Report - rt.novibet.partners/o/j0AeRX?lpage=2jfQgw&site_id=1009673&t1=wt3ns5inlv786e613kiquf5m

Report Overview

Submitted URL
rt.novibet.partners/o/j0AeRX?lpage=2jfQgw&site_id=1009673&t1=wt3ns5inlv786e613kiquf5m
IP
34.252.185.153
ASN
#16509 AMAZON-02
Submitted
2024-05-10 06:41:58
Access
public
Website Title
USP | Novibet
Final URL
promo.br.novibet.com/usp/?btag=2002393_3224128838&utm_source=2002393_&utm_medium=affiliate&utm_campaign=USP&click=wt3ns5inlv786e613kiquf5m
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
2
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ob.cheqzone.com	7866	2018-08-23	2018-10-23	2024-04-29	427 B	39 kB	52.85.243.86
obs.cheqzone.com	4814	2018-08-23	2018-10-23	2024-05-07	6.1 kB	1.8 kB	3.227.190.204
normandy.cdn.mozilla.net	3562	1998-01-31	2017-01-30	2024-05-09	329 B	1.2 kB	35.201.103.21
classify-client.services.mozilla.com	3824	1994-10-18	2019-01-09	2024-05-09	357 B	344 B	34.98.75.36
aus5.mozilla.org	2548	1998-01-24	2015-10-27	2024-05-09	512 B	1.2 kB	35.244.181.201
promo.br.novibet.com	unknown	2009-09-07	2023-03-06	2023-10-21	6.5 kB	1.3 MB	161.97.158.175
rt.novibet.partners	unknown	2022-02-04	2022-04-05	2024-04-24	539 B	93 kB	99.81.50.155
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-05-09	883 B	214 kB	142.250.74.168

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2024-05-10 06:41:33	low	3.227.190.204	Client IP	ET INFO Observed ZeroSSL SSL/TLS Certificate
2024-05-10 06:41:33	low	3.227.190.204	Client IP	ET INFO Observed ZeroSSL SSL/TLS Certificate

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (12)

	URL	Size	First Seen	Last Seen
	www.googletagmanager.com/gtm.js?id=GTM-N3X5RLF	400 kB	2024-05-10	2024-05-10
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-N3X5RLF IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 08:42:00 Last Seen2024-05-10 08:42:00 Times Seen2 Hash bb5810ef804dd6266b1c1c5ee0a78fff a2663b0ae30f4fdbd077b3e87b72589983b5e888 b0b57e268cae4621c4cabebe0b4a981b50a550d434791a82b2c027eb6e596c76 Loading...

	ob.cheqzone.com/clicktrue_invocation.js?id=10386	104 kB	2024-05-10	2024-05-11
Pretty URL ob.cheqzone.com/clicktrue_invocation.js?id=10386 IP 52.85.243.86 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 08:42:00 Last Seen2024-05-11 19:11:13 Times Seen6 Hash 16898d3044371c93a2eb55ab58e44abc a4c930653adf22601104b7101eb9ac00b5a40ba8 071cad91e43a8c3d8d58af6b54da0db3649685f95a6fbf846aa899c6ec697b7f Loading...

	www.googletagmanager.com/gtag/js?id=G-87SZ0WQ7MK&l=dataLayer&cx=c	311 kB	2024-05-10	2024-05-10
Pretty URL www.googletagmanager.com/gtag/js?id=G-87SZ0WQ7MK&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 08:42:00 Last Seen2024-05-10 08:42:01 Times Seen2 Hash 518f5e6d91a7995123dcfa392b34c13d ece5a791a0fc6604090ba9fdc39c9db5d3541673 b617d89986089ac6020b87ed904cb3fa5b5e1d148bcc8474e5bc04958ab33eb6 Loading...

	obs.cheqzone.com/ct?id=10386&url=https%3A%2F%2Fpromo.br.novibet.com%2Fusp%2F%3Fbtag%3D2002393_3224128838%26utm_source%3D2002393_%26utm_medium%3Daffiliate%26utm_campaign%3DUSP%26click%3Dwt3ns5inlv786e613kiquf5m%26cq_aff%3D2002393_&sf=0&tpi=&ch=cheq4ppc&uvid=&tsf=0&tsfmi=&tsfu=&cb=1715323293346&hl=2&op=0&ag=718972423&rand=232869759810112711715109162171620781021002158015291212261166750892965889080187378602&fs=1280x1024&fst=1280x1024&np=linux%20x86_64&nv=&ref=&ss=1280x1024&nc=0&at=&di=W1siZWYiLDI3MzNdLFsiYm5jaCIsMl0sWyJhYm5jaCIsM10sWy04LCItIl0sWy0zNSwiWzE3MTUzMjMyOTMyOTYsMF0iXSxbLTY1LCItIl0sWy0yOSwiLSJdLFstMzIsIi0iXSxbLTUwLCItIl0sWy02OCwiLSJdLFstNjAsIi0iXSxbLTI4LCJlbi1VUyxlbiJdLFstMzEsImZhbHNlIl0sWy0zOCwiYywtMSwtMSw0MzQsMCwxMiwwLDEsMjIyLDI0LC0xLDEsLDExMjgsMTkzMiwxOTMxIl0sWy00MCwiMzciXSxbLTY2LCItIl0sWy0zNCwiLSJdLFstNTcsIlRSZGNRVWxXUzAxS0ZnVjVVVTFOU1VvREZoWldXeGRhVVZ4SVExWlhYQmRhVmxRV1dsVlFXbEpOUzB4Y1psQlhUMVphV0UxUVZsY1hVMG9HVUYwRUNBa0tBUThEQ0FNT0NRc05EUlZLWEUxdFVGUmNWa3hOR1ZGWVYxMVZYRXNUVFJkY1FVbFdTMDFLRmdWNVVVMU5TVW9ERmhaV1d4ZGFVVnhJUTFaWFhCZGFWbFFXV2xWUVdsSk5TMHhjWmxCWFQxWmFXRTFRVmxjWFUwb0dVRjBFQ0FrS0FROERDQU1PQ1FnS0FSVk5GMXhCU1ZaTFRVcDVVVTFOU1VvREZoWldXeGRhVVZ4SVExWlhYQmRhVmxRV1dsVlFXbEpOUzB4Y1psQlhUMVphV0UxUVZsY1hVMG9HVUYwRUNBa0tBUThEQ0FNT0NRMElDaFZ1ZVZGTlRVbEtBdz09Il0sWy0xMCwiLSJdLFstNDgsIjAsMCJdLFstMjQsIltdIl0sWy0zNiwiW1wiNS80XCIsXCI1LzRcIl0iXSxbLTIzLCIrIl0sWy0yNywiLSJdLFstOSwiLSJdLFstMTQsIi0iXSxbLTU5LCItIl0sWy0zLCJbXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCJdIl0sWy02MiwiNTgiXSxbLTY0LCItIl0sWy01NiwibGFuZHNjYXBlLXByaW1hcnkiXSxbLTI2LCItIl0sWy0xNiwiMCJdLFstMTEsIntcInRcIjpcIlwiLFwibVwiOltcImRlc2NyaXB0aW9uXCJdfSJdLFstNywiLSJdLFstMjAsIi0iXSxbLTEyLCJcIjFcIiJdLFstNTIsIi0iXSxbLTI1LCItIl0sWy00NCwiMCw1LDAsNSJdLFstNjcsIi0iXSxbLTYzLCItIl0sWy0xMywiLSJdLFstMTUsIi0iXSxbLTMzLCItIl0sWy00OSwiLSJdLFstNTUsIjEiXSxbLTIyLCJbXCJuXCIsXCJuXCJdIl0sWy0xNywiNDgiXSxbLTEsIkxpbnV4IHg4Nl82NCJdLFstNDMsIjAwMDAwMDAxMDAwMDAwMDAwMDExMTAwMTAwMDAwMTAwMDAwMDAwIl0sWy02LCItIl0sWy00MiwiODgzMzk5MDE2Il0sWy00NiwiMCJdLFstNjEsIi0iXSxbLTMwLCJbXCJ2XCIsMF0iXSxbLTE5LCJbMCwwLDAsMCwwLDAsMSwyNCwyNCxcIi1cIiwxMjgwLDEwMjQsMTI4MCwxMDI0LDEyODAsMTAyNCwxMjgwLDEwMjQsMCwwLDAsMCxcIi1cIixcIi1cIiwxMjgwLDEwMjRdIl0sWy0zOSwiW1wiMjAxMDAxMDFcIiwyLFwiR2Vja29cIixcIk5ldHNjYXBlXCIsXCJNb3ppbGxhXCIsXCIyMDE4MTAwMTAwMDAwMFwiLG51bGwsZmFsc2UsbnVsbCxmYWxzZSxudWxsLDUsdHJ1ZSxmYWxzZSxudWxsLDAsZmFsc2UsZmFsc2VdIl0sWy00NywiLSJdLFstMjEsIi0iXSxbLTIsIi0iXSxbLTQsIi0iXSxbLTUsIi0iXSxbLTM3LCItIl0sWy00MSwiLSJdLFstNTEsIi0iXSxbLTUzLCIwMDEiXSxbLTU0LCJ7XCJoXCI6W1wiXzNcIixcIjQxOTYwNjI3MDJcIl0sXCJkXCI6W10sXCJiXCI6W1wiXzFcIixcIjE2MDE0Nzk2MTBcIl0sXCJzXCI6MX0iXSxbLTU4LCItIl0sWy0xOCwiWzEsMCwwLDBdIl0sWy00NSwiLSJdLFsiZGRiIiwiMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMTUsMCwwLDAsMCwzLDAsMSwwLDAsMCwxLDAsMywwLDAsMCwwLDAsMSwwLDAsMSwxLDAsMCwwLDIsMCwwLDAsMCwwLDAsMCwwLDAsMCJdLFsiY2IiLCIwLDAsMCwwLDAsMCwwLDAsMCwzLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwxLDAsMCwwLDAsMiwwLDEsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDMsMCJdXQ%3D%3D&dep=0&pre=0&sdd=%7B%7D&cri=JmYkDjYI0k&pto=1965&ver=59&gac=-&mei=&ap=&fe=1&duid=1.1715323293.R76sOLGiiBAnSY4E&suid=1.1715323293.ZOrlbpUK3CFuxGrd&tuid=1.1715323293.ETlh0rvvFY0RfNIv&fbc=-&gtm=W10%3D&it=16%2C1716%2C92&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0&ab=&sck=-	3.6 kB	2024-05-10	2024-05-10
Pretty URL obs.cheqzone.com/ct?id=10386&url=https%3A%2F%2Fpromo.br.novibet.com%2Fusp%2F%3Fbtag%3D2002393_3224128838%26utm_source%3D2002393_%26utm_medium%3Daffiliate%26utm_campaign%3DUSP%26click%3Dwt3ns5inlv786e613kiquf5m%26cq_aff%3D2002393_&sf=0&tpi=&ch=cheq4ppc&uvid=&tsf=0&tsfmi=&tsfu=&cb=1715323293346&hl=2&op=0&ag=718972423&rand=232869759810112711715109162171620781021002158015291212261166750892965889080187378602&fs=1280x1024&fst=1280x1024&np=linux%20x86_64&nv=&ref=&ss=1280x1024&nc=0&at=&di=W1siZWYiLDI3MzNdLFsiYm5jaCIsMl0sWyJhYm5jaCIsM10sWy04LCItIl0sWy0zNSwiWzE3MTUzMjMyOTMyOTYsMF0iXSxbLTY1LCItIl0sWy0yOSwiLSJdLFstMzIsIi0iXSxbLTUwLCItIl0sWy02OCwiLSJdLFstNjAsIi0iXSxbLTI4LCJlbi1VUyxlbiJdLFstMzEsImZhbHNlIl0sWy0zOCwiYywtMSwtMSw0MzQsMCwxMiwwLDEsMjIyLDI0LC0xLDEsLDExMjgsMTkzMiwxOTMxIl0sWy00MCwiMzciXSxbLTY2LCItIl0sWy0zNCwiLSJdLFstNTcsIlRSZGNRVWxXUzAxS0ZnVjVVVTFOU1VvREZoWldXeGRhVVZ4SVExWlhYQmRhVmxRV1dsVlFXbEpOUzB4Y1psQlhUMVphV0UxUVZsY1hVMG9HVUYwRUNBa0tBUThEQ0FNT0NRc05EUlZLWEUxdFVGUmNWa3hOR1ZGWVYxMVZYRXNUVFJkY1FVbFdTMDFLRmdWNVVVMU5TVW9ERmhaV1d4ZGFVVnhJUTFaWFhCZGFWbFFXV2xWUVdsSk5TMHhjWmxCWFQxWmFXRTFRVmxjWFUwb0dVRjBFQ0FrS0FROERDQU1PQ1FnS0FSVk5GMXhCU1ZaTFRVcDVVVTFOU1VvREZoWldXeGRhVVZ4SVExWlhYQmRhVmxRV1dsVlFXbEpOUzB4Y1psQlhUMVphV0UxUVZsY1hVMG9HVUYwRUNBa0tBUThEQ0FNT0NRMElDaFZ1ZVZGTlRVbEtBdz09Il0sWy0xMCwiLSJdLFstNDgsIjAsMCJdLFstMjQsIltdIl0sWy0zNiwiW1wiNS80XCIsXCI1LzRcIl0iXSxbLTIzLCIrIl0sWy0yNywiLSJdLFstOSwiLSJdLFstMTQsIi0iXSxbLTU5LCItIl0sWy0zLCJbXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCJdIl0sWy02MiwiNTgiXSxbLTY0LCItIl0sWy01NiwibGFuZHNjYXBlLXByaW1hcnkiXSxbLTI2LCItIl0sWy0xNiwiMCJdLFstMTEsIntcInRcIjpcIlwiLFwibVwiOltcImRlc2NyaXB0aW9uXCJdfSJdLFstNywiLSJdLFstMjAsIi0iXSxbLTEyLCJcIjFcIiJdLFstNTIsIi0iXSxbLTI1LCItIl0sWy00NCwiMCw1LDAsNSJdLFstNjcsIi0iXSxbLTYzLCItIl0sWy0xMywiLSJdLFstMTUsIi0iXSxbLTMzLCItIl0sWy00OSwiLSJdLFstNTUsIjEiXSxbLTIyLCJbXCJuXCIsXCJuXCJdIl0sWy0xNywiNDgiXSxbLTEsIkxpbnV4IHg4Nl82NCJdLFstNDMsIjAwMDAwMDAxMDAwMDAwMDAwMDExMTAwMTAwMDAwMTAwMDAwMDAwIl0sWy02LCItIl0sWy00MiwiODgzMzk5MDE2Il0sWy00NiwiMCJdLFstNjEsIi0iXSxbLTMwLCJbXCJ2XCIsMF0iXSxbLTE5LCJbMCwwLDAsMCwwLDAsMSwyNCwyNCxcIi1cIiwxMjgwLDEwMjQsMTI4MCwxMDI0LDEyODAsMTAyNCwxMjgwLDEwMjQsMCwwLDAsMCxcIi1cIixcIi1cIiwxMjgwLDEwMjRdIl0sWy0zOSwiW1wiMjAxMDAxMDFcIiwyLFwiR2Vja29cIixcIk5ldHNjYXBlXCIsXCJNb3ppbGxhXCIsXCIyMDE4MTAwMTAwMDAwMFwiLG51bGwsZmFsc2UsbnVsbCxmYWxzZSxudWxsLDUsdHJ1ZSxmYWxzZSxudWxsLDAsZmFsc2UsZmFsc2VdIl0sWy00NywiLSJdLFstMjEsIi0iXSxbLTIsIi0iXSxbLTQsIi0iXSxbLTUsIi0iXSxbLTM3LCItIl0sWy00MSwiLSJdLFstNTEsIi0iXSxbLTUzLCIwMDEiXSxbLTU0LCJ7XCJoXCI6W1wiXzNcIixcIjQxOTYwNjI3MDJcIl0sXCJkXCI6W10sXCJiXCI6W1wiXzFcIixcIjE2MDE0Nzk2MTBcIl0sXCJzXCI6MX0iXSxbLTU4LCItIl0sWy0xOCwiWzEsMCwwLDBdIl0sWy00NSwiLSJdLFsiZGRiIiwiMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMTUsMCwwLDAsMCwzLDAsMSwwLDAsMCwxLDAsMywwLDAsMCwwLDAsMSwwLDAsMSwxLDAsMCwwLDIsMCwwLDAsMCwwLDAsMCwwLDAsMCJdLFsiY2IiLCIwLDAsMCwwLDAsMCwwLDAsMCwzLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwxLDAsMCwwLDAsMiwwLDEsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDMsMCJdXQ%3D%3D&dep=0&pre=0&sdd=%7B%7D&cri=JmYkDjYI0k&pto=1965&ver=59&gac=-&mei=&ap=&fe=1&duid=1.1715323293.R76sOLGiiBAnSY4E&suid=1.1715323293.ZOrlbpUK3CFuxGrd&tuid=1.1715323293.ETlh0rvvFY0RfNIv&fbc=-&gtm=W10%3D&it=16%2C1716%2C92&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0&ab=&sck=- IP 3.227.190.204 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 08:42:00 Last Seen2024-05-10 08:42:01 Times Seen2 Hash b9b3f50ae8a7675a8db1c838dc0f0b76 a459f9226cf0c90eda42ed19ce68645c1aad1497 c8a52f0e31dec2c22b1962406838ea83954378aa7c60d7cf5cbff368ba8e4587 Loading...

	promo.br.novibet.com/usp/?btag=2002393_3224128838&utm_source=2002393_&utm_medium=affiliate&utm_campaign=USP&click=wt3ns5inlv786e613kiquf5m	353 B	2024-05-10	2024-05-20
Pretty URL promo.br.novibet.com/usp/?btag=2002393_3224128838&utm_source=2002393_&utm_medium=affiliate&utm_campaign=USP&click=wt3ns5inlv786e613kiquf5m IP 161.97.158.175 ASN #51167 Contabo GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-10 08:42:00 Last Seen2024-05-20 01:23:33 Times Seen6 Hash bc83bb164d9a3988b81f7d6af94a809e dbf11330761fafece30c03f3fa5ff35222b379b4 f11f80501532239bd92e3f6605701c23d7e88e7de495cf444390af9bf73e82c8 Loading...

	promo.br.novibet.com/usp/js/nmain.js	6.1 kB	2024-05-10	2024-05-20
Pretty URL promo.br.novibet.com/usp/js/nmain.js IP 161.97.158.175 ASN #51167 Contabo GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 08:42:00 Last Seen2024-05-20 01:23:33 Times Seen6 Hash d74b428f015898f7caf1e0fa739d9348 4725b494bb357b402a55724affd6f788e68310d0 34e98bb8518d836be2debbf3dadfe45ef477992439890219ab4f4c007dc6e9ad Loading...

	promo.br.novibet.com/usp/?btag=2002393_3224128838&utm_source=2002393_&utm_medium=affiliate&utm_campaign=USP&click=wt3ns5inlv786e613kiquf5m	0 B	2023-03-07	2024-05-20
Pretty URL promo.br.novibet.com/usp/?btag=2002393_3224128838&utm_source=2002393_&utm_medium=affiliate&utm_campaign=USP&click=wt3ns5inlv786e613kiquf5m IP 161.97.158.175 ASN #51167 Contabo GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-20 16:17:41 Times Seen37881445 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

		Size	First Seen	Last Seen
	#1 Eval - b326b5062b2f0e69046810717534cb09	4 B	2023-03-07	2024-05-20
Pretty Observations First Seen2023-03-07 01:03:44 Last Seen2024-05-20 15:41:06 Times Seen24122 Hash b326b5062b2f0e69046810717534cb09 5ffe533b830f08a0326348a9160afafc8ada44db b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b Loading...

	#2 Eval - 889ca9e2c79a3ce7aaadbcdfd0ce4ef5	62 B	2023-03-07	2024-05-20
Pretty Observations First Seen2023-03-07 01:20:41 Last Seen2024-05-20 15:41:06 Times Seen14495 Hash 889ca9e2c79a3ce7aaadbcdfd0ce4ef5 b05c2c051bae71f80cb8c289e5a42d4f96d323fa 6477acf082d26199b6ce8346b93149b1b999233d9fe76b0340ebf43317cf98f8 Loading...

	#3 Eval - e5d8c139688b25ef77b263d88ea99150	7 B	2023-03-07	2024-05-20
Pretty Observations First Seen2023-03-07 01:20:41 Last Seen2024-05-20 15:41:06 Times Seen14529 Hash e5d8c139688b25ef77b263d88ea99150 7abc9c61c4966543f66d150c0155bfac575f86a7 53e5f34ac520035c7f124076d1e68c70a85c83cf68a339fa713b872b54126148 Loading...

	#4 Eval - 413b7dc1caac04ab95e8a1b230b9b3ad	25 B	2023-03-07	2024-05-20
Pretty Observations First Seen2023-03-07 01:20:41 Last Seen2024-05-20 15:41:06 Times Seen5703 Hash 413b7dc1caac04ab95e8a1b230b9b3ad 2657fe2eb543ebc0b54eaa7d3aba3a75fb638630 b62262aeb7ee1694f40152af828f0d72a6ac6572f9db8ffa1ab16784c7532878 Loading...

	#5 Eval - 6559111e4eae643ce013ce0821e91a02	25 B	2023-03-07	2024-05-20
Pretty Observations First Seen2023-03-07 01:20:41 Last Seen2024-05-20 15:41:06 Times Seen13999 Hash 6559111e4eae643ce013ce0821e91a02 fa1086c9aa2cb2d14f5c13bceefe21511bcdae5a d72255f7e5ea4dfdf9821df800356367d0bc7df07ecd103bb660018cb1e4f400 Loading...

HTTP Transactions (21)

	URL	IP	Response	Size
	promo.br.novibet.com/usp/?btag=2002393_3224128838&utm_source=2002393_&utm_medium=affiliate&utm_campaign=USP&click=wt3ns5inlv786e613kiquf5m	161.97.158.175	200 OK	65 kB
URL User Request GET HTTP/2 promo.br.novibet.com/usp/?btag=2002393_3224128838&utm_source=2002393_&utm_medium=affiliate&utm_campaign=USP&click=wt3ns5inlv786e613kiquf5m IP 161.97.158.175:443 ASN #51167 Contabo GmbH Certificate IssuerLet's Encrypt Subjectpromo.br.novibet.com FingerprintEA:11:13:51:C7:5D:3F:54:C5:B8:5A:69:A8:C6:C1:05:FA:8D:13:52 ValiditySun, 17 Mar 2024 22:46:09 GMT - Sat, 15 Jun 2024 22:46:08 GMT File type gzip compressed data, from Unix Size 65 kB (65203 bytes) Hash 808cf1c1c2266b4f63daa0029c9248f1 4cbfa556a5f273f58173f4548be59829eb7ffc61 e6407a1a1614aa1da94ab21b0403764a79916b473ef31e0bd8ac9e61f21245d1 HTTP Headers GET /usp/?btag=2002393_3224128838&utm_source=2002393_&utm_medium=affiliate&utm_campaign=USP&click=wt3ns5inlv786e613kiquf5m HTTP/1.1 Host: promo.br.novibet.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK server: nginx/1.18.0 (Ubuntu) date: Fri, 10 May 2024 06:41:32 GMT content-type: text/html last-modified: Tue, 19 Mar 2024 12:42:37 GMT vary: Accept-Encoding etag: W/"65f9883d-25d6" content-encoding: gzip X-Firefox-Spdy: h2`

	promo.br.novibet.com/usp/assets/btnn.png	161.97.158.175	200 OK	1.6 kB
URL GET HTTP/2 promo.br.novibet.com/usp/assets/btnn.png IP 161.97.158.175:443 ASN #51167 Contabo GmbH Requested by https://promo.br.novibet.com/usp/?btag=2002393_3224128838&utm_source=2002393_&utm_medium=affiliate&utm_campaign=USP&click=wt3ns5inlv786e613kiquf5m Certificate IssuerLet's Encrypt Subjectpromo.br.novibet.com FingerprintEA:11:13:51:C7:5D:3F:54:C5:B8:5A:69:A8:C6:C1:05:FA:8D:13:52 ValiditySun, 17 Mar 2024 22:46:09 GMT - Sat, 15 Jun 2024 22:46:08 GMT File type PNG image data, 56 x 56, 8-bit/color RGBA, non-interlaced Size 1.6 kB (1614 bytes) Hash ad706d49f11bb3924546fba7085a5901 335c74b4077e213463c4d461fcc0b71604599399 796d2e4364bb93190724b45771d9ff9c7183077a060c9984e5d77b3b16c4f92f HTTP Headers GET /usp/assets/btnn.png HTTP/1.1 Host: promo.br.novibet.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://promo.br.novibet.com/usp/?btag=2002393_3224128838&utm_source=2002393_&utm_medium=affiliate&utm_campaign=USP&click=wt3ns5inlv786e613kiquf5m Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx/1.18.0 (Ubuntu) date: Fri, 10 May 2024 06:41:32 GMT content-type: image/png content-length: 1614 last-modified: Tue, 25 Apr 2023 14:22:01 GMT etag: "6447e209-64e" accept-ranges: bytes X-Firefox-Spdy: h2`

	promo.br.novibet.com/usp/assets/btnnw.png	161.97.158.175	200 OK	1.6 kB
URL GET HTTP/2 promo.br.novibet.com/usp/assets/btnnw.png IP 161.97.158.175:443 ASN #51167 Contabo GmbH Requested by https://promo.br.novibet.com/usp/?btag=2002393_3224128838&utm_source=2002393_&utm_medium=affiliate&utm_campaign=USP&click=wt3ns5inlv786e613kiquf5m Certificate IssuerLet's Encrypt Subjectpromo.br.novibet.com FingerprintEA:11:13:51:C7:5D:3F:54:C5:B8:5A:69:A8:C6:C1:05:FA:8D:13:52 ValiditySun, 17 Mar 2024 22:46:09 GMT - Sat, 15 Jun 2024 22:46:08 GMT File type PNG image data, 56 x 56, 8-bit/color RGBA, non-interlaced Size 1.6 kB (1649 bytes) Hash 12de3a0e3008115f6bd1830ac2f2c92a 332c2e94c354b28718c86aa2d7c6745a97f8f330 d03b2d63eefd09d99a90cab4d369366711e551c71be957360ff90e42a05a29e3 HTTP Headers GET /usp/assets/btnnw.png HTTP/1.1 Host: promo.br.novibet.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://promo.br.novibet.com/usp/?btag=2002393_3224128838&utm_source=2002393_&utm_medium=affiliate&utm_campaign=USP&click=wt3ns5inlv786e613kiquf5m Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx/1.18.0 (Ubuntu) date: Fri, 10 May 2024 06:41:32 GMT content-type: image/png content-length: 1649 last-modified: Tue, 25 Apr 2023 14:22:00 GMT etag: "6447e208-671" accept-ranges: bytes X-Firefox-Spdy: h2`

	rt.novibet.partners/o/j0AeRX?lpage=2jfQgw&site_id=1009673&t1=wt3ns5inlv786e613kiquf5m	99.81.50.155	302 Found	90 kB
URL User Request GET HTTP/2 rt.novibet.partners/o/j0AeRX?lpage=2jfQgw&site_id=1009673&t1=wt3ns5inlv786e613kiquf5m IP 99.81.50.155:443 ASN #16509 AMAZON-02 Certificate IssuerAmazon Subjectpartner.novibet.com FingerprintD6:54:0E:88:5D:54:9F:8F:F4:87:25:4C:42:0F:8A:6B:AA:96:4C:F3 ValidityMon, 05 Feb 2024 00:00:00 GMT - Thu, 06 Mar 2025 23:59:59 GMT File type data Size 90 kB (89784 bytes) Hash 838edcca9af4c543f69b90847563aa7b ea84a1a74e1a23a1b025659fe7008dcf8b19d5b6 0950a8c88cb1b1750ce464480297828250264b0f431967cd8990c293278689a1 HTTP Headers GET /o/j0AeRX?lpage=2jfQgw&site_id=1009673&t1=wt3ns5inlv786e613kiquf5m HTTP/1.1 Host: rt.novibet.partners User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 302 Found date: Fri, 10 May 2024 06:41:31 GMT content-type: text/html; charset=UTF-8 location: https://promo.br.novibet.com/usp/?btag=2002393_3224128838&utm_source=2002393_&utm_medium=affiliate&utm_campaign=USP&click=wt3ns5inlv786e613kiquf5m server: nginx cache-control: no-cache, private content-security-policy: default-src 'self' ;script-src 'self' 'unsafe-inline' data: .googleapis.com .twitter.com .facebook.net www.googleadservices.com www.gstatic.com www.google.com google.com google.co.uk http://.hotjar.com https://.hotjar.com http://.hotjar.io https://.hotjar.io use.fontawesome.com storage.bannernow.com c.bannerflow.net;style-src 'self' 'unsafe-inline' fonts.googleapis.com www.gstatic.com tagmanager.google.com maxcdn.bootstrapcdn.com cdn-images.mailchimp.com use.fontawesome.com fonts.bunny.net;img-src 'self' data:;font-src 'self' data: fonts.googleapis.com fonts.gstatic.com fonts.bunny.net use.fontawesome.com;connect-src 'self' fonts.googleapis.com insights.hotjar.com wss://.hotjar.com http://.hotjar.com https://.hotjar.com http://.hotjar.io https://.hotjar.io;frame-src 'self' www.google.com vars.hotjar.com http://.hotjar.com https://.hotjar.com http://.hotjar.io https://*.hotjar.io storage.bannernow.com c.bannerflow.net;worker-src 'self' self blob: 'unsafe-inline'; set-cookie: XSRF-TOKEN=eyJpdiI6ImNaME9DQWFTajRuN3lJa0d0alFyMFE9PSIsInZhbHVlIjoiM1BhMEk0Q1VqaVpIZ0lVblI5bk5sQmt2cE1Yb3NGRUljS2hOZHZGa2ZMZVp5bjVNUVNUODlDN3Q3T3lXeTN5dEduR21ZVDUyK0VpMndyaXhTRG00c1NWUk15THpBQWE2YmsvdkpGbkZPRUpWNFJVWkhpQUd0eFVIdjg3WmQvRkwiLCJtYWMiOiJlZjZlNTRjZDUxYmEwYjlhYTM3M2YyMjY1MjM2YmUyZjEwNzZjYWQ5OGNjNThmMDUxNGQwYTE4YWUzMWYwNDk5IiwidGFnIjoiIn0%3D; expires=Fri, 10-May-2024 08:41:31 GMT; Max-Age=7200; path=/; samesite=lax rvn_app_session=eyJpdiI6Imw1VDByTUF6K1pkNktlQ0tnZ3U3N2c9PSIsInZhbHVlIjoibFN0Ky9rTEV4akM3NFk4VVhvZ2NBbUU1YjVJL0JZcTVUMU5ya1JFUk5OTUwwYXN0aDVzNFVyck1zWG80MlJ3S1VTZGNQYXJ6VzJzQVQrQXBSaGZOalFGQWZFLy9jamdFQmZvVEV4aGx5YjROVFRGQ3FvelRCNkJDQVZMMEVhNTIiLCJtYWMiOiJkYTE4YWJhYjIxZWYwYmYzNjdlYmYwNGExMzM4MWU1NDkyOWJlZDYwOGNlMjE3MjJlMTVhZTEzODEzZGIyYzBiIiwidGFnIjoiIn0%3D; expires=Fri, 10-May-2024 08:41:31 GMT; Max-Age=7200; path=/; httponly; samesite=lax campaign_119_lp_323_aff_2002393=eyJpdiI6IlZrQ2lQN3Bxc3M3dTlSTnBEalc0ZEE9PSIsInZhbHVlIjoiT3U5enNQU2cwVi9BNVYzVU1SV08xanoyd2hvZnk3RXUxZUJEdE4rMFFwWnZkTVFDanptOFY4dFF0cWxyNGNhTU1KMjNXdHV2LzlwNm9FazJvQWhrYVE9PSIsIm1hYyI6IjNkM2I3NjA0NjRjMWFjYjU2ZjNmYjc1N2MyZmE0ZjI1ZDY3YWNhYTNiZTBmMmUxYTRmZDdkZGNlMzU1MDQwYTciLCJ0YWciOiIifQ%3D%3D; expires=Sat, 11-May-2024 06:41:31 GMT; Max-Age=86400; path=/; httponly; samesite=lax campaign_5=eyJpdiI6IlhEMkZkSGFsTE5QUEw2cmJhRjVMZ1E9PSIsInZhbHVlIjoidlN6WFBNNW4vUExueHdIMUlBRnYzMEpYd2h4VnpmcXd0ZkV5NUhqZGp0aHYwNHF2SWhDUXpTM0ZvMWd2bEE5NnczZ09kVkVCVE5NR0w4S3YxK3d4azJuMTFHY2RjcEJTeE9TYjcxQ2tsSnd2NVh5Si9mWkd6aDdwbEFTZXhNRUQ3SUJoUHFFbjR3QTF5cnBSaU5QMTN3PT0iLCJtYWMiOiIyYzI1NjgxYzkzYWMyNmU5YThkZmM1N2E0ZDMxN2RhZWUyMzU1NzQ4YzIxZDViN2VjZWQ4ZjRhOTljZTM0MTM2IiwidGFnIjoiIn0%3D; expires=Sun, 09-Jun-2024 06:41:31 GMT; Max-Age=2592000; path=/; httponly; samesite=lax X-Firefox-Spdy: h2

	promo.br.novibet.com/usp/js/nmain.js	161.97.158.175	200 OK	10 kB
URL GET HTTP/2 promo.br.novibet.com/usp/js/nmain.js IP 161.97.158.175:443 ASN #51167 Contabo GmbH Requested by https://promo.br.novibet.com/usp/?btag=2002393_3224128838&utm_source=2002393_&utm_medium=affiliate&utm_campaign=USP&click=wt3ns5inlv786e613kiquf5m Certificate IssuerLet's Encrypt Subjectpromo.br.novibet.com FingerprintEA:11:13:51:C7:5D:3F:54:C5:B8:5A:69:A8:C6:C1:05:FA:8D:13:52 ValiditySun, 17 Mar 2024 22:46:09 GMT - Sat, 15 Jun 2024 22:46:08 GMT File type gzip compressed data, from Unix Size 10 kB (10031 bytes) Hash a568745add13be0b759298722a4a6f9e 9ceb98be373e15ec09f4837e4c7a7c61d6e53bc3 c6512d6b5c542b914eb53cdd5500ae976191f740517372c687404adb7c143dd8 HTTP Headers GET /usp/js/nmain.js HTTP/1.1 Host: promo.br.novibet.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://promo.br.novibet.com/usp/?btag=2002393_3224128838&utm_source=2002393_&utm_medium=affiliate&utm_campaign=USP&click=wt3ns5inlv786e613kiquf5m Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx/1.18.0 (Ubuntu) date: Fri, 10 May 2024 06:41:32 GMT content-type: application/javascript last-modified: Wed, 28 Jun 2023 14:04:27 GMT vary: Accept-Encoding etag: W/"649c3deb-17c0" content-encoding: gzip X-Firefox-Spdy: h2`

	promo.br.novibet.com/usp/assets/fonts/OpenSans-Regular.ttf	161.97.158.175	200 OK	97 kB
URL GET HTTP/2 promo.br.novibet.com/usp/assets/fonts/OpenSans-Regular.ttf IP 161.97.158.175:443 ASN #51167 Contabo GmbH Requested by https://promo.br.novibet.com/usp/?btag=2002393_3224128838&utm_source=2002393_&utm_medium=affiliate&utm_campaign=USP&click=wt3ns5inlv786e613kiquf5m Certificate IssuerLet's Encrypt Subjectpromo.br.novibet.com FingerprintEA:11:13:51:C7:5D:3F:54:C5:B8:5A:69:A8:C6:C1:05:FA:8D:13:52 ValiditySun, 17 Mar 2024 22:46:09 GMT - Sat, 15 Jun 2024 22:46:08 GMT File type TrueType Font data, 17 tables, 1st "GDEF", 13 names, Microsoft, language 0x409, Digitized data copyright � 2010-2011, Google Corporation.Open SansRegular1.10;1ASC;OpenSans-Regu Size 97 kB (96932 bytes) Hash 3ed9575dcc488c3e3a5bd66620bdf5a4 babe8dce93a3e48b6c3c79720a0c048e88dd1fe7 037236ed4bf58a85f67074c165d308260fd6be01c86d7df4e79ea16eb273f8c5 HTTP Headers GET /usp/assets/fonts/OpenSans-Regular.ttf HTTP/1.1 Host: promo.br.novibet.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://promo.br.novibet.com/usp/css/main.css Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx/1.18.0 (Ubuntu) date: Fri, 10 May 2024 06:41:32 GMT content-type: application/octet-stream content-length: 96932 last-modified: Tue, 25 Apr 2023 14:22:04 GMT etag: "6447e20c-17aa4" accept-ranges: bytes X-Firefox-Spdy: h2`

	promo.br.novibet.com/usp/assets/fonts/OpenSans-ExtraBold.ttf	161.97.158.175	200 OK	102 kB
URL GET HTTP/2 promo.br.novibet.com/usp/assets/fonts/OpenSans-ExtraBold.ttf IP 161.97.158.175:443 ASN #51167 Contabo GmbH Requested by https://promo.br.novibet.com/usp/?btag=2002393_3224128838&utm_source=2002393_&utm_medium=affiliate&utm_campaign=USP&click=wt3ns5inlv786e613kiquf5m Certificate IssuerLet's Encrypt Subjectpromo.br.novibet.com FingerprintEA:11:13:51:C7:5D:3F:54:C5:B8:5A:69:A8:C6:C1:05:FA:8D:13:52 ValiditySun, 17 Mar 2024 22:46:09 GMT - Sat, 15 Jun 2024 22:46:08 GMT File type TrueType Font data, 17 tables, 1st "GDEF", 15 names, Microsoft, language 0x409, Digitized data copyright � 2011, Google Corporation.Open Sans ExtraBoldRegular1.10;1ASC;OpenSans Size 102 kB (102076 bytes) Hash fb7e3a294cb07a54605a8bb27f0cd528 5acb1de2513aca9ce4fcf5d1e1e49aad86f1888c 4b2dc1f55b7b457c181d8ab3c2d34225f6eefac0b018d6e9abdd775a0eb29db6 HTTP Headers GET /usp/assets/fonts/OpenSans-ExtraBold.ttf HTTP/1.1 Host: promo.br.novibet.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://promo.br.novibet.com/usp/css/main.css Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx/1.18.0 (Ubuntu) date: Fri, 10 May 2024 06:41:32 GMT content-type: application/octet-stream content-length: 102076 last-modified: Tue, 25 Apr 2023 14:22:03 GMT etag: "6447e20b-18ebc" accept-ranges: bytes X-Firefox-Spdy: h2`

	promo.br.novibet.com/usp/assets/fonts/OpenSans-SemiBold.ttf	161.97.158.175	200 OK	101 kB
URL GET HTTP/2 promo.br.novibet.com/usp/assets/fonts/OpenSans-SemiBold.ttf IP 161.97.158.175:443 ASN #51167 Contabo GmbH Requested by https://promo.br.novibet.com/usp/?btag=2002393_3224128838&utm_source=2002393_&utm_medium=affiliate&utm_campaign=USP&click=wt3ns5inlv786e613kiquf5m Certificate IssuerLet's Encrypt Subjectpromo.br.novibet.com FingerprintEA:11:13:51:C7:5D:3F:54:C5:B8:5A:69:A8:C6:C1:05:FA:8D:13:52 ValiditySun, 17 Mar 2024 22:46:09 GMT - Sat, 15 Jun 2024 22:46:08 GMT File type TrueType Font data, 17 tables, 1st "GDEF", 15 names, Microsoft, language 0x409, Digitized data copyright � 2011, Google Corporation.Open Sans SemiBoldRegular1.10;1ASC;OpenSans- Size 101 kB (100820 bytes) Hash ba5cde21eeea0d57ab7efefc99596cce e256f8391718ef61f253dfb4e95bbeb3c5857afc 5e8d9e1a89083cd1b0849993fe2f3acc9aa33b7f439f7e8616872f6897f30684 HTTP Headers GET /usp/assets/fonts/OpenSans-SemiBold.ttf HTTP/1.1 Host: promo.br.novibet.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://promo.br.novibet.com/usp/css/main.css Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx/1.18.0 (Ubuntu) date: Fri, 10 May 2024 06:41:32 GMT content-type: application/octet-stream content-length: 100820 last-modified: Tue, 25 Apr 2023 14:22:04 GMT etag: "6447e20c-189d4" accept-ranges: bytes X-Firefox-Spdy: h2`

	promo.br.novibet.com/usp/assets/button-cadastre-se.png	161.97.158.175	200 OK	3.0 kB
URL GET HTTP/2 promo.br.novibet.com/usp/assets/button-cadastre-se.png IP 161.97.158.175:443 ASN #51167 Contabo GmbH Requested by https://promo.br.novibet.com/usp/?btag=2002393_3224128838&utm_source=2002393_&utm_medium=affiliate&utm_campaign=USP&click=wt3ns5inlv786e613kiquf5m Certificate IssuerLet's Encrypt Subjectpromo.br.novibet.com FingerprintEA:11:13:51:C7:5D:3F:54:C5:B8:5A:69:A8:C6:C1:05:FA:8D:13:52 ValiditySun, 17 Mar 2024 22:46:09 GMT - Sat, 15 Jun 2024 22:46:08 GMT File type PNG image data, 480 x 89, 8-bit colormap, non-interlaced Size 3.0 kB (2969 bytes) Hash 4b4d4ec6608a47e8dc36998d7b05f543 d8ea66216663b0c4c111035cbf21bf2bee1fa390 720c2492d0cfbf27d04a736e1941ae66cd4171b063254752f749c370783195ac HTTP Headers `GET /usp/assets/button-cadastre-se.png HTTP/1.1 Host: promo.br.novibet.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://promo.br.novibet.com/usp/css/main.css Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx/1.18.0 (Ubuntu) date: Fri, 10 May 2024 06:41:32 GMT content-type: image/png content-length: 2969 last-modified: Tue, 25 Apr 2023 14:22:01 GMT etag: "6447e209-b99" accept-ranges: bytes X-Firefox-Spdy: h2`

	promo.br.novibet.com/usp/assets/bg.jpg	161.97.158.175	200 OK	882 kB
URL GET HTTP/2 promo.br.novibet.com/usp/assets/bg.jpg IP 161.97.158.175:443 ASN #51167 Contabo GmbH Requested by https://promo.br.novibet.com/usp/?btag=2002393_3224128838&utm_source=2002393_&utm_medium=affiliate&utm_campaign=USP&click=wt3ns5inlv786e613kiquf5m Certificate IssuerLet's Encrypt Subjectpromo.br.novibet.com FingerprintEA:11:13:51:C7:5D:3F:54:C5:B8:5A:69:A8:C6:C1:05:FA:8D:13:52 ValiditySun, 17 Mar 2024 22:46:09 GMT - Sat, 15 Jun 2024 22:46:08 GMT File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, progressive, precision 8, 1920x1080, components 3 Size 882 kB (882282 bytes) Hash 12490b73a180145a87f5546a3a5282fb 51080212ca827ac99863cdf615b41f6395a3645c b339fdafee9b4e335972eeacf5eba5e47b72368590f68309833856014fed003c HTTP Headers `GET /usp/assets/bg.jpg HTTP/1.1 Host: promo.br.novibet.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://promo.br.novibet.com/usp/css/main.css Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK server: nginx/1.18.0 (Ubuntu) date: Fri, 10 May 2024 06:41:32 GMT content-type: image/jpeg content-length: 882282 last-modified: Tue, 25 Apr 2023 14:22:02 GMT etag: "6447e20a-d766a" accept-ranges: bytes X-Firefox-Spdy: h2`

	www.googletagmanager.com/gtm.js?id=GTM-N3X5RLF	142.250.74.168	200 OK	110 kB
URL GET HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-N3X5RLF IP 142.250.74.168:443 ASN #15169 GOOGLE Requested by https://promo.br.novibet.com/usp/?btag=2002393_3224128838&utm_source=2002393_&utm_medium=affiliate&utm_campaign=USP&click=wt3ns5inlv786e613kiquf5m Certificate IssuerGoogle Trust Services LLC Subject.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT File type JavaScript source, ASCII text, with very long lines (40203) Size 110 kB (110322 bytes) Hash bb5810ef804dd6266b1c1c5ee0a78fff a2663b0ae30f4fdbd077b3e87b72589983b5e888 b0b57e268cae4621c4cabebe0b4a981b50a550d434791a82b2c027eb6e596c76 HTTP Headers `GET /gtm.js?id=GTM-N3X5RLF HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://promo.br.novibet.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Fri, 10 May 2024 06:41:32 GMT expires: Fri, 10 May 2024 06:41:32 GMT cache-control: private, max-age=900 last-modified: Fri, 10 May 2024 06:00:00 GMT strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin server: Google Tag Manager content-length: 110322 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	promo.br.novibet.com/usp/assets/favicon.ico	161.97.158.175	200 OK	15 kB
URL GET HTTP/2 promo.br.novibet.com/usp/assets/favicon.ico IP 161.97.158.175:443 ASN #51167 Contabo GmbH Requested by https://promo.br.novibet.com/usp/?btag=2002393_3224128838&utm_source=2002393_&utm_medium=affiliate&utm_campaign=USP&click=wt3ns5inlv786e613kiquf5m Certificate IssuerLet's Encrypt Subjectpromo.br.novibet.com FingerprintEA:11:13:51:C7:5D:3F:54:C5:B8:5A:69:A8:C6:C1:05:FA:8D:13:52 ValiditySun, 17 Mar 2024 22:46:09 GMT - Sat, 15 Jun 2024 22:46:08 GMT File type MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel Size 15 kB (15406 bytes) Hash 362fe2f0301415cb73a1887737a58c12 7180de0b3e80acd48e1c2fa21acf6c4fc592eed3 1db17858a09f81d07fa19e9ea64e1b8a684eae08422b74c1477eef4c1ba78454 HTTP Headers GET /usp/assets/favicon.ico HTTP/1.1 Host: promo.br.novibet.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://promo.br.novibet.com/usp/?btag=2002393_3224128838&utm_source=2002393_&utm_medium=affiliate&utm_campaign=USP&click=wt3ns5inlv786e613kiquf5m Cookie: btagC=2002393_3224128838; utm_source=2002393_; utm_medium=affiliate; utm_campaign=USP Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx/1.18.0 (Ubuntu) date: Fri, 10 May 2024 06:41:32 GMT content-type: image/x-icon content-length: 15406 last-modified: Tue, 25 Apr 2023 14:22:01 GMT etag: "6447e209-3c2e" accept-ranges: bytes X-Firefox-Spdy: h2`

	ob.cheqzone.com/clicktrue_invocation.js?id=10386	52.85.243.86	200 OK	38 kB
URL GET HTTP/2 ob.cheqzone.com/clicktrue_invocation.js?id=10386 IP 52.85.243.86:443 ASN #16509 AMAZON-02 Requested by https://promo.br.novibet.com/usp/?btag=2002393_3224128838&utm_source=2002393_&utm_medium=affiliate&utm_campaign=USP&click=wt3ns5inlv786e613kiquf5m Certificate IssuerAmazon Subject.cheqzone.com Fingerprint80:95:A2:95:D8:43:80:F8:B4:9E:D5:04:19:58:5D:26:B6:68:3E:2B ValidityThu, 23 Nov 2023 00:00:00 GMT - Fri, 20 Dec 2024 23:59:59 GMT File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators Size 38 kB (38154 bytes) Hash 16898d3044371c93a2eb55ab58e44abc a4c930653adf22601104b7101eb9ac00b5a40ba8 071cad91e43a8c3d8d58af6b54da0db3649685f95a6fbf846aa899c6ec697b7f HTTP Headers `GET /clicktrue_invocation.js?id=10386 HTTP/1.1 Host: ob.cheqzone.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://promo.br.novibet.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: text/javascript; charset=utf-8 content-length: 38154 content-encoding: gzip server: Caddy date: Thu, 09 May 2024 21:40:06 GMT cache-control: max-age=43200 expires: Fri, 10 May 2024 09:40:03 GMT etag: "197e1-pMkwZTrfImARBLcQHrmsALWkC6g" vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 1132899b9bc2928e13b30713fd82f9b0.cloudfront.net (CloudFront) x-amz-cf-pop: ARN1-C1 x-amz-cf-id: L7gdk-b-PGWkI2E-3x8eDBnA4VHG2rnerq-SLCrrPKTGZfGEN7uz6w== age: 32490 X-Firefox-Spdy: h2

	www.googletagmanager.com/gtag/js?id=G-87SZ0WQ7MK&l=dataLayer&cx=c	142.250.74.168	200 OK	103 kB
URL GET HTTP/3 www.googletagmanager.com/gtag/js?id=G-87SZ0WQ7MK&l=dataLayer&cx=c IP 142.250.74.168:443 ASN #15169 GOOGLE Requested by https://promo.br.novibet.com/usp/?btag=2002393_3224128838&utm_source=2002393_&utm_medium=affiliate&utm_campaign=USP&click=wt3ns5inlv786e613kiquf5m Certificate IssuerGoogle Trust Services LLC Subject.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT File type JavaScript source, ASCII text, with very long lines (5955) Size 103 kB (102609 bytes) Hash 518f5e6d91a7995123dcfa392b34c13d ece5a791a0fc6604090ba9fdc39c9db5d3541673 b617d89986089ac6020b87ed904cb3fa5b5e1d148bcc8474e5bc04958ab33eb6 HTTP Headers `GET /gtag/js?id=G-87SZ0WQ7MK&l=dataLayer&cx=c HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://promo.br.novibet.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Fri, 10 May 2024 06:41:33 GMT expires: Fri, 10 May 2024 06:41:33 GMT cache-control: private, max-age=900 strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin server: Google Tag Manager content-length: 102609 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	obs.cheqzone.com/ct?id=10386&url=https%3A%2F%2Fpromo.br.novibet.com%2Fusp%2F%3Fbtag%3D2002393_3224128838%26utm_source%3D2002393_%26utm_medium%3Daffiliate%26utm_campaign%3DUSP%26click%3Dwt3ns5inlv786e613kiquf5m%26cq_aff%3D2002393_&sf=0&tpi=&ch=cheq4ppc&uvid=&tsf=0&tsfmi=&tsfu=&cb=1715323293346&hl=2&op=0&ag=718972423&rand=232869759810112711715109162171620781021002158015291212261166750892965889080187378602&fs=1280x1024&fst=1280x1024&np=linux%20x86_64&nv=&ref=&ss=1280x1024&nc=0&at=&di=W1siZWYiLDI3MzNdLFsiYm5jaCIsMl0sWyJhYm5jaCIsM10sWy04LCItIl0sWy0zNSwiWzE3MTUzMjMyOTMyOTYsMF0iXSxbLTY1LCItIl0sWy0yOSwiLSJdLFstMzIsIi0iXSxbLTUwLCItIl0sWy02OCwiLSJdLFstNjAsIi0iXSxbLTI4LCJlbi1VUyxlbiJdLFstMzEsImZhbHNlIl0sWy0zOCwiYywtMSwtMSw0MzQsMCwxMiwwLDEsMjIyLDI0LC0xLDEsLDExMjgsMTkzMiwxOTMxIl0sWy00MCwiMzciXSxbLTY2LCItIl0sWy0zNCwiLSJdLFstNTcsIlRSZGNRVWxXUzAxS0ZnVjVVVTFOU1VvREZoWldXeGRhVVZ4SVExWlhYQmRhVmxRV1dsVlFXbEpOUzB4Y1psQlhUMVphV0UxUVZsY1hVMG9HVUYwRUNBa0tBUThEQ0FNT0NRc05EUlZLWEUxdFVGUmNWa3hOR1ZGWVYxMVZYRXNUVFJkY1FVbFdTMDFLRmdWNVVVMU5TVW9ERmhaV1d4ZGFVVnhJUTFaWFhCZGFWbFFXV2xWUVdsSk5TMHhjWmxCWFQxWmFXRTFRVmxjWFUwb0dVRjBFQ0FrS0FROERDQU1PQ1FnS0FSVk5GMXhCU1ZaTFRVcDVVVTFOU1VvREZoWldXeGRhVVZ4SVExWlhYQmRhVmxRV1dsVlFXbEpOUzB4Y1psQlhUMVphV0UxUVZsY1hVMG9HVUYwRUNBa0tBUThEQ0FNT0NRMElDaFZ1ZVZGTlRVbEtBdz09Il0sWy0xMCwiLSJdLFstNDgsIjAsMCJdLFstMjQsIltdIl0sWy0zNiwiW1wiNS80XCIsXCI1LzRcIl0iXSxbLTIzLCIrIl0sWy0yNywiLSJdLFstOSwiLSJdLFstMTQsIi0iXSxbLTU5LCItIl0sWy0zLCJbXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCJdIl0sWy02MiwiNTgiXSxbLTY0LCItIl0sWy01NiwibGFuZHNjYXBlLXByaW1hcnkiXSxbLTI2LCItIl0sWy0xNiwiMCJdLFstMTEsIntcInRcIjpcIlwiLFwibVwiOltcImRlc2NyaXB0aW9uXCJdfSJdLFstNywiLSJdLFstMjAsIi0iXSxbLTEyLCJcIjFcIiJdLFstNTIsIi0iXSxbLTI1LCItIl0sWy00NCwiMCw1LDAsNSJdLFstNjcsIi0iXSxbLTYzLCItIl0sWy0xMywiLSJdLFstMTUsIi0iXSxbLTMzLCItIl0sWy00OSwiLSJdLFstNTUsIjEiXSxbLTIyLCJbXCJuXCIsXCJuXCJdIl0sWy0xNywiNDgiXSxbLTEsIkxpbnV4IHg4Nl82NCJdLFstNDMsIjAwMDAwMDAxMDAwMDAwMDAwMDExMTAwMTAwMDAwMTAwMDAwMDAwIl0sWy02LCItIl0sWy00MiwiODgzMzk5MDE2Il0sWy00NiwiMCJdLFstNjEsIi0iXSxbLTMwLCJbXCJ2XCIsMF0iXSxbLTE5LCJbMCwwLDAsMCwwLDAsMSwyNCwyNCxcIi1cIiwxMjgwLDEwMjQsMTI4MCwxMDI0LDEyODAsMTAyNCwxMjgwLDEwMjQsMCwwLDAsMCxcIi1cIixcIi1cIiwxMjgwLDEwMjRdIl0sWy0zOSwiW1wiMjAxMDAxMDFcIiwyLFwiR2Vja29cIixcIk5ldHNjYXBlXCIsXCJNb3ppbGxhXCIsXCIyMDE4MTAwMTAwMDAwMFwiLG51bGwsZmFsc2UsbnVsbCxmYWxzZSxudWxsLDUsdHJ1ZSxmYWxzZSxudWxsLDAsZmFsc2UsZmFsc2VdIl0sWy00NywiLSJdLFstMjEsIi0iXSxbLTIsIi0iXSxbLTQsIi0iXSxbLTUsIi0iXSxbLTM3LCItIl0sWy00MSwiLSJdLFstNTEsIi0iXSxbLTUzLCIwMDEiXSxbLTU0LCJ7XCJoXCI6W1wiXzNcIixcIjQxOTYwNjI3MDJcIl0sXCJkXCI6W10sXCJiXCI6W1wiXzFcIixcIjE2MDE0Nzk2MTBcIl0sXCJzXCI6MX0iXSxbLTU4LCItIl0sWy0xOCwiWzEsMCwwLDBdIl0sWy00NSwiLSJdLFsiZGRiIiwiMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMTUsMCwwLDAsMCwzLDAsMSwwLDAsMCwxLDAsMywwLDAsMCwwLDAsMSwwLDAsMSwxLDAsMCwwLDIsMCwwLDAsMCwwLDAsMCwwLDAsMCJdLFsiY2IiLCIwLDAsMCwwLDAsMCwwLDAsMCwzLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwxLDAsMCwwLDAsMiwwLDEsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDMsMCJdXQ%3D%3D&dep=0&pre=0&sdd=%7B%7D&cri=JmYkDjYI0k&pto=1965&ver=59&gac=-&mei=&ap=&fe=1&duid=1.1715323293.R76sOLGiiBAnSY4E&suid=1.1715323293.ZOrlbpUK3CFuxGrd&tuid=1.1715323293.ETlh0rvvFY0RfNIv&fbc=-&gtm=W10%3D&it=16%2C1716%2C92&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0&ab=&sck=-	3.227.190.204	200 OK	1.2 kB
URL GET HTTP/2 obs.cheqzone.com/ct?id=10386&url=https%3A%2F%2Fpromo.br.novibet.com%2Fusp%2F%3Fbtag%3D2002393_3224128838%26utm_source%3D2002393_%26utm_medium%3Daffiliate%26utm_campaign%3DUSP%26click%3Dwt3ns5inlv786e613kiquf5m%26cq_aff%3D2002393_&sf=0&tpi=&ch=cheq4ppc&uvid=&tsf=0&tsfmi=&tsfu=&cb=1715323293346&hl=2&op=0&ag=718972423&rand=232869759810112711715109162171620781021002158015291212261166750892965889080187378602&fs=1280x1024&fst=1280x1024&np=linux%20x86_64&nv=&ref=&ss=1280x1024&nc=0&at=&di=W1siZWYiLDI3MzNdLFsiYm5jaCIsMl0sWyJhYm5jaCIsM10sWy04LCItIl0sWy0zNSwiWzE3MTUzMjMyOTMyOTYsMF0iXSxbLTY1LCItIl0sWy0yOSwiLSJdLFstMzIsIi0iXSxbLTUwLCItIl0sWy02OCwiLSJdLFstNjAsIi0iXSxbLTI4LCJlbi1VUyxlbiJdLFstMzEsImZhbHNlIl0sWy0zOCwiYywtMSwtMSw0MzQsMCwxMiwwLDEsMjIyLDI0LC0xLDEsLDExMjgsMTkzMiwxOTMxIl0sWy00MCwiMzciXSxbLTY2LCItIl0sWy0zNCwiLSJdLFstNTcsIlRSZGNRVWxXUzAxS0ZnVjVVVTFOU1VvREZoWldXeGRhVVZ4SVExWlhYQmRhVmxRV1dsVlFXbEpOUzB4Y1psQlhUMVphV0UxUVZsY1hVMG9HVUYwRUNBa0tBUThEQ0FNT0NRc05EUlZLWEUxdFVGUmNWa3hOR1ZGWVYxMVZYRXNUVFJkY1FVbFdTMDFLRmdWNVVVMU5TVW9ERmhaV1d4ZGFVVnhJUTFaWFhCZGFWbFFXV2xWUVdsSk5TMHhjWmxCWFQxWmFXRTFRVmxjWFUwb0dVRjBFQ0FrS0FROERDQU1PQ1FnS0FSVk5GMXhCU1ZaTFRVcDVVVTFOU1VvREZoWldXeGRhVVZ4SVExWlhYQmRhVmxRV1dsVlFXbEpOUzB4Y1psQlhUMVphV0UxUVZsY1hVMG9HVUYwRUNBa0tBUThEQ0FNT0NRMElDaFZ1ZVZGTlRVbEtBdz09Il0sWy0xMCwiLSJdLFstNDgsIjAsMCJdLFstMjQsIltdIl0sWy0zNiwiW1wiNS80XCIsXCI1LzRcIl0iXSxbLTIzLCIrIl0sWy0yNywiLSJdLFstOSwiLSJdLFstMTQsIi0iXSxbLTU5LCItIl0sWy0zLCJbXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCJdIl0sWy02MiwiNTgiXSxbLTY0LCItIl0sWy01NiwibGFuZHNjYXBlLXByaW1hcnkiXSxbLTI2LCItIl0sWy0xNiwiMCJdLFstMTEsIntcInRcIjpcIlwiLFwibVwiOltcImRlc2NyaXB0aW9uXCJdfSJdLFstNywiLSJdLFstMjAsIi0iXSxbLTEyLCJcIjFcIiJdLFstNTIsIi0iXSxbLTI1LCItIl0sWy00NCwiMCw1LDAsNSJdLFstNjcsIi0iXSxbLTYzLCItIl0sWy0xMywiLSJdLFstMTUsIi0iXSxbLTMzLCItIl0sWy00OSwiLSJdLFstNTUsIjEiXSxbLTIyLCJbXCJuXCIsXCJuXCJdIl0sWy0xNywiNDgiXSxbLTEsIkxpbnV4IHg4Nl82NCJdLFstNDMsIjAwMDAwMDAxMDAwMDAwMDAwMDExMTAwMTAwMDAwMTAwMDAwMDAwIl0sWy02LCItIl0sWy00MiwiODgzMzk5MDE2Il0sWy00NiwiMCJdLFstNjEsIi0iXSxbLTMwLCJbXCJ2XCIsMF0iXSxbLTE5LCJbMCwwLDAsMCwwLDAsMSwyNCwyNCxcIi1cIiwxMjgwLDEwMjQsMTI4MCwxMDI0LDEyODAsMTAyNCwxMjgwLDEwMjQsMCwwLDAsMCxcIi1cIixcIi1cIiwxMjgwLDEwMjRdIl0sWy0zOSwiW1wiMjAxMDAxMDFcIiwyLFwiR2Vja29cIixcIk5ldHNjYXBlXCIsXCJNb3ppbGxhXCIsXCIyMDE4MTAwMTAwMDAwMFwiLG51bGwsZmFsc2UsbnVsbCxmYWxzZSxudWxsLDUsdHJ1ZSxmYWxzZSxudWxsLDAsZmFsc2UsZmFsc2VdIl0sWy00NywiLSJdLFstMjEsIi0iXSxbLTIsIi0iXSxbLTQsIi0iXSxbLTUsIi0iXSxbLTM3LCItIl0sWy00MSwiLSJdLFstNTEsIi0iXSxbLTUzLCIwMDEiXSxbLTU0LCJ7XCJoXCI6W1wiXzNcIixcIjQxOTYwNjI3MDJcIl0sXCJkXCI6W10sXCJiXCI6W1wiXzFcIixcIjE2MDE0Nzk2MTBcIl0sXCJzXCI6MX0iXSxbLTU4LCItIl0sWy0xOCwiWzEsMCwwLDBdIl0sWy00NSwiLSJdLFsiZGRiIiwiMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMTUsMCwwLDAsMCwzLDAsMSwwLDAsMCwxLDAsMywwLDAsMCwwLDAsMSwwLDAsMSwxLDAsMCwwLDIsMCwwLDAsMCwwLDAsMCwwLDAsMCJdLFsiY2IiLCIwLDAsMCwwLDAsMCwwLDAsMCwzLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwxLDAsMCwwLDAsMiwwLDEsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDMsMCJdXQ%3D%3D&dep=0&pre=0&sdd=%7B%7D&cri=JmYkDjYI0k&pto=1965&ver=59&gac=-&mei=&ap=&fe=1&duid=1.1715323293.R76sOLGiiBAnSY4E&suid=1.1715323293.ZOrlbpUK3CFuxGrd&tuid=1.1715323293.ETlh0rvvFY0RfNIv&fbc=-&gtm=W10%3D&it=16%2C1716%2C92&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0&ab=&sck=- IP 3.227.190.204:443 ASN #14618 AMAZON-AES Requested by https://promo.br.novibet.com/usp/?btag=2002393_3224128838&utm_source=2002393_&utm_medium=affiliate&utm_campaign=USP&click=wt3ns5inlv786e613kiquf5m Certificate IssuerZeroSSL Subject.cheqzone.com FingerprintD3:83:BA:40:14:C5:42:F9:2D:54:7F:0B:AF:C1:73:8C:B8:FB:7E:56 ValidityTue, 23 Apr 2024 00:00:00 GMT - Mon, 22 Jul 2024 23:59:59 GMT File type JavaScript source, ASCII text, with very long lines (3565), with no line terminators Size 1.2 kB (1168 bytes) Hash b9b3f50ae8a7675a8db1c838dc0f0b76 a459f9226cf0c90eda42ed19ce68645c1aad1497 c8a52f0e31dec2c22b1962406838ea83954378aa7c60d7cf5cbff368ba8e4587 HTTP Headers GET /ct?id=10386&url=https%3A%2F%2Fpromo.br.novibet.com%2Fusp%2F%3Fbtag%3D2002393_3224128838%26utm_source%3D2002393_%26utm_medium%3Daffiliate%26utm_campaign%3DUSP%26click%3Dwt3ns5inlv786e613kiquf5m%26cq_aff%3D2002393_&sf=0&tpi=&ch=cheq4ppc&uvid=&tsf=0&tsfmi=&tsfu=&cb=1715323293346&hl=2&op=0&ag=718972423&rand=232869759810112711715109162171620781021002158015291212261166750892965889080187378602&fs=1280x1024&fst=1280x1024&np=linux%20x86_64&nv=&ref=&ss=1280x1024&nc=0&at=&di=W1siZWYiLDI3MzNdLFsiYm5jaCIsMl0sWyJhYm5jaCIsM10sWy04LCItIl0sWy0zNSwiWzE3MTUzMjMyOTMyOTYsMF0iXSxbLTY1LCItIl0sWy0yOSwiLSJdLFstMzIsIi0iXSxbLTUwLCItIl0sWy02OCwiLSJdLFstNjAsIi0iXSxbLTI4LCJlbi1VUyxlbiJdLFstMzEsImZhbHNlIl0sWy0zOCwiYywtMSwtMSw0MzQsMCwxMiwwLDEsMjIyLDI0LC0xLDEsLDExMjgsMTkzMiwxOTMxIl0sWy00MCwiMzciXSxbLTY2LCItIl0sWy0zNCwiLSJdLFstNTcsIlRSZGNRVWxXUzAxS0ZnVjVVVTFOU1VvREZoWldXeGRhVVZ4SVExWlhYQmRhVmxRV1dsVlFXbEpOUzB4Y1psQlhUMVphV0UxUVZsY1hVMG9HVUYwRUNBa0tBUThEQ0FNT0NRc05EUlZLWEUxdFVGUmNWa3hOR1ZGWVYxMVZYRXNUVFJkY1FVbFdTMDFLRmdWNVVVMU5TVW9ERmhaV1d4ZGFVVnhJUTFaWFhCZGFWbFFXV2xWUVdsSk5TMHhjWmxCWFQxWmFXRTFRVmxjWFUwb0dVRjBFQ0FrS0FROERDQU1PQ1FnS0FSVk5GMXhCU1ZaTFRVcDVVVTFOU1VvREZoWldXeGRhVVZ4SVExWlhYQmRhVmxRV1dsVlFXbEpOUzB4Y1psQlhUMVphV0UxUVZsY1hVMG9HVUYwRUNBa0tBUThEQ0FNT0NRMElDaFZ1ZVZGTlRVbEtBdz09Il0sWy0xMCwiLSJdLFstNDgsIjAsMCJdLFstMjQsIltdIl0sWy0zNiwiW1wiNS80XCIsXCI1LzRcIl0iXSxbLTIzLCIrIl0sWy0yNywiLSJdLFstOSwiLSJdLFstMTQsIi0iXSxbLTU5LCItIl0sWy0zLCJbXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCJdIl0sWy02MiwiNTgiXSxbLTY0LCItIl0sWy01NiwibGFuZHNjYXBlLXByaW1hcnkiXSxbLTI2LCItIl0sWy0xNiwiMCJdLFstMTEsIntcInRcIjpcIlwiLFwibVwiOltcImRlc2NyaXB0aW9uXCJdfSJdLFstNywiLSJdLFstMjAsIi0iXSxbLTEyLCJcIjFcIiJdLFstNTIsIi0iXSxbLTI1LCItIl0sWy00NCwiMCw1LDAsNSJdLFstNjcsIi0iXSxbLTYzLCItIl0sWy0xMywiLSJdLFstMTUsIi0iXSxbLTMzLCItIl0sWy00OSwiLSJdLFstNTUsIjEiXSxbLTIyLCJbXCJuXCIsXCJuXCJdIl0sWy0xNywiNDgiXSxbLTEsIkxpbnV4IHg4Nl82NCJdLFstNDMsIjAwMDAwMDAxMDAwMDAwMDAwMDExMTAwMTAwMDAwMTAwMDAwMDAwIl0sWy02LCItIl0sWy00MiwiODgzMzk5MDE2Il0sWy00NiwiMCJdLFstNjEsIi0iXSxbLTMwLCJbXCJ2XCIsMF0iXSxbLTE5LCJbMCwwLDAsMCwwLDAsMSwyNCwyNCxcIi1cIiwxMjgwLDEwMjQsMTI4MCwxMDI0LDEyODAsMTAyNCwxMjgwLDEwMjQsMCwwLDAsMCxcIi1cIixcIi1cIiwxMjgwLDEwMjRdIl0sWy0zOSwiW1wiMjAxMDAxMDFcIiwyLFwiR2Vja29cIixcIk5ldHNjYXBlXCIsXCJNb3ppbGxhXCIsXCIyMDE4MTAwMTAwMDAwMFwiLG51bGwsZmFsc2UsbnVsbCxmYWxzZSxudWxsLDUsdHJ1ZSxmYWxzZSxudWxsLDAsZmFsc2UsZmFsc2VdIl0sWy00NywiLSJdLFstMjEsIi0iXSxbLTIsIi0iXSxbLTQsIi0iXSxbLTUsIi0iXSxbLTM3LCItIl0sWy00MSwiLSJdLFstNTEsIi0iXSxbLTUzLCIwMDEiXSxbLTU0LCJ7XCJoXCI6W1wiXzNcIixcIjQxOTYwNjI3MDJcIl0sXCJkXCI6W10sXCJiXCI6W1wiXzFcIixcIjE2MDE0Nzk2MTBcIl0sXCJzXCI6MX0iXSxbLTU4LCItIl0sWy0xOCwiWzEsMCwwLDBdIl0sWy00NSwiLSJdLFsiZGRiIiwiMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMTUsMCwwLDAsMCwzLDAsMSwwLDAsMCwxLDAsMywwLDAsMCwwLDAsMSwwLDAsMSwxLDAsMCwwLDIsMCwwLDAsMCwwLDAsMCwwLDAsMCJdLFsiY2IiLCIwLDAsMCwwLDAsMCwwLDAsMCwzLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwxLDAsMCwwLDAsMiwwLDEsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDMsMCJdXQ%3D%3D&dep=0&pre=0&sdd=%7B%7D&cri=JmYkDjYI0k&pto=1965&ver=59&gac=-&mei=&ap=&fe=1&duid=1.1715323293.R76sOLGiiBAnSY4E&suid=1.1715323293.ZOrlbpUK3CFuxGrd&tuid=1.1715323293.ETlh0rvvFY0RfNIv&fbc=-&gtm=W10%3D&it=16%2C1716%2C92&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0&ab=&sck=- HTTP/1.1 Host: obs.cheqzone.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://promo.br.novibet.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK cache-control: no-cache, no-store, must-revalidate content-encoding: gzip content-type: text/javascript date: Fri, 10 May 2024 06:41:33 GMT expires: Fri, 01 Jan 1990 00:00:00 GMT pragma: no-cache set-cookie: cg_uuid=7fa24dfe45e18762a2d60934d6581f38; Max-Age=29030400; Path=/; Expires=Fri, 11 Apr 2025 06:41:33 GMT; HttpOnly; Secure; SameSite=None content-length: 1168 X-Firefox-Spdy: h2`

	obs.cheqzone.com/tracker/tc_imp.gif?e=37dfbd8ee84e00126bebc437e945839e9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5f118e652117071a10acf9f29f674ed4d28b0378694efa7d22058f3cd96096066403239a51040b330157c7e8684777be26bb25cb43e29a3aee5b6fb2092f6410df57fe5aecd2948a7fe07f52a13ad2a24710d14e681f2d1586d31c64e56ac7e7d7e85d33e417caff29a029dc04c2548e1562e8270cff0a461d3cbc1c7dfd80a3f667ee7ded07dc12e3382831ec81683124735f9b659b810bb25174ea99a327447e70d58f7f21de810f1f2f4370530ca4dc7a672954f2f3487189f8f52f94f247604379b9aca2959c6bac989c06f95c8e007a268dab90aae974d283bf3489614ccfa7966a4144a22571fbcf497bab9bbb6b8054bb17e5891ac24fc9cc76c75736949b23d96798daebfb99aaa74445b570f3f9a97c5c36bcd36193bd41dc5303458a3207d08488dfcea38634cc21de95b69e7faa6b6d3bb979289b86924522dcb7449a33a392439d76a622575d05c027e806d0c9ba2ae2d33f934fb686d7c8708a0e4b29fc4d29507a4d2197fe31e4148f9dba64ebde63fad07489cca9ee7a8ca1ea532626dbbb0c1481f9495b42acacce19b62688b84ee5e232a039f1239f52c80695fd6a925865b1ec806c2d2d7c1179534e1db8b2d4399306f7051d5135eaea1e99c14f5dbae180e4ae66d0b3f6e094affe82171669a503ffe24b64915e7707c5350f0230af2ef1326096f9cb719772cb37c9f73ec7d30c997b0d293c06600e9dc2ecc7217d559b045893d3ddd6acd80740c7e4af7784ce6d7adfd3173f6bfa93d0553fd520831ce0669466c260aa967091be47f0879a91dd1e36fdea29629c77a18cb5a8149f6e3d151bfe17010ce3e33af4ef67bcdcd3bf1699959b214a721eea2fa117ab4bb386689331412243337e61943ed2d93317ff29b6cef5578fb134ca666fbd533c7a8de2ba6746fc33b1d702d0072d121eed7f7dfef084398f0e61c4e746f68682a19248db41477640b0652f539c900e54a62ea7a3903f85d2f01c1d21f728320200d30510bbdbfc12118c702e90c4d653c3d5a6dd0661e965f9156057cc4e2177c9c25b02d894f1dce2ae01b079b464d025c28f06d8ffa1684eaff41c9dcde5eb9aa4c4c76213d0a57018&cri=JmYkDjYI0k&ts=495&cb=1715323293841	3.227.190.204	200 OK	43 B
URL GET HTTP/2 obs.cheqzone.com/tracker/tc_imp.gif?e=37dfbd8ee84e00126bebc437e945839e9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5f118e652117071a10acf9f29f674ed4d28b0378694efa7d22058f3cd96096066403239a51040b330157c7e8684777be26bb25cb43e29a3aee5b6fb2092f6410df57fe5aecd2948a7fe07f52a13ad2a24710d14e681f2d1586d31c64e56ac7e7d7e85d33e417caff29a029dc04c2548e1562e8270cff0a461d3cbc1c7dfd80a3f667ee7ded07dc12e3382831ec81683124735f9b659b810bb25174ea99a327447e70d58f7f21de810f1f2f4370530ca4dc7a672954f2f3487189f8f52f94f247604379b9aca2959c6bac989c06f95c8e007a268dab90aae974d283bf3489614ccfa7966a4144a22571fbcf497bab9bbb6b8054bb17e5891ac24fc9cc76c75736949b23d96798daebfb99aaa74445b570f3f9a97c5c36bcd36193bd41dc5303458a3207d08488dfcea38634cc21de95b69e7faa6b6d3bb979289b86924522dcb7449a33a392439d76a622575d05c027e806d0c9ba2ae2d33f934fb686d7c8708a0e4b29fc4d29507a4d2197fe31e4148f9dba64ebde63fad07489cca9ee7a8ca1ea532626dbbb0c1481f9495b42acacce19b62688b84ee5e232a039f1239f52c80695fd6a925865b1ec806c2d2d7c1179534e1db8b2d4399306f7051d5135eaea1e99c14f5dbae180e4ae66d0b3f6e094affe82171669a503ffe24b64915e7707c5350f0230af2ef1326096f9cb719772cb37c9f73ec7d30c997b0d293c06600e9dc2ecc7217d559b045893d3ddd6acd80740c7e4af7784ce6d7adfd3173f6bfa93d0553fd520831ce0669466c260aa967091be47f0879a91dd1e36fdea29629c77a18cb5a8149f6e3d151bfe17010ce3e33af4ef67bcdcd3bf1699959b214a721eea2fa117ab4bb386689331412243337e61943ed2d93317ff29b6cef5578fb134ca666fbd533c7a8de2ba6746fc33b1d702d0072d121eed7f7dfef084398f0e61c4e746f68682a19248db41477640b0652f539c900e54a62ea7a3903f85d2f01c1d21f728320200d30510bbdbfc12118c702e90c4d653c3d5a6dd0661e965f9156057cc4e2177c9c25b02d894f1dce2ae01b079b464d025c28f06d8ffa1684eaff41c9dcde5eb9aa4c4c76213d0a57018&cri=JmYkDjYI0k&ts=495&cb=1715323293841 IP 3.227.190.204:443 ASN #14618 AMAZON-AES Requested by https://promo.br.novibet.com/usp/?btag=2002393_3224128838&utm_source=2002393_&utm_medium=affiliate&utm_campaign=USP&click=wt3ns5inlv786e613kiquf5m Certificate IssuerZeroSSL Subject.cheqzone.com FingerprintD3:83:BA:40:14:C5:42:F9:2D:54:7F:0B:AF:C1:73:8C:B8:FB:7E:56 ValidityTue, 23 Apr 2024 00:00:00 GMT - Mon, 22 Jul 2024 23:59:59 GMT File type GIF image data, version 89a, 1 x 1 Size 43 B (43 bytes) Hash db04c7b378cb2db912c3ba8a5a774ee3 dee34bd86c3484d31002182aa2b7caa4699126b8 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a HTTP Headers GET /tracker/tc_imp.gif?e=37dfbd8ee84e00126bebc437e945839e9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5f118e652117071a10acf9f29f674ed4d28b0378694efa7d22058f3cd96096066403239a51040b330157c7e8684777be26bb25cb43e29a3aee5b6fb2092f6410df57fe5aecd2948a7fe07f52a13ad2a24710d14e681f2d1586d31c64e56ac7e7d7e85d33e417caff29a029dc04c2548e1562e8270cff0a461d3cbc1c7dfd80a3f667ee7ded07dc12e3382831ec81683124735f9b659b810bb25174ea99a327447e70d58f7f21de810f1f2f4370530ca4dc7a672954f2f3487189f8f52f94f247604379b9aca2959c6bac989c06f95c8e007a268dab90aae974d283bf3489614ccfa7966a4144a22571fbcf497bab9bbb6b8054bb17e5891ac24fc9cc76c75736949b23d96798daebfb99aaa74445b570f3f9a97c5c36bcd36193bd41dc5303458a3207d08488dfcea38634cc21de95b69e7faa6b6d3bb979289b86924522dcb7449a33a392439d76a622575d05c027e806d0c9ba2ae2d33f934fb686d7c8708a0e4b29fc4d29507a4d2197fe31e4148f9dba64ebde63fad07489cca9ee7a8ca1ea532626dbbb0c1481f9495b42acacce19b62688b84ee5e232a039f1239f52c80695fd6a925865b1ec806c2d2d7c1179534e1db8b2d4399306f7051d5135eaea1e99c14f5dbae180e4ae66d0b3f6e094affe82171669a503ffe24b64915e7707c5350f0230af2ef1326096f9cb719772cb37c9f73ec7d30c997b0d293c06600e9dc2ecc7217d559b045893d3ddd6acd80740c7e4af7784ce6d7adfd3173f6bfa93d0553fd520831ce0669466c260aa967091be47f0879a91dd1e36fdea29629c77a18cb5a8149f6e3d151bfe17010ce3e33af4ef67bcdcd3bf1699959b214a721eea2fa117ab4bb386689331412243337e61943ed2d93317ff29b6cef5578fb134ca666fbd533c7a8de2ba6746fc33b1d702d0072d121eed7f7dfef084398f0e61c4e746f68682a19248db41477640b0652f539c900e54a62ea7a3903f85d2f01c1d21f728320200d30510bbdbfc12118c702e90c4d653c3d5a6dd0661e965f9156057cc4e2177c9c25b02d894f1dce2ae01b079b464d025c28f06d8ffa1684eaff41c9dcde5eb9aa4c4c76213d0a57018&cri=JmYkDjYI0k&ts=495&cb=1715323293841 HTTP/1.1 Host: obs.cheqzone.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://promo.br.novibet.com/ Cookie: cg_uuid=7fa24dfe45e18762a2d60934d6581f38 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK cache-control: no-cache, no-store, must-revalidate content-type: image/gif date: Fri, 10 May 2024 06:41:33 GMT expires: Fri, 01 Jan 1990 00:00:00 GMT pragma: no-cache content-length: 43 X-Firefox-Spdy: h2`

	normandy.cdn.mozilla.net/api/v1/	35.201.103.21		598 B
URL normandy.cdn.mozilla.net/api/v1/ IP 35.201.103.21:0 ASN #396982 GOOGLE-CLOUD-PLATFORM File type JSON text data Size 598 B (598 bytes) Hash 3076f9a5cb273105528b893ff7111e41 b8990c145fe71b9a2410eea41a60a712b43b82bf 69c578fb0c03a28141a975833f660f4571e7991dc28ae7f9cead37672ee2c9b3 HTTP Headers `GET /api/v1/ HTTP/1.1 Host: normandy.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK server: nginx content-length: 598 allow: GET, HEAD, OPTIONS content-security-policy: base-uri 'none'; form-action 'self'; block-all-mixed-content; worker-src 'none'; frame-src 'none'; default-src 'self' https://normandy.cdn.mozilla.net/; object-src 'none'; report-uri /__cspreport__ x-frame-options: DENY x-content-type-options: nosniff x-xss-protection: 1; mode=block strict-transport-security: max-age=31536000 via: 1.1 google date: Thu, 09 May 2024 23:46:24 GMT cache-control: public, max-age=86400 content-type: application/json vary: Accept, Origin age: 24922 alt-svc: clear X-Firefox-Spdy: h2

	classify-client.services.mozilla.com/api/v1/classify_client/	34.98.75.36		64 B
URL classify-client.services.mozilla.com/api/v1/classify_client/ IP 34.98.75.36:0 ASN #396982 GOOGLE-CLOUD-PLATFORM File type JSON text data Size 64 B (64 bytes) Hash 94c6b301384b58b0902fe6a0ca42e621 07778f7953e232794dcdfa16a42e0af65ce44db5 cafff4d1e5c725f922aef24efd959ca01c36da4f2940814b9ec1368acd6ab8bf HTTP Headers `GET /api/v1/classify_client/ HTTP/1.1 Host: classify-client.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 06:41:46 GMT content-type: application/json content-length: 64 cache-control: max-age=0, no-cache, no-store, must-revalidate strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2`

	aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml	35.244.181.201		444 B
URL aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml IP 35.244.181.201:0 ASN #396982 GOOGLE-CLOUD-PLATFORM File type XML 1.0 document, ASCII text, with very long lines (332) Size 444 B (444 bytes) Hash 3b324dec137a87ef7e24a30a65b13dd0 c0faa95b2f1018e264b3a14aaf50d1003e6c27b3 6cd0b591d9239fc8564627e92a804fc261951b1cbaf5fa58a8ada3cc13f51463 HTTP Headers `GET /update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1 Host: aus5.mozilla.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Cache-Control: no-cache Pragma: no-cache Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK server: nginx rule-id: unknown rule-data-version: unknown content-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/aus.content-signature.mozilla.org-2024-06-09-11-51-10.chain; p384ecdsa=uRiChA79nFQMTu8olHBSpGihbnUSOmHE_k-gbXRSSqIqYiX0f4hN7Kiac5t1ZGJmLLfTcUCVrM_NVIRQ-2PaAsGdrPjZmHXl-bfoKa2UTdsu8CPL-QcvR-DBNtv6ccm5 strict-transport-security: max-age=31536000; x-content-type-options: nosniff content-security-policy: default-src 'none'; frame-ancestors 'none' x-proxy-cache-status: EXPIRED content-encoding: gzip via: 1.1 google date: Fri, 10 May 2024 06:40:03 GMT content-type: text/xml; charset=utf-8 vary: Accept-Encoding content-length: 444 age: 107 cache-control: public,max-age=90 alt-svc: clear X-Firefox-Spdy: h2

	promo.br.novibet.com/usp/css/main.css	161.97.158.175	200 OK	11 kB
URL GET HTTP/2 promo.br.novibet.com/usp/css/main.css IP 161.97.158.175:443 ASN #51167 Contabo GmbH Requested by https://promo.br.novibet.com/usp/?btag=2002393_3224128838&utm_source=2002393_&utm_medium=affiliate&utm_campaign=USP&click=wt3ns5inlv786e613kiquf5m Certificate IssuerLet's Encrypt Subjectpromo.br.novibet.com FingerprintEA:11:13:51:C7:5D:3F:54:C5:B8:5A:69:A8:C6:C1:05:FA:8D:13:52 ValiditySun, 17 Mar 2024 22:46:09 GMT - Sat, 15 Jun 2024 22:46:08 GMT File type ASCII text, with CRLF line terminators Size 11 kB (10920 bytes) Hash d3dcc1882e580eb50b917cc981495509 6d1986928d0bcd8d382a240e9d3dfad1dc9ee3bc e55f2d55d54e4fa6559e94ac3df9224151fad18545e3e71a4dd5555489bb2dc0 HTTP Headers GET /usp/css/main.css HTTP/1.1 Host: promo.br.novibet.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://promo.br.novibet.com/usp/?btag=2002393_3224128838&utm_source=2002393_&utm_medium=affiliate&utm_campaign=USP&click=wt3ns5inlv786e613kiquf5m Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK server: nginx/1.18.0 (Ubuntu) date: Fri, 10 May 2024 06:41:32 GMT content-type: text/css last-modified: Tue, 25 Apr 2023 14:22:03 GMT vary: Accept-Encoding etag: W/"6447e20b-2aa8" content-encoding: gzip X-Firefox-Spdy: h2`

	promo.br.novibet.com/usp/assets/novibet_logo.png	161.97.158.175	200 OK	8.2 kB
URL GET HTTP/2 promo.br.novibet.com/usp/assets/novibet_logo.png IP 161.97.158.175:443 ASN #51167 Contabo GmbH Requested by https://promo.br.novibet.com/usp/?btag=2002393_3224128838&utm_source=2002393_&utm_medium=affiliate&utm_campaign=USP&click=wt3ns5inlv786e613kiquf5m Certificate IssuerLet's Encrypt Subjectpromo.br.novibet.com FingerprintEA:11:13:51:C7:5D:3F:54:C5:B8:5A:69:A8:C6:C1:05:FA:8D:13:52 ValiditySun, 17 Mar 2024 22:46:09 GMT - Sat, 15 Jun 2024 22:46:08 GMT File type PNG image data, 270 x 65, 8-bit/color RGBA, non-interlaced Size 8.2 kB (8205 bytes) Hash 0a8d431adb732b17043b80348d1e20aa 83818a3ae433548c8bd4418037a334ea6342cd56 54c8bc7e85b24b939987b74ee5ee46176a29b3ccd44eba6d1ac37bf8e1d1cffa HTTP Headers `GET /usp/assets/novibet_logo.png HTTP/1.1 Host: promo.br.novibet.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://promo.br.novibet.com/usp/css/main.css Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: nginx/1.18.0 (Ubuntu) date: Fri, 10 May 2024 06:41:32 GMT content-type: image/png content-length: 8205 last-modified: Tue, 25 Apr 2023 14:22:02 GMT etag: "6447e20a-200d" accept-ranges: bytes X-Firefox-Spdy: h2`

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (12)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

Observations