firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 22 Sep 2022 03:13:54 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: mfMg7fCjN5j4Y1CkX18J31V7V7Ngt5mqGufAOImmhXklPuSoRHGO1Q==
Age: 3438
supertotobet1108.com/
172.67.140.130301 Moved Permanently 17 kB IP 172.67.140.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (11591)
Hash 3c4506f721ce334e1c90b68c805ef704
43a1a713fd4672b562c2de99d57cd6738c830abb
d63da33326ce3ffb84ff72e643420c0c55d54ef2edf265ca9d726415b40bba9a
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: supertotobet1108.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 22 Sep 2022 04:11:12 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.1.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=9b5e2b20dc6f9dae0b339aa1908558d6; path=/
language=tr_TR; path=/
Location: https://supertotobet1108.com/
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qYo0AQnK2iFxuOVaR8%2BvSsJWEUBrOmFrnaGOBaKsTLlKEKiPod4ahCngx4zJHNbIGk9ySABynrIgegH3hgAdkbk5STuSkSOpYuf9rR44VZ0l08gJZ0TUO%2F8Qv7wSf1k%2B0Y5nBHX1Ng%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74e831fc6fbf0b65-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a26d0784548ecab22f417f3d689daf23
8893b79366bbadeb5c8d587b8f023e310694df1c
35baaae7b3ce3110ebb2b075881cfab55ecf3eab57d834283fd18ac691b41fa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3374
Expires: Thu, 22 Sep 2022 05:07:26 GMT
Date: Thu, 22 Sep 2022 04:11:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash afb65a07bf7214addf83d17a53acba32
a8e973204431320aa7b362a4e73944520c4b51b9
46e1a9e6c98245afb7fa84bc6d9ba6844105024e2d3f56e28748e6c321475d02
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "46E1A9E6C98245AFB7FA84BC6D9BA6844105024E2D3F56E28748E6C321475D02"
Last-Modified: Wed, 21 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10158
Expires: Thu, 22 Sep 2022 07:00:30 GMT
Date: Thu, 22 Sep 2022 04:11:12 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: UPXN9JSOcULm/EXgnQgQEQEhMGhH+PoqpVAp941b257n+cM7ntA4vSwiw59p8Oz3N42irzAOhHw=
x-amz-request-id: J4Y2YE23HA9R5JCR
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 22 Sep 2022 03:43:36 GMT
age: 1656
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 04:11:13 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a305e5a17ada81d91cb8fcb94c63ae7b
a47f80a85baddd1378bd6a27422cc61d699b51a7
4f90adffe9b3882f52ba62c38018429c4967eca893489d913bd0a810e324532c
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "4F90ADFFE9B3882F52BA62C38018429C4967ECA893489D913BD0A810E324532C"
Last-Modified: Mon, 19 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 22 Sep 2022 10:11:13 GMT
Date: Thu, 22 Sep 2022 04:11:13 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a305e5a17ada81d91cb8fcb94c63ae7b
a47f80a85baddd1378bd6a27422cc61d699b51a7
4f90adffe9b3882f52ba62c38018429c4967eca893489d913bd0a810e324532c
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "4F90ADFFE9B3882F52BA62C38018429C4967ECA893489D913BD0A810E324532C"
Last-Modified: Mon, 19 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 22 Sep 2022 10:11:13 GMT
Date: Thu, 22 Sep 2022 04:11:13 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Thu, 22 Sep 2022 04:03:23 GMT
Cache-Control: max-age=3600
Expires: Thu, 22 Sep 2022 04:54:52 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: EtZ7fqsI6vlewxv1i0rhQ-BMquIU9VhngkZkUy2V2jC1XQTDOquGYw==
Age: 471
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash c80b0e8924db43f156dd5e71d9ed53a2
04a33b70cac5bfb70ed0ce4f986a81c681c49a0e
d2c86370868301dd121403d22351b03197be559d4f136ebf0c6c5b017d7bf045
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 22 Sep 2022 04:11:13 GMT
Last-Modified: Thu, 22 Sep 2022 03:22:10 GMT
Server: ECS (bsa/EB23)
X-Cache: Miss from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Kbm7kgIU8qvtSEs8ZwinEr0gsv050nrAymPpSMZupmfU0gF3EI7QCQ==
Age: 2943
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ff6d50919e56aed75c47feb45ee2f2ec
98f558a4b2d4f3c271abc93d0b74ece4ad7a59ef
b1b6f0e78b5a1e2092cba6d71d0d5a918066c0486176cef0a19f51e2d5a9962e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 808
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 04:11:13 GMT
Last-Modified: Thu, 22 Sep 2022 03:57:45 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 4190439bbfa66eb7c792429dfb2d2966
e53a331d55a97d1f5ca4122ad0f4e43354fac35c
5087097f9723d5944c4f7436760fa255b905defa309635210be8902ea590a02b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 22 Sep 2022 04:11:13 GMT
Last-Modified: Thu, 22 Sep 2022 03:23:13 GMT
Server: ECS (bsa/EB1B)
X-Cache: Miss from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ElnpERiYZrEXNG8vXlX4tlqPfpm_Dq3Ev0OTEl9zWXX9K-jX3GzAoA==
Age: 2880
assetscdn.pushengage.com/site_images/062961530110739.png
143.204.55.18200 OK 3.9 kB URL HTTP/2 assetscdn.pushengage.com/site_images/062961530110739.png
IP 143.204.55.18:0
File type PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Hash 1ec2fd4b8a45c2708df780ade5863941
3bb21b2f2b66e9219c723276ebd839725beb27a3
5af66177f5389ef9bdf72c3dea841f8b614ff008ce0a492e22c1ebb3f6e3fbca
GET /site_images/062961530110739.png HTTP/1.1
Host: assetscdn.pushengage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://supertotobet1108.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 3875
date: Tue, 23 Aug 2022 07:58:31 GMT
last-modified: Wed, 09 Jan 2019 12:50:58 GMT
etag: "1ec2fd4b8a45c2708df780ade5863941"
cache-control: max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: bpx6frZl0pVEFDuRvivsBz-4DhxSq1sbU60uQoRtlHpOzshwY8eMFA==
age: 2578363
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.89.15.44101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.89.15.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 8Ne5DLv+pWFWzFOmaptDVA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: fdsleDIclaH/m22Wo0caerzvC68=
ocsp2.globalsign.com/gsalphasha2g2
151.101.86.133200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 151.101.86.133:0
Hash 08a168ed9d2bdd58e487791dd2dac31c
8e1fad8d2005fc69d23dde46ab3d4fda9ecc2fdb
631c9c5436378efe895c9dc45695e00a035202b05d5eefcdc1fe4e0ed1225fc5
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Expires: Mon, 26 Sep 2022 03:23:16 GMT
ETag: "8e1fad8d2005fc69d23dde46ab3d4fda9ecc2fdb"
Last-Modified: Thu, 22 Sep 2022 03:23:17 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Content-Length: 1423
Accept-Ranges: bytes
Date: Thu, 22 Sep 2022 04:11:13 GMT
Age: 2876
Connection: keep-alive
X-Served-By: cache-qpg1231-QPG, cache-bma1640-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
X-Timer: S1663819874.991391,VS0,VE1
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash c7df070dbec6b87abe84df420ea5d46b
5699e70672d6ec3b0858c06192abd1efbf2b3c20
294e5ee3cc39ac21f4affad4da8cf26fdee60bd08a3e546f5cf263e692a4cf4c
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 22 Sep 2022 04:11:13 GMT
Last-Modified: Thu, 22 Sep 2022 03:34:57 GMT
Server: ECS (dcb/7F81)
X-Cache: Miss from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: rMEQOGJ6eIx3a7wrPGn6WCefUYTI6m-mSyO3QnYGxzbyVFoG4792ag==
Age: 2177
data.gosquared.com/pv?cs=UTF-8&cd=24&la=en-US&sw=1280&sh=1024&dp=1&pu=https%3A%2F%2Fsupertotobet1108.com%2F&pt=Supertotobet%20%7C%20Bahis%20%7C%20Casino%20%7C%20En%20y%C3%BCksek%20Oranlar%20Hemen%20Oyna&ri=0&ru=-&re=0&vi=1&pv=1&lv=0&vw=1280&vh=939&dw=1280&dh=939&st=0&sl=0&tz=0&rc=1&cb=0&a=GSN-349119-C&id=75177200651bf645a5cfad8464593c66&tv=6.6.1933
52.202.192.125200 OK 8 B URL HTTP/2 data.gosquared.com/pv?cs=UTF-8&cd=24&la=en-US&sw=1280&sh=1024&dp=1&pu=https%3A%2F%2Fsupertotobet1108.com%2F&pt=Supertotobet%20%7C%20Bahis%20%7C%20Casino%20%7C%20En%20y%C3%BCksek%20Oranlar%20Hemen%20Oyna&ri=0&ru=-&re=0&vi=1&pv=1&lv=0&vw=1280&vh=939&dw=1280&dh=939&st=0&sl=0&tz=0&rc=1&cb=0&a=GSN-349119-C&id=75177200651bf645a5cfad8464593c66&tv=6.6.1933
IP 52.202.192.125:0
File type ASCII text, with no line terminators
Hash cd5232368803911b6d37f64740cfc3c9
2ff4de186edf36fb486fe0ac7e2100bde897e552
c24a65ac901ef285ee99d016d2eaebcdbadf171639d8857dd7ff6a9458ab2b6c
GET /pv?cs=UTF-8&cd=24&la=en-US&sw=1280&sh=1024&dp=1&pu=https%3A%2F%2Fsupertotobet1108.com%2F&pt=Supertotobet%20%7C%20Bahis%20%7C%20Casino%20%7C%20En%20y%C3%BCksek%20Oranlar%20Hemen%20Oyna&ri=0&ru=-&re=0&vi=1&pv=1&lv=0&vw=1280&vh=939&dw=1280&dh=939&st=0&sl=0&tz=0&rc=1&cb=0&a=GSN-349119-C&id=75177200651bf645a5cfad8464593c66&tv=6.6.1933 HTTP/1.1
Host: data.gosquared.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://supertotobet1108.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:11:14 GMT
content-type: text/javascript
content-length: 8
X-Firefox-Spdy: h2
clientcdn.pushengage.com/core/fa674392f26c9f7d389572112abc0d6c.js
54.230.111.47200 OK 44 kB URL HTTP/2 clientcdn.pushengage.com/core/fa674392f26c9f7d389572112abc0d6c.js
IP 54.230.111.47:0
Hash cd70dca4cde415686c4ac9cce9001149
5452ebfcbb2384149ee52ccf2e08e7bb81d4f7fd
e4c8664bb1d3f40ccb7d11c617ba597641357e31ce495adb68dc386440cf8723
GET /core/fa674392f26c9f7d389572112abc0d6c.js HTTP/1.1
Host: clientcdn.pushengage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://supertotobet1108.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Thu, 22 Sep 2022 04:09:51 GMT
server: nginx
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=120
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: JE9cxBHwyBJbgc4l8YCmeNJTatqjqZWW47Nf3FzD1YIiSj2qDIgWzA==
age: 82
X-Firefox-Spdy: h2
supertoto.pushengage.com/dialog.css
3.225.254.8200 OK 24 kB URL HTTP/2 supertoto.pushengage.com/dialog.css
IP 3.225.254.8:0
Hash f0992a2d3fcf3a12eaa92cb2545f91ef
0593d37bfb1e22daf137a671857e8318ac6496a7
f8310c3ade45ef93607497ad62229c9fc746491d462912c064d8f8e20210b68f
GET /dialog.css HTTP/1.1
Host: supertoto.pushengage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://supertotobet1108.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:11:14 GMT
content-type: text/css;charset=UTF-8
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash b38fda8506c0fd0358b88c3baecaf2fb
1ec4ce7066f337a5f05c6efb5e5214c3e6ee45a5
173ab8ad2586abce9a45d23fb54dce9bcb2f79806d605883c185e8370e4f06cf
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 04:11:14 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 08:08:10 GMT
Expires: Wed, 28 Sep 2022 08:08:09 GMT
Etag: "1ec4ce7066f337a5f05c6efb5e5214c3e6ee45a5"
Cache-Control: max-age=532014,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74e83206adf5b500-OSL
verification.curacao-egaming.com/validate.ashx?domain=supertotobet.com
157.245.28.47200 OK 61 kB URL HTTP/1.1 verification.curacao-egaming.com/validate.ashx?domain=supertotobet.com
IP 157.245.28.47:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 200 x 222, 8-bit/color RGBA, non-interlaced\012- data
Hash f1e3088eb9c491e2a0ddea2892914db2
1b17563feaebea453d9254e5200a76a364ddb807
8aea38597b7fe88839f033534c72c031acb8d1b61de9363f039350d97608de42
GET /validate.ashx?domain=supertotobet.com HTTP/1.1
Host: verification.curacao-egaming.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://supertotobet1108.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: public, no-cache="Set-Cookie", max-age=120
Transfer-Encoding: chunked
Content-Type: image/png
Expires: Thu, 22 Sep 2022 04:13:14 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
Set-Cookie: ReqId=377fda6e-2063-4c96-93b6-b91ca4457db9; path=/
X-Powered-By: ASP.NET
Date: Thu, 22 Sep 2022 04:11:14 GMT
static-cdn.betsolutions.com/casino/GameStarter/Staging/gameStarter.min.js
152.199.21.175200 OK 4.9 kB URL HTTP/2 static-cdn.betsolutions.com/casino/GameStarter/Staging/gameStarter.min.js
IP 152.199.21.175:0
File type ASCII text, with very long lines (4894), with no line terminators
Hash d7317afb1ccffd4090d61b82b6ef1f43
53ecb82cdc2f3d0d888cee13e76d470aa3c67db2
20a506f7d42c30929e9d62f44819809d668e4c7862eb2994687599da6b9af759
GET /casino/GameStarter/Staging/gameStarter.min.js HTTP/1.1
Host: static-cdn.betsolutions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://supertotobet1108.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,x-ms-version
age: 569245
content-md5: 1zF6+xzP/UCQ1huCtu8fQw==
content-type: application/x-javascript
date: Thu, 22 Sep 2022 04:11:14 GMT
etag: 0x8D7B1EB0CADE934
last-modified: Sat, 15 Feb 2020 07:45:38 GMT
server: ECAcc (ska/F746)
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 97251439-201e-0112-3c0b-c9c9a6000000
x-ms-version: 2009-09-19
content-length: 4894
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 1.3 kB IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 00955679804259cd237897fce3092096
0b38c5237c5b6b7dc26b55e5784a1bcd6f8ef45a
81ac93e7f4ad7a551f6e4c1a79d1a4d82df5782dfbb435d591b078ec4202380d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6633
Expires: Thu, 22 Sep 2022 06:01:48 GMT
Date: Thu, 22 Sep 2022 04:11:15 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2f739db-1c27-4929-8aff-997c0f66b2ed.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2f739db-1c27-4929-8aff-997c0f66b2ed.jpeg
IP 34.120.237.76:0
Hash 464875b364c8009b63c1d3db5e6ffc21
2e8530f5b48248d5e54d08fd82a2d2cc49de99e4
c45fa3fe082fbae18e3bce20a0a9054a17bec08b6ba4c29eec8cb46aa9b5fc8a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2f739db-1c27-4929-8aff-997c0f66b2ed.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5650
x-amzn-requestid: 6badb939-afe6-4432-a0ad-3a2b7f85a7e0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1G-rFbuIAMFTeA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b852a-3e9ac3331503b41d5e734a01;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:42:02 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: PeFdtN-ow0NE39XAV9pCHX9VSno5L9z56rg-T6Bd1fks7f1ESDDzWA==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:48:27 GMT
etag: "f95b843029e84dbb188427a8c2ff8c9f32740465"
content-type: image/jpeg
age: 22968
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F17a25218-4228-4cd1-8d35-a4a3f83296c8.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F17a25218-4228-4cd1-8d35-a4a3f83296c8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 233816c447da50c62180800f65f5fe2f
78db85f54d3e4030f620f259f173ddb1438948fa
94cbbb0fe3d4edab6d96af2f4857eb1ad018a0e8c21fd8bbeacc4a383e99d859
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F17a25218-4228-4cd1-8d35-a4a3f83296c8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8449
x-amzn-requestid: 5b83b63b-07cc-459d-a31e-25dce2e250ec
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YzG34H01oAMF73g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632ab832-03dc7ef72e1ef72f371716a9;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 07:07:30 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: I_Ohu8tmnISFj4rsHgGXPk_dw1nkeHsmP0hPMxeDlD3kFuVGCoE1qA==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 07:37:07 GMT
age: 74048
etag: "78db85f54d3e4030f620f259f173ddb1438948fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60ffb31d-d07d-4e81-9477-522f011ae13e.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60ffb31d-d07d-4e81-9477-522f011ae13e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a504981ee10d8341b64f19001464ae8a
56f228d7358ba9deef000f53214dc7c1dc358109
0ea3b6ed12f3adf9d56e7d9b61f284d28107d99f28ee4e66b4c078a9a1a0cbee
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60ffb31d-d07d-4e81-9477-522f011ae13e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8861
x-amzn-requestid: 873e88ab-7afc-4b14-b428-d90ec2079741
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YO2wuE0AoAMF7Gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631c3804-0d25ab397a16c78907914e23;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 07:08:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: E3CxTY9UbUKfKS16_Os-lp6w8b_bIIbWqcIzaGOOc0iwrSOzj6NNqQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 03:25:37 GMT
age: 2738
etag: "56f228d7358ba9deef000f53214dc7c1dc358109"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b308c1c-61ac-4185-bb59-ab0cf1f2b8fc.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b308c1c-61ac-4185-bb59-ab0cf1f2b8fc.jpeg
IP 34.120.237.76:0
Hash 33f40eab0c5a9ad8943bb7f7440dffcd
613b5dd07064211ab496a08ba00ec061d109ca60
7df860f3e23f294e609c6719166bfb88d0eee0bcbe5c76163fae9c5b647292c5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b308c1c-61ac-4185-bb59-ab0cf1f2b8fc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9233
x-amzn-requestid: f90a9ed8-b4e7-4786-887a-90f24cc4f432
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1HZSG1IoAMFwxw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b85d4-7a75336f316aa6450e3369b4;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:44:52 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: PEhEMNxyamS4_x8DPhIeX2bEkaVWzS4foO7vPQX8KgWpm1KjsSvRxQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 22:21:48 GMT
age: 20967
etag: "134720f07ffdbef5ff551bdb3c3743c806d1512d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F25c92e76-c63f-4c49-a4f1-56d030e97e10.jpeg
34.120.237.76200 OK 3.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F25c92e76-c63f-4c49-a4f1-56d030e97e10.jpeg
IP 34.120.237.76:0
Hash 477dddd26eadd19629fc2fe8ad3baa59
734f6033d5e6334e2de07556835234e7026e1150
2bab95800426f55ef84860e45ac3ab268dc97a9866205300051519a1bd84ef1f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F25c92e76-c63f-4c49-a4f1-56d030e97e10.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3372
x-amzn-requestid: 10d24c22-0b3d-402b-9a10-6cbfc9a699a3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YzG5QHJRoAMFaPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632ab83b-37ba740c7eba56b30e2ea528;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 07:07:39 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: VM9vtBQFJEEX58Q_SYVC7L18jDp-kxDCIk1QMjyaaLc6DNUSJ9uivg==
via: 1.1 de8fc80b494d3d381f7e006918dcc588.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 07:08:36 GMT
age: 75759
etag: "6ce495268093b256875ec1c4d6a05fc1f3d25446"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dee9427-1c1b-4ddc-9f89-8c6e254bd0f1.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dee9427-1c1b-4ddc-9f89-8c6e254bd0f1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 62818de3c50f957b2e5680851a1768c9
80e48c9ae48c89598780736b089c98e22d58df9a
16f2c2d23e8641a3f297a175730343d11120a228c0fe846c0fdf1e39212c522c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dee9427-1c1b-4ddc-9f89-8c6e254bd0f1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8549
x-amzn-requestid: 6d44626b-16c6-4f19-ae52-d5350065b390
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1GwPHJJoAMFdfA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b84ce-46ebc35612eb7a4473b36189;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:40:30 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: UoQTXSP0LgR4LwELp2Avm27hUekfO9TU9yfvNbIlmUtB-FrU9MGRbg==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:48:19 GMT
age: 22976
etag: "80e48c9ae48c89598780736b089c98e22d58df9a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7f45d33b7afb5710e04a6d9e6e6b806c
101a42c935d01c004ba2789e72a6d56acffde00f
61e0262864bfc8d1b93d7c06b62595029c77463b9650dbe215997377e4f68c3c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "61E0262864BFC8D1B93D7C06B62595029C77463B9650DBE215997377E4F68C3C"
Last-Modified: Thu, 22 Sep 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13912
Expires: Thu, 22 Sep 2022 08:03:07 GMT
Date: Thu, 22 Sep 2022 04:11:15 GMT
Connection: keep-alive
client.xox.chat/lib/client.xox.chat.iframe.bundle.js?_t=1663819874524
116.203.123.171200 OK 21 kB URL HTTP/1.1 client.xox.chat/lib/client.xox.chat.iframe.bundle.js?_t=1663819874524
IP 116.203.123.171:0
ASN #24940 Hetzner Online GmbH
File type HTML document, ASCII text, with very long lines (20742), with no line terminators
Hash 54934056d8c618c657849275d52ea71d
b6c40c8eed5d6c10c7dcb74aafdd6ea8d1aed6d1
60c2bddf3623ec638c5665a9cab4abc5f4e6633b152dd7b7db58bd2ff7f00d73
GET /lib/client.xox.chat.iframe.bundle.js?_t=1663819874524 HTTP/1.1
Host: client.xox.chat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://supertotobet1108.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 22 Sep 2022 04:11:15 GMT
Content-Type: application/javascript
Content-Length: 20742
Last-Modified: Fri, 25 Feb 2022 16:33:47 GMT
Connection: keep-alive
ETag: "621904eb-5106"
Accept-Ranges: bytes
client.xox.chat/?_t=1663819875223
116.203.123.171200 OK 1.6 kB URL HTTP/1.1 client.xox.chat/?_t=1663819875223
IP 116.203.123.171:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3305), with no line terminators
Hash 2c6c24a0740394e33ca8dd0509d3d2b3
64e2c9e3ceb47828e2744189677a9011fafac1ae
292a24c73fe53d809832be47d5f6b4e4024b631e5c117c4df52ddcf9c7065199
GET /?_t=1663819875223 HTTP/1.1
Host: client.xox.chat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://supertotobet1108.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 22 Sep 2022 04:11:15 GMT
Content-Type: text/html
Last-Modified: Fri, 25 Feb 2022 16:33:47 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"621904eb-ce9"
Expires: Thu, 22 Sep 2022 04:11:20 GMT
Cache-Control: max-age=5, no-store, no-cache, must-revalidate
Content-Encoding: gzip
client.xox.chat/static/css/2.f3cc569f.chunk.css
116.203.123.171200 OK 546 kB URL HTTP/1.1 client.xox.chat/static/css/2.f3cc569f.chunk.css
IP 116.203.123.171:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (65434)
Size 546 kB (546502 bytes)
Hash fe15d26b0b78d181e21975a05113ef7a
d4d879c40fbe00e9d16a556828dde8c8cce1cad8
fdffdb4536537cc5e0067d9f2775bc540ec2339ae11f27edd6bcfc8eebd3fafc
GET /static/css/2.f3cc569f.chunk.css HTTP/1.1
Host: client.xox.chat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://client.xox.chat/?_t=1663819875223
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 22 Sep 2022 04:11:15 GMT
Content-Type: text/css
Content-Length: 546502
Last-Modified: Fri, 25 Feb 2022 16:33:47 GMT
Connection: keep-alive
ETag: "621904eb-856c6"
Accept-Ranges: bytes
supertotobet-cdn2.x1zxy.com/resources/media/games/pragmatic_play/16243585074871_Sweet_Bonanza_Xmas.png
172.67.212.40200 OK 151 kB URL HTTP/2 supertotobet-cdn2.x1zxy.com/resources/media/games/pragmatic_play/16243585074871_Sweet_Bonanza_Xmas.png
IP 172.67.212.40:0
File type PNG image data, 325 x 234, 8-bit/color RGB, non-interlaced\012- data
Size 151 kB (151253 bytes)
Hash aa87ace402418d65f1acd53bc13aa102
3b68f70e90dbd2a873f14e194104a0629dea9456
056703bd5788e1b0186c1de4dc489adb428d85e21faec29220cd1eaa0e8415c5
GET /resources/media/games/pragmatic_play/16243585074871_Sweet_Bonanza_Xmas.png HTTP/1.1
Host: supertotobet-cdn2.x1zxy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://supertotobet1108.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:11:15 GMT
content-type: image/png
last-modified: Tue, 22 Jun 2021 10:41:47 GMT
vary: Accept-Encoding
etag: W/"60d1be6b-1ea05"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p0DuwVWgGIMhlyGpCyQj8FLoK8FL9FyUM56VJheQoEXZhiOdOasOixI6hNAc9x9HJqXG1hYdrCZjbzu28lkGe%2BixWUGIgkYO8qzZi4Xr9FGTTRv69fT6RC6UMbihZqNsnAx4d62UeC1GvTtABv4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e8320d394db4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
client.xox.chat/static/js/main.d546d6ae.chunk.js
116.203.123.171200 OK 46 kB URL HTTP/1.1 client.xox.chat/static/js/main.d546d6ae.chunk.js
IP 116.203.123.171:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (46115)
Hash e606146f8bb70e71fdd07a61ef38d517
a6d38a3f324a3bf7d67cb90bf0fe5f5d8761db54
f883981e583e78b1f67c041af416064612841888cc23fabc5c5ab4d89c8b9f28
GET /static/js/main.d546d6ae.chunk.js HTTP/1.1
Host: client.xox.chat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://client.xox.chat/?_t=1663819875223
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 22 Sep 2022 04:11:15 GMT
Content-Type: application/javascript
Content-Length: 46163
Last-Modified: Fri, 25 Feb 2022 16:33:47 GMT
Connection: keep-alive
ETag: "621904eb-b453"
Accept-Ranges: bytes
supertotobet-cdn1.x1zxy.com/resources/media/games/pragmatic_play/16315411825343_555.png
188.114.97.1200 OK 1.5 MB URL HTTP/2 supertotobet-cdn1.x1zxy.com/resources/media/games/pragmatic_play/16315411825343_555.png
IP 188.114.97.1:0
File type PNG image data, 650 x 325, 8-bit/color RGBA, non-interlaced\012- data
Size 1.5 MB (1452316 bytes)
Hash f20529e805b02d6a0c02f15cfb8e1548
1501808d8099e815ab995a57add79b3b81100a9f
5515ae65806ac0bf25e07a9a28307383c27caedd8615c017201a8f4236eabf69
GET /resources/media/games/pragmatic_play/16315411825343_555.png HTTP/1.1
Host: supertotobet-cdn1.x1zxy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://supertotobet1108.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:11:15 GMT
content-type: image/png
last-modified: Mon, 13 Sep 2021 13:53:02 GMT
vary: Accept-Encoding
etag: W/"613f57be-675cb"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hMDDwPP%2Bf7tMMdSEMze6ZIGXbRi7XXzAmVAJnzs5tu3fcsVNy7aHJWH676s12igVMp0Ew5%2FYZoWZ6hfRaXVnSuDaOlVr%2FVhM8%2F9nt7O7j8xpFamt9d8E8F4ZxOJSrfgupQlTC9fFb08Wqmxfg3s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e8320d4bc20b3d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0b44e84131a9830a5b9ad69e6e417b2e
f2392e088c37943272af4d7417f129dad86b3374
cc6365c39209f21d9ce5e02ad1e96eb126c7da4267b40af4d890f33c245cd9b9
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "CC6365C39209F21D9CE5E02AD1E96EB126C7DA4267B40AF4D890F33C245CD9B9"
Last-Modified: Tue, 20 Sep 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10884
Expires: Thu, 22 Sep 2022 07:12:39 GMT
Date: Thu, 22 Sep 2022 04:11:15 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0b44e84131a9830a5b9ad69e6e417b2e
f2392e088c37943272af4d7417f129dad86b3374
cc6365c39209f21d9ce5e02ad1e96eb126c7da4267b40af4d890f33c245cd9b9
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "CC6365C39209F21D9CE5E02AD1E96EB126C7DA4267B40AF4D890F33C245CD9B9"
Last-Modified: Tue, 20 Sep 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10884
Expires: Thu, 22 Sep 2022 07:12:39 GMT
Date: Thu, 22 Sep 2022 04:11:15 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0b44e84131a9830a5b9ad69e6e417b2e
f2392e088c37943272af4d7417f129dad86b3374
cc6365c39209f21d9ce5e02ad1e96eb126c7da4267b40af4d890f33c245cd9b9
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "CC6365C39209F21D9CE5E02AD1E96EB126C7DA4267B40AF4D890F33C245CD9B9"
Last-Modified: Tue, 20 Sep 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10884
Expires: Thu, 22 Sep 2022 07:12:39 GMT
Date: Thu, 22 Sep 2022 04:11:15 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0b44e84131a9830a5b9ad69e6e417b2e
f2392e088c37943272af4d7417f129dad86b3374
cc6365c39209f21d9ce5e02ad1e96eb126c7da4267b40af4d890f33c245cd9b9
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "CC6365C39209F21D9CE5E02AD1E96EB126C7DA4267B40AF4D890F33C245CD9B9"
Last-Modified: Tue, 20 Sep 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10884
Expires: Thu, 22 Sep 2022 07:12:39 GMT
Date: Thu, 22 Sep 2022 04:11:15 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0b44e84131a9830a5b9ad69e6e417b2e
f2392e088c37943272af4d7417f129dad86b3374
cc6365c39209f21d9ce5e02ad1e96eb126c7da4267b40af4d890f33c245cd9b9
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "CC6365C39209F21D9CE5E02AD1E96EB126C7DA4267B40AF4D890F33C245CD9B9"
Last-Modified: Tue, 20 Sep 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10883
Expires: Thu, 22 Sep 2022 07:12:39 GMT
Date: Thu, 22 Sep 2022 04:11:16 GMT
Connection: keep-alive
api.xox.chat/client/system/variables
116.203.123.171200 OK 844 B URL HTTP/1.1 api.xox.chat/client/system/variables
IP 116.203.123.171:0
ASN #24940 Hetzner Online GmbH
File type JSON data\012- , ASCII text, with very long lines (844), with no line terminators
Hash 7ff8a5ae2af47217c01177e06c0b5abb
76d994302f7768e8a1b560c44b204154cab32fa2
0f3306d8335b809ea74a396707a43cfc92f52079a4db8015b5734ee7391d737c
GET /client/system/variables HTTP/1.1
Host: api.xox.chat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://client.xox.chat/
Origin: https://client.xox.chat
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 22 Sep 2022 04:11:16 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 844
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
ETag: W/"34c-dtmUMC93aOihtWDESyBBVMqzL6I"
Front-End-Https: on
api.xox.chat/chat/socket/?userType=visitor&EIO=4&transport=websocket
116.203.123.171101 Switching Protocols 0 B URL HTTP/1.1 api.xox.chat/chat/socket/?userType=visitor&EIO=4&transport=websocket
IP 116.203.123.171:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /chat/socket/?userType=visitor&EIO=4&transport=websocket HTTP/1.1
Host: api.xox.chat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://client.xox.chat
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: PR9nbrakdO7xG0B54sPr/A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 22 Sep 2022 04:11:16 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: sSexVrMBNZKgbZdQf6+3PWBcPYE=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 35343b6981ed4c9eb2cd90bc8c2146cd
4e49432e50195a2bc528fb1745a2899306c79db8
cf55f53534e3e8b62513618cda90832a7b9bcd0d15b1a8f6bb51db6eb60daefd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 04:11:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ibb.co/8jVBk0k/Su-pertotobet-Logo2.png
217.182.228.53200 OK 7.1 kB URL HTTP/2 i.ibb.co/8jVBk0k/Su-pertotobet-Logo2.png
IP 217.182.228.53:0
File type PNG image data, 345 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 792ecddac6c4f0523adcfaca1390d53b
5b84ea503be488be868dfd0446ff86c2c05b54df
4f0936370aa8de127ebd39a215622965ca9986851f158f813e6340b29c7b856a
GET /8jVBk0k/Su-pertotobet-Logo2.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://client.xox.chat/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 04:11:16 GMT
content-type: image/png
content-length: 7135
last-modified: Mon, 06 Sep 2021 13:05:27 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
ssl.google-analytics.com/ga.js
142.250.74.104200 OK 17 kB URL HTTP/2 ssl.google-analytics.com/ga.js
IP 142.250.74.104:0
File type ASCII text, with very long lines (1305)
Hash 01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
GET /ga.js HTTP/1.1
Host: ssl.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bet.supertotobet1108.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 17168
date: Thu, 22 Sep 2022 02:17:11 GMT
expires: Thu, 22 Sep 2022 04:17:11 GMT
cache-control: public, max-age=7200
age: 6845
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 35343b6981ed4c9eb2cd90bc8c2146cd
4e49432e50195a2bc528fb1745a2899306c79db8
cf55f53534e3e8b62513618cda90832a7b9bcd0d15b1a8f6bb51db6eb60daefd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 04:11:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=859155261&utmhn=bet.supertotobet1108.com&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x72&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Sportotobet.com&utmhid=474419024&utmr=https%3A%2F%2Fsupertotobet1108.com%2F&utmp=%2Fhome.php%3Flanding%3D1&utmht=1663819876465&utmac=UA-36411829-1&utmcc=__utma%3D204477955.1811737765.1663819876.1663819876.1663819876.1%3B%2B__utmz%3D204477955.1663819876.1.1.utmcsr%3Dsupertotobet1108.com%7Cutmccn%3D(referral)%7Cutmcmd%3Dreferral%7Cutmcct%3D%2F%3B&utmjid=673202855&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
142.250.74.104200 OK 35 B URL HTTP/2 ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=859155261&utmhn=bet.supertotobet1108.com&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x72&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Sportotobet.com&utmhid=474419024&utmr=https%3A%2F%2Fsupertotobet1108.com%2F&utmp=%2Fhome.php%3Flanding%3D1&utmht=1663819876465&utmac=UA-36411829-1&utmcc=__utma%3D204477955.1811737765.1663819876.1663819876.1663819876.1%3B%2B__utmz%3D204477955.1663819876.1.1.utmcsr%3Dsupertotobet1108.com%7Cutmccn%3D(referral)%7Cutmcmd%3Dreferral%7Cutmcct%3D%2F%3B&utmjid=673202855&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
IP 142.250.74.104:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /r/__utm.gif?utmwv=5.7.2&utms=1&utmn=859155261&utmhn=bet.supertotobet1108.com&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x72&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Sportotobet.com&utmhid=474419024&utmr=https%3A%2F%2Fsupertotobet1108.com%2F&utmp=%2Fhome.php%3Flanding%3D1&utmht=1663819876465&utmac=UA-36411829-1&utmcc=__utma%3D204477955.1811737765.1663819876.1663819876.1663819876.1%3B%2B__utmz%3D204477955.1663819876.1.1.utmcsr%3Dsupertotobet1108.com%7Cutmccn%3D(referral)%7Cutmcmd%3Dreferral%7Cutmcct%3D%2F%3B&utmjid=673202855&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP/1.1
Host: ssl.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bet.supertotobet1108.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
date: Thu, 22 Sep 2022 04:11:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
x-content-type-options: nosniff
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
api.xox.chat//uploads/clients/603/603391783f1f4d03cddaace3/launcherImage.1633098454186.png
116.203.123.171200 OK 6.4 kB URL HTTP/1.1 api.xox.chat//uploads/clients/603/603391783f1f4d03cddaace3/launcherImage.1633098454186.png
IP 116.203.123.171:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash 0eabf5f671991832690d8b8934f8f0bd
ae9380eca05c5ace95e5a404676ff11ab659f4c1
4418c081d57f62586f13ecf1ec44eaf0c59d028d9e805d6bae71a356de2d88a2
GET //uploads/clients/603/603391783f1f4d03cddaace3/launcherImage.1633098454186.png HTTP/1.1
Host: api.xox.chat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://supertotobet1108.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 22 Sep 2022 04:11:16 GMT
Content-Type: image/png
Content-Length: 6360
Connection: keep-alive
X-Powered-By: Express
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Fri, 01 Oct 2021 14:27:34 GMT
ETag: W/"18d8-17c3c40d4a5"
Front-End-Https: on
data.gosquared.com/ping?vw=1280&vh=939&dw=1268&dh=4743&st=0&sl=0&i=0&et=5542&cb=1&a=GSN-349119-C&id=75177200651bf645a5cfad8464593c66&tv=6.6.1933
52.202.192.125200 OK 6 B URL HTTP/2 data.gosquared.com/ping?vw=1280&vh=939&dw=1268&dh=4743&st=0&sl=0&i=0&et=5542&cb=1&a=GSN-349119-C&id=75177200651bf645a5cfad8464593c66&tv=6.6.1933
IP 52.202.192.125:0
File type ASCII text, with no line terminators
Hash ed4a5f32c246ea1d37db5f27335ad58c
1dc58ffc1807993eed9cb6de85c6535a2b084935
eb2ad463e0fd390d63acc0e4e0c064cd787cab3ee5711fc9e6e203ad1429d4c0
GET /ping?vw=1280&vh=939&dw=1268&dh=4743&st=0&sl=0&i=0&et=5542&cb=1&a=GSN-349119-C&id=75177200651bf645a5cfad8464593c66&tv=6.6.1933 HTTP/1.1
Host: data.gosquared.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://supertotobet1108.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:11:19 GMT
content-type: text/javascript
content-length: 6
X-Firefox-Spdy: h2
d1l6p2sc9645hc.cloudfront.net/gosquared.js
143.204.55.103200 OK 0 B URL HTTP/2 d1l6p2sc9645hc.cloudfront.net/gosquared.js
IP 143.204.55.103:0
GET /gosquared.js HTTP/1.1
Host: d1l6p2sc9645hc.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://supertotobet1108.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
last-modified: Fri, 19 Nov 2021 15:31:18 GMT
server: AmazonS3
content-encoding: gzip
date: Thu, 22 Sep 2022 01:23:43 GMT
cache-control: max-age=43200, public
etag: W/"43905f2ad338bdfa927ca79740e6e7a1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 7NQXfOovtazESbSs3vgSh6jpeYrKD7MeN2-jalKhlg0I8L5gEaN-TQ==
age: 10051
X-Firefox-Spdy: h2
de-west3-1.stkcdn.com/tr/logo/big/14078.png
104.21.61.246200 OK 0 B URL HTTP/2 de-west3-1.stkcdn.com/tr/logo/big/14078.png
IP 104.21.61.246:0
GET /tr/logo/big/14078.png HTTP/1.1
Host: de-west3-1.stkcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bet.supertotobet1108.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:11:16 GMT
content-type: image/png
last-modified: Thu, 18 Apr 2019 19:25:25 GMT
vary: Accept-Encoding
etag: W/"5cb8cf25-149c"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2poaa4ZlGWoTBSGQ4vjxXgrYQy8%2F1h20Me2Qah%2FaHr315q%2FUnkj4SlWbdV2o%2Bk9uf0EeolKNBo16x2r5NN%2BOUvJQAUKlwOz9tEyWCi9n75753qIE%2Bi7YaQCTUCxj5ouzazR9P87FAoI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e83210fcfdb523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
de-west3-1.stkcdn.com/tr/logo/big/8512214.png
104.21.61.246200 OK 0 B URL HTTP/2 de-west3-1.stkcdn.com/tr/logo/big/8512214.png
IP 104.21.61.246:0
GET /tr/logo/big/8512214.png HTTP/1.1
Host: de-west3-1.stkcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bet.supertotobet1108.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:11:16 GMT
content-type: image/png
last-modified: Wed, 22 May 2019 13:49:32 GMT
vary: Accept-Encoding
etag: W/"5ce5536c-1649"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PnNeW%2FZWcHEBR8RS%2FqpxTEBwuYcpCuaRBnwBHmGAU7gkGDlnIHg2Xw9WVRWWEXSnHrytQXBhq%2F5%2F6A1KEEcOwoAzSnFwJoLjRzflFS6K00BR2vcfad5%2B867YDWzmq3F5P%2Fm3o2dYmj0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e83210fcfcb523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
de-west3-1.stkcdn.com/tr/logo/big/12445.png
104.21.61.246200 OK 0 B URL HTTP/2 de-west3-1.stkcdn.com/tr/logo/big/12445.png
IP 104.21.61.246:0
GET /tr/logo/big/12445.png HTTP/1.1
Host: de-west3-1.stkcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bet.supertotobet1108.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:11:16 GMT
content-type: image/png
last-modified: Thu, 18 Apr 2019 23:34:59 GMT
vary: Accept-Encoding
etag: W/"5cb909a3-16c0"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CFOEhFCVyYrtWowlqWnAu6ReiKFWyp00YwYQzclfD3pND5IMqjrwLY7rpG76Mz2klpAHP18Y5H0SU8r6X7Fhh3lTcvxY4wFmFoWUWzOmXCC1IrYthJWHLgH3IySmwu4c34GdCt2sigM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e83210ecf6b523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
supertotobet-cdn2.x1zxy.com/resources/media/games/pragmatic_play/16243584995351_Gates_of_Olympus.png
172.67.212.40200 OK 0 B URL HTTP/2 supertotobet-cdn2.x1zxy.com/resources/media/games/pragmatic_play/16243584995351_Gates_of_Olympus.png
IP 172.67.212.40:0
GET /resources/media/games/pragmatic_play/16243584995351_Gates_of_Olympus.png HTTP/1.1
Host: supertotobet-cdn2.x1zxy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://supertotobet1108.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:11:15 GMT
content-type: image/png
last-modified: Tue, 22 Jun 2021 10:41:39 GMT
vary: Accept-Encoding
etag: W/"60d1be63-20720"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=apaJEc0bdz5lv03bCyFJgj43ke22eywVpJQLSogLp27ELixeRTyRnGMGsuI52cEC94IOSt%2BNyucMepdFlFlQyOWUGVayxd0YSwgQAI7eI7AAQMw1%2FPWWzLWUu60PD3OVwNIKFGViM1tiqie3Yi8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e8320d3950b4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
supertotobet-cdn4.x1zxy.com/resources/media/games/pragmatic_play/16384423295089_6403.jpg
172.67.212.40200 OK 0 B URL HTTP/2 supertotobet-cdn4.x1zxy.com/resources/media/games/pragmatic_play/16384423295089_6403.jpg
IP 172.67.212.40:0
GET /resources/media/games/pragmatic_play/16384423295089_6403.jpg HTTP/1.1
Host: supertotobet-cdn4.x1zxy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://supertotobet1108.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:11:15 GMT
content-type: image/jpeg
last-modified: Thu, 02 Dec 2021 10:52:09 GMT
vary: Accept-Encoding
etag: W/"61a8a559-3a5f6"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9RSwcRVJI9YJyTqfBjLczsrZS1jEVxhkchOy2o8Rjf5q1lZf0k3k5DAmzTxKaoLX33EYZ5dVDf2Obm1XD1k2k6kgt77G8%2BLQmYNGX5WPAfbwtpjT%2BoACrgRn07fJhL7PSv8ypBBASfGZb5zBKj4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e8320d3ef30b31-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
de-west3-1.stkcdn.com/tr/logo/big/13143.png
104.21.61.246200 OK 0 B URL HTTP/2 de-west3-1.stkcdn.com/tr/logo/big/13143.png
IP 104.21.61.246:0
GET /tr/logo/big/13143.png HTTP/1.1
Host: de-west3-1.stkcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bet.supertotobet1108.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:11:16 GMT
content-type: image/png
last-modified: Thu, 18 Apr 2019 22:12:20 GMT
vary: Accept-Encoding
etag: W/"5cb8f644-1cbf"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xr34Ju0AAW0%2FaNzZO%2Blc0pga%2Buj%2FJqH%2B5ip7vhi3gmAAjAo%2B7VNRzKw9uTOFpogufIlI6aRLdkl4J0vBILCy%2B6mWgqliETP4nCMiYu55vC5oBxSQL74f%2BpZqFux5OWTFpF0VQFw9C%2BA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e83210ecf7b523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
de-west3-1.stkcdn.com/tr/logo/big/7854.png
104.21.61.246200 OK 0 B URL HTTP/2 de-west3-1.stkcdn.com/tr/logo/big/7854.png
IP 104.21.61.246:0
GET /tr/logo/big/7854.png HTTP/1.1
Host: de-west3-1.stkcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bet.supertotobet1108.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:11:16 GMT
content-type: image/png
last-modified: Thu, 18 Apr 2019 23:50:09 GMT
vary: Accept-Encoding
etag: W/"5cb90d31-13b5"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K7XH1KEgEE8jHShcQpVa6klKGzj%2FrrBKbSj16nRQQ9iFn27eiIJDmQZCw85jQT3cxR2tBUJs1GzuvslK9tFxQcpKEDgx5gXB3CMLQxPXEQnY6KTC1yVSbY5UTPBTJB0Po9uh4TKdswo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e83210ecf5b523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
supertotobet1108.com/
104.21.49.30200 OK 0 B IP 104.21.49.30:0
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: supertotobet1108.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:11:13 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.1.33
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=7387689cfe5c8e9afaf50aac1f1b1c65; path=/
language=tr_TR; path=/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mCNSTnQiX3fTetowZ3R5afcUuVJBgi5z0%2F9MNfDKK%2FdmGUQ6j%2Fb3FYXFGBQyquLAtPQVBsIWbOAaPUQgyJGbsULpdfqeroROHI0lobiVVGBTqyyUmGoILprCKHW3xpX4bg1wPU1w8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e831ff3f0cb524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
supertotobet-cdn5.x1zxy.com/resources/media/games/pragmatic_play/16243585016356_Fruit_Party.png
104.21.61.163200 OK 0 B URL HTTP/2 supertotobet-cdn5.x1zxy.com/resources/media/games/pragmatic_play/16243585016356_Fruit_Party.png
IP 104.21.61.163:0
GET /resources/media/games/pragmatic_play/16243585016356_Fruit_Party.png HTTP/1.1
Host: supertotobet-cdn5.x1zxy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://supertotobet1108.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:11:15 GMT
content-type: image/png
last-modified: Tue, 22 Jun 2021 10:41:41 GMT
vary: Accept-Encoding
etag: W/"60d1be65-19418"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y4NSoFqDR81oAuahFJG%2B9p05vWenRHtR1jZaKt86yEtyaYdQDNd4chvhYl1Rr0U9EaOsK7M9RHQIweg6uoDYMrD8hMuRRizA%2Bq5VkEL4MUsPTnq%2FU1yO07dq45Bhm0bejhWtTkhAgrhF73M24Ps%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e8320d3d0bb521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
supertotobet-cdn3.x1zxy.com/resources/media/games/pragmatic_play/16243585001895_Phoenix_Forge.png
172.67.212.40200 OK 0 B URL HTTP/2 supertotobet-cdn3.x1zxy.com/resources/media/games/pragmatic_play/16243585001895_Phoenix_Forge.png
IP 172.67.212.40:0
GET /resources/media/games/pragmatic_play/16243585001895_Phoenix_Forge.png HTTP/1.1
Host: supertotobet-cdn3.x1zxy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://supertotobet1108.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:11:15 GMT
content-type: image/png
last-modified: Tue, 22 Jun 2021 10:41:40 GMT
vary: Accept-Encoding
etag: W/"60d1be64-275e5"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tm5RdFPoZzRCoF7FuFS2o6Sh6QnSfwor%2Bbui98KFgNuoW9uIGDnM9g%2FHK9w3%2BgtRoAnrn4rlVtWWXYH365hvy8O3OKhePPCF1RCqg27SbaYmWC92Dtutc4DradVc6VlZsl2HlT61IRopTma0k3k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e8320d48ea0b06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
supertotobet-cdn3.x1zxy.com/resources/media/games/pragmatic_play/16587637633833_7847.jpg
172.67.212.40200 OK 0 B URL HTTP/2 supertotobet-cdn3.x1zxy.com/resources/media/games/pragmatic_play/16587637633833_7847.jpg
IP 172.67.212.40:0
GET /resources/media/games/pragmatic_play/16587637633833_7847.jpg HTTP/1.1
Host: supertotobet-cdn3.x1zxy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://supertotobet1108.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:11:15 GMT
content-type: image/jpeg
last-modified: Mon, 25 Jul 2022 15:42:43 GMT
vary: Accept-Encoding
etag: W/"62deb9f3-1a336"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=odku35yTGLJa0r6okR7x1Vee9TnRAGP4VRooJPfdafUUSRHiT9aO%2F6xnbhqaR9K7XEhLd26XlaEjDrAUqO1p%2BBrxGRPEPa5zg9h1qAYSeGRMMTux59i%2B7rLiwOEws2kpTtBQiKPId76BJLz0hIM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e8320d38cd0b06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
supertotobet-cdn3.x1zxy.com/resources/media/games/pragmatic_play/16243585032093_Sweet_Bonanza.png
172.67.212.40200 OK 0 B URL HTTP/2 supertotobet-cdn3.x1zxy.com/resources/media/games/pragmatic_play/16243585032093_Sweet_Bonanza.png
IP 172.67.212.40:0
GET /resources/media/games/pragmatic_play/16243585032093_Sweet_Bonanza.png HTTP/1.1
Host: supertotobet-cdn3.x1zxy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://supertotobet1108.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:11:15 GMT
content-type: image/png
last-modified: Tue, 22 Jun 2021 10:41:43 GMT
vary: Accept-Encoding
etag: W/"60d1be67-22ce4"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BgzVL1ksrOOMOZwuX%2BQuILoVxxzYWtAD6%2FIMf%2BYaKHiFN0pA%2F3yrt%2FxhTd8zNn%2Ftju4MFLoez0zxiczVPT%2B8fPH8D4kSEE8jar00uJbAzOyl8CdBpHWCKcJip62djN%2FNOmgBxISpXn7LlUvAy%2FM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e8320d48e90b06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
supertotobet-cdn1.x1zxy.com/resources/media/games/pragmatic_play/16243585011512_The_Dog_House_Megaways.png
188.114.97.1200 OK 0 B URL HTTP/2 supertotobet-cdn1.x1zxy.com/resources/media/games/pragmatic_play/16243585011512_The_Dog_House_Megaways.png
IP 188.114.97.1:0
GET /resources/media/games/pragmatic_play/16243585011512_The_Dog_House_Megaways.png HTTP/1.1
Host: supertotobet-cdn1.x1zxy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://supertotobet1108.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:11:15 GMT
content-type: image/png
last-modified: Tue, 22 Jun 2021 10:41:41 GMT
vary: Accept-Encoding
etag: W/"60d1be65-241f6"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qmzr3f5ihpgFkUBdRtepoKUzG9Bg11NDqmOVMGea0YgKxGI2datDYMcb3cyMWKzfrEY9JXR5Sjtgdr1H%2FBDbVlBvi%2BnSAFH925oIIYdH7d450L6pbJoONaLkrjWEnl3DoBreM8sQA4UgT9kpj2E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e8320d4bba0b3d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
supertotobet-cdn1.x1zxy.com/resources/media/games/pragmatic_play/16243585019526_Wild_West_Gold.png
188.114.97.1200 OK 0 B URL HTTP/2 supertotobet-cdn1.x1zxy.com/resources/media/games/pragmatic_play/16243585019526_Wild_West_Gold.png
IP 188.114.97.1:0
GET /resources/media/games/pragmatic_play/16243585019526_Wild_West_Gold.png HTTP/1.1
Host: supertotobet-cdn1.x1zxy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://supertotobet1108.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:11:15 GMT
content-type: image/png
last-modified: Tue, 22 Jun 2021 10:41:42 GMT
vary: Accept-Encoding
etag: W/"60d1be66-26397"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M%2FkVraDE9WzuB8oyKJhpCZpOQZN1kBd7RaZGDZIEVLPxatphWneUA1rqtbM%2B8%2BHyPCuFvOeFpzgn5s%2BKI7sXEnTwaiXhfNgMASuwCry4Y911u10PW0j4YSnml1280PIGZC8CStzPLAT0L6G%2F7dg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e8320d4bc50b3d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
de-west3-1.stkcdn.com/tr/logo/big/7606.png
104.21.61.246200 OK 0 B URL HTTP/2 de-west3-1.stkcdn.com/tr/logo/big/7606.png
IP 104.21.61.246:0
GET /tr/logo/big/7606.png HTTP/1.1
Host: de-west3-1.stkcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bet.supertotobet1108.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:11:16 GMT
content-type: image/png
last-modified: Thu, 18 Apr 2019 20:23:07 GMT
vary: Accept-Encoding
etag: W/"5cb8dcab-15ac"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bBqxD9WHu%2F%2BMBzsZU%2BECyT1fDIS%2FvwDydoE9Rooc7RO3Txp5WeCMRgTs2RkWzu2kaUcQBLenJWHqj8mLjdcG1xP%2BvASEKN4D2VrcXdu0n3kww8vTh%2FwfcfArYnEF5kWqTptlbNIPgUs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e83210fcfeb523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
de-west3-1.stkcdn.com/tr/logo/big/13372.png
104.21.61.246200 OK 0 B URL HTTP/2 de-west3-1.stkcdn.com/tr/logo/big/13372.png
IP 104.21.61.246:0
GET /tr/logo/big/13372.png HTTP/1.1
Host: de-west3-1.stkcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bet.supertotobet1108.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:11:16 GMT
content-type: image/png
last-modified: Thu, 18 Apr 2019 10:59:38 GMT
vary: Accept-Encoding
etag: W/"5cb8589a-144e"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oInQs9httizq7bu%2BiygvUwerRbWWaATIQDtJ8FSHsGJdd%2BXQiaOaqlicai08dAl4n%2BZPwx5O7p6Q4wgFBMlMwA8qM3kCummT%2FsNSbbmapZEMKCPo2l%2BiexWj2p%2BoEzsTZ8nP%2FVevP8E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e83210fcfbb523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
de-west3-1.stkcdn.com/tr/logo/big/17007.png
104.21.61.246200 OK 0 B URL HTTP/2 de-west3-1.stkcdn.com/tr/logo/big/17007.png
IP 104.21.61.246:0
GET /tr/logo/big/17007.png HTTP/1.1
Host: de-west3-1.stkcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bet.supertotobet1108.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 04:11:16 GMT
content-type: image/png
last-modified: Thu, 18 Apr 2019 20:49:48 GMT
vary: Accept-Encoding
etag: W/"5cb8e2ec-2eb5"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wCIf8gZuMud5QAB1N6ClZNFRxbOs62F2qoncNSkObrwbbV0Dbl5IbkNd6By4o8R%2BLedOG0nXvBh7ygVzhEXXNLsr0k%2BKyjZ5yC%2BVBG6FdaaqWdMy%2BrtE9Zbv%2BRVHo%2BTxEGwokPUxhMc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e832110d03b523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2