blancoshrimp.com/SB/BR
104.21.73.164301 Moved Permanently 162 B IP 104.21.73.164:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /SB/BR HTTP/1.1
Host: blancoshrimp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Wed, 01 Feb 2023 22:53:40 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://blancoshrimp.com/SB/BR
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bo0f70vZxKkEm9kd388uqnuJWK3jLj7AkOviyVhQTb1ar%2F8n%2BCyopdjN4lQapP81jJjO1s%2Fmo4W9pJaEUj%2FpYJvmkvLW%2BCHnV9vuUQd5FqhaJiuYDhLzOXoKoTBqD%2FkC7GOA"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 792e43b8b86fb4f9-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e935ea42be4feaed61a824b0b903913e
f966cfa80d65a805cb9d7c6a53b3340865d7c51a
eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4660
Expires: Thu, 02 Feb 2023 00:11:20 GMT
Date: Wed, 01 Feb 2023 22:53:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7e05c8461bd2dc5a149f71e2c465ea29
705983959c887e243cb55a8a1796757b579ee977
4d9ea085d5dda9dabed11af9847c2b0aa6182358673b356a4e2bd631e22a9922
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D9EA085D5DDA9DABED11AF9847C2B0AA6182358673B356A4E2BD631E22A9922"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2643
Expires: Wed, 01 Feb 2023 23:37:43 GMT
Date: Wed, 01 Feb 2023 22:53:40 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 01 Feb 2023 22:36:02 GMT
content-type: application/json
age: 1058
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9a76feabb767086ae0fa54e0ffbf763f
3655d78994a1e9838340669462728b67c8c12e54
bf215ab858c7785b7c01f7d3d437a918f056f00fe9b065820e1cdd09b7bba8f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BF215AB858C7785B7C01F7D3D437A918F056F00FE9B065820E1CDD09B7BBA8F9"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18367
Expires: Thu, 02 Feb 2023 03:59:47 GMT
Date: Wed, 01 Feb 2023 22:53:40 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: gfYBtcFQ+bFatOdYiuZTb+r05TpfA6J6a5dUlLQg6J9ale/0imlA6u2JMDr3P4o4MQ9tWSSyI4c=
x-amz-request-id: N6JVJ8WXX3YVXXY4
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 01 Feb 2023 22:51:44 GMT
age: 116
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 22:53:40 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash a93adbbce28f466c554812b1f7caa740
02b96050065cdbd02e4618e5440ad4a397402cd9
796435d0ae4a3b1e243f0c4f400ceb5867dcce3d3932d4ea61853aa68493becb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=110568
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 22:53:41 GMT
Etag: "63d9fa5d-117"
Expires: Fri, 03 Feb 2023 05:36:29 GMT
Last-Modified: Wed, 01 Feb 2023 05:36:29 GMT
Server: nginx
Content-Length: 279
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Last-Modified, Cache-Control, Pragma, ETag, Backoff, Content-Type, Alert, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 01 Feb 2023 22:41:43 GMT
age: 718
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash a93adbbce28f466c554812b1f7caa740
02b96050065cdbd02e4618e5440ad4a397402cd9
796435d0ae4a3b1e243f0c4f400ceb5867dcce3d3932d4ea61853aa68493becb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=110568
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 22:53:41 GMT
Etag: "63d9fa5d-117"
Expires: Fri, 03 Feb 2023 05:36:29 GMT
Last-Modified: Wed, 01 Feb 2023 05:36:29 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash de49044c9365e16fec3a6d361cb94728
2b7b69c16de6fda1ae5206f92fe781ee07bd182a
6e76887b036544a5da3918116a180876c094cc3b31676abce8d5b7b716b00c30
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 22:53:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13092
Expires: Thu, 02 Feb 2023 02:31:53 GMT
Date: Wed, 01 Feb 2023 22:53:41 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash de49044c9365e16fec3a6d361cb94728
2b7b69c16de6fda1ae5206f92fe781ee07bd182a
6e76887b036544a5da3918116a180876c094cc3b31676abce8d5b7b716b00c30
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 22:53:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 42d54c8c12a2f90c448a11bf42800e86
bb66d35435411c825bfcd0a091f33b7d1708191e
3b67d91fbb38e5c47b6ebff53da366b87af3a308e5c588775ac66a808761dbb1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 22:53:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
216.58.207.227200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://blancoshrimp.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 07:08:09 GMT
expires: Sat, 27 Jan 2024 07:08:09 GMT
cache-control: public, max-age=31536000
age: 488732
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
securely-send.com/storage/howisliferightnow_br.js
161.35.78.172200 OK 71 kB URL HTTP/2 securely-send.com/storage/howisliferightnow_br.js
IP 161.35.78.172:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (65536), with no line terminators
Hash 06848da340ca8776b5152ffc2b893a2f
53181c8ae828535659a6414c930952d08f0f7632
96232a4e673992a03bd015ea18ed99208e020d01ebd8c96eadbfba1bde5de018
Analyzer Verdict Alert fortinet Phishing
GET /storage/howisliferightnow_br.js HTTP/1.1
Host: securely-send.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blancoshrimp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 01 Feb 2023 22:53:41 GMT
content-type: application/javascript; charset=utf-8
content-length: 70701
last-modified: Wed, 01 Feb 2023 15:23:08 GMT
etag: "63da83dc-1142d"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 42d54c8c12a2f90c448a11bf42800e86
bb66d35435411c825bfcd0a091f33b7d1708191e
3b67d91fbb38e5c47b6ebff53da366b87af3a308e5c588775ac66a808761dbb1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 22:53:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
52.39.57.61101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.39.57.61:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Dwql7uDOfv3Eg2bjSXR+IQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Gk0G+BOJ+bma5tyUXMiLQ+U8J+4=
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash c777675e41e9045ce88ced5783717ae7
4f86fa976ada60cd81fdad71213e80f47b3f4d9d
1df71004b318cee0b1c86ee9f76b8b4d25723d512af9a7443e69a4d69c6ef329
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2689
Cache-Control: max-age=117599
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 22:53:42 GMT
Etag: "63da0b54-116"
Expires: Fri, 03 Feb 2023 07:33:41 GMT
Last-Modified: Wed, 01 Feb 2023 06:48:52 GMT
Server: ECS (amb/6BB9)
X-Cache: HIT
Content-Length: 278
www.bet365.com/olp/open-account?affiliate=365_01175261
5.226.179.10200 OK 4.6 kB URL HTTP/1.1 www.bet365.com/olp/open-account?affiliate=365_01175261
IP 5.226.179.10:0
ASN #209242 Cloudflare London, LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash a02efc03bf1ff6317cbb86509d91d64a
e2f7f16d03288f6e9cd96456dae25a92b5f2b2d3
6195e77e3f220109bcd9952feb4945337ae703473c57663bdc6c6b08bb0343bc
GET /olp/open-account?affiliate=365_01175261 HTTP/1.1
Host: www.bet365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 22:53:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ServerDetails: <!--2P2 - 86-->
CF-Cache-Status: DYNAMIC
Set-Cookie: __cf_bm=XsDMIJN40EKXn._liCk5g7vK9KuIxFBr1bTXvDduY_k-1675292022-0-AU9APw1O+uGmktxTq1jCI82xzGZooHnWc4jqgJ4v7uQGTp4VfSO5l38evyo4dW17vVvXz/k/jjHyjoj0JaF03MY=; path=/; expires=Wed, 01-Feb-23 23:23:42 GMT; domain=.bet365.com; HttpOnly; Secure; SameSite=None
Server: cloudflare
CF-RAY: 792e43c23b691c0e-OSL
ocsp.pki.goog/s/gts1p5/jIkIsUPfARQ
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/jIkIsUPfARQ
IP 142.250.74.131:0
Hash 7ff89dc6cb810578ed70054a440f4a86
f784e25e6cc9d50123e04876b27bd0af9415b5a3
56a0649880cb8e40d55521c3d1389319bdecb60ff484dbd5fec879135b4220b1
POST /s/gts1p5/jIkIsUPfARQ HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 22:53:42 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.bet365.com/olpc/nn/143/0/1/open-account
5.226.179.10200 OK 13 kB URL HTTP/1.1 www.bet365.com/olpc/nn/143/0/1/open-account
IP 5.226.179.10:0
ASN #209242 Cloudflare London, LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2285), with CRLF line terminators
Hash 274badd3cb37dfb527eca4729cf6b000
69e765e9b753cd47566ec463e2ddfebd0e09a856
c9876c218bef2034f020b7fd25a81c3e89cc00679aeee84af35bbc7625559dc7
GET /olpc/nn/143/0/1/open-account HTTP/1.1
Host: www.bet365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bet365.com/olp/open-account?affiliate=365_01175261
Cookie: __cf_bm=XsDMIJN40EKXn._liCk5g7vK9KuIxFBr1bTXvDduY_k-1675292022-0-AU9APw1O+uGmktxTq1jCI82xzGZooHnWc4jqgJ4v7uQGTp4VfSO5l38evyo4dW17vVvXz/k/jjHyjoj0JaF03MY=
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 22:53:42 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 12839
Connection: keep-alive
Cache-Control: private
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Security-Policy: default-src 'self';script-src 'self' 'unsafe-inline' https://www.googletagmanager.com;frame-src 'self' http://members.bet365.com 'nonce-4rSzznE9JGIdZg1mjegvP0Az5nPv2TYQ7stnA37DE8M=';style-src 'self' 'unsafe-inline';img-src 'self' data: https://content001.bet365.com/ https://content001.bet365.com/SportsContent/ 'nonce-4rSzznE9JGIdZg1mjegvP0Az5nPv2TYQ7stnA37DE8M=';connect-src 'self' https://www.google-analytics.com http://members.bet365.com https://extra.bet365.com 'nonce-4rSzznE9JGIdZg1mjegvP0Az5nPv2TYQ7stnA37DE8M=';font-src 'self' data: 'nonce-4rSzznE9JGIdZg1mjegvP0Az5nPv2TYQ7stnA37DE8M=';
Last-Modified: Wed, 01 Feb 2023 18:26:23 GMT
CF-Cache-Status: HIT
Age: 1502
Accept-Ranges: bytes
Server: cloudflare
CF-RAY: 792e43c2dc9b1c0e-OSL
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a2fed672c7c42fb5a80e96a228a512cf
3eb18a3ed253964070dbe37cda2a2e9570227959
0ddb2b09e146c541d8afaa5a9c974cda5b47eddeb0277fee72b38e0df84df50c
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "0DDB2B09E146C541D8AFAA5A9C974CDA5B47EDDEB0277FEE72B38E0DF84DF50C"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1396
Expires: Wed, 01 Feb 2023 23:16:58 GMT
Date: Wed, 01 Feb 2023 22:53:42 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 8925db7513b70f9d6786dd8086e1ac0b
bb7507b1614e8def621229472be79177cd3fdd89
444d6a69dcd10ae0d28d2fe8e4b18a7d438ad3d26d87cc67fd0267e0cce8e4e6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5831
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 22:53:42 GMT
Last-Modified: Wed, 01 Feb 2023 21:16:31 GMT
Server: ECS (amb/6BB9)
X-Cache: HIT
Content-Length: 280
www.bet365.com/olpc/olpc-scripts.js?v=KDTjkmVXa0zSSWIyyHmLFOBOjdyHlaqJQbhw88pHAIA1
5.226.179.10200 OK 7.8 kB URL HTTP/1.1 www.bet365.com/olpc/olpc-scripts.js?v=KDTjkmVXa0zSSWIyyHmLFOBOjdyHlaqJQbhw88pHAIA1
IP 5.226.179.10:0
ASN #209242 Cloudflare London, LLC
File type ASCII text, with very long lines (22529), with no line terminators
Hash 0f970d13f157c52f1f0e1eaa43d225c0
6e2bd108ccb272927e5f1ceef33697867862306f
5881568c0f146564710d8c30b9056ae1b2404d45e7cb09f9b455fedeabdcb821
GET /olpc/olpc-scripts.js?v=KDTjkmVXa0zSSWIyyHmLFOBOjdyHlaqJQbhw88pHAIA1 HTTP/1.1
Host: www.bet365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bet365.com/olpc/nn/143/0/1/open-account
Cookie: __cf_bm=XsDMIJN40EKXn._liCk5g7vK9KuIxFBr1bTXvDduY_k-1675292022-0-AU9APw1O+uGmktxTq1jCI82xzGZooHnWc4jqgJ4v7uQGTp4VfSO5l38evyo4dW17vVvXz/k/jjHyjoj0JaF03MY=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 22:53:42 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 7792
Connection: keep-alive
Cache-Control: public
Content-Encoding: gzip
Expires: Thu, 01 Feb 2024 18:25:48 GMT
Last-Modified: Wed, 01 Feb 2023 18:25:48 GMT
Vary: User-Agent,Accept-Encoding
CF-Cache-Status: HIT
Age: 1635
Accept-Ranges: bytes
Server: cloudflare
CF-RAY: 792e43c33ccdb50b-OSL
www.bet365.com/olpc/olpc-styles.css?v=ADHdDai99bBc7EkexwsG2Dy6MZFuXii0weu-ag9vIh01
5.226.179.10200 OK 125 kB URL HTTP/1.1 www.bet365.com/olpc/olpc-styles.css?v=ADHdDai99bBc7EkexwsG2Dy6MZFuXii0weu-ag9vIh01
IP 5.226.179.10:0
ASN #209242 Cloudflare London, LLC
File type Unicode text, UTF-8 text, with very long lines (335), with CRLF line terminators
Size 125 kB (124685 bytes)
Hash dd53b53b336bc4ed72b70391cdce8608
ef277ce9827cea6ac495e1628b6f123c91334745
2f4b5295a21a0883f6f1d490ead1f98e7516c077f48a758b5d12cce1a7ac44fe
GET /olpc/olpc-styles.css?v=ADHdDai99bBc7EkexwsG2Dy6MZFuXii0weu-ag9vIh01 HTTP/1.1
Host: www.bet365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bet365.com/olpc/nn/143/0/1/open-account
Cookie: __cf_bm=XsDMIJN40EKXn._liCk5g7vK9KuIxFBr1bTXvDduY_k-1675292022-0-AU9APw1O+uGmktxTq1jCI82xzGZooHnWc4jqgJ4v7uQGTp4VfSO5l38evyo4dW17vVvXz/k/jjHyjoj0JaF03MY=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 22:53:42 GMT
Content-Type: text/css; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public
Content-Encoding: gzip
Expires: Thu, 01 Feb 2024 18:25:48 GMT
Last-Modified: Wed, 01 Feb 2023 18:25:48 GMT
Vary: User-Agent,Accept-Encoding
CF-Cache-Status: HIT
Age: 1635
Server: cloudflare
CF-RAY: 792e43c34954fab4-OSL
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 83a19055b216be11a7ab51063c419c4c
2f15fcba2c86a6be7a935171981f9a37ae3aca07
b12bd9bc851edd51eb28bbda21ad53794b7a678a9fb05b12337589e983e8fa95
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5097
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 22:53:42 GMT
Last-Modified: Wed, 01 Feb 2023 21:28:45 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
www.bet365.com/olpc/Content/Fonts/FTN45__W.woff2
5.226.179.10200 OK 46 kB URL HTTP/1.1 www.bet365.com/olpc/Content/Fonts/FTN45__W.woff2
IP 5.226.179.10:0
ASN #209242 Cloudflare London, LLC
File type Web Open Font Format (Version 2), TrueType, length 45892, version 1.590\012- data
Hash e3596a29429736364ebfef73786a55ab
7bd9b6b18b0985c080d520610c0ab74a128d71bd
6e28311fc68644a88a32df782c7371991894bc6a6a81f8ff70f971b4470c3751
GET /olpc/Content/Fonts/FTN45__W.woff2 HTTP/1.1
Host: www.bet365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bet365.com/olpc/nn/143/0/1/open-account
Cookie: __cf_bm=XsDMIJN40EKXn._liCk5g7vK9KuIxFBr1bTXvDduY_k-1675292022-0-AU9APw1O+uGmktxTq1jCI82xzGZooHnWc4jqgJ4v7uQGTp4VfSO5l38evyo4dW17vVvXz/k/jjHyjoj0JaF03MY=
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 22:53:42 GMT
Content-Length: 45892
Connection: keep-alive
Last-Modified: Wed, 01 Feb 2023 22:25:51 GMT
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 792e43c30cc51c0e-OSL
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash af3f594a30bf08d1e9a92db7f23de281
15cc1ddfd214969dd7979cee7dcfcfde34f60145
b017ff16949bfa4c7e1852137db6c2d1c4cf42333c490d7ba877bd1104b02718
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1390
Cache-Control: max-age=130719
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 22:53:42 GMT
Etag: "63da43a7-1d7"
Expires: Fri, 03 Feb 2023 11:12:21 GMT
Last-Modified: Wed, 01 Feb 2023 10:49:11 GMT
Server: ECS (amb/6BB9)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 565e8f0d0c20c28b0afee1786610c078
bf31e15b08869746157a282263407e72c4174151
a5597c44629b1a2d0d7e5dd1a21da9d6091ba9a75c6c5d04f502022313aed304
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1949
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 22:53:42 GMT
Last-Modified: Wed, 01 Feb 2023 22:21:14 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash a3554bb75c1ef9dd23edc975ef8b0b49
ec7a3a01e84519e4665d4cb21b86e62b7b2bbc27
ed7295eb109f21c9fe8a60927713903b9a2e7254bdffa452111614b2844fb417
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 22:53:42 GMT
Server: ECS (amb/6B85)
Content-Length: 279
www.bet365.com/members/services/host/Scripts/js/ProductCommon_v1.js
5.226.179.10200 OK 3.6 kB URL HTTP/1.1 www.bet365.com/members/services/host/Scripts/js/ProductCommon_v1.js
IP 5.226.179.10:0
ASN #209242 Cloudflare London, LLC
File type ASCII text, with very long lines (9857), with no line terminators
Hash 8526418443f6bcfead67615247d3e38a
6935cb6ce3e37192afcd3d08ec3b2d9c18035d20
49fa8353e8973f41c38723a669bd3200fd658ba87d6c121eb45da4af631825aa
GET /members/services/host/Scripts/js/ProductCommon_v1.js HTTP/1.1
Host: www.bet365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bet365.com/olpc/nn/143/0/1/open-account
Cookie: __cf_bm=XsDMIJN40EKXn._liCk5g7vK9KuIxFBr1bTXvDduY_k-1675292022-0-AU9APw1O+uGmktxTq1jCI82xzGZooHnWc4jqgJ4v7uQGTp4VfSO5l38evyo4dW17vVvXz/k/jjHyjoj0JaF03MY=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 22:53:42 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
x-bet-hop: 1
Content-Encoding: gzip
Last-Modified: Wed, 01 Feb 2023 22:53:42 GMT
CF-Cache-Status: MISS
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 792e43c33963b503-OSL
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2751084b42dd111d0a7f28241a77201b
680a9ac2f4cf451c9a8449c4df3587595ed9cc4c
1c68a770afbcdb5405fe330f2eabefa576ea1d08740719956083d7f6b490ccf8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 22:53:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.bet365.com/members/services/host/Scripts/js/ProductCommon_v1.js?async
5.226.179.10200 OK 696 B URL HTTP/1.1 www.bet365.com/members/services/host/Scripts/js/ProductCommon_v1.js?async
IP 5.226.179.10:0
ASN #209242 Cloudflare London, LLC
File type ASCII text, with very long lines (989), with no line terminators
Hash 334178db29519be88c4b34711e1d2cfc
831719902634d3c87e0abea0a6165655345a9dac
a08e0ce8f995ca3acff436d4d111a6206bdb9584faaec1a2ed88a0af2d8b2c5b
GET /members/services/host/Scripts/js/ProductCommon_v1.js?async HTTP/1.1
Host: www.bet365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bet365.com/olpc/nn/143/0/1/open-account
Cookie: __cf_bm=XsDMIJN40EKXn._liCk5g7vK9KuIxFBr1bTXvDduY_k-1675292022-0-AU9APw1O+uGmktxTq1jCI82xzGZooHnWc4jqgJ4v7uQGTp4VfSO5l38evyo4dW17vVvXz/k/jjHyjoj0JaF03MY=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 22:53:42 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
x-bet-hop: 1
Content-Encoding: gzip
Last-Modified: Wed, 01 Feb 2023 22:53:42 GMT
CF-Cache-Status: MISS
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 792e43c34dcd0afe-OSL
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash c777675e41e9045ce88ced5783717ae7
4f86fa976ada60cd81fdad71213e80f47b3f4d9d
1df71004b318cee0b1c86ee9f76b8b4d25723d512af9a7443e69a4d69c6ef329
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2689
Cache-Control: max-age=117599
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 22:53:42 GMT
Etag: "63da0b54-116"
Expires: Fri, 03 Feb 2023 07:33:41 GMT
Last-Modified: Wed, 01 Feb 2023 06:48:52 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 278
ic.aff-handler.com/c/43177?sr=1845934
217.147.127.42302 Found 305 B URL HTTP/1.1 ic.aff-handler.com/c/43177?sr=1845934
IP 217.147.127.42:0
ASN #201071 Virtual Internet Services Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 7ab7eeb5d66fad70d6b995756fb8be37
222699da0521415ec77a9e7bd8abdac58b70713b
1fcfdbbdd297fa3d7b5ace2e495d3e032e07a14395cd069ef3ab2a926fde9cce
GET /c/43177?sr=1845934 HTTP/1.1
Host: ic.aff-handler.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: 0
Location: https://www.888sport.com/pt/spt/brazil-wel.htm?sr=1845934&mm_id=43177&utm_source=aff&utm_medium=casap&utm_content=100140589&utm_campaign=100140589_1845934_nodescription
Server:
X-AspNetMvc-Version: 4.0
Set-Cookie: uffiliate_click_43177_1845934_=uffiliate_click_43177_1845934_; expires=Fri, 03-Mar-2023 22:53:42 GMT; path=/; SameSite=None; Secure
srv: 1231321
Date: Wed, 01 Feb 2023 22:53:41 GMT
Content-Length: 305
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e566d61538cae2d9560d8ffafb0b78cd
8c0229becd587c85926c0d557569af0a9554defa
f67ebba7f0592cb02d6a77566dde066fea07731cfaea65119d61b116ad45761d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F67EBBA7F0592CB02D6A77566DDE066FEA07731CFAEA65119D61B116AD45761D"
Last-Modified: Tue, 31 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20491
Expires: Thu, 02 Feb 2023 04:35:13 GMT
Date: Wed, 01 Feb 2023 22:53:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a6b85058da5068b78bed68279448ccc0
eaa251f895f459e011f5daa5951b2f5415e17138
184df5857a11d03939dde9f961c16e94a07fc27c1332f0ff9d9d588722c8d7f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "184DF5857A11D03939DDE9F961C16E94A07FC27C1332F0FF9D9D588722C8D7F9"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17497
Expires: Thu, 02 Feb 2023 03:45:19 GMT
Date: Wed, 01 Feb 2023 22:53:42 GMT
Connection: keep-alive
www.bet365.com/members/services/host/Scripts/js/ProductCommon_v1.js?seed=AEDiGQ-GAQAAtDtK81Fz-6wCUSPjBuLXPRkYcCMy1CNShiiPGfku30o7UmAI&PIRXTcSdwp--z=q
5.226.179.10200 OK 177 kB URL HTTP/1.1 www.bet365.com/members/services/host/Scripts/js/ProductCommon_v1.js?seed=AEDiGQ-GAQAAtDtK81Fz-6wCUSPjBuLXPRkYcCMy1CNShiiPGfku30o7UmAI&PIRXTcSdwp--z=q
IP 5.226.179.10:0
ASN #209242 Cloudflare London, LLC
File type ASCII text, with very long lines (65536), with no line terminators
Size 177 kB (176669 bytes)
Hash d6f4a5ec8abc4cc14009eae410dd914f
881dbe39f3245beb02409203d4c6dd58113fb273
c11c99141a9af9668ca5fe5d23efbdb4739309edca04658235970df1a9c13372
GET /members/services/host/Scripts/js/ProductCommon_v1.js?seed=AEDiGQ-GAQAAtDtK81Fz-6wCUSPjBuLXPRkYcCMy1CNShiiPGfku30o7UmAI&PIRXTcSdwp--z=q HTTP/1.1
Host: www.bet365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bet365.com/olpc/nn/143/0/1/open-account
Cookie: __cf_bm=XsDMIJN40EKXn._liCk5g7vK9KuIxFBr1bTXvDduY_k-1675292022-0-AU9APw1O+uGmktxTq1jCI82xzGZooHnWc4jqgJ4v7uQGTp4VfSO5l38evyo4dW17vVvXz/k/jjHyjoj0JaF03MY=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 22:53:42 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=3600, immutable
x-bet-hop: 1
Content-Encoding: gzip
Last-Modified: Wed, 01 Feb 2023 22:30:00 GMT
CF-Cache-Status: HIT
Age: 1421
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 792e43c3c990fab4-OSL
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash bcf0d08696f0b95efdfd10ace5854a75
35a0bcf63a07a142791f160e1778da90d023b0d9
4683a6ab4a1f5eea072e542a2a182b3c08ac8836a775600c3d9b7decffb65c45
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1958
Cache-Control: max-age=89899
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 22:53:42 GMT
Etag: "63d9a1fb-117"
Expires: Thu, 02 Feb 2023 23:52:01 GMT
Last-Modified: Tue, 31 Jan 2023 23:19:23 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 279
www.googletagmanager.com/gtm.js?id=GTM-T2BKDHM
142.250.74.168200 OK 40 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-T2BKDHM
IP 142.250.74.168:0
File type ASCII text, with very long lines (1759)
Hash 681ca3b49c7708e978782b6ac0951f22
c0898e75b7e5f6d9f652f1cd2df2f9d577214a51
98a3f20d86f7c68660ec074fefd7b249cc1de228be070b0836a94dd38ec54cd0
GET /gtm.js?id=GTM-T2BKDHM HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bet365.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 01 Feb 2023 22:53:42 GMT
expires: Wed, 01 Feb 2023 22:53:42 GMT
cache-control: private, max-age=900
last-modified: Wed, 01 Feb 2023 22:31:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 40066
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash a4337e2ef15874b2b33460a47a7549b0
bf8c0663b704353b8a8434ce2d349bf3cdcc47ad
27546788ed2b01584b78fa934e36b67dbeab557eb2fec8f18cfc2f2f0d31d213
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 22:53:42 GMT
Etag: "63da6f26-117"
Server: ECS (amb/6B85)
Content-Length: 279
content001.bet365.com/SportsContent/Global/Footer/SPORTSX2-18.png
5.226.179.10200 OK 4.4 kB URL HTTP/1.1 content001.bet365.com/SportsContent/Global/Footer/SPORTSX2-18.png
IP 5.226.179.10:0
ASN #209242 Cloudflare London, LLC
File type PNG image data, 65 x 65, 8-bit/color RGBA, non-interlaced\012- data
Hash 097b1799e6f2ab026f137f91b4627384
fd6a5222f5743cccc954a311b6d30b4125179244
5af616c5e6ad0d97aa233ed4644776ca94de0cfb1a653844d8a5d9ee46e756af
GET /SportsContent/Global/Footer/SPORTSX2-18.png HTTP/1.1
Host: content001.bet365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bet365.com/
Cookie: __cf_bm=XsDMIJN40EKXn._liCk5g7vK9KuIxFBr1bTXvDduY_k-1675292022-0-AU9APw1O+uGmktxTq1jCI82xzGZooHnWc4jqgJ4v7uQGTp4VfSO5l38evyo4dW17vVvXz/k/jjHyjoj0JaF03MY=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 22:53:42 GMT
Content-Type: image/png
Content-Length: 4400
Connection: keep-alive
Last-Modified: Fri, 20 Mar 2015 09:13:01 GMT
Timing-Allow-Origin: *
CF-Cache-Status: HIT
Expires: Mon, 06 Feb 2023 22:53:42 GMT
Cache-Control: public, max-age=432000
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 792e43c3ffa40b61-OSL
members.bet365.com/Members/Helpers/DefaultAff.aspx?affiliate=365_01175261
5.226.179.10200 OK 177 B URL HTTP/1.1 members.bet365.com/Members/Helpers/DefaultAff.aspx?affiliate=365_01175261
IP 5.226.179.10:0
ASN #209242 Cloudflare London, LLC
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 475774a26d4f30240a3534bcbd2fd161
9fd7b986673786b4fc80943b330bd1c03256049e
f7541d6ca43b4da74a89ec05885dceabf1a4af132d36326cf7974a47c904c811
GET /Members/Helpers/DefaultAff.aspx?affiliate=365_01175261 HTTP/1.1
Host: members.bet365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bet365.com/
Cookie: __cf_bm=XsDMIJN40EKXn._liCk5g7vK9KuIxFBr1bTXvDduY_k-1675292022-0-AU9APw1O+uGmktxTq1jCI82xzGZooHnWc4jqgJ4v7uQGTp4VfSO5l38evyo4dW17vVvXz/k/jjHyjoj0JaF03MY=
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 22:53:42 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 177
Connection: keep-alive
Cache-Control: private
Content-Encoding: gzip
Vary: Accept-Encoding
ME-Redirect: PQB
Set-Cookie: Affiliates=Code=365_01175261&prd=Sports; domain=.bet365.com; expires=Sat, 18-Mar-2023 22:53:42 GMT; path=/; secure
session=processform=0; path=/; secure
pstk=E207D029FB8F8432869FAF1E6DBE85DC000003; domain=.bet365.com; path=/; secure
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 792e43c39aa2b515-OSL
brazpromo.com/promo/click/620633f29fd70
45.148.37.221302 Found 0 B URL HTTP/1.1 brazpromo.com/promo/click/620633f29fd70
IP 45.148.37.221:0
ASN #208685 Serverius Holding B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /promo/click/620633f29fd70 HTTP/1.1
Host: brazpromo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
Date: Wed, 01 Feb 2023 22:53:42 GMT
Location: https://brazino777.online/?b7pm=620633f29fd70&ambp=
Referrer-Policy: same-origin
Set-Cookie: __Host-SWAFS=eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJfIjoiYnJhenByb21vLmNvbTkxLjkwLjQyLjE1NCJ9.ZDjYFvYZxKUILrfNkwyaoGB08xcqbaPDMkFduOzW5IB2ZVDJBddC_Pnc27evdhIMWpb7HJkTdwhNcxLCocsL6w; Path=/; Expires=Thu, 02 Feb 2023 22:53:42 GMT; HttpOnly; Secure; SameSite=Strict
__Secure-XWAFLB=461e247662dc5084a2d06b00969314f8; Path=/; Expires=Wed, 01 Feb 2023 23:08:42 GMT; HttpOnly; Secure; SameSite=Lax
language=926f8a8c972cd75f94899efbe6d499a8d22a552b%7Een; expires=Wed, 08-Feb-2023 22:53:42 GMT; Max-Age=604800; path=/
dc60caeaf05919ee5f64ad5274f274bd=ce362babdae652a66f918751356c5ed2a0550ab3%7E3; expires=Thu, 01-Feb-2024 22:53:42 GMT; Max-Age=31536000; path=/
session=be7e7df6b073432b8fad3cf1e58c1fbc647c49c9%7E63daed7666c921-97178546; expires=Wed, 08-Feb-2023 22:53:42 GMT; Max-Age=604800; path=/
X-Content-Type-Options: nosniff
X-Waf-Req-Id: 09043a1c-2eef-4721-94eb-f4ca9f5f226d-322023
Content-Length: 0
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5baab6af95646e0008ceaf8065f2edfa
90f14fee4bb5d9013b6dd86aa87948c71344f507
6794a036fc2d5f1e2d64869c1bb1a104a2060ac52f7d0ab28109b15ad80d69f5
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "6794A036FC2D5F1E2D64869C1BB1A104A2060AC52F7D0AB28109B15AD80D69F5"
Last-Modified: Mon, 30 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10531
Expires: Thu, 02 Feb 2023 01:49:13 GMT
Date: Wed, 01 Feb 2023 22:53:42 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash af3f594a30bf08d1e9a92db7f23de281
15cc1ddfd214969dd7979cee7dcfcfde34f60145
b017ff16949bfa4c7e1852137db6c2d1c4cf42333c490d7ba877bd1104b02718
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1390
Cache-Control: max-age=130719
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 22:53:42 GMT
Etag: "63da43a7-1d7"
Expires: Fri, 03 Feb 2023 11:12:21 GMT
Last-Modified: Wed, 01 Feb 2023 10:49:11 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
content001.bet365.com/SportsContent/Global/Footer/MGALICENSED.png
5.226.179.10200 OK 2.0 kB URL HTTP/1.1 content001.bet365.com/SportsContent/Global/Footer/MGALICENSED.png
IP 5.226.179.10:0
ASN #209242 Cloudflare London, LLC
File type PNG image data, 88 x 44, 8-bit/color RGBA, non-interlaced\012- data
Hash d8cb8a91c78942815c69aaeea7c79162
0a36fd477b2c7d88bb67d95e806bf5838d1b39cd
057c251de5bc8825df293db443b8c9a99e01f856abe658c741a89c86b6bfa2e1
GET /SportsContent/Global/Footer/MGALICENSED.png HTTP/1.1
Host: content001.bet365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bet365.com/
Cookie: __cf_bm=XsDMIJN40EKXn._liCk5g7vK9KuIxFBr1bTXvDduY_k-1675292022-0-AU9APw1O+uGmktxTq1jCI82xzGZooHnWc4jqgJ4v7uQGTp4VfSO5l38evyo4dW17vVvXz/k/jjHyjoj0JaF03MY=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 22:53:42 GMT
Content-Type: image/png
Content-Length: 1979
Connection: keep-alive
Last-Modified: Wed, 10 Jul 2019 13:20:52 GMT
Timing-Allow-Origin: *
CF-Cache-Status: HIT
Expires: Mon, 06 Feb 2023 22:53:42 GMT
Cache-Control: public, max-age=432000
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 792e43c45d6ab4eb-OSL
content001.bet365.com/SportsContent/Global/Footer/GordonMoody/GordonMoody-GT-x2_Grey99.png
5.226.179.10200 OK 5.3 kB URL HTTP/1.1 content001.bet365.com/SportsContent/Global/Footer/GordonMoody/GordonMoody-GT-x2_Grey99.png
IP 5.226.179.10:0
ASN #209242 Cloudflare London, LLC
File type PNG image data, 188 x 60, 8-bit gray+alpha, non-interlaced\012- data
Hash 40ed9c8ae714b944f87008ab90bb071d
32bbf71529809e6ea3521c5636838a76c7488fae
b163877ec48382be73ffdf62c6a5dc5ded37443856dde414e591dfe85b61f070
GET /SportsContent/Global/Footer/GordonMoody/GordonMoody-GT-x2_Grey99.png HTTP/1.1
Host: content001.bet365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bet365.com/
Cookie: __cf_bm=XsDMIJN40EKXn._liCk5g7vK9KuIxFBr1bTXvDduY_k-1675292022-0-AU9APw1O+uGmktxTq1jCI82xzGZooHnWc4jqgJ4v7uQGTp4VfSO5l38evyo4dW17vVvXz/k/jjHyjoj0JaF03MY=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 22:53:42 GMT
Content-Type: image/png
Content-Length: 5324
Connection: keep-alive
Last-Modified: Mon, 11 Oct 2021 13:13:24 GMT
Timing-Allow-Origin: *
CF-Cache-Status: HIT
Expires: Mon, 06 Feb 2023 22:53:42 GMT
Cache-Control: public, max-age=432000
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 792e43c45fe70b61-OSL
gml-grp.com/C.ashx?btag=a_9862b_619c_&affid=2566&siteid=9862&adid=619&c=PU_BR_PA_DT_VOLD_BETANO&AutoR=1
188.114.96.1302 Found 234 B URL HTTP/2 gml-grp.com/C.ashx?btag=a_9862b_619c_&affid=2566&siteid=9862&adid=619&c=PU_BR_PA_DT_VOLD_BETANO&AutoR=1
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash ab07ac3222727d88d97b4e17b770ca69
706a688ec570aa4f46526f7137e1126a94d23c86
b848e88f5616f41c4b33c399abf1247c03aeb0d49d71ca72c361534825c16368
GET /C.ashx?btag=a_9862b_619c_&affid=2566&siteid=9862&adid=619&c=PU_BR_PA_DT_VOLD_BETANO&AutoR=1 HTTP/1.1
Host: gml-grp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: CEK=a
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Wed, 01 Feb 2023 22:53:42 GMT
content-type: text/html; charset=utf-8
location: https://br.betano.com/?btag=a_9862b_619c_PU_BR_PA_DT_VOLD_BETANO&utm_medium=2566&utm_source=1&siteid=9862
cache-control: private
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
x-aspnet-version: 4.0.30319
set-cookie: XYZ=3&1&148&&&&0&1&&da19d4ea-dbb6-4930-a332-e6bf50aee92e&&a_9862b_619&; expires=Tue, 02-May-2023 22:53:42 GMT; path=/; SameSite=None; Secure
A_619=a=619&r=0&fv=0&lv=0&vc=0&fc=20230201&lc=20230201105342&cc=1; expires=Tue, 02-May-2023 22:53:42 GMT; path=/; SameSite=None; Secure
PM_20=c=PU_BR_PA_DT_VOLD_BETANO&s=9862&ad=619&md=0&pm=20&d=20230201225342&ip=2728320550&r=0&ref=&RedirectParams=btag%3da_9862b_619c_PU_BR_PA_DT_VOLD_BETANO%26utm_medium%3d2566%26utm_source%3d1%26siteid%3d9862; expires=Tue, 02-May-2023 22:53:42 GMT; path=/; SameSite=None; Secure
CEK=a; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; SameSite=None; Secure
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FgtS8tzhZnwh9rS1CH%2Bqyr8q2dmk%2BEK3Zxr0Xs43%2BzDLHuijpQs1rCNXFHrgaYTO5nrbgS6QYcRzvGICokPs%2FpOCXJMVzjFMwzMQTc1lybFUVI%2B7h4NtYku%2BcmCUhg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792e43c32a6ab524-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
content001.bet365.com/SportsContent/Global/Footer/SPORTSX1-ESSA_2.png
5.226.179.10200 OK 6.4 kB URL HTTP/1.1 content001.bet365.com/SportsContent/Global/Footer/SPORTSX1-ESSA_2.png
IP 5.226.179.10:0
ASN #209242 Cloudflare London, LLC
File type PNG image data, 162 x 35, 8-bit/color RGBA, non-interlaced\012- data
Hash 1b8c19b189cccdda7105465a474c9b4d
6ef1cecd283f484606c987259e06a22ff3aff7ae
101ca051649af6826119108f51311f70b4d58e94242c8877a2b8a9247b90f54f
GET /SportsContent/Global/Footer/SPORTSX1-ESSA_2.png HTTP/1.1
Host: content001.bet365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bet365.com/
Cookie: __cf_bm=XsDMIJN40EKXn._liCk5g7vK9KuIxFBr1bTXvDduY_k-1675292022-0-AU9APw1O+uGmktxTq1jCI82xzGZooHnWc4jqgJ4v7uQGTp4VfSO5l38evyo4dW17vVvXz/k/jjHyjoj0JaF03MY=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 22:53:42 GMT
Content-Type: image/png
Content-Length: 6386
Connection: keep-alive
Last-Modified: Tue, 04 Jun 2019 13:21:41 GMT
Timing-Allow-Origin: *
CF-Cache-Status: HIT
Expires: Mon, 06 Feb 2023 22:53:42 GMT
Cache-Control: public, max-age=432000
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 792e43c45da8b4ee-OSL
content001.bet365.com/SportsContent/Global/Footer/eCogra-Horizontal2x.png
5.226.179.10200 OK 1.7 kB URL HTTP/1.1 content001.bet365.com/SportsContent/Global/Footer/eCogra-Horizontal2x.png
IP 5.226.179.10:0
ASN #209242 Cloudflare London, LLC
File type PNG image data, 206 x 48, 8-bit colormap, non-interlaced\012- data
Hash 9c970e4a7854f871873d7b1401701536
2236689845834104a586507057840c7229c7353c
d0438c85b7b5f9c21ac9a1975ccd12464f5f8cbf15d3353ee700e2617f913349
GET /SportsContent/Global/Footer/eCogra-Horizontal2x.png HTTP/1.1
Host: content001.bet365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bet365.com/
Cookie: __cf_bm=XsDMIJN40EKXn._liCk5g7vK9KuIxFBr1bTXvDduY_k-1675292022-0-AU9APw1O+uGmktxTq1jCI82xzGZooHnWc4jqgJ4v7uQGTp4VfSO5l38evyo4dW17vVvXz/k/jjHyjoj0JaF03MY=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 22:53:42 GMT
Content-Type: image/png
Content-Length: 1671
Connection: keep-alive
Last-Modified: Wed, 11 Aug 2021 10:23:12 GMT
Timing-Allow-Origin: *
CF-Cache-Status: HIT
Expires: Mon, 06 Feb 2023 22:53:42 GMT
Cache-Control: public, max-age=432000
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 792e43c46bb8b50f-OSL
www.br.betboo.com/pt-br/mobileportal/register?productId=SPORTSBOOK&trid=in13741
104.17.133.181302 Found 660 B URL HTTP/2 www.br.betboo.com/pt-br/mobileportal/register?productId=SPORTSBOOK&trid=in13741
IP 104.17.133.181:0
Hash e79b2355da4be81b8d15217ef97731da
70bd2bbea305bd68af4326a311b60df38fd8fd6e
d36ead1363004d5970c39c4d5dbe2f5e433d1afdf4b31fc7f1501bb0723b48be
GET /pt-br/mobileportal/register?productId=SPORTSBOOK&trid=in13741 HTTP/1.1
Host: www.br.betboo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 01 Feb 2023 22:53:42 GMT
content-type: text/html; charset=utf-8
location: https://help.br.betboo.com/closed?productId=SPORTSBOOK&trid=in13741
cache-control: private
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
accept-language: en-US,en;q=0.5
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
x-forwarded-for: 91.90.42.154, 172.68.51.87
x-forwarded-proto: https
cf-visitor: {"scheme":"https"}
upgrade-insecure-requests: 1
sec-fetch-dest: iframe
sec-fetch-mode: navigate
sec-fetch-site: cross-site
cf-connecting-ip: 91.90.42.154
true-client-ip: 91.90.42.154
cdn-loop: cloudflare
x-redirect-source: Redirex
cf-cache-status: DYNAMIC
set-cookie: redirex-original=http://www.br.betboo.com:80/pt-br/mobileportal/register?productId=SPORTSBOOK&trid=in13741;Ip=91.90.42.154;Path=/;Domain=.betboo.com;Expires=Wed, 01-Feb-2023 22:58:42 GMT;secure;HttpOnly
__cf_bm=vxBB_a1T1v8TLRnJwD8_gTYTrbsEnxl.bbaMrqHJSZM-1675292022-0-AQKWsu4aEn0b0pODnnVAM9cWxAJ8YM4g9C3m/XO1ZTGqgwUX6qU9aa5dlrfWPbDWi3tGiWHBKfQiX5USt+ru2sY=; path=/; expires=Wed, 01-Feb-23 23:23:42 GMT; domain=.betboo.com; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=2592000
server: cloudflare
cf-ray: 792e43c2ed610b4d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
media.betwarrior.bet/redirect.aspx?pid=9275&bid=2636
23.36.79.16307 Temporary Redirect 0 B URL HTTP/2 media.betwarrior.bet/redirect.aspx?pid=9275&bid=2636
IP 23.36.79.16:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect.aspx?pid=9275&bid=2636 HTTP/1.1
Host: media.betwarrior.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
content-type: text/html
content-length: 0
location: https://promo.betwarrior.bet/pt/welcome-offer-sports/?utm_source=netrefer&utm_medium=affiliates&utm_campaign=sports&btag=655952_81C3A6657D644A65816584356BCA7996
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
expires: Wed, 01 Feb 2023 22:53:42 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 01 Feb 2023 22:53:42 GMT
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a9275%2c%22BID%22%3a2636%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675292022487)%5c%2f%22%2c%22CookieTag%22%3a%2226369275451240919C2023212253%22%7d%5d; SameSite=None;; domain=.betwarrior.bet; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2236531253%7c1%22%7d%5d; domain=.betwarrior.bet; expires=Fri, 01-Feb-3022 22:53:42 GMT; path=/; secure; SameSite=Strict
server-timing: cdn-cache; desc=MISS, edge; dur=61, origin; dur=55
X-Firefox-Spdy: h2
content001.bet365.com/SportsContent/Global/Footer/bet365%20grey%20footer%20logo.png
5.226.179.10200 OK 7.9 kB URL HTTP/1.1 content001.bet365.com/SportsContent/Global/Footer/bet365%20grey%20footer%20logo.png
IP 5.226.179.10:0
ASN #209242 Cloudflare London, LLC
File type PNG image data, 255 x 53, 8-bit/color RGBA, non-interlaced\012- data
Hash 51325bd6f5ada6b0eba71b19dda89dd7
4c67ca4f77680cd5acdcf04cac6b9a673e5ccc70
6ad4d67eed235fafc8ddfab188fa2e968ba4345718c8338bd7f4fbfafa6f8a2b
GET /SportsContent/Global/Footer/bet365%20grey%20footer%20logo.png HTTP/1.1
Host: content001.bet365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bet365.com/
Cookie: __cf_bm=XsDMIJN40EKXn._liCk5g7vK9KuIxFBr1bTXvDduY_k-1675292022-0-AU9APw1O+uGmktxTq1jCI82xzGZooHnWc4jqgJ4v7uQGTp4VfSO5l38evyo4dW17vVvXz/k/jjHyjoj0JaF03MY=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 22:53:42 GMT
Content-Type: image/png
Content-Length: 7868
Connection: keep-alive
Last-Modified: Thu, 11 Jun 2015 14:13:32 GMT
Timing-Allow-Origin: *
CF-Cache-Status: HIT
Expires: Mon, 06 Feb 2023 22:53:42 GMT
Cache-Control: public, max-age=432000
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 792e43c49bb8fabc-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 855e4542d1ad24b6d8420f85474d2ed7
3cfe0b4c17f9c3c9aea702250f1642269aed8afc
c1e877c2f6d896a9e27e5925baf3ca2100490ec9cb1e297c7d62deb327dbd5df
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C1E877C2F6D896A9E27E5925BAF3CA2100490EC9CB1E297C7D62DEB327DBD5DF"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17602
Expires: Thu, 02 Feb 2023 03:47:04 GMT
Date: Wed, 01 Feb 2023 22:53:42 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 7a84d9507dd8dd1b4419668234ed8963
5898f763ab481214cc5bb034e54ede4c847f55e7
1f8e66263816054e52338ca846cfa597246da9be324c4425c0a5a6b41680ee33
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4545
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 22:53:42 GMT
Last-Modified: Wed, 01 Feb 2023 21:37:57 GMT
Server: ECS (amb/6B95)
X-Cache: HIT
Content-Length: 279
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 52a5cd393eb9fd86008e3344a2e30622
6326996c6d84739dbebca9563875ce5a4705a737
b56c10c24fe434ce77a1af29e085a183be8e8323e5fff9ec5c4e58d8fcf976b7
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=130212
Date: Wed, 01 Feb 2023 22:53:42 GMT
Etag: "63da40aa-1d7"
Expires: Fri, 03 Feb 2023 11:03:54 GMT
Last-Modified: Wed, 01 Feb 2023 10:36:26 GMT
Server: ECS (bsa/EB1B)
X-Cache: Miss from cloudfront
Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: rISD_E2rnzrnhNiNxqBbf0vCDReVXM4x_48s_bD2jimwEh0fTiwe9g==
Age: 1649
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 74cdb739b0155f9deccbbc334a2be050
fb451169aa1c80028a115f86decfda9ebbb4d548
6586dda034a3b6dac63e065989e9e1b1cdcb13bbc177aae4b2cb0a55597afbb4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6417
Cache-Control: max-age=101555
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 22:53:42 GMT
Etag: "63d9be19-1d7"
Expires: Fri, 03 Feb 2023 03:06:17 GMT
Last-Modified: Wed, 01 Feb 2023 01:19:21 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
megapari.com//registration/?tag=d_2032927m_25437c_
83.147.204.197301 Moved Permanently 0 B URL HTTP/2 megapari.com//registration/?tag=d_2032927m_25437c_
IP 83.147.204.197:0
ASN #202492 Silverhill Group Holding Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET //registration/?tag=d_2032927m_25437c_ HTTP/1.1
Host: megapari.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 01 Feb 2023 22:53:42 GMT
content-type: text/html; charset=utf-8
content-length: 0
x-frame-options: SAMEORIGIN
set-cookie: SESSION=99658a9a9c4d0475bf39d9a379d79b15; path=/; secure; HttpOnly; SameSite=Lax
ua=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
auid=U5PMxWPa7XY6jFmCA5uTAg==; path=/; secure; httponly; samesite=lax
location: /registration/?tag=d_2032927m_25437c_
x-reason: 100
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/jIkIsUPfARQ
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/jIkIsUPfARQ
IP 142.250.74.131:0
Hash 7ff89dc6cb810578ed70054a440f4a86
f784e25e6cc9d50123e04876b27bd0af9415b5a3
56a0649880cb8e40d55521c3d1389319bdecb60ff484dbd5fec879135b4220b1
POST /s/gts1p5/jIkIsUPfARQ HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 22:53:42 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.platincasino.com/br/lp/sports?ma_token=SOHTTO7ymOHT-sdKsiU4EGNd7ZgqdRLk&ma_affiliate_id=2541
23.36.79.11301 Moved Permanently 162 B URL HTTP/2 www.platincasino.com/br/lp/sports?ma_token=SOHTTO7ymOHT-sdKsiU4EGNd7ZgqdRLk&ma_affiliate_id=2541
IP 23.36.79.11:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /br/lp/sports?ma_token=SOHTTO7ymOHT-sdKsiU4EGNd7ZgqdRLk&ma_affiliate_id=2541 HTTP/1.1
Host: www.platincasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
content-type: text/html
content-length: 162
location: https://www.platincasino.com/br/lp/sports
expires: Wed, 01 Feb 2023 22:53:42 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 01 Feb 2023 22:53:42 GMT
set-cookie: ma_affiliate_id=2541;domain=www.platincasino.com;path=/;max-age=31536000;expires=Fri, 01-Jan-2100 00:00:00 GMT
ma_token=SOHTTO7ymOHT-sdKsiU4EGNd7ZgqdRLk;domain=www.platincasino.com;path=/;max-age=31536000;expires=Fri, 01-Jan-2100 00:00:00 GMT
b1pi=!qc62cB7JQalTmRx81GQs2bd/OrbFP8sFWEYUiiPzai4b+xWjH3xym1vFtR16jgAERNfP0tHNq+fUIcA=; path=/; Httponly; Secure
ak_bmsc=10109132BB84A26AAA0E0F6FFCC0D84D~000000000000000000000000000000~YAAQB08kF/xTFcWFAQAAw5cvDxJy0LUm+OSNaS1KRECOLLVXzGrer4dIXG6M+h9/21Lsbd6+6CEv+QhHjen9eCYTRprrqAx2qc/KjR/+KPE52Ys/1+DTUmXhnqMaDDpFPRqybmQZBeuTKG465QGqYf3pqmrFUnez5YUZP5/ZnmojC8/F6Ow/6+DzC5MPt4HKJnjhIzQEnmdKboiWtKMTQs6KKFgw0LwR7LA1nlXpFS6PllYc9H0fen/Xegi3xa55V86kcb0uWJUX6K5/w9ZAxuGFdCtX14SdmEZs3hws527nPLQPi0RcO5inJeHblRd1HHQpPslpfvz9MYR5zzmTkW1PHSOB++ULiK96tj362kKwN0vtAlhw+YkGa0Dnwc/ckD2+t7oz9U7D1oXMA1CH; Domain=.platincasino.com; Path=/; Expires=Thu, 02 Feb 2023 00:53:42 GMT; Max-Age=7200; HttpOnly
X-Firefox-Spdy: h2
www.platincasino.com/br/lp/sports
23.36.79.11301 Moved Permanently 430 B URL HTTP/2 www.platincasino.com/br/lp/sports
IP 23.36.79.11:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 0a3f0a4db788f26441d9bedf96509934
8841f8167c5f36cbb1951e590bdcba2b63644605
b10737dc87673f953d5f5656f89ceb5800167268f5c0cb6c9ccd909a080c30f4
GET /br/lp/sports HTTP/1.1
Host: www.platincasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
content-type: text/html; charset=UTF-8
location: https://www.platincasino.com/br/lp/sports.html
cache-tag: html
x-frame-options: SAMEORIGIN
content-length: 430
expires: Wed, 01 Feb 2023 22:53:42 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 01 Feb 2023 22:53:42 GMT
set-cookie: ak_bmsc=6B09046AE7EB2EE394B5B7A5A907EC1D~000000000000000000000000000000~YAAQB08kF/1TFcWFAQAA0ZcvDxKzjmC7NqcKwJT6OgB6UMVf5mYVRAwWj9pGXg0Bg3+BIyN7ebdKKKVCIDBAJkW5hv0ZLUh8Po7b5i9Cwz1vir5y9COiu7nsNR65d1eGgwX7Sa2skIZ+aZ4wkwYoX+6DRiFXQmHia5+1L58nOlZUOZQDvcF+o6/M4u9O4der1RcQxpMWWtf30uqZVyABu8wE4Sj1zYCqlpIMqq+n+k3atQ1E2Iy8Gh74GquUkS1Hj3g6Sp6YvRYeBiMn5kSHYgo1TdTywvqx/+PPcMTY8o6keBQE1KWy/CJyeqRvCqSHp14VNw7BQ96BkhVEdpRyc6ylNEYvtvWrTDcKtKPyrEbBQwCdGsPOS1IP3aetKSYpW+099VeGCr9uMr0oIrtP; Domain=.platincasino.com; Path=/; Expires=Thu, 02 Feb 2023 00:53:42 GMT; Max-Age=7200; HttpOnly
X-Firefox-Spdy: h2
www.bet365.com/olpc/nn/143/0/1/cookieconsentajax?
5.226.179.10200 OK 1.4 kB URL HTTP/1.1 www.bet365.com/olpc/nn/143/0/1/cookieconsentajax?
IP 5.226.179.10:0
ASN #209242 Cloudflare London, LLC
File type Unicode text, UTF-8 text, with very long lines (489), with CRLF, LF line terminators
Hash 41bc7a3cb016ed2e39c03d0cc8be6b42
b18485bc2f7d8bb65434447040e3b6a7125a0509
6b68a474dc9ab3d547c5584d6a1de4360570147384669553d528ee80495e9f57
POST /olpc/nn/143/0/1/cookieconsentajax? HTTP/1.1
Host: www.bet365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.bet365.com
Connection: keep-alive
Referer: https://www.bet365.com/olpc/nn/143/0/1/open-account
Cookie: __cf_bm=XsDMIJN40EKXn._liCk5g7vK9KuIxFBr1bTXvDduY_k-1675292022-0-AU9APw1O+uGmktxTq1jCI82xzGZooHnWc4jqgJ4v7uQGTp4VfSO5l38evyo4dW17vVvXz/k/jjHyjoj0JaF03MY=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 22:53:42 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 1362
Connection: keep-alive
Cache-Control: private
Content-Encoding: gzip
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 792e43c5ca7ffab4-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 29c737453cf834ed76e9c4a59e482b5f
4d2ec3a55266b4af1749ff71614d67ac34a222f4
460df88423c623e7f0a70eea62a7e2bafd74e3c04f8ba1b6d7caa5b69048b840
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "460DF88423C623E7F0A70EEA62A7E2BAFD74E3C04F8BA1B6D7CAA5B69048B840"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 02 Feb 2023 04:53:42 GMT
Date: Wed, 01 Feb 2023 22:53:42 GMT
Connection: keep-alive
www.platincasino.com/br/lp/sports.html
23.36.79.11302 Found 0 B URL HTTP/2 www.platincasino.com/br/lp/sports.html
IP 23.36.79.11:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /br/lp/sports.html HTTP/1.1
Host: www.platincasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
location: https://www.platincasino.com/no/lp/sports.html
content-length: 0
expires: Wed, 01 Feb 2023 22:53:42 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 01 Feb 2023 22:53:42 GMT
set-cookie: PHPSESSID=oe44oq3hct673rq9bfp8rtd4mm; path=/; secure; HttpOnly; SameSite=lax
b1pi=!oj8oaFcTELddWVV81GQs2bd/OrbFP2J6ruBIVA6Z75+nj9wDqZp7p5CE7NM1gQ6acR/zHofcRGaQ0Kg=; path=/; Httponly; Secure
ak_bmsc=BD280B7366641DE27D2CE7007C18988D~000000000000000000000000000000~YAAQB08kF/5TFcWFAQAALJgvDxLAPQwdcLqzanXZhjx7QpYhwywoQ9hywyY8RA/AdHOrjLpLU2uilwzzkZpQFpPZZeoilZctH0Kjo2ZFLlFgu6oGaVUNbqnfE/ZyL5pRkjgE12bIlflBYinOc+COAjMTxD5qODp8BeKfraCF5m9g+C/4IarUxv+QKkzrlFnKahuaVmOgyyV3okQ5kKcLB/jtX5W0cWcRs1f7+oRITe7d/q9UNmhedHJWAxkKI822BH9YIM6ojdzgsxTKBtAtoMDnw4HAdWwvapGxvda1a7XTJ2jjz19aLiEGOlUchSJN115YgWRhSht6MLcnGBIJhvyjlp0Qj6kkKtdJ4V0sYz1GHGLcFBwok5DaGso+7bI34ZzbCF1kXWKiU428W17v; Domain=.platincasino.com; Path=/; Expires=Thu, 02 Feb 2023 00:53:42 GMT; Max-Age=7200; HttpOnly
X-Firefox-Spdy: h2
brazino777.online/?b7pm=620633f29fd70&ambp=
45.148.37.160301 Moved Permanently 162 B URL HTTP/1.1 brazino777.online/?b7pm=620633f29fd70&ambp=
IP 45.148.37.160:0
ASN #208685 Serverius Holding B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /?b7pm=620633f29fd70&ambp= HTTP/1.1
Host: brazino777.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
Date: Wed, 01 Feb 2023 22:53:42 GMT
Location: https://brazino777.com/?b7pm=620633f29fd70&ambp=
Referrer-Policy: same-origin
Set-Cookie: __Host-SWAFS=eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJfIjoiYnJhemlubzc3Ny5vbmxpbmU5MS45MC40Mi4xNTQifQ.Rfol8wm9J8FMnvHSSgALD2BQ04tajLtC6dKIy7Obaed-ineWBTE7JCFlz2rWhnbB60jbgPABGpn7sPUzZEGKMw; Path=/; Expires=Thu, 02 Feb 2023 22:53:42 GMT; HttpOnly; Secure; SameSite=Strict
__Secure-XWAFLB=dcb83ed6497d11cb969f2421d22c8d3c; Path=/; Expires=Wed, 01 Feb 2023 23:08:42 GMT; HttpOnly; Secure; SameSite=Lax
X-Content-Type-Options: nosniff
X-Waf-Req-Id: 566337e9-c20f-477e-8fdf-2f8284f44b02-322023
Content-Length: 162
br.betano.com/myaccount/ban/country-341629?alt=true
104.17.85.89200 OK 5.1 kB URL HTTP/2 br.betano.com/myaccount/ban/country-341629?alt=true
IP 104.17.85.89:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1417), with CRLF line terminators
Hash 5f838163d6e6cc445676579bf22417d1
1759d7b030ac8e0b089e0d44f77c3d4b62664169
05b04481e43059dabd913f0c4821ea1d6f460e5f3c4d7273429f4030fddc7acd
GET /myaccount/ban/country-341629?alt=true HTTP/1.1
Host: br.betano.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __cf_bm=1hrVueM9eriAyqLr0DAEUwuOrIc9MMUmVDqHMcvjpBw-1675292022-0-Af/y32QQBPw76YJZWWk2QhooYoMxtVgx8wduWO4VvNdIjl+x0OLecaj7bCUji67bJExAdtOQtuZUAGEMIen9gy8=
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 22:53:42 GMT
content-type: text/html; charset=utf-8
content-security-policy: frame-ancestors https://*.betano.com:*
x-farm: BR-MYACCOUNT13
age: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-store
set-cookie: __RequestVerificationToken=9hKJkSwdp_Gy_KyZaXb7DHTqgiau-hiowRDiXQIUkW52KcgvpDbDPzRpUWKV6a6D1TqyQDKFCYe7TuOLRTTI8t4O1g0aorx0y2zITliZ3PI1; path=/; secure; HttpOnly
sticky=stx11.338
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 792e43c4cbed1bfa-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.888sport.com/pt/spt/brazil-wel.htm?sr=1845934&mm_id=43177&utm_source=aff&utm_medium=casap&utm_content=100140589&utm_campaign=100140589_1845934_nodescription
54.230.111.100301 Moved Permanently 0 B URL HTTP/2 www.888sport.com/pt/spt/brazil-wel.htm?sr=1845934&mm_id=43177&utm_source=aff&utm_medium=casap&utm_content=100140589&utm_campaign=100140589_1845934_nodescription
IP 54.230.111.100:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pt/spt/brazil-wel.htm?sr=1845934&mm_id=43177&utm_source=aff&utm_medium=casap&utm_content=100140589&utm_campaign=100140589_1845934_nodescription HTTP/1.1
Host: www.888sport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
content-length: 0
location: https://www.888sport.com/pt/spt/brazil-wel.htm?utm_campaign=100140589_1845934_nodescription&utm_content=100140589&utm_medium=casap&utm_source=aff
date: Wed, 01 Feb 2023 22:53:42 GMT
cache-control: max-age=1800
x-wcs-correlation-id: hNO25AwQMkz3QBoceXu8HtZQFaNOTKeetfL1t0BHj2Qsd0_Pb17Grw==
set-cookie: 888TempQueryCookie=sr%3D1845934; max-age=60; domain=888sport.com; path=/; secure; samesite=none; httponly
888Cookie=lang%3Dpt%26OSR%3D1845934%26RefType%3DNoReferrer%26TestData%3D%7B%22mm_id%22%3A%2243177%22%2C%22orig-lp%22%3A%22https%3A%2F%2Fwww.888sport.com%2Fpt%2Fspt%2Fbrazil-wel.htm%22%2C%22referrer%22%3A%22NULL%22%2C%22utm_campaign%22%3A%22100140589_1845934_nodescription%22%2C%22utm_content%22%3A%22100140589%22%2C%22utm_medium%22%3A%22casap%22%2C%22utm_source%22%3A%22aff%22%7D; max-age=604800; domain=888sport.com; path=/; secure; samesite=none; httponly
888TempContext=testdata%3D%7B%22mm_id%22%3A%2243177%22%2C%22orig-lp%22%3A%22https%3A%2F%2Fwww.888sport.com%2Fpt%2Fspt%2Fbrazil-wel.htm%22%2C%22referrer%22%3A%22NULL%22%2C%22utm_campaign%22%3A%22100140589_1845934_nodescription%22%2C%22utm_content%22%3A%22100140589%22%2C%22utm_medium%22%3A%22casap%22%2C%22utm_source%22%3A%22aff%22%7D; max-age=60; domain=888sport.com; path=/; secure; samesite=none; httponly
apigw-requestid: froKliwiDoEEMvQ=
vary: Cookie
x-cache: Miss from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: hNO25AwQMkz3QBoceXu8HtZQFaNOTKeetfL1t0BHj2Qsd0_Pb17Grw==
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a3de3bbc86b50dd915bdcc3158a33843
c0e486642eb7f0df669edac74a009d14cf4445ef
55020332ccedfa623bdaadda8c49cefc01d5973f177ea8a29a29363b78d3ec23
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "55020332CCEDFA623BDAADDA8C49CEFC01D5973F177EA8A29A29363B78D3EC23"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21505
Expires: Thu, 02 Feb 2023 04:52:07 GMT
Date: Wed, 01 Feb 2023 22:53:42 GMT
Connection: keep-alive
promo.betwarrior.bet/pt/welcome-offer-sports/?utm_source=netrefer&utm_medium=affiliates&utm_campaign=sports&btag=655952_81C3A6657D644A65816584356BCA7996
3.69.136.55200 OK 13 kB URL HTTP/1.1 promo.betwarrior.bet/pt/welcome-offer-sports/?utm_source=netrefer&utm_medium=affiliates&utm_campaign=sports&btag=655952_81C3A6657D644A65816584356BCA7996
IP 3.69.136.55:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3530), with CRLF, LF line terminators
Hash 5d7e0aec704b0aaaa93e4a47c57421be
1f1e70856f7ea9eef1dc2248ebbf04481f55935a
5fcbee3850d8695028730a4dfd9f3b7535c9c8d3a9b8a1d0063e2c194200c6e0
GET /pt/welcome-offer-sports/?utm_source=netrefer&utm_medium=affiliates&utm_campaign=sports&btag=655952_81C3A6657D644A65816584356BCA7996 HTTP/1.1
Host: promo.betwarrior.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a9275%2c%22BID%22%3a2636%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675292022487)%5c%2f%22%2c%22CookieTag%22%3a%2226369275451240919C2023212253%22%7d%5d
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Wed, 01 Feb 2023 22:53:42 GMT
content-type: text/html; charset=utf-8
content-length: 13377
set-cookie: ubvs=4f603b18-e767-4432-9f03-fc1184176319; Max-Age=15552000; Path=/; SameSite=Lax
ubvt=v2%7C4f603b18-e767-4432-9f03-fc1184176319%7Cd900212c-aaf6-4628-83f9-0172663a0851%3Aa%3Asingle; Max-Age=259200; Domain=betwarrior.bet; Path=/; SameSite=Lax
ubpv=a%2Cd900212c-aaf6-4628-83f9-0172663a0851; Max-Age=15897600; Path=/pt/welcome-offer-sports/; SameSite=Lax
content-location: https://promo.betwarrior.bet/pt/welcome-offer-sports/
etag: "a:4f603b18e76744329f03fc1184176319"
link: <https://promo.betwarrior.bet/pt/welcome-offer-sports/>; rel="canonical"
x-unbounce-pageid: d900212c-aaf6-4628-83f9-0172663a0851
x-unbounce-variant: a
x-unbounce-visitorid: 4f603b18-e767-4432-9f03-fc1184176319
content-encoding: gzip
x-proxy-backend: page-server
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 3.3 kB URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 1a3e6fa762e79e537ef1932b93e90cc5
032df64b0fcb003b71efe3e27173f2e52f509a9f
bb2de10525ef2411dcf99eb5e8db9018f818479401441216e2f0573870dfcc03
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=132897
Date: Wed, 01 Feb 2023 22:53:42 GMT
Etag: "63da40aa-1d7"
Expires: Fri, 03 Feb 2023 11:48:39 GMT
Last-Modified: Wed, 01 Feb 2023 10:36:26 GMT
Server: ECS (dcb/7FA6)
X-Cache: Miss from cloudfront
Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: BDfqboa0emd7vNLeJzc_EyR0DGpaB4T4st-miYqLDHSUJuew-zO_JA==
Age: 4333
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 264ee58bef7be02fb296fc3ebd1bd4e6
81257cc1d84121664f66eb1db000e5dc1a0bcc8e
eb20aae4f3d8623eb4863885d27c4b081931f256758269d626b756cfd6a54da9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB20AAE4F3D8623EB4863885D27C4B081931F256758269D626B756CFD6A54DA9"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1358
Expires: Wed, 01 Feb 2023 23:16:21 GMT
Date: Wed, 01 Feb 2023 22:53:43 GMT
Connection: keep-alive
brazino777.com/?b7pm=620633f29fd70&ambp=
45.148.37.161301 Moved Permanently 378 B URL HTTP/1.1 brazino777.com/?b7pm=620633f29fd70&ambp=
IP 45.148.37.161:0
ASN #208685 Serverius Holding B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash cf7260652a496f495fa6b429bd867710
5f65c87a11784eaecd20ca1509751286011e95ed
4590191dbdd59b602c749c70a3193d852e75d5c8d024b955429aae52e39a858f
GET /?b7pm=620633f29fd70&ambp= HTTP/1.1
Host: brazino777.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Cache-Control: max-age=0, must-revalidate, private
Content-Type: text/html; charset=UTF-8
Date: Wed, 01 Feb 2023 22:53:43 GMT
Expires: Wed, 01 Feb 2023 22:53:43 GMT
Location: /en/?ambp=&b7pm=620633f29fd70
Referrer-Policy: same-origin
Set-Cookie: __Host-SWAFS=eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJfIjoiYnJhemlubzc3Ny5jb205MS45MC40Mi4xNTQifQ.MagKCacbGjjgrWdk1qDs5yiF402HdBzziBDMdwESF8BQ8GLdXxTaOw2QenpM4yjIVYyxVbrxLGBcJ7bpIYPM4A; Path=/; Expires=Thu, 02 Feb 2023 22:53:43 GMT; HttpOnly; Secure; SameSite=Strict
__Secure-XWAFLB=dcb83ed6497d11cb969f2421d22c8d3c; Path=/; Expires=Wed, 01 Feb 2023 23:08:43 GMT; HttpOnly; Secure; SameSite=Lax
PHPSESSID=6sm174trlj04a9s362go3hc50h; expires=Fri, 03 Mar 2023 22:53:43 GMT; Max-Age=2592000; path=/; HttpOnly
ep=K7Ux3Qxdo%2BypZJUDBq71Z5UyNHDbsEWp%2F05E2IIeAX9zzbBJgwJNTKZSBxWpoIW%2Fv%2FX1rPmJyH41cRPICr%2BujjZjbS9J21%2BliDh1FJoECJ7bDozxZFugO1FqfntNLW6WPgsfTiZqfsItwT8ivW5JzGDuzuKe9Vfi1WKLE%2Bvx; expires=Thu, 01-Feb-2024 22:53:43 GMT; Max-Age=31536000; path=/; httponly
_ym_vizorc_80a1678b98bfe0a45660352c180c61fd45124=a59f007fbf3384ccc33cc586d5d348f0; expires=Tue, 01-Feb-2028 22:53:43 GMT; Max-Age=157766400; path=/
c8402da13b6006b93d3adb0b9a4de6ec=620633f29fd70; expires=Wed, 01-Mar-2023 22:53:43 GMT; Max-Age=2419200; path=/; httponly
X-Content-Type-Options: nosniff
X-Waf-Req-Id: d300c43e-5045-4d49-9d91-330e8ab05350-322023
Content-Length: 378
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2982
Expires: Wed, 01 Feb 2023 23:43:25 GMT
Date: Wed, 01 Feb 2023 22:53:43 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2982
Expires: Wed, 01 Feb 2023 23:43:25 GMT
Date: Wed, 01 Feb 2023 22:53:43 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F601fd155-b928-42c6-bfb0-f3599f52fdf5.jpeg
34.120.237.76200 OK 2.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F601fd155-b928-42c6-bfb0-f3599f52fdf5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5a1ddd54f3c344b36a26476a33ccfe20
3cc3a77f6a59cafed25fa0882e13644f4eebef50
65cef0476175fca421fef73419440b82dcb763879b79385f2cacc43f42b3237b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F601fd155-b928-42c6-bfb0-f3599f52fdf5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2530
x-amzn-requestid: 3ce99c09-61b5-4a51-97ec-c40c443238ab
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: freplHVZoAMFz5A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dade3d-605687635e0a740e49ff78b9;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:48:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: TjYU3BsU2PsKUBuk4ZK6JOH3x9BBHltihOwtyFTZP7C1V6RdUGFDtg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:25:20 GMT
etag: "3cc3a77f6a59cafed25fa0882e13644f4eebef50"
content-type: image/jpeg
age: 1703
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc092e5e-3a14-4d43-9814-99fd9d49d6c8.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc092e5e-3a14-4d43-9814-99fd9d49d6c8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 41c44051cc3b4c69924df66048e7566b
5c6a12595c3f6005fec4baa84b16575951e72178
72dff70bcb417c088aba013a486e1dbabe099b40fb718a283f1ba220b142b848
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc092e5e-3a14-4d43-9814-99fd9d49d6c8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7450
x-amzn-requestid: 1b3ef150-9b12-4b8b-94e6-0d6debbd24ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdTDFmPoAMF-UQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadc13-0fea883b0ce1a1b933dc2be8;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:39:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: kJt9M6jkAc3_ouNRDkJ76Njz9yKNesoJjBK_ja3dTcz5oiowk6LKbQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:25:10 GMT
age: 1713
etag: "5c6a12595c3f6005fec4baa84b16575951e72178"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F04301881-7728-4218-a61a-642cd5ffae53.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F04301881-7728-4218-a61a-642cd5ffae53.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0224e848c34cb32cf932ed99dfd8468a
31c1abac8979bca5a998a6649ca3e6f59c0fb2f5
f93d5a69758e57d4d2b0d307ce98ad5ea8d86b825108873e8ea5bc36567dc5c0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F04301881-7728-4218-a61a-642cd5ffae53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5061
x-amzn-requestid: a266acae-8f1e-4cd7-b93b-e40aa5393521
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdUpGcmoAMF16Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadc1d-1fbae7785fccc58f71c1b3e9;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:39:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: PevXZz9rkBo3Cy6EooCVOpSoHyeKHMoYFjKRrvDld34WFWXzOmpANQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:11:31 GMT
age: 2532
etag: "31c1abac8979bca5a998a6649ca3e6f59c0fb2f5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3366ef4f8733cb9c89a5c88f63a0a441
7da46843b6d885f38a4759a08e6c899906ab7b97
7114397ee5c251cc5cb46f3433c2cc17ff68a08e0872e227671198e9b61eba0a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9600
x-amzn-requestid: 48094e1a-d550-4a91-b87c-4a08505f7cce
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVsWcFN7IAMF2pg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d2275c-5ced593a7e2126c9494563df;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 07:10:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: aZOeDFqBJQoGwLpIs-GpPvY0FKGCAOXY6MgzG32qzX-kVzUCKKv-kw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 02:29:58 GMT
age: 73425
etag: "7da46843b6d885f38a4759a08e6c899906ab7b97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/animate.css/3.7.2/animate.min.css
104.17.25.14200 OK 3.5 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/animate.css/3.7.2/animate.min.css
IP 104.17.25.14:0
File type ASCII text, with very long lines (57919)
Hash 4a8baa45fecbff51b8b9863b95788c9f
1dbc7f159b53fbd717d8cff486a39373d09aecfc
3a9ca2c9d6a36ce0283f1bc2502912ffb17c2acf9421d3b0ffd81a6be92b63af
GET /ajax/libs/animate.css/3.7.2/animate.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.betwarrior.bet/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 22:53:43 GMT
content-type: text/css; charset=utf-8
content-length: 3511
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03d2a-e311"
last-modified: Mon, 04 May 2020 16:04:58 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 3640018
expires: Mon, 22 Jan 2024 22:53:43 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v2Be1gJ9F%2BUA4ZDoVG2g1yllgyJ0PGQ%2FG83lxbw2yOEjxn8CGTXilGjelhHegi6WNnY8OTG9T%2BSSuf%2FQ1CIwtkMUvhxCijH944fTa5CUNLBnN%2FHqEcDUdvZCzKEVHOcnqgSf5N6N"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 792e43ca597fb50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
142.250.74.138200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
IP 142.250.74.138:0
File type ASCII text, with very long lines (32030)
Hash 04ba0252a9f264db106d4eaab8df4ccb
cf52d9b3df7839c5c64fbf33aafeced74b3db750
397852429e768ffbd12a78ce4b94f14e3ab4afabf84acb07c0bb5b7798e6e0b2
GET /ajax/libs/jquery/3.1.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.betwarrior.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30244
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 13:13:41 GMT
expires: Fri, 26 Jan 2024 13:13:41 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 553202
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
builder-assets.unbounce.com/published-css/main-7b78720.z.css
54.230.111.102200 OK 2.9 kB URL HTTP/2 builder-assets.unbounce.com/published-css/main-7b78720.z.css
IP 54.230.111.102:0
File type ASCII text, with very long lines (15017)
Hash 3d27e56a34e34b278ab5e182cbc3b587
b871dae022b6537150e18df2bbf266caaa013fdc
3646920461d3a5dd11dfb46a1d063bee0eaad079e9d3e9341942f24f3688401f
GET /published-css/main-7b78720.z.css HTTP/1.1
Host: builder-assets.unbounce.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.betwarrior.bet/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
content-length: 2902
date: Sat, 21 Jan 2023 01:22:01 GMT
last-modified: Wed, 23 Nov 2022 23:24:30 GMT
etag: "3d27e56a34e34b278ab5e182cbc3b587"
cache-control: max-age=31536000
content-encoding: gzip
x-amz-version-id: F0XZlkUrGu6OlrfKzU_C7UXh1V6i6hug
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: HJ8qAnbg_DJ_9FnfHu8y_uggT-XLDN4-YIJjRUex0L3f9KUQuWaj3g==
age: 1027903
X-Firefox-Spdy: h2
cdn.jsdelivr.net/bxslider/4.2.12/jquery.bxslider.min.js
151.101.129.229200 OK 6.1 kB URL HTTP/2 cdn.jsdelivr.net/bxslider/4.2.12/jquery.bxslider.min.js
IP 151.101.129.229:0
File type ASCII text, with very long lines (23355)
Hash ea49215a394c5aa64726c7127cfaa134
964ecff00146356766b1dc9f13daf36197a93a42
2fbea21c694de25a01d2a0151629a67ab5d04af5e9e9af12f3482d672629695f
GET /bxslider/4.2.12/jquery.bxslider.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.betwarrior.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
etag: W/"5bf7-z6ox3Bc9Kcb0lQd4zMXLOxqRM5Y"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 01 Feb 2023 22:53:43 GMT
age: 8958543
x-served-by: cache-fra-eddf8230109-FRA, cache-bma1661-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 6087
X-Firefox-Spdy: h2
cdn.jsdelivr.net/bxslider/4.2.12/jquery.bxslider.css
151.101.129.229200 OK 1.1 kB URL HTTP/2 cdn.jsdelivr.net/bxslider/4.2.12/jquery.bxslider.css
IP 151.101.129.229:0
Hash 68760c9babfe3ad5f6f4b3507194a236
f5308cff25f8bc5e02203de789f79724afe431ab
98b308dad1eb2fc50e7d452f451822f275b47ec8655c3c5b05cd8e32930fca52
GET /bxslider/4.2.12/jquery.bxslider.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.betwarrior.bet/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
etag: W/"f5e-9CY+ZfG2D1tXr+G8dDrQnwbBEmY"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 01 Feb 2023 22:53:43 GMT
age: 1962171
x-served-by: cache-fra-eddf8230039-FRA, cache-bma1661-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1120
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP 104.18.20.226:0
Hash 84ed6a6e4cd5ce0271bd43d61a461251
a2b0c136e9fd7ffda27ee5153ed8cbe278e79593
116570129ce0426c1243f42fc445441bfeb173b43f6d38ac70b01c480de5e3bb
POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 22:53:43 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "77756DAB4E67B183043BB101259D580F92154002"
Expires: Thu, 02 Feb 2023 09:00:00 GMT
Last-Modified: Wed, 01 Feb 2023 21:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 3368
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 792e43cb089db4ff-OSL
region1.google-analytics.com/g/collect?v=2&tid=G-45M1DQFW2B>m=2oe1u0&_p=187099408&gcs=G1-0&cid=391175491.1675292046&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675292046&sct=1&seg=0&dl=https%3A%2F%2Fwww.bet365.com%2Folp%2Fopen-account%3Faffiliate%3D365_01175261&dt=%C3%85pningstilbud&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-45M1DQFW2B>m=2oe1u0&_p=187099408&gcs=G1-0&cid=391175491.1675292046&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675292046&sct=1&seg=0&dl=https%3A%2F%2Fwww.bet365.com%2Folp%2Fopen-account%3Faffiliate%3D365_01175261&dt=%C3%85pningstilbud&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-45M1DQFW2B>m=2oe1u0&_p=187099408&gcs=G1-0&cid=391175491.1675292046&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675292046&sct=1&seg=0&dl=https%3A%2F%2Fwww.bet365.com%2Folp%2Fopen-account%3Faffiliate%3D365_01175261&dt=%C3%85pningstilbud&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.bet365.com
Connection: keep-alive
Referer: https://www.bet365.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.bet365.com
date: Wed, 01 Feb 2023 22:53:43 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 4b52ee4827627743ba7db1d6d98b2614
52d4bb9d6a61ce333d94ad7f57f719d084f88839
54f65cfe66155d377f8f06f792af381d25df663a97bc64c4762294946d319c6d
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=163314
Date: Wed, 01 Feb 2023 22:53:43 GMT
Etag: "63dac37f-1d7"
Expires: Fri, 03 Feb 2023 20:15:37 GMT
Last-Modified: Wed, 01 Feb 2023 19:54:39 GMT
Server: ECS (nyb/1D23)
X-Cache: Miss from cloudfront
Via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 3ba_y-z3YJGC8jVNBWA6WXoLoeBp-yxqN0V7bD-tJY-s-o-RiQaK_g==
Age: 1258
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 4b52ee4827627743ba7db1d6d98b2614
52d4bb9d6a61ce333d94ad7f57f719d084f88839
54f65cfe66155d377f8f06f792af381d25df663a97bc64c4762294946d319c6d
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 01 Feb 2023 22:53:43 GMT
Last-Modified: Wed, 01 Feb 2023 21:41:55 GMT
Server: ECS (nyb/1D2B)
X-Cache: Miss from cloudfront
Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: nfxYt-JCjNQibEJOvT2DQqTNd2KQ6Sr-UyB7pWKnJ4O4WfnWjl7wqw==
Age: 4309
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 4b52ee4827627743ba7db1d6d98b2614
52d4bb9d6a61ce333d94ad7f57f719d084f88839
54f65cfe66155d377f8f06f792af381d25df663a97bc64c4762294946d319c6d
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=163695
Date: Wed, 01 Feb 2023 22:53:43 GMT
Etag: "63dac37f-1d7"
Expires: Fri, 03 Feb 2023 20:21:58 GMT
Last-Modified: Wed, 01 Feb 2023 19:54:39 GMT
Server: ECS (nyb/1D24)
X-Cache: Miss from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: uiN9XVv8BZ3nx73-WFjR_PcT3iKkxlbAyoh-hZQtrOb24IIIboc4CA==
Age: 1639
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e6c980086cb82cd66647dd5ef13f024f
7b2e72a82306d9c11aaf56e435543efefacd9a61
fd4d93593708571cbcd91c4f021cbb08843fe41e5661e8088fee23b411cda7e3
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "FD4D93593708571CBCD91C4F021CBB08843FE41E5661E8088FEE23B411CDA7E3"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3589
Expires: Wed, 01 Feb 2023 23:53:33 GMT
Date: Wed, 01 Feb 2023 22:53:44 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 4b52ee4827627743ba7db1d6d98b2614
52d4bb9d6a61ce333d94ad7f57f719d084f88839
54f65cfe66155d377f8f06f792af381d25df663a97bc64c4762294946d319c6d
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 01 Feb 2023 22:53:43 GMT
Last-Modified: Wed, 01 Feb 2023 21:14:49 GMT
Server: ECS (dcb/7F18)
X-Cache: Miss from cloudfront
Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: o0DUm4G3g4k4G07O_J_cCcJCB0uR5YIODkgXkqyOahnx1Gf7eld5kQ==
Age: 5935
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash dc63da588bb8fabd664c636eba95d363
0423314b14796c0d1fce2344c9b737cbdcd63022
975efb74a773a85c50e7a24b13c3bc4d54eda5e0f91ff0871764170ea7aac8d1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 22:53:44 GMT
Etag: "63d99105-118"
Server: ECS (amb/6B95)
Content-Length: 279
assets.ubembed.com/universalscript/releases/v0.179.2/bundle.js
54.230.111.68200 OK 178 kB URL HTTP/2 assets.ubembed.com/universalscript/releases/v0.179.2/bundle.js
IP 54.230.111.68:0
File type Unicode text, UTF-8 text, with very long lines (65524), with no line terminators
Size 178 kB (178069 bytes)
Hash 359008fe01078c59c66e034866170bd2
4a65a16a6f02824f60bc575ebcdeb53a490fa264
b318b179b35ca92c87626801798f3bce3864172926ae10288f0460a53f30177c
GET /universalscript/releases/v0.179.2/bundle.js HTTP/1.1
Host: assets.ubembed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.betwarrior.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 178069
date: Sun, 11 Dec 2022 10:48:36 GMT
last-modified: Tue, 05 Apr 2022 16:31:05 GMT
etag: "359008fe01078c59c66e034866170bd2"
cache-control: max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: EwG12GoNyjuBCiok7GUhlgG_HJfJfX0g7wltE1KxUkyUUxxuPlqbgg==
age: 4536308
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e6c980086cb82cd66647dd5ef13f024f
7b2e72a82306d9c11aaf56e435543efefacd9a61
fd4d93593708571cbcd91c4f021cbb08843fe41e5661e8088fee23b411cda7e3
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "FD4D93593708571CBCD91C4F021CBB08843FE41E5661E8088FEE23B411CDA7E3"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3589
Expires: Wed, 01 Feb 2023 23:53:33 GMT
Date: Wed, 01 Feb 2023 22:53:44 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash dc63da588bb8fabd664c636eba95d363
0423314b14796c0d1fce2344c9b737cbdcd63022
975efb74a773a85c50e7a24b13c3bc4d54eda5e0f91ff0871764170ea7aac8d1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 22:53:44 GMT
Etag: "63d99105-118"
Last-Modified: Wed, 01 Feb 2023 22:53:44 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 279
97f5e28a6e174bb089f6d6f4991a7dff.js.ubembed.com/
151.101.129.131200 OK 17 kB URL HTTP/2 97f5e28a6e174bb089f6d6f4991a7dff.js.ubembed.com/
IP 151.101.129.131:0
File type ASCII text, with very long lines (477), with no line terminators
Hash 21420587ee6d560db1f2d3fb1271d01b
bc10379e95995cbb448450725d061187f46c7eaa
86c02fc4c8fa805a4bb427d070f04617828f37c302d8364f22ec3ea76f79899b
GET / HTTP/1.1
Host: 97f5e28a6e174bb089f6d6f4991a7dff.js.ubembed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.betwarrior.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
x-amz-apigw-id: frf8AEldDoEFiqw=
x-amz-cf-pop: ARN56-P2
x-backend-region: eu_west_1
date: Wed, 01 Feb 2023 22:53:44 GMT
age: 3371
x-cache: Miss from cloudfront, HIT
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate
vary: Accept-Encoding, Referer
etag: W/118a4f51ff6c6f384eb2ec093c989704-v0.179.2
content-encoding: br
accept-ranges: none
X-Firefox-Spdy: h2
adjs.media/resources/content/betwarrior.js
188.114.96.1200 OK 18 kB URL HTTP/2 adjs.media/resources/content/betwarrior.js
IP 188.114.96.1:0
File type ASCII text, with very long lines (2524)
Hash 22535ff5903acda96a1e27b874424902
ae012ef54871576a8bc3f7572edfa14d4aed8833
2db87e1a1e54c16494588142374c6696ca785a6aa0180c1ce2b56e7f85655f2c
GET /resources/content/betwarrior.js HTTP/1.1
Host: adjs.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.betwarrior.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 22:53:44 GMT
content-type: text/javascript; charset=utf-8
status: 200 OK
cache-control: max-age=604800, private
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 62bd251e-6fd6-4d84-bed3-aae1ccdbb073
x-download-options: noopen
etag: W/"c00b4fe1e029000c3b11359c21279c5d"
x-runtime: 0.001991
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iPgWnB8Mkyix3OpG52OD5LNATzdcJh7l4eo2528aqmwHgIhhPZcw1S49X6y8UhCsfQObdq5Co1bZ1IzqpPSda5QqQusoxqzdbhOcSnAqkkP3LDOVsSV63BZ%2BTJru"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792e43ce3a6cb4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
scripts.mediamathrdrt.com/scripts/k_betwarrior.js
104.21.1.138200 OK 38 kB URL HTTP/2 scripts.mediamathrdrt.com/scripts/k_betwarrior.js
IP 104.21.1.138:0
File type ASCII text, with very long lines (65521)
Hash 7c5830594422f57a76f5d057e072bbb8
5a9663dc9a9ca83c1376c8550db90e7a003211f0
34d459532fce87b02a167b9c7695bdd9f2ac2ed99894d066d3f335a9c4acdf04
GET /scripts/k_betwarrior.js HTTP/1.1
Host: scripts.mediamathrdrt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.betwarrior.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 22:53:44 GMT
content-type: text/javascript; charset=utf-8
status: 200 OK
cache-control: no-cache
access-control-allow-origin: *
x-request-id: 1f980f63-0e18-462f-b96a-6bdf18abe229
etag: W/"cfdb5b05e817a5b71c28dc63af127b7c"
x-runtime: 0.008728
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c5lDvk7at3TKVwB9e0jnbZ7ER3yxxidKvDPPqazM%2FoQgHLiAgCmELChSXXvKUJ2DH%2BuWm%2FLybQm9EE5ADwKiOMznMDF685famruckjqvc3sNQoXaZGBsvaRl3MI2rr7dxAC1b23loZWXdKFQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792e43ce1d10b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s3.sa-east-1.amazonaws.com/static-content.betwarrior.bet/Product/Landing_page/Payment%20Methods%202021/PT/logo_itau.svg
16.12.1.12200 OK 1.6 kB URL HTTP/1.1 s3.sa-east-1.amazonaws.com/static-content.betwarrior.bet/Product/Landing_page/Payment%20Methods%202021/PT/logo_itau.svg
IP 16.12.1.12:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash ab7b5d27de627aa677fc8a285b942781
e36f294ec5bcf22f615e4af9329bdcf81fce6ee3
e8712dfee5f2d1b764ed7c69be66d4d1bc8dc0a0f2197e942387aa19f99e88a3
GET /static-content.betwarrior.bet/Product/Landing_page/Payment%20Methods%202021/PT/logo_itau.svg HTTP/1.1
Host: s3.sa-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.betwarrior.bet/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: DfOGCOL/oTOPZWWPYgAELHd02FNO2WN/mWI1cgi6g36S4o9AmwBogz2i/YRmRuRp+HvNCdjJWkU=
x-amz-request-id: Q2WP4ZJFX72FPCNF
Date: Wed, 01 Feb 2023 22:53:45 GMT
Last-Modified: Mon, 17 May 2021 12:27:05 GMT
ETag: "ab7b5d27de627aa677fc8a285b942781"
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 1608
www.br.betboo.com/pt-br/mobileportal/promotions/sports/0000-welcome-bonus-2021?sb=1&wm=5314017
104.17.133.181302 Found 4.1 kB URL HTTP/2 www.br.betboo.com/pt-br/mobileportal/promotions/sports/0000-welcome-bonus-2021?sb=1&wm=5314017
IP 104.17.133.181:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 86d768b7d610b15672194852f1ef0924
8f579d444123e0e02a44d988ee9e42aeb2389b8f
03e0718832c67896ac22b8a17eea4f6a6dd1f531434bdb07c18def95c1349fe7
GET /pt-br/mobileportal/promotions/sports/0000-welcome-bonus-2021?sb=1&wm=5314017 HTTP/1.1
Host: www.br.betboo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 01 Feb 2023 22:53:42 GMT
content-type: text/html; charset=utf-8
location: https://help.br.betboo.com/closed?sb=1&wm=5314017
cache-control: private
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
accept-language: en-US,en;q=0.5
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
x-forwarded-for: 91.90.42.154, 172.68.50.126
x-forwarded-proto: https
cf-visitor: {"scheme":"https"}
upgrade-insecure-requests: 1
sec-fetch-dest: iframe
sec-fetch-mode: navigate
sec-fetch-site: cross-site
cf-connecting-ip: 91.90.42.154
true-client-ip: 91.90.42.154
cdn-loop: cloudflare
x-redirect-source: Redirex
cf-cache-status: DYNAMIC
set-cookie: redirex-original=http://www.br.betboo.com:80/pt-br/mobileportal/promotions/sports/0000-welcome-bonus-2021?sb=1&wm=5314017;Ip=91.90.42.154;Path=/;Domain=.betboo.com;Expires=Wed, 01-Feb-2023 22:58:42 GMT;secure;HttpOnly
__cf_bm=ZGOL2qIqk8b6iJuILJ1RFAPxdKYpaQRXOleZlY8ZPFs-1675292022-0-AXNWGydKZpVEpw6KavX7c72vSfd8AwbcTQz07Ut09eENKt5bUs04x1jubIaFKmCeYXgLyMJQo2bYQqnpUu/j3R8=; path=/; expires=Wed, 01-Feb-23 23:23:42 GMT; domain=.betboo.com; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=2592000
server: cloudflare
cf-ray: 792e43c2cd4c0b4d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s3.sa-east-1.amazonaws.com/static-content.betwarrior.bet/Product/Landing_page/Payment%20Methods%202021/PT/logo_bradesco.svg
16.12.1.12200 OK 5.3 kB URL HTTP/1.1 s3.sa-east-1.amazonaws.com/static-content.betwarrior.bet/Product/Landing_page/Payment%20Methods%202021/PT/logo_bradesco.svg
IP 16.12.1.12:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 1169d06998c13730c801af0013ae1777
62789d89ee71ba43dc193c00526f98a3c85f37e7
6c00b3a10624494369b709b92532999450b43743e8324fcdf0012f0571f26112
GET /static-content.betwarrior.bet/Product/Landing_page/Payment%20Methods%202021/PT/logo_bradesco.svg HTTP/1.1
Host: s3.sa-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.betwarrior.bet/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: s0gXAN5/LjpwxsFtcJGOpjrZ8A5tKWRau9AsS+MBEyLckB77+H2GfjClTANcUnReStgP8i0jVt0=
x-amz-request-id: Q2WWKFQQZDVYHDTB
Date: Wed, 01 Feb 2023 22:53:45 GMT
Last-Modified: Mon, 17 May 2021 12:27:04 GMT
ETag: "1169d06998c13730c801af0013ae1777"
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 5288
s3.sa-east-1.amazonaws.com/static-content.betwarrior.bet/Product/Landing_page/Payment%20Methods%202021/PT/logo_banrisul.svg
16.12.1.12200 OK 3.8 kB URL HTTP/1.1 s3.sa-east-1.amazonaws.com/static-content.betwarrior.bet/Product/Landing_page/Payment%20Methods%202021/PT/logo_banrisul.svg
IP 16.12.1.12:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash ff04a04e27bce74e43c48b79a31a5cdd
ec16e07f904f3609cd298979cb1630226583e9c3
83eb14ee6661b60feb5cd7cccb440607df5df626292c8e9637be9e18ca6a945e
GET /static-content.betwarrior.bet/Product/Landing_page/Payment%20Methods%202021/PT/logo_banrisul.svg HTTP/1.1
Host: s3.sa-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.betwarrior.bet/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 0ZNoQH25tPm0pXjx7z6lXyGQJoHRaW4fs3VpuMgVnyfOsWTkeijZD6hnihPMgDiNUYVJEEraZRg=
x-amz-request-id: Q2WXV5A1DVACEX2P
Date: Wed, 01 Feb 2023 22:53:45 GMT
Last-Modified: Mon, 17 May 2021 12:27:04 GMT
ETag: "ff04a04e27bce74e43c48b79a31a5cdd"
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 3823
s3.sa-east-1.amazonaws.com/static-content.betwarrior.bet/Product/Landing_page/Payment%20Methods%202021/PT/logo_banco_original.svg
16.12.1.12200 OK 5.9 kB URL HTTP/1.1 s3.sa-east-1.amazonaws.com/static-content.betwarrior.bet/Product/Landing_page/Payment%20Methods%202021/PT/logo_banco_original.svg
IP 16.12.1.12:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 0882f0f5a300a9d0e9bedbbd2d8a2d78
f08746a9e248529d4009005b6b9600d6784df0da
68fa88c175526ad3bfe138a802394f21a4bddb6338c21ecf019d2051bd44b5a5
GET /static-content.betwarrior.bet/Product/Landing_page/Payment%20Methods%202021/PT/logo_banco_original.svg HTTP/1.1
Host: s3.sa-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.betwarrior.bet/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: GjeHU5DkAl+Ym/JOhZHd6PkHinXTQZhy0Rh+933IePI8pVS+OTmUSGOVEv0jI6ilVSoNmZwA7Eg=
x-amz-request-id: Q2WVKCJ9B9F0G7YD
Date: Wed, 01 Feb 2023 22:53:45 GMT
Last-Modified: Mon, 17 May 2021 12:27:04 GMT
ETag: "0882f0f5a300a9d0e9bedbbd2d8a2d78"
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 5942
s3.sa-east-1.amazonaws.com/static-content.betwarrior.bet/Product/Landing_page/Payment%20Methods%202021/PT/logo_caixa.svg
16.12.1.12200 OK 1.8 kB URL HTTP/1.1 s3.sa-east-1.amazonaws.com/static-content.betwarrior.bet/Product/Landing_page/Payment%20Methods%202021/PT/logo_caixa.svg
IP 16.12.1.12:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 323d0b17d617eaabfb65e89cda2f23ad
17785ed5e122e73a467223ac2dc3caeadfaa1b25
676de7d4c29d435dca8dc96f33889ed90612cabdc8bf91b6cf2f41eaac197bb4
GET /static-content.betwarrior.bet/Product/Landing_page/Payment%20Methods%202021/PT/logo_caixa.svg HTTP/1.1
Host: s3.sa-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.betwarrior.bet/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: /T1DkKS5LdGHN61nBDMnc8yM2ZuJNJ9dXsbDBsymSkntcN+EoOGkRdiAFKmhY8VSUvCoobDwpBM=
x-amz-request-id: Q2WVPSJ7ED3A3EK3
Date: Wed, 01 Feb 2023 22:53:45 GMT
Last-Modified: Mon, 17 May 2021 12:27:05 GMT
ETag: "323d0b17d617eaabfb65e89cda2f23ad"
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 1800
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 597b80b9b677a90b26e577958566b92c
11d3c076a1eeeacdef203f0385d0786d08f6ad9c
408a21c9450492b13a0c2a10950f837910b996a6fb81c0162bd07fad042a71c7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1275
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 22:53:44 GMT
Last-Modified: Wed, 01 Feb 2023 22:32:29 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 278
s3.sa-east-1.amazonaws.com/static-content.betwarrior.bet/Product/Landing_page/Payment%20Methods%202021/PT/logo_pix.svg
16.12.1.12200 OK 2.8 kB URL HTTP/1.1 s3.sa-east-1.amazonaws.com/static-content.betwarrior.bet/Product/Landing_page/Payment%20Methods%202021/PT/logo_pix.svg
IP 16.12.1.12:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 82083b9fb03f35c93a9967ea4a1d7f94
721e1095e2f6914e6a6b1ead5b7bd5d610aea92a
6e4c4e43f1455c443d94b6342eaf61b296b30eab35d23edd498e1b66ddfbc06f
GET /static-content.betwarrior.bet/Product/Landing_page/Payment%20Methods%202021/PT/logo_pix.svg HTTP/1.1
Host: s3.sa-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.betwarrior.bet/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: U/DoIIlNoFhEOY+uEBiLFnN7cBjCEfJCtSEkuhYGo0+Z6pCHCEkHya0tQ7BSnGCvJ9KWufih5vw=
x-amz-request-id: Q2WSBXKB8FKSW6V1
Date: Wed, 01 Feb 2023 22:53:45 GMT
Last-Modified: Mon, 17 May 2021 12:27:05 GMT
ETag: "82083b9fb03f35c93a9967ea4a1d7f94"
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 2844
e1.o.lencr.org/
23.36.77.32200 OK 14 kB IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3b0d388b2e7f2d1f26c76811274dc047
8bd7966bb603d5cf6af4a26c2fecd78fd54c4e30
1eb959acf2f402ff239c0e664b67a2ea8fa72f53f7df26569bea410c85a8a38e
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "34CE6FB831AB2AAE79123D48CB7A53ADCA1C4CB745B0E8A67F2C5D42DA63A54A"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3378
Expires: Wed, 01 Feb 2023 23:50:02 GMT
Date: Wed, 01 Feb 2023 22:53:44 GMT
Connection: keep-alive
s3.sa-east-1.amazonaws.com/static-content.betwarrior.bet/Product/Landing_page/Payment%20Methods%202021/PT/logo_much_better.svg
16.12.1.12200 OK 6.4 kB URL HTTP/1.1 s3.sa-east-1.amazonaws.com/static-content.betwarrior.bet/Product/Landing_page/Payment%20Methods%202021/PT/logo_much_better.svg
IP 16.12.1.12:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 6bd9449858dd1fc6d651a669742013a0
7a8afc8b5ce49b038712b210d4cddcf1bb96626d
6e00b84dc119b9e4438dbc4866c01326859ba83ff584a680f7c49eef2829289a
GET /static-content.betwarrior.bet/Product/Landing_page/Payment%20Methods%202021/PT/logo_much_better.svg HTTP/1.1
Host: s3.sa-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.betwarrior.bet/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: uS8dJGgNJlNLigSMlsyncnpGEtHw9J3liD6LKqRR5051MIZb6hesHXFAUEe9thZXEGoBLsSb984=
x-amz-request-id: Q2WGZ1S73ZH990NQ
Date: Wed, 01 Feb 2023 22:53:45 GMT
Last-Modified: Mon, 17 May 2021 12:27:05 GMT
ETag: "6bd9449858dd1fc6d651a669742013a0"
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 6432
s3.sa-east-1.amazonaws.com/static-content.betwarrior.bet/Product/Landing_page/Payment%20Methods%202021/PT/logo_ecopayz.svg
16.12.1.12200 OK 3.8 kB URL HTTP/1.1 s3.sa-east-1.amazonaws.com/static-content.betwarrior.bet/Product/Landing_page/Payment%20Methods%202021/PT/logo_ecopayz.svg
IP 16.12.1.12:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 82a8c1737556f9bf44d17e450393a191
48bca79f7fb606c4ad5fa5c36c0e01066f2e1d75
0ea54ac9ab54895a8cbacfeafe629f9d5fe42c1acdb1834cc43d8100290cad6e
GET /static-content.betwarrior.bet/Product/Landing_page/Payment%20Methods%202021/PT/logo_ecopayz.svg HTTP/1.1
Host: s3.sa-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.betwarrior.bet/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: XgUEKuI7P3fNxwqrRLftyFIeteERsRPubINpAfPqFMof8HDhxG6PV4MGMpd8a6m4BWNfbWychBQ=
x-amz-request-id: Q2WVQWWAY3X438VP
Date: Wed, 01 Feb 2023 22:53:45 GMT
Last-Modified: Mon, 17 May 2021 12:27:05 GMT
ETag: "82a8c1737556f9bf44d17e450393a191"
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 3787
ocsp.digicert.com/
93.184.220.29200 OK 100 kB IP 93.184.220.29:0
Hash 3b83af6d0ff2653694759afa0a4f4ab7
5f623bce2eb5aa48cffa5cc8886ee947f126f063
5bfd23ea2639e983a581baf22f929555b6483a0589439bfedcd9fc6f689e171b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5925
Cache-Control: max-age=167612
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 22:53:44 GMT
Etag: "63dac20f-1d7"
Expires: Fri, 03 Feb 2023 21:27:16 GMT
Last-Modified: Wed, 01 Feb 2023 19:48:31 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
s3.sa-east-1.amazonaws.com/static-content.betwarrior.bet/Product/Landing_page/Payment%20Methods%202021/PT/logo_neteller.svg
16.12.1.12200 OK 1.1 kB URL HTTP/1.1 s3.sa-east-1.amazonaws.com/static-content.betwarrior.bet/Product/Landing_page/Payment%20Methods%202021/PT/logo_neteller.svg
IP 16.12.1.12:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash b01a178a2ffa74630c0daa6d67a26f25
a71b96b59534b6b2f334f03106a9db91f07faf14
b02f9215394cd32d597063108bf93fc486908a37073a6d949ca53b82252218a3
GET /static-content.betwarrior.bet/Product/Landing_page/Payment%20Methods%202021/PT/logo_neteller.svg HTTP/1.1
Host: s3.sa-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.betwarrior.bet/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: L1Tw/o5osCTvT6Ic4SSeE8aOs5nf/8hmYnL28btmJUO/2+jtPsnUyxCDQV9IKcg0oTYH+iP1tXQ=
x-amz-request-id: Q2WJMYK9N5CZ32HC
Date: Wed, 01 Feb 2023 22:53:45 GMT
Last-Modified: Mon, 17 May 2021 12:27:05 GMT
ETag: "b01a178a2ffa74630c0daa6d67a26f25"
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 1143
s3.sa-east-1.amazonaws.com/static-content.betwarrior.bet/Product/Landing_page/Payment%20Methods%202021/PT/logo_skrill.svg
16.12.1.12200 OK 1.4 kB URL HTTP/1.1 s3.sa-east-1.amazonaws.com/static-content.betwarrior.bet/Product/Landing_page/Payment%20Methods%202021/PT/logo_skrill.svg
IP 16.12.1.12:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 480fbc2cb227ed53c815954cf150c86f
bfb5ffde0af383141abd65ba2ee599899457ce1e
480d0dc472f4e02acb903a68cde23bfcccf12382ff96df42d4775de9530c6e43
GET /static-content.betwarrior.bet/Product/Landing_page/Payment%20Methods%202021/PT/logo_skrill.svg HTTP/1.1
Host: s3.sa-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.betwarrior.bet/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: NCPCUIdsfZv/gxikXguWAJwqTYx1SGkY7wjBbS6TXHXZVds2D0bghWIfl4ROhKCxpw/p1UGqLxY=
x-amz-request-id: Q2WQ1N5K2ZJFTWPY
Date: Wed, 01 Feb 2023 22:53:45 GMT
Last-Modified: Mon, 17 May 2021 12:27:05 GMT
ETag: "480fbc2cb227ed53c815954cf150c86f"
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 1354
s3.sa-east-1.amazonaws.com/static-content.betwarrior.bet/Product/Landing_page/Payment%20Methods%202021/PT/logo_banco_safra.svg
16.12.1.12200 OK 22 kB URL HTTP/1.1 s3.sa-east-1.amazonaws.com/static-content.betwarrior.bet/Product/Landing_page/Payment%20Methods%202021/PT/logo_banco_safra.svg
IP 16.12.1.12:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 131c8dd86f6ad201f5a6ba1364e2cee1
71333d90f56c25a8020f0c0295cc9b2fab555602
f11604fd0f3c4bb7810b500731f80761c0fb778d49bce4ad007bd38bd0098acb
GET /static-content.betwarrior.bet/Product/Landing_page/Payment%20Methods%202021/PT/logo_banco_safra.svg HTTP/1.1
Host: s3.sa-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.betwarrior.bet/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: /arKtFXR5Wa6rM9EFpecxBHgFjPwo2qfaZ0T5C8tkT0T+DbjHLdAmOHgQ4TWlBkSelGItbzY2ns=
x-amz-request-id: Q2WGAV03YWTYX47P
Date: Wed, 01 Feb 2023 22:53:45 GMT
Last-Modified: Mon, 17 May 2021 12:27:04 GMT
ETag: "131c8dd86f6ad201f5a6ba1364e2cee1"
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 21984
www.clarity.ms/tag/ev3k86mzo2
13.107.237.53200 OK 1.1 kB URL HTTP/2 www.clarity.ms/tag/ev3k86mzo2
IP 13.107.237.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash c5f17e925570c6539f5d5d5ada6fcb29
6d3b088f270d6dbec896bbc80203629d247ec235
651766f0f91aba00f4a7d2f7bcfcab3eb0f8bd0bb401c3761f98ef3f1e17a1c5
GET /tag/ev3k86mzo2 HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bc.game/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: application/x-javascript
expires: -1
set-cookie: CLID=06ea6804b4ff436e9d8b2b9163001581.20230201.20240201; expires=Thu, 01 Feb 2024 22:53:44 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
x-cache: CONFIG_NOCACHE
x-azure-ref: 0eO3aYwAAAAC947gQ3yfgTZDLMWuK497IQ1BIMzBFREdFMDQxMAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Wed, 01 Feb 2023 22:53:44 GMT
X-Firefox-Spdy: h2
s3.sa-east-1.amazonaws.com/static-content.betwarrior.bet/Product/Landing_page/Payment%20Methods%202021/PT/logo_payfun.svg
16.12.1.12200 OK 5.3 kB URL HTTP/1.1 s3.sa-east-1.amazonaws.com/static-content.betwarrior.bet/Product/Landing_page/Payment%20Methods%202021/PT/logo_payfun.svg
IP 16.12.1.12:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash a64820b91d10fd4f986eff1ed262fafd
3b27421553ada42ef958a080c3869a751bf068d9
ad11bf8e95679d1ff9496f6d25b23d69b6541a8b64a8274da91797709bb3f116
GET /static-content.betwarrior.bet/Product/Landing_page/Payment%20Methods%202021/PT/logo_payfun.svg HTTP/1.1
Host: s3.sa-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.betwarrior.bet/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: ZnLmOZDK7TONAhFjbbYSv3Dl8PMsrIykxfZnS/kMAQQFsbM6tCd0R47m1o25nhAiPNpnhpTHqD8=
x-amz-request-id: Q2WJ9GG4GAJXCHDW
Date: Wed, 01 Feb 2023 22:53:45 GMT
Last-Modified: Mon, 17 May 2021 12:27:05 GMT
ETag: "a64820b91d10fd4f986eff1ed262fafd"
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 5300
s3.sa-east-1.amazonaws.com/static-content.betwarrior.bet/Product/Landing_page/Payment%20Methods%202021/PT/logo_astropay.svg
16.12.1.12200 OK 4.9 kB URL HTTP/1.1 s3.sa-east-1.amazonaws.com/static-content.betwarrior.bet/Product/Landing_page/Payment%20Methods%202021/PT/logo_astropay.svg
IP 16.12.1.12:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash c17e18ed732cc1e5e243ac27b4c80315
f2d8fec1f2a7a175a3d04a394f22644dc6861a9c
ffef44ba17dd6a9bfa9099cb9fc7184c8e49500b394616ccc9ea58eea9dd6a89
GET /static-content.betwarrior.bet/Product/Landing_page/Payment%20Methods%202021/PT/logo_astropay.svg HTTP/1.1
Host: s3.sa-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.betwarrior.bet/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: daQjHXlm2AWYnTT9WlvxkJrmmGDojabmIdIKw4e9OPnD4kbgqRBI7eTKvP1GS77ZHrGLUZp0n/4=
x-amz-request-id: Q2WG6BDMBN2X1RZC
Date: Wed, 01 Feb 2023 22:53:45 GMT
Last-Modified: Mon, 17 May 2021 12:27:04 GMT
ETag: "c17e18ed732cc1e5e243ac27b4c80315"
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 4922
s3.sa-east-1.amazonaws.com/static-content.betwarrior.bet/Product/Landing_page/Payment%20Methods%202021/PT/logo_vcreditos.svg
16.12.1.12200 OK 3.6 kB URL HTTP/1.1 s3.sa-east-1.amazonaws.com/static-content.betwarrior.bet/Product/Landing_page/Payment%20Methods%202021/PT/logo_vcreditos.svg
IP 16.12.1.12:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash a31ceb42356f3ef5aa00b9d8bb433ce1
e9cf88261cef92c0b58864a58e58e9d5f8215c02
e35676900ecf259d14f8969f3955d32a3dcfc250a83c2cc3726f9827c2b98d2f
GET /static-content.betwarrior.bet/Product/Landing_page/Payment%20Methods%202021/PT/logo_vcreditos.svg HTTP/1.1
Host: s3.sa-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.betwarrior.bet/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: DlPdC/vLvOEsljZntXaoPJ27tPtPQ9gWhWv09hxpePb85h0G6xxy7Gm10F2ozp0rZEuem7urfvI=
x-amz-request-id: Q2WV44QY1ES00XJ3
Date: Wed, 01 Feb 2023 22:53:45 GMT
Last-Modified: Mon, 17 May 2021 12:27:05 GMT
ETag: "a31ceb42356f3ef5aa00b9d8bb433ce1"
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 3550
gml-grp.com/C.ashx?btag=a_9862b_619c_&affid=2566&siteid=9862&adid=619&c=PU_BR_PA_DT_VOLD_BETANO
188.114.96.1302 Found 4.1 kB URL HTTP/2 gml-grp.com/C.ashx?btag=a_9862b_619c_&affid=2566&siteid=9862&adid=619&c=PU_BR_PA_DT_VOLD_BETANO
IP 188.114.96.1:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 06dfa71b9b2f3027e91a1bfeaff6948b
fe5c02d6e5f4f7a53b80cc973e418ae572d8df09
dc6458d733eb6bcf84ee37054ddf5bb8d7d3de5ea308f3f765c74aa05e782c40
GET /C.ashx?btag=a_9862b_619c_&affid=2566&siteid=9862&adid=619&c=PU_BR_PA_DT_VOLD_BETANO HTTP/1.1
Host: gml-grp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 01 Feb 2023 22:53:42 GMT
content-type: text/html; charset=utf-8
cache-control: private
location: //gml-grp.com/C.ashx?btag=a_9862b_619c_&affid=2566&siteid=9862&adid=619&c=PU_BR_PA_DT_VOLD_BETANO&AutoR=1
x-aspnet-version: 4.0.30319
set-cookie: CEK=a; expires=Tue, 02-May-2023 22:53:42 GMT; path=/; SameSite=None; Secure
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OF8CSoHC1820pQZM%2BVPHAwajNBadu93yAzh2sd67q9PkvzSlOAJHs%2Bem7E68f3kOCwnSWrJqimj9KQGEDAxii8HUaNp7kn2Ns37z8I6PLb5ju9McWtMRaMPihu5R%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792e43c2b9d7b524-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
brazino777.com/en/?ambp=&b7pm=620633f29fd70
45.148.37.161200 OK 37 kB URL HTTP/1.1 brazino777.com/en/?ambp=&b7pm=620633f29fd70
IP 45.148.37.161:0
ASN #208685 Serverius Holding B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (37987), with CRLF, LF line terminators
Hash d14fb23fd0f4a7ac53e4b34559cb8ab0
6a2993d9fb3fdfdc0c899516265bb007d44ca990
5ccd4d53816300d9d443fb0aebfac188815928a325a0d32fd78abe9f99e0fb7e
GET /en/?ambp=&b7pm=620633f29fd70 HTTP/1.1
Host: brazino777.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate, private
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Wed, 01 Feb 2023 22:53:44 GMT
Expires: Wed, 01 Feb 2023 22:53:44 GMT
Pragma: no-cache
Referrer-Policy: same-origin
Set-Cookie: __Host-SWAFS=eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJfIjoiYnJhemlubzc3Ny5jb205MS45MC40Mi4xNTQifQ.MagKCacbGjjgrWdk1qDs5yiF402HdBzziBDMdwESF8BQ8GLdXxTaOw2QenpM4yjIVYyxVbrxLGBcJ7bpIYPM4A; Path=/; Expires=Thu, 02 Feb 2023 22:53:44 GMT; HttpOnly; Secure; SameSite=Strict
__Secure-XWAFLB=dcb83ed6497d11cb969f2421d22c8d3c; Path=/; Expires=Wed, 01 Feb 2023 23:08:44 GMT; HttpOnly; Secure; SameSite=Lax
PHPSESSID=h7p1ddsvr7mskkurlnf1fkunhm; expires=Fri, 03 Mar 2023 22:53:43 GMT; Max-Age=2592000; path=/; HttpOnly
device_view=full; expires=Wed, 01-Mar-2023 22:53:44 GMT; Max-Age=2419200; path=/; httponly
ep=cPfyacaQ1tEaMtFltLRSIRzZlf1i0ci3wWq%2B229K3cgdeZ%2BhLIYM4iV3GY1knbswA62t5cG19Xe8n9zVJ%2Fe9gmTezR7Vl1ARIe2kI4XDvXLKbmPvoKDj9fMXItBfd3YDQmR%2B5xqnW%2FC8i%2FVJtOcErMqGMO58phWlR8MGGUyFeBhuCQ; expires=Thu, 01-Feb-2024 22:53:44 GMT; Max-Age=31536000; path=/; httponly
_ym_vizorc_80a1678b98bfe0a45660352c180c61fd45124=a59f007fbf3384ccc33cc586d5d348f0; expires=Tue, 01-Feb-2028 22:53:44 GMT; Max-Age=157766400; path=/
c8402da13b6006b93d3adb0b9a4de6ec=620633f29fd70; expires=Wed, 01-Mar-2023 22:53:44 GMT; Max-Age=2419200; path=/; httponly
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Waf-Req-Id: 480acc0f-abe3-462f-b0ee-75a140f9d444-322023
Transfer-Encoding: chunked
s3.sa-east-1.amazonaws.com/static-content.betwarrior.bet/Product/Landing_page/Payment%20Methods%202021/PT/logo_santander.svg
16.12.1.12200 OK 4.7 kB URL HTTP/1.1 s3.sa-east-1.amazonaws.com/static-content.betwarrior.bet/Product/Landing_page/Payment%20Methods%202021/PT/logo_santander.svg
IP 16.12.1.12:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 8853bd27115e397897bd4cb017b25974
9222a4bb2bd074051219f421d091645205cfe469
07602828f362a01f43ad6b884638f7761f7abf4b7aff304fe3e80649288e78c6
GET /static-content.betwarrior.bet/Product/Landing_page/Payment%20Methods%202021/PT/logo_santander.svg HTTP/1.1
Host: s3.sa-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.betwarrior.bet/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: Ax9vMF1QhxwaWZuirGED3liAQ5KCVCHbsW500m/RLJIt+wbKYHS8Sk1zMaaMUVFaeLwhNSAPJ/c=
x-amz-request-id: Q2WW20B5NV9XDYAB
Date: Wed, 01 Feb 2023 22:53:45 GMT
Last-Modified: Mon, 17 May 2021 12:27:05 GMT
ETag: "8853bd27115e397897bd4cb017b25974"
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 4744
builder-assets.unbounce.com/published-js/main.bundle-fed11df.z.js
54.230.111.102200 OK 354 kB URL HTTP/2 builder-assets.unbounce.com/published-js/main.bundle-fed11df.z.js
IP 54.230.111.102:0
Size 354 kB (353504 bytes)
Hash 635fd62a8752d0d30f63cb701d804dbf
094ef86b7885f02e6305faee13f6a1a24b6b9e18
c362d5da55bc29d3c02e0cc7f4a698fb2c330ec182a7e5e058aa6d16d1cc9b97
GET /published-js/main.bundle-fed11df.z.js HTTP/1.1
Host: builder-assets.unbounce.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.betwarrior.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 33154
date: Wed, 25 Jan 2023 03:52:39 GMT
last-modified: Tue, 18 Jan 2022 21:17:50 GMT
etag: "0baa7928a61eec0ae7b70702e0a16542"
cache-control: max-age=31536000
content-encoding: gzip
x-amz-version-id: unUaqO9013Xc011S.3KQRlXYPC3pdAjV
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: HR5wYrAILQT-AxJBhUDG0OPoLISea8GOZyQz7c2HCNwZMWqbO-aK_A==
age: 673266
X-Firefox-Spdy: h2
d34qb8suadcc4g.cloudfront.net/ub.js?1673990108
54.230.111.46200 OK 1.9 kB URL HTTP/2 d34qb8suadcc4g.cloudfront.net/ub.js?1673990108
IP 54.230.111.46:0
Hash fde4d3457a50df6eb5c2e00c8f2ae5b3
e5cf16a28cc4234d5eaa77b2b0dd53f3522aa135
268ae6468593e886241a5aad414e64f7775e7ac13311ab55e9d35e34a24129ba
GET /ub.js?1673990108 HTTP/1.1
Host: d34qb8suadcc4g.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.betwarrior.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 1865
date: Tue, 17 Jan 2023 21:41:41 GMT
last-modified: Tue, 17 Jan 2023 21:14:25 GMT
etag: "fde4d3457a50df6eb5c2e00c8f2ae5b3"
cache-control: max-age=31536000
content-encoding: gzip
x-amz-version-id: TrrSG85SsnvjrZ_OWFs2jLqOdvnUHg06
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7RU10D-E6faLqkmuVEHrq98grnUc3I1j9iFTf2YTcIvBUVlnedMerA==
age: 1300324
X-Firefox-Spdy: h2
p.teads.tv/teads-fellow.js
23.195.255.234200 OK 6.4 kB URL HTTP/1.1 p.teads.tv/teads-fellow.js
IP 23.195.255.234:0
File type ASCII text, with very long lines (19888), with no line terminators
Hash b6e227013e992031893f2833d1df522e
c6d55aba6762513c8a1eb320131cf46cfa932b4a
6338003a70f047fd7a382e87160754ab69d62edb039da75b4bfb331d16b20c71
GET /teads-fellow.js HTTP/1.1
Host: p.teads.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.betwarrior.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: Fvk0n/5LJz3nBotNQWoB41nnYa7EY38OhmFTP/DeBSktyLC0h63NyNDrx49W519ODkwt3KRvtik=
x-amz-request-id: C1F8TJNV6Q5MR03D
Last-Modified: Mon, 23 Jan 2023 13:03:00 GMT
ETag: "52a95d12f789e4537934e239a8adddcb"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: application/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=98
Date: Wed, 01 Feb 2023 22:53:44 GMT
Content-Length: 6419
Connection: keep-alive
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.betwarrior.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Wed, 01 Feb 2023 21:44:08 GMT
expires: Wed, 01 Feb 2023 23:44:08 GMT
cache-control: public, max-age=7200
age: 4176
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/Hq1Kz8ZiT_Y
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/Hq1Kz8ZiT_Y
IP 142.250.74.131:0
Hash 351270395221716ecb393151d15c7434
d8c4353cfa3df2ea9ee35ac553cd7126c3d88f90
428446de26c65d6333693f4fd9fdea341e517cdd464ef71cac30db4aaac31d9f
POST /s/gts1d4/Hq1Kz8ZiT_Y HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 22:53:44 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
edge.fullstory.com/s/fs.js
35.201.112.186200 OK 80 kB URL HTTP/2 edge.fullstory.com/s/fs.js
IP 35.201.112.186:0
File type ASCII text, with very long lines (4259)
Hash 65d4e7c235bbffaf4a4dfd615920d9d4
7a4216496dfcb27e24d495d5378ffc415a0ab66a
3aeb160bf6d57c1f0edad843957da79621d3e6fd517b4b72c335ffce5b1abf0a
GET /s/fs.js HTTP/1.1
Host: edge.fullstory.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://promo.betwarrior.bet
Connection: keep-alive
Referer: https://promo.betwarrior.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdswd1WJzWVyoWiFpEH905aUOywoy_iWUWwdq68v32sxa6qBGP6_5WPRUopwwrh-ROcV04bI5hMyRrshg18NrXFXwA
vary: X-Goog-Allowed-Resources,Accept-Encoding
x-goog-generation: 1675281800350652
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 271678
x-goog-hash: crc32c=y9+62w==, md5=RUfjnKNAH7ztjg4n0ESWcA==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: none
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
content-encoding: br
date: Wed, 01 Feb 2023 22:51:22 GMT
expires: Wed, 01 Feb 2023 23:51:22 GMT
cache-control: public, max-age=3600
last-modified: Wed, 01 Feb 2023 20:03:20 GMT
etag: W/"4547e39ca3401fbced8e0e27d0449670"
content-type: application/javascript
content-length: 78339
age: 142
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/Hq1Kz8ZiT_Y
142.250.74.131200 OK 50 kB URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/Hq1Kz8ZiT_Y
IP 142.250.74.131:0
Hash 30ce99b749f92c17174404eac69ec7e2
eb508717a86662848c1a570a737aabe437fc5b46
9df84efa24ce5b006d85fdbc4e7381a58d358c41cc21b90102075ec3f12f6d43
POST /s/gts1d4/Hq1Kz8ZiT_Y HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 22:53:45 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
d34qb8suadcc4g.cloudfront.net/sp-2.14.0.js
54.230.111.46200 OK 30 kB URL HTTP/2 d34qb8suadcc4g.cloudfront.net/sp-2.14.0.js
IP 54.230.111.46:0
File type ASCII text, with very long lines (64903)
Hash 73de733c308b8b5e44d2a6242dc4bd99
2f43a0cd155124d65ab5ce3574abc5f82b45fcf9
cf4ff4a67675a54e9a9469d967c77fba778ccf839a98119d246012447eb44ea3
GET /sp-2.14.0.js HTTP/1.1
Host: d34qb8suadcc4g.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.betwarrior.bet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 30399
date: Sun, 11 Dec 2022 09:08:36 GMT
last-modified: Wed, 04 Nov 2020 01:35:32 GMT
etag: "73de733c308b8b5e44d2a6242dc4bd99"
cache-control: max-age=31536000
content-encoding: gzip
x-amz-version-id: rVTqklA1qqyT_0VdOCY323BKPISR0uej
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: sfXildTzcKvb7g4v5K9I0PCM6bVb6-gBSSDmEE9jnkkTSe7zrhKg1Q==
age: 4542310
X-Firefox-Spdy: h2
a2.adform.net/Serving/TrackPoint/?pm=2635697&ADFPageName=Landing%20Page_Brazil&ADFdivider=|
185.167.164.39302 Found 79 kB URL HTTP/2 a2.adform.net/Serving/TrackPoint/?pm=2635697&ADFPageName=Landing%20Page_Brazil&ADFdivider=|
IP 185.167.164.39:0
Hash 09b94065a58555a509175f4b54ed5448
da7a2db4cbd0b83df0abd8d42c8e3d6ef8bfd724
50ef83f0843203ee72042207c4ed3b0761d92ff21c15495f9440139f24d17268
GET /Serving/TrackPoint/?pm=2635697&ADFPageName=Landing%20Page_Brazil&ADFdivider=| HTTP/1.1
Host: a2.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bc.game/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Wed, 01 Feb 2023 22:53:44 GMT
content-type: text/html; charset=utf-8
location: https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2635697&ADFPageName=Landing%20Page_Brazil&ADFdivider=|
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-origin: *
set-cookie: C=1; domain=adform.net; expires=Wed, 01-Mar-2023 22:53:44 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 351751c77016a096d17d688aea57ac84
72fac689aedfb81e9179a7ce024a83d9c2065bca
ce2faff38c3f3252f4985ca20ceaef0a41112a101f723b2cd4c156c0cdae3137
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=131286
Date: Wed, 01 Feb 2023 22:53:45 GMT
Etag: "63da465f-1d7"
Expires: Fri, 03 Feb 2023 11:21:51 GMT
Last-Modified: Wed, 01 Feb 2023 11:00:47 GMT
Server: ECS (dcb/7F3A)
X-Cache: Miss from cloudfront
Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: yJSgkFlB1isg37BvAwRzTKkyG380oktr2DZ6eVbP8LMHMXXg_uilOA==
Age: 1264
cm.teads.tv/v2/advertiser?referer=https%3A%2F%2Fpromo.betwarrior.bet%2Fpt%2Fwelcome-offer-sports%2F%3Futm_source%3Dnetrefer%26utm_medium%3Daffiliates%26utm_campaign%3Dsports%26btag%3D655952_81C3A6657D644A65816584356BCA7996&advertiser_id=28969
23.195.255.234200 OK 137 B URL HTTP/1.1 cm.teads.tv/v2/advertiser?referer=https%3A%2F%2Fpromo.betwarrior.bet%2Fpt%2Fwelcome-offer-sports%2F%3Futm_source%3Dnetrefer%26utm_medium%3Daffiliates%26utm_campaign%3Dsports%26btag%3D655952_81C3A6657D644A65816584356BCA7996&advertiser_id=28969
IP 23.195.255.234:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 41dc1432dfd6e68abcd3b802a8dfad7b
0f5897840577fae995f238d3f8f87ebf7d294331
05e27531513bd8e332a6dec0017c14eb1b151d15f98f223d54b66acd1ca6eb5e
GET /v2/advertiser?referer=https%3A%2F%2Fpromo.betwarrior.bet%2Fpt%2Fwelcome-offer-sports%2F%3Futm_source%3Dnetrefer%26utm_medium%3Daffiliates%26utm_campaign%3Dsports%26btag%3D655952_81C3A6657D644A65816584356BCA7996&advertiser_id=28969 HTTP/1.1
Host: cm.teads.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.betwarrior.bet/
Origin: https://promo.betwarrior.bet
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Content-Length: 137
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://promo.betwarrior.bet
Observe-Browsing-Topics: ?1
Origin-Trial: Az9xQo/imzWWuauBg0JngENQMoxulJzGzdGQ0VfUZDk7et2DJfmfUxfOWnHlwQiZRFG+Grc8bH8xWgOPW2ltjQQAAAB+eyJvcmlnaW4iOiJodHRwczovL3RlYWRzLnR2OjQ0MyIsImZlYXR1cmUiOiJQcml2YWN5U2FuZGJveEFkc0FQSXMiLCJleHBpcnkiOjE2ODA2NTI3OTksImlzU3ViZG9tYWluIjp0cnVlLCJpc1RoaXJkUGFydHkiOnRydWV9
Expires: Wed, 01 Feb 2023 22:53:45 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 01 Feb 2023 22:53:45 GMT
Connection: keep-alive
Set-Cookie: ar_debug=1; Path=/; HttpOnly; Secure; SameSite=None
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 6eb02215eba27dd6c278f8264ff19ce2
abb65ca7d09291542b81789490b01c18f9c31ea7
1708be7b5197e60afa45e48305e7941be959e98a4babb8198b68c0c80611c582
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=152510
Date: Wed, 01 Feb 2023 22:53:45 GMT
Etag: "63da8598-1d7"
Expires: Fri, 03 Feb 2023 17:15:35 GMT
Last-Modified: Wed, 01 Feb 2023 15:30:32 GMT
Server: ECS (bsa/EB17)
X-Cache: Miss from cloudfront
Via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: hE7Pw_JOECA2wRfLwM40NokkhzlADTwumZkaunJR8jHZJ-yCtyJmDQ==
Age: 6303
events.ub-analytics.com/i?stm=1675292048707&e=pv&url=https%3A%2F%2Fpromo.betwarrior.bet%2Fpt%2Fwelcome-offer-sports%2F%3Futm_source%3Dnetrefer%26utm_medium%3Daffiliates%26utm_campaign%3Dsports%26btag%3D655952_81C3A6657D644A65816584356BCA7996&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=UTC&lang=en-US&cs=UTF-8&res=1280x1024&cd=24&eid=f8e21d73-100a-458a-b1de-8a86f8d5e729&dtm=1675292048706&vp=0x0&ds=0x0&vid=1&sid=1de9395c-75dd-4757-8f64-42d8210f26ca&duid=72ff604a-234b-465b-9d42-8dd76eaa838e&uid=4f603b18-e767-4432-9f03-fc1184176319&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiZDkwMDIxMmMtYWFmNi00NjI4LTgzZjktMDE3MjY2M2EwODUxIiwidmFyaWFudElkIjoiYSIsImV2ZW50VHlwZSI6InZpc2l0IiwiZXZlbnRNZXRhZGF0YSI6W10sInJvdXRpbmdTdHJhdGVneSI6InNpbmdsZSJ9fV19
34.238.109.20200 OK 43 B URL HTTP/2 events.ub-analytics.com/i?stm=1675292048707&e=pv&url=https%3A%2F%2Fpromo.betwarrior.bet%2Fpt%2Fwelcome-offer-sports%2F%3Futm_source%3Dnetrefer%26utm_medium%3Daffiliates%26utm_campaign%3Dsports%26btag%3D655952_81C3A6657D644A65816584356BCA7996&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=UTC&lang=en-US&cs=UTF-8&res=1280x1024&cd=24&eid=f8e21d73-100a-458a-b1de-8a86f8d5e729&dtm=1675292048706&vp=0x0&ds=0x0&vid=1&sid=1de9395c-75dd-4757-8f64-42d8210f26ca&duid=72ff604a-234b-465b-9d42-8dd76eaa838e&uid=4f603b18-e767-4432-9f03-fc1184176319&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiZDkwMDIxMmMtYWFmNi00NjI4LTgzZjktMDE3MjY2M2EwODUxIiwidmFyaWFudElkIjoiYSIsImV2ZW50VHlwZSI6InZpc2l0IiwiZXZlbnRNZXRhZGF0YSI6W10sInJvdXRpbmdTdHJhdGVneSI6InNpbmdsZSJ9fV19
IP 34.238.109.20:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash fb02f374b8f73825415db1bccd4bd76d
b103aa629cacdd90b39538a7561da7f8e49ad73f
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
GET /i?stm=1675292048707&e=pv&url=https%3A%2F%2Fpromo.betwarrior.bet%2Fpt%2Fwelcome-offer-sports%2F%3Futm_source%3Dnetrefer%26utm_medium%3Daffiliates%26utm_campaign%3Dsports%26btag%3D655952_81C3A6657D644A65816584356BCA7996&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=UTC&lang=en-US&cs=UTF-8&res=1280x1024&cd=24&eid=f8e21d73-100a-458a-b1de-8a86f8d5e729&dtm=1675292048706&vp=0x0&ds=0x0&vid=1&sid=1de9395c-75dd-4757-8f64-42d8210f26ca&duid=72ff604a-234b-465b-9d42-8dd76eaa838e&uid=4f603b18-e767-4432-9f03-fc1184176319&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiZDkwMDIxMmMtYWFmNi00NjI4LTgzZjktMDE3MjY2M2EwODUxIiwidmFyaWFudElkIjoiYSIsImV2ZW50VHlwZSI6InZpc2l0IiwiZXZlbnRNZXRhZGF0YSI6W10sInJvdXRpbmdTdHJhdGVneSI6InNpbmdsZSJ9fV19 HTTP/1.1
Host: events.ub-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.betwarrior.bet/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 22:53:45 GMT
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: *
access-control-allow-credentials: true
server: akka-http/10.0.9
X-Firefox-Spdy: h2
t.teads.tv/track?action=pageView&env=js-web&tag_version=6.12.0_51a1e72&advertiser_id=28969&referer=https%3A%2F%2Fpromo.betwarrior.bet%2Fpt%2Fwelcome-offer-sports%2F%3Futm_source%3Dnetrefer%26utm_medium%3Daffiliates%26utm_campaign%3Dsports%26btag%3D655952_81C3A6657D644A65816584356BCA7996&user_session_id=7a1a4540-d4e8-4ee2-bb2b-67180a2b6c3d
2.18.173.43200 OK 23 B URL HTTP/2 t.teads.tv/track?action=pageView&env=js-web&tag_version=6.12.0_51a1e72&advertiser_id=28969&referer=https%3A%2F%2Fpromo.betwarrior.bet%2Fpt%2Fwelcome-offer-sports%2F%3Futm_source%3Dnetrefer%26utm_medium%3Daffiliates%26utm_campaign%3Dsports%26btag%3D655952_81C3A6657D644A65816584356BCA7996&user_session_id=7a1a4540-d4e8-4ee2-bb2b-67180a2b6c3d
IP 2.18.173.43:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash da5b449fff36752a93779fa4067cd2eb
71a96eea77f21ab5f1819b96c4cedd5cd34476ca
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
GET /track?action=pageView&env=js-web&tag_version=6.12.0_51a1e72&advertiser_id=28969&referer=https%3A%2F%2Fpromo.betwarrior.bet%2Fpt%2Fwelcome-offer-sports%2F%3Futm_source%3Dnetrefer%26utm_medium%3Daffiliates%26utm_campaign%3Dsports%26btag%3D655952_81C3A6657D644A65816584356BCA7996&user_session_id=7a1a4540-d4e8-4ee2-bb2b-67180a2b6c3d HTTP/1.1
Host: t.teads.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://promo.betwarrior.bet/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 23
cache-control: max-age=0, no-cache, no-store
expires: Sat, 26 Jul 1997 05:00:00 GMT
date: Wed, 01 Feb 2023 22:53:45 GMT
X-Firefox-Spdy: h2
c.bing.com/c.gif?CtsSyncId=13F8D024D9FC4D169DDEFBE38C55984C&RedC=c.clarity.ms&MXFR=374E06EE328B691F33F61445368B6756
204.79.197.200302 Found 0 B URL HTTP/2 c.bing.com/c.gif?CtsSyncId=13F8D024D9FC4D169DDEFBE38C55984C&RedC=c.clarity.ms&MXFR=374E06EE328B691F33F61445368B6756
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif?CtsSyncId=13F8D024D9FC4D169DDEFBE38C55984C&RedC=c.clarity.ms&MXFR=374E06EE328B691F33F61445368B6756 HTTP/1.1
Host: c.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bc.game/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?CtsSyncId=13F8D024D9FC4D169DDEFBE38C55984C&MUID=3848852E47E76D3313FC978546126CA7
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SRM_B=3848852E47E76D3313FC978546126CA7; domain=c.bing.com; expires=Mon, 26-Feb-2024 22:53:45 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F54B376B625B465ABDB2D9BBED43C247 Ref B: OSL30EDGE0219 Ref C: 2023-02-01T22:53:45Z
date: Wed, 01 Feb 2023 22:53:45 GMT
content-length: 0
X-Firefox-Spdy: h2
d.clarity.ms/collect
40.76.174.66204 No Content 0 B IP 40.76.174.66:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: d.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 894
Origin: https://bc.game
Connection: keep-alive
Referer: https://bc.game/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
access-control-allow-origin: https://bc.game
access-control-allow-credentials: true
date: Wed, 01 Feb 2023 22:53:45 GMT
X-Firefox-Spdy: h2
socketv2.bc.game/socket.io/?p=01d4de50018823a5891860f2fa0531860f2ffb49&EIO=3&transport=websocket
172.64.150.129101 Switching Protocols 31 B URL HTTP/1.1 socketv2.bc.game/socket.io/?p=01d4de50018823a5891860f2fa0531860f2ffb49&EIO=3&transport=websocket
IP 172.64.150.129:0
Hash 3ad99670fe88f38d6c007d3cafe2a4aa
8dd60ae9471e191645e360b918ddfd3a390f3233
8e5f9efe0584d0ed3f0ebcb7c768a1d5f6a30fcd56e94266254a8e62f27a4c97
GET /socket.io/?p=01d4de50018823a5891860f2fa0531860f2ffb49&EIO=3&transport=websocket HTTP/1.1
Host: socketv2.bc.game
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://bc.game
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: q6/aZm4Q8H98+x9zM+YArw==
Connection: keep-alive, Upgrade
Cookie: invitation-code=4cxse6dr; invitation-url=https%3A%2F%2Fbc.game%2Flanding%2Fsports-br%3Fi%3D4cxse6dr%26stag%3D17409_63daed76607ae792a85dc61e%26utm_source%3D4cxse6dr
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Wed, 01 Feb 2023 22:53:46 GMT
Connection: upgrade
upgrade: websocket
sec-websocket-accept: qStznculMYJ3lvxWTbI30iI7RUE=
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 792e43d58b440afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
c.clarity.ms/c.gif?CtsSyncId=13F8D024D9FC4D169DDEFBE38C55984C&MUID=3848852E47E76D3313FC978546126CA7
20.234.93.27200 OK 42 B URL HTTP/2 c.clarity.ms/c.gif?CtsSyncId=13F8D024D9FC4D169DDEFBE38C55984C&MUID=3848852E47E76D3313FC978546126CA7
IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 1 x 1\012- data
Hash 32023bb33cfb2a1990a4ef2d85b6ac16
23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
GET /c.gif?CtsSyncId=13F8D024D9FC4D169DDEFBE38C55984C&MUID=3848852E47E76D3313FC978546126CA7 HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bc.game/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
content-type: image/gif
last-modified: Tue, 17 Jan 2023 20:36:49 GMT
accept-ranges: bytes
etag: "b1c8df6cb32ad91:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Wed, 01-Feb-2023 23:03:46 GMT; path=/; SameSite=None; Secure;
date: Wed, 01 Feb 2023 22:53:45 GMT
content-length: 42
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/files/flags/United_Kingdom-01-1317.svg?v10263
185.76.9.24200 OK 2.7 kB URL HTTP/2 www.brazino-cdnsrv-cst.org/files/flags/United_Kingdom-01-1317.svg?v10263
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1439), with CRLF, LF line terminators
Hash 491cf0bd830bac45593d5f65b4ee2cb9
f0277115b74f6b8d8708270e3a1c687ba491da19
71476e9f8eebae227c9fef7a6c83a5260a3a24f5fa0d3b907b386a65869fb0cf
GET /files/flags/United_Kingdom-01-1317.svg?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 22:53:46 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"6006bbc7-548"
expires: Tue, 21 Nov 2023 13:04:44 GMT
last-modified: Tue, 19 Jan 2021 11:00:23 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: d73574d6-b7f7-4760-bdee-9c80e6b66173-3252022
x-accel-expires: @1700571884
server: CDN77-Turbo
x-77-nzt: AblMCRRvl57/DnZfAA
x-77-nzt-ray: af585630fa1662be7aedda63926b9120
x-cache: HIT
x-age: 6256142
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/build/images/footer/licenses/license_desktop_second.svg
185.76.9.24200 OK 150 kB URL HTTP/2 www.brazino-cdnsrv-cst.org/build/images/footer/licenses/license_desktop_second.svg
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
Size 150 kB (149904 bytes)
Hash afd56aefeef7c0e7f1c8cb3bc5afbae8
3f83867513cf0c8873d2d94cad497aeba36588db
248e6244383c49218f2807510750ccd79750181d1626855375ec0105ead55aa2
GET /build/images/footer/licenses/license_desktop_second.svg HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 22:53:46 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"639a0c2c-67391"
expires: Thu, 14 Dec 2023 21:01:25 GMT
last-modified: Wed, 14 Dec 2022 17:47:24 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 7214411d-15e7-4c91-82f0-bf4ccc77da4f-3482022
x-accel-expires: @1702587685
server: CDN77-Turbo
x-77-nzt: AblMCRRDSjX/1bNAAA
x-77-nzt-ray: af585630fa1662be7aedda6350dbaa1e
x-cache: HIT
x-age: 4240341
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/files/categories/Big-Time-Gaming-7521.svg?v10263
185.76.9.24200 OK 3.8 kB URL HTTP/2 www.brazino-cdnsrv-cst.org/files/categories/Big-Time-Gaming-7521.svg?v10263
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
File type SVG Scalable Vector Graphics image\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2611), with CRLF, LF line terminators
Hash beb5bec1e5f3bb9c137a9edf1e4c7bae
7c4a1b0056e21aa0f060d817dea00d7b760cb88c
3e2a530d8224bd4c57342ce995f961119a52a1dfc48769d5b104847c14fcf147
GET /files/categories/Big-Time-Gaming-7521.svg?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 22:53:46 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"60f181ff-a9b"
expires: Thu, 07 Dec 2023 18:16:19 GMT
last-modified: Fri, 16 Jul 2021 12:56:31 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 16f66a31-9331-4caa-8bf8-b293c995faee-3412022
x-accel-expires: @1701972979
server: CDN77-Turbo
x-77-nzt: AblMCRQoC6j/BxVKAA
x-77-nzt-ray: af585630fa1662be7aedda6345906925
x-cache: HIT
x-age: 4855047
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/files/categories/jftw-1556.svg?v10263
185.76.9.24200 OK 2.1 kB URL HTTP/2 www.brazino-cdnsrv-cst.org/files/categories/jftw-1556.svg?v10263
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
Hash 118f9bdd48b67480496389c60e0cd668
0f8d76b6cf72171f992936864752eb7ecc6e795b
8123ea6d5daaaace5468e0b5a5fc7210335d4d4221366172f310189d0bcc8a97
GET /files/categories/jftw-1556.svg?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 22:53:46 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"60e31053-c0d"
expires: Thu, 07 Dec 2023 11:49:30 GMT
last-modified: Mon, 05 Jul 2021 13:59:47 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: c407889f-56b7-49e3-b794-f102dece19c4-3412022
x-accel-expires: @1701949770
server: CDN77-Turbo
x-77-nzt: AblMCRTwfLX/sG9KAA
x-77-nzt-ray: af585630fa1662be7aedda6300bf462a
x-cache: HIT
x-age: 4878256
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/build/nsoftTopOfferJsBlock.ae69ef55.css?v10263
185.76.9.24200 OK 8.1 kB URL HTTP/2 www.brazino-cdnsrv-cst.org/build/nsoftTopOfferJsBlock.ae69ef55.css?v10263
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
Hash 9f99738aed0032b0a8dc9134501ef2f7
3992b75ed93e741aef4c577e4a372f70244ffc29
2162654eb1c00418fbba4dda97aa5be45bf8fc8737c7cb585fadca1c7d817d26
GET /build/nsoftTopOfferJsBlock.ae69ef55.css?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 22:53:45 GMT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"63907649-80c6"
expires: Thu, 07 Dec 2023 11:29:10 GMT
last-modified: Wed, 07 Dec 2022 11:17:29 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 343ba89c-b5b4-4813-ace1-b55a185d4e9f-3412022
x-accel-expires: @1701948550
server: CDN77-Turbo
x-77-nzt: AblMCRTh/JP/c3RKAA
x-77-nzt-ray: af585630fa1662be79edda63e259be2d
x-cache: HIT
x-age: 4879475
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/files/categories/bgaming-4795.svg?v10263
185.76.9.24200 OK 35 kB URL HTTP/2 www.brazino-cdnsrv-cst.org/files/categories/bgaming-4795.svg?v10263
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
Hash 6120a9958d8105b965f2eb6f8d0875fc
338e224f29d7adacdc67f97c58f70f3026986ee4
c1a625d056cb862bce65698a3fc7cbfa35ee4496a24a8d2ae51d0a63110b3ccc
GET /files/categories/bgaming-4795.svg?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 22:53:46 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"60ddbad9-424"
expires: Thu, 07 Dec 2023 18:16:19 GMT
last-modified: Thu, 01 Jul 2021 12:53:45 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 9dc7a7f8-1435-4ffb-aa08-a53394e3ed0e-3412022
x-accel-expires: @1701972979
server: CDN77-Turbo
x-77-nzt: AblMCRR6Se7/BxVKAA
x-77-nzt-ray: af585630fa1662be7aedda634f0e4425
x-cache: HIT
x-age: 4855047
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/build/images/footer/licenses/license_mobile_first.svg
185.76.9.24200 OK 66 kB URL HTTP/2 www.brazino-cdnsrv-cst.org/build/images/footer/licenses/license_mobile_first.svg
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
Hash 869b0e8a8296d322922ff6defb29ee52
6d64a93c3d32e73207289c6ced8c187681182b97
8ca863bd6074652a54d0653c346e9b0cd3e22e4e3453d940cd6ae040556acad3
GET /build/images/footer/licenses/license_mobile_first.svg HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 22:53:46 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"6399e301-28c00"
expires: Thu, 14 Dec 2023 17:03:37 GMT
last-modified: Wed, 14 Dec 2022 14:51:45 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: a55f9488-5b7e-42c2-90dd-401358decd8a-3482022
x-accel-expires: @1702573417
server: CDN77-Turbo
x-77-nzt: AblMCRTDV2H/ketAAA
x-77-nzt-ray: af585630fa1662be7aedda63121f3f1e
x-cache: HIT
x-age: 4254609
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/files/flags/Brazil-01-6807-9882.svg?v10263
185.76.9.24200 OK 28 kB URL HTTP/2 www.brazino-cdnsrv-cst.org/files/flags/Brazil-01-6807-9882.svg?v10263
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (36542), with CRLF, LF line terminators
Hash ec6539c9a8e528e7044499d3701c62c1
690074246045d6169a47b70e4d8f9169ac889671
1e2e5bd7e2e3f2cddd0b840bbea8898494a06e5ad404d0a832e4a8f6fbdbf9f4
GET /files/flags/Brazil-01-6807-9882.svg?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 22:53:46 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"5fbfe73e-8ebb"
expires: Sat, 04 Nov 2023 14:43:12 GMT
last-modified: Thu, 26 Nov 2020 17:34:54 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 96526c45-1830-4e4d-a39e-9405722a4807-3082022
x-accel-expires: @1699108992
server: CDN77-Turbo
x-77-nzt: AblMCRSPprL/esh1AA
x-77-nzt-ray: af585630fa1662be7aedda631b6e9620
x-cache: HIT
x-age: 7719034
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/files/flags/Spain-flag-8385.svg?v10263
185.76.9.24200 OK 12 kB URL HTTP/2 www.brazino-cdnsrv-cst.org/files/flags/Spain-flag-8385.svg?v10263
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
Hash cba716dc0350be7ee416ffdbedffaff5
0cd506dcfd3f419b4532989baaaf3195367aa038
74a0f0fbe36cb4e46ac9aef22864d826d9d194f7fd05f489f7d0b591151f6c36
GET /files/flags/Spain-flag-8385.svg?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 22:53:46 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"5fc8fc6b-a5d8"
expires: Thu, 07 Dec 2023 10:45:53 GMT
last-modified: Thu, 03 Dec 2020 14:55:39 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 594b0a4a-3a55-4ea2-926f-60640c9504c2-3412022
x-accel-expires: @1701945953
server: CDN77-Turbo
x-77-nzt: AblMCRSbnVf/mX5KAA
x-77-nzt-ray: af585630fa1662be7aedda637eaca020
x-cache: HIT
x-age: 4882073
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
a.mgid.com/mgsensor.js?d=1675292050405
104.19.136.78200 OK 5.0 kB URL HTTP/2 a.mgid.com/mgsensor.js?d=1675292050405
IP 104.19.136.78:0
File type ASCII text, with very long lines (15105), with no line terminators
Hash 2b7343a3e33a8fe4067d260321f7f3f6
e45cf2ac888d8e8b37603c7b06f36f42aeae689c
c50d1c4eb9baef9d66476f71a768fae980ea2562ddc3ccc8f32e07cfa45fdbfa
GET /mgsensor.js?d=1675292050405 HTTP/1.1
Host: a.mgid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 22:53:47 GMT
content-type: application/javascript
vary: Accept-Encoding
x-mg-request-uuid: 6903f27c-ef5e-47c4-a2d4-df71ffad3203
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=yRdajyCva1sKEP_xB77ss9AyT.kY8a4Unp1vTO7GZqs-1675292027-0-AZ31/YMUT9Zy5wROoK06KoWssqX1j0g5R0pgmtpYVrbuZiN0cfeFEtHZhjsG4A5ujI0mY58g+cCxp9SmCFhmQGk=; path=/; expires=Wed, 01-Feb-23 23:23:47 GMT; domain=.mgid.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 792e43e0fc25b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/build/images/footer/licenses/license_desktop_first.svg
185.76.9.24200 OK 61 kB URL HTTP/2 www.brazino-cdnsrv-cst.org/build/images/footer/licenses/license_desktop_first.svg
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
Hash 5953ec3c606efbcbc95a86009a80c7f8
80fed927e1af3a3ced316120276364148ac8f38c
75f553c7097708abb46d6e379094cb5603c490d3fa9505ed61a0e816bfed2733
GET /build/images/footer/licenses/license_desktop_first.svg HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 22:53:46 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"639a0c2c-28b48"
expires: Thu, 14 Dec 2023 21:01:25 GMT
last-modified: Wed, 14 Dec 2022 17:47:24 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: d9cbbed3-2585-4277-af66-52fea1e2e6ef-3482022
x-accel-expires: @1702587685
server: CDN77-Turbo
x-77-nzt: AblMCRTcqDP/1bNAAA
x-77-nzt-ray: af585630fa1662be7aedda63700bd71d
x-cache: HIT
x-age: 4240341
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
tm.uol.com.br/mercurio.html
23.36.76.250200 OK 2.2 kB URL HTTP/2 tm.uol.com.br/mercurio.html
IP 23.36.76.250:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4318)
Hash c0fc3700fb315e92230a7f50f037425a
c761880a6c1c84883985e79ba781a68a224dbe81
ab8fe72539418bb693d01e9a939f661b316f00b6b35d57cff3563e4dfa46e547
GET /mercurio.html HTTP/1.1
Host: tm.uol.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: ba5203ce522cc70a434e9a70452ca145
last-modified: Mon, 30 Aug 2021 21:31:49 GMT
content-type: text/html;charset=UTF-8
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
x-akamai-transformed: 9 173 0 pmb=mRUM,1
content-encoding: gzip
cache-control: no-transform, must-revalidate, proxy-revalidate, max-age=91
date: Wed, 01 Feb 2023 22:53:47 GMT
content-length: 2197
vary: Accept-Encoding
server-timing: cdn-cache; desc=MISS, edge; dur=1, origin; dur=208
akamai-cache-status: Miss from child, Miss from parent
akamai-grn: 0.f64c2417.1675292027.dc240b2
X-Firefox-Spdy: h2
tm.jsuol.com.br/modules/mercurio.js
54.230.111.59200 OK 1.1 kB URL HTTP/2 tm.jsuol.com.br/modules/mercurio.js
IP 54.230.111.59:0
File type ASCII text, with very long lines (3646), with no line terminators
Hash bed0a7a707f166936e5aaac09879d050
01276c9bf0d1ca37b4aad0b0eac66060ffdc0c12
b676c2d29fcc1c2cd1adc6bd5b00436afb068f4c247baa86bd71f2fcf07e4151
GET /modules/mercurio.js HTTP/1.1
Host: tm.jsuol.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tm.uol.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
content-length: 1065
date: Wed, 01 Feb 2023 22:43:58 GMT
server: marrakesh 1.16.6
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
last-modified: Tue, 05 Jan 2021 19:38:04 GMT
expires: Wed, 01 Feb 2023 23:43:58 GMT
content-encoding: gzip
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
etag: bed0a7a707f166936e5aaac09879d050
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: C7e2NE41yl0hCw38AtKLd87nou7xGEra_5aU1dkFUzdsE8orSEL_sg==
age: 588
X-Firefox-Spdy: h2
s.go-mpulse.net/boomerang/CW5BG-SWTYZ-UMRD7-EZCHN-SGWTB
23.38.200.138200 OK 50 kB URL HTTP/2 s.go-mpulse.net/boomerang/CW5BG-SWTYZ-UMRD7-EZCHN-SGWTB
IP 23.38.200.138:0
File type C source, ASCII text, with very long lines (65103)
Hash 8991c3ec80ec8fbc41382a55679e3911
8cc8cee91d671038acd9e3ae611517d6801b0909
f55bacd4a20fef96f5c736a912d1947be85c268df18003395e511c1e860e8800
GET /boomerang/CW5BG-SWTYZ-UMRD7-EZCHN-SGWTB HTTP/1.1
Host: s.go-mpulse.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tm.uol.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
content-encoding: br
last-modified: Wed, 21 Dec 2022 16:39:24 GMT
timing-allow-origin: *
vary: Accept-Encoding
x-n: S
content-length: 50393
date: Wed, 01 Feb 2023 22:53:47 GMT
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/files/categories/pgsoft-5545.svg?v10263
185.76.9.24200 OK 1.7 kB URL HTTP/2 www.brazino-cdnsrv-cst.org/files/categories/pgsoft-5545.svg?v10263
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
Hash 3affc82b967d1b4eabec4bf59d2cb1ff
ea7c31ff996e593782b7f3a2d0b70ce851477a16
dc77ef99105eccd3fa0000678d02821bcd8dc53c4f0cb1390227d37a438bb073
GET /files/categories/pgsoft-5545.svg?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 22:53:46 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"6128e521-2210"
expires: Thu, 07 Dec 2023 18:16:23 GMT
last-modified: Fri, 27 Aug 2021 13:14:09 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 27b2c9bb-8269-4c73-872f-9c7e50fcfac3-3412022
x-accel-expires: @1701972983
server: CDN77-Turbo
x-77-nzt: AblMCRQVuRX/AxVKAA
x-77-nzt-ray: af585630fa1662be7aedda63caeaa02b
x-cache: HIT
x-age: 4855043
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
c.go-mpulse.net/api/config.json?key=CW5BG-SWTYZ-UMRD7-EZCHN-SGWTB&d=tm.uol.com.br&t=5584307&v=1.720.0&sl=0&si=00f96931-52f9-4c28-9bd4-bb4772338ab9-rpfbmb&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=730186
23.38.200.138200 OK 51 B URL HTTP/1.1 c.go-mpulse.net/api/config.json?key=CW5BG-SWTYZ-UMRD7-EZCHN-SGWTB&d=tm.uol.com.br&t=5584307&v=1.720.0&sl=0&si=00f96931-52f9-4c28-9bd4-bb4772338ab9-rpfbmb&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=730186
IP 23.38.200.138:0
File type JSON data\012- , ASCII text
Hash 192c625187a5fef1b734d29b83897699
d8416aa3824eb4e4c2cf4f15142cdb9a7f144a7a
b3a6f75eb5d0f83b2aa13d6dc74ccc19870b82a27edef9af60adcefdf33f3311
GET /api/config.json?key=CW5BG-SWTYZ-UMRD7-EZCHN-SGWTB&d=tm.uol.com.br&t=5584307&v=1.720.0&sl=0&si=00f96931-52f9-4c28-9bd4-bb4772338ab9-rpfbmb&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=730186 HTTP/1.1
Host: c.go-mpulse.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tm.uol.com.br
Connection: keep-alive
Referer: https://tm.uol.com.br/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=120, stale-while-revalidate=60, stale-if-error=120
Timing-Allow-Origin: *
Content-Length: 51
Date: Wed, 01 Feb 2023 22:53:47 GMT
Connection: keep-alive
Content-Type: application/json
mc.yandex.ru/metrika/tag.js
93.158.134.119200 OK 74 kB URL HTTP/2 mc.yandex.ru/metrika/tag.js
IP 93.158.134.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (659)
Hash de9c4346801ea3636fb506b54c394b32
f998f9464013582483778132d544fbd106c6d9a1
c9a9f4cbaaf63148dbafd70126d101548d61884ac369c0b35b0e4efa244a9670
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 73853
date: Wed, 01 Feb 2023 22:53:47 GMT
access-control-allow-origin: *
etag: "63c93a4b-1207d"
expires: Wed, 01 Feb 2023 23:53:47 GMT
last-modified: Thu, 19 Jan 2023 15:40:43 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: application/javascript
content-encoding: br
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
sportsbook-platform-api.nsoft.com/prematchOffer/getTopOffer?dataFormat=%7B%22default%22%3A%22object%22%2C%22sports%22%3A%22array%22%2C%22categories%22%3A%22array%22%2C%22tournaments%22%3A%22array%22%2C%22matches%22%3A%22array%22%2C%22betGroups%22%3A%22array%22%7D&dataShrink=false&language=%7B%22default%22%3A%22en%22%7D¶ms=%7B%22start_date%22%3A%222023-02-01%2000%3A54%3A10%22%2C%22end_date%22%3A%222023-02-04%2022%3A54%3A10%22%2C%22id_sport%22%3A%224ac43657-d99c-4e45-a16e-807d3dedafe1%22%2C%22bet_count%22%3A3%2C%22timezone%22%3A%22UTC%22%2C%22delivery_platform%22%3A%22Web%22%2C%22company_uuid%22%3A%22ee010c47-eb96-4ffe-a11f-bf2736607193%22%7D&topOffer=%7B%22matches%22%3Atrue%7D
176.58.106.43302 Found 22 kB URL HTTP/2 sportsbook-platform-api.nsoft.com/prematchOffer/getTopOffer?dataFormat=%7B%22default%22%3A%22object%22%2C%22sports%22%3A%22array%22%2C%22categories%22%3A%22array%22%2C%22tournaments%22%3A%22array%22%2C%22matches%22%3A%22array%22%2C%22betGroups%22%3A%22array%22%7D&dataShrink=false&language=%7B%22default%22%3A%22en%22%7D¶ms=%7B%22start_date%22%3A%222023-02-01%2000%3A54%3A10%22%2C%22end_date%22%3A%222023-02-04%2022%3A54%3A10%22%2C%22id_sport%22%3A%224ac43657-d99c-4e45-a16e-807d3dedafe1%22%2C%22bet_count%22%3A3%2C%22timezone%22%3A%22UTC%22%2C%22delivery_platform%22%3A%22Web%22%2C%22company_uuid%22%3A%22ee010c47-eb96-4ffe-a11f-bf2736607193%22%7D&topOffer=%7B%22matches%22%3Atrue%7D
IP 176.58.106.43:0
Hash 8537523739878619edede77704756b68
51fff0a5ce1af3c664fd80f9891f418f85f30eba
1d8dd66f3fcf43569c793416884c44728c8abee33a1e7a0689479ac28b27c7b6
GET /prematchOffer/getTopOffer?dataFormat=%7B%22default%22%3A%22object%22%2C%22sports%22%3A%22array%22%2C%22categories%22%3A%22array%22%2C%22tournaments%22%3A%22array%22%2C%22matches%22%3A%22array%22%2C%22betGroups%22%3A%22array%22%7D&dataShrink=false&language=%7B%22default%22%3A%22en%22%7D¶ms=%7B%22start_date%22%3A%222023-02-01%2000%3A54%3A10%22%2C%22end_date%22%3A%222023-02-04%2022%3A54%3A10%22%2C%22id_sport%22%3A%224ac43657-d99c-4e45-a16e-807d3dedafe1%22%2C%22bet_count%22%3A3%2C%22timezone%22%3A%22UTC%22%2C%22delivery_platform%22%3A%22Web%22%2C%22company_uuid%22%3A%22ee010c47-eb96-4ffe-a11f-bf2736607193%22%7D&topOffer=%7B%22matches%22%3Atrue%7D HTTP/1.1
Host: sportsbook-platform-api.nsoft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://brazino777.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 01 Feb 2023 22:53:47 GMT
content-type: application/json
location: https://sportsbook-platform-api.nsoft.com/prematchOffer/getTopOffer?params=%7B%22start_date%22%3A%222023-02-01+00%3A54%3A00%22%2C%22end_date%22%3A%222023-02-04+22%3A54%3A59%22%2C%22id_sport%22%3A%224ac43657-d99c-4e45-a16e-807d3dedafe1%22%2C%22bet_count%22%3A3%2C%22timezone%22%3A%22UTC%22%2C%22delivery_platform%22%3A%22Web%22%2C%22company_uuid%22%3A%22ee010c47-eb96-4ffe-a11f-bf2736607193%22%7D&dataFormat=%7B%22default%22%3A%22object%22%2C%22sports%22%3A%22array%22%2C%22categories%22%3A%22array%22%2C%22tournaments%22%3A%22array%22%2C%22matches%22%3A%22array%22%2C%22betGroups%22%3A%22array%22%7D&topOffer=%7B%22matches%22%3Atrue%7D&language=%7B%22default%22%3A%22en%22%7D&dataShrink=false&cacheRedirect=1
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubdomains;
sb-ch: MISS
access-control-allow-origin: https://brazino777.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
blancoshrimp.com/SB/BR
172.67.146.68301 Moved Permanently 0 B IP 172.67.146.68:0
GET /SB/BR HTTP/1.1
Host: blancoshrimp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
date: Wed, 01 Feb 2023 22:53:41 GMT
content-type: text/html
location: https://blancoshrimp.com/SB/BR/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tEE5NMqmyKF16jHBOkDw56EHhDNR3xZj9l8RcchkWnDC1CfuKXDoYlpQhq4EPstI02QxzS%2FaJfoj8M3NO4SUOWkCEnuEgm%2B45XCMevzsy5U%2BawyjVkLWH0HkJNfdcrMw4BY8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792e43bc18c3b4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/build/vueSliderBlock.5e45dee0.js?v10263
185.76.9.24200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/build/vueSliderBlock.5e45dee0.js?v10263
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
GET /build/vueSliderBlock.5e45dee0.js?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 22:53:45 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"63a331ad-2ad7"
expires: Thu, 21 Dec 2023 16:47:57 GMT
last-modified: Wed, 21 Dec 2022 16:17:49 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 6427d264-beb2-409d-b4c5-751d4402e256-3552022
x-accel-expires: @1703177277
server: CDN77-Turbo
x-77-nzt: AblMCRQ0x9D/vLQ3AA
x-77-nzt-ray: af585630fa1662be79edda63acdd3a2d
x-cache: HIT
x-age: 3650748
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/build/5666.5a30bb8f.js?v10263
185.76.9.24200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/build/5666.5a30bb8f.js?v10263
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
GET /build/5666.5a30bb8f.js?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 22:53:45 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"63651122-19bb"
expires: Sat, 04 Nov 2023 14:39:22 GMT
last-modified: Fri, 04 Nov 2022 13:18:26 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: d50fd946-ff11-4ba8-95e6-03ad6261aeeb-3082022
x-accel-expires: @1699108762
server: CDN77-Turbo
x-77-nzt: AblMCRQSGgP/X8l1AA
x-77-nzt-ray: af585630fa1662be79edda6328bc492e
x-cache: HIT
x-age: 7719263
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/files/categories/Triple-Edge-Studios-3639.svg?v10263
185.76.9.24200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/files/categories/Triple-Edge-Studios-3639.svg?v10263
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
GET /files/categories/Triple-Edge-Studios-3639.svg?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 22:53:46 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"60f181b9-9df"
expires: Thu, 07 Dec 2023 18:16:27 GMT
last-modified: Fri, 16 Jul 2021 12:55:21 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 9edfc1ab-b759-46c5-a7cb-56e29c294b41-3412022
x-accel-expires: @1701972987
server: CDN77-Turbo
x-77-nzt: AblMCRQJIFD//xRKAA
x-77-nzt-ray: af585630fa1662be7aedda63973dc02d
x-cache: HIT
x-age: 4855039
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
a2.adform.net/Serving/TrackPoint/?CC=1&pm=2635697&ADFPageName=Landing%20Page_Brazil&ADFdivider=|
185.167.164.39200 OK 0 B URL HTTP/2 a2.adform.net/Serving/TrackPoint/?CC=1&pm=2635697&ADFPageName=Landing%20Page_Brazil&ADFdivider=|
IP 185.167.164.39:0
GET /Serving/TrackPoint/?CC=1&pm=2635697&ADFPageName=Landing%20Page_Brazil&ADFdivider=| HTTP/1.1
Host: a2.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bc.game/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 22:53:45 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/build/vueLocaleBlock.fc209836.css?v10263
185.76.9.24200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/build/vueLocaleBlock.fc209836.css?v10263
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
GET /build/vueLocaleBlock.fc209836.css?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 22:53:45 GMT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"63651122-c34"
expires: Sat, 04 Nov 2023 14:43:08 GMT
last-modified: Fri, 04 Nov 2022 13:18:26 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: aec43579-b344-4ae8-a605-0ad163c9145c-3082022
x-accel-expires: @1699108988
server: CDN77-Turbo
x-77-nzt: AblMCRQezJ3/fch1AA
x-77-nzt-ray: af585630fa1662be79edda63a32f2e2d
x-cache: HIT
x-age: 7719037
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/build/vueSearchFormBlock.4ea4a3a6.css?v10263
185.76.9.24200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/build/vueSearchFormBlock.4ea4a3a6.css?v10263
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
GET /build/vueSearchFormBlock.4ea4a3a6.css?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 22:53:45 GMT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"638df9a5-1720"
expires: Wed, 06 Dec 2023 00:40:16 GMT
last-modified: Mon, 05 Dec 2022 14:01:09 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: f5263115-554a-473e-8d89-32e2070f64d4-3402022
x-accel-expires: @1701823216
server: CDN77-Turbo
x-77-nzt: AblMCRRSiCr/CV5MAA
x-77-nzt-ray: af585630fa1662be79edda635b503f2d
x-cache: HIT
x-age: 5004809
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/build/6974.7a77254b.js?v10263
185.76.9.24200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/build/6974.7a77254b.js?v10263
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
GET /build/6974.7a77254b.js?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 22:53:45 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"636bd459-277d"
expires: Mon, 13 Nov 2023 17:42:29 GMT
last-modified: Wed, 09 Nov 2022 16:24:57 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: b2d5caf7-d478-4ff2-92af-448897957523-3172022
x-accel-expires: @1699897349
server: CDN77-Turbo
x-77-nzt: AblMCRRGlK7/9MBpAA
x-77-nzt-ray: af585630fa1662be79edda6337c34e2d
x-cache: HIT
x-age: 6930676
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/build/footerGameCategoriesBlock.95e12733.js?v10263
185.76.9.24200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/build/footerGameCategoriesBlock.95e12733.js?v10263
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
GET /build/footerGameCategoriesBlock.95e12733.js?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 22:53:45 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"6399e1a5-7d2"
expires: Thu, 14 Dec 2023 14:48:46 GMT
last-modified: Wed, 14 Dec 2022 14:45:57 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 77312741-bb79-423b-9e16-c52ad4468fef-3482022
x-accel-expires: @1702565326
server: CDN77-Turbo
x-77-nzt: AblMCRRt87b/KwtBAA
x-77-nzt-ray: af585630fa1662be79edda632eaa322e
x-cache: HIT
x-age: 4262699
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/files/categories/7a2e9b6192441a65b9f465ebee9c48f8.svg?v10263
185.76.9.24200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/files/categories/7a2e9b6192441a65b9f465ebee9c48f8.svg?v10263
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
GET /files/categories/7a2e9b6192441a65b9f465ebee9c48f8.svg?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 22:53:46 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"6267cd39-50c"
expires: Thu, 07 Dec 2023 18:16:19 GMT
last-modified: Tue, 26 Apr 2022 10:45:13 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: b2e21ae4-892b-4679-9f4d-c594fbc6ba7d-3412022
x-accel-expires: @1701972979
server: CDN77-Turbo
x-77-nzt: AblMCRRavH7/BxVKAA
x-77-nzt-ray: af585630fa1662be7aedda63035ce624
x-cache: HIT
x-age: 4855047
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/files/categories/redrake-1073.svg?v10263
185.76.9.24200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/files/categories/redrake-1073.svg?v10263
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
GET /files/categories/redrake-1073.svg?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 22:53:46 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"60e310aa-933"
expires: Thu, 07 Dec 2023 18:16:24 GMT
last-modified: Mon, 05 Jul 2021 14:01:14 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: f6a61d25-6353-42b8-aebe-0edff78c93db-3412022
x-accel-expires: @1701972984
server: CDN77-Turbo
x-77-nzt: AblMCRSc+7n/AhVKAA
x-77-nzt-ray: af585630fa1662be7aedda63763b442c
x-cache: HIT
x-age: 4855042
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/build/vueProducerBlock.33638096.css?v10263
185.76.9.24200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/build/vueProducerBlock.33638096.css?v10263
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
GET /build/vueProducerBlock.33638096.css?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 22:53:45 GMT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"638a1703-fca"
expires: Mon, 04 Dec 2023 14:08:18 GMT
last-modified: Fri, 02 Dec 2022 15:17:23 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 0761d770-c934-4b67-b781-0eaf1c3081f8-3382022
x-accel-expires: @1701698898
server: CDN77-Turbo
x-77-nzt: AblMCRS7fSj/p0NOAA
x-77-nzt-ray: af585630fa1662be79edda6391923c2d
x-cache: HIT
x-age: 5129127
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
record.platincasinoaffiliates.com/_ngIZ_9Igg2BDp78Ph1_jCGNd7ZgqdRLk/2/
104.18.193.136301 Moved Permanently 0 B URL HTTP/2 record.platincasinoaffiliates.com/_ngIZ_9Igg2BDp78Ph1_jCGNd7ZgqdRLk/2/
IP 104.18.193.136:0
GET /_ngIZ_9Igg2BDp78Ph1_jCGNd7ZgqdRLk/2/ HTTP/1.1
Host: record.platincasinoaffiliates.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Wed, 01 Feb 2023 22:53:42 GMT
content-type: text/html; charset=utf-8
location: https://www.platincasino.com/br/lp/sports?ma_token=SOHTTO7ymOHT-sdKsiU4EGNd7ZgqdRLk&ma_affiliate_id=2541
cache-control: private, no-cache, must-revalidate, Cache-Control: no-cache
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
pragma: no-cache
x-powered-by: ZBan
cf-cache-status: BYPASS
set-cookie: VID1=KSxTMFUsMyxXLVM0UApgCg%3D%3D; expires=Thu, 01-Feb-2024 22:53:42 GMT; Max-Age=31536000; path=/; secure; HttpOnly; SameSite=None
ZBan=SOHTTO7ymOHT-sdKsiU4EGNd7ZgqdRLk; expires=Thu, 01-Feb-2024 22:53:42 GMT; Max-Age=31536000; path=/; domain=.platincasinoaffiliates.com; secure; HttpOnly; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 792e43c39d5bb4fa-OSL
X-Firefox-Spdy: h2
partnerbcgame.com/db2e7562c
188.114.97.1302 Found 0 B URL HTTP/2 partnerbcgame.com/db2e7562c
IP 188.114.97.1:0
GET /db2e7562c HTTP/1.1
Host: partnerbcgame.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 01 Feb 2023 22:53:42 GMT
content-type: text/html; charset=utf-8
location: https://bc.game/landing/sports-br?i=4cxse6dr&stag=17409_63daed76607ae792a85dc61e&utm_source=4cxse6dr
set-cookie: 6b86b273ff34fce19d6b=63daed76607ae792a85dc61e; Expires=Fri, 03 Mar 2023 22:53:42 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15724800; includeSubDomains
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8%2FausY%2FuRfu3GDsdEHDpXsNhvLz2Hu7scD%2Bx0I4O1gYFQx6Gkh0FWWiHp%2BCrXa1hwjjAj8GzPgrDy5zPmonyYPWcijZ6eMCEXSEgzOpx7YgaerrOSkgH2tu%2Bnf%2FKskgbfSgeoA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792e43c2e9ddb515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
promo.bwin.com/pt-br/promo/p/sports/latam/bem-vindo?sb=1&wm=5314018&zoneId=2081136
104.16.131.238302 Found 0 B URL HTTP/2 promo.bwin.com/pt-br/promo/p/sports/latam/bem-vindo?sb=1&wm=5314018&zoneId=2081136
IP 104.16.131.238:0
GET /pt-br/promo/p/sports/latam/bem-vindo?sb=1&wm=5314018&zoneId=2081136 HTTP/1.1
Host: promo.bwin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 01 Feb 2023 22:53:42 GMT
content-type: text/html; charset=utf-8
location: https://help.bwin.com/closed?sb=1&wm=5314018&zoneId=2081136
cache-control: private
vary: User-Agent
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
accept-language: en-US,en;q=0.5
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
x-forwarded-for: 91.90.42.154, 172.68.50.239
x-forwarded-proto: https
cf-visitor: {"scheme":"https"}
upgrade-insecure-requests: 1
sec-fetch-dest: iframe
sec-fetch-mode: navigate
sec-fetch-site: cross-site
cf-connecting-ip: 91.90.42.154
true-client-ip: 91.90.42.154
cdn-loop: cloudflare
x-redirect-source: Redirex
cf-cache-status: DYNAMIC
set-cookie: redirex-original=http://promo.bwin.com:80/pt-br/promo/p/sports/latam/bem-vindo?sb=1&wm=5314018&zoneId=2081136;Ip=91.90.42.154;Path=/;Domain=.bwin.com;Expires=Wed, 01-Feb-2023 22:58:42 GMT;secure;HttpOnly
__cf_bm=6fH7r_xKdsw4RGx1l_UcEsYtauDMOvPVkrjHBDLaNr8-1675292022-0-ASEBWRpFn+jpGwNESSQYsJMt0jjAEXsYkBEFYvK/146vfliKKNg4pB+pZTa5kNm5xrcl5AoecQidONFTMR2hFy1QXLeSeJJT+r2p1nkMKe0t; path=/; expires=Wed, 01-Feb-23 23:23:42 GMT; domain=.bwin.com; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=2592000
server: cloudflare
cf-ray: 792e43c3894db51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
admaxium.com/scripts/brazino_analytics.js
104.21.44.24200 OK 0 B URL HTTP/2 admaxium.com/scripts/brazino_analytics.js
IP 104.21.44.24:0
GET /scripts/brazino_analytics.js HTTP/1.1
Host: admaxium.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://brazino777.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 22:53:47 GMT
content-type: text/javascript; charset=utf-8
status: 200 OK
cache-control: no-cache
access-control-allow-origin: *
x-request-id: 74a4847c-a99b-4061-9af3-737fb31bd3c2
etag: W/"3b69dbf32872647ab14e3d00c71a610c"
x-runtime: 0.010237
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xHH3sGtbcHt9vmowjsxCUNSuiUAFWlMGUK%2FF1z8Lquu2TmBXYm%2F5DMhCaC9%2B4%2FtBYP5qgsOzFDBiXyo1mMpLTHymYt9RDItVLyi%2Bwo5QZMwXAvROfiyBb0BlHPUB49k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792e43e1d98bb527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/build/index.167d78a0.js?v10263
185.76.9.24200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/build/index.167d78a0.js?v10263
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
GET /build/index.167d78a0.js?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 22:53:45 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"6399e301-8f"
expires: Thu, 14 Dec 2023 15:23:18 GMT
last-modified: Wed, 14 Dec 2022 14:51:45 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 6eafba70-3be5-4902-b5a0-7206ef0b3652-3482022
x-accel-expires: @1702567398
server: CDN77-Turbo
x-77-nzt: AblMCRRzcX3/EwNBAA
x-77-nzt-ray: af585630fa1662be79edda63cc942c2d
x-cache: HIT
x-age: 4260627
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/build/vueSearchFormBlock.c0ed67f4.js?v10263
185.76.9.24200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/build/vueSearchFormBlock.c0ed67f4.js?v10263
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
GET /build/vueSearchFormBlock.c0ed67f4.js?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 22:53:45 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"6399e301-19df"
expires: Thu, 14 Dec 2023 15:23:18 GMT
last-modified: Wed, 14 Dec 2022 14:51:45 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 4db85889-bcef-4d46-bceb-ada04b610abb-3482022
x-accel-expires: @1702567398
server: CDN77-Turbo
x-77-nzt: AblMCRTdqP7/EwNBAA
x-77-nzt-ray: af585630fa1662be79edda6320fa412d
x-cache: HIT
x-age: 4260627
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/build/runtime.c126acad.js?v10263
185.76.9.24200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/build/runtime.c126acad.js?v10263
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
GET /build/runtime.c126acad.js?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 22:53:45 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"63651122-dcb"
expires: Sat, 04 Nov 2023 14:39:22 GMT
last-modified: Fri, 04 Nov 2022 13:18:26 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 4e1ee2d9-1244-4b1f-896b-8050d6811357-3082022
x-accel-expires: @1699108762
server: CDN77-Turbo
x-77-nzt: AblMCRTXYTj/X8l1AA
x-77-nzt-ray: af585630fa1662be79edda63312a452e
x-cache: HIT
x-age: 7719263
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/files/categories/betsoft-5347.svg?v10263
185.76.9.24200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/files/categories/betsoft-5347.svg?v10263
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
GET /files/categories/betsoft-5347.svg?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 22:53:46 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"60ddc546-7f2"
expires: Thu, 07 Dec 2023 18:16:19 GMT
last-modified: Thu, 01 Jul 2021 13:38:14 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 24e15077-c4b6-461d-b349-b7407360ffab-3412022
x-accel-expires: @1701972979
server: CDN77-Turbo
x-77-nzt: AblMCRSuqDT/BxVKAA
x-77-nzt-ray: af585630fa1662be7aedda63b2ffa125
x-cache: HIT
x-age: 4855047
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/build/footerGameCategoriesBlock.d4480993.css?v10263
185.76.9.24200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/build/footerGameCategoriesBlock.d4480993.css?v10263
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
GET /build/footerGameCategoriesBlock.d4480993.css?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 22:53:45 GMT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"63651122-167f"
expires: Sat, 04 Nov 2023 14:43:08 GMT
last-modified: Fri, 04 Nov 2022 13:18:26 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 7350a3bb-2381-4ec8-872d-01f87bea1fe8-3082022
x-accel-expires: @1699108988
server: CDN77-Turbo
x-77-nzt: AblMCRSZbf//fch1AA
x-77-nzt-ray: af585630fa1662be79edda63b28a2d2e
x-cache: HIT
x-age: 7719037
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/files/categories/authenticgaming-4525.svg?v10263
185.76.9.24200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/files/categories/authenticgaming-4525.svg?v10263
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
GET /files/categories/authenticgaming-4525.svg?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 22:53:46 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"6128e4ea-8c0"
expires: Fri, 08 Dec 2023 01:38:14 GMT
last-modified: Fri, 27 Aug 2021 13:13:14 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 2a5e6e13-25ab-4dc3-beb3-22087c89fde5-3422022
x-accel-expires: @1701999494
server: CDN77-Turbo
x-77-nzt: AblMCRS2uYv/dK1JAA
x-77-nzt-ray: af585630fa1662be7aedda6325461225
x-cache: HIT
x-age: 4828532
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
adtraffic.agency/hit/betwarrior.gif?ref=&page=https%3A%2F%2Fpromo.betwarrior.bet%2Fpt%2Fwelcome-offer-sports%2F%3Futm_source%3Dnetrefer%26utm_medium%3Daffiliates%26utm_campaign%3Dsports%26btag%3D655952_81C3A6657D644A65816584356BCA7996&date=1675292047654&tid=tid-389cafce5.2cab71fda
188.114.97.1200 OK 0 B URL HTTP/2 adtraffic.agency/hit/betwarrior.gif?ref=&page=https%3A%2F%2Fpromo.betwarrior.bet%2Fpt%2Fwelcome-offer-sports%2F%3Futm_source%3Dnetrefer%26utm_medium%3Daffiliates%26utm_campaign%3Dsports%26btag%3D655952_81C3A6657D644A65816584356BCA7996&date=1675292047654&tid=tid-389cafce5.2cab71fda
IP 188.114.97.1:0
GET /hit/betwarrior.gif?ref=&page=https%3A%2F%2Fpromo.betwarrior.bet%2Fpt%2Fwelcome-offer-sports%2F%3Futm_source%3Dnetrefer%26utm_medium%3Daffiliates%26utm_campaign%3Dsports%26btag%3D655952_81C3A6657D644A65816584356BCA7996&date=1675292047654&tid=tid-389cafce5.2cab71fda HTTP/1.1
Host: adtraffic.agency
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://promo.betwarrior.bet/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 22:53:44 GMT
content-type: text/javascript; charset=utf-8
status: 200 OK
cache-control: no-cache
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 31d3446f-d765-410c-8cb3-16d459d4a15b
x-download-options: noopen
etag: W/"e391efaf6c6403dbbe471f746403fb2f"
x-runtime: 0.032366
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5NzEHgykxviIyESPSMSGhR%2FM05k2kscqxo4QbjUm4dYwf%2FF6JiuDtQ6zW466vT0IP9zn%2BFxGKYe3OHM23a4owVrkb%2FgGvCoZ8HVNobzEJ51lOt4sX%2FGDWGG63%2FBS6C4jes6V"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792e43d06cb0b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/build/footerArticleBlock.f9a16ee1.css?v10263
185.76.9.24200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/build/footerArticleBlock.f9a16ee1.css?v10263
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
GET /build/footerArticleBlock.f9a16ee1.css?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 22:53:45 GMT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"63907649-b36"
expires: Thu, 07 Dec 2023 11:29:10 GMT
last-modified: Wed, 07 Dec 2022 11:17:29 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 082cfa74-8153-4f04-994e-2e38f9895f34-3412022
x-accel-expires: @1701948550
server: CDN77-Turbo
x-77-nzt: AblMCRTTTrv/c3RKAA
x-77-nzt-ray: af585630fa1662be79edda63da75372e
x-cache: HIT
x-age: 4879475
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/files/categories/pragmatic-5704.svg?v10263
185.76.9.24200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/files/categories/pragmatic-5704.svg?v10263
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
GET /files/categories/pragmatic-5704.svg?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 22:53:46 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"60ddb9b6-4f5"
expires: Thu, 07 Dec 2023 18:16:23 GMT
last-modified: Thu, 01 Jul 2021 12:48:54 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 09596771-d15b-4c5e-bb44-9dafe1c0293e-3412022
x-accel-expires: @1701972983
server: CDN77-Turbo
x-77-nzt: AblMCRSYE07/AxVKAA
x-77-nzt-ray: af585630fa1662be7aedda6315e4d92b
x-cache: HIT
x-age: 4855043
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/files/categories/Wazdan-6832.svg?v10263
185.76.9.24200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/files/categories/Wazdan-6832.svg?v10263
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
GET /files/categories/Wazdan-6832.svg?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 22:53:46 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"60ddbef9-337"
expires: Thu, 07 Dec 2023 18:16:27 GMT
last-modified: Thu, 01 Jul 2021 13:11:21 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 01868eda-c664-4ef6-a674-382b34d3d978-3412022
x-accel-expires: @1701972987
server: CDN77-Turbo
x-77-nzt: AblMCRTR8Qf//xRKAA
x-77-nzt-ray: af585630fa1662be7aedda6343aced2d
x-cache: HIT
x-age: 4855039
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/build/amusnetInteractiveJackpotBlock.1a7c7d85.css?v10263
185.76.9.24200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/build/amusnetInteractiveJackpotBlock.1a7c7d85.css?v10263
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
GET /build/amusnetInteractiveJackpotBlock.1a7c7d85.css?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 22:53:45 GMT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"636bd459-42c0"
expires: Mon, 13 Nov 2023 17:42:29 GMT
last-modified: Wed, 09 Nov 2022 16:24:57 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 10f59e3e-899d-4a67-b681-37f9b5834fad-3172022
x-accel-expires: @1699897349
server: CDN77-Turbo
x-77-nzt: AblMCRR6yrL/9MBpAA
x-77-nzt-ray: af585630fa1662be79edda63b373ef2d
x-cache: HIT
x-age: 6930676
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/files/categories/playtech-6986.svg?v10263
185.76.9.24200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/files/categories/playtech-6986.svg?v10263
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
GET /files/categories/playtech-6986.svg?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 22:53:46 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"60ddbfb2-6db"
expires: Fri, 08 Dec 2023 01:38:14 GMT
last-modified: Thu, 01 Jul 2021 13:14:26 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 49e79da7-13ba-4432-9178-f82c1ece4fac-3422022
x-accel-expires: @1701999494
server: CDN77-Turbo
x-77-nzt: AblMCRRjDk3/dK1JAA
x-77-nzt-ray: af585630fa1662be7aedda63f9a1c32b
x-cache: HIT
x-age: 4828532
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
blancoshrimp.com/SB/BR/
172.67.146.68200 OK 0 B IP 172.67.146.68:0
GET /SB/BR/ HTTP/1.1
Host: blancoshrimp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 22:53:41 GMT
content-type: text/html
last-modified: Tue, 17 Jan 2023 10:43:03 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rocvZG3nd8JPgllZtxpOGVJxhV5XFpNignNNnqpYEl2DjhYlYJ20ZgGhyPIKWkBHTE6OWo5WzSqY2fXviNH394I1ROCBEUT%2BfW5dISwDEfNag3Nrqf4n6NlrwvCZeEa8emQG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792e43bd09efb4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
b-partner.xyz/a74c621bf
172.67.218.53302 Found 0 B IP 172.67.218.53:0
GET /a74c621bf HTTP/1.1
Host: b-partner.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 01 Feb 2023 22:53:42 GMT
content-type: text/html; charset=utf-8
location: https://bitslot.io/?stag=148527_63daed76a7611a4f61a8f8c6&tracking_link=http%3A%2F%2Fb-partner.xyz%2Fa74c621bf
set-cookie: 73d3f1ba062585bce51f=63daed76a7611a4f61a8f8c6; Expires=Fri, 03 Mar 2023 22:53:42 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15724800; includeSubDomains
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=959onjd%2B7OZ1NqwRvx5PV9O8li9ZjZMby423VsHAJucrjWbLIp%2BQz1RiHgFH2ekkyia%2FpTUyrCNTKVp%2FOof%2B8vkX3yTx1%2BhdFDafU6Q9LVua6TG8EqsG%2FZjT%2FRinpC8Q"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792e43c31d890b4d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/build/3831.531bea3d.js?v10263
185.76.9.24200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/build/3831.531bea3d.js?v10263
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
GET /build/3831.531bea3d.js?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 22:53:45 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"6399e1a5-219bc"
expires: Thu, 14 Dec 2023 14:48:46 GMT
last-modified: Wed, 14 Dec 2022 14:45:57 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 67e3997b-1875-492f-b3d3-6b0198c4e5fe-3482022
x-accel-expires: @1702565326
server: CDN77-Turbo
x-77-nzt: AblMCRTDsuP/KwtBAA
x-77-nzt-ray: af585630fa1662be79edda634442f72c
x-cache: HIT
x-age: 4262699
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/build/1265.286a2209.js?v10263
185.76.9.24200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/build/1265.286a2209.js?v10263
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
GET /build/1265.286a2209.js?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 22:53:45 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"6399e301-2ed5"
expires: Thu, 14 Dec 2023 15:23:18 GMT
last-modified: Wed, 14 Dec 2022 14:51:45 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: f5478a6e-99b9-4040-86dd-00454a5af8fb-3482022
x-accel-expires: @1702567398
server: CDN77-Turbo
x-77-nzt: AblMCRQ17an/EwNBAA
x-77-nzt-ray: af585630fa1662be79edda63b1e3442d
x-cache: HIT
x-age: 4260627
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/build/tournamentsBlock.60cb2f9e.css?v10263
185.76.9.24200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/build/tournamentsBlock.60cb2f9e.css?v10263
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
GET /build/tournamentsBlock.60cb2f9e.css?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 22:53:45 GMT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"63907649-4328"
expires: Thu, 07 Dec 2023 11:29:10 GMT
last-modified: Wed, 07 Dec 2022 11:17:29 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 50c168e7-5431-4ef1-bf4a-554f1ef3107f-3412022
x-accel-expires: @1701948550
server: CDN77-Turbo
x-77-nzt: AblMCRSQe+7/c3RKAA
x-77-nzt-ray: af585630fa1662be79edda6391f4472d
x-cache: HIT
x-age: 4879475
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/files/categories/2772e555adab85b0037fc41e8b1971e3.svg?v10263
185.76.9.24200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/files/categories/2772e555adab85b0037fc41e8b1971e3.svg?v10263
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
GET /files/categories/2772e555adab85b0037fc41e8b1971e3.svg?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 22:53:46 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"62dff0a9-596"
expires: Thu, 07 Dec 2023 18:16:25 GMT
last-modified: Tue, 26 Jul 2022 13:48:25 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: b338a000-85cb-4448-973e-588b2854077d-3412022
x-accel-expires: @1701972985
server: CDN77-Turbo
x-77-nzt: AblMCRTbZwn/ARVKAA
x-77-nzt-ray: af585630fa1662be7aedda6339cf652d
x-cache: HIT
x-age: 4855041
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/files/categories/a8218f44b8beb56e60515d7999225267.svg?v10263
185.76.9.24200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/files/categories/a8218f44b8beb56e60515d7999225267.svg?v10263
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
GET /files/categories/a8218f44b8beb56e60515d7999225267.svg?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 22:53:46 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"63aad47c-1325"
expires: Thu, 28 Dec 2023 14:54:14 GMT
last-modified: Tue, 27 Dec 2022 11:18:20 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: efd9a2fc-ab82-441b-a763-1176f34cc6e8-3622022
x-accel-expires: @1703775254
server: CDN77-Turbo
x-77-nzt: AblMCRSp727/5JQuAA
x-77-nzt-ray: af585630fa1662be7aedda635c498e2e
x-cache: HIT
x-age: 3052772
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/build/categoryBlock.15f60701.css?v10263
185.76.9.24200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/build/categoryBlock.15f60701.css?v10263
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
GET /build/categoryBlock.15f60701.css?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 22:53:45 GMT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"63651122-de6"
expires: Sat, 04 Nov 2023 14:39:22 GMT
last-modified: Fri, 04 Nov 2022 13:18:26 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 6e48885e-939a-49b7-981d-a1f0ab6b6103-3082022
x-accel-expires: @1699108762
server: CDN77-Turbo
x-77-nzt: AblMCRSldjD/X8l1AA
x-77-nzt-ray: af585630fa1662be79edda63ec2e312d
x-cache: HIT
x-age: 7719263
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/build/categoryBlock.6098f315.js?v10263
185.76.9.24200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/build/categoryBlock.6098f315.js?v10263
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
GET /build/categoryBlock.6098f315.js?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 22:53:45 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"6399e1a5-8e1"
expires: Thu, 14 Dec 2023 14:48:46 GMT
last-modified: Wed, 14 Dec 2022 14:45:57 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: ff7ce03d-3b83-45b0-a04f-b545156b6905-3482022
x-accel-expires: @1702565326
server: CDN77-Turbo
x-77-nzt: AblMCRShEkb/KwtBAA
x-77-nzt-ray: af585630fa1662be79edda63f252322d
x-cache: HIT
x-age: 4262699
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/build/tournamentsBlock.78fc6eb4.js?v10263
185.76.9.24200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/build/tournamentsBlock.78fc6eb4.js?v10263
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
GET /build/tournamentsBlock.78fc6eb4.js?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 22:53:45 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"6399e301-d8c"
expires: Thu, 14 Dec 2023 15:23:18 GMT
last-modified: Wed, 14 Dec 2022 14:51:45 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 774ecef5-a86b-4c69-bcd1-3152bfe61954-3482022
x-accel-expires: @1702567398
server: CDN77-Turbo
x-77-nzt: AblMCRT+ZIv/EwNBAA
x-77-nzt-ray: af585630fa1662be79edda6383d1502d
x-cache: HIT
x-age: 4260627
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/files/categories/2by2-5005.svg?v10263
185.76.9.24200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/files/categories/2by2-5005.svg?v10263
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
GET /files/categories/2by2-5005.svg?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 22:53:46 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"60ddbc94-1014"
expires: Thu, 07 Dec 2023 18:16:29 GMT
last-modified: Thu, 01 Jul 2021 13:01:08 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 9049d4ab-2a81-4662-a612-d577fd4a285d-3412022
x-accel-expires: @1701972989
server: CDN77-Turbo
x-77-nzt: AblMCRS11YT//RRKAA
x-77-nzt-ray: af585630fa1662be7aedda634bbc842e
x-cache: HIT
x-age: 4855037
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/build/vueLocaleBlock.edd5b843.js?v10263
185.76.9.24200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/build/vueLocaleBlock.edd5b843.js?v10263
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
GET /build/vueLocaleBlock.edd5b843.js?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 22:53:45 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"6399e1a5-1c45"
expires: Thu, 14 Dec 2023 14:48:46 GMT
last-modified: Wed, 14 Dec 2022 14:45:57 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 4e3a235f-d265-4a24-a4c6-066bbea393d6-3482022
x-accel-expires: @1702565326
server: CDN77-Turbo
x-77-nzt: AblMCRRKDW3/KwtBAA
x-77-nzt-ray: af585630fa1662be79edda634bbe2f2d
x-cache: HIT
x-age: 4262699
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/build/vueSliderBlock.92cd88c7.css?v10263
185.76.9.24200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/build/vueSliderBlock.92cd88c7.css?v10263
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
GET /build/vueSliderBlock.92cd88c7.css?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 22:53:45 GMT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"63d90b27-5585"
expires: Wed, 31 Jan 2024 14:35:47 GMT
last-modified: Tue, 31 Jan 2023 12:35:51 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 7006dea8-5948-4033-b9c5-6f63567716ad-312023
x-accel-expires: @1706711747
server: CDN77-Turbo
x-77-nzt: AblMCRTfWXb/NsYBAA
x-77-nzt-ray: af585630fa1662be79edda630faf362d
x-cache: HIT
x-age: 116278
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/build/vueProducerBlock.8918d5d3.js?v10263
185.76.9.24200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/build/vueProducerBlock.8918d5d3.js?v10263
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
GET /build/vueProducerBlock.8918d5d3.js?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 22:53:45 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"6399e301-1776"
expires: Thu, 14 Dec 2023 15:23:18 GMT
last-modified: Wed, 14 Dec 2022 14:51:45 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: aea38de3-8506-4c8c-811a-7c7763d0abe8-3482022
x-accel-expires: @1702567398
server: CDN77-Turbo
x-77-nzt: AblMCRTww8j/EwNBAA
x-77-nzt-ray: af585630fa1662be79edda6383fe3d2d
x-cache: HIT
x-age: 4260627
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/build/vue.28a2d776.js?v10263
185.76.9.24200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/build/vue.28a2d776.js?v10263
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
GET /build/vue.28a2d776.js?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 22:53:45 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"63651122-3410e"
expires: Sat, 04 Nov 2023 14:43:08 GMT
last-modified: Fri, 04 Nov 2022 13:18:26 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: e8149239-0b32-44ac-8299-c64ddfa6cf42-3082022
x-accel-expires: @1699108988
server: CDN77-Turbo
x-77-nzt: AblMCRRb5HD/fch1AA
x-77-nzt-ray: af585630fa1662be79edda6399164f2e
x-cache: HIT
x-age: 7719037
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
c.clarity.ms/c.gif
20.234.93.27302 Found 0 B IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /c.gif HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bc.game/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?CtsSyncId=13F8D024D9FC4D169DDEFBE38C55984C&RedC=c.clarity.ms&MXFR=374E06EE328B691F33F61445368B6756
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure;
MUID=374E06EE328B691F33F61445368B6756; domain=.clarity.ms; expires=Mon, 26-Feb-2024 22:53:45 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Wed, 01 Feb 2023 22:53:45 GMT
content-length: 0
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/build/images/footer/licenses/license_mobile_second.svg
185.76.9.24200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/build/images/footer/licenses/license_mobile_second.svg
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
GET /build/images/footer/licenses/license_mobile_second.svg HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 22:53:46 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"6399e301-686d3"
expires: Thu, 14 Dec 2023 17:03:37 GMT
last-modified: Wed, 14 Dec 2022 14:51:45 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 2e86d0c5-5f25-4714-9263-0ad72c96fcd1-3482022
x-accel-expires: @1702573417
server: CDN77-Turbo
x-77-nzt: AblMCRTcMqr/ketAAA
x-77-nzt-ray: af585630fa1662be7aedda6314e4a71f
x-cache: HIT
x-age: 4254609
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;600&display=swap
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;600&display=swap
IP 142.250.74.106:0
GET /css2?family=Montserrat:wght@300;400;500;600&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blancoshrimp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 01 Feb 2023 22:53:41 GMT
date: Wed, 01 Feb 2023 22:53:41 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
mediaserver.entainpartners.com/renderBanner.do?zoneId=208113
104.18.10.216200 OK 0 B URL HTTP/2 mediaserver.entainpartners.com/renderBanner.do?zoneId=208113
IP 104.18.10.216:0
GET /renderBanner.do?zoneId=208113 HTTP/1.1
Host: mediaserver.entainpartners.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 22:53:42 GMT
content-type: text/html;charset=UTF-8
content-language: en-US
vary: Accept-Encoding
x-ua-compatible: IE=EmulateIE7
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin: *
cf-cache-status: DYNAMIC
set-cookie: JSESSIONID=7B64617CBE4EB5E38A1CA186A8B4B16D; Path=/; HttpOnly
__cf_bm=1dEnn5ND9iV8ZuPlfjfVZdq4BzRhutyECmwfS7A2fvk-1675292022-0-AXcTKKxxKKgrOaebqvKiNMXK7SJXhC/4kG2WQEZDe2thVOgh6QEehkv3zPfKHF6MaA8f4ug9fZRuXpUWycRbcIc=; path=/; expires=Wed, 01-Feb-23 23:23:42 GMT; domain=.entainpartners.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 792e43c34891b4f1-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
bitslot.io/?stag=148527_63daed76a7611a4f61a8f8c6&tracking_link=http%3A%2F%2Fb-partner.xyz%2Fa74c621bf
104.18.18.207301 Moved Permanently 0 B URL HTTP/2 bitslot.io/?stag=148527_63daed76a7611a4f61a8f8c6&tracking_link=http%3A%2F%2Fb-partner.xyz%2Fa74c621bf
IP 104.18.18.207:0
GET /?stag=148527_63daed76a7611a4f61a8f8c6&tracking_link=http%3A%2F%2Fb-partner.xyz%2Fa74c621bf HTTP/1.1
Host: bitslot.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Wed, 01 Feb 2023 22:53:42 GMT
location: https://www.bitslot.io/?stag=148527_63daed76a7611a4f61a8f8c6&tracking_link=http%3A%2F%2Fb-partner.xyz%2Fa74c621bf
cache-control: max-age=3600
expires: Wed, 01 Feb 2023 23:53:42 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 792e43c56a3fb509-OSL
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/build/7476.16a47741.js?v10263
185.76.9.24200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/build/7476.16a47741.js?v10263
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
GET /build/7476.16a47741.js?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 22:53:45 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"637e4940-1911"
expires: Sat, 25 Nov 2023 15:57:07 GMT
last-modified: Wed, 23 Nov 2022 16:24:32 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 857dc280-994d-4068-922f-6fd186d34eaa-3292022
x-accel-expires: @1700927827
server: CDN77-Turbo
x-77-nzt: AblMCRTSQ0P/pgdaAA
x-77-nzt-ray: af585630fa1662be79edda633495402d
x-cache: HIT
x-age: 5900198
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/build/index.06c1d97d.css?v10263
185.76.9.24200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/build/index.06c1d97d.css?v10263
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
GET /build/index.06c1d97d.css?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 22:53:45 GMT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"638df9a5-39b0"
expires: Wed, 06 Dec 2023 00:40:16 GMT
last-modified: Mon, 05 Dec 2022 14:01:09 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 0faf5d50-3d15-479f-a17f-09a6b358558c-3402022
x-accel-expires: @1701823216
server: CDN77-Turbo
x-77-nzt: AblMCRS+O0r/CV5MAA
x-77-nzt-ray: af585630fa1662be79edda637fc13e2e
x-cache: HIT
x-age: 5004809
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/files/categories/XPro-Gaming-2923.svg?v10263
185.76.9.24200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/files/categories/XPro-Gaming-2923.svg?v10263
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
GET /files/categories/XPro-Gaming-2923.svg?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 22:53:46 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"6128e486-2722"
expires: Thu, 07 Dec 2023 18:16:28 GMT
last-modified: Fri, 27 Aug 2021 13:11:34 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: f3839ad3-4950-4daa-93b5-0d6f0924d598-3412022
x-accel-expires: @1701972988
server: CDN77-Turbo
x-77-nzt: AblMCRRgJqH//hRKAA
x-77-nzt-ray: af585630fa1662be7aedda63b765fa2d
x-cache: HIT
x-age: 4855038
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/build/app.f8dfeb3a.css?v10263
185.76.9.24200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/build/app.f8dfeb3a.css?v10263
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
GET /build/app.f8dfeb3a.css?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 22:53:45 GMT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"63aaf640-12aa2"
expires: Wed, 27 Dec 2023 13:49:14 GMT
last-modified: Tue, 27 Dec 2022 13:42:24 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 4703b93d-5d87-453b-8fc2-68874eede269-3612022
x-accel-expires: @1703684954
server: CDN77-Turbo
x-77-nzt: AblMCRTlkxH/n/UvAA
x-77-nzt-ray: af585630fa1662be79edda63f0aede2c
x-cache: HIT
x-age: 3143071
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/build/app.af895d81.js?v10263
185.76.9.24200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/build/app.af895d81.js?v10263
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
GET /build/app.af895d81.js?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 22:53:45 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"6399e1a5-c929"
expires: Thu, 14 Dec 2023 14:48:46 GMT
last-modified: Wed, 14 Dec 2022 14:45:57 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 91eff718-2708-4238-a4cb-a59db88f5ab9-3482022
x-accel-expires: @1702565326
server: CDN77-Turbo
x-77-nzt: AblMCRS5iNv/KwtBAA
x-77-nzt-ray: af585630fa1662be79edda6360f2292d
x-cache: HIT
x-age: 4262699
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/build/gamesBlock.5cfd3262.css?v10263
185.76.9.24200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/build/gamesBlock.5cfd3262.css?v10263
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
GET /build/gamesBlock.5cfd3262.css?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 22:53:45 GMT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"638df9a5-2f14"
expires: Wed, 06 Dec 2023 00:40:16 GMT
last-modified: Mon, 05 Dec 2022 14:01:09 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: e5b51eca-bb2d-407d-88fd-074c1a43741c-3402022
x-accel-expires: @1701823216
server: CDN77-Turbo
x-77-nzt: AblMCRSQTZT/CV5MAA
x-77-nzt-ray: af585630fa1662be79edda638455432d
x-cache: HIT
x-age: 5004809
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/build/amusnetInteractiveJackpotBlock.3c6264e0.js?v10263
185.76.9.24200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/build/amusnetInteractiveJackpotBlock.3c6264e0.js?v10263
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
GET /build/amusnetInteractiveJackpotBlock.3c6264e0.js?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 22:53:45 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"63d90b27-1265"
expires: Wed, 31 Jan 2024 14:35:47 GMT
last-modified: Tue, 31 Jan 2023 12:35:51 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: e05aa218-aa0d-4a50-bfbc-13e085cc0f5c-312023
x-accel-expires: @1706711747
server: CDN77-Turbo
x-77-nzt: AblMCRSjf9P/NsYBAA
x-77-nzt-ray: af585630fa1662be79edda630483282e
x-cache: HIT
x-age: 116278
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/build/footerArticleBlock.61bbbba0.js?v10263
185.76.9.24200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/build/footerArticleBlock.61bbbba0.js?v10263
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
GET /build/footerArticleBlock.61bbbba0.js?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 22:53:45 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"6399e301-321"
expires: Thu, 14 Dec 2023 15:23:18 GMT
last-modified: Wed, 14 Dec 2022 14:51:45 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 987166a3-d42d-4099-96ee-a35f8aad0ba4-3482022
x-accel-expires: @1702567398
server: CDN77-Turbo
x-77-nzt: AblMCRRNKmj/EwNBAA
x-77-nzt-ray: af585630fa1662be79edda6347023b2e
x-cache: HIT
x-age: 4260627
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/build/commons.c7802f4c.js?v10263
185.76.9.24200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/build/commons.c7802f4c.js?v10263
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
GET /build/commons.c7802f4c.js?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 22:53:45 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"6399e1a5-3783a"
expires: Thu, 14 Dec 2023 14:48:46 GMT
last-modified: Wed, 14 Dec 2022 14:45:57 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: ab1d35f1-5cdc-444c-b639-4561b155f1ff-3482022
x-accel-expires: @1702565326
server: CDN77-Turbo
x-77-nzt: AblMCRTaj3f/KwtBAA
x-77-nzt-ray: af585630fa1662be79edda636b2aa22e
x-cache: HIT
x-age: 4262699
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
scripts.prdredir.com/scripts/k_bcgame.js
172.64.100.29200 OK 0 B URL HTTP/2 scripts.prdredir.com/scripts/k_bcgame.js
IP 172.64.100.29:0
GET /scripts/k_bcgame.js HTTP/1.1
Host: scripts.prdredir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bc.game
Connection: keep-alive
Referer: https://bc.game/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 22:53:44 GMT
content-type: text/javascript; charset=utf-8
status: 200 OK
cache-control: no-cache
access-control-allow-origin: *
x-request-id: 63573928-fa4e-4c17-aa8e-fad558155dc5
etag: W/"23d1a28488ed4e92499ca48c1d338887"
x-runtime: 0.004347
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qhFZSHXhKCVN97WOhaP4U0KKFzcul1qyhf2K3y7QTMNeYg3ZhSTTbhUU5R7GkxFFjPCdelkI5jhkGAuXLzbipNDn5nSJ93KP%2Fo1RUpQejN%2FKoTLPK0QP9rJ7zoWk6H2Ayh%2BmlZHpRw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792e43d1bd6d75c9-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.clarity.ms/eus/s/0.7.1/clarity.js
13.107.237.53200 OK 0 B URL HTTP/2 www.clarity.ms/eus/s/0.7.1/clarity.js
IP 13.107.237.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /eus/s/0.7.1/clarity.js HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bc.game/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=86400
content-type: application/javascript;charset=utf-8
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
accept-ranges: bytes
etag: "1d933d16af8439e"
server: Microsoft-IIS/10.0
x-cache: TCP_HIT
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
x-azure-ref-originshield: 0LtnaYwAAAABdUhK+Vu4sS4lJU83cZuqMRlJBMjMxMDUwNDE4MDUxADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
x-azure-ref: 0ee3aYwAAAADbF3C1DPVDSpOs1tjz8+ewQ1BIMzBFREdFMDQxMAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Wed, 01 Feb 2023 22:53:44 GMT
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/build/8241.561f022d.js?v10263
185.76.9.24200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/build/8241.561f022d.js?v10263
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
GET /build/8241.561f022d.js?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 22:53:45 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"638a1703-150fc"
expires: Mon, 04 Dec 2023 14:08:18 GMT
last-modified: Fri, 02 Dec 2022 15:17:23 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: e30d2965-febf-4021-80f6-568a1a44a16c-3382022
x-accel-expires: @1701698898
server: CDN77-Turbo
x-77-nzt: AblMCRR6mBn/p0NOAA
x-77-nzt-ray: af585630fa1662be79edda6308b0382d
x-cache: HIT
x-age: 5129127
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/files/categories/e426568ac582ccc6ac304d310ca5009e.svg?v10263
185.76.9.24200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/files/categories/e426568ac582ccc6ac304d310ca5009e.svg?v10263
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
GET /files/categories/e426568ac582ccc6ac304d310ca5009e.svg?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 22:53:46 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"63d2ac5c-2dae"
expires: Sat, 27 Jan 2024 03:18:54 GMT
last-modified: Thu, 26 Jan 2023 16:37:48 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: e91472ca-cec4-482c-a4fd-033bb60f94c9-272023
x-accel-expires: @1706325534
server: CDN77-Turbo
x-77-nzt: AblMCRSbktj/3KoHAA
x-77-nzt-ray: af585630fa1662be7aedda63a091e12b
x-cache: HIT
x-age: 502492
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
bc.game/landing/sports-br?i=4cxse6dr&stag=17409_63daed76607ae792a85dc61e&utm_source=4cxse6dr
104.18.37.127200 OK 0 B URL HTTP/2 bc.game/landing/sports-br?i=4cxse6dr&stag=17409_63daed76607ae792a85dc61e&utm_source=4cxse6dr
IP 104.18.37.127:0
GET /landing/sports-br?i=4cxse6dr&stag=17409_63daed76607ae792a85dc61e&utm_source=4cxse6dr HTTP/1.1
Host: bc.game
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 22:53:44 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-powered-by: Express
cache-control: max-age=8640000
cf-cache-status: MISS
server: cloudflare
cf-ray: 792e43c4ba0c1c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/build/gamesBlock.69df01dc.js?v10263
185.76.9.24200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/build/gamesBlock.69df01dc.js?v10263
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
GET /build/gamesBlock.69df01dc.js?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 22:53:45 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"6399e301-a92"
expires: Thu, 14 Dec 2023 15:23:18 GMT
last-modified: Wed, 14 Dec 2022 14:51:45 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 19ba74e0-6471-46ac-94e7-d07e997e0840-3482022
x-accel-expires: @1702567398
server: CDN77-Turbo
x-77-nzt: AblMCRTmcSj/EwNBAA
x-77-nzt-ray: af585630fa1662be79edda63d3c4462d
x-cache: HIT
x-age: 4260627
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/build/nsoftTopOfferJsBlock.53d7bd27.js?v10263
185.76.9.24200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/build/nsoftTopOfferJsBlock.53d7bd27.js?v10263
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
GET /build/nsoftTopOfferJsBlock.53d7bd27.js?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 22:53:45 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"6399e301-7ee9"
expires: Thu, 14 Dec 2023 15:23:18 GMT
last-modified: Wed, 14 Dec 2022 14:51:45 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 3755bddb-5b97-498f-9593-c8374d91a0c9-3482022
x-accel-expires: @1702567398
server: CDN77-Turbo
x-77-nzt: AblMCRSziS7/EwNBAA
x-77-nzt-ray: af585630fa1662be79edda6395afd62d
x-cache: HIT
x-age: 4260627
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.brazino-cdnsrv-cst.org/files/categories/Fortune-Factory-Studios-2154.svg?v10263
185.76.9.24200 OK 0 B URL HTTP/2 www.brazino-cdnsrv-cst.org/files/categories/Fortune-Factory-Studios-2154.svg?v10263
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
GET /files/categories/Fortune-Factory-Studios-2154.svg?v10263 HTTP/1.1
Host: www.brazino-cdnsrv-cst.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 22:53:46 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
etag: W/"60f18196-1bae"
expires: Thu, 07 Dec 2023 18:16:19 GMT
last-modified: Fri, 16 Jul 2021 12:54:46 GMT
referrer-policy: same-origin
vary: Accept-Encoding
x-content-type-options: nosniff
x-waf-req-id: 7bf915f0-295a-4a29-8f50-e6fe2c74f2d7-3412022
x-accel-expires: @1701972979
server: CDN77-Turbo
x-77-nzt: AblMCRSTwmH/BxVKAA
x-77-nzt-ray: af585630fa1662be7aedda63441b8626
x-cache: HIT
x-age: 4855047
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2