www.marsbet.com Open in urlscan Pro
3.33.233.73 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://track.cdncz.com/r.php?media_id=98&affiliate_id=657825&marketing_source_id=3783
Effective URL:
https://www.marsbet.com/en/?cmd=register&btag=657825_5BFB094503C7420781D5EB69A48E0EAC&utm_campaign=A657825
Submission: On October 14 via api (October 14th 2024, 5:05:24 am UTC) from LU — Scanned from US

Summary HTTP 162 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 34 IPs in 4 countries across 25 domains to perform 162 HTTP transactions. The main IP is 3.33.233.73, located in United States and belongs to AMAZON-02, US. The main domain is www.marsbet.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on June 7th 2024. Valid for: a year.

This is the only time www.marsbet.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.58.126.220 52.58.126.220	16509 (AMAZON-02) (AMAZON-02)
1	3.33.233.73 3.33.233.73	16509 (AMAZON-02) (AMAZON-02)
90	2600:9000:21d... 2600:9000:21dd:f400:e:b61d:a980:21	16509 (AMAZON-02) (AMAZON-02)
4	2607:f8b0:400... 2607:f8b0:400d:c0d::61	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:1e1b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3031::ac43:c6e3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	108.138.106.126 108.138.106.126	16509 (AMAZON-02) (AMAZON-02)
3	43.152.136.155 43.152.136.155	139341 (ACE-AS-AP...) (ACE-AS-AP ACE)
2	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
1	151.101.200.157 151.101.200.157	54113 (FASTLY) (FASTLY)
5	31.13.66.19 31.13.66.19	32934 (FACEBOOK) (FACEBOOK)
1	44.196.184.160 44.196.184.160	14618 (AMAZON-AES) (AMAZON-AES)
1 3	2607:f8b0:400... 2607:f8b0:400d:c04::65	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:400d:c0e::9d	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:400d:c0b::9d	15169 (GOOGLE) (GOOGLE)
1	142.251.163.155 142.251.163.155	15169 (GOOGLE) (GOOGLE)
1	172.66.0.227 172.66.0.227	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
1	2606:4700::68... 2606:4700::6812:1f1b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
2	18.164.96.90 18.164.96.90	16509 (AMAZON-02) (AMAZON-02)
1	172.253.115.104 172.253.115.104	15169 (GOOGLE) (GOOGLE)
8	2a03:2880:f10... 2a03:2880:f103:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
5	23.213.158.22 23.213.158.22	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2600:1408:c40... 2600:1408:c400:29::17da:da48	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	172.67.194.46 172.67.194.46	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	141.226.224.48 141.226.224.48	200478 (TABOOLA-AS) (TABOOLA-AS)
2	23.213.158.24 23.213.158.24	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	104.18.70.113 104.18.70.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:250... 2600:9000:2509:9600:0:68d8:d680:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4004:c09::8b	15169 (GOOGLE) (GOOGLE)
1	104.18.72.113 104.18.72.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.179.174 172.67.179.174	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	216.198.54.1 216.198.54.1	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
162	34

1 52.58.126.220 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-126-220.eu-central-1.compute.amazonaws.com

track.cdncz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.233.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: aeadf6b59c085bddd.awsglobalaccelerator.com

www.marsbet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

90 2600:9000:21dd:f400:e:b61d:a980:21 (United States)

ASN16509 (AMAZON-02, US)

d1hpetrtq93mp2.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:400d:c0d::61 (Morganton, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1e1b (United States)

ASN13335 (CLOUDFLARENET, US)

scripts.prdredir.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3031::ac43:c6e3 (United States)

ASN13335 (CLOUDFLARENET, US)

adjs.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.106.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-126.jfk50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 43.152.136.155 (Singapore)

ASN139341 (ACE-AS-AP ACE, SG)

s1.kwai.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.1.44 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.200.157 (San Francisco, United States)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 31.13.66.19 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-iad3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.196.184.160 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-196-184-160.compute-1.amazonaws.com

secure.afilio.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:400d:c04::65 (Morganton, United States) 1 redirects

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c0e::9d (Morganton, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:400d:c0b::9d (Morganton, United States)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.163.155 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f155.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.66.0.227 (United States)

ASN13335 (CLOUDFLARENET, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1f1b (United States)

ASN13335 (CLOUDFLARENET, US)

scripts.prdredir.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.44 (San Francisco, United States)

ASN54113 (FASTLY, US)

psb.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.164.96.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-90.jfk50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.115.104 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f104.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a03:2880:f103:181:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.213.158.22 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-213-158-22.deploy.static.akamaitechnologies.com

ads.mythad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1408:c400:29::17da:da48 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)

ads.mythad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.194.46 (United States)

ASN13335 (CLOUDFLARENET, US)

g.ppapss.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.213.158.24 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-213-158-24.deploy.static.akamaitechnologies.com

logsdk.kwai-pro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2509:9600:0:68d8:d680:93a1 (United States)

ASN16509 (AMAZON-02, US)

d2ps39elv3ruqi.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c09::8b (Washington, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)

ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.179.174 (United States)

ASN13335 (CLOUDFLARENET, US)

seal.cgcb.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.198.54.1 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

marsbet.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
92	cloudfront.net d1hpetrtq93mp2.cloudfront.net d2ps39elv3ruqi.cloudfront.net	6 MB
8	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	6 KB
7	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 2226 ekr.zdassets.com — Cisco Umbrella Rank: 2547	346 KB
7	mythad.com ads.mythad.com — Cisco Umbrella Rank: 27620	2 KB
7	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 862 psb.taboola.com — Cisco Umbrella Rank: 5951 trc.taboola.com — Cisco Umbrella Rank: 686 trc-events.taboola.com — Cisco Umbrella Rank: 2720	24 KB
5	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	82 KB
4	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 136 td.doubleclick.net — Cisco Umbrella Rank: 192 googleads.g.doubleclick.net — Cisco Umbrella Rank: 42	3 KB
4	google.com 1 redirects analytics.google.com — Cisco Umbrella Rank: 147 www.google.com — Cisco Umbrella Rank: 3	829 B
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	367 KB
3	kwai.net s1.kwai.net — Cisco Umbrella Rank: 25131	121 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 877 script.hotjar.com — Cisco Umbrella Rank: 1177	64 KB
2	kwai-pro.com logsdk.kwai-pro.com — Cisco Umbrella Rank: 25977	474 B
2	ppapss.org g.ppapss.org	1 KB
2	adjs.media adjs.media — Cisco Umbrella Rank: 240978	2 KB
2	prdredir.com scripts.prdredir.com — Cisco Umbrella Rank: 69774	717 B
1	zendesk.com marsbet.zendesk.com	1 KB
1	cgcb.info seal.cgcb.info — Cisco Umbrella Rank: 326448	3 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 34
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 962	724 B
1	t.co t.co — Cisco Umbrella Rank: 859	628 B
1	afilio.com.br secure.afilio.com.br — Cisco Umbrella Rank: 255722	493 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 960	15 KB
1	marsbet.com www.marsbet.com	3 KB
1	cdncz.com 1 redirects track.cdncz.com	161 B
0	hs-scripts.com Failed js-eu1.hs-scripts.com Failed
162	25

	Domain	Requested by
90	d1hpetrtq93mp2.cloudfront.net	www.marsbet.com d1hpetrtq93mp2.cloudfront.net
8	www.facebook.com	www.marsbet.com
7	ads.mythad.com	s1.kwai.net
6	static.zdassets.com	d1hpetrtq93mp2.cloudfront.net static.zdassets.com
5	connect.facebook.net	www.marsbet.com connect.facebook.net
4	trc-events.taboola.com	cdn.taboola.com
4	www.googletagmanager.com	www.marsbet.com www.googletagmanager.com
3	analytics.google.com	1 redirects www.googletagmanager.com
3	s1.kwai.net	www.marsbet.com s1.kwai.net
2	d2ps39elv3ruqi.cloudfront.net
2	logsdk.kwai-pro.com	s1.kwai.net
2	g.ppapss.org	d1hpetrtq93mp2.cloudfront.net
2	script.hotjar.com	static.hotjar.com script.hotjar.com
2	td.doubleclick.net	www.googletagmanager.com
2	adjs.media	www.marsbet.com adjs.media
2	scripts.prdredir.com	www.googletagmanager.com scripts.prdredir.com
1	marsbet.zendesk.com	static.zdassets.com
1	seal.cgcb.info
1	ekr.zdassets.com	static.zdassets.com
1	www.google-analytics.com
1	www.google.com	www.marsbet.com
1	trc.taboola.com	cdn.taboola.com
1	psb.taboola.com	cdn.taboola.com
1	analytics.twitter.com	www.marsbet.com
1	t.co	www.marsbet.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	secure.afilio.com.br	www.googletagmanager.com
1	static.ads-twitter.com	www.marsbet.com
1	cdn.taboola.com	www.marsbet.com
1	static.hotjar.com	www.marsbet.com
1	www.marsbet.com
1	track.cdncz.com	1 redirects
0	js-eu1.hs-scripts.com Failed	www.googletagmanager.com
162	34

This site contains links to these domains. Also see Links.

Domain
www.marsbet.tv
support.mars.bet
cert.gcb.cw
www.facebook.com
t.me
www.instagram.com
bit.ly
www.gamcare.org.uk
www.gambleaware.co.uk

Subject Issuer	Validity	Valid
*.marsbet.com Amazon RSA 2048 M02	`2024-06-07` - `2025-07-06`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh
*.google-analytics.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
prdredir.com WE1	`2024-08-22` - `2024-11-20`	3 months	crt.sh
adjs.media WE1	`2024-09-18` - `2024-12-17`	3 months	crt.sh
*.hotjar.com Amazon RSA 2048 M03	`2024-05-22` - `2025-06-20`	a year	crt.sh
*.kwai.net GlobalSign RSA OV SSL CA 2018	`2023-10-26` - `2024-11-26`	a year	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-30` - `2024-12-31`	5 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-25` - `2025-06-24`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-07-23` - `2024-10-21`	3 months	crt.sh
afilio.com.br Amazon RSA 2048 M03	`2024-05-17` - `2025-06-14`	a year	crt.sh
*.google.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
*.doubleclick.net WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
t.co E5	`2024-09-28` - `2024-12-27`	3 months	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-10-07` - `2025-10-06`	a year	crt.sh
*.mythad.com GlobalSign GCC R3 DV TLS CA 2020	`2023-10-23` - `2024-11-23`	a year	crt.sh
ppapss.org WE1	`2024-08-29` - `2024-11-27`	3 months	crt.sh
*.kwai-pro.com GlobalSign GCC R3 DV TLS CA 2020	`2024-07-30` - `2025-08-31`	a year	crt.sh
zdassets.com WE1	`2024-09-05` - `2024-12-04`	3 months	crt.sh
cgcb.info WE1	`2024-09-15` - `2024-12-14`	3 months	crt.sh
marsbet.zendesk.com Cloudflare Inc ECC CA-3	`2023-11-27` - `2024-11-26`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://www.marsbet.com/en/?cmd=register&btag=657825_5BFB094503C7420781D5EB69A48E0EAC&utm_campaign=A657825
Frame ID: A653895BCC79EC5DC6B50B6EB404CF5E
Requests: 157 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-7P5S2G6KVT&gacid=1177771967.1728882315&gtm=45je4a90v871160167z8832517177za200zb832517177&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101671035~101686685&z=159276018
Frame ID: 2843A4F2AD9D611497172D5E4402C297
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/16506137325?random=1728882315552&cv=11&fst=1728882315552&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4a90v9183086111z8832517177za200zb832517177&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.marsbet.com%2Fen%2F%3Fcmd%3Dregister%26btag%3D657825_5BFB094503C7420781D5EB69A48E0EAC%26utm_campaign%3DA657825&hn=www.googleadservices.com&frm=0&tiba=Marsbet&npa=0&pscdl=noapi&auid=835637696.1728882315&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 5F80C229FE842659AACB6A77AF02AF6C
Requests: 1 HTTP requests in this frame

Frame: https://scripts.prdredir.com/safeframe
Frame ID: AF5AF7F304BE09495587531588FDD7B5
Requests: 1 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-cbf609b.js
Frame ID: 726F3CC1BAB5453A9DEA7CBFD75AD8EA
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Marsbet - Online Casino & Sports Betting | Top Betting Site | Play & Earn Money

Page URL History Show full URLs

https://track.cdncz.com/r.php?media_id=98&affiliate_id=657825&marketing_source_id=3783 HTTP 302
https://www.marsbet.com/en/?cmd=register&btag=657825_5BFB094503C7420781D5EB69A48E0EAC&utm_campaign=A... Page URL

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Page Statistics

162
Requests

98 %
HTTPS

35 %
IPv6

25
Domains

34
Subdomains

34
IPs

4
Countries

8042 kB
Transfer

17170 kB
Size

27
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.marsbet.tv/

Search URL Search Domain Scan URL

URL: https://support.mars.bet/hc

Search URL Search Domain Scan URL

URL: https://cert.gcb.cw/certificate?id=ZXlKcGRpSTZJakprV1hGUk9WZDVXR1ZOYTJwak9IVllhUzgyYjFFOVBTSXNJblpoYkhWbElqb2libmhIZGpVMGNUbHFPU3RGTVU5M2FtcGtTRmRsUVQwOUlpd2liV0ZqSWpvaU1tUXpPV1ptWldJeU5ERTRZekUxT0dOaVpqVm1OemxpWVRWbFpqYzVNbVU0WTJRNU9XRTJZalEyT1RrMU0yVXpNREJpTlRReE16UTVPV1kwWlRneU9DSXNJblJoWnlJNklpSjk=

Search URL Search Domain Scan URL

URL: https://www.facebook.com/OfficialMarsbet
Title: Facebook

Search URL Search Domain Scan URL

URL: https://t.me/marsbetglobal
Title: telegram

Search URL Search Domain Scan URL

URL: https://www.instagram.com/officialmarsbet
Title: Instagram

Search URL Search Domain Scan URL

URL: https://bit.ly/3XZUeQ5

Search URL Search Domain Scan URL

URL: http://www.gamcare.org.uk/

Search URL Search Domain Scan URL

URL: http://www.gambleaware.co.uk/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://track.cdncz.com/r.php?media_id=98&affiliate_id=657825&marketing_source_id=3783 HTTP 302
https://www.marsbet.com/en/?cmd=register&btag=657825_5BFB094503C7420781D5EB69A48E0EAC&utm_campaign=A657825 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 75

https://analytics.google.com/g/collect?v=2&tid=G-7P5S2G6KVT&gtm=45je4a90v871160167z8832517177za200zb832517177&_p=1728882314315&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101671035~101686685&cid=1177771967.1728882315&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=3&sid=1728882315&sct=1&seg=0&dl=https%3A%2F%2Fwww.marsbet.com%2Fen%2F%3Fcmd%3Dregister%26btag%3D657825_5BFB094503C7420781D5EB69A48E0EAC%26utm_campaign%3DA657825&dt=Marsbet&en=signup_form_open&_c=1&_et=2805&tfd=5647 HTTP 302
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1177771967.1728882315&dbk=13558315951203548774&dma=0&en=signup_form_open&gtm=45je4a90v871160167z8832517177za200zb832517177&npa=0&tid=G-7P5S2G6KVT&dl=https%3A%2F%2Fwww.marsbet.com%3F

162 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.marsbet.com/en/
Redirect Chain

https://track.cdncz.com/r.php?media_id=98&affiliate_id=657825&marketing_source_id=3783
https://www.marsbet.com/en/?cmd=register&btag=657825_5BFB094503C7420781D5EB69A48E0EAC&utm_campaign=A657825

3 KB
3 KB

653ms
216ms

Document
text/html

3.33.233.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.marsbet.com/en/?cmd=register&btag=657825_5BFB094503C7420781D5EB69A48E0EAC&utm_campaign=A657825

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.33.233.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

aeadf6b59c085bddd.awsglobalaccelerator.com

Software

nginx /

Resource Hash

be447a5ca677b1ce2ef8c65ad089dbdc4bbc9205336d080291f9cc98cdfb38c6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://gameloader.marsbet.com https://sport.marsbet.com https://player.twitch.tv
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: no-cache
content-length: 2656
content-security-policy: frame-ancestors 'self' https://gameloader.marsbet.com https://sport.marsbet.com https://player.twitch.tv
content-type: text/html
date: Mon, 14 Oct 2024 05:05:14 GMT
etag: "665d8927-a60"
expires: Thu, 01 Jan 1970 00:00:01 GMT
last-modified: Mon, 03 Jun 2024 09:13:11 GMT
referrer-policy: strict-origin
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains;
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

content-type: text/html; charset=UTF-8
date: Mon, 14 Oct 2024 05:05:13 GMT
location: https://www.marsbet.com/en/?cmd=register&btag=657825_5BFB094503C7420781D5EB69A48E0EAC&utm_campaign=A657825
server: nginx

GET
H2 200 fonts.css
d1hpetrtq93mp2.cloudfront.net/web/assets/styles/ 3 MB
1 MB 541ms
145ms Stylesheet
text/css 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1hpetrtq93mp2.cloudfront.net/web/assets/styles/fonts.css

Requested by

Host: www.marsbet.com
URL: https://www.marsbet.com/en/?cmd=register&btag=657825_5BFB094503C7420781D5EB69A48E0EAC&utm_campaign=A657825

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

fc221926c5895cea6874e90ac28ca567566596ec5b99639064790f7bfc324096

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

content-encoding: gzip
etag: W/"d85b660c4acc8ab67655b06dae3f73de"
age: 23914568
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: z1PRGBA5q7jRUbY5RE4l3JSIgaNTejp1lvaqJmEF67gKD3b7tJ0-Lw==
date: Thu, 11 Jan 2024 10:09:06 GMT
content-type: text/css
last-modified: Sat, 11 Dec 2021 10:18:31 GMT
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3

GET
H2 200 2.2b3f1eb150247205674f.css
d1hpetrtq93mp2.cloudfront.net/web/scripts/marsbet.com/css/ 20 KB
3 KB 909ms
514ms Stylesheet
text/css 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1hpetrtq93mp2.cloudfront.net/web/scripts/marsbet.com/css/2.2b3f1eb150247205674f.css

Requested by

Host: www.marsbet.com
URL: https://www.marsbet.com/en/?cmd=register&btag=657825_5BFB094503C7420781D5EB69A48E0EAC&utm_campaign=A657825

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e19212ca97b047d80691e0940aa1ec1d374841b9a2e99ff1b26d945c72001cb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

content-encoding: br
etag: W/"8628ca2906523787dede013687f42008"
age: 18668
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: GnVO-GK9dRg0wVGkIjiDzxBLY-OJwkvd_G50et2uieZVdAi7IW9OQA==
date: Mon, 14 Oct 2024 00:57:15 GMT
content-type: text/css
vary: Accept-Encoding, Origin
last-modified: Mon, 03 Jun 2024 09:12:56 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 main.0d00516b1141b3e23527.css
d1hpetrtq93mp2.cloudfront.net/web/scripts/marsbet.com/css/ 2 MB
167 KB 982ms
586ms Stylesheet
text/css 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1hpetrtq93mp2.cloudfront.net/web/scripts/marsbet.com/css/main.0d00516b1141b3e23527.css

Requested by

Host: www.marsbet.com
URL: https://www.marsbet.com/en/?cmd=register&btag=657825_5BFB094503C7420781D5EB69A48E0EAC&utm_campaign=A657825

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7fd16daa140ab37df71eb13f44783aefea48f4de4ee3d3bb090ca72d27c10d5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

content-encoding: gzip
etag: W/"7edccddecdf081f335ef59254281293a"
age: 84592
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: h5jNrrpiaaCooFOtb5AoprNspKqWw_93A-KZyU0fHTdEqWDNbKsbTQ==
date: Sun, 13 Oct 2024 09:14:05 GMT
content-type: text/css
vary: Accept-Encoding, Origin
last-modified: Mon, 03 Jun 2024 09:12:56 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 vendor-b.c2b6bec4634585d7e854.js Show response
d1hpetrtq93mp2.cloudfront.net/web/scripts/marsbet.com/ 491 KB
116 KB 540ms
145ms Script
application/x-javascript 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1hpetrtq93mp2.cloudfront.net/web/scripts/marsbet.com/vendor-b.c2b6bec4634585d7e854.js

Requested by

Host: www.marsbet.com
URL: https://www.marsbet.com/en/?cmd=register&btag=657825_5BFB094503C7420781D5EB69A48E0EAC&utm_campaign=A657825

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

170405c0a19bb1bb0a9ddcc878e9ef33fcb9cdf5679cca52f78614a84ab9bfc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

content-encoding: br
etag: W/"e06a83195b522ac47e74c2e247f6b28a"
age: 84592
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: 8kb3pEcJMch225aqSXtzhWAO_3t7GTqnTTHXvt540wd7Y7fFP27vVQ==
date: Sun, 13 Oct 2024 09:14:05 GMT
content-type: application/x-javascript
vary: Accept-Encoding, Origin
last-modified: Mon, 03 Jun 2024 09:12:56 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 vendor-a.87272c52270258c71cf6.js Show response
d1hpetrtq93mp2.cloudfront.net/web/scripts/marsbet.com/ 88 KB
30 KB 1143ms
748ms Script
application/x-javascript 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1hpetrtq93mp2.cloudfront.net/web/scripts/marsbet.com/vendor-a.87272c52270258c71cf6.js

Requested by

Host: www.marsbet.com
URL: https://www.marsbet.com/en/?cmd=register&btag=657825_5BFB094503C7420781D5EB69A48E0EAC&utm_campaign=A657825

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6f643c76191a5f4002703bfda5a2d79937149feeb335106860983a69f5959828

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

content-encoding: br
etag: W/"cfe758000339de4d0c2f2a5e0ff9a347"
age: 36122
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: Ea5xdUZ4I27aQHzpgT7TKsi5IH8bErLQd1AI7_edhWBNOL4JdOPGIg==
date: Sun, 13 Oct 2024 20:59:07 GMT
content-type: application/x-javascript
vary: Accept-Encoding, Origin
last-modified: Mon, 03 Jun 2024 09:12:56 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 main.5e1e82bc4341462567fb.js Show response
d1hpetrtq93mp2.cloudfront.net/web/scripts/marsbet.com/ 4 MB
1 MB 947ms
552ms Script
application/x-javascript 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1hpetrtq93mp2.cloudfront.net/web/scripts/marsbet.com/main.5e1e82bc4341462567fb.js

Requested by

Host: www.marsbet.com
URL: https://www.marsbet.com/en/?cmd=register&btag=657825_5BFB094503C7420781D5EB69A48E0EAC&utm_campaign=A657825

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

aa45fe094ab25b1b83a5e12705c97727c0da3045bcbe75bcf344dab3b2b12285

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

content-encoding: gzip
etag: W/"be55aed8afe94dc64bf86b035e5162fe"
age: 7244
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: xJHNoAS6XOmzwlitXDGyby7OMRrOVcJT6-PiwWwaqjUZwtnNv4CZVQ==
date: Mon, 14 Oct 2024 05:05:14 GMT
content-type: application/x-javascript
vary: Accept-Encoding, Origin
last-modified: Mon, 03 Jun 2024 09:12:56 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 298 KB
101 KB 507ms
136ms Script
application/javascript 2607:f8b0:400d:c0d::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KSW43VB

Requested by

Host: www.marsbet.com
URL: https://www.marsbet.com/en/?cmd=register&btag=657825_5BFB094503C7420781D5EB69A48E0EAC&utm_campaign=A657825

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0d::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

604b866013bcbe305fad9a0438b0122c1ef11a57e0cebb139e9350cb05caaeec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Mon, 14 Oct 2024 05:05:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 14 Oct 2024 05:05:14 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 14 Oct 2024 03:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 102638
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 309 KB
105 KB 138ms
138ms Script
application/javascript 2607:f8b0:400d:c0d::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-7P5S2G6KVT&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSW43VB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0d::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6f88b2d9e590ae5473eac9938f836d2e26d0f1ad9eeed9278518287ea439c523

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Mon, 14 Oct 2024 05:05:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 14 Oct 2024 05:05:15 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 107015
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 271 KB
94 KB 198ms
198ms Script
application/javascript 2607:f8b0:400d:c0d::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-16506137325&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSW43VB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0d::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

529585b3ec0771b1158a77b3c50766ac028ccdea3e408db109971eaffe7dd6ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Mon, 14 Oct 2024 05:05:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 14 Oct 2024 05:05:15 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 14 Oct 2024 03:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 95779
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 189 KB
68 KB 327ms
327ms Script
application/javascript 2607:f8b0:400d:c0d::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MF4NP3LG&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSW43VB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0d::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

93f2e8d07adc6043f1d1f4d7393801cccd75006fec6e0bf12017c349e6ad7171

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Mon, 14 Oct 2024 05:05:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 14 Oct 2024 05:05:15 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 14 Oct 2024 03:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 69260
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 k_marsbet.js Show response
scripts.prdredir.com/scripts/ 800 B
717 B 371ms
188ms Script
text/javascript 2606:4700::6812:1e1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.prdredir.com/scripts/k_marsbet.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSW43VB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1e1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95d838de11136e7964ca0eaa375bf294d19a0b15880a014338e0a5d9d8e05385

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

x-request-id: d6eb606b-1d29-436a-97ba-e0c2e2d47990
cache-control: no-cache
content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"95d838de11136e7964ca0eaa375bf294"
cf-ray: 8d2508871a98101b-LAX
access-control-allow-origin: *
date: Mon, 14 Oct 2024 05:05:15 GMT
content-type: text/javascript; charset=utf-8
x-runtime: 0.016229
server: cloudflare

GET 26474959.js
js-eu1.hs-scripts.com/ 0
0

GET
H2 200 marsbet.js Show response
adjs.media/resources/content/ 3 KB
2 KB 336ms
152ms Script
text/javascript 2606:4700:3031::ac43:c6e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://adjs.media/resources/content/marsbet.js

Requested by

Host: www.marsbet.com
URL: https://www.marsbet.com/en/?cmd=register&btag=657825_5BFB094503C7420781D5EB69A48E0EAC&utm_campaign=A657825

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:c6e3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6baab2698f58847b87622c0b497b1d7d870b55ddd3f74b9687b1c0b12d1397b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

x-request-id: 0f608631-7408-49c5-ba1c-619d2f47797a
content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"6baab2698f58847b87622c0b497b1d7d"
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8HsMh7u220KHyUj73Rb9uw0QFKwKjB5JZPwtWDwxJyiJ%2B615%2BIegEc1xH%2FkvTg%2BYyzq3WgZDeLZJ4gVDt8nXMV%2Bpwk5PJfOr5T0tBzHbthTvcRA0LudWNxrM8mlRiC33RWt17FYfciMl"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
status: 200 OK
alt-svc: h3=":443"; ma=86400
date: Mon, 14 Oct 2024 05:05:15 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-runtime: 0.001370
cache-control: max-age=604800, private
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
cf-ray: 8d2508871c6b2f3a-LAX
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 hotjar-3818491.js Show response
static.hotjar.com/c/ 13 KB
5 KB 680ms
211ms Script
application/javascript 108.138.106.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-3818491.js?sv=6

Requested by

Host: www.marsbet.com
URL: https://www.marsbet.com/en/?cmd=register&btag=657825_5BFB094503C7420781D5EB69A48E0EAC&utm_campaign=A657825

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.106.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-106-126.jfk50.r.cloudfront.net

Software

Resource Hash

523c21f5ccfb2981faf5a0fe446ee8716a11b84887e8105804bc60e1f0f250e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
cache-control: max-age=60
content-encoding: br
etag: W/d6af39e99424393d7ebaebe91ee6ff11
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-cache-hit: 1
via: 1.1 877f105eccbc5cf798a3a34d16fc0c74.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: RefreshHit from cloudfront
x-amz-cf-id: I2jCuHlRGWbz49xbD-wHQVcKwXo8bDzUOP69UjX8Ua7p9Ce9EOW7dA==
date: Mon, 14 Oct 2024 05:05:15 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-amz-cf-pop: JFK50-P3

GET
H/1.1 200
OK events.js Show response
s1.kwai.net/kos/s101/nlav11187/pixel/ 10 KB
5 KB 986ms
119ms Script
application/javascript 43.152.136.155
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=245424186489524&lib=kwaiq
Requested by: Host: www.marsbet.com
URL: https://www.marsbet.com/en/?cmd=register&btag=657825_5BFB094503C7420781D5EB69A48E0EAC&utm_campaign=A657825
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.136.155 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 273c6714084d89afda9c7037f9cd63eab225edd527f2368fe86d9fb25c27a2e3

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

Content-MD5: xdyEdfWuJAvRR0tEZ9nn2A==
Access-Control-Expose-Headers: x-ks-request-id,x-ks-client-ip,Content-Length
x-oss-storage-class: Standard
Content-Encoding: gzip
x-ks-client-ip: 162.245.206.246
Etag: "C5DC8475F5AE240BD1474B4467D9E7D8"
x-oss-object-type: Normal
kwaisign: NULL
Expires: Sat, 17 Aug 2024 02:58:37 GMT
Date: Thu, 18 Jul 2024 02:58:37 GMT
x-oss-server-time: 56
Last-Modified: Mon, 27 May 2024 02:52:15 GMT
Content-Type: application/javascript
Vary: Accept-Encoding
Cache-Control: no-cache
X-NWS-LOG-UUID: 12475054249432839760
X-Ks-Cache: Hit from 43.152.136.155
x-oss-hash-crc64ecma: 13562747518461854989
Connection: keep-alive
Accept-Ranges: bytes
X-Ks-Request-ID: 12475054249432839760
Access-Control-Allow-Origin: *
Content-Length: 3744
x-oss-request-id: 669884DD46F0D734384A1FFC
X-Cache-Lookup: Cache Hit
Server: Lego Server

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1670701/ 71 KB
22 KB 580ms
402ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1670701/tfa.js
Requested by: Host: www.marsbet.com
URL: https://www.marsbet.com/en/?cmd=register&btag=657825_5BFB094503C7420781D5EB69A48E0EAC&utm_campaign=A657825
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3d12dc5692818f857228fe4fd1b555af71f645b04cc43c38d3c9d6031ec0379

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

content-encoding: gzip
etag: "419e99542ba0c763c6af658e9c75085b"
x-amz-version-id: 7AoHMVVIdJuE3.B2W4GL82nJBIrXc.cd
age: 0
x-cache: MISS
date: Mon, 14 Oct 2024 05:05:15 GMT
last-modified: Sun, 13 Oct 2024 11:04:35 GMT
x-served-by: cache-bur-kbur8200024-BUR
x-cache-hits: 0
content-type: application/javascript; charset=utf-8
x-amz-id-2: dMQXVh+BRsCnYiaK3u+fBnCKim3RCCO+wqjNHBuArCPJIQEmeyrn71XX1kbQh9hELd7D8Wjrv3U=
vary: Accept-Encoding
x-amz-replication-status: COMPLETED
cache-control: private,max-age=14401
x-timer: S1728882315.375121,VS0,VE342
via: 1.1 varnish
x-amz-request-id: Q695EJYDHJY0BWRE
accept-ranges: bytes
access-control-allow-origin: *
abp: 81
content-length: 22046
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 310ms
74ms Script
application/javascript 151.101.200.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.marsbet.com
URL: https://www.marsbet.com/en/?cmd=register&btag=657825_5BFB094503C7420781D5EB69A48E0EAC&utm_campaign=A657825
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.200.157 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

vary: Accept-Encoding,Host
cache-control: no-cache
content-encoding: gzip
etag: "bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
accept-ranges: bytes
x-cache: HIT, HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length: 15412
date: Mon, 14 Oct 2024 05:05:15 GMT
x-tw-cdn: FT
last-modified: Thu, 04 Apr 2024 00:26:35 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-iad-kcgs7200164-IAD, cache-pao-kpao1770045-PAO
x-amz-server-side-encryption: AES256

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 226 KB
58 KB 242ms
120ms Script
application/x-javascript 31.13.66.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.marsbet.com
URL: https://www.marsbet.com/en/?cmd=register&btag=657825_5BFB094503C7420781D5EB69A48E0EAC&utm_campaign=A657825

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-iad3.fbcdn.net

Software

Resource Hash

48ba1993011db4834882d81b2153753437607292f704a6543d4466c0f6d1372a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'unsafe-inline' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 14 Oct 2024 05:05:15 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=116, rtx=0, c=24, mss=1232, tbw=8166, tp=13, tpl=0, uplat=2, ullat=-1
pragma: public
x-fb-debug: AHRs7rrO8hmRYiMublq1+kEdBxUzHL5Ub5zY0wl6Xre1vzCQAregW1B7ap92mzeNBq5nQAX3ikx02y7HApcFeg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 59131
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 mastertag.php Show response
secure.afilio.com.br/ 24 B
493 B 995ms
131ms Script
text/javascript 44.196.184.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.afilio.com.br/mastertag.php?progid=3913&type=homepage&id_partner=marsbet&url_product=
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSW43VB
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.196.184.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-184-160.compute-1.amazonaws.com
Software: Apache/2.4.18 (Ubuntu) / PHP/5.6.40-10+ubuntu16.04.1+deb.sury.org+1
Resource Hash: 1b5adad44292630e0d6c054fd31c83d7eb9867d18efc1c91890b41c82c5fd4f4

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

date: Mon, 14 Oct 2024 05:05:16 GMT
content-type: text/javascript;charset=UTF-8
x-powered-by: PHP/5.6.40-10+ubuntu16.04.1+deb.sury.org+1
server: Apache/2.4.18 (Ubuntu)

POST
H2 204 collect
analytics.google.com/g/ 0
0 638ms
123ms Fetch
text/plain 2607:f8b0:400d:c04::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-7P5S2G6KVT&gtm=45je4a90v871160167z8832517177za200zb832517177&_p=1728882314315&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101671035~101686685&cid=1177771967.1728882315&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1728882315&sct=1&seg=0&dl=https%3A%2F%2Fwww.marsbet.com%2Fen%2F%3Fcmd%3Dregister%26btag%3D657825_5BFB094503C7420781D5EB69A48E0EAC%26utm_campaign%3DA657825&dt=Marsbet&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2798
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7P5S2G6KVT&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400d:c04::65 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.marsbet.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 14 Oct 2024 05:05:16 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
554 B 673ms
125ms Ping
text/plain 2607:f8b0:400d:c0e::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-7P5S2G6KVT&cid=1177771967.1728882315&gtm=45je4a90v871160167z8832517177za200zb832517177&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101671035~101686685
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7P5S2G6KVT&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400d:c0e::9d Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.marsbet.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 14 Oct 2024 05:05:16 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame 2843 0
0 533ms
130ms Document
text/html 2607:f8b0:400d:c0b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-7P5S2G6KVT&gacid=1177771967.1728882315&gtm=45je4a90v871160167z8832517177za200zb832517177&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101671035~101686685&z=159276018

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7P5S2G6KVT&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0b::9d Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.marsbet.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Oct 2024 05:05:16 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/16506137325/ 5 KB
2 KB 389ms
141ms Script
text/javascript 142.251.163.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/16506137325/?random=1728882315552&cv=11&fst=1728882315552&bg=ffffff&guid=ON&async=1&gtm=45be4a90v9183086111z8832517177za200zb832517177&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.marsbet.com%2Fen%2F%3Fcmd%3Dregister%26btag%3D657825_5BFB094503C7420781D5EB69A48E0EAC%26utm_campaign%3DA657825&hn=www.googleadservices.com&frm=0&tiba=Marsbet&npa=0&pscdl=noapi&auid=835637696.1728882315&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16506137325&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.155 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f155.1e100.net

Software

cafe /

Resource Hash

10d1e5ab8111a485d30b31692683f5549f9d22de170ce0d2cfadaa7945b95e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2373
date: Mon, 14 Oct 2024 05:05:15 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 16506137325
td.doubleclick.net/td/rul/ Frame 5F80 0
0 532ms
133ms Document
text/html 2607:f8b0:400d:c0b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/16506137325?random=1728882315552&cv=11&fst=1728882315552&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4a90v9183086111z8832517177za200zb832517177&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.marsbet.com%2Fen%2F%3Fcmd%3Dregister%26btag%3D657825_5BFB094503C7420781D5EB69A48E0EAC%26utm_campaign%3DA657825&hn=www.googleadservices.com&frm=0&tiba=Marsbet&npa=0&pscdl=noapi&auid=835637696.1728882315&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16506137325&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0b::9d Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.marsbet.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Oct 2024 05:05:16 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 adsct
t.co/1/i/ 43 B
628 B 581ms
146ms Image
image/gif 172.66.0.227
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=006a6c24-6afc-4a92-8e98-baba1671d4e9&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=77c2b9ce-42a1-4710-88cc-ddf9ecb461fd&tw_document_href=https%3A%2F%2Fwww.marsbet.com%2Fen%2F%3Fcmd%3Dregister%26btag%3D657825_5BFB094503C7420781D5EB69A48E0EAC%26utm_campaign%3DA657825&tw_iframe_status=0&txn_id=olkg7&type=javascript&version=2.3.30

Requested by

Host: www.marsbet.com
URL: https://www.marsbet.com/en/?cmd=register&btag=657825_5BFB094503C7420781D5EB69A48E0EAC&utm_campaign=A657825

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.0.227 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare tsa_p /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

strict-transport-security: max-age=0
x-transaction-id: 4f5b6cd3c7e2624e
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 7c523593874edf7466f0b17dc2b71bc79edfa2d308fdea66f9d27d40f21d4a64
cf-cache-status: DYNAMIC
cf-ray: 8d25088b6a1c090c-LAX
x-response-time: 8
content-length: 43
date: Mon, 14 Oct 2024 05:05:16 GMT
content-type: image/gif;charset=utf-8
perf: 7402827104
server: cloudflare tsa_p

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
724 B 620ms
185ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=006a6c24-6afc-4a92-8e98-baba1671d4e9&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=77c2b9ce-42a1-4710-88cc-ddf9ecb461fd&tw_document_href=https%3A%2F%2Fwww.marsbet.com%2Fen%2F%3Fcmd%3Dregister%26btag%3D657825_5BFB094503C7420781D5EB69A48E0EAC%26utm_campaign%3DA657825&tw_iframe_status=0&txn_id=olkg7&type=javascript&version=2.3.30

Requested by

Host: www.marsbet.com
URL: https://www.marsbet.com/en/?cmd=register&btag=657825_5BFB094503C7420781D5EB69A48E0EAC&utm_campaign=A657825

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

strict-transport-security: max-age=631138519
x-transaction-id: 0fd790e5050ef177
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 4f142d38481bcea26ac1d6501910131db16f61d46ce1dbb77a6f1c58e36dcefb
x-response-time: 79
content-length: 43
date: Mon, 14 Oct 2024 05:05:15 GMT
perf: 7402827104
content-type: image/gif;charset=utf-8
server: tsa_b

GET
H2 200 marsbet.gif Show response
adjs.media/hit/ 0
351 B 148ms
147ms Script
text/javascript 2606:4700:3031::ac43:c6e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://adjs.media/hit/marsbet.gif?page=https%3A%2F%2Fwww.marsbet.com%2Fen%2F%3Fcmd%3Dregister%26btag%3D657825_5BFB094503C7420781D5EB69A48E0EAC%26utm_campaign%3DA657825&ref=&date=1728882315&tid=v1.0.11342610529.14036363426&plt=Linux+x86_64

Requested by

Host: adjs.media
URL: https://adjs.media/resources/content/marsbet.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:c6e3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

x-request-id: 2ffa1495-6bc5-4b64-b5be-66bda7c3e0dc
content-encoding: gzip
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n%2Bc7lEr80c5l%2F8mVUbS9HFM%2Fx8wiVvv6K%2BhheDAOuW1vYOjVGAk8wbICAxPmCB2TMm2nx4jhFHJXJJB1Gn4F7RaDM5RFu%2BYgks2UJ4d6wURfpQ01qhaO7qoTLxtDyZpJ6BQ8Ew1tZ0Ly"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
status: 200 OK
alt-svc: h3=":443"; ma=86400
date: Mon, 14 Oct 2024 05:05:15 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-runtime: 0.003832
cache-control: no-cache
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
cf-ray: 8d250888be542f3a-LAX
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 safeframe
scripts.prdredir.com/ Frame AF5A 0
0 270ms
144ms Document
text/html 2606:4700::6812:1f1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://scripts.prdredir.com/safeframe

Requested by

Host: scripts.prdredir.com
URL: https://scripts.prdredir.com/scripts/k_marsbet.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1f1b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.marsbet.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 8d250889bd752f11-LAX
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 14 Oct 2024 05:05:15 GMT
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-request-id: c261f93a-28f5-47a6-87fc-0b25c1e34968
x-runtime: 0.002022
x-xss-protection: 1; mode=block

GET
H3 200 1975039222893115 Show response
connect.facebook.net/signals/config/ 74 KB
15 KB 186ms
185ms Script
application/x-javascript 31.13.66.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1975039222893115?v=2.9.170&r=stable&domain=www.marsbet.com&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C82%2C87%2C47%2C46%2C86%2C37%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-iad3.fbcdn.net

Software

Resource Hash

f16b1663795279b8c5e7830f42e1763898d1f40ed5f10e8d237d3e8538da073c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'unsafe-inline' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 14 Oct 2024 05:05:15 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=118, rtx=3, c=77, mss=1232, tbw=74826, tp=72, tpl=3, uplat=67, ullat=0
pragma: public
x-fb-debug: IvgT4LgW+BU/0f0FlK1IaJ5H4ofnQVg8oVPdakvju967q9ckT7p5FLF26b8mo5KEqyI5lD4Nu2iYVTvfAsXkKg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 topics_api Show response
psb.taboola.com/ 65 B
285 B 198ms
61ms Fetch
text/html 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://psb.taboola.com/topics_api
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1670701/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e7112b70eed95d42b178135728e6153e34f07001827870748de87cd7dec3538e

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

cache-control: private, max-age=2592000
retry-after: 0
x-timer: S1728882316.152822,VS0,VE0
observe-browsing-topics: ?1
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-cache: HIT
content-length: 65
date: Mon, 14 Oct 2024 05:05:16 GMT
content-type: text/html; charset=utf-8
x-served-by: cache-lax-kwhp1940123-LAX
server: Varnish
x-cache-hits: 0

GET
H2 200 json Show response
trc.taboola.com/1670701/trc/3/ 2 KB
2 KB 125ms
81ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1670701/trc/3/json?tim=1728882315808&data=%7B%22id%22%3A950%2C%22ii%22%3A%22%2Fen%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1728882315761%2C%22cv%22%3A%2220241010-17-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.marsbet.com%2Fen%2F%3Fcmd%3Dregister%26btag%3D657825_5BFB094503C7420781D5EB69A48E0EAC%26utm_campaign%3DA657825%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Fcmd%3Dregister%26btag%3D657825_5BFB094503C7420781D5EB69A48E0EAC%26utm_campaign%3DA657825%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dmarsbet-usd-br-sambadigital-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1728882315807%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fwww.marsbet.com%2Fen%2F%3Fcmd%3Dregister%26btag%3D657825_5BFB094503C7420781D5EB69A48E0EAC%26utm_campaign%3DA657825%22%2C%22tos%22%3A38%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22it%22%3A%22JS_PIXEL%22%2C%22supv%22%3Atrue%7D%2C%22pa%22%3A%7B%22su%22%3Atrue%7D%2C%22psb%22%3Atrue%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1670701/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 12c377ae47377b4dc606aa52cd6bf3985b5bcae2e93831eab26f7c270051d196

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

content-encoding: gzip
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-log-content-encoding: gzip
date: Mon, 14 Oct 2024 05:05:15 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-bur-kbur8200024-BUR
x-cache-hits: 0
vary: Accept-Encoding
x-fastly-to-nlb-rtt: 760
x-timer: S1728882316.889303,VS0,VE15
x-vcl-time-ms: 15
access-control-allow-credentials: true
via: 1.1 varnish
cpu: 0.284
accept-ranges: bytes
access-control-allow-origin: *
x-service-version: v1
server: nginx

GET
H2 200 config.json Show response
d1hpetrtq93mp2.cloudfront.net/site/8/ 25 KB
26 KB 408ms
161ms Fetch 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1hpetrtq93mp2.cloudfront.net/site/8/config.json

Requested by

Host: d1hpetrtq93mp2.cloudfront.net
URL: https://d1hpetrtq93mp2.cloudfront.net/web/scripts/marsbet.com/main.5e1e82bc4341462567fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

cf50b7c737e2d1bd701b38abf3c7ffee16806be69f282bb88fc0fe9000f4926c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

etag: "858cf39df68c7a47e89328a076bc8914"
age: 43315
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: T1Sb_PrKByZX6koG03sLFyXvIsHUQ9_JlacfMBvdfadSzqq13-ObMA==
date: Sun, 13 Oct 2024 20:56:23 GMT
last-modified: Thu, 10 Oct 2024 23:45:37 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 78cc4d359edf91a401bf5898aa1dacc6.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 25978
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 modules.720d0264984b164946ff.js Show response
script.hotjar.com/ 224 KB
56 KB 663ms
140ms Script
application/javascript 18.164.96.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.720d0264984b164946ff.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3818491.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.96.90 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-96-90.jfk50.r.cloudfront.net

Software

Resource Hash

c1eec6939693de2560a7cd2cb9bd833745efddbaa9887d4fa32464c44a3fbd33

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

x-robots-tag: none
content-encoding: br
etag: "2bc2d25972a7d1d4abf498f97b5d89f1"
age: 402369
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: yfLwH9PCtyXkgaPb_lh55BxpAs8yu3pzWd7YM2F4uV9UvZQnSkTP5Q==
date: Wed, 09 Oct 2024 13:19:07 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 09 Oct 2024 13:18:39 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
via: 1.1 53a1f042d35b1ad7e45dd18908041b36.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 56538
x-amz-cf-pop: JFK50-P5

GET
H3 200 /
www.google.com/pagead/1p-user-list/16506137325/ 42 B
64 B 382ms
133ms Image
image/gif 172.253.115.104
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/16506137325/?random=1728882315552&cv=11&fst=1728882000000&bg=ffffff&guid=ON&async=1&gtm=45be4a90v9183086111z8832517177za200zb832517177&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.marsbet.com%2Fen%2F%3Fcmd%3Dregister%26btag%3D657825_5BFB094503C7420781D5EB69A48E0EAC%26utm_campaign%3DA657825&hn=www.googleadservices.com&frm=0&tiba=Marsbet&npa=0&pscdl=noapi&auid=835637696.1728882315&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfZQ15L9AzGYU4gyfjlddFg4tzJPZJrg&random=3306920468&rmt_tld=0&ipr=y

Requested by

Host: www.marsbet.com
URL: https://www.marsbet.com/en/?cmd=register&btag=657825_5BFB094503C7420781D5EB69A48E0EAC&utm_campaign=A657825

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f104.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 14 Oct 2024 05:05:16 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 1103903817576344 Show response
connect.facebook.net/signals/config/ 24 KB
3 KB 174ms
172ms Script
application/x-javascript 31.13.66.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1103903817576344?v=2.9.170&r=stable&domain=www.marsbet.com&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C82%2C87%2C47%2C46%2C86%2C37%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112%2C199%2C198%2C200%2C205%2C206%2C207%2C203%2C195%2C131%2C133%2C162%2C194%2C196%2C121%2C156%2C144%2C150%2C188%2C189%2C128%2C231%2C115%2C125%2C126%2C232%2C164%2C118%2C234%2C165%2C135%2C122%2C153%2C147%2C127

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-iad3.fbcdn.net

Software

Resource Hash

402df467a312a408a9515546661a11fc6c0c6f66e054bf1bd75532e68e4fe43c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'unsafe-inline' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 14 Oct 2024 05:05:16 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: GOOD; q=0.7, rtt=117, rtx=3, c=91, mss=1232, tbw=91579, tp=88, tpl=3, uplat=49, ullat=0
pragma: public
x-fb-debug: PjE6955rP4KqIjHdx4GMRB4B2jv+VBgAeKlZ7dCelFIQLSM2XXt7NjdfOvbH2A6ZIoBvCyqYPaL3Z1RU/9ZFyA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 /
www.facebook.com/tr/ 0
270 B 542ms
121ms Image
text/plain 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1975039222893115&ev=PageView&dl=https%3A%2F%2Fwww.marsbet.com%2Fen%2F%3Fcmd%3Dregister%26btag%3D657825_5BFB094503C7420781D5EB69A48E0EAC%26utm_campaign%3DA657825&rl=&if=false&ts=1728882316292&sw=1600&sh=1200&v=2.9.170&r=stable&ec=0&o=4126&fbp=fb.1.1728882316290.522529995489298242&cs_est=true&ler=empty&cdl=API_unavailable&it=1728882315710&coo=false&rqm=GET

Requested by

Host: www.marsbet.com
URL: https://www.marsbet.com/en/?cmd=register&btag=657825_5BFB094503C7420781D5EB69A48E0EAC&utm_campaign=A657825

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: GOOD; q=0.7, rtt=117, rtx=0, c=10, mss=1297, tbw=2998, tp=-1, tpl=-1, uplat=1, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Mon, 14 Oct 2024 05:05:16 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
844 B 658ms
238ms Image
image/png 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1975039222893115&ev=PageView&dl=https%3A%2F%2Fwww.marsbet.com%2Fen%2F%3Fcmd%3Dregister%26btag%3D657825_5BFB094503C7420781D5EB69A48E0EAC%26utm_campaign%3DA657825&rl=&if=false&ts=1728882316292&sw=1600&sh=1200&v=2.9.170&r=stable&ec=0&o=4126&fbp=fb.1.1728882316290.522529995489298242&cs_est=true&ler=empty&cdl=API_unavailable&it=1728882315710&coo=false&rqm=FGET

Requested by

Host: www.marsbet.com
URL: https://www.marsbet.com/en/?cmd=register&btag=657825_5BFB094503C7420781D5EB69A48E0EAC&utm_campaign=A657825

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7425493006620950015"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 14 Oct 2024 05:05:16 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: q+9rQrmxQqI+Xs+slZGPLpu2/VhY7AsKVdPBt/kL+qLrovlcxXf1nJlFb2dnOSNvswo9etXx64+l8h4gU0obRQ==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7425493006620950015", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: GOOD; q=0.7, rtt=117, rtx=0, c=10, mss=1297, tbw=7551, tp=-1, tpl=-1, uplat=68, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

POST
H3 200 getGrayInfo Show response
ads.mythad.com/rest/n/adintl/gray/ 202 B
208 B 516ms
382ms XHR
application/json 23.213.158.22
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.mythad.com/rest/n/adintl/gray/getGrayInfo
Requested by: Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=245424186489524&lib=kwaiq
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 23.213.158.22 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-213-158-22.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0d6f633d2bbd2743f4a6b6c10c5509b6c58c81ce7f94569922f768065cb91633

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
content-type: application/json
Referer: https://www.marsbet.com/

Response headers

content-encoding: gzip
access-control-allow-credentials: true
quic-version: 0x00000001
access-control-allow-origin: https://www.marsbet.com
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 189
date: Mon, 14 Oct 2024 05:05:17 GMT
content-type: application/json;charset=UTF-8
vary: Accept-Encoding

OPTIONS
H2 200 getGrayInfo
ads.mythad.com/rest/n/adintl/gray/ Frame 0
0 761ms
341ms Preflight 2600:1408:c400:29::17da:da48
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.mythad.com/rest/n/adintl/gray/getGrayInfo
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:29::17da:da48 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.marsbet.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://www.marsbet.com
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 0
date: Mon, 14 Oct 2024 05:05:17 GMT

GET
H3 200 / Show response
g.ppapss.org/ 191 B
571 B 798ms
380ms Fetch
application/json 172.67.194.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ppapss.org/?format=json
Requested by: Host: d1hpetrtq93mp2.cloudfront.net
URL: https://d1hpetrtq93mp2.cloudfront.net/web/scripts/marsbet.com/main.5e1e82bc4341462567fb.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.194.46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74bb98f228bb7d6d3a8c268c153545b814e78ae60855d57462fdef6cc345c716

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8g5ud8%2Bbbz6LYjsD5jJspdgeWLQT%2Bm2qcX10bHzta19EX0yNmnWUt3LZ0mUwpoJQIyiCuM2pfLpqEC8ZrJ8o%2F4knE2TD8sWy8rAssHlXOBubFQCJS6LDpVF50HfgKqU%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d25088fad54323e-LAX
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Mon, 14 Oct 2024 05:05:17 GMT
content-type: application/json
vary: Origin
server: cloudflare

GET
H3 200 / Show response
g.ppapss.org/ 191 B
535 B 879ms
221ms Fetch
application/json 172.67.194.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ppapss.org/?format=json
Requested by: Host: d1hpetrtq93mp2.cloudfront.net
URL: https://d1hpetrtq93mp2.cloudfront.net/web/scripts/marsbet.com/main.5e1e82bc4341462567fb.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.194.46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74bb98f228bb7d6d3a8c268c153545b814e78ae60855d57462fdef6cc345c716

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u1OSDgaif4YFge55zzvqC5QBv7ugDrGRihwuZFbdMejG%2FUhHENPTRkpMuZCpyD0D4We9xI1GMiG8LKBXNIorD004i3bVtXiZVecrIDRY02wEdtwa8TJ%2FIDYCmTOjUe8%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d2508920fd4323e-LAX
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Mon, 14 Oct 2024 05:05:17 GMT
content-type: application/json
vary: Origin
server: cloudflare

GET
H3 200 2253962138284710 Show response
connect.facebook.net/signals/config/ 24 KB
3 KB 182ms
181ms Script
application/x-javascript 31.13.66.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2253962138284710?v=2.9.170&r=stable&domain=www.marsbet.com&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C82%2C87%2C47%2C46%2C86%2C37%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112%2C199%2C198%2C200%2C205%2C206%2C207%2C203%2C195%2C131%2C133%2C162%2C194%2C196%2C121%2C156%2C144%2C150%2C188%2C189%2C128%2C231%2C115%2C125%2C126%2C232%2C164%2C118%2C234%2C165%2C135%2C122%2C153%2C147%2C127

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-iad3.fbcdn.net

Software

Resource Hash

0de067cd0b54267eef6a73b84affb74ea0e63c46c9d7e57875bf03cacf6a6ddb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'unsafe-inline' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 14 Oct 2024 05:05:16 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=117, rtx=3, c=93, mss=1232, tbw=95003, tp=92, tpl=3, uplat=62, ullat=0
pragma: public
x-fb-debug: o4kYzDtCp1QlA5VxuQnJwBCMcCf7WhzIu0yafu0m/ybKBadDaTPEWdqaWNLPLdTo7+u2cho7phIFhVpYjXtaFg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 /
www.facebook.com/tr/ 0
99 B 363ms
122ms Image
text/plain 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1103903817576344&ev=PageView&dl=https%3A%2F%2Fwww.marsbet.com%2Fen%2F%3Fcmd%3Dregister%26btag%3D657825_5BFB094503C7420781D5EB69A48E0EAC%26utm_campaign%3DA657825&rl=&if=false&ts=1728882316473&sw=1600&sh=1200&v=2.9.170&r=stable&ec=0&o=12318&fbp=fb.1.1728882316290.522529995489298242&ler=empty&cdl=API_unavailable&it=1728882315710&coo=false&rqm=GET

Requested by

Host: www.marsbet.com
URL: https://www.marsbet.com/en/?cmd=register&btag=657825_5BFB094503C7420781D5EB69A48E0EAC&utm_campaign=A657825

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: GOOD; q=0.7, rtt=117, rtx=0, c=10, mss=1297, tbw=3281, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Mon, 14 Oct 2024 05:05:16 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 477ms
237ms Image
image/png 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1103903817576344&ev=PageView&dl=https%3A%2F%2Fwww.marsbet.com%2Fen%2F%3Fcmd%3Dregister%26btag%3D657825_5BFB094503C7420781D5EB69A48E0EAC%26utm_campaign%3DA657825&rl=&if=false&ts=1728882316473&sw=1600&sh=1200&v=2.9.170&r=stable&ec=0&o=12318&fbp=fb.1.1728882316290.522529995489298242&ler=empty&cdl=API_unavailable&it=1728882315710&coo=false&rqm=FGET

Requested by

Host: www.marsbet.com
URL: https://www.marsbet.com/en/?cmd=register&btag=657825_5BFB094503C7420781D5EB69A48E0EAC&utm_campaign=A657825

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7425493006785431129"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 14 Oct 2024 05:05:16 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: 09rWrguyB5Nx0lqsOndzdeLYls1xm2MLUrQx1/z13ri37zc574sUkDJsOen0FUPCBljd6KAs3fcd4y6lHbNORg==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7425493006785431129", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: GOOD; q=0.7, rtt=117, rtx=0, c=10, mss=1297, tbw=3465, tp=-1, tpl=-1, uplat=64, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 providers.json Show response
d1hpetrtq93mp2.cloudfront.net/site/8/ 22 KB
22 KB 155ms
155ms Fetch 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1hpetrtq93mp2.cloudfront.net/site/8/providers.json

Requested by

Host: d1hpetrtq93mp2.cloudfront.net
URL: https://d1hpetrtq93mp2.cloudfront.net/web/scripts/marsbet.com/main.5e1e82bc4341462567fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5ca579329d3cd3c692f533846c57a040e8e0299e774845bf499af75255f72403

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

etag: "4bd8f12908cfcb60c19ec015bfb034d9"
age: 81678
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: SMgQLUlCmuWpkxLbMpPY__63aOH2_EDwxWRwjwrTSut4StUdKmXymg==
date: Mon, 14 Oct 2024 01:06:10 GMT
last-modified: Wed, 21 Aug 2024 13:01:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 78cc4d359edf91a401bf5898aa1dacc6.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 22042
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 1263688571238629 Show response
connect.facebook.net/signals/config/ 24 KB
3 KB 175ms
174ms Script
application/x-javascript 31.13.66.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1263688571238629?v=2.9.170&r=stable&domain=www.marsbet.com&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C82%2C87%2C47%2C46%2C86%2C37%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112%2C199%2C198%2C200%2C205%2C206%2C207%2C203%2C195%2C131%2C133%2C162%2C194%2C196%2C121%2C156%2C144%2C150%2C188%2C189%2C128%2C231%2C115%2C125%2C126%2C232%2C164%2C118%2C234%2C165%2C135%2C122%2C153%2C147%2C127

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-iad3.fbcdn.net

Software

Resource Hash

6442f212321ac7c740a87ff7a0071eb71a75fa97c8f1aeeb045910f34f4fa5ae

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'unsafe-inline' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 14 Oct 2024 05:05:16 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=116, rtx=3, c=96, mss=1232, tbw=98299, tp=96, tpl=3, uplat=55, ullat=0
pragma: public
x-fb-debug: Uwn6KJuuB1Mp3kDIukWw9D28x8TSLtzjFmVx9gLAYYnYzmgVT3lfVmytPRxP0Xg1NaEZvIqBvn96EO+UW1QSnw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 /
www.facebook.com/tr/ 0
32 B 177ms
122ms Image
text/plain 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2253962138284710&ev=PageView&dl=https%3A%2F%2Fwww.marsbet.com%2Fen%2F%3Fcmd%3Dregister%26btag%3D657825_5BFB094503C7420781D5EB69A48E0EAC%26utm_campaign%3DA657825&rl=&if=false&ts=1728882316660&sw=1600&sh=1200&v=2.9.170&r=stable&ec=0&o=12318&fbp=fb.1.1728882316290.522529995489298242&ler=empty&cdl=API_unavailable&it=1728882315710&coo=false&rqm=GET

Requested by

Host: www.marsbet.com
URL: https://www.marsbet.com/en/?cmd=register&btag=657825_5BFB094503C7420781D5EB69A48E0EAC&utm_campaign=A657825

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: GOOD; q=0.7, rtt=117, rtx=0, c=10, mss=1297, tbw=3281, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Mon, 14 Oct 2024 05:05:16 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
843 B 292ms
238ms Image
image/png 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2253962138284710&ev=PageView&dl=https%3A%2F%2Fwww.marsbet.com%2Fen%2F%3Fcmd%3Dregister%26btag%3D657825_5BFB094503C7420781D5EB69A48E0EAC%26utm_campaign%3DA657825&rl=&if=false&ts=1728882316660&sw=1600&sh=1200&v=2.9.170&r=stable&ec=0&o=12318&fbp=fb.1.1728882316290.522529995489298242&ler=empty&cdl=API_unavailable&it=1728882315710&coo=false&rqm=FGET

Requested by

Host: www.marsbet.com
URL: https://www.marsbet.com/en/?cmd=register&btag=657825_5BFB094503C7420781D5EB69A48E0EAC&utm_campaign=A657825

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7425493007287933050"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 14 Oct 2024 05:05:16 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: 5DV7sHn9eaieVLaVkQ+LxNLBI2fh6VYH6pm4QeZAnQ6qVu3hoJF1tzMRUjqxfWpF+pNnwL5R38ZF4i4rFNzUPg==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7425493007287933050", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: GOOD; q=0.7, rtt=117, rtx=0, c=10, mss=1297, tbw=6686, tp=-1, tpl=-1, uplat=66, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 /
www.facebook.com/tr/ 0
98 B 122ms
120ms Image
text/plain 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1263688571238629&ev=PageView&dl=https%3A%2F%2Fwww.marsbet.com%2Fen%2F%3Fcmd%3Dregister%26btag%3D657825_5BFB094503C7420781D5EB69A48E0EAC%26utm_campaign%3DA657825&rl=&if=false&ts=1728882316845&sw=1600&sh=1200&v=2.9.170&r=stable&ec=0&o=12318&fbp=fb.1.1728882316290.522529995489298242&ler=empty&cdl=API_unavailable&it=1728882315710&coo=false&rqm=GET

Requested by

Host: www.marsbet.com
URL: https://www.marsbet.com/en/?cmd=register&btag=657825_5BFB094503C7420781D5EB69A48E0EAC&utm_campaign=A657825

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: GOOD; q=0.7, rtt=118, rtx=0, c=18, mss=1297, tbw=8487, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Mon, 14 Oct 2024 05:05:16 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
844 B 154ms
154ms Image
image/png 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1263688571238629&ev=PageView&dl=https%3A%2F%2Fwww.marsbet.com%2Fen%2F%3Fcmd%3Dregister%26btag%3D657825_5BFB094503C7420781D5EB69A48E0EAC%26utm_campaign%3DA657825&rl=&if=false&ts=1728882316845&sw=1600&sh=1200&v=2.9.170&r=stable&ec=0&o=12318&fbp=fb.1.1728882316290.522529995489298242&ler=empty&cdl=API_unavailable&it=1728882315710&coo=false&rqm=FGET

Requested by

Host: www.marsbet.com
URL: https://www.marsbet.com/en/?cmd=register&btag=657825_5BFB094503C7420781D5EB69A48E0EAC&utm_campaign=A657825

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7425493006737225076"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 14 Oct 2024 05:05:16 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: +R0O+P1E5htF2JGeCA5NL45+2ih10s+7A3OIKoY04DjT0NRDC7siRAj/+WmD2ghbLQKFEvOa3CE+QINv1tv8DQ==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7425493006737225076", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: GOOD; q=0.7, rtt=118, rtx=0, c=18, mss=1297, tbw=8629, tp=-1, tpl=-1, uplat=31, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 browser-perf.8417c6bba72228fa2e29.js Show response
script.hotjar.com/ 5 KB
2 KB 127ms
126ms Script
application/javascript 18.164.96.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/browser-perf.8417c6bba72228fa2e29.js

Requested by

Host: script.hotjar.com
URL: https://script.hotjar.com/modules.720d0264984b164946ff.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.96.90 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-96-90.jfk50.r.cloudfront.net

Software

Resource Hash

70712c8650feecc46403b5801b9d5b72d5b2d6ba1d1cf0317e105603982321bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

x-robots-tag: none
content-encoding: br
etag: "b83b61bc5871e9a23a0434e2c539f4f3"
age: 2201277
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: 11rmyfubjE2eN861mA_JrByBkasI7YHugZ64gObt9WWMt30wOXrQZQ==
date: Wed, 18 Sep 2024 17:37:20 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 17 Sep 2024 15:41:53 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
via: 1.1 53a1f042d35b1ad7e45dd18908041b36.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1782
x-amz-cf-pop: JFK50-P5

GET
H2 200 favicon.png
d1hpetrtq93mp2.cloudfront.net/web/assets/images/sites/marsbet.com/ 4 KB
5 KB 133ms
132ms Other
image/png 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1hpetrtq93mp2.cloudfront.net/web/assets/images/sites/marsbet.com/favicon.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

be445f9f9d9814253543e553d150ec35ba765ac6b46c52125cc5533ea990e734

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

etag: "c59f5d2f634f3ab6d3eb8ac8a1397d92"
age: 7446409
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: bOgcxDgnvtnAYLIm9UYPycAoylzqAGN55SJWVAPVoJF-YWiaS1wrtQ==
date: Sat, 20 Jul 2024 00:38:29 GMT
content-type: image/png
last-modified: Sat, 11 Dec 2021 10:19:05 GMT
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 4450
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3

GET
H/1.1 200
OK core.js Show response
s1.kwai.net/kos/s101/nlav11187/pixel/core/ 290 KB
77 KB 119ms
118ms Script
application/javascript 43.152.136.155
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=245424186489524&lib=kwaiq
Requested by: Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=245424186489524&lib=kwaiq
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.136.155 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: c8da6b8870aeb38f2ff3528402fc81a4960ab5c86f629e3526d6b36f96a92e87

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

Content-MD5: i6zSW0hdN+sW3Egwa6IiGg==
Access-Control-Expose-Headers: x-ks-request-id,x-ks-client-ip,Content-Length
x-oss-storage-class: Standard
Content-Encoding: gzip
x-ks-client-ip: 162.245.206.246
Etag: "8BACD25B485D37EB16DC48306BA2221A"
x-oss-object-type: Normal
kwaisign: NULL
Expires: Fri, 11 Oct 2024 08:43:00 GMT
Date: Wed, 11 Sep 2024 08:43:00 GMT
x-oss-server-time: 8
Last-Modified: Wed, 11 Sep 2024 08:21:14 GMT
Content-Type: application/javascript
Vary: Accept-Encoding
Cache-Control: no-cache
X-NWS-LOG-UUID: 11581494013830177835
X-Ks-Cache: Hit from 43.152.136.155
x-oss-hash-crc64ecma: 1814864409054748518
Connection: keep-alive
Accept-Ranges: bytes
X-Ks-Request-ID: 11581494013830177835
Access-Control-Allow-Origin: *
Content-Length: 78021
x-oss-request-id: 66E15814007CA03532469C65
X-Cache-Lookup: Cache Hit
Server: Lego Server

GET
H2 204 unip Show response
trc-events.taboola.com/1670701/log/3/ 0
247 B 391ms
131ms XHR
text/plain 141.226.224.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1670701/log/3/unip?en=pre_d_eng_tb&tos=1644&scd=0&ssd=1&est=1728882315768&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1728882317413&vi=1728882315761&ri=0d5e85a70e0cfe5a8027c1d3a6860726&ref=null&cv=20241010-17-RELEASE&item-url=https%3A%2F%2Fwww.marsbet.com%2Fen%2F%3Fcmd%3Dregister%26btag%3D657825_5BFB094503C7420781D5EB69A48E0EAC%26utm_campaign%3DA657825&it=JS_PIXEL
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1670701/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Attribution-Reporting-Eligible: trigger
Referer: https://www.marsbet.com/

Response headers

access-control-allow-origin: https://www.marsbet.com
cache-control: no-cache
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date: Mon, 14 Oct 2024 05:05:18 GMT
pragma: no-cache
server: nginx
access-control-allow-credentials: true

OPTIONS
H2 200 unip
trc-events.taboola.com/1670701/log/3/ Frame 0
0 471ms
130ms Preflight 141.226.224.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1670701/log/3/unip?en=pre_d_eng_tb&tos=1644&scd=0&ssd=1&est=1728882315768&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1728882317413&vi=1728882315761&ri=0d5e85a70e0cfe5a8027c1d3a6860726&ref=null&cv=20241010-17-RELEASE&item-url=https%3A%2F%2Fwww.marsbet.com%2Fen%2F%3Fcmd%3Dregister%26btag%3D657825_5BFB094503C7420781D5EB69A48E0EAC%26utm_campaign%3DA657825&it=JS_PIXEL
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://www.marsbet.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-origin: https://www.marsbet.com
allow: GET, HEAD, POST, TRACE, OPTIONS
content-length: 0
date: Mon, 14 Oct 2024 05:05:17 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server: nginx

GET
H2 200 favicon.png
d1hpetrtq93mp2.cloudfront.net/web/assets/images/sites/marsbet.com/ 4 KB
0 1ms
1ms Other
image/png 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1hpetrtq93mp2.cloudfront.net/web/assets/images/sites/marsbet.com/favicon.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

be445f9f9d9814253543e553d150ec35ba765ac6b46c52125cc5533ea990e734

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

etag: "c59f5d2f634f3ab6d3eb8ac8a1397d92"
age: 7446409
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: bOgcxDgnvtnAYLIm9UYPycAoylzqAGN55SJWVAPVoJF-YWiaS1wrtQ==
date: Sat, 20 Jul 2024 00:38:29 GMT
content-type: image/png
last-modified: Sat, 11 Dec 2021 10:19:05 GMT
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 4450
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3

POST
H2 200 radar Show response
logsdk.kwai-pro.com/rest/wd/common/log/collect/ 72 B
282 B 802ms
364ms XHR
text/plain 23.213.158.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://logsdk.kwai-pro.com/rest/wd/common/log/collect/radar?v=3.10.28&kpn=ksib.fe.pixel
Requested by: Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=245424186489524&lib=kwaiq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.213.158.24 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-213-158-24.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e85863edce32981ec06d3e80a9a8d805ff13a1092f57bf2fe9cfe906cf18030c

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.marsbet.com/

Response headers

access-control-allow-origin: https://www.marsbet.com
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 72
date: Mon, 14 Oct 2024 05:05:18 GMT
content-type: text/plain;charset=UTF-8
access-control-allow-credentials: true

POST
H2 200 radar Show response
logsdk.kwai-pro.com/rest/wd/common/log/collect/ 71 B
192 B 878ms
439ms XHR
text/plain 23.213.158.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://logsdk.kwai-pro.com/rest/wd/common/log/collect/radar?v=3.10.28&kpn=ksib.fe.pixel
Requested by: Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=245424186489524&lib=kwaiq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.213.158.24 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-213-158-24.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 52d6f06c516d74b52f12dcdaa12f563462a1a9f4080d8a7d93efa33612bbb08c

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.marsbet.com/

Response headers

access-control-allow-origin: https://www.marsbet.com
content-length: 71
date: Mon, 14 Oct 2024 05:05:18 GMT
content-type: text/plain;charset=UTF-8
access-control-allow-credentials: true

GET
H3 200 getPixelConfig Show response
ads.mythad.com/rest/n/adintl/ad/ 379 B
312 B 368ms
367ms XHR
application/json 23.213.158.22
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.mythad.com/rest/n/adintl/ad/getPixelConfig?pixelId=245424186489524&pageId=pageId-1728882317569-1099148515348
Requested by: Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=245424186489524&lib=kwaiq
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 23.213.158.22 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-213-158-22.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c2cc365378c2727d00e29cda6c534ca0f45281d84302fac18de7417979c575f7

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

content-encoding: gzip
access-control-allow-credentials: true
quic-version: 0x00000001
access-control-allow-origin: https://www.marsbet.com
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 292
date: Mon, 14 Oct 2024 05:05:17 GMT
content-type: application/json;charset=UTF-8
vary: Accept-Encoding

GET
H2 200 8.json Show response
d1hpetrtq93mp2.cloudfront.net/translations/en/ 45 KB
46 KB 265ms
264ms Fetch 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1hpetrtq93mp2.cloudfront.net/translations/en/8.json

Requested by

Host: d1hpetrtq93mp2.cloudfront.net
URL: https://d1hpetrtq93mp2.cloudfront.net/web/scripts/marsbet.com/main.5e1e82bc4341462567fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e24d5f1210816c21386e1fd1347941de0640e0b05d4e3b909b693d5f3e7b4a18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

etag: "d82e1e17c5aaa848fcce4ee0d12742dc"
age: 10871
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: hE3krdjvhkisAPMTkLkeEM2yrkgmcXBQaJHb5GKzV0vyC_KYrSx56Q==
date: Mon, 14 Oct 2024 05:05:17 GMT
last-modified: Thu, 05 Sep 2024 07:07:12 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 78cc4d359edf91a401bf5898aa1dacc6.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 46011
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 preloader-logo.svg
d1hpetrtq93mp2.cloudfront.net/web/assets/images/sites/marsbet.com/ 1 KB
1 KB 139ms
139ms Image
image/svg+xml 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1hpetrtq93mp2.cloudfront.net/web/assets/images/sites/marsbet.com/preloader-logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f69097614de42a60004f511eb587f87f692fc1950255836695f1aa1a2b616056

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

content-encoding: br
etag: W/"8381723323bb52716f22241de395dbb7"
age: 23964291
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: 6N2CImPF0BT7oKA0e2dYAaC61mJc3dlnseFTZ3t1W6FrpF_wkltyGw==
date: Wed, 10 Jan 2024 20:20:27 GMT
content-type: image/svg+xml
last-modified: Sat, 11 Dec 2021 10:19:05 GMT
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3

GET
DATA 200
OK truncated
/ 77 KB
77 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 053b0ce3a579a81cf5dba038f671d41ce83f5d625ab3fc53fe39459b601299cc

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Origin: https://www.marsbet.com
Referer

Response headers

Content-Type: application/x-font-woff;charset=utf-8

OPTIONS
H2 200 api
ads.mythad.com/log/common/co/ Frame 0
0 337ms
336ms Preflight 2600:1408:c400:29::17da:da48
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.mythad.com/log/common/co/api
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:29::17da:da48 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.marsbet.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://www.marsbet.com
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Mon, 14 Oct 2024 05:05:18 GMT

GET
H/1.1 200
OK checkPixel.js Show response
s1.kwai.net/kos/s101/nlav11187/pixel/core/ 126 KB
40 KB 120ms
119ms Script
application/javascript 43.152.136.155
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/checkPixel.js?sdkid=245424186489524&lib=kwaiq
Requested by: Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=245424186489524&lib=kwaiq
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.136.155 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: a3a4b8a8111fe31596e204f6898e7d2e15ba5ee5bfe4542a3a208ddc96829951

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

Content-MD5: AW9CEWCiJefwVj7zcti69w==
Access-Control-Expose-Headers: x-ks-request-id,x-ks-client-ip,Content-Length
x-oss-storage-class: Standard
Content-Encoding: gzip
x-ks-client-ip: 162.245.206.246
Etag: "016F421160A225E7F0563EF372D8BAF7"
x-oss-object-type: Normal
kwaisign: NULL
Expires: Sat, 13 Jul 2024 06:07:52 GMT
Date: Thu, 13 Jun 2024 06:07:52 GMT
x-oss-server-time: 61
Last-Modified: Mon, 27 May 2024 07:18:27 GMT
Content-Type: application/javascript
Vary: Accept-Encoding
Cache-Control: no-cache
X-NWS-LOG-UUID: 18259833912159402072
X-Ks-Cache: Hit from 43.152.136.155
x-oss-hash-crc64ecma: 11760214008123873659
Connection: keep-alive
Accept-Ranges: bytes
X-Ks-Request-ID: 18259833912159402072
Access-Control-Allow-Origin: *
Content-Length: 39702
x-oss-request-id: 666A8CB817D7F33039910062
X-Cache-Lookup: Cache Hit
Server: Lego Server

POST
H3 200 api Show response
ads.mythad.com/log/common/co/ 2 KB
1 KB 347ms
345ms XHR
application/json 23.213.158.22
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.mythad.com/log/common/co/api
Requested by: Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=245424186489524&lib=kwaiq
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 23.213.158.22 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-213-158-22.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 172af130d6dd9cbceedc08f12a2ca1081daa6782550b8e9838a14df7634f4d0d

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
content-type: application/json
Referer: https://www.marsbet.com/

Response headers

content-encoding: gzip
access-control-allow-credentials: true
quic-version: 0x00000001
access-control-allow-origin: https://www.marsbet.com
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 1045
date: Mon, 14 Oct 2024 05:05:18 GMT
content-type: application/json;charset=utf-8
vary: Accept-Encoding

GET
H2 200 en.json Show response
d1hpetrtq93mp2.cloudfront.net/translations/countries/ 4 KB
3 KB 245ms
244ms Fetch
application/json 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1hpetrtq93mp2.cloudfront.net/translations/countries/en.json

Requested by

Host: d1hpetrtq93mp2.cloudfront.net
URL: https://d1hpetrtq93mp2.cloudfront.net/web/scripts/marsbet.com/main.5e1e82bc4341462567fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8aa26964831962c9ae9eb8020b5efa8b4f64989801d2191fae2b6f9f2650561d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

content-encoding: br
etag: W/"2155457b15ba903d10afe77b8113713d"
age: 828
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: qNTNXhBNjHsFrL_3TebG1_aOqMJ3dFKHmGCZ6sCm_u72RDTUVRkE3w==
date: Mon, 14 Oct 2024 05:05:18 GMT
content-type: application/json
last-modified: Sun, 10 May 2020 15:34:59 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 78cc4d359edf91a401bf5898aa1dacc6.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3

OPTIONS
H3 200 checkPixelCompress
ads.mythad.com/rest/n/adintl/ad/ Frame 0
0 343ms
343ms Preflight 23.213.158.22
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.mythad.com/rest/n/adintl/ad/checkPixelCompress
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 23.213.158.22 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-213-158-22.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.marsbet.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://www.marsbet.com
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 0
date: Mon, 14 Oct 2024 05:05:18 GMT
quic-version: 0x00000001

POST
H3 200 checkPixelCompress Show response
ads.mythad.com/rest/n/adintl/ad/ 145 B
164 B 1065ms
774ms XHR
application/json 23.213.158.22
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.mythad.com/rest/n/adintl/ad/checkPixelCompress
Requested by: Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/checkPixel.js?sdkid=245424186489524&lib=kwaiq
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 23.213.158.22 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-213-158-22.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a220952c21e11e877b701786c640dc916930649600377f66ae9735bf6c215a80

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
content-type: application/json
Referer: https://www.marsbet.com/

Response headers

content-encoding: gzip
access-control-allow-credentials: true
quic-version: 0x00000001
access-control-allow-origin: https://www.marsbet.com
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 145
date: Mon, 14 Oct 2024 05:05:19 GMT
content-type: application/json;charset=UTF-8
vary: Accept-Encoding

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 10 KB
5 KB 308ms
103ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=79d23fc2-0bd2-408c-85df-e86919a20d52

Requested by

Host: d1hpetrtq93mp2.cloudfront.net
URL: https://d1hpetrtq93mp2.cloudfront.net/web/scripts/marsbet.com/main.5e1e82bc4341462567fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5e73ae42ed4f068014f2ac26f036966e4997aa1fd32c2182859e3163dd1f71a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

access-control-max-age: 0
content-encoding: br
cf-cache-status: HIT
etag: W/"d90dbb2a9f98c3c53cd0f1d480381e2e"
x-amz-version-id: FkgGJxeVVNjmEhoAGFYT4yGKQLf728f6
age: 31
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZO8MW3i47dm9jHIlosD1qWyy2E81cW767YFzcuPObhn5%2BFpt%2BR4exnn0uxi5WxHIZq%2BkM1YzS%2BZm68Sw1dVTFH2U5MVLTvFbcJ7Y8XkIEpUFoqWDCKKSdoJL8kR5QaizhRNQJiE%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, HEAD
date: Mon, 14 Oct 2024 05:05:18 GMT
content-type: application/javascript
last-modified: Tue, 10 Sep 2024 11:42:28 GMT
vary: Accept-Encoding
x-amz-id-2: SRWe0M1Q42B4VYOfo+2r3smcJWGwpKWgLLXbyf5Q204Gu5fyP6cuCymJqq6NLPbgLMy7e6eT6Co=
access-control-allow-headers: *
strict-transport-security: max-age=0
x-amz-replication-status: PENDING
cache-control: public, max-age=3600, s-maxage=60
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: PP11KBE4DE84MVGN
cf-ray: 8d25089aece56b51-DFW
access-control-allow-origin: *
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 06f03197715eff0b86bbbe78a7cba685fc35fdb5_original.jpg
d2ps39elv3ruqi.cloudfront.net/attachments/ 319 KB
320 KB 461ms
138ms Image
image/jpeg 2600:9000:2509:9600:0:68d8:d680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2ps39elv3ruqi.cloudfront.net/attachments/06f03197715eff0b86bbbe78a7cba685fc35fdb5_original.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2509:9600:0:68d8:d680:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

80e6f7a2c4c2770aebf744a8959a898f17c94f5a463da1c99ec093aa93c4222f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

etag: "d25f785b4ae72968679352a98b1b8370"
age: 1040135
x-content-type-options: nosniff
expires: Mon, 04 May 2020 13:22:50 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: j71P_fuvEAc8joPCgITjXvsb4UDE2e6eCbwiW70SZX0vz-VBB_gsNQ==
date: Wed, 02 Oct 2024 04:09:44 GMT
content-type: image/jpeg
last-modified: Tue, 21 Apr 2020 11:26:18 GMT
vary: Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: max-age=1209600
referrer-policy: strict-origin-when-cross-origin
via: 1.1 8a5a55219dfdbca831a0a40e05aaa842.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 326324
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD12-P2
server: AmazonS3

GET
DATA 200
OK truncated
/ 78 KB
78 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 17fc71bf300268bcc18ca22d6459a5e2ff54c1a89f50d069d1a1875b4680b6bf

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Origin: https://www.marsbet.com
Referer

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
DATA 200
OK truncated
/ 44 KB
44 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1cd9517a1bf4ead4d2291b8f4aca8d0eac69a9dd644d06503b619333a8a2f4b

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Origin: https://www.marsbet.com
Referer

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
DATA 200
OK truncated
/ 78 KB
78 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0b287ae055d54d8007361d57aedc04072a65d0345dc9c8661b9411ef1eedf849

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Origin: https://www.marsbet.com
Referer

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
DATA 200
OK truncated
/ 299 KB
299 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8ca0c81afd69f27e25eed1d280c4566c70a3260dd80395d2f82c63c313e0779c

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Origin: https://www.marsbet.com
Referer

Response headers

Content-Type: application/x-font-woff;charset=utf-8

POST
H2 204 collect
analytics.google.com/g/ 0
0 123ms
122ms Fetch
text/plain 2607:f8b0:400d:c04::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-7P5S2G6KVT&gtm=45je4a90v871160167za200zb832517177&_p=1728882314315&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101671035~101686685&cid=1177771967.1728882315&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1728882315&sct=1&seg=0&dl=https%3A%2F%2Fwww.marsbet.com%2Fen%2F%3Fcmd%3Dregister%26btag%3D657825_5BFB094503C7420781D5EB69A48E0EAC%26utm_campaign%3DA657825&dt=Marsbet&en=scroll&epn.percent_scrolled=90&_et=37&tfd=5646
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7P5S2G6KVT&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400d:c04::65 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.marsbet.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 14 Oct 2024 05:05:18 GMT
content-type: text/plain
server: Golfe2

GET
H2

204

https://analytics.google.com/g/collect?v=2&tid=G-7P5S2G6KVT&gtm=45je4a90v871160167z8832517177za200zb832517177&_p=1728882314315&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101671035~101686685&cid=117777196...
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1177771967.1728882315&dbk=13558315951203548774&dma=0&en=signup_form_open&gtm=45je4a90v871160167z8832517177za200zb832517...

0
0

394ms
134ms

Fetch
text/plain

2607:f8b0:4004:c09::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1177771967.1728882315&dbk=13558315951203548774&dma=0&en=signup_form_open&gtm=45je4a90v871160167z8832517177za200zb832517177&npa=0&tid=G-7P5S2G6KVT&dl=https%3A%2F%2Fwww.marsbet.com%3F
Protocol: H2
Server: 2607:f8b0:4004:c09::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgnc:90:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgnc:90:0
attribution-reporting-register-os-trigger: "https://www.google-analytics.com/privacy-sandbox/register-os-conversion?_c=1&cid=1177771967.1728882315&dbk=13558315951203548774&dma=0&en=signup_form_open&gtm=45je4a90v871160167z8832517177za200zb832517177&npa=0&tid=G-7P5S2G6KVT&dl=https%3A%2F%2Fwww.marsbet.com%3F"
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
attribution-reporting-register-trigger: {"aggregatable_trigger_data":[{"key_piece":"0x2ba10bc2b69f9f74","source_keys":["1"]},{"key_piece":"0x67a98107180a2ba0","source_keys":["2","3","4"]}],"aggregatable_values":{"1":65,"2":65,"3":65,"4":6356},"debug_key":"13558315951203548774","debug_reporting":true,"event_trigger_data":[{"filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"}],"filters":{"2":["16506137325"],"5":["10-14","10-13","10-12"]}}
date: Mon, 14 Oct 2024 05:05:18 GMT
content-type: text/plain
server: Golfe2

Redirect headers

cache-control: no-cache, no-store, must-revalidate
location: https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1177771967.1728882315&dbk=13558315951203548774&dma=0&en=signup_form_open&gtm=45je4a90v871160167z8832517177za200zb832517177&npa=0&tid=G-7P5S2G6KVT&dl=https%3A%2F%2Fwww.marsbet.com%3F
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 488
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 14 Oct 2024 05:05:18 GMT
content-type: text/html; charset=UTF-8
server: Golfe2

GET
DATA 200
OK truncated
/ 120 KB
120 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a50b74d3363564edee23784ed410f003979017f03a7cde129e1b59127e0820c9

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Origin: https://www.marsbet.com
Referer

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
DATA 200
OK truncated
/ 119 KB
119 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 40032c92f99f669ec24ed3e3ba345b8cfd6076e8db09e79a547f33574a43ea07

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Origin: https://www.marsbet.com
Referer

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
DATA 200
OK truncated
/ 300 KB
300 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e0610c0da96f9fc333232aa14814997452401cbaea52671d2338f0af29554ce0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Origin: https://www.marsbet.com
Referer

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 wheel-en.svg
d1hpetrtq93mp2.cloudfront.net/web/assets/images/header-images/en/ 58 KB
14 KB 149ms
133ms Image
image/svg+xml 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1hpetrtq93mp2.cloudfront.net/web/assets/images/header-images/en/wheel-en.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0e2d3557295f74bc1a205094b2bd6c98f776d80f53a36874c2f20509242ec178

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

content-encoding: br
etag: W/"839d6568e6f4e2f29f65fe10262a7c0a"
age: 5625439
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: a2FAQCcFhazoHyycvTrxaGsCu-ybD2Y-NRi1o1dvCrppANOok_37qA==
date: Sat, 10 Aug 2024 02:28:00 GMT
content-type: image/svg+xml
last-modified: Sat, 11 Dec 2021 10:18:55 GMT
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3

GET
H2 200 mars-tv-en.svg
d1hpetrtq93mp2.cloudfront.net/web/assets/images/header-images/en/ 5 KB
3 KB 154ms
138ms Image
image/svg+xml 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1hpetrtq93mp2.cloudfront.net/web/assets/images/header-images/en/mars-tv-en.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c8069b822c517584cef68dbe8f89e0f976c5e9e8fb40feed3cef7a3098907588

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

content-encoding: br
etag: W/"0b26644018a5f7df6ca86b44032065f4"
age: 3336483
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: sGeQqwfzspMxES7ADfXODbqUkHRahWyYs5Ue2xK-CGoxAodHyC9vmQ==
date: Thu, 05 Sep 2024 14:17:15 GMT
content-type: image/svg+xml
last-modified: Sat, 11 Dec 2021 10:18:55 GMT
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3

GET
H2 200 helpcenter-gray-en.svg
d1hpetrtq93mp2.cloudfront.net/web/assets/images/header-images/en/ 14 KB
5 KB 139ms
123ms Image
image/svg+xml 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1hpetrtq93mp2.cloudfront.net/web/assets/images/header-images/en/helpcenter-gray-en.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

04f6587ec7cc516b26724e658ce5303a01dc021cdf14e6df93889f7df9c40581

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

content-encoding: br
etag: W/"3435a73846ea7a1c295b6aff3303bd5f"
age: 2472897
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: uv5POZy-p9ka4Kc5yaw14fPH5O6jF5gT-vxJHANAitNWB0jszYZMQw==
date: Sun, 15 Sep 2024 14:10:22 GMT
content-type: image/svg+xml
last-modified: Sat, 11 Dec 2021 10:18:55 GMT
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3

GET
H2 200 facebook-gray.svg
d1hpetrtq93mp2.cloudfront.net/web/assets/images/socials/ 516 B
1 KB 154ms
139ms Image
image/svg+xml 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1hpetrtq93mp2.cloudfront.net/web/assets/images/socials/facebook-gray.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

afd934683ac656d6ec82dce7641226b259b26633eadba9b31fff4e588af4df2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

etag: "488bb1b264a41389e387213abec5762d"
age: 11058012
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: SJkSCyH7WflcWH75G9Noh5v7VvlD4NjVlOzH8XHGwPhKphdS8KmspA==
date: Sat, 08 Jun 2024 05:25:07 GMT
content-type: image/svg+xml
last-modified: Sat, 11 Dec 2021 10:19:06 GMT
vary: Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 516
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3

GET
H2 200 facebook.svg
d1hpetrtq93mp2.cloudfront.net/web/assets/images/socials/ 514 B
1 KB 157ms
142ms Image
image/svg+xml 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1hpetrtq93mp2.cloudfront.net/web/assets/images/socials/facebook.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

77071d0217f324e9a0a423f421dbb6e12608ca534cbc75a3b342a8d8e8cfa834

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

etag: "96a848c4abde7ac8c62bde8e618eec3f"
age: 2604646
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: NBdfZw96taK2dvd_CWFHKHLO-HWGJhlvEzBvOh2FZbTSCewXj54ByA==
date: Sat, 14 Sep 2024 01:34:33 GMT
content-type: image/svg+xml
last-modified: Sat, 11 Dec 2021 10:19:06 GMT
vary: Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 514
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3

GET
H2 200 telegram-gray.svg
d1hpetrtq93mp2.cloudfront.net/web/assets/images/socials/ 3 KB
2 KB 140ms
125ms Image
image/svg+xml 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1hpetrtq93mp2.cloudfront.net/web/assets/images/socials/telegram-gray.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b2df6118b4b2f82ca2afcfb1ab2e0c0219a6e1305abc81b2214e7c4653808077

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

content-encoding: br
etag: W/"f5b4fc1e676657917e9e00642876bf12"
age: 21369560
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: -W6jwJA3HCIkhDE_OPI7t-ojO7z2OTd5g8Z-AUV89cBkR6pByRa9gw==
date: Fri, 09 Feb 2024 21:05:58 GMT
content-type: image/svg+xml
last-modified: Sat, 11 Dec 2021 10:19:06 GMT
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3

GET
H2 200 telegram.svg
d1hpetrtq93mp2.cloudfront.net/web/assets/images/socials/ 3 KB
2 KB 151ms
136ms Image
image/svg+xml 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1hpetrtq93mp2.cloudfront.net/web/assets/images/socials/telegram.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3b6ecfffcda28771de0b3e231f68b54f59687759debfa9d3a3cb93553766770e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

content-encoding: gzip
etag: W/"ce660909759f9bd197e2375681059ff8"
age: 6943970
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: zcPdkxVePWbi4h2dWoCHRHNJsCrKcxiHXAFzAp0XJ6Dz9lepb9Sb9w==
date: Thu, 25 Jul 2024 20:12:29 GMT
content-type: image/svg+xml
last-modified: Sat, 11 Dec 2021 10:19:06 GMT
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3

GET
H2 200 instagram-gray.svg
d1hpetrtq93mp2.cloudfront.net/web/assets/images/socials/ 963 B
1 KB 139ms
124ms Image
image/svg+xml 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1hpetrtq93mp2.cloudfront.net/web/assets/images/socials/instagram-gray.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8d4875d52d0bc7ec8900b1dbe893d9bd6b0b36ce8cba958c0ff1ebfa314cc60d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

etag: "cb1e2609e570af632ae1710c753b7b4e"
age: 2045964
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: QzqbW23Ju8mB-NRp2p_nIaZnTGp7u4QAw1pd3siVPdzxUVfGUCP5Eg==
date: Fri, 20 Sep 2024 12:45:54 GMT
content-type: image/svg+xml
last-modified: Sat, 11 Dec 2021 10:19:06 GMT
vary: Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 963
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3

GET
H2 200 instagram.svg
d1hpetrtq93mp2.cloudfront.net/web/assets/images/socials/ 2 KB
1 KB 154ms
139ms Image
image/svg+xml 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1hpetrtq93mp2.cloudfront.net/web/assets/images/socials/instagram.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ed1c98b110949d803d3e0c651a205f645b11f1a953cbdfb5b89e33da2cde6a3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

content-encoding: br
etag: W/"431197208c8b39b32e6ab38e7f521786"
age: 781002
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: QFN3pKfcKHL28fX0CMitPVyDrSVv3dCSeWB3badCMNg-L3qs088m_Q==
date: Sat, 05 Oct 2024 04:08:37 GMT
content-type: image/svg+xml
last-modified: Sat, 11 Dec 2021 10:19:06 GMT
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3

GET
H2 200 email-gray.svg
d1hpetrtq93mp2.cloudfront.net/web/assets/images/socials/ 1 KB
1 KB 152ms
137ms Image
image/svg+xml 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1hpetrtq93mp2.cloudfront.net/web/assets/images/socials/email-gray.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

24872b86578294a2f1d50b2ea004ec63e2388711899270f7735b11ca6b6f3524

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

content-encoding: br
etag: W/"77598efc69b745b904b9e89402a27c52"
age: 3647163
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: _L2hMr5WPgbH7Y9EOFbOjwnnhMCZZlZ0PdZyV4CxKhZT783x0u2erw==
date: Sun, 01 Sep 2024 23:59:33 GMT
content-type: image/svg+xml
last-modified: Sat, 11 Dec 2021 10:19:06 GMT
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3

GET
H2 200 email.svg
d1hpetrtq93mp2.cloudfront.net/web/assets/images/socials/ 1 KB
1 KB 290ms
275ms Image
image/svg+xml 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1hpetrtq93mp2.cloudfront.net/web/assets/images/socials/email.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d271420942158d8e552b3572e803c7aa73d94a320fc98fc89f251db3371e5104

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

content-encoding: gzip
etag: W/"41e44e7aeb0a5f9f870c5298ce7f01be"
age: 7268426
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: aYWa8hpGeuQjhSy2HaWm6SiMsWooQrqhZ8uCeF0kX8f14pl9jmjQXA==
date: Mon, 22 Jul 2024 02:04:53 GMT
content-type: image/svg+xml
last-modified: Sat, 11 Dec 2021 10:19:06 GMT
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3

GET
H2 200 ff8321b3ee1d027f7988ef6b462b9c8526e503e3_original.png
d1hpetrtq93mp2.cloudfront.net/attachments/ 148 KB
149 KB 317ms
302ms Image
image/png 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1hpetrtq93mp2.cloudfront.net/attachments/ff8321b3ee1d027f7988ef6b462b9c8526e503e3_original.png?1675070995

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5a4313ba4769fca3e604a3a0772e69f69b17ff2c5aa258fc36c59821bac51196

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

etag: "99ba80ddbf42b2370f17e99ba68aabdc"
age: 596242
x-content-type-options: nosniff
expires: Fri, 10 Feb 2023 10:08:48 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: fP6_3IqtdkeGYgsZsy3Qtg9AThkrMyVBedWTpmsur057dYF_LkXi8g==
date: Mon, 07 Oct 2024 07:27:57 GMT
content-type: image/png
last-modified: Mon, 30 Jan 2023 09:29:57 GMT
vary: Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 151741
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 gamcare.svg
d1hpetrtq93mp2.cloudfront.net/web/assets/images/license-logos/marsbet.com/ 3 KB
2 KB 320ms
306ms Image
image/svg+xml 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1hpetrtq93mp2.cloudfront.net/web/assets/images/license-logos/marsbet.com/gamcare.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2e5dcd516e806856b766fd927f42e2d9a163780d80175d4000bf570446134d36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

content-encoding: br
etag: W/"a5b904ff1f9d70d7f4d9c380eeb67b8e"
age: 781002
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: y5_4Q9L0l0nmpApNhynKQFOuEWEItJunvQ6RH_gPHO0tUfQrmmoCmQ==
date: Sat, 05 Oct 2024 04:08:37 GMT
content-type: image/svg+xml
last-modified: Sat, 11 Dec 2021 10:18:59 GMT
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3

GET
H2 200 gambleware.svg
d1hpetrtq93mp2.cloudfront.net/web/assets/images/license-logos/marsbet.com/ 15 KB
6 KB 319ms
306ms Image
image/svg+xml 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1hpetrtq93mp2.cloudfront.net/web/assets/images/license-logos/marsbet.com/gambleware.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e33cbbb794cff6fae98d3a2bc9b5190aaeb0de78a68e9b541d35d3ce7cdae672

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

content-encoding: br
etag: W/"e75543a4c8ecf3e6ac49ec513838443d"
age: 5982779
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: jPcFOogRsCZNUhC3Huma6GwVendPUueNMzRGrcvQuhBRLhWdlZqTPQ==
date: Mon, 05 Aug 2024 23:12:20 GMT
content-type: image/svg+xml
last-modified: Sat, 11 Dec 2021 10:18:59 GMT
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3

GET
H2 200 piastrixwebmoney-white.svg
d1hpetrtq93mp2.cloudfront.net/web/assets/images/payments/ 3 KB
2 KB 299ms
286ms Image
image/svg+xml 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1hpetrtq93mp2.cloudfront.net/web/assets/images/payments/piastrixwebmoney-white.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ebf5c11ebec1ea726545dfe5e049d40e329f74d93f69b6c60d32e01d1695ab1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

content-encoding: br
etag: W/"16c93c52a16b485d513ff65c766a5daf"
age: 3336484
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: Hhz8ujioeCNZkgsdutDo1Bm9VXEAA79wG7ZeK0_i2F1JvSqiUOb25w==
date: Thu, 05 Sep 2024 14:17:15 GMT
content-type: image/svg+xml
last-modified: Sat, 11 Dec 2021 10:19:01 GMT
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3

GET
H2 200 piastrixwebmoney.svg
d1hpetrtq93mp2.cloudfront.net/web/assets/images/payments/ 3 KB
2 KB 292ms
280ms Image
image/svg+xml 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1hpetrtq93mp2.cloudfront.net/web/assets/images/payments/piastrixwebmoney.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c1c6387d1ebd801a09dc9e25e6089c3585130bbe631d7bbf4e5b5daa1309b473

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

content-encoding: br
etag: W/"fdad53f94153ad302314335a4cddcd79"
age: 2339018
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: GZbYxCcGXp2mLaRmDceJj4qtucWhQYAzI-j1VI2eUwGjcsSVut5ZBg==
date: Tue, 17 Sep 2024 03:21:41 GMT
content-type: image/svg+xml
last-modified: Sat, 11 Dec 2021 10:19:01 GMT
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3

GET
H2 200 aiforytinkoff-white.svg
d1hpetrtq93mp2.cloudfront.net/web/assets/images/payments/ 37 KB
11 KB 301ms
288ms Image
image/svg+xml 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1hpetrtq93mp2.cloudfront.net/web/assets/images/payments/aiforytinkoff-white.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

565591eb68f0baa295d6dd96dec3a21422cf62637756ac2d20d2300f4bdc2860

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

content-encoding: br
etag: W/"e68bd32ec52b3eee618308ba3b0900f7"
age: 5908
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: eehvYkdxtRYyf1AZru4ecF7DUNYI5niv8KqczrWARl30PmkSTIPeBQ==
date: Mon, 14 Oct 2024 05:05:18 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Origin
last-modified: Tue, 19 Sep 2023 09:22:06 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 aiforytinkoff.svg
d1hpetrtq93mp2.cloudfront.net/web/assets/images/payments/ 37 KB
11 KB 305ms
294ms Image
image/svg+xml 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1hpetrtq93mp2.cloudfront.net/web/assets/images/payments/aiforytinkoff.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b143985c54569b6061bc8650df0fbf0ea435f4be1f9b899b04f89d03e4926eee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

content-encoding: br
etag: W/"992592c54e05e33b8fbe49d7adb9fdc9"
age: 25676
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: aL0EgErpWgJE_jFHEMqZmL8uUWcRTY6bEFzgu81CpCUDOlpLdGMviw==
date: Sun, 13 Oct 2024 22:38:55 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Origin
last-modified: Tue, 19 Sep 2023 09:22:06 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 jetonindia-white.svg
d1hpetrtq93mp2.cloudfront.net/web/assets/images/payments/ 1 KB
1 KB 296ms
285ms Image
image/svg+xml 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1hpetrtq93mp2.cloudfront.net/web/assets/images/payments/jetonindia-white.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a691abf81f3843972e3a7ae52d6aaf0e5aa2f3791b27888c3606351914ae4411

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

content-encoding: br
etag: W/"664e9c78faf100be7560c74a57e16ce1"
age: 3336484
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: dZ47QengvX5HCKWCx9LARLt3ZrA9uQSSu7jOr-mNEAk4KCRTJdnKig==
date: Thu, 05 Sep 2024 14:17:15 GMT
content-type: image/svg+xml
last-modified: Sat, 11 Dec 2021 10:19:00 GMT
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3

GET
H2 200 jetonindia.svg
d1hpetrtq93mp2.cloudfront.net/web/assets/images/payments/ 1 KB
1 KB 329ms
318ms Image
image/svg+xml 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1hpetrtq93mp2.cloudfront.net/web/assets/images/payments/jetonindia.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

be33dddff5c2fe845f9e2d32f3e5e9c75997d3ae1cabc9b889034297d497d2fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

content-encoding: gzip
etag: W/"9f935b7aa71b87b0bf68ebcf121e403f"
age: 7614096
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: ZNvmVPuGKv815iSBsqBAhFQHkRNFUjm7eEHAMlMkhHx4AGpGrttWpw==
date: Thu, 18 Jul 2024 02:03:43 GMT
content-type: image/svg+xml
last-modified: Sat, 11 Dec 2021 10:19:00 GMT
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3

GET
H2 200 monetixpix-white.svg
d1hpetrtq93mp2.cloudfront.net/web/assets/images/payments/ 9 KB
3 KB 316ms
304ms Image
image/svg+xml 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1hpetrtq93mp2.cloudfront.net/web/assets/images/payments/monetixpix-white.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6e5b342e33eb0c1eb0a678c726ab6b8fa19b08a048b57064958f7f98e36467c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

content-encoding: gzip
etag: W/"895046e5c7ea916515c9ba6446e39292"
age: 63896
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: gst0u_pDTAxWRCsrlP5E9KdnGT0Dmztms6ZCvQx8FhvR3PtIscpUag==
date: Sun, 13 Oct 2024 11:20:23 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Origin
last-modified: Tue, 06 Jun 2023 11:15:32 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 monetixpix.svg
d1hpetrtq93mp2.cloudfront.net/web/assets/images/payments/ 8 KB
3 KB 306ms
295ms Image
image/svg+xml 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1hpetrtq93mp2.cloudfront.net/web/assets/images/payments/monetixpix.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

21bd8efb97eb6cddc40b6220d6afe9eb23ceeae1c230fa06f0dcda5e7b2d9bb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

content-encoding: br
etag: W/"31214946b9f4855762ba7a0f6f62f5a4"
age: 12009
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: x__wAkRHdTNDXb1YimkgUvuJMpGiFFprOLs-RduXMJgxrzPyJ9X8OQ==
date: Mon, 14 Oct 2024 05:05:18 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Origin
last-modified: Tue, 06 Jun 2023 11:15:32 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 astropaycard-white.svg
d1hpetrtq93mp2.cloudfront.net/web/assets/images/payments/ 5 KB
3 KB 326ms
316ms Image
image/svg+xml 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1hpetrtq93mp2.cloudfront.net/web/assets/images/payments/astropaycard-white.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6db2491f96aedfb2f97504183e4eca0ae6df617234bf76a55128212723b8941e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

content-encoding: br
etag: W/"3d7e424769de798a8b5931943420d084"
age: 781002
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: a0lQTqvz-DJxxC5hVBBdjp_lHTUd7M72gCfqr9sSiB4wcw2SiXbGBA==
date: Sat, 05 Oct 2024 04:08:37 GMT
content-type: image/svg+xml
last-modified: Sat, 11 Dec 2021 10:18:59 GMT
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3

GET
H2 200 astropaycard.svg
d1hpetrtq93mp2.cloudfront.net/web/assets/images/payments/ 5 KB
3 KB 310ms
299ms Image
image/svg+xml 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1hpetrtq93mp2.cloudfront.net/web/assets/images/payments/astropaycard.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d2febe6b63cb11a11d0d6d027ae30dbb88309665cc9d276f006f63f204775da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

content-encoding: br
etag: W/"b2dcc4170f4704f86ab1b26fbc859e51"
age: 2339018
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: qKphIhBCqoSYYKlxPFXiH6VSa5zndXN-h2lCc_IqlLs0oiLmmSp_tw==
date: Tue, 17 Sep 2024 03:21:41 GMT
content-type: image/svg+xml
last-modified: Sat, 11 Dec 2021 10:18:59 GMT
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3

GET
H2 200 perfectmoney-white.svg
d1hpetrtq93mp2.cloudfront.net/web/assets/images/payments/ 6 KB
3 KB 329ms
318ms Image
image/svg+xml 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1hpetrtq93mp2.cloudfront.net/web/assets/images/payments/perfectmoney-white.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

81bb707f6340f93343130ccb80c560b7fdca59d435b3687f4244e586d829bbba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

content-encoding: gzip
etag: W/"71221c51f4a90783fbe3dea6c6fa9277"
age: 2081987
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: 7CfwZwGdZc8H60nkQ0i50WsWIQHKxTkTHbvTC51oHb8d9K3xRz9Oog==
date: Fri, 20 Sep 2024 02:45:32 GMT
content-type: image/svg+xml
last-modified: Sat, 11 Dec 2021 10:19:01 GMT
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3

GET
H2 200 perfectmoney.svg
d1hpetrtq93mp2.cloudfront.net/web/assets/images/payments/ 6 KB
3 KB 301ms
291ms Image
image/svg+xml 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1hpetrtq93mp2.cloudfront.net/web/assets/images/payments/perfectmoney.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f5cbb52b228856063d8a1fcc65355da26c3e23a3f37deff4f8937765df4416bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

content-encoding: br
etag: W/"9142f50e684618d23ac52497e8006ea4"
age: 11739713
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: dq6zksMxGOOvP2Lk8FhYUA8LumKHIkvZgxFAM9VZUwrSDMOBhU6sXg==
date: Fri, 31 May 2024 08:03:26 GMT
content-type: image/svg+xml
last-modified: Sat, 11 Dec 2021 10:19:01 GMT
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3

GET
H2 200 ecopayz-white.svg
d1hpetrtq93mp2.cloudfront.net/web/assets/images/payments/ 2 KB
1 KB 327ms
317ms Image
image/svg+xml 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1hpetrtq93mp2.cloudfront.net/web/assets/images/payments/ecopayz-white.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4df995af07a10fb3ba7774510a1ecce1e02e6f8b402b3f335a7ab69153b08112

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

content-encoding: gzip
etag: W/"8f2d66858acbdab18161bc56b56620f8"
age: 6035208
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: ZJBgcF4wuT6fI1RMyAXp3PlDA51OiqFVAxhncl9hiLIEOs1_ia_ciQ==
date: Mon, 05 Aug 2024 08:38:31 GMT
content-type: image/svg+xml
last-modified: Sat, 11 Dec 2021 10:19:00 GMT
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3

GET
H2 200 ecopayz.svg
d1hpetrtq93mp2.cloudfront.net/web/assets/images/payments/ 2 KB
2 KB 301ms
292ms Image
image/svg+xml 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1hpetrtq93mp2.cloudfront.net/web/assets/images/payments/ecopayz.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

84ce4b6d96845297991d626d3d6bffb04e92cb0f5ae10e35841e6d9cf3523237

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

content-encoding: gzip
etag: W/"121dc986558412ae2426a7f7d53974ff"
age: 28478700
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: gRLpRgILyxtkwZGxjm9yCiNoISXm4A8wyS62RhEUFNbPXEypQ87FnA==
date: Sun, 19 Nov 2023 14:20:19 GMT
content-type: image/svg+xml
last-modified: Sat, 11 Dec 2021 10:19:00 GMT
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3

GET
H2 200 marscrypto-white.svg
d1hpetrtq93mp2.cloudfront.net/web/assets/images/payments/ 5 KB
2 KB 298ms
289ms Image
image/svg+xml 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1hpetrtq93mp2.cloudfront.net/web/assets/images/payments/marscrypto-white.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

bd03b18bce2c1a1be8cb27eda984ea551a223f0fb039bd8bba32256d80f45470

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

content-encoding: gzip
etag: W/"d643a3f6893c79f8f1e7fc3cc6671c32"
age: 2098831
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: GIFg19qEnL3JzEZ1x45xCP6x2WGQTSmJoqjDiDLdxUnKIUNIDx4lVQ==
date: Thu, 19 Sep 2024 22:04:48 GMT
content-type: image/svg+xml
last-modified: Sat, 11 Dec 2021 10:19:00 GMT
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3

GET
H2 200 marscrypto.svg
d1hpetrtq93mp2.cloudfront.net/web/assets/images/payments/ 5 KB
3 KB 325ms
316ms Image
image/svg+xml 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1hpetrtq93mp2.cloudfront.net/web/assets/images/payments/marscrypto.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

68233011c754ecf3e42eaa15b29328fd89ba8f64583cce8f63459d55470cacef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

content-encoding: gzip
etag: W/"f89b26ecb4b8022e8260d7048c0cda11"
age: 11372792
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: wgNh1-n2DKVpGF0PgE3OPh3cp1Xm1ahUQ7WG44gJaiAt3MIntSXFcw==
date: Tue, 04 Jun 2024 13:58:47 GMT
content-type: image/svg+xml
last-modified: Sat, 11 Dec 2021 10:19:00 GMT
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3

GET vpag-white.svg
d1hpetrtq93mp2.cloudfront.net/web/assets/images/payments/ 0
0

GET vpag.svg
d1hpetrtq93mp2.cloudfront.net/web/assets/images/payments/ 0
0

GET
H2 200 marscrypto_eth-white.svg
d1hpetrtq93mp2.cloudfront.net/web/assets/images/payments/ 4 KB
2 KB 302ms
294ms Image
image/svg+xml 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1hpetrtq93mp2.cloudfront.net/web/assets/images/payments/marscrypto_eth-white.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3e054e5e78a78351be12686daa59d3c3663407a6917961c7299148ec9b0329ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

content-encoding: gzip
etag: W/"a7b8d71785ee0ef7b398b42a345773c4"
age: 7783453
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: jm3FVhjVmrAIdI1ZZMCuh0eUAnTbbPQopGBSt3ZNVQhU0LGllYd3pA==
date: Tue, 16 Jul 2024 03:04:12 GMT
content-type: image/svg+xml
last-modified: Sat, 11 Dec 2021 10:19:00 GMT
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3

GET
H2 200 marscrypto_eth.svg
d1hpetrtq93mp2.cloudfront.net/web/assets/images/payments/ 4 KB
2 KB 314ms
306ms Image
image/svg+xml 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1hpetrtq93mp2.cloudfront.net/web/assets/images/payments/marscrypto_eth.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f5f5c58d01a832a0933be9613777051e643ec736168080c300ad5b90255340db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

content-encoding: gzip
etag: W/"6401928a70be17a80fcfca6250589c29"
age: 2155297
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: u0x1KJ-9d9JJOql6lPvzFdae6vXeeAvZHdAPNTBma5m5cebozPCG1A==
date: Wed, 25 Sep 2024 06:00:36 GMT
content-type: image/svg+xml
last-modified: Sat, 11 Dec 2021 10:19:00 GMT
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3

GET
H2 200 skrill-white.svg
d1hpetrtq93mp2.cloudfront.net/web/assets/images/payments/ 1 KB
1 KB 307ms
300ms Image
image/svg+xml 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1hpetrtq93mp2.cloudfront.net/web/assets/images/payments/skrill-white.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a40a08398c99b23416b7d613f9979358c70ed569a4bddfced5d281ad7a6c6af2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

content-encoding: br
etag: W/"c553e168c272b52e9dc5eb5fb99671ef"
age: 2339017
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: _nb2s7zI52DyDRFYKFT11soOB9VddIXN4kbvS2fOcei47_x2IjvhDw==
date: Tue, 17 Sep 2024 03:21:42 GMT
content-type: image/svg+xml
last-modified: Sat, 11 Dec 2021 10:19:01 GMT
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3

GET
H2 200 skrill.svg
d1hpetrtq93mp2.cloudfront.net/web/assets/images/payments/ 1 KB
1 KB 287ms
280ms Image
image/svg+xml 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1hpetrtq93mp2.cloudfront.net/web/assets/images/payments/skrill.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f5ba634aa374ddbac12d380dbd98c70e25e5289867d351639467d2a228d35f83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

content-encoding: gzip
etag: W/"52a77aab77237b04b30c752eebe0fa85"
age: 7759462
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: 0ZLru_tJxbq5yDk4NzHE30a8o8SRomh6iVU7fGRWdrf_P-CcBYOQog==
date: Tue, 16 Jul 2024 09:40:57 GMT
content-type: image/svg+xml
last-modified: Sat, 11 Dec 2021 10:19:01 GMT
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3

GET
H2 200 aiforysbp-white.svg
d1hpetrtq93mp2.cloudfront.net/web/assets/images/payments/ 4 KB
2 KB 324ms
317ms Image
image/svg+xml 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1hpetrtq93mp2.cloudfront.net/web/assets/images/payments/aiforysbp-white.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

54a4d11b8af2f96a1448d59c296445a72fb40db27dbc7d0fc675ad42655463d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

content-encoding: br
etag: W/"8db0a0b976d2d51d9ec55b756dfac33d"
age: 10757
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: ZSO8nmd3EmrUSyxasMoS3vRdwb8Miggb-VvgVe9nPkSHe-35Gh8wKg==
date: Mon, 14 Oct 2024 05:05:18 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Origin
last-modified: Tue, 19 Sep 2023 09:22:06 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 aiforysbp.svg
d1hpetrtq93mp2.cloudfront.net/web/assets/images/payments/ 5 KB
3 KB 326ms
319ms Image
image/svg+xml 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1hpetrtq93mp2.cloudfront.net/web/assets/images/payments/aiforysbp.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

360cc4b7b8630a4f7041d0cc7ea06a07bbc1e39736da1266a5797ac721eab2d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

content-encoding: gzip
etag: W/"372c7cdb191d28f7f7b131eb51df0d36"
age: 35082
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: hcbOxVY5RFIMULgGtZEh1W8ulmIsxx7z2va16vXp90mJbaPCr9HyoQ==
date: Sun, 13 Oct 2024 19:20:37 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Origin
last-modified: Tue, 19 Sep 2023 09:22:06 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 neteller-white.svg
d1hpetrtq93mp2.cloudfront.net/web/assets/images/payments/ 926 B
1 KB 313ms
307ms Image
image/svg+xml 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1hpetrtq93mp2.cloudfront.net/web/assets/images/payments/neteller-white.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

fc5398e50dfcf8970bd9b6d6d8db949670ba4d65acb941a537f3847b3836234a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

etag: "de9f774f0cc31177bcaa3e7a1e71e2ec"
age: 25864593
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: T3ZQkl4KEaKvftmwTYreXomFdctKjrWRIhAqjaAD9wvu3DyS2rncnw==
date: Tue, 19 Dec 2023 20:28:46 GMT
content-type: image/svg+xml
last-modified: Sat, 11 Dec 2021 10:19:00 GMT
vary: Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 926
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3

GET
H2 200 neteller.svg
d1hpetrtq93mp2.cloudfront.net/web/assets/images/payments/ 924 B
1 KB 314ms
308ms Image
image/svg+xml 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1hpetrtq93mp2.cloudfront.net/web/assets/images/payments/neteller.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

124bcaab05c0fe045e15307dd03f3c3b7e0c4a073511c30334dc19bc5f99830c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

etag: "52199752123545e3e1439e7b65e488b1"
age: 26390739
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: tf7M3T2t9HcGiCbHGENhq_QehGOXWgTzztVRzvw861eu4zKcj7DPGA==
date: Wed, 13 Dec 2023 18:19:40 GMT
content-type: image/svg+xml
last-modified: Sat, 11 Dec 2021 10:19:00 GMT
vary: Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 924
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3

GET
H2 200 amusnet-white.svg
d1hpetrtq93mp2.cloudfront.net/web/assets/images/providers/ 3 KB
2 KB 289ms
283ms Image
image/svg+xml 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1hpetrtq93mp2.cloudfront.net/web/assets/images/providers/amusnet-white.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e9476205d4b44ee68ca0a8fe8f0abcb06066e46bb7f5a9f203c7a6b91582d2e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

content-encoding: br
etag: W/"f6efd287d97f8e651286c3768bbeb978"
age: 11861
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: xubMib9oOUj9mUoucBkqnJV8nvTXs_5Y7dJr4mC6a_fupSJhBL4WXw==
date: Mon, 14 Oct 2024 03:19:46 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Origin
last-modified: Tue, 12 Sep 2023 13:56:15 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 evolution-white.svg
d1hpetrtq93mp2.cloudfront.net/web/assets/images/providers/ 9 KB
4 KB 302ms
296ms Image
image/svg+xml 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1hpetrtq93mp2.cloudfront.net/web/assets/images/providers/evolution-white.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

cd9b6c453d30bbc0b676dde537e828b73bdca0a569aa671910341ee3691b48bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

content-encoding: br
etag: W/"7ecb838282f3ea2ba7c9ab7b540d42de"
age: 6953401
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: rL7kohruEr0zj6_ISunanRVD6zN8Bo3tZjUZl0xz7GJ9hd3JUCokFw==
date: Thu, 25 Jul 2024 17:37:40 GMT
content-type: image/svg+xml
last-modified: Sat, 11 Dec 2021 10:19:02 GMT
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3

GET
H2 200 ezugi-white.svg
d1hpetrtq93mp2.cloudfront.net/web/assets/images/providers/ 4 KB
2 KB 324ms
318ms Image
image/svg+xml 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1hpetrtq93mp2.cloudfront.net/web/assets/images/providers/ezugi-white.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7f03c7a4d84dd965f5f5d83ca384d358695f65eaf0404c0b5c4bc117118fe112

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

content-encoding: gzip
etag: W/"c26229fc106f13b663b88e8a22961c51"
age: 3281963
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: qu2CzaVkRucAQzWXg5LA1EOfdR7jYIT6txnhKHgL4BQ1MwU3aijCHA==
date: Fri, 06 Sep 2024 05:25:56 GMT
content-type: image/svg+xml
last-modified: Sat, 11 Dec 2021 10:19:02 GMT
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3

GET
H2 200 yggdrasil-white.svg
d1hpetrtq93mp2.cloudfront.net/web/assets/images/providers/ 9 KB
3 KB 306ms
301ms Image
image/svg+xml 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1hpetrtq93mp2.cloudfront.net/web/assets/images/providers/yggdrasil-white.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9573e76f52c0cea7f3cc3413c39a8b95987ae3fcd1f21f5de69d9deaafdbeb52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

content-encoding: br
etag: W/"cc8e3416d5714d73fc99c8d7a9b0e5a4"
age: 25867937
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: C4PwGh_ZI4N8t2nrQH7pS-fdf-n2sG-JTZpeEaTDOYg6hhC6AEfSag==
date: Tue, 19 Dec 2023 19:33:02 GMT
content-type: image/svg+xml
last-modified: Sat, 11 Dec 2021 10:19:04 GMT
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3

GET
H2 200 netent-white.svg
d1hpetrtq93mp2.cloudfront.net/web/assets/images/providers/ 1 KB
1 KB 288ms
283ms Image
image/svg+xml 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1hpetrtq93mp2.cloudfront.net/web/assets/images/providers/netent-white.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4fa6248f93fd43039efc23e85ecb7cfee2453d4c28273744fe7de2c33eca342a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

content-encoding: br
etag: W/"a5f22178d8bd3935b9cf2d26c53ba96a"
age: 6311529
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: cfurhfpPYwO1XsHH3D4LM6hz0UbFQieB2QglfneN5RF84RwVBxaFZw==
date: Fri, 02 Aug 2024 03:53:09 GMT
content-type: image/svg+xml
last-modified: Sat, 11 Dec 2021 10:19:02 GMT
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3

GET
H2 200 pragmaticplay-white.svg
d1hpetrtq93mp2.cloudfront.net/web/assets/images/providers/ 4 KB
2 KB 294ms
290ms Image
image/svg+xml 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1hpetrtq93mp2.cloudfront.net/web/assets/images/providers/pragmaticplay-white.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2817d7ccfc498776db046e14f9a09282cb371b8dbc42e236a490c9af5a5103a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

content-encoding: gzip
etag: W/"fb27b4f344a5e476151a3ffb21996f6b"
age: 7353683
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: n3IG-Vo6YzkBChxhtD9du4-smLdNvFkMvdqoeQOWDyt9DnE69SqIrw==
date: Sun, 21 Jul 2024 02:26:00 GMT
content-type: image/svg+xml
last-modified: Sat, 11 Dec 2021 10:19:02 GMT
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3

GET
H2 200 playngo-white.svg
d1hpetrtq93mp2.cloudfront.net/web/assets/images/providers/ 4 KB
2 KB 319ms
315ms Image
image/svg+xml 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1hpetrtq93mp2.cloudfront.net/web/assets/images/providers/playngo-white.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a76f02f1b08e77e8508b55efd6b9302d42d93bf2b92d386dbcb6e22541016c8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

content-encoding: gzip
etag: W/"c0b148230f3153ae47042e5756ecaf8d"
age: 17554513
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: mMHOJnnbOSDtuaUjk8iNv761WVxRd0M_GbvtKV4Jlxv6rHIGn0_ypw==
date: Mon, 25 Mar 2024 00:50:06 GMT
content-type: image/svg+xml
last-modified: Sat, 11 Dec 2021 10:19:02 GMT
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3

GET
H2 200 betsoft-white.svg
d1hpetrtq93mp2.cloudfront.net/web/assets/images/providers/ 5 KB
3 KB 295ms
290ms Image
image/svg+xml 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1hpetrtq93mp2.cloudfront.net/web/assets/images/providers/betsoft-white.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6fb4765c5aa9792b9665c428d12e9703d166eb83aa9a5ea988f2f7e7ec1d6c81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

content-encoding: gzip
etag: W/"606042593a64d477f9e5b0fbce2bd99c"
age: 6993280
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: inC3uSVKituO06vA6Lzr2_GzrJe1zfieBSR_bjhEaj8965CkkqM32A==
date: Thu, 25 Jul 2024 06:32:57 GMT
content-type: image/svg+xml
last-modified: Sat, 11 Dec 2021 10:19:02 GMT
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3

GET
H2 200 microgaming-white.svg
d1hpetrtq93mp2.cloudfront.net/web/assets/images/providers/ 10 KB
5 KB 301ms
297ms Image
image/svg+xml 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1hpetrtq93mp2.cloudfront.net/web/assets/images/providers/microgaming-white.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8282f0772f0c883548cc9e6a160376a5517ba65918c513275fdb3677f180b9d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

content-encoding: br
etag: W/"5c9ce3956495eeed4d04df3bf934873b"
age: 4935099
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: OUB5H3L4P5S3D6yRhZTSta1_fpa8Z2Swh-flI4eOLabEPri3sZzNNg==
date: Sun, 18 Aug 2024 02:13:40 GMT
content-type: image/svg+xml
last-modified: Sat, 11 Dec 2021 10:19:02 GMT
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3

GET
H2 200 quickspin-white.svg
d1hpetrtq93mp2.cloudfront.net/web/assets/images/providers/ 7 KB
3 KB 319ms
315ms Image
image/svg+xml 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1hpetrtq93mp2.cloudfront.net/web/assets/images/providers/quickspin-white.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ec608064dc450297aa57925215f61872ad19fd722fb8ccd564401f17db72e0b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

content-encoding: br
etag: W/"17447bb9829f7ae24a667cb79b6869b3"
age: 2341370
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: S89HcXLO-cUiPOgEG-3uzOaN9l0T_dBHHxe9DOQI4VZaORq4khNG9A==
date: Tue, 17 Sep 2024 02:42:28 GMT
content-type: image/svg+xml
last-modified: Sat, 11 Dec 2021 10:19:02 GMT
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3

GET
H2 200 amatic-white.svg
d1hpetrtq93mp2.cloudfront.net/web/assets/images/providers/ 4 KB
2 KB 300ms
296ms Image
image/svg+xml 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1hpetrtq93mp2.cloudfront.net/web/assets/images/providers/amatic-white.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6d9ceae6d416702f85bbab66209111d20a1a7e22e10def9729ebf3d82a85f7e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

content-encoding: gzip
etag: W/"3f7f598087ef2522ca4b05bbdb7d6fc1"
age: 7645542
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: ciNF-dbydV_RMlOgIEsLzzhO2RRIWC7w_IEkoVPvyJWnxa1fHFKc-w==
date: Wed, 17 Jul 2024 17:22:17 GMT
content-type: image/svg+xml
last-modified: Sat, 11 Dec 2021 10:19:02 GMT
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3

GET
H2 200 spinomenal-white.svg
d1hpetrtq93mp2.cloudfront.net/web/assets/images/providers/ 7 KB
3 KB 319ms
316ms Image
image/svg+xml 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1hpetrtq93mp2.cloudfront.net/web/assets/images/providers/spinomenal-white.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

503ba91cc3598ea966264bee92218c45c28d5f840491f9a2bfbf933b78fd127c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

content-encoding: gzip
etag: W/"d2e00ab62592cb6545c125646613e2cb"
age: 6035208
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: Ub17eOIxgLaHN6Os8PqusozCjk8HuyDTAKxET8qv0dN40V1_ozh7ow==
date: Mon, 05 Aug 2024 08:38:31 GMT
content-type: image/svg+xml
last-modified: Sat, 11 Dec 2021 10:19:04 GMT
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3

GET
H2 200 evoplay-white.svg
d1hpetrtq93mp2.cloudfront.net/web/assets/images/providers/ 4 KB
2 KB 321ms
317ms Image
image/svg+xml 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1hpetrtq93mp2.cloudfront.net/web/assets/images/providers/evoplay-white.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

dabac4fd7f358379482f950d9c60d14205eb797c8ae3369787059f4fe47400f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

content-encoding: gzip
etag: W/"0d619462901ab272ac9a823a4806263f"
age: 3323014
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: U0F3LE99I-6HJi8-JfetGXpW9J-bH2IPUzB-SI81v7w7S1DGzw9K1w==
date: Thu, 05 Sep 2024 18:01:45 GMT
content-type: image/svg+xml
last-modified: Sat, 11 Dec 2021 10:19:02 GMT
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3

GET
H2 200 marsbet-logo.svg
d1hpetrtq93mp2.cloudfront.net/ 4 KB
2 KB 229ms
228ms Image
image/svg+xml 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1hpetrtq93mp2.cloudfront.net/marsbet-logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

715f1111085b3082212af758b4d226e395b9cbafa42bd27c083e33e3edf6518e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

content-encoding: br
etag: W/"bb7a805568345f8e0df247130cc39dcf"
age: 2357
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: e0sWs0-odf97JHpws-NhZo3_2yxtCMkNGb7SAA_jAPSpuukGNaR0cA==
date: Mon, 14 Oct 2024 05:05:18 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Origin
last-modified: Tue, 04 Jul 2023 11:04:22 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 79d23fc2-0bd2-408c-85df-e86919a20d52 Show response
ekr.zdassets.com/compose/ 1 KB
1 KB 383ms
177ms Fetch
application/json 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/79d23fc2-0bd2-408c-85df-e86919a20d52

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=79d23fc2-0bd2-408c-85df-e86919a20d52

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b4f45253e8c309f25162fba1f755cfeabfe81d7b1a20163c7d82cd9701c930a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

access-control-max-age: 7200
x-request-id: 8ced7da7eac1648b-SEA, 8ced7da7eac1648b-SEA, 8ced7da7eac1648b-SEA
access-control-expose-headers
content-encoding: br
cf-cache-status: REVALIDATED
etag: W/"9b4f45253e8c309f25162fba1f755cfe"
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kdkfl9bpgiLsuIx7gAnuip4zCSvtpWV1AoBgOA2Fzjux%2FwZXYso3IL%2B6Vq5jAAgtQX%2BPwv%2BQfANxVVt%2B67z6Tt1dzWeLWJRNAj0QrH9aiErS9uSpASxPl3X1FD7O6e0WXK0%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS
x-content-type-options: nosniff
date: Mon, 14 Oct 2024 05:05:18 GMT
content-type: application/json; charset=utf-8
vary: Accept, Origin, Accept-Encoding
x-runtime: 0.003698
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
cdn-cache-control: max-age=60
cache-control: max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
cf-ray: 8d25089ced146c7c-DFW
access-control-allow-origin: *
x-zendesk-zorg: yes, yes
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 9abc9969964f65da0fad801079dbefb00a7698a1_original.png
d1hpetrtq93mp2.cloudfront.net/attachments/ 51 KB
52 KB 126ms
125ms Image
image/png 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1hpetrtq93mp2.cloudfront.net/attachments/9abc9969964f65da0fad801079dbefb00a7698a1_original.png?1693477170

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2b30b2fc541c98ef6517662002ed3d68cba4177f40f9721ab69e34fd918a05a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

etag: "f4d04f86d444b45c4b5485542a955b55"
age: 972178
x-content-type-options: nosniff
expires: Sun, 10 Sep 2023 18:20:08 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: Dmik1Erg-S74mB-xXFOlNwxZ14pW-4xMSYEhxIdaCQzSJOD9R4P7fQ==
date: Wed, 02 Oct 2024 23:10:36 GMT
content-type: image/png
vary: Accept-Encoding, Origin
last-modified: Thu, 31 Aug 2023 10:19:32 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 52376
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 1c0246df-1aa7-485a-a24c-21ae5e730000
seal.cgcb.info/ 2 KB
3 KB 292ms
97ms Image
image/avif 172.67.179.174
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seal.cgcb.info/1c0246df-1aa7-485a-a24c-21ae5e730000

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.179.174 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a53dba76c4cf41a57710e03e004e26613adf21b4ef1186e838ab027724812abb

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

cf-cache-status: HIT
etag: "cffrO_ABzy7PQP9_cax7i4zhCAMW4tVfkE0tws9FteDQ"
cf-bgj: imgq:85,h2pri
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WqCGxy88ZxPg4I5th%2BVGCTa3nGakmdjsz7A%2Fxlxm2V8BuWpBH3N%2B1051KcpgjXoZwq%2BGzvVa8nt6ivcpOGgVGJJidm2ENEnbcr5f3SMExnJ0OLOSgYUjYjE77bCAGSLqRA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Mon, 14 Oct 2024 05:05:18 GMT
content-type: image/avif
vary: Accept, Accept-Encoding
priority: u=3,i
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control: public,max-age=172800,stale-while-revalidate=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-images: internal=ok/- q=0 n=17+54 c=0+54 v=2024.8.1 l=2431 f=false
cf-ray: 8d25089cc91a2aed-LAX
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2431
server: cloudflare

GET
H2 200 854de9fb5b2a5daf5f0812fed4085aa5d3a94f55_medium.jpg
d1hpetrtq93mp2.cloudfront.net/product_banners/ 208 KB
209 KB 129ms
127ms Image
image/jpeg 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1hpetrtq93mp2.cloudfront.net/product_banners/854de9fb5b2a5daf5f0812fed4085aa5d3a94f55_medium.jpg?1639220897

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

89bda271c45955c5cb25d402fa46b2965ee9d39a8a992cda5581d235a631e10f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

etag: "b1e341b12e0bd374784f0ea113a6a64f"
age: 586046
x-content-type-options: nosniff
expires: Sat, 25 Dec 2021 11:05:23 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: _vt8zeamrwqIS_ujhv4JTfBVhRqkaPFnoA0No5Som55QQXXri20ShQ==
date: Mon, 07 Oct 2024 10:17:53 GMT
content-type: image/jpeg
last-modified: Sat, 11 Dec 2021 11:08:18 GMT
vary: Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 212805
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3

GET
H2 200 71b51f984bface988e25763b1420cced737c8863_medium.jpg
d1hpetrtq93mp2.cloudfront.net/product_banners/ 205 KB
206 KB 154ms
152ms Image
image/jpeg 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1hpetrtq93mp2.cloudfront.net/product_banners/71b51f984bface988e25763b1420cced737c8863_medium.jpg?1639220901

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

04cb67712ce2ebf279ad7c96fec968aa193097bdad560e5597b89738caba692d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

etag: "c7bc0efe524c5362802458f58c7a7b66"
age: 20825
x-content-type-options: nosniff
expires: Sat, 25 Dec 2021 11:05:23 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: YFpjAP4-bDgOtmoyjZrrLOR5KaZffrVtkTTkvbDIMHMPKlyAbwWAww==
date: Sun, 13 Oct 2024 23:30:34 GMT
content-type: image/jpeg
last-modified: Sat, 11 Dec 2021 11:08:23 GMT
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 209668
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3

GET
H2 200 92461b4a941ea6856f46cd12dc146a5734a9e707_medium.jpg
d1hpetrtq93mp2.cloudfront.net/product_banners/ 223 KB
223 KB 131ms
130ms Image
image/jpeg 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1hpetrtq93mp2.cloudfront.net/product_banners/92461b4a941ea6856f46cd12dc146a5734a9e707_medium.jpg?1639220911

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e7f1890c22f28761568d1241514ee74882f6e89f49ee547a870ee165aeecd549

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

etag: "e49862659794da822980fd71fcb9dbb2"
age: 705608
x-content-type-options: nosniff
expires: Sat, 25 Dec 2021 11:05:23 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: FgRxbTwW7dmNu8_IZsojcAmFArDjZScYCiz9mH-Bs2RkFYfIExVgXw==
date: Sun, 06 Oct 2024 02:35:53 GMT
content-type: image/jpeg
last-modified: Sat, 11 Dec 2021 11:08:33 GMT
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 227881
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3

GET
H2 200 327fa49c4a3e9bf2020a5c4ef9c7f0b6ac84e592_medium.jpg
d1hpetrtq93mp2.cloudfront.net/product_banners/ 305 KB
306 KB 127ms
126ms Image
image/jpeg 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1hpetrtq93mp2.cloudfront.net/product_banners/327fa49c4a3e9bf2020a5c4ef9c7f0b6ac84e592_medium.jpg?1693477530

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

12b34a7de12a9caccbd0bf61bfbb2c9ccb6442c4cbbe44f406e22e9124d915e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

etag: "b766336bae5efdbcaf8208e04f064a81"
age: 784728
x-content-type-options: nosniff
expires: Sun, 10 Sep 2023 18:20:07 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: Crd2o7AnCIdIWfAj2spQ6tjNXvx6RNrGDz1wiln-uIwwQxsGG47STA==
date: Tue, 08 Oct 2024 05:22:56 GMT
content-type: image/jpeg
last-modified: Thu, 31 Aug 2023 10:25:31 GMT
vary: Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 312118
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 36af67266177fe1c36575bfe64ae8b6af97f03ba_medium.jpg
d1hpetrtq93mp2.cloudfront.net/slider_images/ 198 KB
199 KB 142ms
141ms Image
image/jpeg 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1hpetrtq93mp2.cloudfront.net/slider_images/36af67266177fe1c36575bfe64ae8b6af97f03ba_medium.jpg?1704789316

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d9a0fbbb43115fe996036c90dd6a105357356488a9c8ef2142aff627a32a2d1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

etag: "230ace9eed25588cbbfd47af750bee4f"
age: 737578
x-content-type-options: nosniff
expires: Fri, 19 Jan 2024 21:40:40 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: JvC1Ig1LloY8lTPwgaMzWmhAfG3a5u_lE8tL_S7lBfhuJHU_V-VZTA==
date: Sat, 05 Oct 2024 17:32:04 GMT
content-type: image/jpeg
vary: Accept-Encoding, Origin
last-modified: Tue, 09 Jan 2024 08:35:17 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 202439
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 c92c1721a5529f8b323da59e644c51350352afca_medium.jpg
d1hpetrtq93mp2.cloudfront.net/slider_images/ 187 KB
188 KB 141ms
140ms Image
image/jpeg 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1hpetrtq93mp2.cloudfront.net/slider_images/c92c1721a5529f8b323da59e644c51350352afca_medium.jpg?1639219863

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

fd59d087367c38b7b97975e32f51a3291e86cd65eb0665559787e8aa097731d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

etag: "3c954115d907722c2ad698d5e3ee6974"
age: 784728
x-content-type-options: nosniff
expires: Sat, 25 Dec 2021 10:42:12 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: oVVMfwc_mEO2tsK_XTqgtAqKdcHxeoPk2quJkx92Qc-OQetDl5eyAA==
date: Sat, 05 Oct 2024 03:06:31 GMT
content-type: image/jpeg
last-modified: Sat, 11 Dec 2021 10:51:05 GMT
vary: Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 191655
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3

GET
H2 200 34589508e3a86be124f91e2d33d410ca562495e3_medium.jpg
d1hpetrtq93mp2.cloudfront.net/slider_images/ 179 KB
180 KB 182ms
181ms Image
image/jpeg 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1hpetrtq93mp2.cloudfront.net/slider_images/34589508e3a86be124f91e2d33d410ca562495e3_medium.jpg?1639219851

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

317bc1e4dabf4ed524a91782d3bac27c5f50a9c429261b646add2bc000e02a2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

etag: "73caf6bfa80fa7170ce0554780699212"
age: 666499
x-content-type-options: nosniff
expires: Sat, 25 Dec 2021 10:42:12 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: NTELpeAZ1ShqJETzTFpQM7WXIFsU4_Zfs39JfCjsK38WiYHAUPTkzw==
date: Sun, 06 Oct 2024 12:07:18 GMT
content-type: image/jpeg
last-modified: Sat, 11 Dec 2021 10:50:53 GMT
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 183299
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3

GET
H2 200 fb31f4262251ed3848a550d44cf6e5bfbc614d47_medium.jpg
d1hpetrtq93mp2.cloudfront.net/slider_images/ 207 KB
208 KB 142ms
142ms Image
image/jpeg 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1hpetrtq93mp2.cloudfront.net/slider_images/fb31f4262251ed3848a550d44cf6e5bfbc614d47_medium.jpg?1639219856

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

19319e9c0f5cd47930e766353bcff061db48b2fbf3f407d66b7ee2547756fdd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

etag: "743575d456e95868e905990268231f34"
age: 1175973
x-content-type-options: nosniff
expires: Sat, 25 Dec 2021 10:42:12 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: DAQ8jMxq82nHcva-aM7GIOXY5JjGUKGcHw4GJ5ximsQPaezwptHckA==
date: Mon, 30 Sep 2024 14:25:46 GMT
content-type: image/jpeg
last-modified: Sat, 11 Dec 2021 10:50:57 GMT
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 212243
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3

GET
H2 200 fe46809a9a165ff29c12295e1d3c24b30cdafd77_medium.gif
d1hpetrtq93mp2.cloudfront.net/game_images/ 78 KB
78 KB 185ms
182ms Image
image/gif 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1hpetrtq93mp2.cloudfront.net/game_images/fe46809a9a165ff29c12295e1d3c24b30cdafd77_medium.gif?1606152667

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d6eb5e243a89d1daf3d0d3008e8e51b05d2b43585fb2a4adc2cc6e68260d43f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

etag: "f099729062f53c2cdd19f1f3d15dddb3"
age: 522424
x-content-type-options: nosniff
expires: Mon, 07 Dec 2020 10:56:22 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: NpmtLurCg3AHTFRh23yIkAcWvSf5-729VBKtldcwGdhXYDazcDvwew==
date: Tue, 08 Oct 2024 05:22:56 GMT
content-type: image/gif
last-modified: Mon, 23 Nov 2020 17:31:09 GMT
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 79362
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3

GET
H2 200 727f6dc4a9d0b4b8473014d2e5bf376cfadb50dd_medium.jpg
d1hpetrtq93mp2.cloudfront.net/game_images/ 17 KB
18 KB 181ms
178ms Image
image/jpeg 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1hpetrtq93mp2.cloudfront.net/game_images/727f6dc4a9d0b4b8473014d2e5bf376cfadb50dd_medium.jpg?1721123946

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e88ff8b80f19b542299dedeb7222e7735a1e6e0d8430d3bd558484c1798ccc5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

etag: "5679e7c665c3cc2b04c956a6cd5f09b6"
age: 785780
x-content-type-options: nosniff
expires: Tue, 30 Jul 2024 05:57:20 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: wgN2Dro0XjrzTJ7EGSjKVJ5_jfFxsJrA5SMIBHx7ZR1ZmnguDsa2rg==
date: Sat, 05 Oct 2024 02:48:59 GMT
content-type: image/jpeg
vary: Accept-Encoding, Origin
last-modified: Tue, 16 Jul 2024 09:59:08 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 17376
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 fe9af740167f99887cb71d10d90a6f3626be0f55_medium.jpg
d1hpetrtq93mp2.cloudfront.net/game_images/ 16 KB
16 KB 201ms
198ms Image
image/jpeg 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1hpetrtq93mp2.cloudfront.net/game_images/fe9af740167f99887cb71d10d90a6f3626be0f55_medium.jpg?1599661676

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4f23a1df8464826a902bb953ffb51f5001fd42ab7ca2526a8b5be16e2ecee0ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

etag: "45635477b375eed311f11e1c9f763cd5"
age: 844666
x-content-type-options: nosniff
expires: Tue, 22 Sep 2020 20:06:23 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: jnzf3QD_qpZMjKMTj1X51ygGo9eXGr6Uvo2f3Ew5siIxsftU1NW1UQ==
date: Fri, 04 Oct 2024 11:40:42 GMT
content-type: image/jpeg
last-modified: Wed, 09 Sep 2020 14:27:57 GMT
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 16200
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3

GET
H2 200 dbaa1754dff755f8c0686d54e795d0daeaffe4c2_medium.jpg
d1hpetrtq93mp2.cloudfront.net/game_images/ 18 KB
19 KB 182ms
179ms Image
image/jpeg 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1hpetrtq93mp2.cloudfront.net/game_images/dbaa1754dff755f8c0686d54e795d0daeaffe4c2_medium.jpg?1653391971

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1306cc23a5864d3b48c23f6a0e45369666f5df33104b8aa91ec93d51bbcbe4bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

etag: "390851b8a1366e06e55211973bb70da7"
age: 742070
x-content-type-options: nosniff
expires: Tue, 31 May 2022 15:06:58 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: AGFRhBYtST8poWP97-tEu0Yf5sc1dqYrMMp8yUX5toGXPjxOt4gcsA==
date: Sat, 05 Oct 2024 14:57:29 GMT
content-type: image/jpeg
last-modified: Tue, 24 May 2022 11:32:52 GMT
vary: Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 18481
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3

GET
H2 200 b567dfa7ae4401762a3950d07d33851605c7ed35_medium.jpg
d1hpetrtq93mp2.cloudfront.net/game_images/ 20 KB
20 KB 207ms
205ms Image
image/jpeg 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1hpetrtq93mp2.cloudfront.net/game_images/b567dfa7ae4401762a3950d07d33851605c7ed35_medium.jpg?1649164546

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5b52cb0bbd6ace343b2cbc12a894d5fb88b5c80639782165636b6624b5c5d708

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

etag: "df549e075c8d63ae891586af550180f2"
age: 742070
x-content-type-options: nosniff
expires: Thu, 14 Apr 2022 08:45:07 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: l9szrrHCYJCwD7ovVVifoOioDSNKgsB2_1V3m-lVeQmApIMbl79h9w==
date: Sat, 05 Oct 2024 14:57:29 GMT
content-type: image/jpeg
last-modified: Tue, 05 Apr 2022 13:15:47 GMT
vary: Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 20091
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3

GET
H2 200 5afd2a99bdffbb25d8571bbfa1d10b4b4155c335_medium.jpg
d1hpetrtq93mp2.cloudfront.net/game_images/ 19 KB
19 KB 183ms
181ms Image
image/jpeg 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1hpetrtq93mp2.cloudfront.net/game_images/5afd2a99bdffbb25d8571bbfa1d10b4b4155c335_medium.jpg?1714549771

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ebd67da15b76744f777ee9b5631fe892597a1fe646b03b3022aecd19ebe650e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

etag: "b8980ce1715427454058a75921fc7128"
age: 1182042
x-content-type-options: nosniff
expires: Mon, 13 May 2024 07:59:54 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: V4KxWqrSmJvxoUeKU3wW-LnrPpEiDbu8kqeGOqsSBSr2sLqWDZCl7Q==
date: Mon, 30 Sep 2024 12:44:37 GMT
content-type: image/jpeg
last-modified: Wed, 01 May 2024 07:49:32 GMT
vary: Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 19272
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 898bb02ecd466cf023e42ee554d3fc9a91f54ea9_medium.jpg
d1hpetrtq93mp2.cloudfront.net/game_images/ 13 KB
13 KB 197ms
196ms Image
image/jpeg 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1hpetrtq93mp2.cloudfront.net/game_images/898bb02ecd466cf023e42ee554d3fc9a91f54ea9_medium.jpg?1712578562

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

85572fe614a4dd17ba644bf08007e6b9af3fee337b65c0ef9096ea409b524f45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

etag: "db69c78c4fb52a519bf2a4d208be8c6e"
age: 429808
x-content-type-options: nosniff
expires: Wed, 17 Apr 2024 09:06:32 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: 2nC_sjYIxT2TLaCgS9nkOtAznRBSOjNBklo9vKhdWy1TuY46XKOAnw==
date: Wed, 09 Oct 2024 06:26:30 GMT
content-type: image/jpeg
vary: Accept-Encoding, Origin
last-modified: Mon, 08 Apr 2024 12:16:03 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 12878
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 d6f94155fff3190a7d95a33e40fb7bb50b423744_medium.jpg
d1hpetrtq93mp2.cloudfront.net/game_images/ 16 KB
16 KB 198ms
197ms Image
image/jpeg 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1hpetrtq93mp2.cloudfront.net/game_images/d6f94155fff3190a7d95a33e40fb7bb50b423744_medium.jpg?1533985147

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

bf54183a406df40b2ab0451b95c77f619f7d20e6abcc9d5ed1f078e72ffdeb73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

etag: "5c8ef44c7def2825f1c423e48a0dd335"
age: 768027
x-content-type-options: nosniff
expires: Fri, 24 Aug 2018 11:36:01 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: mP7N-TS4q33vnpCuSo_H0hi2XQnL0MJh8npjbU54v5uudqwX2IuHFQ==
date: Sat, 05 Oct 2024 07:44:52 GMT
content-type: image/jpeg
last-modified: Sat, 11 Aug 2018 10:59:08 GMT
vary: Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 15995
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3

GET
H2 200 95f46ace996d731855db91e24e924bd90f9bad41_medium.jpg
d1hpetrtq93mp2.cloudfront.net/game_images/ 15 KB
15 KB 181ms
180ms Image
image/jpeg 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1hpetrtq93mp2.cloudfront.net/game_images/95f46ace996d731855db91e24e924bd90f9bad41_medium.jpg?1707122905

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

aa56bca5aba98ef470a39cee7a0c1cf83ec0dcabf9a48eb059b2c5bf5e47275a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

etag: "34ce7074bbd52094f7891087d06c2c4e"
age: 888380
x-content-type-options: nosniff
expires: Wed, 14 Feb 2024 08:47:43 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: i4v8GEr-d0m3mA6cEMA2CNAX1FsTFX3gYsOOsTPMBKb50TN8A26H7g==
date: Thu, 03 Oct 2024 22:23:59 GMT
content-type: image/jpeg
vary: Accept-Encoding, Origin
last-modified: Mon, 05 Feb 2024 08:48:27 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 14869
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 908a74c696934643990dc98893944e2d80e59dfa_original.jpg
d2ps39elv3ruqi.cloudfront.net/attachments/ 218 KB
219 KB 464ms
452ms Image
image/jpeg 2600:9000:2509:9600:0:68d8:d680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2ps39elv3ruqi.cloudfront.net/attachments/908a74c696934643990dc98893944e2d80e59dfa_original.jpg?1615133180

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2509:9600:0:68d8:d680:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5acb0ea9647cabe546a0d77f30b3effd07372c48fec50770dc7928ae7c38add6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

etag: "d430a717a7124b1937750345a1c042d8"
age: 582284
x-content-type-options: nosniff
expires: Mon, 15 Mar 2021 16:34:30 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: AC456XLpo2PDGYMxEQnsVbroBZ-k4wmzq1qEUAEDZPwTgoP-3maLDg==
date: Mon, 07 Oct 2024 11:20:35 GMT
content-type: image/jpeg
last-modified: Sun, 07 Mar 2021 16:06:21 GMT
vary: Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: max-age=1209600
referrer-policy: strict-origin-when-cross-origin
via: 1.1 8a5a55219dfdbca831a0a40e05aaa842.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 223293
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD12-P2
server: AmazonS3

GET
DATA 200
OK truncated
/ 110 KB
110 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 47ce0a48442f5640f147a6071e62fbb31b48a52023ffe198f07be359187bafe3

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Origin: https://www.marsbet.com
Referer

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 7c27ab8644fdceba47aed3571bc80fe8ef02ed16_medium.jpg
d1hpetrtq93mp2.cloudfront.net/game_images/ 17 KB
18 KB 128ms
125ms Image
image/jpeg 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1hpetrtq93mp2.cloudfront.net/game_images/7c27ab8644fdceba47aed3571bc80fe8ef02ed16_medium.jpg?1599661339

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a9a2899e7441e94980af9dc10c1ff8b1cc17fbef3e7e4f5b05abe0cfb4b56cd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

etag: "abe62962e7ef8a03ecac0a418b33909a"
age: 761595
x-content-type-options: nosniff
expires: Tue, 22 Sep 2020 20:06:13 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: yvN6TNW_Gc6zVJ_ipm58Z-AZQ6t1nInR0aE-1QLVUbFNSWF_uUrqiw==
date: Sat, 05 Oct 2024 09:32:04 GMT
content-type: image/jpeg
last-modified: Wed, 09 Sep 2020 14:22:20 GMT
vary: Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 17836
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3

GET
H2 200 b8d6e722e648c0b1958d0ba9d627c27f17d75ad2_medium.jpg
d1hpetrtq93mp2.cloudfront.net/game_images/ 19 KB
20 KB 129ms
127ms Image
image/jpeg 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1hpetrtq93mp2.cloudfront.net/game_images/b8d6e722e648c0b1958d0ba9d627c27f17d75ad2_medium.jpg?1599661275

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c5a402da1b3c0b626a7953ca10296ae22b0f56adafb8928909650c4d45a1f91b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

etag: "c8a4cf9fe45cb694dea28fcb78680607"
age: 956892
x-content-type-options: nosniff
expires: Tue, 22 Sep 2020 20:06:13 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: hDWuRIvXD8mOi7Y5BB5qedvI_EchU5L8if3YWm1BhGlGD_13Yp1ukg==
date: Thu, 03 Oct 2024 03:55:17 GMT
content-type: image/jpeg
last-modified: Wed, 09 Sep 2020 14:21:16 GMT
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 19608
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3

GET
H2 200 e7ea87cae77b46cc806ceb837abfb234dfe0abd5_medium.jpg
d1hpetrtq93mp2.cloudfront.net/game_images/ 21 KB
22 KB 129ms
127ms Image
image/jpeg 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1hpetrtq93mp2.cloudfront.net/game_images/e7ea87cae77b46cc806ceb837abfb234dfe0abd5_medium.jpg?1591709754

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b4be6ec3bf35f354a76fd1e32750b7b4c38947fda1fb996b88c26c66fd13c8c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

etag: "68fb26c5ffd32a0ea7b5e045b942b9d8"
age: 956892
x-content-type-options: nosniff
expires: Tue, 23 Jun 2020 10:19:31 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: brgmOWxwRXsNVoXGrVBtBoLpzCkWRf4w-m6G7RYEGoJ48SY-U_owbw==
date: Thu, 03 Oct 2024 03:55:17 GMT
content-type: image/jpeg
last-modified: Tue, 09 Jun 2020 13:35:55 GMT
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 21699
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3

GET
H2 200 d2c0db4234667204db8372a41cb67ceb08aae724_medium.jpg
d1hpetrtq93mp2.cloudfront.net/game_images/ 17 KB
18 KB 131ms
129ms Image
image/jpeg 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1hpetrtq93mp2.cloudfront.net/game_images/d2c0db4234667204db8372a41cb67ceb08aae724_medium.jpg?1652258950

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

063bd09293250e2a959a7dace8431a48185c8687bd87aab6dfd87aad174628c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

etag: "86cf485428c49c144b802c1dac35f3b3"
age: 474786
x-content-type-options: nosniff
expires: Thu, 12 May 2022 08:55:35 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: 0Ww1i5VufD0q6vJ1V3kv3xsEg1M7tx5eVbprE9sYkprL6dxbRgQjkQ==
date: Tue, 08 Oct 2024 17:12:13 GMT
content-type: image/jpeg
last-modified: Wed, 11 May 2022 08:49:12 GMT
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 17339
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3

GET
H2 200 5bfa4c849ebca9ee7d98bc6c054a99ea236736c2_medium.jpg
d1hpetrtq93mp2.cloudfront.net/game_images/ 18 KB
18 KB 129ms
128ms Image
image/jpeg 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1hpetrtq93mp2.cloudfront.net/game_images/5bfa4c849ebca9ee7d98bc6c054a99ea236736c2_medium.jpg?1558011648

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

80c4da0b9eb6d46fde25f857b01f3657c128f83e858900b01ddf382c7064b7cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

etag: "87c6b77e42136082c362172c1a90fd10"
age: 761595
x-content-type-options: nosniff
expires: Wed, 29 May 2019 19:15:09 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: T6KjJGTDOrdismS3m9in6lCgZ-F0cmQMZnBgzMde-myQzky5S0gAJA==
date: Sun, 06 Oct 2024 08:04:52 GMT
content-type: image/jpeg
last-modified: Thu, 16 May 2019 13:00:49 GMT
vary: Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 18260
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3

GET
H2 200 62214dbf58a1f6a240e2bd8babaa99fdadb3a81d_medium.png
d1hpetrtq93mp2.cloudfront.net/game_images/ 97 KB
98 KB 130ms
129ms Image
image/png 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1hpetrtq93mp2.cloudfront.net/game_images/62214dbf58a1f6a240e2bd8babaa99fdadb3a81d_medium.png?1657627435

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8e529c433ff758e21443b9523d93fa79e95ebfa5658f05212423e75a62f4c995

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

etag: "e5821729445195aed20c5812ee4b2cd6"
age: 787284
x-content-type-options: nosniff
expires: Sat, 23 Jul 2022 10:42:40 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: buiNHnFGNldSNQLi-Wp6zS5PRF1EVk0DA-GBXqHtGkoJipJD5yoWSQ==
date: Sat, 05 Oct 2024 04:45:49 GMT
content-type: image/png
last-modified: Tue, 12 Jul 2022 12:03:56 GMT
vary: Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 99310
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3

GET
H2 200 43c7383a3c1f4247536df8cdf04544ecc6928972_medium.jpg
d1hpetrtq93mp2.cloudfront.net/game_images/ 12 KB
12 KB 126ms
125ms Image
image/jpeg 2600:9000:21dd:f400:e:b61d:a980:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1hpetrtq93mp2.cloudfront.net/game_images/43c7383a3c1f4247536df8cdf04544ecc6928972_medium.jpg?1707123102

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21dd:f400:e:b61d:a980:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

905c55659d25630657bd43525755539a5fa4997d7d853f20e8f2f69861cc578b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer: https://www.marsbet.com/

Response headers

etag: "4780d2d8f79400e9636df2b57651fbfd"
age: 972195
x-content-type-options: nosniff
expires: Mon, 19 Feb 2024 07:38:35 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: _Omtjlg4rE2Ol8iaCR93mQrF3SoGDVMr1BZjDiLydDfPAjpvVKRXnw==
date: Wed, 02 Oct 2024 23:10:37 GMT
content-type: image/jpeg
vary: Accept-Encoding, Origin
last-modified: Mon, 05 Feb 2024 08:51:43 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31556000; includeSubDomains; preload
cache-control: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 12123
x-xss-protection: 1; mode=block
x-amz-cf-pop: EWR53-C2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 web-widget-main-cbf609b.js Show response
static.zdassets.com/web_widget/classic/latest/ Frame 726F 829 KB
259 KB 104ms
104ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-main-cbf609b.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=79d23fc2-0bd2-408c-85df-e86919a20d52

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a4ade685b6856de52182b225d4c621764825a5edafebec1bd7dfd0bb9d966f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer

Response headers

access-control-max-age: 0
content-encoding: br
cf-cache-status: HIT
etag: W/"07aec65eb3477704556f6cf3f106f8fb"
x-amz-version-id: _NoEm8vRBN2TNsj3j1jx6qm06EBIXcJh
age: 390
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wU%2FAHyvnmA%2BUhPqNU2KUY4Dbz5%2BqwvBeqWMNmMn2dmMWIUAB4kXJtrI3CRnPoJw1tUgng3m2NSrhAxjE4KmFNzO0QBkxeNdoinfjXAdIStkUVaOgjcRNu6Xvuj%2FrJvgm4R0zoSw%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, HEAD
expires: Tue, 07 Oct 2025 10:12:03 GMT
date: Mon, 14 Oct 2024 05:05:19 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 07 Oct 2024 10:12:04 GMT
vary: Accept-Encoding
x-amz-id-2: BzlDuapBx/DoG2r1PLsFxfwz6QcXuiw8g1IBTKe7BdW7pUrH5yFLnxnkCUMM0rzl6b3QNDqiErQ=
access-control-allow-headers: *
strict-transport-security: max-age=0
x-amz-replication-status: COMPLETED
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: HAMZH0FRYR94FVNS
cf-ray: 8d25089e18506b51-DFW
access-control-allow-origin: *
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 en-us-json-cbf609b.js Show response
static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/ Frame 726F 25 KB
6 KB 105ms
104ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/en-us-json-cbf609b.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-cbf609b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b87b92cd9b2943bcc97a64011eb833ef4205009327eaffe17db1cd001ae9ecc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer

Response headers

access-control-max-age: 0
content-encoding: br
cf-cache-status: HIT
etag: W/"ef48436bf7997a9fed0856cd3df28c0f"
x-amz-version-id: 84wSEKA_FfeBTDyf9gL6ljF5UYM.Hy4g
age: 582493
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MP4J2%2FL2V1L9ITSdGilma%2FdMlNcppZc3gLoRvpiEHCLA3cvazkKAo4aJhg2MKzav4hzbXf6dezrb5AejMp4UfH7qfw5MfXlMJbk91IMRsiUI5G1X5Cbnr9qlVZSvLGWXqRc5n0M%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, HEAD
expires: Tue, 07 Oct 2025 10:12:04 GMT
date: Mon, 14 Oct 2024 05:05:19 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 07 Oct 2024 10:12:05 GMT
vary: Accept-Encoding
x-amz-id-2: +iLZcSX7TFF0Ox8FfkxqsQaGugriIuCtRAiYyL5xvPmueFl5IG5qBEIkEhAAd/IJK3lJGawadvM=
access-control-allow-headers: *
strict-transport-security: max-age=0
x-amz-replication-status: COMPLETED
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: ZCT1V8THJP9JCSGS
cf-ray: 8d2508a11bc56b51-DFW
access-control-allow-origin: *
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 config Show response
marsbet.zendesk.com/embeddable/ Frame 726F 710 B
1 KB 406ms
254ms Fetch
application/json 216.198.54.1
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://marsbet.zendesk.com/embeddable/config
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-cbf609b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.198.54.1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e56a6d39bd380d4cbc6ce864ee5d9cfe547566fa0bd7808a3d3f618c5797632

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer

Response headers

access-control-max-age: 7200
x-request-id: 8d2508a1fbebdb8a-LAX
access-control-expose-headers
x-zendesk-origin-server: embeddable-app-server-5495f898f4-qfk92
cf-cache-status: EXPIRED
content-encoding: br
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kt1%2Fb%2B68Dzc4hsx4maOEDTOZJyRRDecwmUsFpLl5pa1cNcjW%2FmQqSwgNY0nFMgD4OpAZ75KJeIeMtZEBRsBLdpZqqaWFuEraOIc8x94Xc1IVKAfwE1NfkTGpHkdHAah7GMLQo0s%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
date: Mon, 14 Oct 2024 05:05:19 GMT
content-type: application/json; charset=utf-8
vary: Origin, Accept-Encoding
x-runtime: 0.002204
last-modified: Mon, 14 Oct 2024 05:05:19 GMT
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d2508a1fbebdb8a-LAX
access-control-allow-origin: *
x-zendesk-zorg: yes
x-cached: MISS
server: cloudflare

GET
H2 200 web-widget-chat-sdk-cbf609b.js Show response
static.zdassets.com/web_widget/classic/latest/ Frame 726F 217 KB
54 KB 108ms
108ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-chat-sdk-cbf609b.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-cbf609b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f33c7bd75e8107b0e2c531d98af84d90780d913f9246e796ea633d948d91f709

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer

Response headers

access-control-max-age: 0
content-encoding: br
cf-cache-status: HIT
etag: W/"08a68a7308737a004b2991aa3dd00688"
x-amz-version-id: c.ZFzuKlusLO_txcbFuGi7M16He.nUvS
age: 419405
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VdS38w%2BxCC0WuC%2F9XT7I0YO582WFR5W2hIWuxTqTTbyiZH8Xhf3BftjdQk141OsZIPYNvleRk%2BnZ6qkh52YAX4NUvejQQ3WC2Kbye%2BVkwlwreFmwmYw2UTdw4lr2BXjboZmIh64%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, HEAD
expires: Tue, 07 Oct 2025 10:12:03 GMT
date: Mon, 14 Oct 2024 05:05:19 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 07 Oct 2024 10:12:04 GMT
vary: Accept-Encoding
x-amz-id-2: tJFJqFRiwv+c1glAyVCF9wTuDX4AI1F7a2N/nbJdn1HOm0bVuG/5RsBuvu36honqyQEC7otnicGt+dx7UOeJkoOsGhRMmgJ9
access-control-allow-headers: *
strict-transport-security: max-age=0
x-amz-replication-status: COMPLETED
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: HGS6K2WPD6Y5ZVGE
cf-ray: 8d2508a1cc7a6b51-DFW
access-control-allow-origin: *
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 204 unip Show response
trc-events.taboola.com/1670701/log/3/ 0
246 B 131ms
130ms XHR
text/plain 141.226.224.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1670701/log/3/unip?en=pre_d_eng_tb&tos=4646&scd=0&ssd=1&est=1728882315768&ver=36&isls=true&src=i&invt=3000&msa=0&rv=1&tim=1728882320415&vi=1728882315761&ri=0d5e85a70e0cfe5a8027c1d3a6860726&ref=null&cv=20241010-17-RELEASE&item-url=https%3A%2F%2Fwww.marsbet.com%2Fen%2F%3Fcmd%3Dregister%26btag%3D657825_5BFB094503C7420781D5EB69A48E0EAC%26utm_campaign%3DA657825&it=JS_PIXEL
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1670701/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Attribution-Reporting-Eligible: trigger
Referer: https://www.marsbet.com/

Response headers

access-control-allow-origin: https://www.marsbet.com
cache-control: no-cache
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date: Mon, 14 Oct 2024 05:05:20 GMT
pragma: no-cache
server: nginx
access-control-allow-credentials: true

OPTIONS
H2 200 unip
trc-events.taboola.com/1670701/log/3/ Frame 0
0 129ms
129ms Preflight 141.226.224.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1670701/log/3/unip?en=pre_d_eng_tb&tos=4646&scd=0&ssd=1&est=1728882315768&ver=36&isls=true&src=i&invt=3000&msa=0&rv=1&tim=1728882320415&vi=1728882315761&ri=0d5e85a70e0cfe5a8027c1d3a6860726&ref=null&cv=20241010-17-RELEASE&item-url=https%3A%2F%2Fwww.marsbet.com%2Fen%2F%3Fcmd%3Dregister%26btag%3D657825_5BFB094503C7420781D5EB69A48E0EAC%26utm_campaign%3DA657825&it=JS_PIXEL
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://www.marsbet.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-origin: https://www.marsbet.com
allow: GET, HEAD, POST, TRACE, OPTIONS
content-length: 0
date: Mon, 14 Oct 2024 05:05:20 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server: nginx

GET
H2 200 web-widget-chat-incoming-message-notification-cbf609b.js Show response
static.zdassets.com/web_widget/classic/latest/ Frame 726F 236 B
834 B 105ms
104ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-chat-incoming-message-notification-cbf609b.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-cbf609b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb2902ff32366de00d3afa351aeceb1357d5a468eacbb2fd92cf115276d626cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Referer

Response headers

access-control-max-age: 0
content-encoding: br
cf-cache-status: HIT
etag: W/"e9d8b92096016dfd74d2f2500556464e"
x-amz-version-id: ExxJzIliT8Eo83iQCn.8xx3BgeaDmnf8
age: 582494
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MmIDNy0yHnbaKWzuuapK1kEbis2rFawZfiVeicFF4SEy4sDiB9J%2FrhQjIw9aVEd%2FJQz8ReMmx5EdR4khqOHGiBUtoqo%2BwkQE7FfUh%2FYttqJuWZw3qddui%2BM7c7jiH%2FKjVL6V4bs%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, HEAD
expires: Tue, 07 Oct 2025 10:12:03 GMT
date: Mon, 14 Oct 2024 05:05:21 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 07 Oct 2024 10:12:04 GMT
vary: Accept-Encoding
x-amz-id-2: cwnwZ1pfDW/iOyrxuzKajNEubeZuMlz0DO95/sv3j8Th34Ey7d/s42CndliJfPWTLSPC3Yoc2q0HPdU+kzKr6/FDGqPx8UFS
access-control-allow-headers: *
strict-transport-security: max-age=0
x-amz-replication-status: COMPLETED
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: Z6Y28YEYH4RSN8TG
cf-ray: 8d2508aa4eea6b51-DFW
access-control-allow-origin: *
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 206 fda6cd35495c75f83508d9d2e77ee33d.mp3
static.zdassets.com/web_widget/classic/latest/ Frame 726F 19 KB
20 KB 103ms
103ms Media
audio/mpeg 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/fda6cd35495c75f83508d9d2e77ee33d.mp3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05069cc62b394b6ecc2daf3c51b4b2ba7f6cc8735988e8234487234af47eceee

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Range: bytes=0-

Response headers

access-control-max-age: 0
cf-cache-status: HIT
etag: "f11ce9e8f40a392830217253fe75d6de"
x-amz-version-id: Kl.biZfM8rz6re2aS0glnDheA8R9Dmfl
age: 340559
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RxsySXIRtD%2FQabkFCapbxdJ0zDq6ksfaAdqBCqHnsqw5SsWpJ6ZS8%2BV5fP2PBPHMkz%2Bmyyk%2FYvDHv6M6p%2FVXn%2BXumJMNLXxmSl7ySqwPrgzlDbTPKJVj%2FH%2BkOHMa%2FyYp%2FpDthUQ%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, HEAD
expires: Thu, 28 Nov 2024 08:06:42 GMT
date: Mon, 14 Oct 2024 05:05:21 GMT
content-type: audio/mpeg; charset=utf-8
last-modified: Wed, 29 Nov 2023 08:06:43 GMT
vary: Accept-Encoding
x-amz-id-2: LqweHRijvBdbgWotLxDeNcs9Lz6cG09nTN1pbS7TIlVP/kJbpnlLrkq/B74CU90UTxSTSp+E3xk=
access-control-allow-headers: *
strict-transport-security: max-age=0
x-amz-replication-status: COMPLETED
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Content-Range: bytes 0-19697/19698
x-amz-request-id: KH5VE2Z70ZGQ75A2
cf-ray: 8d2508aaf8336b51-DFW
access-control-allow-origin: *
Content-Length: 19698
server: cloudflare
x-amz-server-side-encryption: AES256

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/26474959.js

Domain: d1hpetrtq93mp2.cloudfront.net
URL: https://d1hpetrtq93mp2.cloudfront.net/web/assets/images/payments/vpag-white.svg

Domain: d1hpetrtq93mp2.cloudfront.net
URL: https://d1hpetrtq93mp2.cloudfront.net/web/assets/images/payments/vpag.svg

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.marsbet.com/	1970-01-21 02:24:18	Name: _gcl_au Value: 1.1.835637696.1728882315
.marsbet.com/	1970-01-21 00:57:54	Name: transaction_id Value: undefined
.marsbet.com/	1970-01-21 09:00:18	Name: first_purchase Value: true
.marsbet.com/	1970-01-21 09:50:42	Name: _ga Value: GA1.1.1177771967.1728882315
.prdredir.com/	1970-01-21 00:57:54	Name: slfp Value: eyJ1dWlkIjoiYmJkMWIwMzgtMWRkNC00N2RkLTgxODUtZWQxZWM1MGI3MzYx%0AIiwibmFtZSI6ImtfbWFyc2JldCIsInRzIjoiMjAyNC0xMC0xNCAwMjowNTox%0ANSAtMDMwMCJ9%0A
www.marsbet.com/	1970-01-21 09:00:18	Name: __adm_tid Value: v1.0.11342610529.14036363426
.doubleclick.net/	1970-01-21 00:14:43	Name: test_cookie Value: CheckForPermission
secure.afilio.com.br/	1970-01-21 00:24:47	Name: AWSALBCORS Value: NHUuG9mW0qAcimrALGbmziCfCBcN2GLcCclakV3mm+xcl/RTfh0xIr+1L3QKregRES14wovJsH/jFmk3gcFMrzncEKRgw7rjLi1fUvizJ5eC6wE31kNLqIsy4wqJ
.t.co/	1970-01-21 09:50:42	Name: muc_ads Value: e024b6fd-d09d-4cf3-9ba9-cf3902d3c9f8
.t.co/	1970-01-21 00:14:44	Name: __cf_bm Value: Pidhj0IJYdw_DTcEfXwOjsEDW9BrIKG.XZTb2MPZSgo-1728882316-1.0.1.1-M2NUYc0H7lgOt8pr2ByPYTKsxs0LkarY9wPn42FjgVc1G9l36Dq1x864tI9kL8PnfFI0UWLIkqaDBcIhwQ3Ipg
.twitter.com/	1970-01-21 09:50:42	Name: guest_id_marketing Value: v1%3A172888231608649793
.twitter.com/	1970-01-21 09:50:42	Name: guest_id_ads Value: v1%3A172888231608649793
.twitter.com/	1970-01-21 09:50:42	Name: personalization_id Value: "v1_wPCeUt2z8P00xO+Z6KaPZA=="
.twitter.com/	1970-01-21 09:50:42	Name: guest_id Value: v1%3A172888231608649793
.marsbet.com/	1970-01-21 02:24:18	Name: _fbp Value: fb.1.1728882316290.522529995489298242
ws.marsbet.com/	1970-01-21 00:24:47	Name: AWSALB Value: fPkM8a8H4vLWjAopwXdv1et+ZBRRP2B4WllNWlD5jCzhtLtCrG1v5Tb9O/Ard0NAXB0ooR8BIRl2rXyyl866HlVuA8U/1jyXIjXdb84WcrzkEx6KklQVmTrFQlC6
ws.marsbet.com/	1970-01-21 00:24:47	Name: AWSALBCORS Value: fPkM8a8H4vLWjAopwXdv1et+ZBRRP2B4WllNWlD5jCzhtLtCrG1v5Tb9O/Ard0NAXB0ooR8BIRl2rXyyl866HlVuA8U/1jyXIjXdb84WcrzkEx6KklQVmTrFQlC6
.marsbet.com/	1970-01-21 09:00:18	Name: _hjSessionUser_3818491 Value: eyJpZCI6ImE1YzM0MWUzLTdiYzgtNTVhMS04MmQ3LTFjYzViMmEyNWQyMiIsImNyZWF0ZWQiOjE3Mjg4ODIzMTcxMTAsImV4aXN0aW5nIjpmYWxzZX0=
.marsbet.com/	1970-01-21 00:14:44	Name: _hjSession_3818491 Value: eyJpZCI6ImI2YTU4ZjU3LWZlM2YtNDRiOS1hMGJjLWUwMTg4YzFiMTY1NyIsImMiOjE3Mjg4ODIzMTcxMTEsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.marsbet.com/	1970-01-21 09:00:18	Name: _did Value: web_182777200A93F510
.mythad.com/	1970-01-21 09:50:42	Name: kwai_ckid Value: 1728882317754_17356168000177172
.marsbet.com/	1970-01-21 09:00:18	Name: kwai_uuid Value: efac9b6ad7466f870e69338e489b565b
.marsbet.com/	1970-01-21 09:50:42	Name: _ga_7P5S2G6KVT Value: GS1.1.1728882315.1.0.1728882318.57.0.0
.www.google-analytics.com/	1970-01-21 02:24:18	Name: ar_debug Value: 1
.marsbet.com/	1970-01-21 00:16:08	Name: _k_cp Value: 1
widget-mediator.zopim.com/	1970-01-21 00:24:47	Name: AWSALBCORS Value: pEXNo4vQHU/i26rBnV/M0ynTvN+AwP2VjIpqa6AXfoXHUdqpL0oO4AtbBJP22bGtgeflumHvDf97XrXA7T0nWQ5JVOnZ0F3HONjA0NiQ0yBurXOAId/lYBJszrjq
.marsbet.com/	1970-01-21 09:00:18	Name: __zlcmid Value: 1OEn5nFCiLTeJ8E

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://www.marsbet.com/en/?cmd=register&btag=657825_5BFB094503C7420781D5EB69A48E0EAC&utm_campaign=A657825 Message: [DOM] Input elements should have autocomplete attributes (suggested: "new-password"): (More info: https://goo.gl/9p2vKq) %o
recommendation	verbose	URL: https://www.marsbet.com/en/?cmd=register&btag=657825_5BFB094503C7420781D5EB69A48E0EAC&utm_campaign=A657825 Message: [DOM] Input elements should have autocomplete attributes (suggested: "new-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' https://gameloader.marsbet.com https://sport.marsbet.com https://player.twitch.tv
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adjs.media
ads.mythad.com
analytics.google.com
analytics.twitter.com
cdn.taboola.com
connect.facebook.net
d1hpetrtq93mp2.cloudfront.net
d2ps39elv3ruqi.cloudfront.net
ekr.zdassets.com
g.ppapss.org
googleads.g.doubleclick.net
js-eu1.hs-scripts.com
logsdk.kwai-pro.com
marsbet.zendesk.com
psb.taboola.com
s1.kwai.net
script.hotjar.com
scripts.prdredir.com
seal.cgcb.info
secure.afilio.com.br
static.ads-twitter.com
static.hotjar.com
static.zdassets.com
stats.g.doubleclick.net
t.co
td.doubleclick.net
track.cdncz.com
trc-events.taboola.com
trc.taboola.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.marsbet.com
d1hpetrtq93mp2.cloudfront.net
js-eu1.hs-scripts.com
104.18.70.113
104.18.72.113
104.244.42.195
108.138.106.126
141.226.224.48
142.251.163.155
151.101.1.44
151.101.193.44
151.101.200.157
172.253.115.104
172.66.0.227
172.67.179.174
172.67.194.46
18.164.96.90
216.198.54.1
23.213.158.22
23.213.158.24
2600:1408:c400:29::17da:da48
2600:9000:21dd:f400:e:b61d:a980:21
2600:9000:2509:9600:0:68d8:d680:93a1
2606:4700:3031::ac43:c6e3
2606:4700::6812:1e1b
2606:4700::6812:1f1b
2607:f8b0:4004:c09::8b
2607:f8b0:400d:c04::65
2607:f8b0:400d:c0b::9d
2607:f8b0:400d:c0d::61
2607:f8b0:400d:c0e::9d
2a03:2880:f103:181:face:b00c:0:25de
3.33.233.73
31.13.66.19
43.152.136.155
44.196.184.160
52.58.126.220
04cb67712ce2ebf279ad7c96fec968aa193097bdad560e5597b89738caba692d
04f6587ec7cc516b26724e658ce5303a01dc021cdf14e6df93889f7df9c40581
05069cc62b394b6ecc2daf3c51b4b2ba7f6cc8735988e8234487234af47eceee
053b0ce3a579a81cf5dba038f671d41ce83f5d625ab3fc53fe39459b601299cc
063bd09293250e2a959a7dace8431a48185c8687bd87aab6dfd87aad174628c4
0a4ade685b6856de52182b225d4c621764825a5edafebec1bd7dfd0bb9d966f1
0b287ae055d54d8007361d57aedc04072a65d0345dc9c8661b9411ef1eedf849
0d6f633d2bbd2743f4a6b6c10c5509b6c58c81ce7f94569922f768065cb91633
0de067cd0b54267eef6a73b84affb74ea0e63c46c9d7e57875bf03cacf6a6ddb
0e2d3557295f74bc1a205094b2bd6c98f776d80f53a36874c2f20509242ec178
10d1e5ab8111a485d30b31692683f5549f9d22de170ce0d2cfadaa7945b95e14
124bcaab05c0fe045e15307dd03f3c3b7e0c4a073511c30334dc19bc5f99830c
12b34a7de12a9caccbd0bf61bfbb2c9ccb6442c4cbbe44f406e22e9124d915e0
12c377ae47377b4dc606aa52cd6bf3985b5bcae2e93831eab26f7c270051d196
1306cc23a5864d3b48c23f6a0e45369666f5df33104b8aa91ec93d51bbcbe4bc
170405c0a19bb1bb0a9ddcc878e9ef33fcb9cdf5679cca52f78614a84ab9bfc6
172af130d6dd9cbceedc08f12a2ca1081daa6782550b8e9838a14df7634f4d0d
17fc71bf300268bcc18ca22d6459a5e2ff54c1a89f50d069d1a1875b4680b6bf
19319e9c0f5cd47930e766353bcff061db48b2fbf3f407d66b7ee2547756fdd6
1b5adad44292630e0d6c054fd31c83d7eb9867d18efc1c91890b41c82c5fd4f4
21bd8efb97eb6cddc40b6220d6afe9eb23ceeae1c230fa06f0dcda5e7b2d9bb1
24872b86578294a2f1d50b2ea004ec63e2388711899270f7735b11ca6b6f3524
273c6714084d89afda9c7037f9cd63eab225edd527f2368fe86d9fb25c27a2e3
2817d7ccfc498776db046e14f9a09282cb371b8dbc42e236a490c9af5a5103a9
2b30b2fc541c98ef6517662002ed3d68cba4177f40f9721ab69e34fd918a05a7
2e5dcd516e806856b766fd927f42e2d9a163780d80175d4000bf570446134d36
317bc1e4dabf4ed524a91782d3bac27c5f50a9c429261b646add2bc000e02a2f
360cc4b7b8630a4f7041d0cc7ea06a07bbc1e39736da1266a5797ac721eab2d1
3b6ecfffcda28771de0b3e231f68b54f59687759debfa9d3a3cb93553766770e
3e054e5e78a78351be12686daa59d3c3663407a6917961c7299148ec9b0329ab
40032c92f99f669ec24ed3e3ba345b8cfd6076e8db09e79a547f33574a43ea07
402df467a312a408a9515546661a11fc6c0c6f66e054bf1bd75532e68e4fe43c
47ce0a48442f5640f147a6071e62fbb31b48a52023ffe198f07be359187bafe3
48ba1993011db4834882d81b2153753437607292f704a6543d4466c0f6d1372a
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
4df995af07a10fb3ba7774510a1ecce1e02e6f8b402b3f335a7ab69153b08112
4f23a1df8464826a902bb953ffb51f5001fd42ab7ca2526a8b5be16e2ecee0ad
4fa6248f93fd43039efc23e85ecb7cfee2453d4c28273744fe7de2c33eca342a
503ba91cc3598ea966264bee92218c45c28d5f840491f9a2bfbf933b78fd127c
523c21f5ccfb2981faf5a0fe446ee8716a11b84887e8105804bc60e1f0f250e5
529585b3ec0771b1158a77b3c50766ac028ccdea3e408db109971eaffe7dd6ad
52d6f06c516d74b52f12dcdaa12f563462a1a9f4080d8a7d93efa33612bbb08c
54a4d11b8af2f96a1448d59c296445a72fb40db27dbc7d0fc675ad42655463d7
565591eb68f0baa295d6dd96dec3a21422cf62637756ac2d20d2300f4bdc2860
5a4313ba4769fca3e604a3a0772e69f69b17ff2c5aa258fc36c59821bac51196
5acb0ea9647cabe546a0d77f30b3effd07372c48fec50770dc7928ae7c38add6
5b52cb0bbd6ace343b2cbc12a894d5fb88b5c80639782165636b6624b5c5d708
5ca579329d3cd3c692f533846c57a040e8e0299e774845bf499af75255f72403
604b866013bcbe305fad9a0438b0122c1ef11a57e0cebb139e9350cb05caaeec
6442f212321ac7c740a87ff7a0071eb71a75fa97c8f1aeeb045910f34f4fa5ae
68233011c754ecf3e42eaa15b29328fd89ba8f64583cce8f63459d55470cacef
6baab2698f58847b87622c0b497b1d7d870b55ddd3f74b9687b1c0b12d1397b9
6d9ceae6d416702f85bbab66209111d20a1a7e22e10def9729ebf3d82a85f7e3
6db2491f96aedfb2f97504183e4eca0ae6df617234bf76a55128212723b8941e
6e56a6d39bd380d4cbc6ce864ee5d9cfe547566fa0bd7808a3d3f618c5797632
6e5b342e33eb0c1eb0a678c726ab6b8fa19b08a048b57064958f7f98e36467c3
6f643c76191a5f4002703bfda5a2d79937149feeb335106860983a69f5959828
6f88b2d9e590ae5473eac9938f836d2e26d0f1ad9eeed9278518287ea439c523
6fb4765c5aa9792b9665c428d12e9703d166eb83aa9a5ea988f2f7e7ec1d6c81
70712c8650feecc46403b5801b9d5b72d5b2d6ba1d1cf0317e105603982321bf
715f1111085b3082212af758b4d226e395b9cbafa42bd27c083e33e3edf6518e
74bb98f228bb7d6d3a8c268c153545b814e78ae60855d57462fdef6cc345c716
77071d0217f324e9a0a423f421dbb6e12608ca534cbc75a3b342a8d8e8cfa834
7f03c7a4d84dd965f5f5d83ca384d358695f65eaf0404c0b5c4bc117118fe112
7fd16daa140ab37df71eb13f44783aefea48f4de4ee3d3bb090ca72d27c10d5e
80c4da0b9eb6d46fde25f857b01f3657c128f83e858900b01ddf382c7064b7cb
80e6f7a2c4c2770aebf744a8959a898f17c94f5a463da1c99ec093aa93c4222f
81bb707f6340f93343130ccb80c560b7fdca59d435b3687f4244e586d829bbba
8282f0772f0c883548cc9e6a160376a5517ba65918c513275fdb3677f180b9d8
84ce4b6d96845297991d626d3d6bffb04e92cb0f5ae10e35841e6d9cf3523237
85572fe614a4dd17ba644bf08007e6b9af3fee337b65c0ef9096ea409b524f45
89bda271c45955c5cb25d402fa46b2965ee9d39a8a992cda5581d235a631e10f
8aa26964831962c9ae9eb8020b5efa8b4f64989801d2191fae2b6f9f2650561d
8ca0c81afd69f27e25eed1d280c4566c70a3260dd80395d2f82c63c313e0779c
8d4875d52d0bc7ec8900b1dbe893d9bd6b0b36ce8cba958c0ff1ebfa314cc60d
8e529c433ff758e21443b9523d93fa79e95ebfa5658f05212423e75a62f4c995
905c55659d25630657bd43525755539a5fa4997d7d853f20e8f2f69861cc578b
93f2e8d07adc6043f1d1f4d7393801cccd75006fec6e0bf12017c349e6ad7171
9573e76f52c0cea7f3cc3413c39a8b95987ae3fcd1f21f5de69d9deaafdbeb52
95d838de11136e7964ca0eaa375bf294d19a0b15880a014338e0a5d9d8e05385
9b4f45253e8c309f25162fba1f755cfeabfe81d7b1a20163c7d82cd9701c930a
a220952c21e11e877b701786c640dc916930649600377f66ae9735bf6c215a80
a3a4b8a8111fe31596e204f6898e7d2e15ba5ee5bfe4542a3a208ddc96829951
a40a08398c99b23416b7d613f9979358c70ed569a4bddfced5d281ad7a6c6af2
a50b74d3363564edee23784ed410f003979017f03a7cde129e1b59127e0820c9
a53dba76c4cf41a57710e03e004e26613adf21b4ef1186e838ab027724812abb
a691abf81f3843972e3a7ae52d6aaf0e5aa2f3791b27888c3606351914ae4411
a76f02f1b08e77e8508b55efd6b9302d42d93bf2b92d386dbcb6e22541016c8f
a9a2899e7441e94980af9dc10c1ff8b1cc17fbef3e7e4f5b05abe0cfb4b56cd4
aa45fe094ab25b1b83a5e12705c97727c0da3045bcbe75bcf344dab3b2b12285
aa56bca5aba98ef470a39cee7a0c1cf83ec0dcabf9a48eb059b2c5bf5e47275a
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
afd934683ac656d6ec82dce7641226b259b26633eadba9b31fff4e588af4df2a
b143985c54569b6061bc8650df0fbf0ea435f4be1f9b899b04f89d03e4926eee
b1cd9517a1bf4ead4d2291b8f4aca8d0eac69a9dd644d06503b619333a8a2f4b
b2df6118b4b2f82ca2afcfb1ab2e0c0219a6e1305abc81b2214e7c4653808077
b4be6ec3bf35f354a76fd1e32750b7b4c38947fda1fb996b88c26c66fd13c8c5
b87b92cd9b2943bcc97a64011eb833ef4205009327eaffe17db1cd001ae9ecc8
bd03b18bce2c1a1be8cb27eda984ea551a223f0fb039bd8bba32256d80f45470
be33dddff5c2fe845f9e2d32f3e5e9c75997d3ae1cabc9b889034297d497d2fa
be445f9f9d9814253543e553d150ec35ba765ac6b46c52125cc5533ea990e734
be447a5ca677b1ce2ef8c65ad089dbdc4bbc9205336d080291f9cc98cdfb38c6
bf54183a406df40b2ab0451b95c77f619f7d20e6abcc9d5ed1f078e72ffdeb73
c1c6387d1ebd801a09dc9e25e6089c3585130bbe631d7bbf4e5b5daa1309b473
c1eec6939693de2560a7cd2cb9bd833745efddbaa9887d4fa32464c44a3fbd33
c2cc365378c2727d00e29cda6c534ca0f45281d84302fac18de7417979c575f7
c5a402da1b3c0b626a7953ca10296ae22b0f56adafb8928909650c4d45a1f91b
c8069b822c517584cef68dbe8f89e0f976c5e9e8fb40feed3cef7a3098907588
c8da6b8870aeb38f2ff3528402fc81a4960ab5c86f629e3526d6b36f96a92e87
cd9b6c453d30bbc0b676dde537e828b73bdca0a569aa671910341ee3691b48bb
cf50b7c737e2d1bd701b38abf3c7ffee16806be69f282bb88fc0fe9000f4926c
d271420942158d8e552b3572e803c7aa73d94a320fc98fc89f251db3371e5104
d2febe6b63cb11a11d0d6d027ae30dbb88309665cc9d276f006f63f204775da8
d5e73ae42ed4f068014f2ac26f036966e4997aa1fd32c2182859e3163dd1f71a
d6eb5e243a89d1daf3d0d3008e8e51b05d2b43585fb2a4adc2cc6e68260d43f0
d9a0fbbb43115fe996036c90dd6a105357356488a9c8ef2142aff627a32a2d1d
dabac4fd7f358379482f950d9c60d14205eb797c8ae3369787059f4fe47400f2
e0610c0da96f9fc333232aa14814997452401cbaea52671d2338f0af29554ce0
e19212ca97b047d80691e0940aa1ec1d374841b9a2e99ff1b26d945c72001cb8
e24d5f1210816c21386e1fd1347941de0640e0b05d4e3b909b693d5f3e7b4a18
e33cbbb794cff6fae98d3a2bc9b5190aaeb0de78a68e9b541d35d3ce7cdae672
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7112b70eed95d42b178135728e6153e34f07001827870748de87cd7dec3538e
e7f1890c22f28761568d1241514ee74882f6e89f49ee547a870ee165aeecd549
e85863edce32981ec06d3e80a9a8d805ff13a1092f57bf2fe9cfe906cf18030c
e88ff8b80f19b542299dedeb7222e7735a1e6e0d8430d3bd558484c1798ccc5e
e9476205d4b44ee68ca0a8fe8f0abcb06066e46bb7f5a9f203c7a6b91582d2e5
eb2902ff32366de00d3afa351aeceb1357d5a468eacbb2fd92cf115276d626cb
ebd67da15b76744f777ee9b5631fe892597a1fe646b03b3022aecd19ebe650e7
ebf5c11ebec1ea726545dfe5e049d40e329f74d93f69b6c60d32e01d1695ab1f
ec608064dc450297aa57925215f61872ad19fd722fb8ccd564401f17db72e0b9
ed1c98b110949d803d3e0c651a205f645b11f1a953cbdfb5b89e33da2cde6a3d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f16b1663795279b8c5e7830f42e1763898d1f40ed5f10e8d237d3e8538da073c
f33c7bd75e8107b0e2c531d98af84d90780d913f9246e796ea633d948d91f709
f3d12dc5692818f857228fe4fd1b555af71f645b04cc43c38d3c9d6031ec0379
f5ba634aa374ddbac12d380dbd98c70e25e5289867d351639467d2a228d35f83
f5cbb52b228856063d8a1fcc65355da26c3e23a3f37deff4f8937765df4416bb
f5f5c58d01a832a0933be9613777051e643ec736168080c300ad5b90255340db
f69097614de42a60004f511eb587f87f692fc1950255836695f1aa1a2b616056
fc221926c5895cea6874e90ac28ca567566596ec5b99639064790f7bfc324096
fc5398e50dfcf8970bd9b6d6d8db949670ba4d65acb941a537f3847b3836234a
fd59d087367c38b7b97975e32f51a3291e86cd65eb0665559787e8aa097731d4

www.marsbet.com Open in urlscan Pro 3.33.233.73 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

162 Requests

98 %HTTPS

35 %IPv6

25 Domains

34 Subdomains

34 IPs

4 Countries

8042 kBTransfer

17170 kBSize

27 Cookies

9 Outgoing links

Page URL History

Redirected requests

162 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.marsbet.com Open in urlscan Pro
3.33.233.73 Public Scan

Screenshot
Live screenshot

Full Image

162
Requests

98 %
HTTPS

35 %
IPv6

25
Domains

34
Subdomains

34
IPs

4
Countries

8042 kB
Transfer

17170 kB
Size

27
Cookies

162 HTTP transactions
9 data transactions