031060924be40583da47dcfa14a0053926-360x648.jpg?q=75&auto=format
200 OK 41 kB URL GET HTTP/3 cdn.sanity.io/images/w9lc5y04/production/81f04e031060924be40583da47dcfa14a0053926-360x648.jpg?q=75&auto=format
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerSectigo Limited
Subject*.sanity.io
FingerprintFB:EF:74:F7:DD:DD:15:CD:83:CC:0E:50:DC:6F:81:65:7C:A3:1C:46
ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 360x648, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ce772c526344a9c2377c71f572f694ae
2411fa3cf5cd2c82212c1a6eee6fa387887dae96
ff6263633a379fc5f036f2c5ff5a218ae667996532b031728a81388d27207dbb
GET /images/w9lc5y04/production/81f04e031060924be40583da47dcfa14a0053926-360x648.jpg?q=75&auto=format HTTP/1.1
Host: cdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 41420
x-b3-traceid: 9bf61efae7b685af9430c7161e2cf379
x-b3-parentspanid: 9b535f139a832080
x-b3-spanid: 5eb54b69aef0234a
x-b3-sampled: 0
x-sanity-asset-storage: gcs-default
content-security-policy: script-src 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
xkey: project-w9lc5y04-production
vha6-origin: image-varnish-ssd-0
x-varnish-age: 15559
accept-ranges: bytes
via: 1.1 google
date: Fri, 24 Nov 2023 10:37:50 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
last-modified: Thu, 15 Jul 2021 14:58:45 GMT
content-type: image/webp
vary: origin, accept
age: 824224
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cdn.sanity.io/images/w9lc5y04/production/5f95a9fe7f37f38815cbff4133bc421a499cd27e-232x417.jpg?q=75&auto=format
200 OK 10 kB URL GET HTTP/3 cdn.sanity.io/images/w9lc5y04/production/5f95a9fe7f37f38815cbff4133bc421a499cd27e-232x417.jpg?q=75&auto=format
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerSectigo Limited
Subject*.sanity.io
FingerprintFB:EF:74:F7:DD:DD:15:CD:83:CC:0E:50:DC:6F:81:65:7C:A3:1C:46
ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 232x417, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0b0504e7dc961ba3c047522ce89db0ee
b8a910ff1679ef74c95ecd43b60a50cad831a1eb
211758f9c89c600be13c1338e2221f1badaff3db796e787864dfe8a3d9338bdd
GET /images/w9lc5y04/production/5f95a9fe7f37f38815cbff4133bc421a499cd27e-232x417.jpg?q=75&auto=format HTTP/1.1
Host: cdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 10208
x-b3-traceid: df9b43601a1fed1cc72216ee734edbc5
x-b3-parentspanid: 4c1ad700c9f0522f
x-b3-spanid: 206137ef63d4e3aa
x-b3-sampled: 0
x-sanity-asset-storage: gcs-default
content-security-policy: script-src 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
xkey: project-w9lc5y04-production
vha6-origin: image-varnish-ssd-3
x-varnish-age: 4651
accept-ranges: bytes
via: 1.1 google
date: Mon, 27 Nov 2023 09:43:25 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
last-modified: Wed, 01 Feb 2023 15:03:36 GMT
content-type: image/webp
vary: origin, accept
age: 568289
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cdn.sanity.io/images/w9lc5y04/production/05f3be9b8b821eca62bb5341bf8c8b762dd843f0-360x648.jpg?q=75&auto=format
200 OK 41 kB URL GET HTTP/3 cdn.sanity.io/images/w9lc5y04/production/05f3be9b8b821eca62bb5341bf8c8b762dd843f0-360x648.jpg?q=75&auto=format
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerSectigo Limited
Subject*.sanity.io
FingerprintFB:EF:74:F7:DD:DD:15:CD:83:CC:0E:50:DC:6F:81:65:7C:A3:1C:46
ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 360x648, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash de501ba222aa04546eca2f3c021f65f7
8167cd475969cf95d5d6621c52d462054924441f
45ca3e04f79c73df61e92f0ead8528a5c8911b4762bbaf73f0c3a1c140f67228
GET /images/w9lc5y04/production/05f3be9b8b821eca62bb5341bf8c8b762dd843f0-360x648.jpg?q=75&auto=format HTTP/1.1
Host: cdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 40940
x-b3-traceid: 99189bba3ae369439c151171217c3350
x-b3-parentspanid: bf0b835ef0b96e2f
x-b3-spanid: 2321df15f1a1e79
x-b3-sampled: 0
x-sanity-asset-storage: gcs-default
content-security-policy: script-src 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
xkey: project-w9lc5y04-production
vha6-origin: image-varnish-ssd-1
x-varnish-age: 27252
accept-ranges: bytes
via: 1.1 google
date: Mon, 27 Nov 2023 02:23:45 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
age: 594669
last-modified: Wed, 28 Apr 2021 09:47:38 GMT
content-type: image/webp
vary: origin, accept
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cdn.sanity.io/images/w9lc5y04/production/e808a44221aa7cded37fc471bb9f73507dda287b-232x417.jpg?q=75&auto=format
200 OK 9.1 kB URL GET HTTP/3 cdn.sanity.io/images/w9lc5y04/production/e808a44221aa7cded37fc471bb9f73507dda287b-232x417.jpg?q=75&auto=format
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerSectigo Limited
Subject*.sanity.io
FingerprintFB:EF:74:F7:DD:DD:15:CD:83:CC:0E:50:DC:6F:81:65:7C:A3:1C:46
ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 232x417, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e7926010e3c629ec15afb7119c4d60b2
e36e00f1191eb8ea8517547a6257a958ec14a633
1bd08aca1a412128c241fa74b469690e1bf512ae638a346cc126ca9273b49947
GET /images/w9lc5y04/production/e808a44221aa7cded37fc471bb9f73507dda287b-232x417.jpg?q=75&auto=format HTTP/1.1
Host: cdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 9050
x-b3-traceid: b14edadb9f393d86550832156e5f42d9
x-b3-parentspanid: e44f3d4780b5186f
x-b3-spanid: de9d7906cbc19abe
x-b3-sampled: 0
x-sanity-asset-storage: gcs-default
content-security-policy: script-src 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
xkey: project-w9lc5y04-production
vha6-origin: image-varnish-ssd-1
x-varnish-age: 4424
accept-ranges: bytes
via: 1.1 google
date: Thu, 16 Nov 2023 06:24:12 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
last-modified: Wed, 01 Feb 2023 15:01:28 GMT
content-type: image/webp
vary: origin, accept
age: 1530642
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ocsp.entrust.net/
1.6 kB IP
Hash cd48101e4a98ff2f6951c22f8811bbdd
aab16d9bbbd6a96da5f492706b51a00cad0fc280
91925063cfe627cbc798419a51db712242f09ecfae84ac8b501a55ba39600f03
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "91925063CFE627CBC798419A51DB712242F09ECFAE84AC8B501A55BA39600F03"
Last-Modified: Sun, 03 Dec 2023 19:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3494
Expires: Mon, 04 Dec 2023 00:33:08 GMT
Date: Sun, 03 Dec 2023 23:34:54 GMT
Connection: keep-alive
cdn.sanity.io/images/w9lc5y04/production/d19a7dc9350607f7243dc4d2f9a68ae9500459da-360x648.jpg?q=75&auto=format
200 OK 16 kB URL GET HTTP/3 cdn.sanity.io/images/w9lc5y04/production/d19a7dc9350607f7243dc4d2f9a68ae9500459da-360x648.jpg?q=75&auto=format
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerSectigo Limited
Subject*.sanity.io
FingerprintFB:EF:74:F7:DD:DD:15:CD:83:CC:0E:50:DC:6F:81:65:7C:A3:1C:46
ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 360x648, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f868db2d91641d1143fed18e52abd99c
6131d1e5fa8cd69454cfed34c94ef93bfcd7b38b
a32367b64281d83e0d6b530893cccbc6db03b01b8b8010bfb486d6dce14cff9b
GET /images/w9lc5y04/production/d19a7dc9350607f7243dc4d2f9a68ae9500459da-360x648.jpg?q=75&auto=format HTTP/1.1
Host: cdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 15844
x-b3-traceid: ce726aaad6930d45e1c817d9abe7d84c
x-b3-parentspanid: e76bba86c5d43bd8
x-b3-spanid: ef7c778bae094ede
x-b3-sampled: 0
x-sanity-asset-storage: gcs-default
content-security-policy: script-src 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
xkey: project-w9lc5y04-production
vha6-origin: image-varnish-ssd-4
x-varnish-age: 2031
accept-ranges: bytes
via: 1.1 google
date: Thu, 23 Nov 2023 20:46:54 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
last-modified: Mon, 14 Jun 2021 08:12:50 GMT
content-type: image/webp
vary: origin, accept
age: 874080
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cdn.sanity.io/images/w9lc5y04/production/f3900eec9c0d90796d9f16c8428ab29cef457771-360x648.jpg?q=75&auto=format
200 OK 14 kB URL GET HTTP/3 cdn.sanity.io/images/w9lc5y04/production/f3900eec9c0d90796d9f16c8428ab29cef457771-360x648.jpg?q=75&auto=format
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerSectigo Limited
Subject*.sanity.io
FingerprintFB:EF:74:F7:DD:DD:15:CD:83:CC:0E:50:DC:6F:81:65:7C:A3:1C:46
ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 360x648, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2c25ecb823cb69b57cb9ccd179a20a21
fd0d855db12496a1d46e6c276e013553ed2b8132
da1c542375ad9ff20664cd94f719f5bcc83996e7ba2c42ea8662ce8fd227ad92
GET /images/w9lc5y04/production/f3900eec9c0d90796d9f16c8428ab29cef457771-360x648.jpg?q=75&auto=format HTTP/1.1
Host: cdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 13866
x-b3-traceid: 3b173ffeeda5a722693283a0408a259e
x-b3-parentspanid: 3a131bd5fdfea729
x-b3-spanid: c1a61b37f2243d81
x-b3-sampled: 0
x-sanity-asset-storage: gcs-default
content-security-policy: script-src 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
xkey: project-w9lc5y04-production
x-varnish-age: 22893
accept-ranges: bytes
via: 1.1 google
date: Fri, 24 Nov 2023 16:47:23 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
last-modified: Tue, 01 Feb 2022 14:59:41 GMT
content-type: image/webp
vary: origin, accept
age: 802051
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.ibet.com/assets/react-router-dom-c8c3742c.js
200 OK 8.6 kB URL GET HTTP/2 www.ibet.com/assets/react-router-dom-c8c3742c.js
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerAmazon
Subjectibet.com
Fingerprint3B:AD:BE:27:EB:34:85:82:2F:7E:9B:BC:BE:33:AE:64:4D:23:C0:85
ValidityTue, 14 Mar 2023 00:00:00 GMT - Thu, 11 Apr 2024 23:59:59 GMT
File type Java source, ASCII text, with very long lines (2204)
Hash bbecc5cde5aa37e9a7d9d57707913c8d
8a49d9de8e3c26100e7c7f1669a6e77505b96846
2aa336a7d90b79495d2e04e09eb932415719c49e024c6653eba62b8b78ea2b53
GET /assets/react-router-dom-c8c3742c.js HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 29 Nov 2023 06:40:01 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
date: Sun, 03 Dec 2023 04:01:12 GMT
etag: W/"bbecc5cde5aa37e9a7d9d57707913c8d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 648da69bb4c2221c403be08a06311d98.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: m0qDeB0ZwPZM4c4HoyvjvjfW-QRixbzbW2nnN5imyzV31nk-5gLQNA==
age: 71084
cache-control: public, max-age=63072000
X-Firefox-Spdy: h2
cdn.sanity.io/images/w9lc5y04/production/deb746cfa80896c61d0fdcfbb43d41f49c0ab7a7-360x648.jpg?q=75&auto=format
200 OK 25 kB URL GET HTTP/3 cdn.sanity.io/images/w9lc5y04/production/deb746cfa80896c61d0fdcfbb43d41f49c0ab7a7-360x648.jpg?q=75&auto=format
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerSectigo Limited
Subject*.sanity.io
FingerprintFB:EF:74:F7:DD:DD:15:CD:83:CC:0E:50:DC:6F:81:65:7C:A3:1C:46
ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 360x648, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b0774e382ff23133be83f0f684278a3e
4c97f4831042065e7a0e3f8a23a8ee646a60c1b4
301af9da4b537c5e4b3e28dc415de4bce0d344f937c404b380afa78f769fdfe9
GET /images/w9lc5y04/production/deb746cfa80896c61d0fdcfbb43d41f49c0ab7a7-360x648.jpg?q=75&auto=format HTTP/1.1
Host: cdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 24990
x-b3-traceid: ad40429127f9958ce711405478c26f87
x-b3-parentspanid: 1fe1a275cb431a69
x-b3-spanid: 65e17f97d318562c
x-b3-sampled: 0
x-sanity-asset-storage: gcs-default
content-security-policy: script-src 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
xkey: project-w9lc5y04-production
vha6-origin: image-varnish-ssd-8
x-varnish-age: 2509
accept-ranges: bytes
via: 1.1 google
date: Thu, 16 Nov 2023 06:56:07 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
last-modified: Tue, 08 Aug 2023 07:31:12 GMT
content-type: image/webp
vary: origin, accept
age: 1528727
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cdn.sanity.io/images/w9lc5y04/production/38e7b4ba6f9d8d8e5a68e30c46cc29e69e2d7c68-232x417.jpg?q=75&auto=format
200 OK 12 kB URL GET HTTP/3 cdn.sanity.io/images/w9lc5y04/production/38e7b4ba6f9d8d8e5a68e30c46cc29e69e2d7c68-232x417.jpg?q=75&auto=format
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerSectigo Limited
Subject*.sanity.io
FingerprintFB:EF:74:F7:DD:DD:15:CD:83:CC:0E:50:DC:6F:81:65:7C:A3:1C:46
ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 232x417, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6f35734e0cb37f959f512f6d79035ce0
d7abdcd2aa5e06742646781184a5d3212667dc21
e4c71b868c1fcde4b0c2e7d868f41c07b3fe1a7582c23dc078de0a404a7b095b
GET /images/w9lc5y04/production/38e7b4ba6f9d8d8e5a68e30c46cc29e69e2d7c68-232x417.jpg?q=75&auto=format HTTP/1.1
Host: cdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 11756
x-b3-traceid: 25b502f2c97300348b8adde0788771d0
x-b3-parentspanid: 8aec4de8d0141d66
x-b3-spanid: eae1f215f0c06568
x-b3-sampled: 0
x-sanity-asset-storage: gcs-default
content-security-policy: script-src 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
xkey: project-w9lc5y04-production
vha6-origin: image-varnish-ssd-0
x-varnish-age: 6228
accept-ranges: bytes
via: 1.1 google
date: Mon, 27 Nov 2023 09:22:43 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
last-modified: Wed, 01 Feb 2023 15:04:15 GMT
content-type: image/webp
vary: origin, accept
age: 569531
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cdn.sanity.io/images/w9lc5y04/production/e6d559f4a3575ca37527ee83e5f69b20c5d93cc9-360x648.jpg?q=75&auto=format
200 OK 21 kB URL GET HTTP/3 cdn.sanity.io/images/w9lc5y04/production/e6d559f4a3575ca37527ee83e5f69b20c5d93cc9-360x648.jpg?q=75&auto=format
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerSectigo Limited
Subject*.sanity.io
FingerprintFB:EF:74:F7:DD:DD:15:CD:83:CC:0E:50:DC:6F:81:65:7C:A3:1C:46
ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 360x648, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4b5eb8c93e4ce5a10e8d58c57ffce5d8
499bd6cecd2f76f39b4daacc990b902dcd027dfb
c76bf6fc1d8b3e0c3e26ac4e52a70c025cfd02c86a60ce2152ac0dcfd694fa9d
GET /images/w9lc5y04/production/e6d559f4a3575ca37527ee83e5f69b20c5d93cc9-360x648.jpg?q=75&auto=format HTTP/1.1
Host: cdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 21014
x-b3-traceid: 6196a244959f627bda5e3e5a6a952089
x-b3-parentspanid: 48cf3f41d3626070
x-b3-spanid: 9b8aa17f2725662a
x-b3-sampled: 0
x-sanity-asset-storage: gcs-default
content-security-policy: script-src 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
xkey: project-w9lc5y04-production
vha6-origin: image-varnish-ssd-1
x-varnish-age: 15461
accept-ranges: bytes
via: 1.1 google
date: Thu, 23 Nov 2023 06:40:23 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
last-modified: Mon, 20 Nov 2023 11:22:05 GMT
content-type: image/webp
vary: origin, accept
age: 924871
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cdn.sanity.io/images/w9lc5y04/production/961e1842d2f96a0be1b54eb8fd1bb051f15127b2-232x417.jpg?q=75&auto=format
200 OK 7.7 kB URL GET HTTP/3 cdn.sanity.io/images/w9lc5y04/production/961e1842d2f96a0be1b54eb8fd1bb051f15127b2-232x417.jpg?q=75&auto=format
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerSectigo Limited
Subject*.sanity.io
FingerprintFB:EF:74:F7:DD:DD:15:CD:83:CC:0E:50:DC:6F:81:65:7C:A3:1C:46
ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 232x417, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 445152a01d772acb20c24e9d394aa652
aae611c23ae05185d440dee1df394d8b88c72c8d
07f9f8268b8c7e88c10280201f6ef14f7f0847cdf8c332a88834e4a3358c2f76
GET /images/w9lc5y04/production/961e1842d2f96a0be1b54eb8fd1bb051f15127b2-232x417.jpg?q=75&auto=format HTTP/1.1
Host: cdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 7720
x-b3-traceid: 444fefb399968f17cd5b4922d24986fc
x-b3-parentspanid: c789d22f0658318f
x-b3-spanid: 178a4ff821ce6e7f
x-b3-sampled: 0
x-sanity-asset-storage: gcs-default
content-security-policy: script-src 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
xkey: project-w9lc5y04-production
x-varnish-age: 0
accept-ranges: bytes
via: 1.1 google
date: Mon, 20 Nov 2023 16:01:17 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
last-modified: Wed, 01 Feb 2023 15:01:45 GMT
content-type: image/webp
vary: origin, accept
age: 1150417
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cdn.sanity.io/images/w9lc5y04/production/f05767589069324ae9d7a955076f130747a3ea62-360x648.jpg?q=75&auto=format
200 OK 33 kB URL GET HTTP/3 cdn.sanity.io/images/w9lc5y04/production/f05767589069324ae9d7a955076f130747a3ea62-360x648.jpg?q=75&auto=format
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerSectigo Limited
Subject*.sanity.io
FingerprintFB:EF:74:F7:DD:DD:15:CD:83:CC:0E:50:DC:6F:81:65:7C:A3:1C:46
ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 360x648, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 86025b46bf0b9e8216fa4bc6486133cf
b6c3822e6363e50f5491ee29df4655b2662b9924
cacb905d6eb4800b11f162eb357cb09ff2232477237b21a897085b4919430b6f
GET /images/w9lc5y04/production/f05767589069324ae9d7a955076f130747a3ea62-360x648.jpg?q=75&auto=format HTTP/1.1
Host: cdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 32994
x-b3-traceid: e38cd0eced8ecdac09fdb052c7cf3372
x-b3-parentspanid: cf563384ab49eca4
x-b3-spanid: 63a83064819cb09e
x-b3-sampled: 0
x-sanity-asset-storage: gcs-default
content-security-policy: script-src 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
xkey: project-w9lc5y04-production
x-varnish-age: 4423
accept-ranges: bytes
via: 1.1 google
date: Thu, 16 Nov 2023 06:24:12 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
last-modified: Wed, 28 Apr 2021 09:37:59 GMT
content-type: image/webp
vary: origin, accept
age: 1530642
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cdn.sanity.io/images/w9lc5y04/production/83f3b229f25211e3b8870eb979a8ff86b3360710-360x648.jpg?q=75&auto=format
200 OK 35 kB URL GET HTTP/3 cdn.sanity.io/images/w9lc5y04/production/83f3b229f25211e3b8870eb979a8ff86b3360710-360x648.jpg?q=75&auto=format
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerSectigo Limited
Subject*.sanity.io
FingerprintFB:EF:74:F7:DD:DD:15:CD:83:CC:0E:50:DC:6F:81:65:7C:A3:1C:46
ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 360x648, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 55f9ba7eb970c11a3da67532d24db207
2f73f456a1d6b6a62a14c28dbfc34251b4165579
61ba3c7774fa855075f4dbc0e34c8839f97e4e8d6e85220e76ce44fe1a6c5bd2
GET /images/w9lc5y04/production/83f3b229f25211e3b8870eb979a8ff86b3360710-360x648.jpg?q=75&auto=format HTTP/1.1
Host: cdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 34932
x-b3-traceid: 72edc29357ce75cc240c63e9a9efc578
x-b3-parentspanid: 786e027b894b706a
x-b3-spanid: e45baf2d54036b68
x-b3-sampled: 0
x-sanity-asset-storage: gcs-default
content-security-policy: script-src 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
xkey: project-w9lc5y04-production
vha6-origin: image-varnish-ssd-6
x-varnish-age: 4381
accept-ranges: bytes
via: 1.1 google
date: Thu, 16 Nov 2023 06:24:55 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
last-modified: Mon, 19 Apr 2021 09:53:21 GMT
content-type: image/webp
vary: origin, accept
age: 1530599
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cdn.sanity.io/images/w9lc5y04/production/5788d8b65c59a60485f465171508e4277e2726bc-360x648.jpg?q=75&auto=format
200 OK 19 kB URL GET HTTP/3 cdn.sanity.io/images/w9lc5y04/production/5788d8b65c59a60485f465171508e4277e2726bc-360x648.jpg?q=75&auto=format
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerSectigo Limited
Subject*.sanity.io
FingerprintFB:EF:74:F7:DD:DD:15:CD:83:CC:0E:50:DC:6F:81:65:7C:A3:1C:46
ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 360x648, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash cc3451f906cf5513f7bda77c8b319f6a
ce644ccbdb9fdb598361f8021ae1adb2f5471e96
52dc9655a65e7e3efea056acd3023b97c6b442d20f9c55e7d05b86c491fb17b8
GET /images/w9lc5y04/production/5788d8b65c59a60485f465171508e4277e2726bc-360x648.jpg?q=75&auto=format HTTP/1.1
Host: cdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 19368
x-b3-traceid: b1cd140b57745309d5bee1259ddf0055
x-b3-parentspanid: ea66c7db5381f141
x-b3-spanid: 9c04ed2a2deec084
x-b3-sampled: 0
x-sanity-asset-storage: gcs-default
content-security-policy: script-src 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
xkey: project-w9lc5y04-production
x-varnish-age: 4423
accept-ranges: bytes
via: 1.1 google
date: Thu, 16 Nov 2023 06:24:12 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
last-modified: Fri, 05 Nov 2021 09:33:00 GMT
content-type: image/webp
vary: origin, accept
age: 1530642
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cdn.sanity.io/images/w9lc5y04/production/56491bd99ad297402b1a9dedcb246ca1657a7b9b-360x648.jpg?q=75&auto=format
200 OK 26 kB URL GET HTTP/3 cdn.sanity.io/images/w9lc5y04/production/56491bd99ad297402b1a9dedcb246ca1657a7b9b-360x648.jpg?q=75&auto=format
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerSectigo Limited
Subject*.sanity.io
FingerprintFB:EF:74:F7:DD:DD:15:CD:83:CC:0E:50:DC:6F:81:65:7C:A3:1C:46
ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 360x648, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a1e9ea14bf8189b123531504b8bcb68e
f3d2119af6ef34640cc5b3f610e27554038d0e5b
66e17e2ce873884bc335ec6aba999dde16749bae9931366aa8f211d72105a5ba
GET /images/w9lc5y04/production/56491bd99ad297402b1a9dedcb246ca1657a7b9b-360x648.jpg?q=75&auto=format HTTP/1.1
Host: cdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 26544
x-b3-traceid: cf93f3c53b698f55e29037b308bcdcab
x-b3-parentspanid: da96c27193fbae3b
x-b3-spanid: ba19d901d85ed432
x-b3-sampled: 0
x-sanity-asset-storage: gcs-default
content-security-policy: script-src 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
xkey: project-w9lc5y04-production
x-varnish-age: 2486
accept-ranges: bytes
via: 1.1 google
date: Thu, 16 Nov 2023 09:27:24 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
last-modified: Wed, 11 May 2022 09:29:20 GMT
content-type: image/webp
vary: origin, accept
age: 1519650
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cdn.sanity.io/images/w9lc5y04/production/69e4953b38e30c77873eef38e343a1fd67fcde66-360x648.jpg?q=75&auto=format
200 OK 28 kB URL GET HTTP/3 cdn.sanity.io/images/w9lc5y04/production/69e4953b38e30c77873eef38e343a1fd67fcde66-360x648.jpg?q=75&auto=format
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerSectigo Limited
Subject*.sanity.io
FingerprintFB:EF:74:F7:DD:DD:15:CD:83:CC:0E:50:DC:6F:81:65:7C:A3:1C:46
ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 360x648, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash babb90025db38ec53193d9743dbe9699
abe3415e61a64daca984c36d1ba5f49c9b2f38dd
05bc35e0a34cf0060e94b7c4233379003a5e349989f18170ee29f00567559514
GET /images/w9lc5y04/production/69e4953b38e30c77873eef38e343a1fd67fcde66-360x648.jpg?q=75&auto=format HTTP/1.1
Host: cdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 27690
x-b3-traceid: cfbabe1a36d11dc743adcbc3b481fc23
x-b3-parentspanid: 3cc24e62d853add0
x-b3-spanid: c14df4138fea44b1
x-b3-sampled: 0
x-sanity-asset-storage: gcs-default
content-security-policy: script-src 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
xkey: project-w9lc5y04-production
x-varnish-age: 4423
accept-ranges: bytes
via: 1.1 google
date: Thu, 16 Nov 2023 06:24:12 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
last-modified: Mon, 14 Jun 2021 08:46:43 GMT
content-type: image/webp
vary: origin, accept
age: 1530642
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cdn.sanity.io/images/w9lc5y04/production/417b180088f04bc3acd39c40fa1100ba8467f909-360x648.jpg?q=75&auto=format
200 OK 48 kB URL GET HTTP/3 cdn.sanity.io/images/w9lc5y04/production/417b180088f04bc3acd39c40fa1100ba8467f909-360x648.jpg?q=75&auto=format
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerSectigo Limited
Subject*.sanity.io
FingerprintFB:EF:74:F7:DD:DD:15:CD:83:CC:0E:50:DC:6F:81:65:7C:A3:1C:46
ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 360x648, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7b369d662f0618ca4d3432b46e160745
fbe842e033b47937110b9d95e5bcab0ead18ea41
72f57c1fb82d557baff742f44fa1b7badf5705eb040d595f6666c18feb86178f
GET /images/w9lc5y04/production/417b180088f04bc3acd39c40fa1100ba8467f909-360x648.jpg?q=75&auto=format HTTP/1.1
Host: cdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 48466
x-b3-traceid: 8f0b16d2ce38c9abad8054cb7466223b
x-b3-parentspanid: 5b86b160abb31e28
x-b3-spanid: 21fbb07a2c5ac52e
x-b3-sampled: 0
x-sanity-asset-storage: gcs-default
content-security-policy: script-src 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
xkey: project-w9lc5y04-production
x-varnish-age: 21700
accept-ranges: bytes
via: 1.1 google
date: Thu, 23 Nov 2023 04:56:24 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
last-modified: Mon, 19 Apr 2021 08:21:27 GMT
content-type: image/webp
vary: origin, accept
age: 931110
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cdn.sanity.io/images/w9lc5y04/production/f37c6aed020b1db8be527bf4d7ec67aef5031c7f-360x648.jpg?q=75&auto=format
200 OK 35 kB URL GET HTTP/3 cdn.sanity.io/images/w9lc5y04/production/f37c6aed020b1db8be527bf4d7ec67aef5031c7f-360x648.jpg?q=75&auto=format
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerSectigo Limited
Subject*.sanity.io
FingerprintFB:EF:74:F7:DD:DD:15:CD:83:CC:0E:50:DC:6F:81:65:7C:A3:1C:46
ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 360x648, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0a46c00c22d6cbdb794751e1c6963f01
a1db56a2ddd6eae1d9f8480814f5bb0d937e5bd7
f166c4b6b69b6dce5cd83c3fff52764e00939ca5504a7320919faa7edd45fce3
GET /images/w9lc5y04/production/f37c6aed020b1db8be527bf4d7ec67aef5031c7f-360x648.jpg?q=75&auto=format HTTP/1.1
Host: cdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 35274
x-b3-traceid: 9326982b6f35973d95154be96f2d63d0
x-b3-parentspanid: 52a0b62f7c4d1c5d
x-b3-spanid: 13c3f4c3a67cb6f7
x-b3-sampled: 0
x-sanity-asset-storage: gcs-default
content-security-policy: script-src 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
xkey: project-w9lc5y04-production
vha6-origin: image-varnish-ssd-0
x-varnish-age: 2488
accept-ranges: bytes
via: 1.1 google
date: Thu, 16 Nov 2023 06:56:28 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
last-modified: Mon, 19 Apr 2021 11:28:30 GMT
content-type: image/webp
vary: origin, accept
age: 1528706
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cdn.sanity.io/images/w9lc5y04/production/3c926e83a048b38a1da82304ec5bda80e997c5e3-360x648.jpg?q=75&auto=format
200 OK 35 kB URL GET HTTP/3 cdn.sanity.io/images/w9lc5y04/production/3c926e83a048b38a1da82304ec5bda80e997c5e3-360x648.jpg?q=75&auto=format
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerSectigo Limited
Subject*.sanity.io
FingerprintFB:EF:74:F7:DD:DD:15:CD:83:CC:0E:50:DC:6F:81:65:7C:A3:1C:46
ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 360x648, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5724b42c238f7f6279324c72829f6b39
841ffcf33eb25358b7a3cd94736b7b83d9707a3a
6f201c988cb6d30db0808ca682f710a36af1b64f9be3dae43bee6b3efdd2903e
GET /images/w9lc5y04/production/3c926e83a048b38a1da82304ec5bda80e997c5e3-360x648.jpg?q=75&auto=format HTTP/1.1
Host: cdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 34984
x-b3-traceid: 0b9fe44171dd3b37b1352c6ef4be352e
x-b3-parentspanid: c7afe2b4650465d4
x-b3-spanid: 6dab124d7565c60b
x-b3-sampled: 0
x-sanity-asset-storage: gcs-default
content-security-policy: script-src 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
xkey: project-w9lc5y04-production
x-varnish-age: 12167
accept-ranges: bytes
via: 1.1 google
date: Fri, 24 Nov 2023 10:38:39 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
last-modified: Wed, 29 Sep 2021 09:34:02 GMT
content-type: image/webp
vary: origin, accept
age: 824175
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cdn.sanity.io/images/w9lc5y04/production/56fc51fe90f1d0e1120791d5eaf144146eb9af98-360x648.jpg?q=75&auto=format
200 OK 36 kB URL GET HTTP/3 cdn.sanity.io/images/w9lc5y04/production/56fc51fe90f1d0e1120791d5eaf144146eb9af98-360x648.jpg?q=75&auto=format
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerSectigo Limited
Subject*.sanity.io
FingerprintFB:EF:74:F7:DD:DD:15:CD:83:CC:0E:50:DC:6F:81:65:7C:A3:1C:46
ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 360x648, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4e8480d48be3a64031d33c991056cfb0
0bfa6564fff1ad5529844333b5597b6e5e6a38d3
ce42a6c92d7e856cf105bee0130afc1df493d3575430695f6c2b4e59725ce0b5
GET /images/w9lc5y04/production/56fc51fe90f1d0e1120791d5eaf144146eb9af98-360x648.jpg?q=75&auto=format HTTP/1.1
Host: cdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 35988
x-b3-traceid: f9e726bf03d676c2f31cc638e7128f82
x-b3-parentspanid: 061ff69b7406e481
x-b3-spanid: 5649a26d104c9e5f
x-b3-sampled: 0
x-sanity-asset-storage: gcs-default
content-security-policy: script-src 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
xkey: project-w9lc5y04-production
x-varnish-age: 98005
accept-ranges: bytes
via: 1.1 google
date: Sun, 26 Nov 2023 08:04:16 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
last-modified: Wed, 12 Jul 2023 08:47:36 GMT
content-type: image/webp
vary: origin, accept
age: 660638
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cdn.sanity.io/images/w9lc5y04/production/034a8c005e2a008a1f3e9a1678fd492f72c97698-360x648.jpg?q=75&auto=format
200 OK 40 kB URL GET HTTP/3 cdn.sanity.io/images/w9lc5y04/production/034a8c005e2a008a1f3e9a1678fd492f72c97698-360x648.jpg?q=75&auto=format
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerSectigo Limited
Subject*.sanity.io
FingerprintFB:EF:74:F7:DD:DD:15:CD:83:CC:0E:50:DC:6F:81:65:7C:A3:1C:46
ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 360x648, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2e982b0dc3e31810a074eddcff080f39
8d45dff76d9208b71f4b5b3c2886164bd4c90ae4
ebf469fc70659a64c913d5db3210f07f5c3733412c54497676a7b84b258f8db4
GET /images/w9lc5y04/production/034a8c005e2a008a1f3e9a1678fd492f72c97698-360x648.jpg?q=75&auto=format HTTP/1.1
Host: cdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 40146
x-b3-traceid: 8320b4da09a6b673ec9b8a412b2d3320
x-b3-parentspanid: b2233ac0cfd8a666
x-b3-spanid: cbe6e8a36a13ece5
x-b3-sampled: 0
x-sanity-asset-storage: gcs-default
content-security-policy: script-src 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
xkey: project-w9lc5y04-production
x-varnish-age: 5195
accept-ranges: bytes
via: 1.1 google
date: Mon, 27 Nov 2023 09:39:55 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
last-modified: Wed, 09 Jun 2021 11:49:59 GMT
content-type: image/webp
vary: origin, accept
age: 568499
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cdn.sanity.io/images/w9lc5y04/production/b54794353124d8847145e5ceea576accbd87117c-360x648.jpg?q=75&auto=format
200 OK 42 kB URL GET HTTP/3 cdn.sanity.io/images/w9lc5y04/production/b54794353124d8847145e5ceea576accbd87117c-360x648.jpg?q=75&auto=format
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerSectigo Limited
Subject*.sanity.io
FingerprintFB:EF:74:F7:DD:DD:15:CD:83:CC:0E:50:DC:6F:81:65:7C:A3:1C:46
ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 360x648, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1478d448cd918c58bb8a6ad00860012f
cb37e5133719db7b9c0bcdcec416ece2dfdab545
f72fd2e7f57510ad3c3cf32e950939274ac3e9ed98780deb72b2841a0c3ada62
GET /images/w9lc5y04/production/b54794353124d8847145e5ceea576accbd87117c-360x648.jpg?q=75&auto=format HTTP/1.1
Host: cdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 41746
x-b3-traceid: 6469b9795cc859e82ddbe9fbe0ba3238
x-b3-parentspanid: fee0d8030e95d641
x-b3-spanid: 2fbf53730a33cf89
x-b3-sampled: 0
x-sanity-asset-storage: gcs-default
content-security-policy: script-src 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
xkey: project-w9lc5y04-production
vha6-origin: image-varnish-ssd-8
x-varnish-age: 4775
accept-ranges: bytes
via: 1.1 google
date: Mon, 27 Nov 2023 07:38:07 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
last-modified: Wed, 07 Jul 2021 08:12:33 GMT
content-type: image/webp
vary: origin, accept
age: 575807
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cdn.sanity.io/images/w9lc5y04/production/cf24591bcd8b0810f6800ba186ca015f946fc224-360x648.jpg?q=75&auto=format
200 OK 31 kB URL GET HTTP/3 cdn.sanity.io/images/w9lc5y04/production/cf24591bcd8b0810f6800ba186ca015f946fc224-360x648.jpg?q=75&auto=format
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerSectigo Limited
Subject*.sanity.io
FingerprintFB:EF:74:F7:DD:DD:15:CD:83:CC:0E:50:DC:6F:81:65:7C:A3:1C:46
ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 360x648, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3d4cbc7607728358635b4be946973aaf
013b2d398aa197544e78a029aabab154b4c19f60
769e01aa371a538203fd76912c2624d4d1dd5fa2cddb825054e240007cc2088f
GET /images/w9lc5y04/production/cf24591bcd8b0810f6800ba186ca015f946fc224-360x648.jpg?q=75&auto=format HTTP/1.1
Host: cdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 31014
x-b3-traceid: ba0325c310811f0ba26cd28d13161344
x-b3-parentspanid: 9cef09f7770a3bac
x-b3-spanid: d7dce1b42766fc82
x-b3-sampled: 0
x-sanity-asset-storage: gcs-default
content-security-policy: script-src 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
xkey: project-w9lc5y04-production
x-varnish-age: 0
accept-ranges: bytes
via: 1.1 google
date: Mon, 27 Nov 2023 11:00:47 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
last-modified: Thu, 10 Jun 2021 07:48:44 GMT
content-type: image/webp
vary: origin, accept
age: 563647
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cdn.sanity.io/images/w9lc5y04/production/93033245e862a653520485605dff027b70dab4c6-360x648.jpg?q=75&auto=format
200 OK 45 kB URL GET HTTP/3 cdn.sanity.io/images/w9lc5y04/production/93033245e862a653520485605dff027b70dab4c6-360x648.jpg?q=75&auto=format
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerSectigo Limited
Subject*.sanity.io
FingerprintFB:EF:74:F7:DD:DD:15:CD:83:CC:0E:50:DC:6F:81:65:7C:A3:1C:46
ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 360x648, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6fb1456774321ac97b87cad03089481d
e31a1a25f8258f7efa9f31ffdb602cc0476263ab
5ecf9d88ce69765ed780413784e00e1bf5f08dc4809891443035b55d68f062d8
GET /images/w9lc5y04/production/93033245e862a653520485605dff027b70dab4c6-360x648.jpg?q=75&auto=format HTTP/1.1
Host: cdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 44770
x-b3-traceid: 795ac75ef4d713b19727570bde3668c7
x-b3-parentspanid: 02d844fccb3c8efd
x-b3-spanid: d2b60611a7226c6e
x-b3-sampled: 0
x-sanity-asset-storage: gcs-default
content-security-policy: script-src 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
xkey: project-w9lc5y04-production
x-varnish-age: 36284
accept-ranges: bytes
via: 1.1 google
date: Wed, 22 Nov 2023 02:18:55 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
last-modified: Mon, 19 Apr 2021 11:40:21 GMT
content-type: image/webp
vary: origin, accept
age: 1026959
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cdn.sanity.io/images/w9lc5y04/production/11ae3106175377ee3ac804225b052c2087e4d809-360x648.jpg?q=75&auto=format
200 OK 26 kB URL GET HTTP/3 cdn.sanity.io/images/w9lc5y04/production/11ae3106175377ee3ac804225b052c2087e4d809-360x648.jpg?q=75&auto=format
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerSectigo Limited
Subject*.sanity.io
FingerprintFB:EF:74:F7:DD:DD:15:CD:83:CC:0E:50:DC:6F:81:65:7C:A3:1C:46
ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 360x648, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2b4c380622762498eebd7d19115a7f38
152433bf425dd4be0d5faf1518afd56e67e622a6
664b1e524aaba89618c2804d1dc7e3bdd20a1b41e36da9e9875c6079e39694fa
GET /images/w9lc5y04/production/11ae3106175377ee3ac804225b052c2087e4d809-360x648.jpg?q=75&auto=format HTTP/1.1
Host: cdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 25936
x-b3-traceid: 4b91da61b4875890959faa82db4a7b25
x-b3-parentspanid: 9e9454aa8a6377ba
x-b3-spanid: 4d34680d828d308e
x-b3-sampled: 0
x-sanity-asset-storage: gcs-default
content-security-policy: script-src 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
xkey: project-w9lc5y04-production
vha6-origin: image-varnish-ssd-8
x-varnish-age: 2509
accept-ranges: bytes
via: 1.1 google
date: Thu, 16 Nov 2023 06:56:07 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
last-modified: Mon, 14 Jun 2021 08:15:50 GMT
content-type: image/webp
vary: origin, accept
age: 1528727
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cdn.sanity.io/images/w9lc5y04/production/47d514b59e21a38a0bae130bcf69c305cb142825-360x648.jpg?q=75&auto=format
200 OK 28 kB URL GET HTTP/3 cdn.sanity.io/images/w9lc5y04/production/47d514b59e21a38a0bae130bcf69c305cb142825-360x648.jpg?q=75&auto=format
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerSectigo Limited
Subject*.sanity.io
FingerprintFB:EF:74:F7:DD:DD:15:CD:83:CC:0E:50:DC:6F:81:65:7C:A3:1C:46
ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 360x648, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b84cef3c76cecd8a7d5d8ed806677ac0
d3f019f5f36d1d1101809564043b56941365fd3d
8d1a782a02e8b7b7607a81a25ad98ba994c6baa3282a337cd27329dc319cceed
GET /images/w9lc5y04/production/47d514b59e21a38a0bae130bcf69c305cb142825-360x648.jpg?q=75&auto=format HTTP/1.1
Host: cdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 27676
x-b3-traceid: b2591331639445bccc46496aa37463db
x-b3-parentspanid: eec39eca464d69b9
x-b3-spanid: 254a563f5fe2b76b
x-b3-sampled: 0
x-sanity-asset-storage: gcs-default
content-security-policy: script-src 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
xkey: project-w9lc5y04-production
x-varnish-age: 1370
accept-ranges: bytes
via: 1.1 google
date: Mon, 27 Nov 2023 10:42:48 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
age: 564726
last-modified: Thu, 29 Sep 2022 07:09:23 GMT
content-type: image/webp
vary: origin, accept
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.ibet.com/assets/index-bf854176.js
200 OK 61 kB URL GET HTTP/2 www.ibet.com/assets/index-bf854176.js
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerAmazon
Subjectibet.com
Fingerprint3B:AD:BE:27:EB:34:85:82:2F:7E:9B:BC:BE:33:AE:64:4D:23:C0:85
ValidityTue, 14 Mar 2023 00:00:00 GMT - Thu, 11 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash dbf7e4f6ebebd8ed12aeba26ab81ec6e
16c1de9a2cf7a06d32e23a5d2ffbe858792efb0d
9f63a812861c29ffe48498ff85930531295b2fbb20196a66278e055fd841cc24
GET /assets/index-bf854176.js HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 29 Nov 2023 06:40:01 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
date: Sun, 03 Dec 2023 06:41:01 GMT
etag: W/"dbf7e4f6ebebd8ed12aeba26ab81ec6e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 648da69bb4c2221c403be08a06311d98.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: yJ1s7vPR8dFY5rhGXhIcuVxqEeto7jK29vxjP3VyepQAvTgNw-7a1w==
age: 60832
cache-control: public, max-age=63072000
X-Firefox-Spdy: h2
cdn.sanity.io/images/w9lc5y04/production/52b16929c1e2b0310000d7270b4d4f92eece9b53-360x648.jpg?q=75&auto=format
200 OK 36 kB URL GET HTTP/3 cdn.sanity.io/images/w9lc5y04/production/52b16929c1e2b0310000d7270b4d4f92eece9b53-360x648.jpg?q=75&auto=format
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerSectigo Limited
Subject*.sanity.io
FingerprintFB:EF:74:F7:DD:DD:15:CD:83:CC:0E:50:DC:6F:81:65:7C:A3:1C:46
ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 360x648, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4f52de00c87e38aebddf7a7eb48c6a9c
8026ebf08a393c1ce6a09a4ee557553d8b8aacab
c69b2436fe66143fbf6cbaa8627e9ed49cf7a6aae6b9f07722f6bfcd747aba76
GET /images/w9lc5y04/production/52b16929c1e2b0310000d7270b4d4f92eece9b53-360x648.jpg?q=75&auto=format HTTP/1.1
Host: cdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 35814
x-b3-traceid: da90f634f7506629fdab8e6f5867b1da
x-b3-parentspanid: 4530d550fa35a047
x-b3-spanid: 41130635b3f53688
x-b3-sampled: 0
x-sanity-asset-storage: gcs-default
content-security-policy: script-src 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
xkey: project-w9lc5y04-production
vha6-origin: image-varnish-ssd-3
x-varnish-age: 4380
accept-ranges: bytes
via: 1.1 google
date: Thu, 16 Nov 2023 06:24:56 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
last-modified: Mon, 26 Apr 2021 08:22:23 GMT
content-type: image/webp
vary: origin, accept
age: 1530598
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cdn.sanity.io/images/w9lc5y04/production/1b5d3434fe1ba559ffdee3df2e3f37fb95efb893-360x648.jpg?q=75&auto=format
200 OK 43 kB URL GET HTTP/3 cdn.sanity.io/images/w9lc5y04/production/1b5d3434fe1ba559ffdee3df2e3f37fb95efb893-360x648.jpg?q=75&auto=format
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerSectigo Limited
Subject*.sanity.io
FingerprintFB:EF:74:F7:DD:DD:15:CD:83:CC:0E:50:DC:6F:81:65:7C:A3:1C:46
ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 360x648, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 89f27066714aefa6aad3fca608d75d88
f8df65593f7d832ef68ab99417df9f0985073dbc
7f38688414b0e8959c956491942530a82af03a7c0510733af255c926caccc8f5
GET /images/w9lc5y04/production/1b5d3434fe1ba559ffdee3df2e3f37fb95efb893-360x648.jpg?q=75&auto=format HTTP/1.1
Host: cdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 43186
x-b3-traceid: fa1e6317bb43f46df99b7b50ee733115
x-b3-parentspanid: abe56815ca78225b
x-b3-spanid: 92bf4c9af493b95f
x-b3-sampled: 0
x-sanity-asset-storage: gcs-default
content-security-policy: script-src 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
xkey: project-w9lc5y04-production
vha6-origin: image-varnish-ssd-0
x-varnish-age: 29447
accept-ranges: bytes
via: 1.1 google
date: Fri, 24 Nov 2023 11:20:55 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
last-modified: Wed, 28 Apr 2021 09:41:23 GMT
content-type: image/webp
vary: origin, accept
age: 821639
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cdn.sanity.io/images/w9lc5y04/production/43cc5e2455bc35783713bcb8dd3c3d25b737d2c4-360x648.jpg?q=75&auto=format
200 OK 29 kB URL GET HTTP/3 cdn.sanity.io/images/w9lc5y04/production/43cc5e2455bc35783713bcb8dd3c3d25b737d2c4-360x648.jpg?q=75&auto=format
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerSectigo Limited
Subject*.sanity.io
FingerprintFB:EF:74:F7:DD:DD:15:CD:83:CC:0E:50:DC:6F:81:65:7C:A3:1C:46
ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 360x648, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c06b9ef722b22b8458c0e3e6ee0d86be
fdd336c34ad62742f887db817181fc41f37aac1b
7fe7db270de009d7391871b077efc6b503c09c8dd355c5198b96c0808857983a
GET /images/w9lc5y04/production/43cc5e2455bc35783713bcb8dd3c3d25b737d2c4-360x648.jpg?q=75&auto=format HTTP/1.1
Host: cdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 29126
x-b3-traceid: a72d5890392e522672c43b4386d16aed
x-b3-parentspanid: fa1cae4c4ef12bfe
x-b3-spanid: 1ee7db2e92db54e1
x-b3-sampled: 0
x-sanity-asset-storage: gcs-default
content-security-policy: script-src 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
xkey: project-w9lc5y04-production
x-varnish-age: 32959
accept-ranges: bytes
via: 1.1 google
date: Mon, 27 Nov 2023 01:51:36 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
last-modified: Mon, 14 Jun 2021 08:33:51 GMT
content-type: image/webp
vary: origin, accept
age: 596598
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cdn.sanity.io/images/w9lc5y04/production/4ec1906b9d63a3d8533d7538b67ab1c290609c8f-360x648.jpg?q=75&auto=format
200 OK 21 kB URL GET HTTP/3 cdn.sanity.io/images/w9lc5y04/production/4ec1906b9d63a3d8533d7538b67ab1c290609c8f-360x648.jpg?q=75&auto=format
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerSectigo Limited
Subject*.sanity.io
FingerprintFB:EF:74:F7:DD:DD:15:CD:83:CC:0E:50:DC:6F:81:65:7C:A3:1C:46
ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 360x648, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e0fe1d04655c4a293ebd9f01bac7775a
e36f372c82d4b462bc3d371cec29e96d67fa800a
cd56deac03bdec82d88933e4403d6c16168b807445237b060381905525ee96b4
GET /images/w9lc5y04/production/4ec1906b9d63a3d8533d7538b67ab1c290609c8f-360x648.jpg?q=75&auto=format HTTP/1.1
Host: cdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 20578
x-b3-traceid: 2fa6e46f6e8a0e9814aca2483c1f6782
x-b3-parentspanid: a73b172ded18bd4e
x-b3-spanid: 217827f60133ace1
x-b3-sampled: 0
x-sanity-asset-storage: gcs-default
content-security-policy: script-src 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
xkey: project-w9lc5y04-production
x-varnish-age: 0
accept-ranges: bytes
via: 1.1 google
date: Mon, 27 Nov 2023 11:43:05 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
last-modified: Mon, 26 Apr 2021 08:27:33 GMT
content-type: image/webp
vary: origin, accept
age: 561109
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cdn.sanity.io/images/w9lc5y04/production/5c96237a6d59d0a8493a82e7bc50e433f3512f28-360x648.jpg?q=75&auto=format
200 OK 26 kB URL GET HTTP/3 cdn.sanity.io/images/w9lc5y04/production/5c96237a6d59d0a8493a82e7bc50e433f3512f28-360x648.jpg?q=75&auto=format
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerSectigo Limited
Subject*.sanity.io
FingerprintFB:EF:74:F7:DD:DD:15:CD:83:CC:0E:50:DC:6F:81:65:7C:A3:1C:46
ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 360x648, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e0286147024a9d907818a6d86e579de8
44a5be459039db3c9b381402f6c18ebcb81997b0
f8c497068bca751605d9e1df8c311a34a6d123307d1c31c3ff8439ef2d93defa
GET /images/w9lc5y04/production/5c96237a6d59d0a8493a82e7bc50e433f3512f28-360x648.jpg?q=75&auto=format HTTP/1.1
Host: cdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 25922
x-b3-traceid: 0c99f1543af13dfe57d0dabecd0f8bbf
x-b3-parentspanid: e5f7e3af8fb96949
x-b3-spanid: d72f063386bc9323
x-b3-sampled: 0
x-sanity-asset-storage: gcs-default
content-security-policy: script-src 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
xkey: project-w9lc5y04-production
vha6-origin: image-varnish-ssd-5
x-varnish-age: 2509
accept-ranges: bytes
via: 1.1 google
date: Thu, 16 Nov 2023 06:56:07 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
last-modified: Mon, 26 Apr 2021 08:11:04 GMT
content-type: image/webp
vary: origin, accept
age: 1528727
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cdn.sanity.io/images/w9lc5y04/production/35f84c422b8d397097307afe22e85925cc54d6c1-360x648.jpg?q=75&auto=format
200 OK 26 kB URL GET HTTP/3 cdn.sanity.io/images/w9lc5y04/production/35f84c422b8d397097307afe22e85925cc54d6c1-360x648.jpg?q=75&auto=format
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerSectigo Limited
Subject*.sanity.io
FingerprintFB:EF:74:F7:DD:DD:15:CD:83:CC:0E:50:DC:6F:81:65:7C:A3:1C:46
ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 360x648, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f459119df9c6e430b352c953e93120b4
b250d735984d2cf42a7877f6b93ecb69255518fc
9dda6be1a40d1049b4e93b2996342dc30469094a50e88335f2d4adeac8e11ed5
GET /images/w9lc5y04/production/35f84c422b8d397097307afe22e85925cc54d6c1-360x648.jpg?q=75&auto=format HTTP/1.1
Host: cdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 25608
x-b3-traceid: af86b45b1b96e5bb1cff498919f6cb3c
x-b3-parentspanid: 2f281b40ed04294a
x-b3-spanid: a170cd983952558c
x-b3-sampled: 0
x-sanity-asset-storage: gcs-default
content-security-policy: script-src 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
xkey: project-w9lc5y04-production
x-varnish-age: 4423
accept-ranges: bytes
via: 1.1 google
date: Thu, 16 Nov 2023 06:24:12 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
last-modified: Mon, 14 Jun 2021 08:49:45 GMT
content-type: image/webp
vary: origin, accept
age: 1530642
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cdn.sanity.io/images/w9lc5y04/production/ade8e11475aa365473dfbf94e32769bcdb6966c0-360x648.jpg?q=75&auto=format
200 OK 24 kB URL GET HTTP/3 cdn.sanity.io/images/w9lc5y04/production/ade8e11475aa365473dfbf94e32769bcdb6966c0-360x648.jpg?q=75&auto=format
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerSectigo Limited
Subject*.sanity.io
FingerprintFB:EF:74:F7:DD:DD:15:CD:83:CC:0E:50:DC:6F:81:65:7C:A3:1C:46
ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 360x648, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 42d57afaa446d360a5c6675b202aa677
ea933834b7c6a2e6910cea710510d7e7ceeb61d4
73d0352bf00519a333e8e64b92d1833c377592e4250e685318152a40027f01d5
GET /images/w9lc5y04/production/ade8e11475aa365473dfbf94e32769bcdb6966c0-360x648.jpg?q=75&auto=format HTTP/1.1
Host: cdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 24276
x-b3-traceid: fc4fa093db24dae9c3be8a86d498acea
x-b3-parentspanid: 46b769c4de82dfae
x-b3-spanid: 1e38f23c14311936
x-b3-sampled: 0
x-sanity-asset-storage: gcs-default
content-security-policy: script-src 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
xkey: project-w9lc5y04-production
x-varnish-age: 4423
accept-ranges: bytes
via: 1.1 google
date: Thu, 16 Nov 2023 06:24:12 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
last-modified: Wed, 28 Apr 2021 09:15:48 GMT
content-type: image/webp
vary: origin, accept
age: 1530642
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cdn.sanity.io/images/w9lc5y04/production/fb47a2fc7412f2be656e701ee800e0a63146af49-360x648.jpg?q=75&auto=format
200 OK 32 kB URL GET HTTP/3 cdn.sanity.io/images/w9lc5y04/production/fb47a2fc7412f2be656e701ee800e0a63146af49-360x648.jpg?q=75&auto=format
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerSectigo Limited
Subject*.sanity.io
FingerprintFB:EF:74:F7:DD:DD:15:CD:83:CC:0E:50:DC:6F:81:65:7C:A3:1C:46
ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 360x648, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4c8e51f63a8c1c8ca32d8efb0f2a0618
efa20f787a9ded5c059cdaa144ff3b959a98f3a8
957e37f1e7aedd74596bd94e70aaeab025a0d573c3dc79ec56b9bc4290497cd8
GET /images/w9lc5y04/production/fb47a2fc7412f2be656e701ee800e0a63146af49-360x648.jpg?q=75&auto=format HTTP/1.1
Host: cdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 31740
x-b3-traceid: 44b0b9e3bca2ae2bc75bd856a7abe359
x-b3-parentspanid: 2daae92c4c6003ed
x-b3-spanid: 52b96ba14afe7327
x-b3-sampled: 0
x-sanity-asset-storage: gcs-default
content-security-policy: script-src 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
xkey: project-w9lc5y04-production
x-varnish-age: 39492
accept-ranges: bytes
via: 1.1 google
date: Thu, 23 Nov 2023 06:09:48 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
last-modified: Mon, 06 Sep 2021 19:39:52 GMT
content-type: image/webp
vary: origin, accept
age: 926706
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cdn.sanity.io/images/w9lc5y04/production/a60ca338d2b33729da676562791d017572cbaca9-360x648.jpg?q=75&auto=format
200 OK 34 kB URL GET HTTP/3 cdn.sanity.io/images/w9lc5y04/production/a60ca338d2b33729da676562791d017572cbaca9-360x648.jpg?q=75&auto=format
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerSectigo Limited
Subject*.sanity.io
FingerprintFB:EF:74:F7:DD:DD:15:CD:83:CC:0E:50:DC:6F:81:65:7C:A3:1C:46
ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 360x648, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 66d8d444089f63e5e22fa8736e5379b0
dac0b46c6e65a8552dc7e5cbdd7ed3b584f3eb14
6b673f228aeb538513bd46d3cabcc519fc4d37f58057b847d4505704821075a6
GET /images/w9lc5y04/production/a60ca338d2b33729da676562791d017572cbaca9-360x648.jpg?q=75&auto=format HTTP/1.1
Host: cdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 34024
x-b3-traceid: 7b95d1e554a6b6a3670d2f705e62639d
x-b3-parentspanid: c6cbbec12978a7a2
x-b3-spanid: 8c008ab2826019c
x-b3-sampled: 0
x-sanity-asset-storage: gcs-default
content-security-policy: script-src 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
xkey: project-w9lc5y04-production
x-varnish-age: 31239
accept-ranges: bytes
via: 1.1 google
date: Fri, 24 Nov 2023 11:18:19 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
last-modified: Wed, 28 Apr 2021 09:13:05 GMT
content-type: image/webp
vary: origin, accept
age: 821795
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cdn.sanity.io/images/w9lc5y04/production/134920aa6de2b7750bfc3178f3d43fa4cbee1381-360x648.jpg?q=75&auto=format
200 OK 55 kB URL GET HTTP/3 cdn.sanity.io/images/w9lc5y04/production/134920aa6de2b7750bfc3178f3d43fa4cbee1381-360x648.jpg?q=75&auto=format
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerSectigo Limited
Subject*.sanity.io
FingerprintFB:EF:74:F7:DD:DD:15:CD:83:CC:0E:50:DC:6F:81:65:7C:A3:1C:46
ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 360x648, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d28d7dcab196078ca3f30147d0632f3b
fde5b42507e6ccf04f2b7dd0b270545ffff5ee3d
4676aaca854dad389eebad5b0426778226d43cf42b6047b6b8e029f287a1b652
GET /images/w9lc5y04/production/134920aa6de2b7750bfc3178f3d43fa4cbee1381-360x648.jpg?q=75&auto=format HTTP/1.1
Host: cdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 55418
x-b3-traceid: e21e088232579ab7509e4ecdbacd2163
x-b3-parentspanid: d84f57ff1cba8095
x-b3-spanid: bad74f52ab8a7755
x-b3-sampled: 0
x-sanity-asset-storage: gcs-default
content-security-policy: script-src 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
xkey: project-w9lc5y04-production
x-varnish-age: 15778
accept-ranges: bytes
via: 1.1 google
date: Thu, 23 Nov 2023 12:45:02 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
last-modified: Mon, 26 Apr 2021 08:30:10 GMT
content-type: image/webp
vary: origin, accept
age: 902992
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cdn.sanity.io/images/w9lc5y04/production/e7d1b15d27b739aefe44028efb04ecf0e8d9a1f3-360x648.jpg?q=75&auto=format
200 OK 27 kB URL GET HTTP/3 cdn.sanity.io/images/w9lc5y04/production/e7d1b15d27b739aefe44028efb04ecf0e8d9a1f3-360x648.jpg?q=75&auto=format
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerSectigo Limited
Subject*.sanity.io
FingerprintFB:EF:74:F7:DD:DD:15:CD:83:CC:0E:50:DC:6F:81:65:7C:A3:1C:46
ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 360x648, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash eced7c713e8bd6af44bfd3974b10100d
c67b8a528c77553c1a00510e5cfc1aed873dbf95
e7e4ca34669728e6cde5add793eb38b291ce2bfdaf9c7f6fcefa0f7d04087182
GET /images/w9lc5y04/production/e7d1b15d27b739aefe44028efb04ecf0e8d9a1f3-360x648.jpg?q=75&auto=format HTTP/1.1
Host: cdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 27274
x-b3-traceid: e0ac54a3ee193aa1fff2931b746f17ca
x-b3-parentspanid: 6f1e83924ffd1677
x-b3-spanid: c5dd0d7db5c3f5a2
x-b3-sampled: 0
x-sanity-asset-storage: gcs-default
content-security-policy: script-src 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
xkey: project-w9lc5y04-production
x-varnish-age: 45829
accept-ranges: bytes
via: 1.1 google
date: Fri, 24 Nov 2023 10:55:48 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
last-modified: Wed, 08 Sep 2021 16:14:18 GMT
content-type: image/webp
vary: origin, accept
age: 823146
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cdn.sanity.io/images/w9lc5y04/production/1aed95d6db6096682e3ddbc64e2754d78c4a1b53-360x648.jpg?q=75&auto=format
200 OK 40 kB URL GET HTTP/3 cdn.sanity.io/images/w9lc5y04/production/1aed95d6db6096682e3ddbc64e2754d78c4a1b53-360x648.jpg?q=75&auto=format
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerSectigo Limited
Subject*.sanity.io
FingerprintFB:EF:74:F7:DD:DD:15:CD:83:CC:0E:50:DC:6F:81:65:7C:A3:1C:46
ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 360x648, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f5a19555df1f54e9ad39a2deb6374b96
d58d4864127a082b55a1d9ba87cd649ebe2edff8
5e6c98805486abf5947a7a8a9d542eaf603754da92ac03353c77f8a0a3ef3fdb
GET /images/w9lc5y04/production/1aed95d6db6096682e3ddbc64e2754d78c4a1b53-360x648.jpg?q=75&auto=format HTTP/1.1
Host: cdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 40088
x-b3-traceid: e14c1e85c426819ed01102b325e4236b
x-b3-parentspanid: bb37b7519cd124bb
x-b3-spanid: 36ae24964e1fb022
x-b3-sampled: 0
x-sanity-asset-storage: gcs-default
content-security-policy: script-src 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
xkey: project-w9lc5y04-production
vha6-origin: image-varnish-ssd-0
x-varnish-age: 6490
accept-ranges: bytes
via: 1.1 google
date: Thu, 16 Nov 2023 06:24:57 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
age: 1530597
last-modified: Mon, 26 Apr 2021 08:12:57 GMT
content-type: image/webp
vary: origin, accept
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cdn.sanity.io/images/w9lc5y04/production/f84ed70b5ff46c4c11a9c15a8ce70864f4632908-360x648.jpg?q=75&auto=format
200 OK 33 kB URL GET HTTP/3 cdn.sanity.io/images/w9lc5y04/production/f84ed70b5ff46c4c11a9c15a8ce70864f4632908-360x648.jpg?q=75&auto=format
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerSectigo Limited
Subject*.sanity.io
FingerprintFB:EF:74:F7:DD:DD:15:CD:83:CC:0E:50:DC:6F:81:65:7C:A3:1C:46
ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 360x648, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5ac7adf6482838fa01a90d8e25eb3f25
fd1bcc440f7ceb61be7096506d2a2f7fed0c6223
845541a798fe7e1b14363826e3e967739c72f0be0e03ce83e6bad47a255246af
GET /images/w9lc5y04/production/f84ed70b5ff46c4c11a9c15a8ce70864f4632908-360x648.jpg?q=75&auto=format HTTP/1.1
Host: cdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 33142
x-b3-traceid: e2b058f3c9e702485eb613b51c578deb
x-b3-parentspanid: c08d85ce085c068e
x-b3-spanid: e574ef5b432305f8
x-b3-sampled: 0
x-sanity-asset-storage: gcs-default
content-security-policy: script-src 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
xkey: project-w9lc5y04-production
vha6-origin: image-varnish-ssd-0
x-varnish-age: 30262
accept-ranges: bytes
via: 1.1 google
date: Mon, 27 Nov 2023 02:42:10 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
last-modified: Wed, 28 Apr 2021 09:35:12 GMT
content-type: image/webp
vary: origin, accept
age: 593564
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
a.sportradarserving.com/pixel?type=js&aid=1622&id=7046
302 Moved Temporarily 0 B URL GET HTTP/1.1 a.sportradarserving.com/pixel?type=js&aid=1622&id=7046
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerEntrust, Inc.
Subject*.sportradarserving.com
FingerprintD0:C1:99:26:D2:AD:C7:6B:F2:AD:C4:44:44:70:7C:4F:D2:49:9B:C4
ValidityWed, 20 Sep 2023 07:44:29 GMT - Mon, 14 Oct 2024 07:44:28 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel?type=js&aid=1622&id=7046 HTTP/1.1
Host: a.sportradarserving.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache, no-store, must-revalidate
Date: Sun, 03 Dec 2023 23:34:54 GMT
Location: https://a.sportradarserving.com/ul_cb/pixel?type=js&aid=1622&id=7046
Set-Cookie: zuuid=9367313e-ab78-4d4c-9639-9e5fec3b348f; path=/; expires=Mon, 02-Dec-2024 23:34:54 GMT; domain=sportradarserving.com; samesite=none; secure
c=1701646494; path=/; expires=Mon, 02-Dec-2024 23:34:54 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_lu=1701646494; path=/; expires=Mon, 02-Dec-2024 23:34:54 GMT; domain=sportradarserving.com; samesite=none; secure
Content-Length: 0
Connection: keep-alive
www.ibet.com/assets/document-search-4855df34.svg
200 OK 2.6 kB URL GET HTTP/2 www.ibet.com/assets/document-search-4855df34.svg
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerAmazon
Subjectibet.com
Fingerprint3B:AD:BE:27:EB:34:85:82:2F:7E:9B:BC:BE:33:AE:64:4D:23:C0:85
ValidityTue, 14 Mar 2023 00:00:00 GMT - Thu, 11 Apr 2024 23:59:59 GMT
File type gzip compressed data, from Unix\012- data
Hash f63395f5a518b464424c0697daa3d960
62ec812f808f97571b3e00f1942d30f2145e8a4e
7190daa0d655c4aef4a4925b7b1492a2cca3e2b57c6fc4fe854d9794b09c329a
GET /assets/document-search-4855df34.svg HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Cookie: _gcl_au=1.1.1324385100.1701646499; _ga_E0JKRGC2KE=GS1.1.1701646499.1.0.1701646499.0.0.0; _ga=GA1.1.292610295.1701646499
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Wed, 29 Nov 2023 06:40:01 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Sun, 03 Dec 2023 09:22:01 GMT
etag: W/"339ba49cc8f0f5837ce0363adfd0df6f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 648da69bb4c2221c403be08a06311d98.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: sMNhdke53l4cxWihshnnygpOtgcbMjVchTSXw3KmQUuJ4h4oUCMfyQ==
age: 60783
cache-control: public, max-age=63072000
X-Firefox-Spdy: h2
mpsnare.iesnare.com/time.mp3?nocache=0.7763904542907418
206 Partial Content 504 B URL GET HTTP/1.1 mpsnare.iesnare.com/time.mp3?nocache=0.7763904542907418
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerDigiCert Inc
Subjectmpsnare.iesnare.com
Fingerprint76:12:1D:E6:DA:A3:5F:1E:E7:FC:3D:15:6F:B5:5D:0A:2E:F1:A2:D5
ValidityMon, 01 May 2023 00:00:00 GMT - Wed, 29 May 2024 23:59:59 GMT
File type MPEG ADTS, layer III, v2.5, 32 kbps, 8 kHz, JntStereo\012- data
Hash cfe47da3367b896cf8fe9d23144e6294
5eb28e56c71ce7e851b99b4d90b4091e3090243a
2857eb76b4850703192f5d42bc145b2384147fcb65f63b5447ed74664e241507
GET /time.mp3?nocache=0.7763904542907418 HTTP/1.1
Host: mpsnare.iesnare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 206 Partial Content
Server: nginx
Date: Sun, 03 Dec 2023 23:34:54 GMT
Content-Type: audio/mpeg
Content-Length: 504
Connection: keep-alive
Content-Disposition: inline; filename=time.mp3
Content-Range: bytes 0-503/504
Accept-Ranges: bytes
Pragma: public
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
mpsnare.iesnare.com/5.7.0/mM0sp8Erj2GlCHJLX6SgFKsKcD68gIN_z1-m9vV_lm0/logo.js
200 OK 421 B URL GET HTTP/1.1 mpsnare.iesnare.com/5.7.0/mM0sp8Erj2GlCHJLX6SgFKsKcD68gIN_z1-m9vV_lm0/logo.js
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerDigiCert Inc
Subjectmpsnare.iesnare.com
Fingerprint76:12:1D:E6:DA:A3:5F:1E:E7:FC:3D:15:6F:B5:5D:0A:2E:F1:A2:D5
ValidityMon, 01 May 2023 00:00:00 GMT - Wed, 29 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (377)
Hash a6a3c4ffce4c449cdb5bb616f110b671
3702f67c1d57ecbf24cfb40520bc0f7a57484838
5ea42dc9a1a0631f994ab548fa84e7fa8e5756cacb634c6d25c5106491a3d9c6
GET /5.7.0/mM0sp8Erj2GlCHJLX6SgFKsKcD68gIN_z1-m9vV_lm0/logo.js HTTP/1.1
Host: mpsnare.iesnare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 03 Dec 2023 23:34:54 GMT
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 06 May 2014 00:01:40 GMT
Expires: Mon, 02 Dec 2024 23:34:54 GMT
Cache-Control: private
p3p: CP="NON DSP COR CURa"
Accept-CH: Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-WoW64, ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip
mpsnare.iesnare.com/time.mp3?nocache=0.41344894208238636
206 Partial Content 504 B URL GET HTTP/1.1 mpsnare.iesnare.com/time.mp3?nocache=0.41344894208238636
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerDigiCert Inc
Subjectmpsnare.iesnare.com
Fingerprint76:12:1D:E6:DA:A3:5F:1E:E7:FC:3D:15:6F:B5:5D:0A:2E:F1:A2:D5
ValidityMon, 01 May 2023 00:00:00 GMT - Wed, 29 May 2024 23:59:59 GMT
File type MPEG ADTS, layer III, v2.5, 32 kbps, 8 kHz, JntStereo\012- data
Hash cfe47da3367b896cf8fe9d23144e6294
5eb28e56c71ce7e851b99b4d90b4091e3090243a
2857eb76b4850703192f5d42bc145b2384147fcb65f63b5447ed74664e241507
GET /time.mp3?nocache=0.41344894208238636 HTTP/1.1
Host: mpsnare.iesnare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 206 Partial Content
Server: nginx
Date: Sun, 03 Dec 2023 23:34:54 GMT
Content-Type: audio/mpeg
Content-Length: 504
Connection: keep-alive
Content-Disposition: inline; filename=time.mp3
Content-Range: bytes 0-503/504
Accept-Ranges: bytes
Pragma: public
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
api.fouanalytics.com/api/x
200 OK 0 B URL POST HTTP/3 api.fouanalytics.com/api/x
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerLet's Encrypt
Subjectfouanalytics.com
Fingerprint6A:6F:F4:F8:96:F5:AF:BD:04:DA:3B:26:07:70:F4:17:1F:A7:43:82
ValidityTue, 07 Nov 2023 01:56:38 GMT - Mon, 05 Feb 2024 01:56:37 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/x HTTP/1.1
Host: api.fouanalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2933
Origin: https://www.ibet.com
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/3 200 OK
date: Sun, 03 Dec 2023 23:34:54 GMT
access-control-allow-origin: *
access-control-allow-methods: *
cf-cache-status: DYNAMIC
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S%2BkPu5J9rKOsCfnRevnd6Q3y%2BLHg2XxZNYdmvgEhateF%2FAVZsYQPmJot67GYtwwsxgqvZLOUvwfQNzzrOcw1hl8uI7U3uOwzfANhOKPvBZznqlOxRBnfwqXGEX6S32KYWBnUJJvjgg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82ff9f7fea0a48b8-LHR
alt-svc: h3=":443"; ma=86400
cdn.sanity.io/images/w9lc5y04/production/4f612c5ca330cd1e053e14e97f673f57d71585ee-232x417.jpg?q=75&auto=format
200 OK 7.6 kB URL GET HTTP/3 cdn.sanity.io/images/w9lc5y04/production/4f612c5ca330cd1e053e14e97f673f57d71585ee-232x417.jpg?q=75&auto=format
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerSectigo Limited
Subject*.sanity.io
FingerprintFB:EF:74:F7:DD:DD:15:CD:83:CC:0E:50:DC:6F:81:65:7C:A3:1C:46
ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 232x417, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c9f26795549bf8af72875fe471fa8fe9
b4ad8101ecb43324eab838a8ee57d83c2893f6fc
74d8793a6b00ac9cf362442f519d523b1e4fd68ce833ae729fef42266ecffb00
GET /images/w9lc5y04/production/4f612c5ca330cd1e053e14e97f673f57d71585ee-232x417.jpg?q=75&auto=format HTTP/1.1
Host: cdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-length: 7620
x-b3-traceid: 9387fe74c8dc45d2ee9021579d1b4e8d
x-b3-parentspanid: d208ce69fc61aa86
x-b3-spanid: 95fad443132014a1
x-b3-sampled: 0
x-sanity-asset-storage: gcs-default
content-security-policy: script-src 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
xkey: project-w9lc5y04-production
vha6-origin: image-varnish-ssd-7
x-varnish-age: 4424
accept-ranges: bytes
via: 1.1 google
date: Thu, 16 Nov 2023 06:24:12 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
last-modified: Wed, 01 Feb 2023 15:02:11 GMT
content-type: image/webp
vary: origin, accept
age: 1530642
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.googletagmanager.com/gtm.js?id=GTM-PCVT5ZK
200 OK 256 kB URL GET HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-PCVT5ZK
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
Size 256 kB (255673 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /gtm.js?id=GTM-PCVT5ZK HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 03 Dec 2023 23:34:52 GMT
expires: Sun, 03 Dec 2023 23:34:52 GMT
cache-control: private, max-age=900
last-modified: Sun, 03 Dec 2023 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 84899
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.ibet.com/favicon.ico
200 OK 104 kB IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerAmazon
Subjectibet.com
Fingerprint3B:AD:BE:27:EB:34:85:82:2F:7E:9B:BC:BE:33:AE:64:4D:23:C0:85
ValidityTue, 14 Mar 2023 00:00:00 GMT - Thu, 11 Apr 2024 23:59:59 GMT
File type MS Windows icon resource - 6 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Size 104 kB (103505 bytes)
Hash c4ec29ec7a9b51ab3672ad4235022800
3b38d99e09a5935441eeb46a7ff6325ff253a243
852384ec427a20845c6be9329635438d03e9ce66712989c2b03a653b8c0169a3
GET /favicon.ico HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/vnd.microsoft.icon
content-length: 103505
last-modified: Wed, 29 Nov 2023 06:40:01 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Sun, 03 Dec 2023 06:50:04 GMT
etag: "c4ec29ec7a9b51ab3672ad4235022800"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 648da69bb4c2221c403be08a06311d98.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: vxbQ1mn8pejzjdeg7wdqVWTlYSL_1I2v52A4TqXFKy-0XveAKCbwoQ==
age: 61474
cache-control: public, max-age=63072000
X-Firefox-Spdy: h2
cdn.sanity.io/images/w9lc5y04/production/bd32d68779623aaecf1cb9a8583495a600a1e068-2171x685.svg
200 OK 1.2 kB URL GET HTTP/2 cdn.sanity.io/images/w9lc5y04/production/bd32d68779623aaecf1cb9a8583495a600a1e068-2171x685.svg
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerSectigo Limited
Subject*.sanity.io
FingerprintFB:EF:74:F7:DD:DD:15:CD:83:CC:0E:50:DC:6F:81:65:7C:A3:1C:46
ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1181), with no line terminators
Hash 1f568dd747fc5500f68471cc0b439519
b1ba0bd99f125de1b6b33cb9bf7fe1ccdcda971b
7f7de9fcfac5511fe90c5ca04e430a594bfce50460dd7a9b785059f3b2eb1362
GET /images/w9lc5y04/production/bd32d68779623aaecf1cb9a8583495a600a1e068-2171x685.svg HTTP/1.1
Host: cdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-b3-traceid: adee47bc5002fde9306b1b6a81d0eea9
x-b3-parentspanid: a4a664886a37521d
x-b3-spanid: ff6f4da812ed841a
x-b3-sampled: 0
x-sanity-asset-storage: gcs-default
content-security-policy: script-src 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
xkey: project-w9lc5y04-production
content-encoding: br
x-varnish-age: 24775
accept-ranges: bytes
content-length: 616
via: 1.1 google
date: Thu, 16 Nov 2023 15:29:25 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
age: 1497928
last-modified: Fri, 21 Apr 2023 11:18:09 GMT
content-type: image/svg+xml
vary: origin, accept-encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.sanity.io/images/w9lc5y04/production/20e75c6219b2b793a5fb10c7cca9ab3d1f8b9f82-232x417.jpg?q=75&auto=format
200 OK 7.9 kB URL GET HTTP/3 cdn.sanity.io/images/w9lc5y04/production/20e75c6219b2b793a5fb10c7cca9ab3d1f8b9f82-232x417.jpg?q=75&auto=format
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerSectigo Limited
Subject*.sanity.io
FingerprintFB:EF:74:F7:DD:DD:15:CD:83:CC:0E:50:DC:6F:81:65:7C:A3:1C:46
ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 232x417, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f579cf3502f2e9497c4da2e1eb6bd7ac
9aaaf07bf8af7159dd984b74e74644eea315c3cf
74269b46cef36011f6f90c6da460ade0ac22692a96e15ac1ed047bbd2a5c4d2e
GET /images/w9lc5y04/production/20e75c6219b2b793a5fb10c7cca9ab3d1f8b9f82-232x417.jpg?q=75&auto=format HTTP/1.1
Host: cdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-length: 7886
x-b3-traceid: f2f86f3048ec0068ccf9b0c8c4811a11
x-b3-parentspanid: b8aeab71a13775ed
x-b3-spanid: d8d1b0a15970e7a6
x-b3-sampled: 0
x-sanity-asset-storage: gcs-default
content-security-policy: script-src 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
xkey: project-w9lc5y04-production
x-varnish-age: 11463
accept-ranges: bytes
via: 1.1 google
date: Mon, 27 Nov 2023 07:51:45 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
last-modified: Wed, 01 Feb 2023 15:03:54 GMT
content-type: image/webp
vary: origin, accept
age: 574989
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.ibet.com/assets/index-30e5ec17.js
200 OK 3.5 MB URL GET HTTP/2 www.ibet.com/assets/index-30e5ec17.js
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerAmazon
Subjectibet.com
Fingerprint3B:AD:BE:27:EB:34:85:82:2F:7E:9B:BC:BE:33:AE:64:4D:23:C0:85
ValidityTue, 14 Mar 2023 00:00:00 GMT - Thu, 11 Apr 2024 23:59:59 GMT
Size 3.5 MB (3546930 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /assets/index-30e5ec17.js HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 29 Nov 2023 06:40:01 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Sun, 03 Dec 2023 09:23:22 GMT
etag: W/"97abb87b50a813947774d558cd9ba8d9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 648da69bb4c2221c403be08a06311d98.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: aS9jY33v8kOc_MiZXUdadCWIZEw4I3VMRPRt5RxQb_EXGF1e6gCvjQ==
age: 60835
cache-control: public, max-age=63072000
X-Firefox-Spdy: h2
www.ibet.com/assets/index-5b3acf19.js
200 OK 206 B URL GET HTTP/2 www.ibet.com/assets/index-5b3acf19.js
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerAmazon
Subjectibet.com
Fingerprint3B:AD:BE:27:EB:34:85:82:2F:7E:9B:BC:BE:33:AE:64:4D:23:C0:85
ValidityTue, 14 Mar 2023 00:00:00 GMT - Thu, 11 Apr 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 23ea67ec3f552af3e84e1e5d3a700ace
8351e7ea34be5b4c9717d2205a40d9388ea816ba
13832c891f5c3cacfdc4cb75c941091611a9b2069ea4601aefd358d700c564d8
GET /assets/index-5b3acf19.js HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/assets/index-30e5ec17.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
content-length: 206
last-modified: Wed, 29 Nov 2023 06:40:01 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Sun, 03 Dec 2023 06:48:55 GMT
etag: "3ebca8f8aa753858a99343b5ddb5be95"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 648da69bb4c2221c403be08a06311d98.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: p7k6NaxIMtUmGBjIfqSK9Nfm172_LIaW1SSVZPmZExh5Wo-4utofwA==
age: 60827
cache-control: public, max-age=63072000
X-Firefox-Spdy: h2
www.ibet.com/assets/selectors-76504d5e.js
200 OK 2.3 kB URL GET HTTP/2 www.ibet.com/assets/selectors-76504d5e.js
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerAmazon
Subjectibet.com
Fingerprint3B:AD:BE:27:EB:34:85:82:2F:7E:9B:BC:BE:33:AE:64:4D:23:C0:85
ValidityTue, 14 Mar 2023 00:00:00 GMT - Thu, 11 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (2362), with no line terminators
Hash 68d1e8b1e3679d00e311786ef4300dec
e96cec5891c6db720e8e599112d21837e22afeeb
421d139a354f9f4d5309e80efd3fb5d4c48ad03985a5ec24f44deb92df60b254
GET /assets/selectors-76504d5e.js HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/assets/AppRoutes-8f87b6d0.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 29 Nov 2023 06:40:01 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
date: Sun, 03 Dec 2023 06:48:55 GMT
etag: W/"df16151a49591129f61ebdd1666da64f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 648da69bb4c2221c403be08a06311d98.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: LIICSFgkeNUAQo3qznwEQfry_ohk7Dzd6xIYb-Qwxvm9KM6iZdnQfQ==
age: 60827
cache-control: public, max-age=63072000
X-Firefox-Spdy: h2
www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
200 OK 2.5 kB URL User Request GET HTTP/2 www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
IP
Certificate IssuerAmazon
Subjectibet.com
Fingerprint3B:AD:BE:27:EB:34:85:82:2F:7E:9B:BC:BE:33:AE:64:4D:23:C0:85
ValidityTue, 14 Mar 2023 00:00:00 GMT - Thu, 11 Apr 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2665), with no line terminators
Hash fe7293d1c2a792ad3f94b7af7481f579
bb4f07cbea43216cd5dbe2e4d39c73a2a3e25e7c
6781e61b6251f4a50e980fad58cf50a42399ea496b79602247be3c7c94ab30c5
GET /no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
last-modified: Wed, 29 Nov 2023 06:40:01 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
date: Sun, 03 Dec 2023 06:42:28 GMT
etag: W/"0ff7a150dc0f4230cbbced01a82724d7"
vary: Accept-Encoding
x-cache: Error from cloudfront
via: 1.1 648da69bb4c2221c403be08a06311d98.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: 9GsqmqE3OyWaM590QFXGWSzYtjOB42WauvAKdTH5dShqoZ5I9Rplbw==
age: 78339
cache-control: public, max-age=63072000
X-Firefox-Spdy: h2
cdn.sanity.io/images/w9lc5y04/production/48143d56f72bfb3b239af1e9cb1cbaeaebd8e116-232x417.jpg?q=75&auto=format
200 OK 7.8 kB URL GET HTTP/3 cdn.sanity.io/images/w9lc5y04/production/48143d56f72bfb3b239af1e9cb1cbaeaebd8e116-232x417.jpg?q=75&auto=format
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerSectigo Limited
Subject*.sanity.io
FingerprintFB:EF:74:F7:DD:DD:15:CD:83:CC:0E:50:DC:6F:81:65:7C:A3:1C:46
ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 232x417, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 96ea069bedc202148bb6472a0fd51c31
d58b25d90fe2cc4f78be3b8b8c9b04f2a4030b14
121b8ec220ae222f0c69fac7114a308d40d381dc92f1631dfd4e12605b6b3345
GET /images/w9lc5y04/production/48143d56f72bfb3b239af1e9cb1cbaeaebd8e116-232x417.jpg?q=75&auto=format HTTP/1.1
Host: cdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-length: 7758
x-b3-traceid: 01c1f09d3ea171aa9075d530252910da
x-b3-parentspanid: d986b63dda52dce7
x-b3-spanid: 29c69d983b0f2f35
x-b3-sampled: 0
x-sanity-asset-storage: gcs-default
content-security-policy: script-src 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
xkey: project-w9lc5y04-production
x-varnish-age: 0
accept-ranges: bytes
via: 1.1 google
date: Fri, 24 Nov 2023 18:09:06 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
last-modified: Wed, 01 Feb 2023 15:04:39 GMT
content-type: image/webp
vary: origin, accept
age: 797148
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.google.com/recaptcha/api2/anchor?ar=1&k=6Lez22YkAAAAAN9nQzcmAGTdF-scvWXe7SQRP5t2&co=aHR0cHM6Ly93d3cuaWJldC5jb206NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=c2coqpl3gdy6
200 OK 62 kB URL GET HTTP/3 www.google.com/recaptcha/api2/anchor?ar=1&k=6Lez22YkAAAAAN9nQzcmAGTdF-scvWXe7SQRP5t2&co=aHR0cHM6Ly93d3cuaWJldC5jb206NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=c2coqpl3gdy6
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (53937)
Hash e038e5b8331cca92f0f93ca3abcf57a0
9c412b6f909fb745c61f692a33b2287a03423a8b
9a364203e9d84d708c4119b34cc517b67024a40a8a0a2e85012d8046f1cfec07
GET /recaptcha/api2/anchor?ar=1&k=6Lez22YkAAAAAN9nQzcmAGTdF-scvWXe7SQRP5t2&co=aHR0cHM6Ly93d3cuaWJldC5jb206NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=c2coqpl3gdy6 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 03 Dec 2023 23:34:51 GMT
content-security-policy: script-src 'nonce-pghVJJYAZO4CtfKvLkvq0w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.ibet.com/assets/selectors-76504d5e.js
200 OK 2.3 kB URL GET HTTP/2 www.ibet.com/assets/selectors-76504d5e.js
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerAmazon
Subjectibet.com
Fingerprint3B:AD:BE:27:EB:34:85:82:2F:7E:9B:BC:BE:33:AE:64:4D:23:C0:85
ValidityTue, 14 Mar 2023 00:00:00 GMT - Thu, 11 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (2362), with no line terminators
Hash 68d1e8b1e3679d00e311786ef4300dec
e96cec5891c6db720e8e599112d21837e22afeeb
421d139a354f9f4d5309e80efd3fb5d4c48ad03985a5ec24f44deb92df60b254
GET /assets/selectors-76504d5e.js HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 29 Nov 2023 06:40:01 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
date: Sun, 03 Dec 2023 06:48:55 GMT
etag: W/"df16151a49591129f61ebdd1666da64f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 648da69bb4c2221c403be08a06311d98.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: Eh4MEPggohc8Ox8Hh34J3RlaMSrXlr2zpgu7gdInTRjmYdfeMt6Wmw==
age: 60827
cache-control: public, max-age=63072000
X-Firefox-Spdy: h2
www.ibet.com/assets/HorizontalMenuScrollable-a86439a6.js
200 OK 1.8 kB URL GET HTTP/2 www.ibet.com/assets/HorizontalMenuScrollable-a86439a6.js
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerAmazon
Subjectibet.com
Fingerprint3B:AD:BE:27:EB:34:85:82:2F:7E:9B:BC:BE:33:AE:64:4D:23:C0:85
ValidityTue, 14 Mar 2023 00:00:00 GMT - Thu, 11 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (1836), with no line terminators
Hash 8ce2a56461886d22524889fdb6cd73af
ed41eee59f2dee91105d53342ecbab361a199345
f9a494bd5ca3d440aeded9048f693ad4974b6a51971150c448f60b33f0136883
GET /assets/HorizontalMenuScrollable-a86439a6.js HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 29 Nov 2023 06:40:00 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
date: Sun, 03 Dec 2023 06:47:50 GMT
etag: W/"af4d72cd148b69f003cce28c74c09ed2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 648da69bb4c2221c403be08a06311d98.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: rYaastQYIEiA6aScJ9mFUA_Aov3VsoxRWNqn1bejaBiGHBFGw3Kg9A==
age: 60827
cache-control: public, max-age=63072000
X-Firefox-Spdy: h2
www.ibet.com/fonts/OpenSans-Regular.ttf
200 OK 97 kB URL GET HTTP/2 www.ibet.com/fonts/OpenSans-Regular.ttf
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerAmazon
Subjectibet.com
Fingerprint3B:AD:BE:27:EB:34:85:82:2F:7E:9B:BC:BE:33:AE:64:4D:23:C0:85
ValidityTue, 14 Mar 2023 00:00:00 GMT - Thu, 11 Apr 2024 23:59:59 GMT
File type TrueType Font data, 17 tables, 1st "GDEF", 13 names, Microsoft, language 0x409, Digitized data copyright \251 2010-2011, Google Corporation.Open SansRegular1.10;1ASC;OpenSans-R\012- data
Hash 3ed9575dcc488c3e3a5bd66620bdf5a4
babe8dce93a3e48b6c3c79720a0c048e88dd1fe7
037236ed4bf58a85f67074c165d308260fd6be01c86d7df4e79ea16eb273f8c5
GET /fonts/OpenSans-Regular.ttf HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: font/ttf
last-modified: Wed, 29 Nov 2023 06:40:01 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Sun, 03 Dec 2023 09:23:22 GMT
etag: W/"3ed9575dcc488c3e3a5bd66620bdf5a4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 648da69bb4c2221c403be08a06311d98.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: PFVd0sRP_G4_q7ySB-lHOqFlG9xM6mkOxw_33SlU84738T_siqMSMw==
age: 60819
cache-control: public, max-age=63072000
X-Firefox-Spdy: h2
cdn.sanity.io/images/w9lc5y04/production/8413cb70c8b56008511a52973f3da6d25fed6790-360x648.jpg?q=75&auto=format
200 OK 34 kB URL GET HTTP/3 cdn.sanity.io/images/w9lc5y04/production/8413cb70c8b56008511a52973f3da6d25fed6790-360x648.jpg?q=75&auto=format
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerSectigo Limited
Subject*.sanity.io
FingerprintFB:EF:74:F7:DD:DD:15:CD:83:CC:0E:50:DC:6F:81:65:7C:A3:1C:46
ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 360x648, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b0bce308f26b15d537a6186acf2653d8
f0eebf35cb4da8b7b4839d9869351973b472886e
c2693e6baa84311b529c31542c10940323b9fbfab6e7d9cf8c8ee4bdd453ab7b
GET /images/w9lc5y04/production/8413cb70c8b56008511a52973f3da6d25fed6790-360x648.jpg?q=75&auto=format HTTP/1.1
Host: cdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-length: 33624
x-b3-traceid: 661eaf1dfd0c8bb3c4f70951b4c4a857
x-b3-parentspanid: 20dab4f54c927fe3
x-b3-spanid: e8132cf17609d65e
x-b3-sampled: 0
x-sanity-asset-storage: gcs-default
content-security-policy: script-src 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
xkey: project-w9lc5y04-production
vha6-origin: image-varnish-ssd-5
x-varnish-age: 2509
accept-ranges: bytes
via: 1.1 google
date: Thu, 16 Nov 2023 06:56:07 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
last-modified: Tue, 17 Jan 2023 11:50:22 GMT
content-type: image/webp
vary: origin, accept
age: 1528727
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lez22YkAAAAAN9nQzcmAGTdF-scvWXe7SQRP5t2&co=aHR0cHM6Ly93d3cuaWJldC5jb206NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=c2coqpl3gdy6
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 11:28:20 GMT
expires: Fri, 29 Nov 2024 11:28:20 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
age: 302792
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
api.fouanalytics.com/api/x
200 OK 0 B URL POST HTTP/3 api.fouanalytics.com/api/x
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerLet's Encrypt
Subjectfouanalytics.com
Fingerprint6A:6F:F4:F8:96:F5:AF:BD:04:DA:3B:26:07:70:F4:17:1F:A7:43:82
ValidityTue, 07 Nov 2023 01:56:38 GMT - Mon, 05 Feb 2024 01:56:37 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/x HTTP/1.1
Host: api.fouanalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 117
Origin: https://www.ibet.com
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/3 200 OK
date: Sun, 03 Dec 2023 23:34:55 GMT
access-control-allow-origin: *
access-control-allow-methods: *
cf-cache-status: DYNAMIC
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bJBohKwaS7lVhvA9g94NiBxOMFc5%2F%2BIrujSR9YtIPi3K%2BnCWOeK6ksWbPisHtxkmeu8M8cOHh12uO8cu7ZGJzCZBfx%2BmBAEOGP9mOyVpdaYyLtkjFZbJpi4Srbb%2FjEVTQk851h2qHg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82ff9f80eabe48b8-LHR
alt-svc: h3=":443"; ma=86400
www.ibet.com/assets/trophy-e7de9f84.js
200 OK 6.1 kB URL GET HTTP/2 www.ibet.com/assets/trophy-e7de9f84.js
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerAmazon
Subjectibet.com
Fingerprint3B:AD:BE:27:EB:34:85:82:2F:7E:9B:BC:BE:33:AE:64:4D:23:C0:85
ValidityTue, 14 Mar 2023 00:00:00 GMT - Thu, 11 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (6215), with no line terminators
Hash ae99f9fa1df44b0449cb1ace090b47a0
8788cd0c85bcd5eff7ac155f34b6d65d358b0a03
77294e86673f5d3f192d1d22de336a2105dd547a66ffdccb5f93b147be85da2d
GET /assets/trophy-e7de9f84.js HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 29 Nov 2023 06:40:01 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Sun, 03 Dec 2023 09:23:24 GMT
etag: W/"66e9ad54c318466c6eb0130b0867afd7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 648da69bb4c2221c403be08a06311d98.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: A-t8Qa6Veei6PKJnWWicCT4WYapCN6cy9iqODZ47v5SPg0mwuFM8DA==
age: 60135
cache-control: public, max-age=63072000
X-Firefox-Spdy: h2
mpsnare.iesnare.com/star
101 Switching Protocols 0 B IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerDigiCert Inc
Subjectmpsnare.iesnare.com
Fingerprint76:12:1D:E6:DA:A3:5F:1E:E7:FC:3D:15:6F:B5:5D:0A:2E:F1:A2:D5
ValidityMon, 01 May 2023 00:00:00 GMT - Wed, 29 May 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /star HTTP/1.1
Host: mpsnare.iesnare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://www.ibet.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: peg/0XI9unmV4x2+pGyD+A==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Server: nginx
Date: Sun, 03 Dec 2023 23:34:53 GMT
Connection: upgrade
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Accept: Kqto5e6TPqyP2RxRE4A6UUXqQ10=
Upgrade: WebSocket
api.fouanalytics.com/api/init-2315cm3nkx3pemx84qeo.js
200 OK 318 B URL GET HTTP/2 api.fouanalytics.com/api/init-2315cm3nkx3pemx84qeo.js
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerLet's Encrypt
Subjectfouanalytics.com
Fingerprint6A:6F:F4:F8:96:F5:AF:BD:04:DA:3B:26:07:70:F4:17:1F:A7:43:82
ValidityTue, 07 Nov 2023 01:56:38 GMT - Mon, 05 Feb 2024 01:56:37 GMT
File type ASCII text, with very long lines (323), with no line terminators
Hash 798e6f7a6e8df022c188e7c8734a3606
1c06b33339915c093143a1a881722ef682bd4638
2f63a0ffc4334f8c01e9708eb2c0136d463db128c55902f1783b2e74aab92937
GET /api/init-2315cm3nkx3pemx84qeo.js HTTP/1.1
Host: api.fouanalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:34:53 GMT
content-type: text/javascript
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ISTl1Aw%2FLLmRvht7vz01oSOONPc0itniq2RWrW81sdtZZM9asfw8GLJG1Howd%2BMPIcmbJEDOCq4ecgksTPTxv24iNhVRqQtRi4MlT%2FFthBdxfgfcFHHqEJYnhvAF5YlIfKKYTEAbSg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82ff9f789c416407-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.ibet.com/favicon.ico
200 OK 104 kB IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerAmazon
Subjectibet.com
Fingerprint3B:AD:BE:27:EB:34:85:82:2F:7E:9B:BC:BE:33:AE:64:4D:23:C0:85
ValidityTue, 14 Mar 2023 00:00:00 GMT - Thu, 11 Apr 2024 23:59:59 GMT
File type MS Windows icon resource - 6 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Size 104 kB (103505 bytes)
Hash c4ec29ec7a9b51ab3672ad4235022800
3b38d99e09a5935441eeb46a7ff6325ff253a243
852384ec427a20845c6be9329635438d03e9ce66712989c2b03a653b8c0169a3
GET /favicon.ico HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/vnd.microsoft.icon
content-length: 103505
last-modified: Wed, 29 Nov 2023 06:40:01 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Sun, 03 Dec 2023 06:50:04 GMT
etag: "c4ec29ec7a9b51ab3672ad4235022800"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 648da69bb4c2221c403be08a06311d98.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: zNPkJYftEoAagQ4P_KCPs5Y0Iq_cC3X0DHfaZ2lOaGBBVgWlZmWwIw==
age: 61474
cache-control: public, max-age=63072000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 15 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lez22YkAAAAAN9nQzcmAGTdF-scvWXe7SQRP5t2&co=aHR0cHM6Ly93d3cuaWJldC5jb206NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=c2coqpl3gdy6
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 10:04:07 GMT
expires: Fri, 29 Nov 2024 10:04:07 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
age: 307845
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
a.sportradarserving.com/ul_cb/pixel?type=js&aid=1622&id=7046
200 OK 1.5 kB URL GET HTTP/1.1 a.sportradarserving.com/ul_cb/pixel?type=js&aid=1622&id=7046
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerEntrust, Inc.
Subject*.sportradarserving.com
FingerprintD0:C1:99:26:D2:AD:C7:6B:F2:AD:C4:44:44:70:7C:4F:D2:49:9B:C4
ValidityWed, 20 Sep 2023 07:44:29 GMT - Mon, 14 Oct 2024 07:44:28 GMT
File type ASCII text, with very long lines (1527), with no line terminators
Hash 6a92441270935afc853452712034c694
ba85f3887ffd469e28874987a80747afa07f4be7
0ea71a2de32ffe246e14d7807325e28de487fff7749682307a245372bc1987b9
GET /ul_cb/pixel?type=js&aid=1622&id=7046 HTTP/1.1
Host: a.sportradarserving.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ibet.com/
DNT: 1
Connection: keep-alive
Cookie: zuuid=9367313e-ab78-4d4c-9639-9e5fec3b348f; c=1701646494; zuuid_lu=1701646494
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/javascript; charset=UTF-8
Date: Sun, 03 Dec 2023 23:34:54 GMT
Set-Cookie: zuuid=9367313e-ab78-4d4c-9639-9e5fec3b348f; path=/; expires=Mon, 02-Dec-2024 23:34:54 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_lu=1701646494; path=/; expires=Mon, 02-Dec-2024 23:34:54 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_k=1; path=/; expires=Mon, 02-Dec-2024 23:34:54 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_k_lu=1701646494; path=/; expires=Mon, 02-Dec-2024 23:34:54 GMT; domain=sportradarserving.com; samesite=none; secure
cm2=!bidswitch,470975694; path=/; expires=Mon, 02-Dec-2024 23:34:54 GMT; domain=sportradarserving.com; samesite=none; secure
bss=!bidswitch,470903694; path=/; expires=Mon, 02-Dec-2024 23:34:54 GMT; domain=sportradarserving.com; samesite=none; secure
Content-Length: 1527
Connection: keep-alive
cdn.sanity.io/images/w9lc5y04/production/2a06561c7fda0de5e12139a31a92d03b36f53ca0-69x31.svg
200 OK 12 kB URL GET HTTP/2 cdn.sanity.io/images/w9lc5y04/production/2a06561c7fda0de5e12139a31a92d03b36f53ca0-69x31.svg
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerSectigo Limited
Subject*.sanity.io
FingerprintFB:EF:74:F7:DD:DD:15:CD:83:CC:0E:50:DC:6F:81:65:7C:A3:1C:46
ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (11605), with no line terminators
Hash c8d80689fe6dffdfde4a61fa5cf19888
691dbb0a87fd5161f36e3a535e725763646babd3
4dfe0ebf0e61cb69776fa54e74c27df9e6ad6a56e51fbe201988abbf43619d0c
GET /images/w9lc5y04/production/2a06561c7fda0de5e12139a31a92d03b36f53ca0-69x31.svg HTTP/1.1
Host: cdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-b3-traceid: cae099d388b2933de11ae94764bac18d
x-b3-parentspanid: c8c3853b0bcef1a5
x-b3-spanid: eaaaa96226dcc667
x-b3-sampled: 0
x-sanity-asset-storage: gcs-default
content-security-policy: script-src 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
xkey: project-w9lc5y04-production
content-encoding: br
x-varnish-age: 0
accept-ranges: bytes
via: 1.1 google
content-length: 4237
date: Thu, 16 Nov 2023 23:21:43 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
age: 1469590
last-modified: Fri, 21 Apr 2023 11:17:44 GMT
content-type: image/svg+xml
vary: origin, accept-encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.ibet.com/assets/desk-mobile-255eeaee.png
200 OK 501 kB URL GET HTTP/2 www.ibet.com/assets/desk-mobile-255eeaee.png
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerAmazon
Subjectibet.com
Fingerprint3B:AD:BE:27:EB:34:85:82:2F:7E:9B:BC:BE:33:AE:64:4D:23:C0:85
ValidityTue, 14 Mar 2023 00:00:00 GMT - Thu, 11 Apr 2024 23:59:59 GMT
File type PNG image data, 920 x 868, 8-bit/color RGBA, non-interlaced\012- data
Size 501 kB (500572 bytes)
Hash fd96eee35b390dfd08f545b75d939ac6
6921b711e1a4eb122f1c7805a6e1a51a96402330
255eeaeea7d72c03eb622eb824940135801f903f45f1dce5a206ead783ec2dd8
GET /assets/desk-mobile-255eeaee.png HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Cookie: _gcl_au=1.1.1324385100.1701646499; _ga_E0JKRGC2KE=GS1.1.1701646499.1.0.1701646499.0.0.0; _ga=GA1.1.292610295.1701646499
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/png
content-length: 500572
last-modified: Wed, 29 Nov 2023 06:40:01 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Sun, 03 Dec 2023 11:01:17 GMT
etag: "fd96eee35b390dfd08f545b75d939ac6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 648da69bb4c2221c403be08a06311d98.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: hAoY7H5LpjPXgglNLnyOQzcHRmwJbJCC_ZJa9OfDTqj44z9GD7Bb6A==
age: 45229
cache-control: public, max-age=63072000
X-Firefox-Spdy: h2
www.google.com/recaptcha/api.js?render=6Lez22YkAAAAAN9nQzcmAGTdF-scvWXe7SQRP5t2
200 OK 884 B URL GET HTTP/2 www.google.com/recaptcha/api.js?render=6Lez22YkAAAAAN9nQzcmAGTdF-scvWXe7SQRP5t2
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintB0:8E:97:10:7E:30:90:F6:42:A1:32:63:5C:78:27:D3:A8:F1:05:D1
ValidityMon, 23 Oct 2023 11:24:57 GMT - Mon, 15 Jan 2024 11:24:56 GMT
File type ASCII text, with very long lines (884), with no line terminators
Hash 3b171b3bc6278c3c11672cd31d0d7086
c3a88827be5e02a36ebae8f1aef2a7c55bc19471
bbd2b3b0875f93c1d42e7ed6b7da4f77a186b66525ad92fd435d33a5ce9952b6
GET /recaptcha/api.js?render=6Lez22YkAAAAAN9nQzcmAGTdF-scvWXe7SQRP5t2 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
expires: Sun, 03 Dec 2023 23:34:51 GMT
date: Sun, 03 Dec 2023 23:34:51 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
static.zdassets.com/web_widget/messenger/latest/web-widget-519-0345ad6.js
200 OK 25 kB URL GET HTTP/2 static.zdassets.com/web_widget/messenger/latest/web-widget-519-0345ad6.js
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerLet's Encrypt
Subjectzdassets.com
Fingerprint5F:75:10:F4:97:EA:C8:48:F9:4F:E6:19:19:A3:13:24:44:C1:E7:3C
ValidityMon, 23 Oct 2023 13:35:25 GMT - Sun, 21 Jan 2024 13:35:24 GMT
File type ASCII text, with very long lines (24781), with no line terminators
Hash 1c9884a2069c7bec6b20dac62004eb1b
78f9c5c20271d0ad2a0af29db9f5846b19b72334
5d0142e7dd8eee7b1776ce44b79a5aa7b292d3a509bae832fb438afb2534bbc7
GET /web_widget/messenger/latest/web-widget-519-0345ad6.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:34:51 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: tW4oGHXNWcmTGJrP2G7VhjwZAqImn9omdZnC+SKHpwfElnMetRRau0HK+nOmHVPYoxT6NkcBPGY=
x-amz-request-id: B489Y0EH0VREEAT1
x-amz-replication-status: COMPLETED
last-modified: Mon, 06 Nov 2023 00:52:49 GMT
etag: W/"1c9884a2069c7bec6b20dac62004eb1b"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Tue, 05 Nov 2024 00:52:48 GMT
x-amz-version-id: c3fTu.1VTXTnJfTpV257t3CmA_E19Whc
cf-cache-status: HIT
age: 835348
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iQv1HpXCZxjkHzD7nKdFE6RHic52zTjlJpNzVlLrgsNWBEE0%2FKlnlrd7VY07NcYrXRwXirXm7uUDPHRkYBGU1ySG0sWIpl9uSyC%2BLiGMdHzEaACXJv2rp1m7vd2mSqQjoWulztk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 82ff9f6d8b3e5690-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.zdassets.com/web_widget/messenger/latest/web-widget-9535-0345ad6.js
200 OK 16 kB URL GET HTTP/2 static.zdassets.com/web_widget/messenger/latest/web-widget-9535-0345ad6.js
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerLet's Encrypt
Subjectzdassets.com
Fingerprint5F:75:10:F4:97:EA:C8:48:F9:4F:E6:19:19:A3:13:24:44:C1:E7:3C
ValidityMon, 23 Oct 2023 13:35:25 GMT - Sun, 21 Jan 2024 13:35:24 GMT
File type ASCII text, with very long lines (15489), with no line terminators
Hash d46547a6c79c8800ac99ed5408528a12
f38c90e20285af9249a5f89179c5c315a3665774
0349bc9b3c076b695b88acbf7ef9f770cc1975608d83c51fde327c5e9df3e391
GET /web_widget/messenger/latest/web-widget-9535-0345ad6.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:34:51 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: 3gzpbjxrp0zMh5xDP5QRBSoLDVT/GHeUR7zZVpwqYZ9YIoJrJSGezD8waZfZRjlY5tT04SRbXds=
x-amz-request-id: Z0TNH7WR3WDJNY83
x-amz-replication-status: COMPLETED
last-modified: Mon, 06 Nov 2023 00:52:49 GMT
etag: W/"d46547a6c79c8800ac99ed5408528a12"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Tue, 05 Nov 2024 00:52:48 GMT
x-amz-version-id: Htn9g_potgdCgt0Ro1y4Ux_z.nUmgxGP
cf-cache-status: HIT
age: 581171
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FtH6sfXE1qRoZhvBBBgmcn1H5%2FrLRfTk4TiZGaxwMTjtcVVxwhYGAkrBUFGMYgiHc9ne4bSP4IjuPvwWb%2BqxmS%2F3upO623%2BKqiIV%2FzQdTTYZagEi2zD8fmpdBlCuskuRIsUxQXE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 82ff9f6d8b405690-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.ibet.com/assets/trophy-e7de9f84.js
200 OK 6.1 kB URL GET HTTP/2 www.ibet.com/assets/trophy-e7de9f84.js
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerAmazon
Subjectibet.com
Fingerprint3B:AD:BE:27:EB:34:85:82:2F:7E:9B:BC:BE:33:AE:64:4D:23:C0:85
ValidityTue, 14 Mar 2023 00:00:00 GMT - Thu, 11 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (6215), with no line terminators
Hash ae99f9fa1df44b0449cb1ace090b47a0
8788cd0c85bcd5eff7ac155f34b6d65d358b0a03
77294e86673f5d3f192d1d22de336a2105dd547a66ffdccb5f93b147be85da2d
GET /assets/trophy-e7de9f84.js HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/assets/MenuIcon-4d8a330c.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 29 Nov 2023 06:40:01 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Sun, 03 Dec 2023 09:23:24 GMT
etag: W/"66e9ad54c318466c6eb0130b0867afd7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 648da69bb4c2221c403be08a06311d98.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: CpFbmjGCdzmMe0uS_fO7cun8tKnGcVYWqJuGvAQN7XAOZOqPNbRD7A==
age: 60136
cache-control: public, max-age=63072000
X-Firefox-Spdy: h2
cdn.sanity.io/images/w9lc5y04/production/b9a5a10aa430e31f6f8247fbe82455e88cc72b1c-1708x884.jpg?q=75&auto=format
200 OK 188 kB URL GET HTTP/3 cdn.sanity.io/images/w9lc5y04/production/b9a5a10aa430e31f6f8247fbe82455e88cc72b1c-1708x884.jpg?q=75&auto=format
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerSectigo Limited
Subject*.sanity.io
FingerprintFB:EF:74:F7:DD:DD:15:CD:83:CC:0E:50:DC:6F:81:65:7C:A3:1C:46
ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1708x884, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 188 kB (188354 bytes)
Hash bbdf0cb2809780bde4e252c1c4993c74
571b5c7d21932fa259b2f8cb58f1bd0cd6885984
5af85fb7f8bc9e53a008e747eef2bb9eff07e2f0dddc0f059d8b602f120a7b2a
GET /images/w9lc5y04/production/b9a5a10aa430e31f6f8247fbe82455e88cc72b1c-1708x884.jpg?q=75&auto=format HTTP/1.1
Host: cdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-length: 188354
x-b3-traceid: ac8d9612f533a80a62f4e829789a767b
x-b3-parentspanid: d03e5abee8dfc70b
x-b3-spanid: 9f4b5dbc670400f4
x-b3-sampled: 0
x-sanity-asset-storage: gcs-default
content-security-policy: script-src 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
xkey: project-w9lc5y04-production
vha6-origin: image-varnish-ssd-8
x-varnish-age: 177
accept-ranges: bytes
via: 1.1 google
date: Thu, 30 Nov 2023 14:03:15 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
last-modified: Thu, 30 Nov 2023 14:01:13 GMT
content-type: image/webp
vary: origin, accept
age: 293498
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
w9lc5y04.apicdn.sanity.io/v1/data/query/production/?query=%0A%20%20%20%20*%5B_type%20%3D%3D%20%27staticPage%27%20%26%26%20pageCategory%20match%20%22contact-us%22%20%26%26%20!(%22NO%22%20in%20excludedMarkets%5B%5D-%3Eid)%5D%20%7C%20order(_createdAt%20asc)%7B...%2C%22onlyShowMarkets%22%3A%20onlyShowMarkets%5B%5D%20-%3E%20id%7D%20%0A%20%20
200 OK 245 B URL GET HTTP/2 w9lc5y04.apicdn.sanity.io/v1/data/query/production/?query=%0A%20%20%20%20*%5B_type%20%3D%3D%20%27staticPage%27%20%26%26%20pageCategory%20match%20%22contact-us%22%20%26%26%20!(%22NO%22%20in%20excludedMarkets%5B%5D-%3Eid)%5D%20%7C%20order(_createdAt%20asc)%7B...%2C%22onlyShowMarkets%22%3A%20onlyShowMarkets%5B%5D%20-%3E%20id%7D%20%0A%20%20
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerSectigo Limited
Subject*.apicdn.sanity.io
FingerprintA5:1C:16:FF:52:AD:72:FC:C8:DD:BF:3A:CC:96:55:F4:B5:CA:F5:49
ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash 3da9a94b8a7f3c9949b4d311bf2fd67b
287e70209f53c1469df4f4a43f9e2eddb892add7
ccf170e4b1b914a433bb253d8cf83546bc3791dee6933fb29977ff7c7c75721d
GET /v1/data/query/production/?query=%0A%20%20%20%20*%5B_type%20%3D%3D%20%27staticPage%27%20%26%26%20pageCategory%20match%20%22contact-us%22%20%26%26%20!(%22NO%22%20in%20excludedMarkets%5B%5D-%3Eid)%5D%20%7C%20order(_createdAt%20asc)%7B...%2C%22onlyShowMarkets%22%3A%20onlyShowMarkets%5B%5D%20-%3E%20id%7D%20%0A%20%20 HTTP/1.1
Host: w9lc5y04.apicdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ibet.com
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/json; charset=utf-8
date: Sun, 03 Dec 2023 22:43:38 GMT
server-timing: api;dur=9
x-sanity-shard: gcp-eu-w1-01-prod-1046
access-control-allow-origin: https://www.ibet.com
access-control-expose-headers: Content-Type, Content-Length, ETag, X-Sanity-Deprecated, X-Sanity-Warning
access-control-max-age: 600
strict-transport-security: max-age=63072000; includeSubDomains; preload
apicdn-cache-control: public, max-age=60, s-maxage=3600, stale-while-revalidate=60, stale-if-error=7200
content-encoding: br
x-sanity-age: 3073
cache-control: public, max-age=60, s-maxage=60, stale-while-revalidate=15, stale-if-error=7200
vary: accept-encoding, origin
accept-ranges: bytes
content-length: 160
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.sanity.io/images/w9lc5y04/production/47d2361c6114c0eaf9df6c55357e7311cf1a7c75-121x32.svg
200 OK 21 kB URL GET HTTP/3 cdn.sanity.io/images/w9lc5y04/production/47d2361c6114c0eaf9df6c55357e7311cf1a7c75-121x32.svg
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerSectigo Limited
Subject*.sanity.io
FingerprintFB:EF:74:F7:DD:DD:15:CD:83:CC:0E:50:DC:6F:81:65:7C:A3:1C:46
ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (20675), with no line terminators
Hash c2bad36208b2af176c248788eb1d2a52
1877750f2f0300bbd159ed584323eef0d4bee619
2972808786c4e9bb39fa2676fe3e3dfcdc64b38a29c6775bb08a22c7559cbbc7
GET /images/w9lc5y04/production/47d2361c6114c0eaf9df6c55357e7311cf1a7c75-121x32.svg HTTP/1.1
Host: cdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
x-b3-traceid: db40b95d0765a43e6edcc76a14b760aa
x-b3-parentspanid: e76a42d63ed118b4
x-b3-spanid: 845135790f4666f
x-b3-sampled: 0
x-sanity-asset-storage: gcs-default
content-security-policy: script-src 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
xkey: project-w9lc5y04-production
content-encoding: br
vha6-origin: image-varnish-ssd-2
x-varnish-age: 6763
accept-ranges: bytes
content-length: 7477
via: 1.1 google
date: Wed, 15 Nov 2023 20:03:12 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
last-modified: Fri, 21 Apr 2023 11:22:25 GMT
content-type: image/svg+xml
vary: origin, accept-encoding
age: 1567901
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.ibet.com/assets/helpers-349aca53.js
200 OK 2.5 kB URL GET HTTP/2 www.ibet.com/assets/helpers-349aca53.js
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerAmazon
Subjectibet.com
Fingerprint3B:AD:BE:27:EB:34:85:82:2F:7E:9B:BC:BE:33:AE:64:4D:23:C0:85
ValidityTue, 14 Mar 2023 00:00:00 GMT - Thu, 11 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (2602), with no line terminators
Hash d280bf4c3893fb60831b90eb7c05f08f
f7b62ba3c9477f78252733c98d93b35178448fd2
fe678fbb8f516b6ec6d3dc2ad1e2ce412372693d751b10b0257e6cb6725374da
GET /assets/helpers-349aca53.js HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/assets/index-fbfbf194.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 29 Nov 2023 06:40:01 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
date: Sun, 03 Dec 2023 06:47:50 GMT
etag: W/"d727097942f6e92259894070d27be5da"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 648da69bb4c2221c403be08a06311d98.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: OGK34MbVwtwyxQKZahx-F0Y31O1RxzsYoY-VdR-p47njov4yWITmnA==
age: 60827
cache-control: public, max-age=63072000
X-Firefox-Spdy: h2
cdn.sanity.io/images/w9lc5y04/production/6eaf3f7de1d528ed78b8688cefbec35445c8ff36-1645x431.png
200 OK 36 kB URL GET HTTP/3 cdn.sanity.io/images/w9lc5y04/production/6eaf3f7de1d528ed78b8688cefbec35445c8ff36-1645x431.png
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerSectigo Limited
Subject*.sanity.io
FingerprintFB:EF:74:F7:DD:DD:15:CD:83:CC:0E:50:DC:6F:81:65:7C:A3:1C:46
ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT
File type PNG image data, 1645 x 431, 8-bit/color RGBA, non-interlaced\012- data
Hash a57ec28bccc522d198b3598e4eb13e59
1d65ef967d8721e57f3b00dac541abea1f0b1abe
100cd0aece050389896c5c55e1e935e31769844a6041c58d8c172a3f29458ca1
GET /images/w9lc5y04/production/6eaf3f7de1d528ed78b8688cefbec35445c8ff36-1645x431.png HTTP/1.1
Host: cdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-length: 35674
x-b3-traceid: bdbf7a1c2c68e18e3499ae03cbb06c45
x-b3-parentspanid: 53417e40f8328a18
x-b3-spanid: b26c3616d4dfee1a
x-b3-sampled: 0
x-sanity-asset-storage: gcs-default
content-security-policy: script-src 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
xkey: project-w9lc5y04-production
x-varnish-age: 28615
accept-ranges: bytes
via: 1.1 google
date: Wed, 15 Nov 2023 13:57:33 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
last-modified: Fri, 15 Jul 2022 13:13:15 GMT
content-type: image/png
vary: origin
age: 1589840
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.ibet.com/assets/MenuIcon-4d8a330c.js
200 OK 48 kB URL GET HTTP/2 www.ibet.com/assets/MenuIcon-4d8a330c.js
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerAmazon
Subjectibet.com
Fingerprint3B:AD:BE:27:EB:34:85:82:2F:7E:9B:BC:BE:33:AE:64:4D:23:C0:85
ValidityTue, 14 Mar 2023 00:00:00 GMT - Thu, 11 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (47990)
Hash 7f5d09f8be0d4a9e01e7f0e66713936d
e3071c9c43e74aa102e8695cc33c8710efc4bee3
2b92c8c76ec66879f8922940ae74213317e948aa18f27d2e1ea65b78662ee033
GET /assets/MenuIcon-4d8a330c.js HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/assets/index-fbfbf194.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 29 Nov 2023 06:40:00 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
date: Sun, 03 Dec 2023 08:34:26 GMT
etag: W/"7f5d09f8be0d4a9e01e7f0e66713936d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 648da69bb4c2221c403be08a06311d98.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: EI-ZQ4O5JIutH9BmjmB9oZJWiTfnn7GOF6pU_l3EKb8EJKPbCy1fPw==
age: 54477
cache-control: public, max-age=63072000
X-Firefox-Spdy: h2
cdn.sanity.io/images/w9lc5y04/production/5b0415ee9746420c1df848a64335c58f3bbf480d-232x417.jpg?q=75&auto=format
200 OK 9.7 kB URL GET HTTP/3 cdn.sanity.io/images/w9lc5y04/production/5b0415ee9746420c1df848a64335c58f3bbf480d-232x417.jpg?q=75&auto=format
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerSectigo Limited
Subject*.sanity.io
FingerprintFB:EF:74:F7:DD:DD:15:CD:83:CC:0E:50:DC:6F:81:65:7C:A3:1C:46
ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 232x417, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 87f321c3a7e516a15aaeea9fc2164bf3
771a11437015be1a00bf2488860f1a5cc83a2d0c
4852c0344a7dac1442bc2892c1b7a84cf8d0ab6c65a1e8213b4699cbe7c3160f
GET /images/w9lc5y04/production/5b0415ee9746420c1df848a64335c58f3bbf480d-232x417.jpg?q=75&auto=format HTTP/1.1
Host: cdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-length: 9710
x-b3-traceid: eb8da703979e98ec0768bd3b5255034b
x-b3-parentspanid: 3ca38fbd532030b1
x-b3-spanid: 8b8e2955202b9d92
x-b3-sampled: 0
x-sanity-asset-storage: gcs-default
content-security-policy: script-src 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
xkey: project-w9lc5y04-production
x-varnish-age: 101650
accept-ranges: bytes
via: 1.1 google
date: Sun, 26 Nov 2023 06:46:45 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
last-modified: Wed, 01 Feb 2023 15:02:20 GMT
content-type: image/webp
vary: origin, accept
age: 665289
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
static.zdassets.com/ekr/snippet.js?key=a6120dcf-e9e8-4bb6-a19e-078213479153
200 OK 10 kB URL GET HTTP/2 static.zdassets.com/ekr/snippet.js?key=a6120dcf-e9e8-4bb6-a19e-078213479153
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerLet's Encrypt
Subjectzdassets.com
Fingerprint5F:75:10:F4:97:EA:C8:48:F9:4F:E6:19:19:A3:13:24:44:C1:E7:3C
ValidityMon, 23 Oct 2023 13:35:25 GMT - Sun, 21 Jan 2024 13:35:24 GMT
File type ASCII text, with very long lines (10187), with no line terminators
Hash 42d94c325a0b012e41f9c3907853625a
567dbe8e0b61115deb7c33947f706d4e51c3ab49
9f22f6e9d4852f8be0706b62fbd0eba20f6cb56171def5e387b2d95fcd07df01
GET /ekr/snippet.js?key=a6120dcf-e9e8-4bb6-a19e-078213479153 HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:34:51 GMT
content-type: application/javascript
x-amz-id-2: OdnBjVcC5xsQvyjtpPVBe21NpgZXl51NRJfLydbGvh5Gu9AdfuYJ4+/g1Hhtqo28e16NzYJZ+wk=
x-amz-request-id: SJN8N1JDMTD43WG0
x-amz-replication-status: COMPLETED
last-modified: Wed, 09 Aug 2023 01:01:02 GMT
etag: W/"42d94c325a0b012e41f9c3907853625a"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600, s-maxage=60
x-amz-version-id: hKEbdq289Xo7bHrM.yPFOdJ37r5nFwfe
cf-cache-status: HIT
age: 13
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oEIKnr2%2F8%2BLLDgeeOIiL1C85HZHwrxzuKHA6eCY0pGVWYOheXhuZNp77wurpCQCLERjLN657i9hIN6XdnyfeEeKN6iEpdDi2FuhJPM2rAhYgr3i6PQYPxp4ETZHlvuTySaGYoHg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 82ff9f6b585e5690-OSL
content-encoding: br
X-Firefox-Spdy: h2
record.ibetaffiliates.com/_1LOEjeN3o8q22a5QkwDt8GNd7ZgqdRLk/3/
301 Moved Permanently 2.5 kB URL User Request GET HTTP/2 record.ibetaffiliates.com/_1LOEjeN3o8q22a5QkwDt8GNd7ZgqdRLk/3/
IP
Certificate IssuerGoogle Trust Services LLC
Subjectrecord.ibetaffiliates.com
Fingerprint20:9C:01:BD:F3:33:41:C8:18:62:F8:9E:85:26:D1:98:D9:33:FB:4A
ValiditySat, 21 Oct 2023 17:41:44 GMT - Fri, 19 Jan 2024 17:41:43 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /_1LOEjeN3o8q22a5QkwDt8GNd7ZgqdRLk/3/ HTTP/1.1
Host: record.ibetaffiliates.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Sun, 03 Dec 2023 23:34:50 GMT
content-type: text/html; charset=utf-8
location: https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
cache-control: private, no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
set-cookie: VID1=KCxTPFgtI0RZLCM8YApgCg%3D%3D; expires=Tue, 03-Dec-2024 23:34:50 GMT; Max-Age=31622400; path=/; secure; HttpOnly; SameSite=None
ZBan=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk; expires=Tue, 03-Dec-2024 23:34:50 GMT; Max-Age=31622400; path=/; domain=.ibetaffiliates.com; secure; HttpOnly; SameSite=None
access-control-allow-origin: *
pragma: no-cache
x-powered-by: ZBan
cf-cache-status: BYPASS
vary: Accept-Encoding
server: cloudflare
cf-ray: 82ff9f64de195697-OSL
X-Firefox-Spdy: h2
cdn.sanity.io/images/w9lc5y04/production/d93aa39b80bc931a8aa2668467e2e6b734b7245a-750x708.jpg?q=75&auto=format
200 OK 74 kB URL GET HTTP/3 cdn.sanity.io/images/w9lc5y04/production/d93aa39b80bc931a8aa2668467e2e6b734b7245a-750x708.jpg?q=75&auto=format
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerSectigo Limited
Subject*.sanity.io
FingerprintFB:EF:74:F7:DD:DD:15:CD:83:CC:0E:50:DC:6F:81:65:7C:A3:1C:46
ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 750x708, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e3dccd50681b42485dacae509af0ebdb
698990551f13d9cc7fb34321e9a5a40c51cab47e
4337e926cd72b68e94298b5dc00f04cf7e3870698d55cae48d72ad61ef2f6c8e
GET /images/w9lc5y04/production/d93aa39b80bc931a8aa2668467e2e6b734b7245a-750x708.jpg?q=75&auto=format HTTP/1.1
Host: cdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-length: 74236
x-b3-traceid: 77060631af0e7ab62ba53b75c9ab922c
x-b3-parentspanid: e576b54e6c6cd81f
x-b3-spanid: 5cc9c6b9d2a5be97
x-b3-sampled: 0
x-sanity-asset-storage: gcs-default
content-security-policy: script-src 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
xkey: project-w9lc5y04-production
x-varnish-age: 0
accept-ranges: bytes
via: 1.1 google
date: Thu, 30 Nov 2023 15:33:00 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
age: 288113
last-modified: Thu, 30 Nov 2023 15:32:05 GMT
content-type: image/webp
vary: origin, accept
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.ibet.com/assets/MenuIcon-4d8a330c.js
200 OK 48 kB URL GET HTTP/2 www.ibet.com/assets/MenuIcon-4d8a330c.js
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerAmazon
Subjectibet.com
Fingerprint3B:AD:BE:27:EB:34:85:82:2F:7E:9B:BC:BE:33:AE:64:4D:23:C0:85
ValidityTue, 14 Mar 2023 00:00:00 GMT - Thu, 11 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (47990)
Hash 7f5d09f8be0d4a9e01e7f0e66713936d
e3071c9c43e74aa102e8695cc33c8710efc4bee3
2b92c8c76ec66879f8922940ae74213317e948aa18f27d2e1ea65b78662ee033
GET /assets/MenuIcon-4d8a330c.js HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 29 Nov 2023 06:40:00 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
date: Sun, 03 Dec 2023 08:34:26 GMT
etag: W/"7f5d09f8be0d4a9e01e7f0e66713936d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 648da69bb4c2221c403be08a06311d98.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: rCIQ7QKHB7JBRgNuTqyjgKq76yxzCyhkdVbAUh7kNETHuhTVtNd5fQ==
age: 54477
cache-control: public, max-age=63072000
X-Firefox-Spdy: h2
mpsnare.iesnare.com/star
101 Switching Protocols 0 B IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerDigiCert Inc
Subjectmpsnare.iesnare.com
Fingerprint76:12:1D:E6:DA:A3:5F:1E:E7:FC:3D:15:6F:B5:5D:0A:2E:F1:A2:D5
ValidityMon, 01 May 2023 00:00:00 GMT - Wed, 29 May 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /star HTTP/1.1
Host: mpsnare.iesnare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://www.ibet.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: yg6lXp8SDqYeZJxc8T95iA==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Server: nginx
Date: Sun, 03 Dec 2023 23:34:53 GMT
Connection: upgrade
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Accept: jIgdR8rK1HFKgtCZBATNhUmDMMo=
Upgrade: WebSocket
w9lc5y04.apicdn.sanity.io/v1/data/query/production/?query=%7B%20%20%20%20%0A%20%20%20%20%27languages%27%3A%20*%5B_type%20%3D%3D%20%22language%22%20%26%26%20%22NO%22%20in%20markets%5B%5D-%3Eid%5D%2C%0A%20%20%20%20%27markets%27%3A%20*%5B_type%20%3D%3D%20%22market%22%20%26%26%20!(_id%20in%20path(%27drafts.**%27))%5D%7Bid%7D%2C%0A%20%20%20%20%27texts%27%3A%20*%5B_type%20%3D%3D%20%22texts%22%20%26%26%20!(_id%20in%20path(%27drafts.**%27))%5D%7Bkey%2C%22value%22%3Ano%7D%2C%0A%20%20%7D
200 OK 164 kB URL GET HTTP/3 w9lc5y04.apicdn.sanity.io/v1/data/query/production/?query=%7B%20%20%20%20%0A%20%20%20%20%27languages%27%3A%20*%5B_type%20%3D%3D%20%22language%22%20%26%26%20%22NO%22%20in%20markets%5B%5D-%3Eid%5D%2C%0A%20%20%20%20%27markets%27%3A%20*%5B_type%20%3D%3D%20%22market%22%20%26%26%20!(_id%20in%20path(%27drafts.**%27))%5D%7Bid%7D%2C%0A%20%20%20%20%27texts%27%3A%20*%5B_type%20%3D%3D%20%22texts%22%20%26%26%20!(_id%20in%20path(%27drafts.**%27))%5D%7Bkey%2C%22value%22%3Ano%7D%2C%0A%20%20%7D
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerSectigo Limited
Subject*.apicdn.sanity.io
FingerprintA5:1C:16:FF:52:AD:72:FC:C8:DD:BF:3A:CC:96:55:F4:B5:CA:F5:49
ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT
Size 164 kB (164111 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v1/data/query/production/?query=%7B%20%20%20%20%0A%20%20%20%20%27languages%27%3A%20*%5B_type%20%3D%3D%20%22language%22%20%26%26%20%22NO%22%20in%20markets%5B%5D-%3Eid%5D%2C%0A%20%20%20%20%27markets%27%3A%20*%5B_type%20%3D%3D%20%22market%22%20%26%26%20!(_id%20in%20path(%27drafts.**%27))%5D%7Bid%7D%2C%0A%20%20%20%20%27texts%27%3A%20*%5B_type%20%3D%3D%20%22texts%22%20%26%26%20!(_id%20in%20path(%27drafts.**%27))%5D%7Bkey%2C%22value%22%3Ano%7D%2C%0A%20%20%7D HTTP/1.1
Host: w9lc5y04.apicdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ibet.com
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/json; charset=utf-8
date: Sun, 03 Dec 2023 22:36:50 GMT
server-timing: api;dur=1174
x-sanity-shard: gcp-eu-w1-01-prod-1046
access-control-allow-origin: https://www.ibet.com
access-control-expose-headers: Content-Type, Content-Length, ETag, X-Sanity-Deprecated, X-Sanity-Warning
access-control-max-age: 600
strict-transport-security: max-age=63072000; includeSubDomains; preload
apicdn-cache-control: public, max-age=60, s-maxage=3600, stale-while-revalidate=60, stale-if-error=7200
content-encoding: br
x-sanity-age: 3482
cache-control: public, max-age=60, s-maxage=60, stale-while-revalidate=15, stale-if-error=7200
vary: accept-encoding, origin
accept-ranges: bytes
content-length: 33571
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
w9lc5y04.apicdn.sanity.io/v1/data/query/production/?query=%0A%20%20%20%20*%5B_type%20%3D%3D%20%27regulationLogo%27%5D%20%7C%20order(_createdAt%20asc)%7BlogoName%2C%22image%22%3Alogo.asset-%3Eurl%2C%22url%22%3Aurl.current%7D%20%0A%20%20
200 OK 1.2 kB URL GET HTTP/2 w9lc5y04.apicdn.sanity.io/v1/data/query/production/?query=%0A%20%20%20%20*%5B_type%20%3D%3D%20%27regulationLogo%27%5D%20%7C%20order(_createdAt%20asc)%7BlogoName%2C%22image%22%3Alogo.asset-%3Eurl%2C%22url%22%3Aurl.current%7D%20%0A%20%20
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerSectigo Limited
Subject*.apicdn.sanity.io
FingerprintA5:1C:16:FF:52:AD:72:FC:C8:DD:BF:3A:CC:96:55:F4:B5:CA:F5:49
ValidityTue, 10 Oct 2023 00:00:00 GMT - Mon, 30 Sep 2024 23:59:59 GMT
File type troff or preprocessor input, ASCII text, with very long lines (1258), with no line terminators
Hash e335d74bfca363aaddb61f63669bb929
846d1502564ef304ce3454d5a162b5619cc97857
e59d72c4e9b2d19b85987a0862aa9e2873721578aedf2ebdce2afd7122ca892c
GET /v1/data/query/production/?query=%0A%20%20%20%20*%5B_type%20%3D%3D%20%27regulationLogo%27%5D%20%7C%20order(_createdAt%20asc)%7BlogoName%2C%22image%22%3Alogo.asset-%3Eurl%2C%22url%22%3Aurl.current%7D%20%0A%20%20 HTTP/1.1
Host: w9lc5y04.apicdn.sanity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ibet.com
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/json; charset=utf-8
date: Sun, 03 Dec 2023 23:19:28 GMT
server-timing: api;dur=36
x-sanity-shard: gcp-eu-w1-01-prod-1046
access-control-allow-origin: https://www.ibet.com
access-control-expose-headers: Content-Type, Content-Length, ETag, X-Sanity-Deprecated, X-Sanity-Warning
access-control-max-age: 600
strict-transport-security: max-age=63072000; includeSubDomains; preload
apicdn-cache-control: public, max-age=60, s-maxage=3600, stale-while-revalidate=60, stale-if-error=7200
content-encoding: br
x-sanity-age: 923
cache-control: public, max-age=60, s-maxage=60, stale-while-revalidate=15, stale-if-error=7200
vary: accept-encoding, origin
accept-ranges: bytes
content-length: 549
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.ibet.com/assets/HorizontalMenuScrollable-a86439a6.js
200 OK 1.8 kB URL GET HTTP/2 www.ibet.com/assets/HorizontalMenuScrollable-a86439a6.js
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerAmazon
Subjectibet.com
Fingerprint3B:AD:BE:27:EB:34:85:82:2F:7E:9B:BC:BE:33:AE:64:4D:23:C0:85
ValidityTue, 14 Mar 2023 00:00:00 GMT - Thu, 11 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (1836), with no line terminators
Hash 8ce2a56461886d22524889fdb6cd73af
ed41eee59f2dee91105d53342ecbab361a199345
f9a494bd5ca3d440aeded9048f693ad4974b6a51971150c448f60b33f0136883
GET /assets/HorizontalMenuScrollable-a86439a6.js HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/assets/index-fbfbf194.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 29 Nov 2023 06:40:00 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
date: Sun, 03 Dec 2023 06:47:50 GMT
etag: W/"af4d72cd148b69f003cce28c74c09ed2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 648da69bb4c2221c403be08a06311d98.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: HqrdbLy2DV5YB00wv4xLGaV8VFQ5W5r1MMBYuUo8ywWhXHbB8GSS1A==
age: 60827
cache-control: public, max-age=63072000
X-Firefox-Spdy: h2
static.zdassets.com/web_widget/messenger/latest/web-widget-5178-0345ad6.js
200 OK 24 kB URL GET HTTP/2 static.zdassets.com/web_widget/messenger/latest/web-widget-5178-0345ad6.js
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerLet's Encrypt
Subjectzdassets.com
Fingerprint5F:75:10:F4:97:EA:C8:48:F9:4F:E6:19:19:A3:13:24:44:C1:E7:3C
ValidityMon, 23 Oct 2023 13:35:25 GMT - Sun, 21 Jan 2024 13:35:24 GMT
File type ASCII text, with very long lines (24491), with no line terminators
Hash 11034f049f5eef05b26ed292ac59e1fc
c8e5c3d8aabcd34b7660fedebeb1ece66c5f6850
f5936ea748776aa9d35f5e748d18c78366ef81a770699ca8765457ba8717fd92
GET /web_widget/messenger/latest/web-widget-5178-0345ad6.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 03 Dec 2023 23:34:51 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: Jj5JStxWhYlfR+eKgiItTIEYuvnL7SUb9iZuTn3At0SRbZIxBx2x22m4PUWxdi3pcyuX1bEPqHA=
x-amz-request-id: 5NGEDWDDF7CRHGKQ
x-amz-replication-status: COMPLETED
last-modified: Mon, 06 Nov 2023 00:52:49 GMT
etag: W/"11034f049f5eef05b26ed292ac59e1fc"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Tue, 05 Nov 2024 00:52:48 GMT
x-amz-version-id: WUnw5FU0oRqazTz0z66hJW9BpnBWa3hS
cf-cache-status: HIT
age: 1027850
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BROb3Ipn6DoxPMQFGRm0zRR8jI4o3RLI8QpHv1kRZxFcTxtmkRoZ4Tg04LIt%2FMr1f4Hlc3HuEfAI8GsVqhxW8MzwDbvewfsfkYcWimTFSXAfAOKNFGZ0aLQCiscYMpgFEc3ocfs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 82ff9f6d8b3f5690-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.ibet.com/assets/helpers-349aca53.js
200 OK 2.5 kB URL GET HTTP/2 www.ibet.com/assets/helpers-349aca53.js
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerAmazon
Subjectibet.com
Fingerprint3B:AD:BE:27:EB:34:85:82:2F:7E:9B:BC:BE:33:AE:64:4D:23:C0:85
ValidityTue, 14 Mar 2023 00:00:00 GMT - Thu, 11 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (2602), with no line terminators
Hash d280bf4c3893fb60831b90eb7c05f08f
f7b62ba3c9477f78252733c98d93b35178448fd2
fe678fbb8f516b6ec6d3dc2ad1e2ce412372693d751b10b0257e6cb6725374da
GET /assets/helpers-349aca53.js HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 29 Nov 2023 06:40:01 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
date: Sun, 03 Dec 2023 06:47:50 GMT
etag: W/"d727097942f6e92259894070d27be5da"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 648da69bb4c2221c403be08a06311d98.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: sC01fsAbcI8ce4CQTaztVHxt7NVmPvDVYEigCzl16CD_WEZptKB1ug==
age: 60827
cache-control: public, max-age=63072000
X-Firefox-Spdy: h2
www.ibet.com/assets/index-30e5ec17.js
200 OK 3.5 MB URL GET HTTP/2 www.ibet.com/assets/index-30e5ec17.js
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerAmazon
Subjectibet.com
Fingerprint3B:AD:BE:27:EB:34:85:82:2F:7E:9B:BC:BE:33:AE:64:4D:23:C0:85
ValidityTue, 14 Mar 2023 00:00:00 GMT - Thu, 11 Apr 2024 23:59:59 GMT
Size 3.5 MB (3546930 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /assets/index-30e5ec17.js HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 29 Nov 2023 06:40:01 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Sun, 03 Dec 2023 09:23:22 GMT
etag: W/"97abb87b50a813947774d558cd9ba8d9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 648da69bb4c2221c403be08a06311d98.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: abbWdY0Z-PoTbR_8Y3nuAcvDkTdhzAjYxn_BNI_9VzvOfN2ZjjxB0Q==
age: 60837
cache-control: public, max-age=63072000
X-Firefox-Spdy: h2
www.ibet.com/fonts/OpenSans-Regular.ttf
200 OK 97 kB URL GET HTTP/2 www.ibet.com/fonts/OpenSans-Regular.ttf
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerAmazon
Subjectibet.com
Fingerprint3B:AD:BE:27:EB:34:85:82:2F:7E:9B:BC:BE:33:AE:64:4D:23:C0:85
ValidityTue, 14 Mar 2023 00:00:00 GMT - Thu, 11 Apr 2024 23:59:59 GMT
File type TrueType Font data, 17 tables, 1st "GDEF", 13 names, Microsoft, language 0x409, Digitized data copyright \251 2010-2011, Google Corporation.Open SansRegular1.10;1ASC;OpenSans-R\012- data
Hash 3ed9575dcc488c3e3a5bd66620bdf5a4
babe8dce93a3e48b6c3c79720a0c048e88dd1fe7
037236ed4bf58a85f67074c165d308260fd6be01c86d7df4e79ea16eb273f8c5
GET /fonts/OpenSans-Regular.ttf HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: font/ttf
last-modified: Wed, 29 Nov 2023 06:40:01 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Sun, 03 Dec 2023 09:23:22 GMT
etag: W/"3ed9575dcc488c3e3a5bd66620bdf5a4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 648da69bb4c2221c403be08a06311d98.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: 7Pb7kXuwuZ5dMIQQ9mSS-sPIm-jzeCEfXSaGC_GdYfsvH3_gkcy6vQ==
age: 60816
cache-control: public, max-age=63072000
X-Firefox-Spdy: h2
www.ibet.com/iojs/general5/mM0sp8Erj2GlCHJLX6SgFKsKcD68gIN_z1-m9vV_lm0/static_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
200 OK 41 kB URL GET HTTP/2 www.ibet.com/iojs/general5/mM0sp8Erj2GlCHJLX6SgFKsKcD68gIN_z1-m9vV_lm0/static_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
IP
Requested by https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Certificate IssuerAmazon
Subjectibet.com
Fingerprint3B:AD:BE:27:EB:34:85:82:2F:7E:9B:BC:BE:33:AE:64:4D:23:C0:85
ValidityTue, 14 Mar 2023 00:00:00 GMT - Thu, 11 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (761)
Hash 8960f94ea2082983640a8e5597fcc56a
23530ac15b77e791aac405224137fa728eb28561
7bdfd46cdac7d6e9a54b7e63d8c43cce2a82269cc72c3a2cb471eab955240a5b
GET /iojs/general5/mM0sp8Erj2GlCHJLX6SgFKsKcD68gIN_z1-m9vV_lm0/static_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false HTTP/1.1
Host: www.ibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ibet.com/no-NO/?aff=2Bh3JC9sqw_TcD4PyQvsz2Nd7ZgqdRLk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
date: Sun, 03 Dec 2023 23:34:52 GMT
last-modified: Tue, 06 May 2014 00:01:40 GMT
expires: Tue, 02 Jan 2024 23:34:52 GMT
cache-control: private
p3p: CP="NON DSP COR CURa"
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-WoW64, ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
vary: Accept-Encoding, User-Agent
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 648da69bb4c2221c403be08a06311d98.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: Ruf77wPhakcTCmwle4Q8V7cnR4lW3mwtyFA6Q1KHNPoHtTk1m8tlJQ==
X-Firefox-Spdy: h2
172.217.21.161
104.21.4.148
23.36.79.8
3.127.180.121
54.228.71.178
0.0.0.0