promo.br.novibet.com/usp/?btag=2002393_3224128838&utm_source=2002393_&utm_medium=affiliate&utm_campaign=USP&click=wt3ns5inlv786e613kiquf5m
161.97.158.175200 OK 65 kB URL User Request GET HTTP/2 promo.br.novibet.com/usp/?btag=2002393_3224128838&utm_source=2002393_&utm_medium=affiliate&utm_campaign=USP&click=wt3ns5inlv786e613kiquf5m
IP 161.97.158.175:443
Certificate IssuerLet's Encrypt
Subjectpromo.br.novibet.com
FingerprintEA:11:13:51:C7:5D:3F:54:C5:B8:5A:69:A8:C6:C1:05:FA:8D:13:52
ValiditySun, 17 Mar 2024 22:46:09 GMT - Sat, 15 Jun 2024 22:46:08 GMT
File type gzip compressed data, from Unix
Hash 808cf1c1c2266b4f63daa0029c9248f1
4cbfa556a5f273f58173f4548be59829eb7ffc61
e6407a1a1614aa1da94ab21b0403764a79916b473ef31e0bd8ac9e61f21245d1
GET /usp/?btag=2002393_3224128838&utm_source=2002393_&utm_medium=affiliate&utm_campaign=USP&click=wt3ns5inlv786e613kiquf5m HTTP/1.1
Host: promo.br.novibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 10 May 2024 06:41:32 GMT
content-type: text/html
last-modified: Tue, 19 Mar 2024 12:42:37 GMT
vary: Accept-Encoding
etag: W/"65f9883d-25d6"
content-encoding: gzip
X-Firefox-Spdy: h2
promo.br.novibet.com/usp/assets/btnn.png
161.97.158.175200 OK 1.6 kB URL GET HTTP/2 promo.br.novibet.com/usp/assets/btnn.png
IP 161.97.158.175:443
Requested by https://promo.br.novibet.com/usp/?btag=2002393_3224128838&utm_source=2002393_&utm_medium=affiliate&utm_campaign=USP&click=wt3ns5inlv786e613kiquf5m
Certificate IssuerLet's Encrypt
Subjectpromo.br.novibet.com
FingerprintEA:11:13:51:C7:5D:3F:54:C5:B8:5A:69:A8:C6:C1:05:FA:8D:13:52
ValiditySun, 17 Mar 2024 22:46:09 GMT - Sat, 15 Jun 2024 22:46:08 GMT
File type PNG image data, 56 x 56, 8-bit/color RGBA, non-interlaced
Hash ad706d49f11bb3924546fba7085a5901
335c74b4077e213463c4d461fcc0b71604599399
796d2e4364bb93190724b45771d9ff9c7183077a060c9984e5d77b3b16c4f92f
GET /usp/assets/btnn.png HTTP/1.1
Host: promo.br.novibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://promo.br.novibet.com/usp/?btag=2002393_3224128838&utm_source=2002393_&utm_medium=affiliate&utm_campaign=USP&click=wt3ns5inlv786e613kiquf5m
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 10 May 2024 06:41:32 GMT
content-type: image/png
content-length: 1614
last-modified: Tue, 25 Apr 2023 14:22:01 GMT
etag: "6447e209-64e"
accept-ranges: bytes
X-Firefox-Spdy: h2
promo.br.novibet.com/usp/assets/btnnw.png
161.97.158.175200 OK 1.6 kB URL GET HTTP/2 promo.br.novibet.com/usp/assets/btnnw.png
IP 161.97.158.175:443
Requested by https://promo.br.novibet.com/usp/?btag=2002393_3224128838&utm_source=2002393_&utm_medium=affiliate&utm_campaign=USP&click=wt3ns5inlv786e613kiquf5m
Certificate IssuerLet's Encrypt
Subjectpromo.br.novibet.com
FingerprintEA:11:13:51:C7:5D:3F:54:C5:B8:5A:69:A8:C6:C1:05:FA:8D:13:52
ValiditySun, 17 Mar 2024 22:46:09 GMT - Sat, 15 Jun 2024 22:46:08 GMT
File type PNG image data, 56 x 56, 8-bit/color RGBA, non-interlaced
Hash 12de3a0e3008115f6bd1830ac2f2c92a
332c2e94c354b28718c86aa2d7c6745a97f8f330
d03b2d63eefd09d99a90cab4d369366711e551c71be957360ff90e42a05a29e3
GET /usp/assets/btnnw.png HTTP/1.1
Host: promo.br.novibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://promo.br.novibet.com/usp/?btag=2002393_3224128838&utm_source=2002393_&utm_medium=affiliate&utm_campaign=USP&click=wt3ns5inlv786e613kiquf5m
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 10 May 2024 06:41:32 GMT
content-type: image/png
content-length: 1649
last-modified: Tue, 25 Apr 2023 14:22:00 GMT
etag: "6447e208-671"
accept-ranges: bytes
X-Firefox-Spdy: h2
rt.novibet.partners/o/j0AeRX?lpage=2jfQgw&site_id=1009673&t1=wt3ns5inlv786e613kiquf5m
99.81.50.155302 Found 90 kB URL User Request GET HTTP/2 rt.novibet.partners/o/j0AeRX?lpage=2jfQgw&site_id=1009673&t1=wt3ns5inlv786e613kiquf5m
IP 99.81.50.155:443
Certificate IssuerAmazon
Subjectpartner.novibet.com
FingerprintD6:54:0E:88:5D:54:9F:8F:F4:87:25:4C:42:0F:8A:6B:AA:96:4C:F3
ValidityMon, 05 Feb 2024 00:00:00 GMT - Thu, 06 Mar 2025 23:59:59 GMT
Hash 838edcca9af4c543f69b90847563aa7b
ea84a1a74e1a23a1b025659fe7008dcf8b19d5b6
0950a8c88cb1b1750ce464480297828250264b0f431967cd8990c293278689a1
GET /o/j0AeRX?lpage=2jfQgw&site_id=1009673&t1=wt3ns5inlv786e613kiquf5m HTTP/1.1
Host: rt.novibet.partners
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Fri, 10 May 2024 06:41:31 GMT
content-type: text/html; charset=UTF-8
location: https://promo.br.novibet.com/usp/?btag=2002393_3224128838&utm_source=2002393_&utm_medium=affiliate&utm_campaign=USP&click=wt3ns5inlv786e613kiquf5m
server: nginx
cache-control: no-cache, private
content-security-policy: default-src 'self' ;script-src 'self' 'unsafe-inline' data: *.googleapis.com *.twitter.com *.facebook.net www.googleadservices.com www.gstatic.com www.google.com google.com google.co.uk http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io use.fontawesome.com storage.bannernow.com c.bannerflow.net;style-src 'self' 'unsafe-inline' fonts.googleapis.com www.gstatic.com tagmanager.google.com maxcdn.bootstrapcdn.com cdn-images.mailchimp.com use.fontawesome.com fonts.bunny.net;img-src 'self' * data:;font-src 'self' data: fonts.googleapis.com fonts.gstatic.com fonts.bunny.net use.fontawesome.com;connect-src 'self' fonts.googleapis.com insights.hotjar.com wss://*.hotjar.com http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io;frame-src 'self' www.google.com vars.hotjar.com http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io storage.bannernow.com c.bannerflow.net;worker-src 'self' self blob: 'unsafe-inline';
set-cookie: XSRF-TOKEN=eyJpdiI6ImNaME9DQWFTajRuN3lJa0d0alFyMFE9PSIsInZhbHVlIjoiM1BhMEk0Q1VqaVpIZ0lVblI5bk5sQmt2cE1Yb3NGRUljS2hOZHZGa2ZMZVp5bjVNUVNUODlDN3Q3T3lXeTN5dEduR21ZVDUyK0VpMndyaXhTRG00c1NWUk15THpBQWE2YmsvdkpGbkZPRUpWNFJVWkhpQUd0eFVIdjg3WmQvRkwiLCJtYWMiOiJlZjZlNTRjZDUxYmEwYjlhYTM3M2YyMjY1MjM2YmUyZjEwNzZjYWQ5OGNjNThmMDUxNGQwYTE4YWUzMWYwNDk5IiwidGFnIjoiIn0%3D; expires=Fri, 10-May-2024 08:41:31 GMT; Max-Age=7200; path=/; samesite=lax
rvn_app_session=eyJpdiI6Imw1VDByTUF6K1pkNktlQ0tnZ3U3N2c9PSIsInZhbHVlIjoibFN0Ky9rTEV4akM3NFk4VVhvZ2NBbUU1YjVJL0JZcTVUMU5ya1JFUk5OTUwwYXN0aDVzNFVyck1zWG80MlJ3S1VTZGNQYXJ6VzJzQVQrQXBSaGZOalFGQWZFLy9jamdFQmZvVEV4aGx5YjROVFRGQ3FvelRCNkJDQVZMMEVhNTIiLCJtYWMiOiJkYTE4YWJhYjIxZWYwYmYzNjdlYmYwNGExMzM4MWU1NDkyOWJlZDYwOGNlMjE3MjJlMTVhZTEzODEzZGIyYzBiIiwidGFnIjoiIn0%3D; expires=Fri, 10-May-2024 08:41:31 GMT; Max-Age=7200; path=/; httponly; samesite=lax
campaign_119_lp_323_aff_2002393=eyJpdiI6IlZrQ2lQN3Bxc3M3dTlSTnBEalc0ZEE9PSIsInZhbHVlIjoiT3U5enNQU2cwVi9BNVYzVU1SV08xanoyd2hvZnk3RXUxZUJEdE4rMFFwWnZkTVFDanptOFY4dFF0cWxyNGNhTU1KMjNXdHV2LzlwNm9FazJvQWhrYVE9PSIsIm1hYyI6IjNkM2I3NjA0NjRjMWFjYjU2ZjNmYjc1N2MyZmE0ZjI1ZDY3YWNhYTNiZTBmMmUxYTRmZDdkZGNlMzU1MDQwYTciLCJ0YWciOiIifQ%3D%3D; expires=Sat, 11-May-2024 06:41:31 GMT; Max-Age=86400; path=/; httponly; samesite=lax
campaign_5=eyJpdiI6IlhEMkZkSGFsTE5QUEw2cmJhRjVMZ1E9PSIsInZhbHVlIjoidlN6WFBNNW4vUExueHdIMUlBRnYzMEpYd2h4VnpmcXd0ZkV5NUhqZGp0aHYwNHF2SWhDUXpTM0ZvMWd2bEE5NnczZ09kVkVCVE5NR0w4S3YxK3d4azJuMTFHY2RjcEJTeE9TYjcxQ2tsSnd2NVh5Si9mWkd6aDdwbEFTZXhNRUQ3SUJoUHFFbjR3QTF5cnBSaU5QMTN3PT0iLCJtYWMiOiIyYzI1NjgxYzkzYWMyNmU5YThkZmM1N2E0ZDMxN2RhZWUyMzU1NzQ4YzIxZDViN2VjZWQ4ZjRhOTljZTM0MTM2IiwidGFnIjoiIn0%3D; expires=Sun, 09-Jun-2024 06:41:31 GMT; Max-Age=2592000; path=/; httponly; samesite=lax
X-Firefox-Spdy: h2
promo.br.novibet.com/usp/js/nmain.js
161.97.158.175200 OK 10 kB URL GET HTTP/2 promo.br.novibet.com/usp/js/nmain.js
IP 161.97.158.175:443
Requested by https://promo.br.novibet.com/usp/?btag=2002393_3224128838&utm_source=2002393_&utm_medium=affiliate&utm_campaign=USP&click=wt3ns5inlv786e613kiquf5m
Certificate IssuerLet's Encrypt
Subjectpromo.br.novibet.com
FingerprintEA:11:13:51:C7:5D:3F:54:C5:B8:5A:69:A8:C6:C1:05:FA:8D:13:52
ValiditySun, 17 Mar 2024 22:46:09 GMT - Sat, 15 Jun 2024 22:46:08 GMT
File type gzip compressed data, from Unix
Hash a568745add13be0b759298722a4a6f9e
9ceb98be373e15ec09f4837e4c7a7c61d6e53bc3
c6512d6b5c542b914eb53cdd5500ae976191f740517372c687404adb7c143dd8
GET /usp/js/nmain.js HTTP/1.1
Host: promo.br.novibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://promo.br.novibet.com/usp/?btag=2002393_3224128838&utm_source=2002393_&utm_medium=affiliate&utm_campaign=USP&click=wt3ns5inlv786e613kiquf5m
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 10 May 2024 06:41:32 GMT
content-type: application/javascript
last-modified: Wed, 28 Jun 2023 14:04:27 GMT
vary: Accept-Encoding
etag: W/"649c3deb-17c0"
content-encoding: gzip
X-Firefox-Spdy: h2
promo.br.novibet.com/usp/assets/fonts/OpenSans-Regular.ttf
161.97.158.175200 OK 97 kB URL GET HTTP/2 promo.br.novibet.com/usp/assets/fonts/OpenSans-Regular.ttf
IP 161.97.158.175:443
Requested by https://promo.br.novibet.com/usp/?btag=2002393_3224128838&utm_source=2002393_&utm_medium=affiliate&utm_campaign=USP&click=wt3ns5inlv786e613kiquf5m
Certificate IssuerLet's Encrypt
Subjectpromo.br.novibet.com
FingerprintEA:11:13:51:C7:5D:3F:54:C5:B8:5A:69:A8:C6:C1:05:FA:8D:13:52
ValiditySun, 17 Mar 2024 22:46:09 GMT - Sat, 15 Jun 2024 22:46:08 GMT
File type TrueType Font data, 17 tables, 1st "GDEF", 13 names, Microsoft, language 0x409, Digitized data copyright � 2010-2011, Google Corporation.Open SansRegular1.10;1ASC;OpenSans-Regu
Hash 3ed9575dcc488c3e3a5bd66620bdf5a4
babe8dce93a3e48b6c3c79720a0c048e88dd1fe7
037236ed4bf58a85f67074c165d308260fd6be01c86d7df4e79ea16eb273f8c5
GET /usp/assets/fonts/OpenSans-Regular.ttf HTTP/1.1
Host: promo.br.novibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://promo.br.novibet.com/usp/css/main.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 10 May 2024 06:41:32 GMT
content-type: application/octet-stream
content-length: 96932
last-modified: Tue, 25 Apr 2023 14:22:04 GMT
etag: "6447e20c-17aa4"
accept-ranges: bytes
X-Firefox-Spdy: h2
promo.br.novibet.com/usp/assets/fonts/OpenSans-ExtraBold.ttf
161.97.158.175200 OK 102 kB URL GET HTTP/2 promo.br.novibet.com/usp/assets/fonts/OpenSans-ExtraBold.ttf
IP 161.97.158.175:443
Requested by https://promo.br.novibet.com/usp/?btag=2002393_3224128838&utm_source=2002393_&utm_medium=affiliate&utm_campaign=USP&click=wt3ns5inlv786e613kiquf5m
Certificate IssuerLet's Encrypt
Subjectpromo.br.novibet.com
FingerprintEA:11:13:51:C7:5D:3F:54:C5:B8:5A:69:A8:C6:C1:05:FA:8D:13:52
ValiditySun, 17 Mar 2024 22:46:09 GMT - Sat, 15 Jun 2024 22:46:08 GMT
File type TrueType Font data, 17 tables, 1st "GDEF", 15 names, Microsoft, language 0x409, Digitized data copyright � 2011, Google Corporation.Open Sans ExtraBoldRegular1.10;1ASC;OpenSans
Size 102 kB (102076 bytes)
Hash fb7e3a294cb07a54605a8bb27f0cd528
5acb1de2513aca9ce4fcf5d1e1e49aad86f1888c
4b2dc1f55b7b457c181d8ab3c2d34225f6eefac0b018d6e9abdd775a0eb29db6
GET /usp/assets/fonts/OpenSans-ExtraBold.ttf HTTP/1.1
Host: promo.br.novibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://promo.br.novibet.com/usp/css/main.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 10 May 2024 06:41:32 GMT
content-type: application/octet-stream
content-length: 102076
last-modified: Tue, 25 Apr 2023 14:22:03 GMT
etag: "6447e20b-18ebc"
accept-ranges: bytes
X-Firefox-Spdy: h2
promo.br.novibet.com/usp/assets/fonts/OpenSans-SemiBold.ttf
161.97.158.175200 OK 101 kB URL GET HTTP/2 promo.br.novibet.com/usp/assets/fonts/OpenSans-SemiBold.ttf
IP 161.97.158.175:443
Requested by https://promo.br.novibet.com/usp/?btag=2002393_3224128838&utm_source=2002393_&utm_medium=affiliate&utm_campaign=USP&click=wt3ns5inlv786e613kiquf5m
Certificate IssuerLet's Encrypt
Subjectpromo.br.novibet.com
FingerprintEA:11:13:51:C7:5D:3F:54:C5:B8:5A:69:A8:C6:C1:05:FA:8D:13:52
ValiditySun, 17 Mar 2024 22:46:09 GMT - Sat, 15 Jun 2024 22:46:08 GMT
File type TrueType Font data, 17 tables, 1st "GDEF", 15 names, Microsoft, language 0x409, Digitized data copyright � 2011, Google Corporation.Open Sans SemiBoldRegular1.10;1ASC;OpenSans-
Size 101 kB (100820 bytes)
Hash ba5cde21eeea0d57ab7efefc99596cce
e256f8391718ef61f253dfb4e95bbeb3c5857afc
5e8d9e1a89083cd1b0849993fe2f3acc9aa33b7f439f7e8616872f6897f30684
GET /usp/assets/fonts/OpenSans-SemiBold.ttf HTTP/1.1
Host: promo.br.novibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://promo.br.novibet.com/usp/css/main.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 10 May 2024 06:41:32 GMT
content-type: application/octet-stream
content-length: 100820
last-modified: Tue, 25 Apr 2023 14:22:04 GMT
etag: "6447e20c-189d4"
accept-ranges: bytes
X-Firefox-Spdy: h2
promo.br.novibet.com/usp/assets/button-cadastre-se.png
161.97.158.175200 OK 3.0 kB URL GET HTTP/2 promo.br.novibet.com/usp/assets/button-cadastre-se.png
IP 161.97.158.175:443
Requested by https://promo.br.novibet.com/usp/?btag=2002393_3224128838&utm_source=2002393_&utm_medium=affiliate&utm_campaign=USP&click=wt3ns5inlv786e613kiquf5m
Certificate IssuerLet's Encrypt
Subjectpromo.br.novibet.com
FingerprintEA:11:13:51:C7:5D:3F:54:C5:B8:5A:69:A8:C6:C1:05:FA:8D:13:52
ValiditySun, 17 Mar 2024 22:46:09 GMT - Sat, 15 Jun 2024 22:46:08 GMT
File type PNG image data, 480 x 89, 8-bit colormap, non-interlaced
Hash 4b4d4ec6608a47e8dc36998d7b05f543
d8ea66216663b0c4c111035cbf21bf2bee1fa390
720c2492d0cfbf27d04a736e1941ae66cd4171b063254752f749c370783195ac
GET /usp/assets/button-cadastre-se.png HTTP/1.1
Host: promo.br.novibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://promo.br.novibet.com/usp/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 10 May 2024 06:41:32 GMT
content-type: image/png
content-length: 2969
last-modified: Tue, 25 Apr 2023 14:22:01 GMT
etag: "6447e209-b99"
accept-ranges: bytes
X-Firefox-Spdy: h2
promo.br.novibet.com/usp/assets/bg.jpg
161.97.158.175200 OK 882 kB URL GET HTTP/2 promo.br.novibet.com/usp/assets/bg.jpg
IP 161.97.158.175:443
Requested by https://promo.br.novibet.com/usp/?btag=2002393_3224128838&utm_source=2002393_&utm_medium=affiliate&utm_campaign=USP&click=wt3ns5inlv786e613kiquf5m
Certificate IssuerLet's Encrypt
Subjectpromo.br.novibet.com
FingerprintEA:11:13:51:C7:5D:3F:54:C5:B8:5A:69:A8:C6:C1:05:FA:8D:13:52
ValiditySun, 17 Mar 2024 22:46:09 GMT - Sat, 15 Jun 2024 22:46:08 GMT
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, progressive, precision 8, 1920x1080, components 3
Size 882 kB (882282 bytes)
Hash 12490b73a180145a87f5546a3a5282fb
51080212ca827ac99863cdf615b41f6395a3645c
b339fdafee9b4e335972eeacf5eba5e47b72368590f68309833856014fed003c
GET /usp/assets/bg.jpg HTTP/1.1
Host: promo.br.novibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://promo.br.novibet.com/usp/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 10 May 2024 06:41:32 GMT
content-type: image/jpeg
content-length: 882282
last-modified: Tue, 25 Apr 2023 14:22:02 GMT
etag: "6447e20a-d766a"
accept-ranges: bytes
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-N3X5RLF
142.250.74.168200 OK 110 kB URL GET HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-N3X5RLF
IP 142.250.74.168:443
Requested by https://promo.br.novibet.com/usp/?btag=2002393_3224128838&utm_source=2002393_&utm_medium=affiliate&utm_campaign=USP&click=wt3ns5inlv786e613kiquf5m
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File type JavaScript source, ASCII text, with very long lines (40203)
Size 110 kB (110322 bytes)
Hash bb5810ef804dd6266b1c1c5ee0a78fff
a2663b0ae30f4fdbd077b3e87b72589983b5e888
b0b57e268cae4621c4cabebe0b4a981b50a550d434791a82b2c027eb6e596c76
GET /gtm.js?id=GTM-N3X5RLF HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://promo.br.novibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 10 May 2024 06:41:32 GMT
expires: Fri, 10 May 2024 06:41:32 GMT
cache-control: private, max-age=900
last-modified: Fri, 10 May 2024 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 110322
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
promo.br.novibet.com/usp/assets/favicon.ico
161.97.158.175200 OK 15 kB URL GET HTTP/2 promo.br.novibet.com/usp/assets/favicon.ico
IP 161.97.158.175:443
Requested by https://promo.br.novibet.com/usp/?btag=2002393_3224128838&utm_source=2002393_&utm_medium=affiliate&utm_campaign=USP&click=wt3ns5inlv786e613kiquf5m
Certificate IssuerLet's Encrypt
Subjectpromo.br.novibet.com
FingerprintEA:11:13:51:C7:5D:3F:54:C5:B8:5A:69:A8:C6:C1:05:FA:8D:13:52
ValiditySun, 17 Mar 2024 22:46:09 GMT - Sat, 15 Jun 2024 22:46:08 GMT
File type MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
Hash 362fe2f0301415cb73a1887737a58c12
7180de0b3e80acd48e1c2fa21acf6c4fc592eed3
1db17858a09f81d07fa19e9ea64e1b8a684eae08422b74c1477eef4c1ba78454
GET /usp/assets/favicon.ico HTTP/1.1
Host: promo.br.novibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://promo.br.novibet.com/usp/?btag=2002393_3224128838&utm_source=2002393_&utm_medium=affiliate&utm_campaign=USP&click=wt3ns5inlv786e613kiquf5m
Cookie: btagC=2002393_3224128838; utm_source=2002393_; utm_medium=affiliate; utm_campaign=USP
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 10 May 2024 06:41:32 GMT
content-type: image/x-icon
content-length: 15406
last-modified: Tue, 25 Apr 2023 14:22:01 GMT
etag: "6447e209-3c2e"
accept-ranges: bytes
X-Firefox-Spdy: h2
ob.cheqzone.com/clicktrue_invocation.js?id=10386
52.85.243.86200 OK 38 kB URL GET HTTP/2 ob.cheqzone.com/clicktrue_invocation.js?id=10386
IP 52.85.243.86:443
Requested by https://promo.br.novibet.com/usp/?btag=2002393_3224128838&utm_source=2002393_&utm_medium=affiliate&utm_campaign=USP&click=wt3ns5inlv786e613kiquf5m
Certificate IssuerAmazon
Subject*.cheqzone.com
Fingerprint80:95:A2:95:D8:43:80:F8:B4:9E:D5:04:19:58:5D:26:B6:68:3E:2B
ValidityThu, 23 Nov 2023 00:00:00 GMT - Fri, 20 Dec 2024 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Hash 16898d3044371c93a2eb55ab58e44abc
a4c930653adf22601104b7101eb9ac00b5a40ba8
071cad91e43a8c3d8d58af6b54da0db3649685f95a6fbf846aa899c6ec697b7f
GET /clicktrue_invocation.js?id=10386 HTTP/1.1
Host: ob.cheqzone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://promo.br.novibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
content-length: 38154
content-encoding: gzip
server: Caddy
date: Thu, 09 May 2024 21:40:06 GMT
cache-control: max-age=43200
expires: Fri, 10 May 2024 09:40:03 GMT
etag: "197e1-pMkwZTrfImARBLcQHrmsALWkC6g"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1132899b9bc2928e13b30713fd82f9b0.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: L7gdk-b-PGWkI2E-3x8eDBnA4VHG2rnerq-SLCrrPKTGZfGEN7uz6w==
age: 32490
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-87SZ0WQ7MK&l=dataLayer&cx=c
142.250.74.168200 OK 103 kB URL GET HTTP/3 www.googletagmanager.com/gtag/js?id=G-87SZ0WQ7MK&l=dataLayer&cx=c
IP 142.250.74.168:443
Requested by https://promo.br.novibet.com/usp/?btag=2002393_3224128838&utm_source=2002393_&utm_medium=affiliate&utm_campaign=USP&click=wt3ns5inlv786e613kiquf5m
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File type JavaScript source, ASCII text, with very long lines (5955)
Size 103 kB (102609 bytes)
Hash 518f5e6d91a7995123dcfa392b34c13d
ece5a791a0fc6604090ba9fdc39c9db5d3541673
b617d89986089ac6020b87ed904cb3fa5b5e1d148bcc8474e5bc04958ab33eb6
GET /gtag/js?id=G-87SZ0WQ7MK&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://promo.br.novibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 10 May 2024 06:41:33 GMT
expires: Fri, 10 May 2024 06:41:33 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 102609
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
obs.cheqzone.com/ct?id=10386&url=https%3A%2F%2Fpromo.br.novibet.com%2Fusp%2F%3Fbtag%3D2002393_3224128838%26utm_source%3D2002393_%26utm_medium%3Daffiliate%26utm_campaign%3DUSP%26click%3Dwt3ns5inlv786e613kiquf5m%26cq_aff%3D2002393_&sf=0&tpi=&ch=cheq4ppc&uvid=&tsf=0&tsfmi=&tsfu=&cb=1715323293346&hl=2&op=0&ag=718972423&rand=232869759810112711715109162171620781021002158015291212261166750892965889080187378602&fs=1280x1024&fst=1280x1024&np=linux%20x86_64&nv=&ref=&ss=1280x1024&nc=0&at=&di=W1siZWYiLDI3MzNdLFsiYm5jaCIsMl0sWyJhYm5jaCIsM10sWy04LCItIl0sWy0zNSwiWzE3MTUzMjMyOTMyOTYsMF0iXSxbLTY1LCItIl0sWy0yOSwiLSJdLFstMzIsIi0iXSxbLTUwLCItIl0sWy02OCwiLSJdLFstNjAsIi0iXSxbLTI4LCJlbi1VUyxlbiJdLFstMzEsImZhbHNlIl0sWy0zOCwiYywtMSwtMSw0MzQsMCwxMiwwLDEsMjIyLDI0LC0xLDEsLDExMjgsMTkzMiwxOTMxIl0sWy00MCwiMzciXSxbLTY2LCItIl0sWy0zNCwiLSJdLFstNTcsIlRSZGNRVWxXUzAxS0ZnVjVVVTFOU1VvREZoWldXeGRhVVZ4SVExWlhYQmRhVmxRV1dsVlFXbEpOUzB4Y1psQlhUMVphV0UxUVZsY1hVMG9HVUYwRUNBa0tBUThEQ0FNT0NRc05EUlZLWEUxdFVGUmNWa3hOR1ZGWVYxMVZYRXNUVFJkY1FVbFdTMDFLRmdWNVVVMU5TVW9ERmhaV1d4ZGFVVnhJUTFaWFhCZGFWbFFXV2xWUVdsSk5TMHhjWmxCWFQxWmFXRTFRVmxjWFUwb0dVRjBFQ0FrS0FROERDQU1PQ1FnS0FSVk5GMXhCU1ZaTFRVcDVVVTFOU1VvREZoWldXeGRhVVZ4SVExWlhYQmRhVmxRV1dsVlFXbEpOUzB4Y1psQlhUMVphV0UxUVZsY1hVMG9HVUYwRUNBa0tBUThEQ0FNT0NRMElDaFZ1ZVZGTlRVbEtBdz09Il0sWy0xMCwiLSJdLFstNDgsIjAsMCJdLFstMjQsIltdIl0sWy0zNiwiW1wiNS80XCIsXCI1LzRcIl0iXSxbLTIzLCIrIl0sWy0yNywiLSJdLFstOSwiLSJdLFstMTQsIi0iXSxbLTU5LCItIl0sWy0zLCJbXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCJdIl0sWy02MiwiNTgiXSxbLTY0LCItIl0sWy01NiwibGFuZHNjYXBlLXByaW1hcnkiXSxbLTI2LCItIl0sWy0xNiwiMCJdLFstMTEsIntcInRcIjpcIlwiLFwibVwiOltcImRlc2NyaXB0aW9uXCJdfSJdLFstNywiLSJdLFstMjAsIi0iXSxbLTEyLCJcIjFcIiJdLFstNTIsIi0iXSxbLTI1LCItIl0sWy00NCwiMCw1LDAsNSJdLFstNjcsIi0iXSxbLTYzLCItIl0sWy0xMywiLSJdLFstMTUsIi0iXSxbLTMzLCItIl0sWy00OSwiLSJdLFstNTUsIjEiXSxbLTIyLCJbXCJuXCIsXCJuXCJdIl0sWy0xNywiNDgiXSxbLTEsIkxpbnV4IHg4Nl82NCJdLFstNDMsIjAwMDAwMDAxMDAwMDAwMDAwMDExMTAwMTAwMDAwMTAwMDAwMDAwIl0sWy02LCItIl0sWy00MiwiODgzMzk5MDE2Il0sWy00NiwiMCJdLFstNjEsIi0iXSxbLTMwLCJbXCJ2XCIsMF0iXSxbLTE5LCJbMCwwLDAsMCwwLDAsMSwyNCwyNCxcIi1cIiwxMjgwLDEwMjQsMTI4MCwxMDI0LDEyODAsMTAyNCwxMjgwLDEwMjQsMCwwLDAsMCxcIi1cIixcIi1cIiwxMjgwLDEwMjRdIl0sWy0zOSwiW1wiMjAxMDAxMDFcIiwyLFwiR2Vja29cIixcIk5ldHNjYXBlXCIsXCJNb3ppbGxhXCIsXCIyMDE4MTAwMTAwMDAwMFwiLG51bGwsZmFsc2UsbnVsbCxmYWxzZSxudWxsLDUsdHJ1ZSxmYWxzZSxudWxsLDAsZmFsc2UsZmFsc2VdIl0sWy00NywiLSJdLFstMjEsIi0iXSxbLTIsIi0iXSxbLTQsIi0iXSxbLTUsIi0iXSxbLTM3LCItIl0sWy00MSwiLSJdLFstNTEsIi0iXSxbLTUzLCIwMDEiXSxbLTU0LCJ7XCJoXCI6W1wiXzNcIixcIjQxOTYwNjI3MDJcIl0sXCJkXCI6W10sXCJiXCI6W1wiXzFcIixcIjE2MDE0Nzk2MTBcIl0sXCJzXCI6MX0iXSxbLTU4LCItIl0sWy0xOCwiWzEsMCwwLDBdIl0sWy00NSwiLSJdLFsiZGRiIiwiMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMTUsMCwwLDAsMCwzLDAsMSwwLDAsMCwxLDAsMywwLDAsMCwwLDAsMSwwLDAsMSwxLDAsMCwwLDIsMCwwLDAsMCwwLDAsMCwwLDAsMCJdLFsiY2IiLCIwLDAsMCwwLDAsMCwwLDAsMCwzLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwxLDAsMCwwLDAsMiwwLDEsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDMsMCJdXQ%3D%3D&dep=0&pre=0&sdd=%7B%7D&cri=JmYkDjYI0k&pto=1965&ver=59&gac=-&mei=&ap=&fe=1&duid=1.1715323293.R76sOLGiiBAnSY4E&suid=1.1715323293.ZOrlbpUK3CFuxGrd&tuid=1.1715323293.ETlh0rvvFY0RfNIv&fbc=->m=W10%3D&it=16%2C1716%2C92&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0&ab=&sck=-
3.227.190.204200 OK 1.2 kB URL GET HTTP/2 obs.cheqzone.com/ct?id=10386&url=https%3A%2F%2Fpromo.br.novibet.com%2Fusp%2F%3Fbtag%3D2002393_3224128838%26utm_source%3D2002393_%26utm_medium%3Daffiliate%26utm_campaign%3DUSP%26click%3Dwt3ns5inlv786e613kiquf5m%26cq_aff%3D2002393_&sf=0&tpi=&ch=cheq4ppc&uvid=&tsf=0&tsfmi=&tsfu=&cb=1715323293346&hl=2&op=0&ag=718972423&rand=232869759810112711715109162171620781021002158015291212261166750892965889080187378602&fs=1280x1024&fst=1280x1024&np=linux%20x86_64&nv=&ref=&ss=1280x1024&nc=0&at=&di=W1siZWYiLDI3MzNdLFsiYm5jaCIsMl0sWyJhYm5jaCIsM10sWy04LCItIl0sWy0zNSwiWzE3MTUzMjMyOTMyOTYsMF0iXSxbLTY1LCItIl0sWy0yOSwiLSJdLFstMzIsIi0iXSxbLTUwLCItIl0sWy02OCwiLSJdLFstNjAsIi0iXSxbLTI4LCJlbi1VUyxlbiJdLFstMzEsImZhbHNlIl0sWy0zOCwiYywtMSwtMSw0MzQsMCwxMiwwLDEsMjIyLDI0LC0xLDEsLDExMjgsMTkzMiwxOTMxIl0sWy00MCwiMzciXSxbLTY2LCItIl0sWy0zNCwiLSJdLFstNTcsIlRSZGNRVWxXUzAxS0ZnVjVVVTFOU1VvREZoWldXeGRhVVZ4SVExWlhYQmRhVmxRV1dsVlFXbEpOUzB4Y1psQlhUMVphV0UxUVZsY1hVMG9HVUYwRUNBa0tBUThEQ0FNT0NRc05EUlZLWEUxdFVGUmNWa3hOR1ZGWVYxMVZYRXNUVFJkY1FVbFdTMDFLRmdWNVVVMU5TVW9ERmhaV1d4ZGFVVnhJUTFaWFhCZGFWbFFXV2xWUVdsSk5TMHhjWmxCWFQxWmFXRTFRVmxjWFUwb0dVRjBFQ0FrS0FROERDQU1PQ1FnS0FSVk5GMXhCU1ZaTFRVcDVVVTFOU1VvREZoWldXeGRhVVZ4SVExWlhYQmRhVmxRV1dsVlFXbEpOUzB4Y1psQlhUMVphV0UxUVZsY1hVMG9HVUYwRUNBa0tBUThEQ0FNT0NRMElDaFZ1ZVZGTlRVbEtBdz09Il0sWy0xMCwiLSJdLFstNDgsIjAsMCJdLFstMjQsIltdIl0sWy0zNiwiW1wiNS80XCIsXCI1LzRcIl0iXSxbLTIzLCIrIl0sWy0yNywiLSJdLFstOSwiLSJdLFstMTQsIi0iXSxbLTU5LCItIl0sWy0zLCJbXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCJdIl0sWy02MiwiNTgiXSxbLTY0LCItIl0sWy01NiwibGFuZHNjYXBlLXByaW1hcnkiXSxbLTI2LCItIl0sWy0xNiwiMCJdLFstMTEsIntcInRcIjpcIlwiLFwibVwiOltcImRlc2NyaXB0aW9uXCJdfSJdLFstNywiLSJdLFstMjAsIi0iXSxbLTEyLCJcIjFcIiJdLFstNTIsIi0iXSxbLTI1LCItIl0sWy00NCwiMCw1LDAsNSJdLFstNjcsIi0iXSxbLTYzLCItIl0sWy0xMywiLSJdLFstMTUsIi0iXSxbLTMzLCItIl0sWy00OSwiLSJdLFstNTUsIjEiXSxbLTIyLCJbXCJuXCIsXCJuXCJdIl0sWy0xNywiNDgiXSxbLTEsIkxpbnV4IHg4Nl82NCJdLFstNDMsIjAwMDAwMDAxMDAwMDAwMDAwMDExMTAwMTAwMDAwMTAwMDAwMDAwIl0sWy02LCItIl0sWy00MiwiODgzMzk5MDE2Il0sWy00NiwiMCJdLFstNjEsIi0iXSxbLTMwLCJbXCJ2XCIsMF0iXSxbLTE5LCJbMCwwLDAsMCwwLDAsMSwyNCwyNCxcIi1cIiwxMjgwLDEwMjQsMTI4MCwxMDI0LDEyODAsMTAyNCwxMjgwLDEwMjQsMCwwLDAsMCxcIi1cIixcIi1cIiwxMjgwLDEwMjRdIl0sWy0zOSwiW1wiMjAxMDAxMDFcIiwyLFwiR2Vja29cIixcIk5ldHNjYXBlXCIsXCJNb3ppbGxhXCIsXCIyMDE4MTAwMTAwMDAwMFwiLG51bGwsZmFsc2UsbnVsbCxmYWxzZSxudWxsLDUsdHJ1ZSxmYWxzZSxudWxsLDAsZmFsc2UsZmFsc2VdIl0sWy00NywiLSJdLFstMjEsIi0iXSxbLTIsIi0iXSxbLTQsIi0iXSxbLTUsIi0iXSxbLTM3LCItIl0sWy00MSwiLSJdLFstNTEsIi0iXSxbLTUzLCIwMDEiXSxbLTU0LCJ7XCJoXCI6W1wiXzNcIixcIjQxOTYwNjI3MDJcIl0sXCJkXCI6W10sXCJiXCI6W1wiXzFcIixcIjE2MDE0Nzk2MTBcIl0sXCJzXCI6MX0iXSxbLTU4LCItIl0sWy0xOCwiWzEsMCwwLDBdIl0sWy00NSwiLSJdLFsiZGRiIiwiMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMTUsMCwwLDAsMCwzLDAsMSwwLDAsMCwxLDAsMywwLDAsMCwwLDAsMSwwLDAsMSwxLDAsMCwwLDIsMCwwLDAsMCwwLDAsMCwwLDAsMCJdLFsiY2IiLCIwLDAsMCwwLDAsMCwwLDAsMCwzLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwxLDAsMCwwLDAsMiwwLDEsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDMsMCJdXQ%3D%3D&dep=0&pre=0&sdd=%7B%7D&cri=JmYkDjYI0k&pto=1965&ver=59&gac=-&mei=&ap=&fe=1&duid=1.1715323293.R76sOLGiiBAnSY4E&suid=1.1715323293.ZOrlbpUK3CFuxGrd&tuid=1.1715323293.ETlh0rvvFY0RfNIv&fbc=->m=W10%3D&it=16%2C1716%2C92&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0&ab=&sck=-
IP 3.227.190.204:443
Requested by https://promo.br.novibet.com/usp/?btag=2002393_3224128838&utm_source=2002393_&utm_medium=affiliate&utm_campaign=USP&click=wt3ns5inlv786e613kiquf5m
Certificate IssuerZeroSSL
Subject*.cheqzone.com
FingerprintD3:83:BA:40:14:C5:42:F9:2D:54:7F:0B:AF:C1:73:8C:B8:FB:7E:56
ValidityTue, 23 Apr 2024 00:00:00 GMT - Mon, 22 Jul 2024 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (3565), with no line terminators
Hash b9b3f50ae8a7675a8db1c838dc0f0b76
a459f9226cf0c90eda42ed19ce68645c1aad1497
c8a52f0e31dec2c22b1962406838ea83954378aa7c60d7cf5cbff368ba8e4587
GET /ct?id=10386&url=https%3A%2F%2Fpromo.br.novibet.com%2Fusp%2F%3Fbtag%3D2002393_3224128838%26utm_source%3D2002393_%26utm_medium%3Daffiliate%26utm_campaign%3DUSP%26click%3Dwt3ns5inlv786e613kiquf5m%26cq_aff%3D2002393_&sf=0&tpi=&ch=cheq4ppc&uvid=&tsf=0&tsfmi=&tsfu=&cb=1715323293346&hl=2&op=0&ag=718972423&rand=232869759810112711715109162171620781021002158015291212261166750892965889080187378602&fs=1280x1024&fst=1280x1024&np=linux%20x86_64&nv=&ref=&ss=1280x1024&nc=0&at=&di=W1siZWYiLDI3MzNdLFsiYm5jaCIsMl0sWyJhYm5jaCIsM10sWy04LCItIl0sWy0zNSwiWzE3MTUzMjMyOTMyOTYsMF0iXSxbLTY1LCItIl0sWy0yOSwiLSJdLFstMzIsIi0iXSxbLTUwLCItIl0sWy02OCwiLSJdLFstNjAsIi0iXSxbLTI4LCJlbi1VUyxlbiJdLFstMzEsImZhbHNlIl0sWy0zOCwiYywtMSwtMSw0MzQsMCwxMiwwLDEsMjIyLDI0LC0xLDEsLDExMjgsMTkzMiwxOTMxIl0sWy00MCwiMzciXSxbLTY2LCItIl0sWy0zNCwiLSJdLFstNTcsIlRSZGNRVWxXUzAxS0ZnVjVVVTFOU1VvREZoWldXeGRhVVZ4SVExWlhYQmRhVmxRV1dsVlFXbEpOUzB4Y1psQlhUMVphV0UxUVZsY1hVMG9HVUYwRUNBa0tBUThEQ0FNT0NRc05EUlZLWEUxdFVGUmNWa3hOR1ZGWVYxMVZYRXNUVFJkY1FVbFdTMDFLRmdWNVVVMU5TVW9ERmhaV1d4ZGFVVnhJUTFaWFhCZGFWbFFXV2xWUVdsSk5TMHhjWmxCWFQxWmFXRTFRVmxjWFUwb0dVRjBFQ0FrS0FROERDQU1PQ1FnS0FSVk5GMXhCU1ZaTFRVcDVVVTFOU1VvREZoWldXeGRhVVZ4SVExWlhYQmRhVmxRV1dsVlFXbEpOUzB4Y1psQlhUMVphV0UxUVZsY1hVMG9HVUYwRUNBa0tBUThEQ0FNT0NRMElDaFZ1ZVZGTlRVbEtBdz09Il0sWy0xMCwiLSJdLFstNDgsIjAsMCJdLFstMjQsIltdIl0sWy0zNiwiW1wiNS80XCIsXCI1LzRcIl0iXSxbLTIzLCIrIl0sWy0yNywiLSJdLFstOSwiLSJdLFstMTQsIi0iXSxbLTU5LCItIl0sWy0zLCJbXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCJdIl0sWy02MiwiNTgiXSxbLTY0LCItIl0sWy01NiwibGFuZHNjYXBlLXByaW1hcnkiXSxbLTI2LCItIl0sWy0xNiwiMCJdLFstMTEsIntcInRcIjpcIlwiLFwibVwiOltcImRlc2NyaXB0aW9uXCJdfSJdLFstNywiLSJdLFstMjAsIi0iXSxbLTEyLCJcIjFcIiJdLFstNTIsIi0iXSxbLTI1LCItIl0sWy00NCwiMCw1LDAsNSJdLFstNjcsIi0iXSxbLTYzLCItIl0sWy0xMywiLSJdLFstMTUsIi0iXSxbLTMzLCItIl0sWy00OSwiLSJdLFstNTUsIjEiXSxbLTIyLCJbXCJuXCIsXCJuXCJdIl0sWy0xNywiNDgiXSxbLTEsIkxpbnV4IHg4Nl82NCJdLFstNDMsIjAwMDAwMDAxMDAwMDAwMDAwMDExMTAwMTAwMDAwMTAwMDAwMDAwIl0sWy02LCItIl0sWy00MiwiODgzMzk5MDE2Il0sWy00NiwiMCJdLFstNjEsIi0iXSxbLTMwLCJbXCJ2XCIsMF0iXSxbLTE5LCJbMCwwLDAsMCwwLDAsMSwyNCwyNCxcIi1cIiwxMjgwLDEwMjQsMTI4MCwxMDI0LDEyODAsMTAyNCwxMjgwLDEwMjQsMCwwLDAsMCxcIi1cIixcIi1cIiwxMjgwLDEwMjRdIl0sWy0zOSwiW1wiMjAxMDAxMDFcIiwyLFwiR2Vja29cIixcIk5ldHNjYXBlXCIsXCJNb3ppbGxhXCIsXCIyMDE4MTAwMTAwMDAwMFwiLG51bGwsZmFsc2UsbnVsbCxmYWxzZSxudWxsLDUsdHJ1ZSxmYWxzZSxudWxsLDAsZmFsc2UsZmFsc2VdIl0sWy00NywiLSJdLFstMjEsIi0iXSxbLTIsIi0iXSxbLTQsIi0iXSxbLTUsIi0iXSxbLTM3LCItIl0sWy00MSwiLSJdLFstNTEsIi0iXSxbLTUzLCIwMDEiXSxbLTU0LCJ7XCJoXCI6W1wiXzNcIixcIjQxOTYwNjI3MDJcIl0sXCJkXCI6W10sXCJiXCI6W1wiXzFcIixcIjE2MDE0Nzk2MTBcIl0sXCJzXCI6MX0iXSxbLTU4LCItIl0sWy0xOCwiWzEsMCwwLDBdIl0sWy00NSwiLSJdLFsiZGRiIiwiMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMTUsMCwwLDAsMCwzLDAsMSwwLDAsMCwxLDAsMywwLDAsMCwwLDAsMSwwLDAsMSwxLDAsMCwwLDIsMCwwLDAsMCwwLDAsMCwwLDAsMCJdLFsiY2IiLCIwLDAsMCwwLDAsMCwwLDAsMCwzLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwxLDAsMCwwLDAsMiwwLDEsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDMsMCJdXQ%3D%3D&dep=0&pre=0&sdd=%7B%7D&cri=JmYkDjYI0k&pto=1965&ver=59&gac=-&mei=&ap=&fe=1&duid=1.1715323293.R76sOLGiiBAnSY4E&suid=1.1715323293.ZOrlbpUK3CFuxGrd&tuid=1.1715323293.ETlh0rvvFY0RfNIv&fbc=->m=W10%3D&it=16%2C1716%2C92&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0&ab=&sck=- HTTP/1.1
Host: obs.cheqzone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://promo.br.novibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: text/javascript
date: Fri, 10 May 2024 06:41:33 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
set-cookie: cg_uuid=7fa24dfe45e18762a2d60934d6581f38; Max-Age=29030400; Path=/; Expires=Fri, 11 Apr 2025 06:41:33 GMT; HttpOnly; Secure; SameSite=None
content-length: 1168
X-Firefox-Spdy: h2
obs.cheqzone.com/tracker/tc_imp.gif?e=37dfbd8ee84e00126bebc437e945839e9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5f118e652117071a10acf9f29f674ed4d28b0378694efa7d22058f3cd96096066403239a51040b330157c7e8684777be26bb25cb43e29a3aee5b6fb2092f6410df57fe5aecd2948a7fe07f52a13ad2a24710d14e681f2d1586d31c64e56ac7e7d7e85d33e417caff29a029dc04c2548e1562e8270cff0a461d3cbc1c7dfd80a3f667ee7ded07dc12e3382831ec81683124735f9b659b810bb25174ea99a327447e70d58f7f21de810f1f2f4370530ca4dc7a672954f2f3487189f8f52f94f247604379b9aca2959c6bac989c06f95c8e007a268dab90aae974d283bf3489614ccfa7966a4144a22571fbcf497bab9bbb6b8054bb17e5891ac24fc9cc76c75736949b23d96798daebfb99aaa74445b570f3f9a97c5c36bcd36193bd41dc5303458a3207d08488dfcea38634cc21de95b69e7faa6b6d3bb979289b86924522dcb7449a33a392439d76a622575d05c027e806d0c9ba2ae2d33f934fb686d7c8708a0e4b29fc4d29507a4d2197fe31e4148f9dba64ebde63fad07489cca9ee7a8ca1ea532626dbbb0c1481f9495b42acacce19b62688b84ee5e232a039f1239f52c80695fd6a925865b1ec806c2d2d7c1179534e1db8b2d4399306f7051d5135eaea1e99c14f5dbae180e4ae66d0b3f6e094affe82171669a503ffe24b64915e7707c5350f0230af2ef1326096f9cb719772cb37c9f73ec7d30c997b0d293c06600e9dc2ecc7217d559b045893d3ddd6acd80740c7e4af7784ce6d7adfd3173f6bfa93d0553fd520831ce0669466c260aa967091be47f0879a91dd1e36fdea29629c77a18cb5a8149f6e3d151bfe17010ce3e33af4ef67bcdcd3bf1699959b214a721eea2fa117ab4bb386689331412243337e61943ed2d93317ff29b6cef5578fb134ca666fbd533c7a8de2ba6746fc33b1d702d0072d121eed7f7dfef084398f0e61c4e746f68682a19248db41477640b0652f539c900e54a62ea7a3903f85d2f01c1d21f728320200d30510bbdbfc12118c702e90c4d653c3d5a6dd0661e965f9156057cc4e2177c9c25b02d894f1dce2ae01b079b464d025c28f06d8ffa1684eaff41c9dcde5eb9aa4c4c76213d0a57018&cri=JmYkDjYI0k&ts=495&cb=1715323293841
3.227.190.204200 OK 43 B URL GET HTTP/2 obs.cheqzone.com/tracker/tc_imp.gif?e=37dfbd8ee84e00126bebc437e945839e9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5f118e652117071a10acf9f29f674ed4d28b0378694efa7d22058f3cd96096066403239a51040b330157c7e8684777be26bb25cb43e29a3aee5b6fb2092f6410df57fe5aecd2948a7fe07f52a13ad2a24710d14e681f2d1586d31c64e56ac7e7d7e85d33e417caff29a029dc04c2548e1562e8270cff0a461d3cbc1c7dfd80a3f667ee7ded07dc12e3382831ec81683124735f9b659b810bb25174ea99a327447e70d58f7f21de810f1f2f4370530ca4dc7a672954f2f3487189f8f52f94f247604379b9aca2959c6bac989c06f95c8e007a268dab90aae974d283bf3489614ccfa7966a4144a22571fbcf497bab9bbb6b8054bb17e5891ac24fc9cc76c75736949b23d96798daebfb99aaa74445b570f3f9a97c5c36bcd36193bd41dc5303458a3207d08488dfcea38634cc21de95b69e7faa6b6d3bb979289b86924522dcb7449a33a392439d76a622575d05c027e806d0c9ba2ae2d33f934fb686d7c8708a0e4b29fc4d29507a4d2197fe31e4148f9dba64ebde63fad07489cca9ee7a8ca1ea532626dbbb0c1481f9495b42acacce19b62688b84ee5e232a039f1239f52c80695fd6a925865b1ec806c2d2d7c1179534e1db8b2d4399306f7051d5135eaea1e99c14f5dbae180e4ae66d0b3f6e094affe82171669a503ffe24b64915e7707c5350f0230af2ef1326096f9cb719772cb37c9f73ec7d30c997b0d293c06600e9dc2ecc7217d559b045893d3ddd6acd80740c7e4af7784ce6d7adfd3173f6bfa93d0553fd520831ce0669466c260aa967091be47f0879a91dd1e36fdea29629c77a18cb5a8149f6e3d151bfe17010ce3e33af4ef67bcdcd3bf1699959b214a721eea2fa117ab4bb386689331412243337e61943ed2d93317ff29b6cef5578fb134ca666fbd533c7a8de2ba6746fc33b1d702d0072d121eed7f7dfef084398f0e61c4e746f68682a19248db41477640b0652f539c900e54a62ea7a3903f85d2f01c1d21f728320200d30510bbdbfc12118c702e90c4d653c3d5a6dd0661e965f9156057cc4e2177c9c25b02d894f1dce2ae01b079b464d025c28f06d8ffa1684eaff41c9dcde5eb9aa4c4c76213d0a57018&cri=JmYkDjYI0k&ts=495&cb=1715323293841
IP 3.227.190.204:443
Requested by https://promo.br.novibet.com/usp/?btag=2002393_3224128838&utm_source=2002393_&utm_medium=affiliate&utm_campaign=USP&click=wt3ns5inlv786e613kiquf5m
Certificate IssuerZeroSSL
Subject*.cheqzone.com
FingerprintD3:83:BA:40:14:C5:42:F9:2D:54:7F:0B:AF:C1:73:8C:B8:FB:7E:56
ValidityTue, 23 Apr 2024 00:00:00 GMT - Mon, 22 Jul 2024 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1
Hash db04c7b378cb2db912c3ba8a5a774ee3
dee34bd86c3484d31002182aa2b7caa4699126b8
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
GET /tracker/tc_imp.gif?e=37dfbd8ee84e00126bebc437e945839e9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5f118e652117071a10acf9f29f674ed4d28b0378694efa7d22058f3cd96096066403239a51040b330157c7e8684777be26bb25cb43e29a3aee5b6fb2092f6410df57fe5aecd2948a7fe07f52a13ad2a24710d14e681f2d1586d31c64e56ac7e7d7e85d33e417caff29a029dc04c2548e1562e8270cff0a461d3cbc1c7dfd80a3f667ee7ded07dc12e3382831ec81683124735f9b659b810bb25174ea99a327447e70d58f7f21de810f1f2f4370530ca4dc7a672954f2f3487189f8f52f94f247604379b9aca2959c6bac989c06f95c8e007a268dab90aae974d283bf3489614ccfa7966a4144a22571fbcf497bab9bbb6b8054bb17e5891ac24fc9cc76c75736949b23d96798daebfb99aaa74445b570f3f9a97c5c36bcd36193bd41dc5303458a3207d08488dfcea38634cc21de95b69e7faa6b6d3bb979289b86924522dcb7449a33a392439d76a622575d05c027e806d0c9ba2ae2d33f934fb686d7c8708a0e4b29fc4d29507a4d2197fe31e4148f9dba64ebde63fad07489cca9ee7a8ca1ea532626dbbb0c1481f9495b42acacce19b62688b84ee5e232a039f1239f52c80695fd6a925865b1ec806c2d2d7c1179534e1db8b2d4399306f7051d5135eaea1e99c14f5dbae180e4ae66d0b3f6e094affe82171669a503ffe24b64915e7707c5350f0230af2ef1326096f9cb719772cb37c9f73ec7d30c997b0d293c06600e9dc2ecc7217d559b045893d3ddd6acd80740c7e4af7784ce6d7adfd3173f6bfa93d0553fd520831ce0669466c260aa967091be47f0879a91dd1e36fdea29629c77a18cb5a8149f6e3d151bfe17010ce3e33af4ef67bcdcd3bf1699959b214a721eea2fa117ab4bb386689331412243337e61943ed2d93317ff29b6cef5578fb134ca666fbd533c7a8de2ba6746fc33b1d702d0072d121eed7f7dfef084398f0e61c4e746f68682a19248db41477640b0652f539c900e54a62ea7a3903f85d2f01c1d21f728320200d30510bbdbfc12118c702e90c4d653c3d5a6dd0661e965f9156057cc4e2177c9c25b02d894f1dce2ae01b079b464d025c28f06d8ffa1684eaff41c9dcde5eb9aa4c4c76213d0a57018&cri=JmYkDjYI0k&ts=495&cb=1715323293841 HTTP/1.1
Host: obs.cheqzone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://promo.br.novibet.com/
Cookie: cg_uuid=7fa24dfe45e18762a2d60934d6581f38
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
date: Fri, 10 May 2024 06:41:33 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
content-length: 43
X-Firefox-Spdy: h2
normandy.cdn.mozilla.net/api/v1/
35.201.103.21 598 B URL normandy.cdn.mozilla.net/api/v1/
IP 35.201.103.21:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash 3076f9a5cb273105528b893ff7111e41
b8990c145fe71b9a2410eea41a60a712b43b82bf
69c578fb0c03a28141a975833f660f4571e7991dc28ae7f9cead37672ee2c9b3
GET /api/v1/ HTTP/1.1
Host: normandy.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 598
allow: GET, HEAD, OPTIONS
content-security-policy: base-uri 'none'; form-action 'self'; block-all-mixed-content; worker-src 'none'; frame-src 'none'; default-src 'self' https://normandy.cdn.mozilla.net/; object-src 'none'; report-uri /__cspreport__
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
via: 1.1 google
date: Thu, 09 May 2024 23:46:24 GMT
cache-control: public, max-age=86400
content-type: application/json
vary: Accept, Origin
age: 24922
alt-svc: clear
X-Firefox-Spdy: h2
classify-client.services.mozilla.com/api/v1/classify_client/
34.98.75.36 64 B URL classify-client.services.mozilla.com/api/v1/classify_client/
IP 34.98.75.36:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash 94c6b301384b58b0902fe6a0ca42e621
07778f7953e232794dcdfa16a42e0af65ce44db5
cafff4d1e5c725f922aef24efd959ca01c36da4f2940814b9ec1368acd6ab8bf
GET /api/v1/classify_client/ HTTP/1.1
Host: classify-client.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 06:41:46 GMT
content-type: application/json
content-length: 64
cache-control: max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml
35.244.181.201 444 B URL aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml
IP 35.244.181.201:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type XML 1.0 document, ASCII text, with very long lines (332)
Hash 3b324dec137a87ef7e24a30a65b13dd0
c0faa95b2f1018e264b3a14aaf50d1003e6c27b3
6cd0b591d9239fc8564627e92a804fc261951b1cbaf5fa58a8ada3cc13f51463
GET /update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
rule-id: unknown
rule-data-version: unknown
content-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/aus.content-signature.mozilla.org-2024-06-09-11-51-10.chain; p384ecdsa=uRiChA79nFQMTu8olHBSpGihbnUSOmHE_k-gbXRSSqIqYiX0f4hN7Kiac5t1ZGJmLLfTcUCVrM_NVIRQ-2PaAsGdrPjZmHXl-bfoKa2UTdsu8CPL-QcvR-DBNtv6ccm5
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: EXPIRED
content-encoding: gzip
via: 1.1 google
date: Fri, 10 May 2024 06:40:03 GMT
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
content-length: 444
age: 107
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2
promo.br.novibet.com/usp/css/main.css
161.97.158.175200 OK 11 kB URL GET HTTP/2 promo.br.novibet.com/usp/css/main.css
IP 161.97.158.175:443
Requested by https://promo.br.novibet.com/usp/?btag=2002393_3224128838&utm_source=2002393_&utm_medium=affiliate&utm_campaign=USP&click=wt3ns5inlv786e613kiquf5m
Certificate IssuerLet's Encrypt
Subjectpromo.br.novibet.com
FingerprintEA:11:13:51:C7:5D:3F:54:C5:B8:5A:69:A8:C6:C1:05:FA:8D:13:52
ValiditySun, 17 Mar 2024 22:46:09 GMT - Sat, 15 Jun 2024 22:46:08 GMT
File type ASCII text, with CRLF line terminators
Hash d3dcc1882e580eb50b917cc981495509
6d1986928d0bcd8d382a240e9d3dfad1dc9ee3bc
e55f2d55d54e4fa6559e94ac3df9224151fad18545e3e71a4dd5555489bb2dc0
GET /usp/css/main.css HTTP/1.1
Host: promo.br.novibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://promo.br.novibet.com/usp/?btag=2002393_3224128838&utm_source=2002393_&utm_medium=affiliate&utm_campaign=USP&click=wt3ns5inlv786e613kiquf5m
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 10 May 2024 06:41:32 GMT
content-type: text/css
last-modified: Tue, 25 Apr 2023 14:22:03 GMT
vary: Accept-Encoding
etag: W/"6447e20b-2aa8"
content-encoding: gzip
X-Firefox-Spdy: h2
promo.br.novibet.com/usp/assets/novibet_logo.png
161.97.158.175200 OK 8.2 kB URL GET HTTP/2 promo.br.novibet.com/usp/assets/novibet_logo.png
IP 161.97.158.175:443
Requested by https://promo.br.novibet.com/usp/?btag=2002393_3224128838&utm_source=2002393_&utm_medium=affiliate&utm_campaign=USP&click=wt3ns5inlv786e613kiquf5m
Certificate IssuerLet's Encrypt
Subjectpromo.br.novibet.com
FingerprintEA:11:13:51:C7:5D:3F:54:C5:B8:5A:69:A8:C6:C1:05:FA:8D:13:52
ValiditySun, 17 Mar 2024 22:46:09 GMT - Sat, 15 Jun 2024 22:46:08 GMT
File type PNG image data, 270 x 65, 8-bit/color RGBA, non-interlaced
Hash 0a8d431adb732b17043b80348d1e20aa
83818a3ae433548c8bd4418037a334ea6342cd56
54c8bc7e85b24b939987b74ee5ee46176a29b3ccd44eba6d1ac37bf8e1d1cffa
GET /usp/assets/novibet_logo.png HTTP/1.1
Host: promo.br.novibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://promo.br.novibet.com/usp/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 10 May 2024 06:41:32 GMT
content-type: image/png
content-length: 8205
last-modified: Tue, 25 Apr 2023 14:22:02 GMT
etag: "6447e20a-200d"
accept-ranges: bytes
X-Firefox-Spdy: h2